Hacker News new | past | comments | ask | show | jobs | submit login
Oh, the Places Your Apple ID Will Go (pxlnv.com)
336 points by HelenePhisher on Nov 22, 2022 | hide | past | favorite | 152 comments



> I may be getting something wildly wrong here, but I am not sure I see the presence of this Apple ID proxy in Apple’s services logs to be a violation of either its own policies or users’ expectations for using internet services in general.

I strongly disagree that the iOS App Store should be treated as an "internet service" rather than a part of the device. The iOS App Store only comes on iOS devices, it comes on all iOS devices, and it is the only way to access a crucial feature of the device. It is, for all meaningful purposes, part of the iPhone in the same way iOS is.

It would be a bit like Microsoft saying "explorer.exe? Policy A only covers the OS, and that is clearly not part of Windows! - so therefore you are covered by Policy B". While Apple may be legally in the right, I strongly believe they are morally in the wrong and have betrayed the trust their users put in them to safeguard their privacy.

I believe that a casual user of the iPhone would take a look at Apple's iPhone privacy policy and expect that to apply to the iOS App Store as well, as for all intents and purposes that is a part of the iPhone.


"It would be like Microsoft saying "explorer.exe? Policy A only covers the OS, and that is clearly not part of Windows! - so therefore you are covered by Policy B."

This made me remember a long time ago when I ran Windows I used to disable explorer.exe by editing a certain registry key.

Not sure if this still works today, but it did back then. This reduced distraction as only one window could be maxmized at a time. Also made the OS feel more stable and snappier. In any event it was one less memory-consuming process running.


I remember that back in the windows 95 days i used the same trick to load progman.exe instead of explorer.exe during boot.

I was too used to the Windows 3.1 desktop environment...


IIRC, I think I used taskmgr.exe as a substitute program launcher instead of explorer.exe's "Start" button and menu. I, too, was originally a Windows 3.11 for Workgroups user.


I'm not sure what is being argued by the semantics here but the app store is an important aspect of the device but does that make it not an internet service? An app store by definition is almost a direct equivalent to a web browser. It's just a tool to allow you to move data/code onto your device to do more things. Without it, your device still has a functioning OS. Apple has coupled the functionality of app installation and a curated remote repository of apps on the internet and bundled it as "the app store." I'd say most people aren't referring to the app installation aspect when they refer to the app store.

If an app store is a glorified web browser and apple is maintaining content that is loaded into it, it's almost the definition of an internet service no?


Let me repost what I wrote elsewhere in this thread:

The point is not that the App Store isn't an online service (although I would argue that it more "relies on" an online service), but that its role as part of the OS supersedes that.

I can't go back and edit my comment now, but to make it more clear I probably should have written something like:

> I strongly disagree that the iOS App Store should be treated as ___only___ an "internet service" rather than...


Ok yea agreed. I think it’s more than one thing, including an internet service


It's certainly multiple things, but some things take precedent. If Apple allowed people to install third-party App Stores, then the freedom would take precedent and nobody would be throwing rocks at them.


You can use enterprise provisioning, which uses the same mechanics, to install apps on devices you manage.

There are lots of places that run iOS on private networks with no internet access or Apple ID.


It's not just a web browser, though. It's the sole method to install software, most similar to a package manager on a desktop operating system. On your point, many package managers do have the ability to browse the remote index of the software they can install (e.g. `brew search [X]`, dnf search [X]`). However, the primary purpose of a package manager, including the App Store, is to install and manage software. This is a critical operating system function, made more critical on iOS by the fact that the App Store is the only way to get software.


Devil's advocate:

Contrary to explorer.exe, App Store is an internet service in the sense that it requires sending requests to backend for pretty much any user action. There is zero functionality without a data connection.


How does that justify logging user actions? Just because you can log customer requests does not mean it is morally right to do so.


I am responding to a specific argument. That argument is that App Store is not an internet service. I say it is.


The point is not that the App Store isn't an online service (although I would argue that it more "relies on" an online service), but that its role as part of the OS supersedes that.

I can't go back and edit my comment now, but to make it more clear I probably should have written something like:

> I strongly disagree that the iOS App Store should be treated as ___only___ an "internet service" rather than...


Why can't we just say internet service or not, privacy applies. My banking is done through internet services and I still have privacy expectations there.


Uninstall requires a backend? If uninstall doesn't require a backend then it's not an internet service. It's manipulating things on-device.

It's a package manager and tracker designed in such a way that it only talks to Apple's backend.

It's still the system package manager though.


There is no functionality for uninstalling software in the App Store app.

Users uninstall apps directly from the homescreen (springboard), without going through the App Store app.


Every app can have iCloud associated data that would be deleted when you uninstall the app. Also push notifications go through Apple’s servers and then Apple bundles them for different apps. Apple would need to know not to send push notifications to an app that is no longer installed.

Also of course Apple keeps a record of installed apps. If you drop your phone in the ocean and go to the Apple Store to buy a new one, your installed apps are reinstalled.


iCloud is the problem, here. Apple has no right to predecate my software usage on the existence of an account with them. It's equally as absurd as Windows requiring a Microsoft ID to log in.


Then don’t buy an Apple device?

Apple for over 40 years has sold integrated software and hardware and for over 20 has sold hardware + integrated online services (iPod+ iTunes) and now you are shocked that when you buy an Apple device you also buy into their ecosystem?

Exactly how is anything on the iPhone suppose to work without an account? Push notifications?

Most Android apps are also dependent on Google services and a Google account.


Windows is now entirely an internet service as you need a microsoft account and internet connection to install it.


You don’t, they try to obscure it but you can still install without a Microsoft Account.


At some point, when you have to go find the disassembler and start monkey patching binaries, some people will still say "but there's still a workaround!".


Reminds me of how Firefox removed the ability to set a URL for new tabs (the better to display advertising on them) but justified it by saying "Users can trust and install a third-party extension to enable that functionality."


And obscuring it in a way that you need to disconnect from the internet for the local account installation to become available.


That's a dark pattern, but even so, Windows is useful without the internet. App Store doesn't demand a data connection on a whim, it fundamentally needs it for all of its functionality.


Source? Because last I checked, local accounts were discouraged but worked.


I got through 3 new lenovos with windows 11. One purchase but returned 2 due hardware issues. Installed windows about 3 or 4 times


> I strongly disagree that the iOS App Store should be treated as an "internet service" rather than a part of the device.

It's also on the web, e.g.: https://apps.apple.com/us/app/facebook/id284882215

Which means apps, for example, show up on Google searches.


>I strongly disagree that the iOS App Store should be treated as an "internet service"

It’s entire purpose is to look up data and download stuff across the internet. How can it not be an internet service? How much use could it be if it was cut off from internet connectivity, what would you even do in it?


Sure, it requires internet for it to work, just as the phone itself requires cellular service so you can make a call. Calling is still part of the phone.

Of how much use is an iPhone without the App Store? You can still use the preinstalled apps, but your expectation as a consumer is that you can install new apps. This expectation is broken without the App Store.


With a name like yours, I was expecting you to point this out:

"These are not device analytics, they are services analytics."

"These Are Not the Droids You Are Looking For"


Finally, someone puts words on the irks I felt the last times this came up. Thank you.

Apple is basically loopholing all the shitty ad-tech engagement surveillance bs that plagues the rest of the industry through the app store, pretending like it's any other app. Of course they can, but a lot of the hard-line privacy stuff goes down the drain with the hypocrisy.

What bothers me is that Apple really doesn't have to move in this direction, at all. They've been uniquely positioned to basically do things that nobody else can, because they sell so much expensive hardware. Instead, all mega corps seem to blend together and follow the same playbook. It's sad.


The public dismissal of the evidence these researchers presented in the last few weeks was surprising. It isn't truly important whether the App Store is an integral component of iOS, which it practically is until Apple becomes compliant with the provisions of the Digital Markets Act, it merely compounds their legal issues due to ignoring user intent when iOS analytics are disabled.

The main issue here is that Apple has been collecting personal data for years through its own apps without informed consent, which is in breach of GDPR. You need to ask for express consent to collect personal data in the form of non-essential user analytics, having a privacy policy and a toggle in settings to opt out of data collection is not enough, and it does not matter if the data collection is done by a website, app or an operating system.

It was particularly frustrating to see people argue that it's just an older version of iOS, when the reality is that one needs to hack an iPhone to see how this data is being syphoned off, and that jailbreaks for new iOS versions can be prohibitively expensive to achieve. Despite that, researchers pointed out that they see similar encrypted packets being sent with a recent iOS version.

I think it's worrying that consumers can't inspect the traffic of a device they own, and this is also an area that should be regulated so that our rights are respected.


The biggest issue imho is that the device is tethered by the vendor. You can't use it (practically) without being connected to Apple. This should change. I should be able to buy a product and use it with anyone's services. Otherwise, I bought a service and not a product.


You're right, and this is what the Digital Markets Act will help achieve. Though considering how tech companies behave in the face of new consumer rights (see how it took Google half a decade and multiple fines to show a GDPR compliant consent popup with a REJECT ALL button), it will be a couple more years before you can install a third-party app store on iOS or sideload an app.


> when the reality is that one needs to hack an iPhone to see how this data is being syphoned off

The author of the article wrote that all he had to do was request his data from Apple.


> The author of the article wrote that all he had to do was request his data from Apple

You observation has nothing to do with what is being discussed, we have a right to inspect the network activity of our devices.

I remember you posting in threads criticizing Apple, almost always coming to their defense. You've been doing this for years.


> one needs to hack the device to see what data has.

This is a provably false claim based on the authors own experience.

Guess what? You also have no idea what your phone is sending the carrier or any other service provider.

But as far as you knowing who I am because of my posting history, “but for me it was Tuesday”


> You also have no idea what your phone is sending the carrier or any other service provider.

Ah, so now you play the fatalist backdoor card. Well, the good news is that we do know some of what your iPhone sends back home. We know that every time you launch an app, both Apple and Akamai receive data about what app you opened and when. We know that Apple has private API entitlements for circumventing your VPN rules. We know that Apple actively and directly works with the NSA and CCP to enable domestic surveillance capabilities.

So, you're right! Hacking your device only gives you a small window into the horrors of your software vendor. If we could totally decrypt all of Apple's traffic alongside the SIM's baseband transmissions, nobody would every say 'privacy' and 'iPhone' in the same sentence again.


In the longer term Apple has a bigger issue here (though related to GDPR) : being a US company it's effectively illegal in the UE.

And after several attempts to pretend that US laws like the Patriot Act that remove non-US citizen rights were compatible with the EU Charter of Fundamental Rights have been struck down by the Court of Justice of the EU (after the US has been caught violating these rights) it's starting to be hard to imagine what kind of agreement can possibly happen between the USA and the EU that would make US companies legal again...


> Instead, all mega corps seem to blend together and follow the same playbook. It's sad.

Yet another glaring indicator identifying our species as not mature enough to manage our own society. If this occurs everywhere, no matter what, then it is us, our constitution, our chemistry, our maturity as a species that is at fault.


Not really, systems affect our behaviour. We created the system that is our current market economy, and we have the ability to construct new systems that encourage better behaviour. For example, studies show that cooperatively ran businesses are more ethical and more stable:

> [...] Additionally, "cooperative banks build up counter-cyclical buffers that function well in case of a crisis," and are less likely to lead members and clients towards a debt trap (p. 216). This is explained by their more democratic governance that reduces perverse incentives and subsequent contributions to economic bubbles.

> The cooperative banking sector had 20% market share of the European banking sector, but accounted for only 7 per cent of all the write-downs and losses between the third quarter of 2007 and first quarter of 2011. Cooperative banks were also over-represented in lending to small and medium-sized businesses in all of the 10 countries included in the report.

> [...] in France and Spain, worker cooperatives and social cooperatives "have been more resilient than conventional enterprises during the economic crisis".

> Public trust in credit unions stands at 60%, compared to 30% for big banks and small businesses are five times less likely to be dissatisfied with a credit union than with a big bank.

In other words, this behaviour doesn't happen everywhere. It's specific to certain types of businesses.

Paragraphs from here: https://en.wikipedia.org/wiki/Cooperative#Economic_stability


> Public trust in credit unions stands at 60%, compared to 30% for big banks and small businesses are five times less likely to be dissatisfied with a credit union than with a big bank

All organizations seek to accrue power and revenue - even “non profits”.

I saw it from one of the local credit unions I worked at in college…

1. First it was a credit union for a few large companies

2. Then it redid its charter to become a “regional credit union”

3. Then it said “fuck it we are bank”

Meet the old boss..


Indeed. This is why some (relatively few) organizations are designed to limit growth. Not all credit unions have the problem of growing to serve other customers.


This mental leap is a bridge to far for me to understand. Can you fill in the steps in your logic?


A hallmark of maturity is delayed gratification: one may want, but their maturity tells them they ought to prepare, or otherwise delay and suppress their gratification for a later period when that gratification is a) possible, b) achieved without subterfuge or deception, c) an appropriately and fairly earned reward or payment for effort expended towards this goal.

It is common and entirely ordinary to observe everyday people unable to delay their immediate need for gratification. It is also entirely ordinary and normal to observe friends, family and coworkers who routinely cut corners (take process shortcuts) and engage in process deceptions because they simply do not care about the consequences. Likewise it is entirely ordinary for one's employer to other their own employees to the degree they treat them with equal severity as one might find in the times of legal slavery (not exaggerating at all.) It is common and ordinary for spouses to other their own spouse, causing a legacy of failed marriages.

What is not ordinary is to meet persons that do not take short cuts, do not cheat on their employees, their spouses, or in reality: themselves. The majority that do not cheat are those not trusted and not provided the opportunities. The majority, if given too much trust, will rape their environment blind given time and the lack of repercussion: and that is immaturity at scale in our society, and it is the natural state of society. Trust is for fools.


Probably not now that he's come down from whatever he was smoking.


> Apple is basically loopholing all the shitty ad-tech engagement surveillance bs that plagues the rest of the industry

That's a pretty extreme description of what's happening here. I agree that they should not be doing this, and that App Store analytics should be opt-in like the rest of the device analytics, however, they are not correlating your unique identifier with other web properties — i.e. when you visit through Safari. I also doubt they are selling that data to third parties, allowing ads to target you on the basis of it, or using it to build a profile against other application analytics.

In fact, it seems like the article says: they do no clever stuff with it whatsoever. They should remove it in a future update


Some trivia: the "DS" in DSID is "Directory Services", which is a giant Apple-internal database. Apple employees and contractors have a DSID too. It's basically a database of all people that Apple knows, and it's very old.


Would you say it could contain shadow profiles of anyone who ever used any apple product (e.g. opened iTunes on windows)


No, I don't think so. It would contain anyone who ever created an Apple ID though.


Can someone explain why the App Store doesn't show the "Ask App Not To Track" dialog?

Why do 3rd party apps have to ask for permission to track, but Apple's apps do not?


I read somewhere (sorry can't remember where but it was quite recent) that Apple has defined "tracking" as "allowing third parties to monitor you over multiple sites and apps".

My that definition, Apple, as a first party, is not tracking you (and likewise, I can monitor you over my apps but not allow anyone else access to that data)

UPDATE: It was from AppStore Connect itself, when you fill out the privacy data form.

Also here: https://support.apple.com/en-gb/HT211970 "data from the app that is linked with your data collected from other companies’ apps, websites or offline properties, and used for ads or shared with a data broker."


This definition is not necessarily wrong. It’s easier for them to argue that they need telemetry to provide (and improve) their own services than it is to argue some third party advertising behemoth needs it. The former is perfectly acceptable, also according to the GDPR (first party advertising is also A-Ok according to he GDPR, btw).


Technically it's fine, but it sits badly with me.

Ultimately their business model - we don't need to log/track/whatever your behaviour to show you advertising because we make our money off hardware - was a big differentiator for them compared to all the other tech companies. If they remove that, then they're removing one of the main reasons I stay with them.

And that's really the point - at some time soon they will stop being the "iPhone company" and they'll become "just another company" and this is just them preparing for that day.


Sounds exactly like Google’s definition. “Private” means “just between you and Google.”


Because "Ask App Not To Track" refers to (for all apps, not just the App Store) tracking across different systems/companies.

For example, a Weather app collaborating with an ad sales company to provide them tracking data would violate "Ask App Not To Track," but Facebook tracking you within the Facebook app does not because it's all internal.

The reason for this is just about the practicality of enforcement: You cannot enforce companies not doing internal tracking because they still have to collect data for their business, so how do you distinguish it.


I'm only picking things up passively but as far as I have read, it is because the App Store does not track you across OTHER COMPANIES apps and websites. If they only track you within their own Apple ecosystem, they don't need to ask for permission (same as other apps).


Facebook kept their shadow profiles to themselves, but that didn't make it any less gross. Defending Apple's data collection on the basis that "they don't share it" is like defending a guy taking creepshots of you in the bathroom because he doesn't look like the sort of person who would cause you trouble.


The sharing's not what makes it "tracking", by Apple's definition, it's collecting data on other companies' sites and apps. As in, following you around wherever you go. Tracking.

It's the difference between Wal-Mart recording you with camaras in their stores, and recording you with camaras in all stores... and at the public park, and in your home, and....

FWIW I think a whole hell of a lot more than what Apple calls "tracking" ought to simply be illegal, but they've been pretty clear about what they mean by the term, and their definition does make sense, and that is one of the worse behaviors among the spyware industry (which is basically all software, at this point, which, WTF, how did norms change so incredibly fast?)


Tracking is about following breadcrumbs across activity in third party apps. So if the Facebook app uses identifiers in common with Uber, and can see what you do in Uber or something, that’s tracking. Recording what you do in a single app, or apps from one company that isn’t strictly necessary for providing the service is telemetry.

Apple doesn’t share user data and identifiers with third parties except as necessary to provide specific services, so it doesn’t track. It does record telemetry though, most of that is in a non personally identifying way, but some of it can be traced to a user.

Obviously identifying information necessary to provide a service is different. If I buy an app off the App Store, they need to identify who bought it. The edge cases are things like, do they need to know I searched for fitness apps on the App Store and associate that with my ID. Amazon does on their web site so they can show ads related to my recent searches, but it’s not strictly necessary for providing the service.


Agreed that is the technical distinction made today, but for an end user that really is splitting hairs.

When Apple is offering first-party services that compete with Netflix, Spotify, etc. my privacy concern is that someone is tracking and aggregating data on what I watch and listen to.

As a user I don't really care if that's two separate corporations sharing unique identifiers or two departments in the same umbrella corporation, it's still a privacy concern.


You don't think who the data is shared with, whether or not you know or consent to it, and how it is propagated is a significant factor in privacy concerns?


Of course that's a significant factor, but that wasn't my point. I care if Apple Music and Apple TV aggregate my data just as much as if Spotify and Netflix do it.

This isn't anything new, we've known that Apple does this for years. If data sharing is within one umbrella corporation it's technically easier to subpeona and investigate, but that also means they have that much larger of a pile of cash to defend themselves with.

Consider another aggregious Apple policy, mobile browsers. They have had a much more oppressive browser policy than Microsoft ever did and they have done this openly since iOS 2 when the app store first launched. They've never been held accountable though - they get away with it even though Gates was dragged in front of Congress multiple times for simply shipping his OS with a pre-installed browser. Why? And if that obvious issue goes unpunished why should I expect anything better with regards to their data collection practices, simply because one parent Corp is owning all the data?


Not if we can't hold Apple accountable for that information, no.


That’s exactly the point. We can hold Apple accountable. That’s what’s happening with these investigations of what data they are holding and how it’s used. If the data was shared far and wide that would be difficult or even impossible.


There's probably a line in the T's and C's that nobody reads when you first start up the phone where you give them permission. Reading the other comments, it will be in there if they even need to ask; on websites, websites do not need to ask for permission for functional cookies.


Why don't apps show the EU cookie banner? It seems that apps have an unfair advantage over websites.


App do not have an advantage here. the EU 'cookie law' doesn't mention cookies at all. All it says is that you cannot track users without permission, and that this permission must be freely and explicitly given. It's just that this is usually done using cookies on websites, but the specifics don't matter. Apps absolutely have to ask for permission before tracking a user.

Now if this is actually enforced or not is a different matter.


Unfair advantage == it isn’t a usability nightmare caused by ignorant lawmakers


The usability nightmare is not caused by lawmakers. The usability nightmare is caused by businesses who think they need to put Google analytics on every single page.

It is possible to create websites completely without cookie banners. You just have to not track your customers unnecessarily.


I love how GDPR apologists love to deflect blame from the law and lawmakers who were the initial cause of the problem.

And what affect did have? Did the 99 section 11 chapter law have any deleterious affect on adTech? Did it make browsing better or worse?

We see the effect that of an effective strategy, when Apple made tracking opt in, publicly traded companies like FB admitted that it caused billions in lost revenue.

The only thing the GDPR did was give us cookie banners.


The information Apple holds on users is valuable so they don't want third parties to get it for free.


> I am also shocked by the granularity of information in these storefront analytics. It is relevant to Apple’s recommendation engine if I listened to an album or song and whether I finished it, but it is hard to see what value it has in knowing my track playback to the millisecond.

Not surprised. As soon as it was possible to get this kind of information about app usage (thanks, Internet!) of course management wanted everything.

Apple has its own privacy teams that work with the teams developing apps. Data collection is treated as a Big Deal and "Privacy" will grill you on every single byte that you want to collect. And any bit of data that might reveal personally-identifiable-information is a nonstarter.

As an example, we could not report back error messages from the OS, only error codes. Why? Error code might be "123" but error message could be "Error 123, You just removed hard drive 'Calhoun Data' without unmounting..."

Perhaps the downside of this gatekeeping though is that I feel it causes management to come to the table asking for everything, letting privacy whittle it down. With major app release cycles 6 or 12 months apart, I think management sometimes don't know what data they might want - would rather not have to wait perhaps up to a year for the new metric to be included.


> Data collection is treated as a Big Deal and "Privacy" will grill you on every single byte that you want to collect.

I find this optimistic view hard to reconcile with the article. It seems collecting personally identifying data is the default mode. For example:

> I have a spreadsheet of the nearly nine hundred times me and my DSID ignored Apple’s attempts to upsell me on Apple One


I see a lot of very intelligent people here unable to agree upon a matter that seems, in essence, simple enough.

That is in itself troubling and partly answers a question.

If developers on Hacker News cannot fathom whether Apple deceptively transmitted PII, or whether zealous journalists are over-egging the pudding, then we have another problem.

Obfuscation is a form of deception through complexity. It can be hard to tell from the outside whether that complexity is "necessary" and whether its ill effects are deliberate or accidental.

Nevertheless, it remains a form of deception if you present a system as simple, with controls that apparently do understandable things as a front for another system that even you, as a developer, no longer understand. This same theme is coming up in AI, social algorithms, moderation/censorship of speech. We are muddying the waters in the hope that people believe they are shallow.


And some would say this is a deliberate adversarial tactic to guide people to surrender their privacy and freedoms, because those that would defend them can't sufficiently explain the complexity to be more convincing than 'simple' messages.


We say that because Apple has a history of using deliberate adversarial tactics to abuse the market and claim dominance. It's almost as iconic as Google killing off their own products.


Can you show me where obfuscation was mentioned? The DSID is transmitted clearly in many web requests from iOS. SSL isn't a form of obfuscation.

I don't think there's anything wrong in transmitting an ID to a web service, but I'm not actually sure what Apple claimed about privacy.


You’re logged into an Apple device with your Apple ID going to an Apple online service where Apple obviously knows what you bought. Saying that Apple is keeping track of what you do on their service is like saying that you didn’t know your doctor has your medical records and took notes of your interactions with them


Could not have expressed my thoughts more clearly.


I think this can be explained by simple denial; Apple's reality distortion field, or some variation on "It is difficult to get a man to understand something, when his salary depends on his not understanding it." Maybe not salary, but a foundational world view, much like religion.

I mean, people on HN will argue that it's wrong to block ads, a point of view that only makes sense to me through the lens of the above quote.

But, yes, it's a big problem because people that don't factor in the inherent biases of those making the arguments will take on those biases without the salary that makes it make sense. Is that like a Stand Alone Complex?


> I think this can be explained by simple denial; Apple's reality distortion field, or some variation on "It is difficult to get a man to understand something, when his salary depends on his not understanding it." Maybe not salary, but a foundational world view, much like religion.

My personal view, which I presume is the same as many others, is that these things keep being a "if there is smoke, there's fire" situation. Yes, this could be abused, but is it?

Meanwhile, in full "what aboutism" mode, I know Google does crappy shit with my data, I know Meta is full blown flaming evil. I know Ad Tech has the entire world ablaze with privacy abuse.

Meanwhile, people keep pointing to smoke from Apple and screaming that I just can't see what they think they see ...


>"if there is smoke, there's fire

I want you to take that sentence and throw it away and instead have a mental paradigm shift.

"Where there is fuel there is risk".

One day when you have a lot of time look up the USCSB (United States Chemical Saftey Board) channel on youtube and look at the decade of very well done videos on deadly industrial disasters they have done. People will ignore risk for years accepting the danger because it's "always been that way", they will turn off alarms because they are annoying, they will bypass safety controls because they slow the task down.

I don't care how dangerous FB/Google/whoever is, Apple is its on seperate factory capable of blowing up in it's own spectacular fashion, and much like a gasoline refinery they are building up a massive amount of fuel that is at risk of a spark.


> "Where there is fuel there is risk".

That's good point of view. I'm quite glad that the EU is finally tackling this stuff seriously and would LOVE to see strict regulations about what data you can track (as little as possible) AND what you can share (nothing at all, preferably).

Content based advertising should be good enough, if everyone has the same playing field.


Out of curiosity, what does Google do with your data which would be considered bad, ie. beyond the basics of ad targeting and improving their internal services?


> I mean, people on HN will argue that it's wrong to block ads

I've never seen this attitude here. Not once. Do you have any examples?


Not that I can find in any hurry, and it's also worth my mentioning that occurrences are decreasing, and I'm not sure if that's because there are fewer people legitimately taking the ad-defensive stance, or whether there's a 'chilling effect' caused by (in my opinion) the increasing volume (in both definitions of the word) of arguments against ads.

My memory also tells me that most of the pro-ad stances on HN have been cagey; justification within a certain set of privacy-respecting or customer-service-improvement ideals.


This "Directory Services Identifier" is not sent outside of Apple's services though right? And only sent to Apple services that need to know the identity of the user?

If so I'm wondering what the issue is here.


The issue is that iCloud knows that I'm the same Apple user coming to get my files from iCloud as accessed the App Store!!! With my Apple account!

Wait ... I'm also not sure what the issue is.

Fundamentally this is only a problem because Apple is too big and controls the App Store, iCloud and all the rest of your device. This is a reasonable artifact of an unreasonable situation.

I also think Apple is too big but I'm more concerned about Big Pharma, Big Oil, Big Banks, Ad Tech, Growing Fascism, ... Big Apple is a worry way down on my list.


It seems a little more leaky than I'd expect:

Because that identifier is also used in some iCloud API requests, I also spotted the same value in activity logs for third-party applications using things in my iCloud account, as well as in metadata for local copies of documents I downloaded from my drive at iCloud.com.


It's a little unclear what they mean here, but that can easily be because of a service/system server model. The third party apps use things like "icloud daemon" (not sure that one actually exists) which does the iCloud request and passes along the data back to the app. Because the logs are generated with a high privilege level, they are also including what icloud daemon did for those specific apps, but those apps did not get access to that DSID, it was kept internal to icloudd.

If the journalists or whomever wants to claim the DSID is leaky, then they need to show a POC with an app actually obtaining that DSID, and not only in a system logger that only saves files sandboxed locally, or sends to Apple.


Good to see somebody talking sense. Lots of journalists jumped on this, framing Apple as evil.

At a high level, the whole thing is no different to a website using a cookie to keep you logged in.


A cookie is not a PII identifier, it is an "identity discriminator".

In other words cookies let them tell you the _same_ person 104898 that was already here in March, welcome back!, and not any other person e.g. 298472, but without telling them your actual name etc.

In contrast, a PII identifier is a unique ID that is linked to personal attributes in real life like a person's name ("John Doe"), address ("6400 Boulevard Court, Beverly Hills, CA"), e-mail address ("john.doe@acm.org") or credit card number ("VISA 4879 5223 6537 9935").

So, this is indeed different from visiting a Website that places a cookie.


> VISA 4879 5223 6537 9935

I'm curious where that number came from. It passes the Luhn check so it probably isn't just some random number, and has the right first few digits for Visa but doesn't match any of the Visa test card numbers that I happen to know.

Looking up the issuing bank from the first 6 digits gives inconsistent results. Half of the several BIN lookup sites I tried just say it is from the US. The other half say it is from Blom bank in the country of Lebanon.

Googling it gives me a small number of sites about "unlimited credit card numbers that work 2022" which seem quite shady but I can't quit figure out what the heck that are actually trying to accomplish.

Here are those sites: https://www.financegab.com/credit-card/unlimited-credit-card... and https://paisabank.org/unlimited-credit-card-numbers-that-wor...


Credit card number generator websites exist: https://randommer.io/Card


i have been following up on that and for me too the results where inconclusive.

My bet is, that is a honeypot card.

Oh and by now we are the first result on google for it too :D


Apple ID is still a cookie and that is enough for me to avoid them like the plague.


Cookies are a required part of any login system. Your Apple ID is used to identify you, just as @amelius identifies you here.


HN doesn't offer so many services across which they can track and identify users.


If you don’t want to use services where the site keeps a cookie on your computer, you might want to avoid HN…


PII is never black or white. "_same_ person 104898" will become PII at any moment when the site can collate it on a one-to-one mapping with some other PII of yours (e.g. your email or login).

From GDPR Recital 30: "Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them."

So your Apple ID becomes PII for a specific site at the precise instant you share any other PII to that site, that they are able to link to the Apple ID.


Except there's no opt-out or prompt to inform you. Quite a difference I'd say.


This seems pretty different. This is a _cross channel correlated ID_. In other words, this is able to (and presumably used for) tying the user record together between multiple, separate applications. This isn't a "generated ID that only identifies you within the current application vertical". Those IDs would not be able to cross-correlate between other app properties if leaked. The IDs as described in the article would be able to be used to build out a more rich "permanent record" on the given user as more information flows in from various apps.


But cookies I can choose not to allow, right?


Well yeah, your browser, your rules; it'll just come at a convenience fee of having to log back in every time, and that for the duration of your session you HAVE to have a cookie or your login won't work. There used to be an alternative of a session ID in every URL, but I haven't seen that in years.


Leaving behind the discussion of whether this is a problem, it is a problem for me. I paid Apple for a device. I don't want Apple to use devices to track me or target me with ads or anything else. That is my personal take.

But what can you do assuming that you want or need a phone? Android is no better. Class action lawsuits enrich law firms and get users a gift card for $0.20 (sarcasm).

I just wonder what would happen if everyone who doesn't want this decides to take Apple to small claims court? These companies, Google, Apple, Microsoft, Facebook continue to violate fundamental rights to privacy because they have no reason to stop. There are no significant penalties.

Or perhaps we need a bill of rights. Anyone know of such a thing?


I think in case of any smartphone OS, you are sadly not really the owner of the device and in contrast the manufacturer has wide reaching permissions for everything. That is partially true for desktop OS as well, but at least here you can override everything to your liking. Those that argued for these mechanism in the interest of security do not get any sympathy from me.

Complaining after that fact seems pointless. If you had administrative rights, you wouldn't have as many issues with being tracked. Being able to freely modify the software running the device and accessing its hardware in the same manner would paint a different landscape.


> But what can you do assuming that you want or need a phone? Android is no better.

GrapheneOS, Calyx, and LineageOS would like a word..


I use GrapheneOS and it works reasonably well for limiting the amount of data I send to Google. I still use the play store, but you don't have to, you can go 100% open source and Google-free. And Play Services is optional and sandboxed so it doesn't get any privileges beyond what a normal app gets, so you can block tracking and it spying on other apps' usage.


> Android is no better.

You don't have to use an app store that violates your privacy on Android. You don't have to send your location to Google every time you get your GPS location, unlike how iOS sends all your GPS lookups to Apple. Android is far better. The key difference is user control.


Anyone reading this article from Illinois is about to have a fun time with Apple, their privacy laws are reasonably strict. Of course, I'm not a layer, so maybe they found the one legal "loophole" or lawful way to do it.


All of these issues with UIDs make me believe that we should maybe transition to Probabilistic Data Structures and group users randomly together, e.g. based on HyperLogLog abstracted UIDs. Only the user device itself would have the full ID, the service would get an abstracted, probabilistic version of it, which can (and will) collide with other abstracted IDs. Thus, the service could never be 100% sure who exactly a single user is - out of a group of (e.g.) 12 people that happen to yield the same probabilistic representation.

(I know there're also many issues with this approach, so take it with a grain of salt)


Recent and related:

Apple sends DSID with iPhone analytics data, tests show - https://news.ycombinator.com/item?id=33695937 - Nov 2022 (111 comments)

Proposed class action alleges that Apple tracks users despite privacy assurances - https://news.ycombinator.com/item?id=33593455 - Nov 2022 (191 comments)

App Store on iOS 14.6 sends every tap you make in the app to Apple - https://news.ycombinator.com/item?id=33520775 - Nov 2022 (190 comments)


Allegedly it’s fine because they’re collecting information for internal use and not sharing with third parties, but really the industry is trying to redefine tracking as cross service/site tracking. Well I think they should set the same bar internally


Why?

What is the value in anonymizing your voluntary engagement within a single corporate entity?

As long as that entity provides me with an accurate reporting of access when I request it?

Why for example would I want to make it any more difficult for my doctor at a hospital and the hospital pharmacy to share my confidential health information to ensure I get the right treatment?


> What is the value in anonymizing your voluntary engagement within a single corporate entity?

Because up to a certain point it isn't voluntary

> Why for example would I want to make it any more difficult for my doctor at a hospital and the hospital pharmacy to share my confidential health information to ensure I get the right treatment?

Because principle of least privilege. This is one example, another could be the doctor sharing health data with an internal hospital logging service, which is utilizing some cloud service, which is utilizing some other cloud service, etc


1) tech companies should not be Doctors. Apple is not a doctor. 2) there are additional privacy protections around medical uses, for these reasons.


IF it's fine then why was Google data collection ever an issue?


The irony of Tim Cook only a few years ago claiming they don't want your data [1] "We treasure your data. We wanna help you keep it private and keep it safe."

[A] https://observer.com/2019/05/tim-cook-apple-data-privacy-cru...


The use of tracking is acceptable under the GDPR if it is necessary for providing the product/service. The Apple ID, being necessary for determining the applications you have bought/are installing would be considered necessary. Permission to have it is not required.

If the Apple ID is shared to another 3rd party by Apple, then it is not just being used for providing the product/service. So it would be required to get permission under GDPR.

Apple sells a service which is iPhone+iOS+App Store. While it is technically possible to separate, Apple doesn't. It's all required. So the Apple ID is required for doing that.

The fact that the Apple ID can be associated to an individual and their PII is something that theoretically could be isolated, but Apple are not required by law or regulation to do so as long as their use of the ID stays unshared and "necessary".


Isn’t this a misunderstanding of what PII is? An evil entity, given this couldn’t unmake me the way they could with a name, e-mail, or even IP


If it can be traced to a natural person, it is PII. IP addresses are PII, ids are PII. It is in the name "Personally Identifiable Information." If it can be used to personally identify you, it's PII.

If you gave me this ID number, I could use it to locate your information in breached db dump, or if it is used in API requests, impersonate you.


> or if it is used in API requests, impersonate you

You're suggesting it's an authorization token - which it obviously is not.


It depends, but I was imagining a vulnerability where I authenticate to the API as myself, but use your ID. Or I sed my usage/diagnostic logs and replace my ID with yours. This might sound really boring, but as an example, I could send logs/activity as someone else, placing them at a scene of a crime that would show up in a subpoena.

I doubt this vulnerability exists, but these IDs (and any IDs by any company) should be guarded just like any other PII for exactly this sort of reason.


depends on the authentication mechanism


No, that's not the definition of PII. That the ID maps to a person doesn't mean they know that person's SSN, which is PII.

IP counts as metadata. It uniquely identifies you as an entity but does not reveal other details except geographic location. If IP addresses are PII, then any use of the internet is violating your privacy. Perhaps unplug your modem, turn off cell service on all devices and read a book instead.


That's literally the definition, it's in the name. If it can be used to personally identify you in any way, it's PII. Yes, IP addresses are PII and there's nothing that prevents you from storing PII for reasonable amounts of time (i.e., to process a packet, a purchase, or fulfill a contract). Where you get into trouble with various laws is when you store them for other purposes (such as in logs) and use them in ways they weren't intended (such as analytics) -- especially if you don't tell the person you're using it in that way. That last part is usually the basics of what is required. Not disclosing it is a sure way to find yourself in hot water, eventually. Most regulators don't seem to care atm, or are targeting big companies. I'm not a lawyer, but I've worked on software in this field, so take what I say with a grain of salt.


I think the point being made is that there are two classes of information: 1. That which helps distinguish a single human being as distinct from another. 2. That which provides you with some useful knowledge about that human being.

Knowing an IP address can distinguish user A from user B, but unless you know something else about A vs. B, what's the point?


I'm not sure what point you're making.

Knowing an IP address is useless information, until you have a database linking IP addresses to geolocation. Knowing my address is useless information, until you have a map. Knowing my name is useless, until you have Google. Knowing my user id is useless, until you have a leaked database (or other vulnerability).

These are all PII, because they're useless until you have some other information, and then they deanonymize you.


There's a lot of confusion here. You need to read the GDPR carefully. The GDPR is the only source that explicitly mentions IP, and even they distinguish IP as "personal data", not "personally identifiable data." No other privacy legislation on the planet considers IP to represent any kind of PII.

I will reiterate my point. It is impossible to operate the internet or any other network where a server must distinguish between two or more client without some kind of identifier for session management. Just think about it.


I am literally face palming so hard right now. I also wish I'd seen this reply earlier.

The GDPR never mentions "personally identifiable data" as that is a US term. In the GDPR, it only says "personal data" which is the exact same thing according to the GDPR.


It is tied to your Apple ID, which is tied to those details.


This isn't really all that surprising

Anyone who uses Apple/Google/Microsoft/other products as intended will have no privacy. By as intended, I mean using chrome while logged into a google account, using MacOS while logged into an apple account (and using all of apple's internal applications), using android with a google account, etc

I wouldn't be surprised if the usage data, health data, from e.g. iOS+services goes straight to data brokers. I can't prove this, but it wouldn't surprise me. Even if it didn't, there's no guarantee of how the data will be used internally (or whether it's given to law enforcement, for example)

If someone uses these products as intended and has even the slightest expectation of privacy (e.g. believing any of the vague BS in the TOS), they're probably not the sharpest knife in the drawer (or at the very least, grossly misinformed)


Apple’s analytics data include an ID called “dsId”. We were able to verify that “dsId” is the “Directory Services Identifier”, an ID that uniquely identifies an iCloud account. Meaning, Apple’s analytics can personally identify you. Apple states in their Device Analytics & Privacy statement that the collected data does not identify you personally.

Even if legal, this is obviously a very bad look for a company that claimed they were all about privacy and took actions against competitors to protect users' privacy.


Apple is only about privacy as a marketing differentiator.

Apple's software clearly demonstrates that they do not place a high value on user privacy. iPhones and Macs phone home constantly with all sorts of information even if you never use iCloud or the App Store or Apple's service offerings. It's ridiculous.


Yep. Set up Charles Proxy (GUI) or mitmproxy (CLI) if you want to take a look at the actual data. It's huge and non-stop. Some of this even Little Snitch can't stop because it's sent to random IPs inside huge blocks belonging to Apple with no DNS. Unless you go to extraordinary lengths it's the same with Firefox FYI.

These companies' privacy concerns are a marketing gimmick, and the situation is so out of control we have to be thankful even for those crumbs.


Little Snitch can still block those.

The huge block is 17./8 and is easily identified.


I'm curious: do you think Apple is exactly as invasive as the companies they compare themselves to? Or are they not as invasive, but still not as non-invasive as their marketing materials claim?


The issue for me is location tracking. Apple always knows what city I am in, linked constantly to unchangeable hardware identifiers, which for me is the same level of invasive.


Well, I’m not surprised. All the megacorps seem to be crap at privacy because privacy interferes with their lucre. So, Apple is just another Google, Microsoft, Meta, Amazon, etc. I know that they advertised otherwise, but that’s a matter for court and truth in advertising laws; personally I’ve always assumed that every phone is a passive surveillance device.


Reason x why I'm rooting for Zack and his metaverse bet! I love the iPhone & Mac but I dislike apples approach to "privacy" feels hypocritical


Not sure if sarcasm, but just in case...

My friend you need to open a window and see the rest of the world that exists outside that binary choice...


Well, even if it's a binary choice ... Facebook is the weird bit to pick.


All roads lead to data collection. It wouldn't surprise me if stories like this pushed people onto Facebook or Android just because of the uncertainty that the iPhone now represents.


[flagged]


>They blindly trust in Apple security. I spoke with people and they think you can't have an exploit/virus for iOS. Lol.

Statistically they are right.

Such exploits are so few and insignificant that they doesn't really matter...

It's more like the danger of dying from swallowing your food. It exists, but it's not really something you need to worry about...


That's why I turned all this junk OFF on all my apple devices. Why would I help them better their software? Hire more test engineers.


> We also showed earlier that the #AppStore keeps sending detailed analytics to Apple even when sharing analytics is switched off.


>Why would I help them better their software?

Because you too benefit from the software you use getting better.


That's completely besides the points. When you choose to opt out you're explicitly indicating you don't want this to happen.


I really don't get the outrage.

I assumed that by stepping into Apple's walled garden, they would know and store:

- where my devices are

- what I'm doing with them (i.e. apps downloaded and started, which features I use yadda yadda yadda

- any app I download and use will independently log all my taps and interactions within that app

- and since I use iCloud: where all my data is

What would make you think otherwise?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: