Session chair: Panos Papadimitratos
- Discontinued Privacy: Personal Data Leaks in Apple Bluetooth-Low-Energy Continuity Protocols
Guillaume Celosia (Univ Lyon, INSA Lyon, Inria, CITI) and MathieuCunche (Univ Lyon, INSA Lyon, Inria, CITI)
Apple Continuity protocols are the underlying network component of Apple Continuity services which allow seamless nearby applications such as activity and file transfer, device pairing and sharing a network connection. Those protocols rely on Bluetooth Low Energy (BLE) to exchange information between devices: Apple Continuity messages are embedded in the payload of BLE advertisement packets that are periodically broadcasted by devices. Recently, Martin et al. identified  a number of privacy issues associated with Apple Continuity protocols; we show that this was just the tip of the iceberg and that Apple Continuity protocols leak a wide range of personal information.
In this work, we present a thorough reverse engineering of Apple Continuity protocols that we use to uncover a collection of privacy leaks. We introduce new artifacts, including identifiers, counters and battery levels, that can be used for passive tracking, and describe a novel active tracking attack based on Handoff messages. Beyond tracking issues, we shed light on severe privacy flaws. First, in addition to the trivial exposure of device characteristics and status, we found that HomeKit accessories betray human activities in a smarthome. Then, we demonstrate that AirDrop and Nearby Action protocols can be leveraged by passive observers to recover e-mail addresses and phone numbers of users. Finally, we exploit passive observations on the advertising traffic to infer Siri voice commands of a user.
- How private is your period?: A systematic analysis of menstrual app privacy policies
Laura Shipp (Royal Holloway, University of London) and Jorge Blasco (Royal Holloway, University of London)
Menstruapps are mobile applications that can track a user's reproductive cycle, sex life and health in order to provide them with algorithmically derived insights into their body. These apps are now hugely popular, with the most favoured boasting over 100 million downloads. In this study, we investigate the privacy practices of a set of 30 Android menstruapps, a set which accounts for nearly 200 million downloads. We measured how the apps present information and behave on a number of privacy-related topics, such as the complexity of the language used, the information collected by them, the involvement of third parties and how they describe user rights. Our results show that while common pieces of personal data such as name, email, etc. are treated appropriately by most applications, reproductive-related data is not covered by the privacy policies and in most cases, completely disregarded, even when it is required for the apps to work. We have informed app developers of our findings and have tried to engage them in dialogue around improving their privacy practices.
- The Price is (not) Right: Comparing Privacy in Free and Paid Apps
Catherine Han (University of California, Berkeley), Irwin Reyes (Two Six Labs / International Computer Science Institute), Álvaro Feal (IMDEA Networks Institute), Joel Reardon (University of Calgary), Primal Wijesekera (University of California, Berkeley), Narseo Vallina-Rodriguez (IMDEA Networks Institute / International Computer Science Institute), and Serge Egelman (International Computer Science Institute / University of California, Berkeley)
- Angel or Devil? A Privacy Study of Mobile Parental Control Apps
Álvaro Feal (IMDEA Networks Institute / Universidad Carlos III de Madrid), Paolo Calciati (IMDEA Software Institute / Universidad Politécnica de Madrid), Narseo Vallina-Rodriguez (IMDEA Networks Institute / ICSI), Carmela Troncoso (EPFL), and Alessandra Gorla (IMDEA Sofware Institute)
Android parental control applications are used by parents to monitor and limit their children’s mobile behaviour (e.g., mobile apps use, Internet browsing, calls, and text messages). In order to offer this service, parental control apps require access to sensitive data and system resources which may significantly reduce the dangers associated with kids’ online activities, but it also raises important privacy concerns which are overlooked by European security centers providing recommendations to the public. We conduct the first in-depth study of the Android parental control applications ecosystem from a privacy and regulatory point of view. We exhaustively study 46 apps which have a combined 20M installs in the Google Play Store. Using a combination of static and dynamic analysis we find that, among others: these apps are on average more permission-hungry than the top 150 apps in the Google Play Store, and tend to request more dangerous permissions with new releases; 11% of the apps transmit personal data in the clear; 34% of the apps gather and send personal information without appropriate consent; and 72% of the apps share data with third parties (including online advertising and analytics services) without mentioning their presence in the apps’ privacy policies. In summary, parental control applications lack of transparency and lack of compliance with regulatory requirements can have severe implications for children’s privacy. Therefore, it is necessary to develop stricter auditing tools that incorporate transparency and privacy risk analysis before recommending their use to concerned parents.