this post was submitted on 01 Jun 2024
55 points (98.2% liked)

Privacy

31931 readers
1144 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Pretty much the title. I'm trying to find some ammunition to fight my HOA on wasting our money. They make us use an app to gain access to amenities, and I want to see what telemetry the app sends back or what it may track.

I tried TrackerControl, but the app (alarm.com) doesn't pop up in its feed.

top 11 comments
sorted by: hot top controversial new old
[–] slurp@programming.dev 15 points 5 months ago (1 children)

I tried PCAPdroid recently and that seemed good

[–] Gerudo@lemm.ee 1 points 5 months ago

This is the other part I was looking for!

[–] TheSun@slrpnk.net 14 points 5 months ago

Holy fuck I hate HOA's/condo boards

[–] TalesOfTrees@sh.itjust.works 8 points 5 months ago

Checked Alarm's privacy policy on their website... and it's kind of sketch. The big ol' "Privacy" link takes you to a page basically saying "We don't sell your info", which OK, cool.

However, scroll all the way to the bottom, and there's another privacy section. That one details what they do with info using their service.

Quick Bing AI summary:

Alarm.com's Privacy Policy outlines how they handle your personal information when you use their services. Here’s a summary in plain English:

Information Collection:
    Alarm.com collects and stores Personal Information from or about you. This includes details that can be used to uniquely contact, identify, or locate you.
    When using the User Interfaces (such as their website or mobile apps), you may provide Personal Information like your name, address, phone number, email, location, or zip code.
    Additionally, when using their Services, you or your Authorized Service Provider may provide additional information (e.g., home or business details, system configuration, sensor names, etc.) to personalize your experience.

Types of Data Collected:
    Performance data from security devices monitored by Alarm.com.
    Electrical usage, heating/cooling information, light settings, and more.
    Alert logs and other relevant data.

Purpose of Data Collection:
    To provide you with the best interactive security, energy management, video monitoring, automation, and wellness services.
    Personalization of services based on the information you provide.
    Alarm.com may also receive data from their partners (like emergency contact info) to enhance their services1.

Remember that data privacy practices may vary based on your region and use of the app2. Always review the full privacy policy for complete details1. If you have specific concerns, consider reaching out to Alarm.com directly for clarification.'

[–] Cheradenine@sh.itjust.works 7 points 5 months ago (1 children)

RethinkDNS can show you where it's connecting via firewall logs and has PCAP

[–] Audacious@sh.itjust.works 2 points 5 months ago

I just installed this today, and saw all the communications from google apps are going to Canada, which surprised me.

[–] Ephera@lemmy.ml 6 points 5 months ago (1 children)

This doesn't show individual requests, but it shows the tracker libraries and permission demands: https://reports.exodus-privacy.eu.org/en/reports/com.alarm.alarmmobile.android/latest/

Does this app itself do the security surveiling or why does it need access to the camera, microphone, location, user movement, biometrics, contacts etc.?

[–] Gerudo@lemm.ee 1 points 5 months ago

It is literally a tap to enter nfc pad. There is no need for ANYTHING listed in those permissions.

Bonus points for us having to register with our real names, phone numbers and addresses for access.

[–] MonkderDritte@feddit.de 3 points 5 months ago* (last edited 5 months ago)

Set up PCAPdroid with MITM.

[–] possiblylinux127@lemmy.zip 2 points 5 months ago

For me I just refuse to use any app to access a service. I can tolerate websites.

[–] devilish666@lemmy.world 1 points 5 months ago

Adguard can do that if you setting it in low level settings & activate HTTPS filtering for certain apps