Native App Privacy
Full Title and Meme
An application that is installed on a user's computing device can be given access to some parts of user Privacy.
Context
- This is a companion document to Native App Security
- The first of the Laws of Security tell us that when an attacker gets to run their code on your computer, it is not longer just your computer any longer.
- There are two parts to Privacy (the right to be let alone) that are should be subject to User Consent on a portable computer device, like a Smart Phone:
- User Private Information that we would like to be able to share only with permission. This is the Information Sharing that is regulated by the GDPR and the California Consumer Privacy Act of 2018.
- Attention, or just how annoying do we want a device in our immediate possession to be? (The regulation of user notifications is less clear.)
- Android App list of Data Categories that require User Consent. https://support.google.com/googleplay/answer/6270602?hl=en
- Apple iPhone App Requesting Permission: https://developer.apple.com/design/human-interface-guidelines/ios/app-architecture/requesting-permission/
- Apple iPhone app Requesting Authorization to use System Features: https://developer.apple.com/documentation/uikit/core_app/protecting_the_user_s_privacy
- Apple CKContainer manages all attempts to access user data on the device or in iCloud. https://developer.apple.com/documentation/cloudkit/ckcontainer
- Windows (UWP) settings are on all Windows 10 computers, but do not seem to be shown anywhere on their documentation. Just navigate start -> settings -> privacy -> app settings.
- On the very first page NIST SP 1800-22A points out, especially for BYOD, that
An ineffectively secured personal mobile devicebvcould expose an organization or employee to data loss or a privacy compromise
Problems
- Each company that creates a set of privacy settings does so independently without any coordination or common language.
- Each company puts a majority of their settings under the settings tab, but then there are other setting that occur in other locations.
- Each company also supplies an "Identity Server" that provide, Apple ID, Google ID and Microsoft ID that have a rich history of providing other services, especially email.
- Each of those ID offerings are slightly different and are responsible for the Data Sharing part of privacy.
Solutions
In spite of all the problems, the actual results are quite good as the following table shows. If a User is familiar with one service, they are likely to understand the other, at least until the Identity Server function comes into play. This table could serve as the starting point for a taxonomy of common definitions of the areas where consumer privacy could be controlled.
Note that SMS is easy to hijack and should not be used for security purposes.
| iPhone | Android | Windows |
| yes?? |
yes?? |
Accnt Info |
| Bluetooth | Radios | |
| always | always | Background |
| Calendar | Calendar | Calendar |
| Camera | Camera | Camera |
| Contacts | Contacts | Contacts |
| ?? | ?? | |
| Health | yes?? | |
| Health+ | ||
| Home | ||
| File access | ||
| Location | Location | Location |
|
Mic |
Mic |
Mic |
|
Motion |
Body |
|
|
Music |
||
|
Phone |
||
|
Call History | ||
|
yes?? |
yes?? |
|
|
Photos |
||
|
Purchases |
Purchases |
Purchases |
|
Reminders |
||
|
Siri |
||
|
SMS |
Messaging | |
|
Speech |
||
|
Storage |
||
|
Tasks | ||
|
TV |
||
|
Other Devs | ||
|
Diagnostics | ||
|
safari |
chrome |
File D/L |
| non-persist | ||
| DNT |
File access |
