Frankly, what a load of horse shit.
The reason for the drop in spend isn't the lack of targeting potential. Ad companies talk about this, because it sounds less creepy than what's really going on. What marketing departments in companies want from location data, is the ability to attribute sales to campaigns. They carpet bomb everyone they can with ads, and then if someone coincidentally even brushes past a store on their commute, they claim that the customer visited a store.
It's absolute arcane crap. They have no incentive to make targeting better if tracking is pervasive, because they can wildly gesticulate at one datapoint that slimily suggests the customer was effected by the ad. Losing location tracking data reduces the effectiveness of attribution, for huge enterprises, who target everyone.
ed: I wrote a little blog about this in June - https://lockwood.dev/advertising/2019/06/07/adtech-sucks.htm...
I have noticed that after I buy something I start seeing ads for the exact item, which I have never seen before. These aren’t things you buy more than once.
I always thought it was pretty dumb if you are serving ads for something someone just bought... but maybe they do it because some small % of people will click on it and they can claim the ad was associated with the sale in some hand-wavy way. Or maybe people are just more likely to click on these post-sale ads, and that’s all that matters.
This is a function of Marketing departments wanting to create large audiences. Large audiences mean more chance to attribute a sale, and also more impressive sounding campaigns.
The technical and time cost of implementing something that removes people who have made purchases from the audience (probably 0.001% of an audience) is much higher than simply adding someone who visited your website (lets say 5% of the audience) to the audience. If your product is reasonably ok, your largest group of customers is often your previous customers, so attributing the ads those previous customers see to their next purchase is logical for marketers.
PS I hope you’ve found or are finding a new and rewarding area to work in.
I shifted my career into web dev, and got a bit more picky with the companies I applied to work for. I feel much better about my work now. You'll find something!!!
If ad tech company X is more effective than Y at generating sales, eventually the money will shift away from Y.
Yeah, I have a number of apps I installed for one-time operations (a number of obscure dev apps come to mind), and I find out that they are still hanging around, like my drunken Uncle Bob, hovering around the keg.
I regularly go through and turn off location tracking on almost all of my apps (or at least turn them to 'while using'). But sometimes I'll have to turn them back to permanent for a specific reason (e.g. sharing my location with someone while I'm coordinating with them). This feature reminds me to turn it back off.
But I also potentially see the need for a feature which allows always-on access for a limited period of time.
It's a new feature due to the more fine-grained permissions that are allowed now on iOS. It prevents apps that you may have previously allowed location access to (when it was just binary) from adding all these new "features" to use your location in ways that weren't disclosed that way initially.
I have some apps, i.e. Unifi Protect, that requires access to background location to send activity alerts when nobody is home, and i frequently get alerts that this app has used my location in the background, and despite selecting "allow always" it will pop up again in a couple of weeks.
To further add insult to injury, i appear to have "trained" my wife so well that she defaults to selecting "deny" for apps she doesn't use, and "only when in use" to everything else, which then results in a flurry of motion alerts :)
This might hurt for example Tile. I think their “network effect” is somewhat depending on this kind of background location tracking.
As for the advertisers, boo-hoo. You raised a finger (or two, depending on locale) to “do not track”, you think there wasn’t a hammer that was going to fall after you were asked politely?
People don't just write apps anymore. They write CocoaPods frameworks.
I was just looking at something that someone wrote that does basically the same thing as one of my open-source utilities.
The one I wrote is a 300-line file. It's so small that it isn't even worth writing a pod for it.
The more popular one has over a dozen source files, and also brings in two dependencies.
One of the reasons, I'm sure, is that they are an "all things to all men" approach. They do a lot.
Welcome to the Roaring Twenties...
I'm told that Bluetooth is used for location tracking. I suspect that advertisers also like to use it.
I write Bluetooth software. You need to jump through a couple of hoops to make it work. Not a big deal.
I wish it was that easy, but the current changes will generate a push towards non-deterministic, data driven ways of targeting, i.e. replacing the "precise" inputs such as GPS, trackingID, etc... with a set of more fuzzy parameters: geo IP, UA, fingerprinting.
Some good things are happening, but there's so much more to do. I like the WebKit approach the most:
we don't care how you target users cross-site, what tech is involved, if you track cross-site, we will treat it as exposing a security vulnerability—we'll escalate the issue and potentially include measures to prevent your domain accessing the browser.
The approach above sounds more future-proof, imo
I wouldn't put it below Apple to profit from advertising control if Google didn't have an iron grip on it.
This frog probably did though, saw bit on tv last week, and thanks to the old data miner (google searched it).
I prematurely agree, it's not real wings, but bumps its ass a lot less compared to other frogs.
I don’t want to give Termius my location. I don’t want them tracking me everywhere I go. But apparently that’s the only way they can keep my SSH session alive when I need to switch to Safari for a few minutes?
The correct solution here is for the app to request background processing and to schedule a local notification in 9 minutes saying that the app is about to run out of background time and pause (and then clean up the notification if the user returns to the app before it fires). This means you're not abusing anything, and it lets the user return before the connection is killed in order to keep it alive.
This also means if the user never returns, the app will naturally shut down the connection after 10 minutes instead of keeping it open indefinitely.
iPadOS was such a major leap forward for the iPad and there's not many features left I need to use it as a laptop replacement... but the aggressive app and tab killing ruins everything. I've never said this about iOS devices before, but it's time to start putting more RAM in these machines.
In any case, there's a property `UIApplication.backgroundTimeRemaining` that tells you how long you have, so you can use that to calculate the appropriate notification time.
And yes, the app in question of course does exactly that notification dance (I've used it since long before it got its current name).
GP is talking about a new feature to keep sessions open in bg for a loong time.
I've disabled it, not for fear of tracking but because it seems like a silly way to forget connections open and drain the battery for no reason.
App has indeed also always supported mosh... me I just attach to tmux.
But I agree with whoever wrote it's better to have such a bg hack feature than not, for those who find it useful.
Termius works perfectly on Android without requesting my location.
This is why I'm an Apple user. Hate regarding Apple's policies like "use a platform that lets the app function correctly" (ie. drain battery running in background just to do more tracking, or because every developer assumes THEIR app is so special that it must never be unloaded from memory, in order to open instantly when being swapped back to... weeks after user's last interaction). With hilarious frequency, the complaints people have about Apple are precisely the reasons I prefer their products.
This doesn't happen on Android. The reason it doesn't is that the app has to display a persistent notification if it wants to run with high priority in the background. This is why I'm an Android user. It lets the user do what they need to do and prevents apps from being abusive.
Every excuse for Apple's platforms failings that I have seen so far has a better solution on Android that the Apple apologist has not heard of.
So I deny most apps use of this, as it's clearly just a ploy to keep their app running when it shouldn't be. Something like the Termius app you cite has a legitimate reason to run in the background though and has to ask for one of those permissions.
It's a weird grey area IMO. I'm sure if you asked the Termius developers they may tell you that they don't even use the location data and that it's just a mechanism to keep the app running. However, the fact that we as users don't know this for sure is a problem that Apple could fix by adding a specific background permission alert.
Very sad, because the idea behind Mosh is great.
1. seems a egde case, never hit me while beeing a customer there. (funny way telefonica does throttling)
2. seems a edge case caused by the users vpn.
mosh solves this use-case because there is no need for the client to remain connected to persist. It's like a tmux/screen terminal running in detached mode. When the app loads back up, it picks up the mosh session again.
> Mosh maintains the terminal session (not "connection" in the TCP-sense because Mosh uses UDP) even when a user loses their Internet connection or puts their client to "sleep." In comparison, SSH can lose its connection in such cases because TCP times out.
I definitely prefer the iOS model.
99.9999% of the time the most that is necessary is an occasional scheduled task. No, your picture of cats app doesn't need to run a busy loop pinging a server. Learn how to use the core messaging infrastructure of the platforms you target.
No, Chrome doesn't need to run a perpetual service just to check for updates.
These are not controversial claims.
Android very recently -- at API level 26 -- added restrictions on background tasks for that platform (and it's much more involved than if you display a notification or not). Before that every app developer just spun up a background service for everything, and anyone who has done an iota of development on Android devices saw the tragedy of the commons that the platform became. So kudos to Google for cleaning it up a bit. Of course Samsung, Google and others just declare themselves immune from those restrictions and it's just a smaller problem, not a solved problem.
I was not aware of Mosh.
Apple is good at taking use-cases and creating cohesive stories around the right way to serve them; this one has been long-coming.
Even with opt-In messaging how many people just click “ok” thinking the app needs it.
Meanwhile Matrix gets by because they have a company with actual money subsidising the client app (Riot) and providing notifications for every user, no matter which homeserver they happen to be using. Without that benevolence provided for iOS, Matrix could well be another non-starter outside FOSS circles.
So, I'm reading this that regardless of using a separate 'homeserver', Matrix receives all traffic/notifications?
I loved Termius but didnt realize that keys were uploaded to their servers until I opened it on my laptop and saw it download all my keys.
Spent the day rotating all my keys.
Just stop paying...
I just hope the app review team doesn't throw us out again.
Apple needs to fix this.
On one hand I agree with you, that's crazy that your SSH program put that limit on there for clearly tracking purposes. But I guess I sort of disagree this is Apple's problem to solve. It's yours.
Apple made the changes to inform and educate you the customer that an app that is abusing your trust.
The solution is not to force Apple to police developers but for you to stop using Terminus. Call it a free market solution if you like.
The difference with real and ideal is that Terminus could absolutely find a "legitimate" use for location and it would scoot right by Apple review anyhow. So let them be upfront they're bad people being bad.
(Before it comes... I KNOW... Apple walled garden and how they do this a lot anyhow! But, as someone who has walled garden issues with Apple, we should encourage information and education over big brother protecting us. It might not be consistent for them, but I think it's the right move here)
If Apple is playing hands on, they deserve just as much blame.
So, report to Apple, file a review, stop using it.
If Apple comes to the rescue and characteristically fixes it, great, if they don't - they've already made great steps in allowing you to make informed decisions.
And I think the app is covered since it's saying "enabling location data means you can plot on a map where you've connected to a host" or something like that in settings - good enough a bs feature for Apple to let it slide, evidently.
Because they have clearly demonstrated they do not deserve your trust or support.
As someone presumably technically capable wouldn't the first step be ensuring sync is off, routing through a pi or whatever and firing up Wireshark to check whether it's even possible that something malicious is going on? I'm not saying it's not - I have no idea. But I'd certainly have a look before making any claims.
The actual scalable solution is for Congress or states to pass GDPR-style privacy legislation (or CCPA if your politicians are captured by tech industry interests).
It's always laws.
It's like OS doesn't want to accept there are apps you want always on location tracking on and for it to stop annoying you about it.
Unlike Windows 10 updates not giving people a choice in the matter, this only helps you, so I really don't see the problem here.
This can be a big deal if your city has a large altitude range, such that going a few miles east means the difference between clouds vs. fog, or rain vs. snow; or if your city is coastal, such that going a few miles inland can mean rain vs. sun, and can make a dozen degrees' difference in temperature. (And, in some cities, you have both problems. Yay Vancouver!)
In the case where you do go places, the difference is that you get a weather report for where you are, rather than where you live. When I'm at my girlfriend's house, and I check the weather report, I want to know what the weather's going to be like tomorrow at my girlfriend's house, not at my house. And when I'm at the office and considering where to go for lunch, I want to know whether it's going to be raining at noon in the area of town around my office.
Are a weather app’s ads more valuable now because it gets more users to track location
It's started to frustrate me when I've just unlocked my phone to call or reply to someone and I get hit with a forced notification I must respond to about location tracking for an application that I absolutely do want location tracking set for.
Even if you don't plan on using it, make yourself aware of the sheer number of requests being sent _constantly_ from not only your applications, but by Android system services themselves.
I'm not saying these requests are always related to ad tracking, but you can't argue there's a lot of information constantly being sent back an forth.
Pro-tip: Your battery life will possibly double running a software firewall on Android...
Not sure this moves the needle with consumers but it does for me.
None of my Android phones, going back a great many years, had Facebook. So sure, I couldn't delete it - because it wasn't there.
Actually the expansive ones like Samsung are the really bloated ones.
It really shouldn't. Plenty of Apple engineers leave the company to work on shady things.
Any app can easily circumvent this "firewall" by simply falling back to hard coded public ips of their servers if the domain lookup doesn't work.
I'm not saying it's a bad app, but it's misleading to call their app a "firewall".
What this is doing is redirecting known domain names to a sink hole. Much like Pihole does.
“ Everything Lockdown Firewall does stays on your phone, so no data is transmitted to any of our servers. This can be confirmed by checking the source code, which is 100% open and public for anyone to examine. Lockdown Firewall doesn't use any type of third party analytics, trackers, or APIs, so there's no risk of your data leaking to third parties. This means there's no Google Analytics, no Facebook Pixel, no Mixpanel, Fabric, Mailchimp, etc — nada.
Information We Collect
Lockdown Firewall collects nothing. It all stays on your device.”
Using the web control panel, pick from high level categories to block, or drill down and select from among the most common of dozens and dozens of block lists. Make one or more configs, so different family members or devices can be blocked differently.
With Lightweight apps for Android, iOS, Windows, macOS and Chrome OS offering privacy and security benefits of DNS-over-HTTPS. Always-on on all networks automatically to automatically bypass network filtering and government censorship.
Their DNS hosts leverage latency-based routing to automatically use the DNS server with the lowest latency, or use a subset outside "Five eyes" locations.
> VPN with an in-app purchase
Lets pay for a product, and they have the ability to sell that data.
I get, acting like a pi-hole and what-not but, a VPN for that task seems overkill.
This does not mean that your data goes through a VPN server.
If you can figure out another way to pull it off, I’d wager you could make a fair bit of cash. Or at least get a job offer at a lot of places you might like to work.
Disclaimer: never used lockdown, not endorsing the product.
I think that’s the only way to perform certain tasks on iOS.
They should have said, "to pinpoint users against their will". If the user wanted to be pinpointed, they would allow location tracking in that app.
By the time we actually have privacy again, there will be enough information out there to mine about how people reacted five, ten years ago for the old data to continue to retain value. It'll just be repackaged and re-interpreted over and over again.
The coffee shop may no longer know that you also like kayaks, or bulldogs, but they might not need information like that to peg your preferences based on what stereotypes you fit with the information they do have.
The Wireguard iOS app allows you to automatically connect to your configured interfaces based on whether you're using cellular data, connected to specific SSIDs, or disconnected from specific SSIDs.
The only downside I have found to this approach so far is that it can break captive portals on public WiFi networks, which I will just disconnect from if I have a reasonable 4G signal.
What's great it shows list of apps that use location in background so that you can disable all permissions in go.
The likes of Google have rough waters ahead. Advertising on the internet is obviously here to say but the future of targeted ads based on all this tracking data is clearly looking very shaky.
Google and other companies have likely not done enough to diversify their business models to weather the coming storm without a lot of hurt.
- 80% of iOS 13 users disabled background location tracking
- vendors still report having collected more location-based data than a year before, but
- the quality of data has decreased (vendors are ofsetting GPS data with geo ip lookups)
I didn't find the UX and the initial permission/notification spam that annoying, as I've learned more about what's happening on my phone. Wondering if this is a shared sentiment or just my bias.
Not a problem at all.
> Despite the reduced amount of cocain available, the amount that is still available to use is more valuable, while the market for cocain continues to thrive.
I mean it’s disturbing.
> Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of cocaine, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.
Good god. This is immeasurably disturbing. Forsooth, we must ban the freedom of speech!
I was simply trying to convey how addicted they are to that data.
The number of gullible people aka Apple fanboys is staggering here who actually think Apple is trying to _save_ their privacy from advertisers after reading this highly biased article. Hah.
The Atlantic article seems to say that Apple can do more, because: Safari defaults to Google (Tim Cook claims because it's the best search engine), plus they allow Google and Facebook apps, especially Google Maps. You'd rather they didn't?
The second article, from Krebs on Security, says that the location is collected by Apple for "a new short-range technology that lets iPhone 11 users share files locally with other nearby phones that support this feature, and that a future version of its mobile operating system will allow users to disable it".
I think it's far more nuanced than you state. However, I do agree with you that Safari should not default to Google.
Hell, one can disable most of google stuff and install f-droid, or even go lineageOS route. that's much, much more private than buying an overpriced, locked-in phone.
If Google is evil because it tracks some (easily hide-able) data that only few zealots care, then apple is much more evil, because they patent trivial things (such as optional chaining in swift, or rounded corners of phones) and do misleading marketing.
Google uses your location information to track your locations in order to provide better (more relevant) advertisements through their own ad platform.
Apple does exactly the same but because it doesn't have it's own ad platform this gets sent to their "Approved Partners" who do it on their behalf.
Stopping 3rd parties from being able to use this data simply tightens the circle, the data is anonymous (for the most part) and while there are companies that exist out there to tie this data to an actual person most companies like ours have no need to do so.
Likewise what you will start seeing off the back of this is a decrease in advert quality.
Like anyone - I despise adverts, but if I HAVE to see them I at least want them to be relevant products that I am interested in. Soon the only people who will be able to provide those insights will be Apple Partners or Google.
Apple sends my location information to third parties? Citation needed.
To provide location-based services on Apple products, Apple and our partners and licensees, such as maps data providers, may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. Where available, location-based services may use GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, and other technologies to determine your devices’ approximate location. Unless you provide consent, this location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, your device may share its geographic location with application providers when you opt in to their location services.
Some location-based services offered by Apple, such as the “Find My” feature, require your personal information for the feature to work.
 is basically discussing how Apple and its partners (advertising partners, business alignment partners etc) and importantly licensees (e.g. people they licence this data to for things like advertising) can use your data
 Collect, Use and Share - basically carte blanche
 Location based products and services - advertising is included in this - again via licensees!
See "Location-Based Services" near the bottom.
I don't think it's fair to say all people despise ads. I've seen oddballs in the industry critique ads in the same way an arts major might critique contemporary art.
If you despise ads in general what motivates you to work in the industry?