Looks like the time of passive data storage cards is gone. More specifically, you can no longer rely on the fact that memory card just stores the content (or, potentially, controls access to content by checking key you present to it).
SanDisk this month announced a new microSDHC Mobile Memory card (see press-release here) that not only stores a movie (in this case Iron Man 2) but also “provides measurable real-time customer feedback on preloaded content”. Blah-blah-blah, half a page of marketing speak about enabling “premium experience” and stuff like that.
But more specifically this means that as soon as this card is inserted into MetroPCS’ Samsung Indulge phone, it throws packets into the network, with data then being aggregated on the server. You want to see that pre-loaded movie? Your memory card wants to have an access to remote server please, so phone could be authorized.
For right now this data is supposedly anonymized and aggregated before being transmitted to the MetroPCS. But this is pointless, because MetroPCS owns the network, so all requests to those special servers that store all the keys can certainly be recorded. And because phone is authenticated with cellphone network, yes, the provider can tell that it was you, beloved customer, who tried to watch Iron Man 2.
Press-release also doesn’t say what exactly those servers will be storing (authentication IDs from phones? Serial numbers? Mobile number, assigned to the device?), how is information handled, will it be disclosed to other “third party affiliates” (movie studio? Nielsen ratings?)
Don’t know about you, but for me this seems to be a bit too intrusive. Sure, they giveth the movie, they taketh the anonymity away, but still, I don’t want my memory card to poke around the network, so the first thing to do after buying this phone would be to chuck this spying piece of flash into trash (heck, microwave it too, on top of everything else).
The other question is, how soon all of the mobile flash memory will start to send data about your files to some server up in the cloud-supported sky? Sounds creepy. And almost inevitable…