iOS/Android Privacy

[Infrasonic]

https://www.scss.tcd.ie/doug.leith/apple_google.pdf

Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google
Douglas J. Leith School of Computer Science & Statistics,Trinity College Dublin, Ireland
25th March, 2021

Abstract—We investigate what data iOS on an iPhone shares with Apple and what data Google Android on a Pixel phone shares with Google.
We find that even when minimally configured and the handset is idle both iOS and Google Android share data with Apple/Google on average every 4.5 mins.
The phone IMEI, hardware serial number, SIM serial number and IMSI, handset phone number etc are shared with Apple and Google.
Both iOS and Google Android transmit telemetry, despite the user explicitly opting out of this.
When a SIM is inserted both iOS and Google Android send details to Apple/Google. iOS sends the MAC addresses of nearby devices, e.g. other handsets and the home gateway, to Apple together with their GPS location.
Users have no opt out from this and currently there are few, if any, realistic options for preventing this data sharing.

Cont. (10 pages of PDF)

[GrahamPlatt]

It was featured on Digital Planet on the World Service this morning: https://www.bbc.co.uk/sounds/play/w3ct1lrt

[AF62]

Google collects a notably larger volume of handset data than Apple. During the first 10 minutes of startup the Pixel handset sends around 1MB of data is sent to Google compared with the iPhone sending around 42KB of data to Apple. When the handsets are sitting idle the Pixel sends roughly 1MB of data to Google every 12 hours compared with the iPhone sending 52KB to Apple i.e., Google collects around 20 times more handset data than Apple.

[Urbandreamer]

I think that I'll join AF62 in cutting and pasting.

We informed Apple and Google of ourfindings and delayed publication to allow them to respond.To date Apple have responded only with silence (we sentthree emails to Apple’s Director of User Privacy, who declinedeven to acknowlege receipt of an email, and also posted aninformation request at the Apple Privacy Enquiries contactpage at apple.com/privacy/contact but have had no response).Google responded with a number of comments and clarifica-tions, which we have incorporated into this report.

I would suggest that if you are interested you ignore us both, read the pdf and DYR.

I would also point out that there are other phones and other phone OS that are not investigated in this pdf and that make privacy claims. You would likely wind up with a less friendly phone though.

ie
Silent OS
Graphine OS
or many others.

[Infrasonic]

More selective quotes...Page 2 Table 1 makes interesting reading as iOS phones home with Location/Local IP Address/Nearby WiFi MAC addresses when not logged into the user account, which Android doesn't do.

...We informed Apple and Google of our findings and delayed publication to allow them to respond.

To date Apple have responded only with silence (we sent three emails to Apple’s Director of User Privacy, who declined even to acknowledge receipt of an email, and also posted an information request at the Apple Privacy Enquiries contact page at apple.com/privacy/contact but have had no response).

Google responded with a number of comments and clarifications, which we have incorporated into this report. They also say that they intend to publish public documentation on the telemetry data that they collect.

[GrahamPlatt]

I would also point out that there are other phones and other phone OS that are not investigated in this pdf and that make privacy claims. You would likely wind up with a less friendly phone though.

ie
Silent OS
Graphine OS
or many others.

The problem being that if you’re in the vicinity of (sharing a router with) someone on an Android/iOS device, your MAC address will still be harvested and sent to Alphabet/Apple.

[Infrasonic]

I would also point out that there are other phones and other phone OS that are not investigated in this pdf and that make privacy claims. You would likely wind up with a less friendly phone though.

ie
Silent OS
Graphine OS
or many others.

The problem being that if you’re in the vicinity of (sharing a router with) someone on an Android/iOS device, your MAC address will still be harvested and sent to Alphabet/Apple.

Spoofing device IP and MAC addresses could be used if you have access to a capable OS at the relevant admin level - the problem there is it's a favoured tactic of black hat hackers so has become something to be blocked at the network level to mitigate DDoS attacks etc.

The irony of non combatants seeking all this anonymity is that you end up ruining your 'reputation' and then run into issues with web surfing (VPN/TOR exit node IP grey/block listing), email authentication (SPF/DKIM/DMARC/ARC) et al.
Browser/device fingerprinting can be used legitimately to differentiate between good and bad actors - but can also be used nefariously.
It's a difficult balancing act.

People should have the choice over what data is transmitted and collected/saved, but maybe it is preferable that OEM's offer up specific warnings that there may be operational issues if they block too much stuff globally.
Transparency is the key issue here.
Unfortunately obfuscation or non communication seems to be many monolithic OEM's default position.

[Urbandreamer]

Spoofing device IP and MAC addresses could be used if you have access to a capable OS at the relevant admin level - the problem there is it's a favoured tactic of black hat hackers so has become something to be blocked at the network level to mitigate DDoS attacks etc.

While I don't do this, can I point out that, with information, and a capable OS, you can clone, rather than spoof Mac addresses and arguably IP addresses (though there are issues if they are online at the time).

Currently I'm quite happy to use an Android phone with poor security. Without Police justification, or the risks that abusing their position might entail, it happens to think that I'm in York. I'm not! This means that I get local news based in York.

Currently I don't feel a need to fear the police or the secret service. though I would advise everyone to regard them with suspicion. Hence learn how to either be invisible, or someone else.

[AF62]

I would also point out that there are other phones and other phone OS that are not investigated in this pdf and that make privacy claims. You would likely wind up with a less friendly phone though.

ie
Silent OS
Graphine OS
or many others.

The problem being that if you’re in the vicinity of (sharing a router with) someone on an Android/iOS device, your MAC address will still be harvested and sent to Alphabet/Apple.

Spoofing device IP and MAC addresses could be used if you have access to a capable OS at the relevant admin level - the problem there is it's a favoured tactic of black hat hackers so has become something to be blocked at the network level to mitigate DDoS attacks etc.

Since the release of IOS14, by default, iPhones and iPads use a different MAC on each WiFi network to help prevent that kind of tracking - https://support.apple.com/en-gb/HT211227

[Infrasonic]

The problem being that if you’re in the vicinity of (sharing a router with) someone on an Android/iOS device, your MAC address will still be harvested and sent to Alphabet/Apple.

Spoofing device IP and MAC addresses could be used if you have access to a capable OS at the relevant admin level - the problem there is it's a favoured tactic of black hat hackers so has become something to be blocked at the network level to mitigate DDoS attacks etc.

Since the release of IOS14, by default, iPhones and iPads use a different MAC on each WiFi network to help prevent that kind of tracking - https://support.apple.com/en-gb/HT211227

As does Android by default since v10.
That's been discussed multiple times before on this board by both of us...

However.

The point of the quoted posts is iOS still tracks and phones home other adjacent MAC addresses (according to the linked study), which is why I highlighted the pros (and cons) of spoofing at the admin level with other OS'.

Some of the cons are explained here (there are also other networking authentication issues they haven't addressed in the linked article)...https://9to5mac.com/2020/09/17/ios-14-privacy-cisco/

...Cisco explained the problem, which also applies to the same feature in Android 10. The company says it can break Cisco Identity Services Engine (ISE) services as it uses MAC address lookup. This can impact two key systems used by many organizations.

Mobile Device Management (MDM) systems. These are used when deploying devices owned by the organization to employees or students. MDM ensures that all devices have the same configuration, apps, security policies, and so on. Devices can be automatically updated to the latest configuration when they connect to the network, but random MAC addresses mean that they may no longer be recognized.

Cont.

[Infrasonic]

Spoofing device IP and MAC addresses could be used if you have access to a capable OS at the relevant admin level - the problem there is it's a favoured tactic of black hat hackers so has become something to be blocked at the network level to mitigate DDoS attacks etc.

While I don't do this, can I point out that, with information, and a capable OS, you can clone, rather than spoof Mac addresses and arguably IP addresses (though there are issues if they are online at the time).

Currently I'm quite happy to use an Android phone with poor security. Without Police justification, or the risks that abusing their position might entail, it happens to think that I'm in York. I'm not! This means that I get local news based in York.

Currently I don't feel a need to fear the police or the secret service. though I would advise everyone to regard them with suspicion. Hence learn how to either be invisible, or someone else.

If the police or intelligence agencies are onto you (rightly or wrongly) then spoofing IP and MAC addresses won't stop them tracking you.

Even the 'unbreakable' encrypted phone systems favoured by the gangsters/drug traffickers have started to fail after intense white hat scrutiny - there's been some very high profile UK/EU large scale arrests around more than one encrypted phone system in the last few years.

The only way to be tracking anonymous(ish) is to go completely off grid and stay away from built up areas with CCTV etc.
No networking/comms, utilities, transport - the works.
You'd still have to have photo ID and be on various online databases to access essential services, unless you want to go all in on fake ID's as well...

The reality is in the modern world you will be tracked, the extent to which that occurs should be made transparent with the upsides and downsides openly discussed by all the relevant parties. There are legitimate reasons for much of the authentication procedures that require ID/tracking these days - those reasons need to be communicated to the public in a clear way so they understand the ramifications should they take the decision to opt out where possible (even if only partially). Currently it's all smoke and mirrors BS.