alt Hacker NewsI don't understand why internet access isn't opt-in for apps. Preventing exfiltration would prevent much of this harm, and most apps don't have any need to access the internet in the first place. Why am I creating a GE account to read my blood pressure? At least I know it's taking advantage of me. But this is clearly abusive behavior
Replies
Better yet, a tool like Little Snitch should be built into the OS. Give me a detailed log of every network requests, to which domains, with what data.
iPhones purchased in mainland China (with model number ending in CH/A) do provide options for setting per-app Internet access permissions. There are three options [0]: Off, WLAN only, WLAN and Cellular.
[0] https://old.reddit.com/r/ios/comments/aib10i/in_china_ios_al...
Because exposed, non-private, abused by-default is a business model. The company is incentivised to not provide restricted access - otherwise you can't have a cut from apps revenue. It's defective by design.
AOSP has network as a regular permission for apps, so on Lineage at least (idk about Graphene as I haven't used it) you can disable network for any app including google play services etc. I have no idea why most phone companies remove this permission from their roms but android itself supports it perfectly fine.
GrapheneOS lets you restrict the internet access of any app on install.
But yes, agreed it should be everywhere.
The evolution of development was to make things easy and simple for the consumer. If internet was an opt-in (and it cannot be opt-out), then app function would be ostensibly limited. And the user would be given a harder time setting things up.
This is the Apple mindset. Make things easy. Do not make things complicated.
This resonates from the dev side. I made an offline photo search app a while back — you search your library in plain language ("a boy and a girl by the river"), CLIP embeddings all computed on device. It needs full photo access but I deliberately requested zero network permission. Was kind of proud of that.
Problem is there's no way for users to actually know that. iOS has no "this app can't reach the internet" indicator, so the whole guarantee is invisible. I even had people assume the opposite — app reads your whole library, therefore it must be uploading it somewhere. Exactly backwards.
Curiously, the Mac App Store sandbox has a com.apple.security.network.client entitlement that a developer must justify to Apple, whereas the iOS App Store does not, allowing unrestricted access to the internet.
Because 99% of apps would request it & not function without it, desensitising users into blindly accepting it. Most apps do have a legitimate reason for accessing the internet, so a binary yes/no wouldn’t achieve much anyway.
I just don’t think it’s an effective way of solving the problem.