PowerPoint Presentation

Our Data, Ourselves

-The Data Democracy Deficit

Department of Digital Humanities

Giles Greenway

Tobias BlankeJenifer PybusMark Cote

Big Social Data: The Problem?

More than 5 billion of us produce vast amounts of social data whenever we text, browse, post or generate content on our phones.

Our phones emit metadata, tracking us through time and space.

We suffer from a data democracy deficit.

Public understanding of our information-rich environment and quantified selves must improve.

Big Social Data: The Solution?

We seek to turn Big Social Data into a community asset.

Develop tools, and practices to enable research on and BSD by arts and humanities researchers.

(e.g. Grey and Pleasant Land http://www.ccri.ac.uk/greyandpleasantland/)

Partner with youth coders in the Young Rewired State network as co-researchers.

Develop a freely accessible, open online market place for tools and applications enabling the extraction of BSD from smart phones.

.

Young Coders: Attitudes Vary!

~20 Young coders were issued with Android smartphones with our MobileMiner app installed.

Invited to participate in hack-days and focus-groups.

.

If you have nothing to hide you have nothing to fear...

Privacy is attached to other people... so if someone you agree toconnect with is open then you can be accessed through them cause it's kind of herd thing, you've all got to do it otherwise, oneperson is in trouble.

People don't realise how large their digital footprints actually are...

Being of kind of this generation and being tech savvy we havesome control because we know how to have control...

MobileMiner:

Record data that other apps frequently harvest.

Record app beaviour.

Make data available to users as a SQLite database.

Allow users to explore their data on their devices.

Periodically upload anonymised data to enable research. (CKAN: http://ckan.org/)

http://kingsbsd.github.io/MobileMiner

.

Mobile Miner: Network Traffic

The Android API provides network traffic data on a per-app basis.

Sample this every half second.

Each app corresponds to a user in the underlying Linux system.

The API can identify the PID of each running app.

Poll /proc//net/tcp every half second.

Obtain the port and IP address of each network socket.

sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode12: 4F01A8C0:E1D0 B422C2AD:0050 01 00000000:00000000 02:000003A3 00000000 1000 0 154153 2 0000000000000000 23 4 28 10 -1

Mobile Miner: Other Data

Record names, MAC addresses and times of connection to wifi hot-spots.

Provide an accessibility service. -Log when apps send notifications.

Record connection times and IDs of GSM cells.

Mobile Miner: GSM Cell Tower Locations

Full GPS is too invasive, and consumes excessive power.

Avoid use of Google location API.

OpenCellId provides locations of cell towers.

Include UK database within the app.

http://opencellid.org

GSM Cell Heat Maps

Cell tower locations are informative, but maintain some privacy.

Avoid registering for Google's maps API.

Display maps using OpenStreetMap in a web view using the OpenLayers JS library.

https://www.openstreetmap.org

http://openlayers.org/

Results: Game Usage

Don't Tap The White Tile

What game is player B so keen on?

The Line!

Fighting Back?

Grab the app's .apk package file from a rooted phone?

Decompress the package and examine AndroidManifest.xml.

Decompile the app and examine the source code.

Getting an .apk package:

http://aps.evozi.com/apk-downloader

Fighting back: Decompressing the .apk:

apktool d com.onetouchgame.TheLine.apk

http://code.google.com/p/android-apktool/

AndroidManifest.xml

The app receives intents from the push notification service jpush.cn. Umeng is a mobile analytics service.

Is that why it had open sockets on port 3000?

.

Fighting Back: Decompile the App

http://code.google.com/p/dex2jar/

dex2jar.sh com.onetouchgame.TheLine

Decompile the .jar file:http://jd.benow.ca/

Fighting Back: The Usual Suspects

Look for PhoneStateListeners and LocationListeners:

if (paramLocation != null) { d1 = paramLocation.getLatitude(); d2 = paramLocation.getLongitude(); boolean bool1 = d1 < 29.999998211860657D; ...

Classes provided by tencent.com (a mobile ad service) reference latitutude and longitude.Classes provided by jpush.cn and umeng.com also reference LocationListeners.

A To-Do List:

Fix the UX!

Look for patterns and anomalies in usage of other kinds of apps.

Use cell towers to track app behaviour.

Analyse user behaviour. (k-means?)

Provide overviews of individual app behaviour.

Hold a second hack day, the coders confront their data.

Attach a demographic survey.

Distribute the data sensitively.

Get to the Play Store.

Play with SPF/WireShark /Burp Proxy/srozer etc...

http://www.bulbsecurity.com/smartphone-pentest-framework/

Download our app: http://kingsbsd.github.io/MobileMiner

Follow us on Twitter: @KingsBSD

Read our blog:http://big-social-data.net/

Slideshare:http://www.slideshare.net/kingsBSD/

Hack An App!