is Audacity now Spyware?

[Caine123]

hi guys, saw on youtube a lot of comments that v3.x and up is spyware? i use Audacity since years for quick audio editing. i wanted to get Wavelab or something but somehow for simple tasks it is too bloated? so yeah would love to catch the new and see if i missed this topic?

thx

[BertKoor]

How credible is your source of this (mis?)information?
Have you done any research on the subject at all?

It took me less than a minute to get to this credible source: https://forum.audacityteam.org/t/audaci ... ware/62020 which explains the origins of the rumours. Conclusion: this is the works of 44 months of Chinese whispers game in the online community.

[legendCNCD]

Wavosaur > audacity (windows)

[chk071]

hi guys, saw on youtube a lot of comments that v3.x and up is spyware?

Well, then you know what to do. Everybody knows that Youtube comments are the main source of facts and knowledge on the internet.

Or maybe you don't care about what FOSS extremists claim.

Or maybe you want to use a proper audio editor like Wavelab. There's even a slimmed down free version: https://www.steinberg.net/de/wavelab/le/

[The Noodlist]

Or maybe you want to use a proper audio editor like Wavelab. There's even a slimmed down free version: https://www.steinberg.net/de/wavelab/le/

(I found Steinberg's download manager rather clunky and convoluted.)

ocenaudio is another free editor.
https://www.ocenaudio.com/en/startpage



Free DAWs
https://bedroomproducersblog.com/2015/1 ... -software/

[Teksonik]

Or maybe everybody should realize that KVR is not a source of good information regarding system security. Too many sheeple here are fine with software taking ownership of their systems.

"But, but, your OS spies on you too". Yes but if I say John is a thief and you say Tom is also a thief it doesn't excuse Bill's actions. Apparently that concept is over some people's heads.

The vast majority of music software doesn't put your system security at risk but to excuse the software that does is simple sycophancy or ignorance.

Anyway, Audacity has already pushed back on the Spyware allegations in 2021. A simple google search would have yielded more info on the subject than a thread at KVR.

https://www.pcmag.com/news/audacity-is- ... icy-update

[sjm]

Where I think audacity dropped the ball on is on communication. If it's framed the right way, most people will understand that resources are limited and that you'll get a better overall experience if developers can focus their time on things that really matter. If no one is using a 32-bit system, say, then you can stop allocating resources to testing and maintaining a 32-bit executable. Those resources can then be used for something productive that delivers actual value. IIRC (this was many years ago), you were also able to opt out.

I used to work on an open source tool, and we would also collect similar information. This was a Visual Studio extension, and one of the data points we collected was the VS version that the user was running. Resources were limited; we were 2-3 people for much of the time I was there, and there was 1 full time dev assigned to the project. Knowing that nobody was using Visual Studio 2010 any more meant that we didn't need to test the extension in that version of VS and could concentrate on adding features that would only work with more recent versions.

Otherwise you could end up spending 40 person hours on fixing an issue that no user will ever experience (i.e. exclusive to old versions of VS that nobody is using any more), or hold back adding improvements requested by users because they will only work in the most recent versions of VS.

For the most part, the whole brouhaha about audacity is spyware was really just a lot of misinformed youtubers and people on forums that didn't really understand things like the fact that it is impossible to go online without sharing your IP. That's just how the internet works. You can't order something off Amazon and then get in a tizzy because they've asked you for a delivery address ("But that's personal information! You'd know where I live!"). You can't request web content and then expect to receive it without the other end knowing where to send said data.

[osiris]

It's not unless you count Izotope and Microsoft as spyware. Muse acquired it and stuck a new license on it that stated: Under the new privacy policy, Audacity will collect information such as OS version, CPU and error codes, but also the location of the user. According to the policy, this information is required for analytics purposes and to improve the application, although it’s unclear where location data slots into this picture.
The policy goes on to state that Audacity will collect “data necessary for law enforcement, litigation and authorities’ requests”, but does not expand on what type of information this clause might cover, leading to speculation it could be used to justify an unacceptable breach of user privacy.

The location thing bugged a lot of people and they threw out the term spyware.

[imrae]

I think the strength of feeling was related to the fact that this happened not long after Muse effectively bought out a community FOSS project and fiddled with the licensing. It's the sort of thing that makes people nervous.

[audiojunkie]

hi guys, saw on youtube a lot of comments that v3.x and up is spyware? i use Audacity since years for quick audio editing. i wanted to get Wavelab or something but somehow for simple tasks it is too bloated? so yeah would love to catch the new and see if i missed this topic?

thx

A couple (a few years ago?) years ago, Audacity was sold to a company, and the company said it was planned to put telemetry into it to gather information about user's computers to help develop the program better. Telemetry is not wanted by a lot of people, even when it is used for good purposes. Forks of the OpenSource were created, where developers were determined to release a version that was telemetry free. The most well known of these is Tenacity:

https://tenacityaudio.org/

If memory serves correctly, Audacity has continued with only using Telemetry only for error reporting to help improve the program.

Edit:

According to the Audacity faq, this is correct:

Is Audacity spyware?
No. Audacity is entirely safe to use and doesn’t store personal information. Audacity only collects data relevant to error reporting (such as device information) and software updates.

The Audacity team is fully GDPR compliant. Read Audacity’s privacy policy in full here.

Is Audacity spyware?

No. Audacity is entirely safe to use and doesn’t store personal information. Audacity only collects data relevant to error reporting (such as device information) and software updates.

https://www.audacityteam.org/desktop-privacy-notice/

TL;DR:

The bottom line is that I believe Audacity is safe to use and

[audiojunkie]

Where I think audacity dropped the ball on is on communication. If it's framed the right way, most people will understand that resources are limited and that you'll get a better overall experience if developers can focus their time on things that really matter. If no one is using a 32-bit system, say, then you can stop allocating resources to testing and maintaining a 32-bit executable. Those resources can then be used for something productive that delivers actual value. IIRC (this was many years ago), you were also able to opt out.

I used to work on an open source tool, and we would also collect similar information. This was a Visual Studio extension, and one of the data points we collected was the VS version that the user was running. Resources were limited; we were 2-3 people for much of the time I was there, and there was 1 full time dev assigned to the project. Knowing that nobody was using Visual Studio 2010 any more meant that we didn't need to test the extension in that version of VS and could concentrate on adding features that would only work with more recent versions.

Otherwise you could end up spending 40 person hours on fixing an issue that no user will ever experience (i.e. exclusive to old versions of VS that nobody is using any more), or hold back adding improvements requested by users because they will only work in the most recent versions of VS.

For the most part, the whole brouhaha about audacity is spyware was really just a lot of misinformed youtubers and people on forums that didn't really understand things like the fact that it is impossible to go online without sharing your IP. That's just how the internet works. You can't order something off Amazon and then get in a tizzy because they've asked you for a delivery address ("But that's personal information! You'd know where I live!"). You can't request web content and then expect to receive it without the other end knowing where to send said data.

Well said! Had I read down to your post before posting my own post, I probably wouldn't have posted at all. This pretty much sums everything up!

[audiojunkie]

It's not unless you count Izotope and Microsoft as spyware. Muse acquired it and stuck a new license on it that stated: Under the new privacy policy, Audacity will collect information such as OS version, CPU and error codes, but also the location of the user. According to the policy, this information is required for analytics purposes and to improve the application, although it’s unclear where location data slots into this picture.
The policy goes on to state that Audacity will collect “data necessary for law enforcement, litigation and authorities’ requests”, but does not expand on what type of information this clause might cover, leading to speculation it could be used to justify an unacceptable breach of user privacy.

The location thing bugged a lot of people and they threw out the term spyware.

This too is well said! I believe with all of you guys' posts, the OP is getting a well rounded explanation of what went on, and how things stand today.

[Tiles]

Since nobody brought this up here,

If Audacity is malicious depends also of the source where you download it. There is a page called audacity.de around that offers an inofficial version of Audacity. And there you download in fact a Audacity version with malware onboard. That's the curse of open source.

The official version from audacity.org should be safe to use though. Even with the current telemetry onboard. Companies like Native Instruments are ways worse in this regards. And the once planned google telemetry did never make it into Audacity. They are back to the simple error messages.

Here was the discussion, back in 2021 https://github.com/audacity/audacity/discussions/889

[chk071]

Or maybe you want to use a proper audio editor like Wavelab. There's even a slimmed down free version: https://www.steinberg.net/de/wavelab/le/

(I found Steinberg's download manager rather clunky and convoluted.)

Out of interest, I gave Wavelab LE another go (I own Wavelab Elements). Well, it's probably too limited for most users. If anything, I'd get it, and then upgrade to Elements. LE really lacks a lot of stuff. But, the GUI is (Wavelab like) excellent, of course.

[chk071]

Since nobody brought this up here,

If Audacity is malicious depends also of the source where you download it. There is a page called audacity.de around that offers an inofficial version of Audacity. And there you download in fact a Audacity version with malware onboard. That's the curse of open source.

That's the reason why I always first visit the Wikipedia site (if available). The links there are the official ones, not some fake stuff, like audacity.de.