Mar 30, 2021

From the study[0]...

"Several pre-installed system apps make regular network connections that share device identifiers and details ... The Clock app connects to Google Analytics ssl. google-analytics.com/batch."

Really, the clock app calls analytics on a regular basis. That is just ridiculous.

[0]-https://www.scss.tcd.ie/doug.leith/apple_google.pdf

Mar 30, 2021

The linked PDF (direct link for the truly lazy [0]) shows that every few minutes Apple sends binary data to its servers which includes the MAC address of nearby devices. (It's unclear if these are only devices on the same network, e.g. from arp, or any nearby devices that are broadcasting a static MAC address). Here, I'll even quote it for you. It's on page 7 at the bottom left, continuing on the top right:

> However, the geod process uploads binary messages to gsp85-ssl.ls.apple.com... While it is not clear what information is contained in this binary message, it can be seen to contain the MAC addresses of nearby devices sharing the same WiFi network as the handset e.g. f2:18:98:92:17:5 is the WiFi MAC address of a nearby laptop, 70:4d:7b:95:14:c0 the MAC address of the WiFi access point.

Idk what they do with this info, and I'd much rather Apple have it than Google, but you can imagine the "God mode" they could create at Apple HQ if they were so inclined. The data is absurd... imagine what you could do if you knew where billions of people were at every second of every day for years.

[0] https://www.scss.tcd.ie/doug.leith/apple_google.pdf

Mar 27, 2021

The original study https://www.scss.tcd.ie/doug.leith/apple_google.pdf. They had to jailbreak the iPhone for patching several libraries to circumvent certificate pinning.

Shouldn’t the link be changed from Irishtimes to the pdf?