Photos, GPS and privacy
In yesterday’s post, I made the following statement regarding the risk of malware in mobile devices:
For devices, the issue is thornier, since there really isn’t antivirus software for devices. However, the concept is if you only run software available via the appropriate store (e.g., Apple App Store), the device should be OK.
In today’s NY Times, there is an article about how easy it is to write an iPhone app that could exploit a loophole in Location Services on the phone. The article describes if a user permits an app to use location services, they have access to the pictures on the device and can copy them off your device to their servers. They even went so far as to have an app writer prove it, though with an app not evaluated or approved by Apple. Though the Times article is about the Apple devices, other devices have also had similar privacy issues with location services. Here’s one about Android phones.
As I also said yesterday:
Smart phone and tablet security is rapidly evolving and I suspect over time we will start to see issues with devices.
OK, so it’s been less than 24 hours … 😳
This has several chilling implications to consider, but first some background.
Phones, not just smart phones, have had GPS capability for a while now. The original goal was to enable emergency responders to locate someone in distress who calls for help via their cell phone. Not a bad concept, but like most ideas, there are foreseen and unforeseen consequences. Note: In this context, GPS capability means that the phone can locate itself and transmit that location. It might get that information from GPS satellites, local cell towers or other related technology.
Cameras are starting to also have GPS capability and most phones todays have cameras. Smart phones also have apps. It’s a pretty potent mix.
When a phone takes a picture, it stores the picture on the phone as well as some additional data (known as meta-data), like the date/time the picture was created as well as the GPS coordinates (if known). Many cameras do this also. This information can then be used by applications to find all your pictures from trips to say Maui or Venice.
So, there are two issues here, the first is the security of the apps that you run on your smart phone, table, iPod, etc. Again, it’s important to realize that the app written for the NY Times article did not get vetted by Apple. Apple has been plugging some of these loopholes as they come up, but it seems that they give app writers the benefit of doubt if a “feature” is useful when used properly. They are assuming that malevolent use will be picked up during the vetting process and this appears to be largely true, else this would be a much bigger issue.
The second and in my opinion more troubling issue is the implications on your privacy. There is the obvious problem of someone grabbing your pictures for some nefarious (or even innocent) use, like posting embarrassing photos on-line or using the embedded data to predict where you might be going. Ben Scholz wrote about this very issue over a year ago in this Technorati blog entry.
However, if your device is secure and can’t be exploited in this manner,your device can be legally confiscated and used by law enforcement to determine where you were at a certain date/time that a picture was taken. It’s reasonable to assume that you carry the phone with you all the time.
So, what can be done??
Like all issues regarding privacy and security, there are tradeoffs. Everyone needs to evaluate what those tradeoffs are and act accordingly. The most important point is that folks need to consider this and make explicit decisions. So, here are some random thoughts about this in no particular order:
- You can tighten your device significantly by simply shutting off location services. Here’s an article provided by Apple on iPhone, iPad and iPod location services and how to configure. Here’s a similar article by Google for Android phones.
- Some apps are very useful with location services turned on (and in some cases useless without it). I run with location services on, but I individually set the apps that have this capability. I classify them into three broad categories:
- Apps that derive significant benefit from your location. Examples include map apps, device finding, and apps that will locate a local Starbucks. 🙂
- Apps that are useful without the location information, but add some value with it. Examples are weather apps. Do I really need to have it tracking where I am, since I know most of the time I’m in one of less than 6 locations and it’s easy to add new locations?
- Apps that want access but with no apparent benefit to the user. These are the most troubling to me, since it’s not clear why they want access, yet they ask for it … and most folks automatically give them access. I can only think that they are gathering the data to map where their apps are being used.
- I’m a little more liberal with well-known apps from well-known corporations (like CBS News or The Weather Channel app) than apps where I really do not know the source. I hate to think of a pimply faced kid in Oshkosh writing a game that also collects meta-data about me. There are others who are concerned with large corporations and might see it differently.
- Is there someone who can get some benefit getting data from you? Celebrities clearly need to be extremely careful with these capabilities, but what about the 99% who aren’t celebs (apologies to the “Occupy” movement)? Is there someone who’d love to get at your pictures and post them?
- Are you really acting honorably? Or is there something in your life that you really need to stay under the radar?
At this point in time, though this issue has been swirling around for over a year, I’ve not seen any evidence that this is a pervasive problem. My recommendation is that everyone needs to consider the issue and set up their device in a manner that balances the functionality that they desire with the level of privacy they can live with.