Question: Does adding this “SendDataMessage” api call on the dbus make this AML / whatever first aid system-as-a-spoof-service “visible” to the user?
Theroretically, the user could send a message with a simple shell script, no?
So does adding an API function, that is user-accessible, actually conflict with the RFC?
Considering this is an EU-wide standard “requirement”, how does android handle it?
I am very happy that AML was implemented and can transmit my location if I call the emergency services. I was just about to request this great feature!
Of course I would be okay with an option to disable it. But personally I would never do so. Once you have a real emergency and very urgently need someone to help, you will be very thankful for the feature. If you don’t call emergency, it won’t affect you.
Read more about cell phones and their second, invisible operating system that you cant control. Then come back and complain about SFOS. Or just deal with the fact that a cell phone isnt private. Period.
Afair one of the libre cell phone projects had something like warrant canary, “if the invisible os makes some weird stuff, notice the visible one”. Not sure whats the status of this right now.
Not sure if org.sailfishos.aml should be active all the time or only when making an emergency call, would need a faraday cage to test it without breaking some laws
I’m not bothered by the emergency call system, this service is fine. When I’m in need, I can call first aid from my phone.
It bothers me that an SMS with some data, including GPS coordinates, will be sent when the emergency call ends, and I will not have any trace of it on my phone. So there is a service on my phone that is ready for “anyone” who wants to abuse it, and I don’t have the option to turn it off. It’s as if I have voluntarily installed a feature ready for hackers and secret services. I do not like it.
Yes, clear.
All the SMS/Localisation/data “features” are new to 4.4.
The emergency button we saw before 4.4 is only a shortcut to a call to 112 without the other “advanced features”.
The European Electronic Communications Code (Directive 2018/1972/EC) makes it mandatory for all the Member States of the European Union to make use of handset-derived location to locate people calling emergency services starting from December 2020. AML is a technology that enables the provision of such information and thus, ensures compliance with this legislation.
Starting from March 2022, all the smartphones sold in the European single market will have to offer the possibility to send handset-derived location information of the caller to the emergency services. This is already the case for a large majority of smartphones, namely all Android and iOS phones.
(italics mine)
IANAL, but to me it looks like that all smartphones for sure by now MUST offer at least the possibility to provide AML, but it is not compulsory to have it activated?
I hope that emergency is determined as ‘user tapps the emergency button’ or ‘user dials 112’ and nothing else. In this case there is nothing to say against automatic sending the position data. Important is that it can’t be triggered remotely from network side / without initial user action.
From the links here you can see that it is indeed so.
However, the network can send updates to which number is considered an emergency number, which means anyone who can get the operator to do so can have AML activated at leisure.
Fiction:
I organise a demonstration through social networks with my phone because I am nurse and I want to ask more beds and more budget. I am a leader.
This demonstration has not been allowed for several reasons.
The demonstration block streets and causes some agitation.
One could wander if it is an emergency case to get my position, catch me and/or block my phone.
Pure fiction.