top | item 43816886

(no title)

e28eta | 10 months ago

I’m fascinated that they aren’t requiring an entitlement for all usage of setting & posting notifications through this API. A way to share 64 bits of information (at a time) to any process on the device? That is right in the wheelhouse of tracking a user across apps.

I don’t specifically know the types of things that you’d want to share across apps, but there’s a long history of cross process information channels being removed or restricted.

If the system is storing values for you, and isn’t keeping track of which app they came from, now you’ve got persistent storage across app deletion & re-install, as long as there isn’t a reboot in between.

I think you could easily use it to work around IDFA or IDFV resets, as a simple example.

discuss

tgv|10 months ago

> That is right in the wheelhouse of tracking a user across apps.

The design is old. It probably predates facebook, so it's not been intentional, as your comment might be interpreted. But it certainly seems ripe for abuse. I'm curious if it would actually be used for that, because any app that can access internet already has a better way to share information.

LunaSea|10 months ago

Facebook predates iPhones by 3 years.

agos|10 months ago

this is exactly where my mind went immediately - 64 bits is more than enough for easy (1 line!) unenforced cross-app tracking of a user for advertising purposes, basically a super cookie for iOS. If they now require an entitlement for this API it's a privacy win

croemer|10 months ago

Only sensitive notifications require an entitlement. Tracking wasn't mitigated.

icoder|10 months ago

The IDFV already supports tracking user across apps, as long as they are from the same vendor. It resets when apps from a vendor are removed from a device. Not sure if the user can reset it by themselves, but the vendor could then always tie things together using another self-generated identifier stored on the device, as long as any of its apps are on it, which boils down to the same.

I think the approach you describe allows roughly the same, except perhaps doing so without (or with different) permissions, and allowing to do this between vendors (that must agree upon this upfront).

e28eta|10 months ago

I think it’s most interesting for 3rd party SDKs (analytics, advertising, others?), because they’re in a position to have their code running in apps from different vendors.

jillyboel|10 months ago

As per the DMA if it's available to Apple's own apps it has to be available to third party apps as well. Of course apple will fight this tooth and nail so they can maintain their walled garden, making them billions per year.