For the first time in a long time, the latest version of iOS has been released “by itself”, regardless of the new generation of iPhone. This year the release caught many developers by surprise: they did not expect such a fast release of Gold Master and the official release that followed literally the next day. In this article we will talk about what was done by Apple programmers to protect users’ privacy, as well as what was announced in early betas, but was not included in the final build.
Let’s start, perhaps, with the most interesting: applications that want to always know your location, now you can slightly slap on the hands without losing functionality. In iOS 14, it is now possible to allow applications to access an approximate location instead of an exact location. How “near”? At WWDC 2020 it was said about an area of about ten square miles, which corresponds to a circle with a radius of about three kilometers.
Why is this important? The vast majority of application developers (especially free applications) are fond of profiling users in order to sell this information for a little money. The profile is happy to include the exact location of the user if the user has agreed to provide access to the location (and access is usually given even to applications such as Microsoft OneDrive, not to mention weather forecasts or ticketing applications). This creates a unique situation: on the one hand, iOS and previous versions limit the frequency of polling location sensors background processes, but on the other – the user can install many applications, and in most of them will be built into several “spy” SDKs of the same manufacturers (from Facebook to companies whose names are not on the public’s radar). As a result, continuous surveys of location sensors with many applications with the same SDK provide a fairly clear and quite detailed picture of the user’s movements.
In marketing materials Apple say that applications with local news or weather such accuracy is enough. From my point of view – even more than enough; data approximate location can be coarsened even stronger without losing the accuracy of the weather forecast or local news.
By the way, in terms of the “spy” SDKs themselves approximate location is only a little better than a complete ban on access to geolocation data: calculate the approximate location of a user by only his IP address Facebook & Co can more than fine.
Stricted access to media library
With the new version of iOS, the user will be able to restrict applications from accessing the media library. While previous versions of iOS gave apps access to media files on an all-or-nothing basis, the user can now give the app access to an entire library (for example, for Dropbox, OneDrive, which must sync all photos to the cloud) or only to individual photos. Access to individual photos is useful if all you want to do is send a specific photo to a chat room, create an avatar or edit a photo in a new free editor with the dawning of artificial intelligence.
First of all, famous fans of profile users throughout the array of available data – the owners of applications Facebook, Instagram and the like will suffer. This will benefit ordinary users, who will have an extra tool that allows you to control the possible leak channels of private photos and videos.
However, I wouldn’t be too excited about it: Back in the beginning of the year, Apple introduced a practice
Fixed clipboard privacy problem
On the main page devoted to the new version of iOS, there is not a word about the problem with the clipboard privacy observed in previous versions of the system. Let me remind you that we are talking about a problem,
Another interesting point is that nearby (about three meters away) devices using the same Apple ID may have
The clipboard may receive data such as one-time passwords for two-factor authentication, links, addresses, search queries, and many other things that a user is not willing to share with Tik Tok owners,
Apple has not recognized the problem: In terms of iOS ideology, a shared clipboard should be available to all apps on the system without any additional permissions. In iOS 14, however, changes have been made, as recommended by security experts. The system now displays a small banner notifying when the application reads the clipboard contents.
Such a number of banners that pop up at the top of the screen will irritate users, but it is impossible to disable them: iOS does not have a special permission to access the clipboard. This can be done either by refusing to use suspicious applications that constantly read the clipboard content, or by using the new API introduced in iOS 14 by application developers. The new API allows an application to know the type of text data that the clipboard contains without accessing the content. In particular, applications that scan the clipboard for links to websites will be able to find out whether the clipboard contains a URL or not. Thus, the number of triggers (and, accordingly, notification banners) will gradually decrease as developers update their applications.
The emergence of the new mechanism is understandable: it is the company’s reaction to what has already happened. Apple can only be praised here: on the one hand, there is a reaction, on the other hand, in its favorite manner, the company will not let users hide their heads in the sand by providing tools and motivating to fix the problem directly to those who created it – the developers of applications.
Microphone and Camera Indicators
Users of beta versions of iOS 14 have noticed the indicator points that appear at the top of the screen when using a camera or microphone. An orange indicator shows that the microphone is on and a green indicator shows that the camera is on. This works for all applications except Siri, which listens to the airwaves while waiting for the code word constantly.
Such indication is quite in line with the modern trend. Thus, in all relatively fresh Macbook laptops, the microphone power supply
More Active Promotion of Authentication through Apple Login
“Login with Apple” is another attempt to create a unified authorization service similar to the solutions from Google, Facebook or Microsoft. Unlike the latter, the implementation of Apple has both advantages (to login to each site or application, you create your own unique email address, which is simply blocked when deleting your account) and disadvantages (tight connection to the ecosystem of Apple). In iOS 14, Apple once again reminds you of the possibility to use “Login from Apple” instead of login and password and simplifies the implementation of such a transition for application developers. The company points to a higher level of security and privacy compared to using the same email address and the same password.
The new system also has one more pitfall. As part of the fight against Epic Games, Apple decided to block game users the ability to login through “Login from Apple”.
However, the next day the ban was suspended.
For users it all looks pretty weird. Not only is it normal to use the authorization service “Login with Apple” you can only within the ecosystem of Apple (changed your phone to Android – register again), but also you risk losing the opportunity to enter the site or the application? I do not know, I do not know…
By the way, some competitors are not doing better. For example, Facebook is known
Local autofill contacts
When filling out standard fields in applications (name, address, and email), iOS 14 users will not have to “share” a contact. Now it is enough just to enter a contact name from the address book, and the system will automatically fill in the remaining fields. The autofill works locally on the device itself.
Voice Input Recognition
Voice input recognition at dictation using a standard keyboard is now done locally, on the device itself. Don’t hurry to rejoice: despite the fact that you can dictate text in almost a dozen languages, Russian is not included in this list. By the way, in iOS 13 the offline dictation mode was supported for all devices (but only for English), and the new “recognition on the device” mode, which supports several languages, requires an iPhone Xs or a newer device.
APFS-encrypted media support
The Files app, which appeared in iOS 11, has new functionality: now external drives using APFS encryption are supported on iOS devices. To access the encrypted drive, all you have to do is enter a password. The new feature will be more useful for users of iPad models equipped with a USB Type-C port.
Changes-In Safari Browser
The innovations described above apply to all applications running on the system. However, there are a few things that will affect users of Safari’s built-in iOS browser.
In Safari, you can now learn exactly how websites track user behavior. It’s a really interesting tool. You can view information both on a single website and on each specific tracker that tries to create your profile by tracking open pages. This kind of analysis was previously available only in third-party ad blockers, and even not on every platform.
This innovation is a welcome one: it will allow users to better understand the scale of surveillance.
Check Unsecure Passwords
Safari, like many other browsers, allows you to save and synchronize passwords to online resources. Unlike other browsers that use separate databases to store passwords, Safari turns to the system’s secure data repository, Key Link. This is where passwords are stored. The cloud keychain (iCloud Keychain) is responsible for synchronizing passwords.
Safari’s new feature essentially replicates
Just like Google, Apple will check user saved passwords against the leak lists. As far as can be understood from the description of the new function, the reconciliation is performed without passing on the passwords themselves – solely by their hash functions.
Personal Data in App Store
The next two features in iOS 14 have been announced, but in reality they will appear later, if at all. By the end of the year a new section should appear on the page of each application in the App Store, where the user can see what data protection technologies are used in the application. Expressing more precisely, the user will be able to find out what information the application collects, whether it is location data, access to contacts or the use of a unique advertising identifier. The feature is so raw that at the time of writing this article, its interface is not even fully translated into Russian.
Tracking Management and Transparency in Apps
If we can say about the previous innovation that it will be implemented, then with the next possibility of such clarity is not. We are talking about tracking management with the help of embedded advertising SDK – for example, the SDK from Facebook.
Apple’s history of fighting Facebook and similar tracking has gone back to iOS 11, with the
It turned out that it can. But “can” is more technical than political. We are talking about a mechanism that was introduced, but not implemented in the final build of iOS 14 and postponed to a better time, which would not only warn the user that a particular application is tracking its activity, but would also require the developers of the application to ask permission in advance. The list of applications that the user has allowed to track his data could be viewed and changed in the settings.
This is what the setup looks like.
And this should look like a tracking request.
From a technical point of view, it is probably a request for permission to access a unique advertising device identifier (Identifier for Advertisers, or IDFA). It was assumed that in iOS 14 the user could either disable IDFA altogether or, if not, control which applications were allowed to access this ID. However, even beyond IDFA, iOS 14 would require applications to request permission for any kind of user tracking or profiling. And if Facebook did not need to do this in its own application (there are enough other mechanisms), then third-party developers using the Facebook Audience Network SDK were subject to the new rules in full. Not only would they be forced to ask permission to follow the user – so many users would be surprised to learn that they are being followed at all. And even after the second dozen applications would have asked for permission to track the user, the user could have turned off the advertising ID.
On Facebook, users would prefer not to think about such things. Jason Atin of inc.com
The reaction of Facebook
The introduction of iOS 14 will affect the ability of advertisers to fine-tune targeting and profile campaigns on the Audience Network and all other advertising networks. As a result, you can expect to see fewer opportunities to effectively monetize the Audience Network. Ultimately, despite all our efforts, Apple’s updates can make the Audience Network so inefficient on iOS 14 that there is no point in offering it on iOS 14.
At the end of their Facebook application, Apple was mildly mistaken for Apple, pointing to the need to consult with major players before infringing on their income.
As always, a noticeable part of the user protection mechanisms added to iOS is Apple’s response to open circumstances or own implementation of competitors’ analogues. However, there are still new and interesting things in iOS 14 in terms of privacy. It’s a pity that the most significant innovations limiting the ability of applications to follow the user through the advertising SDKs, the official release has not included: progress in this direction, if there will be at all, we will see no sooner than next year.