Welcome to the Android Central Forums Create Your Account or Ask a Question Answers in 5 minutes - no registration required!
Results 1 to 5 of 5
  1. Thread Author  Thread Author    #1  

    Default Concern over Motorola access to log files

    Is anyone besides me concerned over the access Motorola through MotoBlur has to log files on the phone? As an example; I write medical software a d if I crash while browsing a confidential file the patient name may be exposed, which is a violation of HIPAA (federal) and I am potentially liable.
    Another example, you are browsing or viewing information that you donít necessarily want others to be aware of and you crash, the log of what you were doing is automatically sent to Moto.
    I find this disturbing and creepy. I bought a phone, did not relinquish my privacy to Moto. This is way too intrusive for me, and because you must register for MotoBlur, this is part of the rights given to the, and they use this frequently.
  2. #2  

    Default

    I posted something about some issues over on the moto site a week or two ago and they came back and said that my crash logs showed x,y & z. I replied back asking how did they get that data and here is their response

    Crash data is reported back to Motorola to help better analyze failures and so we can promplty fix any major problems seen in the field. For example, the significant number of crashes in different 3rd party applications allows us to follow up with the authors of those applications so they can make the necessary updates to minimize or eliminate future crashes on ATRIX.

    With this sort of real world feedback we can ensure the software upgrades our consumers receive address not only the functional issues reported in the forum, but the major crashes and device resets as well.
    I don't think they have access to the information, they can just see what apps were running when a crash occurred. Others here might have more insight into this. I would recommend posting over on their forums and see if they can provide you with exactly what info they have access to.

    I personally don't have an issue with it but I am not dealing with confidential information like you are. However, this is going to become more of an issue as we all continue to live out of "the cloud".
  3. #3  
    corneliusm's Avatar

    Posts
    170 Posts
    ROM
    CM9 Beta

    Default

    Quote Originally Posted by stevehsteveh View Post
    Is anyone besides me concerned over the access Motorola through MotoBlur has to log files on the phone? As an example; I write medical software a d if I crash while browsing a confidential file the patient name may be exposed, which is a violation of HIPAA (federal) and I am potentially liable.
    Another example, you are browsing or viewing information that you don’t necessarily want others to be aware of and you crash, the log of what you were doing is automatically sent to Moto.
    The android crash log contains a stack trace and some other [non-invasive] debugging info. It will not send open files back to Google or Motorola, but the trace may contain sensitive info if the file handles (ie- filenames, paths, etc) contain anything that might identify a patient. Also, if you're dumb enough to be logging patient data (unencrypted) to android.util.Log, you should be liable.

    Disclaimer- I am a software engineer, and I used to work at a medical device company developing 3D GUIs for physicians to assist them with operating on their patients. I had actually researched a very similar issue dealing with the Microsoft crash handler (since our stuff ran on Windows- it wasn't safety critical). Problem is, our systems supported remote operation via TCP/IP, and was connected to the internet (web browsers were disabled however). If it crashed, a Doc could hit "send report" on the crash dialog, which did send stuff to Microsoft. Turns out we didn't violate HIPAA as long as our stack trace remained clean.
    Thanked by:
  4. Thread Author  Thread Author    #4  

    Default

    Corneliusum, thanks for the succinct answer. No, I'm not dumb enough to expose unencrypted info but I was conerned about fragments left in memory and captured by the log. Again, thanks.
  5. #5  
    corneliusm's Avatar

    Posts
    170 Posts
    ROM
    CM9 Beta

    Default

    Quote Originally Posted by stevehsteveh View Post
    Corneliusum, thanks for the succinct answer. No, I'm not dumb enough to expose unencrypted info but I was conerned about fragments left in memory and captured by the log. Again, thanks.
    I wasn't implying you personally were dumb, but it wouldn't surprise me if someone was logging sensitive info to a publicly-accessible log. There are a *lot* of dumb developers out there that do things that cause me to scratch my head and wonder how they managed to graduate college... but that's another story.

Posting Permissions