
Retail stores use Bluetooth beacons to track customers - notinversed
https://www.nytimes.com/interactive/2019/06/14/opinion/bluetooth-wireless-tracking-privacy.html
======
social_quotient
It’s worse. I have personal knowledge from a lot client work in this space.

There are companies offering some basic functions like “wayfinding” so the
retailer or mall wants to give wayfinding to the user in their app. Sounds
good, in fact it’s cheap, and they will even handle the beacon deployment...
hook up sdk to wireshark and find it sending lots of data, some of it comes to
me (retailer api) but a metric ton of it is going back to the provider. Being
able to see the installed solution in multiple retailers and seeing the app
code you start to notice persistence between them... retailer and mall didn’t
even ask for this. They just wanted wayfinding.

~~~
AndrewKemendo
Yes that's exactly how this gets implemented in practice.

I did quite a bit of client work here too, specifically around using already
existing surveillance camera networks to build user profiles.

At the end of the day the goal is to optimize for the intersection of "what
the user wants" and "what we want to sell." So, a low collection system will
give bad recommendations and a really good recommendation system will have an
immense amount about the user.

Now that I talk with people on the other side of this, it's clear that most
don't really care as long as they are getting good suggestions. I had this
conversation just a few weeks ago with a young lady and her take was: "It's
kind of creepy, but if it gives me good suggestions, I don't really care."

~~~
MrBuddyCasino
> "It's kind of creepy, but if it gives me good suggestions, I don't really
> care."

This is an Unpopular Opinion, but IMHO thats kind of a reasonable stance to
take.

~~~
navigatesol
> _This is an Unpopular Opinion, but IMHO thats kind of a reasonable stance to
> take._

I disagree. The recommendation is immediate and apparent to the end-user. The
negative potential uses/consequences of all the other data collection are not.

It's funny, but when an unsuspecting person gets a home loan they can't
possibly afford pushed on them by a shifty mortgage broker, people here cry
bloody murder. But when people ignorantly consent to having their data
harvested for the pleasure of better targeted advertising, the tech community
happily says "but they asked for it!"

~~~
MegaButts
> But when people ignorantly consent to having their data harvested for the
> pleasure of better targeted advertising, the tech community happily says
> "but they asked for it!"

What? I feel like the only topic the tech community gets worked up about that
nobody else cares about is digital privacy. There are always people on hacker
news condemning a lack of privacy and targeted ads - I'd venture it's the
majority of people on this site that feel that way.

------
LeifCarrotson
Maybe the existence of such toolkits is a Chesterton's Fence that says you
can't make this work without something installed on the phone. But this would
be possible without these trojans.

If the Bluetooth beacon configures itself as a master, and enters inquiry
mode, phones that pass nearby will happily respond with their Bluetooth ID
(see
[https://www.bluetooth.org/docman/handlers/downloaddoc.ashx?d...](https://www.bluetooth.org/docman/handlers/downloaddoc.ashx?doc_id=457080),
section 8.4).

You can also do the same with Wifi access points: Phones are constantly
broadcasting their MAC address during active scanning for networks. The
location from signal strength isn't as good (a Bluetooth beacon can pin you
down near the Yoplait yogurt, a Wifi beacon and signal strength measurement
just put you in dairy) but it's getting better (worse?). See:
[https://www.crc.id.au/tracking-people-via-wifi-even-when-
not...](https://www.crc.id.au/tracking-people-via-wifi-even-when-not-
connected/)

I imagine it would not be perfect but would be acceptably easy to use these
"anonymous" MAC addresses to connect you to a name and address on a debit
card. If your MAC and 20 other people left the store Friday at 2PM, and you
and 20 other people went through checkout, and then your MAC and checkout are
seen with 20 different people next week it's pretty trivial to identify you.

The cynic in me, though, says that even a minor loss of fidelity in tracking
data weighed against the minimal risk and cost of building the spyware makes
it worth building both.

~~~
TeMPOraL
> _Maybe the existence of such toolkits is a Chesterton 's Fence that says you
> can't make this work without something installed on the phone. But this
> would be possible without these trojans._

Without these trojans the store would have on its hands a major networking
infrastructure project. With these trojans, all they have to do is drop a few
battery-powered beacons in their venue and store their IDs along with
coordinates in a database.

~~~
LeifCarrotson
"The store" that implements these is probably not a mom-and-pop. Places like
Walmart succeed because of their ability to execute major logistics and
networking projects.

If the beacons increased Wal-Mart's revenue by 1%, the "major networking
infrastructure" project could be a $5 billion department, larger than Google's
entire R&D operating expenses.

~~~
TeMPOraL
Sure, but the Beacon technology was designed for this cheaper type of use
(dumb beacon, smart phone) from the get-go - people working on it probably may
have wanted it to be useful not just for the biggest chains, but also smaller
franchises and mom-and-pop stores (why limit your market prematurely?). In the
alternate reality in which BLE beacons were never created, maybe Wal-Mart did
its own major project to get the same results the hard way.

------
wakkaflokka
I setup Home Assistant with the Raspberry Pi Bluetooth module to detect when
my fiance and I were home or away (to turn on/off lights, turn off WeMo
switches to the curling iron that my fiance always forgets). After a few weeks
of forgetting I had it running, I logged back into the Home Assistant
dashboard to notice that it was tracking nearly all of my neighbors Android
phones, iPhones, headphones, TVs - when they were home, when they were away.
Entirely passively. Most devices had names that could very easily be linked
back to the user - i.e. "Joe's iPhone".

Just to reiterate - this was _entirely passive_. I did nothing but enable the
Bluetooth presence detection module in Home Assistant on my Raspberry Pi, and
over time it built up a detailed log of when nearly all of my neighbors were
home or away.

Luckily I was able to quickly turn off tracking of devices that weren't
explicitly enabled.

What confuses me, is that I thought iPhones had randomized MAC addresses? In
the Home Assistant known_devices.yaml file, you can give aliases to phones
based on their MAC address. And my iPhone has never changed it's MAC address,
because Home Assistant continues to track it with ease. Not entirely sure how
that works.

~~~
mattkrause
iOS randomizes the MAC address when scanning for networks but provides its
true name when it joins one.

------
TaylorAlexander
Yep and I’ve been researching this for robotics. The new WiFi standard
802.11mc includes improved time-of-flight measurement of radio packets such
that the device can be localized to within 1 meter reliably. Android 9 and the
Pixel already support this, though WiFi APs supporting this are still in the
early phases. Google WiFi supports it tho.

The good news is that this technology does not tell the AP where you are, only
the device knows. However an app on your device could share this information
with advertisers.

[https://www.crowdconnected.com/blog/testing-wifi-rtt-on-
andr...](https://www.crowdconnected.com/blog/testing-wifi-rtt-on-android-p-
for-indoor-positioning/)

------
bdz
Apple's iBeacon location-aware shopping goes live today (2013)

[https://www.theverge.com/2013/12/6/5181302/apple-store-
ibeac...](https://www.theverge.com/2013/12/6/5181302/apple-store-ibeacon-
rollout)

Beacon Technology Arrives in 50 Target Stores (2015)

[https://corporate.target.com/article/2015/08/beacon-
technolo...](https://corporate.target.com/article/2015/08/beacon-technology)

~~~
ej3
I was working with Target when they did this roll-out. As sinister as everyone
here seems to make it sound, I can assure you at that time it was _not_. If
you're familiar with the inception of corporate projects, this project was no
exception to any of the stereotypical fumbles and foibles of any effort of
this scale.

It began simply because Apple said "...iBEACON.." and everyone corporate
wanted the new buzzword in their portfolio to let people know how hot/hip/tech
they were (toys -r- us considered it for awhile) so they could pull the kids
away from the internet and back into brick-and-mortar. How can we use these?
What are they good for? No one really cared, they just wanted them in the
store and we were there to sell them that (at a premium).

In 2015 - indoor location was bogus. Everyone in this forum seems confident
that there are multiple ways you can determine location with Wifi (round trip
packet time) or bluetooth (RSSI). A cacophony of radio in a catastrophically
noisy environment does not work to provide reliable location information.

In fact - it was so bad, that there were a handful of other equally
unrealistic solutions being pedaled by everyone from universities to light-
bulb manufacturers. One such solution was to profile the accessible space of a
building using a phone's compass, and then use the observations from a client
device compass to identify how generated patterns correlated to the profile
for the building.

The torrent of data you see pouring from your phone to the service via
wireshark is real-time sensor data that is being used to feed a service side
bayesian / markov-chain / monte carlo / kalman-particle filter / keyword soup
monstrosity trying to generate some possible marginal confidence in a probable
location. We found that this system was most effective in turning your phone
into a pocket warmer, but sold like hot-cakes in a B2B setting wherein the
intended end user had absolutely no voice.

Corporate wanted to buy it so they could sell advert-space (pop-up coupons) to
affiliates. So we sold them something that worked barely well enough to
provide a one-popup demo to potential interested parties. The affiliates
bought the magic, corporate paid our company an arbitrarily large quantity of
dollars for the service.

A deployment of thousands of coin-cell driven beacons per store, placed within
reach of bored youths, maintained by an underpaid associate staff is of only
questionable utility.

On a scale of things to worry about, ranging from nuclear holocaust to e. coli
in your produce - this ranks a solid -3. In fact, in the 4 years since I've
worked in this field I think the only advancement that has been made is that
it's harder for third parties to sell because no one can do it well, so why
not just do it in-house? It's cheaper and has the same garbage result.

If you think I'm wrong - go do it yourself. All these signals are easily grep-
ed within any store (there's no way to make it proprietary), and you can
create your own model and out-sell the proprietor. Surprise me. With an
actual, viable client-oriented product (and assuming users actually want
reliable indoor location) you'll make bundles selling it to the valley.
Everyone is trying to do it (even cisco tried for awhile) - no one has.

Michael Kwet has read all the marketing copy, and rewritten it for popular
consumption as a product. The insight/value provided by these systems is far
more sparse than implied.

~~~
mobjack
Such data is usually so noisy and incomplete that you cant get any actionable
value from it.

The more complex a method is at tracking someone, the less reliable it is.

People fear too much of what can be done with the fancy ways of tracking while
overlooking simpler ways that are much more effective.

------
andrewgioia
This is rage inducing. I went into this article thinking "ok as long as I
don't have the Target or Ikea or whatever app installed on my phone, I'm
fine." While that is a primary way, this needs to be outlawed:

> These companies take their beacon tracking code and bundle it into a toolkit
> developers can use. The makers of many popular apps, such as those for news
> or weather updates, insert these toolkits into their apps. They might be
> paid by the beacon companies or receive other benefits...

Ban this, full stop, on both ends of this transaction. The Reveal Medias and
the scummy app devs using their ~~SDKs~~ trojan horses. At the very least
these apps need to be named and shamed, I find this fraudulent and extremely
difficult for end users to police.

I have very minor hope that Apple at least will one day shine light on this or
ban apps who are not transparent about the data they're sending and to whom,
as it doesn't conflict with their business model and they seem to be moving
there. For now I have to essentially disable bluetooth when I get out of my
car.

~~~
rolltiide
This is how an app like Facebook can show you an ad on something you were
talking about.

It would be naive to point the finger at Facebook listening to you, it would
be more accurate to assume its EVERY OTHER app (including FB) gathering data
about you and your surroundings - MAYBE ONE IS ACTUALLY LISTENING - but
whether any individual app is or isn't, the data brokers have all the data as
well as other people like you that have probably reacted to the same external
stimulus and can be predicted to be thinking about a certain product around
that point in time.

POOF - an ad about that thing you talked about, now on your Facebook feed.

Zuckerberg gets hauled in front of Congress, accurately says "what? no we
don't do that", data brokers and software engineers laugh to the bank and let
Zuckerberg get crucified for their sins.

~~~
andrewgioia
Yes absolutely, everyone else is gathering this apparently and it has to just
be assumed now. I hadn't thought about it with the "facebook is listening"
stuff but this makes way more sense.

It's particularly frustrating given how hard I try to disassociate myself and
my family from "data brokers" and then I read another thing like this.

~~~
closetohome
I think people jump to "the app is listening" because it's the easiest concept
to understand. Anyone with a technical background knows why that's extremely
unlikely, but it still makes more sense to people as a narrative than the
complex web of online trackers and analytics gathering that happens out of
sight and contains vastly more information about individuals than could be
gleaned by eavesdropping on ambient room noise.

------
legitster
This is really big in the WiFi space. Aruba, Cisco, etc all market services to
public places like malls where you throw in a huge public wifi network, and
regardless of whether you connect or not, they can see phones looking for
known network and track traffic patterns.

Malls can then see which stores have highest foot traffic on what days, etc.
It's actually one of the things that justifies the expense for huge, expensive
free wifi deployments. And it is used to more accurately price locations
around malls.

The other alternatives to getting the same kind of data is security camera
analytics. Sometimes literally someone just watching footage and taking notes
on who they see and what kind of demographics, etc. Which is problematic in
it's own right.

~~~
TaylorAlexander
Well they automate the security camera analytics now too. I just saw this one
recently:

[https://www.sentinelcv.com/](https://www.sentinelcv.com/)

~~~
TecoAndJix
A lot of Verizon stores are owned by third-party companies. I had the chance
to speak to one of the regional reps in a college class and he told me his
company [1] does facial tracking of everyone who comes in the store. It also
monitors employees and how many breaks they are taking/what they are doing
(like hiding in the stock room).

[1][https://www.tccrocks.com/](https://www.tccrocks.com/)

------
SwaraLink
I think the biggest misconception here is the belief that Bluetooth LE beacons
are tracking phones. The beacons themselves operate as transmit-only and don’t
receive any data and therefore don’t perform any tracking themselves. The more
correct way to look at this is that the apps are tracking a user’s location,
and the beacons are providing the app with information to determine the
current location.

If the app’s knowledge of your location provides some service and the user is
opting-in, this shouldn’t be a problem (just like I opt-in to provide Google
Maps my location).

The keys here are (1) users should be aware that an app knows your location,
and (2) User should have the ability to opt-in to providing my location to the
app. The mobile operating systems should do a better job of making the user
aware and making it very easy to opt in or out.

Maybe an ideal solution would be where (assuming the user opts-in) the OS
automatically controls whether an app has the ability to use Bluetooth
locationing when the GPS detects that I’m in a certain area. For example, the
Target app is prevented from using Bluetooth tracking most of the time, but
when my phone GPS sees that I’m in a Target store it automatically enables it
while I’m there, and disables it when I leave.

------
seieste
The cynical part of me thinks this is the real reason to get rid of the
headphone jack -- to make it inconvenient to turn off bluetooth.

~~~
TaylorAlexander
On the iPhone turning off Bluetooth using the control center doesn’t even turn
it of fully, precisely so that these location services (and other features)
are still available.

[https://www.vice.com/en_us/article/evpz7a/turn-off-wi-fi-
and...](https://www.vice.com/en_us/article/evpz7a/turn-off-wi-fi-and-
bluetooth-apple-ios-11)

~~~
ac4tw
Indeed.

Sidenote, it behaves differently if you've enabled airplane mode (or at least
so the UI would indicate). In airplane mode, it gives no message and the
wifi/bt icon goes transparent. If you're not in airplane mode, the wifi/bt
icon goes light gray and it says 'disconnecting <device type> devices until
tomorrow' but the radio is still on as your article mentions.

Personally I miss the old behavior where it just turns it off, but I'm often
in airplane mode so I get the old behavior anyway and great battery life :P

------
manyxcxi
Having done some proof of concept work for a couple of very large retailers
using BLE/beacons I believe most of the scumminess isn’t on the retailer side
but the 3rd party API/framework.

The requests we were fielding was for better ability to find things in the
store, floor maps for every store with wayfinding, and the ability to use the
app to get more contextual info on demand.

For those not completely in the know on beacons: they are broadcast only and
it is the apps running in the background on your phone that shuffle off the
data on your phone. If you were running a device free of the offending apps,
your privacy is fine on that front. The WiFi tracking is a different story
though.

~~~
0xffff2
I'm a developer, but I've never touched mobile dev at all. Could you clarify
what "running in the background" means here? I see it come up a lot and I'm
never quite sure.

Specifically, if I have an app installed, but it's not open in any way (e.g.
in iOS I double tap home and swipe up on the app's window to close it) can the
app still run any code? Am I safe from these "background" vulnerabilities as
long as I aggressively kill apps that I'm not actively using, or is simply
having the app installed enough to let it run a certain amount of code on my
device?

~~~
manyxcxi
They can if given permission to. For certain apps in iOS it’s usually an
application asking for location permissions without a real good reason for it,
that’s why (in my opinion) it seems like weather apps are some of the worst
offenders for this stuff, as it makes sense to give it location permissions.
There are other permissions that can be abused as well, but location is the
dead give away.

I can’t speak to Android as it’s been a long time, but iOS is pretty strict
about what you can and can’t do in the background. There are certain events
that will “wake up” an app, even one that is killed. You’re not necessarily
safe if you have a bad app installed and kill it. I usually just recommend
avoiding free apps that seem super heavy on ads. Because the ad framework is
likely abusive, even if the developer didn’t intend it.

~~~
0xffff2
Thanks. That's pretty unfortunate. I guess I'll just be event more aggressive
about denying permissions requests and uninstalling any app I don't have a
good reason to keep now.

------
move-on-by
This is a bit off topic, but how could I do this at home? Seems like it could
be a great addition to home security systems. Criminals know to cover their
faces with all the cameras and they use stolen vehicles that can’t be traced
back to them. I bet they still have their phones with them. I’m not sure the
police would take action on a device’s MAC address- but it’s still another
data point. Perhaps there are hardware/usb sticks designed for this purpose?

~~~
tacLog
I do wifi tracking for a living and no there is no off the shelve solution for
consumers that I have ever seen. You can accomplish this with a raspberry pi,
a wifi adapter that supports monitor mode, and tcpdump set to the right
filters. However, I don't see why anyone ever would.

As others have mentioned many of the top wifi brands, Cisco, Aruba, and Meraki
(now owned by Cisco) provide this kind of information to clients at their
enterprise level.

The reason this doesn't exist for consumers for security at least is that in
the use case you described it is hard to tell what MAC address belongs to each
device. Even in a neighborhood, you will detect hundreds of macs a day due to
mac spoofing that modern phones do.

~~~
move-on-by
Built-in RaspberryPi WiFi can do monitor mode. Kali Linux even has a raspberry
pi image. RaspberryPi also has built in Bluetooth that supports 4.1 and low
energy. Since Bluetooth is a less powerful signal, is there anything I could
do with that?

~~~
tacLog
I haven't tried to track phones with bluetooth, it seems like it wouldn't be
possible because phones aren't always announcing themsleves. A by product of
battery limitations I would guess. The more common use is tracking powered
tags for the purpose of asset tracking in say hospitals or similar.

I didn't know the onboard adapter supported monitor mode, that is ligitmately
useful knownledge for me. Thanks, it should be simple to build your own
sniffer to just plan around with. Carefull if you are in the EU though, not
that it is removely possible to catch a silent sniffer.

------
imroot
To me, this isn't big news -- It's at the point where I turn wifi and
Bluetooth off when I'm shopping.

Look at some of the filings by Kroger:

[https://fccid.io/PBR-SZG3APWC/Users-
Manual/Manual-3994818](https://fccid.io/PBR-SZG3APWC/Users-
Manual/Manual-3994818)

They are tracking down at the bay level for some items.

~~~
tantalor
> I turn wifi and Bluetooth off

You believe that makes a difference?

~~~
bduerst
It doesn't for Apple users. Location and other bluetooth features are still on
after you turn it "off".

[https://www.zdnet.com/article/ios-11s-control-center-may-
say...](https://www.zdnet.com/article/ios-11s-control-center-may-say-
bluetooth-wi-fi-are-off-but-thats-just-not-true/)

~~~
24gttghh
That's the control center shit. I made a shortcut widget that actually shuts
it off for this scenario.

------
takk309
Based on the title of the article I was expecting the stores to passively
collect data based on the MAC address. I guess I was way wrong. I am a traffic
engineer and we use passive BT MAC address scanners to sort out
origin/destination and travel time. This is done by setting up multiple
detectors around a study area. Each detector saves the time and MAC address of
every device it detects. We later match the MAC addresses that have been
detected at multiple locations and that gives us the travel time between them.
The raw data is rather useless for any other purpose, to us at least, and is
tossed after we are confident in the data results. If a store were to use
something like this, they would have to tie my MAC address to me, which I
doubt would be too hard.

I don't see anything wrong with passively tracking people in a store, mall,
shopping center, etc., as long as it is used to inform the owners of movement
patterns in the area. To use the information to push notifications and
determine purchasing habits of people is over the line.

~~~
wkavey
To me there is a difference between what you describe, where hardware deployed
in stores collect detected bluetooth signatures, and what this article
describes, which is YOUR OWN DEVICE reporting on your movements.

------
kevin_b_er
Android has a feature called "nearby device scanning" so even if you turn off
bluetooth, apps can still do BLE. I suspect stuff like this, where many many
apps can spy on you on behalf of others, is why Google made BT access a
Location category. But it means your weather app that uses location to tell
you where you are? It is selling your location via BT beacons to 3rd parties.

~~~
xur17
I really wish android differentiated between foreground and background
location permissions.

~~~
imperialdrive
Meet the newest Android Q (10) which is available as a beta. The permission
levels are there for what you wish. It's impressive to see just how many apps
were previously getting background location (and many other) permissions by
default. Eye opening experience for someone that figured it wasn't _that_ bad.

~~~
cherrypepsi
> Meet the newest Android Q (10) which is available as a beta. The permission
> levels are there for what you wish.

I would like to congratulate Google for such hard work. I mean, CyanogenMod 7
in 2010 could revoke any app permission at the user's will, but you know,
computers are _difficult_

------
ajkjk
Nothing would make me want to buy yogurt less than an ad on my phone while I'm
looking at yogurt. I would hope everyone would feel the same way, to
disincentivize this.

~~~
_bxg1
The best way to protest surveillance capitalism is to make it ineffective. If
you get a pushy or creepy ad, go out of your way to avoid that product or
brand. Even if it is appealing to you. Even if it's a good deal. Send the
strongest kind of signal against targeted ads: money.

~~~
TeMPOraL
I do whenever I can. For instance, for close to a decade now I maintain a
blanket ban on Groupon for that one time they spammed me with retargeted ads a
bit too hard (3+ same ugly pink ads simultaneously on a single webpage).

------
bb101
Shouldn't there be a setting under Privacy to turn responding to beacons off?

I'd be interested in a list of popular apps or SDKs that use beacons -- so I
could uninstall them pronto.

------
decebalus1
This book [https://www.amazon.com/Aisles-Have-Eyes-Retailers-
Shopping/d...](https://www.amazon.com/Aisles-Have-Eyes-Retailers-
Shopping/dp/0300212194) goes into quite a bit of detail about various
techniques retailers use to track customers.

------
fyfy18
What exactly are retailers doing with this data, that they couldn't do before?
If you go to a supermarket and pay by credit card, the supermarket is going to
have a profile on what type of things you like to buy, even if you aren't a
member of their loyalty program. They've been doing this since loyalty cards
became popular in the 90s.

It seems somewhat benign, and not very useful, that they know I spent 45
seconds in front of the yogurt section, compared to the average at that time
of 28 seconds. Maybe a friend I haven't spoken to for a long time started
messaging me. Or maybe I was helping an elderly person get something from the
top shelf.

The part about eending ads to your device is FUD, any app that starts doing
that without my permission is getting uninstalled straight away.

~~~
sizzle
We aren't privy to the back office deals they are brokering with our data
across advertisers and what not.

------
muricula
In order for this to work the apps have to listen to bluetooth signals from
the beacons (or register a hook for an OS level beacon listening service?).
How do I prevent an app from listening to bluetooth? Is this gated by the iOS
"access current location" permission, or the "bluetooth sharing" permission?
The iOS docs I've found are unclear:
[https://developer.apple.com/ibeacon/Getting-Started-with-
iBe...](https://developer.apple.com/ibeacon/Getting-Started-with-iBeacon.pdf)

------
css
So... turn off Bluetooth and Wifi when you go into a store? Put subtle lines
on your face with makeup to confuse their facial recognition systems? What
else do we need to do now to go out in public?

~~~
module0000
Physically dismantle every data broker's office and data center? Not sure what
else would be effective.

~~~
asdff
Turn off your phone?

------
crazygringo
I feel like I need a lot more clarification here, can anybody help out,
whether on iOS or Android:

1) Some random third-party app has to be _running_ on your phone to detect
beacons and send the data back... how viable/likely is this actually? It seems
like this would only ever effectively detect a tiny percentage of users at
best who just happen to have one of the apps open while walking around a
store?

2) For an app to detect beacons, don't you have to give permission for the app
to use Location Services? I've tried Googling it but can't seem to find a
definite answer... I'd be surprised (and saddened) if Apple or Google are
allowing apps to detect beacons without explicit location or Bluetooth
permissions.

3) If the goal is to track as many users as possible... wouldn't it be far
more efficient to look for Wi-Fi devices that are scanning, and identify them
by their MAC address? I don't understand what Bluetooth beacons enable that
Wi-Fi scanning doesn't.

4) The article lists companies that provide these third-party toolkits... but
not a single name of an app that uses them, or what percentage of phones
contain an app with them. Since this is the main accusation of the article...
I don't understand why they wouldn't provide even a single instance of proof.

I've just seen a lot of very questionable reporting from the NYT in the past
on tech/security/privacy, so I'd like to understand better how real this is or
not.

~~~
sho
> Some random third-party app has to be running on your phone to detect
> beacons and send the data back

They don't have to be running. Here's my understanding (for iOS anyway):

1\. Apps have the ability to subscribe to bluetooth callbacks from the OS,
which is constantly scanning for them (about once a second, from memory). It
will be something like, "wake me up when you detect that beacon with UUID
ABCD123 is in range". ABCD123 would be the standard ID of a marketing
company's beacons - there could be millions of them.

2\. The beacon also have sub-IDs identifying the exact beacon being used. The
marketing company will know which are where.

3\. Whenever the beacon is in range, the OS pings the app with the data, which
decides what to do with it in the same manner as a background data refresh.
This could be something useful, like waking up to let you know your suitcase
is nearby - but it could also be silently uploading that data to a server.

4\. The software to do this is being bundled as a paid SDK in a great many
seemingly-unrelated apps, such as weather apps.

5\. This behaviour is not counted as location services in the OS, and may or
may not be disabled even when bluetooth is "off" on the phone

Corrections welcome but I believe that's roughly what's going on.

I'd greatly appreciate something like Little Snitch on the iPhone so I could
see which apps are doing this and delete them with extreme prejudice. Back in
reality, I'm glad this is getting attention - at the very least Apple should
be providing a list of apps requesting BT access, and indeed any network
access over time.

~~~
crazygringo
Thanks, this helps a lot.

I'm pretty shocked all this can go on in the background without permissions.
With Apple adopting such a privacy-conscious stance, I really hope this gets
their attention so beacon scanning requires explicit permission in the future
(and separate from location services -- my weather app needs to know where I
am, but _certainly_ doesn't need to scan for beacons).

This is honestly pretty egregious.

~~~
sho
> This is honestly pretty egregious.

It certainly is. I knew about the mechanics of it but hadn't realised it was
being so widely abused. I would like to see Apple come down on this swift and
hard.

Third party paid SDKs! Those cunning bastards. AdTech really is the dregs.

------
rapht
On Android, this just had me 1\. Settings > Security 2\. Click on Location 3\.
Enhance location precision 4\. Disable "Bluetooth Analysis" aka the use of BLE
beacons

------
dmje
The really simple answer? Give up your smartphone. It's eating your life
anyway, crossing boundaries with your family / work. You're addicted to
checking: your downtime is zero, your free space to think: negligible.
Mindfulness: none. Mindlessness: maximum.

Just a thought.

~~~
CamperBob2
How is this kind of "advice" anything but plain old-fashioned victim-blaming?

If ever an entire category of HN posts deserved an instant trip to -4
territory, these ever-present and singularly-unhelpful posts ("Just turn your
phone off/leave it in airplane mode/leave it at home/give it up for Lent/sell
it on Craigslist/go to Uttar Pradesh and join a Zen monastery") should more
than qualify.

Letting scumbags dictate how you live your life -- or how you use your phone
-- is never the optimal strategy. Don't turn off. Fight back.

~~~
dmje
I don't really see how my thought (note: more "thought", less "advice")
qualifies for this ire, but, hey, maybe you too need to spend less time on
social media being angry at people ;-)

Actually I think a considered and gentle re-looking at one's life is an
entirely viable thing to do.

What's so nuts about leaving your smartphone at home, or giving it up
completely? Try taking a step back in an attempt to take a cold look at how
weird and unbalanced this whole smartphone addiction thing has become. A
situation in which, what, 50%+ of any random group of people has head down
looking at a screen? A situation in which a family goes out for a meal and
spends the time with each member socialising with people in the virtual world
but not with each other? A situation in which young girls are self-harming
because they're spending 6 hours a day comparing themselves with others
online? I live by the sea - a beautiful, wonderful part of the world - but the
number of people who simply don't engage with the world they're moving through
because of this little square of plastic in their pocket is astounding.

There's nothing blame-y about this - yes, the corporations need a slap at what
they're doing with our data and our lives - but we've got individual agency,
too.

------
g8oz
We need to articulate the changes we need from Apple & Google. Something along
the lines of a) permission required for any app to use Bluetooth or BLE -
preferably differentiating between whether the app is running in the
foreground or background b) a way to turn off _both_ Bluetooth and BLE at the
OS level. Then pressure needs to applied either through public opinion or
through legislative efforts.

~~~
landonxjames
App level bluetooth permissioning is actually planned as a part of iOS 13

[https://www.apple.com/ios/ios-13-preview/features/](https://www.apple.com/ios/ios-13-preview/features/)

------
wkavey
I actually implemented a nearly identical system for my senior design project,
except we targeted the smart home ecosystem. Basic use cases would be
automatically turning on/off lights or having a music stream/temperature
preference/... follow you as you move throughout your house and enter/leave
rooms. All implemented by an app on your phone detecting strategically placed
beacons.

~~~
vertoc
Haha I did a very similar thing for mine - it was using these to replace clock
in systems for hourly workers, no more need to clock in or out, the app would
auto detect when you entered/left the building

------
PeterCorless
This isn't new. I wrote this blog about beacons back in 2015 for the NoSQL
vendor Aerospike; there aren't just audio (high frequency) beacons. There are
also RF and other spectrum beacons:

[https://www.aerospike.com/blog/silverpush-unifies-people-
dev...](https://www.aerospike.com/blog/silverpush-unifies-people-devices-
data/)

------
wodenokoto
The other day I had to send a video to a friend. Too big for email and fb
messenger wouldn’t let him download it once received, so I ended up trying
airdrop and got a list of names of everybody’s iPhone or iPad around me.

Apparently we are all telling anyone around us who cares to listen who we are.

------
HaloZero
Is there a way to determine which apps have the SDKs from Reveal or other
companies?

~~~
smilliken
Yes. My company (MixRank) downloads and analyzes mobile apps. Among other
things, we determine what SDKs, APIs, etc, an app uses. We have 20k SDKs
identified and track all of their installs/uninstalls.

------
dawnerd
I didn't know it was a secret? Figured it was pretty common knowledge back
when iBeacons and similar were announced and when major retailers like Target
even made press releases about it

[https://techcrunch.com/2017/09/20/target-rolls-out-
bluetooth...](https://techcrunch.com/2017/09/20/target-rolls-out-bluetooth-
beacon-technology-in-stores-to-power-new-indoor-maps-in-its-app/)

Kind of funny that Apple pushing privacy basically helped create this kind of
tracking to begin with.

Edit: NYT article mentions other apps selling data to retailers. I think it's
time apps start asking permission to use BTLE. No reason a weather app needs
that kind of access.

~~~
raverbashing
Apple? Maybe it's the big stores and advertisers want to know everything about
everybody that are to blame?

~~~
dawnerd
Yes Apple. They rolled out iBeacons and created a whole toolkit on ios that
enabled tracking - at least a lot easier than it would have been.

~~~
raverbashing
Thanks, this makes sense, though beacon technology is not exclusive to them

------
spockz
So when can we start using this stuff to get indoor navigation or navigation
inside tunnels to work properly? If we are being tracked we should get some
benefit from it as well.

------
2bitencryption
am I understanding this mechanism right?

1\. Set up a bluetooth beacon in the diary aisle that broadcasts as a
connectable (nor not?) device with an "SSID" (or the bluetooth equivelant)
that is a known GUID

2\. apps on your phone can scan for available bluetooth devices, and see the
presence of the GUID, which is enough for them to know you are in the dairy
aisle of Store 1234.

if that's right, does this mean disabling bluetooth, or restricting a device's
access to scan for devices, will preclude this?

~~~
Malic
Basically it means those loyalty apps stores put out? Are you sure you know
what that app is doing...?

You are right that disabling bluetooth or being aware of what apps your phone
has is what is required.

~~~
seieste
You don't need the Target app to be tracked by Target, since the tracking
beacon code can be in any number of unrelated apps (weather, news, games,
etc.)

------
disposition2
Hopefully not a dumb question...

Are there any apps / options that allow for only connecting / responding to a
previously connected unless overridden?

------
Skunkleton
AFAIU, on iOS disabling location access will stop apps from accessing beacons
entirely, and apps have to prompt to establish this permission.

------
polskibus
You can set similar tracking yourself with rpi, hass.io and presence detection
module that can register and track MACs on Bluetooth and wifi

------
umvi
What I don't get is:

1\. Pretend it's the 1900s.

Walk into a general store, shopkeeper sees you looking at ammo for 20 minutes
and then leave without buying anything. Next time you walk in, he recognizes
you and says he'll give you a discount on ammo if you buy in bulk.

This is totally cool, not a violation of privacy, and both parties benefit.
win/win

2\. Use a computer to do the same exact thing automatically

Rage, pitchforks and proverbial molotov cocktails and people going on privacy
diatribes.

What's the difference?

~~~
24bug47
You're on HN and "What's the difference" is really your question? 1\. Friendly
private human interaction shared by two people. 2\. Data is collected, sent,
analyzed, sold, shared, distributed, stolen, and abused in order to maximize
profit across expansive markets at the expense of any respect for the user's
privacy. The user is tracked, distracted, and tricked into obeying algorithmic
market forces of massive and opaque breadth. Every piece of data ever accrued
is collected and stored in order to create an invasive profile of a user's
movements, decisions, actions, and relationships, so that predictive
programming can be implemented in attempts to guess the state of the user's
mind prior to the user coming to these conclusions, or at least to convince
the user that this is what the user wants. The end goal is technology that
effectively usurps the user's free will, so that the user is completely
reliant upon it for basic decision-making. The goal is to destroy free will. A
society in which every individual action is known by governments and
corporations is not a healthy society. It is an electronic prison.

~~~
umvi
This just seems like such absurd hyperbole I can't tell if you are serious or
not. "technology that effectively usurps the user's free will" "electronic
prison"

I don't believe any of this. Nobody can usurp my free will no matter how much
data they have on me. Heck, even if I _told_ them every last piece of private
information I knew about me, I doubt they could increase my spending even 1%
more than I currently am with all the coupons and targeted advertising and
subliminal marketing in the world.

~~~
24bug47
I'm glad that you feel you are immune to these advances. That doesn't change
the corporate agenda though. They want you to buy their stuff. You, me,
everyone. They pay loads of money to teams of people dedicated to utilizing
the latest technologies to bend your will to their desire, with whatever
tricks their minds may conjure. They work in concert with others doing the
same. It's "just business".

We have a global population that is addicted to their phones. A great deal of
their worldview is shaped on a daily basis by a small illuminated screen that
fits in the palm of the hand, full of deception and manipulation, which goes
well beyond grocery shopping. The phone is an ideal espionage tool since, for
most people, it is turned on and broadcasting constantly, and always at its
user's side. I mentioned "electronic prison", scaling out from this, in the
sense that law-abiding citizens are under constant surveillance, similar to
inmates in a prison. We have the ability to move around of course, but we can
hardly do so without being watched, which does not equate to actual freedom.
The human experience is being overrun by addictive technology that manipulates
our will through mechanisms that are totally unknown by the average user. It
may seem like hyperbole because its full effects have not yet been understood.
It's not like this is the end: this is just where we are today. The intrusion
into our lives will only escalate.

------
notJim
Honestly, part of this doesn't bother me that much. It doesn't bother me for a
store to know where I'm standing while I'm in their store.

What _does_ bother me is the part where they can get lots of other data and
use it to build a profile of me that spans far beyond their store. The fact
that this Pulsate company encourages devs to include my email address, for
example, seems _really_ invasive, and probably would be illegal under the
GDPR?

------
Spooky23
How do they actually make money?

Merchandising isn’t rocket science. I wonder if there is real roi?

------
dreamcompiler
Not if I keep Bluetooth turned off, which I usually do. Admittedly this is
easy for me since my phone still has a headphone jack.

~~~
russh
You may have been misinformed about the effectiveness of keeping Bluetooth
"turned off".

~~~
dreamcompiler
I also keep Location History and Bluetooth scanning off, just because I want
less Google in my life. Apparently those are important too.

[0] [https://qz.com/1169760/phone-data/](https://qz.com/1169760/phone-data/)

------
agumonkey
mass background tracking is becoming the defacto leading industry

------
dTal
>Location marketing aims to understand “online-offline attribution.” If a
Starbucks coffee ad is sent to your email, for example, marketers want to know
if you actually went there and bought a coffee. The only way to know is to
monitor your online and offline habits at all times.

Make no mistake: the purpose of marketing is to maximize information
asymmetry. The natural end point is totalitarian: they know everything about
you, and you know nothing at all, blindly obeying.

~~~
cortesoft
That is not the purpose of all marketing. That might be the purpose of this
kind of tracking, but I don't think telling people the product you created to
serve their need is inherently evil.

At its best, marketing is a way to let people know the goods and services you
have that can make their lives better.

This is marketing at its worst.

I really enjoy this explanation of why targeted advertising is such a horrible
thing:

[https://zgp.org/targeted-advertising-considered-
harmful/](https://zgp.org/targeted-advertising-considered-harmful/)

~~~
TeMPOraL
> _This is marketing at its worst._

This is marketing at its real. As practiced.

> _I don 't think telling people the product you created to serve their need
> is inherently evil._

Of course it isn't evil, but this is not what marketing is doing - and
claiming so amounts to a motte-and-bailey defense of an industry that's rotten
to the core and quite openly malicious towards their fellow human beings.

~~~
cortesoft
I am not defending these practices at all, I am just saying the idea of
marketing is not inherently evil.

I also think you are being unfair if you say there are zero companies that do
marketing right.

~~~
squarefoot
"I am just saying the idea of marketing is not inherently evil."

And probably most of us, including me, would agree. The problem is when the
market is saturated with goods compared to buyers so that more aggressive
methods - read: lies and subtle psychological tactics - are used to convince
those buyers they need this or that product when they actually don't. Which
becomes even more evil when the product is something potentially harmful such
as unneeded food, medicines, anything that will be soon thrown away creating
more pollution, etc. The problem isn't marketing by itself, but the total
disregard for moral issues that can and will make it harmful once
overproduction and saturated markets get us to a point where lying is the only
way to keep businesses alive.

------
itronitron
yet another reason to just shop online or at mom-and-pop shops

~~~
ddavis
You know tracking customers is a hell of a lot easier online. Mom-and-pop
shops are probably the only way to go to avoid being targeted now.

~~~
gerbilly
> Mom-and-pop shops are probably the only way to go to avoid being targeted
> now.

Yeah, and pay cash before they get rid of it and make us all pay for
everything with wechat bucks or whatever.

------
eastbayjake
A provocative thought experiment: are you more annoyed by retailers
recommending a product you just purchased from them, or a retailer
recommending a product you probably will need soon? In a world blanketed by
advertising, I would rather see relevant advertisements than be bombarded by
garbage. Maybe I will get a deal, maybe I will discover something I like,
maybe I will ignore it... but the spray-and-pray untargeted advertising that
tries to advertise arthritis medication to me as a 31-year-old man is
guaranteed only to annoy.

~~~
kardos
> Maybe I will get a deal, maybe I will discover something I like

This is what the ad industry exploiting the fear of missing out [1] looks like
when they tout the virtues of "relevant ads". You might draw a comparison with
casino marketing to gambling addicts, alcohol to alcoholics, etc -- it's
rather slimy.

[1]
[https://en.wikipedia.org/wiki/Fear_of_missing_out](https://en.wikipedia.org/wiki/Fear_of_missing_out)

