iPhone Sensor Surveillance

The new iPhone has a motion sensor chip, and that opens up new opportunities for surveillance:

The M7 coprocessors introduce functionality that some may instinctively identify as "creepy." Even Apple’s own description hints at eerie omniscience: "M7 knows when you’re walking, running, or even driving…" While it’s quietly implemented within iOS, it’s not secret for third party apps (which require an opt-in through pop-up notification, and management through the phone’s Privacy settings). But as we know, most users blindly accept these permissions.

It all comes down to a question of agency in tracking our physical bodies.

The fact that my Fitbit tracks activity without matching it up with all my other data sources, like GPS location or my calendar, is comforting. These data silos can sometimes be frustrating when I want to query across my QS datasets, but the built-in divisions between data about my body ­-- and data about the rest of my digital life -- leave room for my intentional inquiry and interpretation.

Posted on October 16, 2013 at 7:33 AM • 33 Comments

Comments

AspieOctober 16, 2013 8:07 AM

@NobodySpecial
When I lived there it certainly seemed to be. :)

I thought this ability was already included - I've seen a shotgun app that responds to the 'phone being shaken up and down (put one up the spout) and drawn back (pull the trigger). The wikipedia page on accelerometers mentions a number of 'phones with this capability.

How is this new?

bruce godinOctober 16, 2013 8:13 AM

do you know if the data the m7 tracks and collects is sent to apple? wish there was a way to turn it off.

off-topicOctober 16, 2013 8:24 AM

TrueCrypt audit project has kicked off on indiegogo and fundfill: istruecryptauditedyet.com

BystanderOctober 16, 2013 8:44 AM

The important phrase here is "...without noticeable drain on the battery..."
You could use the motion sensors on various smartphones before, but you see the battery drained quickly.
Now there is no way to know as there is no noticeable difference if this is used by an app or not.

AspieOctober 16, 2013 8:58 AM

@Bystander
I missed that.

I thought that accelerometers were implemented in solid state utilising the Sagnac effect on a ring laser. Hmm.

Clive RobinsonOctober 16, 2013 9:02 AM

@ NobodySpecial,

    Would taking exercise necessarily be regarded as an un-american activity?

I guess it depends mainly on where you live and the time of day...

For instance "jogging" early morning marks you down as being in one socio economic group which also means that you are more likely to be a victim of crime.

And "running" for short distances at odd times of the day is a likely indicator you have involvment in street crime.

Certain types of movment such as walking up and down stairs and standing and moving small amounts when working indicate you are probably going to live a lot longer and with lower injury than either the sedintary (sofa wallowers) or hyperactive (Adrin junkies).

There is quite a bit of research in the UK currently about uing "pedometers" as indicators of health both long and short term. Especialy when it comes to HIT (high intensity training) and other types of excercise. It appears that as little as 1min a day of HIT backed up by low impact walking stair climbing and standing is better than most other forms of excercise regimen.

I suspect that corparate "health industry" will offer discounts for those who allow access to such sensors in the same way as vehical insurance can be less for those that agree to have GPS tracking...

And of course the problem with that will be the "one size fits all" issue as seen with "credit points" systems that assess you against answers you give to questions as opposed to past credit history etc (I'm a realy bad risk under one and realy good risk under the other, so I'll let you guess what I think of the idiocy involved ;-)

But we've seen it bleed across into the medical industry, the dred BMI being one where world class sports/athaletes are marked as being obease by BMI but actually have 5% or less body fat (oh and the moving of the obease value down by 5% appears to be a cynical ploy by the Health insurance industry to increase profits...). Then there was the AMA recomendations for controling type II diabeaties of "Loadem with carbs and jackem up on insulin" is going to have only one likely outcome of early mortality... Oh and the one diet fits all of 60% carb intake is based on studies on people with a such a nutritionaly limited diet their hight is stunted...

Yup surveilance of something as simple as daily physical movment has all sorts of evil purposes classifing people in ways that are getting corporate executive hands rubbing in glee at new profit streams whilst the rest of people are not yet ready to contemplate the horrors to be...

NobodySpecialOctober 16, 2013 11:15 AM

@Aspie "North Seeking Gyros" are, but they are still expensive and small ones are subject to export controls.

The acceleramoters and inclinometers (which you need to resolve the data from the 3axis digital compass) are normally silicon micro balances. A tiny mass on an etched arm which bends and changes its resistance/capacitance

NobodySpecialOctober 16, 2013 11:17 AM

@aspie - forgot to add. The latest solid state ones actually mechanically "ring" a silicon loop and the standing wave created stays in the same direction as the device turns. This uses a lot less power than a ring laser

CallMeLateForSupperOctober 16, 2013 12:06 PM

I wonder if the accelerometer could be disabled. Without bricking the phone, of course. The evil engineer in me wants to do it and then watch/listen for fallout, i.e. someone checking into how the phone moves between locations but never accelerates. :-)

I would never actually do it; iPhone - like all other i-devices - is i-wateringly expen$ive.

TimOctober 16, 2013 12:15 PM

Body state monitoring allows for deeper behavior modification, such as for advertising or political indoctrination purposes.

The somatic marker hypothesis applies here:

From https://en.wikipedia.org/wiki/Somatic_marker_hypothesis

"When individuals make decisions, they must assess the incentive value of the choices available to them, using cognitive and emotional processes. When the individuals face complex and conflicting choices, they may be unable to decide using only cognitive processes, which may become overloaded.

In these cases (and others), somatic markers can help decide. Somatic markers are associations between reinforcing stimuli that induce an associated physiological affective state."

John CampbellOctober 16, 2013 3:13 PM

@Coyne Tibbets

Actually, the NSA may collect it, but it is being forwarded to Michelle-- and whoever is operating Obamacare-- as a measure of whether enough people are compliant with exercise regimens (I'm sure the accelerometers can tell the difference between a walk, jog or "ride").

Heck, imagine, in a dragnet, that phones can be asked if the person they're riding on is "running" or not. (Imagines "enhanced reality" 3-D glasses where phone sources are displayed with motion vectors for the LEO folks to see.)

Bling-Bling!

When these features are plugged into idiophones that have no smart-phone capabilities, you'll know that LEOs are getting desperate.

Maybe I shoulda filed a patent on the above visualization idea...

-nukie

GkpmOctober 16, 2013 3:22 PM

Are we forgetting that smartphone apps were already collecting this data before the M7?

That's how all the running and cycling apps worked, plus GPS, transit app, shopping apps...

The M7 just saves a lot of battery.

AspieOctober 16, 2013 3:29 PM

Aside from what @Clive Robinson has suggested (which, Clive, all due respect, requires dates and times and GPS location information to be remotely useful <tinhat>assuming the mark is not being triangulated via service cells</tinhat> what can be the possible surveillance fallout from knowing the 'phones physical movements besides invalidating insurance claims ("I dropped it ‽").

Aside though, in terms of activity:
(3) High: Sell 'em sports/hiking equipment & GPS beacons (if the irony of that last is lost on them)
(2) Medium: Sell 'em jumpers and gym memberships
(1) Low: Sell 'em discount pizza vouchers and gym memberships.

dragonfrogOctober 16, 2013 3:44 PM

@Gkpm - True, there were apps that collected this data - but you knew when the data was being collected, because the battery ran down fast.

The thing with M7 is that it's being collected all the time. Rather than giving apps permission to collect data that wouldn't otherwise be collected you will give them permission to see data that is being collected whether we like it or not.

So, for instance, if you're carrying an iPhone, and are involved in some legal matter where a record of your physical movement is relevant (a car accident, say, or a fight) the phone could be seized as a personal "black box" recording. And once your phone is entered in evidence, anything on it could become fair game - your text messages, web history, selection of installed apps, personal photographs, all used to impugn your character.

Not to mention, if the collection is happening no matter what, that's one more thing we have to trust [Apple|Samsung|HTC|Motorola|Google] to properly secure, one more area where we have to trust them to keep our privacy interests sufficiently at heart that they wouldn't sell us out for an extra dime a year, one more thing for the NSA or FBI to pressure them for in next year's bulk surveillance nightmare.

kashmarekOctober 16, 2013 3:46 PM

We need perhaps a hundred million of these phones to just get passed around person to person, bike to bike, car to car, train to taxi to plane, etc. so they do nothing but generate terabytes of data that are worthless. Oh, in between, they can get used. Of course, that will spawn a law that makes it illegal to "share" your device with others (i.e., your passwords, your fingerprints, your iris scans, you DNA, yadda yadda yadda).

AspieOctober 16, 2013 3:59 PM

@NobodySpecial
... subject to export controls...

Fat lot of good that did the NSA vis-a-vis PGP.

Moreover how does (attempting) limiting the realisation of the laws of physics actually advantage one party over another. We're in the closest race ever and the "enemy" is likely not only to outpace us but to use our discoveries to do so. Wouldn't cooperation be a better option?

Marco BOctober 16, 2013 4:02 PM

"But as we know, most users blindly accept these permissions."

Any application asks for full access to the phone, or it simply won't run. GPS is the only exception I can think of, and mostly because it drains the battery.
The problem is then that everybody from whatsapp to angry birds will be collecting this information, and soon or later they will figure out how to use it.

BystanderOctober 16, 2013 4:21 PM

Besides the obvious uses already present as apps, the movement of a person provides a lot more information.
GPS tracking is still difficult within a building, so detecting motion helps to establish if the person was:
Just strolling around.
Moving quickly to one destination
Did not move for a while
Any combination of the above.

Think of your own habits and motion patterns while shopping, doing administrative things, meeting one or more persons etc.

This is not very precise, but might be still more than you would liked to be known publicly.

kingsnakeOctober 16, 2013 5:24 PM

I wonder if they could motion detect me throwing double middle fingers in the direction of Ft. Meade ...

FredOctober 16, 2013 5:47 PM

Anyone hear of that story a while back wherein this fellow's wife got a hold of her hubby's exercise data and noticed all the cardio he was getting when he was supposed to be working late or home asleep in bed? Yup. Affair. Followed by divorce.

ScottOctober 16, 2013 5:48 PM

How much data do you need to determine these activities? If it is a lot of data, logging or transmitting it all is going to be very noticeable in space used, so you would have to process it on your phone analyzing it to determine your activities in real time, but I would imagine that the processing would have to consume a lot of power as well.

GkpmOctober 16, 2013 5:49 PM

@dragonfrog

A well designed app that doesn't poll the GPS constantly would not drain the battery that much, I doubt the user would understand there was something odd going on. For example see the Google Field Trip app that tracks where you are
to provide local information (and obviously shares your location with Google)

The M7 doesn't store a GPS location and the accelerometer data it has isn't enough to locate you in time, no one can use to place you with any degree of precision. Certainly not better than cell tower triangulation that mobile carriers store.

If you're involved in a car accident the airbag accelerometer will be better, more robust, evidence and already accepted in court.

@Marco B

Unlike Android, iOS users can reject specific permissions including access to motion data without interfering with the rest of the functionality. The apps still run.

John CampbellOctober 16, 2013 6:06 PM

Another little "hidden" app: a Phone Voice Recorder (like a Cockpit Voice Recorder) that retains up to the last 15-30 minutes of everything the microphone can collect... which can be frozen by a command from the local tower(s), allowing LEOs to collect evidence.

No 5th Amendment there! The PHONE collected the evidence.

Heck, a remote way to scoop out any voice notes-- there's an app to help you record such things-- might be ANOTHER exploit.

(sighs)

I really really hope that this kind of crap is NOT happening... but who could tell if it is?

I'm not usually big on aluminium-foil hats but there's an awful lot of capability in these damn little surveillance robots.

As always, the REAL problem is not that some spooky agency has the keys... the real problem is that these keys WILL LEAK...

(shrugs)

This kind of reminds me of the points that Brunner's "Shockwave Rider" was trying to make about privacy...

65535October 17, 2013 3:45 AM

Hum…

[Gizmodo]

“Dear Fitbit Users, Kudos On the 30 Minutes of "Vigorous Sexual Activity" Last Night
Fitbit users beware: The details of your sexual tryst last night—all vigorous, 15 minutes of it (21 calories burned!)—has probably been broadcast for all the Internet to see…”

“…did a quick Google search just now and there were 12 pages worth of results. Some of you are quite active! Best change your profile settings from their default and incredibly voyeuristic "public" setting to something a bit more modest...or maybe you knew the whole time?” -Gizmodo

See Gizmodo

@dragonfrog

I agree.

“So, for instance, if you're carrying an iPhone, and are involved in some legal matter where a record of your physical movement is relevant (a car accident, say, or a fight) the phone could be seized as a personal "black box" recording. And once your phone is entered in evidence, anything on it could become fair game - your text messages, web history, selection of installed apps, personal photographs, all used to impugn your character.”

Moving to another issue, I hate to say it but the GPS or other geo-location tools can be weaponries by the government. The GPS tools can spy on civilians; locate them and probably kill if needed. Geo-location is a hot button issue. Geo-location “meta-data” is very risky. These GPS/geo-location tools should be “opt-in only” type of tools for US civilians or cloaked from the military.

Police StateOctober 17, 2013 12:22 PM

If you want to disable this attack surface on Android the best way is through the SEAndroid intent mac, which can block any apps trying to get access to accelerometer data through intents. Can also revoke permissions of anything that wants access to it.

dragonfrogOctober 17, 2013 4:15 PM

@Gkpm
...and the accelerometer data it has isn't enough to locate you in time, no one can use to place you with any degree of precision. Certainly not better than cell tower triangulation that mobile carriers store.

@65535
I hate to say it but the GPS or other geo-location tools can be weaponries by the government.

Let me reiterate - I'm not talking about location data, I'm talking about movement data. Individual bodily movements. Cellphone accelerometers are sensitive enough that they make functional keystroke loggers - from your pants pocket they can tell if you're pressing a key with your left or right hand. They are incredibly sensitive, which could make them incredibly powerful tools in court. The problem is, once you've admitted a phone as evidence of physical movements during a particular minute of someone's life, how to you exclude all the rest of the data from court consideration?

As in: Who threw the first punch? Is he telling the truth when he says he tried to run away and resorted to fighting only when he was cornered? There was an always-on accelerometer in his pocket, it will tell us everything.

If you're involved in a car accident the airbag accelerometer will be better, more robust, evidence and already accepted in court.

That assumes you're interested only in the movement of a car.

As in: Was the driver distracted by reaching for something on the back seat in the moments before the collision? An airbag accelerometer won't record that, but an always-on accelerometer in their jacket pocket will.

As in: Did the pedestrian run out in front of the car, as the driver claims, or did she stop, look both ways, and walk into the crosswalk, as the pedestrian claims? An always-on accelerometer in her purse will tell us exactly the answer.

And then, admitted as evidence in court, is a device that increasingly has a record of your whole life on it.

Mike the goatOctober 19, 2013 12:12 PM

dragonfrog: there was a paper a while back on using an iPhone in such a capacity. When considering words of more than a few characters they had around 80% accuracy at logging keystrokes just from an iPhone sensor left on the desk.

Mike NomadOctober 20, 2013 1:48 AM

Sounds like I need to start housing my phone in a lead/copper foil lined OtterBox, taking the phone out only to make calls, etc. when fully stopped at a given location.

Mic recording, blah blah still happens, and they can connect the dots (location pop-ups) and attempt to predict next location. Oh, and pound a lot of sand.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..