Newly In Stock: SEE ALL...
Sony Mirrorless wish list • Deals on Sony
$2997 Nikon Z7 II Mirrorless Camera OUT OF STOCK in Cameras: Mirrorless	$2297 Nikon D780 DSLR OUT OF STOCK in Cameras: DSLR	$2997 Nikon D850 DSLR OUT OF STOCK in Cameras: DSLR	$720 ZEISS 32mm f/1.8 Touit Lens for FUJIFILM X OUT OF STOCK in Lenses: Mirrorless	$497 Pentax 70mm f/2.4 HD Pentax DA Limited IN STOCK in Lenses: DSLR

Highly Recommended!
External SSD wish list • Deals on OWC
$220 SAVE $130 = 37.0% Western Digital 16.0TB Western Digital Ultrastar DC HC550 3.5-in… in Storage: Hard Drives	$680 OWC 2.0TB OWC Atlas Ultra CFexpress 4.0 Type B Memory Card in All Other Categories	$580 OWC 4.0TB OWC Envoy Pro Elektron USB-C Portable NVMe SSD in All Other Categories	$630 OWC 4.0TB OWC Express 1M2 USB4 (40Gb/s) Bus-Powered Portable NVM… in All Other Categories	$2380 OWC 72.0TB OWC ThunderBay 4 Four-Drive Thunderbolt External Stor… in All Other Categories

Apple Analytics Personally Identifies You While Marketing the Piss Out of “Privacy”?

2022-11-21 • SEND FEEDBACK |

Related: Apple, Apple Core Rot, Other World Computing, privacy, security, telework, VPN

Claims propounded by these researchers have proven-out as correct; to my knowledge none of them have been found to be false or even been credibly disputed by Apple. I could be wrong, if so then readers can please point me at Apple’s debunk. Apple itself could comment on the claims right on Twitter—but does not—why not?

Latest claim from security researchers:

Apple’s analytics data include an ID called “dsId”. We were able to verify that “dsId” is the “Directory Services Identifier”, an ID that uniquely identifies an iCloud account. Meaning, Apple’s analytics can personally identify you.

Apple states in their Device Analytics & Privacy statement that the collected data does not identify you personally. This is inaccurate. We also showed earlier that the #AppStore keeps sending detailed analytics to Apple even when sharing analytics is switched off.

Apple uses DSID to uniquely identify Apple ID accounts. DSID is associated with your name, email, and any data in your iCloud account. This is a screenshot of an API call to iCloud, and DSID it can be clearly seen alongside a user's personal data:

...

MPG: appalling if true, which seems likely. Is this intentional or just the usual Apple Core Rot incompetence, all while making us endure self-serving Apple propaganda on privacy and human rights, while selling us products built by abused and exploited human being over in CCP China?

Seems to me grounds for a massive class-action lawsuit?

Granting Apple the best-case assumption of gross incompetence, the world’s most profitable company cannot afford a basic security audit?

Still, it does not matter what you use: assume whether it is Apple or any encrypted or secure app is not secure and has been compromised. Because it almost certainly is or will be and the other end is not you. One could wish for the old authentic legitimacy of PGP, which I helped engineer—it was the real deal.

As if that is not egregious enough, this claim is even more concerning for those living in oppressive countries:

We confirm that iOS 16 does communicate with Apple services outside an active VPN tunnel. Worse, it leaks DNS requests. #Apple services that escape the VPN connection include Health, Maps, Wallet. We used @ProtonVPN and #Wireshark. Details in the video: ...

Apple marketing propaganda and CED Tim Cook continue to claim security and privacy all while exhibiting incompetence at delivering it.

We are not talking about subtle flaws in code here, or obscure chip-design defects. We are talking about an obvious failure to exercise even the most rudimentary engineering safeguardds and the most minimal standards for quality assurance. In short, gross incompetence.