Sign In with Apple: Log in with Privacy - Sensationalist Headlines

Sign In with Apple will come to every iPhone app https://files.facepunch.com/forum/upload/228823/29e7d711-df1e-48d3-8b94-4ba12c94e613/image.png Sign In with Apple is a new privacy tool that Apple announced on Monday at its annual WWDC event, and it's coming to every iPhones ($1,000 at Amazon) this fall as part of a mandatory update for developers. The security feature uses your Apple ID, not your email address, to verify your credentials. Apple says this new tool will keep you from being tracked online in ways you may not realize. There appears to be some controversy: 'Sign in with Apple' button terms and conditions are raising con.. The ‘Sign in with Apple’ button aims to solve this problem. Apple offers the option of sharing or hiding your email address with the developer. If you choose the ‘hide’ option, Apple creates a single-use email address for you – used only with that app – and passes that to the developer. Emails sent to that address are then forwarded to you by Apple. ... Apple Inc will ask developers to position a new “Sign on with Apple” button in iPhone and iPad apps above rival buttons from Alphabet Inc’s Google and Facebook Inc, according to design guidelines released this week. It's refreshing to see Apple taking a strong stance on user privacy because it seems like online privacy is in short supply nowadays.

If it doesn't give websites what websites want they won't really be incrntivized to use it

The ‘Sign in with Apple’ button aims to solve this problem. Apple offers the option of sharing or hiding your email address with the developer. If you choose the ‘hide’ option, Apple creates a single-use email address for you – used only with that app – and passes that to the developer. Emails sent to that address are then forwarded to you by Apple. How did it take us this long to come up with that? Apple's recent conference was a joke, but this sounds genius.

Apps are forced to allow it as an option if they use any other sign in provider like google or facebook

I really don't know where to stand on Apple. I'm pretty firmly in the grey. I don't really use their hardware...I like my expandable storage and android shit but I try not to be all fanboy-y. Shit like the price point and anti-consumer repair tactics keep me away. And the fucking stand bullshit, really? But this I appreciate. I'm glad someone is still sort of looking out for regular people.

I remember listening to some podcast with a guy who worked in Silicon for ages as a security expert, and he was pretty confident in saying Apple was one of the only companies that wouldn’t sell your data because it just benefits them more not to. Regardless of how you feel about the other stuff, it’s pretty good they aren’t selling data.

I think every company can benefit by respecting user privacy as it'll result in users trusting in their service.

Imo, the focus on user privacy seems to be the only thing Apple does right.

At the end of the day, Apple is still an unfeeling megacorporation.

Capitalism by definition prevents companies from genuinely acting in the best interest of people.

I severely doubt that one, honestly. Both that it's the case now and that it won't change in future.

Yeah, even though I'm comfortable with their privacy focuses now, I can't help but feel it'll lead to something else somehow.

Don't trust apple. I expect a lot of companies will be taking steps to appear more privacy conscious, when in reality they're in the business of big data, and they want you locked to them. They aren't protecting you, they're trying to tempt you with "privacy".

They're forcing devs to put this button at the top of any sign in option that allows say Google. This is kinda awful because it means all app emails (including things like two-step/password resets etc) would go through Apple's servers. Seems sketchy IMO

It's nothing new, such services have been available for a long time such as Abine Blur. I remember using the free variant of this a few years ago and it worked pretty well. However while looking it up again they had a breach a few months ago so apple should have better security with it.

They’re all big corporations whose only goals are to make money, but I’ll trust Apple who tries to make privacy part of their business model more than the “we collect as much data as we can about you” Google who is an advertisement company first and foremost

Don't trust either of them, they're both evil.

I’d hardly call android open source anymore. Google services are basically required to have a modern functioning experience: a good chunk of apps and features in aosp are pretty much deprecated in favour of the Google Play versions, requiring a vendor to reimplement them without using any Google services I’ll take the lesser of two evils

I don't have google apps on my phone, literally have had no issues other than a few apps that won't give me notifications, and even then I could use microg to bypass google's notification services. I don't understand this logic, why would you choose evil at all?

Except, it is still possible to run fully free android systems. Replicant exsists as a operating system and in combination with F-Droid you can run a fully FOSS operating system without any of Google's proprietary services.

I'm not sure I agree. I've been doing web dev for a few clients for 3-odd years now and generally oauth providers are used to just create a secure account for you and nothing more. Your email is saved as an ID, as well as name and profile picture (generally) as a means of identifying you/displaying an avatar to illustrate that you're signed in. That being said I'm sure there are some websites that want to harvest your email as a means of marketing funnel (or spam usage) so take that with a grain of salt. For this sort of mask the website can just check if `privaterelay.appleid.com` is in your email and if it is just give users an error saying 'sorry, this email is not valid right now' and 90% of users will just use their real email for convenience's sake. If it's forced for apps that have other social logins as a ToS thing - fantastic! If anyone's interested, Google, Facebook and Github give out your email address as social providers. LinkedIn only gives out name and pic to developers if it's not a larger app (i.e. has been manually approved by LinkedIn). Not sure about Twitter. Generally every provider gives out your user ID on the site (so if the developer wants to manually find your Facebook profile, they probably can).

I don't want to compromise my user experience because I want to de-Google my phone so they don't collect every tidbit of data I generate. Alternatives are usually going to be shittier because they aren't paid millions of dollars to develop and refine this experience for you. Having to dive into adb and remove stuff or flash recovery firmware, install an os and all that is a pain in the ass and I don't have time for it. I just want something that works. For the most part, you have to trust either Google or Apple unless you want to be jumping through these hoops to remove fingerprinting/tracking. Apple is supposedly doing this for you by default, and they've held up so far - pushing privacy-conscious features, refusing to decrypt data when challenged in court, etc. If they decide to become an advertising company and start selling or harvesting data for this purpose, then I'll jump ship.

You think Apple doesn't collect and use just as much data on you as Google?