Why do so many apps suddenly want to connect to devices on my network?

Discussion in 'Technical Corner' started by JOhnH, Feb 4, 2021.

  1. JOhnH

    JOhnH Touchdown! Greaser!

    Joined:
    May 20, 2009
    Messages:
    12,735
    Location:
    Florida
    Display Name:

    Display name:
    Right Seater
    Recently I have been getting messages from various apps on my iphone saying they want to discover and connect to devices on my local network. I can respond "allow" or "block". I always say block. What is up with this? Have they been doing it all along and only now have to ask?
     
    flhrci likes this.
  2. bluesky74656

    bluesky74656 Line Up and Wait

    Joined:
    Dec 31, 2005
    Messages:
    721
    Location:
    Brecksville, OH
    Display Name:

    Display name:
    Todd Kooser
    Yep, Apple added that permission with a relatively recent update. Before that, apps could do that without asking.

    Sometimes that permission is warranted. ForeFlight asks for it so that it can connect to Stratus or other devices. So you do need to be a little bit careful, but if you say no and find something you need doesn’t work, you can always turn it back on in Settings.
     
    denverpilot likes this.
  3. JOhnH

    JOhnH Touchdown! Greaser!

    Joined:
    May 20, 2009
    Messages:
    12,735
    Location:
    Florida
    Display Name:

    Display name:
    Right Seater
    Ok, I can understand why FF might need it. But why do so many other apps think they need it? What are they connecting to? My security cameras? My router? My television?
     
  4. bluesky74656

    bluesky74656 Line Up and Wait

    Joined:
    Dec 31, 2005
    Messages:
    721
    Location:
    Brecksville, OH
    Display Name:

    Display name:
    Todd Kooser
    It really depends on the app. When I look at my apps that ask for that permission, many of them are video apps that want to be able to stream to my AppleTV. My printer’s app needs to be able to talk to my printer.

    Other apps I feel don’t need it, so I turned it off and haven’t had any problems. Maybe they have one obscure feature that needs it. Or maybe they have more permissions enabled than they actually need and they never bothered to update the app to remove them.
     
    Cap'n Jack likes this.
  5. Cap'n Jack

    Cap'n Jack Final Approach

    Joined:
    Jun 25, 2006
    Messages:
    7,865
    Location:
    Nebraska
    Display Name:

    Display name:
    Cap'n Jack
    What things are they wanting to connect to? A streaming app may want to connect to a TV, for example, to stream the picture there. If they need internet access, I should think that is handled through normal permissions. My guess is lazy programming, where someone uses a library that has BlueTooth, Ethernet, and whatnot in one code base. It treats all of the communication as if it were one box where you send and receive data. The other obvious reason is more nefarious, I'm thinking software like WeChat. One last reason is for something surprising such as location services. I found that my non-GPS iPad can show my location on apple maps from picking up WiFi signals. Apparently, Apple has mapped WiFi routers around the world, and stores them in an iDevice even if you can't connect to them! It's both creepy and useful.
     
  6. Let'sgoflying!

    Let'sgoflying! Touchdown! Greaser! PoA Supporter

    Joined:
    Feb 23, 2005
    Messages:
    18,414
    Location:
    west Texas
    Display Name:

    Display name:
    Dave Taylor
    They are trying to connect to the microchip that was inserted with your vaccine.
     
    JOhnH, murphey and EdFred like this.
  7. LesGawlik

    LesGawlik Pre-takeoff checklist

    Joined:
    May 6, 2006
    Messages:
    111
    Display Name:

    Display name:
    Les
    If you're not paying for it, you're the product.
     
    Spring Ford, denverpilot and aftCG like this.
  8. denverpilot

    denverpilot Tied Down PoA Supporter

    Joined:
    Nov 8, 2009
    Messages:
    54,929
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    The security feature isn't that intelligent. (It could be.

    The answer is, once you hit the okay button... Everything.

    If you don't want stuff talking to those things you separate the networks and install and manage a firewall.

    Welcome to IT hell where everyone thinks everything should talk to everything in a business environment.

    The thing to remember is that "no" is a complete sentence. Hahaha.
     
  9. tspear

    tspear En-Route

    Joined:
    Dec 10, 2010
    Messages:
    2,539
    Display Name:

    Display name:
    Timothy
    To implement good security takes time, effort and knowledge.
    Most companies do not want to invest in it, since security is always a cost and does not produce identifiable revenue.
    Hence, most apps do the quick and dirty and ask for all permissions even if needed.
    It has taken the Android community about a decade or so to make the most common apps smarter about what permissions to request since the granular permissions were added.

    Tim

    Sent from my HD1907 using Tapatalk
     
  10. Spring Ford

    Spring Ford Pre-takeoff checklist

    Joined:
    Jul 11, 2018
    Messages:
    491
    Display Name:

    Display name:
    SpringFord
    May store a few locally I suppose but most on a cloud.

    WiFi device mapping is I suspect why we have Street View. Google didn't drive camera cars round every (approx) street on the planet to take nice photos. They drove the cars round to collect the location of WiFi devices. The cameras and Street View were a side effect.

    1. Before Street View became available where I was living I saw a camera car driving slowly about the neighborhood. I arranged for it to pass me three or four times by walking along various paths. A year later, we have Street View. I look and ??? I am not there? I eventually look at every frame that I think I might be in, say about 20, and I am visible in exactly one. I also notice that the weather differs between frames. The activity differs. Truck unloading building materials in one and absent in the next.

    Conclusion the camera car had made many passes to get the Street View images and then 'random' images had been selected from the result. I forget now but it was three or four passes I think.

    This all puzzled me greatly. WHY!?

    2. The whistleblower. It was in the press that google were in trouble. They were hacking people's email! This was about 10 years ago. The Camera cars were driving about running a WiFi Packet Sniffer and storing all of the captured frames. Some of these frames contained unencrypted data. Say email, passwords, and they were storing that too.

    WTF!

    This was them collecting the WiFi data they wanted to use for mapping purposes. They vacuumed up the unencrypted data too. They only needed the MAC addresses but the engineer decided to store everything.

    3. So now it all adds up. To do location based on WiFi you need to do at least three passes to try to identify which of the WiFi nodes are FIXED and which are things like phones which would not be reliable for location purposes.

    There are other companies that have collected similar WiFi data and they sell it.
     
  11. denverpilot

    denverpilot Tied Down PoA Supporter

    Joined:
    Nov 8, 2009
    Messages:
    54,929
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    Google took “don’t be evil” out of their marching orders a long time ago.
     
  12. murphey

    murphey Touchdown! Greaser! PoA Supporter

    Joined:
    Aug 21, 2008
    Messages:
    10,114
    Location:
    Colorado
    Display Name:

    Display name:
    murphey
    Because they can.
     
    denverpilot likes this.
  13. JOhnH

    JOhnH Touchdown! Greaser!

    Joined:
    May 20, 2009
    Messages:
    12,735
    Location:
    Florida
    Display Name:

    Display name:
    Right Seater
    And someone else (I think it was Microsoft) started using "Don't be Google!"
     
  14. JOhnH

    JOhnH Touchdown! Greaser!

    Joined:
    May 20, 2009
    Messages:
    12,735
    Location:
    Florida
    Display Name:

    Display name:
    Right Seater
    The first one to ask, and the one that surprised me the most was Charles Schwab, where I have most of my investment accounts. Why do THEY need to contact devices on my local network?
     
    denverpilot likes this.
  15. tspear

    tspear En-Route

    Joined:
    Dec 10, 2010
    Messages:
    2,539
    Display Name:

    Display name:
    Timothy
    BING = But it's not Google.

    Here is another fun one from a lont time ago. Microsoft came out with Microsoft Office Manager aka Mom. Wordperfect replied with Desktop Application Director aka Dad.

    Tim
     
  16. flyingron

    flyingron Touchdown! Greaser! PoA Supporter

    Joined:
    Jul 31, 2007
    Messages:
    20,122
    Location:
    Catawba, NC
    Display Name:

    Display name:
    FlyingRon
    It's the latter. iOS has added of late a lot of "you have to ask first" blocks in the system. It used to be just things like the camera, but now it extends to other devices, and even some data access within your device.
     
  17. bluesky74656

    bluesky74656 Line Up and Wait

    Joined:
    Dec 31, 2005
    Messages:
    721
    Location:
    Brecksville, OH
    Display Name:

    Display name:
    Todd Kooser
    No idea. I’d probably be saying no to that one, too.
     
  18. Cap'n Jack

    Cap'n Jack Final Approach

    Joined:
    Jun 25, 2006
    Messages:
    7,865
    Location:
    Nebraska
    Display Name:

    Display name:
    Cap'n Jack
    I've no doubt that you are correct that most WiFi spots are stored in the cloud, but a surprising number were downloaded with Apple maps. I haven't tried to see what the what map scaling allows WiFi location, but it covers a scaling that shows several square miles on the map. Enough that it is useful to stop at a place with free WiFi, and let my iPad get a local map and WiFi points if need arose.

    As for your points, I guess you are referring to this?
    https://www.wired.com/2012/05/google-wifi-fcc-investigation/

    My guess is that they really wanted the data. My non-GPS iPad still seems to know my location on the ground, so the WiFi spots are up-to-date. But if they only needed the location of WiFi signals, it is very easily crowd-sourced. Most people leave their phone GPS and WiFi on. Just send WiFi SSIDs detected on the WiFi, and the GPS location those SSIDs were detected. There's enough phones, and people move around enough, that they can get that data for free and keep the locations updated. Cars have GPS, WiFi and cellular data now, so they can update SSID location data when you leave your phone at home!
     
  19. Joe_B1

    Joe_B1 Pre-takeoff checklist

    Joined:
    Dec 28, 2020
    Messages:
    109
    Location:
    Near KCON
    Display Name:

    Display name:
    Joe_B
    Big brother.
     
  20. Cap'n Jack

    Cap'n Jack Final Approach

    Joined:
    Jun 25, 2006
    Messages:
    7,865
    Location:
    Nebraska
    Display Name:

    Display name:
    Cap'n Jack
    Just big business. But is seems that, most of the time, Big Brother can ask for the data big business buys and sells.
     
  21. Joe_B1

    Joe_B1 Pre-takeoff checklist

    Joined:
    Dec 28, 2020
    Messages:
    109
    Location:
    Near KCON
    Display Name:

    Display name:
    Joe_B
    Big business is big brother, they just don't want you to know.
     
  22. denverpilot

    denverpilot Tied Down PoA Supporter

    Joined:
    Nov 8, 2009
    Messages:
    54,929
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    Or just go buy it. Multiple lawsuits wandering their way through various districts about LE buying commercial spy data.
     
    Cap'n Jack likes this.