Jamweba🧵 A bird camera app asked to reroute my phone calls.
A set of Christmas lights wanted a GPS lock on my house.
Solar inverters were shut down from overseas.
This is not paranoia. It's design.
My new article, just published in Level Up Coding, explains how widely distributed consumer apps quietly request invasive permissions — and why Apple & Google’s locked ecosystems enable this at scale.
The Security Illusion: How Apple, Google, and Global Vendors Built a System That’s Easy to Abuse
From bird cameras to solar panels, surveillance is now a feature — not a bug. The platforms that claim to protect us have built ecosystems that enable exploitation, not prevent it. I had purchased a…
I’m a security researcher.
When my wife asked for a bird feeder with a smart camera, I checked the companion app first.
It requested:
• Call status access
• Phone numbers
• Permission to route calls through the system
When my wife asked for a bird feeder with a smart camera, I checked the companion app first.
It requested:
• Call status access
• Phone numbers
• Permission to route calls through the system
This wasn’t hidden.
It was right there in the permissions panel — which almost no one reads.
And even if they did, most wouldn’t know what it means.
This is not “informed consent.” It’s informed consent theater.
Google and Apple love to market lockdown as security.
No sideloading. No third-party inspection.
But these apps are approved through the front door.
They pass review.
They get installed.
And then they silently surveil.
This isn’t just a problem for "Joe or Jane Average."
These apps are on the phones of:
🛡️ Military families
🏛️ Officials
🗣️ Politicians and their spouses
📱 Staffers and aides
And it’s not just apps.
From tl;dr sec #279:
Chinese solar inverters shipped with undocumented radios.
In November, some were shut down from China — disabling power infrastructure abroad.
When the system is this easy to abuse, and this hard to audit, we don’t have security.
We have a permission model designed to shift liability, not protect users.
We have a permission model designed to shift liability, not protect users.
I call this what it is:
⚠️ Surveillance by distribution
⚠️ Security by illusion
⚠️ A national security risk in plain sight
⚠️ Surveillance by distribution
⚠️ Security by illusion
⚠️ A national security risk in plain sight
Read the full story:
đź“„ https://levelup.gitconnected.com/the-security-illusion-how-apple-google-and-global-vendors-built-a-system-thats-easy-to-abuse-92210d4887c8#19b6
Boosts appreciated if this resonated
#infosec #privacy #cybersecurity #DigitalSovereignty #AppSec #mastosec
The Security Illusion: How Apple, Google, and Global Vendors Built a System That’s Easy to Abuse
From bird cameras to solar panels, surveillance is now a feature — not a bug. The platforms that claim to protect us have built ecosystems that enable exploitation, not prevent it. I had purchased a…