this post was submitted on 27 Aug 2023
246 points (93.0% liked)

linuxmemes

20770 readers
1099 users here now

I use Arch btw

Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
poopsmith@lemmy.world
zephyr@lemmy.world
246
👀👀spotify bad; spotube good (lemmy.dbzer0.com)
submitted 1 year ago by covert_czar@lemmy.dbzer0.com to c/linuxmemes@lemmy.world
64 comments fedilink hide all child comments
 

Spotube link

you are viewing a single comment's thread
view the rest of the comments
[–] gianmarco@feddit.it 3 points 1 year ago (1 children)

That's what I meant by "extra data collection," it just gets data that has to do with what you do on the server, which is significant, but you're still protected from kinds of local collection (e.g.: device model, IMEI if possible, screen resolution, networks you connect to, etc.) other than not having analytics trackers and ads. It may sound a bit crazy, but it is possible to collect this kind of stuff to fingerprint you, just like browser fingerprinting.

[–] zweieuro@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

This is true for the desktop/mobile app application I aggree with you there since its a CEF native on desktop and mobile apps have these kinds of APIs. I very much disagree with the Web client (which admittedly my original comment didn't mention at all, personally I mainly use the Web player)

Since on Web it's just a Website, all previously mentioned serve side tracking applies; but getting any hardware information through the sandboxing would break the browser security model and is not possible since there is no such web API. Web fingerprinting is one of the reasons apple (at least they keep bringing it up as a concern) is not keen on implementing the Web API for the luminance sensor on safari. Interestingly webkit (chromium core) does have the functionality which is why it's behind a dev flag atm (https://developer.mozilla.org/en-US/docs/Web/API/AmbientLightSensor)

Identifying hardware should not be possible according to the browsers security model.

I should've phrased my question as 'what advantage does spotube provide over Spotify premium in the browser', after downloading it and trying it out I am guessing the biggest advantage is the download button and stuff like that? Though... I personally have no use for offline Musik nowadays.

Edit: Sidenote: the Mozilla docs frequently mention that the user agent may be used to infer hardware/browser information, and therefore developers are encouraged so spoof it (and in general not to trust the information given)