I wonder if apps are abusing background app refresh to do this on iOS.
My understanding is that it isn't difficult to create a background task that can periodically make network requests. Just have a background task make a HTTP request including some unique identifier to some ad network server, then have the server handle IP geolocation.
While the accuracy won't be great on a lot of mobile networks, you can get pretty granular on wifi as some ISPs have their IPs as granular as a neighborhood.
I disable background app refresh for almost all apps in anticipation of this and haven't had a degredation in app experience.
I noticed something when using 1Blocker on iOS, which creates a dummy on-device VPN to block tracker IP requests. After I turned off background app refresh, I noticed that the number of blocked requests went down a lot. While some were innocuous diagnostics, like Sentry, the vast majority were not.
I'd appreciate if someone familiar with iOS development could weigh in on if this would be practical or not, given the all of the execution limits of background tasks.
> you can get pretty granular on wifi as some ISPs have their IPs as granular as a neighborhood
I’ve heard that this might be the case in some places in the USA. Meanwhile, I have not seen that level of granularity for residential IP addresses in Norway for example.
Has anyone done analysis on the MaxMind GeoIP data to see how the granularity of the data differs between different cities and countries and published anything about that online?
I'm in the US and my current IP address puts me in an area about 30 miles away currently. However, last year up until a few weeks ago my IP would place me in my current ZIP code (using ipinfo).
My city is comprised of several ZIP codes so you could have figured out where I live within a ~1.5 mile radius.
The granularity may not matter that much though. You can infer a fair bit of data. If you remove mobile network IP addresses, which tend to be quite vague here, you can sort of tell how often someone leaves the house, goes on vacation, or if they visit a friend/family member often.
>I'm in the US and my current IP address puts me in an area about 30 miles away currently. However, last year up until a few weeks ago my IP would place me in my current ZIP code (using ipinfo).
>My city is comprised of several ZIP codes so you could have figured out where I live within a ~1.5 mile radius.
How do you know that it accurately knows your location down to the zip code level, and not just that your zip code just happened to match up? After all, a broken clock is right twice a day.
>The granularity may not matter that much though. You can infer a fair bit of data. If you remove mobile network IP addresses, which tend to be quite vague here, you can sort of tell how often someone leaves the house, goes on vacation, or if they visit a friend/family member often.
That might be useful for stalker-ish reasons, but it requires work to implement, and it's unclear why advertisers would care about this sort of stuff. You go to work 9-5 and visit your friends on weekends, how can you turn that into money? "people with a job and friends" isn't exactly a very lucrative marketing demographic.
Meanwhile, working on legitimate GPS requests in an app, my fiber optic ISP has the GPS of my IP about 2 streets up from where I live. I took a stroll and sure enough there's a big ol' grey communications box there.
What app actually needs background refresh? I suppose messaging (sms, iMessage) and email. Assuming you want those async fetched and not pulled on app open. Curious what you’ve found you left enabled or had to enable because I agree with overly restricting apps.
"a significant amount of this geolocation dataset appears to be inferred by IP address to geolocation lookups, meaning the vendor or their source is deriving the user's geolocation by checking their IP address rather than by using GNSS [Global Navigation Satellite System]/GPS data. That would suggest that the data is not being sourced entirely from a location data SDK."
Probably it would use the location if the permission was enabled, otherwise fall back to IP geolocation
Real-time bidding is a privacy nightmare - basically spraying your actions in real-time to every ad provider, with a pinky promise that they won't abuse it.
My understanding is that it isn't difficult to create a background task that can periodically make network requests. Just have a background task make a HTTP request including some unique identifier to some ad network server, then have the server handle IP geolocation.
While the accuracy won't be great on a lot of mobile networks, you can get pretty granular on wifi as some ISPs have their IPs as granular as a neighborhood.
I disable background app refresh for almost all apps in anticipation of this and haven't had a degredation in app experience.
I noticed something when using 1Blocker on iOS, which creates a dummy on-device VPN to block tracker IP requests. After I turned off background app refresh, I noticed that the number of blocked requests went down a lot. While some were innocuous diagnostics, like Sentry, the vast majority were not.
I'd appreciate if someone familiar with iOS development could weigh in on if this would be practical or not, given the all of the execution limits of background tasks.