The data economy has too often betrayed its customers, whether it’s Facebook sharing data you didn’t even realize it had, or invisible trackers that follow you around the web without your knowledge. But a new app launching in the iOS App Store today wants to help you take back some control—without making your life harder.
The Guardian Firewall app runs in the background of an iOS device, and stymies data and location trackers while compiling a list of all the times your apps attempt to deploy them. It does so without breaking functionality in your apps or making them unusable. Plus, the blow by blow list gives you much deeper insight than you would normally have into what your phone is doing behind the scenes. Guardian Firewall also takes pains to avoid becoming another cog in the data machine itself. You don’t need to make an account to run the firewall, and the app is architected to box its developers out of user data completely.
“We don’t log IPs, because that’s toxic,” says Will Strafach, a long-time iOS jailbreaker and founder of Sudo Security Group, which develops Guardian Firewall. “To us, data is a liability, not an asset. But to think that way you’ve got to think outside the box, because it means you can’t just choose the simplest solutions to engineering problems a lot of times. But if you are willing to spend the time and resources, you can find solutions where there isn’t a privacy downside.”
The Guardian Firewall development team, which also includes noted jailbreaker Joshua Hill, currently comprises four engineers and two security researchers, and the app translates their collective knowledge about App Store services into automatic blocking for modules within apps that are known to be potentially invasive. The service costs $10 per month, or $100 per year. You pay through an in-app purchase using your AppleID, which means Guardian Firewall doesn’t manage the transaction or the data associated with it. The team doesn’t have immediate plans to expand to Android, because their expertise lies so specifically in iOS.
Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.
To start using Guardian Firewall, all you do is tap a big button on the main screen. It turns green and says “Protection is on.” From the user’s perspective, that’s it. Under the hood, the app establishes a virtual private network connection, and creates a random connection identity for it to keep track of people’s data without knowing who they are. If you turn Guardian Firewall protection off and then on again, the app establishes a new connection and new connection identity, meaning that there’s no way to connect the dots between your sessions.
The app uses its VPN connection to filter your data in the cloud, but the stream is fully encrypted. Guardian Firewall has automated machine learning mechanisms that evaluate how an app behaves and, particularly, whether it sends out data to third parties, like marketing analytics firms. The idea is to flag whenever an app tries to communicate beyond its own infrastructure. Guardian Firewall is also able to detect and block other types of potentially invasive behavior, like page hijackers that push mobile pop-ups.
Apple itself has already been working on baking similar protections directly into iOS, particularly when it comes to blocking web trackers in Safari that would otherwise fingerprint users across multiple sites. But Guardian Firewall aims to go a few steps further, and to apply across all apps.
I’ve been testing Guardian Firewall on and off for months, and have found it easy to leave it running in the background. The connection doesn’t seem to slow things down on my phone or eat my battery, and the list of trackers the app has blocked is constantly growing—310 location trackers, seven page hijackers, and 3,200 data trackers so far. It felt a little uncomfortable at first to have something constantly running in the background, but it was fascinating to see all the shenanigans happening on my iPhone all the time. Some beta testers have noted that they wish Guardian Firewall offered a customizable blacklisting feature, instead of only automated blocking. But I didn’t personally feel a desire to put time into customizing the app. To me the whole value is in “set it and forget it.”
Guardian Firewall has already engineered its way around at least one privacy conundrum during its limited prerelease. Someone essentially launched a denial of service attack against the service by rapidly initiating a deluge of connection requests all at once. Guardian Firewall couldn’t check what IP address or addresses the requests came from, though, because it doesn’t record IP addresses. The team could have solved the issue by altering its policy to access IP addresses during the small window when devices are establishing their connection and then delete the data. But “we determined that that would go against our values,” Strafach says.