• Gianmarco Gargiulo@feddit.it
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    That’s what I meant by “extra data collection,” it just gets data that has to do with what you do on the server, which is significant, but you’re still protected from kinds of local collection (e.g.: device model, IMEI if possible, screen resolution, networks you connect to, etc.) other than not having analytics trackers and ads. It may sound a bit crazy, but it is possible to collect this kind of stuff to fingerprint you, just like browser fingerprinting.

    • zweieuro@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      This is true for the desktop/mobile app application I aggree with you there since its a CEF native on desktop and mobile apps have these kinds of APIs. I very much disagree with the Web client (which admittedly my original comment didn’t mention at all, personally I mainly use the Web player)

      Since on Web it’s just a Website, all previously mentioned serve side tracking applies; but getting any hardware information through the sandboxing would break the browser security model and is not possible since there is no such web API. Web fingerprinting is one of the reasons apple (at least they keep bringing it up as a concern) is not keen on implementing the Web API for the luminance sensor on safari. Interestingly webkit (chromium core) does have the functionality which is why it’s behind a dev flag atm (https://developer.mozilla.org/en-US/docs/Web/API/AmbientLightSensor)

      Identifying hardware should not be possible according to the browsers security model.

      I should’ve phrased my question as ‘what advantage does spotube provide over Spotify premium in the browser’, after downloading it and trying it out I am guessing the biggest advantage is the download button and stuff like that? Though… I personally have no use for offline Musik nowadays.

      Edit: Sidenote: the Mozilla docs frequently mention that the user agent may be used to infer hardware/browser information, and therefore developers are encouraged so spoof it (and in general not to trust the information given)