mobileminer and nervousnet
If you can't read please download the document
TRANSCRIPT
MobileMiner and Nervousnet
-Two Approaches to Social Mining
Department of Digital Humanities
Giles Greenway
NervousNet from ETHZ:
http://www.nervousnet.ethz.ch
NervousNet hub mobile app polls various physical sensors at a user-defined rate.
Data is pushed to one or more remote proxies.
Outputs of sensors combined into virtual sensors.
Small custom deployment at CCC Congres.
What about the device's inner-life?
Apps bleed into the physical world. They hold data about us. What are they doing behind our backs?
Pokemon Go is more than just a game and it's bringing people together. -Forbes.
Blogger who filmed himself playing Pokemon Go at a Cathedral could face prison. -Moscow Times.
Really? What about other pervasive games like Ingress?
Our Data Ourselves: MobileMiner
20 Young coders from Young Rewired State were issued with Android smartphones.
Developed MobileMiner together, an app that records the behaviour of other apps.
Return their data at hack-days.
Discuss their attitudes to privacy before and after confronting them with their data.
What data do Android apps store?
We don't know!
Apps' internal SQLite databases are not available when the device is mounted as mass-storage.
Databases can be copied from rooted devices using the Android Debug Bridge.
How frequently do apps request location?
We don't know!
The Android settings activity lists recent location requests.
Non-system apps cannot access this API call.
Apps can make passive location requests, to find the last requested location.
Poll this repeatedly and see when it changes?
Make an educated guess as to which app is responsible?
How frequently do apps send notifications?
Moral: Stop Playing Clean!
Register your app as an accessibility service.
The user must be prompted to accept it.
Normally, the service would do text-to-speech, or use large print.
Instead, log the time and the app that sent the notification.
Ignore the content!
Notifications as a proxy for social network usage.
Twitter sends notifications based on people you follow. The more notifications the more friends.
How frequently do apps phone home?
Android has a TrafficStats API.
Poll this reasonably frequently on a per-app basis and record the increase in Txed/Rxed bytes.
GetUidRxBytes: Starting in N this will only report traffic statistics for the calling UID... (N is for \_()_/)
Buggy. Protocol info depreciated.
No idea what's being sent.
How frequently do apps phone home?
Android is a Linux-based system.
For some apps, we can read the /proc//net directory and find open network sockets.
This gives us the protocol and the port.
Need to poll agressively, not great for battery life.
sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode12: 4F01A8C0:E1D0 B422C2AD:0050 01 00000000:00000000 02:000003A3 00000000 1000 0 154153 2 0000000000000000 23 4 28 10 -1
Don't Tap The White Tile
Why do apps phone home so frequently?
The Line-Keep In is a simple scrolling maze game with very frequent network access.
It requests very extensive permissions, including location.
Decompiling it revealed 3 advertising and notifcation services. (tencent.com, jpush.cn, umneng.com)
Some of these were alreeady of interest to security researchers.
The Droid Destruction Kit!
Can we put Android reversal and traffic capture tools into the hands of beginners?
Many tools require building from source. Containerize a browser-based VNC desktop with Docker.
Masterclass on app reversal held by Darren Martyn (http://insecurety.net/) of Xiphos Research: http://www.xiphosresearch.com
Distributing mobile social data.
MobileMiner uploaded data to a slightly customized CKAN instance. -Containerzied and distributed to the YRS participants.
Pentland proposes Open Personal Data Stores. (http://openpds.media.mit.edu/)
Iaconesi & Persico propose the Ubiquitous Commons on Ethereum. (http://www.artisopensource.net/)
Pentland then proposes Enigma, peer-to-peer data storage on Ethereum. (http://enigma.media.mit.edu/)
NervousNet proposes a peer-to-peer proxy.
Informed Consent
Users upload position data with low frequency. Do they understand the consequences?
Should such information be quantized spatially as well as temporally?
MobileMiner collected cell-tower data, resolved spatially using http://opencellid.org.
Simple application of k-means is sufficient to determine places of work or study.
NervousNet:http://www.nervousnet.ethz.ch
Our fork:
https://github.com/kingsBSD/nervousnet-android-kbsd/
Follow us on Twitter: @KingsBSD
Read our blog:http://big-social-data.net/
Slideshare:http://www.slideshare.net/kingsBSD/
Twitter Network Degree vs NotificationsNumber of Notificationsfriends / followers countFriendsFollowers
128333134
2468646999
31243857
45518299
516194224
6351876298
71075819323