[endymi0n]

Apple attacks the core primitives of Adtech very strategically with this update. This is very smart actually, much better than the first iteration.

They're going after the meat right away, like cookie synchronization ("Tracker collusion") and the first-party tracker hack that Criteo pioneered, effectively disabling almost all the tracking possibilities on iOS. As a user, this is awesome.

And if you want to track, you need to provide both value (i.e. an authenticated service) as well as get explicit consent from the user.

Unfortunately, this will also serve to concentrate the power in the hands of Google and Facebook, who have and/or will create such authenticated embeds.

Note that all this hardtalk specifically excludes the mobile ad IDs. Apple would face much more headwind from GOOG and FB if they went about killing these. This is going to be very interesting, as Apple will need to carefully tread up to a point, after which there could be harsher repercussions.

They also know that an iPhone without access to Google Maps, Search, Mail, Authenticator, Youtube and a whole lot of other essential services won't be worth much to end users anymore.

Source: I'm working in Adtech, but we chose a different approach of giving users an actual benefit and being careful, compliant and frugal with data. All these recent updates about Apple and GDPR mainly hit the really bad players of the industry that just hoard sensitive data through shady channels and arbitrage it to hell — and I consider that a good thing.

[davedx]

> They also know that an iPhone without access to Google Maps, Search, Mail, Authenticator, Youtube and a whole lot of other essential services won't be worth much to end users anymore.

I don't know. Apple Maps is almost as good as Google Maps for me. Search I could use DuckDuckGo. Mail I use the native iOS mail client and could easily switch out from my GMail account to anything else. Authenticator I don't use and don't know anyone else who does either. YouTube's an interesting one, but I use it tons less since I got Spotify Premium.

If it was a choice between Apple protecting my privacy and losing all Google services these days, after everything players like Google and Facebook have done? It wouldn't be a difficult decision to keep my iPhone.

[flafla2]

> They also know that an iPhone without access to Google Maps, Search, Mail, Authenticator, Youtube and a whole lot of other essential services won't be worth much to end users anymore.

Google Authenticator => Authy (it reimplements google auth) Search => Safari Gmail => Native Mail (its not like Google will drop IMAP support)

Killing YouTube on iOS would be pretty bad for Apple, but I’m sure that wouldn’t be profitable for Google (cutting off a third of an already-unprofitable company? no thanks). What’s left bedides that, Google docs? Well Apple has their own suite so does Microsoft. And they both have web editors that rival Google Docs and support multi-user editing. In general I’m pretty skeptical about this assertion that Apple “can’t” step on Google’s toes.

[Aaargh20318]

> Google Authenticator => Authy (it reimplements google auth)

It doesn't reimplement Google Auth. Both are just different implementations of RFC 6238.

[oldcynic]

Authy want an email before you can do anything with it, and is cloud centred, so that's probably just sending your usage to someone else.

Try OTP Auth[0] on iOS that fully respects privacy and security. It was Authy asking for email first that prompted me to search and find this.

[0] https://itunes.apple.com/us/app/otp-auth/id659877384

[flafla2]

Authy encrypts all of your data with a private passkey that is never sent to Twilio (the parent company) [0]. I found the ability to sync 2FA across devices to be convenient and a good compromise to “if you lose your phone, you’re screwed.” I can understand both perspectives, but I think Authy has done a great job at improving the usability of 2FA without sacrificing security. This is certainly more secure than SMS-based 2FA which most people currently use.

(Disclaimer: I am currently employed by Twilio. I am not involved with Authy in any way)

[0] https://support.authy.com/hc/en-us/articles/115001932768-Aut...

[nickflood]

Microsoft Authenticator is another alternative and it doesn't need anything (plus is handy for MS 2fa). There's DUO. And I'd wager there are countless other apps as the standard is really simple.