Pulling back the curtain on iOS privacy, and its failings

It’s behind a paywall so I can’t read it, but you can cut down on the trackers (and ads!) significantly, at least on networks you control, by setting up and using a Pi-hole.

If you’re really savvy, you can set up Pi-hole and a VPN endpoint on a host like Linode or Digital Ocean and route everything through there so you’re covered no matter where you go. A $5 plan on those hosts should do it, just make sure the Pi-hole isn’t accessible to the internet at large.

1 Like

I presume this is about third party apps?

(Hmm, went back and checked the original link and could get to it without logging in so the below might be unnecessary.)

Here is a version not behind a paywall.

https://www.msn.com/en-us/news/technology/its-the-middle-of-the-night-do-you-know-who-your-iphone-is-talking-to/ar-AAC1Wvl

Here are some tips on limiting the exposure

Copied and pasted below

How to limit iPhone app tracking

Our tech columnist offers some practical advice for fighting back against iOS apps hungry for your personal data.

Apps tracking your activity — even while you sleep — is a pervasive practice, including on Apple’s iPhone.

What can you do to limit some of it?

1) Conduct an app census.

In iOS 12, go to Settings, then Privacy, and turn off location services for apps that don’t really need it — especially the ones that asked to access it “always.” (This is key because apps will wake up periodically if you give them “always” location access.”)

[Help Desk: Ask our tech columnist a question]

Go through the same process for other sensitive information, such as contacts and health data — as well as access to your microphone and camera.

Even better: Just delete any apps you don’t use regularly.

2) Turn on “limit ad tracking.”

Go to Settings, then Privacy — and look all the way at the bottom under the heading “Advertising.” Turning on “limit ad tracking” won’t stop all this unwanted behavior, but it does put up a speed bump.

3) Get Disconnect’s free Privacy Pro for iOS.

This app tallies and limits many trackers, kind of like a tracker blocker you add to a Web browser — except for your entire phone. It might interfere with the function of some apps, but Privacy Pro’s makers try to strike a balance between privacy and functionality. (You don’t need to pay for the subscription version unless you also want a virtual private network, or VPN, to help keep your data secret from your Internet service provider.)

What about Android users? Samsung phone owners can download a version of Disconnect’s software called Pro Privacy and Performance for $25 from the Galaxy Apps store. The Android app isn’t available in the wider Play Store, due to restrictions by Google.

4) Turn off “background refresh” on apps.

Go to Settings, then General and then Background App Refresh. Switching off access for apps will prevent them from sending out data while you sleep at night but won’t necessarily stop them from sharing your data with third parties while you use their apps. (Manually force-closing apps won’t help stop tracking by apps that you’ve allowed background refresh access.)

5) Use Apple’s first-party apps.

Apple holds its own services, such as Photos and Maps, to a higher privacy standard than other apps. In most cases, it encrypts your data and tries to minimize collecting it in the first place.

1 Like

Whoa I just looked at battery usage and it will show what’s pulling a lot from background refresh. Yelp was a huge violator

1 Like

Sorry! Wasn’t pay-walled for me. I suppose I’m below my monthly free quota.

https://www.washingtonpost.com/technology/2019/05/28/its-middle-night-do-you-know-who-your-iphone-is-talking/
(may be paywalled but it was widely reported elsewhere).

Strangely this article about iPhones sending tracking information via background app refresh from May 28 appeared again in my News app this morning dated June 10. It’s the exact same article as far as I can see. It’s pretty shocking that the iPhone had 5,400 trackers sending 1.5GB of data in a month - could be wasting a good percentage of your data plan, never mind selling your soul to the ad tracking companies. The article made a disappointingly small wave in the tide of Apple-specific tech news. I really hope Apple speaks up about this and does something to plug this vulnerability. For now I have turned off background app refresh.

The article recommends that we download and use at least the free version of Privacy Pro. Does anyone have any experience with this app to relate?

I’ve been using that app for a couple of years. I do not pay for the optional integrated VPN. Works great, and speeds up web surfing too.

As you can see, the app has blocked around half that in the last month of use.

2 Likes

And nearly 18,000 trackers. Shudder.

There are some protections for this behaviour built into iOS 13, which is nice.

It’s worth noting that these are third party apps, and that they’re going to continually seek ways around protections that Apple put in place. It’s disappointing to see this behaviour, doubly so when it isn’t aligned to the published policies of the app or platform in question.

I think many developers blindly incorporate these trackers, and don’t necessarily have any way of verifying their behaviour, or what’s happening to the data they harvest. They include the tracker and get paid every month.

Ads and tracking on the internet are broken, and until that paradigm is replaced by something healthier, this kind of thing is going to continue to happen.

2 Likes

It would be great to have a wiki page listing apps and the associated trackers, if this can be determined.

1 Like

On my iPhone I use 1Blocker X and Better (terrible name, completely un-Googleable).

Gruber recommended Ka Block because he felt like 1Blocker “broke too many sites” but I haven’t had that experience.

Ben Brooks also had an extensive write-up late last year.

At home I also use eero plus, and I can tell you that it blocks a ton of crap for my wife and son (neither of whom use content blockers) and some-but-not-much for me (presumably because my content blockers are already blocking them).

I have 1Blocker on my iPhone but I turned it off because, like Gruber, I found problems with some sites. Instead I use Better. I also use Unobstruct which sits in the share sheet when I need to get rid of floating windows/headers/footers on sites.

But do not confuse a content blocker, which only works on your browser, with the kind of systemwide protections that Privacy Pro extends to all apps on your phone.

1 Like

Unobstruct and 1blocker are my content filter combo. 1Blocker X has selective whitelisting so where a site might be broken by, say, comment section blocking, I can white list comment sections for that site but continue to block everything else.

I agree. It’s a good blocker. But I’ve found that Better works just as well without my needing to whitelist.

I still have 1Blocker on my phone, but not activated, just in case I might want to switch to it for some reason, but those reasons seem to be diminishing. It is my main content blocker on Safari on my Mac though.

1 Like

Can an admin (@RosemaryOrchard, @MacSparky, @ismh) please merge this topic with the previous one for the same article?

If hearing about this has a bigger impact than reading it, tonight’s Fresh Air interviewed the Post reporter. It’s quite sobering! https://www.npr.org/2019/07/31/746878763/how-tech-companies-track-your-every-move-and-put-your-data-up-for-sale

1 Like