- It was a clean state of a somewhat old phone (iPhone 11, factory defaults + new apple id)
- A single (old) app was installed (Stack by KetchApp, 10-12 years old)
- Was sending out an update a second pretty much instantly (5 kB - ~300 KB every second)
- Within a minute: IP, Lat / Lon, country, phone model, carrier / network operator, vendor, OS version, connection type (wifi), headphone status (?), volume setting (?), screen brightness setting (?), battery status (?), CPU count, system RAM, free RAM allocation, free hard drive capacity, system boot time (?)
Might as well just screen grab the Task Manager equivalent and hand it to them. Have better, quicker data about my own current RAM allocation and free hard space than I do. It hands them when the system booted for an ad? The headphone, volume, brightness, and battery was just "what" kind of headshake about invasiveness. Somebody'd hand wave they need it (we want it, we want it). They obviously don't.
Edit: It's almost Remote Desktop, on an iPhone. Realtime (~1 Hz) RAM / ROM allocation. Not sure how many Apple user even know how to check their realtime RAM / ROM allocation. The free hard drive space especially is just asking for botnet downloads.
Edit: Right, and ... disabling tracking doesn't mean anything because numerous updates blatantly ignore the setting ("uc": "1", // User consent for tracking = True;) and it's just a flag while they still send your vendor specific customer identifier anyways.
Really interesting article, and great investigation, just disturbing how much on an effectively clean phone.
I dislike that as a developer, knowing something like the headphone status could be useful for the functionality of the app. But some other unscrupulous person is just exfiltrating it! This is part of the reason I agree with Apple’s stand against apps with sub-apps/“desktop like” due to not fine-grained enough permission settings. There is a significant privacy downside to “superapps” and now Elon is pushing for the X everything app.
Yeah and if you ask for permission for every little thing then users are going to get bombarded even when it's needed for legit purposes. It's a difficult tradeoff to make, even if you want to do the right thing (and I'm not really sure that Apple and especially Google really do)
> The headphone, volume, brightness, and battery was just "what" kind of headshake about invasiveness. Somebody'd hand wave they need it (we want it, we want it). They obviously don't.
Well the why the ad industry wants it is clear: fingerprinting and segmentation. Someone consistently low on battery? Push them ads for powerbanks.
This is actually part of what I find so wrong about this entire idea.
With all this fine granularity, it seems like ads would be incredibly relevant. Specifically about what you need with something that might actually result in a click-through to purchase a product. Especially if they get real-time updates on my hard-drive status and battery state.
I don't remember the last time I got an ad that was actually relevant. Pretty sure the last ad that was even clicked on was one of those little windmills that swirls crazily, cause it seemed like it might make a cool lawn ornament. Turned out it was tiny. Years of online purchases, and they don't even suggest stuff I want.
It is an excuse. Google doesn't choose ads for you, they shoot out this bundle of info about you and just display the highest bidder. That means whatever ads you see are basically dominated by whoever overpaid the worst.
Edit: It's almost Remote Desktop, on an iPhone. Realtime (~1 Hz) RAM / ROM allocation. Not sure how many Apple user even know how to check their realtime RAM / ROM allocation. The free hard drive space especially is just asking for botnet downloads.
Edit: Right, and ... disabling tracking doesn't mean anything because numerous updates blatantly ignore the setting ("uc": "1", // User consent for tracking = True;) and it's just a flag while they still send your vendor specific customer identifier anyways.
Really interesting article, and great investigation, just disturbing how much on an effectively clean phone.