All about the latest iPhone location privacy scare
Credit to Author: Jonny Evans| Date: Fri, 06 Dec 2019 07:05:00 -0800
That story going round that claims iPhone 11 devices are secretly harvesting your location information even though you’ve told them not to do so? You don’t need to worry about it, and here’s why:
The tale begins when a security researcher noticed the devices seemed to be sending out location data even when Location Services were switched off on the iPhone.
He thought this was weird, but Apple reassured him that this was “expected behaviour” – and while the company took a little time to figure out what to say about this, it’s answer is convincing, once you know what it means.
The matter relates to iPhone 11’s U1 chip, which brings in an exciting (yet veteran) technology called Ultra Wideband (UWB).
Speaking to TechCrunch, Apple described UWB as an industry standard that is also subject to some regulatory usage limitations, meaning it can’t operate all the time.
Devices implementing it have to turn it off in some places, the company said.
Apple uses Location Services with UWB in order to ensure it is disabled in those places it is not permitted for use:
“The management of ultra wideband compliance and its use of location data is done entirely on the device and Apple is not collecting user location data,” a company spokesperson told TechCrunch.
Security researchers seem to back this opinion up, saying there’s no evidence this location data gets shared beyond the device.
I’ve written quite a lot about UWB, which is an old tech (first authorized in 2002) only now entering the light as the cost of its components fall and the case of using it grows.
The best way to see UWB is as a complementary technology to Bluetooth and Wi-Fi (it can also replace them, but all three have advantages).
Apple media tend to focus on its time-of-flight capabilities, as it uses such data to figure out its position.
“The new Apple‑designed U1 chip uses Ultra Wideband technology for spatial awareness — allowing iPhone 11 Pro to precisely locate other U1‑equipped Apple devices. It’s like adding another sense to iPhone, and it’s going to lead to amazing new capabilities,” Apple has said.
However, UWB’s advantages are:
In other words, UWB is a low power solution that’s capable of sharing data in a hyper-local network that is also equipped enough to know where it is in relation to a compatible system it wants to communicate with.
Apple only has one current use for UWB in iPhones:
If you want to share items using AirDrop from one iPhone 11 to another, you just need to point your device at the other and that device will be first on your Share list.
This seems to me to be just the tip of the iceberg, given the standard’s other advantages.
It may certainly have implementation in Apple’s future product matrix.
It is also highly secure – meaning its signals are hard to intercept and hard to crack, as I explained in this report:
“UWB is inherently more secure than Bluetooth. It works by sending out short pulses to other devices in range which then return the signal.
“The low range and wide wave bands supported by the standard make it much harder to spoof those pulses, while time-of-flight means the standard can tell precisely where an object is located.
“This means your keyless car entry system will actually know you are standing near the vehicle, and those pulsed and highly secured signals are much harder to intercept in man-in-the-middle and relay attacks. Not only do cars and doors know where you are, but the whole exchange is much harder to hack as the right signal coming from the wrong location won’t work.”
What this also means is that while your device is picking up location data which isn’t being shared, it is doing so in ways that cannot easily be hacked, cracked, hijacked or stolen.
UWB is already in use across factories and warehouses using UWB tags.
Car manufacturers are exploring the technology as a highly secure tool for keyless locking systems. Volkswagen recently demonstrated use of the standard (with AI) to provide walking pattern recognition, so the vehicle doesn’t just recognize the key, but also learns to understand who should be using that key.
Of course, in the current climate around the tech industry it’s no surprise so many people are concerned at machines that gather so much data about us – why wouldn’t we be?
It’s also fair to say that UWB is packed with features that could conceivably be used in some way to abuse privacy – it’s useful for indoor mapping, for example.
However, I guess Apple’s gamble here is to figure out how to provide convenience in conjunction with privacy, given that’s been its game plan for the last couple of years.
Though this doesn’t necessarily mean those products will remain as focused on user privacy in the event laws change, or management focus moves away from company-wide protection of it.
No company can really resist government regulation, after all.
But, if you want my reading of the current situation around UWB, the concern around its use of location is a little overblown, particularly because the data stays on the device.
In future it may become a lot more acceptable if you are able to use mesh-based UWB systems to find lost and stolen Apple devices logged into your Apple ID.
Which seems to me to be just one of the potential scenarios for this tech.
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.