Comment by sneak
5 months ago
How about a no/limited internet setting? So many apps spy on you and they don’t need network at all to function.
5 months ago
How about a no/limited internet setting? So many apps spy on you and they don’t need network at all to function.
Fully denying internet access for an app is actually in iOS and has been there for many years.
But it's only available in China.
https://tinyapps.org/blog/202209100700_ios_disable_wifi_per_...
Grapheneos lets you pick this for apps before they even launch. You can revoke their network access, as well as define storage scopes for apps at a folder level, so if an app needs access to photos, you can define a folder, and that is the only folder it can scan for photos.
I used that when submitting parental leave at work. I didn't want to provide full access to all my photos and files for work, so all they got was a folder with a pic of a birth certificate.
A big problem with GrapheneOS is the fact it only officially supports Google phones. Google is apparently incapable of selling those things globally, limiting availability.
There's also the fact hardware remote attestation is creeping into the Android ecosystem. There's absolutely no way to daily drive something like GrapheneOS if essential services such as banks and messaging services start discriminating against you on the basis of it. Aw shucks looks like your phone has been tampered with so we're just gonna deny you access to your account, try again later on a corporation owned phone.
GrapheneOS is amazing from a security and privacy perspective but it doesn't matter. The corporations will not tolerate it because it works against their interests. They will ban you from their services for using it. Unlike Google and Apple, they have no leverage with which to force the corporations to accept terms unfavorable to them.
Is a bank app on your phone essential? I've never had a bank app installed on my phone.
1 reply →
iOS and Mac also let you do this, for photos, contacts and files.
Apple is also pushing developers toward using native picker components. That way, you don't need to request consent at all, as you only get access to the specific object that the user has picked using a secure system component.
> That way, you don't need to request consent at all, as you only get access to the specific object that the user has picked using a secure system component.
This is an interesting contrast with the earlier philosophy of phone OSes that the file system is confusing to users and they should never be allowed to see it.
1 reply →
Until the app's devs get wise to this, and do not allow the app to function without the network access. It could be as simple as a full screen, non-closable screen that says the app requires network access with a button to the proper setting to correct the issue.
Such "go away" screens are in violation of Apple's AppStore rules. You cannot make a permission a condition of using the app, and stop the user from using it if they don't grant that permission. The app should gracefully do as much as it possibly can without the permission.
Try signing in in any Google app without allowing data sharing with Safari. It's not possible. They don't let you.
It's kind of weird that Apple introduced this big fat tracking consent popup, but they don't really do anything to actually prevent cross-app tracking...
This holds for every app and every permission? Because I'm quite sure I recently used an app that closed for not allowing a permission. May be misremembering..
3 replies →
You can't do this, because some users are genuinely offline sometimes.
Yeah like the ChatGPT app that doesn't work without a Google account. I have Google play on my phone, just no account logged in. I do have Google play services like firebase push which many apps legitimately need. But ChatGPT just opens the login screen in the play store and exits itself.
I'm always wondering why these idiots force the creation of an account with their direct competitor. It's the only app I have that does this. But anyway I don't use their app for that reason, only use them a bit through API.
It doesn't do that for me. There's a Google button, and then big sign up/log in buttons, and a non-Google email works fine.
I would love an iOS setting that blocks all network access for certain apps
GrapheneOS has that. It asks every time you install a new app whether it should have network permissions.
Android can do this