Last month, Apple released iOS 12.2 in beta with several new features, including the Apple News app in Canada, a redesigned TV remote in Control Center, support for adding HomeKit-enabled TVs in the Home app, and more.
The upcoming software update also introduces a new Motion & Orientation Access toggle under Settings > Safari > Privacy & Security. Toggled off by default, this new setting must be turned on in order for websites to display features that rely on motion data from the gyroscope and accelerometer in the iPhone, iPad, and iPod touch.
/article-new/2019/02/safari-motion-access-2-800x516.jpg?lossy)
To test this, we loaded the What Web Can Do Today website on an iPhone running the first beta of iOS 12.2. With the Motion & Orientation Access setting toggled on, the page shows real-time accelerometer and gyroscope data from the iPhone. With the setting toggled off, no motion data is shown.
Another example is Apple's motion-based iPhone experience site. This page normally allows you to tilt your actual iPhone to swivel the iPhone XS Max on the screen with tech specs. With Motion & Orientation Access toggled off, however, only a static image of the iPhone XS Max is shown without tech specs.
/article-new/2019/02/safari-motion-access-1-800x779.jpg?lossy)
This privacy-focused change could be in response to a WIRED report last year that claimed thousands of websites have unmitigated access to motion, orientation, proximity, and light sensor data on mobile devices. Software engineer Felix Krause also filed a radar and notified Apple's security team about this matter in 2017.
As noted by Digiday, the setting could have implications for AR/VR advertising:
For example, Samsung's "Samsung Within" web-based interactive experience, developed by R/GA to promote the hardware brand's legacy and its Galaxy Note 9 phone, uses the accelerometer to let people explore the night sky.
"It's definitely going to break things," said Kai Tier, executive technology director at R/GA.
These AR/VR experiences may have to rely on fallback versions that people can navigate with swipe gestures instead, but this largely defeats the purpose of motion-based, interactive campaigns.
It's quite possible Apple could tweak how this feature works in time for the public release of iOS 12.2. Perhaps the setting will be toggled on by default in a subsequent beta, for example, or Safari could prompt users for permission to access motion data when necessary as it does with location data.
Top Rated Comments
So this seems like it could be a potential threat to privacy and the security of your personal information. Albeit a very small one.
Update: done is 2011
https://arstechnica.com/gadgets/2011/10/researchers-can-keylog-your-pc-using-your-iphones-accelerometer/
I wouldn't be shocked if a very clever individual/company could create something interesting of value (ie, sellable processed user information) from collected raw sensor data.
I'm glad Apple is thinking ahead with respect to the possibilities and privacy implications.