Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
IOS Iphone Operating Systems Privacy

Why So Many Apps Are Asking To Use Bluetooth on iOS 13 (theverge.com) 51

Apple's new iOS 13 update adds a new privacy measure that requires apps to get your consent in order to use your device's Bluetooth. From a report: After installing the latest version of iOS, trust me when I say you'll be surprised by the number of apps asking for Bluetooth permission the next time you open them. Some might seem very strange (like Dunkin' Donuts in my case), but others probably won't make you think twice about giving the thumbs-up. The reason Apple implemented this is because Bluetooth has enabled companies to sneakily track your location over Bluetooth by using beacons in stores, shopping malls, and even on popular city streets if they're placed within range of a place you'd walk by.

This is entirely separate from your iPhone's location privacy settings, which makes it seem all the more underhanded. A beacon is very easily able to detect your device's Bluetooth chip and log that with a retailer or some other app on your phone. So getting more strict about Bluetooth is a good move by Apple to prevent unwanted tracking of its customers. Similarly, the company is also getting even more transparent about location, showing you on a map how often and where apps have recorded your position. This prompt is much easier to understand, and will probably startle people into slimming down the list of apps that can monitor where they are. As it should!

This discussion has been archived. No new comments can be posted.

Why So Many Apps Are Asking To Use Bluetooth on iOS 13

Comments Filter:
  • they scanned my phone and found out I'd been going to dunking and other coffee shops and kicked my ass in the store

    • Starbucks has plenty of other reasons to not go already. Including hypocrisy, virtue signalling and employee pay issues.
  • Fanboy Contortions (Score:5, Informative)

    by Luthair ( 847766 ) on Thursday September 26, 2019 @02:38PM (#59240278)

    So getting more strict about Bluetooth is a good move by Apple to prevent unwanted tracking of its customers

    Apple literally designed the beacons for tracking, so why applaud them for fixing the problem?

    • by drnb ( 2434720 )

      So getting more strict about Bluetooth is a good move by Apple to prevent unwanted tracking of its customers

      Apple literally designed the beacons for tracking, so why applaud them for fixing the problem?

      Yes, for example so they can be placed around a hospital complex so that an app can help people navigate from one department to another during a visit. Seeing your doctor in one office, blood samples in one lab, x-rays in another, pharmacy for prescriptions, etc.

      • In theory. In practice, zero apps use such indoor navigation to any good effect.
        • There are some in-store shopping apps that do. They can tell exactly where you are in a store, so you're looking at a particular shirt and they can display more info about the shirt and any promotions related to it without a need to tell it which item you're actually looking at.
        • by drnb ( 2434720 ) on Thursday September 26, 2019 @05:53PM (#59240986)

          In theory. In practice, zero apps use such indoor navigation to any good effect.

          In reality I was at a meeting at Apple where members of Apple's healthcare team were working with developers of just such a system regarding how it could be implemented using Apple products.

          The fact remains that such scenarios are an example how Apple sees and promotes beacon technology.

          • by Luthair ( 847766 )
            You're painting an overly rosy picture, at the time apple talked about making apps more location aware and stores giving you offers as they walk by, or stores reacting to you showing up and having an order ready. https://www.theguardian.com/te... [theguardian.com]
      • by AmiMoJo ( 196126 )

        So they were just extremely naive and figured no-one would abuse a system that allows them to track individual's movements with a high level of precision, even to the point of identifying which shelf they are looking at?

  • Why not just tattoo a fucking barcode on our foreheads and be done with all this sneaky shit?

    • Re: (Score:3, Insightful)

      by Njovich ( 553857 )

      Because people are happy to pay good money for devices that they know for a fact to be recording and monitoring them and put all their most private info on them. Those devices are a lot more capable than barcodes.

  • by MagicM ( 85041 ) on Thursday September 26, 2019 @02:41PM (#59240294)

    Bluetooth audio is handled through system settings, is separate from apps, and will continue working for apps that you deny permission for.

    • by jisom ( 113338 )

      Though some 3rd party headphones have apps that do like Sony that allow setting options like on device eq and anc. But even then they will work without the app.

      • by mathew7 ( 863867 )

        I don't know about iOS, but Android 5 (or 6) had switched to listing/scanning Bluetooth LE devices only if location was active. I know because of my connected watch usage (the ones with over 1 month of battery usage). Regular bluetooth (like headphones) were not resticted.

  • (like Dunkin' Donuts in my case)

    I have bad news [slashdot.org] for you....

  • Comment removed based on user account deletion
  • Beacon Listening (Score:4, Interesting)

    by elzurawka ( 671029 ) on Thursday September 26, 2019 @02:52PM (#59240340)

    "A beacon is very easily able to detect your device's Bluetooth chip and log that with a retailer or some other app on your phone."

    Isn't a beacon, be definition sending out the chirps? I'm there there are radio doing listening, but the system i installed (meridian) you install beacons which you phone then listens for to triangular itself on a map. The App then phones home with the location it has determined. This is the opposite of what they described above.

    Most companies are doing what they describe above with WiFi when they look for probe requests.

    • by Luthair ( 847766 )
      The app listens for the chirps and pings a remote server with a unique identifier?
    • Isn't a beacon, be definition sending out the chirps?

      Exactly that. Your device can detect the beacon. The beacon cannot detect your device, and it cannot know that your device detected it. So the author of this article either didn't understand how beacons work, or is intentionally trying to produce panic.

      If there is a million apps using beacons, and you have two of these apps installed, none of these beacons will ever detect you. And only the two apps on your device will detect beacons belonging to these two apps, and no others. And one would assume that e

  • What people aren't seeming to get here about the beacons is they are a great way for a device to recognize when you are at a particular place, without the heaviness and greatly reduced privacy implications of allowing location access.

    Take Duncan Donuts. The app could do useful things for you, like alerting you to specials, if it knows you entered a store. Would you rather it be tracking you 24x7, or that it detects known Duncan donuts bluetooth beacons and reacts to that?

    It's a huge power and privacy win

    • What people aren't seeming to get here about the beacons is they are a great way for a device to recognize when you are at a particular place, without the heaviness and greatly reduced privacy implications of allowing location access.

      LOL you had me for a second. I thought you were being serious.

      • by garote ( 682822 )

        This is serious.

        Almost every smart OR dumb phone out there, with the exception of iOS devices, sends out a consistent identifier to cell towers nearby, and there is a device that business owners can buy and install in their store that is capable of triangulating these requests AND harvesting the unique identifiers within. For a subscription fee to a data service the businesses can then resolve these identifiers to other services, including registered owners of phone numbers, names, billing addresses, Faceb

    • What you should have said "They don't have to track you; they should just make an app that offers you stuff when you open it, instead of an app that tracks you at all."

      For example: they don't need to know where you are if they make an app that offers you a coupon when you open it.

      • For example: they don't need to know where you are if they make an app that offers you a coupon when you open it.

        That can only offer generic coupons, not specials specific to a store.

        Also I find it handier if an app is basically ready to go when I get to a store. I would like the Starbucks app better if it sent a notification when I entered one of their stores because then it would make it more quick to open the app, which sometimes I've forgotten to do by the time I hit the register. Or maybe Siri could

    • by _merlin ( 160982 ) on Thursday September 26, 2019 @10:02PM (#59241468) Homepage Journal

      Are you seriously trying to say that it's better to have to install an app and allow it to use battery looking for Bluetooth beacons or using location services, and pull your phone out of your pocket when you get a notification, than to read a specials board? There's no good reason to install an app for your coffee shop, besides allowing them to slurp up data and send you intrusive ads.

  • by El_Muerte_TDS ( 592157 ) on Thursday September 26, 2019 @03:13PM (#59240420) Homepage

    This is why I have bluetooth disabled, but every iOS update enables it again. It would be nice if operating systems would keep their paws of settings which I changed.

  • Turn Off the Radio (Score:4, Informative)

    by organgtool ( 966989 ) on Thursday September 26, 2019 @03:13PM (#59240422)
    I keep bluetooth disabled on my phone unless I connect to an audio device. As soon as I disconnect the device, I disable bluetooth again. It increases my security, privacy, and my phone's battery life.
    • You aren't increasing your battery life any noticeable amount by turning it off. Modern Bluetooth 5 won't show any additional drain from the occasional scans of nearby devices throughout the day. It'd be amazing to see an extra minute of use with Bluetooth turned off under normal conditions.
    • by antdude ( 79039 )

      I turn off cellular, location, wifi, and BT when not needed. I turn them on when needed.

  • by Stonent1 ( 594886 ) <stonent AT stone ... intclark DOT net> on Thursday September 26, 2019 @03:19PM (#59240434) Journal
    If you turn BT off from the drop down in IOS, it will turn it self on in about a day. The only way to fully keep it off is to turn it off from the main settings screen. Though any IOS update could flip it back on. But if you want it off and to stay off turn it off that way, and revisit it after each update. The same goes for WiFi as well it will also auto turn back on unless you disable it from the main settings menu, not the drop down.
    • by tlhIngan ( 30335 ) <slashdot&worf,net> on Thursday September 26, 2019 @04:19PM (#59240674)

      If you turn BT off from the drop down in IOS, it will turn it self on in about a day. The only way to fully keep it off is to turn it off from the main settings screen. Though any IOS update could flip it back on. But if you want it off and to stay off turn it off that way, and revisit it after each update. The same goes for WiFi as well it will also auto turn back on unless you disable it from the main settings menu, not the drop down.

      And that's because people don't really intend to turn off Bluetooth when they turn off Bluetooth. They really mean "Don't allow Bluetooth devices to connect". This is an important difference because many services do use Bluetooth to operate for proximity detection, like AirDrop, Handoff, etc. Potentially even parts of HomeKit to detect your smart home stuff. Yes, Apple could do a lot of this via the cloud, but it shouldn't need to, so Apple uses Bluetooth for that functionality. Problem is, people turn it off and don't realize they're also disabling many convenience features.

      So the drop down is for the obvious "I don't want any device connecting via Bluetooth", while the one in the Settings app is "I am smart enough to know I do not want Bluetooth on at all even though it may break stuff")

    • For that matter, the same also goes for cell data if you're like me and prefer to use your phone wifi-only. The quick menu buttons are 24 hours by design, though the UI should make this clearer to the user (I think the only one that says anything is actually cell data -- it says cell data will be disabled for 24 hours). Doing it in the settings menu is permanent like you said.
  • Location permission (Score:4, Informative)

    by swillden ( 191260 ) <shawn-ds@willden.org> on Thursday September 26, 2019 @03:54PM (#59240570) Journal

    FYI, this sort of location-tracking is the reason that Android apps must request location permission in order to use Bluetooth. Many app developers who'd like to use the Bluetooth APIs to scan for nearby devices that they'd like to communicate with complain about the fact that they have to request location permissions, because it's not obvious to users that location is related to Bluetooth. But Bluetooth and Wifi device scanning can both reveal the device's location with a high degree of accuracy.

  • by scdeimos ( 632778 ) on Thursday September 26, 2019 @04:55PM (#59240814)

    While everyone's distracted about Bluetooth beacons they're completely ignoring that Wi-Fi exposes you in exactly the same way.

    Wi-Fi devices constantly broadcast their Preferred Network List with the device's Wi-Fi MAC address trying to reconnect to known networks - and there's no app-specific settings that will ever fix this for you.

    • by Dynedain ( 141758 ) <slashdot2&anthonymclin,com> on Thursday September 26, 2019 @05:26PM (#59240904) Homepage

      Apple doesnâ(TM)t allow apps to directly access the WiFi device. Getting the AP names already requires going through the location services APIs for precisely this reason.

      • I think you missed something: it's the operating system doing this, not the apps, and that's why no app-specific setting will ever fix it.

        To fix something like this requires changing how the operating system handles Wi-Fi connections, for example:

        • Put a geo-fence around each WLAN that has been successfully connected to (e.g.: a 1km circle).
        • Consult the device's GPS location on a semi-regular basis (e.g.: once per minute, once per five minutes) to figure out which WLAN(s) could be in range.
        • Only broadcast PNLs
        • by mathew7 ( 863867 )

          Yeah...so I barely use wifi on my phone, even at home. I have enough data to not need it and I've seen the battery life difference on my last phone.

          But I think you have a misunderstanding: no client devices broadcasts a (known) list (BT, WLAN or GSM). Only BT and WLAN tethering broadcast, and it's only their own MAC and name (as they act as stations to other clients). Your known networks are NOT broadcasted. It's for the phone to listen and connect to a known network.

          Now, I'm talking about local broadcastin

        • by AmiMoJo ( 196126 )

          Don't they all randomize the MAC address when sending out queries anyway now? So any logging on the AP end just gets spammed with random MACs unless the user actually connects.

      • Getting the AP names already requires going through the location services APIs for precisely this reason.

        The permissions on the phone are irrellevant. Your phone transits information that makes it trackable over wifi and Bluetooth anytime they're turned on.

    • by _merlin ( 160982 )

      Preferred networks are only broadcast for networks with hidden SSID. This is one of the reasons hiding your SSID is bad for security [howtogeek.com]. If you have no hidden SSID networks configured, the phone will send occasional broadcast probe requests. However, for a few years now both iOS and Android have used randomised MAC addresses for probe requests, and only switching to the real MAC address when connecting to a network.

    • And your cell data is leaking your MAC address to any "cell towers" your phone may try to connect to, including any hosted by rogue elements. If you're that worried about privacy, you may as well turn off any broadcast functionality and only turn on the one you intend to use when you intend to use it. And you'll be "vulnerable" during that period.
    • While everyone's distracted about Bluetooth beacons they're completely ignoring that Wi-Fi exposes you in exactly the same way.

      Wi-Fi devices constantly broadcast their Preferred Network List with the device's Wi-Fi MAC address trying to reconnect to known networks - and there's no app-specific settings that will ever fix this for you.

      And that's why newer iPhones broadcast a fake MAC address until it actually is connecting...

  • ad via a users movements and daily use patterns?
  • The reason Apple implemented this is because Bluetooth has enabled companies to sneakily track your location over Bluetooth by using beacons in stores, shopping malls, and even on popular city streets if they're placed within range of a place you'd walk by.

    But that is exactly the reason for using beacons. To enable an app to detect a beacon, to know that it is near a point of interest to the app, and to react appropriately. The best possible use case would be beacons in a museum, where you step near an exhibit and the app shows you the information about the exhibit. You can call that "tracking" obviously, but in this case it would be the reason why you downloaded the app. This is like ordering things online and not giving them a delivery address for privacy

"The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts." -- Bertrand Russell

Working...