Thread: Why would iOS be safer from spying than a well setup Android phone?
View Single Post
  #36   Report Post  
Posted to comp.mobile.android,misc.phone.mobile.iphone,sci.electronics.repair
Aardvarks Aardvarks is offline
external usenet poster
  
Posts: 57
Default Why would iOS be safer from spying than a well setup Android phone?
On Thu, 04 Aug 2016 11:01:27 -0700, Jeff Liebermann wrote:

Even your Smartphone battery status is tracking your online browsing:
http://tech.thaivisa.com/warning-your-smartphone-battery-status-is-being-used-to-track-your-every-move-online/16596/
http://randomwalker.info/publications/OpenWPM_1_million_site_tracking_measurement.pdf
Resistance is futile. So it capacitance and inductance. You will be
conglomerated into the data mass.

Hi Jeff,

I've given up responding to the Apple Apologists who infest the iOS
newsgroup, so, you're the only one I'm responding to. Not one of them
provided a *single* valid datum (and we knew that from the start).

The iOS people can't comprehend actual *facts*.
It's beyond their capabilities.

a. They bought on pure style, facts be damned
b. They fear so much that Apple Marketing plays them like a fiddle
c. IOS users "just give up", which is how they handle their AdID privacy

But on to your point...

I *understand* your sentiment that resistance is futile, and I even echoed
that by stating that neither iOS nor Android is inherently more secure
because it's like saying which leaks water faster, a steel garbage can
peppered by buckshot or a plastic recycling bin peppered by buckshot.

However, with respect to *just* the advertising ID, the references I cited
explained the program that generates it, and, wiping out that program wiped
out the reference ID (as far as *anyone* can show) - so, at least on
Android, the recycling bin has a few holes you *can* plug up.

On the far more primitively less tweakable iOS, you can't plug those holes,
so, they exist, no matter what you do.

But, again, your point is valid that *both* platforms are so full of
security holes that only people who actually believe everything that Apple
Marketing spews forth would (falsely) feel more secure with one than with
the other.

Regarding your reference ...
https://blog.lukaszolejnik.com/batte...-privacy-risk/

It's interesting that Firefox calls the smartphone battery API in order to
figure out your battery level, such that the battery level can be used for
fingerprinting. https://www.w3.org/TR/battery-status/

It's also interesting that it's "slightly* less fingerprintable if you're
*not* connected to a charger.

This is interesting because panopticlick, last I checked, did not look at
this information - but - perhaps should. (I keep a clean browser from
fingerprinting.)

Also, when I look in App Ops Starter for the permissions granted Firefox,
they entail only:
- Location (typically I turn this off)
- Modify clipboard
- Read clipboard
- Post notification
- Vibrate
- Modify settings
- Draw on top
- Camera
- Record audio

So, it's disappointing that App Ops Starter doesn't list that Firefox has
access to the "Battery status" which is a *short-lived identifier*.

If Apps Ops Starter listed that short-lived identifier, we could simply
turn off that access from within App Ops Starter.

As for protection against this fingerprinting threat, it would be nice if
we can find an app that randomly adjusts the battery registers for the
three battery parameters that are reported by the battery monitor API:

1. The current level of battery (from 0.00 to 1.0)
2. Time, in seconds, for the battery to discharge
3. Time, in seconds, for the battery to charge (only if connected)

I read a few related references, which don't specifically mention laptops:
http://www.bleepingcomputer.com/news...-user-privacy/

Do you think this Firefox battery-status fingerprinting also works for
laptops?

Reply With QuoteReply With Quote