Comment by sanjayjc

Comment by sanjayjc a day ago

0 replies

View on Hacker News

I found a directive[1]:

> Pre-installed App must be Visible, Functional, and Enabled for users at first setup. Manufacturers must ensure the App is easily accessible during device setup, with no disabling or restriction of its features

While I can get behind the stated goals, the lack of any technical details is frustrating. The spartan privacy policy page[2] lists the following required permissions:

> For Android: Following permission are taken in android device along with purpose:

> - Make & Manage phone calls: To detect mobile numbers in your phone.

> - Send SMS: To complete registration by sending the SMS to DoT on 14422.

> - Call/SMS Logs: To report any Call/SMS in facilities offered by Sanchar Saathi App.

> - Photos & files: To upload the image of Call/SMS while reporting Call/SMS or report lost/stolen mobile handset.

> - Camera: While scanning the barcode of IMEI to check its genuineness.

Only the last two are mentioned as required on iOS. From a newspaper article on the topic[3]:

> Apple, for instance, resisted TRAI’s draft regulations to install a spam-reporting app, after the firm balked at the TRAI app’s permissions requirements, which included access to SMS messages and call logs.

Thinking aloud, might cryptographic schemes exist (zero knowledge proofs) which allow the OS to securely reveal limited and circumscribed attributes to the Govt without the "all or nothing", blanket permissions? To detect that an incoming call is likely from a spam number, a variant of HIBP's k-Anonymity[4] should seemingly suffice. I'm not a cryptographer but hope algorithms exist, or could be created, to cover other legitimate fraud prevent use cases.

It is a common refrain, and a concern I share, that any centralized store of PII data is inherently an attractive target; innumerable breaches should've taught everyone that. After said data loss, (a) there's no cryptographically guaranteed way for victims to know it happened, to avoid taking on the risk of searching through the dark web; (b) they can't know whether some AI has been trained to impersonate them that much better; (c) there's no way to know which database was culpable; and (d) for this reason, there's no practical recourse.

I recently explained my qualms with face id databases[5], for which similar arguments apply.

[1] https://www.pib.gov.in/PressReleasePage.aspx?PRID=2197140&re...

[2] https://sancharsaathi.gov.in/Home/app-privacy-policy.jsp

[3] https://www.thehindu.com/sci-tech/technology/pre-install-san...

[4] https://www.troyhunt.com/understanding-have-i-been-pwneds-us...

[5] https://news.ycombinator.com/item?id=46054724