0

DNS blocking of iOS tracking

Hello,

I recently wanted to switch to iPhone, because of the camera and fluid harware and app optimisation that "just works" (well I'm sure that this is more marketing and less truth, but even long time android users agree after using ios that every app seems to work very well and that there is seemingly much less to setup and care about on iOS device), also their software support seems to be very long, sometimes they support even 5+ years old device, so they don't age so much software-wise and 3 years old iPhone seems to be as snappy as new, on the other hand 3 years old android feels sluggish and slow.

But I'm also concerned about privacy. Hence I now use protonmail and protonvpn all the time, brave browser and I try to use as much non-tracking apps as possible while also block effectively those, that do track me. I have lineage OS with microg installed on my phone, using aurora store and f-droid, not using facebook or instagram etc.

I like the idea of average joe generic phone - iPhone is the same one device (I know, there are many versions but in comparison to android phones, iphones do seem to look like zebras in a herd) that milions of users have so you do blend in. But I recently came across this 10 page study led by Douglas J. Leith of Trinity's School of Computer Science & Statistics:

https://www.scss.tcd.ie/doug.leith/apple_google.pdf

I was surprised not by how much google device sends to google servers (I knew that), but by how much Apple sends to Apple servers - though comparably less than google. But it is certainly not negligable. Even if the user opts out of telemetry and tracking, shuts down Siri, iCloud and Apple acount, turn off GPS and leave the device idle, it still sends lots of data. It was a little shock to me to be honest.

Thanks to the paper I now partialy know where iOS sends these kind of reports:

gsa.apple.com/grandslam/MidService/

lcdn-locator.apple.com

humb.apple.com/humbug/baa

xp.apple.com/report/2/psr

sas.apple.com/grandslam

gsp85-ssl.ls.apple.com

smoot.apple.com

xp.apple.com

albert.apple.com

gsp10-ssl.apple.com/hcy/pbcwloc

sas.apple.com/grandslam/GsService2/postdata

identifier cookies are sent to nit.itunes.apple.com and bag.itunes.apple.com

Now to my question. Is it possible to block these uploads (trackers) on iOS using NextDNS? Does NextDNS block any/all of these by default? Will the Native Tracking Protection with custom Apple filter added solve this problems?

 

If so, should I setup new iPhone somewhere without wifi and GSM and GPS without SIM card in and then setup custom DNS server settings (with these above filters turned on my profile)?

Thank you

3 replies

null
    • Mogsy
    • 2 yrs ago
    • Reported - view

    Useful info. All you can do is put them on your deny list. The NextDNS Apple native tracking only block the common ones like metrics.icloud.com

    But, having said that, have you read about the experiment from a guy in Berlin? It is impossible to avoid these. 
     

    In my denylist I have edgesuite.net (I don’t know why, but I don’t like Akamai cdn much. Akamaiedge and akadns I guess. Some of the edgesuite stuff is listed on IP Abuse DB.
     

    Bag.itunes.apple.com breaks AppStore.

     

    You might want to try aggressive block list on the Privacy setting like Energized Ultimate and the extensions, 1Hosts Pro (Nextdns dont have Extra listed) and Dan’s (lightswitch) Ads tracking + tracking aggresive.

     

    What you are trying to achieve is impossible. Here is why https://sneak.berlin/20210202/macos-11.2-network-privacy/

      • carlos_spicyweener
      • 2 yrs ago
      • Reported - view

      Mogsy Hello,

      thank you very much. I didn't know that. What other options do we have? Do you think CalyxOS with MicroG would give google less data than iOS would give to Apple? Or would it be more or less the same?

    • Pro subscriber ✓
    • DynamicNotSlow
    • 2 yrs ago
    • Reported - view

    iPhones provide best security and privacy. 
    You can all telemetry if that’s is so important for you but remember the disadvantages

Content aside

  • 2 yrs agoLast active
  • 3Replies
  • 2100Views
  • 2 Following