Some of the most popular iOS apps have been found to work around Apple's terms of service to collect sensitive information about the devices they are installed on.
According to the researcher who discovered the practice, this is a big problem because app providers can use this data to profile and subsequently track their users, which is a big no-no for Apple.
How he explains it mysk In X, with iOS 10, Apple allowed mobile apps to run in the background to process and then deliver push notifications. As soon as the process is completed, the applications are suspended again and then terminated to improve performance and security. But during this small period of time, some apps were observed collecting sensitive data from the device. That includes system uptime, regional settings, keyboard language, available memory, battery status, storage usage, device model, and screen brightness. All of this, Mysk maintains, can be used to fingerprint (profile) users and then track them.
The Apple movement
“Our tests show that this practice is more common than we expected. The frequency with which many apps send device information after being triggered by a notification is mind-boggling,” Mysk's X post noted.
There are many apps that abuse the privilege of sending push notifications to mobile users, apparently, including TikTok, Facebook, Twitter, LinkedIn and Bing, the researcher said in a demo video posted on YouTube.
In his writing, beepcomputer contacted Mysk, who confirmed that Apple plans to end this practice within months.
Apparently, in the near future, Apple will tighten restrictions on the use of APIs for device signals and require app developers to indicate exactly why they need to use APIs that can generate user profiles. Developers who do not provide a satisfactory response will be denied access to the App Store.
In the meantime, if you're worried about Facebook and the gang profiling you, be sure to turn off push notifications completely.
The companies mentioned in the report have not yet commented on Mysk's findings.
More from TechRadar Pro
