I've been taking a closer look at the WebOS side of my Palm Pre tonight, and I noticed that it periodically uploads information to Palm, Inc.

The first thing sent is intended to be my GPS location. It's the same location I get if I open the map app on the Pre. Not very accurate in this case, but I've seen it be accurate enough to find my house before.

{ "errorCode": 0, "timestamp": 1249855555954.000000, "latitude": 36.594108, "longitude": -82.183260, "horizAccuracy": 2523, "heading": 0, "velocity": 0, "altitude": 0, "vertAccuracy": 0 }

Here they can tell every WebOS app I use, and for how long.

{ "appid": "com.palm.app.phone", "event": "close", "timestamp": 1250006362 }
{ "appid": "com.palm.app.messaging", "event": "launch", "timestamp": 1250006422 }
{ "appid": "com.palm.app.messaging", "event": "close", "timestamp": 1250006446 }

It sends the above info on a daily basis.

2009-08-10t09:15:10z    upload  /var/context/pending/1249895710-contextfile.gz.contextlog       ok      rdx-30681971
2009-08-11t09:15:10z    upload  /var/context/pending/1249982110-contextfile.gz.contextlog       ok      rdx-31306808

There is also some info that is recorded when a WebOS app crashes. Now, I've seen WebOS crash hard a time or two, but it turns out apps are crashing fairly frequently behind the scenes, and each such crash is logged and a system state snapshot taken. At least some of these are uploaded, though if things are crashing a whole lot it will be throttled.

2009-08-09T17:01:22Z    upload  /var/log/rdxd/pending/rdxd_log_59.tgz   OK      RDX-30246857
2009-08-09T17:05:36Z    upload  /var/log/rdxd/pending/rdxd_log_26.tgz   OK      RDX-30249465
2009-08-09T17:09:11Z    upload  /var/log/rdxd/pending/rdxd_log_56.tgz   OK      RDX-30252374
2009-08-09T17:11:46Z    upload  /var/log/rdxd/pending/rdxd_log_70.tgz   OK      RDX-30253958
2009-08-09T17:16:29Z    upload  /var/log/rdxd/pending/rdxd_log_67.tgz   ERR_UPLOAD_THROTTLED_DAILY      
2009-08-09T17:17:28Z    upload  /var/log/rdxd/pending/rdxd_log_51.tgz   ERR_UPLOAD_THROTTLED_DAILY      
2009-08-09T17:20:40Z    upload  /var/log/rdxd/pending/rdxd_log_21.tgz   ERR_UPLOAD_THROTTLED_DAILY  

Each tarball contains a kernel dmesg, syslog, a manifest.txt listing all installed ipkg packages (including third-party apps), a backtrace of the crash, a df (from which they can tell I'm using Debian on the phone), and ps -f output listing all processes owned by root (but not by joey).

The uploading is handled by uploadd, which reads /etc/uploadd.conf:



The "HOST" this is sent to via https is ps.palmws.com.

My approach to disable this, which may not stick across WebOS upgrades, was to comment out the 'exec' line in /etc/event.d/uploadd and reboot. However, then I noticed a contextupload process running. This is started by dbus, so the best way to disable it seems to be: rm /usr/bin/contextupload

BTW, since Palm has lawyers, they have a privacy policy, which covers their ass fairly well regarding all this, without going into details or making clear that the above data is being uploaded.

Update: WebOS upgrades do re-enable the spyware; this has to be repeated after each upgrade.

Previously: Debian chroot on Palm Pre, debian desktop via vnc on the palm pre

Spooky that they're uploading user info without letting us know. My only concern for the fix is, does /usr/bin/contextupload have any other uses that we need? Ifnot..bye bye baby, bye bye, and thank you very much for the info!!!
Comment by joshp [nousessence.com/id]
comment 2
Removing contextd seems ok so far, but you might want to keep a backup.
Comment by joey [kitenet.net]
who cares?

Sprint already has a log of every web server I visit with my Pre via EVDO. Sprint already has a log of my gps track whenever I use google maps or sprint nav. Sprint already has a log of every email address I get email from or to. Sprint already has a log of every phone number I get or make a call to. Sprint already has a log of every sms message I get or make. Sprint has the ability to have a log of every cell tower I ping into. Sprint has the ability to read every email I send or receive.

What, exactly, is it that I'm risking in terms of my privacy that palm gets crash logs and usage time of apps again?

Yawn. Who cares?

Comment by yYHUyFYOl_q0soVNxfeEAk83.7PkYxo- [me.yahoo.com/a]
But now PALM knows all that info, in addition to Sprint.
And they know it for every Sprint customer who uses a Palm Pre.
Comment by rpresser [livejournal.com]
Despite the detritus of comments...
Although the uploading seems spooky, I think an important point to illustrate is that the openness of the phone in the first place is what allowed joey to dig around at this level, and he certainly has the freedom to modify this behavior. Any other locked down handset may do the same thing, but the user will not have the opportunity to investigate sans a jailbreak or some other circumvention.
Comment by psykoyiko [myopenid.com]

Man in the middle: http://www.webos-internals.org/wiki/Decrypt_SSL_(trusted_man-in-the-middle_technique)

I wanted to do this for a while to see how synergy worked, but never configured it.

Comment by mbrownnyc [myopenid.com]
email is not readable

yYHUyFYOl_q0soVNxfeEAk83.7PkYxo-#f45cf [me.yahoo.com/a]

You don't use TLS/SSL for your Email?

Comment by mbrownnyc [myopenid.com]

psykoyiko, you have an excellent point, and that relative openness (you can even build your own kernel!) is why I got the Pre in the first place.

To clarify, I didn't monitor traffic, I only looked at the log files I posted. You can easily google how to get root on the Pre if you'd like to do the same.

Also, since I forgot to mention -- the Pre has some location privacy settings, and a backup service. Obviously, if you enable the backup service, you're telling it to transmit your preferences and account info and so on to Palm. But not the info I've found here. The location privacy settings allow you to turn off the GPS, which someone reports does prevent location being logged and sent. It also allows you to turn off reporting of location information to Google.

But nowhere is there a setting to disable sending these logs to Palm. The existance of these other privacy settings thus makes the Pre's behavior even more unexpected and jarring.

Comment by joey [kitenet.net]
comment 11
on top of that Spring keeps track of where you (on cell technology) are and sells this data to anybody with cash.
Comment by wildvlad [myopenid.com]
big brother
Joey: you hit the nail on the head. In reality you can't defeat any locating measures on any phone. Only a software bug will allow you to appear in multiple locations. WPS are the only phones that will be allowed usage in a national emergency. People need to read the fine print on their contracts.
Comment by bubbadog1 [myopenid.com]
And who is supposd to be the smart one? Of couse the Pre sends information back to Sprint, most phones and carriers do this. Sheesh and this was reported as a story by MSNBC, wow, really breaking news here. It's what we want them to do!!!! How else would the location finder for stores near you work, how else will the GPS work? DUHHHHHHH.... Also, oh my God, what a concept... you can turn it off if you want!!!!!! Why was this an issue... I'm going back to bed..
Comment by mckissack [myopenid.com]
Minor updates don't reenable the spyware?

I'm a relatively new Pre owner, so forgive me if this is not news.

I just recently got the OTA update from webOS version 1.4 to version (Sprint). When I went to go back and re-edit uploadd and re-remove contextupload, I was surprised to find that the "exec" line in the former was still commented out, and the latter was still not there. Has this always been the case with minor updates, or might this have to do with the new way that Palm packages the update files?

Comment by analog [myopenid.com]