I just realized that iBeacon is still a thing. I was listening to generic radio news and they talked about Christmas retailers knowing where you are in their stores. And I remembered and said to myself, “oh yea, iBeacon from like 6 years ago” and then proceeded to look up the current status of it and see what privacy concerns it might have. I found it to be still very active and the Apple website for it is very open about what it does. I also read the wikipedia article because frankly it is much shorter.
Here is what I know:
- The beacons are basic bluetooth LE devices that send out one-way pings.
- The beacons have a unique ID along with other data.
- Anything can read a beacon, they are public to anything in range of the ping emitted by the beacon.
- Android can also see iBeacon’s no problem and all an app needs to do is have a library to understand them since its not baked into the Android operating system.
- Google also has beacon like protocols and LE devices.
This is what I assume logically from above (I might be wrong):
- While you might not have a specific retailer’s app installed (eg McDonalds), some other app that implements iBeacon can still see all device pings in their vicinity. This reminds me of Skyhook with WiFi SSID location mapping. It would be the same as Skyhook but with beacons. All you would need is one app with access to iBeacon (such as Facebook or some other app), and this one app could be gathering/recording all iBeacon data it sees in your travels?
- I assume iOS doesn’t filter access to iBeacons to just the beacons associated with that app. I assume the app can see all beacons. This app could then sell your position/time data to data brokers/retailers/etc especially since they know what store you went into. For example, Walmart might want to know the shopping habbits of Target shoppers.
This is what I still have a question about:
- I don’t know much about the LE protocol. So does an iPhone respond to a Bluetooth LE ping? or is it stealth? like a port when it doesn’t respond to a protocol request? Maybe this is the wrong terminology.
- We know that iPhone’s keep the bluetooth on even when you turn it off with the icon. But does iBeacon get included with that?
- Does an app register with iOS what beacons it is interested in? and does the app get “woken up” when iOS sees a beacon registered by the app?
- Does an iPhone give apps enough access to Bluetooth where an app could also read other beacons, like the ones offered by Google? or does iOS filter bluetooth LE access?