[zepto]

It’s true that you must identify yourself to download any app from the App Store.

But you continue to repeat this outright lie about Apple receiving your travel history.

There is no evidence for it, and this has been repeatedly pointed out to you.

We know if you opt in to certain services they send an anonymized location.

That’s all we know. The part about your travel history being sent is 100% made up by you.

[sneak]

Client IP is city-level geolocation. It's sent with every communication to Apple, necessarily, because Apple has not embedded Tor into their OS.

AppleID (which you have stipulated) + timestamp (obvious) + client IP (necessary for a TCP/UDP connection) on inbound App Store requests is travel history, because client IP = city. It's quite simple.

Each time you open the App Store not on a VPN, Apple knows which city that Apple ID holder is in.

Additionally, the App Store sends the device serial number to Apple (per Apple's disclosures), so the device serial number is associated with your Apple ID.

The device maintains a persistent, serial-number-linked connection to Apple at all times (APNS) for receiving push notifications. This device-serial linked connection involves Apple seeing the client IP (and thus city) as well. Because Apple has linked the device serial with your Apple ID via the App Store, the persistent, 24/7 APNS connection allows Apple to track which client IP (and thus city) is in use by which AppleID, in real-time, whenever the device is on and connected.

I would appreciate it if you stop systematically responding negatively to so many of my comments. It feels like a pattern of harassment based on my identity to me, rather than you sincerely engaging with what I have to say.

[lern_too_spel]

Not only that but any time any app gets your meter-accuracy GPS location, Apple also gets it to use for their AGPS service, and (unlike every other AGPS service I've seen) there is no way to turn it off. This information gets sent with an "anonymized" identifier to prevent spoofed requests, but this is easily correlated with the other Apple ID tagged requests they get from the same device.

[zepto]

I’m only responding when you make false claims, as you have done here.

You have no proof that Apple is recording people’s travel history, only speculation about how they could be.

It’s a lie to say they are.

[sneak]

Ahh, I understand you now.

Perhaps that you do not realize that storing client IP logs is standard practice for all internet services, and indeed without special and custom engineering effort is necessary for preventing brute-force attempts and denial of service as well as other types of abuse.

Any system as vast and reliable as APNS or the App Store is logging client IPs (and is thus logging approximate client location).

The data is absolutely being stored.

[zepto]

Anyone who doesn’t embed Tor for all communications, is recording your travel history?

First off, this is still simply false.

It may be technically possible that they are in fact reconstructing identifiable location history for individuals.

It’s also possible that they do what they say they are doing, which is to anonymize as early as possible and not use data for this purpose.

They could easily be keeping these logs separate, and disposing of them in a timely fashion, and not attempting to use them to analyze individual’s locations.

You are clearly technically competent enough to know that either scenario is possible (as well as many others).

Therefore you know it is not true to say that Apple is ‘recording you travel history’ in the absence of additional evidence.

[lern_too_spel]

As you have been repeatedly informed, that data is very easy to deanonymize. The last time you were told this, you then made the wacky claim that the data isn't sent to Apple at all. After being shown that it was, you just went on your way only to repeat the original lie again.

I have not seen sneak be repeatedly pointed out that his statement is incorrect. That is a lie. He is completely correct, which is why he has never been corrected.

[zepto]

No, both of you are lying.

I claimed your location wasn’t sent, because it isn’t. An anonymous location is being sent.

You claim it’s possible they could de-anonymize the location.

That may or not be true.

Claiming that they are de-anonymizing the data when you know you have no evidence to support the claim, is a lie.

If you or he can prove Apple is de-anonymizing location data to track people’s individual travel history, I will retract this statement and apologize.

You cannot, because there is no proof.

[lern_too_spel]

I never said that they were actively doing it for everybody, only that they can do it, and there is nothing in their privacy policy that prevents them from doing it. Your claim that I said otherwise is the lie. Your claim that sneak had been repeatedly told he was wrong is also a lie. You have repeatedly called me and sneak liars even though we have provided proof that you have simply not read. Will you apologize to both of us?

Note that Apple's location privacy is worse than every other platform with AGPS that I haye used, from Google, Amazon, Mozilla, and Microsoft. Each one correctly classifies this as a privacy setting and allows the user to opt out. Every single one also "anonymizes" their data collection for AGPS, but none of them are facile enough to say that there isn't a reduction in privacy for having it enabled.

[zepto]

You said sneak’s statement was correct.

Sneak said that they were recording people’s travel history, which is a lie.

You haven’t provided any such proof. All you have done is equate logging ip addresses with recording people’s travel history, which is false.

[lern_too_spel]

They are recording it. Whether they are querying it or not is another matter.

[zepto]

No, they are not recording your location or your “travel history”.

The best you can do is suggest that they might have the possibility of using geoIP to deduce locations from logs whose storage duration you do not know.

That simply isn’t the same thing.

If sneak were to have said something like this:

“Apple could be lying to us, and may in fact be using geoIP to deduce people’s location from IP addresses in their logs. I have no proof of this, but it is technically feasible, and I don’t trust them not to be doing it.”

I would not say they were lying. These are all true statements.

But to say “Apple is recoding your travel history” when really all you have is speculation about what is technically possible, is a lie.