There are a lot of articles about allowing sideloading on iOS floating around. I have read several of them. I found John Gruber’s to be the most thoughtful and want I to share it with you.
Category: Privacy
I didnât get my one wish for iPadOS 15
I had only one wish for iPadOS 15, and it was that I wanted the Files app to become a true Finder equivalent and that didnât happen. What we did get were some big improvements to multitasking that Iâm looking forward to. Jason Snell and Myke Hurley in Episode 356 of the Upgrade podcast give a good review of how the new multitasking features will work.
Hereâs something else that Iâm excited about. Apple announced some major new privacy features that will make using iPhone, iPad, and Mac more private.
Apple announced on Monday at its annual Worldwide Developers Conference (WWDC) that its upcoming iOS 15 update will give iPhone users even more insight and control over their own data. Among other updates, youâll soon be able to see who your apps are sharing your data with; youâll be able to stop trackers from detecting if and when you open emails; and youâll be able to keep your internet activity more private.
PSA: What Is Amazon Sidewalk and Why Should I Disable It Before June 8?
Brendan Hesse writing for Lifehacker:
On June 8, Amazon will launch a new feature called Sidewalk that creates small, public internet networks powered by Echo smart speakers and Ring home security products in your neighborhood. Yes, including yoursâunless you disable the setting, which is turned on by default. That means if you donât want your devices included in this particular tech experiment, you only have a week left to opt out.
Many of Apple’s privacy labels are false
I have to say this is disappointing to read. According to a Washington Post article, Appleâs big privacy product is built on a shaky foundation: the honor system. In tiny print on the detail page of each app label, Apple says, âThis information has not been verified by Apple.â
Shame on the developers for lying, and double shame on Apple for not verifying.
I checked Appleâs new privacy ânutrition labels.â Many were false.
You can trust Apple ⌠right?
You go to your iPhoneâs App Store to download a game. Under a new âApp Privacyâ label added last month, thereâs a blue check mark, signaling that the app wonât share a lick of your data. It says: âData not collected.â
Not necessarily. I downloaded a de-stressing app called the Satisfying Slime Simulator that gets the App Storeâs highest-level label for privacy. It turned out to be the wrong kind of slimy, covertly sending information â including a way to track my iPhone â to Facebook, Google and other companies. Behind the scenes, apps can be data vampires, probing our phones to help target ads or sell information about us to data firms and even governments.
â
Google apps will stop certain tracking to avoid the iOS “Allow Tracking” prompt
With iOS 14, Apple is requiring app developers to tell users about and have them opt-in to tracking. Google today announced that âwhen Appleâs policy goes into effect, it will no longer use information (such as IDFA) that falls under ATT for the handful of our iOS apps that currently use it for advertising purposes. As such, we will not show the ATT prompt on those apps, in line with Appleâs guidance.â
I don’t use Google’s apps but for those of you who do this should be a welcome change.
â
Firefox 85 adds supercookie protection. What about Safari?
In technology news today Mozilla announced that it has added built-in protection from supercookies to Firefox 85. âFirefox now protects you from supercookies, a type of tracker that can stay hidden in your browser and track you online, even after you clear cookies,â Mozilla explains in a blog post. âBy isolating supercookies, Firefox prevents them from tracking your web browsing from one site to the next.â
With Safari being my main browser and Firefox being secondary I wondered if Safari might have the same protection from supercookie tracking? To my surprise, it does and has since 2018.
âQuietly and without fanfare Apple has rolled out a change to its Safari browser that munches one of the webâs most advanced âsuper cookiesâ into crumbs.â Apple burns the HSTS super cookie WebKit blog: Protecting Against HSTS Abuse
Apple doubles down on iOS App Tracking Transparency
According to Craig Federighi, The aim of ATT is âto empower our users to decide when or if they want to allow an app to track them in a way that could be shared across other companiesâ apps or websitesâ.
With Apple requiring developers to share privacy details needed for the new privacy labels on December 8 iOS App Tracking Transparency (ATT) has made its way into the news again thanks to the hysteria of adtech and with particular criticism coming from Facebook-owned WhatsApp.
Apple has used a speech to European lawmakers and privacy regulators to come out jabbing at what SVP Craig Federighi described as dramatic, âoutlandishâ and âfalseâ claims being made by the adtech industry over a forthcoming change to iOS that will give users the ability to decline app tracking.
Itâs good to see Apple standing strong on ATT to protect the privacy of its users.
If youâre interested, hereâs a link to Craig Federighiâs speech.
UPDATE: iOS 14 has Zuckerberg/Facebook running scared
Iâve been working on an article about the iOS 14 privacy feature that has Facebook and other advertisers running scared. Facebook acknowledged that Appleâs upcoming iOS 14 could lead to a more than 50% drop in its Audience Network advertising business. (Doesnât that just break your heart)
Today to my disappointment, Apple is holding off on introducing the default feature until early next year to allow developers more time to make the necessary changes to their apps. I guess this makes everything Iâve written all for naught. Oh, well.
By the way, did you know that you can manually limit targeted advertising and reset your identifier? If you do this an app will still be able to access your IDFA but it makes it much harder to build a profile on you. I reset my identifier once a month.
The advertising identifier on an Apple device does not identify you personally, but it can be used by advertisers to create a profile about you. If itâs never reset, that profile increases in detail, allowing advertisers to target ads to you based on your Internet activity.
Encryption as we know it is in jeopardy
I wrote an article on Medium this afternoon and I want to share it with you. Itâs about a law the United States Congress is considering that will ruin online privacy and security as we know it.
Hereâs a link to the article:
Americaâs LAED Act encryption ban must be stopped
My thoughts on Apple & Googleâs COVID-19 contact tracing
From what Iâve read Apple and Googleâs COVID-19 contact tracing seems like a good idea and one that Iâll most likely use. It appears to be the best technological solution to date for governmental authorities to partially lift the lockdown orders that are currently in place. That said I do have privacy concerns.
According to the Verge, this is how weâll use the tracking tool. âGoogle and Apple are using Bluetooth LE signals for contact tracing. When two people are near each other, their phones can exchange an anonymous identification key, recording that theyâve had close contact. If one person is later diagnosed with COVID-19, they can share that information through an app. The system will notify other users theyâve been close to, so those people can self-quarantine if necessary. Ideally, this means you wonât have to reveal your name, location, or other personal data.â
Apple and Google stress that âuser privacy and security is central to the designâ. So hereâs the best explanation as to how privacy will be protected that Iâve found.
But while mobile-based contact tracing may be more effective, it also poses a serious threat to individual privacy, since it opens the door to central databases that track the movements and social interactions of potentially millions, and possibly billions, of people. The platform Apple and Google are developing uses an innovative cryptographic scheme that aims to allow the contact tracing to work as scale without posing a risk to the privacy of those who opt into the system.
Privacy advocatesâwith at least one notable exceptionâmostly gave the system a qualified approval, saying that while the scheme removed some of the most immediate threats, it may still be open to abuse.
âTo their credit, Apple and Google have announced an approach that appears to mitigate the worst privacy and centralization risks, but there is still room for improvement,â Jennifer Granick, surveillance and cybersecurity counsel for the American Civil Liberties Union, wrote in a statement. âWe will remain vigilant moving forward to make sure any contact tracing app remains voluntary and decentralized, and used only for public health purposes and only for the duration of this pandemic.â
Unlike traditional contact tracing, the phone platform doesnât collect names, locations, or other identifying information. Instead, when two or more users opting into the system come into physical contact, their phones use BLE to swap anonymous identifier beacons. The identifiersâwhich in technical jargon are known as rolling proximity identifiersâchange roughly every 15 minutes to prevent wireless tracking of a device.
As the users move about and come into proximity with others, their phones continue to exchange these anonymous identifiers. Periodically, the usersâ devices will also download broadcast beacon identifiers of anyone who has tested positive for COVID-19 and has been in the same local region.
In the event someone reports to the system that she has tested positive, her phone will contact a central server and upload identifiers of all the users she has come into contact with over the last 14 days. The server then pushes a notification to the affected users.
