The data economy has cheated on its customers too often, whether it's Facebook sharing data you did not even know existed, or invisible trackers that could not be used without your knowledge Internet follow. A new app launched today in the iOS App Store is designed to help you regain control without shortening your life.
The Guardian Firewall app runs in the background of an iOS device and stores data and location data when compiled, listing all attempts by your apps to deploy them. This is done without compromising the functionality of your apps or rendering them unusable. The blow-by-blow list also gives you a much deeper insight than you would normally look behind the scenes of your phone. Guardian Firewall also seeks to prevent another gear from being in the data engine itself. You do not have to create an account to run the firewall, and the app is designed so that developers no longer have user data.
"We do not log IPs as this is poisonous," says Will Strafach, a longtime iOS jailbreaker and founder of the Sudo Security Group, which developed the Guardian Firewall. "For us, data is a liability, not an asset, but when you think that way, you have to think outside the box, because that means you can not often choose the simplest solutions to technical problems, but when you're ready, Using time and resources, you can find solutions that have no privacy issues. "
The Guardian firewall development team, which includes well-known jailbreaker Joshua Hill, currently has four Engineers and two security researchers, and the app translates their collective knowledge of App Store services into automatic blocking for modules in apps that are known to be potentially invasive. The service costs $ 1
Lily Hay Newman is concerned with information security, digital privacy and hacking for WIRED.
To use Guardian Firewall, all you just tap on a big button on the main screen. It turns green and indicates that the protection is activated. From the user's perspective, that's all. Under the hood, the app creates a virtual private network connection and creates a random connection identity that allows people to track their data without knowing who they are. When you turn Guardian Firewall protection off and on again, the app creates a new connection and a new connection identity. This means that you can not connect the points between your sessions.
The app uses its VPN connection to filter your data in the cloud, but the stream is fully encrypted. Guardian Firewall has automated machine learning mechanisms that enable the behavior of an app, and in particular, the sending of data to third parties, such as mobile devices. B. marketing analysis companies. The idea is to mark whenever an app tries to communicate beyond its own infrastructure. Guardian Firewall is also capable of detecting and blocking other types of potentially invasive behavior, such as: For example, page hijackers who submit pop-ups from mobile devices.
Apple itself has already worked to integrate similar protection features directly into iOS, especially when it comes to blocking the Web tracker in Safari, which would otherwise fingerprint users across multiple sites. However, Guardian Firewall should go a few steps further and apply to all apps.
I've been switching Guardian Firewall on and off for months and found that it's easy to run it in the app background. The connection does not seem to slow down my phone or charge my battery, and the list of trackers blocked by the app is steadily growing: 310 location trackers, seven page hijackers, and 3,200 data trackers. At first, it felt a bit uncomfortable to keep things running in the background, but it was fascinating to see all the gadgets on my iPhone run all the time. Some beta testers have found that they want Guardian Firewall to offer a customizable blacklist feature, rather than just automatic blocking. Personally, I did not feel the need to invest time in customizing the app. For me, the whole value lies in "setting it and forgetting it."
"How can we trust you?" This is a legitimate question that users must address to all app manufacturers. "
Will Strafach, Sudo Security Group
Guardian Firewall has already resolved at least one privacy problem during the limited pre-release version." Someone essentially launched a denial-of-service attack against the service by quickly filling a flood of connectivity requests However, Guardian Firewall was unable to verify which IP address or IP addresses originated the requests because no IP addresses were recorded, and the team could have resolved the issue by changing its policy to The small window can access IP addresses when devices connect and then erase the data. "However, we have determined that this violates our values," Strafach said.
Instead, the developers developed a workaround that was one of Apple used device testing, but scrambled the exam, so Guardian Firewall itself t the data that exists does not recognize sent to Apple. The only thing Guardian Firewall finds out at the end of the process is whether the device is a legitimate iOS device or not.
As with any VPN, Guardian Firewall's ultimate privacy and data retention test would be a subpoena that is later released through a process in which the service has nothing to surrender. And Strafach says the company works with investigators when needed, as required by law. However, the company has taken precautions, both internally and in contracts with its infrastructure providers, to ensure that it is transparent to users when law enforcement requests are made.
Not Just Another VPN" Of course, Guardian Firewall does apply to many of the same trust issues they do to other VPNs. They still send all their data to their server, but at least Guardian Firewall uses the integrated programming interface for iOS VPN applications, rather than reinventing the wheel, and the encryption scheme that protects your data similarly relies on proven industry standards, not proprietary ones. "Strafach also says Guardian Firewall has the goal of being so open and secure Be as transparent as possible – and agree that people should carefully consider if it fits their specific needs, as they should for any app.
"People should know exactly what Guardian does and when it's just a concept they do not like or they think we're not the right data managers for them, so be it, that's cool " he says. & # 39; how can we trust you? & # 39; is such a legitimate question for users that they can address to all app manufacturers. "
One thing that Guardian Firewall is currently unable to do is to investigate the triggers of tracking alerts on certain apps, a feature I've wished for, and if anything, the absence helps to strengthen confidentiality and his team did not figure out how to achieve this granularity without inadvertently creating a potentially identifiable record of all the apps on your phone, and an upcoming solution will not associate warnings directly with specific apps, but will only display the apps associated with that When the warning may have occurred,
"All you can see is" at this point we've seen this tracker and these are the apps that could cause it to be & # 39 ;, "says strafach. "Maybe it's an app or maybe three, but it's a compromise that gives users more answers while respecting their privacy."
"The obvious biggest risk for the everyday iOS user is that apps are secretly pursuing them, which unfortunately is. Most apps do – quite massively," says Patrick Wardle, a Mac security specialist. "Guardian is thwarting such persecutors in general, I love that Will and Josh, the former jailbreakers, have tackled this, I bet it was not easy, but with their unique abilities, they're probably one of the few teams to figure it out Everything works seamlessly in the restrictive iOS environment. "
It's complicated and resource-intensive to do all these wild workarounds. However, if Guardian Firewall can and is financially viable, Strafach hopes the project will become a kind of project case study that pays for privacy. With so many companies in the market apparently convinced that this is not the case, success is critical.
More great WIRED stories