I regularly receive emails from Smile summarizing my snippet expansions and generally attempting to encourage me to make better use of the product. Today I received a year in review note hi lighting the most common snippets I used etc…
After reading the latest note a light went off and got me thinking about the data privacy aspects? They clearly have the ability to capture and send off to their cloud every keystroke we type. A classic man in the middle kind of situation. I avoided upgrading to the subscription version until earlier this year but now looking at the privacy aspects I’m wondering if that was a mistake.
I know this isn’t a forum which concerns itself too much with security and data privacy but thought I would throw it out there for discussion and comment.
A malicious program with Accessibility permissions can of course do damage, but I think Smile does a good job explaining how TextExpander handles and protects your keystroke data in this document:
Some highlights:
TextExpander never stores or sends your keystrokes anywhere. A small number is temporarily kept in memory.
TextExpander stores keystrokes as an encoded hash of characters, similar to the way a password is securely stored so that no one reading it knows what it is.
Thank you for this I was not aware of the article and as you said it was informative. As I reread the “Year in Review” email they sent me one of the items they hi-lighted was my top 5 expanded snippets. I’m trying to think through how they could provide that information if they didn’t send back which snippets I was using… Probably nothing but…
Oh, I’m sure they collect usage statistics and this article doesn’t preclude that. They just do it without saving or sending what you actually type. I haven’t used TextExpander in awhile, but given the account there must be transmission back and forth of your settings, etc., as well.