Here are the slides from our presentation given at the 2014 EMF camp. We discuss our MobileMiner app, why we wrote it, how it works and who helped. It's tracked the behaviour of other apps on the phones of 20 young coders from Young Rewired State.

1. Our Data, Ourselves
-The Data Democracy Deficit
Giles Greenway
Tobias Blanke
Jenifer Pybus
Mark Cote
Department of Digital Humanities

2. “Big Social Data”: The Problem?
• More than 5 billion of us produce vast amounts of social data
whenever we text, browse, post or generate content on our
phones.
• Our phones emit metadata, tracking us through time and space.
• We suffer from a data democracy deficit.
• Public understanding of our information-rich environment and
quantified selves must improve.

3. “Big Social Data”: The Solution?
• We seek to turn “Big Social Data” into a community asset.
• Develop tools, and practices to enable research on and BSD by
arts and humanities researchers.
(e.g. “Grey and Pleasant Land”
http://www.ccri.ac.uk/greyandpleasantland/)
• Partner with youth coders in the Young Rewired State network
as co-researchers.
• Develop a freely accessible, open online market place for tools
and applications enabling the extraction of BSD from smart
phones.
.

4. Young Coders: Attitudes Vary!
• ~20 Young coders were issued with Android smartphones with
our MobileMiner app installed.
• Invited to participate in hack-days and focus-groups.
.
“If you have nothing to hide you have nothing to fear...”
“Privacy is attached to other people... so if someone you agree to
connect with is open then you can be accessed through them
cause it's kind of herd thing, you've all got to do it otherwise, one
person is in trouble.”
“People don't realise how large their digital footprint’s actually are...”
“Being of kind of this generation and being tech savvy we have
some control because we know how to have control...”

5. MobileMiner:
http://kingsbsd.github.io/MobileMiner
•
• .
Record data that other apps
frequently harvest.
• Record app beaviour.
• Make data available to users as a
SQLite database.
• Allow users to explore their data on
their devices.
• Periodically upload anonymised
data to enable research. (CKAN:
http://ckan.org/)

6. Mobile Miner: Network Traffic
• The Android API provides network traffic data on a per-app
basis.
• Sample this every half second.
• Each app corresponds to a user in the underlying Linux system.
• The API can identify the PID of each running app.
• Poll /proc/<pid>/net/tcp every half second.
• Obtain the port and IP address of each network socket.
sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode
12: 4F01A8C0:E1D0 B422C2AD:0050 01 00000000:00000000 02:000003A3 00000000 1000 0
154153 2 0000000000000000 23 4 28 10 -1

7. Mobile Miner: Other Data
• Record names, MAC addresses and
times of connection to wifi hot-spots.
• Provide an “accessibility service”.
-Log when apps send notifications.
• Record connection times and IDs
of GSM cells.

8. Mobile Miner: GSM Cell Tower Locations
• Full GPS is too invasive, and
consumes excessive power.
• Avoid use of Google location
API.
• OpenCellId provides locations
of cell towers.
• Include UK database within
the app.
http://opencellid.org

9. GSM Cell “Heat Maps”
• Cell tower locations are informative,
but maintain some privacy.
• Avoid registering for Google's maps
API.
• Display maps using OpenStreetMap
in a web view using the OpenLayers
JS library.
https://www.openstreetmap.org
http://openlayers.org/

10. Results: Game Usage
Don't Tap The White Tile

11. What game is player B so keen on?

12. The Line!

13. Fighting Back?
• Grab the app's .apk package file from a rooted phone?
• Decompress the package and examine AndroidManifest.xml.
• Decompile the app and examine the source code.

14. Getting an .apk package:
http://aps.evozi.com/apk-downloader

15. Fighting back: Decompressing the .apk:
http://code.google.com/p/android-apktool/
apktool d com.onetouchgame.TheLine.apk

16. AndroidManifest.xml
<receiver android:enabled="true" android:name="com.simplecreator.app.RemoteNotificationReceiver">
<intent-filter>
<action android:name="cn.jpush.android.intent.REGISTRATION"/>
<action android:name="cn.jpush.android.intent.UNREGISTRATION"/>
<action android:name="cn.jpush.android.intent.MESSAGE_RECEIVED"/>
<action android:name="cn.jpush.android.intent.NOTIFICATION_RECEIVED"/>
<action android:name="cn.jpush.android.intent.NOTIFICATION_OPENED"/>
<action android:name="cn.jpush.android.intent.ACTION_RICHPUSH_CALLBACK"/>
<category android:name="com.onetouchgame.TheLine"/>
</intent-filter>
</receiver>
<service android:name="com.umeng.update.net.DownloadingService"
android:process=":DownloadingService"/>
<activity android:name="com.umeng.update.UpdateDialogActivity"
android:theme="@android:style/Theme.Translucent.NoTitleBar"/>
• The app receives intents from the push notification service
jpush.cn. Umeng is a mobile analytics service.
• Is that why it had open sockets on port 3000?

17. Fighting Back: Decompile the App
http://code.google.com/p/dex2jar/
dex2jar.sh com.onetouchgame.TheLine
Decompile the .jar file:
http://jd.benow.ca/

18. Fighting Back: “The Usual Suspects”
Look for PhoneStateListeners and LocationListeners:
if (paramLocation != null)
{
d1 = paramLocation.getLatitude();
d2 = paramLocation.getLongitude();
boolean bool1 = d1 < 29.999998211860657D;
...
Classes provided by tencent.com (a mobile ad service) reference
latitutude and longitude.
Classes provided by jpush.cn and umeng.com also reference
LocationListeners.

19. A To-Do List:
• Fix the UX!
• Look for patterns and anomalies in usage of other kinds of apps.
• Use cell towers to track app behaviour.
• Analyse user behaviour. (k-means?)
• Provide overviews of individual app behaviour.
• Hold a second hack day, the coders confront their data.
• Attach a demographic survey.
• Distribute the data sensitively.
• Get to the Play Store.
• Play with SPF/WireShark /Burp Proxy/srozer etc...
http://www.bulbsecurity.com/smartphone-pentest-framework/

20. Download our app:
http://kingsbsd.github.io/MobileMiner
Follow us on Twitter: @KingsBSD
Read our blog:
http://big-social-data.net/
Slideshare:
http://www.slideshare.net/kingsBSD/
Hack An App!