This data can be analysed later through a variety of different techniques.Monitor mode (if supported) is normally disabled in firmware, this document confirms that and states
“The source was never released, so this is the “reverse engineered” source”
-meaning Broadcom didn’t help directly.This does highlight the issues with fully closed-source backdoors and vulnerabilities, where they can be reverse engineered and exploited regardless of any perceived security.
The interesting thing is that the “survey app” responsible for data collection is initially launched through another app called Apollo, a “music player app”
Apollo is a default music app in CyanogenMod and a special version is available through the Google Play store for install on other Android devices, the “Joe” version is developed by a man named Joseph Cohen who has, according to his website, worked for “government research labs” as well as other government-sponsored projects.
Mr. Joseph Cohen has also co-authored papers on cybersecurity and “PASA: Passive broadcast for smartphone ad-hoc networks“
It is possible there is nothing odd about the Apollo app- or Joseph Cohen’s version specifically- and there is simply some form of exploit or perhaps the app has plugins, extensions, or something that’s being leveraged here to start the data collection. But there’s no doubt this is all very odd.
This is a very interesting, highly covert way to conduct network analysis after the fact.