Hacker News new | past | comments | ask | show | jobs | submit login

I don't know if there is much of a solution aside from blocking the domains not owned by an app publisher or not approved by apple (an ad tracker list, for instance).

The best way to avoid being tracked is to use apps that you pay for, not apps that are free and make money with your data. You can also bookmark websites to your home screen instead of downloading apps, that way you don't grant apps the extra privileges. Finally, you can disable background app refresh.




> The best way to avoid being tracked is to use apps that you pay for, not apps that are free and make money with your data.

Nearly all apps, paid or not, use 3rd party analytics tools to improve their engagement. If the app requires sensitive data to function, like your contacts, it's also available to the analytics tool. Even the app's developer might not be aware of what the tools they're using are collecting.


If the app developer is not aware of what the code they ship is collecting from their customers, the app developer should not be including that code.

More over: why are you using an analytics system that involves sending your user's data to an arbitrary third party? Someone who is using your app has agreed to a relationship with you, not with facebook, or google, or what have you.


> why are you using an analytics system that involves sending your user's data to an arbitrary third party

Self-hosted analytics frameworks exist, but unfortunately aren't as popular because of the setup involved.


Yes, but there seems to be a failure to recognize that you're transferring the cost of setup onto your users, often (almost always) without their knowledge, and definitely not any kind of meaningful consent.

Personally I'm of the opinion that if you charged a user for your app, and then require that data be provided to an arbitrary third party, then that user should be allowed to get a refund for your product. Similarly if you ship an update that invades a user's privacy then they should be entitled to a refund - you just rob them of functionality (the ability to use your app).


I'm not convinced that the ones you pay for aren't tracking you too. As a non-app example, I pay for the Washington Post and uBlock Origin shows that I'm still food for doubleclick et al- even when I'm logged in.


https://i.imgur.com/wbqIOFI.jpg Just took that screenshot, it's sending about ten analytics requests EVERY MINUTE. I pay $30 a year for it. But hey, they may as well get a few cents more.


Oh just noticed the same. In my case it was the Mixcloud app. Thought it's better to uninstall so my block stats don't get to messy.

https://i.imgur.com/Stz11Mv.png


Apple actually does this already. You need to submit a list of domains your app is allowed to talk to and explain why they're needed.

I guess the next step is for Apple to stop allowing analytics URLs to work without an opt in prompt.


> You need to submit a list of domains your app is allowed to talk to

No, that's only if you're not using TLS for those domains. Which almost all are at this point.


Then you just create a proxy on your ‘required’ home site so it sends the snooped data through your site to the analyzing server.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: