License Keys and Privacy

[jdamore]

Highlands-

What did you say your name was again?

[stanger89]

Quote:

Originally Posted by highlands

Thanks Stanger. I did look up some threads on privacy. They do look like they have more teeth than this one, so I'll read them.
But the ferocity of attacks on anyone who even questions Sage is strange. To quote from one of the threads there "Originally Posted by joe123
I sometimes get the feelings that I may be in a cult here."

Oh, you picked a really bad user to quote IMO. The reason for the "tone" of the replies to your post is that there have been several similar threads posted here in the past (some by the user you quoted, if memory serves), that follow exactly the same model as this one.

That being, pick some "small" issue, phrase the question in such a way as to come off as Flamebait, and then the threads inevitably degenerate into flame wars. Usually there are a couple courteous, semi-helpful responses, probably some mocking ones, but the OP inevitably (in these threads) ignores the helpful answers, takes personal offense to the "unhelpful" ones, and asks the same questions over and over again, in the same accusatory tone, with apparently no interest in actually resolving the issue, only in prolonging the "discussion".

Maybe it's a failing of internet forums, that it's impossible to convey the desired emotion with a post. Perhaps the intent of the original contents were to be somewhat "funny" or a serious question asked in a non-serious manner, something that would result in a chuckle if handled in person, but on the forums, with the lack of emotion, all we see is the literal meaning.

So in the end, we don't know how the original posts were intended to come off, but they inevitably come off in a manner equally, if not more "fierce" than the responses they generate. I know I got kind of long winded, but unfortunately, this forum has become somewhat accustomed to dealing with the occasional "troublemaker", and whether intentional or not, your OP had all the signs of being such a Flamebait/troublemaker post.

Oh, and said "troublemakers" inevitably have low post counts and are new registrants.

Quote:

My comments are repeatedly misrepresented here as if I objected to license keys or giving out my credit card info and name. IT IS NOT SO.

The issue is that many of us are trying to figure out why license key tied to your name (which is displayed nowhere in the system), is such a big deal when you've had to give the company all your info to purchase said key in the first place.

There's most definitely a gap between where you're coming from and where "we" are coming from and I don't know how to bridge it. And just be cause "we" are comfortable with SageTV LLCs privacy policy doesn't mean we're any less concerned about privacy than you.

Quote:

I wondered about the neccesity of pairing my real name with my license key,

It's paired the moment you purchase the software, any software, your name is paired to your key.

Quote:

and whe=ther it would be branded int the copy.

It's been answered repeatedly, the software can be downloaded without you ever giving your name, thus your name can't be "branded" into your copy of the software. As for storing your name somewhere, that's been dealt with too, it's not displayed anywhere, nor is it saved in plain text anywhere.

I think Neilm's postulation is spot on, that your Name is the input to 1) an 1-way key generator (which gives you the key) and 2) a 1-way key verifier. Not sure why this is so hard to understand, it's the way most registration software works.

Further, unlike many other software programs (to the best of my knowledge) SageTV doesn't require any sort of online "activation".

Quote:

I also worried about the larger issue of VIEWING HABITS being collected by the software, which, to me, would be a serious concern (ala Tivo).

As noted, again several times, the software tracks your viewing habits, but SageTV LLC does not collect that info.

I suggest if you have any problems with the answers you've been given, pose your questions directly to SageTV LLC (as this is a community forum, not an official support outlet), or at least try to come up with a different way to ask them.

[laurenglenn]

Quote:

Originally Posted by Opus4

Riiiight... sure you don't...

With the best answering machine ever made (that I know about). I just hope it never breaks, because unless there is a new model somewhere that can do this, nothing like it is for sale now. I mentioned it in this old thread split from some old discussion -- a GE model 2-9992, which I bought nearly 10 years ago. It lets you program responses by caller ID.

And, no, there is NO way I would sell it.

I just dialed a number that didn't exist & recorded the response over the phone.

I don't know... what made you think of this & who are you, anyway?

- Andy

To get the thread back to regular discussions: Maybe nielm can make his Caller ID plugin do that.

But seriously, Sage says that they don't collect your information, not even anonymously. You mention NY and the Bill of RIghts, but remember that NYC had police checking everyone's bags getting onto a subway and if you didn't consent to the search, you couldn't get on the subway. People have no problem with the government intruding on their lives as long as its decisions are ones that they would normally make.

But this is PVR software. How would your church or work know what your watching if it is porn? It's not a matter of public record and if Sage doesn't collect it, then they can't be sued to obtain the information. Again, it's not like they're putting your credit card number in the calculation.

Lauren

[nielm]

Quote:

Originally Posted by highlands

Oops! I forgot this is for an international audience. Never mind.
BUt if you all were Americans, you'd know what I'm talking about. We're a little touchy about privacy and stuff here.

Europeans are too... thats why the 'right to privacy' is part of the European Human Rights charter meaning that privicy concerns are protected by law -- something which they are not in the US... (see here)

Apparantly the US may get a version of similar privacy protection laws soon

Quote:

For example, a couple of years ago, our government tried to get libraries to report who's reading what. You wouldn't believe the fuss some people made! The old farts! It was like, "dude!, what's wrong with knowing what you read??!! They're the good guys! You got something to hide??" but no. They went on and on until they snuffed that law.

Actually, no. That law is still in force (USA-PATRIOT act §215 - IMHO an offensively named Orwellian piece of legislation), but with additional safeguards compared to the original.

[wvpolekat]

This is really, really easy.

There are a half dozen ways to monitor what sage phones home with.

If you are really that concerned about Sage (the company) finding out what you watched, you need to monitor it's access to the net.

Fire up a sniffer, watch the packets see what it does. I don't know if it's using SSL or not, if it is, capture it at the winsock level.

Basically, testing software for information leaks is pretty simple, and if really concerned, it can be checked out.

As for your name being "encoded" in the key, that is unlikely. It may be used as the "key" or salt for generating the key, which means that the key becomes a one way hash and your name can be validated against it easily. But, the only exposure that it causes is that someone could brute force your key to find your name by guessing it. But, that is far different than encoding it in the actual key. Read up on hashing and hash verification. Most authentication can be verified without knowing the actual password by comparing hashes. I suspect the key for Sage works roughly the same way.

[KJake]

I think we scared Highlands away...

[opy01]

Remember back in the day when they used to mail you your SSN and ATM cards and license plates and anyone could walk up to your mail box and take them? Those were the days. I sure miss those days. I cant imagine having my name on my computer anywhere (including such programs as Windows, Office, Quickbooks etc.) with my limited firewalls, routers, passwords and other inadequate security. I think I will shut down my internet, box up my computer and send it back so nobody can know who I am or where I live since that information is only available in the phone book.


Just had to throw my $0.02 worth in

[mattdcknsn]

Quote:

Originally Posted by opy01

I think I will shut down my internet, box up my computer and send it back so nobody can know who I am or where I live since that information is only available in the phone book.

They could also just scrape your hard drive once its thrown away and get all the info that way. I think thats why the invented the drill press