Google has no choice but to support ads. They're an ad company. Apple has to keep hammering how bad the ad and privacy experiences are with Android. Make iOS an absolute delight to use in contrast.
I'd pay a premium for that. Android has done a great job making me want an iOS device again, these last ten years.
Why? Because Google recently stepped up its notification spam in their official apps. They're using a mechanism that's supposed to exist to notify me of things _I_ want/need to know about urgently instead to advertise products and services to me that I have no interest in.
It's tedious to track down all the places these are coming from and disable them. And I shouldn't have to. I paid a premium for a high-end flagship Google phone. As a phone user, I have to give the vendor power to do all kinds of things on my behalf and to me — in this case, the power to pull my focus, or even wake me up in the middle of the night. As a phone user, my bare minimum expectation is that this power will be respected. And yet Google has chosen to use this focus-pulling notification mechanism to serve me ads.
Google does not respect even their paying users. It feels like somewhere deep in their corporate culture, their users barely even exist to them. I'm just a sub-pixel blip on a request rate dashboard, and if they can temporarily increase my "engagement" by slapping me in the face, then a slap in the face it is.
Unfortunately it seems paying a premium isn't enough to get any respect from manufacturers these days. Just look at Samsung and LG TVs, you can pay thousands for a high-end model and still have to set up PiHole to avoid being shown ads in the menus.
Fuck everything about this.
I do have a little in-app banner at the top of the logbook screen for messaging like prompting to create an account, or upselling premium, or other things. It has grey background, but its buttons are blue and it has a red dot on it so it doesn't look to clone the appearance of a system notification perfectly or anything (it isn't even pinned to the top of the screen or anything, where notifications come from). Maybe you thought it was a notification? But it can only occur in-app, on one screen, and is in no way a violation of Apple's ToS.
Edit: Screenshot of the in-app banner to aid discussion: https://www.dropbox.com/s/i3ib5pbfg5eid51/Screen%20Shot%2020...
Edit 2: The banner used to be all blue, which looked even less like a system notification, but I was worried it was too distracting from users' content so this season I opted for a grey background to help it blend in more.
Sorry for the kerfuffle, I mean no harm to you, your reputation & your app. I wish I had screenshotted that. I remember almost reaching out to you on Twitter about it, but thought "hey it's the first one I'll let it slide". I vaguely remember it about the premium subscription, which I found odd. I was not pissed, just surprised. Was it push or local notification? I can't say if I can accurately tell them apart, in my opinion a notification is a notification. It was definitely not in-app as unfortunately I won't get to ride this season so I haven't opened the app in a year :( It was around Christmas or New Year IIRC
Also, I used Slopes as an example because it's the most recent one but frankly it's far from the egregious stuff others pull, especially Apple and the few other developers mentioned in this thread.
I don't use local push notifications for advertising, either. I use them for A) location-based recording reminders created by users and B) notifications when a recording from the Watch is synced to your phone and ready to view, since that can take a minute or so if you're off wifi.
I remember one person reaching out shortly after the iOS 13 launch that I trigged the "Slopes has been using your location in the background" notification when I wasn't recording, which was an error on my side and I fixed that right away.
I did have an email or two go out around Christmas for a giveaway, so I certainly had some email marketing in play then. Maybe Slopes appeared in a notification from your mail client? But Slopes itself did not trigger any notification, push or local, for that campaign.
- Happy iOS user and web entrepreneur.
I’m not sure if iOS does this for any other permissions, but it would be natural to allow additional prompts for access to APIs that are otherwise banned - based on if the web app is pined / “installed”.
You just need to notify Apple that a particular App in the store violates their ToS.
I've done this before, and in a matter of a few days, the App is removed from the store, and the other apps of that dev are scanned for ToS violations. Then all other apps of those devs are removed from the store, and then the dev is banned from the store. If the dev wants to regain anything back, then they will have to go through a very expensive multi-month long process to achieve that.
Apple does not mess around, so I would reach to the dev of an App you like and use personally first, because the moment you notify Apple it will rain Hellfire.
However, I would also very much like Apple to lead by example and stop spamming its paying customers (anyone that bought an iOS or Mac product) with marketing notifications...
Apps that use push for marketing deserve hellfire, even if they are little indie shops. Being indie is no excuse for abusing things like push. We have to be scrappy, but we can do so without being spammy.
Instead, the scrutiny and investigations should be public so that the developer can defend themselves.
Oh, but I’m happy they do
Also, notifications go via apple’s servers, you can’t really force them to deliver everybody’s notifications for free and without any discretion
In other words, the rule of law and a fair impartial court system.
I keep hearing that iOS should catch up with Android notifications, that Apple is so far behind but when I look at an Android phone it just feels overwhelming. I literally have better things to do than studying the information and action options in the notifications.
Notifications should be treated as an extremely premium attention grab. I like Apple's way of doing it much, much better than Android and I feel unease when I think about someone in Apple, hears the Android-like notifications and thinks it's a good idea.
I can long press on notifications and directly block it forever or finely tune the App sending it what it is allowed to send etc.
Last time I used an iPhone I still had to double swipe to even dismiss a notification, which is super annoying because most are probably spam.
If Notifications on iOS were as good as on Android I would instantly switch.
Apple improved that on iOS, see the screenshots here: https://support.apple.com/en-us/HT201925
Also, I just aggressively remove apps that try to show spam notifications.
I agree with your point that android is making management much easier though.
These notifications go straight into Notification Center, which means if you never swipe down to look at notifications, you’ll never even see them (They don’t show a banner, or even on the lock screen.) That limits their value to the marketing people looking to juice their engagement numbers with spam push notifications.
And a partial swipe brings up the three notification options, a full swipe dismisses it.
Lineage OS might be a viable alternative for people who prefer Android but disdain Google.
In the end I have very few apps that send personal data to ad companies (I've blocked as many ad and tracker networks as I could), and I've prevented most apps from showing me notifications unless I really want them.
You'd be surprised how much battery you save with all those things disabled.
Really? Which ones? I have a pixel 2 and haven't experienced this. I have the Assistant turned off - could that be why?
This is surprising to me. All the messaging from the phone companies makes it seem like they are essentially giving them away.
It got easier again with android 10 with the options available directly from the notification itself (after a swipe).
While the price you pay with Google is annoyances through ads, the price you pay for Apple (besides the hardware being 3x as expensive as comparable Android hardware) is just not being able to do things. You can't side load apps without some people with years of experience putting all of their time and energy into breaking the software!
I can't make a computer I own actually run the programs I want!
Add to that a complete lack of choice. Their hardware is admittedly quite good in many regards, but I'd like to charge using a normal connector [USB-C] since I don't want to carry another set of cables or adapters for the oh so special Apple, and retain the ability to play music through a damn cable without needing another expensive, flimsy and not-on-me-when-i-need-it adapter. Oh, they're absolutely hostile against repair.
I could probably go on, but you might get the point. That's peak disrespect to me, so I'll despise them for that and not buy an Apple device in the foreseeable future, even though I like many aspects about them. Oh, the ecosystem lock-in and the absolute unfair promotion of their own, inferior services. Anyway.
I started using Android from the G1, and was a massive fun of customising my phone with custom ROMS, etc. I eventually switched to iPhone and whilst I have jailbroken my phone before, I reverted it when I realised I didn't have much reason to need a jailbreak on my phone. I would still love the ability to sideload, but if that's my tradeoff for not using Google I'll take it.
Carrying a cable has never personally been a problem for me but again, it depends on a few factors (most of my company uses Macs, with cables required for the keyboard and mouse so there's always one laying around).
I personally use an iPod Video for music, as I prefer to either download my music from Bandcamp or buy and rip CDs. I find it a much nicer experience. I do carry the dongle around in my backpack on the rare occasion I need it, but my headphones are bluetooth (although I really only use the 35mm jack).
Repairability is not an issue at all, as far as I'm concerned. I've replaced personally the screen, charging port and battery and it probably took all of an hour to do. Buying the parts was easy and quite cheap, and fitting was a breeze thanks for iFixit.
Also, you're only locked in if you choose to me. The only things I have synced to iCloud are my contacts (also backed up via CalDav to my email provider) and Photos (backed up on my home network). Admittedly I'd have to buy apps again if I moved to a new platform, but that's the case with Android too.
I also have photo syncing turned on for OneDrive and Google Photos.
The app has really positive reviews...
To be honest with an iPhone there's not much reason to want to sideload anything. Sideloading on Android is dodgy enough with dodgy APKs. Who knows what they're doing in the background? At least with the App Store (and Play Store for that matter) being a walled garden, for both it's positives and negatives, you know an app has been vetted and is safe from malware.
Of all the people in the local LGBT center, zero had a lightning cable available, one had a microUSB cable (with USB-C adapter), and everyone else (> 2 dozen) only had USB-C cables, when a person with iPhone asked if anyone had a charging cable.
So maybe in the US, where due to higher wages (even if the percentage of income that's disposable is the same) people have higher disposable income, people buy iPhones. But from what I've seen in Germany, almost everyone has Android.
Sideloading is what allows to use third party app stores like F-Droid and to run apps Google banned like Blokada (system-wide ad-blocker).
What happens now? Do our anecdata cancel each other out, or?
But in 2 years at most will be the other way round (especially outside the US)
I live in the SFBA, hang out with people at all income levels, and I'd say over 70% use Android. Among richer people it's more 50-50.
It's pretty easy to get USB-C chargers among my friends.
If having an iPhone is a symbol of “affluence”, half of the US is affluent.
Your anecdotal evidence doesn’t jibe with broader statistics.
Edit: For complete transparency, I am seeing ranges from 42% - 50% market share in the US depending on the site.
The problem, now, is rolling it out due to fragmentation.
But the change in iOS13 is the regularly occurring pop up alert to prompt users to pick a lower permission for apps they don’t use often that are also tracking location.
As others have mentioned, iOS has had the fine grain permission for a while. What’s new is the regular prompt.
Some apps do use coarse permission (which maps roughly to wifi/cell tower location).
Early adapters, who are more likely to engage with the bigger questions raised by tech, are likely to use new devices with the latest revision of what Google thinks you should share with the advertising world - lately, this has been giving users slightly more control. Meanwhile, older and cheaper devices (a much larger segment) mostly run older OSes that more more data-sponge-friendly.
So the picky and wealthier customers have reason to tell others "Google is getting better" while everyone else keeps feeding the beast.
The inference you haven't made yet is what the proportions of the users in the "early adopter" and "general user" categories are in countries that are NOT the United States or Europe.
Hint: most of Google's Android users aren't in the US or Europe at all. Instead they're in countries where there are much more pressing social, political, or economic issues for governments to address that easily sideline privacy concerns with minimal lobbying funds.
On the flip side of this, Apple can focus on privacy and security as a brand largely because their customer base consists almost entirely of the affluent and business class of society worldwide. Everyone who would otherwise be exploitable is priced out.
Take the end to end encryption in iMessage. It doesn't mean anything: like all such schemes Apple can push a new key to your friends phones, or a software update that selectively disables it, at any time they want. There may already be back doors there nobody knows about. The user could never detect this nor do anything about it even if they did. But Apple use it to claim they care about privacy.
On advertising, Apple only decided advertising was bad and privacy invasive after their own iAd initiative flopped completely. When Jobs thought Apple could compete directly with Google on advertising he was all about how beautiful and usable Apple ads would be.
Apple's all about privacy except they want you to upload everything to their cloud. They're all about privacy except they have root on all your devices. Note: this is unlike Android, where the root keys for the devices are owned by OEMs who sandbox and review/audit Google's software, and the OEMs in turn don't have access to the Google cloud data. Some Android devices don't even use Google services at all.
For Apple privacy is a marketing angle. It can be seen in the way the latest iOS/Android versions don't differ from each other in any significant respects.
Google would need to make it a requirement for bundling their services. Since the major distributers are utterly dependent on Google/Android, they'd do it.
Making it a legal requirement would be challenging, but making it a de facto requirement for all major phone vendors is easy.
Even when going with official Google phones: my Nexus 5 is way out of date OS-wise.
Is it? Slower than on more recent ones I agree. But processors architecture and components has not changed a lot.
If Microsoft manages 10 years on wildly more diverse hardware with their OS, I don't see why it is not possible on official Google phones.
An added benefit of that is a removal of the manufacturer's bloat ware and the ability to compile things yourself, allowing you to modify everything.
If there's no good unofficial/open source software for the device, don't buy it or you're going to be miserable in 0-2 years.
That might actually be the majority of active Android devices if you look at the marketshare statistics.
I think it's actually somewhat embarrassing that the tech industry hasn't been able to provide a low cost, reasonably secure smartphone platform that can be used for more than a year or two. The only people who can remain secure are the ones who can afford either new Android phones or slightly less new iPhones.
Security is like a luxury item, and the worst part is that most people don't even realize it.
Android: not fixing fragmentation after all this time. Essentially, people with less money get less security.
Apple: not making true budget phones with the same lengthy support windows, though this might change as they emphasize services.
Microsoft: leaving the smartphone market entirely. I used to use Windows Phone and it was clearly better than Android. Android was slow and getting updates was a pipe dream. Windows Phone was like a less locked-down iPhone, and around Windows Phone 8.1 the app marketplace wasn’t half bad.
Had Microsoft put out quality flagship phones consistently on a yearly basis on all four major US carriers, they’d still be making smartphones. But people who wanted windows phones were stuck waiting for Microsoft to reorganize Nokia while they mostly crapped out budget phones and had one or two outdated flagship exclusive to a particular carrier.
Windows Phone 10 arrived too late, it wasn’t as good of an update as 8.1, and it arrived after a long drought of phones.
The "flaw" is that apps you explicitly gave permission to use the camera, can use it! All they've done in P is notice that they can tighten the permission even further so the app has to be in the foreground to use that permission.
The lack of this wasn't a vulnerability though. Mobile operating systems have been implementing finer grained permissions and security through their entire lifespans. For sure that trend will continue. If we spin every improvement to privacy controls as "fixing a vulnerability" it's just a form of crying wolf that will lead people to ignore security updates even more than they already do.
- Apple still makes money off of ads, creating a conflict of interest. By default, users have a unique tracking/advertising ID attached to their phone.
- iOS is extremely restrictive, making certain privacy adjustments impossible.
Google has the same thing, and with apple if you care you can opt out.
"When Limit Ad Tracking is enabled on iOS 10 or later, the Advertising Identifier is replaced with a non-unique value of all zeros to prevent the serving of targeted ads. It is automatically reset to a new random identifier if you disable Limit Ad Tracking."
So this is a positive in apple's case over google privacy wise, not a negative against google.
"- iOS is extremely restrictive, making certain privacy adjustments impossible."
Generally you can't get unremovable malaware installed on an iphone you buy from apple. If this type of privacy restriction makes you choose android privacy invading phones - go for android. Many people like the locked down Apple setup.
Apple uses FUD to justify restricting users from doing what they want with their phone.
> If this type of privacy restriction makes you choose android privacy invading phones - go for android.
This is not what I’m talking about. I want to be able to use tools such as NetGuard to enhance privacy, which iOS doesn’t allow.
This is simply not true. iOS also allows "supervisor" apps (see MDM) that are extremely difficult to remove later, perhaps even more difficult than android.
I know because I used to work at company that did a kids protection app.
I'm not on Android any more, but (afair) you could reset the advertising ID, which in practice is not that different from only being able to disable it temporarily.
The UX makes a huge difference here, a feature is available in theory, but realistically speaking, inaccessible and annoying to the point of uselessness.
You are being tracked in multiple places, at the ISP level, at the geo level, cookie and account level, and I don't know where else.
Being able to reset your phone ID is insufficient given all the other ways you can be tracked.
With Apple, maybe they're the lesser of two evils, but there is still a lot of room they could improve if they really wanted.
The aforementioned iOS restrictions block you from being able to implement all the available privacy tools.
Being able to implement all those privacy controls is a double edged sword. There's a certain amount of security you get from not ever having root access. It depends on your threat model.
This is one of the paradoxes that exist with certain tracking protections that exist today. Eg. Enabling Do Not Track or fingerprint blocking could make you easier to track. Though these are becoming more ubiquitous, and therefore harder to use to track you, as browsers make them the default settings.
My understanding is that this tracking ID was a replacement for apps being able to obtain the devices serial number. The tracking ID is unique per developer (edit: not true, it is unique per device, so multiple devs can build a profile on you) and can be reset by the user at any time.
I use analytics in my company’s app and I get my team to send me their IDFA by downloading a free app from the App Store. The IDFA in my analytics is the same IDFA in the 3rd party app.
The IDFV is unique per developer; the IDFA is unique per device.
The device user can reset their IDFA at any time, and if the user disables ad tracking then the device returns 00000000-0000-0000-0000-000000000000.
Settings -> Privacy -> Advertising -> Reset Advertising Identifier...
Of course you never mentioned Android in your post, but I just want to point out that Android in no way is more hacker-friendly. As soon as you obtain root access half of apps will stop to be feature-complete because Google have SafetyNet and there is no way at all to make your own legit "hacker" apps trusted to use elevated privileges. How is your phone is useful if part of games wont work, streaming wont work, banking apps dont work, etc.
Of course they sell it under sauce of anti-malware and "security", but it's Android have anti-consumer DRM system that make your compromise between useful apps and whatever hacks you wish to apply. So not that much more useful compared to jailbroken iOS.
Of course there is. To circumvent this closed apple-esque bullshit you can just install magisk.
Magisk is never ending cat and mouse game and at any moment Google can just add some hardware-backed privileged rootkit that not going to be easy to bypass. So it's not always usable for every app out there.
The only potential harm to Google is that if advertisers go back to choosing publishers based on reputation alone, the need for Google as a middleman to lots of third parties is reduced so they will only earn the big bucks from their own properties.
This was the reason I was an android guy until my wife told me to just get a phone that works.
And you know what? Not letting you side load is a feature. When you see it like that, you care a lot less about your phone, and just appreciate that it works and that you can trust it as your more intimate possessions .
I see a phone as a tool to do what the user needs. Not the user doing what the phone will allow.
There's a bunch of apps that let you load pretty much arbitrary code onto the platform - Pythonista and Scriptable are two of the top ones (Python and JS interpreters respectively), and with those you can do quite a lot.
It's not the same experience - that I'll grant you - but if you're moderately a power user iOS gives you enough to work with.
I'm a heavy YouTube user and would be happy to pay for it. Yet, I can't do so without agreeing to their insane "privacy" policy and providing personal details to a company that has proven its bad faith countless times with all the dark patterns & invasive tracking.
This also allows you to subscribe to channels without having a Google account and agreeing to their "privacy" policy.
It's called YouTube Premium. It's funny how we Hacker News users complain about services like YouTube and say we'd pay, but very few do.
Potentially more on topic though, Apple gives significantly more functionality to the Apple Watch that third-party devices will simply never have access to. That’s the kind of lock-in I am annoyed about when it comes to iOS. Google play music will always be a second-class citizen compared to Apple Music, as is Google maps compared to Apple Maps. OneDrive and Fropbox will never be allowed to match the built-in functionality of iTunes back up. Flux can’t work on iOS, you’re stuck with the built-in Night Shift. Third-party keyboards are finally allowed, but they’re definitely second-class citizens and tend to not work very well due to operating system limitations.
What now? Safari + an ad blocker work just fine.
Explain to me why the use case of using youtube without adverts or connecting my phone to my smartwartch is invalid.
I've chosen not to "see" my phone as a computer, you as well. I treat mine as an appliance - not even as a phone really, it's significantly more a Messenger (Signal mostly), a music player, a web browser, and RSS reader, a camera, and a book. I hardly ever make/receive calls on mine.
But you can't argue that his choice isn't valid for him.
If I spend more than 20 mins a month "managing" my phone, I'm irritated.
There was a time when I actively enjoyed sysadminning and updating and securing all my personal computers. But many of "computers" are now closer to "appliances" and the last thing I want to spend time on weekends/evening these days is poking at the OS on my phone (or my book or my coffee machine or or or)
I'm happy to have "let go" and chosen "I'll do things with my phone Steve's way, or I won't do them. I'm happy to 'hold it right', and not be able to install aircrack-ng or crypto miners or whatever, so long as Apple keep it updated and secure and private to an acceptable level."
When I want to geek out, I have a drawer full of Raspberry Pis, various linux and bsd boxes, and an AWS account. (I do also have a Apple Dev account, so I can "side load" weird shit if I choose. I have not done that on my everyday iPhone since about my 4GS...)
I need my phone to work properly at 7:30am Monday morning... It's an appliance to me, not a general purpose computing device.
If I can fuck with it easily, sooner or later I'll get tempted into doing so.
I appreciate having a choice that lets me force myself to say "Nope, not on the iPhone. If I want to try out $shinyThing I can do it on the older Android device, or on a spare RaspberryPi or any of the spare laptop/pcs in the workshop."
There's nothing from Apple that forces you to buy an iPhone, you're allowed to buy an Android if you choose.
Interestingly, it's _much_ harder to customise a Tesla than, say, a Mustang. I wonder which side of the "but you're taking away my rights!" argument most of the people disagreeing here fall on whether to buy a Tesla or not? (For the record, I'd like to own a Tesla and I'd happily enough "use it Elon's way", but I also like owning ~20 year old motorcycles that I can tinker with to my heart's content...)
I have not heard anything that suggests Android phones work less than iPhones. That's certainly not been my experience, anyway. I've been using Android phones for 10 years now and they've always worked just fine. And I can sideload things, which I still do, and wouldn't want to give up.
> Not letting you side load is a feature.
I absolutely do not see it that way.
> > Not letting you side load is a feature.
> I absolutely do not see it that way.
This is the key. Not having this option frees me from having to worry about the whole issue which is liberating. Either it's in the AppStore or it's not and I move on. With Android I spent days/weeks following whispers/rumors of such an app and trying different alternatives, rooting, etc.
It depends on how much patience and control you want. I had time for that years ago, but not now. iPhone gives you a lot less customization and control, but I spend a lot less time managing the phone and one-off issues, weird needs-fixing cases, phone-vendor specific things.
Not trying to sell you on iPhone, just saying I thought the same as you, but understand both sides of it now.
Obviously I'm being facetious, but only to illustrate that there of course is a balance between features and mind liberating. There's nothing inherent to the device, or removing functionality that liberates you. You can do that regardless of device.
they banned all vaping-related software, but this also included apps to control folks' medical dosages of cannabis. while it was (kinda) laudible they didn't want to expose kids to smoking propaganda, I would have about 500 bucks in near-bricked devices just for switching to iOS.
Its also really bad for small business when they are forced to depend on apple for profits and literally get destroyed when apple decides their app is no longer suitable.
I don't go sideloading every random app I dig up from freeappzlol.ru or whatever, but I also don't need to be restricted to a single software repo when I want something like systemwide ad blocking or a youtube app that plays with the screen off (two things Google would prefer to restrict).
And when the device gets old and slow and stops getting official support, I can flash a slimmed down ROM that allows me to use it as a basic streaming source or fancy remote control or whatever because it's possible to install another OS or build on deprecated hardware much as I would on an old laptop or desktop that gets turned into a Linux box for web browsing or network storage.
I only speak for myself and definitely see your angle, but to me, taking away options doesn't really lead to increased peace of mind. Having the ability to do something doesn't equal having to do something...but in the event that I want to do something, I like knowing I'm able.
No. It's not. Stop, seriously.
"Not letting you vote is a feature."
"Not letting you complain is a feature."
"Not letting you speak is a feature."
"Not letting you have free will is a feature."
"Not letting you use your body as you wish is a feature."
This is how we lose our digital rights. Stop buying into this utter horse shit.
We have the right to repair our devices, run whatever code we want on them, the right to sell them, and not be spied upon by them.
But being absolutist about it is just foolish.
It doesn't surprise me that a significant portion of HN readers want to use their pocket computer as a general purpose computer, capable of having anything the user chooses installed on it. I'm one of the HN readers who prefers _not_ to have that temptation (although I do have an Android phone for "playing with" and an Apple dev account and my previous few iPhones which I can run whatever code I choose).
On the other hand, my mom's "right to repair her device, run whatever code she wants on it" is a _way way_ lower priority for her than "Is reasonably safe downloading anything from the AppStore and running it, and has (arguably) industry best security and privacy while doing so".
(And comparing that iOS/Android choice to "Not letting you vote" is unhelpful hyperbole. You are likely to get taken way less seriously than you intend if you're using reality-defying comparisons like that...)
Android already provides plenty of warnings and confirmations before allowing you to sideload. But in the end if you go through all of that you agree to take up the responsibility.
Apps released under the GPL are banned from the App Store.
VLC for iOS is bi-licensed under MPLv2 and GPL .
I fail to see it as a feature.
This is definitely the major pain point. For device owner controlled root software cert (and independently device owner controlled hardware cert too) I'd certainly like it to be an option of some kind, because there are real tradeoffs between security and configurability here. It could for example be restricted to an order-time config, or maybe a one-time significant charge. I could even accept certain kinds of measures by Apple to combat piracy and cheating, with owner signed apps segregated somewhat say or some low level signing merely to indicate that it wasn't a restricted device. But it's definitely objectively proved to cause real problems to have Apple be the sole legitimate gatekeeper. A single central point can be an advantage in resisting certain kinds of attacks, but simultaneously a disadvantage in being subject to other kinds of social and economic pressure. Jailbreaking has also demonstrated lots of extremely useful functionality and apps that aren't allowed vanilla.
Unfortunately I doubt it gets resolved without legislation mandating that hardware owners should have the option to load root level signing certs, which leaves everyone forced to make some hard tradeoffs. Hopefully society eventually catches up with that, but in the mean time one ameliorating factor is its becoming ever more feasible to just own a couple of devices for specific purposes thanks to the improvement curve flattening out. Particularly with Apple, they've got long enough support cycles now that getting a 2-3 year old phone still leaves at least a few years of support but the discount vs new hardware is high too.
The downside is that self-signed certificates only last seven days unless you have a paid developer account, but if you're comfortable with jailbreaking (which is even easier than sideloading since you can do it just by tapping a link in Safari on iOS) then you can install Reprovision which automatically renews certificates for you every few days.
> which is even easier than sideloading since you can do it just by tapping a link in Safari on iOS
Jailbreaking is not "easy" (a number of devices today have no public jailbreaks) and web-based jailbreaks are quite rare.
Google Maps also has ads. I'd pay for either ad-free Google Maps, or Apple Maps on Android.
So that's the issue, more than ads being directly embedded in the apps of the phone.
I've started getting these notifications on my Android device.
Each app that makes a location request in the background causes a notification that allows me to take away location access from the app, only allow location access when the app is in the foreground, or always allow location access.
You get a notification when the application accesses your location from the background.
You're not using the app at the time it makes the request, and you get a system notification telling you about the location access.
I haven't seen a map on Android though. I like that.
All while Apple actively disarming tracking and Googles's revenue.
You greatly overestimate people's will to pay extra. I know my own experiences are also biased, but nobody I know would pay for iPhone themselves. Either they use company iPhone, or buy themselves an Android phone.
Apple has completely outpriced themselves from the majority of the market. Doesn't matter if it's $500 or $1000, I'd say the usual cap is somewhere around $300 in Europe and much less elsewhere.
According to the article, that really works.
The entire reason Google's products are as big/ successful as they are is because they are free. If they started charging for Gmail, the rush to the exits would be instant. If Google started charging for Android OEMs would switch to AOSP, China, Amazon, and Microsoft would ensure a supply of free Android versions.
Apple is able to charge people for their services more-or-less up-front. Google has to wrangle fickle OEMs.
Convenient is the more apropos word.
I’m a Google One customer... I came for the drive, but I’m stuck because of the nearly 15 years of GMail and the pain it would take to clean up!
I can't see how charging for search would work, charging for Android, they already charge for handsets but it's easier for Apple because of a closed ecosystem, I doubt they could charge for Chrome, so I'm a bit confused.
Ads are an incredible cash cow and an amazing business, but there are all sorts of other ways to monetize that business.
If people cared about privacy, the majority of them wouldn’t be on Facebook. They know that FB tracks them and advertises based on the data they collect.
You can also get an iPhone 8 on ebay for $200. So you can get the best of both worlds of price & UI.
But on the flip side Apple is addicted to building their ecosystem. They will happily cripple the functionality of their devices to force you to buy their MacBook, AirPods, HomePod, Apple Watch, Apple TV, etc.
I personally prefer companies who sell solid hardware and focus on their niche.
Which, on the flip side, is fantastic if you buy into their ecosystem.
If Google went nuclear as an answer to losing 99% of their revenue from iPhones/iPads/macbooks and blocked their users completely, I would personally switch to Android right away. Google's search results and maps are much more important to me than a polished UI and a high-end screen.
You already are if you buy Apple products :)
For a closer analogy, look at how fit bit numbers dropped when google announced they were buying Fitbit. (https://www.cnbc.com/2019/11/17/people-getting-rid-of-fitbit...)
If Apple does struggle to grow profitability through services, or can't find it's next "iPhone", I would expect to see profits grow from some potentially unsavory options. They wouldn't be Apple's first option, for sure, but in a world where Apple's business plateaus, privacy is on the chopping block.
Not everyone has the money to do that, and privacy should not become another privilege that is solely meant for people of means.
I cannot select the middle of a word.
The audio jack is held in by friction.
Facts: 87% Android and 13% iOS
firefox mobile + ublock origin is the only way I find the mobile web tolerable.
So it's always been both possible and trivial.
Not as good as UBlock Origin, but pretty good.
Frankly, what a load of horse shit.
The reason for the drop in spend isn't the lack of targeting potential. Ad companies talk about this, because it sounds less creepy than what's really going on. What marketing departments in companies want from location data, is the ability to attribute sales to campaigns. They carpet bomb everyone they can with ads, and then if someone coincidentally even brushes past a store on their commute, they claim that the customer visited a store.
It's absolute arcane crap. They have no incentive to make targeting better if tracking is pervasive, because they can wildly gesticulate at one datapoint that slimily suggests the customer was effected by the ad. Losing location tracking data reduces the effectiveness of attribution, for huge enterprises, who target everyone.
ed: I wrote a little blog about this in June - https://lockwood.dev/advertising/2019/06/07/adtech-sucks.htm...
I have noticed that after I buy something I start seeing ads for the exact item, which I have never seen before. These aren’t things you buy more than once.
I always thought it was pretty dumb if you are serving ads for something someone just bought... but maybe they do it because some small % of people will click on it and they can claim the ad was associated with the sale in some hand-wavy way. Or maybe people are just more likely to click on these post-sale ads, and that’s all that matters.
This is a function of Marketing departments wanting to create large audiences. Large audiences mean more chance to attribute a sale, and also more impressive sounding campaigns.
The technical and time cost of implementing something that removes people who have made purchases from the audience (probably 0.001% of an audience) is much higher than simply adding someone who visited your website (lets say 5% of the audience) to the audience. If your product is reasonably ok, your largest group of customers is often your previous customers, so attributing the ads those previous customers see to their next purchase is logical for marketers.
PS I hope you’ve found or are finding a new and rewarding area to work in.
I shifted my career into web dev, and got a bit more picky with the companies I applied to work for. I feel much better about my work now. You'll find something!!!
If ad tech company X is more effective than Y at generating sales, eventually the money will shift away from Y.
Yeah, I have a number of apps I installed for one-time operations (a number of obscure dev apps come to mind), and I find out that they are still hanging around, like my drunken Uncle Bob, hovering around the keg.
I regularly go through and turn off location tracking on almost all of my apps (or at least turn them to 'while using'). But sometimes I'll have to turn them back to permanent for a specific reason (e.g. sharing my location with someone while I'm coordinating with them). This feature reminds me to turn it back off.
But I also potentially see the need for a feature which allows always-on access for a limited period of time.
It's a new feature due to the more fine-grained permissions that are allowed now on iOS. It prevents apps that you may have previously allowed location access to (when it was just binary) from adding all these new "features" to use your location in ways that weren't disclosed that way initially.
I have some apps, i.e. Unifi Protect, that requires access to background location to send activity alerts when nobody is home, and i frequently get alerts that this app has used my location in the background, and despite selecting "allow always" it will pop up again in a couple of weeks.
To further add insult to injury, i appear to have "trained" my wife so well that she defaults to selecting "deny" for apps she doesn't use, and "only when in use" to everything else, which then results in a flurry of motion alerts :)
This might hurt for example Tile. I think their “network effect” is somewhat depending on this kind of background location tracking.
As for the advertisers, boo-hoo. You raised a finger (or two, depending on locale) to “do not track”, you think there wasn’t a hammer that was going to fall after you were asked politely?
People don't just write apps anymore. They write CocoaPods frameworks.
I was just looking at something that someone wrote that does basically the same thing as one of my open-source utilities.
The one I wrote is a 300-line file. It's so small that it isn't even worth writing a pod for it.
The more popular one has over a dozen source files, and also brings in two dependencies.
One of the reasons, I'm sure, is that they are an "all things to all men" approach. They do a lot.
Welcome to the Roaring Twenties...
I'm told that Bluetooth is used for location tracking. I suspect that advertisers also like to use it.
I write Bluetooth software. You need to jump through a couple of hoops to make it work. Not a big deal.
I wish it was that easy, but the current changes will generate a push towards non-deterministic, data driven ways of targeting, i.e. replacing the "precise" inputs such as GPS, trackingID, etc... with a set of more fuzzy parameters: geo IP, UA, fingerprinting.
Some good things are happening, but there's so much more to do. I like the WebKit approach the most:
we don't care how you target users cross-site, what tech is involved, if you track cross-site, we will treat it as exposing a security vulnerability—we'll escalate the issue and potentially include measures to prevent your domain accessing the browser.
The approach above sounds more future-proof, imo
I wouldn't put it below Apple to profit from advertising control if Google didn't have an iron grip on it.
This frog probably did though, saw bit on tv last week, and thanks to the old data miner (google searched it).
I prematurely agree, it's not real wings, but bumps its ass a lot less compared to other frogs.
I don’t want to give Termius my location. I don’t want them tracking me everywhere I go. But apparently that’s the only way they can keep my SSH session alive when I need to switch to Safari for a few minutes?
The correct solution here is for the app to request background processing and to schedule a local notification in 9 minutes saying that the app is about to run out of background time and pause (and then clean up the notification if the user returns to the app before it fires). This means you're not abusing anything, and it lets the user return before the connection is killed in order to keep it alive.
This also means if the user never returns, the app will naturally shut down the connection after 10 minutes instead of keeping it open indefinitely.
iPadOS was such a major leap forward for the iPad and there's not many features left I need to use it as a laptop replacement... but the aggressive app and tab killing ruins everything. I've never said this about iOS devices before, but it's time to start putting more RAM in these machines.
In any case, there's a property `UIApplication.backgroundTimeRemaining` that tells you how long you have, so you can use that to calculate the appropriate notification time.
And yes, the app in question of course does exactly that notification dance (I've used it since long before it got its current name).
GP is talking about a new feature to keep sessions open in bg for a loong time.
I've disabled it, not for fear of tracking but because it seems like a silly way to forget connections open and drain the battery for no reason.
App has indeed also always supported mosh... me I just attach to tmux.
But I agree with whoever wrote it's better to have such a bg hack feature than not, for those who find it useful.
Termius works perfectly on Android without requesting my location.
This is why I'm an Apple user. Hate regarding Apple's policies like "use a platform that lets the app function correctly" (ie. drain battery running in background just to do more tracking, or because every developer assumes THEIR app is so special that it must never be unloaded from memory, in order to open instantly when being swapped back to... weeks after user's last interaction). With hilarious frequency, the complaints people have about Apple are precisely the reasons I prefer their products.
This doesn't happen on Android. The reason it doesn't is that the app has to display a persistent notification if it wants to run with high priority in the background. This is why I'm an Android user. It lets the user do what they need to do and prevents apps from being abusive.
Every excuse for Apple's platforms failings that I have seen so far has a better solution on Android that the Apple apologist has not heard of.
So I deny most apps use of this, as it's clearly just a ploy to keep their app running when it shouldn't be. Something like the Termius app you cite has a legitimate reason to run in the background though and has to ask for one of those permissions.
It's a weird grey area IMO. I'm sure if you asked the Termius developers they may tell you that they don't even use the location data and that it's just a mechanism to keep the app running. However, the fact that we as users don't know this for sure is a problem that Apple could fix by adding a specific background permission alert.
Very sad, because the idea behind Mosh is great.
1. seems a egde case, never hit me while beeing a customer there. (funny way telefonica does throttling)
2. seems a edge case caused by the users vpn.
mosh solves this use-case because there is no need for the client to remain connected to persist. It's like a tmux/screen terminal running in detached mode. When the app loads back up, it picks up the mosh session again.
> Mosh maintains the terminal session (not "connection" in the TCP-sense because Mosh uses UDP) even when a user loses their Internet connection or puts their client to "sleep." In comparison, SSH can lose its connection in such cases because TCP times out.
I definitely prefer the iOS model.
99.9999% of the time the most that is necessary is an occasional scheduled task. No, your picture of cats app doesn't need to run a busy loop pinging a server. Learn how to use the core messaging infrastructure of the platforms you target.
No, Chrome doesn't need to run a perpetual service just to check for updates.
These are not controversial claims.
Android very recently -- at API level 26 -- added restrictions on background tasks for that platform (and it's much more involved than if you display a notification or not). Before that every app developer just spun up a background service for everything, and anyone who has done an iota of development on Android devices saw the tragedy of the commons that the platform became. So kudos to Google for cleaning it up a bit. Of course Samsung, Google and others just declare themselves immune from those restrictions and it's just a smaller problem, not a solved problem.
I was not aware of Mosh.
Apple is good at taking use-cases and creating cohesive stories around the right way to serve them; this one has been long-coming.
Even with opt-In messaging how many people just click “ok” thinking the app needs it.
Meanwhile Matrix gets by because they have a company with actual money subsidising the client app (Riot) and providing notifications for every user, no matter which homeserver they happen to be using. Without that benevolence provided for iOS, Matrix could well be another non-starter outside FOSS circles.
So, I'm reading this that regardless of using a separate 'homeserver', Matrix receives all traffic/notifications?
I loved Termius but didnt realize that keys were uploaded to their servers until I opened it on my laptop and saw it download all my keys.
Spent the day rotating all my keys.
I just hope the app review team doesn't throw us out again.
Apple needs to fix this.
On one hand I agree with you, that's crazy that your SSH program put that limit on there for clearly tracking purposes. But I guess I sort of disagree this is Apple's problem to solve. It's yours.
Apple made the changes to inform and educate you the customer that an app that is abusing your trust.
The solution is not to force Apple to police developers but for you to stop using Terminus. Call it a free market solution if you like.
The difference with real and ideal is that Terminus could absolutely find a "legitimate" use for location and it would scoot right by Apple review anyhow. So let them be upfront they're bad people being bad.
(Before it comes... I KNOW... Apple walled garden and how they do this a lot anyhow! But, as someone who has walled garden issues with Apple, we should encourage information and education over big brother protecting us. It might not be consistent for them, but I think it's the right move here)
If Apple is playing hands on, they deserve just as much blame.
So, report to Apple, file a review, stop using it.
If Apple comes to the rescue and characteristically fixes it, great, if they don't - they've already made great steps in allowing you to make informed decisions.
And I think the app is covered since it's saying "enabling location data means you can plot on a map where you've connected to a host" or something like that in settings - good enough a bs feature for Apple to let it slide, evidently.
Because they have clearly demonstrated they do not deserve your trust or support.
The actual scalable solution is for Congress or states to pass GDPR-style privacy legislation (or CCPA if your politicians are captured by tech industry interests).
It's always laws.
It's like OS doesn't want to accept there are apps you want always on location tracking on and for it to stop annoying you about it.
Unlike Windows 10 updates not giving people a choice in the matter, this only helps you, so I really don't see the problem here.
This can be a big deal if your city has a large altitude range, such that going a few miles east means the difference between clouds vs. fog, or rain vs. snow; or if your city is coastal, such that going a few miles inland can mean rain vs. sun, and can make a dozen degrees' difference in temperature. (And, in some cities, you have both problems. Yay Vancouver!)
In the case where you do go places, the difference is that you get a weather report for where you are, rather than where you live. When I'm at my girlfriend's house, and I check the weather report, I want to know what the weather's going to be like tomorrow at my girlfriend's house, not at my house. And when I'm at the office and considering where to go for lunch, I want to know whether it's going to be raining at noon in the area of town around my office.
Are a weather app’s ads more valuable now because it gets more users to track location
It's started to frustrate me when I've just unlocked my phone to call or reply to someone and I get hit with a forced notification I must respond to about location tracking for an application that I absolutely do want location tracking set for.
Even if you don't plan on using it, make yourself aware of the sheer number of requests being sent _constantly_ from not only your applications, but by Android system services themselves.
I'm not saying these requests are always related to ad tracking, but you can't argue there's a lot of information constantly being sent back an forth.
Pro-tip: Your battery life will possibly double running a software firewall on Android...
Not sure this moves the needle with consumers but it does for me.
None of my Android phones, going back a great many years, had Facebook. So sure, I couldn't delete it - because it wasn't there.
Actually the expansive ones like Samsung are the really bloated ones.
It really shouldn't. Plenty of Apple engineers leave the company to work on shady things.
Any app can easily circumvent this "firewall" by simply falling back to hard coded public ips of their servers if the domain lookup doesn't work.
I'm not saying it's a bad app, but it's misleading to call their app a "firewall".
What this is doing is redirecting known domain names to a sink hole. Much like Pihole does.
“ Everything Lockdown Firewall does stays on your phone, so no data is transmitted to any of our servers. This can be confirmed by checking the source code, which is 100% open and public for anyone to examine. Lockdown Firewall doesn't use any type of third party analytics, trackers, or APIs, so there's no risk of your data leaking to third parties. This means there's no Google Analytics, no Facebook Pixel, no Mixpanel, Fabric, Mailchimp, etc — nada.
Information We Collect
Lockdown Firewall collects nothing. It all stays on your device.”
Using the web control panel, pick from high level categories to block, or drill down and select from among the most common of dozens and dozens of block lists. Make one or more configs, so different family members or devices can be blocked differently.
With Lightweight apps for Android, iOS, Windows, macOS and Chrome OS offering privacy and security benefits of DNS-over-HTTPS. Always-on on all networks automatically to automatically bypass network filtering and government censorship.
Their DNS hosts leverage latency-based routing to automatically use the DNS server with the lowest latency, or use a subset outside "Five eyes" locations.
> VPN with an in-app purchase
Lets pay for a product, and they have the ability to sell that data.
I get, acting like a pi-hole and what-not but, a VPN for that task seems overkill.
This does not mean that your data goes through a VPN server.
If you can figure out another way to pull it off, I’d wager you could make a fair bit of cash. Or at least get a job offer at a lot of places you might like to work.
Disclaimer: never used lockdown, not endorsing the product.
I think that’s the only way to perform certain tasks on iOS.
They should have said, "to pinpoint users against their will". If the user wanted to be pinpointed, they would allow location tracking in that app.
By the time we actually have privacy again, there will be enough information out there to mine about how people reacted five, ten years ago for the old data to continue to retain value. It'll just be repackaged and re-interpreted over and over again.
The coffee shop may no longer know that you also like kayaks, or bulldogs, but they might not need information like that to peg your preferences based on what stereotypes you fit with the information they do have.
The Wireguard iOS app allows you to automatically connect to your configured interfaces based on whether you're using cellular data, connected to specific SSIDs, or disconnected from specific SSIDs.
The only downside I have found to this approach so far is that it can break captive portals on public WiFi networks, which I will just disconnect from if I have a reasonable 4G signal.
What's great it shows list of apps that use location in background so that you can disable all permissions in go.
The likes of Google have rough waters ahead. Advertising on the internet is obviously here to say but the future of targeted ads based on all this tracking data is clearly looking very shaky.
Google and other companies have likely not done enough to diversify their business models to weather the coming storm without a lot of hurt.
- 80% of iOS 13 users disabled background location tracking
- vendors still report having collected more location-based data than a year before, but
- the quality of data has decreased (vendors are ofsetting GPS data with geo ip lookups)
I didn't find the UX and the initial permission/notification spam that annoying, as I've learned more about what's happening on my phone. Wondering if this is a shared sentiment or just my bias.
Not a problem at all.
> Despite the reduced amount of cocain available, the amount that is still available to use is more valuable, while the market for cocain continues to thrive.
I mean it’s disturbing.
> Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of cocaine, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.
Good god. This is immeasurably disturbing. Forsooth, we must ban the freedom of speech!
I was simply trying to convey how addicted they are to that data.
The number of gullible people aka Apple fanboys is staggering here who actually think Apple is trying to _save_ their privacy from advertisers after reading this highly biased article. Hah.
The Atlantic article seems to say that Apple can do more, because: Safari defaults to Google (Tim Cook claims because it's the best search engine), plus they allow Google and Facebook apps, especially Google Maps. You'd rather they didn't?
The second article, from Krebs on Security, says that the location is collected by Apple for "a new short-range technology that lets iPhone 11 users share files locally with other nearby phones that support this feature, and that a future version of its mobile operating system will allow users to disable it".
I think it's far more nuanced than you state. However, I do agree with you that Safari should not default to Google.
Hell, one can disable most of google stuff and install f-droid, or even go lineageOS route. that's much, much more private than buying an overpriced, locked-in phone.
If Google is evil because it tracks some (easily hide-able) data that only few zealots care, then apple is much more evil, because they patent trivial things (such as optional chaining in swift, or rounded corners of phones) and do misleading marketing.
Google uses your location information to track your locations in order to provide better (more relevant) advertisements through their own ad platform.
Apple does exactly the same but because it doesn't have it's own ad platform this gets sent to their "Approved Partners" who do it on their behalf.
Stopping 3rd parties from being able to use this data simply tightens the circle, the data is anonymous (for the most part) and while there are companies that exist out there to tie this data to an actual person most companies like ours have no need to do so.
Likewise what you will start seeing off the back of this is a decrease in advert quality.
Like anyone - I despise adverts, but if I HAVE to see them I at least want them to be relevant products that I am interested in. Soon the only people who will be able to provide those insights will be Apple Partners or Google.
Apple sends my location information to third parties? Citation needed.
To provide location-based services on Apple products, Apple and our partners and licensees, such as maps data providers, may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. Where available, location-based services may use GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, and other technologies to determine your devices’ approximate location. Unless you provide consent, this location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, your device may share its geographic location with application providers when you opt in to their location services.
Some location-based services offered by Apple, such as the “Find My” feature, require your personal information for the feature to work.
 is basically discussing how Apple and its partners (advertising partners, business alignment partners etc) and importantly licensees (e.g. people they licence this data to for things like advertising) can use your data
 Collect, Use and Share - basically carte blanche
 Location based products and services - advertising is included in this - again via licensees!
See "Location-Based Services" near the bottom.
I don't think it's fair to say all people despise ads. I've seen oddballs in the industry critique ads in the same way an arts major might critique contemporary art.
If you despise ads in general what motivates you to work in the industry?