
Intelligent Tracking Prevention 2.0 - lunchbreak
https://webkit.org/blog/8311/intelligent-tracking-prevention-2-0/
======
joshe
While this doesn't solve the problem completely, it's interesting that they
started. Apple can go all the way down to the system level to anonymize iOS
and at make you look like everyone else, much more so than Firefox for
instance.

Also some shade thrown at Facebook in the screen time demo, they called out
Instagram and Facebook as great things to block. Not a full war declaration,
just "how about less Facebook".

Some examples of why this doesn't completely block everything... All the cell
phone companies have unique ids on each device which they seem quite happy to
sell. [1] There are many ways to fingerprint people on the web (how fast code
is running, gpu speed, touch and scrolling style) that will be wack-a-mole for
awhile. Each website that is tracking you now could use it's own cookie to
record user behavior and then send it to FB/Google on the backend to link them
later. For your phone on wifi, your isp or cable company is selling data based
on your mac address and ip address. [2]

Great that unlike GDPR, this isn't an enormous pain for every little website
in the world. It just makes big company Facebook/Google tracking harder.

[1] [https://www.igeeksblog.com/how-to-disable-data-tracking-
on-a...](https://www.igeeksblog.com/how-to-disable-data-tracking-on-att-
verizon-sprint-t-mobile/)

[2] [https://hackernoon.com/what-youre-revealing-to-your-isp-
why-...](https://hackernoon.com/what-youre-revealing-to-your-isp-why-a-vpn-
isn-t-enough-and-ways-to-avoid-leaking-it-503816542951)

~~~
stormbrew
> Each website that is tracking you now could use it's own cookie to record
> user behavior and then send it to FB/Google on the backend to link them
> later.

I dunno if this is realistically practical. Right now the reason people do
this is basically because of a combination of a perception that doing so adds
value to the page and the fact that it's incredibly trivial because the web
frontend platform is relatively uniform.

Having to add and maintain a backend shunt for the data though? That's not
something that's going to creep on to every single website in existence like
facebook like buttons have. Hell, it requires you to even have a backend,
which many sites that have these buttons barely even have.

~~~
codeflo
With the sudden increase of data collection checkboxes in the last few days
since the GDPR is in effect, I noticed more than one website claiming that for
technical reasons I _can 't_ opt out of having my data resold unless I enable
third-party cookies "to store my preferences". Yeah, right, I thought. But I
really don't know if that's shady or just technically inept (likely both).
Perhaps as you suggest many websites simply don't have the infrastructure to
do anything non-trivial in the backend.

------
IBM
ITP 2.0 just got _the_ Seal of Approval.

[https://twitter.com/alexstamos/status/1003716676813090818](https://twitter.com/alexstamos/status/1003716676813090818)

~~~
Sammi
For those that don't or can't do Twitter:

Alex Stamos, CSO of Facebook, tweets:

"If this is about protecting privacy, and not just cute virtue signaling, then
they should block all 3rd party JS and pixels."

Some funny responses:

""If this is about reducing the climate change, and not just cute
consciousness about improving the world, then they should live in the forest
with a wooden stick and nothing else" \- you know exactly that Apple is trying
to balance UX and privacy" @RL_Scharf

"Guy who set the house on fire is upset that he’s being denied access to
matches, claims nobody should have them." @poiseavan

------
fastest963
Even if "tracking" is allowed by the user for your domain (via the new API to
request access), you must still get user interaction in the future to access
the cookies that the user already allowed.

See: [https://webkit.org/blog/8311/intelligent-tracking-
prevention...](https://webkit.org/blog/8311/intelligent-tracking-
prevention-2-0/)

------
sirmike_
All in favor of these changes. Employing the user to control what is theirs is
always good. The only part i do not like (from the power user perspective) is
the auto save passwords. Prolly a good thing for the avg end user tho.

------
Rjevski
I wish at some point Apple would also include a built-in ad blocker so we
don't even need to install third-party ones.

~~~
r00fus
Built-in would mean they are actively at war with FB/Google. Safari's content
blocker is their way to a) avoid the wack-a-mole game and let the blockers
evolve along with their competition and b) stay somewhat neutral to their
competitors.

~~~
Rjevski
> they are actively at war with FB/Google

Why is that? They’re not at war with any particular company, mainly at war
with a business model equivalent to cancer. Those companies will be welcome
back anytime once they find out a proper business model that respects users.

~~~
ceejayoz
> They’re not at war with any particular company, mainly at war with a
> business model equivalent to cancer.

Look, if you declare war on "primarily German-speaking countries", the end
result is you're probably at war with Germany.

~~~
Rjevski
Not sure if you analogy works.

There’s only a very few countries where German is the main language.

There are unfortunately many businesses where ads (aka cancer) are the main
business model.

~~~
ceejayoz
> There are unfortunately many businesses where ads (aka cancer) are the main
> business model.

Few of which really _matter_ at Apple's scale. A war with adtech is going to
_primarily_ be a war with Facebook and Google - the two companies look to have
somewhere between 60-80% of US digital ad spend captured.

Your local newspaper is a) probably using Google Adsense and Doubleclick
anyways and b) has no power to harm Apple.

------
lunchbreak
Original source is here (scroll all the way down) -
[https://www.apple.com/newsroom/2018/06/apple-previews-
ios-12...](https://www.apple.com/newsroom/2018/06/apple-previews-ios-12/)

------
CGamesPlay
Is this a standard / proposed as a standard? All of the links are on
webkit.org, but the properties it adds to the document don't bear any
reference to webkit.

~~~
JonathonW
The Storage Access API that they mention in the blog post is proposed to
WHATWG, but not accepted as a standard yet:
[https://github.com/whatwg/html/issues/3338](https://github.com/whatwg/html/issues/3338)

------
bjt2n3904
Or more simply, delete cookies on browser close.

------
lunchbreak
Edited the title from iOS 12 Safari -> Safari because this applies to the
desktop version as well[1]

[1] [https://www.apple.com/newsroom/2018/06/apple-introduces-
maco...](https://www.apple.com/newsroom/2018/06/apple-introduces-macos-
mojave/)

------
sctb
We've updated the link from
[https://twitter.com/BenedictEvans/status/1003701261064130560...](https://twitter.com/BenedictEvans/status/1003701261064130560?s=19)
now that there's an official source.

