Apple Gets Twin Shocks on iPhone, MacBook

Apple Gets Twin Shocks on iPhone, MacBook

Over the past four months, Tim Cook was a happy soul. Apple’s iPhone 11 series had done remarkably well in the market whereas there were question marks on parallel launches of both the Pixel series as well as Samsung’s marquee blockbuster Galaxy Fold as both were considered unsafe on the privacy front due to some issues with their voice and biometrics features.

However, when security expert Brian Krebs broke the story about how the iPhone 11 Pro was sending out user’s location in spite of the Location Services being disabled, he was actually questioning the privacy policy around which Tim Cook has sought to assume moral high ground as rivals Google, Amazon, Facebook and others struggle with data security and privacy battles.

A report published in Forbes suggests that Krebs actually shows how GPS data is collected even when location services are disabled via settings. “This happens even when a user has set their location services toggle to Never,” the report says adding that the issue wasn’t present on the iPhone 8, which makes it obvious that it is related to hardware that was brought in to support Wi-Fi 6.

The article quotes from Apple’s much-vaunted privacy policy which says that the company “will periodically send the geo-tagged location to nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple to be used for augmenting this crowd-sourced database of Wi-Fi hotspot and cell tower locations.

Krebs claims that since turning off location-based system services isn’t possible for some applications that request systems data and cannot be disabled by users without completely turning off location services. In other words, for an application like the Map, the system would be sending out locations and the only way to turn it off would be to turn off location services for Maps itself.

And just when Apple was grappling with this googly came the news that the latest MacBook Pro was facing unexpected shutdown problems on the entry-level 13-inch model, specifically when the machine hits between 25-50 per cent of its battery life and gets turned on only when the user connects it to the charger.

[[{“type”:”media”,”view_mode”:”media_large”,”fid”:”35024″,”attributes”:{“alt”:””,”class”:”media-image”,”typeof”:”foaf:Image”}}]]

The company has since issued a support document on how to handle the matter. And the answer isn’t something that please many MacBook users, given that it asks users to connect to a power device when the charge drops below 90 per cent (Yes! You read that right), quit all applications and allow the machine to charge for eight hours in sleep mode. Thereafter, update the latest version of macOS and voila, things would be fine, the document says. And, if it doesn’t – contact Apple Service!!!

Sounds rather bizarre that the company’s latest offering should have a problem around an area that has been its core strength for ages. This one is for Tim Cook to solve as unlike the iPhones the Macs have always been rather robust with its battery function.

Coming back to the issue around the iPhone 11 Pro security, Apple told Krebs that it was “expected behavior” and that there were no security implications around the device sending out location despite not being asked to. This response made Krebs assume that some system services were querying the location and two days after the story broke, it seems the security expert was right.

The company is now claiming that newer iPhones use an ultra-wideband technology which provides spatial awareness to figure out the presence of other ultra-wideband devices. The company has claimed only one use for this technology – in the AirDrop feature as seen in Apple’s Newsroom statement when the iPhone 11 series was launched. Check out the Additional Features section in this statement for more details. Some experts are claiming that this could be a part of the company’s highly anticipated tag-locating feature that has been rumored for some time now.

Be that as it may, the question still remains why Apple didn’t make the announcement upfront and why it had initially dismissed Krebs through a mere tweet? The only statement that this writer found from Apple was given to TechCrunch.com which quoted the spokesperson as saying that “Ultra-wideband technology is an industry standard technology and is subject to international regulatory requirements that require it to be turned off in certain locations” and that “iOS uses Location Services to help determine if an iPhone is in these prohibited locations in order to disable ultra-wideband and comply with regulations.”

The spokesperson further clarifies that the management of ultra-wideband compliance and its use of location data is done entirely on the device and Apple is not collecting user location data. In a tweet, Will Strafach who works on iOS firewalls said he found no evidence of data being sent to remote servers though he questioned Apple on why they couldn’t assuage the fears of users directly.

By remaining silent and even brushing aside concerns raised by Krebs’ experiments, Apple only dug itself into a precarious position, one that its latest explanation doesn’t completely assuage.

On his part, Brian Krebs seems convinced now. In his blog post, he shares the above information and adds that “Apple says it plans to include the option of a dedicated toggle in System Services to disable the UWB activity in an upcoming update of its iOS operating system, although it didn’t specify when that option might be available.”

And yet, he’s unsure about two points – (a) the number of countries where ultra-wideband isn’t permitted is relatively small and (b) do these period checks unnecessarily drain out batteries?

Maybe, Tim Cook can give a straight answer on these questions and save some of the credibility that he lost on that privacy edifice that he so assiduously built.

(Tags: Apple, iPhone Pro, MacBook 13, Security, Brian Krebs, Ultra Wideband) 

8
Like
Save

Comments

Comments are disabled for this post.