Hacker News new | past | comments | ask | show | jobs | submit login
New iOS privacy feature may end an era of personalized ads (medium.com)
353 points by remotists 21 days ago | hide | past | favorite | 378 comments

Maybe the open source promise of Android was indeed a lie. To me this industry has no value to society at all.

Not a fan of Apple, but they seem to be serious about privacy showing other companies how it is done.

Microsoft could have really established itself as an alternative to Google on the same front, but they utterly failed by mirroring the worst aspects of the disastrous landscape we see on mobile devices. I hope their telemetry generates billions too, since that is probably in the range of their missed opportunities for both desktop and mobile devices.

Some still pretend that users want personalized ads and want to be tracked. Yes, there are some that really do. Glad we get options for the other ones.

To be fair, Apple is an advocate of privacy because it fits their business model very well.

You have to remember most of their money comes from selling devices and subscriptions, meaning they had a chance to take a stance against Android’s largest problem with no impact on their home turf, so they’ve wisely picked an achievable narrative.

Needless to say I’m grateful for it, but it’s by no means out of benevolence...

You're making it sound like there is no business opportunity on Apple's side to mine and sell customer data the way Google does. Why can't we assume they are doing it with the best of intentions?

Watch this 10 year old clip of Steve Jobs: https://www.youtube.com/watch?v=39iKLwlUqBo The position is genuine.

Android is literally a spyware operating system. It fits every definition of spyware. The same is true of most Google apps and services.

In what way is open source Android a lie? I never used any other version, I do not have a Google account, nor do I have any Google-proprietary software on my devices yet they still run all software - including the Swedish "BankID" electronic ID app which is needed for just about any interaction with anything official nowadays. That "BankID" is, together with Firefox Preview, the only software which I got from the play store repository (using "Aurora Store", an alternative play store front end hosted on FDroid), the rest is all free software.

Of course that means I do not use things like Facebook, Twitter, TikTok, Whatsapp, Snapchat, Instagram, Skype, Zoom, Google Maps etc. I have replacements for the useful ones (Zoom->Jitsi Meet, Whatsapp->XMPP + Telegram, Skype->Nextcloud Talk, Instagram->Pixelfed (experimental for now), GMaps->~OsmAnd + Nextcloud Maps etc) and don't need the rest.

I never see advertising on any of my devices.

True, Android itself doesn't have to be horrible, but most distributions are full of adware.

Wouldn't want to minimize the work going into the core of the OS, I meant the critique to be directed against Android + gapps. I love Lineage, but you are dependent on other maintainers for your device or you have serious work ahead of you. It is quite simple to install for experienced users, but way too complicated for most people. Kudos to those that actually do maintain images for numerous devices. Granted, the problem are the hardware manufacturers here and lacking openness of viable drivers, also not the fault of Android developers.

Smartphone could have been really awesome tools. Instead we have toys that spy on you by default. I get that techies tend to make it hard for casual users to use modern devices, but I feel like I am scamming people when fixing their devices and not waste countless hours by making sure at least some privacy is protected.

I don't like closed ecosystems like Apple, but functions such as these actually do offer more worth. While I wouldn't buy Apple for myself, I started to recommend it to others for this reason.

How about the elephant in the room?

Radio firmwares.

It is meaningless if you install firewalls, if you compile android on your own, only to have to turn around and use proprietary, closed source libs to access proprotary, closed source radio firmwares.

Radio firmwares which often have full RAM access, parallel CPU control, GPS and full hardware access, and make intel's management engine, and closed source bioses look sane in comparison.

On my samsung phone, I often wonder what the radio firmware might be phoning home about.

And how that may be exploited down the road...

Radio firmwares having full RAM access is an urban legend, at least on phones from the last 10 years. The baseband interface is actually done through a USB like protocol. The legend ticks all the boxes of privacy minded/distrusting people and so remains popular, but it's not substantiated by any facts, at least not facts that pertain to modern smartphones from the past 10 years.

This isn't the elephant in the room. This is a fringe problem of dedicated attackers. This is the fox hiding behind the elephant. The elephant in the room is that nobody needs to hack your phone to spy on you because all of that data is already being exfiltrated through the front door.

When I last deep dived to the cellular hardware, Radio always had its sealed off processor with a postbox firmware upload port. After initializing it, you left it alone and just used the comm-ports to talk with it.

As far as I understand, in the name of efficiency and compactness, they are on the same silicon now.

Are they still a different CPU core or just run on the main processor block?

The baseband is essentially ring -1, it has its own processor but it has access to the main memory, and often also the cache lines.

Wether or not all of the main memory is and even can be mapped I don’t know, I have no idea what CPU each baseband is running however in some designs it has direct access to the SoC MMU which means it could dump the entire memory over the wire to anyone.

The interfaces with the BB are also “virtual” this is done for various reasons including ease of integration with various operating systems so even if you on the OS level talk to it via the legacy serial COM interface using AT commands the hardware itself doesn’t actually have an isolated COM interface (that could be turned off) the SoC just emulates it.

Of SoC basebands have USB/Serial interfaces directly which could potentially be isolated and turned off when the BB isn’t in use, however the cost of that is usually very poor performance and limited capabilities at which point you might as well carry a portable cellular hotspot which you can physically turn off when you don’t need data or voice.

Also keep in mind that taking out the SIM card doesn’t prevent the baseband from talking to towers, it can still technically make calls the towers just usually don’t allow anyone to register without a subscriber ID which is stored on the SIM, and with eSIM you basically even lose the ability to control that.

Get a device with a separate baseband processor which connects to the main SoC through a serial connection. Both the PinePhone [1] and the Librem 5 [2] come so equipped, both also feature hardware kill switches with which the baseband can be disabled.

Both devices are aimed at the hacker and enthusiast markets but once you're at the level of 'paranoia' which makes you suspect the radio baseband processor is being (ab)used in nefarious ways to track you this should not dissuade you from taking the leap. The more esoteric the hard- and software, the less chance there is for some cookie-cutter exploit to catch you.

[1] https://en.wikipedia.org/wiki/PinePhone

[2] https://en.wikipedia.org/wiki/Librem_5

If I was paranoid, I'd say those devices are developed just to get the most paranoid to use them. :P

But in truth, I'm not paranoid.. merely a realist. Regardless, I was thinking of buying a Librem, but can you even get one yet? It always says "6 months to delivery".

The design seems to work in favour of the paranoid, it takes an extra-double-ultra-plus paranoid who takes the board through an X-ray machine to find those hidden traces or sandwiched secret baseband processors to uncover this nefarious plot.

Alternatively these devices deliver on this front, i.e. the user gets to control whether the baseband is active or not. I'm not paranoid enough for the former scenario so I'll keep it at the latter and am considering to get a Pinephone for fun and, well, fun I guess - I already have plenty of devices running different iterations of AOSP, some of them running headless Linux without zygote (i.e. without the Android user space). A truly modular multi-vendor architecture with pluggable SoC, baseband, storage, audio, camera, sensor package, power supply and display would be the preferred solution - something like the original PC clone market with vendors competing on price and features - but I'm not going to hold my breath waiting for it. Not that long, anyway.

Do you really think the adtech industry is using radio firmware backdoors to track users? It's theoretically possible I suppose, but several steps too far into conspiracy theory territory for me to worry about. Governments spying on dissidents is another story.

I know Samsung snarfs everything it can from my phone. I know it wants more. I know money is key, and even pulling some info... GPS, sensors, etc is helpful.

And with full control of the OS, of where kernel modules memory space is assigned, you'd only have to scan certain buffer regions of memory, to snarf contents of buffers, etc.

The problem is, I don't know, and can't. It's not open source. It is not under my control. I personally don't care about paying, but I do about seeing.

For most people, aosp without gapps is useless. Given an option, they will choose android over aosp every time. You don't use your phone for any popular apps so of course it's fine for you. I'd like to actually use my $1000 phone instead.

This has nothing to do with your point about Android OSS -

It's really a statement on our industry that avoiding spyware at this point basically means not using anything with a recognizable brand name. Apple's in a position to do this because they actually sell services to consumers; I'm curious if the rest of the industry will ever try anything that radical.

Remember when "doing well by doing good" was a phrase?

It’s important to consider not your specific implementation, but the common implementation that is Android. And that implementation is chock full of spyware/adware/malware.

Android is open, and therefore exhibits the classic tension of liberty: free to do what you want, including harm yourself.

I think you could be interested in ~~riot~~ element.

https://element.io/ Specifically works well as a discord replacement IMO. (Also has integration for stuff like jitsi)

I looked at Matrix (which is what riot.im/element is based on) but have thus far not seen its advantage over XMPP+OMEMO. When you install Jitsi Meet you already have an XMPP server (Prosody, used for signalling and interprocess communication) so it is trivial to add a configuration for 'regular' use. XMPP is more open than Matrix and there are far more clients (albeit not all of them useable with OMEMO, alas). On an earlier installation I used eJabberd since Prosody had some problems with OMEMO back then but this is no longer the case.

I wanted to refute your points, but actually looking into it, it seems that xmpp is actually superior in many ways.

Microsoft already tried, very hard even. https://en.wikipedia.org/wiki/Scroogled Problem is nobody likes Microsoft, its not sexy. Just look at all the dislikes under those videos.

https://www.youtube.com/watch?v=iI1ominSL_c https://www.youtube.com/watch?v=63u-RG-31B0

Microsoft didn't try "Very Hard". They made some easy sacrifices on their ad-starved, money-losing search platform, then piled some money into advertising it, ran with it for a year or two, then gave up. This is historically one of Microsoft's biggest[1] weaknesses, they have no conviction. Their effort didn't touch anything outside Bing (or was it Live then?) and it certainly didn't extend to their APIs or anything challenging like this.

Apple's been pushing this for more than 5 years now, slowly working it pushing it through their stack and quietly[2] messaging about it for that entire time. They made it a company-wide priority, to the point where advertising companies and developers on their platform are complaining about it. They've been updating their APIs to block out this kind of crap for more than 5 years while gaining only small amounts of good-will around this.

So yeah... people take Apple's efforts here more seriously than Microsoft's half-effort.

[1] Pre-Satya Nadella. Seems like Nadella is quite a bit more focused than Ballmer, but still a bit hard to tell.

[2] Ok, maybe not too quietly, but they didn't make a big embarrassing advertising campaign either.

Hardly anybody outside of the tech bubble saw those videos. What happened there is a brigade of haters came along and down voted them. Probably a lot of Mozilla/Google supporters.

There are plenty of Microsoft videos with mostly upvotes. Try a video about the Xbox.

This was a TV/print ad campaign with >$10mil budget, not some random YT videos.

They bought Nokia, and had a presence in every Att/Verizon/Sprint/T-Mobile store.

Microsoft tried hard, and kept trying long after it was clear to most of the market that they didn’t have traction. The owners of Windows phones were some of the most vocal champions at the time too. They legitimately made good but unpopular products at the time.

It's ironic, but Google's monopoly was already well in abuse when Windows Phone was around, and being used to block Google's competitors. Gmail required you enable "less secure apps" to let a Windows Phone connect to it and they continually blocked Windows Phone from having any access to YouTube as well. Even when Microsoft invested their own development resources in building support for Google's already monopoly-scale platforms, Google would just find excuses to block them.

> Gmail required you enable "less secure apps" to let a Windows Phone connect to it

Wait, what was that about? Microsoft was incapable of building a Windows Phone email client that used OAUTH?

I believe Gmail switched at that time to pushing you to use effectively a Gmail-proprietary method to authorize access to a Gmail account. Nobody else was doing it at the time, I think official OAuth scopes actually came later.

And bear in mind, OAuth to authorize mail access is weird. Generally speaking, mail clients use IMAP or POP3 and SMTP. One of the more popular open source Android mail clients, K-9 mail, still doesn't support it: https://github.com/k9mail/k-9/issues/655

But the biggest issue is that, like the "unknown sources" checkbox in Android, Google uses scare tactics to discourage non-Google-proprietary apps and protocols. Use Google apps on Google devices only, otherwise you'll have to authorize "less secure" things.

Hmm I’ve been using gmail via IMAP almost exclusively for about 10 years

I think people who talk up Microsoft's phone efforts must have been wearing blinders. I won't argue that Microsoft's phone was decent at one point, maybe even "Great" for a short while. But by the time they had a decent phone, they'd already burned out all the good will people had towards them on Mobile. Microsoft had... 4? Different mobile operating systems over the 15 years or so they were selling mobile OSs. I honestly lost count.

Microsoft had WinCE then Windows Mobile for quite a few years before the iPhone, then Apple released the iPhone, Windows Mobile started hemorrhaging market share... so Microsoft dropped WinMo like a bad habit, leaving developers and users out in the cold. STRIKE 1

Windows Phone 7 came out with piles of great press and hoopla, but notably, it didn't support older hardware so existing owners were left in the lurch. Developers were also screwed because WinPho7 wasn't compatible with older apps. It was a pretty interface with no software, no users, and no developers. It also had some serious shortcomings, ironically iPhone enterprise support was much better. WinPho didn't work well with Exchange server or Office. But that's OK because you didn't have long to be frustrated with WinPho 7 because 2 years later, they released Windows Phone 8 which dropped support for all old hardware. That's right, if you bought a brand new Windows Phone 1 year after launch, you couldn't run the next major release of the OS.

But the few people who managed to stick around after getting screwed over twice... boy did they love their Windows Phones.

After a certain point, there were just no developers, OEMs, or end users left around willing to be Charlie Brown to Microsoft's Lucy.

They fucked people over further than that. A whole bunch of Win8 devices were promised an upgrade to Win10, and then weeks before release, Microsoft were like "nevermind LOL" and people were furious.

Also, for quite some time before they officially pulled the plug on mobile, core MS apps would come out for Android first.

Microsoft really despised their customers.

The iPhone Outlook app had more functionality and was more stable than WinPho 7 Outlook, I just couldn’t believe it.

... don't they put ads in their operating system? But Google are the bad guys, ok

At the end of the day,

1. Apple users are the ones that cannot browse without adblocker. Safari is not as good as ublock-origin

2. Most Apple users use google maps.

> Not a fan of Apple, but they seem to be serious about privacy

If they are honest then they can remove the default search engine from Google to DDG or whatever. They get billions from Google for default search engine.


BTW, Apple need to release a good search/maps product before complaining.

3. Even the cheapest iPhone cannot be afforded by > 80 % world.

They do not care about >80 % world popln? They too need smartphones.

1. Huh? I use ad-blockers on iOS.

2. I don't use Google Maps. People can choose to use Google Maps, sure. So?

2b. I use DDG as my search engine. A default is just a default. Are you suggesting people use Google's Android, where the default is... somehow... not Google?

3. The cheapest brand-new iPhone is $399 from Apple in the US. That's full-price directly from the manufacturer. It is super-easy to pick up second-hand phones for much less than that. I see them for $100 very frequently. People use iPhones in nearly every country of the world, so it seems at least some people can afford them.

Note that your complaints include both that people ignore the default mapping application to use Google's, and that the default search engine is Google's. Seems silly to argue both for and against defaults.

> 2. Most Apple users use google maps.

The stats I've seen don't back this up. Maybe in some countries? Certainly not "Most" overall, and Google doesn't even have a third of iOS users in the US.

> Apple need to release a good search/maps product before complaining.

Duck Duck Go does just fine 99% of the time. Apple Maps likewise in most regions at this point. Google Search has gotten worse over the years as they've chased revenue while its competitors (DDG primarily) have gotten better. Likewise, Apple Maps have improved at a much faster pace over the past few years and closed the gap. Where Apple Maps used to lag quite a bit, they are now extremely close in functionality. A lot of people prefer the Apple Maps interface.

> If they are honest then they can remove the default search engine from Google to DDG or whatever.

While this is a ding against Apple's privacy policy, it isn't a great argument when you consider the worst "Privacy issue" Apple has is the fact that in one place they touch Google by default. If Google is bad for privacy as you suggest here, then by default, having a platform which only touches Google in one easily swappable place is vastly better than a platform that is neck deep in Google's anti-privacy Shit. You can't have it both ways here.

I'm far from representative of all users, but I can't be bothered to use Google Maps anymore. The various integrations that Apple Maps has with Apple Watch and all the improvements it has received over the years makes it just as good if not better than Google Maps for a vast majority of my usage.

You've likely given this far more thought than most people. The majority of people just use what's installed by default and don't ever even look at Google. Defaults are powerful. This is doubly true now that Apple Maps is as good as it's gotten.

Won't use it after it sent my friend to a wrong location and won't use it after it gave me bad coordinates. New iOS will let you change defaults don't remember if it has maps to swap.

I have been using adblockers[1,2] on mobile as well as desktop safari for quite some time now.

1. https://apps.apple.com/us/app/wipr/id1030595027 2. https://apps.apple.com/us/app/quiet-content-blocker/id144152...

He's sort of right about the adblocker situation. The content blocker framework is definitely weaker than what ublock has access to on chrome/firefox. It's much closer to the much derided chrome manifest v3.

Do any of these content blockers work outside of Safari? (I use Firefox on iOS)

WKWebView cannot use any of Safari extensions, unfortunately. I just use DNSCloak connecting to my private VPS instance to do adblocking over DNS which kinda works fine, but leaves out a lot of blank canvas in the page.

Biggest drawback is that DNS based content blocking has no way to apply cosmetic filters.

Ads on platforms that deliver their ads embedded and from their first party domains (think google, facebook, reddit, youtube, instagram, linkedin, amazon, etc.) can not be blocked this way.

The only two places I see ads on my phone (currently using NextDNS, earlier DNSCloak) are Amazon sponsored listings inside the Amazon app, and Twitter sponsored content in Firefox.

SafariViewController can though and that’s what my RSS reader uses.

iPhones have longevity.

The iPhone 5s from September 2013 has been receiving regular security updates, the latest being iOS 12.4.8 on Wednesday.

It was the first 64-bit phone, and first iPhone (first phone?) with a Secure Enclave.

They can be had for <$100 in good condition.

The iPhone 4s from 2011 received an update around than a year ago.

BTW, every one says this - but nobody uses it like a daily driver. Yes, it will work as a spare - with just one app - like whatsapp - but for many poor - they need 1. Uber or Ola 2. Facebook or WhatsApp 3. linkedin to whatever local app 4. youtube

Why dont you try to use it for a week with all your existing apps?

If it works as good - why would anyone buy newer?

I'm still using a 6s Plus 128GB. I keep thinking about getting a new one, but this one still works great. Haven't found a slow app yet. Everything is still responsive. Screen is still scratch free. And it's going to get iOS 14 this year. Even though it was relatively expensive when new, it's probably been one of the best values in tech I've ever seen. And yeah, it's a daily driver. Use it for everything.

My iPhone 6 is my daily driver.

You should try using it before telling people it doesn’t work.

None of these apps are essential even in the developed world where anyone who uses Uber regularly can probably afford a newer iPhone, these apps also run just fine on a 5s/6 which can be found for under $150 without much issues.

My partner used a freshly cleaned 6 for a month due to a cracked screen on their usual phone, and it was perfectly fine.

Literally millions of people use these phones as their "daily driver." They work perfectly well. Maybe people are still using them from when they were new, other people buy them used, or buy the iPhone SE, for exactly the reason you suggest: they don't need the latest and greatest.

Most people don't need the latest and greatest.

I exclusively used a 1st gen SE until a few months ago. All of my dozens of installed apps worked great - and still do in fact.

iPhones very strictly limit background processing. This isn't a problem whatsoever, Uber doesn't take up 16GB of storage.

So do Android devices, I'm using a Samsung SIII from 2012 as 'work phone' when doing rough work on the farm etc. The device runs Android 9 (LineageOS 16), I have not felt the need to update it to 10 yet. It has a user-replaceable battery but since it still lasts for about 2 days of normal use (playing around 8 hours of audio per day) I have not yet replaced it. I did put in a larger microSD card to support a larger off-line audio library. Neither would be possible with the iPhone, no matter which version.

Upgrading your OS is only part of your software security footprint. The unlocked bootloaders/firmware running on many old devices are full of unpatched security holes and are often susceptible to attacks where physical access is available. These security holes are a common method to install third-party ROMs on some devices.

Yes, that is after all what makes it possible to jailbreak nearly all iPhone models using something like Checkra1n.

The vast majority of vulnerabilities used for jailbreaks and for Android unlocks are not attacks on code running in ROM and can be fixed OTA.

Yes, although some can not, the vulnerability which Checkra1n [1] exploits being an example of such. In this case I consider this to be a good thing since it makes it possible to circumvent vendor-imposed restrictions. I like to be the one who gets to decide what runs on my hardware, I see no need to hand off this responsibility to any vendor no matter how virtuous they portray themselves (or are portrayed as such by others).

I really don't understand the fawning over Apple Inc. when it comes to their claims of supporting privacy, I trust them no more nor less than I trust other similar companies. I know I can keep my devices ad-free because I am the one who decides what gets to run and what does not, which software gets network access and which does not, what goes through the firewall and what not. I also know what software gets access to which OS features and what does not. Can this veil of security be circumvented by a serious opponent? Sure, there are likely to be bugs in the software and holes in the veil, no more or less than there are such bugs and holes in other systems. I deem the chance of a serious opponent singling out me and my devices as slim so for now I assume I can use my devices without being mined by the ad-tech industry.

I don't get ads on any of them.

[1] https://cydia-app.com/checkrain/

It doesn’t really need to be a serious opponent. If you randomly drop a phone in a cab, chances are, it will end up in the hands of someone running one of these exploits on it.

Doing network security on-device is antipattern. Doing it at the network layer is easier and more portable. Not only do I block ads on my iPhone, I even run an IDS/IPS on all of the traffic, no exploits or jailbreak required.

Although, if you still prefer to block-ads on device, those solutions also exist for iOS.

> Although, if you still prefer to block-ads on device, those solutions also exist for iOS.

Of course I run content blockers on my devices, this is not 'antipattern' at all. I also run them on the local network into which I, when needed (e.g. when using public wifi) connect through a VPN (used to be OpenVPN, now using Wireguard).

While Apple is slowly opening up the content blocking possibilities I have been doing this for about 9 years now, including egress blocking (using a whitelist, only those programs explicitly allowed are able to transmit data). Android being built on top of the Linux kernel made it possible to use most of the existing tools (iptables etc) more or less right from the start - which for me was with Android "Donut" (1.6) on an HTC Prophet (which was sold with Windows Mobile).

That's cool, but I doubt the people in need of a cheap phone have the wherewithal to install and maintain Lineage.

It more or less maintains itself with OTA updates, just like a stock distribution. The initial (slight) hurdle is installing the thing but once that is done these devices can be maintained by anyone who can maintain a stock Android or iOS distribution.

Eh really? I'm pleased to hear that, I'll try to pick up a used phone for Lineage soon.

Even the cheapest Mercedes Benz car cannot be afforded by > 80% of the world. The cheapest Rolex cannot be afforded by > 99% of the world. They do care about the world population, but they don't have to serve them, even if they have needs. Having needs satisfied is not someone else's obligation.

Smartphone is a necessity. For example, without covid app you cannot go out in many countries. Yes, most people do not need Mercedes- agree.

You can live without mercedes but not without smartphone. Paying for services; employer; calling people; if you swap 3 jobs then you are informed by your boss through WhatsApp or fb (at least in parts of 3rd world - I went through that in the last years).

Of course, there is no obligation for anyone to care about others - let alone mega corporation. Agree to your point.

What about removing Google search from iPhone to demonstrate honesty about privacy?

You are making 3 arguments, all not proven:

1. People cannot live without smartphones. I wonder how the past 10,000 were: how people made phone calls 100 years without smartphones, how they paid with card or cash, how to live without Facebook or WhatsApp. It must be terrible to be so entitled.

2. When people need smartphones, they should afford iPhones. Why a $100 Huawei is not enough?

3. When people have needs, someone is obligated to satisfy it. Oh, that sex maniac across the street ...

1. You could make the same argument about fridges, electricity, light bulbs, vehicles (yours or by proxy), houses, chairs, agriculture. The point is that not having a smartphone available to you puts you on the margins since at this point it's assumed that everyone has one. Every restaurant in our area is now doing virtual no-touch menus that require scanning a QR code and requiring online ordering for take-out. Like you can live without a smartphone but at this point you're only making life more difficult and annoying for yourself.

2. It's plenty enough. Phones have been plenty fast for years. The issue is finding a vendor that will support your software for long stretches of time which right now that is community Android distributions and Apple.

3. This is a bad-faith argument and you know it.

I don't think he's wrong. Society has expectations and throwing money to buy things works. I don't have Uber and Lyft and that puts me at margins with society. Does that mean they're essential apps? Making life difficult and annoying is just how many people without money live.

Being snarky doesn't help to the discussion and it actually goes against the guidelines of this site:

> Be kind. Don't be snarky.

Bullet point one: in the past 10 000 years no one had so such info and requirements to be online.

Calling someone is not even on the priority list of a smartphone. But I can't access easily half of services (including banks) without an internet-connected device. Which is almost invariably a smartphone.

Bullet point 2: older versions of iPhones can be had for that money

In regards to maps...

I would like to actually see number on that. I personally use Apple Maps almost exclusively and don't look back. It does everything I need.

Apple Maps had a very shaky start, but its just fine compared to google maps (with the added benefit of not being a privacy nightmare)

The only complaint I have about Apple Maps so far is that it uses Yelp for review information and photos. I wouldn't mind Yelp, except they try to force you to install their app so they can spy on you instead of just letting you view a mobile site. I'm sure their crappy app is just a wrapper around a mobile site anyway, so it's doubly frustrating

Sent my friend to a wrong location as recently as a year ago. Won't chance that again. This is in Chicago not corn field in middle of nowhere.

> They do not care about >80 % world popln? They too need smartphones.

nobody needs a smartphone. It's a gadget.

You seem to be implying it's a frivolous luxury that delivers little real value. That's not the case.

Much has been written on telephony in the developing world.

Telephony can be handled by dumb phones

Telephony is dead. These days in many places cannot get a job or function without access to email or chat. In a lot of non-rich markets the smartphone is the cheapest option to gain access to these communication systems.

We're not in 1998 anymore where people phone you.

> In a lot of non-rich markets the smartphone is the cheapest option to gain access to these communication systems.

I'd say that's nowadays true for richer parts of the world as well.

Yeah - although at least according to analytics a lot of western world people also own a computer. In many asian/african areas most of the population only has a smartphone to access the internet.

A smartphone is far more capable than a 'dumb' mobile phone, especially to someone who doesn't own any other computer.

It is a lifeline for many - especially in poor world. Work, school and everything is arranged in WhatsApp or FB

WhatsApp just this year cut off access for iPhone 4 users, but iPhone 4S users can still use it, as well as anything newer.

The iPhone 4S, which still works with WhatsApp, debuted in 2011. They're cheap and reliable.

It hasn't been a gadget for close to ten years now.

This is a big reason why I continue to use apple devices.

They seem to be one of the few large tech companies that aligns themselves with users rights to privacy.

Apple isn’t perfect. But they build very good privacy and security into their products. And they structure their UI and defaults in such a way that the average user benefits with no effort or specialized knowledge.

I definitely see some questionable privacy practices by Apple...

- While "10x less", iPhone still sends your private information (such as location) to Apple on a regular basis[1].

- Apple encrypts iCloud backups with a key they control, not end-to-end[2]. This means that Apple can decrypt and inspect your phone and computer backups.

- According to the article, iOS developers can use their "new privacy-focused ad framework" to "allow anonymously retrieving data without getting a hold of the user or specific information". I don't fully understand that sentence but it sounds a lot like Apple trying to compete directly with Goog + FB in the advertising industry.

- Hardware made in China[3].

1. https://digitalcontentnext.org/wp-content/uploads/2018/08/DC...

2. https://support.apple.com/en-us/HT202303

3. https://www.bloomberg.com/news/features/2018-10-04/the-big-h...

In case you weren't aware, the accuracy of "The Big Hack" (3rd citation) has been widely called into question. There has been no corroboration of their claims, despite a lot of interest in locating one of these compromised servers. While it raises an important point about the plausibility of supply chain compromises (see NSA and Cisco), the case in the article has not been shown to be a matter of fact.

The story earned two sarcastic Pwnie Awards from the security industry last year, "Most Epic Fail" and "Most Overhyped Bug".



> - While "10x less", iPhone still sends your private information (such as location) to Apple on a regular basis[1].

Apple documents cases where private information is used, even if it is never sent off device. macOS and iOS users would be familiar with the interstitial privacy screens that show up the first time you use a feature.

iOS has always shown an icon in the status bar when the location information is accessed and provides a log of recent accesses. Recent versions have been more aggressive of reminding you when location data is being shared.

The most common reason location data is sent to Apple is for navigation purposes; if you opt into Location Services, Apple uses your device location for traffic aggregation. You can turn this off at any time.

> new privacy-focused ad framework

App developers incorporate ad frameworks to monetize their apps. An advertiser pays for an ad, and the ad framework displays it in the app. If the user taps on an ad, the framework communicates this back to its servers to make sure the app developer gets credit.

Most ad frameworks try to slurp up as much information as possible about the user in order to tailor more ads to them. Apple's new SKAdNetwork API does not send user information back to the network, only the app identifier that is needed for paying the app developer.

> ...the accuracy of "The Big Hack" (3rd citation) has been widely called into question.

Certainly, but we don't need that one story, as we have plenty others...



actually you could go further and say:

- Apple doesn't let you secure your OWN device. Apple does not give you permission to run a firewall or any other app to do your own security.

- Apple doesn't allow you to see what your phone is doing. You cannot see what apps are running, when they are running or what data is being sent where.

- Apple encumbers your data. It doesn't provide an alternative to icloud. Why not a personal icloud, self-hosted on macos. Why not even a time-machine backup of your phone? Apple could make it easy, but instead they try to upsell you on more icloud storage.

> Apple does not give you permission to run a firewall or any other app to do your own security.

Apple does allow security products on the Mac, and I have analyzed popular ones such as SecureMac's MacScan 2, and others that were on the Mac App Store's bestseller list, and there are tons of scams.

Users hear that it's good advice to install antivirus but don't know how to evaluate them. It is to Apple's discredit (and publishers like MacWorld that gave glowing reviews to MacScan) that these flourish on the Mac, but thankfully iOS users have not been duped to the same extent.

I don't know if it's really true that you're not allowed to run firewalls and such on iOS. They provide content blocking and VPN APIs. See the ability for Wireguard to introduce a completely new VPN protocol simply by installing an app. There is a lot of engineering effort that goes into supporting that.

> You cannot see what apps are running.

The model for when apps are executing is more complicated on iOS. I don't think it's as useful to think about an app's lifecycle as you do on a traditional desktop OS. Security that relies on you "catching" an app executing (if such monitoring is not always-on) is not good security.

> Why not even a time-machine backup of your phone?

You can easily back up an iPhone (encrypted, even) to a Mac or PC. This has existed longer than iCloud Backup. Apple does not release tools for inspecting an opaque backup blob, though there are some reverse engineered ones.

> They provide content blocking

the flaw there is that it is opt-out not opt-in, and you can only block web activity, not apps.

> You cannot see what apps are running.

Yes, the model is more complicated, but it abstracts away important ways apps can run even if you don't realize it, such as notifcations, "voip".

> > Why not even a time-machine backup of your phone? > You can easily back up an iPhone (encrypted, even) to a Mac or PC.

Kind of. You don't back up apps or app private data. In other words, restoring your phone is at the mercy of apple and the app folks. Will you get the same app? Will you get your audiobooks? no, you will have to download them again.

1) The article never clarifies why Apple is sending location data. It could just be for the Find my Phone feature in which case users should just switch that off.

2) Apple doesn't have computer backups. But agreed that it isn't great that backups are not encrypted with my key.

3) It means Apple will provide information to advertisers about users but not in way that identifies them. Look into Differential Privacy. And I don't think you understand advertising if you think Apple can ever compete with the micro-targeting capabilities of Facebook/Google's advertising platforms.

> Apple doesn't have computer backups.

You've been able to back up iOS devices to a Mac or PC since the first iPhone came out, longer than iCloud has been around. Those backups are encrypted with your own key that Apple does not have access to.

Indeed. While we're at it, let's not forget the PRISM [1] program, or the fact that "privacy from advert companies" does not imply "privacy from all surveillance".

[1] https://www.theguardian.com/world/2013/jun/06/us-tech-giants...

Isn’t point 2 a consequence of the law that they have to follow? Don’t know about rest of the world but I think in EU they are forced to disclose your personal information to the government if asked to do so. This is also in their privacy policy.

I think this is definitely the case.

And as iCloud is a global service they really have to cater for the lowest common denominator.

Then they could offer that feature just in those jurisdictions.

Aren't there ways of verifying the integrity of the hardware via software on boot?

iCloud backups are end to end encrypted if 2 factor authentication is turned on according to your link.

100% true for me and my family too. The vertically integrated software where most things just work and work well together is nice too

But they build very good privacy and security into their products. And they structure their UI and defaults in such a way that the average user benefits with no effort or specialized knowledge.

Sometimes they do, and I agree that they're much better than a lot of big tech companies.

Still, their insistence on tying almost everything to iCloud and then not encrypting iCloud properly is a major black mark against them, which severely reduces the usefulness of their devices and associated services if you value privacy and security.

On the other hand, tying everything to iCloud and then losing all your data because you replaced your sole device and forgot your password would be disastrous. This is the scenario that requires Apple to retain the keys to your iCloud, and as long as they have those keys, they can be compelled to decrypt it under lawful government order.

The thing is, once data is in iCloud, there are other ways you can retrieve it and back it up yourself as long as you do have working authentication, and I can see no good argument for not offering E2E encryption across the board that is tied to such identification.

Worst case, you generate a suitably robust key that is used for authentication and encryption, and you provide a means to export it and back it up however you want without sending it to any third party. You can still use all the snazzy secure enclaves and facial recognition and so on to protect a copy of that key that is held on each of your personal devices to enable easy but reasonably secure access, but the underlying technology is tried and tested, it does not have the lock-in problem, and it does not require data in iCloud to be accessible to anyone but the keyholder.

Also note that this needn't necessarily be mandatory. If users are OK with trusting Apple, they could still use the current approach. But if you're going to claim to be a strong supporter of privacy and security, you should really have at least the option for proper encryption of everything for those people and businesses that want it.

These days I have enough other apple devices tied in (family settings etc) that i could lose one device and still be authenticated via another

I think the secure enclave is the winning technology - whilst not everyone has to have a smartphone in the brave new digital world,everyone will have to have at least one secure enclave (HSM probably tied to biometrics)

Yes, although this is hardly unique to Apple. Play mad-libs with this statement and it applies to the vast majority of cloud solutions.

___ have your ____, and as long as they have those ____, they can be compelled to ____ it under lawful government order.

That's true, and most cloud solutions also do the same thing as Apple and retain the keys necessary to regain access to the account.

How do you prove that it is your account then?

This is frustrating, but it doesn't bother me too much on the iPhone -- I can just not use iCloud and periodically back up my phone locally. I don't really need to sync anything but photos because I don't create or edit documents on my phone.

On the other hand, the iPad is a very capable device for content creation, but I couldn't find a reliable way to sync files that doesn't leave them readable to Apple or another party. That'd probably be OK if I could use an iPad as my only computer, but I can't (or won't) today.

I don't really need to sync anything but photos because I don't create or edit documents on my phone.

This is one of the key points. You can plug an iPhone into almost any modern PC, Apple or otherwise, and download the photos and videos. But you can't do the same for other types of data without using one or more of an Apple computer, specialist software or iCloud. The middle option, which is the only one not entirely controlled by Apple itself, has a long history of attempts that proved not to work entirely reliably or last for long. And as you say, for an iPad, where perhaps more users want to do substantial creative work, the same issues apply.

I understand that Apple's current business model is heavily tied to locking customers into its ecosystem, but that does become a significant problem for people who just want a nice phone but also respect for their privacy, and I do think Apple should be called out for this just as I think it's fair to praise them for being much better on broader privacy issues than most of their competitors.

What do you mean other types of data?

Almost anything else. iOS devices use the same protocols as things like DSLR cameras to allow plug-and-play access to download photos and videos (unless, ironically, you have iTunes software installed and it gets in the way). However, there is no equivalent to let you browse and locally download messages, notes, creative work, or any other type of data you might have on your phone with using one of the channels I mentioned before.

> I can just not use iCloud

Many third party apps that have a sync feature only work with iCloud, so a lot of people are forced to use it.

> a reliable way to sync files that doesn't leave them readable to Apple or another party

It's worth noting that nothing in iOS or iCloud prevents apps from encrypting data using a separate user key and then storing in iCloud. (Essentially, using iCloud only as a reliable substrate for syncing files it cannot read.)

That popular apps do not do this is likely due to lack of demand as much as anything. I am sure there are some content creation apps that do provide this functionality, if one is willing to search hard enough.

You can set your own password on documents created with the iWorks apps, on PDFs, etc., not perfect, but at least that is something.

Most app backups in icloud are end to end encrypted. If you choose to backup your entire device in icloud (rather than automatically on your local mac) that backup is not end to end encrypted.

I agree it should be but that doesn’t seem like a huge deal especially considering the alternative platform (android) doesn’t even have a comprehensive backup solution (only individual apps via gdrive etc).

I agree it should be but that doesn’t seem like a huge deal

I respectfully disagree. Encouraging people to upload data that will probably be very personal in some cases, such as photos, videos or messages they store on their phone, without proper safeguards is at best negligent and/or abusive depending on your point of view. The fact that the other major mobile platform is even worse doesn't make the former situation any better.

What I love about this move is that it's a double edged sword against google. ether google have to

1. cannibalize their main source of revenue and implement similar feature on Android and thus becoming a weaker competitor.

2. don't follow apple and let apple eat more of the smartphone market of people who worry about their privacy.

Apple doesn't make money from Ads, so it's strange that they waited this long to do this.

> The company had the potential to raise revenue by a third every year, from an estimated $2 billion currently to $11 billion in 2025.

Source: https://in.reuters.com/article/apple-advertising/apple-could...

Most importantly, their interests directly align with users actually buying their products, not viewing ads on their products. Thus, they have a sort of vested interest in ensuring privacy (which is a product feature). The same cannot be said of Google's Android.

“Apple isn’t perfect.“

That’s the understatement of the year! Today I just found out that iOS will not show you the size of the videos for example. And there is no easy way to get it.

I have a serious question. Obviously if one were to choose between an ad-free experience and an ad-full experience, one would choose ad-free. But, if ads were needed for monetization, wouldn't you choose personalized vs non-personalized? Personally, I would go with personalized because a non-personalized experienced usually has no relevancy and frankly it is inefficient use of money in this world. From there, it really comes down to companies invading your privacy, usually they make the wrong assumptions from it. Why can't there be a way for me to tell the ad-world what I'm in the market for and have them stop trying to snoop around and guess what I want? Most may say that making a Google search is enough to tell ads what I want but I think there are a ton of assumptions made there.

If personalized ads meant ads that were actually good recommendations for products I could be interested in and would be grateful to be informed about the existence of - maybe. The reality of it is that personalized ads are mostly just ads from those with the money and demographics info to stalk me around the internet - e.g. webshops running after me, believing that I abandoned my shopping cart simply because I got distracted, not because I was trying to figure out what the shipping cost would be and their site didn't leave me any other options. Or sites trying to sell me another vacuum cleaner weeks after I already bought one. The point I'm trying to make is that personalized ads are very poor at actually recommending me anything I care about. They're like semi-incompetent sales clerks in a physical store - I'd really prefer to do my shopping without them breathing down my neck. So long story short, personalized ads are just as useless to me as un-personalized ads, only creepier, and I'd prefer not to be stalked.

The products that I care about actually do offer personalized ads without tracking: think podcasts (not from major networks, but podcasts like ATP or Relay FM), blogs (like Daring fireball), and YouTubers in an area of interest I have (MKBHD, Linus Tech Tips). I don't even mind sponsored content from these people because more often than not, the products are sensible, tailored to my interests, and actually appealing. Yet zero optimization or learning went into it outside of understanding what the source material is and marketing against that.

Obviously you have a bigger problem when it comes to larger sites like NY Times, but why not just let me say "hey, show me tech products because I like tech" to personalize, rather than trying to infer what I want and get it wrong? I'd be more than happy to tell every ad network ever what I actually care about, but right now all of the optimization is focused on guessing what I care about instead.

Podcasts should be the gold standard for online advertising. They're perfect for everyone involved: there's no creepy tracking involved, and the ads are appealing because podcast producers tend to know and respect their audience. I never skip podcast ads because they're often entertaining in and of themselves (e.g., Reply All).

I like this sort of "personalization" podcasts do in their ads: with human judgment where the content creators exercise editorial control, not some black box chum box any rando can dump ads into.

They're not perfect for everyone. It's usually a huge blackbox for advertisers who don't know what they are getting until they've dipped 50-100k into it and tracked the resulting conversions later in the funnel.

You nailed it. I've had personalized ads disabled for years, and a few years back I switched it back on to see if it's any better.

At the time I was shopping for a Pebble smartwatch and kept checking the site if it's on sale, because Pebble had a tendency to do short-time discounts without actually announcing them. After a few times, almost every Google ad was for "Pebble Smartwatch". It not only wasn't useful, it was annoying.

I'm 100% with this thought. Most "targeted" ads are garbage. I think this is also a chicken and egg problem. I don't want to give up more personal information so the the data set is limited on what i "like".

Instagram has an interesting model. Maybe because of the visual medium that it works well for me. I'll purposely do searches for a thing I'm interested in and click on related posts. After a couple days I'll start getting ads for companies selling things I'm looking for. Recently, new bedding & sheets. I'd imagine it's the same model Facebook uses but i rarely login there.

So in a world where targeted ads are actually useful you would probably opt-in? Would you ever try something like this?

You'd take a survey about your interests and/or things you're in the market for then you would get a monthly email with a variety of targeted ads. Over a year ago I wrote down in my "ideas" notebook "privacy respecting opt-in email advertisements" but then when I looked at it again later on I thought "I don't think anyone would sign up for this" haha.

One of the problems with ads is that they try to jump in front of me while I'm going about my business trying to do something else - it's the wrong time for a product recommendation in any case. I'm happy to go on sites like thewirecutter or cleverhiker when I want specific product recommendations for something. But that only works for products and product types that I already know about. If I could have an inbox of products that were likely to interest me, which I could check or ignore at my leisure (sorta like Spotify's Discover Weekly) - yes, I might just check that out, and even keep coming back if it kept giving good recommendations.

. This idea goes in the right direction, in my views. I already sign ip to newsletters for things I want repeated reminders for, or updates about. If your service replaced newsletters, and could guarantee to work for things like ticket sales as well as commodity items, it might work.

Criticism like this essentially boil down to the adverts not being targeted enough. Lumping you in the wrong group, not knowing enough about your intentions, etc.

If targeted ads are no better, and maybe even worse, than untargeted ads, that doesn't imply you need more targeting. Maybe it implies targeting doesn't work (at least for the purpose of providing ads the user wants to see).

I prefer contextual ads, ie. related to what I'm currently looking at, not what my ad profile thinks my personality is based on something unrelated I did on another device last week.

> I prefer contextual ads, ie. related to what I'm currently looking at, not what my ad profile thinks my personality is based on something unrelated I did on another device last week.

That would be my preference for browsing the web, or looking at results of a search. But what about the ads that rely on doom-scrolling? The ones that are inserted every two posts on a Facebook feed would be hard to make contextual, for example.

I don't mind some Instagram ads which are directly related to accounts I follow. For example, follow some musicians on Instagram and get an advert for some other artist's new album. I don't use Facebook but I guess it could work similarly if you follow certain interest-related groups. However, I wouldn't like if it was using my interactions with friends to target me.

Both of these are better that tracking your activity all over the web and using that to target you.

Reading that, I’m SO glad I left facebook.

An alternative interpretation is that the level of stalking, intrusion, & privacy you would have to give up to be targeted enough to make it useful isn't an acceptable trade off (& isn't even technically possible in the near future).

No, I'd say it boils down to ads being a bad way to discover products you are interested in. I love sites like thewirecutter or similar for getting actual recommendations, when I want to seek something out. Randomly getting products recommended in a drive-by fashion as I surf around the internet doesn't work, but even if it did work, it's neither the format nor timing in which I'd ever want to receive these recommendations anyway.

It is a fair criticism, is it not? My go-to for this issue is my Kindle Paperwhite for which I did not spend the extra $20 to turn off the ads. Amazon has over ten years of my reading habits, which mainly consist of sci-fi, philosophical/religious non-fiction, and miscellaneous dregs. You know what I have never, ever read in my life? Some along the lines of the "Witches of Paragrene Point" series of books. Or the "Defending $POPULAR_90S_GIRL_NAME" series (which I take to be "manly hunk is bodyguard for a female has to rescue her at some point"). But those show up on my Kindle, at which point I assume Amazon just isn't even trying.

After about ten years or so of Kindle ownership, I recall clicking the ad and buying the book exactly once. Yup, a sci-fi book, and it was pretty damned good as I recall. The title, you ask? Hell if I know, Amazon never showed me another book from that author ever again. And I wish they would, because I can't remember which one in my "stacks" of sci-fi is the one I want.

Perhaps you didn't read the last part of that comment:

> So long story short, personalized ads are just as useless to me as un-personalized ads, only creepier, and I'd prefer not to be stalked.

The ad platforms have very clear incentives to deliver the ads that perform best for marketers so that the marketers spend more with the ad platform.

As much as you think the ads are doing a poor job, they're likely doing a better job in aggregate than alternatives.

Retargeting ads deliver higher value than prospecting ads so that's likely why you get so many more of those.

Honest question: Do retargeting ads just appear to perform better because I already had purchase intent and I was already going to go back there to buy it later anyway?

It's hard to tell, since that data isn't publicly available. But I read this article, which makes the case that this is often the case, and that marketing departments are willfully ignoring this, because it's in their interest to appear useful to the rest of their organization, and it's easy to hide using bad statistics: https://thecorrespondent.com/100/the-new-dot-com-bubble-is-h...

This is a completely fair question and is something anyone working in performance optimization (marketing, product, etc.) should be asking themselves all the time when looking at data and finding ways to suss it out.

In the case of retargeting ads, you can run tests to figure it out. When I was doing more on the marketing side, I used to find a non-profit and then show ads for the non-profit to my retargeting audiences. That way we could test to see what kind of value our retargeting ads had vs. a completely irrelevant retargeted ad.

For the most part, the relevant retargeted ad outperformed irrelevant by enough magnitude to make the retargeting campaign profitable.

I think the illusion of "cheap" confuses most marketers. Marketers are left with an unbalanced sense that they are getting higher bang for their buck, ignoring centuries of marketing best practices about expanding reach and exploring non-traditional targets for secondary/tertiary effects. But I think it works well for the ad platforms themselves in the way that it encourages whales just like microtransactions in games. A marketer has an easier time considering opportunity cost for one big ad spend, versus not even paying attention to opportunity cost as they buy a lot of individual micro-targets. (And relatedly not paying attention to how much they are over-spending on people that already have their message versus missing opportunities on greater reach.)

The other aspect of it is these ads are supposedly targeted yet they look like they were produced for a general audience like you'd get on TV. They target the lowest common denominator. They are so safe and inoffensive they end up being simply boring to watch.

I want content-linked advertising. If I’m reading a music blog I want to see ads for bands and synths, not razors and wrenches. If I’m reading stackoverflow I’d be content to gloss over ads for text editors and web hosting. Not the same f*ing razor ad.

Call me old school (I’m a 70s baby, 80s child). I enjoyed the content-linked advertising in magazines. I actually read them and used them to learn the market around my interest.

Robot selected ads which follow me around claiming to know what I like based on interactions I had do all the following:

- creep me out because I know I’m being followed

- annoy Me by removing any semblance of my own agency in the event: at least with content-linked ads I have chosen to consume that content and I feel like I want to in that zone

- annoy me by getting me wrong

- annoy me by assuming I’m just like everyone else that ticked the same boxes/set the same flags

- annoy me by presenting mostly mainstream stuff rather than small-scale/artisan/bespoke/local stuff that would be much more interesting. I appreciate that this one ought to work better if the advertising host/network knew where I was browsing from (which is a step towards tracking)

The tracking and bidding has completely destroyed what was actually good about advertising for the consumer.

> I have a serious question. Obviously if one were to choose between an ad-free experience and an ad-full experience, one would choose ad-free. But, if ads were needed for monetization, wouldn't you choose personalized vs non-personalized?

No. If I have to be surrounded by messages trying to manipulate me (which is what ads are, by the way), then I don't want them to be personalized for extra effectiveness (at manipulating me).

I don't really understand how some people seem to treat ads as some kind of neutral, helpful information source. It's almost like saying "I don't mind propaganda, since it's such an efficient way to find out what to think."

Exactly! I feel like most people already don't realize how much they are being manipulated. Each day is a struggle against malicous influences.

Even though I'm aware of it, I still fall for YouTube recommendations. My brain still lights up when I see an ad for a product I recognize. I'm still impressed by the sponsored Amazon search results.

Personalization only makes this worse. Now, that product that I made the difficult decision to pass on will taunt and distract me even in situations when I should be focusing on different things.

I think contextual targeting is more than sufficient, and in fact is the only kind of advertisement that I would gauge is effective for my personal use. If I'm searching for a waffle iron, a restaurant to visit or a new car I expect to see relevant ads because that's exactly what I'm searching for. There's no need to violate my privacy by extrapolating my interests based on my site history. In fact this is what leads me to see ads for something well after I've already made my purchase.

This is the key.

Major firms that switched from outsourced “personalized” ads (ad networks w/ retargeting) to selling ads against content, found their ad revenue go up, and their advertisers found conversions go up.

Turns out that 50 years of advertising industry had gotten pretty good at tailoring ad messaging and placement to content for moving product — much stronger than endlessly showing people ads for a product they just searched and already purchased.

If you are searching for a restaurant, what makes up the context? Is it just the query or are you okay with Google using what it knows about you to show you restaurants in your area?

I think the argument being made is that, even when they know everything about you, they still can't target you properly.

An example, I visit Amazon and my recommendations for the "buy it again" section are all very expensive networking equipment that I literally just ordered from Amazon to build out a new home network. There aren't any recommendations for consumables, like the box of exam gloves, hair gel, or the windshield wiper fluid tablets that I purchased in the last 6 months.

Personalized ads is a way to trick you into buying something which you had not necessarily planned to buy, i.e. psychological manipulation. The more they know about you, the better they can manipulate you into buying their product (whether you actually need it or not). I don't understand how anyone would agree on that.

I'm not fond of the current display of ads on websites and I block them mercilessly. If I'm looking for shoes, I'm shown more shoes in ads (this is my reality right now.) How is that trickery? Unless you're considering any advertisement manipulation. The part where the current model falls down is it doesn't stop (since there's no means to really show that one isn't interested) and a big ticket item like a toilet becomes your inaugural purchase in your new toilet buying hobby. The tech works by identifying users into audiences and marketers use this to allocate campaigns and budget to. Typically this doesn't include a lot of personal demographic information (FB & Google). Filling out a card with interests and opting in would be the best way to do this, something like rough location, age bracket (18-25, 26-34 etc.), income bracket, types of product interests maybe including a few categories of items (designer pants, tech backpack, industrial hardcore music, pizza delivery) recently purchased in a rotating queue.

> Unless you're considering any advertisement manipulation.

Any advertisement is manipulation. Think about it: the purpose of an ad is to influence your decisions primarily for the benefit the self-interest of the party that paid for the ad (otherwise they wouldn't have paid for it). Any benefit you derive from your decision is secondary, and doesn't typically factor into the decision to take out the ad. That's pretty clearly manipulation.

However, there are definitely differences in how manipulative an ad can be. An ad for a plumber in the yellow pages is not very manipulative, but a targeted political ad meant to make you angry that's been interjected into your Facebook feed is very manipulative.

I'm looking at this more from a product standpoint. When someone shows an ad for a vehicle that's priced lower than before and I'm in the market for a car, I'd like to know about it. What do you consider an advertisement? Is a business sign an advertisement? I consider a lunch special saving me the time of thumbing through a menu, I don't consider it manipulation which has negative connotations as well and seems pretty binary, any interaction you have with someone would seem to fall under manipulation. I appreciate the food for thought though.

> When someone shows an ad for a vehicle that's priced lower than before and I'm in the market for a car, I'd like to know about it.

But that's not what modern advertising is. Let's look at a real car ad. Here's the first ad for a discrete vehicle that wasn't a Lambo that I found on youtube searching for "car ad": https://www.youtube.com/watch?v=pk5QL_kKN_g.

It's message is roughly "if you drive a Land Rover you'll kinda be like this rugged, skillful, and cool adventurer guy who's driving a Land Rover." It doesn't mention price once and barely touches on any features. That's pretty par for the course for modern car ads: they aren't selling the product, but an emotional connection to a lifestyle.

Here's another one, it's the first one I found searching for "car ad" limited to this week: https://www.youtube.com/watch?v=IYkLjcQP26M. It doesn't mention price or and features. It's just pure association of positive emotions with the product.

The Land Rover looks rugged, but "a sleek fusion of zen...and spacecraft" is more my style. The Nissan Ariya is also a force, which is a big plus. Nissan it is, then!

> What do you consider an advertisement? Is a business sign an advertisement?

Product catalogs, menus, and business signs aren't advertisements (though sometimes they contain some marketing or are manipulative, but that's less common with them than with ads). They can be simple informational documents, and are cheap compared to an ad campaign. Ads are typically paid placements in some kind of media, meant to influence a consumer to benefit the advertiser (usually by making a purchase, eventually).

> I consider a lunch special saving me the time of thumbing through a menu...

It would also save time if they just ordered for you. You'd save the time, they'd get to sell you their item with the highest profit margin. Win-win?

> But that's not what modern advertising is. Let's look at a real car ad.

Here's an example of a current automotive special, these are what dominate Google and FB ads (at least with the 150 automotive clients we work with) and there's typically some copy with it soliciting the price and some incentives. If someone's seen an ad there's dynamic ads which can be tailored to that audience. https://pictures.dealer.com/h/huntingtonbeachchryslerjeepcll...

> It would also save time if they just ordered for you. You'd save the time, they'd get to sell you their item with the highest profit margin. Win-win?

For example, the local gourmet Taco shop (cafe to the restaurant) normally has tacos for about $3.99 and on Tuesday they're $1.99, advertised on special with a drink, I know the tacos are good and that's a great deal. Their highest margin item is the auga fresca (which they sweeten with agave), they charge about $4.50 for that. Thanks for taking the time to let me see things from another perspective.

To me, it feels like saying computers will never beat humans at _______ game to claim that computers will never be able to manipulate human decision making.

Marketers have already done this without targeted advertising for decades and gotten extremely good at it. Now they have the equivalent of nuclear weapons (individual profiles and data) and you still think it's going to turn out ok for the people?

non-personalized experienced usually has no relevancy

In my experience, it's the opposite. Non-personalized ads show me a broad range of items that I might possibly be interested in. The same way that newspaper, television, and magazine ads do. While personalized ads show me the same ads for the same products that I've either already purchased, or no am no longer interested in for weeks or months after I've moved on to other things.

frankly it is inefficient use of money in this world

I find this argument... odd. Why, as a consumer, which is how you've framed the overall argument, would I care even a little about the efficiency use of money in this world? I think to refine your point: Why would I give fark one about whether an advertiser's money is spent efficiently, and why is that even my concern at all?

Why can't there be a way for me to tell the ad-world what I'm in the market for

There is. For example, if you're into gardening, you read gardening magazines and garden-related advertisers advertise in those magazines. Easy peasy.

This is old tech that the dead tree folks figured out centuries ago. What's changed is that digital advertising isn't about actual advertising. It's about getting rich quick and easy without doing any heavy lifting that the legacy ad companies did.

Apart from the privacy aspect already mentioned, I'd choose non-personalized to minimize their effectiveness.

Inherently ads are made to manipulate your behavior. I'd choose being manipulated the least possible.

Non-personalized all the way, and for many, many reasons. Two off the top of my head: 1) You already bought the product, and now you see ads for it for the next x weeks; 2) You may not want other people (like maybe a spouse) to know you were browsing for something (like a gift, or perhaps even something untoward).

On the second point, my spouse and I, each of us on our own devices, one of us can search for something, browse a website, and then the other one will start to see the ads for such in their Instagram feed (and for the record, it is usually me seeing the things my spouse is looking for). It is completely insidious and it needs to stop!

Serious answer: non-personalized until they figure out a real, safe way of me to post my interests that doesn't involve tracking, and I think that's highly improbable to happen, so non-personalized. I don't see a way of me personalizing ads without sacrificing things I'd prefer to have - my privacy around the Internet.

> it is inefficient use of money in this world

That's the advertiser's problem, not mine, and their choice to spend money just as it's mine to buy what they're selling. Advertising is already largely a guessing game of how to appeal to people and where to do it, and the only way to make it easier /today/ is by violating our privacy. They could spend the money however they want and choose to advertise.

I would choose personalized ads if ad companies would personally allow me the choice to select some predetermined categories of ads.

Personalized ads created by siphoning data off everything I do not so much.

Put it this way, to use an example, what kind of relationship would you prefer, someone who knows all the things about you because they asked or someone that comes up to you and is like 'yeah, I know you like this that and the other because i've been following you everywhere you go, listening to your phone calls and installed a RAT on your computer?

This could be great to include on device, the ad profile that's editable there so you're in control and when an affiliated ad network is encountered on a site/platform and with user granted access. A manipulated/curated queue of interests may be shared so recent purchases can be listed to better show relevant ads. Like what if you shared you're looking for phones, or you just bought something so do or don't show more of that?

To me it's more about trust regarding the data being gathered and what it is being used for. I care a lot more about how a company can misuse that personalized data to say sway an election.

If the data being gathered is purely to give me better recommendations for better targeted products then sure. If that level of personalization is restricted to just me as a user where I and only I can select the ad selection and that personalization remains on my machine.

The Facebook CA scandal demonstrates to me how frankly these companies are straight untrustworthy. I do not want political/security/insurance/job agencies getting anywhere near any of this data.

" if ads were needed for monetization,"

It is a solution to monetization. It is not the only solution. Lack of economic development has been because of the addictive nature of fascist behavior.

Non-personalized vs personalized is not the question for me; companies might still collect the same data from my "experience" habits.

If they are going to do that I want more profit from it than a custom news page.

Like I want money from the company leveraging my identity for the company's bottom line. I want some of that money if you are going to get a simulacra of me in a fucking database.

And until we get there we are stuck with a few rich lawless men keeping me for themselves.

Why do I care about the advertisers efficiency?

If you were talking about some sort of imagined strong AI personalization I might prefer that assuming ad free wasn’t an option, but this absurd, deep from within the uncanny valley personalization is worse than generic advertising.

The only place I am exposed to generic ads are when watching sporting events at a bar or at someone’s house. Everywhere else I get ads blocked or get “targeted” ads that mildly (at best) offend me that that is what the algorithm thinks I’d be interested in buying. I prefer the generic ads.

The problem for me is that I honestly can't think of more than a half dozen instances in the last 20+ years where ads made me aware of something new that I actually wanted, and zero of those were web-based. I can't think of a single time ads swayed my opinion to purchase something I didn't want or caused me to buy something earlier than I would have otherwise. At BEST there have been a few ads that have led me explore options within that market, but the company posting the ad had zero impact on my decision (it almost deters me, since that ad money could have been spent making the product better or cheaper, so the competition is probably a better buy).

Why would I want even 1% of the content I'm consuming to be polluted with irrelevant garbage? That's a huge amount of time and mental effort filtering out stuff like toothpaste ads because I googled directions to my dentist's office.

Nope. Ad blockers on EVERYTHING and custom CSS for sites that whine about ad blockers or display a sea of whitespace to inflate page view times.

The answer for me is no. As I have become increasingly aggressive about blocking ads, trackers, social media, using web containers, and setting up pihole, the ads I do see are hilariously untargeted.

It's been fascinating to get a glimpse of the bigger universe of ad content for women, doctors, lawyers, the infirmed... instead of just the $150 hoodies and baldness pills I used to see constantly.

Most ads are related to previous searches or visits on the web. I once searched for a new car mirror - now I get car parts ads everywhere. Wouldn‘t it be smarter to have context-dependent ads? If I‘m reading a blog on hexagonal architecture, wouldn‘t I be interested in books on that and related topics? Those kinds of ads would not necessitate tracking.

I’d prefer ads that are not relevant to me because the chance of them manipulating me psychologically into doing something I wouldn’t rationally do is lower.

Advertising is the new smoking. We do not fully understand the damage it does to society and our planet, but it is huge.

Non-personalized -- I want to give up as little personal data as possible. Even if they claim that it's anonymous, with enough browsing data and other signals (IP, browser fingerprinting, etc), it eventually becomes possible to identify you.

As others have pointed out, if you're being subjected to consumeristic propaganda, might as well make it non-targeted so there's less chance of you buying in. It's like being dipped in a tub full of insects. You could choose your favorite type of insect to be crawling all over you... but would that really make the situation that much better?

Personally, the only time I had mildly relevant ads was back when I had an account on Instagram. It served ads for local businesses that actually kinda matched my interests. The rest is just "oh, you searched for info on a long-dead general? Must be interested in WW2 replica medals, buy fifty!"

I would vote for customized ads, but customized based on the content I'm viewing, not customized based on what they think I want or like.

If I'm reading an article about astronomy, give me a link to telescopes to buy. Don't show me the washer/dryer that I've been looking for in another context in my life.

I would even take content-customized ads with slight tweaks based on my personal profile, but still relevant to the content at hand. For example, if I'm in eastern Nebraska, give me the telescope ad from the example above. But if I'm in Philadelphia, maybe show me a link to the observatory at the Franklin Institute.

Wouldn't it make the least sense for advertisers to spend money showing ads to people who are already in the market for their product. Those people will probably be looking it up directly, which is what their website and SEO are there for. If anything contextual ads are probably better for people in the market, so when you search for their product they always appear in the first page of results.

I would think ads are meant to drive you into the market for a product and service, and other marketing tools are made to get you to pick a specific offering.

> Wouldn't it make the least sense for advertisers to spend money showing ads to people who are already in the market for their product

For manufacturers? Sure. But what about storefronts? Having the best price won't matter if no one knows about it.

I was forgetting storefronts, they might benefit from knowing a user is in the market for a good or service.

My thinking (probably wrong) is, if I am in the market for (to use the example someone else mentioned) a pebble smartwatch then I am probably going to look for the best price myself. No reason for storefronts to spend money putting their ads with their price up on unrelated sites and apps, if I'm going to search for a good price for free. It would probably be better just to buy and ad on the search term "pebble smartwatch" and advertise the price.

Given a choice and assuming that ads stick around, I'd prefer to pull relevant personalized advertising when I want to see it.

In other words, allow advertisers to put all their personalized / targeted ads into a common ecosystem, but allow me to dip into that when I'm looking for some specific purchase.

That would mean that advertisers wouldn't have tracking on almost every website and inside almost every smartphone app, gathering information, taking up screen real estate, and consuming valuable bandwidth and user attention.

I'd rather not have personalized ads because I'd rather there not be an incentive to harvest my data to leverage for personalization.

I may be an outlier since I generally try and turn this stuff off everywhere. I also pay for a lot of ad-free content that I like (Stratechery, Stay Tuned with Preet, Persuasion, etc.).

I think the incentives from ads are a corrupting influence in building stuff that users want. I think the 'personalization is good for users' argument is often just a rationalization.

> Why can't there be a way for me to tell the ad-world what I'm in the market for

Because there's no money in that. What's the value in selling you something that you've already decided you want to buy? Advertisers are trying to get into your head and manipulate your perception to make you open your wallet where you otherwise wouldn't have. And when you do decide to purchase a product, that it's the advertiser's brand which you think of first.

I think the OP meant general "market", not the "concrete product X". Hence the decision has not yet been made.

No take the Overcast podcast player for instance. Marco, the author, didn’t want any third party mystery meat SDK in his application and he wanted to control advertising. He created his own ad platform. Ads are based on the category of the podcast you are listening to. Nothing creepy about it and I’ve found quite a few relevant podcasts.

The entire podcast until recently has been supported by no more targeting than guessing about the demographics.

Why on Earth should the Pareto optimality of the advertising business matter to anyone not in the advertising business? That is an extremely alien concern to me.

> But, if ads were needed for monetization, wouldn't you choose personalized vs non-personalized?

No. I simply do not ever look at ads. I've never, in 30 years of browsing the web, intentionally clicked on an ad.

Furthermore, I don't want a company keeping a dossier on me. The exchange of seeing ads for something I might want isn't worth the assault on my privacy, if it worked. And it doesn't work, so no thank you.

I’ll take non-personalized, thanks. I don’t want advertisers sitting there making profiles about me that include everything they can guess.

Exactly. If I leave on personalization , I always fell like they will collect extra data, just for the sake of it.

Non-personalized, because it's less likely to work on me. I don't want to be manipulated.

If I decide on my own to buy something, it won't be hard to find. I don't need to tell advertisers what I'm in the market for. I can just tell Google or Amazon what I want and I'll find it immediately, even though I'm blocking the ads.

> But, if ads were needed for monetization, wouldn't you choose personalized vs non-personalized?

Ads aren't needed for monetization of anything I care about.

Ads are only needed for businesses to scale quickly without having to actually provide a service worth paying for, and that's something we would be better off without.

If I control the variables for personalization, yes. If I don't control them, then no.

For example websites could have variables like mental state (like knowing of you're depressed) and show you ads that could "work better" on you. I think this is unacceptable.

No. Ads should be related to the content, not personalized to the person viewing the content.

While I agree in principle, I don't think this is manageable given how diverse the content is on the Internet. What sort of thing are you going to sell me when I'm reading a news article about wars in the Middle East?

A subscription to Foreign Affairs Magazine

A device on which to read articles about wars in the middle east

An donation to Red Cross/Doctors without Borders/relevant charity

To continue adding:

Books on the history of the Middle East...

A Netflix documentary about the Middle East, offering a free Netflix trial if you want to watch it...

Personalized means I’m buying more relevant ads and paying with my integrity. It’s better to see relevant than irrelevant ads but the amount of personal information I’m willing to give up is tiny and includes zero of my history online.

Definitely personalized. I stopped using FB a couple of years ago, but when I did, its ads were amazingly good (I almost miss them sometimes).

FB would show me an ad for the perfect obscure Kickstarter project that I was happy to back. Win-win.

I would say non-personalized. Like many siblings say, I often see ads for products after I've already bought them (or something similar). That's just useless.

I also remember a funny experience with Google Maps 2 years ago. I had my home and work addresses on profile. They're both in the same city and close enough that it's possible to walk between the two. I was looking at the closest way to go from the office to another place not far away, on foot. The top suggestions google thought I would have a use for while looking around my destinations were hotels. When I live maybe an hour away.

So I figure if Google's recommendations are so useless even though I gave them precise information, how exactly is some random adtech company going to figure something useful for me when all they supposedly have is infered information?

I would probably always pick non-personalized, as my assumption is that the less relevant they are, the easiest it would become for me to ignore them (assuming they are not more intrusive than the personalized ones).

This isn't a scalable solution.

If the value per ad decreases, services will need to display more til the user generates enough value to support the costs they incur.

If TV was able to cater ads to individual viewers then ad breaks would be a lot shorter.

> If TV was able to cater ads to individual viewers then ad breaks would be a lot shorter.

Or they could sell the same amount of ads as they do now for higher prices. Which one do you think the company would pick?

The length of ad breaks is determined by what 'price' the customer is willing to pay in terms of their time.

> This isn't a scalable solution.

I am not sure what your point is.

> If the value per ad decreases, services will need to display more til the user generates enough value to support the costs they incur.

What they need to do is to find a way to pay their bills. If ads allow them to do that then it's great (maybe non-personalized work well enough? Or contextual targeting, as others have suggested in this thread). If users cannot stand the increasing amount of ads then they will stop using their service. Or maybe these companies can adopt a mixed model where people can pay to not see the super intrusive ads, and everyone else gets the ads?

> If TV was able to cater ads to individual viewers then ad breaks would be a lot shorter.

Personalized ads is one of the 'features' of ATSC 3.0 whenever that finally rolls out: https://www.techhive.com/article/3268635/next-gen-tv-to-ushe...

This was the bold new idea of Google, back in the day. At that time, the internet was plastered with banner ads for cars and shoes and other lowest common denominator crap. Personalized ads were a good thing!

oh gosh what was that article claiming that pre-internet, ads functioned as a monetary sacrifice that companies could make as a demonstration of their solvency. if you saw an ad frequently, that meant it was a big, stable company, that was preferable to have an ongoing relationship with. Personalized ads don't have that property. I think the author compared personalized ads to direct-mailers - those junk grocery store flyers that show up in your snailmail. They don't signal anything other than "this product exists"

Why would I prefer to buy from the salesperson who stalks me first?

I would prefer "non-personalised" - simply because "personalised" means that people and companies I know nothing about know lots about me.

You never felt creeped out by personalized ads? I.e. you search for X on website number 1, then visit totally unrelated website number 2 and get an ad for X?

In theory personalized would be better. In practice I have seen several ads targeted just based on "living in large geographical area" and is "any gender aged 15 to 50".

The ones that were personalized where insulting. Like Facebook showing me ads for healing stones when I have my religion marked as atheists.

Facebook needs a lot less data and to force their adbuyers to actually target their ads. Probably though they don't because then the ad buyers will find out how little they actually gain from the ads.

The general consensus within the AdTech industry is that everything is going to be going back to the basic 'context-level' targeting. This will be very akin to the web 1.0 based targeting philosophies.

Still will be relevant to what you're doing and where you're spending your digital time but will lack the cross-site personalization and hyper-detailed targeting layers currently available to advertisers.

If we had a truly diverse internet that wasn't driven by social media, non-personalized would work fine. Want to reach an audience interested in computers? Buy ads on sites that talk about computers. Instead, we have centralized distribution of content that requires personal knowledge to cater ads to individuals in order for them to be remotely effective.

How would you imagine "tell them what you're in the market for" would work? I don't think it would work at scale; almost no user would take time to make a manually personalized ad profile instead of ... not doing that.

If I'm in the market for something, I'm likely to indicate that by doing a search for relevant terms. So the search engine could sell associated ad space to appropriate categories of advertizers.

If I'm reading reviews about a certain product category, it's a fair bet I might be in the market for such a product. So the site could show me relevant ads.

If I'm reading a site devoted to a particular topic or activity, the publisher might reasonably guess that I could be in the market for related products, and offer relevant ads.

None of this requires any privacy-invasive tracking.

If I'm reading a general news site, the site shouldn't have any more idea what I'm "in the market for" than the publisher of a print newspaper I might buy.

If I'm browsing used-car listings, the site shouldn't have any idea what genre of novels I like to read, what my grocery cart usually contains, where I go to work out, or how many pets I have. Why does anyone think it's OK for a company to surreptitiously gather that sort of personal information about everyone?

Why would it be any different from the way advertising worked before Facebook and Google?

Vogue subscribers are probably in the market for new designer clothes. People who watch Cesar Milan are probably in the market for pet supplies. Someone driving down a highway is probably in the market for gas and a snack. Someone who searches for “affordable laptop” is probably in the market to buy a new computer.

You don’t need to track someone’s every move to serve them relevant ads.

I was calling out "user manually provide targeting information to ads companies" as unrealistic, the alternative of "don't have persistent user profiles for ads" is obviously possible.

> But, if ads were needed for monetization

That's a big if.

In a previous life I worked in ad-tech, and I don't think it's as black and white as the OP makes it out to be. I think that's actually a Bad Thing™️ as this industry needs to profoundly change or die.

This isn't a new, unexpected thing for sell or demand side ad-tech platforms, they've seen the death of IDFA coming for a few years. The reality is that this will likely stop more 'above board' players (a good thing) but the gray area and outright malicious, scummy ad and data companies will still attempt to generate unique identifiers through things like native fingerprinting. I think Apple will also stop them incerementally, but this sadly isn't an outright victory.

I don't understand it myself, but people DO opt-in to personalised ads in pretty decent numbers, it's anecdata, but I've seen data from very large control trials (testing for exactly this scenario) where ~50% of users opt-in. The devil is in the detail with these things: what will the copy be? will alternatives be presented? how will users be able to link 'value' to what they're being asked for?

Tracking based advertising hasn't delivered on its promises. As a user, we're seeing more advertising than ever, and it turns out that seeing advertising for a thing which you shopped for and bought last week just isn't any better than seeing advertising that relates to the article I'm reading at the time. I'm also very skeptical that tracking based advertising actually works better for publishes either. Since the number of companies with good tracking data is so limited, the tracking companies (primarily Facebook & Google) have a near monopoly on user data and use that to extract more money out of advertisers, but the publishers see a decreasing fraction of that amount.

>it turns out that seeing advertising for a thing which you shopped for and bought last week just isn't any better than seeing advertising that relates to the article I'm reading at the time.

This is due to (1) not having enough data to build good algorithms and (2) advertising campaigns being set up poorly (its not only technically challenging but also expensive). This issue can actually be fixed and likely will in the future.

>I'm also very skeptical that tracking based advertising actually works better for publishes either.

The majority of publishers make more money from personalized ads. NYT and premium publishers don't necessarily since ads on NYT are valuable by itself, but ads on my blog are worthless by themselves. Add some user data, and ads on my blog are worth much more.

> This is due to (1) not having enough data to build good algorithms

Fundamentally advertising serves the needs of advertisers and not the needs of the viewer. No amount of additional data will make advertising less frustrating because ultimately neither the publisher, nor the advertiser cares if my experience is more or less frustrating.

More data won't result in less frustrating advertising, it will result in more effective advertising for the advertiser and more revenue flowing to the big ad companies as a result.

> The majority of publishers make more money from personalized ads. NYT and premium publishers don't necessarily since ads on NYT are valuable by itself, but ads on my blog are worthless by themselves. Add some user data, and ads on my blog are worth much more.

This is neither proven, nor entirely true. Advertising existed and was profitable before targeted advertising was created. Publishers made more money before Google/ Facebook took over and dominated the industry.

I've seen very few blogs which are worth a damn which have big advertising from Google/ Facebook on them. Mostly because good bloggers don't want to debase their otherwise good content.

Promises to whom? Advertisers use it because it has shown improvements in results.

I also don’t believe in Ad-tech doom and gloom. Yes, ad companies won’t be hoarding as much data, but advertisement worked fine before it started to do it.

Back to basics it is, treat me well as a customer, deliver as promised and use ads responsibly (aka no more hyper targetting)

For me, the term ad-tech has become synonymous with the modern-day scummy data hoarders and surveillance corporations, maybe that's the same for others? It could make for a lot of misunderstandings.

I guess most people would agree that advertisement in general can fulfill an important function, if done responsibly – but not like that. These tracking excesses really must die.

Not only that, but we are (were?) in a race to the bottom, ever declining return on ads, so more ads must be delivered, more tracking must be done, creating more friction (ad-overload) I too believe ads can function responsibly, ads have run in newspapers for a century, so a equilibrium can exist.

This won't be the end of it. It's just one of the many battles.

And iOS isn't for everyone. Yes it's great for protecting privacy but it's also extremely restrictive for the users. The fact that they don't even allow real third-party browsers is baffling in this day and age. I also can't use my Yubikey in OpenPGP mode which I really need for my password manager and SSH access. I know it supports U2F now but that's not enough (and was way too late as well).

But I agree the advertising industry has to die. I don't believe in the 'working together' approach of the EFF with their plugins that stop blocking cookies when they see the privacy policy file. I mean, if you're not tracking me, then why need third party cookies in the first place?

It'll never happen though. They'll always find a way to track us.

The vast majority of users don't care about the issues you mention. They don't know what a browser engine is. They don't know what PGP is. They haven't heard of SSH and U2F. And the only opinion they have on cookies is that they want those "We use cookies, is that OK?" banners to go away forever.

These are issues that only developers and the superest of superusers care about. So it's not surprising that HN commenters think they are a big deal.

Yeah they're a big deal for me... I don't care about other users ;)

That's what I mean with "iOS is not for everyone". They try to cater only to the average user. Or at least the more affluent subset of those. I'm not everyone but I'm certainly part of 'everyone' :)

In fact this is really what's pushing me away from Mac too as they're heading in the same direction. When I moved to Mac in 2004 they were a great POSIX capable system with a great UI (unlike the mess Linux was at that time) and custom software. Now more and more power features are replaced by on/off sliders that don't do what I need.

Windows and Android are heading in the opposite direction, adding more power features. I really like the power that things like DeX and Termux provide (though the latter isn't necessarily a feature, it's definitely something that wouldn't work on iOS). I can work a whole day on my phone, multitasking and everything. You can't do that with an iPhone.

Still, both with Windows and Android you give up considerable privacy. And that's not necessarily needed. Things like scoped storage should have happened years ago.

Much like Flash, not allowing third-party browsers could be explained as a cynical control mechanism on Apple’s part... or as their not wanting to see tech support volume shoot up as Chrome and Firefox users complain their battery life is terrible. Or some combination of the two.

I understand their have their reasons.. But I don't like them taking that choice away from me.

The problem is, right now we have only 2 choices. Living in the open world but getting all our information sucked dry by advertisers. Or live in Apple's protected little garden but not be allowed to leave it. And pay much more for hardware specs.

Neither are very appealing.

A new iPhone SE has flagship specs for $400-500, and Androids cheaper than that (and even much costlier ones) struggle to last 2-3 years - an iPhone easily lasts 4+.

I don't want to turn this into an Android vs iOS debate, but want to highlight that one of the main complaints against getting an iPhone (cost) no longer really applies - it could even be considered a strongsuit. I agree that the walled garden can be annoying, but I've rarely found myself longing for Android customisation, and have very much noticed how some apps work much better on my iPhone. This is completely down to preference though.

I also care deeply about privacy, but even with 0 consideration for it, I think I still would've switched - I am super happy seeing Apple pushing it this hard.

(I recently went back to iOS after 2 phones and 5 years on Android)

Well, the iPhone SE has really poor specs compared to an Android of the same price IMO. The SoC is up to date, but the screen is only LCD, the bezels are huge (the screen to body ratio is very low) and the camera is only adequate.

Basically you're buying a 4-year-old phone with a modern SoC in it :) I don't think that is worth the price they are asking. I paid the same (440 euro) for my S8 3 years ago (it was out a bit over a year), and it already had a beautiful AMOLED screen, high screen to body ratio, and in particular DeX which I can't really do without anymore. And it's still fast enough now. I upgraded to that from my iPhone 6 which was becoming way too slow at that point (note: iOS 12 did fix this somewhat but by that time I had already had enough of it). Overall, the S8 aged better for me than the iPhone 6 did.

Compared to what you can get from Apple now vs the Android vendors, Apple is only ahead in terms of SoC when you're looking in the same price bracket. But that's not the only spec that matters.

I've said it before and I'll say it every time.

> But I don't like them taking that choice away from me. ... Or live in Apple's protected little garden but not be allowed to leave it. And pay much more for hardware specs.

I pay Apple a premium to make these decisions for me. They make my life easy to live.

In this particular case, I'm aligned with their simplification, until their browser is the majority player. That's when it would be worth my effort to make an educated choice.

In the open world, you have less information sucked from you because you can block ads across apps, and you don't have to tell big brother Apple which apps you've installed or where you've used GPS.

>or as their not wanting to see tech support volume shoot up as Chrome and Firefox users complain their battery life is terrible.

When/if Apple opens iOS up to third party browser engines, I fully expect them to also add highly visible warnings of which apps are guzzling power. It's unfortunate that it takes something like that to get Google/Mozilla to take power efficiency seriously, though.

In the case of Flash, there is no world where Adobe could get Flash working well on an iPhone in 2007 with 128MB RAM/400Mhz CPU when it could barely run on a 1GB RAM/1Ghz CPU Android in 2010.

This is the number one feature on iOS 14 that I cannot wait for. I am getting very tired of finding out that unrelated services know that I have used a specific app (like Facebook knows way too much).

Somewhat related (even though this is focused on Apps). I have noticed an uptick in websites that don't support safari, likely due to how they handle cookies. I hope this does not become super common (but I can't imagine many sites wanting to loose out on the iOS market)

You can already get some of these benefit by going to Settings -> Privacy -> Advertising and turn on "Limit Ad Tracking".

This sends an all-zeros IDFA to all APIs that request it^1.

iOS 14 begins the new prompts, lets you toggle this on a per-app basis, and, by being in front of users is just about guaranteed to dramatically increase the number of users who are opted-in.

[^1] https://support.appsflyer.com/hc/en-us/articles/115003734626...

I'm on the dev beta, and it's pretty stable. There's a public beta available now. If you're itching to try it out, I'd recommend it!

I have heard that, my biggest concern is if there was a nasty iCloud bug introduced.

I would run the risk of loosing a lot of important documents in my iCloud Drive.

Maybe I will install it on my work iPhone but that is barely used right now.

Beta 3 is less stable than beta 2 for some. I normally wait till beta 5 or 6 before installing on real device.

I've been using the full desktop version of the ublock origin plugin on firefox mobile for quite some time, and it's dramatically improved my mobile experience.

This plugin works only in android, right? Tried to install it on my iPhone but it said it’s not compatible with my browser although i have Firefox installed.

Yup, Firefox on iOS isn't the full Firefox, its just a Webview (fake Safari) due to Apple's restrictions.

So no addons anytime soon.

If you are interested in improve privacity on iPhone and user Firefox you can user Firefox focus but i will seed ads

Try BlockBear for Safari on iOS.

Same, I downloaded Firefox for mobile specifically to get the ublock origin plugin. Then I discovered that I like their tab display with the two columns of thumbnails a lot more than other mobile browsers as well.

Yes it's great... I also use other adblocking methods (DNS based) but uBlock Origin remains king.

Only thing I really really miss from FF Mobile is the pull to refresh. I so wish they'd add that, because every time I open a tab with a news site that was already opened it shows stale information, and I have to open the hamburger menu to do a refresh. 2 actions instead of one.

An option to have sites auto refresh when switching to the tab after xx minutes would be great too. Right now it's just too inconvenient.

I'm using AdGuard (free) on Safari mobile and it wokrs great so far.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact