Feed Sponge v1.4.4
Jan. 27, 2011, 8:36 p.m.
Version 1.4.4 of Feed Sponge sees the addition of OPML backup to the local SD Card. This feature allows you to restore your subscription list after re-flashing your phone's firmware or when you upgrade to a new handset. You just have to move the SD Card (at least initially) to the new handset when you launch the freshly installed Feed Sponge.
This version also includes a long overdue subscription reporting system. I have been largely in the dark about subscriptions and which podcasts are the most popular aside from other internet sources and their ratings. Now the device will report anonymous subscription information.
I know what your thinking: This probably isn't anonymous at all, lame. Well if you have a means to capture the data coming from your phone, you'll know that I'm shooting straight. Otherwise you have my word as a fellow privacy freak.
How does it work? I need a unique identifier to know that your subscription information is coming from your phone. That leads to the deviceID. But transmitting the deviceID is both potentially personally identifiable and just generally a bad idea. So I run the deviceID + salt through SHA512 before it ever leaves your phone.
So lets call your deviceID A and the hash of that B. A will always hash to B, but B cannot ever be reversed to disclose A. It involves a lot of complicated math, but it works. That seems pretty good, but if I stopped there and some other website also hashed A to get B, we would both know B. If that other site also knows another piece of information, someone could eventually put the two together and potentially figure out who you are.
That is unacceptable. I have added a salt C to the mix which will now combine with A and hash to D. There is no way, even if you know C, D, and B; that anyone could correlate information from my website to B or discover what A is.
The sun will burn out before the hash that I store can be correlated to your phone much less your identity. I seriously doubt anyone else that makes a podcatcher with a guide that measures popularity does this. Many work to get more information from you like your name and email to store you subscription information "in the cloud."
Is this much effort to protect the anonymity of some podcast subscriptions overkill? Absolutely.
tags( #feedsponge #android ) Tweet