Wednesday, August 25, 2010

Apple patenting "traitorware"

Julie Samuels of the Electronic Frontier Foundations (EFF) "Deeplinks" blog has a lot to say about Apple's recent application for a patent on "Systems and methods for identifying unauthorized users of an electronic device." It doesn't sound too bad, does it. How do we identify someone who's stolen our $500 iPhone or our $1500 laptop? Use Apples newest development in user identification and monitoring, of course!

This technology is waaaay beyond what would be necessary to tell whether a device is stolen or not. With this "traitorware" as the EFF is calling it, Apple can collect and store biometric data on you, tell if the device has been jailbroken (and take action if it has), alert the appropriate parties of where the device is ... here's the EFF's partial list of what Apple's proposed system can do:

  • The system can take a picture of the user's face, "without a flash, any noise, or any indication that a picture is being taken to prevent the current user from knowing he is being photographed";
  • The system can record the user's voice, whether or not a phone call is even being made;
  • The system can determine the user's unique individual heartbeat "signature";
  • To determine if the device has been hacked, the device can watch for "a sudden increase in memory usage of the electronic device";
  • The user's "Internet activity can be monitored or any communication packets that are served to the electronic device can be recorded"; and
  • The device can take a photograph of the surrounding location to determine where it is being used.

In other words, Apple will know who you are, where you are, and what you are doing and saying and even how fast your heart is beating. In some embodiments of Apple's "invention," this information "can be gathered every time the electronic device is turned on, unlocked, or used." When an "unauthorized use" is detected, Apple can contact a "responsible party." A "responsible party" may be the device's owner, it may also be "proper authorities or the police."

There is no need for Apple, or anyone, to gather that much information about you as a purchaser of their products. This is information that can be used to steal your identity. We're not talking about a single biometric identifier - that would be bad enough. Apple want to gather your picture, voiceprint and heartrhythm at least, and maybe more. They want to monitor your internet usage - and log not just where you go, but record the actual data packets that are being sent to and from your device. They want to monitor memory usage for patterns that may indicate the device has been jailbroken - even though jailbreaking is legal.

With this patent application Apple is reaching far beyond any information they have a right or a need to gather. Pray the patent is denied and that Apple doesn't try to change it and reapply. This is an idea whose time will never come.