[arsome]

> Nothing that you’re saying sounds hard for a malicious actor to pull off.

A malicious actor would need to be your phone manufacturer, Google or someone with a root exploit (jailbreak in iOS terms) or this "vulnerability" would be completely useless.

All of those parties could just as easily push code to your device any number of other ways that could do far worse than reading your logcat for BT IDs.

I understand the concern, but if you're at the point where you can't trust the parties who push automatic updates with high privilege levels but you do need to be concerned about reading logcat your threat model here is pretty strange.

[Aerroon]

Isn't the difference based on time though? The device manufacturer can push a patch, but they would get access to the information after the patch, whereas access to the log gives you information from before the patch. Or have I misunderstood?

[hundchenkatze]

The device manufacturer has access to the device (at the hardware level even) the moment they start building it. They don't need to push a patch to gain access, they could access your logs at any point throughout the lifespan of the device.

[Aerroon]

I think we're talking about different things. If a manufacturer wants to eavesdrop on my device then they need to push a patch to my device. They can only get information about what happens after they push this patch. They can do it at the start of the life of the device, but they'd have to do it then.

However, if important data is retained in logs, then the manufacturer could grab the data from the logs. They can get information from a time before they decided to look into you.

It's like a wiretap vs access to a diary. A wiretap only gives you information after the tap has been installed, whereas getting your hands on someone's diary would give you access to previous information too.

[hundchenkatze]

Ah, thanks for the clarification, that makes sense. I was jumping to the assumption that the manufacturer was malicious from day one.