Android gives you full control over the permissions given to apps just like iOS does.
And since you can download additional browsers and browser plugins that aren’t just repackaged Safari, you can have a lot more control over your Internet privacy if you want it.
Google’s entire profit model is offering software for free so that they can gather data and sell ads.
Granular app permissions are a start, but barely. Cross-app tracking is a bigger deal, and Apple is miles ahead of Google there; and Google is never going to catch up, because it would destroy their revenue search.
I’ve used both platforms extensively, I actually love Android. Google assistant is so much better than Siri that it’s obnoxious, custom roms are a ton of fun, having a way to get root access on a device is so important it should be legally required.
But, if you think that a company that exists to build an advertising profile and sell ads will ever produce a device that meaningfully blocks the ability to build an advertising profile, I’ve got a bridge to sell you.
I’m talking about blocking cross app tracking, not “restricting” it. Still, Google does not even restrict cross app tracking. They’ve announced a planned muli-year (their words) initiative to restrict cross app tracking- but, importantly, they’ve very clearly expressed that they’re going to work with advertisers to make sure that what they plan isn’t too disruptive. Which should be obvious anyway, because advertisers are literally their only real paying customers.
All that Google is interested in doing is finding the absolute minimum that they can do to give the illusion that they care about privacy, all without having to do anything that meaningfully protects user data. And only after Apple makes a huge change that devours even more of Google’s market share.
If you’re thinking about the current feature in android that allows users to “disable” cross app tracking, it actually doesn’t. It just disable Google’s advertising ID, but still let’s any app who wants to fingerprint your device using IP address and device serial.
No. Sandboxed apps only prevent some fingerprinting, but notably provides a ‘reasonable budget’ for data that can be gathered.
What you said about the advertising ID is true and is basically what I said, but disabling the advertising ID does not stop profiling or fingerprinting, just limits the most obvious applications of it.
Using a VPN is a start, but we’re comparing the privacy of Android and iOS. You can use a VPN on both. iOS includes an opt-in pseudo-vpn baked into the OS with private relay, for $0.99 per month. And besides, using a VPN does nothing to block the the fingerprinting done by native apps.
Are you sure you work in security? Like, mall security?
No. Sandboxed apps only prevent some fingerprinting, but notably provides a ‘reasonable budget’ for data that can be gathered.
Sandboxes absolutely prevent all cross-app tracking. The app doesn’t have access to anything outside the sandbox.
What you said about the advertising ID is true and is basically what I said, but disabling the advertising ID does not stop profiling or fingerprinting, just limits the most obvious applications of it.
What useful tracking do you think is still happening when you take these precautions?
Using a VPN is a start, but we’re comparing the privacy of Android and iOS. You can use a VPN on both. iOS includes an opt-in pseudo-vpn baked into the OS with private relay, for $0.99 per month. And besides, using a VPN does nothing to block the the fingerprinting done by native apps.
So then what difference does it make? You can use whatever VPN you want.
Are you sure you work in security? Like, mall security?
Yes. Stick to the topic. The ad-hominem is just childish.
Android app sideloading utilized something called a “privacy budget,” where the system does give sandboxed apps access to “limited” device data. The idea is that Google “doesn’t want to break the app functionality,” so Android provides details about the device as long as the app isn’t requesting “too much.”
Of course it’s possible to to completely sandbox an app without breaking it, but, again, Google is an adtech company and providing their customers with users that they can target with ads is literally their only goal.
I stopped reading your reply after your first paragraph because you’ve established a very predictable pattern of having no idea what you’re talking about.
You’re acting like you don’t realize that there is a difference between end user privacy, and security from targeted attacks.
I don’t really care how hard it would be for a motivated attacker to target me and breach the security of my device.
I do really care about how hard it is for every website on earth to know intimate, personal details about my life.
iOS is the only sane choice.
No. I’m very aware.
Android gives you full control over the permissions given to apps just like iOS does.
And since you can download additional browsers and browser plugins that aren’t just repackaged Safari, you can have a lot more control over your Internet privacy if you want it.
Google’s entire profit model is offering software for free so that they can gather data and sell ads.
Granular app permissions are a start, but barely. Cross-app tracking is a bigger deal, and Apple is miles ahead of Google there; and Google is never going to catch up, because it would destroy their revenue search.
I’ve used both platforms extensively, I actually love Android. Google assistant is so much better than Siri that it’s obnoxious, custom roms are a ton of fun, having a way to get root access on a device is so important it should be legally required.
But, if you think that a company that exists to build an advertising profile and sell ads will ever produce a device that meaningfully blocks the ability to build an advertising profile, I’ve got a bridge to sell you.
Google restricts Cross app tracking and you can entirely disable the ad profile.
They will continue to make money off of the users who don’t care, while capturing more market from those who do.
I’m talking about blocking cross app tracking, not “restricting” it. Still, Google does not even restrict cross app tracking. They’ve announced a planned muli-year (their words) initiative to restrict cross app tracking- but, importantly, they’ve very clearly expressed that they’re going to work with advertisers to make sure that what they plan isn’t too disruptive. Which should be obvious anyway, because advertisers are literally their only real paying customers.
All that Google is interested in doing is finding the absolute minimum that they can do to give the illusion that they care about privacy, all without having to do anything that meaningfully protects user data. And only after Apple makes a huge change that devours even more of Google’s market share.
If you’re thinking about the current feature in android that allows users to “disable” cross app tracking, it actually doesn’t. It just disable Google’s advertising ID, but still let’s any app who wants to fingerprint your device using IP address and device serial.
No. What they’ve done is made a local Ad ID that can be used locally on your device without interacting with another app. But you can disable it.
Plus, on Android you can literally completely sandbox apps: https://www.gtricks.com/android/how-to-sandbox-android-apps-for-privacy/
Or use a VPN if you’re worried about IP/Device tracking.
No. Sandboxed apps only prevent some fingerprinting, but notably provides a ‘reasonable budget’ for data that can be gathered.
What you said about the advertising ID is true and is basically what I said, but disabling the advertising ID does not stop profiling or fingerprinting, just limits the most obvious applications of it.
Using a VPN is a start, but we’re comparing the privacy of Android and iOS. You can use a VPN on both. iOS includes an opt-in pseudo-vpn baked into the OS with private relay, for $0.99 per month. And besides, using a VPN does nothing to block the the fingerprinting done by native apps.
Are you sure you work in security? Like, mall security?
Sandboxes absolutely prevent all cross-app tracking. The app doesn’t have access to anything outside the sandbox.
What useful tracking do you think is still happening when you take these precautions?
So then what difference does it make? You can use whatever VPN you want.
Yes. Stick to the topic. The ad-hominem is just childish.
Android app sideloading utilized something called a “privacy budget,” where the system does give sandboxed apps access to “limited” device data. The idea is that Google “doesn’t want to break the app functionality,” so Android provides details about the device as long as the app isn’t requesting “too much.”
Of course it’s possible to to completely sandbox an app without breaking it, but, again, Google is an adtech company and providing their customers with users that they can target with ads is literally their only goal.
I stopped reading your reply after your first paragraph because you’ve established a very predictable pattern of having no idea what you’re talking about.