Apple May Want To Protect Your Phone Data From Snooping, But It's Snarfing Up Your Local Desktop Searches

from the oops dept

Mon, Oct 20th 2014 8:50pm — Mike Masnick

So, Apple got plenty of kudos from security and privacy folks in deciding to encrypt mobile phone data, but over on the desktop side, apparently the message hasn't quite gotten through. Instead, it appears that the latest Mac operation system has the company automatically sending all of your desktop searches back to Apple. These aren't internet searches, but just what you're searching for locally.

The function is part of Spotlight search, which was updated with last week’s launch of new Mac computers and Apple’s latest operating system, Yosemite OS X, which also is available for download to owners of older machines. Once Yosemite is installed, users searching for files – even on their own hard drives -- have their locations, unique user IDs and search terms automatically sent to the company, keystroke by keystroke.

A pop-up window discloses the change, saying collecting the data helps provide results “more relevant to you” as Spotlight also looks beyond individual computers to gather information across the Internet, much like popular search engines such as Google already do. But privacy advocates worry that users won’t understand what information is collected and how to stop the transmission of data to Apple, which happens by default.

And, if you think there's no big deal in having this data collected, think again.

Testing by The Washington Post found that the locations revealed in Spotlight searches can be strikingly precise, placing a user within a particular building in Washington, D.C., even though the disclosure box on Spotlight refers to collecting “your approximate location."

In addition to sharing information with Apple, Spotlight also actively downloads relevant Web pages and Wikipedia articles about the topics covered by a search query, revealing potentially sensitive information about the user’s activities to other Web sites as well.

You can (and perhaps should) turn off this "feature" -- and you can see how in some specific cases there may be beneficial reasons for individuals to share this information, the idea of having it on by default just seems like a privacy nightmare.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: mac os, privacy, search, yosemite
Companies: apple

37 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

CSMcDonald (profile), 20 Oct 2014 @ 9:38pm

maybe not quite so much
http://www.theverge.com/2014/10/20/7022881/apple-yosemite-spotlight-privacy-concerns

the Verge did a bit more digging into what is actually happening.
[ link to this | view in chronology ]
Anonymous Coward, 20 Oct 2014 @ 10:33pm

Hmm... think I might get in trouble if my previous three app searches were Tor, bittorrent, and wikileaks-pending? After all, I'm only sharing with Apple, and they've had hardly any NSLs delivered to them...
[ link to this | view in chronology ]
Misha Springfield, 20 Oct 2014 @ 10:48pm

This reminds me of Ubuntu doing this with Dash... and, given past indications, I'd say it's safe to assume that Apple does this in a more intrusive way than Canonical did.

Canonical initially sent a trademark C&D to fixubuntu.com. As Apple is historically more litigious than Canonical, I guess we can expect them to react with a nastygram before long... (Not that I'm looking forward to it. It'd suck for the people involved.)

In any case, way to destroy that modicum of goodwill you might have temporarily had with your phone encryption, Apple. Though, somehow, I don't think the backlash will be as loud as Canonical had it... fanboi will be fanboi.
[ link to this | view in chronology ]
- Anonymous Coward, 21 Oct 2014 @ 7:44am
  
  Re:
  Canonical also sent an apology to fixubuntu.com. shortly after.
  [ link to this | view in chronology ]
- John Fenderson (profile), 21 Oct 2014 @ 7:53am
  
  Re:
  Yes, not to mention the "enhanced" search facilities on Windows 8 & 10.
  
  I don't understand this trend to unified searches at all. Not only does it make searching locally using your OS dangerous from a privacy point of view, but it degrades the actual search. If I'm searching my hard drive for something, I never want online search results to be included for it, and vice versa.
  [ link to this | view in chronology ]
Anonymous Coward, 21 Oct 2014 @ 1:56am

What the article forgets to mention is that those so-called 'local searches' will also be shared with law enforcement through PRISM and other such national security directives that are requested through the FISA courts.
[ link to this | view in chronology ]
- Anonymous Coward, 21 Oct 2014 @ 2:44am
  
  Re:
  Why bother with all that when they can simply be intercepted on-the-wire?
  [ link to this | view in chronology ]
  - Anonymous Coward, 21 Oct 2014 @ 2:00pm
    
    Re: Re:
    Local wouldn't be 'on-the-wire.'
    [ link to this | view in chronology ]
    - John Fenderson (profile), 21 Oct 2014 @ 3:34pm
      
      Re: Re: Re:
      But it is. That's the whole point of the article.
      [ link to this | view in chronology ]
Rabbit80 (profile), 21 Oct 2014 @ 2:27am

Testing by The Washington Post found that the locations revealed in Spotlight searches can be strikingly precise, placing a user within a particular building in Washington, D.C., even though the disclosure box on Spotlight refers to collecting “your approximate location."

Is this the same Washington Post that thinks there is a difference between a 'Golden Key' and a backdoor?

According to an Apple statement published on Ars Technica:
For Spotlight Suggestions we minimize the amount of information sent to Apple. Apple doesn't retain IP addresses from users’ devices. Spotlight blurs the location on the device so it never sends an exact location to Apple. Spotlight doesn't use a persistent identifier, so a user's search history can't be created by Apple or anyone else. Apple devices only use a temporary anonymous session ID for a 15-minute period before the ID is discarded.

We also worked closely with Microsoft to protect our users' privacy. Apple forwards only commonly searched terms and only city-level location information to Bing. Microsoft does not store search queries or receive users' IP addresses.
[ link to this | view in chronology ]
- Anonymous Coward, 21 Oct 2014 @ 7:46am
  
  Re:
  NSApple, It's only metadata.
  [ link to this | view in chronology ]
- John Fenderson (profile), 21 Oct 2014 @ 7:54am
  
  Re:
  Nothing in Apple's statement makes me feel any safer in terms of privacy implications.
  [ link to this | view in chronology ]
- ryuugami, 21 Oct 2014 @ 2:15pm
  
  Re:
  We also worked closely with Microsoft to protect our users' privacy.
  
  Much in the same way as the wolves & foxes worked to protect the well-being of chicken, I presume.
  [ link to this | view in chronology ]
Anonymous Coward, 21 Oct 2014 @ 3:08am

Apple explains itself? It's now making justifications as to why it needs this new feature? Howabout getting rid of the feature completely. There's no justification that Apple can make that would convince me as to why Apple needs to know what I'm searching for on my own PC, iMac or laptop.

This is a bad move on Apple's part and it's going to ultimately backfire on the company.
[ link to this | view in chronology ]
- Rabbit80 (profile), 21 Oct 2014 @ 4:07am
  
  Re:
  It's pretty simple really - Spotlight offers a unified search by default - just like the Windows 8/8.1 search screen.
  
  This unified search sends your query over to Apple who then pass it to Bing to return web results alongside your local search.
  
  It is a feature that can easily be disabled.
  
  I'm not a fan of Apple, but this is really no different to what Microsoft are doing with Windows 8, Ubuntu is doing with unity etc. I have no doubt Microsoft use IP geolocation if they don't tap into your location directly.
  
  The main issue is that it also sends Apple your location and other identifying information - which the Apple statement addresses.
  [ link to this | view in chronology ]
  - Anonymous Coward, 21 Oct 2014 @ 4:27am
    
    Re: Re:
    "It is a feature that can easily be disabled."
    
    Perhaps.
    
    Perhaps today.
    
    But the history of such things is that their mere existence is a serious security/privacy threat, because -- in time -- they will become ever more deeply embedded and harder to disable. And of course they make an attacker's job much simpler: they need not craft all the code required to do this, they only need to hijack code that already exists.
    
    I excised all instances of Ubuntu from my data center in response to Canonical's decision to spy on users and forward their data to spammers. (Yes, really. Look it up.) This "feature" doesn't need to be disabled, it needs to be removed immediately.
    [ link to this | view in chronology ]
  - John Fenderson (profile), 21 Oct 2014 @ 7:55am
    
    Re: Re:
    "this is really no different to what Microsoft are doing with Windows 8, Ubuntu is doing with unity etc."
    
    This is true, and it's equally objectionable in those systems as well.
    [ link to this | view in chronology ]
    - Rabbit80 (profile), 21 Oct 2014 @ 8:28am
      
      Re: Re: Re:
      Yet no big fuss over Ubuntu and Win 8? This is one case where I feel Apple are being unfairly singled out.
      [ link to this | view in chronology ]
      - John Fenderson (profile), 21 Oct 2014 @ 8:32am
        
        Re: Re: Re: Re:
        There was no big fuss about Win 8 because Win 8 had bigger problems that were causing the huge fuss. However, there was an enormous fuss made over the move by Ubuntu, and lots of people stopped using it as a result.
        [ link to this | view in chronology ]
        
        Gwiz (profile), 21 Oct 2014 @ 9:22am
        
        Re: Re: Re: Re: Re:
        However, there was an enormous fuss made over the move by Ubuntu, and lots of people stopped using it as a result.
        
        I cut my Linux teeth with Ubuntu (well actually, it was Damn Small Linux first because I had a crappy laptop then) and I switched over to Debian around this time because of this fiasco and also because of Canonical wanting make their software app store an integral part of the OS and the push to make Unity the default desktop.
        
        I don't feel like I have lost out on very much since Canonical pushes their updates back downstream to Debian anyways.
        [ link to this | view in chronology ]
        
        John Fenderson (profile), 21 Oct 2014 @ 9:43am
        
        Re: Re: Re: Re: Re: Re:
        I went through several different distros before I settled on Debian (which I still think is the best distro overall). They irony is that if Debian ends up requiring systemd, I will have to change again. Slackware is topping my list of where to go to at this point, but they may adopt systemd as well -- in which case, I'll become a BSD man.
        [ link to this | view in chronology ]
        
        Gwiz (profile), 21 Oct 2014 @ 10:18am
        
        Re: Re: Re: Re: Re: Re: Re:
        They irony is that if Debian ends up requiring systemd, I will have to change again.
        
        Thanks for bringing that up.
        
        systemd wasn't on my radar at all because I really haven't been keeping up on all dev talk surrounding Linux lately. I will also have to keep an eye how that all pans out.
        [ link to this | view in chronology ]
        
        nasch (profile), 21 Oct 2014 @ 11:44am
        
        Re: Re: Re: Re: Re: Re: Re:
        They irony is that if Debian ends up requiring systemd, I will have to change again. Slackware is topping my list of where to go to at this point, but they may adopt systemd as well -- in which case, I'll become a BSD man.
        
        Can't you just turn off systemd?
        [ link to this | view in chronology ]
        
        John Fenderson (profile), 21 Oct 2014 @ 11:50am
        
        Re: Re: Re: Re: Re: Re: Re: Re:
        "Can't you just turn off systemd?"
        
        Technically, yes. In practice, no -- because there are a lot of very important applications that depend on the GTK, which depends on systemd.
        
        This is the thing that makes systemd poisonous -- it's not just an init system. It replaces so many non-init portions of the OS in a nonstandard way that the resulting upstream dependencies make it nonoptional.
        [ link to this | view in chronology ]
        
        nasch (profile), 21 Oct 2014 @ 12:16pm
        
        Re: Re: Re: Re: Re: Re: Re: Re: Re:
        This is the thing that makes systemd poisonous -- it's not just an init system. It replaces so many non-init portions of the OS in a nonstandard way that the resulting upstream dependencies make it nonoptional.
        
        Well I can see why it's controversial - that strikes me as pretty smelly (as in "code smell").
        [ link to this | view in chronology ]
  - Anonymous Coward, 21 Oct 2014 @ 12:21pm
    
    Re: Re:
    It is a feature that can easily be disabled.
    
    Mac OS X Yosemite sends location, search data to Apple [Updated] makes it appear that it not that easy to disable, and unless all the required steps are taken, you only stop the search being executed by Apple, while still sending them the data.
    [ link to this | view in chronology ]
    - John Fenderson (profile), 21 Oct 2014 @ 1:32pm
      
      Re: Re: Re:
      This would fit with Apple's usual stance. They apparently view themselves as virtuous and so sending data to them is always OK as long as they don't pass it on to anyone else.
      
      This is the same company that defines "personally identifiable information" to specifically exclude obvious pieces of PII such as your location or the ID number associated with the device.
      [ link to this | view in chronology ]
Anonymous Coward, 21 Oct 2014 @ 4:08am

Apple, like other big corporations and the TLAs have the have the good guys syndrome :-

When we collect the information, its not a breach of your rights but a a means of giving you better service or protection. Its only when the bad guys, whoever they are, get the information that it is a breach of your rights.

They do not see that they are part of the problem, as they would never misuse the data, where their uses of the data are not misuses, and neither are their own governments uses. Some foreign governments may abuse the data that they demand from them, but that is the price of doing business in those countries.
[ link to this | view in chronology ]
Anonymous Coward, 21 Oct 2014 @ 6:09am

"Snarfing"?
Someone's been watching a little Thundercats, eh, Mike?
[ link to this | view in chronology ]
- nasch (profile), 21 Oct 2014 @ 6:19am
  
  Re: "Snarfing"?
  Someone's been watching a little Thundercats, eh, Mike?
  
  We can hope so, but there's a simpler explanation.
  
  https://en.wikipedia.org/wiki/Snarfing
  [ link to this | view in chronology ]
Ninja (profile), 21 Oct 2014 @ 7:41am

Hmm, I say leave it on and search for weird things. I propose "Steve nude pics" for some morbid fun.
[ link to this | view in chronology ]
anticrawl (profile), 21 Oct 2014 @ 9:08am

So essentially Apple stole another page from Linux again, unfortunately this time it was Canonical who snoops local searches and uploads it to sell to third parties.
[ link to this | view in chronology ]
Monday, 21 Oct 2014 @ 4:57pm

Privacy
These arguments are all pretty much the same anywhere you click. There was never a slippery-slope, it was an avalanche, and we got buried in so much legalese that we don't really have a chance at stopping any so called invasion of our privacy anymore. I use the same cell phone I bought in 2002. It sends receives texts; I don't have a camera; I don't need internet... and I don't need a recharge every four or six hours. I flew across the country three times in one week, and I didn't plug it in once. Made alot of calls that week.
Our privacy is no problem to the people who are expected to provide it for us, and we get surprised when it is discovered that "they" are watching [almost] every move we make. It shouldn't be a surprise; it's all part of the deal now. We can't prevent it, we can only go shopping for the next provider of our wares for the promised protection they expound.
I honestly don't think that Apple is keeping Phone data all that private as well, given the free reign they recently displayed with the 1/2 billion uploads Apple & U2 recently dumped. This was done without user permission, but somehow, somewhere it is loosely translated in the service agreement that Apple could actually do this -

http://www.dailytech.com/U2s+Bono+Apologizes+for+Forced+Songs+of+Innocence+Albums+Downloads/article3 6721.htm -

So, is it so unexpected that Apple is collecting this data? Not really IMO, but then, I've reached the point where I really don't give a shit anymore. Someone somewhere is going to see my traffic/visits/choices et al, and as long as I'm the only one with the passwords, whatever...

Nice post Masnick :)
[ link to this | view in chronology ]
- John Fenderson (profile), 21 Oct 2014 @ 8:27pm
  
  Re: Privacy
  "I use the same cell phone I bought in 2002."
  
  While this does eliminate some attack vectors (the internet, the cloud, etc.), you do understand that your phone calls, texts, and physical location are just as spied on as anyone with a smart phone, right?
  [ link to this | view in chronology ]
Lleuad Ci (profile), 21 Oct 2014 @ 5:46pm

Protect Who
Is this the same Apple who's directors voted DOWN a motion from the floor at their annual meeting to 'protect users data' ? Hint: Yes
[ link to this | view in chronology ]
Coyne Tibbets (profile), 21 Oct 2014 @ 8:19pm

So typical
For some time now, almost every company has aded that new-age weasel-wording to their privacy policy:

"From time to time we will make changes to our service to enhance your experience."

Such "enhancements" almost always grab more control over your life and turn over more data to the company. Or else "twice as much enhancing spam!"

"Enhancement" translates to "enhance our bottom line" and if the customer doesn't like it, too bad.
[ link to this | view in chronology ]
Anonymous Coward, 21 Oct 2014 @ 11:24pm

Apple being Ubuntu
[ link to this | view in chronology ]