Ad networks using new tracking methods to bypass iPhone security measures

2»

Comments

  • Reply 21 of 37
    gtrgtr Posts: 3,231member

    Quote:

    Originally Posted by Tallest Skil View Post


     


    I wonder if I'm being redundant, but I have AdBlock, Ghostery, Do Not Track Plus, Defacer, Get Off My Lawn, Shellfish, Facebook Disconnect, Twitter Disconnect, and GoogleClickTracker. 


     


    Something is wrong when I have to do all this to stay private.



     


    You forgot a good old fashioned shotgun:


     


    "Git orf mah privacy, boy."


     


    Seriously, though, I'd like to thank Apple for being one of the few (only?) remaining companies that, as a rule, generally respects it's user's privacy.

  • Reply 22 of 37
    Java != JavaScript
  • Reply 23 of 37
    alfiejralfiejr Posts: 1,524member


    all this tracking crap has to be killed, dead. especially Google's. screw them ALL. greedy punks, so smug.


     


    everything must be opt-in only.

  • Reply 24 of 37
    It was my understanding that Apple told developers when the Apple UDID was no longer at their use, that developers would have to create their own style UDID. So THR open source UDID should not be an issue

    Cheers !
  • Reply 25 of 37
    richlrichl Posts: 2,213member


    The problem is that plenty of people (especially kids) demand free apps on iOS. The only way to support free apps is to include ads. 


     


    I'm sure everyone here is willing to pay 99c for the ad-free version but some people can't or won't.


     


    Even developers making premium apps find it useful to track their users. App developers want to know what phone you're using and what OS version it's running so that they can make their apps better. 


     


    The bottom line is: no tracking = lower quality, more expensive apps.

  • Reply 26 of 37
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by Tallest Skil View Post


    Then these get banned from all apps in the App Store. Simple. There's no excuse for this unsolicited data mining. 



     


     


    Agree. But I would go farther. It's unconscionable the extent to which advertisers will go to get this data. For example, look at those who are dumping all over Microsoft for making no tracking a default option in IE (hard to imagine that MS is now the hero). Somehow, these companies believe they have a right to our privacy, and will look for any legal and technical loopholes to violate us.

  • Reply 27 of 37
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by RichL View Post


    The problem is that plenty of people (especially kids) demand free apps on iOS. The only way to support free apps is to include ads. 


     


    I'm sure everyone here is willing to pay 99c for the ad-free version but some people can't or won't.


     


    Even developers making premium apps find it useful to track their users. App developers want to know what phone you're using and what OS version it's running so that they can make their apps better. 


     


    The bottom line is: no tracking = lower quality, more expensive apps.



     


    "Demand" free apps? I don't see any marchers in the streets yet. Sure, people enjoy free apps and will use them. But that's a far cry from demanding them.

  • Reply 28 of 37
    minimoeminimoe Posts: 14member


    Start off with some 127.0.0.1 entries in /etc/hosts and add Protect My Privacy (PMP).


     


    http://www.protectmyprivacy.org/

  • Reply 29 of 37
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by Gazoobee View Post


     


    I have most of that and I have Java turned off also (which is Why AppleInsider's new forum looks like a dog's breakfast and barely works).  


     


    Really though if you have Ghostery, you probably don't need the Facebook and Twitter blockers. 



     


    What does Java have to do with how this website looks?

  • Reply 30 of 37
    irnchrizirnchriz Posts: 1,603member
    Apple need to lock down location services so that you are prompted for a pass code to enable them. This way no app can sneekily access location data without user authentication.
  • Reply 31 of 37


    A stupid article without any research on what OpenUUID or ODIN does.  


     


    Also I don't understand the fuzz with the entitlement for getting premium content or applications for free.

  • Reply 32 of 37
    igamogamigamogam Posts: 42member


    C'mon appleinsider, does anyone actually proofread these posts because this one has a glaring mistake...


     


    "Without user tracking data, it is estimated that ad networks could   " 


     


    Could what exactly?

  • Reply 33 of 37
    gatorguygatorguy Posts: 23,302member

    Quote:

    Originally Posted by Tallest Skil View Post


    Then these get banned from all apps in the App Store. Simple. There's no excuse for this unsolicited data mining. 



    Isn't this one type of unapproved harvesting of user data that qualifies apps as malware? As far as the security companies are concerned it's called malware if it's an Android app doing so without notice to the user. I'm sure the same applies to an iOS app that does the same thing.  Perhaps calling a spade a spade might prompt Apple to put a little more effort in closing loopholes.

  • Reply 34 of 37


    Do you guys realize there are *5* trackers on this AppleInsider page we are currently reading?


     


    (Well, those of you who use Ghostery may - but other users probably do not)


     


    What we need is for Apple to _allow_ apps like Ghostery or AdBlock to run on iOS in some fashion.  Apple does not need to actually produce the apps themselves, only allow them to run.


     


    And as a side note, another good one for folks - if you still want to use Flash - is BetterPrivacy.  It will delete any "super LSO" type tracking, at whatever schedule you set up.  Gets rid of flash tracking cookies and other things as well.


     


    There is a side problem, however, that sites can track you simply by your system configuration.  Your system configuration is almost a unique fingerprint - even if you have every thing blocked.  http://panopticlick.eff.org/

  • Reply 35 of 37
    mstonemstone Posts: 11,510member

    Quote:

    Originally Posted by irnchriz View Post



    Apple need to lock down location services so that you are prompted for a pass code to enable them. This way no app can sneekily access location data without user authentication.


    They do require the user to approve location services access on a per app basis. I think a lot of users have the Vista alert mentality and just say yes to everything because they think if they say no they will get pounded with annoying messages constantly.

  • Reply 36 of 37
    mstonemstone Posts: 11,510member

    Quote:

    Originally Posted by valkraider View Post


    There is a side problem, however, that sites can track you simply by your system configuration.  Your system configuration is almost a unique fingerprint - even if you have every thing blocked.  http://panopticlick.eff.org/



    That is pretty interesting but the results seem odd. My iPhone is unique 1 in 278,322.


     


    I guess a lot of people must not upgrade their iOS version and also live in PDT time zone because everything else is default on my phone.


     


    On my desktop I am more unique 1 in 2,226,635 because I have a 30" cinema

  • Reply 37 of 37
    gatorguygatorguy Posts: 23,302member


    Supporting my argument that yes, malware exists in the Appstore going by the security companies' definitions. It's just seldom if ever called malware on Apple's platform unlike articles mentioning "malicious apps" using the same or similar undeclared permissions on Android offerings. 


    http://www.appleinsider.com/articles/12/06/06/linkedin_app_under_scrutiny_for_transferring_ios_calendar_entries.html


     


    It doesn't mean iOS is inherently insecure or that Apple's curation doesn't work. It's just a fact that if you have several hundred thousand applications available at least some of those will be doing things that Google/Apple isn't aware of. Policing appstores this large won't always be successful.


     


    Calling apps malware on one platform but not the other seems disingenuous, and link-bait fodder from the security companies who plainly hope to push their software as a necessity. The more successful  they are at creating a perception of serious security issues the more they get themselves on user's devices.


     


    BTW, Charlie Miller (that Charlie Miller) claims to be assisting Google with closing holes in their Bouncer app inspection efforts. 


    http://blog.duosecurity.com/2012/06/dissecting-androids-bouncer/

Sign In or Register to comment.