For years, Facebook’s sneakiest data-collector has been the “Like” button. Any site that wants Facebook traffic needs one, which means they’re just about everywhere. And in order to work right, the button needs to log you in – which is to say, it needs to know who you are. How else would Facebook know who liked the post? Even if you don’t click, Facebook registers that you loaded the button, which means they get a map of every Like-enabled site you’ve been to, just the kind of data that advertisers will pay to target against.
Today at WWDC, Apple took a direct shot at that system and Facebook itself. Onstage, Apple’s VP of software Craig Federighi described Safari’s new anti-tracking features in unusually confrontational terms.
“We’ve all seen these like buttons and share buttons,” Federighi told the crowd. “Well it turns out, these can be used to track you, whether you click on them or not. So this year, we’re shutting that down.”
This is one of the very rare cases where competing corporate interests actually work out in the favour of consumers. One way or another, this will be added to all browsers.
Thom Holwerda,
This kind of blocking functionality already exists in the form of plugins for many browsers, which I’ve been using/recommending for many years. Can anyone weigh in on the state of tracker/ad blocking in Sarfari/IOS?
In any case, I’m glad to see apple officially taking up the issue. I do hope that blocked content is configurable by end users though, otherwise it gives apple a tremendous amount of power to censor web content for ulterior motives.
I’m not asserting this is their agenda, however consider this scenario: once apple has a url/content blocking feature and controls the block-list, it becomes feasible for courts to order them to block content, which apple will legally have to comply with. Countries like china might well force apple to give them control over the block list. So I welcome the feature at face value, but strictly on the condition that users will be in full control over it.
Any half-decent blocker – eg: uBlock Origin on Mac, 1Blocker on iOS – does the job.
gan17,
Does IOS actually have a supported API for ad/tracker blockers or is this achieved indirectly via software loopback mechanism (proxy or VPN)?
The reason I ask is because blockers become much less flexible when they’re running outside of the browser and only see the encrypted HTTPS traffic. You can only block at the hostname level and it is impossible to block by URL and/or content filters.
In plugin enabled browsers, blockers like ghostery are actually able to replace the trackers with on screen widgets that let users decide whether or not they want to enable blocked content, sometimes offering an untraceable functional substitution. This can be very useful if there are times when you need to allow blocked content. Obviously this doesn’t work for HTTPS “man in the middle” blockers.
Edited 2018-06-06 13:26 UTC
I believe these came in a few years ago, and that there is the “Safari Content Blocker API”, which has been around for a few years and supports both Mac and iOS. For example, https://developer.apple.com/library/archive/documentation/General/Co…
henderson101,
Great info, thank you for the link!
IF they actually block content. They might as well poison the trackers rendering all data useless.
In five or six years time, Apple will have their own social medias and tracking buttons and it will be sold as Jobs’ gift to the world.
If you don’t want to wait for Safari you can always use Firefox for iOS which has full tracking protection always on and blocks all forms of tracking, both direct and indirect: https://blog.mozilla.org/blog/2017/09/21/tracking-protection-firefox…
Full disclaimer: I work for Mozilla though not specifically on Firefox for iOS
I use Firefox on all my machines, Mac, iPhone, Linux and Windows. The only thing I dislike about Firefox on iPhone is that iOS does not allow you to set a default browser (not Mozillas fault).
GMail only offers to open websites in Safari or Chrome. Microsoft at least allows opening links in Firefox. It’s stupid that this is a per-application implementation.
I’ll stubbornly keep using Firefox.
Edited 2018-06-06 08:02 UTC
I find hard to discover what is blocked in Firefox, the list of trackers to be blocked. Compared with the ad blocker, uBlock, where I am just a few clicks away from reading (and editing) the filters, this tracking protection is like a black box.
Yes, Firefox. Supported by a company which takes payment from advertisers to serve you sponsored content and sneaks that in (turning the option back on if necessary) during updates. No thanks.
Doesn’t Firefox already have tracking protection in place? I don’t know how it is different from what Apple is going to introduce, but I find it strange that neither Verge nor Thom mentioned it…
Even without cookies there are many ways to track the user. It starts with the IP address and does not yet end on stuff like font lists.
Explicitly asking for permission on cookies from third party domains is a step in the right direction. The logical next step should be asking for permission on all content (JavaScript, images) loaded from third party domains.