undefined | Better HN

0 pointsdanShumway2y ago0 comments

> The threat vector is facebook telling users to install Instagram/FB from their own app store

PSA, do not install Facebook on your iPhone. Use your browser.

Apple does deserve credit for forcing some privacy improvements on iOS for the Facebook app but it is in no way comparable to the privacy of a web browser. If you are using Facebook's app because you're on iOS and you're thinking, "oh it's fine, Facebook can't track me" -- please uninstall it, a native app on iOS still has far more tools at its disposal to track you than it should have.

As just one example, I would like to say that Facebook's in-app browser code on iOS is now blocked (https://www.engadget.com/meta-can-track-facebook-and-instagr...) but I'm not sure if that's actually the case. I hope it is, a quick cursory search couldn't tell me but it's very possible that Apple patched this by now. But what I do know is that Apple made a lot of noise about blocking tracking code before this article came out and while Facebook still had these capabilities.

Don't use known untrustworthy native apps. Don't use them on Android, and don't use them on iOS.

---

Also to be clear, the privacy improvements Apple has pushed for on iOS are in no small part to stop allowing access to an advertising ID that should not be on iOS at all. I don't want to act like there's no meaningful improvement here, Facebook's reaction is proof enough that Apple's changes did increase privacy. And I fully support Apple improving privacy. But some of that improvement is Apple putting controls in front of systems that shouldn't exist or covering for systems that are way more open and way less sandboxed than they should be.

So part of the difficulty of talking about Apple's security models and the role that the app store plays in that process is that some of Apple's policies are really only enforced on the app store, even though they should be enforced at an OS level that would apply to every app regardless of what app store it came from. Of course, not every permission can be expressed that way, but some permissions can. Web browsers are proof of that -- Safari doesn't have a quality control system in place to block abusive websites like Facebook, but despite that, it still manages to be better for your privacy for you to use Facebook from Safari instead of via a native app on iOS.

I worry that Apple's app store polices are sometimes used as an excuse to avoid building much more robust protections against tracking into the OS itself, and I worry that better privacy standards on the iOS app store get interpreted as proof that native apps on iOS are just generally safe and private. But Apple's standard of what counts as private "enough" to be on the app store is not always as strict as it could be. Generally speaking, until we get much better sandboxing controls on mobile devices than we have today, known malicious or known privacy-intrusive apps like Facebook, Twitter, Instagram, or Threads should not be installed period from any app store 1st or 3rd-party, they should be used in a web browser.

Reasonable people can disagree whether a 3rd-party app store would make this problem worse, but please don't have the takeaway of "a 3rd party app store would make the Facebook app suddenly unsafe and my parents would get fooled into installing it." The Facebook app is already unsafe, and your parents already shouldn't be using it.

0 comments

judge20202y ago

> Also to be clear, the privacy improvements Apple has pushed for on iOS are in no small part to stop allowing access to an advertising ID that should not be on iOS at all.

In 2010, Apple launched its own ad system called iAds[0]. Around that time, they started to crack down on other ad networks using UDID/mac addresses to target users with ads[1]. I imagine that Apple only made the IDFA in a compromise with advertisers[2].

While I understand the sentiment that any tracking identifier shouldn't exist, Apple needed iOS to continue to succeed in the iOS 6 days and probably didn't want to deal with any anticompetitive lawsuits that early in the lineup's lifetime.

0: https://www.apple.com/newsroom/2010/06/07Apple-to-Debut-iAds...

1: http://www.cultofmac.com/160248/what-the-hell-is-a-udid-and-...

2: https://www.businessinsider.com/ifa-apples-iphone-tracking-i...

danShumwayOP2y ago

I'm confused how you would see this as anything other than further evidence for my point.

Don't install native apps from hostile networks like Facebook; they hook into systems that shouldn't exist that were added as a privacy-compromising concession in order to avoid regulatory scrutiny into other systems that also shouldn't exist.

The history of IDFA ultimately boils down to one fact: that for whatever reason it was added, the protections in place now are still protecting you from a tracking system that Apple added. And Apple's standards on what is and isn't an acceptable line to cross regarding privacy demonstrably are not always as going to be as strict as they ought to be. Sometimes Apple compromises.

These apps are not safe just because they have Apple's seal of approval, there is a certain threshold of abusive behavior from apps like Facebook that Apple will tolerate. It is better to use a web browser so that (however imperfect it may be) you can get at least some small amount of real sandboxing.

Look, I'm not even saying you need to support third-party app stores. I obviously have opinions on that, but if you disagree and think 3rd party stores will make things worse, then fine. That's not my point. My point is: don't get the impression that Facebook's native app is safe just because Apple hasn't removed it. iOS doesn't have enough tracking protection to make it a good idea to use these apps natively on your phone or to make it OK to advise others to install them; they should be avoided and used only within a browser if you care about your privacy.

j / k navigate · click thread line to collapse