Rendered at 09:23:54 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
JumpCrisscross 17 hours ago [-]
> the once-responsive Oura has not yet replied to any of my inquiries, or committed to releasing the numbers
Illinois has a tight biometric-privacy law [1]. I’d bet Oura isn’t particularly careful about prohibiting e.g. a Texas police department querying the protected information of Illinois residents.
Yeah I’ve probably gotten $100 in class action money from that law so far.
reaperducer 15 hours ago [-]
Why would they be careful, given that the chances of any serious consequences for ignoring such provisions are effectively zero?
Your cynicism is at odds with reality.
I got a check for nearly $500 because when I was an Illinois resident, one of the SV tech companies violated that law.
All it takes is one or two people to get in the ear of the right class action lawyer, and ignoring the rules quickly becomes expensive.
Or you could just grouse on HN and accomplish effectively zero.
sylos 14 hours ago [-]
You got a check for $500, but now your info is who knows where and the company involved is still making more money than not. You lost out.
blitzar 11 hours ago [-]
You didn't get a check for $500, and my info is who knows where and a bunch of companies, criminals and startups are making money off it.
sz4kerto 18 hours ago [-]
"In my previous blog, I revealed that Oura data is not end-to-end encrypted. That means that an Oura user's health data can be unscrambled at certain points as it travels from a person's ring, through their phone app, over the internet, and as it lands on Oura's servers."
Very strange -- it seems to be conflating end-to-end encryption with encryption-in-transit.
munchler 17 hours ago [-]
My understanding is that E2E encryption implies encryption in transit. The message is encrypted at the source and only decrypted at the destination, so it is encrypted everywhere in between.
blueg3 16 hours ago [-]
The term has kind of degraded, because people started marketing that "end-to-end encryption" is the "right" answer.
Encryption in transit means that network intermediates can't read the data. The two endpoints of the network communication can.
E2E encryption is more context-sensitive, and its context mostly comes from messaging. It means that the data is encrypted and that operational intermediates cannot read it. So in the context of messaging, the servers that run the messaging system cannot read the messages. Or, for an email, only the sender and recipient, not any of the intermediate email servers.
There's a big difference -- you can't really control or predict your network intermediates, but you can in theory know the operational intermediates. Whether something is E2E encrypted often depends on what intermediates you bring in to scope.
For example:
> That means that an Oura user's health data can be unscrambled at certain points as it travels from a person's ring, through their phone app, over the internet, and as it lands on Oura's servers.
If the ring uses Bluetooth to sync the data to your phone and the phone syncs data to the Oura servers, but the data is in the clear on your phone, then by this definition, it is not E2E encrypted. However, that's a pretty reasonable setup, depending on how the data on the phone is stored.
lloeki 16 hours ago [-]
> If the ring uses Bluetooth to sync the data to your phone and the phone syncs data to the Oura servers, but the data is in the clear on your phone, then by this definition, it is not E2E encrypted.
Yet another angle would be that both the phone and the ring are in one's material possession, whereas the cloud is someone else's computer, and to display a nice web UI it has to have the data unencrypted over there.
In that case, the cloud is the potentially untrusted intermediate between the data and one's eyeballs.
All of these are equally valid, it all depends on what is your threat model.
pseudosaid 14 hours ago [-]
this is such a hacker news comment. expounding needlessly. e2e implies encryption at the source and endpoint which entails encryption along all transit paths. its not that deep. if its not encrypted at the source “ring”, then it cant be e2e. I get your semantics but its just a waste, as is my comment here.
fc417fc802 15 hours ago [-]
> The term has kind of degraded
I have to disagree. It's the same thing that happened to terms such as open source. It's perfectly clear what it means but marketers intentionally attempt to mislead people for the sake of their own bottom line.
> but the data is in the clear on your phone, then by this definition, it is not E2E encrypted.
False. E2EE is centered on a given user. So long as the phone would be viewed as "yours" (ie inside your personal security boundary) by a reasonable person then it is clear that the data is E2E encrypted.
As the sibling comment notes the common issue is providing a web interface. It isn't so simple to have a remote server dish up a nice UI with lots of convenient functions while only decrypting the data on the client side. It can certainly be done but it requires developers that know what they're doing and management willing to budget for it.
11 hours ago [-]
fc417fc802 15 hours ago [-]
I don't see the conflation? The author makes it clear that the data is not E2EE. It does sound like it's encrypted in transit (this is table stakes for the past 20 years or so). I think that saying that the data gets "unscrambled at certain points as it travels" is a perfectly reasonable way to explain the practical difference between the two approaches to a nontechnical reader.
ggm 18 hours ago [-]
It also doesn't sound like its encrypted at rest. Perhaps each in-transit is held to be a unique e2e IP exchange?
juggle-anyhow 18 hours ago [-]
Encrypted at rest means something different. It means if you pull the hard drive out no one can decrypt it. Not that it is encrypted in the database.
stavros 16 hours ago [-]
Does encryption at rest actually do much? The percentage of attacks that were perpetrated by people getting physical access to a drive must approach zero.
nicce 16 hours ago [-]
Depends on what kind of data is in question. Backups and old incremential data can stay encrypted while disks are otherwise in use.
stavros 16 hours ago [-]
Hm yeah, I always think of encryption at rest as "the drive handles encryption itself", rather than "we encrypted these archives before we wrote them", but fair enough.
literalAardvark 16 hours ago [-]
Not necessarily the drive, but yeah, where standards mandate encryption at rest you need to have the files on the live disk encrypted.
Usually it's much less of a headache to luks/bitlocker/SED the whole drive so that you don't have to worry about swap files and logs
zoogeny 13 hours ago [-]
It generally has to do with risk models, especially in single tenant environments.
What I mean is, say I am a b2b service provider and I have a single database for some subset of my clients. That is, multiple clients data are held in the same database. There are many ways to do this but one way I have see is BYOK (Bring Your Own Key). You can have your clients give you secure access to a public/private key pair (e.g. through AWS secrets manager). Then you encrypt anything that gets written into the database using their key.
This means that if there is some security hole in your software that accidentally allows data to be exfiltrated from your servers (e.g. one malicious client sends API requests that allow for a query of data from another target client), the data the API returns will be encrypted using the target clients public/private key.
My own experience with security is that nothing is perfect and good security is like an onion. Encryption at rest isn't perfect and won't handle every possible malicious attack, but it is a layer in the broader strategy. The attacker has to both find a way to exfiltrate the data and trick the server into revealing the shared key. The idea being it is harder to do both than it may be to do either individually.
alternatex 16 hours ago [-]
I think it's also meant to protect from potential mistakes in handling of hard disk decommissioning which presumably is a common thing with data centers.
SoftTalker 15 hours ago [-]
Used to be, but e.g. where I work any decommissioned drive has to be DBANed (if it's spinning platters) or secure-erased (SSDs). If it can't be for some reason (e.g. it has failed) it needs to be physically destroyed. I would hope most data centers have similar policies in 2026, but that may be optimistic I guess.
fcarraldo 11 hours ago [-]
When the company that owns the physical hardware goes out of business, all of this stuff is moot.
dmkolobov 16 hours ago [-]
Unless the attacker is law enforcement.
stavros 16 hours ago [-]
Law enforcement will just get you to give them the keys.
dmantis 15 hours ago [-]
Law enforcement of another jurisdiction won't, but can try to snoop into the data.
iLoveOncall 17 hours ago [-]
You are conflating end-to-end encryption with encryption at rest.
close04 16 hours ago [-]
Not very strange but E2EE is thrown around a lot and everyone interprets it differently. And in some cases the expectations are unrealistic.
Take a messenger app using a server as middleman. E2EE means only the 2 users get to see the content, not the middleman company server. For Oura there’s only a user and the company server and a lot of people assume Oura can’t read the data, like the Signal or WhatsApp servers can’t read the data because of E2EE. The marketing usually allows or encourages this misunderstanding.
If they claim E2EE though, the interface between the user and the service (the ring or at worst the app) should mandate the encryption and the data should be decrypted only at the other end on Oura’s servers. If at any point in between these 2 ends the data is decrypted then it’s not E2EE.
u1hcw9nx 14 hours ago [-]
There is no interpretation issue, some people are just confused.
Oura is not claiming E2EE and Oura is not E2EE. E2EE in the health apps would mean that Oura would not see the data. Only user could see the data in their app. Oura's privacy policy states that they do not sell your data, they limit internal access using strict safeguards (like pseudonymization, where your name is separated from your health stats), and they pledge to push back against overbroad government data requests.
Contrast Oura to Apple Health that is true E2EE. Only you and your trusted devices have the keys, Apple can't see the keys, and Apple has noting to give is it gets government request.
fc417fc802 15 hours ago [-]
> everyone interprets it differently.
No, they don't. You're spreading misinformation. If the service provider can see the data then it is not E2EE. There is no room for negotiation here. Let me be perfectly clear that any service provider that claims E2EE while having access to user data is committing blatant fraud.
That said, it does not appear that Oura ever claimed E2EE. The author is merely making it clear to the reader that this is not the case.
Chaosvex 13 hours ago [-]
Agreed. Weird to see a bunch of posts trying to argue that E2E doesn't imply that provider can't see the data, at rest or in transit.
kator 17 hours ago [-]
All this said I'm more concerned about Automatic Content Recognition (ACR) on smartTV you buy in the store and never even realize it's phoning home with everything you watch...
JumpCrisscross 17 hours ago [-]
> I'm more concerned about Automatic Content Recognition (ACR) on smartTV
You’re more concerned about privacy when it comes to TV viewing than medical data? What a strange hijacking of a serious thread…
mcmcmc 17 hours ago [-]
When you buy a medical data collection device and it collects medical data that’s not exactly a surprise
fn-mote 14 hours ago [-]
The problem isn’t the collecting, it’s who has access to the data.
mcmcmc 11 hours ago [-]
Unless encryption is advertised as a feature, it’s a safe assumption that vendors that host your data will have access to it, the cloud being someone else’s computer and all that.
Obscurity4340 11 hours ago [-]
Nah, yeah the problem is also collecting the data in that way for to begin with
drfloyd51 17 hours ago [-]
Whataboutism in fancy clothes.
guilamu 17 hours ago [-]
If you're concerned about that do not give internet to your tv and use any kind of tv box instead (shield tv, apple tv, etc).
drnick1 15 hours ago [-]
I wouldn't use Apple TV, Shield or other proprietary black boxes if you want a private setup. Linux on a mini-PC with Plasma Bigscreen, your own over-the-air antenna for local TV, VacuumTube for YT, and the high seas for other content.
How long until they have built in cellular or use a mesh?
bentcorner 16 hours ago [-]
I'm certain there are a non-zero number of TVs that either attempt to auto-join popular wifi hotspots (xfinity/tmobile/starbucks/etc.) and/or have cellular connections for telemetry.
Thinking more on this I think a business opportunity in the future will be companies that design hardware stacks that can go in random appliances that can gather usage information in the name of telemetry.
I give it +/- 5 years before an OTS coffee maker at walmart phones home.
iLoveOncall 17 hours ago [-]
So that TV box can phone home instead of your smart TV? What's the point?
antiframe 16 hours ago [-]
Use a TV box that doesn't phone home, obviously. Also, don't buy a smart TV but a monitor.
drfloyd51 17 hours ago [-]
Different homes are being phoned. If that matters.
focusgroup0 18 hours ago [-]
guy who pays $6/month to be monitored by the f3ds
MassPikeMike 18 hours ago [-]
Judging by ads for cell phone service, most people pay more than that per month to be monitored by the Feds.
Cider9986 17 hours ago [-]
Cell phone services don't record your heart rate.
autoexec 16 hours ago [-]
I wouldn't be surprised if they could. Probably not while it's in your pocket though. They're packed with sensors that can pick up a lot. Just putting a phone on a table with a keyboard on it is enough for it to be able read your keystrokes. They can certainly tell when you're doing something that should be raising your heart rate.
reaperducer 15 hours ago [-]
Cell phone services don't record your heart rate.
As has been noted on HN several times, there are cars that monitor when you have sex in them. You might be surprised what is known and by whom.
Cider9986 15 hours ago [-]
> As has been noted on HN several times, there are cars that monitor when you have sex in them. You might be surprised what is known and by whom.
There is no proof they actually have that capability, it is just mentioned in their privacy policy.
NoImmatureAdHom 15 hours ago [-]
It is an interesting juncture that we have come to
mh- 15 hours ago [-]
I'm not sure what to search to find the stories you're referring to, but the obvious ones didn't cut it.. at the expense of my browser history.
That sounds more like "legal asked for list of everything we collect, and anything we could collect by accident or inference" - and it leading to hilarious results - which I have seen firsthand before.
We own a Kia. I'd offer to do a GDPR data request, but my data would not give us any useful signal here lol.
mathgeek 17 hours ago [-]
Judging by various leaks over the years, you get it for free anyway.
mannanj 14 hours ago [-]
I like paying $100/month to be monitored by the f3ds to Claude or Open(Closed)AI, or in some cases Max Premium subscriptions of $200/month.
But oh don't worry, since they are selling the tokens at a loss, this data sale doesn't matter.
My non-training data should be such that I pay them to extract it from me.
amarant 17 hours ago [-]
What will the government even do with my heart rate and blood oxygen data?
"Mr Smith has been running again, we better bring him in for questioning!"
Edit: to be clear, the government is requesting the data, so clearly they're doing something with it... But what? I don't see it!
jubilanti 17 hours ago [-]
Target infamously was inferring when teenage girls were pregnant before their parents knew based on reward card data records of single merchant retail purchases.... in 2002.
Tech companies when they speak to VCs: look at all the creepy things we can infer with ooodles of aggregated data and AI to maximize targeted ad revenue, we're worth 50x what an equivalent non-tech company in our sector is valued, because of all the things we can do with all that data from all those people together
Tech companies when they speak to their customers: oh you're so silly to even ask about privacy, what possible utility could there be in that single isolated variable?
nkrisc 16 hours ago [-]
Accidentally inferring. They were using basic machine learning to send coupons for predicted future purchases based on past purchases and general trends. And as far as I’m aware, it only happened once (or was only publicized once).
fc417fc802 15 hours ago [-]
It almost certainly happened regularly since the entire point of the program was to make accurate predictions about future purchases. The practical impact of acting on those predictions only caused mild controversy and became publicized the one time (at least that I'm aware of) but we have no reason to expect that the program was unsuccessful and every reason to expect that it was.
xboxnolifes 16 hours ago [-]
Buys your heart rate and blood oxygen data from Oura. Collects your iris data from Eyez. Purchases your fitness data from Borg. Sees your purchasing patterns through Krump. Knows everything you've said online through Gwimp. Gets your sequenced DNA from FamaTree. Tracks your location data from, well, nearly every app in existance.
What could they possibly do from this single variable???
mathgladiator 16 hours ago [-]
Sell me things that I might want... i did buy the Gibson slack board... hrmmm
wil421 15 hours ago [-]
Nobody cares that’s why this stuff sells.
none2585 17 hours ago [-]
Also if you're a woman biological signals can be used to know when you are on your cycle and thus missed it.
Sharlin 12 hours ago [-]
Given the keen interest in women's reproductive biology exhibited by many conservatives, I could definitely see them trying to, say, catch pregnant people who suddenly become non-pregnant.
none2585 11 hours ago [-]
Yep exactly my point. My partner will not even use cycle apps at this point because states can and undoubtedly will access that data to prove termination of pregnancy.
ratdragon 16 hours ago [-]
Ordering a taxi after running outside of US? Probably missed some mass transport. Raise the price boys... like good old Uber back in the day based on iphone battery level. Really the possibilities are endless if you're evil.
Bad health? Raise the insurance premiums? Or anything more evil I can't think of.
edit: grammar
amarant 16 hours ago [-]
None of those things sounds like stuff the government would have a hand in, unless you live in some communist country where the taxis are state-owned?
cess11 13 hours ago [-]
That'd probably be nice.
A capitalist, or as in this case, fascist, state might figure out all sorts of interesting things from mass surveillance, such as who might be disloyal, who is eligible for eugenic culling, who might be fun to deport, and who is vulnerable to sticks or carrots or both and could do something for the state that the state does not want to do directly.
drfloyd51 17 hours ago [-]
He was running at the same time our cops were chasing people. Bring him in.
jonners00 17 hours ago [-]
No one seems to care anymore, but a big issue that people were concerned about in the 2000s was the switch from 'I know more about me than the blob (corps, gov, etc) does' to, 'I need the blob to remind me where the hell I was that day'. Heart rate and blood oxygen data are hard to exploit data points but not impossible(1), but facing an accusation from someone who knows more about your movements than you do is an uncomfortable scenario. Of course right now, if you're facing an acusation of this type, odds are it's legitimate, or if not, defenseable, but that was the case 15 years ago in Türkiye, but isn't now. Things change.
(Note 1:"Dr. Bootlicker, the defendant wants the court to believe that she calmly placed herself between the agent and the minor he was trying to apprehend, and asserts that the agent's claim, that the defendant's actions constitute assault, is, in her words, 'ridiculous'. But am I correct in understanding that you view minutes 8 and 9 of the biometric data submitted to the court as characteristic of significant physical exertion that might be similar to that undergone by an assailant while commiting an assault?")
anigbrowl 15 hours ago [-]
Most likely biometric data on crime suspects to correlate with other forensic data. Obtaining this data on a case by case basis is expensive so it is most likely to be used in high stakes cases like murders or bank robberies where police and prosecutors need to show a win.
For example, A is known to have been an associate of B. B died violently at a certain time and date. Phone data put both of them in the same general area around that time. A seems evasive and won't talk. But A's biometric data reveals intense physical activity around the time of B's death...
Other suggestions in this thread like algorithmically making things worse for people in general are predicated on continual availability for a whole deanonymized population.
al_borland 15 hours ago [-]
I’ve seen stories where fitness trackers were used to tie someone to a murder.
They'll know when and how often you're awake or sleep (including how well you slept), sick, fucking, drunk or high, anxious or upset, relaxed, shitting, menstruating, medicated, etc. Combined with other data and tracked over time there is a shocking amount of intimate information you can get from just those two things which is why companies like Oura and Fitbit are so eager to get their hands on it.
AmblingAvocado 17 hours ago [-]
They used iPhone pick up and orientation data to build a narrative in the trial of Alex Murdaugh, so I imagine something similar.
kwar13 4 hours ago [-]
the good old 'i have nothing to hide, therefore it doesn't matter'
jubilanti 17 hours ago [-]
You're on Hacker News, think like a hacker - in both meanings of the term - for what could possibly go wrong.
amarant 16 hours ago [-]
I did, and came up blank... Any pointers?
mh- 15 hours ago [-]
I guess neither of us are hacker enough. I can't come up with anything interesting [that wouldn't be more readily available via cell networks], either.
Forge36 17 hours ago [-]
Location and time
dalyons 16 hours ago [-]
They already have that from your cellphone
reaperducer 15 hours ago [-]
What will the government even do with my heart rate and blood oxygen data?
It's not in isolation. It's in aggregation. So you end up with
"Mr. Smith's heart rate goes off the charts for six minutes every time his phone visits this apartment building in the middle of the night and is within radio range of Ms. Jones' phone."
17 hours ago [-]
basisword 18 hours ago [-]
This is why although I don't love my Apple Watch, I'm not using anything else. It's very sensitive data and Apple is the only company worth trusting with it. They're not perfect but compared to others there's no competition.
GeekyBear 17 hours ago [-]
A great example is Apple's new in-house cellular modem design, which gives you the option to stop reporting your exact location to your cellular provider.
The best way to prevent the Feds from getting access to customer data is to not collect it in the first place.
jeroenhd 18 hours ago [-]
Google's Health Connect system doesn't share this data either (without a consent prompt for third party apps, off course). This is to the point where I wish it would just support some kind of sync, because two devices hooked up to the same accounts need a third party app to transfer the health info.
Apple is subject to the same laws Oura is. The competition is too.
jjice 17 hours ago [-]
I believe the Apple one is E2E encrypted so they physically can't give useful data. Thats the core issue with Oura here.
jeroenhd 11 hours ago [-]
Apple's iCloud default is still to link the encryption key to your account password, with a bunch of extra steps if you wish to use your own key instead, just like Google does.
It doesn't really matter that the data is encrypted end to end if Apple backs up the encryption key based on a factor they already know (your password).
mmh0000 17 hours ago [-]
You may want to reevaluate.
Apple has a great PR (propaganda) department that has convinced many people they respect your privacy. In truth, they do not. They're "better" than Google, but only slightly. And only so slightly that realistically it doesn't matter.
"Apple is taking the unprecedented step of removing its highest level data security tool from customers in the UK, after the government demanded access to user data."
Did you just post an article where Apple refused a UK government order to weaken their encryption as "proof" that Apple doesn't respect customer privacy?
Also, the US Government has already demanded that Apple weaken device encryption.
Apple fought it in court, and the government dropped their demand rather than set a privacy precedent they wanted to avoid.
fc417fc802 14 hours ago [-]
I'm confused what you think Apple should have done differently there. If the government presents you with a legal demand generally your only options are to either comply or leave the market. Would you prefer Apple to have pulled out of the UK entirely?
I'm not even much of a fan of Apple but I really don't think you can hold it against them when they loudly protest but ultimately comply with legal demands.
basisword 13 hours ago [-]
>> "Apple is taking the unprecedented step of removing its highest level data security tool from customers in the UK, after the government demanded access to user data."
They did exactly what they should have. Their choices were build a backdoor or disable the advanced data protection feature in the UK. They also made it incredibly public.
add-sub-mul-div 17 hours ago [-]
It's brilliant how they've laundered their "privacy" reputation through Google etc. and people believe it so fully.
jesterson 2 hours ago [-]
> Apple is the only company worth trusting with it
Wonder what makes you you think so. Care to elaborate? Really hope it's not their ubiquitous ads showcasing how they "treat privacy seriously".
SoftTalker 18 hours ago [-]
Apple might be pretty good now. There's no assurance they always will be.
haritha-j 18 hours ago [-]
Yeah there's no one I'd trust with my personal data except Apple. Their track record of refusing to bow down to the feds has been golden. 24 carat infact.
jeroenhd 11 hours ago [-]
While Google has rejected China's terms and moved out of the mainland, China has set up a separate iMessage/iCloud system that complies with the wants and needs of the CCP.
They have also abided by the UK's demand to disable E2EE.
Apple's resolve is quickly overcome by any threat to their revenue. They're one law away from handing over all of your data to the feds.
cybercatgurrl 9 hours ago [-]
apple just can’t pull out of america so you’re likely right. a law mandating a backdoor in america would be the end
echelon 18 hours ago [-]
In the US. Apple's policies are flexible when it comes to other nation states.
All it takes is a political sea change for E2EE to go away.
Apple already has to hand over a wealth of information when asked by the feds.
GeekyBear 17 hours ago [-]
Apple literally removed encrypted file storage as a feature in the UK rather than comply with demands for access to encrypted customer data from the UK government.
Previously, they refused US government demands for a backdoor that would allow them to unlock locked devices.
pepperoni_pizza 16 hours ago [-]
> Apple literally removed encrypted file storage as a feature in the UK rather than comply with demands for access to encrypted customer data from the UK government.
Does that mean that instead of UK government accessing the data (through a backdoor), UK government can now access to data (because it's not encrypted at all)?
GeekyBear 16 hours ago [-]
Nope.
After Apple's announcement that they would remove encryption from UK users rather than weaken it, the bad press and public pressure forced the UK government to back down.
clutter55561 15 hours ago [-]
Not exactly. Apple kept it for existing users but stopped offering it to new users. So new users are vulnerable.
"Things might change in the future" is a perfectly general statement which applies to any state of affairs which is not restricted by natural law.
That makes it very nearly meaningless.
echelon 17 hours ago [-]
Maybe, weren't it for the fact that we're having age verification and IDV ("protect the kids"), hardware attestation, removal of 3rd party APKs, etc. heaved upon us.
We've never had so many threats to our privacy and liberties heaved upon us, and the rate is accelerating.
GeekyBear 15 hours ago [-]
Apple certainly lobbied against this stupidity.
> Cook conveyed to lawmakers that device-level age assurance proposals should not require the collection of sensitive data like birth certificate or social security number, and that parents should be trusted to provide the age of a child when creating a child's account. Any data used for determining age should not be kept by app stores or developers, according to Apple.
releasing a transparency report feels like an easy way to get on the administration’s shit list. i’ll be surprised if this ever happens
andrepd 16 hours ago [-]
What in god's name possesses someone to buy (and pay a subscription for) a device that gathers and sells their health data in exchange for a placebo dashboard of numbers...
reaperducer 15 hours ago [-]
What in god's name possesses someone to buy (and pay a subscription for) a device that gathers and sells their health data in exchange for a placebo dashboard of numbers...
Social media, mostly.
BenFranklin100 16 hours ago [-]
I considered an Oura but went with an Apple watch instead. I turned on Advanced Data Protection on the paired iPhone for peace of mind. No other large data providers really provide anything equivalent to ADP’s E2EE protection with zero access encryption, especially in the consumer space for activity trackers.
nextos 16 hours ago [-]
Garmin can be used completely offline?
AFAIK, they even have some watches with no radio hardware so that they can be used in sensible environments.
allthetime 16 hours ago [-]
Yup. It’s a bit of a pain, but you don’t have to use the connect app. Devices and data can be accessed with direct USB connection as standard storage. You will lose some features and I think firmware updates become difficult (or impossible?)
nextos 15 hours ago [-]
I think firmware updates and even map routes can be uploaded offline by mounting the watch as a USB mass storage device?
I wish Casio, Polar, Suunto and others provided this functionality.
There is some community software for Polar that enables offline data exchange, but it is a bit hacky, and OFC no firmware updates.
Suunto used to have a really good offline solution, but they discontinued that and moved to the cloud.
mikestew 15 hours ago [-]
Go through the Garmin Express desktop app for firmware updates.
I’m probably missing something, but I can’t think of anything you lose if you don’t use the phone app.
BenFranklin100 16 hours ago [-]
I believe they can be used offline, at least the last time I used Garmin I was able to set it up such that I could sync it to Golden Cheetah. It took some jumping through hoops and an older watch version to get it work, as I recall. For serious runners and hikers, the hardware is better than Apple.
I'm only a casual fitness tracker so the Apple Watch fits my needs better.
treesknees 16 hours ago [-]
I was stuck between the two, Oura won for its better sleep tracking and battery life.
I suppose one option would be to enable data syncing to Apple Health, and periodically delete/create new Oura accounts to purge historical health data. Not a great workflow, but would let you benefit from E2EE with Apple Health while using Oura (assuming Oura’s “delete account and all data” does what it claims)
I_am_tiberius 15 hours ago [-]
Why is it even necessary to save this data in the cloud?
jesterson 2 hours ago [-]
How do you expect them to read it?
akersten 17 hours ago [-]
IPOing soon at $11B btw
ck2 18 hours ago [-]
Oura doesn't even have GPS does it?
Government can already get ALL your celltower locations without a warrant
AND read all your emails and text messages that are over 6 months old, without a warrant
arusahni 18 hours ago [-]
In a society where women are being prosecuted for medical procedures, menstrual data becomes very risky to have handed over.
kevin_thibedeau 17 hours ago [-]
I sat in a meeting at a data broker in 1998 where one of their product managers was strangely proud about how they could determine menstrual cycles from purchase records. It wasn't just hygiene products either. They already have that data and manipulate women with targeted ads timed for the optimal receptivity.
michelb 18 hours ago [-]
Probably this yeah. Your location data can be obtained from other devices than your own, but this medical data cannot.
speff 17 hours ago [-]
From what I understand, they can get call records and subscription info w/ administrative subpoenas, but this is the first I've heard of them being able to get location data without a warrant.
Assuming you meant directly from the telcos and not from the data broker loopholes - in which case pretty much anyone should be able to do that. Emails and texts they still need a warrant for.
n8m8 17 hours ago [-]
Great, so they can further extrapolate what exact locations you get nervous / are more relaxed / walk more quickly… the understated problem with PII isn’t about any single data point, it’s about combining data to make probable inferences.
ethersteeds 16 hours ago [-]
The ring doesn't have gps but its app requires location permission so it gets it from your phone. It continually asks me to turn on background sync, which would presumably upload my location regularly as well. I decline and only allow location when the app is open to sync.
treesknees 16 hours ago [-]
Location is used for tracking distance/speed for certain activities and measuring VO2 max levels, and for finding a lost ring.
dalyons 16 hours ago [-]
They already know where your phone is…
filoeleven 12 hours ago [-]
> AND read all your emails and text messages that are over 6 months old, without a warrant
Source for this? Was it big news? First I've heard of it.
tensor 12 hours ago [-]
They can read all your emails that are over 6 months old? What are you basing this on? First I've heard of it.
kkotak 15 hours ago [-]
Oh! The Audacity!
throwawa1 17 hours ago [-]
Another reason to add to my list to justify not wearing my Apple watch and moved to a mechanical watch.
j45 13 hours ago [-]
This is pretty insane.
And a reminder that the cloud is someone else's computer, and your data in someone else's computer won't only be yours.
einpoklum 16 hours ago [-]
It's been over a decade since the Snowden revelations. We know full well that the large tech companies collect massive amounts of your personal data and secretly share it all with the US government. Not requests, not occasionally, not some - everything. And there are even formal mechanisms for this, like National Security Letters, which essentially guarantee silence.
So, why are we seeing articles like this, which raise suspcision that maybe a wearable smart-device company _might_ be sharing _some_ data, _sometimes_? Or expectations of voluntary transparency?
Yes, the government spies on you. Not because you're important, but because they spy on everybody. It's cheap, convenient and has no negative political consequences (so far).
If you read comments you can see how many people are oblivious to it. And we can assume people here are fairly educated.
It is incredible to read "I believe company A only!". They need to educate themselves otherwise noone would be able to stop the government machine.
johnnyApplePRNG 17 hours ago [-]
OURA is a joke. My GF bought two for us and after a week I made her return them due to non stop dark patterns coming out of that company.
Everything about that company is disgusting.
Such a shame, too. I was eager to learn more about my health.
Forge36 17 hours ago [-]
Can you elaborate?
shevy-java 17 hours ago [-]
We can not trust any government here.
mystraline 18 hours ago [-]
I was definitely interested in some sort of comprehensive sensor bundle for my healthcare.
But every one of these devices demands some Android/Apple app, and shipping all my health data to basically non-HIPAA data brokers.
Id be all over a local-only no-data-exfiltration health tracker. But the companies do NOT want to provide that.
I, uh, guess, "go surveillance capitalism", for more choices?
duskdozer 18 hours ago [-]
If your concern is that the government may access the data, whether it's covered by HIPAA or not is irrelevant, because HIPAA allows government access. Though yes, it would still be better than non-HIPAA in general.
permutations 17 hours ago [-]
I will once again proselytize for the new pebble time 2 (I am quite a fan of it). Open source and comes with standard sensors for health monitoring (6 axis imu, heart rate monitor, SpO2). Health data can be kept and analyzed on your phone and there are various apps that can do so. Suffice to say there are “surveillance-free” options out there, and if you’re not satisfied with current app options it is easy to hack your own together
RunningDroid 17 hours ago [-]
Many times GadgetBridge* can be used instead of the official app
Illinois has a tight biometric-privacy law [1]. I’d bet Oura isn’t particularly careful about prohibiting e.g. a Texas police department querying the protected information of Illinois residents.
[1] https://en.wikipedia.org/wiki/Biometric_Information_Privacy_...
I’m assuming that Oura are assuming that this—the Illinois BIPA is toothless—is true. It is not [1].
[1] https://www.wilmerhale.com/en/insights/blogs/wilmerhale-priv...
Your cynicism is at odds with reality.
I got a check for nearly $500 because when I was an Illinois resident, one of the SV tech companies violated that law.
All it takes is one or two people to get in the ear of the right class action lawyer, and ignoring the rules quickly becomes expensive.
Or you could just grouse on HN and accomplish effectively zero.
Very strange -- it seems to be conflating end-to-end encryption with encryption-in-transit.
Encryption in transit means that network intermediates can't read the data. The two endpoints of the network communication can.
E2E encryption is more context-sensitive, and its context mostly comes from messaging. It means that the data is encrypted and that operational intermediates cannot read it. So in the context of messaging, the servers that run the messaging system cannot read the messages. Or, for an email, only the sender and recipient, not any of the intermediate email servers.
There's a big difference -- you can't really control or predict your network intermediates, but you can in theory know the operational intermediates. Whether something is E2E encrypted often depends on what intermediates you bring in to scope.
For example:
> That means that an Oura user's health data can be unscrambled at certain points as it travels from a person's ring, through their phone app, over the internet, and as it lands on Oura's servers.
If the ring uses Bluetooth to sync the data to your phone and the phone syncs data to the Oura servers, but the data is in the clear on your phone, then by this definition, it is not E2E encrypted. However, that's a pretty reasonable setup, depending on how the data on the phone is stored.
Yet another angle would be that both the phone and the ring are in one's material possession, whereas the cloud is someone else's computer, and to display a nice web UI it has to have the data unencrypted over there.
In that case, the cloud is the potentially untrusted intermediate between the data and one's eyeballs.
All of these are equally valid, it all depends on what is your threat model.
I have to disagree. It's the same thing that happened to terms such as open source. It's perfectly clear what it means but marketers intentionally attempt to mislead people for the sake of their own bottom line.
> but the data is in the clear on your phone, then by this definition, it is not E2E encrypted.
False. E2EE is centered on a given user. So long as the phone would be viewed as "yours" (ie inside your personal security boundary) by a reasonable person then it is clear that the data is E2E encrypted.
As the sibling comment notes the common issue is providing a web interface. It isn't so simple to have a remote server dish up a nice UI with lots of convenient functions while only decrypting the data on the client side. It can certainly be done but it requires developers that know what they're doing and management willing to budget for it.
Usually it's much less of a headache to luks/bitlocker/SED the whole drive so that you don't have to worry about swap files and logs
What I mean is, say I am a b2b service provider and I have a single database for some subset of my clients. That is, multiple clients data are held in the same database. There are many ways to do this but one way I have see is BYOK (Bring Your Own Key). You can have your clients give you secure access to a public/private key pair (e.g. through AWS secrets manager). Then you encrypt anything that gets written into the database using their key.
This means that if there is some security hole in your software that accidentally allows data to be exfiltrated from your servers (e.g. one malicious client sends API requests that allow for a query of data from another target client), the data the API returns will be encrypted using the target clients public/private key.
My own experience with security is that nothing is perfect and good security is like an onion. Encryption at rest isn't perfect and won't handle every possible malicious attack, but it is a layer in the broader strategy. The attacker has to both find a way to exfiltrate the data and trick the server into revealing the shared key. The idea being it is harder to do both than it may be to do either individually.
Take a messenger app using a server as middleman. E2EE means only the 2 users get to see the content, not the middleman company server. For Oura there’s only a user and the company server and a lot of people assume Oura can’t read the data, like the Signal or WhatsApp servers can’t read the data because of E2EE. The marketing usually allows or encourages this misunderstanding.
If they claim E2EE though, the interface between the user and the service (the ring or at worst the app) should mandate the encryption and the data should be decrypted only at the other end on Oura’s servers. If at any point in between these 2 ends the data is decrypted then it’s not E2EE.
Oura is not claiming E2EE and Oura is not E2EE. E2EE in the health apps would mean that Oura would not see the data. Only user could see the data in their app. Oura's privacy policy states that they do not sell your data, they limit internal access using strict safeguards (like pseudonymization, where your name is separated from your health stats), and they pledge to push back against overbroad government data requests.
Contrast Oura to Apple Health that is true E2EE. Only you and your trusted devices have the keys, Apple can't see the keys, and Apple has noting to give is it gets government request.
No, they don't. You're spreading misinformation. If the service provider can see the data then it is not E2EE. There is no room for negotiation here. Let me be perfectly clear that any service provider that claims E2EE while having access to user data is committing blatant fraud.
That said, it does not appear that Oura ever claimed E2EE. The author is merely making it clear to the reader that this is not the case.
You’re more concerned about privacy when it comes to TV viewing than medical data? What a strange hijacking of a serious thread…
Thinking more on this I think a business opportunity in the future will be companies that design hardware stacks that can go in random appliances that can gather usage information in the name of telemetry.
I give it +/- 5 years before an OTS coffee maker at walmart phones home.
As has been noted on HN several times, there are cars that monitor when you have sex in them. You might be surprised what is known and by whom.
There is no proof they actually have that capability, it is just mentioned in their privacy policy.
Can you share some links?
https://news.ycombinator.com/item?id=47968252
We own a Kia. I'd offer to do a GDPR data request, but my data would not give us any useful signal here lol.
But oh don't worry, since they are selling the tokens at a loss, this data sale doesn't matter.
My non-training data should be such that I pay them to extract it from me.
"Mr Smith has been running again, we better bring him in for questioning!"
Edit: to be clear, the government is requesting the data, so clearly they're doing something with it... But what? I don't see it!
Tech companies when they speak to VCs: look at all the creepy things we can infer with ooodles of aggregated data and AI to maximize targeted ad revenue, we're worth 50x what an equivalent non-tech company in our sector is valued, because of all the things we can do with all that data from all those people together
Tech companies when they speak to their customers: oh you're so silly to even ask about privacy, what possible utility could there be in that single isolated variable?
What could they possibly do from this single variable???
Bad health? Raise the insurance premiums? Or anything more evil I can't think of.
edit: grammar
A capitalist, or as in this case, fascist, state might figure out all sorts of interesting things from mass surveillance, such as who might be disloyal, who is eligible for eugenic culling, who might be fun to deport, and who is vulnerable to sticks or carrots or both and could do something for the state that the state does not want to do directly.
(Note 1:"Dr. Bootlicker, the defendant wants the court to believe that she calmly placed herself between the agent and the minor he was trying to apprehend, and asserts that the agent's claim, that the defendant's actions constitute assault, is, in her words, 'ridiculous'. But am I correct in understanding that you view minutes 8 and 9 of the biometric data submitted to the court as characteristic of significant physical exertion that might be similar to that undergone by an assailant while commiting an assault?")
For example, A is known to have been an associate of B. B died violently at a certain time and date. Phone data put both of them in the same general area around that time. A seems evasive and won't talk. But A's biometric data reveals intense physical activity around the time of B's death...
Other suggestions in this thread like algorithmically making things worse for people in general are predicated on continual availability for a whole deanonymized population.
https://en.wikipedia.org/wiki/Murder_of_Connie_Dabate
It's not in isolation. It's in aggregation. So you end up with
"Mr. Smith's heart rate goes off the charts for six minutes every time his phone visits this apartment building in the middle of the night and is within radio range of Ms. Jones' phone."
The best way to prevent the Feds from getting access to customer data is to not collect it in the first place.
Apple is subject to the same laws Oura is. The competition is too.
It doesn't really matter that the data is encrypted end to end if Apple backs up the encryption key based on a factor they already know (your password).
Apple has a great PR (propaganda) department that has convinced many people they respect your privacy. In truth, they do not. They're "better" than Google, but only slightly. And only so slightly that realistically it doesn't matter.
"Apple is taking the unprecedented step of removing its highest level data security tool from customers in the UK, after the government demanded access to user data."
https://www.bbc.com/news/articles/cgj54eq4vejo
It happened in the UK; it will not be long before it happens in the US.
--
Also, USA: https://www.bbc.com/news/technology-36084244
--
Also, France, Germany, Australia, Brazil, Japan: https://www.apple.com/legal/transparency/pdf/requests-2024-H...
--
Also, Russia: https://www.bloomberg.com/news/articles/2019-02-04/apple-fil...
--
Also, China: https://www.article19.org/resources/apple-cares-about-digita...
--
Also in general: https://proton.me/blog/iphone-privacy
Also, the US Government has already demanded that Apple weaken device encryption.
Apple fought it in court, and the government dropped their demand rather than set a privacy precedent they wanted to avoid.
I'm not even much of a fan of Apple but I really don't think you can hold it against them when they loudly protest but ultimately comply with legal demands.
They did exactly what they should have. Their choices were build a backdoor or disable the advanced data protection feature in the UK. They also made it incredibly public.
Wonder what makes you you think so. Care to elaborate? Really hope it's not their ubiquitous ads showcasing how they "treat privacy seriously".
They have also abided by the UK's demand to disable E2EE.
Apple's resolve is quickly overcome by any threat to their revenue. They're one law away from handing over all of your data to the feds.
All it takes is a political sea change for E2EE to go away.
Apple already has to hand over a wealth of information when asked by the feds.
Previously, they refused US government demands for a backdoor that would allow them to unlock locked devices.
Does that mean that instead of UK government accessing the data (through a backdoor), UK government can now access to data (because it's not encrypted at all)?
After Apple's announcement that they would remove encryption from UK users rather than weaken it, the bad press and public pressure forced the UK government to back down.
> UK backs down in Apple privacy row, US says
https://www.bbc.com/news/articles/cdj2m3rrk74o
That makes it very nearly meaningless.
We've never had so many threats to our privacy and liberties heaved upon us, and the rate is accelerating.
> Cook conveyed to lawmakers that device-level age assurance proposals should not require the collection of sensitive data like birth certificate or social security number, and that parents should be trusted to provide the age of a child when creating a child's account. Any data used for determining age should not be kept by app stores or developers, according to Apple.
https://www.macrumors.com/2025/12/10/tim-cook-age-verificati...
https://www.mintpressnews.com/apple-israel-unit-8200-hiring/...
Social media, mostly.
AFAIK, they even have some watches with no radio hardware so that they can be used in sensible environments.
I wish Casio, Polar, Suunto and others provided this functionality.
There is some community software for Polar that enables offline data exchange, but it is a bit hacky, and OFC no firmware updates.
Suunto used to have a really good offline solution, but they discontinued that and moved to the cloud.
I’m probably missing something, but I can’t think of anything you lose if you don’t use the phone app.
I'm only a casual fitness tracker so the Apple Watch fits my needs better.
I suppose one option would be to enable data syncing to Apple Health, and periodically delete/create new Oura accounts to purge historical health data. Not a great workflow, but would let you benefit from E2EE with Apple Health while using Oura (assuming Oura’s “delete account and all data” does what it claims)
Government can already get ALL your celltower locations without a warrant
AND read all your emails and text messages that are over 6 months old, without a warrant
Assuming you meant directly from the telcos and not from the data broker loopholes - in which case pretty much anyone should be able to do that. Emails and texts they still need a warrant for.
Source for this? Was it big news? First I've heard of it.
And a reminder that the cloud is someone else's computer, and your data in someone else's computer won't only be yours.
So, why are we seeing articles like this, which raise suspcision that maybe a wearable smart-device company _might_ be sharing _some_ data, _sometimes_? Or expectations of voluntary transparency?
Yes, the government spies on you. Not because you're important, but because they spy on everybody. It's cheap, convenient and has no negative political consequences (so far).
References:
* https://en.wikipedia.org/wiki/National_security_letter
* https://www.pcmag.com/news/the-10-most-disturbing-snowden-re...
It is incredible to read "I believe company A only!". They need to educate themselves otherwise noone would be able to stop the government machine.
Everything about that company is disgusting.
Such a shame, too. I was eager to learn more about my health.
But every one of these devices demands some Android/Apple app, and shipping all my health data to basically non-HIPAA data brokers.
Id be all over a local-only no-data-exfiltration health tracker. But the companies do NOT want to provide that.
I, uh, guess, "go surveillance capitalism", for more choices?
*https://codeberg.org/Freeyourgadget/Gadgetbridge
In overly simple terms, if insurance is not involved, then it’s not subject to HIPAA.