You’ll know if your iPhone is listening. Vice should consider toning down the sensationalism.

A Vice article titled Your Phone Is Listening and it’s Not Paranoia has been doing the rounds. In it, the author explains how they did an “experiment” demonstrating that topics they discussed verbally were later reflected in Facebook ads.

Whilst it’s prudent to be careful with modern technology around one’s privacy, Vice is being a tad sensationalist. This blog post, which will optimistically be read by three to four people, tries to fill some of the holes they left.

We already know that we can’t trust Facebook in any way, so we are dependent on the telephone’s operating system to take our privacy seriously: That’s usually Android or iOS.

Android does in theory enable background recording up to and including Android O, but starting from Android P it will disable this. Unfortunately, it shouldn’t be more than about 10 years before all phones are on Android P or later.

(I have previously indicated that I’m not the biggest fan of Android’s security story. I am happy to see that they are making such progress, but the tardiness or even worse refusal of OEMs in upgrading their devices diminishes most of that.)

In iOS on the other hand, there are at least three mechanisms that protect users against this background recording abuse:

  1. The app has to ask the user explicitly for microphone permission, which the user can easily revoke at any time (Settings | App’s name | Microphone; see screenshot below for an example).
  2. The developer has to indicate explicitly and statically in their app that they intend to use background audio. Apple’s review process is quite strict and will reject outright an app that does not have a legitimate reason to make use of this function.
  3. Even when an app has been able to convince Apple’s review process that it should be allowed to record audio in the background, there are two more privacy mechanisms in place:
    1. An app can only record in the background, if it started to record audio whilst on the foreground. When the recording stops, the app will be suspended.
    2. When any app is recording, the system will display a big red bar at the top of the iOS display, much like the blue bar which displays when a location-based app such as Google Maps or Waze is active in the background. This red bar can’t be hidden.

To see this in action (another “experiment” !!), download an app like Awesome Voice Recorder which advertises background recording, start a recording, and then switch anywhere else. The red bar looks like this (I’ve switched the app permissions screen in iOS settings, so you can also see where to disable the microphone permissions):

AVR is recording in the background, so iOS shows this red bar at the top. If you tap on the red bar, it will switch to the app which is recording. This is related to the blue bar for location, and the green bar for ongoing phone calls.

With the above measures in place, it would be fairly tricky for an iOS app to perform background recording without your knowledge.

For some extra peace of mind, you can disable the app’s (a totally random example being Facebook) microphone permissions. If the app ever really needs to record, iOS will have to ask your permission again.

P.S. In iOS, under Settings | Privacy | Microphone you can find a handy list of all apps that have successfully requested microphone permissions. From here, you can also easily remove any of these permissions.

Updates

Weekly Head Voices #145: The Narrating Self.

View of the False Bay from the Helderberg Nature Reserve.

The work part of the week flew by.

(I think this is the reason for the shortness of this post. As is often the case, we start with journal stuff, then nerd stuff and, hidden at the end, some backyard philosophy stuff.)

Dear diary

The weekend part on the other hand started with a welcome-back-braai (HI MOM!) on Friday, followed by a sublime oxtail potjie on Saturday and concluded today with a sublime long(ish, by my standards as always) run in the morning (showing a little solidarity with the Comrades participants whilst not completely busting my barefoot-style-acclimatising feet and ankles) plus Helderberg stroll and lunch, and is now ending with a WHV writing session.

(Sundays which start with a run, have family stuff in between, and end with WHV are automatically awarded a 12/10-would-do-again rating according to my patented How Was Your Day Honey evaluation system.)

Nerdy Pro-tip

Just in case you missed it, Google’s Gboard keyboard for iOS quietly shipped an update last week that includes as one of its new features support for Afrikaans. This brings the number of smart iOS keyboards (smart, as in AI-based) that support Afrikaans up to the total of two (2). The other is SwiftKey, which has supported Afrikaans for some years now.

(The lack of a mobile keyboard with native support for one’s language can really complicate effective communication. Preferring fully formed sentences, I’ve never really gotten the hang of SMS-speak.)

Homo Deus

After a slight detour with a number of other books that have featured on this blog, I have returned to Yuval Harari’s Homo Deus.

I am about 75% through, but I can already say that this is one of the best works I’ve read in the past decade.

The way in which Harari, a history professor, weaves together so many strands of history and present to extrapolate our planet’s future is nothing short of magical. Along the way, he takes the reader along on many mind-expanding tangents.

The one tangent I made note of to mention here, was his treatment of the illusion, which we are all brought up to entertain, that each human houses a single ego or individual.

By citing and discussing several examples of humans with separated brain hemispheres, he makes a strong case for the observation that most probably you house multiple identities.

There is a strong narrating self who tries to weave together the experiences and inputs of the other selves, and who will go to great lengths to make everything fit.

Thinking about all of the internal discussions one has throughout every day, and the seeming disagreements one can have between yesterday’s you and today’s you, Harari’s thesis starts to sound like a really good explanation.

This soon leads to interesting new questions: What would be the best way to manage one’s multiple aspects, especially in the light of the fact that “one” does not even know with certainty who is asking this question?

(Astute readers will have noticed that my choice of a title for this blog has finally been vindicated after all this time.)

See you next week, my suddenly multitudinous readers!

P.S. Harari says that intelligence and consciousness don’t necessarily go together. We are entering a future where many of us are going to be made obsolete by constructs which don’t possess consciousness but are far more intelligent than we are.

P.P.S. For one of the best hard sci-fi books dealing with our often-held but anthropocentrically flawed perspective that consciousness and intelligence go together, you can do a lot worse than Blindsight, by Peter Watts.  Read that book.

 

Weekly Head Voices #122: Thanks Pythagoras.

Pink sunset, as they do here in my backyard.

Welcome back everyone!

During a brilliant breakfast chat with friends who are visiting from afar, friend S (now 16.67% name-dropped) admitted that the WHV, strange unfocused mishmash of thoughts that it is, contributed positively to his information diet.

In spite of this admission adding to my already considerable posting anxiety, I am enormously grateful for the encouragement. I often worry about this mishmash, as I also aspire to enter the fabled halls of A-list bloggers one day.

Perhaps I should just embrace the mishmash. Again.

In this edition of the mishmash, I extremely sparsely review the weeks from Monday May 8 to Sunday June 11.

During our weekly extra math, science and philosophy lessons, GOU#1 (now 11 years old) and I arrived through serendipity at the topic of Pythagoras. Her mind almost visibly expanded when she discovered the relationship between the 9, 16 and 25 square adjacent squares I drew for her on the 3-4-5 example triangle. Her eyes went wide when I explained that this works for any right-angled triangle.

She was soon happily squaring, adding (long-form on paper of course) and square-rooting away on geometry problems.

Seeing your own child discover the beauty that is math is brilliant.

After complaining about subpar android security and dismal android performance on this blog, I finally decided to bite the bullet and acquired a second-hand iPhone 6S 64GB on May 10, 2017. The phone is in mint condition, and the price was excellent.

So far, the performance is substantially better than any of my previous Androids. In fact, so far I’ve never had to wait for anything on this phone, which was my main issue with the Androids. (Google Maps anyone?!) Besides that, when Apple pushes a software update, all phones immediately get that update, without interference from any third parties, including carriers.

(A word to the wise: There is no official way to transfer your complete WhatsApp message history from Android to iPhone, which was a huge disappointment. There are unofficial, closed-sourced, solutions that require one to connect one’s Android phone in USB debugging mode to the PC. That risk is a bit too great for me.)

After a period of rest, the Visible Orbit website, including the high-resolution microscopic slice data and viewer, is online again! It was quite satisfying getting all of the backed-up data back on the interwebs again.

Since the previous WHV (well actually mainly during the last week), I’ve published five posts on my nerd blog:

Three of those five posts have to do with cryptocurrency, which is to a certain extent a reflection of my free-time mental cycles at the moment. Looking at how technology such as Ethereum and its Smart Contracts (a Smart Contract blog post is currently forming in the back of my head…) seem to be breaking through, I can’t help but be reminded of stories such as those by Charlie Stross in Accelerando (at least the first bits).

Do we find ourselves at the start of something truly significant, or is this just an extremely elegant and high-tech dead-end?

What a time to be alive!

P.S. Here, have another outdoorsy photo on the house!

I tricked GOU#1 and GOU#2 to join me on a sneakily long mountain walk. They did a sterling job.

Android security in 2016 is a mess.

Summary

Your phone probably contains banking, payment and personal information that can be remotely stolen via numerous known and unknown bugs in the Android software. This is attractive to criminals.

Vendors (LG, Samsung, Xiaomi, etc.), after selling you their phone, have no incentive to keep your phone’s software up to date with Google’s fixes. Your Android phone is probably out of date and therefore a gaping security hole through which attackers can steal your stuff from the safety of their own laptops.

Read on for more.

Between 1.3 and 1.4 billion Google Android phones in March of 2016. Click image for source.
Between 1.3 and 1.4 billion Google Android phones in March of 2016. Click image for source.

An illustration: MediaTek / BLU phones are uploading your data.

You might recently have read about the incident with the popular BLU phones sold by Amazon in the US (interestingly, the author deleted their article from both hackernoon.com and from medium; I now link to the Wayback Machine’s stored copy). It turned out that these phones were regularly sending bunches of personal information to servers in China: text messages, call logs, contact lists and so forth. After more investigation, it came to light that this was happening via a low-level piece of software called ADUPS.

When Google had previously updated its systems to check for ADUPS, MediaTek (they make the chipset in millions of low-end phones) simply modified their system software to evade Google’s checks. Nice one MediaTek!

This is a painful example of the fact that the software on your phone, although based on Google’s software, is customised by the phone vendor. The further frustrating effect of this is that when Google releases security patches to Android (which they do regularly), there is very little incentive for the phone vendor to spend money on updating phones they have already sold.

What about A-list phone makers?

I bought my LG G3 in 2014 here in South Africa. It was LG’s flagship in that year, and sold extremely well. LG is a well-known smartphone OEM.

However, only because I took steps to flash the official KDZ image (V30a-ZAF-XX), which consumers would normally not do, am I now running Android 6. However, my security patch level is 2016-03, meaning there are 6 months of security updates I don’t have. (You can check your Android security patch level by going to Settings | General | About Phone | Software info.)

Before you think six months lag is not too bad, here’s a nice example vulnerability from the November 1 Android security bulletin:

The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.

In short, your phone could be hacked wide open from afar through a single innocent-looking email, MMS or web-page.

My friend’s South African LG G3 is still stuck on Android 5.0 (V20n-ZAF-XX). Most probably this is being blocked due to his carrier (MTN). In any case, 5.0 does not even show the security patch level, so we have no idea how many months of security fixes this phone is missing.

(LG seems to be tracking Google’s security updates quite well, but somehow these updates are not reaching phones.)

A scary little aside

I just tried Check Point Labs’ QuadRooter Scanner app on my “updated” LG G3, and this is what I saw:

LG G3 with Marshmallow and Android security patch level 2016-03 is vulnerable to QuadRooter.
LG G3 with Marshmallow and Android security patch level 2016-03 is vulnerable to QuadRooter.

So my manually updated LG G3 is still very much vulnerable to QuadRooter. In theory, my phone could be (or already has been) rooted and pillaged by any old innocent-looking app, although I keep mostly to the official Play Market, so the risk is slightly mitigated.

At this stage, even as a relatively knowledgeable user, there’s not much I can do to patch my phone against this vulnerability.

Google’s leniency cuts both ways: More than a billion Android users, but most of them vulnerable.

It’s fantastic that Google’s openness and leniency with Android has helped to make smartphone technology accessible to more than a billion users (probably closer to 2 billion taking into account Chinese Android phones not connected to Google services, see Ben Evans’s post). However, this same leniency allows manufacturers to be irresponsible about keeping their customers safe.

The fundamental problem here is that there are a great deal of Android phone vendors who make phones from absolute entry-level to top-of-the-line flagships, who have very little incentive to spend money on post-sale security updates.

Once you’ve paid for the phone, you’re not important enough anymore to have a secure(ish) telephone.

What can we do?

Buy an iPhone. No really.

I’ve been using Android since the HTC Desire Z. I love Android, because I love Linux which I have been using since 1993.

However, if money is no object, my only sound advice can be to buy an iPhone. Apple is still shipping security updates, albeit on iOS 9, for the iPhone 4s which was released in 2011 (5 years ago). The iPhone 5 is still being kept up to date with iOS 10.

Furthermore, in terms of phone encryption, iOS 4, released 6 years ago, was already more advanced than than Android 7 Nougat, released in August of this year. In short, already then Apple made better choices in how exactly different files are encrypted, whilst Android implemented full disk encryption, which for the smartphone usecase is not the right choice. In Nougat, Android has finally also changed to file-based, but they’re missing important parts of the puzzle. The phone encryption blog post I link to is insightful, please take a look.

Stick with Android Pixel or Nexus.

If you prefer sticking with Android, the best choice is getting an official Google device, which means either a Nexus or a new Pixel. Google’s policy for Pixel and Nexus security states that they will ship security updates either for three years after device introduction, or for 1.5 years after the device was last officially sold from the Google Store, whichever is longer.

Unfortunately, iPhones are really expensive, and Google’s new Pixel devices are also aiming for the higher-end market. The previous generation Nexus phones offer a more mid-range but very temporary reprieve.

In other words, most normal consumers on a budget, i.e. the largest part of the Android user base, actually of the smartphone-using world, are stuck with insecure, vulnerable phones. This is not cool.

Consider installing a custom ROM.

Installing a custom ROM such as Cyanogenmod brings with it another set of issues with regard to the phone being rooted, and with regard to driver-level support of proprietary hardware. In any case, this is not something your average consumer will have access to, but Android gurus can certainly apply.

Efforts like CopperheadOS (hardened Android) are certainly promising, but it will be quite a while before they are accessible to the largest group of Android users.

Update: David Metcalfe pointed out in the comments that you can buy a secure Android phone from Copperhead.  If you are in the US or Canada, and you have some budget, you could buy the LG Nexus 5x or the Huawei Nexus 6P with CopperheadOS pre-installed. It’s great that this is available, but due to price and geography not really accessible to most Android users.

Keep manufacturers honest.

Ideally, Google starts taking a much harder line with manufacturers who put Android on their phones. They could for example maintain and publish a list of phone models that are kept up to date with the latest security fixes, and a list of those that aren’t.

I was happy to see that at least Huawei has a pretty good record in terms of keeping their Android phones up to date (although the results were probably skewed as they counted the Huawei-produced Nexus 6P phones, and these formed the majority of the test set, doh). This factor will play a role in the next smartphone that I buy.

Do you know of any (other) manufacturers of more affordable Android phones who are committed to keeping their users safe? Please let me know in the comments!

Addendum: Android phones with acceptable security update records

Blackberry PRIV, DTEK50 and DTEK60

lobste.rs user jabberwock tipped me off to the fact that Blackberry’s Android phones get monthly security updates. Read more at CrackBerry and here in the BlackBerry Android security bulletin for November: It looks like these phones receive monthly updates (when not blocked by the carrier, sigh) and have already received the November 2016 update.

Here is the original blog post where BlackBerry explained their security patching policies for the PRIV.