Why do so many apps suddenly want to connect to devices on my network?

J

JOhnH

Touchdown! Greaser!
Joined
May 20, 2009
Messages
14,453
Location
Florida
Display Name
Display name:
Right Seater
Recently I have been getting messages from various apps on my iphone saying they want to discover and connect to devices on my local network. I can respond "allow" or "block". I always say block. What is up with this? Have they been doing it all along and only now have to ask?
 
Yep, Apple added that permission with a relatively recent update. Before that, apps could do that without asking.

Sometimes that permission is warranted. ForeFlight asks for it so that it can connect to Stratus or other devices. So you do need to be a little bit careful, but if you say no and find something you need doesn’t work, you can always turn it back on in Settings.
 
bluesky74656 said:
Yep, Apple added that permission with a relatively recent update. Before that, apps could do that without asking.

Sometimes that permission is warranted. ForeFlight asks for it so that it can connect to Stratus or other devices. So you do need to be a little bit careful, but if you say no and find something you need doesn’t work, you can always turn it back on in Settings.
Click to expand...
Ok, I can understand why FF might need it. But why do so many other apps think they need it? What are they connecting to? My security cameras? My router? My television?
 
JOhnH said:
Ok, I can understand why FF might need it. But why do so many other apps think they need it? What are they connecting to? My security cameras? My router? My television?
Click to expand...
It really depends on the app. When I look at my apps that ask for that permission, many of them are video apps that want to be able to stream to my AppleTV. My printer’s app needs to be able to talk to my printer.

Other apps I feel don’t need it, so I turned it off and haven’t had any problems. Maybe they have one obscure feature that needs it. Or maybe they have more permissions enabled than they actually need and they never bothered to update the app to remove them.
 
JOhnH said:
Ok, I can understand why FF might need it. But why do so many other apps think they need it? What are they connecting to? My security cameras? My router? My television?
Click to expand...
What things are they wanting to connect to? A streaming app may want to connect to a TV, for example, to stream the picture there. If they need internet access, I should think that is handled through normal permissions. My guess is lazy programming, where someone uses a library that has BlueTooth, Ethernet, and whatnot in one code base. It treats all of the communication as if it were one box where you send and receive data. The other obvious reason is more nefarious, I'm thinking software like WeChat. One last reason is for something surprising such as location services. I found that my non-GPS iPad can show my location on apple maps from picking up WiFi signals. Apparently, Apple has mapped WiFi routers around the world, and stores them in an iDevice even if you can't connect to them! It's both creepy and useful.
 
JOhnH said:
Ok, I can understand why FF might need it. But why do so many other apps think they need it? What are they connecting to? My security cameras? My router? My television?
Click to expand...
The security feature isn't that intelligent. (It could be.

The answer is, once you hit the okay button... Everything.

If you don't want stuff talking to those things you separate the networks and install and manage a firewall.

Welcome to IT hell where everyone thinks everything should talk to everything in a business environment.

The thing to remember is that "no" is a complete sentence. Hahaha.
 
To implement good security takes time, effort and knowledge.
Most companies do not want to invest in it, since security is always a cost and does not produce identifiable revenue.
Hence, most apps do the quick and dirty and ask for all permissions even if needed.
It has taken the Android community about a decade or so to make the most common apps smarter about what permissions to request since the granular permissions were added.

Tim

Sent from my HD1907 using Tapatalk
 
Cap'n Jack said:
I found that my non-GPS iPad can show my location on apple maps from picking up WiFi signals. Apparently, Apple has mapped WiFi routers around the world, and stores them in an iDevice even if you can't connect to them! It's both creepy and useful.
Click to expand...

May store a few locally I suppose but most on a cloud.

WiFi device mapping is I suspect why we have Street View. Google didn't drive camera cars round every (approx) street on the planet to take nice photos. They drove the cars round to collect the location of WiFi devices. The cameras and Street View were a side effect.

1. Before Street View became available where I was living I saw a camera car driving slowly about the neighborhood. I arranged for it to pass me three or four times by walking along various paths. A year later, we have Street View. I look and ??? I am not there? I eventually look at every frame that I think I might be in, say about 20, and I am visible in exactly one. I also notice that the weather differs between frames. The activity differs. Truck unloading building materials in one and absent in the next.

Conclusion the camera car had made many passes to get the Street View images and then 'random' images had been selected from the result. I forget now but it was three or four passes I think.

This all puzzled me greatly. WHY!?

2. The whistleblower. It was in the press that google were in trouble. They were hacking people's email! This was about 10 years ago. The Camera cars were driving about running a WiFi Packet Sniffer and storing all of the captured frames. Some of these frames contained unencrypted data. Say email, passwords, and they were storing that too.

WTF!

This was them collecting the WiFi data they wanted to use for mapping purposes. They vacuumed up the unencrypted data too. They only needed the MAC addresses but the engineer decided to store everything.

3. So now it all adds up. To do location based on WiFi you need to do at least three passes to try to identify which of the WiFi nodes are FIXED and which are things like phones which would not be reliable for location purposes.

There are other companies that have collected similar WiFi data and they sell it.
 
Google took “don’t be evil” out of their marching orders a long time ago.
 
bluesky74656 said:
It really depends on the app. When I look at my apps that ask for that permission, many of them are video apps that want to be able to stream to my AppleTV. My printer’s app needs to be able to talk to my printer.

Other apps I feel don’t need it, so I turned it off and haven’t had any problems. Maybe they have one obscure feature that needs it. Or maybe they have more permissions enabled than they actually need and they never bothered to update the app to remove them.
Click to expand...
The first one to ask, and the one that surprised me the most was Charles Schwab, where I have most of my investment accounts. Why do THEY need to contact devices on my local network?
 
JOhnH said:
And someone else (I think it was Microsoft) started using "Don't be Google!"
Click to expand...

BING = But it's not Google.

Here is another fun one from a lont time ago. Microsoft came out with Microsoft Office Manager aka Mom. Wordperfect replied with Desktop Application Director aka Dad.

Tim
 
JOhnH said:
Recently I have been getting messages from various apps on my iphone saying they want to discover and connect to devices on my local network. I can respond "allow" or "block". I always say block. What is up with this? Have they been doing it all along and only now have to ask?
Click to expand...
It's the latter. iOS has added of late a lot of "you have to ask first" blocks in the system. It used to be just things like the camera, but now it extends to other devices, and even some data access within your device.
 
JOhnH said:
The first one to ask, and the one that surprised me the most was Charles Schwab, where I have most of my investment accounts. Why do THEY need to contact devices on my local network?
Click to expand...
No idea. I’d probably be saying no to that one, too.
 
Spring Ford said:
May store a few locally I suppose but most on a cloud.

WiFi device mapping is I suspect why we have Street View. Google didn't drive camera cars round every (approx) street on the planet to take nice photos. They drove the cars round to collect the location of WiFi devices. The cameras and Street View were a side effect.

1. Before Street View became available where I was living I saw a camera car driving slowly about the neighborhood. I arranged for it to pass me three or four times by walking along various paths. A year later, we have Street View. I look and ??? I am not there? I eventually look at every frame that I think I might be in, say about 20, and I am visible in exactly one. I also notice that the weather differs between frames. The activity differs. Truck unloading building materials in one and absent in the next.

Conclusion the camera car had made many passes to get the Street View images and then 'random' images had been selected from the result. I forget now but it was three or four passes I think.

This all puzzled me greatly. WHY!?

2. The whistleblower. It was in the press that google were in trouble. They were hacking people's email! This was about 10 years ago. The Camera cars were driving about running a WiFi Packet Sniffer and storing all of the captured frames. Some of these frames contained unencrypted data. Say email, passwords, and they were storing that too.

WTF!

This was them collecting the WiFi data they wanted to use for mapping purposes. They vacuumed up the unencrypted data too. They only needed the MAC addresses but the engineer decided to store everything.

3. So now it all adds up. To do location based on WiFi you need to do at least three passes to try to identify which of the WiFi nodes are FIXED and which are things like phones which would not be reliable for location purposes.

There are other companies that have collected similar WiFi data and they sell it.
Click to expand...
I've no doubt that you are correct that most WiFi spots are stored in the cloud, but a surprising number were downloaded with Apple maps. I haven't tried to see what the what map scaling allows WiFi location, but it covers a scaling that shows several square miles on the map. Enough that it is useful to stop at a place with free WiFi, and let my iPad get a local map and WiFi points if need arose.

As for your points, I guess you are referring to this?
https://www.wired.com/2012/05/google-wifi-fcc-investigation/

My guess is that they really wanted the data. My non-GPS iPad still seems to know my location on the ground, so the WiFi spots are up-to-date. But if they only needed the location of WiFi signals, it is very easily crowd-sourced. Most people leave their phone GPS and WiFi on. Just send WiFi SSIDs detected on the WiFi, and the GPS location those SSIDs were detected. There's enough phones, and people move around enough, that they can get that data for free and keep the locations updated. Cars have GPS, WiFi and cellular data now, so they can update SSID location data when you leave your phone at home!
 
Cap'n Jack said:
Just big business. But is seems that, most of the time, Big Brother can ask for the data big business buys and sells.
Click to expand...
Big business is big brother, they just don't want you to know.
 
Cap'n Jack said:
Just big business. But is seems that, most of the time, Big Brother can ask for the data big business buys and sells.
Click to expand...
Or just go buy it. Multiple lawsuits wandering their way through various districts about LE buying commercial spy data.
 
You must log in or register to reply here.
Back
Top