I don't know about Pebble, but Tile got restricted really hard once Apple decided to make the Apple Tag. There's many rants/statements from the Tile CEO on this subject.
> > If you look at the history between Tile and Apple, we had a very symbiotic relationship. They sold Tile in their stores, we were highlighted at WWDC 2019, and then they launched Find My in 2019, and right when they launched their Find My app, which is effectively a competitor of Tile, they made a number of changes to their OS that made it very difficult for our customers to enable Tile. And then once they got it enabled, they started showing notifications that basically made it seem like Tile was broken.
> Prober is talking about changes that Apple made to ___location services permissions. For privacy purposes, Apple stopped making it easy for apps to get permanent access to a user's ___location. Apps in iOS 13 were not initially allowed to present an "Always Allow" option when requesting ___location access, and the feature had to be enabled in the Settings app. Apple also started sending regular reminders to customers letting them know their ___location was being used.
> Tile was not happy with these privacy changes and that privacy tweak set Tile against Apple, with Tile in 2019 calling on Congress to "level the playing field."
> > The main points of differentiation of AirTags vis a vis Tile are enabled by platform capabilities that we don't have access to.
> Apple has, in fact, launched the Find My network that gives third-party accessories some of the same access that AirTags have, and Find My network accessories will be able to access the U1 chip in the iPhone 11 and 12 models much like the AirTags, but Tile won't be able to use the Find My network unless it abandons its own app and infrastructure, which it is likely unwilling to do.
> Prober said that Tile has been "seeking to access" the U1 chip since its introduction in the iPhone , and has been denied.
----
Should Apple have a "grant once for app, always allow ___location service?" (note: this would allow an innocuous app to turn into a tracker with a later update). Or should Apple have a "this app has accessed your ___location {N} times in the last 24 hours?" ... or some other functionality?
Is "grant once, always allow" a security risk for users?
> Should Apple have a "grant once for app, always allow ___location service?" (note: this would allow an innocuous app to turn into a tracker with a later update)
Users should be allowed to grant grant “always” permission, for that app version. The next time it gets updated, they get hit with the prompt again.
In fact I’d like that to happen for all permissions, so I regularly review them, and I know when an app update has occurred.
At a minimum if there were no changes in permissions wanted a notification saying X app updated and is using the same permissions, click here to see how many times each permissions was used (with the more privacy related ones at the top of the list) would be nice.
Then you don't run the risk of normalizing people always just clicking allow on the prompt that happens all the time (hello windows 7 UAC), which still giving them easy diacoverability and hints of poor behavior with existing permissions.
Apps can change their functionality without an official update as long as they can access the internet, and if they're enabling secret trackers they have no reason not to do this.
The example given there is the Weather app and widget which I've gotten notifications for myself.
You will also note:
> Navigation apps like Google Maps, Waze, Apple Maps, and so forth work best when they can pinpoint your exact ___location with precision. But a weather app, on the other hand, works just fine even if it’s only allowed to determine the city where you live or just an approximate region.
Maps, Messages, HomeKit, Clock, Siri, Weather, Wallet - they're all in there. System services too (and you can disable the system service's access to ___location data - e.g. Apple Pay Merchant Identification, Compass Calibration, Setting Time Zone).
For things that like to access the ___location in the background (Weather especially does this) you may get "Weather" has been using your ___location in the background. An example of this can be seen at https://www.lifewire.com/turn-on-mobile-___location-services-41...
Its not just "I am using the ___location data always" but also "this has been accessing your ___location in the background" which is the type of thing that Tile does.
Apple tends to not have apps that access ___location information in the background and so this sort of message is not one that people tend to see. Weather is the one that does for weather alerts.
Apple Maps doesn't access ___location in the background so one wouldn't ever see the a message from it.
"Find my".app (for lack of a better designator) doesn't use the ___location information in the background. Weather.app does use ___location services in the background. Weather (like all user space apps) can also be restricted to only getting the approximate ___location rather than exact ___location.
Find my system is part of the operating system itself - not an application running in user space. It can be disabled in the "Share My Location" settings in Location services in settings and in System Services "Find My iPhone" because that part of is not a user space app running but rather part of the kernel.
What functionality that Apple has are you suggesting be extended to Tile?
Access to the U1 chip? They can do that.
Show up in Find My? Let's get some standards for secure and authenticated transmission of item ___location to other parties.
Have Apple's phones automatically detect 3rd party BTLE products and report their whereabouts to a 3rd party? This is a privacy nightmare. Side note - why Apple's phones? How about a patch to Android too?
> Apple stopped making it easy for apps to get permanent access to a user's ___location.
> The main points of differentiation of AirTags vis a vis Tile are enabled by platform capabilities that we don't have access to.
Apple makes it easy for their product (AirTags) to have always on ___location permissions. Apple makes it hard for their competitor (Tile) to have always on ___location permissions.
Apple is using their ecosystem to advantage their AirTag business instead of competing on the same playing field as Tile.
You are asking to have Apple pick up random BLE messages and send them to various 3rd party vendors with corresponding ___location information?
Does Tile have a secure way of receiving those messages that does not compromise the security and anonymity (exposing the identity of either the device or the receiver, or the ___location of either) of the person whose device picked up the message so that this can be implemented in Android core and Apple?
Pre launch of AirTags, users could opt in to always on ___location permissions for the Tile app. Post launch of AirTags, Apple makes it hard for Tile users to have always on ___location permissions.
> You are asking to have Apple pick up random BLE messages and send them to various 3rd party vendors with corresponding ___location information?
I'm not asking for anything. This is just one of many examples of the form: Apple offers API for 3rd party accessory, accessory is successful, Apple launches 1st party accessory, Apple restricts 3rd party accessory API.
Is this behavior illegal? The Department of Justice says it is. The courts will decide.
there are many examples on this, IOS makes warning messages for other developer apps, but none for their own apps. I received warnings that google maps has used my background ___location, or than google photos or synology photos have access to my photos, but not a message on the same access from apple maps or apple photos.
> IOS makes warning messages for other developer apps, but none for their own apps.
This is not true. Apple's own apps, like the Weather widget, will display ___location permission "nag" screens occasionally just like third-party apps do.
> ... but not a message on the same access from apple maps or apple photos.
Apple Maps doesn't use your ___location in the background. It only uses your ___location while the app is open, or while you're actively navigating using it.
Apple Photos is your photos. It'd be weird to warn the user that it "has access" to itself.
So this behavior isn't a relic of old APIs