
Ask HN: How do Google's iOS apps track your identity even after reinstalling? - krishanath
I uninstalled all Google&#x27;s apps from my iPhone and reinstalled them. Even after re-installation, Google Maps still knows the Google account you previously signed into. How do they persist identity on your device? Doesn&#x27;t iOS remove data when you delete the app?<p>How can you force-remove the sticky identity whether or not an app allows you to?
======
somedudetbh
There are basically two ways this can work: the old way, and the new way.

In the old way, an _implementation detail_ of the Keychain was that data saved
in the Keychain would not be purged on app uninstall. Basically, the Keychain
can be thought of as a fancy key-value store where your keyspace is further
scoped to your app's bundle ID. It's intended to provide a secure place to
generate and store keys, etc., but you can also just stick a bit of data in
there.

So, user logs in, save their username to keychain. User deletes app. User
reinstalls app. On app start, try to read the key you saved the username
under. Is it there? Ok, this is a reinstall. No? Ok, this is a new
installation or new phone.

There is no Apple documentation that says that this is the way it works, it's
merely a quirk of how it's implemented. Obviously, it's a privacy concern.
Apple closed this hole in one of the betas of iOS 10.3, but then restored the
old behavior. I don't know why, but it's possible that many user workflows
were relying on this behavior, or that it subtly broke something else (e.g.
app groups).

The second way is using App Groups:
[https://developer.apple.com/library/archive/documentation/Mi...](https://developer.apple.com/library/archive/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/EnablingAppSandbox.html#//apple_ref/doc/uid/TP40011195-CH4-SW19)

In more recent versions of iOS, Apple introduced support for "app groups",
which basically means a bunch of rights and privs that were scoped to the
bundle id in the past are now optionally scoped to the bundle prefix (team id)
or to a whitelisted set of apps that share a bundle prefix.

This allows for Facebook to share login session with Facebook Messenger, for
instance. If you're Google, and you have multiple Google-owned products on the
user's device, you can add them all to an app group. If up to all of the apps
but one are deleted, and the last maintains user login data in the keychain,
reinstallation of the other apps will allow them to recover data shared by
other apps in their app group.

I don't know if there's a way a user on a non-jailbroken device can wipe the
keychain without resetting the device. (You should also look into iCloud
Keychain.)

~~~
petilon
Any Apple engineers reading this, please give users control over this. This is
a privacy hole.

~~~
fhood
Don't think they can. Keychain is supposed to be a secure storage solution, so
I can't imagine they want users to be able to view that data, and it would be
hard to manage it without knowing what it was.

That said, I found a post from last year saying that they would like to phase
key-chain persistence out at some point, but it was fairly free of actual
commitments.

~~~
valleyer
> Keychain is supposed to be a secure storage solution, so I can't imagine
> they want users to be able to view that data

This seems at odds with the fact that macOS comes with a built-in app called
"Keychain Access" that allows you to view the contents of the keychain
(including iCloud keychain).

------
gnat
More importantly, how can gmail preserve your identity yet after every update
it asks again if you want to view links with Chrome (which, by the way will
have to be installed), no matter how many times you select "Do not ask again"?

~~~
asadlionpk
Probably intentional? If user had selected Safari. I would use this as an
excuse to ask again and upsell chrome.

------
keybuk
If I recall correctly, deleting an app on iOS only deletes its container, it
leaves any shared containers behind.

Your Google credentials are likely being stored in a shared container.

I'm not sure when or even whether shared containers are garbage collected at
all, it's not documented either way.

~~~
jjmanton
The files are deleted, but any keychain secrets are persisted across app
installs.

------
codesternews
One way is saving data in keychains. Data persist between installation in
keychain until you erase the iPhone.

You can easily track the device and user with keychain.

~~~
russh
I would also think keychain syncing could also play a part in this as well.

------
jiveturkey
doesn't it just use a webview and store cookies in an area shared with Safari
(and maybe globally)? The auth token isn't actually part of the app's data.

~~~
programmarchy
No, web views don’t share cookies with Safari. Apps have sandboxed cookie
storage.

[https://developer.apple.com/documentation/foundation/nshttpc...](https://developer.apple.com/documentation/foundation/nshttpcookiestorage)

------
brinsley91
i would know the same

------
coolspot
I believe if you go to General -> Storage -> App -> Delete application data ,
it would delete all authentication tokens it stores in cache.

~~~
John_KZ
Please come back with an update after trying this. There are also ways to
identify you without using local storage (ie browser/device/network
fingerprinting) but I doubt they use it officially.

