Hacker News new | ask | show | jobs
by orbital-decay 1155 days ago
> Smartphone companies like Apple and Google, in an attempt to better their word prediction algorithms, as well as collect potentially profitable information on what their users were typing, began submitting and aggregating all their user's key-taps to their servers, violating user's privacy in the process.

Neither Google's nor Apple's keyboards send your keystrokes to the server, that would have been too outrageous, even for them. Gboard is kind of leaky, as it uses "federated learning" where the keyboard finetunes a prediction model locally, then the results are sent to the server and merged there; this is literally a long-term profile of what (and how) you type, and can probably be used to identify you elsewhere. But even then it doesn't send your keystrokes directly.
1 comments
bhawks 1155 days ago
The model updates are not persistently stored and are not accessed individually. The system can only access aggregated averages of updates.

Here is a paper that describes the cryptography protecting user data https://eprint.iacr.org/2017/281

link
orbital-decay 1155 days ago
TIL, thanks! I totally missed this part and just assumed it was just another profiling tool. (it's Google, it has to be, somehow...)
link