Advanced Mobile Location (AML) in Vanha Rauma 4.4.0

tortoisedoc · 28 March 2022 20:26

Question: Does adding this “SendDataMessage” api call on the dbus make this AML / whatever first aid system-as-a-spoof-service “visible” to the user?
Theroretically, the user could send a message with a simple shell script, no?
So does adding an API function, that is user-accessible, actually conflict with the RFC?
Considering this is an EU-wide standard “requirement”, how does android handle it?

MartinJan · 28 March 2022 20:46

I am very happy that AML was implemented and can transmit my location if I call the emergency services. I was just about to request this great feature!
Of course I would be okay with an option to disable it. But personally I would never do so. Once you have a real emergency and very urgently need someone to help, you will be very thankful for the feature. If you don’t call emergency, it won’t affect you.

szrpj · 28 March 2022 22:01

Read more about cell phones and their second, invisible operating system that you cant control. Then come back and complain about SFOS. Or just deal with the fact that a cell phone isnt private. Period.

Afair one of the libre cell phone projects had something like warrant canary, “if the invisible os makes some weird stuff, notice the visible one”. Not sure whats the status of this right now.

throwaway69 · 29 March 2022 04:38

github.com/sailfishos/nemo-qml-plugin-systemsettings

Prevent location state changes during emergency calls

sailfishos:master ← LaakkonenJussi:jb57710

opened 11:19AM - 18 Mar 22 UTC

LaakkonenJussi

+87 -0

AML is ran with the emergency calls and it requires to keep location services, …i.e., GPS on during the call. It must not be allowed for the user to try to change this during the call. This change tracks the call state with QMceCallState funcionality. When state is "Active" and type is "Emergency" all changes made to the location or GPS status are prevented and warning is logged.

Not sure if org.sailfishos.aml should be active all the time or only when making an emergency call, would need a faraday cage to test it without breaking some laws

ric9k · 29 March 2022 04:50

But isn’t there already an emergency button in 4.3?
What was behind this button till now, actually?

nephros · 29 March 2022 05:36

Thanks for this. So at least monitoring dbus would tell me whether it’s active or not.

Now, how is ‘Emergency’ determined? Is there a list of phone numbers, or is it more involved than that?

[EDIT:]

hardcoded, read fom SIM and provided by network:

github.com

sailfishos/ofono/blob/aab3e8cca952c79b8d08ad5d33eb30c05d0ef381/ofono/src/voicecall.c#L58

    
      
          
          
#define SETTINGS_STORE "voicecall"
          #define SETTINGS_GROUP "Settings"
          
          
static GSList *g_drivers = NULL;
          
          
struct ofono_voicecall {
          	GSList *call_list;
          	GSList *release_list;
          	GSList *multiparty_list;
          	GHashTable *en_list; /* emergency number list */
          	GSList *sim_en_list; /* Emergency numbers already read from SIM */
          	GSList *new_sim_en_list; /* Emergency numbers being read from SIM */
          	char **nw_en_list; /* Emergency numbers from modem/network */
          	DBusMessage *pending;
          	uint32_t flags;
          	struct ofono_sim *sim;
          	struct ofono_sim_context *sim_context;
          	unsigned int sim_watch;
          	unsigned int sim_state_watch;
          	const struct ofono_voicecall_driver *driver;

github.com

sailfishos/ofono/blob/aab3e8cca952c79b8d08ad5d33eb30c05d0ef381/ofono/src/voicecall.c#L131

    
      
          };
          
          
struct dial_filter_req {
          	struct ofono_voicecall *vc;
          	struct ofono_phone_number pn;
          	enum ofono_clir_option clir;
          	ofono_voicecall_cb_t cb;
          	void *data;
          };
          
          
static const char *default_en_list[] = { "911", "112", NULL };
          static const char *default_en_list_no_sim[] = { "119", "118", "999", "110",
          						"08", "000", NULL };
          
          
static void send_ciev_after_swap_callback(const struct ofono_error *error,
          								void *data);
          static void generic_callback(const struct ofono_error *error, void *data);
          static void hangup_all_active(const struct ofono_error *error, void *data);
          static void multirelease_callback(const struct ofono_error *err, void *data);
          static gboolean tone_request_run(gpointer user_data);

throwaway69 · 29 March 2022 05:41

In EU it’s 112 (in US both 112 and 911)

nephros · 29 March 2022 05:51

Yeah but we have country specific ones in Europe too. Austria has at least three additional ones for police/firefighters/ambulance for example.

throwaway69 · 29 March 2022 06:13

This looks like an exhaustive list, whether all trigger aml, no idea: List of emergency telephone numbers - Wikipedia

lhodas · 29 March 2022 06:57

I’m not bothered by the emergency call system, this service is fine. When I’m in need, I can call first aid from my phone.
It bothers me that an SMS with some data, including GPS coordinates, will be sent when the emergency call ends, and I will not have any trace of it on my phone. So there is a service on my phone that is ready for “anyone” who wants to abuse it, and I don’t have the option to turn it off. It’s as if I have voluntarily installed a feature ready for hackers and secret services. I do not like it.

ric9k · 29 March 2022 07:27

Yes, clear.
All the SMS/Localisation/data “features” are new to 4.4.
The emergency button we saw before 4.4 is only a shortcut to a call to 112 without the other “advanced features”.

dmz · 29 March 2022 08:28

This.
A thousand times this.

apozaf · 29 March 2022 08:41

no, all of those numbers here in Austria call the same emergency center.

simosagi · 29 March 2022 09:24

I think AML is an implementation for the European E112 service (“Enhanced” 112).
Looking at the wikipedia article, it references the EENA web site https://eena.org/our-work/eena-special-focus/advanced-mobile-location/, where it states:

The European Electronic Communications Code (Directive 2018/1972/EC) makes it mandatory for all the Member States of the European Union to make use of handset-derived location to locate people calling emergency services starting from December 2020. AML is a technology that enables the provision of such information and thus, ensures compliance with this legislation.

Starting from March 2022, all the smartphones sold in the European single market will have to offer the possibility to send handset-derived location information of the caller to the emergency services. This is already the case for a large majority of smartphones, namely all Android and iOS phones.

(italics mine)

IANAL, but to me it looks like that all smartphones for sure by now MUST offer at least the possibility to provide AML, but it is not compulsory to have it activated?

nephros · 29 March 2022 09:46

Aaaah, do we have a candidate for the delay of the 4.4 release here?

Seven.of.nine · 29 March 2022 10:28

I hope that emergency is determined as ‘user tapps the emergency button’ or ‘user dials 112’ and nothing else. In this case there is nothing to say against automatic sending the position data. Important is that it can’t be triggered remotely from network side / without initial user action.

throwaway69 · 29 March 2022 10:47

Or a speedup to not be non-compliant from april

nephros · 29 March 2022 10:57

From the links here you can see that it is indeed so.

However, the network can send updates to which number is considered an emergency number, which means anyone who can get the operator to do so can have AML activated at leisure.

WT.Sane · 29 March 2022 11:00

You are so right. The GSM chip itself has a complete OS.

ric9k · 29 March 2022 12:05

Fiction:
I organise a demonstration through social networks with my phone because I am nurse and I want to ask more beds and more budget. I am a leader.
This demonstration has not been allowed for several reasons.
The demonstration block streets and causes some agitation.
One could wander if it is an emergency case to get my position, catch me and/or block my phone.
Pure fiction.