WeChat’s HotspotHelper Entitlement
Yingyu (via Hacker News):
Since the introduction of iOS 9 in 2015, Apple has included an API call named “HotspotHelper,” enabling developers to request a capability for their apps to assist the system in connecting to WiFi access points.
[…]
The real cause for concern arises from the fact that, with access to such information, apps can effectively track a user’s location. This is based on the premise that most WiFi access points remain stationary after deployment, providing a consistent reference for triangulating a user’s whereabouts.
[…]
Adding another layer to the discussion is the fact that major apps like WeChat and Alipay have already implemented this capability. These two apps are ubiquitous in mainland China, touching almost every aspect of people’s lives. The widespread use of these applications in a densely populated region intensifies the implications of location tracking without user consent.
[…]
I strongly advocate for Apple to offer users the option to disable this feature, akin to other privacy settings such as location and notifications. Apps should explicitly seek permission before accessing this feature, ensuring users have the ability to grant or deny access while using the app.
We already know that WeChat gets special treatment to bypass the App Store guidelines (apps-within-apps and payments) because of its strategic importance. It sounds like it also has a special com.apple.developer.networking.HotspotHelper
entitlement. This is ostensibly needed so that users can connect to public hotspots authorized by their WeChat accounts, but it also allows the app access to tracking information even for users not using those hotspots and with no way to opt out.
iOS’s app-based privacy protections are not well suited to super-apps. An app that does all the things gets all the entitlements and all the access. Once the app gets all the data, Apple and the user have no control over how it’s used.
Previously:
- Carrier-Forced Wi-Fi Offloading
- Apple Still Sitting on Entitlement Requests
- Fanhouse vs. Apple
- Private iPad Camera Multitasking Entitlement
- Whitelisted Developers
- WeChat’s Apps Within an App
- Apple Wants 30% of Tips From Chinese Chat Apps
- iOS 8 MAC Address Randomization
2 Comments RSS · Twitter · Mastodon
>iOS’s app-based privacy protections are not well suited to super-apps.
I would say iOS, period, is not well-suited to super-apps.
But even outside of WeChat, the "one app, one privacy toggle" approach lacks granularity. Do I want a weather app to know my location in order to fetch local weather? Sure, I guess. Do I want it to send my location to advertisers? Probably not! Do I want notifications for an upcoming appointment? Yes. For a new feature? No.
An expansion where an app can declare more granular categories within an app, and it's an App Review infraction if it lies about them, would be welcome.