“The strange, unintuitive way Bluetooth and Wi-Fi toggles work in iOS 11 has drawn ire from many quarters,” Mark Wycislik-Wilson reports for BetaNews. “The latest voice is that of digital rights group the Electronic Frontier Foundation (EFF) which says that the ‘off-ish’ setting now offered is misleading.”
“Apple has changed the behaviour of the two toggles so that when they are flicked to the off position, the Bluetooth and wireless radios are not actually switched off. EFF says that this is ‘bad for user security’ and calls for greater clarity from Apple,” Wycislik-Wilson reports. As EFF points out, recent Bluetooth vulnerabilities mean that it is good practice to disable both Wi-Fi and Bluetooth when not in use. The group goes on to reiterate the problem introduced in iOS11 so that flicking the toggles to the off position actually just disconnects from networks and devices.”
Read more in the full article here.
MacDailyNews Take: Apple sometimes makes questionable choices (see iPhone X’s notch and Apple TV’s Siri Remote, for just two examples).
EFF’s statement, with which we agree, verbatim:
Turning off your Bluetooth and Wi-Fi radios when you’re not using them is good security practice (not to mention good for your battery usage). When you consider Bluetooth’s known vulnerabilities, it’s especially important to make sure your Bluetooth and Wi-Fi settings are doing what you want them to. The iPhone’s newest operating system, however, makes it harder for users to control these settings.
On an iPhone, users might instinctively swipe up to open Control Center and toggle Wi-Fi and Bluetooth off from the quick settings. Each icon switches from blue to gray, leading a user to reasonably believe they have been turned off—in other words, fully disabled. In iOS 10, that was true. However, in iOS 11, the same setting change no longer actually turns Wi-Fi or Bluetooth “off.”
Instead, what actually happens in iOS 11 when you toggle your quick settings to “off” is that the phone will disconnect from Wi-Fi networks and some devices, but remain on for Apple services. Location Services is still enabled, Apple devices (like Apple Watch and Pencil) stay connected, and services such as Handoff and Instant Hotspot stay on. Apple’s UI fails to even attempt to communicate these exceptions to its users.
It gets even worse. When you toggle these settings in the Control Center to what is best described as “off-ish,” they don’t stay that way. The Wi-Fi will turn back full-on if you drive or walk to a new location. And both Wi-Fi and Bluetooth will turn back on at 5:00 AM. This is not clearly explained to users, nor left to them to choose, which makes security-aware users vulnerable as well.
The only way to turn off the Wi-Fi and Bluetooth radios is to enable Airplane Mode or navigate into Settings and go to the Wi-Fi and Bluetooth sections.
When a phone is designed to behave in a way other than what the UI suggests, it results in both security and privacy problems. A user has no visual or textual clues to understand the device’s behavior, which can result in a loss of trust in operating system designers to faithfully communicate what’s going on. Since users rely on the operating system as the bedrock for most security and privacy decisions, no matter what app or connected device they may be using, this trust is fundamental.
In an attempt to keep you connected to Apple devices and services, iOS 11 compromises users’ security. Such a loophole in connectivity can potentially leave users open to new attacks. Closing this loophole would not be a hard fix for Apple to make. At a bare minimum, Apple should make the Control Center toggles last until the user flips them back on, rather than overriding the user’s choice early the next morning. It’s simply a question of communicating better to users, and giving them control and clarity when they want their settings off—not “off-ish.”
Come on Apple, if you can’t figure out what is best anymore, then ask the users. I know, Steve didn’t have to, because he had common sense, but now…
Devin Prater Assistive Technology instructor in training, JAWS Sertified.
>
The same common sense that said people want a cube? Ah, how quickly history is rewritten when it doesn’t fit your narrative 🙂
You miss the whole point …
The Cube’s “failure,” was aesthetics and price, not a “must-have,” like security (that has nothing to do with taste/aesthetics). As well, Apple’s most enduring “banner” is security…across the product line. Apple’s premium price is justified by security success alone. It needs to remain at the top of the heap, regardless of one’s narrative. The mistake reminds me of the simple/obvious wifi issue in the new iPhs. Who’s project managing?
On topic and spot on …
The problem with the cube was NOT its shape. It was NOT its price. The problem was the way the case was manufactured. There was a seam that ran down each side. Some of those seams cracked (extremely few), but many people took the existence of the seam as being a crack when there was none. This led people to believe the cube was poor quality overall. This let to them thinking it was not worth the price.
Some disliked it for its minimal expandability/upgradeability. But, for a low end machine that was completely silent (for those that needed/wanted such a thing) then it was not a bad machine.
Yes, it was a marketing failure, but it was nowhere near the failure the hockey puck mouse was. That was a failure on virtually all fronts.
The real problem is the Apple as virtually 100% away from demanding consistent and accurate interfaces. Apple was THE leader in such interfaces back in the 80s. Developers often railed against Apple’s mandating certain common methods of doing things. Apple required that the interface was predictable and did what you told it to — command-Q quit the program, not Ctrl-X or Ctrl-Q or Ctrl-E or Ctrl-something else like I often saw (and still see) in Windows.
But, take the example of closing a window today. It used to be on a Mac, closing a window did just that and nothing else (if it was an open file it would ask you if you wanted to save any unsaved changes, but that was about it). Closing a window did not shut down the program. Closing a window did not close any communications links. Closing a window closed the window. (Closing a window in Windows can result in any number of secondary actions taken by the OS.)
However, now with macOS, closing a window can just close the window. It can close the window and shut down the application. It can close the window and shut down a communications link. It is almost no better than Windows.
Apple needs to MANDATE getting back to the common, specific interface. That does not mean going back to the old finder and old graphics. It means being consistent across all applications and OS interactions. It means doing what it says it is doing–nothing more, nothing less.
Apple HAS lost its way with interfaces. Yes, Apple’s macOS and iOS interfaces are the best when compared to all the others currently out there, but Apple’s interfaces could be *SO* much better.
I wish there was a ‘thumbs-up’ button for this comment.
I wish I could give this a few thousand stars. Exceptionally well stated.
$1800 for a “strange shape” has it’s effect. https://www.macworld.com/article/1153341/macs/cube-10thanniversary.html I thought it was beautiful.
The G4 Cube was cool.
‘Nuff said.
https://www.kb.cert.org/vuls/id/CHEU-AR5RZL
This is an active zero-day it appears. Does anyone know if this was patched with iOS 11?
Probably pissing in the wind I know but really making a wider notch across the top is actually deemed a better idea? An option to make this area eternally black would be my only minor criticism, assuming you can’t. And the Siri Remote having been told endlessly it was nothing but the spawn of Satan I was surprised that it actually turned out, when I tried it to be anything but, certainly better than any TV remote I have had even if it doesn’t mean it wins an Oscar by comparison. Hey niether impression is after long use I grant, but then much/most of the criticism appears not to be either so I won’t appologise quite yet.
Agree with MDN take a 1,000 percent.
However, this is simply not an innocent bad design decision like the notch, remote and flat icons.
This is different on a whole new level. Consciously designed to be deceptive is NOT the Apple I grew up with. Shame Apple, SHAME …
calm down man. Where were you when Google was defeating Safari security….this isn’t even close to that level.
There
It is a pain in the a$$. There’s a simple way for Apple to FIX this—>just enable the user to 3D/Force Touch to truly turn it off—and they can keep the other functionality the way it is..
Good idea, I thought I was hallucinating when I noticed my wifi switched back on when I knew I had switched it off earlier. Turns out it not only resets to on every morning at 5am, but whenver you move to a new location, whatever that means. Oh well, looks like I’ll have to dig into settings to force the wifi off when I want to save some battery life when I’m out an about and DONT NEED WIFI TO BE ON APPLE
That’s only part of it (there’s already a way to turn it all the way off) — an (arguably) bigger problem is the lack of a clear UI to inform the user of what the control does / what state the devices are in.
That and the state changing itself back over the user’s choice.
Both worse than having to go to a seprate settings area to make a certain type of change.
Apple is already scaring me. This is a perfect example of the stupid decisions that Apple has been making lately.
This needs to be corrected. I absolutely loathe the control center because it doesn’t work the way it is supposed to like the EFF says. I want my WiFi turned off when I say to turn it off. Don’t automatically turn it back on because you’re trying to help me. It sucks.
They are scaring me too with this Big Brother approach …
You know its functionality. You know the functionality of the AIRPLANE mode button. Both are right next to each other.
Knowing both of these….what is your problem…exactly?
The EEF statement and MDN’s take SAYS IT ALL, Apple apologist …
Correction: EFF statement …
I further elaborate upon GoeB’s and My problem below. It’s about personal choice: Radio security or NOT radio security.
Keep working at the subject and you’ll understand. It can be daunting taking in the muddle that is computer security. I know because I’ve been studying it for 12 years, writing about it for 10. Every day, at this point, brings another example and conundrum of computer security failure. This Apple Blunder® happens to be today’s.
My problem is the fact that the WiFi turns itself back on automatically at 5:00 am without my wanting it too. That’s my problem.
Does that make sense to you now?
My imperfect memory had forgotten this THIRD radio security Apple Blunder®. Thank you very much indeed for posting it!!!
Nice graphic … 👍🏻
I would think it a pretty significant problem if you want BT and Wifi off but still want to make/receive calls or texts. Neither of which you would be able to do if you use Airplane mode.
Security experts have been complaining about this iOS 11 Apple Blunder® for the past month.
The usual mantra is “Convenience is the enemy of security.”
Apple’s choice to reset our chosen radio security settings, sadly, an excellent example. Apple of course are the best we’ve got at this time at user-friendly computerized devices. Here, they’ve erred on the side of convenience, THEIR convenience as well as what they interpret as our convenience, like it or not.
At least it is entirely possible to actually shut off the radio emitters and receivers in our devices.
However, our chose radio security settings will eventually be undone, wiped by Apple, back to the default of EVERYTHING ON:
• Install an iOS update or reinstall iOS and all your chosen radio security settings are wiped back to the default of EVERYTHING ON.
• Switch on Airplane Mode, then switch it off again and all your chosen radio security settings are wiped back to the default of EVERYTHING ON.
It’s these two specific Apple Blunders® that must be repaired in order to serve every security minded iOS device user.
Thank you EFF for adding your voice to the fray. That’s why I give you money. 🙂
For advanced users, here’s the most recent Bluetooth security exploit, a terrific incentive to turn OFF Bluetooth when you’re not using it:
BlueBorne – Bluetooth’s airborne influenza
“Armis Labs has discovered a new attack vector that targets any device that has Bluetooth capability. This includes mobile, desktop, and IoT — roughly accounting for 8.2 billion devices. All operating systems are susceptible….”
Because of WordPress peculiarities, it refuses to let me provide the URL to this article. It is available at the Malwarebytes blog. Search via the title.
Note that Apple Macs were not susceptible and that Apple patched this security hole in iOS 10.3.3 and iOS 11. I’m posting this example in order to make it clear that it is not reasonable to consider Bluetooth to be an entirely safe technology. It is not. That is why it’s useful to turn it OFF in order to maximize one’s security out in the wild.
Why not have a tap to disconnect from a service, while a long tap (like what’s done with brightness and volume) allows you to switch the services off?
Using a ‘middle’ color for toggled ‘off-ish’ would also help distinguish Apple’s choice from ‘real’ on and off. e.g. Bright green -> dark green -> black/gray.
I have been using these toggles in belief complete disconnection was happening. Very disappointing Apple, nearly as bad as my early experience with ‘High Sierra’ but a restore back to Sierra has return humanity, thank god for Time Machine
a lot of people think their iphone is turned off when they press the button the side. that to me is a similar “offish” problem that has existed as long as iphones have been made.
I don’t think most people actually think they turned the phone off when you press the button on the side. They most likely think they turned the display off. Do you actually know anyone that leaves the display on all the time fearing that they won’t get calls otherwise?
i have had people ask me why facial recognition is any good because, as far as they know, you need to enter your pin when the phone is turned off and their phone turns off pretty quickly. i am a chess tournament director and i know from unfortunate experience that a lot of people think when you tell them to turn their phone off before a round starts they are complying by just turning the display off and then are surprised when their phone makes a noise during a round and their opponent gets two more minutes on their clock. lots of other examples too. even above average intelligence people are a bit mystified by electronic gadgets. lots of people think their t.v. and set top box are turned off when they press the power off button. they don’t stop to think that if they were really off then pressing the power on button on the remote wouldn’t do anything. my car isn’t really off when i turn the ignition switch to the “off” position. the clock still works and shows the right time when i start the car up again. lots and lots of examples where “off-ish” comes into play and people misunderstand what is really going on.
You make a good point about using the phrase “Turn off your cell phone” being misunderstood. That’s probably the reason movie theaters stopped using that phrase in preference for the more ‘clear’ “Silence your cellphone” which is most likely the core intent of “Turn off your cellphone”.
I think I understand where you are coming from using the TV, set-top box and car having certain functions still ‘active’ while in ‘off’ state. However they are ‘off’ in the sense of not being ‘active’ in any way for the accepted state of ‘on’ or defaulting to auto on when certain conditions are met (e.g. change of location that may have a ‘new’ ‘known’ wifi connection or 5am comes around). The TV does not display anything though it may be in a ready state to do so, the set top box does not output any video signal and the car does not run the engine even if it is not moving, each in their ‘off’ state. In contrast the iOS11 iPhone in its current ‘off-ish’ state still has active (or will default to that state) for BT and Wifi when certain conditions are met without conscious intent to turn ‘on’ by the owner.
you are correct, and i will bet pretty soon we will be having the same problems with our cars being susceptible.
oh, one other thing about phones. not sure about android, but on the iPhone if you don’t manually turn off amber alerts and weather alerts even with the sound turned off those alerts will make a horrible racket. usually at the most inopportune time such as when trying to sneak up on a bad guy walking around a church in the snow. so audio has “off-ish” aspects too. i’ll bet a majority of the people reading this site aren’t aware of this because amber alerts don’t happen all that much and probably the sound wasn’t turned down to begin with. and the people on this site are way more than just pretty knowledgable.
oh, and to answer your original question, answering a phone doesn’t really turn the phone back on, you answer the phone without entering your pin and it just works somehow. and when you quit the call the phone turns off pretty quickly, while only showing unanswered email, messages, alerts, etc. it isn’t really “on” then. somehow. people don’t, i think, generally consider answering a phone call as turning the phone back on. so there are “on-ish” and “off-ish” things about answering a phone call. hadn’t really thought about that before. thanks for bringing it up. it amazes me how many ambiguities there are that we manage to deal with every day without really thinking about it.
To make the ‘off-ish’ state for smartphone even more vague, shutting down a smartphone these days still does not put it in a completely powerless state as it has been shown that it has been possible to remotely power-on a smartphone. The only real way to prevent this is to purchase a smartphone that has a removable battery, power it off, remove the battery and then press the power button to ‘release’ any power left in capacitors.
yep. good one.
I can see why they did it, but unless you know it is misleading. What would have stopped them from having a warning the first time you did it saying that the only way to truly turn it off is within settings? Or indeed have it be a two step thing so you can fully disable it by long pressing/force pressing.
This is what you get when Apple hires third world coders. Try hiring some Americans Apple.
Tim Cook, Steve’s worst mistake
Must be some really good pot going around the campus these days.
Seriously, why turn it back on?