Feeds

Mad Apple patent: Cloneware to convince trackers you don't like porn

Does Cupertino want this to use, or to suppress?

The Power of One eBook: Top reasons to choose HP BladeSystem

Apple have patented the idea of using data clones to hide from surveillance: data clones that will browse the internet under your name but will look at basket-weaving sites instead of porn.

In one of the stranger Apple patents that we've seen in recent months, author Stephen R Carter details a way of stopping eavesdroppers snooping on users by creating user clones. Patent 8,205,265, called Techniques to pollute electronic profiling was awarded by the Patent Office today.

Apple won seventeen patents today, but this one really sticks out: The other sixteen deal with items of smaller scope such as the design of docking stations, power adaptors and techniques for dynamic shading. The electronic profiling is a bit more futuristic.

How a goody two-shoes clone would distract snoopers and let you ogle smut in peace

We're all getting snooped all the time, says Carter explaining the background to the patent, and it's impossible to stop people doing it. He uses George Orwell to describe our modern world of data snooping:

Concerns about the government and its knowledge about its citizenry is often referred to in a derogatory sense as actions of "Big Brother" who is omnipresent and gathering information to use to its advantage when needed. The electronic age has given rise to what is now known as thousands of "Little Brothers," who perform Internet surveillance by collecting information to form electronic profiles about a user not through human eyes or through the lens of a camera but through data collection. This form of Internet surveillance via data collection is often referred to as "dataveillance." In a sense, thousands of "Little Brothers" or automated programs can monitor virtually every action of users over the Internet. The data about a user can be accumulated and combined with other data about the user to form electronic profiles of the users.

The patent mentions the current technologies for evading tracking including the use of anonymisers and spyware-killers, but argue that they can never completely hide a user on the Internet: "even the most cautious Internet users are still being profiled over the Internet via dataveillance techniques from automated Little Brothers" Carter says.

How Apple would clone you

Apple's idea is to create a data clone that would appear believable enough to divert snoopers from the real person's activities, confusing or "polluting" electronic profiling.

Firstly the patent details the idea of cloning the real person's digital identity to create a clone configured on a device. Areas of interest would be associated with the clone that may different to those of the actual person. The clone would be able to carry out "actions" in line with those areas of interest.

Secondly the patent details adding genuine identity information to the clone to make it seem more believable to eavesdroppers, such as having the same date of birth and gender as the real person.

And thirdly and fourthly the patent details adding feigned information to the clone including feigned emails and bank details so that eavesdroppers will be diverted from collecting the true information.

The patent explains how this cunning ploy would work in practice:

for example, the cloning service may process an area of interest that is divergent from that of the principal such as an interest in basket weaving. This particular interest may be associated with its own lexicon and actions associated with particular Internet websites, products, services, and/or books. Actions may be defined that permit the cloning service to appear to be the principal [real person] and visit specific basket weaving websites, issue Internet searches related to basket weaving, and the like. This activity by the cloning service may be picked up by an eavesdropper and may be used to generate a polluted profile about the principal that suggests the principal is interested in basket weaving, when in fact this is not the case.

In further details it explains that the clone could be set to never look at porn or engage with pirated material. The cloning system would even be configured not to go online at times when the "real person" would not be online - eg scheduled holidays. This would be in order to prevent the detection of it as a clone.

In the wacky futuristic scenarios sketched out by Carter, attempts to make the clone appear realistic would include your basket-weaving digital clone sending emails, engaging in online chats and even buying things online - in order to appear more believable:

In some embodiments, at 160, the cloning service may perform a wide range of automated actions consistent with the assigned areas of interest. Examples of these actions may include, but are not limited to, performing an Internet search on a given area of interest; activating selective results that when analyzed conform semantically to the area of interest; activating advertisement banners in web pages; filling out electronic surveys; sending an email; engaging in rudimentary online chat discussion by using techniques similar to Eliza (an automated chat engine); activating embedded links within a document that conforms semantically to the area of interest; registering for services associated with the area of interest; purchasing goods or services related to the area of interest, etc.

Apple's Motivation

Filed relatively recently on 11 October 2011, we note that the patent application comes several months after Apple landed in a load of trouble for tracking - and storing - very detailed information about the location of iPhone users.

It could be that Apple wants to use this patent as a way to protect its users from malevolent tracking outsiders. It could be that Apple wants to track its own users and has now locked down a way that they could use to evade it. Any use of such techniques would potentially violate Cupertino's new patent.

All we know for sure is that it's going to be quite weird when basket-weaving kits that your anti-surveillance cloneware has ordered on eBay start arriving at your house. ®

Designing a Defense for Mobile Applications

More from The Register

next story
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.