Jonathan Zdziarski‘s paper about backdoors, attack points and surveillance mechanisms built into iOS is quite, quite interesting.
recent revelations exposed the use (or abuse) of operating system features in the surveillance of targeted individuals by the National Security Agency (NSA), of whom some subjects appear to be American citizens. This paper identifies the most probable techniques that were used, based on the descriptions provided by the media, and today’s possible techniques that could be exploited in the future, based on what may be back doors, bypass switches, general weaknesses, or surveillance mechanisms intended for enterprise use in current release versions of iOS. More importantly, I will identify several services and mechanisms that can be abused by a government agency or malicious party to extract intelligence on a subject, including services that may in fact be back doors introduced by the manufacturer. A number of techniques will also be examined in order to harden the operating system against attempted espionage, including counter-forensics techniques.
This paper is actually half a year old – give or take – but it’s gotten a lot of attention recently due to, well, the fact that he has uploaded a PowerPoint from a talk about these matters, which is obviously a little bit more accessible than a proper scientific journal article.
For instance, despite Apple’s claims of not being able to read your encrypted iMessages, there’s this:
In October 2013, Quarkslab exposed design flaws in Apple’s iMessage protocol demonstrating that Apple does, despite its vehement denial, have the technical capability to intercept private iMessage traffic if they so desired, or were coerced to under a court order. The iMessage protocol is touted to use end-to-end encryption, however Quarkslab revealed in their research that the asymmetric keys generated to perform this encryption are exchanged through key directory servers centrally managed by Apple, which allow for substitute keys to be injected to allow eavesdropping to be performed. Similarly, the group revealed that certificate pinning, a very common and easy-to-implement certificate chain security mechanism, was not implemented in iMessage, potentially allowing malicious parties to perform MiTM attacks against iMessage in the same fashion.
There are also several services in iOS that facilitate organisations like the NSA, yet these features have no reason to be there. They are not referenced by any (known) Apple software, do not require developer mode (so they’re not debugging tools or anything), and are available on every single iOS device.
One example of these services is a packet sniffer, com.apple.pcapd, which “dumps network traffic and HTTP request/response data traveling into and out of the device” and “can be targeted via WiFi for remote monitoring”. It runs on every iOS device. Then there’s com.apple.mobile.file_relay, which “completely bypasses Apple’s backup encryption for end-user security”, “has evolved considerably, even in iOS 7, to expose much personal data”, and is “very intentionally placed and intended to dump data from the device by request”.
This second one, especially, only gave relatively limited access in iOS 2.x, but in iOS 7 has grown to give access to pretty much everything, down to “a complete metadata disk sparseimage of the iOS file system, sans actual content”, meaning time stamps, file names, names of all installed applications and their documents, configured email accounts, and lot more. As you can see, the exposed information goes quite deep.
Apple is a company that continuously claims it cares about security and your privacy, but yet they actively make it easy to get to all your personal data. There’s a massive contradiction between Apple’s marketing fluff on the one hand, and the reality of the access iOS provides to your personal data on the other – down to outright lies about Apple not being able to read your iMessages.
Those of us who aren’t corporate cheerleaders are not surprised by this in the slightest – Apple, Microsoft, Google, they’re all the same – but I still encounter people online every day who seem to believe the marketing nonsense Apple puts out. People, it doesn’t get much clearer than this: Apple does not care about your privacy any more or less than its competitors.
Nothing in there about mitigation techniques, other than possibly, “don’t use iOS” … and unfortunately, given everything else we’ve learned from M. Snowden, it’s likely every alternative is also hacked.
The beauty of Android is your ability to easily root it and remove any suspected spy ware
You can’t really easily remove backdoors in the baseband firmware. Just to clarify, it’s not part of Android or any other primary operating system that runs on your handset. It’s part of the separate operating system which ironically manages one of the most important components – mobile communication.
Edited 2014-07-20 05:16 UTC
Enrypted communications can solve that.
But it probably has access to other parts of the system too.
It is probably very similar to most servers where it has a Baseboard Management Controller (like HP Lights Out Management or Dell DRAC) for out-of-band management.
Which has direct access to the RAM used by the mainsystem.
The people from the neo900 project specifically mentions this in their FAQ:
Isn’t a non-free baseband firmware a privacy issue?
We’re going to address privacy concerns of non-free modem firmware by ensuring that modem has access to no other data than absolutely necessary, so it won’t be able to spy on anything that’s not already available on carrier side. On Neo900 one can be sure that the modem is actually turned off when requested, not just pretending to be. User will be notified in case of modem wanting to do something without his consent.
Unlike some other smartphones do, Neo900 won’t share system RAM with the modem and system CPU will always have full control over the microphone signal sent to the modem. You can think of it as a USB dongle connected to the PC, with you in full control over the drivers, with a virtual LED to show any modem activity.
http://neo900.org/faq#privacy
The DragonBox Pyra (pocketable Debian+ARM gaming laptop) is going to do something similar with its cellular modem.
1. The modem+GPS chip will be separate and you’ll be able to buy units with or without it. (partly to save you money if you don’t need it)
2. If you choose to have the modem, it connects to the rest of the system as an internal USB peripheral. No DMA.
3. It’s not feasible to put a switch on the modem’s power supply line to ensure a hack couldn’t force it to ignore its enable/disable pin, so, instead, they’re going to wire the cellular status LED up to the power controller as an “is the modem drawing power?” LED.
thanks for the information
You realize rooting, especially with something like towel roots, is pretty much just like jailbreaking?
Using a vulnerability to get root?
You realize rooting an actual Google device, with something like fastboot, is pretty much supported by the manufacturer? There is no “exploit” involved.
Yes, some Android manufacturers lock their bootloaders and don’t give their users a supported method to unlock them. Those guys are assholes – don’t buy your device from them.
Point being you at least have a choice with Android (if you care about rooting). You have no choice with iOS…
At the end of the slides, he did present the use of Apple Configurator’s MDM restriction feature to prevent further pairing (and delete pairing records), which would stop these attacks (https://itunes.apple.com/ca/app/apple-configurator/id434433123?mt=12)
Those of us who aren’t corporate cheerleaders
Oh, the irony.
You might want to look the word up…
Since there are two things that you can’t touch here (Samsung and Google). I would say that I’m pretty accurate.
Edited 2014-07-19 19:57 UTC
???????
Just a random pick of some recent items to expose you for a liar.
http://www.osnews.com/story/27720/Samsung_confirms_no_KitKat_for_in…
“Do not buy Samsung phones”. Doesn’t get much clearer than that.
Then there’s Google.
http://www.osnews.com/story/27836/Pixar_s_Ed_Catmull_central_figure…
Eric Schmidt is a criminal.
http://www.osnews.com/story/27807/Android_without_the_mothership
http://www.osnews.com/story/27805/The_microg_Project
Articles on how to get Google out of Android.
http://www.osnews.com/story/27776/Play_Store_permissions_change_ope…
“Google is monumentally stupid”.
http://www.osnews.com/story/27721/Emails_reveal_close_Google_relati…
Google’s close relationship with the NSA.
http://www.osnews.com/story/27603/Google_cited_as_bothered_by_Andro…
Calling Google’s practices to block dualboot Windows/Android devices as “illegal”.
—
Hiev, stop trolling.
Edited 2014-07-19 20:06 UTC
Dude, that is nothing, I can quote the tripple of the amount of articles and comments of you cheering them, and attacking unfairly their competence, it is really evident your biaz.
Edited 2014-07-19 20:09 UTC
I know you’re trolling, as you almost always do, but you should know better than to play such a weak game. Two articles in recent days belie your pathetic attempt:
Thom: “Do not buy Samsung phones.”
http://www.osnews.com/story/27720/Samsung_confirms_no_KitKat_for_in…
Thom: “Who cares about Google+?”
http://www.osnews.com/story/27844/Google_drops_real_name_policy
There are, of course, many more examples going back several years, but my point stands. Give it up dude; if you don’t realize by now that Thom has a love/hate relationship with pretty much every tech company out there (as many of us do), then you’ve got to be a bit thick.
Edit: and I see Thom himself beat me to it. Good show.
Edited 2014-07-19 20:12 UTC
Im tempted to also put my own links for fun, but is hard to do it using a smarth phone. Oh and also to put links to those articles I’ve submited about them and Thom has conviniently ignored.
Edited 2014-07-19 20:18 UTC
Of course you can make such a list.
Doing so would only prove my point, not yours, mr. smartypants.
I don’t know how, so I’ll just assume I didnt explain my self clear enought.
I honestly don’t understand what it is you feel you have to prove. If you don’t like the site or its editor, why are you here? If you do like it but you like to cause controversy, why? Is it a compulsive disorder, a social anxiety disorder, or just plain childishness? You remind me of so-called “Social Justice Warriors”, kids and teens on sites like Tumblr and Twitter who go out of their way to push their agenda on people who dare to disagree with them, using shaming, threats and constant berating. It’s a level of cyberbullying that goes far beyond simple trolling, and you are coming uncomfortably close to that kind of behavior.
I really think you’re obsessed with Thom and/or this site and its users. Perhaps you should step back from the keyboard and think about it for a while.
Edit to address your edit: I have submitted a few articles recently that were not ultimately published on the site. They were all about Microsoft, if I recall correctly. Does that mean I think the site or its editors are anti-Microsoft and censoring me? No! It’s their site and they can publish what they want.
Again, if you don’t like it go elsewhere. Start your own blog or news site and submit everything you want to read about and discuss. Give us links so we can join your community and build it up for you.
But I doubt you’ll bother; your kind of poisonous attitude is what brings down communities like this.
Edited 2014-07-19 20:24 UTC
And why do you care what I do? I have an opinion as you have yours, is simple.
Edited 2014-07-19 20:27 UTC
I’m always curious about what really drives internet trolls, that’s all. But I’m done sliding down this rabbit hole; I know what you are, we all know what you are, and I’m sure you do as well. You’re going to keep doing it no matter how many times you’re called out on it. Have a good weekend.
Well, I think that is a pretty stupid way to waste your time, but hey, who am I to judge you?
Here’s a list of everything you’ve submitted since early 2011. There’s nothing even remotely controversial in there.
http://postimg.org/image/kgln7eq3v/
You can cross-reference it with your approved submisstions:
http://www.osnews.com/user/uid:3186/submissions
I’m sorry, but you’ve submitted nothing that can be considered pro or anti-anything and that was subsequently “conveniently ignored” for that reason.
Before you start falsely accusing me, you might want to consider I remember each and every item submitted, approved, and rejected.
Why instead if putting an image you actually put clickable links, you know, to let anybody see them. It gets my attention that article I submitted about how Samsung abused a mexican worker got ignored, but not ignored those articles about Foxcon an apple.
Edited 2014-07-19 20:44 UTC
Except, of course, that we didn’t really report on Foxconn and Apple very much at all. And when we did… It looked like this:
http://www.osnews.com/story/23359/The_Foxconn_Suicides
“A lot of media outlets and bloggers have a rather strange tendency to focus on Apple when it comes to the suicides at Foxconn. You’ll often hear things like “suicides at iPhone factory”, or “iPhone workers commit suicide”, or something along those lines. People are trying to make it seem – for whatever reason – as if Apple is somehow involved, and as if Apple, and Apple alone, is responsible for the Foxconn factory.
This is absolute nonsense. Foxconn makes products and parts for a whole boatload of companies, and more likely than not, your house is filled with stuff manufactured by them – even if you don’t own a single Apple product. Linking the suicides to Apple specifically is not only sensationalism, it’s incredibly tasteless.
There’s enough to criticise Apple for, but this certainly doesn’t belong on that list. Please, stop linking the Foxconn problems to Apple specifically.”
You were saying?
Edited 2014-07-19 21:02 UTC
That doesnt explain why you ignored my submition, and you havent put the clickable links yet. I can’t confim or deny why you put right now, since Im using a smart phone, but when I get access to a desktop computer this will get more intetesting.
Because I ignored a thousand and million other submissions about this subject as well. What you do not seem to understand is that Apple+factory conditions is a superpopular subject that gets submitted all the time… And I ignore them. Not just yours – all of them.
I’m not giving you access to my Gmail account.
That what I said, that you conveniently ignored it, and come on Thom, we dont need your email account, a copy paste would do.
Could you just perhaps shut the fuck up and move on?
I can accept that “news about OSes” is rare enough for the site to have branched out into “news about hardware and politics that may be relevant to users of a given platform”, but even the Mexican worker abuse story was pushing the bounds of relevance.
Thom exercised the kind of relevance filtering that keeps OSnews from being removed from my RSS reader. Let it go!
Let me remind you that Thom once here published in first page an article of how a forniture catalog changed the type of font.
Nuff said
And I’m willing to put up with a bit of irrelevance as long as he doesn’t go too far… especially if it’s something I wouldn’t have seen on one of my other feeds.
If anything, I already got too many dupes in my feeds regarding Foxconn.
Lets not forget Obama over ruling the ITC ban of the iPhone. He wouldn’t want the NSA to sit on their thumbs all day.
Doubt it, if Thom were that biased he would have put up the story where Samsung severed its relationship with a Chinese company found to be using child labor, this was just last week, funny that Apple did nothing since they use the same manufacturer.
The technical capability to spy on users, combined with the vehement denial of same, usually indicates that a service provider has been sent a National Security Letter, which for those who haven’t been following this stuff is effectively a combination search warrant and gag order. You can have your business seized or shut down and personally be sent to jail for violating the gag order portion of an NSL. This is also the leading hypothesis for what happened to Truecrypt and Lavabit.
No company is immune from the NSA. If the NSA forces you to give up data you have to give up the data or be shut down. It’s clear to everyone that no matter if you have an iPhone or an Android or a Jolla phone your data can be accessed by the NSA. Until that whole system is changed that will be the case.
But then there’s privacy from those people that don’t have the weight of the law behind them. Such as advertisers. And here I do believe Apple (and possibly Microsoft) are better than Google. It’s pretty obvious that when your entire business model is based around selling advertising, you will be more likely to sell more data about your customers. Anyone that ignores this simple market reality is being incredibly naive and swallowing Google’s “we’re the good guys, we’re on the side of the nerds” story hook line and sinker.
Facebook is the same class of company. Do you trust Facebook not to leverage/sell your data to the highest bidder? No? Then you shouldn’t trust Google either. Their business models are similar.
Edited 2014-07-20 21:11 UTC
I understand your distinction by saying it’s Google’s entire business model, but Apple and Microsoft also both have data-driven ad models too:
Apple: “Find your audience using targeting tools built upon a foundation of registration and media consumption data that’s exclusive to iAd.” http://advertising.apple.com/
Microsoft: “By leveraging our technology and data, we deliver relevant experiences that people value and that deepen brand engagement.” http://advertising.microsoft.com/en/advertising-online
I’m curious to know what aspects of the other parts of Apple and Microsoft’s businesses in your opinion make them less likely to be aggressive in terms of using personal data, or more inclined to respect customer privacy?
Run real Linux on your phone http://openmoko.org that has the radios isolated completely from the main system.Almost impossible to find this setup anywhere, but for privacy’s sake its the best possible option.
I agree, this makes more sense from a privacy perspective, and I noted Lennie’s interesting comment above about the Neo900 modem protection: http://www.osnews.com/thread?592787
However, even in this case (as with Blackphone) I think it’s still important to be aware of where the privacy boundaries lie. For example you can’t prevent the phone company collecting data. Basically, if you’re using a mobile phone, you’re giving up privacy for the privilege.
Incidentally, I had an OpenMoko Neo 1973 back in 2008/9 and think the initiative is great, but it wasn’t a viable phone at the time (for understandable reasons). I’d be interested in any fair but candid reviews of where things are now.
Edited 2014-07-21 00:08 UTC
Same here, anyone got experience with the Neo Freerunner’s GTA04A4 upgrade kit for it and the updated software you where running on it?
Side note for OSS ARM hardware is the Pyra handheld that is the spiritual successor of the OpenPandora that is being designed by the community, It looks like they learned a hell of allot from the Pandora project’s failings as you can see for yourself here https://www.youtube.com/watch?v=PvXlxwpwOoE I really like that they have gone for a modular system board setup and placed the SoC on it’s own board that will be upgradeable in the future.
Sure there is iAd but as far as I know it is not used by Apple itself. I don’t know of a single Apple product that is ad supported.
What other aspects are necessary? When your business is ads you will inevitably become more and more aggressive at selling ads. For example, just examine the progression that Google went through, from very unobtrusive text ads to full screen blocking ads and banners. All their products start ad-free (maps, email, etc) and then slowly the ads creep in and become more intrusive. Facebook is similar. Basically anything that is free I am wary of.
Yes, but it’s important not to confuse the display of adverts in a product with the use of personal data for selling ad-space to others. The issue here (at least as I understood it) is not whether Apple are displaying ads in their products, but rather whether they’re using the data they get from their products in a way which impacts user privacy. I don’t see any reason why Apple, Microsoft, Google or Facebook would feel constrained by their other products not to use this data to the full extent their T&Cs allow. But I’d be interested if there are arguments or evidence to suggest otherwise.
Come on.
Apple iAd revenue is hardly a blip on the radar (most probably less than 1% of Apple entire revenue) while 95% of Google revenue comes from ads and Google can make so much revenue from advertising because the are selling highly targeted ads based on the vast amount of data they get from their users (i.e. almost everybody). Same for Facebook.
Privacy is a very sensible subject and the reason Microsoft or Apple are a lot more trustable concerning privacy is simply that they have a lot more to gain by not using users data more than what is strictly necessary to operate their own services.
On the other hand, Google or Facebook have no choice: in order to pay the bill for all the free services and the countless data centers, they need to make more and more money and their only source of money is targeted ads.
People dislike privacy abuse more and more and soon, Google and Facebook may hit a wall when free services become a lot less attractive for many considering the price to pay: being flooded with obtrusive ads everywhere, every time.
Do you really need more evidence?
Edited 2014-07-21 10:36 UTC
majipoor,
I agree with flypig, if a company’s T&C permits it to do XYZ, then why would anyone hold an expectation that they would not do XYZ?
What is the evidence you are referring to? The fact that apple makes less money off of advertising than google does? To me, that’s not a compelling reason to look the other way. Why bother having iAd at all? To be perfectly honest, I found it disappointing that apple sought to incorporate iAd into it’s platform in the first place. Of course it makes business sense, but it is representative of how willing companies are to let advertising creep into all our technology and even our operating systems. Advertisers are the borg – resistance is futile.
Where in the apple toc does it say they can sell/use personal data about me?
There is a huge difference in motivation between a hardware company and an advertising company.
I think that’s pretty clear from the fact that Apple services do not have ads. Why is that? Surely they could make money by putting ads into maps and email, but they don’t because they know people will pay to have an ad free product. And no targeted ads means they have no motivation to sell my private data to the highest bidder.
That’s a good question. I had a look through both Apple’s and Google’s privacy policies and they both look broadly similar in terms of what they collect and where the data can go. They both collect personal information and use this for targeted ads; they don’t give this to third parties except in aggregate form.
In relation to personal info:
Google: “We do not share personal information with companies, organizations and individuals outside of Google unless one of the following circumstances applies:” followed by exceptions for consent, domain admins, processing and The Law.
Apple: “Disclosure to Third Parties” includes “strategic partners that work with Apple to provide products and services”, “services such as information processing, extending credit” etc. and The Law.
In relation to aggregate data:
Google: “We may share aggregated, non-personally identifiable information publicly and with our partners – like publishers, advertisers or connected sites.”
Apple: “We may collect, use, transfer, and disclose non-personal information for any purpose.” and “Aggregated data is considered non-personal information for the purposes of this Privacy Policy.”
Here they are in full in case you can find some more interesting differences between them:
http://www.apple.com/legal/privacy/en-ww/
http://www.google.com/intl/en/policies/privacy/
leos,
I think flypig already responded to this pretty well. I’m not really aware of any major specific differences between google or apple T&C, but if you are then please let me know what they are.
This seems like a gross oversimplification to me. Is google more dependent on advertising than apple, yes absolutely, but so what? If apple voluntarily chooses to enter the advertising space, then I feel it’s completely justified to hold them to the same standards as other advertisers.
Again, I kind of wish apple hadn’t entered the advertising space because of the conflicts of interest between end user & advertiser interests. Advertising is a dirty game where our personal information becomes extremely valuable for profiling us. As flypig said earlier, I don’t see why apple would not “use this data to the full extent their T&Cs allow”.
To be perfectly honest, I suspect it’s because apple thinks ads are unpleasant, distasteful, and distracting, they wouldn’t want them in their own apps. However they obviously don’t mind profiting from ads in 3rd party apps.
How so? Running an apple phone doesn’t mean running iAd. I don’t have any ad-supported apps on my phone. If you want a google phone with equivalent feature set from google that is impossible. So no, they’re not the same.
Fine with me. As long as there is a clear separation between my actual personal data and what the iAd framework provides to advertisers, which there is.
No company advertising on iAd has access to my email. But google has access to my email and they advertise to me as well.
leos,
You won’t find any adware on my android device either.
I’m not going to get roped into a “my platform is better” discussion. I do not object to anyone’s device preferences, really. I readily admit that I personally avoid apple devices because I strongly oppose their walled garden approach, however that has no bearing on my opinion of iAds. And when it comes to advertising, I think neither apple nor google are doing any good for user privacy. You may be more comfortable with apple, ok…but you’ve cited nothing substantial from apple’s T&C to dismiss my privacy concerns over iad.
Edited 2014-07-23 07:42 UTC
1) I have never seen any ad on my Android devices.
2) You can run AdAway on any Android device and completely remove any ad from the device. You cannot do this on iOS.
Hence, your assertion that it is “impossible” is not truthful. With 2), one can even assert that iOS is more ad-infested than Android.
Not entirely sure on that statement.
However, such NSA shenanigans are part of why open source is often the best, most secure solution. Open source is not a company, so who of the “many eyeballs” in an open-source project does the NSA oppress?
tupp,
I think OP was referring to the companies that hold our private data (be it google/apple/ms/lavabit/etc) and are told they must release our records/files/contacts/etc to the NSA. We’re vulnerable to this kind of spying regardless of device, and source code licenses don’t really factor in.
I doubt the NSA is “oppressing” ordinary software developers who merely distribute software without possessing troves of user information. Any evidence of this would be informative though.
You are correct. I was mistaken, and I should have read more carefully the OP of this sub-thread.
However, the original article of this thread clearly points to vulnerabilities exploitable in IOS devices, which (last time I checked) have hardware and software that is completely closed and proprietary.
tupp,
Yes, and I find it appalling that it’s so difficult to find 100% open source versions of these things. However, it’s not clear to me how much open source improves the security situation.
I’m not aware of any research showing that the rate of accidental vulnerabilities is better or worse in FOSS code than in proprietary code, I assume it’s similar. As far as intentional vulnerabilities go, those can be added to the product, yet be omitted from the public source. It’s not trivial to prove our devices are actually running the public sources, and virtually impossible if, say, a base-band processor’s firmware is not user accessible.
So being open source is important but not really sufficient, IMHO. You’d actually need to compile and flash the binary code yourself to be highly confident that the software hasn’t been tampered with.
A related, yet different problem is knowing that your device hasn’t been compromised by means of an “interdiction”:
http://www.extremetech.com/computing/173721-the-nsa-regularly-inter…
That should be scary stuff even for a seasoned IT professional. Realistically an average user does not have much of a chance at protecting their privacy if governments/vendors/service providers are determined (or coerced) to spy on them.
Edited 2014-07-21 10:32 UTC
Actually they just talk about theoretical vulnerabilities. Also the guy says that iOS security is overall great. Of course Thom didn’t mention that in order to make the article more controversial.
Sure, but we’re talking smartphones where a lot of data is stored in the cloud. You can run a cloud company on open source software, but that doesn’t protect you from the NSA. If you want some chance at privacy we need to run our own servers and have a phone that can connect to them. Pretty tough at the moment without giving up lots of functionality.
Certainly, there is no way to completely prevent ISP and mobile providers from snooping (on orders from the NSA) on when and where you access data.
However, with open source devices and software, one can have complete control over what data is encrypted and what is shared.
Closed, proprietary devices/software are a lot less private in that regard.
The first company to offer a secure, private, personal box that you dump in your basement and that only connects to your devices – fully encrypted, of course – that is easy to set up and properly markted in a slick box will be one of the next major technology companies.
The existing companies won’t do it, because – despite rather laughable claims to the contrary – all of them have no interest in protecting your privacy. It will come from someone else.
From http://www.zdziarski.com/blog/?p=3441
Just to recalibrate the conspiracy theory meters.
Not saying there are no issues, but there probably are reasonable explanations for the design decisions made by Apple for this. In particular, it does appear that many of these “exploits” depend on you having trusted another computer (which generally requires a passwords before any keys are exchanged between your computer and the phone). Of course, if you are paranoid enough, you don’t trust any computer and you remove that attack vector.
I am assuming this is the legitimate use of this service: https://developer.apple.com/library/Mac/qa/qa1176/_index.html#//appl…
However, that still doesn’t explain why such a service has to be running on the phones of non-developers
Edited 2014-07-21 22:56 UTC