Seems the server is 50 USD/month for 50 clients. Since it is FOSS, I suppose you can self-host?
This seems shady:
"* In addition to standard version available on the Google Play, Traccar Client for Android comes in a special hidden version. It includes modifications to make the app less visible to the phone’s owner. Name is changed from “Traccar Client” to “Device Settings”. Default Android settings icon is used as an app icon. After first start, the app removes itself from the launcher. To open it again dial 8722227 (TRACCAR)."
I highly doubt that's GDPR complaint. Then again, it is a Russian company who sell their server capacity in USDs.
They probably meant "user" here, and a lot of companies would want to be able to track their phones without the user deleting it. I think it's fine if the phone is company property.
I don't think there's anything wrong with a Russian company selling online in USD if they want to hit a higher market. As someone from Pakistan, I wouldn't price my SaaS in PKR either if my market includes people from outside the country.
> They probably meant "user" here, and a lot of companies would want to be able to track their phones without the user deleting it. I think it's fine if the phone is company property.
There is no reason to try and hide such an app, though. Phones that are company property will be under MDM which can ensure a given app is installed and prevent uninstallation.
These features, presumably, are to target the shady "spouse spying", domestic abuse and similar adversarial tracking markets.
Yeah, I can see how they'd be used like that and I don't condone it. At the same time, the optimist in me hopes they're trying to make it less obvious to the employees that the phone is being tracked. Like when you don't necessarily need a glowing red camera to remind workers that big brother is watching.
But I certainly see your point. I'm
just hoping they're a legitimate vehicle tracking solution that's letting you add an accompanying hard-to-remove client app on a spare phone to use as a easy vehicle tracker.
Please don't confuse your opinion with the laws of every sovereign nation. There are plenty of countries that prescribe stoning someone to death for offenses such as fornication, or homosexuality.
One legitimate use of such technology is a tracker on your own phone in case it gets stolen. Prey[0] used to disguise itself as a game a few years ago.
Wow, that escalated quickly. Please tone it down a little.
You described a different scenario. My comment was not related to installing such hidden software yourself on your own device, not meant to be used by anyone else.
My last comment wasn't meant to be, nor does it read to me as, hostile. I suppose I can write too matter-of-factly and text does come across as bland so I do apologize if it felt like I was being rude.
It is security through obscurity though. It is one thing to disallow a user to uninstall such an application. As you say, the user might not be the owner. You could even inform the user that the software is running. Even if they're not the owner of the phone that's probably a morally right thing to do. It is another level to rename the application as if its part of the OS. That's a malware tactic. Therefore, I don't believe they should provide such build.
As for the Russia/USD thing, it was worth mentioning as a heads up (and besides from the way I wrote it, you can read as if they don't target EU). It was meant in an informational way (and I like that they're open about where they're from). Whatever judgement you draw from it, is up to the reader.
Author of Traccar here. Pricing is for SaaS solution hosted on our servers. Software itself is completely free and open source.
As for GDPR compliance, users are in full control of their data. You can delete anything you want from the system. We do collect some anonymous aggregates statistics from servers, but that can easily be disabled in the configuration.
You collect "aggregate" statistics from the open source server by default?
Do you have a whitepaper describing your aggregation methods? I've seen a talk by some Google engineers who worked on Maps and they went to extensive efforts to anonymize drive segments. This is very difficult (there's a surprising amount of subtlety) and while I'm not doubting your company's abilities, publishing such a whitepaper would help dispel any misgivings people might get over knowing that you collect this by default.
It's your handset to do with as you please. Including violate laws, if that's how you roll. Apps that hide from 'common' users are not unusual for enterprise deployments.
yes, you can self host the server.
There are two client apps to "report back". Yes, it'd be highly creepy if it was installed without the phone owner's knowledge, but this is not always the use case (fleet cars using fleet phones)
