|
|
|
|
|
|
by greggman2
2412 days ago
|
|
|
There a bunch more things Apple could do to improve privacy they haven't done (yet?) They could require for example that unless you're specifically making a browser (Firefox, Chrome, Brave) that your in app webview have a whitelist of domains it's allowed to contact. That would force apps to launch Safari (or better the user's choice of browser) for external links. As it is nearly every app that supports external links launches an internal webview in which they can track 100% of the activity (urls, net requests, login credentials, etc...) They could require apps that are not specifically a camera app or audio creation app not get access to the camera or mic and have to ask the OS take pictures/video and select pictures via the OS photos app. That way less apps would be able to record things in secret or upload any/all your photos without permission. They could disallow scanning wifi SSIDs except for network tools. Scanning SSIDs is used to figuring out a user's location with with GPS off. In iOS 13 they did add bluetooth permissions so apps can be denied scanning bluetooth to do the same but AFAIK they have not done the same for SSIDs. Not sure what that would require but would love it if they'd work on it They could disallow using the network at a low-level except for network tools. As it is, AFAIK, any app can use the network however it likes including scanning home networks for devices with vulnerabilities. I'm sure there are implications for things like Chromecast and other IoT like devices but I'm sure there could be more privacy oriented solutions. |
|
|
My understanding is that UIWebView (or WKWebView) allows the host app to do basically anything with the web view but since iOS 9 there's also SFSafariViewController that doesn't quite allow apps as much access. Many apps whose main purpose is not web browsing (like Twitter) use the latter.
> They could require apps that are not specifically a camera app or audio creation app not get access to the camera or mic and have to ask the OS take pictures/video and select pictures via the OS photos app.
This API (UIImagePickerController) also already exists since the very beginning but it is the app makers that think using a custom UI for photo taking or photo picking is more suitable. I personally refuse to grant apps access to my photo library except a small number of apps. (For apps like Messenger that could totally make do using the system-provided photo picker but does not, I initiate the sharing from Photos instead.)