Homes.com didn't ask for any login at all. It let me go straight to searching for homes. When I clicked on Search by Location it asked me if I wanted to allow the App to track location while using the App and had the obligatory "You can change this later" prompt. When I went into Settings my Permission was indeed set to "While Using". I uninstalled it and tried again and this time when it asked to search I typed in my location. So I was able to use this App without any login and even without location tracking (by manually entering a city to use). Not sure why this App is on their list since it would never be able to track your location and tie that to a user since there's no login required.
It would "be on the list" since if you want to actually do anything like make an offer, do a listing, ask a question or anything of the sort that needs an email address they say right in their privacy policy that it may be combined with "other information" sourced from or shared with other 3rd parties to accurately identify you, your finances, and your family dynamics. In addition even if you don't agree to share precise location data I think it was still found to be logging your SSID/wi-fi network identifiers which when combined with some 3rd party data can reasonably identify who you likely are. SOOO many apps track your network identifiers and IP address anymore and later found to be monetizing that info it's probably child's play to figure out who most folks probably are. The big data aggregators that are purchasing the information from the app developers obviously find it valuable for resale purposes.
Apple has no control whatsoever over what apps do with whatever data you've knowingly or not shared with them. The best outcome is they keep it to themselves, but obviously that's not always the case. The researchers are bringing it to everyone's attention which I would expect you to agree is a really good thing to do so why complain?
Many iOS users have been lulled into thinking it's only an Android issue, with iOS aggressively promoted as a safe garden protected by Apple, its high walls offering highly vetted privacy-first applications with each one individually inspected, tested and approved as safe by real humans before making their way to the AppStore unlike that "other OS". Obviously that's not always the case either. You along with other regular AI members might already have known and take precautions when installing apps but Mike and Minny iPhoner might not have considered things might not always be as they seem, likely to just click on thru to use the app. Afterall Apple already made sure it was safe.
"EVERYONE KNOWS" to be careful with Android apps but it applies to iOS too, even those popular highly rated and thoroughly-vetted (!??) ones. Somehow they still manage to do stuff that Apple says they can't.
Did I hear correctly that Apple is working on a feature in Safari that makes all devices look the same on the internet?
I believe that they are limiting the amount of time a company can track you online. I just installed Little Snitch and there are hundreds of ad companies out there tracking you across websites and even more serving up ads. I have spent a lot of time looking them up and then blocking them. It is about time a company like Apple did this as while I knew there was tracking going on by Google and FB etc, I did not realize how how big it is.
if blogs can't leave comments open for all articles, they shouldn't post them. already left Engadget for doing that. if Appleinsider continues will find somewhere else to hear real people converse about everything Apple
The kind of person that demands political rants, trolls, and spammage litter every story on an Apple-centric news site is exactly the sort of person the readers and moderators don't want around here.
I'm the CEO of YouMail (one of the apps on the list from GuardianApp) and find this article is a bit misleading.
It implies that an app using a particular 3rd party location SDK is inherently bad - that there somehow is not opt-in, that there's not full disclosure, or that the location data is being sold for nefarious purposes.
In our case, YouMail uses location data to determine dead spots (where the carrier never rings the phone and instead sends all calls in that area straight to voicemail). In addition, we are testing collecting and selling location data to third party ad networks for the specific and sole purpose of helping advertisers better target ads - as a better way to fund the free service than having untargetted, random in-app advertising. The thing is - any location collection and use is 100% opt-in, and it's 100% fully disclosed in the privacy policy. And we're also constantly refining how we talk about it in the app (in that small piece of real estate we have on the request permission experience) to make it clearer to the user what's going on - in fact, we've got a new release in review with new. simple language in the permission request that makes this super clear.
We welcome comments or suggestions how we can do better here.
Apple may position itself as the privacy/user advocate choice in the market, but that doesn't necessarily apply to others who inhabit the platform and are allowed within the system. The company still collects an large amount of data, even if it pledges to anonymize it, and anyone who has even run a connection monitor like Little Snitch knows the numerous connections made to Apple servers in the course of seemingly benign, normal usage.
I actively try to avoid specialized apps in general, especially when they don't offer any benefit above and beyond what is replicated by visiting a website. Even visiting with a browser can reveal a myriad of data, but at least it's a more recognized and defined set, as opposed to who knows what an app sends back and forth.
Anyone who expects this (non) revelation to prompt Apple to take any action only has to be reminded of how Tim Cook personally handled Uber's surreptitious tracking of users, intentionally designed to be hidden from Apple's notice.
Uber CEO Travis Kalanick was summoned to Cupertino, and merely scolded by Cook, and only threatened with expulsion from the app store.
No other action was taken. No ban, not even a temporary removal from the store until the fix was enacted, which wouldn't have impacted users who already had the app in use. In short, Cook let them get away with it scot-free when any regular consumer of Apple news knows that others have had their apps flicked for much lesser offenses. Too big to ban?
Words don't carry weight without action, and the leader of the company only punted when presented with the opportunity to act according to the company principles he espouses.
GasBuddy asks you to login right away with Facebook, Google or e-mail. There's a "Later" option to use without creating a login. When it shows an explanation for Permissions, it highlights "Always" to try and suggest to you to pick Always when the actual iOS Permissions dialog comes up. It seemed to work fine without me logging in. Didn't use it long enough to see if will nag you later to login.
ASKfm immediately asks you to login. I couldn't get past the login screen to see what it asks for Permissions, so I deleted it after that.
Homes.com didn't ask for any login at all. It let me go straight to searching for homes. When I clicked on Search by Location it asked me if I wanted to allow the App to track location while using the App and had the obligatory "You can change this later" prompt. When I went into Settings my Permission was indeed set to "While Using". I uninstalled it and tried again and this time when it asked to search I typed in my location. So I was able to use this App without any login and even without location tracking (by manually entering a city to use). Not sure why this App is on their list since it would never be able to track your location and tie that to a user since there's no login required.
Tunity, like ASKfm, won't continue until you login. Again, don't know how it presents Permissions.
Roadtrippers asks you to login, but allows you to continue without logging in. It immediately asks for Location Permissions. Their dialog states you'll get reduced functionality (like discovery of nearby places) if you select Never or While Using, hinting you should pick Always.
That's my part. If anyone wants to try some other Apps to add to the list feel free. Obviously some Apps (ASKfm, Tunity) should not be trusted AT ALL as you can't use them without creating a login. Homes.com shouldn't even be on their list. While it might have tracking, the information is useless and presents no privacy concern since there's no login. They probably use the information just to see where people are looking for homes in general, not to mine personal usage. I think it's disingenuous of Guardian to include this App. GasBuddy and Roadtrippers can be used without a login, but the way they word it they try to get you to use a login and also try to get you to pick Always for Permissions. So they can be used safely, but you have to avoid using a login and make sure your Permissions are set properly.
Right, I think the problem here is not what they're doing; it's the fact that some apps don't tell you what they're doing. Apple allows you to restrict what they have access to, but there are other ways to glean, for example, location information: you could interrogate the wifi router.
Personally, I don't think that Apple can actually come up with a foolproof method of preventing this, and I'm not sure that they want to. People think apps are too expensive (I've seen them complaining on the app store about handing over $5.00 for an app). People don't like subscriptions (a thread on its own). People don't like ads. Apple doesn't like ads, which is why they can't seem to come up with a successful scheme: their hearts aren't really in it.
At some point, folk will need to understand that developers need to earn a living, and then they can pick the poison of their choice. Until that time (never) then developers are going to need ads to keep themselves from starving to death, and the ad framework providers will keep finding new and interesting ways of getting the kind of information that we'd rather they didn't have.
So, while I don't think there's much Apple can do on the software front, that doesn't mean there isn't something they could do.
For a start, rather than the occasional purge of rogue apps, let's make it an ongoing requirement with a full-time team dedicated weeding them out and throwing them off the store. A lot of the problems come from clone apps that, sorry to say, stay up, collecting money and user data for far too long, even after the developers of the genuine app has complained to Apple. Like you, I delete any app that demands a login without a good reason (connecting to a bank account for example). Weather apps don't need a login, neither do kitchen scales, neither does a blood pressure monitor.
Rogue developers will go to extraordinary lengths to hide what they're up to. Uber made sure their app didn't do anything nefarious while it was anywhere within range of Apple headquarters. They were eventually discovered and taken to task when sharp Apple employers who were not based at Apple HQ realised what was going on and alerted the mothership. But when an app is submitted, they can do string searches for known ad-tracking API service calls and then check more deeply to see what they're doing. Since lots of these apps are using them, and Apple has no idea what is happening with the call once it reaches the home server, this might be quite time consuming and, in the end, futile, so I suggest something even more drastic: Apple searches any app submitted app for the presence of known ad service APIs and then adjusts the displayed opt-in dialog to warn people such a service is being used. If the developers cannot be honest about what they're doing (and I'm not saying they should stop using these services) then I think Apple should consider taking the choice away from them.
Lastly, don't get too bogged down in arguing the point with Googleguy because from Apple's position it's meaningless. His stance is that this proves the iOS store is just as bad as Google, but that's just a weird way to make Google look better (though in my book, saying something else is just as bad never made anything look better). Regardless of what Google does, Apple needs to do better because, unlike Google, it has consumer-level customers it cares about and a reputation to protect, and though this is not a problem of their making, that doesn't mean it's not something they can't do something about.The difference is that this a problem Apple can help with, while Google is actually a big part of the problem.
Lastly, don't get too bogged down in arguing the point with Googleguy because from Apple's position it's meaningless. His stance is that this proves the iOS store is just as bad as Google not as aggressively vetted and safe from malware and data harvesting as many people may be assuming. Nothing to do with Google.
Comments
Apple has no control whatsoever over what apps do with whatever data you've knowingly or not shared with them. The best outcome is they keep it to themselves, but obviously that's not always the case. The researchers are bringing it to everyone's attention which I would expect you to agree is a really good thing to do so why complain?
Many iOS users have been lulled into thinking it's only an Android issue, with iOS aggressively promoted as a safe garden protected by Apple, its high walls offering highly vetted privacy-first applications with each one individually inspected, tested and approved as safe by real humans before making their way to the AppStore unlike that "other OS". Obviously that's not always the case either. You along with other regular AI members might already have known and take precautions when installing apps but Mike and Minny iPhoner might not have considered things might not always be as they seem, likely to just click on thru to use the app. Afterall Apple already made sure it was safe.
"EVERYONE KNOWS" to be careful with Android apps but it applies to iOS too, even those popular highly rated and thoroughly-vetted (!??) ones. Somehow they still manage to do stuff that Apple says they can't.
It implies that an app using a particular 3rd party location SDK is inherently bad - that there somehow is not opt-in, that there's not full disclosure, or that the location data is being sold for nefarious purposes.
In our case, YouMail uses location data to determine dead spots (where the carrier never rings the phone and instead sends all calls in that area straight to voicemail). In addition, we are testing collecting and selling location data to third party ad networks for the specific and sole purpose of helping advertisers better target ads - as a better way to fund the free service than having untargetted, random in-app advertising. The thing is - any location collection and use is 100% opt-in, and it's 100% fully disclosed in the privacy policy. And we're also constantly refining how we talk about it in the app (in that small piece of real estate we have on the request permission experience) to make it clearer to the user what's going on - in fact, we've got a new release in review with new. simple language in the permission request that makes this super clear.
https://www.dailydot.com/debug/tim-cook-kalanick-threatened-uber/
Cook threatened him, and that was enough for a “shaken” Kalanick to capitulate immediately.
Whether words carry weight or not mainly depends on who’s speaking them.
Right, I think the problem here is not what they're doing; it's the fact that some apps don't tell you what they're doing. Apple allows you to restrict what they have access to, but there are other ways to glean, for example, location information: you could interrogate the wifi router.
Personally, I don't think that Apple can actually come up with a foolproof method of preventing this, and I'm not sure that they want to. People think apps are too expensive (I've seen them complaining on the app store about handing over $5.00 for an app). People don't like subscriptions (a thread on its own). People don't like ads. Apple doesn't like ads, which is why they can't seem to come up with a successful scheme: their hearts aren't really in it.
At some point, folk will need to understand that developers need to earn a living, and then they can pick the poison of their choice. Until that time (never) then developers are going to need ads to keep themselves from starving to death, and the ad framework providers will keep finding new and interesting ways of getting the kind of information that we'd rather they didn't have.
So, while I don't think there's much Apple can do on the software front, that doesn't mean there isn't something they could do.
For a start, rather than the occasional purge of rogue apps, let's make it an ongoing requirement with a full-time team dedicated weeding them out and throwing them off the store. A lot of the problems come from clone apps that, sorry to say, stay up, collecting money and user data for far too long, even after the developers of the genuine app has complained to Apple. Like you, I delete any app that demands a login without a good reason (connecting to a bank account for example). Weather apps don't need a login, neither do kitchen scales, neither does a blood pressure monitor.
Rogue developers will go to extraordinary lengths to hide what they're up to. Uber made sure their app didn't do anything nefarious while it was anywhere within range of Apple headquarters. They were eventually discovered and taken to task when sharp Apple employers who were not based at Apple HQ realised what was going on and alerted the mothership. But when an app is submitted, they can do string searches for known ad-tracking API service calls and then check more deeply to see what they're doing. Since lots of these apps are using them, and Apple has no idea what is happening with the call once it reaches the home server, this might be quite time consuming and, in the end, futile, so I suggest something even more drastic: Apple searches any app submitted app for the presence of known ad service APIs and then adjusts the displayed opt-in dialog to warn people such a service is being used. If the developers cannot be honest about what they're doing (and I'm not saying they should stop using these services) then I think Apple should consider taking the choice away from them.
Lastly, don't get too bogged down in arguing the point with Googleguy because from Apple's position it's meaningless. His stance is that this proves the iOS store is just as bad as Google, but that's just a weird way to make Google look better (though in my book, saying something else is just as bad never made anything look better). Regardless of what Google does, Apple needs to do better because, unlike Google, it has consumer-level customers it cares about and a reputation to protect, and though this is not a problem of their making, that doesn't mean it's not something they can't do something about.The difference is that this a problem Apple can help with, while Google is actually a big part of the problem.
https://apnews.com/828aefab64d4411bac257a07c1af0ecb/AP-Exclusive:-Google-tracks-your-movements,-like-it-or-not
https://bgr.com/2014/01/08/google-privacy-law-violation-france-fine/
https://www.reuters.com/article/us-spain-google-privacy/spain-privacy-watchdog-fines-google-for-breaking-data-law-idUSBRE9BI12Z20131219
https://bgr.com/2013/03/12/google-street-view-data-collection-371695/