...still makes the the Location Services icon flash! The Location Services icon really does flash when anything uses Location Services, apparently.
This is no trivial thing to be thankful for, and hardly something I'm confident will be universally true forever.
Well, then again, I don't want an Alexa or Google Home, but I don't mind having an always-on Android phone with a microphone and 2 cameras...
I'm not happy that I don't have the option of a hardware switch to disable the cameras and mics on a phone, but I can do everything a smart speaker does without bugging my home in the process.
If a company like samsung, LG, or Motorola offered a phone that really took user privacy seriously I think they'd find a lot of people would be interested, but until then I just have to assume my phone is spying on me at all times and I limit how I use it and what data I enter into it as a result.
I of course don't have an irrefutable proof but judging by circumstantial evidence, news and PR, it's the best conclusion I can reach for now.
But I'm pretty sure my iPhone is spying on me anyway.
I personally prefer my iPhone.
Librem 5 is the phone you're looking for. Or a Pine Phone.
As much as I'd love to support these kinds of products they just don't seem ready.
I think the early pinephones are shipping too or very close to it
Once that's pressed the microphones are physically disconnected. The devices light up red to indicate this. (Not sure if all the more recent Alexa products still have this though)
> Here’s an answer I received from a former engineer at Apple who was intimately familiar with the software drivers for Mac webcams: "All cameras after that one were different: The hardware team tied the LED to a hardware signal from the sensor: If the (I believe) vertical sync was active, the LED would light up. There is NO firmware control to disable/enable the LED. The actual firmware is indeed flashable, but the part is not a generic part and there are mechanisms in place to verify the image being flashed. […]"
And the reason for that is partly because so many companies make products that don't work as expected. Or worse they make products intentionally designed to mislead users, most of whom have very little understanding of what their device is actually telling them.
More importantly, the super-users like yourself who know when they're being deceived by symbology in UI design don't get up in the companies face when you DO discover "hey, this symbology is misleading!" Granted, companies are intentionally vague when documenting such features so that you'll essentially shame yourself into not asking "what does this little symbol actually mean?"
That's not necessarily true, though.
It's just as likely the developer who implemented the feature forgot to set the "flashIcon = false" parameter in some low level API and nobody noticed. Without access to the source code we're just taking Apple's word for it.
There can just as well be existing location services users, currently using location services without your knowledge, when you're relying on a flashing widget on the screen as your source of truth.
Why can't apps request less precise location data, and maybe let the user choose this? Another common example is Twitter, Facebook, Instagram, and even dating apps, don't need to know your location with precision, they usually just want the city or zip code with relative accuracy. My Weather app doesn't need to know what rock I'm standing next to for accurate forecasting.
There's no way of knowing whether the app will be using your exact location, or just the city you're in?
As a product manager/designer, I think that would end in disaster for any consumer-facing company that implemented it. The number of people who would enter random places, forget they did so, and then complain that their phone is broken or the app doesn't work would be staggering.
At present, even though you have to approve permissions, I take it it's sufficiently rare for people to refuse them that app developers don't feel the need to rein themselves in, just based on the number of permissions still requested for very basic apps.
Allowing granular refusal was a step in the right direction, but plenty of apps still refuse to work unless granted permissions they don't need. Spoofing would be much better.
Even if it only asked for the country, the location icon would still appear.
How do you know that applications are requesting for more location data that others, just curious?
up to three km https://developer.apple.com/documentation/corelocation/clloc...
Zip code is plenty, but they all seem to think they need gps.
I really hope that after this update is released, someone with checkm8 goes and checks what has actually changed. Not because I distrust Apple per se, but because we shouldn't be making discoveries based on a cosmetic icon.
Also, thank god for checkm8.
Edit: donkeyd, below, reminded me that this behavior is only on the iPhone 11, which isn't vulnerable to checkm8. Sigh...
It seems to me like discovering this from that status bar icon is a _good_ thing. It gives me more faith that the system isn't hiding particular types of calls from the user; that it's tying the system call to the icon being present.
I'm not suggesting they will change its behavior, but it wouldn't be unprecedented if they did.
EDIT: Changed the video start time to specific reference.
Steve Jobs presents a convincing case. It's now clear to me that the media hyped up a non-issue, or at least one that was ubiquitous across the state of the art at the time. And Apple's response is perfectly reasonable.
What exactly is your problem with his explanation of the changes?
iPhone 4/4s remain my favorite iPhone generations to date.
How else should we be discovering this as opposed to the icon? I feel like a prompt or something to allow this for something that happens so frequently is just going to get UAC'd.
Who cares if your Apple device constrains location information when, stochastically speaking, other devices within your proximity won't.
This has been meta for a long time: WiFi, Bluetooth, cell towers, TPMS, just to name a few common mappings. UWB is yet another PHY contributing to the datapool.
I hope those special iPhones for security researchers come out soon.
I would like there to be a process similar to disabling System Integrity Protection on macOS, which requires booting into recovery mode. From there you can gain kernel access and inspect whatever processes you want.
It won't happen, and I consider it a major problem with iOS.
I think there's more that could be done to make the process unappealing. What if the setting erased all data on the phone, a la unlocking the bootloader on Android? What if there was a one-week time delay before the setting took effect? What if you had to visit an Apple Store?
(I don't like that last option, because it makes research inaccessible to e.g. people in countries without Apple Stores. But it would be better than what we have now.)
The biggest concern I'd have with this would be that it would almost certainly be abused to install undetectable surveillance software on devices, e.g. by a partner in an abusive relationship, or by overbearing parents on a child's device.
Is it perfect? No, but everything in life is a tradeoff. And not being able to study our own devices is a big problem too.
This means you can analyze these devices and deduct the way they are working.
Having access to the system or the source code can make things easier but not having those doesn't mean you can't look for shenanigans.
Given that these devices exist and are in use by law enforcement to catch criminals, we know this is feasible.
Relevant to current story: https://twitter.com/chronic/status/1202386593387966464
I am sure many companies in the information security field are doing the same.
It would be nice if there was a simple way to allow anyone with a phone to easily analyze all of their own traffic.
I'm far more bothered by the fact that my Roomba requests location data than I am this. Seriously Roomba, WTF.
I think there are ways to design APIs to be more private, but noone seems to do it.
For instance, one way to figure out your time zone is to send your location to a server, which will return the time zone.
Another more private way might be to load a list of location vs timezones for a region of the US, then calculate your timezone locally.
Why do you think companies are not defaulting to this behavior? it feels like the right time to be working on closed-circuit software solutions as an alternative measure.
"By enabling Location Services for your devices, you agree and consent to the transmission, collection, maintenance, processing, and use of your location data and location search queries by Apple and its partners and licensees to provide and improve location-based and road traffic-based products and services."
It will also send your location to Apple when no app is requesting your location:
"If Location Services is on, your iPhone will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple, to be used for augmenting this crowd-sourced database of Wi-Fi hotspot and cell tower locations."
Unlike on Android, you cannot get your location without sending this data to Apple:
"To use features such as these, you must enable Location Services on your iPhone"
Turn off networking. You can still get your location via GPS, but there is no way to send this back to Apple.
> By enabling Location Services for your devices
You seem to be confusing Location Services with location data. Location Services are the value adds mentioned in the support article, from which it's clear that they largely require sending your location to work.
Technically true, but this makes your iPhone a dumber dumb phone than it already is, and I doubt anybody would seriously use this mitigation.
> You seem to be confusing Location Services with location data.
You cannot get location data without enabling Location Services.
"Location Services allows Apple and third-party apps and websites to gather and use information based on the current location of your iPhone or Apple Watch to provide a variety of location-based services. For example, an app might use your location data and location search query to help you find nearby coffee shops or theaters, or your device may set its time zone automatically based on your current location."
People don't usually do this purposefully as a "mitigation", yes; however it is still a useful feature to have when dealing with poor connectivity. But more on topic, you seem to be talking about Android somehow doing something else? Is there a way that Android lets you get location services (see below) without sending your location to Google?
> this makes your iPhone a dumber dumb phone than it already is
If you're going to argue, please do so with at least the barest hint of good faith please.
> You cannot get location data without enabling Location Services.
You can get basic location data by turning on your GPS and making a couple of CoreLocation calls. You can get additional location information by sending this location (or a location query) to Apple to get some additional information about it, as mentioned in the quote you shared. In any case, we both know exactly what information we're talking about: you can figure out where you are without talking to Apple, and if you want to know about restaurants or turn off the sprinklers when you get to work then you're going to have to go through them. Whatever you choose to call it is not relevant.
You can't without enabling Location Services. If you could, that would be a huge security hole because users can only disable Location Services and not CoreLocation.
> however it is still a useful feature to have when dealing with poor connectivity.
In order to not send your location to Apple, you have to leave the network off. The location will be stored on the device and synced to Apple later if not. Nobody is going to do that just to not send their location to Apple. They'll get a phone that they are in control of instead.
> Is there a way that Android lets you get location services (see below) without sending your location to Google?
Yes. Just request location permission and use the location API. If you want AGPS functionality, you still have to request the location permission, but you need to call a Google API (or an Amazon API on Amazon devices, etc.).
> If you're going to argue, please do so with at least the barest hint of good faith please.
I'm just pointing out how ridiculous your mitigation is using an equally ridiculous description.
You are right. I was looking in the disassembly of CoreLocation and misread where the controls for this were (and what they were named in the UI)–see below. Sorry about that.
> In order to not send your location to Apple, you have to leave the network off.
There's a bunch of toggles to switch off sending location data to Apple, specifically, in the Location Services settings page. So you can have Location Services on but not send anything to Apple, unless the app does so itself.
> The location will be stored on the device and synced to Apple later if not.
From the code, it seemed like this was for syncing frequent locations (which is end-to-end encrypted).
> They'll get a phone that they are in control of instead.
I am assuming you're claiming this is an Android device?
> I'm just pointing out how ridiculous your mitigation is using an equally ridiculous description.
You're really not; you're coming in, whether you're serious or not, with the argument that iPhones are "dumb", which is not useful or even related to the point. Countering my "ridiculous mitigation" (which I have not even described as a mitigation, mind you; I was just pointing out that you can get data from GPS without sending anything to Apple; if anything the "mitigation" I will point you to now is the set of switches that I mentioned before) with another one just does not help keep this conversation on track. It's quite literally flamebait.
There is no such setting. https://hifutureself.com/ios-location-system-services-settin...
It is not enough to disable Location Services for Apple apps. If any app requests location, even non-Apple apps, your location will be sent to Apple, as I showed above.
> I am assuming you're claiming this is an Android device?
You can use them without sending data anywhere you don't want.
> iPhones are "dumb",
I was very clearly riffing off the term "smartphone." A phone that has network disabled as you suggested cannot be called smart. What's the opposite of smart?
Isn't this a long-standing issue where Bluetooth access falls under the "location services" category because one can use the Bluetooth hardware to guess your location based on known beacons?
At least, unlike android, iOS indicated that the location system was being used.
Reduces BOM, manufacturing cost, board space needed, and battery drain to exclude it.
LEDs on phones were all the rage (at least one Blackberry model had an LED accessible by apps IIRC) until Apple took the market by storm and then everyone started copying their aesthetic.
> Ideally this light would be physically linked to the power going to the camera and the light would be impossible to disable without physically altering the device.
There's no way for you to verify unless you built the camera yourself or can remove the camera.
Even google, on it's nexus 5, had a LED. A prominent RGB LED that could do everything you ever wanted. Well, unless you relied on google for the software which if possible made it worse than if it hadn't existed.
Then you open up the phone to replace the dying battery. And behold, multiple SMA type connectors for external antennas(?) One wonders if a single person on earth found a use for them. Cost optimization don't seem to be that important.
Now for the camera LED I don't think phone manufacturers want to even admit that it is something anyone should be worried about. So their strategy is likely to pretend that there doesn't even exist any issues to worry about. Probably works out pretty well for them.
This makes a lot of sense as mobile phones are an extremely hostile RF environment. If it were any other way, the phone's sound inputs would be flooded with that iconic "cell phone interference" sound.
Old but still interesting:
What you describe as "no way" is a 2-second napkin sketch for any witting electronics hobbyist, let alone a proper design EE professional.
Apple could easily disable said icon in certain cases. This begs the question: Isn‘t there a more reliable way to determine if an iPhone uses location services and maybe even say for sure for what they are used?
The icon, in this case, was a helpful indicator allowing others to easily reproduce this test in minutes.
Call me paranoid, but this statement is telling us that:
"The management of UWB compliance and the management of its use of location data is done on the device" -- which okays that the data can be used outside the device, only the management needs to be done on the inside,
"Apple is not collecting user location data." -- which could mean that some other parties (not Apple) _could_ collect user location data.
To use the same frequency band allocated to uses like television and radio broadcasting without interference, you need a way to know which frequencies are already in use by the local stations at your location.
>So-called "white space" frequencies have considerable benefits when compared to traditional Wi-Fi signals, and now Google has created an API to make the process of utilizing them easier. Companies using the Spectrum Database API will be able to search for frequencies unoccupied by TV or radio signals in specific areas of the United States, and register equipment that uses those frequencies to broadcast wireless internet.
Google has championed unlicensed TV white space (TVWS) over the last few years. The FCC approved the use of Google's TVWS database in June, after tests began in March.
Apple appears to be doing nothing more than querying a local copy of the database to look up which frequencies must be avoided at the current location.
All the Android phones that adopt ultra wideband technology will have to do the same thing.
White Spaces was a plan to make frequencies once allocated to analog TV broadcasters unlicensed (similar to the existing ISM bands). This would give things like WiFi access points more spectrum to use, without fundamentally changing how the protocols worked. (Same signal, different RF frontend for the new frequencies.)
UWB is a very low-power spread-spectrum technique. It decreases power and increases the bandwidth used to achieve a usable channel capacity. The idea is that the power is so low that it won't interfere with licensed users, even though it's using licensed frequencies. The downside is that it's a lot more complicated and requires new hardware and electronics techniques to implement. (I assume the reason it's disabled in some regions is because they haven't convinced the relevant authorities that it doesn't actually interfere with licensed users while using their spectrum.)
There are going to be a lot of issues if apple just lets you track things at range
Is UWB used for features other than Airdrop? Location reporting of nearby tags/devices?
One avenue of investigation would be to capture all iPhone 11 traffic via VPN (e.g. Charles Proxy) and correlate network traffic with appearance of the location indicator.
Apple claims Location Services cannot be disabled because it is needed for Ultrawide Band (UWB) compliance.
And what about UWB? It cannot be disabled either? Do you have a say if someone wants to send you a file 'simply by pointing at your iPhone'?
Ridiculous. The phone always knows very well what country and what regulatory region it's operating in. Otherwise, how could it know what cellular bands to use?
By passively listening for what bands are being broadcast on? I mean, dumb phones without any kind of location support whatsoever could do that, without determining what regulatory region they are in.
Exactly, that's my whole point. Obviously I didn't make it clearly enough.
Are you in the 0.0001% of the planet's populated area where the local cell network doesn't tell you roughly where you are? Fine, then turn on location services. That's almost never going to be the case.
For instance -
"Australia: Ultra Wideband transmitters must not be operated within a nominated distance from specified Australian radio-astronomy sites."
Further, your phone certainly doesn't have to know where it is to figure out what cellular bands to use, but instead that's based upon the SIM and cell provider settings.
b) There are other locations where the entire phone isn't allowed to be turned on (the NRAO quiet zone near Green Bank comes to mind, unless this has changed recently.)
So, no. This is not a valid excuse.
As has been mentioned before, relying on some icon on your screen is rather naive unless Apple has provided some legal assurance that we can.
It would be a good question to pose to Apple - can the icon be overridden to not be shown or shown so quickly that it is effectively invisible?