→ iOS 11’s Misleading “Off-ish” Setting for Bluetooth and Wi-Fi is Bad for User Security

October 06, 2017
View original at eff.org →

As always, the EFF does an amazing job of pointing out a major privacy issue, this time with iOS 11’s radios not being fully shut off via the switches in control center. The obvious negatives are a misleading UI and battery usage, however there is another issue that I’m surprised this EFF article doesn’t touch on: passive location tracking of users using their Bluetooth and Wifi radios.

In the last few years retailers have begun implementing in-store analytics in order to track customers as they enter/exit the store using their smartphones’ radios. This technology is essentially the equivilent of a tracking cookie on a website; allowing retailers to see when you’ve visited the store and even where you went within the store during your stay. For the record, I’ve seen one of these systems in action firsthand – it’s like watching the Maurader’s Map from Harry Potter.

Retailers aren’t the only ones tracking you: there’s also the London Underground, Alphabet’s LinkNYC (which even has an ACLU statement regarding its privacy issues), and, if you work for a large enterprise, your office network.

The ability to easily disable your Wifi/Bluetooth radios was users’ first line of defense against this type of tracking. It’s unfortunate Apple chose to jeopardize user privacy by switching to this behavior, as they’re otherwise doing a reasonably good job protecting users’ privacy. Perhaps with enough outcry from customers they’ll offer a way to disable this behavior in a future update.