Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

LoveTo

macrumors regular
Original poster
Oct 3, 2021
117
918
Hello There!

Wondering if any app developers on this forum can shed some light here. I have been trying to find this information for a while and couldn’t find it anywhere.

Does anyone know what all system permissions do apps have by default? Even if I deny every permission the app asks, surely it has some basic permissions to function? What about device id? Can they identify me across apps with it? Is it worth sticking to web versions only instead of apps?
 
Well, what do you consider a permission? Adding two numbers together? Division? Putting a window on your display? Playing audio out your speakers? Sending a print job to Apple's print services, so the printer dialog pops up; The app in that case never directly talks to the printer but just gives the document data to an Apple API that then talks to the printer driver. - And so on. Permissions only really make sense if you have a model for what permissions exist. If you don't have a model for a permission then there's neither a concept of blocking or allowing it, it just is.

With that said, Apps generally run in a fairly confined sandbox by design. In addition to the permissions you allow or deny as a user, the developer will register the functionalities the app may use in certain categories, like location services and using the network (with separation of listening on a socket versus connecting to a remote socket). This means that even if the app gets taken over by a malicious actor, the malware won't be able to utilise un-needed functionality through that app.

As for being identified, Apple generally is pretty good about trying to protect your privacy and if you don't explicitly allow identifiable tracking, there is nothing directly made available by the OS that intentionally facilitates that. However, fingerprinting is a very big field of its own. And it doesn't matter if you run a browser based program or a local application instance, you will be fingerprinted. Everything from the way you use the application to the data you use the application with, to the information about your system - recovered directly or indirectly - to factors in your surroundings. Especially websites with an interest in advertising, but certainly also advertising focused applications, will use all this data to uniquely identify you even if they cannot have unique IDs.
There was a recent paper I read about identifying specific GPUs even from within the same model of GPU through a bit of invisible WebGL. With fairly high certainty they could discern the little manufacturing differences between similar models of laptops based on how the GPU code was executed (timings).

This isn't utilised by everyone; Far from. But among free, and especially ad-supported software it is not too uncommon either to see a lot of fingerprinting techniques.

If you're using the App Stores, apps will have privacy labels that are good at informing you what kind of data the app is collecting, if it's identifiable or anonymised, etc.
 
Thanks for the detailed response, @casperes1996!!

With permission, I meant something like Device ID or WiFi name, operator, etc that can identify me. Whether apps have access to those.

Based on the rest of your reply, sounds like there aren’t any such additional details available to apps compared to web version. And based on rest of the parameters, apps and websites can track you alike.

So in conclusion, there isn’t really a privacy benefit by using web version instead of app, right?
 
Thanks for the detailed response, @casperes1996!!

With permission, I meant something like Device ID or WiFi name, operator, etc that can identify me. Whether apps have access to those.

Based on the rest of your reply, sounds like there aren’t any such additional details available to apps compared to web version. And based on rest of the parameters, apps and websites can track you alike.

So in conclusion, there isn’t really a privacy benefit by using web version instead of app, right?

I haven't conducted a detailed look at everything, but I can confidently say that the conclusion is correct. Even if one or the other has one or two more tools to track with, both generally have enough tools to perfectly track you regardless, if the effort is put into it
 
  • Like
Reactions: LoveTo
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.