I asked the developer of Podcast Addict about this and shared the article. This is their response verbatim:
"Hi,
I'm sorry but I don't understand your email. Of course every podcast app connects to 3rd party content to stream it and therefore hosting platforms and tracking services and ad services used by the podcasters will have access to your IP address.
Sorry but saying that a podcast app leaks your IP address is as stupid as saying that a web browser does. It's just a tool that connects to 3rd party content, so yes unless you're using a VPN the server you connect to will always have access to your IP address
The app doesn't have your location. As you can see it doesn't ask for location permission so the app doesn't have anything to share, but yes your IP will of course be public to any server you connect to
I think my question still makes sense because from what I gather, the AdSense(?) SDK will get more info from the phone than just the IP address - make/model of the phone, unique IDs etc. But for now I happily did an OPML migration to AntennaPod - smooth sailing so far.
This list is suspect. PodcastAddict doesn't even request location permissions[1]. How can it possibly get access to your location? If you read the article carefully, it caveats that the location might not even be sourced from gravy apps. At best, it's getting your ip location, which you're broadcasting to every website you visit anyways.
>Although this dataset came from an apparent hack of Gravy, it is not clear whether Gravy collected this location data itself or sourced it from another company, or which location company ultimately owns it or is licensed to use it.
Can it get the wifi SSID? Is that a permissioned property on Android/iOS? I believe there are companies that build databases of SSIDs and their locations by driving around, so if an app can get wifi info it could be pinpointed to a pretty specific location.
What about Bluetooth? I think it there are enough intentional and unintentional beacons around that it's possible to have some localization info with their MACs. Does this require permission?
Even better if you have the hardware/bandwidth, setup a wireguard vpn and use adblocking on your home network. Then all your stuff is at least mildly encrypted while out and about, plus you get robust adblocking protection.
This also has the added benefit of encrypting DNS if you set that up. It's all relatively easy to setup. If your hardware is running linux there are simple configuration scripts you can run to get everything going in 5 minutes or so.
I'm also a fan of 1Blocker on iOS (and macOS). It's another subscription, but it's not that expensive; updates its blocking lists frequently; and blocks trackers in apps.
Two questions from looking at my list:
1. What do you replace PodcastAddict with? Will all ads traffic (not just the display of the ads on the screen) cease on a paid version?
2. How would MS Outlook get on the list in the first place?