The permissions mentioned sound like someone that doesn't understand the permissions systems used by Android and iPhone tried to translate them. So this part of the article is almost useless as it is hard to figure out what permissions the app actually has.
I don't understand the Android permissions system well enough here, but I would be especially curious about which API version this is targeting as I don't know how far back you can still go currently to avoid some of the stricter file access permissions newer versions added. As far as I can tell the most problematic storage-related permission in modern Android would be "MANAGE_EXTERNAL_STORAGE" meant for apps like file browsers. And if the app actually requests this permission (or intentionally uses an older API level to get equivalent access) that would be a very clear and specific overreach.
But I would also not be surprised at all if this kind of app asks for excessive permissions, and then provides a lot of telemetry and analytics and sends them somewhere. And in a country where e.g. homosexuality is illegal this kind of stuff presents additional dangers beyond compromising your privacy.
Read and Write to the file system - required to allow storage of a small encrypted file which holds a unique ID, QR code, infection status, configuration parameters, and proximity data of other devices using the Application.
Permissions from Aurora Store (3rd party to Play Store):
Hayya:
- control vibration
- have full network access
- prevent phone from sleeping
- run at startup
- run foreground service
- view Wi-Fi connections
- view network connections
- access sensor data at a high sampling rate
- access approximate location only in the foreground
- access precise location only the foreground
- listen to C2DM messages
Etheraz:
- access bluetooth settings
- control vibration
- disable your screen lock
- have full network access
- pair with bluetooth devices
- prevent phone from sleeping
- run at startup
- run foreground service
- this app can appear on top of other apps
- view Wi-Fi connections
- view network connections
- access approximate location only in the foreground
- access precise location only the foreground
- directly call phone numbers
I don't think these are really that extraordinary, but some are not obvious to me at least. Especially "listen to C2DM" seems odd, possibly a side effect of another permission. Of course with these permissions you can track and trace most of your life, but that is now the norm unfortunately.
> In particular, the covid-19 app Ehteraz asks for access to several rights on your mobile., like access to read, delete or change all content on the phone, as well as access to connect to WiFi and Bluetooth, override other apps and prevent the phone from switching off to sleep mode.
The statement about delete/change all content on the phone seems false tho. Also it doesn't "override other apps" whatever that should mean, but can draw over other apps.
I'm guessing they used some framework and the libraries they used ask for a broad set of permissions because they offer access to their functions. But they're not necessarily used.
Also considering they're asking for a permission for a protocol that was shut down 7 years ago, the framework must be quite old. Android permissions were less granular back then.
I know someone in Germany and their covid tracking app tells you when and where you were close to someone who was last tested positive. So everyone does it the same way, recording location.
> Also it doesn't "override other apps" whatever that should mean, but can draw over other apps.
It's a permission designed for accessibility. Because it's so intrusive you usually have to go through a more complex flow to enable it.
"override other apps" is a defensible colloquial definition because it enables clickjacking. Clickjacking is when you overlay an opaque, innocuous overlay and then open something you maliciously want to trick the user into clicking behind it.
I wonder if any of those permissions could be used to give the app access to raw touch screen data. In theory only system drivers should be able to.
If possible, it would pose a huge security risk: raw touch screen data reveal where the user taps before the data is sent to any security layer, so that by simply matching the coordinates to the known shape of the virtual keyboard, a malicious app would easily find text, including all passwords.
This was the same situation for the UEFA Women’s Euros in England this year.
For those wondering, the app was simply for storing, transferring, and displaying your tickets. A ticket being a QR code for you to scan at the stadium turnstiles.
Was the app required? Absolutely not, there was nothing specific that the mobile app could do that a simple website couldn’t (apart from the screen brightness jumping to 100% when displaying the QR code). I’m sure even a printed QR code would of sufficed.
Both UEFA and FIFA should reconsider their approach to ticketing.
> there was nothing specific that the mobile app could do that a simple website couldn’t … I’m sure even a printed QR code would of sufficed.
I don’t know about that app specifically, but most of the major ticketing providers are doing dynamic barcodes[1] now that are effectively TOTPs for entry. You can’t do this reliably on the web for a major event because you can’t assume network connectivity, and obviously a printout or screenshot won’t work.
It's not the same thing. There are two apps, not one - one is for ticketing, the other is supposedly for "COVID".
Second: the UK government does not have a death penalty for being LGBTQ (or blasphemy.) It's been decades since any form of official corporeal punishment happened in the UK, whereas in Qatar it's probably been weeks, at best.
Wouldn't an easy work-around be to get a cheap new Android phone? I assume you only have to install the apps on one device, if you take two; otherwise, just take the new one. I doubt that the expense would be an issue for somebody attending the World Cup.
It seems like this would be good practice these days for any international travel.
At some point few years ago it became practically impossible to do any business in China from the outside without what's app (no idea why as allegedly its banned there). This is around the some time samsung had their "My Knox" feature on their S8 or S9 phone. This feature was like an isolated container for apps, an android equivalent of VM. The purpose was to place your banking and other critical apps there and the normal android system wouldn't be able to access it.
However I found a much better use case is to keep your phone's os secure by putting all dodgy apps in "my knox". This way I could've had what's app and give it access to all my 1 contact I prepared for it etc.
These days I don't know if they still have "my knox" feature on the flagship models as, I decided to get a different phone.
However for going to an autocratic country I would just buy a burner phone (or not go there in the first place).
I wonder if I can even find one technical sentence in the article that even makes sense. It is a total mess. There are so many “what about” questions here. What about people who don’t own/carry a smartphone? What about just denying all requested permissions? What about installing the apps then deleting them once you are in the stadium? Or as you say have a burner phone that you leave off? So silly.
When I went to China I got a phone to run WeChat, which I erased and reinstalled once I got back. Android phones are cheap now, you can get something which is quite decent for a couple hundred dollars.
> Security experts believe Qatar's required mobile app will be like giving the World Cup country's authorities the key to your house.
Qatar would be just a small player in this field. Other security agencies and security incumbents are surely having fun with the app. Prepare for a world cup full of advisories.
I don’t think they’re complaining, which leads me to believe that’s another reason for them to field test this and even just capture info on how many idiotrich leave the country with a rootkit on their phone.
Luckily my country is already so creepy this qatar thing is a fully non-issue for me. In fact, i wouldn't even have to know about the app before travelling to deal with this.
ANY time I go through US airport security, I don't take my phone. I take a burner phone that doesn't have any of my accounts logged in or personal data on it.
From my understanding, they can and will dd your whole phone image to some national security database while holding you for 'enhanced screening.'
>From my understanding, they can and will dd your whole phone image to some national security database while holding you for 'enhanced screening.'
this is not true, maybe at customs but not when traveling domestically. i had a dog sit down while walking through security and TSA had to swab everything i was traveling with. my phone was swabbed but nothing was ever connected to it.
This is the reason that when I travel I carry two phones. One is the phone I actually use, and the other is the one I give to authorities when they ask for my phone. It is astonishing to me that not once have I ever been asked if I have a second phone.
(It will be an interesting experiment to see if that happens now that I have posted this here.)
The uncritical acceptance of Qatar as the next hot business location, like an area of the map unlocking on Civ, is a total catastrophe for the cause of human rights. The entire country should be boycott, not embraced.
All the news about slavery and bad treatment of workers to build the infrastructures and silencing or minimizing by western press and now this. No surprise when you organize a thing like the Football World Cup in a dictatorship like Qatar in exchange for money this is you can expect. Just let's hope it does not get used as a backdoor by other with even worse intentions.
Most likely you are SoL. By the sounds of it they simply won't let you into the country unless you can show that you've installed their covid tracking app
It is possible, with Scoped Storage. The problem is that apps know when they've been denied permissions, so it will indicate that, and then you'll be either refused entry or thrown in jail.
I really would like to know how Qatar got the World Cup… it can’t have been legitimate, it’s just got so many obvious disadvantages… For example, it’s too hot to host it in summer as usual, so it’s in the northern hemisphere winter, which interrupts all the leagues.
Bribes, some of which came out and are currently under investigation/prosecution.
Other reasons why it's a terrible idea: they have a small population, little football culture (in terms of absolute size), no infrastructure (all the stadia are newly built and some will be demolished afterwards; there aren't enough hotels); they have many laws incompatible with what usually happens at World Cups. There literally isn't a single positive thing to be said about Qatar hosting the World Cup.
Since Electronic Arts righteously dumped FIFA like a ton of rotten bricks, why don't they organise a football world cup instead?
Less corruption money must mean more leftover for the players and staff involved.
Also instead of some nebulous process for the host country selection, get game owners to vote, they're already very securely identified.
The time to ride on the complete stink the air conditioned slave-labour edition will produce is now.
Get your lawyers to review the contractual structure of leagues and clubs, it can't be that the whole international set of deals is failsafe, players can probably just walk.
> This means that if you want to go to the WC, you have no choice. This is a mandatory app, with no options.
it’s fashionable to make the case against tech by arguing the privacy angle. i sometimes wish we could raise the discussion one level of abstraction and speak about control more broadly (privacy being the control over which information you make public). you can make this app as private as you want, but i’d still be upset that its mandatory use is contradictory to my desire for agency.
Iif you really need to be there, use a burner phone. Or just don't go. Keep in mind those stadiums were built by slaves. Do you want to support slavery?
[+] [-] fabian2k|3 years ago|reply
I don't understand the Android permissions system well enough here, but I would be especially curious about which API version this is targeting as I don't know how far back you can still go currently to avoid some of the stricter file access permissions newer versions added. As far as I can tell the most problematic storage-related permission in modern Android would be "MANAGE_EXTERNAL_STORAGE" meant for apps like file browsers. And if the app actually requests this permission (or intentionally uses an older API level to get equivalent access) that would be a very clear and specific overreach.
But I would also not be surprised at all if this kind of app asks for excessive permissions, and then provides a lot of telemetry and analytics and sends them somewhere. And in a country where e.g. homosexuality is illegal this kind of stuff presents additional dangers beyond compromising your privacy.
[+] [-] yannis|3 years ago|reply
Read and Write to the file system - required to allow storage of a small encrypted file which holds a unique ID, QR code, infection status, configuration parameters, and proximity data of other devices using the Application.
Not much more than a cookie.
[+] [-] curiousgal|3 years ago|reply
[deleted]
[+] [-] DeathArrow|3 years ago|reply
What are the dangers if you respect the laws of that country? You are in danger in any country if you entry it with the intent of breaking the laws.
[+] [-] AnonCoward42|3 years ago|reply
Hayya:
- control vibration
- have full network access
- prevent phone from sleeping
- run at startup
- run foreground service
- view Wi-Fi connections
- view network connections
- access sensor data at a high sampling rate
- access approximate location only in the foreground
- access precise location only the foreground
- listen to C2DM messages
Etheraz:
- access bluetooth settings
- control vibration
- disable your screen lock
- have full network access
- pair with bluetooth devices
- prevent phone from sleeping
- run at startup
- run foreground service
- this app can appear on top of other apps
- view Wi-Fi connections
- view network connections
- access approximate location only in the foreground
- access precise location only the foreground
- directly call phone numbers
I don't think these are really that extraordinary, but some are not obvious to me at least. Especially "listen to C2DM" seems odd, possibly a side effect of another permission. Of course with these permissions you can track and trace most of your life, but that is now the norm unfortunately.
> In particular, the covid-19 app Ehteraz asks for access to several rights on your mobile., like access to read, delete or change all content on the phone, as well as access to connect to WiFi and Bluetooth, override other apps and prevent the phone from switching off to sleep mode.
The statement about delete/change all content on the phone seems false tho. Also it doesn't "override other apps" whatever that should mean, but can draw over other apps.
edit:fix formatting
[+] [-] nottorp|3 years ago|reply
Also considering they're asking for a permission for a protocol that was shut down 7 years ago, the framework must be quite old. Android permissions were less granular back then.
I know someone in Germany and their covid tracking app tells you when and where you were close to someone who was last tested positive. So everyone does it the same way, recording location.
[+] [-] iudqnolq|3 years ago|reply
It's a permission designed for accessibility. Because it's so intrusive you usually have to go through a more complex flow to enable it.
"override other apps" is a defensible colloquial definition because it enables clickjacking. Clickjacking is when you overlay an opaque, innocuous overlay and then open something you maliciously want to trick the user into clicking behind it.
[+] [-] flutas|3 years ago|reply
[+] [-] squarefoot|3 years ago|reply
[+] [-] ASalazarMX|3 years ago|reply
1 TRACKER
- AltBeacon
19 PERMISSIONS
- ACCESS_BACKGROUND_LOCATION
- ACCESS_COARSE_LOCATION
- ACCESS_FINE_LOCATION
- ACCESS_NETWORK_STATE
- ACCESS_WIFI_STATE
- BLUETOOTH
- BLUETOOTH_ADMIN
- CALL_PHONE
- DISABLE_KEYGUARD
- FOREGROUND_SERVICE
- INTERNET
- QUICKBOOT_POWERON
- RECEIVE_BOOT_COMPLETED
- SYSTEM_ALERT_WINDOW
- VIBRATE
- WAKE_LOCK
- BIND_GET_INSTALL_REFERRER_SERVICE
- GET_COMMON_DATA
[+] [-] truemotive|3 years ago|reply
If that isn’t some terminator shit right there, I don’t know what is.
[+] [-] roebk|3 years ago|reply
For those wondering, the app was simply for storing, transferring, and displaying your tickets. A ticket being a QR code for you to scan at the stadium turnstiles.
Was the app required? Absolutely not, there was nothing specific that the mobile app could do that a simple website couldn’t (apart from the screen brightness jumping to 100% when displaying the QR code). I’m sure even a printed QR code would of sufficed.
Both UEFA and FIFA should reconsider their approach to ticketing.
[+] [-] culturestate|3 years ago|reply
I don’t know about that app specifically, but most of the major ticketing providers are doing dynamic barcodes[1] now that are effectively TOTPs for entry. You can’t do this reliably on the web for a major event because you can’t assume network connectivity, and obviously a printout or screenshot won’t work.
1. https://techcrunch.com/2019/05/16/ticketmaster-put-an-end-to...
[+] [-] KennyBlanken|3 years ago|reply
Second: the UK government does not have a death penalty for being LGBTQ (or blasphemy.) It's been decades since any form of official corporeal punishment happened in the UK, whereas in Qatar it's probably been weeks, at best.
[+] [-] PaulRobinson|3 years ago|reply
[+] [-] incompatible|3 years ago|reply
It seems like this would be good practice these days for any international travel.
[+] [-] Roark66|3 years ago|reply
However I found a much better use case is to keep your phone's os secure by putting all dodgy apps in "my knox". This way I could've had what's app and give it access to all my 1 contact I prepared for it etc.
These days I don't know if they still have "my knox" feature on the flagship models as, I decided to get a different phone.
However for going to an autocratic country I would just buy a burner phone (or not go there in the first place).
[+] [-] ryandrake|3 years ago|reply
[+] [-] rwmj|3 years ago|reply
[+] [-] wslh|3 years ago|reply
Qatar would be just a small player in this field. Other security agencies and security incumbents are surely having fun with the app. Prepare for a world cup full of advisories.
[+] [-] psychphysic|3 years ago|reply
And this is an interesting case of that but this is wildly overblown.
I don't have to go to the world cup, it'll actually be really hard to go. I'd have to be desperate or wildly rich.
But I do have to use several government apps on my phone even if just installing them for a brief period. That's the really issue.
Installing an app on a luxury holiday in Qatar is such an absurd complaint given indebted servants bordering on our right slavery died organising it.
[+] [-] truemotive|3 years ago|reply
[+] [-] elif|3 years ago|reply
ANY time I go through US airport security, I don't take my phone. I take a burner phone that doesn't have any of my accounts logged in or personal data on it.
From my understanding, they can and will dd your whole phone image to some national security database while holding you for 'enhanced screening.'
[+] [-] grepfru_it|3 years ago|reply
this is not true, maybe at customs but not when traveling domestically. i had a dog sit down while walking through security and TSA had to swab everything i was traveling with. my phone was swabbed but nothing was ever connected to it.
[+] [-] lisper|3 years ago|reply
(It will be an interesting experiment to see if that happens now that I have posted this here.)
[+] [-] basicplus2|3 years ago|reply
In fact this should have happened years ago..
https://www.hrw.org/news/2020/10/27/women-reportedly-subject...
Otherwise, what do we believe in? what do we stand for? Do we truly only car about money?
[+] [-] Ekaros|3 years ago|reply
[+] [-] sfvegandude|3 years ago|reply
[+] [-] ghostDancer|3 years ago|reply
[+] [-] robswc|3 years ago|reply
[+] [-] dagw|3 years ago|reply
[+] [-] vaylian|3 years ago|reply
> What if you don’t have a smart phone?
Remember, that you want something from them (entering the country). They can refuse you if they don't like your old-fashioned lifestyle.
[+] [-] TekMol|3 years ago|reply
From a quick check on my Android, that seems to be the case. How archaic. Why is it this way?
[+] [-] josephcsible|3 years ago|reply
[+] [-] reactspa|3 years ago|reply
[+] [-] Ekaros|3 years ago|reply
[+] [-] Gatsky|3 years ago|reply
[+] [-] sofixa|3 years ago|reply
Other reasons why it's a terrible idea: they have a small population, little football culture (in terms of absolute size), no infrastructure (all the stadia are newly built and some will be demolished afterwards; there aren't enough hotels); they have many laws incompatible with what usually happens at World Cups. There literally isn't a single positive thing to be said about Qatar hosting the World Cup.
[+] [-] throwaway4736|3 years ago|reply
[+] [-] ghostDancer|3 years ago|reply
[+] [-] InCityDreams|3 years ago|reply
[+] [-] polotics|3 years ago|reply
[+] [-] colinsane|3 years ago|reply
it’s fashionable to make the case against tech by arguing the privacy angle. i sometimes wish we could raise the discussion one level of abstraction and speak about control more broadly (privacy being the control over which information you make public). you can make this app as private as you want, but i’d still be upset that its mandatory use is contradictory to my desire for agency.
[+] [-] lucasfcosta|3 years ago|reply
[+] [-] mcv|3 years ago|reply
[+] [-] zppln|3 years ago|reply