An architecture that gives users full control of their smartphones

In recent years, many smartphone users have been concerned about the privacy of their data and the extent to which companies could have access to this data. As it stands, which apps users can run on their phone and what they can do with those apps are determined by a few big tech companies.

Researchers at ETH Zurich have recently embarked on a quest to change this current trend, through the development of a new smartphone architecture called TEEtime. This architecture, presented in a pre-published article on arXivallows users to flexibly choose which smartphone resources they dedicate to legacy operating systems, such as Android or iOS, and want to keep for their own proprietary software and data.

“This work was inspired (in part) by our experiences in the development of (Swiss) contact tracing applications, where we quickly noticed how limited we are as researchers/developers to access certain services of based on ‘our’ phones,” Srdjan Capkun, one of the researchers who conducted the study, told TechXplore.

“We learned from this experience that even governments need to negotiate with major phone operating system vendors (Apple/Google) for specific access, such as Bluetooth radios. we face today on “our” smartphones, which have political and economic implications for citizens, businesses and governments.”

Users’ lack of control over smartphone resources is generally justified by operating system developers and telephony providers as a necessary way to provide security and privacy. Specifically, one could argue that opening up smartphone systems would endanger users (i.e. increase their vulnerability to attack) and negatively affect their overall browsing experience.

The key objective of recent work by Groschupp et al. was to show that you could potentially give users greater control over their phone while retaining existing operating systems, with their features and security measures. To do this, the team developed TEEtime, a new smartphone design architecture that allows different “domains” operating simultaneously to coexist on a smartphone.

“With TEEtime, we provide ‘domains’ that run concurrently, which are protected from each other, using hardware features built into today’s processors/platforms,” ​​Groschupp explained. “Users can run multiple domains on their phones, for example, full Android/iOS, with all the convenience and security they provide, and proprietary software running in another domain in parallel.”

Essentially, TEEtime isolates different domains, allowing users to decide how much access each of these domains has to resources on their phone. This means that users could, for example, run a navigation app in their own isolated domain, giving GPS access only to that domain and thus preventing Android/iOS from accessing their GPS data. The same could also be done with other peripherals, such as Bluetooth or the phone’s built-in microphone and camera.

“Introducing domains has two main benefits in terms of giving users control over their devices,” Groschupp explained. “First of all, it gives users full control over the privacy of their data, allowing them for example to store their photos in a separate domain, where the user can ensure that no client-side analysis is Note that in today’s phone ecosystems, these features can be introduced silently without the user even noticing or having the option to opt out.”

The second benefit of the TEEtime architecture is that it can prevent censorship or increase resistance to it. In other words, if their OS providers block an app or prevent them from installing it, they can still run it in a separate domain.

So far, the researchers have tested a prototype of their architecture on an ARM emulator, a software tool often used to test operating systems and other smartphone software. These early evaluations were promising, as they suggested that TEEtime works well and does not affect a system’s security.

“We show that it is indeed possible to run mutually distrustful software on a phone, with hardware primitives that already exist,” Groschupp said. “We hope this will lead to a shift in public perception of the smartphone ecosystem. Usability, security and user control are not mutually exclusive. An important design choice for us was to refrain to leverage hypervisors, as we wanted to avoid complex high-performance preferred software on phones, as that would require relying on large commercial entities again for its development and updates.”

In the future, the architecture developed by this team of researchers could pave the way for the creation of other software solutions allowing users to better control their smartphone. In the meantime, Groschupp and his colleagues plan to further develop TEEtime, to overcome limitations that could potentially hinder its large-scale implementation.

“Our ambition is to develop a fully functional prototype phone and, through it, inspire phone makers to support this design,” Groschupp added. “We are currently working on a number of remaining issues, including securing user interactions with our system and investigating hardware changes that would make our solution easier to integrate and even more effective.”

© 2022 Science X Network