Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Surely this very website would never use third party telemetry or click tracker embeddings via referrals and advertisements which wind up as part of these data sets…once sold and resold (and resold…)

Pushback starts with people choosing not to use these invasive technologies which are almost never necessary, not the users.
 
I deleted and stopped downloading apps years ago except for Firefox and WhatsApp (because you have to have that or be banished forever.) Absolutely ridiculous that we are just cattle to organisations who collect and buy this data.
I run a local VPN as a firewall on-device, then edge network stuff, then more protections at the very end of the chain. It’s ludicrous.

When I enabled it some apps have so much telemetry being blocked, and no timeouts written because they are ocded by morons, that they will make the device burning hot because it uses so much CPU just firing off blocked requests. I’ve seen literally thousands of them from some applications, it is outrageous that we don’t have better privacy laws and that Apple doesn’t provide a real on-device Firewall so we have to resort to hack-y workarounds.

The tracking toggles in settings do **** all for invasive code within the apps themselves, and for some reason only known to Apple iCloud private relay only works with Safari views.

iOS 19 could launch with this as its only feature and I would upgrade my phone if I had to in order to get it. Less damned “apple intelligence” and more privacy please.
 
I feel like this story ignores the larger point.

Gravy is far from the only player in this market. Who you are and where you’ve been is data that’s collected, harvested, and used all the time.

A hack means that more people have access to that data who shouldn’t. Yeah, that’s not good. But there are thousands of companies that have some of this data on you because they collected it — or paid for it — “legally.” That should be disconcerting for many people.
That's because Apple allows this kind of data harvesting then collected and potentially sold online.
Data.jpg
 
My iPhone is not allowing app tracking

Go to Settings > Privacy & Security > Tracking
. The list shows the apps that requested permission to track you. You can turn permission on or off for any app on the list. To stop all apps from asking permission to track you, turn off Allow Apps to Request to Track (at the top of the screen).

See https://support.apple.com/en-gb/guide/iphone/iph4f4cbd242/ios
This is much deeper than that. This covers ads that are displayed in web browsers, which are outside of that control setting. You’d likely need a strong ad blocker to avoid most of Gravy on top of the setting you mentioned.
 
Thanks for the heads up, just deleted these apps from my devices.
You’re closing the barn door after the horses got out.

You (and anyone else annoyed by this) should seriously write a polite but firm letter to both tcook@apple.com and pschiller@apple.com if you’re dissatisfied. Not a joke.

Those App Privacy “nutrition labels” were influenced if not created in response to feedback that was sent in.

The emails are reviewed by executive assistants and they actually do take responses to incidents like this seriously if the public starts addressing it directly. For all of Tim Cook’s faults, he is very sensitive to customer satisfaction – I have personally dealt with his team.
 
Oh. Joy.
Time to change all my passwords.
Again.
3rd time in the last 12 months.
 
I deleted and stopped downloading apps years ago except for Firefox and WhatsApp (because you have to have that or be banished forever.) Absolutely ridiculous that we are just cattle to organisations who collect and buy this data.
Who invented the apps should apologize with the World.
 
  • Like
Reactions: reinem85
I run a local VPN as a firewall on-device, then edge network stuff, then more protections at the very end of the chain. It’s ludicrous.

When I enabled it some apps have so much telemetry being blocked, and no timeouts written because they are ocded by morons, that they will make the device burning hot because it uses so much CPU just firing off blocked requests. I’ve seen literally thousands of them from some applications, it is outrageous that we don’t have better privacy laws and that Apple doesn’t provide a real on-device Firewall so we have to resort to hack-y workarounds.

The tracking toggles in settings do **** all for invasive code within the apps themselves, and for some reason only known to Apple iCloud private relay only works with Safari views.

iOS 19 could launch with this as its only feature and I would upgrade my phone if I had to in order to get it. Less damned “apple intelligence” and more privacy please.

I have a Firewalla on my home network that aggressively blocks trackers, ads and other nonsense. Blocks hardcoded DNS, too.

My phone stays connected via a VPN and doesn't touch the internet without going through my firewall.
 
Seconding this, and it’s not too hard to set up!

I highly recommend AdGuard home in addition to using adblocking browser extensions. You can set up AdGuard home and combine it with tailscale to get dns level blocking on just about any device no matter where you are. I get whiplash any time I use somebody else’s device, I don’t see ads anymore!
Agreed. Going from my dns to a public dns feels crazy now — all those ads! It also blocks ads inside apps, which is nice.

The benefit of NextDNS over Adguard Home or PiHole is it works when on cellular or away from home without needing tailscale or vpn or anything like that.

Also, while us techies can install such things no problem, NextDNS is super easy set it and forget it. I used to use PiHole (had dual synced systems actually for redundancy and no interruption during updates) but adminning it became a pain. $20 is money well spent for someone else to admin it for me.
 
I have a Firewalla on my home network that aggressively blocks trackers, ads and other nonsense. Blocks hardcoded DNS, too.

My phone stays connected via a VPN and doesn't touch the internet without going through my firewall.
Just so you know sometimes DNS requests (and an apple service or two) will leak since Apple’s VPN implementation doesn’t cover everything always but that’s another story.

If you have RCS enabled it also often goes straight out around the iOS VPN which you can verify if you’re on the wifi network that’s connected to and look at traffic, it regularly directly pings the carrier for some stupid reason and it’s crazy because they have the ability to do it via cell they wanted to. There is a lot of room for Apple to improve here, they may be waiting to improve the RCS support until encryption arrives but there’s no excuse for the VPN holes.

It’s way better than doing nothing though. With your setup you can also see how much that “disable requests to track” really does (almost nothing IMO).
 
  • Sad
Reactions: mhnd
These data files are going to be very useful once AI can do stuff with it for scams and blackmail at scale. Sure the random number "oh I misdialed" scam doesn't work well. But once it comes with "Hey, didn't I meet you at (insert interesting location) on (insert date that target is known to have been at said location).", well then folks are going to engage with that text.
 
  • Like
Reactions: drmacnut and mhnd
It's only a matter of time until personal data collection becomes illegal to collect. It has been shown time and again that none of them can protect the user and, on the contrary, do a lot of harm.
Secret data collection should be illegal and probably will be. Permitted data collection should remain legal, as it can be a cheaper alternative that some consumers may prefer, even with the risks. The key is transparency and putting the control of the consumer’s data in the consumer’s hands.
 
A. Don't enable location services unless it's strictly necessary (i.e. navigation apps)
B. Use pihole or other ad blocking DNS like AdGuard DNS to prevent connections to those analytics companies
 
  • Like
Reactions: mhnd
I don’t care for my data. But you can go to the dark web and search a phone that is every night at the address your boss lives. And now you got his movement history. Check where he drops his kids at school, where he picks them every evening after their soccer practice. Where he goes to the gym. What doctor he sees. What stripclub he went to. Who he meets at a regular basis.

Or just look what phones are every day at the news paper office. Now you got the journalists. Check who they meet. Who are their sources. Find the whistleblowers.

Or check what phones are every noon at the location of your football team if you want to stalk some players.

Check out what phones are at the Apple campus and see if they travel abroad. You can find the next supplier, the secret test lab, the unknown factory.

See what phones are every day at the secret service headquarters. Check if the same phones are at the White House. Boom you found the presidents bodyguards. See what hotels they check out before he flys to another country. See what phones are regularly at the White House when there are events and see if they line up with catering locations. Now you know who cooks for the president and his guests.

This is a gold mine of unprecedented scale for China and Russia, for every dictator who wants to spy on his people, every company who wants to spy on its competitors, every violent husband who wants to stalk his wife, every crazy stalker, every mad psycho.
 
I'm glad I don't have to worry about this one, as I never use those features and have them all turned off on the Mac and any other device I might use.
"The order required Gravy Analytics to delete all historic location data and any data products developed using data collected from consumers, but it was apparently too late because the company's systems had likely already been breached at the time."

So we know who hacked in then.. the NSA.
The NSA doesn't need to hack for that data since they have all the data already. If it goes through the Internet of the USA (from memory... around 80% worth of the world), they have it. They also track where every bit goes, so even if they can't see something as a whole, they do know where that bit was going to and where it came from etc.
 
Such handy info to have for governments, militaries & police. I see no apologies coming from any of them. Let alone the hackers & dark web folks who will make use of this data… 🤬
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.