iOS 11's Misleading 'Off-ish' Setting For Bluetooth and Wi-Fi is Bad for User Security (eff.org) 50

Posted by msmash from the things-apple-does dept.
Last month, we covered a story about how turning off Wi-Fi and Bluetooth in iOS 11's Control Center doesn't really turn off Wi-Fi and Bluetooth. EFF has called the situation bad for user security. From the report: Instead, what actually happens in iOS 11 when you toggle your quick settings to "off" is that the phone will disconnect from Wi-Fi networks and some devices, but remain on for Apple services. Location Services is still enabled, Apple devices (like Apple Watch and Pencil) stay connected, and services such as Handoff and Instant Hotspot stay on. Apple's UI fails to even attempt to communicate these exceptions to its users. It gets even worse. When you toggle these settings in the Control Center to what is best described as "off-ish," they don't stay that way. The Wi-Fi will turn back full-on if you drive or walk to a new location. And both Wi-Fi and Bluetooth will turn back on at 5:00 AM. This is not clearly explained to users, nor left to them to choose, which makes security-aware users vulnerable as well. The only way to turn off the Wi-Fi and Bluetooth radios is to enable Airplane Mode or navigate into Settings and go to the Wi-Fi and Bluetooth sections. When a phone is designed to behave in a way other than what the UI suggests, it results in both security and privacy problems. A user has no visual or textual clues to understand the device's behavior, which can result in a loss of trust in operating system designers to faithfully communicate what's going on.

  • Does turning off the device work? (Score:3, Interesting)

    by lucasnate1 ( 4682951 ) on Friday October 06, 2017 @12:15PM (#55322133)

    Since the battery can't be removed, I'm beginning to wonder if there is any way to turn off wifi AT ALL.

    • Re: (Score:1, Interesting)

      by Bing Tsher E ( 943915 )

      I had instances with my iPod Touch, back when I used an iPod Touch, where a lockup condition occurred, and I simply had to leave the thing on, singing madly, until it killed itself by completely draining the battery.

      Most other mobile devices, it's a matter of yanking the battery to force a reset.

  • Unless you can remove the battery.

    The mic is always hot, and probably the camera too.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Mic is always hot on an iPhone ever since they added "hey Siri" support and all audio recorded is almost certainly sent to Apple to help them train their voice AI. We know that with the iPhone X, the camera will also always be active and scanning for faces.

      Ever wondered why the battery life in new iPhones is so abysmal? Because it's always spying.

  • "UI fails to even attempt to communicate..." (Score:5, Informative)

    by tk77 ( 1774336 ) on Friday October 06, 2017 @12:39PM (#55322303)

    Saying the UI doesn't communicate the differences is not entirely true. There is a visual difference in the control center between the radio being "on",m "disconnected" and "off".

    In the normal "compact" control center mode if the device is "disconnected", the icon is displayed with a gray background (blue background is "on"). If the device is "off" the icon has a cross through it. In the expanded view (tap and hold on a button will bring up the expanded view), it will actually say "on", "disconnected" and "off" based on the mode.

    I'm not saying this makes everything better, as the user would still have to know what the visual cue's mean. But to say that the UI fails to communicate this is not true.

    • I'm not saying this makes everything better, as the user would still have to know what the visual cue's mean. But to say that the UI fails to communicate this is not true.

      "Communication" is different from "signalling". "Communication" requires understanding on the part of the recipient, or it's not communication.

      If it isn't clear to the user what the color-coding means, then the UI is failing to communicate to the user.

    • There's a fundamental problem there.

      The behaviour changed from and on / off with the button itself unable to do a three way toggle. The result is a user who probably is unable to understand the distinction between disconnected and off, also has the expectation that the button worked like it always did in the absence of an immediate 3rd option.

      Hence what was "communicated" by the interface choice is that "disconnected" is now the replacement for "off". Really shitty from a company that prides itself on easy

    • Re: (Score:1)

      by Vroem ( 731860 )
      Yes, the upside to all this is that we now can disconnect from the current network, until now this had to be done by disabling wifi entirely. Now it will auto reconnect when you go somewhere else.

      For me this actually reflects the way I always used that button: to disconnect from a wifi network and get a faster connection through cellular, only to forget to switch it back on when better wifi is available.

      In the future we there might be no need to disconnect from bad wifi any more thanks to multipath TC

  • Misleading settings (Score:3)

    by Hognoxious ( 631665 ) on Friday October 06, 2017 @12:54PM (#55322369) Homepage Journal

    Misleading settings are bad - period. A thing should say what it does and do what it says.

  • I've disabled the automatic update for the OS.

  • The anti-apple hate here is just ... something else. Two stories on this, really?

    So, on iOS there is this control panel you can access when you swipe up from the bottom of the screen. In there is a WiFi logo, that is normally blue if you are connected to WiFi. If I tap it, it disconnects from the currently connected WiFi network. It's really nice for when I decide "hey, I don't want to access this NSFW thing while on the work WiFi" or "the hotspot in my Car (which has a different carrier then my cell p

    • Some of us dont like things turning themselves back on. If i set something off, i want it off until i personally decide i want it back on. You are making an argument for the lazy and absent minded. Its not hard to remember to turn BT back on...Dont excuse this outright disrespect of the user.

      • Some of us don't like things turning themselves back on. If i set something off, i want it off until i personally decide i want it back on.

        I feel that way about my dick.

    • The anti-apple hate here is just ... something else.

      There may be some hate being spewed, but for the most part those of us who aren't Apple fans (or for that matter Microsoft fans) have neither the need nor the desire to hate.

      We simply go our own way and aren't bothered by products we don't use.

  • My samsung android has a similar feature I can turn off wifi but if I move to a new location it is turned back on. Like what happen just implemented you have to go into a deep menu and change that setting so off means off.
  • My phone constantly reports available networks even with wifi turned off. It's Galaxy S7.

  • Newer versions of Android do not turn off Wi-Fi when you switch it off, the switch is just used to disconnect you. There is a setting that will re-enable WiFi when you come within range of a trusted hotspot (eg your home network). I've found it useful as occasionally I'll turn off WiFi when the free offering at a place is not working properly, and then forget to turn it back on when I leave.

    If you REALLY want it all off, you can enable airplane mode and then piecemeal enable things you want (though cell ser

  • The promise of the Apple eco-system was that everything worked together without fiddling, and there were no headaches. That promise is less and less true. More and more the damn things have gotten more buggy, and behaviors change (or get buried) for no obvious reason ("Courage" my ass).

    Most recently the Apple router has occasionally stopped talking to the Apple TV when my Apple iPad is talking to the interwebs. Turn off WiFi (while I still can, since I am still on iOS10) and the Apple TV springs back to

