Palm’s Pres Spying on Palm Pre Users and Reporting Back to Palm   - 820 Views,

The narcing Palm Pre issue was discovered by Joey Hess, who posted the full details of his discovery on his blog over at Kitenet.net. As Hess explains, “I’ve been taking a closer look at the WebOS side of my Palm Pre tonight, and I noticed that it periodically uploads information to Palm, Inc..”

Talk about a thing that makes you go “Hmmm.”

Hess goes on to explain that “The first thing sent is intended to be my GPS location. It’s the same location I get if I open the map app on the Pre. Not very accurate in this case, but I’ve seen it be accurate enough to find my house before.”

Hess then noted that the Palm Pre was also reporting “every WebOS app I use, and for how long.”

According to Hess, this information is reported back to Palm by the Palm Pre on a daily basis. The culprit is a routine on the Palm Pre called “uploadd”, which sends the information via the web (using an https command) to the server at ps.palmws.com.

Hess also explains he has disabled it on his own Palm Pre by commenting out the line which executes the command in the file found at /etc/event.d/uploadd, noting that whenever there is an OS upgrade to the Pre, it may reinstate the command.

Said a Palm spokesperson, when questioned about the practice, “Our privacy policy is like many policies in the industry and includes very detailed language about potential scenarios in which we might use a customer’s information, all toward a goal of offering a great user experience. For instance, when location based services are used, we collect their information to give them relevant local results in Google Maps. We appreciate the trust that users give us with their information, and have no intention to violate that trust.”

Of course that and a dollar won’t even get you a cup of coffee.

You can read Hess’ full article, which includes copies of all the culprit codes, here.