by Kevin

Broken Trust

Apple’s iOS team has had a pretty stellar record of secure designs and security-minded intent for a long time now. Android has never been a trustworthy system, and Google doesn’t care. Thanks to the “wutan-flu” as the kids call it, both are leaving vulnerabilities unpatched on purpose and tracking us.

Google did this BEFORE the joint announcement of Google and Apple working on APIs for contract tracing. They did not ask users consent, users didn’t even know this could be done until the datawas already gathered and the report published.

April 3, 2020 – Google’s announced report based on data it had already been gathering for who knows how long: https://www.blog.google/technology/health/covid-19-community-mobility-reports

April 18, 2020 – Google and Apple announce partnership to produce APIs for contract tracing. https://www.wired.com/story/apple-google-bluetooth-contact-tracing-covid-19/

The Bluetooth vulnerabilities are critical, but since the companies can make money from tracking us, they won’t be fixing them any time soon. https://www.zdnet.com/article/contact-tracing-apps-unsafe-if-bluetooth-vulnerabilities-not-fixed/

All this has been a waste of time, as people aren’t installing the apps that use these APIs. https://www.forbes.com/sites/zakdoffman/2020/05/22/contact-tracing-apple-google-coronavirus-security-update-android-iphone/#496197251d59

I refuse to update my phone to 13.5 or higher because they’re tracking users without consent, leaving vulnerabilities open, colluding with Google to compromise our privacy and security, and creating unused APIs for apps to track people. A malicious app could be installed which takes advantage of the APIs and the Bluetooth problems.

Obviously the FBI must be loving this “feature” to instantly trace a baddie’s circle of contacts. Just as with the end-to-end encryption debate, once that backdoor is created, there’s just no guarantee that it can’t be used maliciously. Apple & Google did this on purpose, which I would expect from Google, but Apple? Such betrayal will not soon be forgotten.