Making it a really technically hard problem is great news for Facebook and Google. They will happily hire software engineers that do the best possible job of detecting who a user is, using machine learning and all sorts of other tricks. And then sell this functionality (either explicitly or implicitly) to developers that use their ad platforms.

Well it is an arms race of sorts. If you can build it you can fake it.

Same with not allowing fine-grain control of what apps are allowed to use your WiFi/connect to the internet. I don't give a shit that an app feels entitled to it, its my internet bill and its already implemented perfectly for your cellular data stuff. There's no reason or excuse its not a privacy setting that you can tightly-control and revoke.

This would be excellent, because most apps and even iOS shits the bed when it is on a WiFi network that can't reach out to the Internet. They expect it to be there and open all the time, and show me all sorts of Fisher-Price "Uhoh! Your WiFi isn't working!" errors when in fact it is working fine, and I'm completely aware it can't connect to the Internet because I'm the one who configured the firewall.

Apparently that is a feature that iPhones sold in China do support. But only China for some reason.

That reaction when Chinese devices are "freer" than Western ones. Shameful!

That’s what we have now… Once the platform is open you can’t deny them API access.

But you can have sensitive APIs behind permission prompts

The advertising ID gives users and Apple control over tracking when also coupled with AppStore policy that disallows improper use.

It’s impossible to prevent fingerprinting of users and devices via purely technical measures — taking away the advertising ID won’t help.

Fingerprinting is hard. Especially when apps are as sandboxed as they are on iOS, and especially when there are so few iOS device models. Any APIs that can be used to share data between apps should be subject to permissions (e.g. file system access) or explicit user action (e.g. sharing content or links from one app to another).

> Why do you think fingerprinting is hard?

They did manage to answer this question in their comment. It’s the entire last sentence. (It also seems fairly well implied that they mean “iOS fingerprinting is currently hard” given the topic of discussion.) I don’t see how I could reliably fingerprint if so many APIs require user permission. It might be possible but I don’t see easy.

iOS isn’t as sandboxed as they claim.

From IOKit to getifaddrs() to file system APIs, there are straightforward ways to uniquely identify a device — and I’m sure someone who actually works in this space can think of quite a few more.

Hell, even if you make it a hard problem and sandbox every possible source of unique information about the device, I’m sure Google would be happy to throw ML engineers at identifying users via impossible-to-obscure user information (keyboard timings, accelerometer readings, etc).

Preventing misuse of PII requires a policy/legal solution, not a technical one.

That's the thing, all these holes need to be identified and plugged up. Google, despite being a data-hungry targeted advertising company, did a fairly good job at this in recent Android versions.

Or, a much, much simpler solution: an application firewall built into the system. With downloadable easily shareable rulesets. No matter what an app collects, it's all worthless if it can't send that back to advertisers. We already do that for websites by using ad blockers.

>No matter what an app collects, it's all worthless if it can't send that back to advertisers. We already do that for websites by using ad blockers.

Using an application firewall to prevent the facebook app from sending tracking data backing to facebook?

Facebook app can, of course, send its tracking data back to Facebook, but it will only be able to track what you do within Facebook itself. That's fair and that can't be prevented. I'm talking specifically about cross-app and cross-site tracking.

You really, truly, cannot close all the holes necessary to prevent fingerprinting while still providing a useful general purpose OS.

You especially cannot achieve this while providing third parties access to what has traditionally been vendor-only API on mobile devices; e.g. to support third-party app stores.

This simply is not solvable through technical means. It must be solved through policy and law.