[joeblau]

On iOS, none of that is even possible with physical access. Nothing that you’re saying sounds hard for a malicious actor to pull off. The interesting thing is that you’re getting is a historical log without the need to install anything.

[arsome]

> Nothing that you’re saying sounds hard for a malicious actor to pull off.

A malicious actor would need to be your phone manufacturer, Google or someone with a root exploit (jailbreak in iOS terms) or this "vulnerability" would be completely useless.

All of those parties could just as easily push code to your device any number of other ways that could do far worse than reading your logcat for BT IDs.

I understand the concern, but if you're at the point where you can't trust the parties who push automatic updates with high privilege levels but you do need to be concerned about reading logcat your threat model here is pretty strange.

[Aerroon]

Isn't the difference based on time though? The device manufacturer can push a patch, but they would get access to the information after the patch, whereas access to the log gives you information from before the patch. Or have I misunderstood?

[hundchenkatze]

The device manufacturer has access to the device (at the hardware level even) the moment they start building it. They don't need to push a patch to gain access, they could access your logs at any point throughout the lifespan of the device.

[Aerroon]

I think we're talking about different things. If a manufacturer wants to eavesdrop on my device then they need to push a patch to my device. They can only get information about what happens after they push this patch. They can do it at the start of the life of the device, but they'd have to do it then.

However, if important data is retained in logs, then the manufacturer could grab the data from the logs. They can get information from a time before they decided to look into you.

It's like a wiretap vs access to a diary. A wiretap only gives you information after the tap has been installed, whereas getting your hands on someone's diary would give you access to previous information too.

[hundchenkatze]

Ah, thanks for the clarification, that makes sense. I was jumping to the assumption that the manufacturer was malicious from day one.

[londons_explore]

On iOS, you have to trust Apple and everyone who writes code for Apple, directly or indirectly.

If any Apple code that runs as root is evil, then your location data can be stolen in exactly the same way.

In the case of Android, the equivalent is code written by Google, the OEM, the chipset maker, and anyone those people gave root access to (which is often a long list of 'sponsorware' apps).

Overall, the class of vulnerability is the same, but Apple just does a far better job of vetting and controlling the list of people/code.

[tekknik]

> Overall, the class of vulnerability is the same, but Apple just does a far better job of vetting and controlling the list of people/code.

This as well as the extreme lack of trust for anything Google. Apple has an incentive to keep the privacy kick going, Google is already figuring out a way around Apple nuking ad identifiers. Trust is important.

[UncleMeat]

And people complain incessantly that they don't really own their iphones because they cannot install their own code on it. You can't win.

[jonny_eh]

Sandboxing exists.

[UncleMeat]

Of course it does. Sandboxing even exists on Android. The criticism here is that if you have some system that has root and can poke through sandboxes that you can access this data.

You either have full access or you don't.

[jonny_eh]

That wasn't my point. It was that iPhones need not limit apps to the "App Store" in the name of protecting the system, since it can sandbox apps, wherever they come from.

[UncleMeat]

If the non-app-store-installed apps are sandboxed then they cannot actually run everything that tinkerers want and the same criticism persists. The "we don't own our phones" crowd wants root.

[jonny_eh]

That's a different complaint though. Just allowing sandboxed, sideloaded, apps would enable a whole host of new apps such as emulators, plus it would allow apps to provide their own monetization (e.g. Fortnite).

[tekknik]

There’s a far larger number of iPhone users that either don’t know what root is, or don’t care. And your parent post is incorrect, Apple denies apps all the time.

[wutbrodo]

How is this an instance of "you can't win"? Not "owning" your phone is a downside of iOS's approach, and avoiding the security issue as parent commenter mentions is an upside (ie a "win"). This martyr complex over phone OSes is very 2010.

[t0mas88]

He means as a phone manufacturer you can't win, either you have an open OS and get criticised for not locking it down or you have a locked down OS and get criticised for not opening it up.

[tekknik]

This is just true in general. People complain about everything these days.

[fulafel]

How is this prevented in ios if you have root (=jailbreak)?