Archive for February 15, 2023

Wednesday, February 15, 2023

Lawsuits Over Apple Analytics Switch


The App Store on macOS 13.2 sends detailed usage data and analytics to Apple. All interactions are associated with the user’s iCloud ID, or dsid. This happens even when you turn off sharing usage data and analytics.


Here’s an example of the analytics sent when I search for “Holy Moly” on the App Store. Everything is logged and associated with the user’s iCloud ID, even when you play a video of an app and click on the unmute button. Data collected can identify a user personally.


The privacy label of the App Store does state that the app collects usage data and links it to the user’s identity. However, the description in the Settings of “Share Mac Analytics” gives the impression that usage data will be turned off with that switch.

Thomas Germain (via Dare Obasanjo):

The company was just hit with a fourth class-action lawsuit over accusations surreptitious iPhone data collection. Three of those lawsuits were filed in January alone.


In November, Gizmodo exclusively reported on research demonstrating that your iPhone collects hyper-detailed data about what you do on its apps, like the App Store, Apple Stocks, Apple Music, Apple News, and more—even when you turn off the iPhone Analytics privacy setting, which explicitly promises to stop the snooping.


Gizmodo contacted Apple about this problem for the seventh time this morning, which has to be another record breaker. As happened the previous six times, the company didn’t respond. Apple hasn’t said a single word to defend this privacy issue in public.


Update (2023-03-14): Mysk:

Apple is facing two more class action lawsuits for “its practice of harvesting data from iPhones and its other consumer personal computing devices”

Now the total number of lawsuits settles at 20, all of which are based on the “Mysk Study”

Update (2023-03-23): Mysk:

Another class action lawsuit against Apple for deceptively and systematically violating wiretapping, privacy, and consumer fraud laws for its own financial gain.

Update (2023-06-16): Mysk:

Craig Federighi: “The data that’s interesting to train these [AI] models is data that is publicly available data, not personal data. We do not need your personal data to make our systems smart. And when we need to get specific data for a specific person, we’re not doing that by spying on people we’re gonna go out and get it the right way.”

Such public statements about respecting users privacy are the reason why #Apple is facing 21 class action lawsuits for collecting exhaustive usage data in the App Store app and linking it to the user’s identity without providing an option to opt out.

Update (2024-02-20): Mysk:

Users should be aware that the App Store collects exhaustive usage data and sends it to #Apple. This can’t be turned off. We made this video to show how tapping an app link gets recorded in details.

After tapping a link posted on X, we requested a copy of the Apple ID data and we found this: (76,779 records in 734 days 🤯)

Update (2024-07-18): Mysk:

Soon after we published our findings about the App Store collecting exhaustive and identifiable usage data, we were approached by law enforcement in the U.S. to help them navigate through the usage data they obtained from Apple for a suspect. They presented a court order to Apple. As we showed, there’s no way to turn off sharing the App Store usage data. Apple maintains this identifiable data about every user.

Swapping App Data After Review

William Gallagher:

Con artists involved in a so-called “pig butchering” scam sneaked apps into Apple’s App Store and Google Play Store by temporarily presenting innocuous functionality.


As the apps went through review, they each appeared to be doing exactly what they claimed to be.

Once the apps were approved and on the App Store, though, the destination websites were seemingly changed.


In this case, the very presence of the apps on the App Store and Google Play Store helps make them seem legitimate.


Arbitrary Beautiful Colors

Soroush Khanlou:

Unfortunately, colors generated like this look really bad. They often come out muddy and ruddy, and generating more than one color doesn’t come with any pattern or structure. The colors are all over the place.

This is a structural problem with RGB. RGB is focused on how color is produced, rather than how it’s perceived.

Fortunately, the solution to this problem is well documented. There are a few blog posts out there (warning: JavaScript) that lay out an approach. The idea is this: by using a hue based color space, like HSL, you can hold two parameters constant (saturation and lightness), and modify only the hue, giving you multiple colors that live in the same “family”.


It turns out that the answer I was looking for was in a YouTube video I watched over 10 years ago. The remarkable Vi Hart published a series of videos (one, two, three) about how plants need to grow their new leaves in such a way that they won’t be blocked by the leaves above, which lets them receive maximum sunlight.

Geekbench 6

John Poole (via MacRumors):

Geekbench tests have always been grounded in real-world use cases and use modern. With Geekbench 6, we’ve taken this to the next level by updating existing workloads and designing several new workloads, including workloads that:

  • Blur backgrounds in video conferencing streams
  • Filter and adjust images for social media sites
  • Automatically remove unwanted objects from photos
  • Detect and tag objects in photos using machine learning models
  • Analyse, process, and convert text using scripting languages


We also updated the datasets that the workloads process so they better align with the file types and sizes that are common today.


The multi-core benchmark tests in Geekbench 6 have also undergone a significant overhaul. Rather than assigning separate tasks to each core, the tests now measure how cores cooperate to complete a shared task. This approach improves the relevance of the multi-core tests and is better suited to measuring heterogeneous core performance.

Akamai Kills Linode Brand

Blair Lyon (via Hacker News):

Since Akamai’s acquisition of Linode in early 2022, we’ve been hard at work to bring the platforms together under one roof. With the announcement of Akamai Connected Cloud, Linode is now fully integrated into the Akamai brand. Going forward, Linode’s services will be referred to as Akamai’s cloud computing services.

Rui Carmo:

I understand that Akamai execs may have thought killing the Linode brand would help bring their compute services upmarket, but very strongly believe this was the stupidest thing they could do.

Linode’s success and brand name came from reliable, cost-effective servers managed by knowledgeable people, and everything I know about Akamai at a personal level these days is the exact opposite[…]

Meanwhile, DigitalOcean is doing layoffs.


Update (2023-07-26): Marco Arment:

Linode/Akamai has notified me that they’re forcing an offline migration of one of my primary databases within 48 hours.

In the middle of a week.

It’ll cause ~8 hours of complete Overcast downtime if I don’t bring up a new instance and migrate everything over myself by then.

And this server costs 20% more than it did a year ago.

The Akamai acquisition of Linode has not improved anything for Linode’s customers, as far as I can tell. So far, we’re just paying more for equal or worse service.

Disabling Internet Explorer

Eric Van Aelstyn:

The out-of-support Internet Explorer 11 (IE11) desktop application was permanently disabled on certain versions of Windows 10 on February 14, 2023 through a Microsoft Edge update. Note, this update will be rolled out over the span of a few days up to a week, as is standard for Microsoft Edge updates.

All remaining consumer and commercial devices that were not already redirected from IE11 to Microsoft Edge were redirected with the Microsoft Edge update. Users will be unable to reverse the change. Additionally, redirection from IE11 to Microsoft Edge will be included as part of all future Microsoft Edge updates.

Via Nick Heer:

It is an interesting update, though, if only because it is rare for any vendor to force users to stop using software, let alone Microsoft.


Update (2023-02-21): See also: Hacker News.