I also highly recommend people get an ad and tracker blocking DNS set up to further block such things on all devices and websites. The easiest is NextDNS, which is the best $20/year I spend probably. Other more complex solutions are PiHole or AdGuard Home.
The ad industry is incredibly valuable and adds a ton of value. It just isn't for you or I...this is disgusting, ad industry adds no value ...
Check their website. They fire very little my guess they are sending it through back end servers which are now possible and much harder to tell what data is getting collected. Also my guess Apple has very strict cyber security policies preventing any keys to be generated that aren’t rotated requiring specific lowest access level requirements for service accounts etc.I wonder how long before someone finds a reason to sue Apple over this.
Not possible at this point. Many trackers use a subdomain think cloudcapi.apple.com that they forward data to then process with google cloud or Aws servers and send the data behind the scenes. It is very hard to block trackers either server to server signals these days.I have a Firewalla on my home network that aggressively blocks trackers, ads and other nonsense. Blocks hardcoded DNS, too.
My phone stays connected via a VPN and doesn't touch the internet without going through my firewall.
Tracking you all over the place and selling your data?The ad industry is incredibly valuable and adds a ton of value. It just isn't for you or I...
Without ads how do sites like this operate? Doubt you’d pay $4 even a month for each useful website you use.Tracking you all over the place and selling your data?
Sure, whatever you say
Not possible at this point. Many trackers use a subdomain think cloudcapi.apple.com that they forward data to then process with google cloud or Aws servers and send the data behind the scenes. It is very hard to block trackers either server to server signals these days.
Without ads how do sites like this operate? Doubt you’d pay $4 even a month for each useful website you use.
Ads is 1 thing. Tracking you all over the place and selling your data is anotherWithout ads how do sites like this operate? Doubt you’d pay $4 even a month for each useful website you use.
When I was organizing and scheduling ads for my sports club I just payed ads for the right demographic. Why should I pay for random 100.000 views of unrelated people? I just payed for 5.000 ads and set all the filters and parameters and targeted just the small amount of people who might attend our games. Tracking is incredibly valuable for ad companies.Ads is 1 thing. Tracking you all over the place and selling your data is another
See my previous post. Internet ads are far more efficient when they are targeted for the right consumer group. TV ads and billboards cost millions and waste 99% of views.Bummer. Thanks for the info.
I don't use any of the apps listed, but it still sucks.
Ads =/= tracking. I see billboards everyday, which are ads, and they don't track me. I see TV ads on broadcast, and they don't track me. I hear ads on FM radio, and they don't track me.
The entire internet could be run on ads without tracking.
Is that a joke?is this blocked by default in the EU? Are these issues US only?
One option is to see what phones are at a given home address. If you know the target address you check what phones are there over night. If the person is found to go shopping at 4pm it may be the wifes phone. If you see one of the phones being at school location than it’s probably a kids phone. If the phone is all day at an office location it may be one of the adults. Just connect the dots.One thing that isn't clear to me is what is required to match up this data with an actual person? Like, is their phone number in the data? If its just IP address and or some kind of tracking ID, it would require a lot of effort to match that to a physical person right? Or am I misunderstanding things?
See my previous post. Internet ads are far more efficient when they are targeted for the right consumer group. TV ads and billboards cost millions and waste 99% of views.
Right, this is why we need a real on-device firewall from Apple and not stupid work around solutions like fake VPNs. You can block subdomains with the more advanced solutions but you basically need to man-in-the-middle attack yourself to intercept the data.Not possible at this point. Many trackers use a subdomain think cloudcapi.apple.com that they forward data to then process with google cloud or Aws servers and send the data behind the scenes. It is very hard to block trackers either server to server signals these days.
Ads is 1 thing. Tracking you all over the place and selling your data is another
Worth mentioning that that's the default.Baptiste Robert, CEO of security firm Predicta Lab, told TechCrunch that iPhone users that had app tracking disabled did not have their data shared.
Until REAL FINES are levied...in the millions and 10s of millions of $$$$....nothing will change. CEO and executive bonuses will always trump Capex on security.
Data broker Gravy Analytics has been hacked, and location information from millions of iPhone and Android users is at risk, reports TechCrunch. Gravy Analytics' parent company Unacast disclosed the data breach earlier this month [PDF], and said that its AWS cloud storage environment had been accessed by an unauthorized person using a "misappropriated access key."
![]()
"Some files" were obtained, and preliminary findings suggest those files "could contain personal data" collected from users of third-party services that use Gravy Analytics. According to 404Media, hackers are claiming to have customer lists and location data from smartphones that shows peoples' precise movements, with millions of users affected. Some of that data, which does indeed include the historical location of smartphones, has been published on private forums.
Gravy Analytics says that it tracks more than a billion devices around the world daily, and security researchers that saw a sample of the data collected by Gravy Analytics confirmed that the information can be used to track a person's recent locations, with no anonymization.
In December, the United States Federal Trade Commission (FTC) prohibited Gravy Analytics and its subsidiary Venntel from selling, disclosing, or using sensitive location data in any product or service. The FTC warned that the two companies exposed consumers to privacy harms that could include disclosure of health information, political activity, and religious practices, and put people at risk of stigma, discrimination, violence and other harms.
The order required Gravy Analytics to delete all historic location data and any data products developed using data collected from consumers, but it was apparently too late because the company's systems had likely already been breached at the time.
Gravy Analytics collects location data through a real-time ad bidding process that allows companies competing to buy an ad to see customer IP address and more precise location data if enabled. Gravy Analytics' database had location data from iPhone apps that include FlightRadar, Grindr, and Tinder, and while the apps did not have a direct relationship with the data broker, user location information was collected through their ads.
Turning off app tracking in the Privacy and Security section of the iPhone's Settings app keeps ads from being able to obtain a unique device identifier to link location data to a specific device, and preventing apps from using precise location data is also a way to preserve more privacy.
Baptiste Robert, CEO of security firm Predicta Lab, told TechCrunch that iPhone users that had app tracking disabled did not have their data shared.
Article Link: Data Broker Hack Exposes Location Info From Millions of iPhone Users
I would hope it was encrypted and assumed it was.Depends on if the data was encrypted. According to reports it sounds like it was. So they could have monitored all this data being sent around, but they wouldn’t be able to read it until the company was hacked and the keys stored there were swiped.
Though it is also possible I suppose that the NSA has obtained a quantum computer from one of our friendly mega corporations in the name of national security and has begun work on decrypting everything.
I also worked for an ad agency and booking thousands of billboards across the country plus tv commercials cost the customer millions.Google and Facebook are two of the biggest advertising companies in the world, and also two of the wealthiest companies in the world. I don't really care what their efficiency is. They are wealthy because they are invasive. I'm not going to support that, and if websites don't like it, it's their problem.
Additionally, I've bought billboard ads. They don't cost millions.
Let me guess you don’t accept third party cookies and block ad trackers. Well for us unless you are blocking a non standard google tag a manager from our own domain and blocking first party cookies you are still getting tracked unless you reject all in our consent management. We have moved all tracking to server to server using google tag manager hosted on a custom domain.I also worked for an ad agency and booking thousands of billboards across the country plus tv commercials cost the customer millions.
And as a customer I don’t accept cookies. Yes I still get ads but they are not targeted. A company that sells ads targeting just the people who are interested instead of everybody makes financial sense.
Thanks for this!One more tip: This is a very helpful setup guide. You don't have to follow it to the letter, but it does a slightly better job of explaining what each setting does and whether you need it. The goal is to have a truly set-it-and-forget-it setup. https://github.com/yokoffing/NextDNS-Config
So another data processor playing fast and loose with data. Are they not rotating keys. Are they not distributing them in a secure mechanism? What gives this happens far too often.
Seconding this, and it’s not too hard to set up!
I highly recommend AdGuard home in addition to using adblocking browser extensions. You can set up AdGuard home and combine it with tailscale to get dns level blocking on just about any device no matter where you are. I get whiplash any time I use somebody else’s device, I don’t see ads anymore!
It's only a matter of time until personal data collection becomes illegal to collect. It has been shown time and again that none of them can protect the user and, on the contrary, do a lot of harm.
U Get what you pay for, age old tale. Subscription services would be great if you could like bundle your website into tiers and the ones you traffic the get biggest cutMaybe in the EU, I just don’t see it happening in the US - too many free online services depend on that data and they’ll do anything to keep getting it.
I run a local VPN as a firewall on-device, then edge network stuff, then more protections at the very end of the chain. It’s ludicrous.
When I enabled it some apps have so much telemetry being blocked, and no timeouts written because they are ocded by morons, that they will make the device burning hot because it uses so much CPU just firing off blocked requests. I’ve seen literally thousands of them from some applications, it is outrageous that we don’t have better privacy laws and that Apple doesn’t provide a real on-device Firewall so we have to resort to hack-y workarounds.
The tracking toggles in settings do **** all for invasive code within the apps themselves, and for some reason only known to Apple iCloud private relay only works with Safari views.
iOS 19 could launch with this as its only feature and I would upgrade my phone if I had to in order to get it. Less damned “apple intelligence” and more privacy please.