SoK: Privacy on Mobile Devices It’s Complicated Chad Spensky , Jeffrey Stewart, Arkady Yerukhimovich, Richard Shay, Ari Trachtenberg, Rick Housley, and Robert K. Cunningham Privacy Enhancing Technologies Symposium 2016
Is Privacy Possible on Mobile Devices? “Privacy as we knew it in the past is no longer feasible… How we conventionally think of privacy is dead” - Margo Seltzer, World Economic Forum, 2015 Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Mobile Devices Features vs. Privacy Location Tracking Environmental Sensors Microphone Personal and Financial Data Cameras Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Users Still Want Privacy 1 93% 87% 0.75 57% 0.5 93% 87% 0.25 57% 0 Have avoided apps Want to be in control Don’t want someone watching due to privacy concerns of who sees their data them without permission (PEW 2012) (PEW 2015) (PEW 2015) Top companies are even marketing their privacy-enhancing technologies Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Systematizing Mobile Device Privacy User Access to private data Applications Visibility to user Operating System Firmware Hardware Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Our Methodology Evaluate available Consider components Examine parties protections and their interactions and their motives Pull of this together into a “privacy world view” Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Mobile Privacy-enhancing Technologies User User Privacy Policies User Prompts App OS Analyzed Over-permissioning • Top 50 free/paid (Android) • Over 1/3 of apps request Firmware • Top 100 free/paid (iOS) permissions they don’t need [90,150] Hardware Result Only 32% are accessible to • Users don’t understand someone without a college what data these apps can education access [29, 91, 92] Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Mobile Privacy-enhancing Technologies Software User Encryption Permissions Models App OS Analyzed App with no permissions Top 50 banking apps • Can access Firmware • Wallpaper Results • Network Activity Hardware Apps still incorrectly validate • Directory Structure SSL certificates iOS: 4 • Low-level kernel crashes Android: 2 on both Android and iOS Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Mobile Privacy-enhancing Technologies Software User Application Application App Sandboxing Vetting OS Breaking Out Evasion (Android) Firmware • Root-level malware [31] • Dynamic code [79] • Infect developer tools [110] • Unknown sources [78] Hardware Side-Channels Evasion (iOS) • Intercept taps [3-5] • Private APIs [83] • Location from power [8] • Enterprise apps [111] Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Mobile Privacy-enhancing Technologies Firmware User Specialized Communication App Co-Processors Chipsets OS Purpose Analyzed Firmware • Record audio • NFC chipset on Android • Capture user movements • Require special drivers Hardware Concern Results • Could be compromised to • Nexus S: 856 crashes permit covert data capture • Nexus 4: 7 crashes Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Mobile Privacy-enhancing Technologies Hardware User Dedicated Trusted Execution App Cryptographic Units Environment OS Purpose Purpose Firmware Protects user data from Protect user data even if the software-based attacks device is stolen or lost Hardware Concern Concern Has unlimited access to the Low visibility and regulation entire system on implementation Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Privacy World View Location-based Application Cellular Network WiFi ? Network Sensors Baseband Operating System WiFi [6,133] GPS Location-based App Power [8] Accelerometer [7] 3rd Party Light & SIM Card Trusted Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Summary • Modern mobile devices are extremely complex, across all layers • Ill-defined trust relationships lead to un-intended data leakages • Effective privacy-enhancing technologies must consider the entire stack • We are likely going to see even more data leaks without fundamentally new approaches Complexity is the enemy of both security and privacy Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Can We Do Better? • Reducing Trust Relationships • e.g., Hardware segregation • Guiding Users Toward Privacy • e.g., Personalized Privacy Assistant (SOUPS ’16) • Mechanism Design for Privacy • e.g., Bitcoin [183] Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Questions? Privacy on Mobile Devices – It’s Complicated CSS 07/21/16
Recommend
More recommend