Trust No One, Especially if They Produce Your Cell Phone

It’s no secret I’m a geek. I work at a technology company, pay attention to technology news, get excited over new releases of Mac OS, Linux, and Windows and I have a smart phone. My smart phone is an old Palm Treo 755p running Palm OS (I still refuse to call it Garnet OS). By today’s standards, and even by the standards of the day I purchased it, it’s an outdated phone.

I’ve been looking at new phones but haven’t found one that suites me. The iPhone would be nice if it wasn’t on AT&T, and didn’t have draconian policies in place for it’s App Store. Android would be nice but it’s on T-Mobile which doesn’t get coverage in may places I travel to. Then there is the Palm Pre which I’ve had a slight love affair with due to the fact it’s from Palm and it’s on Sprint (I’m out of contract so I’m in no hurry to get into a contract with another carrier). I’ve been waiting for Palm to open the flood gates and allow third party applications to be installed on the Pre without using the special developer mode. Well I think the Pre may be off of my list.

Apparently the Palm Pre periodically reports you GPS coordinates back to Palm. I know what you’re thinking, since the cell phone providers can triangulate your position from your cell phone what does it matter if GPS coordinates are being transmitted? Well triangulating my position via my phone is simply a side effect of the technology and can be done with any radio based device. Also Palm is receiving these coordinates, and frankly they have no business having them. They have no need to know where I am when using their product, and they never mention that they are doing this. It’s slight of hand acts like this that really piss me off.

The link does have instructions on disabling this problem but it’s unknown if these changes will hold after a software update. But this is a good lesson on why you should trust no one with your security. This goes doubly so for closed source software vendors where you can’t know for certain that they aren’t doing something malicious under the hood. This goes triple for a company that produces a product that you carry around with you everywhere that has the ability to track you. Paranoia when it comes to personal security is a good thing.

Further Research

Palm’s terms and conditions that legally allow them to get away with this. (PDF)