“We really just want to run our business the old fashioned way. “We don’t even want to say ‘you can trust us not to do anything,’ because we don’t want to be in a position that we have to be trusted,” he said. “On the server side, we’ll only see a random device identifier, because we don’t have accounts so you can’t be attributable to your traffic,” he said. In other words, the Guardian app isn’t a creepy VPN app like Facebook’s Onavo, which Apple pulled from the App Store for collecting data it shouldn’t have been. The connection uses IPSec (IKEv2) with a strong cipher suite, he said. The app works by generating a random set of VPN credentials to connect to the cloud.
We don’t even use Google Analytics or any kind of tracking in the app - or even on our site, out of principle.” Our rule is to collect as little as possible. “We don’t want to collect data that we don’t need,” said Strafach. The less data they have, the less they know, and the safer and more private its users are. Strafach said that neither he nor the team wants to know who uses the app. Whenever you use a VPN - to evade censorship, site blocks or surveillance - you have to put more trust in the VPN server to keep all of your internet traffic safe than your internet provider or cell carrier. What sets the Guardian app from its distant competitors is its anti-data collection. A planned future option will allow users to go into a higher, more restrictive privacy level - “Lockdown mode” - which will deny bad traffic by default until the user intervenes. Strafach said that the app will “err on the side of usability” by warning users first - with the option of blocking it. Screenshots of the Guardian app, set to be released in December (Image: supplied) The team plans to continue building machine learning models that help to identify new threats - including so-called “aggressive ads” - that hijack your mobile browser and redirect you to dodgy pages or apps. If an app is known to have security issues, the Guardian app can alert a user to the threat. The team periodically scans a range of apps in the App Store to help identify problematic and privacy-invasive issues that are fed to the app to help improve over time. Instead, taking a tried-and-tested approach from the team’s own research. Strafach said the app will later tell a user how many times an app accesses device data, like their contact lists.īut unlike other ad and tracker blockers, the app doesn’t use overkill third-party lists that prevent apps from working properly. A future version plans to allow users to modify or block their precise geolocation from being sent to certain servers. Strafach described the app as “like a junk email filter for your web traffic,” and you can see from of the app’s dedicated tabs what data gets blocked and why. The aim isn’t to prevent a potentially dodgy app from working properly, but to give users’ awareness and choice over what data leaves their device.
It means the Guardian app can near-instantly spot if another app is secretly sending a device’s tracking data to a tracking firm, warning the user or giving the option to stop it in its tracks. “We’re in a ‘wild west’ of data collection,” he said, “where data is flying out from your phone under the radar - not because people don’t care but there’s no real visibility and people don’t know it’s happening,” he told me in a call last week.Īt its heart, the Guardian Mobile Firewall - currently in a closed beta - funnels all of an iPhone or iPad’s internet traffic through an encrypted virtual private network (VPN) tunnel to Guardian’s servers, outsourcing all of the filtering and enforcement to the cloud to help reduce performance issues on the device’s battery. Now his team - including co-founder Joshua Hill and chief operating officer Chirayu Patel - will soon bake those findings into its new “smart firewall” app, which he says will filter and block traffic that invades a user’s privacy. And just a few months ago, he revealed a list of dozens of apps that were sneakily siphoning off their users’ tracking data to data monetization firms without their users’ explicit consent. Last year, he found AccuWeather was secretly sending precise location data without a user’s permission. A security researcher and former iPhone jailbreaker, Strafach has shifted his time digging into apps for insecure, suspicious and unethical behavior.
Your phone has long been a beacon of data, broadcasting to ad networks and data trackers, trying to build up profiles on you wherever you go to sell you things you’ll never want. Phones track your location, apps siphon off our data, and aggressive ads try to grab your attention. For weeks, a small team of security researchers and developers have been putting the finishing touches on a new privacy app, which its founder says can nix some of the hidden threats that mobile users face - often without realizing.
0 kommentar(er)
