Analyzing the iOS Local Network Permission from a Technical and User Perspective

In the past, malicious apps attacked routers or identified locations through local network communication. To mitigate security and privacy risks from local network access, Apple introduced a new permission with iOS 14. To be effective, the permission needs to protect against technical threats, and users must be able to make an informed permission decision. The latter is presumably hindered by the intrinsic technicality of the concept of the local network. In this paper, we perform the first comprehensive analysis of the local network permission by studying four key aspects. We investigate the security of its implementation by systematically accessing the local network. We explore local network accesses via a large-scale dynamic analysis of 10,862 iOS and Android apps. We analyze the concepts that constitute the permission prompts, as this is all the information users get before making a decision. Based on the identified concepts, we conduct an online survey (N=150) to comprehend users' understanding of the permission, their threat awareness, and common misconceptions. Our work reveals two methods to bypass the permission from webviews, and that the protected local network addresses are insufficient. We show how and when apps access the local network, and how the situation differs between iOS and Android. Finally, we present the light and shadow of users' understanding of the permission. While nearly every participant is aware of at least one threat (83.11%), misconceptions are even more common (84.46%).