Slashdot Mirror

← Back to Stories (view on slashdot.org)

iOS 11's Misleading 'Off-ish' Setting For Bluetooth and Wi-Fi is Bad for User Security (eff.org)

Posted by msmash on from the things-apple-does dept.

Last month, we covered a story about how turning off Wi-Fi and Bluetooth in iOS 11's Control Center doesn't really turn off Wi-Fi and Bluetooth. EFF has called the situation bad for user security. From the report: Instead, what actually happens in iOS 11 when you toggle your quick settings to "off" is that the phone will disconnect from Wi-Fi networks and some devices, but remain on for Apple services. Location Services is still enabled, Apple devices (like Apple Watch and Pencil) stay connected, and services such as Handoff and Instant Hotspot stay on. Apple's UI fails to even attempt to communicate these exceptions to its users. It gets even worse. When you toggle these settings in the Control Center to what is best described as "off-ish," they don't stay that way. The Wi-Fi will turn back full-on if you drive or walk to a new location. And both Wi-Fi and Bluetooth will turn back on at 5:00 AM. This is not clearly explained to users, nor left to them to choose, which makes security-aware users vulnerable as well. The only way to turn off the Wi-Fi and Bluetooth radios is to enable Airplane Mode or navigate into Settings and go to the Wi-Fi and Bluetooth sections. When a phone is designed to behave in a way other than what the UI suggests, it results in both security and privacy problems. A user has no visual or textual clues to understand the device's behavior, which can result in a loss of trust in operating system designers to faithfully communicate what's going on.

7 of 162 comments (clear)

  1. "UI fails to even attempt to communicate..." by tk77 · · Score: 4, Informative

    Saying the UI doesn't communicate the differences is not entirely true. There is a visual difference in the control center between the radio being "on",m "disconnected" and "off".

    In the normal "compact" control center mode if the device is "disconnected", the icon is displayed with a gray background (blue background is "on"). If the device is "off" the icon has a cross through it. In the expanded view (tap and hold on a button will bring up the expanded view), it will actually say "on", "disconnected" and "off" based on the mode.

    I'm not saying this makes everything better, as the user would still have to know what the visual cue's mean. But to say that the UI fails to communicate this is not true.

  2. Looks to be a copied "feature" from android by will_die · · Score: 3, Informative

    My samsung android has a similar feature I can turn off wifi but if I move to a new location it is turned back on. Like what happen just implemented you have to go into a deep menu and change that setting so off means off.

  3. Re:Does turning off the device work? by Aaden42 · · Score: 3, Informative

    You'll be waiting a long time for that. Myth Busted, and even the FAA has relaxed the requirement.

  4. Re:This isn't so hard people ... by Aaden42 · · Score: 3, Informative

    For those people, there's the switch in Settings that won't turn itself back on. It's in the same place it's always been and does the some thing it's always done. This new switch that looks different in a new place does something different.

    You've always pushed a bright red switch on the right side of the panel to do a thing. One day there's a brand new orange switch on the left side, but the same bright red switch is still in the same place. Perhaps there's a chance the orange switch might do something different than the red one?

    For every time I've come home after a day in flaky WiFi land and forgot to turn WiFi back on until I've sucked down a bunch of LTE data, this is an improvement.

  5. Re:Does turning off the device work? by TheFakeTimCook · · Score: 4, Informative

    Since the battery can't be removed, I'm beginning to wonder if there is any way to turn off wifi AT ALL.

    Yes. Going to "Settings", WiFi , and flipping the "switch" will Turn it off (same with BT); and putting the phone in "Airplane Mode" does, too.

    The only place that it does a "Warm shut-off" is in the Control Panel. And Apple has an (IMHO quite reasonable) explanation as to why that is the case:

    http://www.idownloadblog.com/2...

  6. Re:You'll never know if your phone is off by TheFakeTimCook · · Score: 3, Informative

    Mic is always hot on an iPhone ever since they added "hey Siri" support and all audio recorded is almost certainly sent to Apple to help them train their voice AI. We know that with the iPhone X, the camera will also always be active and scanning for faces.

    Ever wondered why the battery life in new iPhones is so abysmal? Because it's always spying.

    You're dead wrong on the "Hey, Siri" thing. That is decoded ON-CHIP. That's why it required a new model iPhone (with a new SoC) when it was first announced.

  7. Re:You'll never know if your phone is off by TheFakeTimCook · · Score: 3, Informative

    Mic is always hot on an iPhone ever since they added "hey Siri" support and all audio recorded is almost certainly sent to Apple to help them train their voice AI. We know that with the iPhone X, the camera will also always be active and scanning for faces.

    Ever wondered why the battery life in new iPhones is so abysmal? Because it's always spying.

    Same thing for the FaceID. ALL done ON CHIP, in the Secure Enclave IC. NOTHING sent to Apple.

    NOTHING. Not even during "Enrollment". And no FaceID Data available outside of the Secure Enclave chip. They provide a low-res "face tracker" mesh to the outside for Apps to use; but nothing that approaches the resolution of the FaceID data.