[grooot]

What are you talking about? It sounds like you don’t understand what is going on here. Perhaps you think some data is going to Apple?

[vorpalhex]

Having read the article I entirely understand what is going on here.

Do you expect your images to be scanned on disk and the links in them to be opened, leaking your ip? What if you do something as simple as screenshot an address bar in a browser? Save a menu QR code?

Now you are sending out traffic, accidentally, with your full ip to random places due to a service Apple inserted that you have no knowledge of.

[dev_tty01]

I don't know, but I wouldn't be surprised if this is being done via Apple's private relay. If so, your IP address is not being leaked to anyone.

[martin_a]

The thread says she got an information that somebody requested the URL and it was her own IP address. So no private relay here.

[grooot]

Do you seriously believe that your IP is private?

Do you know every site that has received your ip address?

I think the honest answer to both of these questions has to be no.

[vorpalhex]

http://letstrack.you/?id=grooot

Throw that to disk for me so I can map where you are, where you go, when your machine is up and how often your search indexing runs.

[_justinfunk]

I think the idea is that it is a way for your IP address to leak without a user-initiated request.

I could send you a QR code that I've setup specifically to get your IP address.

[flyinghamster]

If you have the misfortune of living in a country where accessing $BANNED_WEBSITE can get you a nighttime visit from the local goon squad, this could well get you tortured or killed.

[cycomanic]

There have been reported cases of using qr codes for phishing/malware distribution. Previously they still required users to actually use a qr code scanner, now I need to simply glue some qr code at a famous tourist photo spot and bang lots of people accessing the site (does the indexer execute js?).