Most active commenters
  • wkat4242(6)
  • refulgentis(3)
  • MBCook(3)

←back to thread

Everyone knows all the apps on your phone

(peabee.substack.com)
1192 points gniting | 61 comments | 29 Mar 25 21:26 UTC | HN request time: 0.969s | source | bottom
1. andsoitis ◴[30 Mar 25 00:11 UTC] No.43519910[source]
> everyone knows all the alls on your phone

On Android phones. iPhone doesn’t have this privacy deficiency.

replies(10): >>43519937 #>>43519943 #>>43520950 #>>43521020 #>>43521389 #>>43521565 #>>43522434 #>>43522575 #>>43523112 #>>43526348 #
2. piyuv ◴[30 Mar 25 00:17 UTC] No.43519937[source]
Right, only Apple knows, but it’s ok, they’re the good guys
replies(4): >>43520012 #>>43521170 #>>43522067 #>>43524602 #
3. ctippett ◴[30 Mar 25 00:17 UTC] No.43519943[source]
Are you sure? I know someone in adtech and I'm pretty sure Apple allows a similar app manifest that allows you to check for specific apps. I could be wrong.
replies(2): >>43520009 #>>43520340 #
4. phony-account ◴[30 Mar 25 00:30 UTC] No.43520009[source]
> I know someone in adtech and I'm pretty sure Apple allows a similar app manifest that allows you to check for specific apps. I could be wrong.

On iOS an app developer will need to register in advance which external applications their app intends to query, and the list needs to be very short and motivated. [1]

Incidentally, “I have a friend who says...” isn’t really a good citation anywhere outside Reddit - which HN resembles more and more each day.

[1] https://www.hackingwithswift.com/example-code/system/how-to-...

replies(4): >>43520042 #>>43520273 #>>43520579 #>>43522735 #
5. andrei_says_ ◴[30 Mar 25 00:30 UTC] No.43520012[source]
Definitely not “good” but I’m still to see anything remotely resembling the complete disregard for privacy and security typical for the adtech-driven android ecosystem.

Just a different business model, not a display of moral values.

Sure, Pegasus exists but I don’t think it is commodified yet.

6. ctippett ◴[30 Mar 25 00:35 UTC] No.43520042{3}[source]
Thanks for the information.

I suppose a more appropriate term of phrase would've been "I'd heard anecdotally...", but I agree I was lazy with my original reply. I appreciate the feedback.

replies(2): >>43520076 #>>43521016 #
7. collingreen ◴[30 Mar 25 00:42 UTC] No.43520076{4}[source]
You're nice. I don't appreciate the extremely tired "hn looks more and more like Reddit every day" slop and I think you handled it with grace.
replies(1): >>43520157 #
8. reaperman ◴[30 Mar 25 00:53 UTC] No.43520157{5}[source]
Comparing HN to resdit is explicitly against HN guidelines. Though sometimes I think the only reason it’s never “true” is because Reddit is a moving target. Both HN and reddit get worse over time, so HN never catches up to how bad Reddit is.

Also the bots have not invaded HN, which is a truly massive distinction.

replies(1): >>43521787 #
9. refulgentis ◴[30 Mar 25 01:11 UTC] No.43520273{3}[source]
I don't think it is worth being dismissive.

I snorted when I got to the self-important haughtiness about reddit.

Why?

- You immediately recognized what they meant.

- They weren't advancing a claim, they were indicating a basis for their interrogative, likely to avoid seeming naive when claiming it out of nowhere.

- The article we're commenting on describes the same mechanism you claim differentiates iOS. ("register in advance...which applications...intends to query, and the list needs to be very short and motivated.")

- I've worked heavily on iOS and Android since 2009. As close to a graybeard as you can get in mobile. I'm searching, reaching, grasping for any sign you've done anything other than Google and link the first article you saw, and I can't find _any_. At all. But I don't think that's wrong. You're trying. Why is it wrong for the person you asked to try too?

- There's strong signs you didn't read the article we're commenting on.

- If you had, it is unlikely you would have said iOS was differentiated, then laid out the exact same mechanism described in the article.

- There's strong signs you didn't read the article you linked.

- On iOS you can register URL schemes in a plist, these aren't "external applications you intend to query" and the list does not have to be "very short and motivated"

I get cranky too, but, I am grateful I recognize it is very reddit to cry Reddit and edit it out, or delete.

replies(1): >>43520341 #
10. czk ◴[30 Mar 25 01:21 UTC] No.43520340[source]
Not sure about the manifest but recently I've seen talk about some banking apps using SBSLaunchApplicationWithIdentifierAndURLAndLaunchOptions (undocumented function in SpringBoardServices) [0] to try to launch another app on the phone by the bundle id, and they can determine if it's installed or not.

They were using this trick to detect unauthorized apps on the phone.

https://blog.verichains.io/p/technical-analysis-improper-use...

[0] - https://gist.github.com/wh1te4ever/c7909dcb5b66c13a217b49ea3...

11. phony-account ◴[30 Mar 25 01:22 UTC] No.43520341{4}[source]
> There's strong signs you didn't read the article you linked.

What could possibly indicate I didn’t read the article? Of course I read it. Isn’t your assumption of my bad faith also explicitly against HN’s guidelines?

> On iOS you can register URL schemes in a plist, these aren't "external applications you intend to query" and the list does not have to be "very short and motivated"

I’m also an iOS developer- and yes it does.

replies(2): >>43520960 #>>43520991 #
12. swat535 ◴[30 Mar 25 02:02 UTC] No.43520579{3}[source]
Is that also the case for alt-store apps available in EU ?
13. wkat4242 ◴[30 Mar 25 03:14 UTC] No.43520950[source]
On iOS it's kinda worse in some ways. If you enroll into a company MDM they can see all your apps.

On Android if they use the work profile (which is the standard method these days) they can only see the apps inside there.

replies(4): >>43521149 #>>43521150 #>>43521257 #>>43521463 #
14. cosmic_cheese ◴[30 Mar 25 03:16 UTC] No.43520960{5}[source]
Yeah Apple used to be more loose with registered URL schemes, but tightened up a few years ago ands so now if you submit with a huge list of schemes the app has no good reason to use you’re going to get bounced.
15. refulgentis ◴[30 Mar 25 03:21 UTC] No.43520991{5}[source]
> What could possibly indicate I didn’t read the article?

What I laid out, namely, that you described iOS the same as the article, while simultaneously claiming iOS differs significantly.

> On iOS you can register URL schemes in a plist, these aren't "external applications you intend to query" and the list does not have to be "very short and motivated"

> I’m also an iOS developer- and yes it does.

Which part is "yes it does"?

We both can agree quite quickly that URL schemes in a plist aren't "registering apps." You can drag this out a couple turns by playing shell games first by ignoring the URL schemes difference, then by making me do the leg work to show it's trivial to find apps with dozens of apps in that list.

Either which way, I continue to be taken aback by your snarkiness towards the original post and cries of Reddit given you know you were 100% wrong on this.

You're in a really bizarre situation where too much territory was staked out and you're defending it all: you can't claim this was a remotely accurate description and you read the article about Android and iOS is different. It's already a farce, then throw in scolding about how HN is Reddit because of low quality posts...my goodness, my friend.

> Of course I read it. Isn’t your assumption of my bad faith also explicitly against HN’s guidelines?

No, because I said "There are strong signs", I didn't say "You didn't read it."

Also, why would not reading be "bad faith"?

You are extremely focused on making attacks and perceiving them in others, please take a step back and note: "But I don't think that's wrong. You're trying. Why is it wrong for the person you asked to try too?" - you shouldn't have to make up an interpretation where gently chiding you for being rude turns into invoking rules and accusing you of bad faith

16. refulgentis ◴[30 Mar 25 03:24 UTC] No.43521016{4}[source]
You're too kind, their reply was extremely rude to you. I have been here 16 years, been an iOS developer just as long, and have no idea why your comment is "Reddit."

A simple thought exercise for me is "Which of these two comments is more Reddit?" - I'd say the one that came with curiosity is HN, the one that bats around half truths combatively and invoking Reddit isn't.

replies(1): >>43521588 #
17. neither_color ◴[30 Mar 25 03:25 UTC] No.43521020[source]
Speaking of iPhone, Im curious about something. On occasion, I log into the [former] bird app using the web app because it's enough to check up on some key follows.

Recently, they released a major update to their LLM feature and I installed the app to check it out. While I had the app installed, every time I checked the mobile website there was a large banner directing me to go to the app. Ad blockers and distraction blockers would not get rid of it. When I deleted the app again, it was gone. What gives? Why does the mobile website know whether I have the app installed? How come content+distraction blockers are enough to block all reminders to use the app when it's not installed, but are irrevocable if I have the app installed?

replies(2): >>43521060 #>>43521485 #
18. js2 ◴[30 Mar 25 03:32 UTC] No.43521060[source]
Apple calls these Smart App Banners. Webkit cooperates with iOS to present them according to a meta tag in the page:

https://developer.apple.com/documentation/webkit/promoting-a...

You can get rid of them with the Unsmartifier extension.

https://old.reddit.com/r/apple/comments/q55753/unsmartifier_...

The StopTheMadness extension can also remove them (among many other things... this extension is a must have for me):

https://underpassapp.com/StopTheMadness/support-ios.html

replies(1): >>43521248 #
19. fashion-at-cost ◴[30 Mar 25 03:49 UTC] No.43521149[source]
I would have to strongly recommend nobody enroll a personal device in a company MDM. If the company needs you to have mobile connectivity that badly, they can give you a device.
replies(1): >>43526389 #
20. jmb99 ◴[30 Mar 25 03:49 UTC] No.43521150[source]
I mean... isn’t that expected of an MDM? I have always assumed that any company device (i.e. any device enrolled in an MDM) is under 100% control and surveillance of that company. Being able to see my installed apps is the least of my worries.
replies(1): >>43522793 #
21. jmb99 ◴[30 Mar 25 03:52 UTC] No.43521170[source]
Ignoring the sarcasm...

What evidence is there/can you present that Apple is making use of this information in a negative way?

How can Apple not have a list of installed apps on your phone while maintaining basic functionality (automatic updates, reinstalling apps from backup, etc)?

22. hnburnsy ◴[30 Mar 25 04:07 UTC] No.43521248{3}[source]
>Apple calls these Smart App Banners. Webkit cooperates with iOS to present them according to a meta tag in the page

JFC. Are they disabled if you ask for the desktop site?

replies(1): >>43521584 #
23. asah ◴[30 Mar 25 04:09 UTC] No.43521257[source]
get a separate device for work ?
replies(1): >>43521857 #
24. scarface_74 ◴[30 Mar 25 04:37 UTC] No.43521389[source]
This was somewhat mitigated on iOS a few years ago.

You could try to communicate with an app via the custom URI scheme and if it succeeded, it would know you have the app installed. Twitter used this for finger printing.

An app has to get a special intent and has to list the apps it wants to use it for.

25. mgriepentrog ◴[30 Mar 25 04:56 UTC] No.43521463[source]
Apple introduced account-driven enrollments in 2021[1], which behaves similar to Android's work profile. Managed apps/data are kept in its own APFS volume, and MDM servers don't have access to anything outside of it. They also disallow system-wide commands like wipe device. The only caveat is you need managed Apple IDs[2] to use this enrollment flow, and I doubt many companies have set it up.

Regardless, MDM installed app visibility is limited to those users who opt-in to an organization managing their personal device, and isn't an effective way to broadly gather what apps a given person has installed. What's described in this post would work on any user/device, and there's no way to deny/opt-out of specific permissions.

[1] https://developer.apple.com/videos/play/wwdc2021/10136/ [2] https://support.apple.com/guide/apple-business-manager/use-m...

replies(2): >>43522615 #>>43522734 #
26. happyopossum ◴[30 Mar 25 05:00 UTC] No.43521485[source]
> Why does the mobile website know whether I have the app installed?

To clarify - the mobile website doesn’t. It has meta tags that tell safari what app it’s tied to, and safari displays associated the app banner.

27. WuxiFingerHold ◴[30 Mar 25 05:21 UTC] No.43521565[source]
iPhones are less of a privacy nightmare.

One of the biggest incentives for creating apps is to scrape all kind of data from the users. Look at how many apps require permission to see you contacts. And how many actually need your contacts to function. That's why I'm still a bit surprised that many seem to be surprised by findings like this one here.

replies(3): >>43521646 #>>43521958 #>>43522271 #
28. uni_baconcat ◴[30 Mar 25 05:24 UTC] No.43521584{4}[source]
I think it won’t. I tried open X.com desktop version on iPad, Safari still showed “open with X app”.
29. ◴[30 Mar 25 05:25 UTC] No.43521588{5}[source]
30. josephg ◴[30 Mar 25 05:41 UTC] No.43521646[source]
I wish there was an option for “give bogus contacts” which showed the app a list of contacts - but it was all randomly generated junk. Make it so the app can’t tell if the contacts it gets are real or fake.

I read a fiction book years ago where there were cameras everywhere. To get privacy, instead of hiding their identities the protagonist paid companies to insert bogus information into the information brokers’ network. So if they tried to figure out where they were on a certain day, 20 records would match. I think this is a much more likely vision of the future.

replies(1): >>43521689 #
31. 3np ◴[30 Mar 25 05:50 UTC] No.43521689{3}[source]
I guess rather than closing my Google account I should have removed the 2FA and changed the password to a weak one on the HIBP list (:
32. phatskat ◴[30 Mar 25 06:14 UTC] No.43521787{6}[source]
> Both HN and reddit get worse over time

I think this is probably true of any online community. I’d wager that an online community needs more users to grow and be sustainable, and more users inevitably means more content, and more content means less _high-quality_ content overall.

33. pjerem ◴[30 Mar 25 06:31 UTC] No.43521857{3}[source]
ask a separate device for work.
replies(1): >>43522797 #
34. wruza ◴[30 Mar 25 06:53 UTC] No.43521958[source]
Look at how many apps require permission to see you contacts. And how many actually need your contacts to function.

That is, again, not require but ask for on iphone. I have zero non-functioning apps on my iphone due to denied access to contacts. Even a chinese bluetooth light controller doesn't dare (while refusing to work on android for the same reason).

You can hate apple/iphone ecosystem all you want, but let's not sneak false claims into how they actually work.

replies(1): >>43522262 #
35. PaulRobinson ◴[30 Mar 25 07:18 UTC] No.43522067[source]
Sort of. They have a list of apps you've bought/installed through app store, and they can figure out what you've deleted based on what your phone is pinging for update checks on.

If they went beyond that, or disclosed that knowledge, or allowed an app to get that manifest without your permission, it would destroy their brand image built around privacy, in a way that would cause long-term irreparable damage.

They decided to not comply with laws compelling them to add back doors to optional encryption on iCloud storage, rather than tarnish that image, because they know how valuable that trust is.

You can dump on Apple all you want, but compared to Google who plead with people to use their browser and phones to improve adtech surveillance they can monetize, I think they're doing OK and are a lot more trustworthy.

36. hk__2 ◴[30 Mar 25 07:54 UTC] No.43522262{3}[source]
> I have zero non-functioning apps on my iphone due to denied access to contacts.

You don’t have WhatsApp then.

replies(2): >>43522309 #>>43523903 #
37. hk__2 ◴[30 Mar 25 07:55 UTC] No.43522271[source]
> Look at how many apps require permission to see you contacts.

It is so annoying that it’s either "give access to ALL my contacts and ALL their information (yes, even the notes I took on their favorite things for next Christmas)" or "don’t give access". I wish we could limit the number of contacts and the level of information we give.

replies(4): >>43522743 #>>43524577 #>>43525917 #>>43530566 #
38. nechuchelo ◴[30 Mar 25 08:04 UTC] No.43522309{4}[source]
I do and deny it access to contacts. Everything works fine.
39. knlam ◴[30 Mar 25 08:28 UTC] No.43522434[source]
Actually you can via private API, which Apple app use all the time but forbid other app to use

https://blog.verichains.io/p/technical-analysis-improper-use...

40. buyucu ◴[30 Mar 25 08:54 UTC] No.43522575[source]
apple is the worst product for privacy. The entire ecosystem is closed source. You know nothing about what apple is doing.
41. whs ◴[30 Mar 25 09:02 UTC] No.43522615{3}[source]
I'm working on implementing this for the company, and the annoying limitations on iOS is that you can't clone apps. If you want Gmail (as an example) as managed app, you can't have another Gmail as unmanaged app. While the company can't see inside the Gmail managed app (without the app itself explicitly providing that feature), the company can remove Gmail (and any local data inside the app) at any time.

Fun fact from the MDM implementation - the most private way (at least to the company policies) to have a company-connected device is to buy a separate phone and install company's MDM on it. On company provided devices, the company may locate company's assets at any time but doing so on a personal device is a privacy breach.

replies(1): >>43522750 #
42. wkat4242 ◴[30 Mar 25 09:26 UTC] No.43522734{3}[source]
Yes I know about User Enrolment. The problem is the managed Apple IDs are a complete and total dealbreaker. So I'm not even considering this as an option.

The reason is that Apple demands that the UPN (the account ID) and the email address are the same. For us this is not the case (our UPN is our employee number as an email address, whereas our email address is just our name). And obviously we're not going to change this for ten thousand users because Apple wants to (most of which don't have Apple devices because we're a European company). Also, you have to manually decide what happens to each user that has already created an account with their corporate email address and what to do with the content they purchased on it. This is not feasible for a large corp. We have commented this to our Apple account manager for years and years but they simply don't care. If you work in this realm you probably know that Apple doesn't really care about things that matter for their corporate customers anyway. The consumer is their main client and it shows (unlike with Microsoft where it's the opposite).

So the whole account-driven enrolment (User Enrolment) as well as everything else depending on managed Apple IDs like DEP for Macs is completely out of the window.

The problem in my opinion is that I as an admin can simply query for example all the employees that have something like Grindr installed. Considering the current political climate in the US (or worse, the middle east where this can lead to a death sentence in some cases) it's obvious why this is super bad. And really, why should we be able to do this at all?

43. robin_reala ◴[30 Mar 25 09:26 UTC] No.43522735{3}[source]
Could you take a moment of your time to read the last point in the HN Commenting Guidelines? https://news.ycombinator.com/newsguidelines.html
44. normie3000 ◴[30 Mar 25 09:27 UTC] No.43522743{3}[source]
Photo access has improved a lot in this regard recently.
45. wkat4242 ◴[30 Mar 25 09:30 UTC] No.43522750{4}[source]
Yes, Apple hates the idea of work-badged apps that Android has. I have to admit, a lot of our users don't grok it either at first. However once they realise the benefits (the company has much less visibility, AND they can turn off the work section completely with the touch of a button) they usually come around pretty quickly.

The bad part of this is that apps have to specifically support the multiple profiles option, otherwise they can't be used for this.

And yes, I agree, that is the best way. We have the same restrictions for personal devices. Though I as an admin know we never use the locate functionality (and I know every person who has access to it).

replies(1): >>43526372 #
46. wkat4242 ◴[30 Mar 25 09:40 UTC] No.43522793{3}[source]
No I (as a mobile admin) don't think it should be like that at all, at least not for BYOD devices.

Android has this really well worked out with their work profile. It's like having a company VM on your phone. Really great separation.

But on Apple we can't use a similar option which I admit does exist, but there's too many strings attached (see the discussion above).

47. wkat4242 ◴[30 Mar 25 09:40 UTC] No.43522797{4}[source]
True, if you use it for work they should provide you one.

The problem is of course carrying two devices with you.

48. sfoley ◴[30 Mar 25 10:49 UTC] No.43523112[source]
It's a clickbait title that needs to be changed to stop spreading misinformation.
49. jen20 ◴[30 Mar 25 13:13 UTC] No.43523903{4}[source]
iOS grants just the contacts you select - including “none” to apps. WhatsApp works fine in that regime.
50. subscribed ◴[30 Mar 25 14:42 UTC] No.43524577{3}[source]
Check if GrapheneOS suits your needs. It has "contact scopes", ie you cna literally allow the app to see single contact only.

Same with storage scopes: one directory and that's it.

51. criddell ◴[30 Mar 25 14:44 UTC] No.43524602[source]
> they're the good guys

In a relative way, they definitely are.

52. CharlesW ◴[30 Mar 25 17:34 UTC] No.43525917{3}[source]
> It is so annoying that it’s either "give access to ALL my contacts and ALL their information… […] I wish we could limit the number of contacts and the level of information we give.

iOS added fine-grained (at the contact level) access to contacts data last year.

https://lifehacker.com/tech/you-can-control-which-contacts-a...

replies(1): >>43526361 #
53. MBCook ◴[30 Mar 25 18:28 UTC] No.43526348[source]
They did, long ago. I remember when it was shut down after someone made the problem public, like this.

I’m amazed Android still allowed this in 2022.

54. MBCook ◴[30 Mar 25 18:30 UTC] No.43526361{4}[source]
They did the same for photos years ago.

Many apps have not updated and perhaps never will.

replies(1): >>43526828 #
55. illiac786 ◴[30 Mar 25 18:31 UTC] No.43526372{5}[source]
Donyou know if account driven enrolment requires different phone numbers for the MDM managed apps and the personal ones? Specifically for the diaper app for example.
replies(1): >>43541124 #
56. illiac786 ◴[30 Mar 25 18:34 UTC] No.43526389{3}[source]
I think it’s a personal decision. I really, really do not want to carry two huge slabs around. One is already too much.

Account driven MDM enrolment pushes the Pareto front when it comes to privacy/conveniency compromises from my point of view. I will ask my IT if they have already looked at it.

replies(1): >>43541667 #
57. CharlesW ◴[30 Mar 25 19:31 UTC] No.43526828{5}[source]
They don't need to be, since it's enforced at the OS level. Users can limit permissions to individual contacts regardless of whether iOS apps have been updated to explicitly handle that use case.
replies(1): >>43540766 #
58. mercutio2 ◴[31 Mar 25 03:24 UTC] No.43530566{3}[source]
iOS hasn’t allowed access to contact notes for several years, and last year added support for providing arbitrary subsets of contacts to all apps.
59. MBCook ◴[31 Mar 25 22:43 UTC] No.43540766{6}[source]
I meant updated yo the newer nicer replacement UIs.

For example I know Slack still doesn’t use the single picture picker. They still want access to everything.

So iOS lets me limit what they can see, but it’s still a pain compared to just letting me pick the one picture I want.

60. wkat4242 ◴[31 Mar 25 23:26 UTC] No.43541124{6}[source]
I don't believe they do, no. The numbers aren't all that important in terms of MDM. We don't even see the number if someone inserts a second private SIM in their company phone. We consider that personal information we shouldn't even know.
61. fashion-at-cost ◴[01 Apr 25 00:47 UTC] No.43541667{4}[source]
The benefit with the two device approach is when you can not carry both devices for the majority of the time. If i’m not explicitly on call, my work device isn’t with me. Anything anyone says to me will wait until I’m back in the office.

If you have the self control to refuse to ever check Slack and disable all notifications/etc on your personal phone when not on call, this doesn’t apply as much. But for me I default to trying to stay on things and forcing myself to disconnect is a net good, even if it does mean I carry two phones at times. My pockets are large.