Stories with Tag Mobile Security

• Experimental release of GrapheneOS for Pixel 9a

  permalink

  Posted: 2025-04-13 01:05:31

  Verbose tl;dr

  GrapheneOS, a privacy and security-focused mobile operating system, has released an experimental build for the Pixel 9a (codename "bluejay"). This release marks initial support for the device, but is considered experimental and may have some instability. Users are cautioned that this build is not yet suitable for daily use due to the potential for bugs and incomplete features. While core functionality like calls, messaging, and camera access should work, further testing and development are ongoing before it reaches a stable, recommended state. The announcement encourages users to report any issues they encounter to help improve the build.

  GrapheneOS, a privacy and security-focused mobile operating system based on the Android Open Source Project (AOSP), has announced the experimental release of their operating system for the Google Pixel 9a (codenamed "bluejay"). This release signifies an expansion of GrapheneOS's device support and provides an option for users specifically interested in utilizing the Pixel 9a hardware with a hardened operating system prioritizing privacy and security.

  While designated as "experimental," this release represents a significant step towards official support. The announcement emphasizes that the core functionalities are largely working as intended. However, the "experimental" label indicates that the software may still contain undiscovered bugs or require further refinement before being considered fully stable for everyday use by the average consumer. The developers are actively encouraging user feedback and bug reports to facilitate this refinement process and expedite the transition from experimental to stable status.

  The post also highlights the integration of the latest modem firmware from the June Android Security Bulletin, underscoring the project's commitment to maintaining up-to-date security protections. This focus on promptly incorporating security patches is a key aspect of GrapheneOS's overall security posture.

  Users interested in trying the experimental build are directed to the official GrapheneOS website for detailed installation instructions. The developers caution against installing this build if a user relies on the Pixel 9a as their primary device due to the potential for unforeseen issues associated with experimental software. This recommendation highlights the importance of understanding the risks involved with pre-release software and suggests waiting for a stable release for mission-critical devices. The post further emphasizes the importance of reviewing the provided installation instructions carefully before proceeding to minimize the chance of encountering problems during the installation process.

  • GrapheneOS
  • Pixel 9a
  • Android
  • Mobile Security
  • privacy
  • Operating System
  • Experimental Release
  • Software

  Summary of Comments ( 166 )
  https://news.ycombinator.com/item?id=43669185

  Verbose tl;dr

  Hacker News users discussed the experimental Pixel 9a GrapheneOS release, expressing excitement but also caution. Several praised GrapheneOS's security focus and the expansion of supported devices. Some questioned the practicality of using a less mainstream OS and potential compatibility issues with apps. The discussion also touched on the challenges of maintaining a hardened OS and the trade-offs between security and convenience. A few users shared their positive experiences with GrapheneOS on other Pixel devices, while others raised concerns about the "experimental" tag and potential bugs. Overall, the sentiment was positive but tempered with pragmatic considerations.

  The Hacker News post titled "Experimental release of GrapheneOS for Pixel 9a" has generated a moderate number of comments, mostly focusing on the practical implications of using GrapheneOS on the Pixel 9a and comparisons to other privacy-focused operating systems like CalyxOS.

  Several commenters discuss the trade-offs between security and usability. One commenter notes the inconvenience of needing a secondary device for initial setup and questions the necessity of this requirement. This sparks a small thread discussing the rationale behind it, with others explaining that it's a security measure to prevent compromised host devices from interfering with the installation process.

  Another significant thread revolves around the comparison between GrapheneOS and CalyxOS. Commenters delve into the nuances of their differing approaches to security and privacy. One commenter argues that CalyxOS offers a more user-friendly experience while still providing robust security, while another counters that GrapheneOS prioritizes hardening at a lower level, making it a more secure, albeit less convenient, option. The discussion touches on specific features like microG and the availability of banking apps, highlighting the practical considerations for users choosing between the two.

  A few comments also mention the Pixel 9a's hardware limitations, particularly regarding its modem, and how these might impact the overall performance and security of GrapheneOS on the device.

  Some users express interest in the experimental release and inquire about specific aspects like camera performance and battery life. However, as the release is experimental, concrete answers are limited.

  While there isn't an overwhelming number of comments, the existing discussion provides valuable insights into the perceived advantages and disadvantages of GrapheneOS on the Pixel 9a, focusing particularly on the balance between security, usability, and the practicalities of daily usage compared to alternatives like CalyxOS. The thread also highlights some of the technical limitations imposed by the Pixel 9a's hardware.

• Everyone knows all the apps on your phone

  permalink

  Posted: 2025-03-29 21:26:32

  Verbose tl;dr

  The post "Everyone knows all the apps on your phone" argues that the extensive data collection practices of mobile advertising networks effectively reveal which apps individuals use, even without explicit permission. Through deterministic and probabilistic methods linking device IDs, IP addresses, and other signals, these networks can create detailed profiles of app usage across devices. This information is then packaged and sold to advertisers, data brokers, and even governments, allowing them to infer sensitive information about users, from their political affiliations and health concerns to their financial status and personal relationships. The post emphasizes the illusion of privacy in the mobile ecosystem, suggesting that the current opt-out model is inadequate and calls for a more robust approach to data protection.

  The author, Bee, posits that the perceived privacy surrounding the applications installed on one's smartphone is largely illusory. While individuals may believe that the specific collection of apps they utilize is a personal and concealed detail, Bee argues that this information is, in actuality, readily discernible, or at least highly inferable, by a surprisingly large number of people. This apparent paradox arises from several converging factors.

  Firstly, Bee elucidates the pervasive nature of data collection and sharing within the mobile application ecosystem. Applications frequently request and obtain permissions to access a user's contacts, location, and other sensitive data. This data, often aggregated and anonymized (or pseudonymized), is then shared with advertising networks and data brokers. Consequently, even without explicitly divulging which apps one uses, the digital footprints left behind paint a remarkably accurate picture for these third-party entities.

  Secondly, Bee highlights the power of contextual clues and social observation. Conversations, both online and offline, inadvertently reveal information about the apps an individual uses. A casual mention of using a specific feature, a notification that appears on the screen during a social interaction, or even the simple act of pulling out a phone to perform a specific task can provide observant individuals with clues as to the apps in use. Over time, these seemingly insignificant pieces of information coalesce to form a comprehensive understanding of an individual's app usage.

  Furthermore, the author emphasizes the influence of social circles and shared interests. People tend to gravitate towards similar apps as their friends and colleagues. Recommendations, shared experiences, and the desire to participate in group activities within specific app ecosystems contribute to a degree of homogeneity in app usage within social groups. Therefore, knowing the apps used by one individual can often provide a reasonable basis for inferring the apps used by others within their social network.

  Finally, Bee touches upon the prevalence of default apps and pre-installed software. Many smartphones come pre-loaded with a suite of applications that are widely used. While users have the option to remove or replace these, a significant portion of the population retains and utilizes them, making it statistically likely that any given individual has at least some of these common apps installed.

  In conclusion, Bee contends that the notion of app usage being a closely guarded secret is a misconception. Through a combination of data collection practices, social observation, shared interests, and the prevalence of common applications, the apps on one's phone are, to a significant extent, knowable by others, whether they be data aggregators, close acquaintances, or even casual observers. This challenges the assumption of privacy surrounding app usage and underscores the pervasiveness of data leakage in the modern digital landscape.

  • privacy
  • Mobile Apps
  • Data Collection
  • surveillance
  • tracking
  • digital footprint
  • app permissions
  • Data Privacy
  • smartphone security
  • User Data
  • online privacy
  • Mobile Security
  • data mining
  • big data
  • Analytics

  Summary of Comments ( 392 )
  https://news.ycombinator.com/item?id=43518866

  Verbose tl;dr

  Hacker News users discussed the privacy implications of app usage data being readily available to mobile carriers and how this data can be used for targeted advertising and even more nefarious purposes. Some commenters highlighted the ease with which this data can be accessed, not just by corporations but also by individuals with basic technical skills. The discussion also touched upon the ineffectiveness of current privacy regulations and the lack of real control users have over their data. A few users pointed out the potential for this data to reveal sensitive information like health conditions or financial status based on app usage patterns. Several commenters expressed a sense of resignation and apathy, suggesting the fight for data privacy is already lost, while others advocated for stronger regulations and user control over data sharing.

  The Hacker News post "Everyone knows all the apps on your phone" (linking to a Substack article about app usage data collection) generated a lively discussion with several compelling comments.

  Many commenters discussed the technical mechanisms behind this data collection, pointing out that it goes beyond simply tracking app store downloads. Several highlighted the role of "device graphs," which link together various devices and online identities belonging to the same individual through sophisticated cross-referencing of information like IP addresses, advertising identifiers, and shared accounts. This allows companies to build a comprehensive picture of a user's app usage even across different devices. Some elaborated on how this data is packaged and sold, emphasizing the scale and pervasiveness of this practice.

  A recurring theme was the lack of genuine informed consent. Commenters argued that the current opt-out mechanisms are often buried in complex privacy policies or presented in a way that discourages users from exercising their choices. Some expressed skepticism about the effectiveness of privacy-focused operating systems or VPNs in fully mitigating this tracking, given the sophisticated techniques employed by data brokers.

  Several commenters discussed the implications of this data collection, ranging from targeted advertising to potential misuse by governments or malicious actors. Some raised concerns about the chilling effect this surveillance could have on freedom of expression and association. The potential for discrimination based on inferred characteristics from app usage was also mentioned.

  A few commenters offered practical advice on mitigating this tracking, such as regularly clearing advertising identifiers and being selective about the permissions granted to apps. However, there was a general consensus that individual efforts are insufficient and that stronger regulatory measures are needed to address the systemic nature of this data collection.

  Some of the more compelling comments included specific examples of how this data is used, anecdotes about unexpected data linkages, and technical deep dives into the methods employed by data brokers. The discussion also touched upon the ethical implications of this practice and the broader societal consequences of widespread digital surveillance. While some comments offered a resigned acceptance of this reality, others expressed a desire for greater transparency and control over personal data.

• Technical Analysis – Improper Use of Private iOS APIs in Vietnamese Banking Apps

  permalink

  Posted: 2025-03-28 07:04:01

  Verbose tl;dr

  Verichains' analysis reveals that several Vietnamese banking apps improperly use private iOS APIs, potentially jeopardizing user security and app stability. These apps employ undocumented functions to gather device information, bypass sandbox restrictions, and manipulate UI elements, likely in pursuit of enhanced functionality or anti-fraud measures. However, reliance on these private APIs violates Apple's developer guidelines and creates risks, as these APIs can change without notice, leading to app crashes or malfunctions. Furthermore, this practice exposes users to potential security vulnerabilities that malicious actors could exploit. The report details specific examples of private API usage within these banking apps and emphasizes the need for developers to adhere to official guidelines for a safer and more reliable user experience.

  Verichains' blog post, "Technical Analysis – Improper Use of Private iOS APIs in Vietnamese Banking Apps," details a security vulnerability discovered within several prominent Vietnamese banking applications for iOS. The core issue stems from these apps' utilization of private, undocumented APIs within the iOS operating system. While Apple provides a robust and well-defined set of public APIs for developers to interact with iOS functionalities, these private APIs are not officially supported and are subject to change or removal without notice. Relying on these internal mechanisms creates a precarious situation for both the application developers and, more importantly, the end-users.

  The post meticulously outlines how Verichains researchers identified this vulnerability by conducting a thorough analysis of several popular Vietnamese banking apps. They explain that the use of private APIs exposes these applications to several potential risks. Firstly, because these APIs are undocumented, their behavior and functionality can be altered or completely removed in future iOS updates. This can lead to unexpected application crashes, malfunctions, or even complete breakdowns in functionality when users update their devices. Secondly, and perhaps more concerning, the use of private APIs can potentially create security loopholes that malicious actors can exploit. Since these APIs are not vetted through the same rigorous public review process as public APIs, they may contain undisclosed vulnerabilities that can be leveraged to compromise user data or gain unauthorized access to sensitive information.

  The researchers further elaborate on the specific private APIs being misused, including those related to obtaining device information and network status. They demonstrate how these APIs are being employed by the banking apps and explain the potential security implications of each specific instance. The post also includes technical details, such as code snippets and analysis of the apps' internal workings, to substantiate their findings and provide a clear understanding of the vulnerability's technical aspects.

  Verichains emphasizes the severity of these vulnerabilities, highlighting the potential for significant user data breaches and financial losses should these weaknesses be exploited. The blog post concludes by advocating for increased awareness and vigilance amongst developers regarding the proper use of iOS APIs. It urges developers to strictly adhere to Apple's official guidelines and avoid utilizing private APIs in their applications, emphasizing the importance of prioritizing secure and stable app development practices to safeguard user data and maintain the integrity of their applications. This proactive approach, they argue, is crucial for mitigating potential risks and ensuring the long-term security and functionality of iOS applications, particularly within sensitive sectors like banking and finance.

  • iOS
  • Mobile Security
  • Banking Security
  • API Misuse
  • Private APIs
  • Vietnam
  • App Security
  • technical analysis
  • software vulnerabilities
  • Reverse Engineering

  Summary of Comments ( 7 )
  https://news.ycombinator.com/item?id=43502385

  Verbose tl;dr

  Several Hacker News commenters discuss the implications of the Verichains blog post, focusing on the potential security risks of using private APIs. Some express surprise at the prevalence of this practice, while others point out that using private APIs is a common, though risky, way to achieve certain functionalities not readily available through public APIs. The discussion touches on the difficulty of Apple enforcing its private API rules, particularly in regions like Vietnam where regulatory oversight might be less stringent. Commenters also debate the ethics and pragmatism of this practice, acknowledging the pressure developers face to deliver features quickly while also highlighting the potential for instability and security vulnerabilities. The thread includes speculation about whether the use of private APIs is intentional or due to a lack of awareness among developers.

  The Hacker News post titled "Technical Analysis – Improper Use of Private iOS APIs in Vietnamese Banking Apps" has generated several comments discussing the implications of the article's findings.

  Several commenters focused on the security risks associated with using private APIs. One commenter highlights the potential for malicious apps to exploit these same private APIs, potentially bypassing security measures or accessing sensitive user data. They mention the "walled garden" approach of iOS and how circumventing it introduces vulnerabilities. Another commenter reinforces this by pointing out that Apple explicitly warns against using private APIs, and doing so can lead to app rejection from the App Store. They express concern that these banking apps were able to get through the review process despite this violation.

  The discussion also touches on the motivations behind using private APIs. One commenter speculates that developers might resort to private APIs due to limitations or perceived deficiencies in the public APIs provided by Apple. They suggest that this situation highlights a potential gap in functionality offered by official means. Another commenter cynically suggests that the developers might be knowingly taking shortcuts to achieve desired functionality without going through proper channels or investing in more robust solutions.

  A few commenters discuss the implications for users of these banking apps. One expresses concern about the potential for data breaches or other security compromises due to the use of these private APIs. Another commenter questions the overall security posture of these Vietnamese banks, suggesting a lack of due diligence in their app development practices.

  The conversation also drifts towards the broader issue of private API usage and app store review processes. One commenter questions the effectiveness of Apple's app review process in catching these violations. Another commenter mentions the cat-and-mouse game between developers trying to use private APIs and Apple trying to prevent them. They note that this is an ongoing issue and that developers often find creative ways to circumvent the restrictions.

  Finally, one commenter questions the severity of the issue, suggesting that the specific private APIs mentioned in the article might not pose a significant security risk. However, this is countered by another commenter who emphasizes that any use of private APIs is a violation of Apple's guidelines and opens the door to potential security vulnerabilities, regardless of the specific APIs used.

• Conducting forensics of mobile devices to find signs of a potential compromise

  permalink

  Posted: 2025-03-17 03:25:26

  Verbose tl;dr

  Mobile Verification Toolkit (MVT) helps investigators analyze mobile devices (Android and iOS) for evidence of compromise. It examines device backups, file system images, and targeted collections, looking for artifacts related to malware, spyware, and unauthorized access. MVT checks for indicators like jailbreaking/rooting, suspicious installed apps, configuration profiles, unusual network activity, and signs of known exploits. The toolkit provides detailed reports highlighting potential issues and aids forensic examiners in identifying and understanding security breaches on mobile platforms.

  This GitHub repository, titled "mvt" (likely short for Mobile Verification Toolkit), presents a comprehensive framework and associated tools designed for conducting forensic analysis on mobile devices to ascertain whether they have been compromised. The project aims to empower security researchers, incident responders, and digital forensic examiners with the capability to delve deep into the inner workings of Android and iOS devices, meticulously searching for indicators of compromise (IOCs) that might suggest malicious activity or unauthorized access.

  The toolkit facilitates the acquisition and analysis of a wealth of data from mobile devices, including but not limited to installed applications, file system contents, network connections, system logs, and user data. This comprehensive data collection provides a rich foundation upon which to build a thorough investigation into the device's security posture.

  The "mvt" toolkit boasts a modular architecture, enabling users to selectively employ specific modules tailored to their individual investigative needs. This modularity not only enhances flexibility but also allows for efficient resource utilization by avoiding unnecessary processing. The toolkit further emphasizes automation, offering streamlined workflows that automate repetitive tasks, thereby saving valuable time and minimizing the potential for human error. This automation also promotes consistency and repeatability in the forensic process, crucial for maintaining the integrity of the investigation.

  Furthermore, the "mvt" project emphasizes platform agnosticism, providing support for both Android and iOS operating systems. This cross-platform compatibility allows investigators to apply a consistent methodology across different mobile platforms, simplifying the analysis process and facilitating comparative analysis.

  The toolkit's output is designed to be readily understandable, presenting findings in a clear and concise manner, which aids in the interpretation of complex technical data. This ease of interpretation is especially beneficial in collaborative environments, allowing different stakeholders to quickly grasp the implications of the analysis. The project also emphasizes community involvement and encourages contributions, fostering an environment of collaborative development and continuous improvement. This community-driven approach helps ensure the toolkit remains up-to-date with the latest threats and evolving mobile technologies.

  In essence, the "mvt" project offers a powerful and versatile suite of tools for conducting in-depth forensic examinations of mobile devices, enabling the identification of potential compromises and assisting in the investigation of security incidents. Its modular design, automation capabilities, cross-platform support, and focus on clear output make it a valuable resource for anyone involved in mobile security and digital forensics.

  • mobile forensics
  • Digital Forensics
  • Incident Response
  • Security
  • Cybersecurity
  • Mobile Security
  • compromise assessment
  • data breach investigation
  • malware analysis
  • iOS forensics
  • Android forensics
  • mvt
  • dfir

  Summary of Comments ( 14 )
  https://news.ycombinator.com/item?id=43384894

  Verbose tl;dr

  HN users discuss the practicality and legality of MVT (Mobile Verification Toolkit), a tool for forensic analysis of mobile devices. Some express concerns about the complexity of interpreting the results and the potential for false positives, emphasizing the need for expertise. Others debate the legality of using such tools, especially in employment contexts, with some suggesting potential violations of privacy laws depending on the jurisdiction and the nature of the data collected. A few commenters point out that the tools are valuable but must be used responsibly and ethically, recommending comparing results against a known good baseline and considering user privacy implications. The utility for average users is questioned, with the consensus being that it's more suited for professionals in law enforcement or corporate security. Finally, alternative tools and resources are mentioned, including existing forensic suites and open-source projects.

  The Hacker News post titled "Conducting forensics of mobile devices to find signs of a potential compromise" linking to the mvt (Mobile Verification Toolkit) project on GitHub sparked a modest discussion with a few noteworthy comments.

  One commenter pointed out the increasing difficulty of mobile forensics due to vendors locking down devices and encrypting more data. They highlighted how this trend benefits privacy for average users but presents challenges for legitimate investigations. They emphasized the importance of tools like mvt in navigating this evolving landscape.

  Another comment focused on the legal implications of mobile device forensics, specifically mentioning the need for warrants and proper legal procedures before accessing someone's device. They cautioned against using such tools without full legal authority, emphasizing the potential legal ramifications.

  A further comment praised mvt's cross-platform compatibility, highlighting its support for both iOS and Android devices. They noted the value of having a single toolkit that can handle both major mobile operating systems. This commenter also appreciated the open-source nature of the project, which allows for community contributions and scrutiny.

  One user questioned the practical application of such tools for individuals suspecting they've been compromised. They wondered about the level of technical expertise required to interpret the data extracted by mvt and how an average person would make sense of the findings.

  Finally, a commenter mentioned the importance of physical access to the device for effective forensic analysis, acknowledging the limitations of remote analysis. They highlighted the value of mvt in situations where physical access is obtained legally and ethically.

  The comments overall demonstrate a mix of appreciation for the technical capabilities of mvt, concern for the privacy and legal implications of its use, and practical questions about its accessibility to non-technical users. While there wasn't an extensive or highly active debate, the comments provided valuable perspectives on the challenges and complexities of mobile forensics in the current technological landscape.

• The protester's guide to smartphone security

  permalink

  Posted: 2025-01-26 11:04:16

  Verbose tl;dr

  This guide emphasizes minimizing digital traces for protesters through practical smartphone security advice. It recommends using a secondary, "burner" phone dedicated to protests, ideally a basic model without internet connectivity. If using a primary smartphone, strong passcodes/biometrics, full-disk encryption, and up-to-date software are crucial. Minimizing data collection involves disabling location services, microphone access for unnecessary apps, and using privacy-respecting alternatives to default apps like Signal for messaging and a privacy-focused browser. During protests, enabling airplane mode or using Faraday bags is advised. The guide also covers digital threat models, stressing the importance of awareness and preparedness for potential surveillance and data breaches.

  This comprehensive guide, entitled "The Protester's Guide to Smartphone Security," offers an extensive exploration of digital security practices specifically tailored for individuals engaging in protests or activism. Recognizing the heightened risks protesters face regarding surveillance and data compromise, the guide meticulously outlines numerous strategies for mitigating these threats. It begins by emphasizing the critical importance of threat modeling, urging readers to carefully assess their specific situation and potential adversaries, including law enforcement, corporate entities, or even malicious individuals. This individualized approach allows protesters to tailor their security measures to the unique challenges they may encounter.

  The guide subsequently delves into a detailed examination of various technical aspects of smartphone security. A significant portion is dedicated to the selection of a mobile operating system, highlighting the enhanced privacy features offered by GrapheneOS and CalyxOS, while also acknowledging the relative strengths and weaknesses of iOS. It further underscores the significance of employing strong passcodes and enabling full-disk encryption to safeguard against unauthorized access to sensitive data.

  The document then proceeds to explore secure communication methods, recommending the utilization of end-to-end encrypted messaging applications such as Signal. It expounds upon the benefits of utilizing a VPN for concealing one's IP address and encrypting internet traffic, thereby hindering surveillance efforts. Furthermore, the guide stresses the importance of disabling location services and limiting app permissions to minimize data collection by third-party applications.

  Beyond these technical considerations, the guide also emphasizes the practical aspects of maintaining security during protests. It advises protesters to disable biometric authentication methods, such as fingerprint or facial recognition, which could be compelled by law enforcement. It also recommends carrying a secondary "burner" phone for sensitive communications and suggests leaving primary devices at home whenever possible.

  Moreover, the guide offers guidance on preparing for potential device confiscation, including encrypting sensitive data, setting up remote wipe capabilities, and memorizing crucial contact information. It also advocates for educating oneself about local laws regarding surveillance and data retention, empowering individuals to assert their rights effectively. Finally, the guide concludes by underscoring the ongoing nature of digital security, emphasizing the need for continuous learning and adaptation to evolving threats. In essence, this guide provides a thorough and practical resource for protesters seeking to protect their digital privacy and security in a potentially hostile environment.

  • smartphone security
  • privacy
  • protests
  • activism
  • digital security
  • Mobile Security
  • surveillance
  • Data Protection
  • online safety
  • secure communication
  • smartphone privacy
  • protest guide
  • activist guide

  Summary of Comments ( 82 )
  https://news.ycombinator.com/item?id=42829317

  Verbose tl;dr

  Hacker News users discussed the practicality and necessity of the guide's recommendations for protesters. Some questioned the threat model, arguing that most protesters wouldn't be targeted by sophisticated adversaries. Others pointed out that basic digital hygiene practices are beneficial for everyone, regardless of protest involvement. Several commenters offered additional tips, like using a burner phone or focusing on physical security. The effectiveness of GrapheneOS was debated, with some praising its security while others questioned its usability for average users. A few comments highlighted the importance of compartmentalization and using separate devices for different activities.

  The Hacker News post titled "The protester's guide to smartphone security" (linking to an article on PrivacyGuides.org) has generated a moderate number of comments, mostly focusing on practical aspects of the advice offered in the article and expanding on specific points.

  Several commenters discuss the trade-offs between security and usability. One points out the difficulty of following all the recommendations while still maintaining a functional device for daily use. They highlight the challenge of balancing the need for secure communication with the practicality of accessing essential services and maintaining contact with people who aren't using secure platforms. Another echoes this sentiment, arguing that the level of security suggested in the guide might be excessive for most protesters and could hinder their ability to organize and communicate effectively. They suggest a more tiered approach, offering different security levels based on the individual's risk profile.

  A recurring theme in the comments is the importance of threat modeling. Commenters emphasize that the appropriate security measures depend heavily on the specific threats a protester might face. For instance, someone protesting a local issue faces different risks compared to someone involved in activism against a powerful authoritarian regime. One commenter suggests focusing on specific risks, like location tracking and data extraction from a confiscated device, rather than attempting to achieve absolute security.

  There's also a discussion about the effectiveness of certain security practices. One commenter questions the advice to disable biometric unlocking, arguing that a strong passcode is sufficient. They suggest that the risk of forced biometric unlocking is relatively low in most protest scenarios. Another commenter challenges the recommendation to use GrapheneOS, suggesting that CalyxOS might be a more practical alternative for less technically inclined users.

  A few comments dive into technical details. One provides specific instructions on how to disable location services on different Android devices. Another discusses the importance of using end-to-end encrypted messaging apps and recommends specific apps known for their strong security features.

  Finally, some comments offer additional advice not explicitly covered in the article. One suggests carrying a "burner" phone for sensitive communications and keeping a separate device for everyday use. Another emphasizes the importance of physical security, reminding protesters to be mindful of their surroundings and avoid leaving their devices unattended.

  While the comments don't offer groundbreaking new information, they provide valuable context and practical considerations for anyone looking to implement the security advice offered in the linked article. They highlight the importance of balancing security with usability, tailoring security measures to specific threats, and understanding the limitations of different security practices.

• Homomorphic encryption in iOS 18

  permalink

  Posted: 2025-01-11 16:35:00

  Verbose tl;dr

  iOS 18 introduces homomorphic encryption for some Siri features, allowing on-device processing of encrypted audio requests without decrypting them first. This enhances privacy by preventing Apple from accessing the raw audio data. Specifically, it uses a fully homomorphic encryption scheme to transform audio into a numerical representation amenable to encrypted computations. These computations generate an encrypted Siri response, which is then sent to Apple servers for decryption and delivery back to the user. While promising improved privacy, the post raises concerns about potential performance impacts and the specific details of the implementation, which Apple hasn't fully disclosed.

  The blog post "Homomorphic Encryption in iOS 18" by Bastian Bohm details the introduction of homomorphic encryption capabilities within Apple's iOS 18 operating system, specifically focusing on the newly available APIs for performing calculations on encrypted data without requiring decryption. The author expresses excitement about this development, highlighting the potential for enhanced privacy and security in various applications.

  The post begins by explaining the concept of homomorphic encryption, emphasizing its ability to process encrypted information directly, thus preserving the confidentiality of sensitive data. It distinguishes between Fully Homomorphic Encryption (FHE), which supports arbitrary computations, and Partially Homomorphic Encryption (PHE), which is limited to specific operations like addition or multiplication. The post clarifies that iOS 18 implements PHE, specifically focusing on additive homomorphic encryption.

  The core of the post revolves around the newly introduced SecKeyEncryptedData class and its associated methods. The author provides a concise code example demonstrating how to create encrypted integers using this class and how to perform homomorphic addition on these encrypted values. The resulting sum remains encrypted, and only the holder of the decryption key can reveal its true value. The author meticulously breaks down the code snippet, explaining the role of each function and parameter. For instance, the post elucidates the process of generating a public key specifically designated for encrypted data operations and how this key is subsequently used to encrypt integer values. It also explains the significance of the perform method in executing homomorphic operations on these encrypted integers.

  Furthermore, the post discusses the underlying cryptographic scheme employed by Apple, revealing that it leverages a variant of the Paillier cryptosystem. This choice is deemed suitable for integer additions and is acknowledged for its established security properties. The post also touches upon the practical limitations of PHE, specifically noting the inability to perform other operations like multiplication or comparison directly on the encrypted data without decryption.

  Finally, the author speculates on the potential applications of this technology within the Apple ecosystem. The example given is privacy-preserving data collection, suggesting how homomorphic encryption could enable the aggregation of user statistics without compromising individual data privacy. This could be useful for applications like collecting usage metrics or accumulating health data while ensuring that the individual contributions remain confidential. The author concludes with an optimistic outlook on the future implications of homomorphic encryption within the iOS environment and expresses anticipation for further advancements in this field.

  • Homomorphic Encryption
  • iOS 18
  • iOS Security
  • Cryptography
  • privacy
  • Mobile Security
  • Data Security
  • Encryption
  • Apple
  • iOS Development
  • Data Privacy
  • App Security
  • Fully Homomorphic Encryption
  • FHE
  • Partially Homomorphic Encryption
  • PHE
  • Client-Side Encryption

  Summary of Comments ( 121 )
  https://news.ycombinator.com/item?id=42666959

  Verbose tl;dr

  Hacker News users discussed the practical implications and limitations of homomorphic encryption in iOS 18. Several commenters expressed skepticism about Apple's actual implementation and its effectiveness, questioning whether it's fully homomorphic encryption or a more limited form. Performance overhead and restricted use cases were also highlighted as potential drawbacks. Some pointed out that the touted benefits, like encrypted search and image classification, might be achievable with existing techniques, raising doubts about the necessity of homomorphic encryption for these tasks. A few users noted the potential security benefits, particularly regarding protecting user data from cloud providers, but the overall sentiment leaned towards cautious optimism pending further details and independent analysis. Some commenters linked to additional resources explaining the complexities and current state of homomorphic encryption research.

  The Hacker News post titled "Homomorphic encryption in iOS 18" spawned a modest discussion with a handful of comments focusing on the practicalities and limitations of the technology, rather than the announcement itself. No one expressed outright excitement or skepticism about the announcement, instead offering pragmatic observations.

  One commenter pointed out that the homomorphic encryption being utilized is limited to integer addition and multiplication, and thus isn't fully homomorphic encryption (FHE) in the broader, more powerful sense. They clarified that true FHE allows arbitrary computation on encrypted data, which is not what Apple is implementing. This comment served as an important clarification to distinguish the specific type of homomorphic encryption being employed.

  Another user expanded on this by mentioning that the specific technique used is called "additive homomorphic encryption" and likely leverages the Paillier cryptosystem. This added technical depth to the discussion, providing a potential underlying mechanism for Apple's implementation. They then speculated about its use case, suggesting it could be applied to scenarios like federated learning or aggregated metrics collection.

  A subsequent comment explored the performance limitations of homomorphic encryption. The commenter noted the significant computational overhead associated with these techniques, which makes them unsuitable for many real-time or performance-sensitive applications. This comment highlighted the trade-offs involved in using homomorphic encryption, emphasizing that while it offers enhanced privacy, it comes at the cost of performance.

  Finally, one commenter linked to a related project called "Concrete," further adding context to the types of operations and optimizations possible within the homomorphic encryption space. This provides an avenue for those interested in learning more about practical implementations and advancements in the field.

  Overall, the comments section offers a concise and informed discussion focusing on the technical nuances of Apple's implementation rather than broad speculation or hype. They provide valuable context and clarification regarding the specific type of homomorphic encryption being used and its inherent limitations.