Many smartphone users have expressed worry in recent years about the privacy of their data and the degree to which firms may have access to it. Currently, a few large tech corporations select which apps customers may run on their phones and what they can do with these programmes.
Researchers at ETH Zurich have just embarked on a mission to reverse this present tendency by developing TEEtime, a revolutionary smartphone architecture. This design, described in a pre-publication document on arXiv, enables users to pick which resources on their smartphone to commit to older operating systems, such as Android or iOS, and which to preserve for their own proprietary applications and data.
“This work was motivated (in part) by our experiences in creating (Swiss) contact tracing apps, where we rapidly realised how constrained we are as researchers/developers in accessing certain fundamental services on ‘our’ phones,” said Srdjan Capkun, one of the study’s authors.
“This experience showed us that even governments, in order to get particular access, such as Bluetooth radios, must negotiate with key phone OS providers (Apple/Google). This example prompted us to look more widely at the limitations we confront today on ‘our’ cellphones, which have political and economic ramifications for individuals, businesses, and governments.”
The lack of user control over resources on smartphones is generally described as a required way of providing security and privacy by operating system developers and phone operators. One may argue that exposing smartphone systems endangers users (i.e., increases their exposure to assaults) and degrades their overall navigation experience.
The main goal of Groschupp et alrecent .’s study was to demonstrate that one might possibly provide consumers more control over their phone while preserving current operating systems with its features and security safeguards. To do this, the team created TEEtime, a novel smartphone design architecture that enables many ‘domains’ to operate concurrently on a smartphone.
“We offer simultaneously operating ‘domains’ that are secured from each other utilising hardware characteristics built in current CPUs/platforms with TEEtime,” Groschupp added. “Users may run many domains on their phones, for example, a complete Android/iOS with all the convenience and security that they give, and a proprietary software operating in another domain.”
TEEtime separates distinct domains, enabling users to choose how much each of these domains has access to resources on their phone. This implies that users might, for example, run a navigation programme in their own isolated domain, restricting GPS access to this domain and preventing Android/iOS from accessing their GPS data. Other peripherals, such as Bluetooth or the phone’s built-in microphone and camera, might be used in the same way.
“In terms of providing people authority over their devices, the introduction of domains offers two key benefits,” Groschupp noted. “For starters, it allows users complete control over the privacy of their data, such as enabling them to store their images on a different domain where the user can ensure that no client-side scanning occurs. It should be noted that in today’s phone ecosystems, these functionalities may be quietly deployed without the user ever seeing or having the option to opt-out.”
The second benefit of the TEEtime design is that it may either avoid or boost resistance to censorship. On other words, even if their operating service provider restricts or stops them from installing a programme, they may still execute it in a different domain. So far, the researchers have tested an architectural prototype on an ARM emulator, a software tool often used to test operating systems and other smartphone applications. These first analyses were encouraging, indicating that TEEtime works well and has no negative influence on system security.
“We demonstrate that it is feasible to execute mutually distrusting software on a single phone using hardware primitives that already exist,” Groschupp said. “We hope that this changes public view of the smartphone ecosystem. User control, security, and usability are not mutually incompatible. We avoided using hypervisors because we didn’t want to put complicated high-privileged software on the phones, which would force us to trust major commercial corporations with its development and upgrades.”
The architecture established by this team of academics might open the way for the development of new software solutions that allow customers more control over their smartphone in the future. Meanwhile, Groschupp and her colleagues want to further enhance TEEtime in order to solve constraints that might impede its widespread use.
“Our goal is to create a fully functional phone prototype that will motivate phone makers to embrace this design,” Groschupp remarked. “We are now working on a number of outstanding concerns, such as safeguarding user interactions with our system and studying hardware improvements that would make our solution easier to integrate and even more efficient.”
You might also be interested in reading Have you ever imagined how energy-efficient computing platforms would be?
