Apple's Privacy Team Does Deep Dive Into iOS 18 Privacy Features

[CarAnalogy]

actually, i'm not sure why Little Snitch Mini isn't already on iOS. functionally it's the same as Lockdown, etc. and clearly the most superior one out there. Lockdown isn't working right for me anymore which is a shame as the alternatives are nowhere near as comprehensive.

It's not there because third party apps can't get anywhere near the system level access something like Little Snitch needs.

They can't even read MAC addresses for **** sake. It's a god damn travesty at this point. Pardon my French but it's inexcusable and makes iOS seem absolutely primitive from that perspective.

I understand the security concerns but at this point there are permission systems and plugins for these things.

 

[joeblough]

It's not there because third party apps can't get anywhere near the system level access something like Little Snitch needs.

They can't even read MAC addresses for **** sake. It's a god damn travesty at this point. Pardon my French but it's inexcusable and makes iOS seem absolutely primitive from that perspective.

I understand the security concerns but at this point there are permission systems and plugins for these things.

Little Snitch Mini is different than Little Snitch. the Mini version is just a content filter, which iOS supports.

 

[CarAnalogy]

Little Snitch Mini is different than Little Snitch. the Mini version is just a content filter, which iOS supports.

Sure, but content filtering is different than the network layer firewalling the Mac app does. That’s what I want to see. I want the same plugin type as a content filter but at the network level. I want to be able to deny an app network access entirely or by IP address. Same as on the Mac.

 

[joeblough]

Sure, but content filtering is different than the network layer firewalling the Mac app does. That’s what I want to see. I want the same plugin type as a content filter but at the network level. I want to be able to deny an app network access entirely or by IP address. Same as on the Mac.

i see what you mean, content filters on MacOS have per-application abilities. still it would be a huge step forward to have LS's blocklists on iOS in any capacity.

 

[CarAnalogy]

i see what you mean, content filters on MacOS have per-application abilities. still it would be a huge step forward to have LS's blocklists on iOS in any capacity.

I do that now with AdGuard on both Mac and iOS. I don't think there's anything special about LS's filters, they say it's EasyList which is on github.

But I also have Little Snitch for things like making sure apps only connect to their own servers and not a bunch of other places, blocking countries by IP, etc.

 

[joeblough]

I do that now with AdGuard on both Mac and iOS. I don't think there's anything special about LS's filters, they say it's EasyList which is on github.

But I also have Little Snitch for things like making sure apps only connect to their own servers and not a bunch of other places, blocking countries by IP, etc.

i don't think it's easylist? there are a whole bunch available, maybe like 12 different lists.

so can adguard sideload blocklists?

 

[CarAnalogy]

i don't think it's easylist? there are a whole bunch available, maybe like 12 different lists.

so can adguard sideload blocklists?

Yeah just point it to any url or use the local blocklist.

 

[joeblough]

Yeah just point it to any url or use the local blocklist.

wow - i didn't realize adguard was tiered. there's an "adguard" app and then there's "adguard pro". looks like only the pro version can load 3rd party blocklists. this is all on iOS, i don't know about macOS.

i have the plain adguard and there's no way to load a 3rd party blocklist in that app.

edit: no, i don't see anywhere to change the blockists in adguard pro either... hmm.

but:

GitHub - jakejarvis/ios-trackers: Blocklist of tracking domains used by iOS and popular apps.

Blocklist of tracking domains used by iOS and popular apps. - jakejarvis/ios-trackers

github.com

implies that adguard pro can use custom blocklists. i haven't read the documentation but maybe these need to be loaded via the finder or something.

 

[CarAnalogy]

wow - i didn't realize adguard was tiered. there's an "adguard" app and then there's "adguard pro". looks like only the pro version can load 3rd party blocklists. this is all on iOS, i don't know about macOS.

i have the plain adguard and there's no way to load a 3rd party blocklist in that app.

edit: no, i don't see anywhere to change the blockists in adguard pro either... hmm.

but:

GitHub - jakejarvis/ios-trackers: Blocklist of tracking domains used by iOS and popular apps.

Blocklist of tracking domains used by iOS and popular apps. - jakejarvis/ios-trackers

github.com

implies that adguard pro can use custom blocklists. i haven't read the documentation but maybe these need to be loaded via the finder or something.

This is what I've used a long time with a lifetime license purchased directly from the site years ago:

‎AdGuard — adblock&privacy

‎AdGuard is an ultra-efficient ad blocker for Safari. It will not only remove annoying ads but also secure your privacy with advanced tracking protection. AdGuard for iOS is an open source app, it’s totally transparent and safe to use. The app is free but offers additional paid Premium features...

apps.apple.com

To be honest I've never tried to load a custom blocklist because they have every one I've ever thought to use and more, and you can easily add custom rules.

I have used the DNS DoH support to add custom DNS servers.

Both the DNS and content filtering use the built-in systems for that on iOS and macOS.

But that's different than Little Snitch proper, which is a network layer firewall and those can't exist on iOS.

 

[BinSEA23]

Apple has NO Privacy standards, it's all words, meaningless words. In fact Apples failure to provide even the most basic, expected privacy, has failed.

Understanding Apples in-built features including analytics, privacy reports (iOS) console on Mac, understanding of intel and Apple M processors, standard configs, how KEXT and "bundles" work will give insight into Apples lack of basic privacy, constitutional, data, HIPPA and several state privacy laws.

I am currently pre- litigation for breach of privacy and gross negligence by Apple for nearly 2 years of constant( proven) developer device takeover and mus-use of developer tools.

Folks, developers have an array of tools at their disposal, that when used maliciously, will allow complete reconfiguration of your device including MDM, network configs, ports and protocolsesim deletion, call, text and email intercept and more. Sadly, apple has repeatedly confirmed all of the above... the Apple solution is " there is nothing we can do". So now I'm left with no option but to litigate...
Stats:
5 iphones
4 MACs
2 ipads

4 applied's, 5 mobile carriers, 7 phone numbers, 4 ISP's in the last 2 years and all the same issues.

The attached files indicate the lockdown VPN accessing sites that DO NOT route through lockdowns app, confirmed by Lockdown AD guard. iTunes shows all apps in the developers iTunes Store and then the App Store, all confirmed by apple as non- standard.

Execfault analytics ( bug ) indicates at the bottom ': trialinfo, rollouts, experiments which is the red flag indicators, per Apple, that the affected app or software or not valid production releases. These analytics are produced when a result of expected behavior is not produced ( anomalies) these can be uploaded and analyzed by Apple Security. FYI Analytics and privacy reports produce a ton of data, hence my above statement on understanding Apples complex eco-system

 

[BinSEA23]

wow - i didn't realize adguard was tiered. there's an "adguard" app and then there's "adguard pro". looks like only the pro version can load 3rd party blocklists. this is all on iOS, i don't know about macOS.

i have the plain adguard and there's no way to load a 3rd party blocklist in that app.

edit: no, i don't see anywhere to change the blockists in adguard pro either... hmm.

but:

GitHub - jakejarvis/ios-trackers: Blocklist of tracking domains used by iOS and popular apps.

Blocklist of tracking domains used by iOS and popular apps. - jakejarvis/ios-trackers

github.com

implies that adguard pro can use custom blocklists. i haven't read the documentation but maybe these need to be loaded via the finder or something.

Please see my comments re: privacy. Lockdown AD Guard Universal Protection is flawed in that it can be misconfugured by KEXT and app bundles in a way that it won't do much at all.

Here's is the configuration on my personal iPhone 15+ iOS 17.5.1.... 127.0.0.1 is local host... local host is not a vpn lol it's a local host, ergo the traffic is routing back to itself, this is not a Lockdown issue, it's an Apple Issue.

 

[joeblough]

@BinSEA23 lotta word salad there. you are alleging that an MDM profile can be installed without the user's knowledge? every time i've had to install one of those on the mac or ios there has been a lengthy process involving a lot of user interaction.

 

[NT1440]

@BinSEA23 lotta word salad there. you are alleging that an MDM profile can be installed without the user's knowledge? every time i've had to install one of those on the mac or ios there has been a lengthy process involving a lot of user interaction.

Don’t bother, that user is talking about Kexts in 2024…

 

[steve09090]

Don’t bother, that user is talking about Kexts in 2024…

Agree. Lost a fair bit of interest when "pre-litigation" was mentioned and posted the (ahem) case on MacRumors.

Maybe I am reading this wrong, but I was trying to understand what was being said, and they think Apple have been negligent with respect to privacy because people can do what they want with their own devices if they are a malicious developer?

 

[Really O Riley]

Apple's User Privacy Engineering Manager Katie Skinner and Privacy Product Marketing Lead Sandy Parakilas recently sat down with YouTuber Andru Edwards for a wide-ranging discussion on Apple's privacy policies.

Topics covered include Apple's approach to privacy, the ways Apple contends with privacy laws in different countries, and how Apple deals with government requests, plus there's a good deal of information on the new features in iOS 18.

Some of what's discussed covers privacy information that Apple has reiterated over and over again, but there are some interesting tidbits on Apple's adoption of ChatGPT, Maps privacy, the Passwords app, and accessory pairing in iOS 18.

It's a long discussion at almost 45 minutes, but worth it for those who want a bit more insight into Apple's philosophy on privacy.

Article Link: Apple's Privacy Team Does Deep Dive Into iOS 18 Privacy Features

The 5th September 24 announcement on Privacy for Apple Store and Apple Arcade do not let the user set Privacy preferences…..on or off…. (Access to Walet IDs) This means that our user data is “sellable” as an umbrella Privacy Policy. I noticed Roblox now use this to snoop on children’s activities unless their Privacy Policy preferences override the Apple Privacy Policy.

 

[Really O Riley]

So what?

That is the very first thing I change on any new device. I hate Google with every fiber of my being but if I owned Apple and Google continued to stroke me a check for b-b-b-billions every year I would make the same choice. I would also take some of those b-b-b-billions and spend it on anti-Google ads telling people how and why to choose a different search .

If the average Joe would spend 5 minutes searching for easy ways to better protect their data I bet many more would "opt-out".

But even Duck Duck Go is a front end of Google….I want a new choice.

 

[splifingate]

But even Duck Duck Go is a front end of Google….I want a new choice.

"I think you know what the problem is, just as well as I do." --2001