Hacker News new | past | comments | ask | show | jobs | submit login

What if mobile platforms (iOS, Android... ) changed the security/privacy policy so that apps had to request the “network access” permission, either whitelisting domains they want to talk to, or askingfor wildcard access?

Most apps shouldn’t need wildcard access, and the mobile device could include a warning when an app does this teaching users that they should be careful with the app.

This way at least when you installed Zoom for example, it would say something like:

“Zoom is requesting network access to:

- zoom.us - analytics.tracker.example.com - facebook.com “

And then at everyone would know. It still doesn’t solve the underlaying problem, but it would probably make companies more reluctant to add third party analytics and sdks.




This wouldn’t help much unfortunately. The company could just setup a proxy server to do the work that lives under their domain. A company like segment (which routes analytics to other platforms) could then offer personalized domains and make a killing as everyone throws everything there.

But there probably is some sort of good similar solution based on guidelines. If apple were to start defining policies on data collection and opt outs and say that apps needed to follow them or be rejected it would put a lot of pressure companies like Facebook to adhere to these guidelines in their sdks.

I don’t know if apple has the appetite for this as it would cause a whole lot of rewriting of a whole lot of code but they are in a great position to do this.


Most apps are extremely chatty and prompts like these may not end up being useful.


It worked for location access on iOS, and that was just adding a flashing blue icon. Many apps stopped using the location all the time, and now there's a popup every few days telling you how often the app requested your location in the background.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: