Disposable, anonymous email forwarding is a massive step forward for privacy. I know we've all been doing it for a while, but this on a consumer level is fantastic.
I think the email is consistent for each app, so there should only be a problem if the user wants to change their email, right? Plus, apps would have to opt-in to support this.
Why would this break any databases? Accounts will still have valid emails. The difference is just that there won't be data for that email in third-party tracking databases, which is a good thing.
This looks a lot like 33mail (https://33mail.com/) which I've been using pretty happily for 4-5 years now (and paying I think $10-15 a year for, so a lot less than this on a per month basis, but they're not strictly unlimited)
33mail is cool but the domain being the same & unique for each user removes the privacy element, and it asks users to make up their own addresses (and remember them), which can be dangerous. For example you might create facebook@dave.33mail.com, so it’s very easy to guess what Dave’s twitter login is or other target.
With Idbloc (and apple sign in) the address is completely random and untraceable, and it’s impossible to tell which addresses belong to which users.
From the web page, I cannot tell what pricing is going to be - looks like you go out of your way to not scare off potential users. I can't find pricing information at all via Google searches, either.
That's something I really dislike. Perhaps it's a necessary evil.
I pay $30/year for a cpanel host that includes unlimited mail forwarding for any address on any domain. This is a byproduct of what I really do which is host a bunch of sites. $48/year for email scrubbing seems like a high price.
I think it’s great, and use it a lot. Just wonder how you got to that price vs like $10/year.
Pro users subsidise the free ones, unfortunately. Assuming a 1% conversion rate to pay server costs and 1-2 devs full time at 4 usd/pro user/month you need 2500 pro users, which is 250,000 users.
That and people pay 4 bucks for a coke these days so it’s not really much. Also cPanel is most definitely an expert tool.
I might make it paid only soon and reduce the price but at present there’s not much option to get real feedback and user traction.
Thanks, this helps me understand and I appreciate you going into cost model for something that’s really up to you to decide.
$4 is not very much, you’re right, but that doesn’t mean that it should be spent unwisely otherwise it adds up quickly. It seems unlikely that this would need a full time dev to operate and seems more like a “4 hour workweek” type business once it’s set up that would have pretty minimal maintenance, or a super bored developer waiting around for a bug to patch.
Do you think you’ll drop the price once you no longer need a dev?
That page should have some sort of indication that it's scrollable since browsers increasingly don't show visible scrollbars until you're already scrolling. Something like Bootstrap's scrollspy might be useful since it could also show you the sections further down before you scroll through the intermediate sections.
the super annoying "can i help you?" popup after 10s is revolting. i closed the tab immediately without learning more. it's cheesy, pushy, and seems antithetical to a service that offers privacy. i recommend you turn that thing off.
Thanks for the feedback, I’ll try to tone that thing down a bit. The thing is, some people LOVE the chat widget. Especially for those users who don’t want reveal their real email address but have a quick question. I’ve had at least 3x more chats on there than support emails.
Chat is awesome. Personally I love it. You get to talk to someone in real time. What's not to like about it. I'm not sure why the OP is so revolted by it. Maybe remove the sound but leave the popup and chat.
Except it’s not real time until a support person is notified and responds minutes or sometimes hours later. Chat pop ups feel like a lame trick these days every time I try to use them; they pretend like they’re going to be fast and then make you waste your own time waiting. The last one I used the other day made me wait more than 10 minutes, so I did something else, and when the support person responded and asked a follow up question and I didn’t answer in 5 seconds, they closed the support ticket, making me start over. I’d rather use email.
Maybe just have a chat button or a link to the chat on your support page? I'm in the strange position of both liking the chat approach (I've used it on Dell's site, probably others), and also very much disliking chat popups. It feels like it's really there so that someone can convince you to buy something. It's even worse when there's a fake initial message - "Hi there, I'm Jen. Can I help you?" - it seems especially imposing.
Great! I used a service like this many years ago and they shut down after a few years. Have been looking for the same thing for years but seems like nobody's been doing it, or at least not in a user friendly way. Will give this a try.
I agree that it is great. I'm not sure how we convince people to not signup on sites that don't offer this SSO option. I've always struggled with the question of 'How do we convince people to care about privacy when they post their location and meal to a public social media every hour?'.
My rule, and it is a semi-idiotic one, is "i don't impulse buy from independent merchant websites that don't support apple pay at checkout".
I usually email them after, too. "I actually clicked through your instagram ad, looked at some clothes that looked nice, and didn't buy anything because I was on my phone and didn't want to make a new account and add credentials to my password manager. Have you considered adding apple pay support to your shopify account?"
I think it's not an idiotic idea, it's just that your idea of what counts as third-party payment support is a single smaller payment provider located mainly in the United States. I follow a similar policy, but in my case the third-party payment services are Paypal, Stripe, and Coinbase, all of which are reliable and don't require me to give financial data to the seller. Paypal seems to be near-universally supported on small ecommerce sites.
Note that PayPal gives away your email address, and I’m not a fan of that. If a third party wants my email address, they should ask me directly (and I’ll give them a unique one); PayPal shouldn’t distribute my email address for me.
Look, I use three email domains for online accounts, in addition to a unique address for each account — one domain that links to my actual identity (my public-facing, professional domain), one domain that’s somewhat anonymous, and one domain reserved for highly sensitive accounts, e.g. online banking, PayPal, AppleID, etc. And PayPal sharing my email address with third parties breaks the model, making my sensitive domain less secure.
i picked shopify because i know they have an apple pay switch.
i don’t care who processes the payment, i just like being able to buy physical goods without making a new account, and ideally without any more friction than faceID while impulse-buying nonsense while i’m on the toilet :)
Convenience. This feature is good even if you don’t care about privacy.
Password management is a big problem for non-technical users. Even for people who don’t know/care about security and reuse the same password everywhere, it presents a huge issue when their preferred password doesn’t meet the website’s requirements. They are then forced to make one up which they’ll never remember so it’s gonna be a headache down the line when they need to sign in again.
When they learn that the magic “Sign in with Apple” button allows them to avoid all that, they’ll want it even if they don’t care about privacy.
And being done by Apple, most services can’t just reject these the way they do with Mailinator addresses, since it would be throwing away a giant chunk of their revenue. Apps with huge consumer demand like Uber or Facebook could get away with it, but not the vast majority of apps.
I think this will be proven wrong. Do you think that the folks using Mailinator are strictly non-Apple users? As an Apple user that signs up with a mailinator ID, if rejected I either move on or use a more palatable address, as the case may be depending on my desire to use that service. The same will hold true for any private appleid address.
You're missing the scale. Mailinator users are a very small percentage of users, while Apple Sign In users are likely to represent a much larger slice of your potential users, given that you have a honking great button there waiting for them.
I’d say that one month from release, 100 times as many people will know about Sign in With Apple as have ever used Mailinator. And Apple marketing will drill into them why they should use it, and mark apps in the App Store that support it. Eventually for experimental apps that they are not 100% decided on getting, there will be a large fraction of users who simply won’t try an app that doesn’t support it.
1. Services have little incentive to support mailinator, and indeed may deliberately choose not to if they feel it is leading to signups they don’t like. On the other hand it would be hard to argue with an incentive like the App Store requiring you to support apple’s service.
2. Because the service is built in to apple’s systems there seems to be an implicit contract that apple wont let it be abused for the purposes that many sites claim mailinator is used for (because it isn’t useful to apple customers if sites don’t trust it and it). So they might be more willing to accept these email addresses.
I guess neither of these help services like mailinator gain credibility.
Right. One of the big things about Apple getting into something, even if it's been done before, is that they carry enough influence to strongarm other companies into respecting their paying customers. It's great.
It strikes me as terrifying, personally, but to each their own.
I have been responsible for creating and maintaining an app generation system. Among other things, it taught me that App Store Connect has many sharp edges showing how easy it is to abuse the kind of power you've correctly pointed out Apple has.
In a world where every other tech company swindles and manipulates consumers at every opportunity, I'm happy that at least one is incentivized to do the opposite, and has the power to do so.
Apple swindles and manipulates the user to buying a new device whenever there is any fault at all because everything is glued and soldered together so fixing anything requires buying half of the device.
I don’t think that is a fair comparison. Aside from hardware va software I personally have never had an issue with apple products last 3 or more years. Get apple care and they just fix or replace it when anything goes wrong. Better experience then my friends seem to have with other manufactures.
I have a collection of broken apple products from other people who were going to throw them out. Usually they have a fairly minor issue but its just about impossible to fix because of the use of insane amounts of glue or one way clips
It’s pretty funny though that you consider a few dozen Apple broken devices as "a collection" meanwhile a few dozen of Android broken devices is generally considered "a pile of thrash".
And this effect is massive last week I offered two of my old laptops to a friend child wanabee hacker. He quickly considered a 2012 HP for parts, then he kept on thanking me for a working state 2002 PPC iBook.
PS: To be honest he might be ranting about it in a few day, I’ve played around it a little and that 2002 iBook bios is a mostly undocumented nightmare!
I went through the pile of Apple stuff we'd collected over the last few years and repaired them myself. Annoying + fiddly but simple and extremely possible with some spare parts, a $20 toolkit, and care + patience.
The battery glue is like a 3M command strip, you're supposed to remove it by applying tension to the side. You need the heat source if the strip breaks and gets trapped underneath, but I used dental floss instead.
Personal experience. Battery change on iphone SE, cost $75. They couldn't safely do the replacement (broken tabs on battery) and they simply replaced the phone.
I'm not sure how this is manipulating to get me to purchase a new phone.
That's not much better. Another phone goes to landfill because not even apple was able to repair it due to their horrendous practicices. It took me half an hour to remove a battery from an iPhone and I had to get the hair dryer out to melt the glue. With other devices I just unscrew a bracket holding the battery down and it takes me 5 minutes.
Has a recycling program =/= everyone who ever purchased an iPhone is using that recycling program.
7.8 million "Apple devices"[0] in 2018 is a lot, but an average iPhone is far more likely to end up on a landfill. If it were easy to extract the battery, that wouldn't be such a problem.
Apple swindles, manipulates and mistreats developers to further their own ends.
It's perhaps less evil than the kind of wholesale data-farming the other big tech companies are engaged in, but it still doesn't make me like the idea of Apple ascendant.
And I was raised on Macs, giving Apple a heavy nostalgia bonus that they burned years ago.
Apple takes powers from developers hired by greedy companies and puts that power in the hands of the users.
You find that you're being strongarmed. As a oonsumer, I could not care less. Hell, I am thrilled that developers are being strongarmed when it comes to user privacy and security.
I'm not concerned with Apple refusing apps that do seamy things (though "seamy things" is more subjective than you might think, as Apple is well aware).
I am concerned with things like Apple's terms of service saying "If you put an app in the store, we reserve the right to copy it and ban yours."
Yes, there are more charitable interpretations possible, but Apple does have some history of cloning and killing off third party software, so I see no reason to apply the more charitable interpretation.
How is it evil? Apple is saying that their customers aren't yours to pillage. No developer is forced to write for the Apple platform. If a developer doesn't like the terms, there will always be another developer willing to fill the gap.
Who said the Windows/Android model is the morally correct one anyway?
As a customer I'm glad that Apple is providing a truly different alternative.
I guess I was not especially clear, so my apologies for that.
I'm not scared of this anonymous signin feature, per se.
I'm scared of the sheer amount of power Apple has, and that they can abuse it to force third parties into compliance with what they think software should be.
I’m tired of gmail and hotmail forcing me to sign up using my personal cell phone number. Finally I can create throwaway emails without resorting to gmail!
I'm not the commenter. But taken at face value, your comment could be either bye bye mailinator.com (I'm not using you anymore) or bye bye mailinator.com (no one is going to use you anymore). Fwiw, I thought you meant the latter until I read your reply.
The knee jerk comment is yours. 'Bye Bye Mailinator' is too short to convey anything useful other than the general case, that you believe that you or those that use Apple will defect from Mailinator in droves. The typical use case for Mailinator and the overlap between the Apple eco-system as well as the fact that they specialize in this and that for Apple it is 'just another feature' makes me question whether or not you have thought through the ambiguity in your comment, by taking the most probably meaning and responding to that you have a chance to clarify your position.
Mailinator can be pretty hard to use, since so many sites can detect the addresses and block their use.
I've pretty much given up on it, and use Fastmail's very easy aliasing features with my domain. It's not quite as private, but it's a lot more reliable.
If I recall correctly, mailinator lets you host your own DNS record that sends mail to them. While I have never had any problems, back in the day I had nospam.jrock.us forward to mailinator and that worked every time.
The truly clever programmer could open an SMTP session to the mail exchangers specified in your email address, and reject you because they point to mailinator. I know of 0 programmers in the world that have written this code. I think you could ask the vast majority of programmers that work with email addresses and dark patterns to do this, and they wouldn't even know how. So you're probably pretty safe.
I use mailinator all the time and I have never had a problem, however, which is why I don't even have the MX records to host my own anymore.
> If I recall correctly, mailinator lets you host your own DNS record that sends mail to them.
While I'm sure that works. The main reason I'd use mailinator is for privacy (i.e. not exposing anything associated to me). If I have to use my domain, rather than their free ones, I'm still identifying my domain, so I might as well use my own aliases with my own mail system.
Domains are cheap, and mailinator really ought to register and discard a bunch of $1 specials on a regular basis.
In case anyone needs something similar today: Outlook already allows you to create ephemeral top-level aliases, i.e. XXXX@outlook.com. You can use this to sign up, then delete the alias. It can't be traced back to your account and nobody blocks @outlook.com.
Microsoft's email management has some neat perks here: You can change which one's the primary as well. It's entirely possible for you to change the email address of your Microsoft account, by adding an alias, making it primary, and then deleting the original. In fairness, there are some quirks with this, my old email address would still get sent some receipts or some newsletters because the configuration for service A, B, or C was buried somewhere else in the account. But generally speaking, it works pretty well.
As someone who changed their name but had to keep their Google account with the old one because of how much Google account data/purchases can't be moved to a new account, this felt positively revolutionary. Google accounts can only have one Gmail address for their entire lifetime.
I dont think thats quite the same thing as an Identity Service, its just a component. In Microsoft's world im either using my Microsoft Account to sign in OR using throwaway email addresses, not both.
.
Apple can get way ahead of the competition by combining about 3 things.
1) Ephemeral email addresses
2) OAuth or apples equivalent tokens
3) Keychain autogenerate and auto-populate
If all those products are integrated correctly, this becomes the SINGLE sign on of single sign ons. If a service supports Apple OAuth, your name is hidden, and you only have one Apple password to remember. If the service doesnt support Apple Tokens, then apple fills in a private email address and a random password, and abstracts away the fact that the service doesnt support Apple Tokens. The user experience is nearly the same regardless. Tokens and randomly generated passwords should be managed from the same interface, allowing you to either revoke access (token) or cycle the key (both.)
I've felt it for a while, but the banking industry needs to arrive at something similar. Chase, BoA, WF, and Citi should turn Zelle into a banking OAuth Identity Service.
Why do users need to have a 3rd party managing their identity? It seems like it would be _safer_ if users could setup their own OAuth infra which would then be certified for use with other systems. For people who lack the expertise or will to roll their own infra then they can use something like Apple ID.
How many people do you know running Mastodon nodes instead of using twitter or facebook?
>For people who lack the expertise or will to roll their own infra then they can use something like Apple ID.
SO 99.9% of the population. It's a nice sentiment, but for what apple is doing to work (random username generation, and identity obfuscation) the only way for it to work is strength in numbers, that the Apple userbase of people who will only use frictionless sign in, becomes too big to ignore, and to tempting too left uncourted.
>It seems like it would be _safer_
Im not sure I would say safer. Depending on millions of people to keep their software up to date hasnt historically worked super well for Windows and Wordpress. One central authority patching all its services and 24/7 devops sounds a lot safer than trusting millions of self hosted OAuth servers to be up to date and not compromised. What percent of people who have non-self-updating home routers, do you think go in regularly and press the update firmware button?
In some countries, it's fiscal liability - such as paying hefty fines. In others, that are not so friendly, the HR representative who receives/processes the legal request and/or whomever the country wishes to charge could very well land in jail[0].
In a choice between strictly maintaining your privacy and fines/jail time, most - if not all - companies will sell you down the river (if given a feasible chance that it doesn't entirely ruin them, say for example, if they weren't purely in the privacy trade) to save their own hide[s] (e.g.: see the whole PRISM scandal and its fall-out).
Sorry I meant by the service you're signing into, any of their 3rd party trackers, or in case of a data breach. This sets it apart from e.g. gmail's username+servicename@gmail.com, or a wildcard on a private domainname which only you ever use.
I'm so mad I missed the window where you were supposedly able to merge email accounts. If I want to merge existing separate accounts now I have to terminate the old account, wait like a 9 months/a year(??) for it to expire and be purged, and then add it as an alias, assuming MS doesn't hold the expired account name >:C
I've been trying for some time to explain to my friends and family how a unique email/password + 2FA strategy is the best thing to do and how it would allow them to cut one in case it gets leaked. I guess I will just tell everybody about "Sign in with Apple" now, it will be easier.
Family is easy, I made them switch to Apple years ago and things have been a breeze since. Most of my friends using Android are also working in IT and are already using disposable/forwarding emails AFAIK. And... to be honest, I don't have friends using Windows :D
They also have pretty strict whitelisting requirements around who can send emails to these privacy addresses.
"In order to send email messages through the relay service to the users’ personal inboxes, you will need to register your outbound email domains. All registered domains must create Sender Policy Framework (SPF) DNS TXT records in order to transit Apple's private mail relay. You can register up to 10 domains and communication emails."
Neat. It sounds like this extra step prevents a situation where, for example, a dev's server-side database gets hacked and the users' relay e-mail addresses are exposed.
The attacker wouldn't even be able to send e-mail messages to the users. He'd also need to compromise the registered domain's mailservers, or their DNS servers (to modify the SPF records), or their Apple dev account to add their own registered domain.
No worries. I am at least glad the product is still alive. Despite being a competitor, there is a lot to admire about the offering. I am really bummed it didn't come out ahead of other competitors :)
Hopefully, more devices will move away from requiring you to type anything into the device to sign in.
Quite a few devices or apps on devices have already done so. Instead of having you enter the account ID and password directly, they give you a URL to visit that is something like https://<device-maker>.com/add-device, and show you a random code.
You go to the given URL in your normal browser on whatever device you normally use for web browsing, where you can login to your account at <device-maker> and enter the code the device gave you.
A few seconds later the device notices you've completed this, and you are then automatically signed in on that device.
This is a natural step that I’ve been waiting for for years. This can almost remove the need for password typing, as you don’t even need one to unlock the device anymore. Let’s hope Microsoft does the same, and integrates with apple’s solution. A lot of people are on iOS+Win10 for laptops.
PMs don't make it easy, they make it reliable and central. The default password generation usually doesn't work, and a web form doesn't capture everything, but I'm never clicking and guessing even when I haven't used an account in years.
But SSO wins on mobile, because the PM is clunky even with a custom keyboard. Even then, I keep a dummy entry in my PM just so I'm tracking it.
Mobile Dashlane and Lastpass work much better on Android, where the OS allows you to set default apps. If Apple deserves any antitrust spankings its for not allowing user control of protocol handlers and default programs.
You can create/generate & save new login on the fly from the sign-in screen. At least with 1Password. It's clunkier than I think is strictly necessary, but it is effective.
Yep, works through the keyboard. Click on the login or password field, then it gives you a key icon to get into 1Password, where you are prompted to generate a password and provide a username. Then you tell it to autofill that into the form. A little clunky but effective.
While websites do blacklist temporary email providers like Mailinator, I think Apple has more power here; blocking the domain can be pegged as more of an anti-privacy move than blocking Mailinator, which is more anti-spam.
Will this service be available on the web? I get the feeling that this will only be available on iOS, meaning that you lose access to all your accounts if you decide to switch to Android.
There are plenty of applications that don't actually care about the additional data they could arguably get from a Google/Facebook login, and only offer it because one click sign-up/login drives more signups.
In cases of a trustworthy third party, what is the concern of linking to Google/Facebook account compared to an Apple account that doesn't offer any data? I don't think I've seen any instances of Facebook integration credentials being hacked/stolen.
In reality, pretty much nothing (particularly since now, third parties basically only get name + email). The value is that some (small or large) number of potential users might not know or believe that and trust Apple more.
I develop apps myself and I am 100% onboard with using this instead of offering the signup with google or facebook buttons. I might even push users slightly to use this instead of others as it give my apps a bit of extra trust worthiness imo.
I can already see devs implementing things such as `if email domain ends in privaterelay.appleid.com reject the email address and ask for a "real" one`, like what already exists for yopmail and others.
Some screenshots display that it also works on the web, I'd love to find out how exactly but I ain't buying an Apple device and a developer license for that.
Some sites now seem to check whether an address is valid from some database or heuristic, because a random email with a valid domain is still rejected.
There is definitely a phenomenon of checking for prohibited email domains. However, absent extra-functional motivations like user data collection, smart developers don't bother with heuristics for email addresses much beyond the presence of an '@' character.
If you want to know if a purported email address is deliverable, try to deliver email to it.
Fun thing is, Apple themselves block name+addon@gmail.com addresses when using their dev console. You can bet that some companies will disallow Apple’s signature private passwords similarly if they can, in the name of ‘security’ or what have you.
Or am I being too cynical? Feel free to CMV.
EDIT: best response addressing this seems to be ‘The addresses are only generated from the "Sign In With Apple" workflow that a developer has to enable in the first place’
No, you're clearly correct. But Apple pushing this does give it a sense of legitimacy and blocking signups from this service might just cause less signups than actually forcing people to use their real address.
If Apple makes this extremely user friendly and quick to use than blocking it will cause a loss of signups.
‘Error: We love Apple and anonymity but we require a real email address to prevent fraud and to properly secure your account. Please enter your real email address.’
It would work roughly the same way. Integrating an OAuth provider like this requires registering an application with revokable ClientIDs, so Apple can technically pull them just as easily as they can pull Apps.
(It remains to be seen if they'll put in the legwork to actually police these things, though)
> ‘Error: We love Apple and anonymity but we require a real email address to prevent fraud and to properly secure your account. Please enter your real email address.’
GDPR would probably want to know specifically why you need someone's real email address.
Yes. Back when Google+ oauth launched, "sharing user identity info" was the carrot that incentivized developers to build the integration. Otherwise, devs preferred Facebook so they could get user info.
Presumably such services won't implement Sign In With Apple in the first place. People will accept it because they want the sheer quantity of users Apple provides.
The useful thing about Apple is that they can force people to do things they don't particularly want to do, like accept anonymous e-mail addresses or stop using Flash. (unfortunately this is also the bad thing about Apple)
One other thing that seems powerful is that users that use Sign In With Apple have some guarantee of quality; with Apple using FaceId to authenticate, there's some amount of guarantee that you're not a bot.
I think this is something that people are missing when they suggest services will just block the Apple relay address.
Of course they wont. They still want the business and as you've pointed out, these accounts will be in a different customer engagement category. They are almost certainly real people and they a lot of value to marketers, even is you don't have all of their other personal details.
"[Sign In with Apple] will be required as an option for users in apps that support third-party sign-in when it is commercially available later this year." https://developer.apple.com/news/?id=06032019j
There by, when apple passes a XXXXXXX@privaterelay.appleid.com address back, it won't match the existing account's email address = Sorry, matching account not found ?
Or they already rely on FB login and are now _obligated_ by Apple to implement this feature. I work for a company that has allowed people to create accounts with FB login (meaning we don’t have an internal password associated with them). This change would ostensibly require us to also allow Apple Sign In _even if we don’t want to_ just to continue to service existing users.
There really isn’t much choice here for us. Leave Apple / iOS? Abandon FB login and piss off thousands of people? Implement Apple Sign In regardless of its tech stack / requirements?
As someone who also run a service where the only login option is using Facebook, I'm curious about how you regard the negative press regarding Facebook, the recommendations to leave Facebook, and the many users who is sceptic to or has already left Facebook.
Do you have any plans to adopt any other login provider? I would really like to, but other than email/password, I'm not really sure what would be a good alternative, and I'd really like not having any personal information stored at all - email addresses included.
We let people create a username/password but can also use FB if they prefer. Turns out having their email is nice; we need to send them notices and reminders from time-to-time.
I’m not a FB fan. I post on social media maybe twice a year. As an advertiser I don’t trust the numbers they report. None of my criticisms of Apple in this decision should be interpreted as pro-FB. I just have a very strong distaste for Apple deciding that they get to decide how we run our apps.
They have to mandate usage because it’s the only way devs will do it. And it seems like a fine enough product for Apple-only hardware. But when you get to supporting multiple connected devices it falls apart. Are they going to support this for PCs? What about on the Roku? How will anyone who uses Apple Sign In on the iPhone log in anywhere else?
However they most likely won't for the same reason that people who are upset about Apple's 30% App Store cut still develop apps for iOS: they have their customers spend far more on average than other phone / OS users.
The addresses are only generated from the "Sign In With Apple" workflow that a developer has to enable in the first place, so it wouldn't make any sense to do that and then reject the addresses.
Sure, they really could. But for me, it could be a reason to pick Lyft over Uber for example. I hope they add support to the App Store description, that would really help filter apps.
But in return for that, the services that choose to employ this will get a soft guarantee that the person signing up is unique/real. Its a way to get real-name/real-id with some amount of privacy.
Apple IDs cannot guarantee a real or unique user - users can have multiple accounts (some users will create a second account by mistake, others have a separate work account, etc), users can share accounts (especially ones tied to generic email addresses), and there are people selling app store reviews, so some bad actors definitely have a lot of accounts.
Thanks for your comment. I used the word soft guarantee, which is meant to encapsulate those caveats. Maybe I should have used a better term since I guess people were confused as to what it meant.
Facebook is trending downwards and privacy concerns with Google are trending up.
Critical mass might be achieved where if you don't include Apple Sign-In you might lose more users than whatever benefit you see from having more identifiable personal information.
If Apple users use Apple Sign-In en masse then any services which blocks it will face harsh negative publicity. If enough people use it then services will have no choice but to acquiesce.
They surely can do whatever they want, they can definitely choose to deny service to users that are traditionally high spenders and limit the fake accounts to professional scammers that use account farms from Asia.
Is that block a recent thing? It might be different as for my on GSuite account I can add the name+addon@mydomain.com - it might just be a difference between the "public" Gmail system vs the Gsuite Gmail system. In which case, my question is completely invalid and feel free to ignore ;)
Note: This comes from my own developer account having 3 name+addon@ accounts live, and working with things like ApplePay etc for testing.
Developer with a name+addon@gmail.com Apple ID here. No idea what OP is talking about, I was able to generate my Apple ID and sign up for the dev console no problem.
Apple now strips the +... part when you create an ID. So if name@gmail.com is already in use, name+addon@gmail.com will be refused with the message that name@gmail.com is already an Apple ID.
What is forcing the sites that I'd want to use a fake email address with to use this? It wouldn't be in their interest to. They will just stick with their current SSO setup of Google/Facebook/whatever and never touch this, if they have SSO at all. I LOVE LOVE LOVE the idea, I just don't know if it will be useful and successful.
Nothing is forcing them to, and lots probably won't. The carrot is the much lower friction for sign up for users. It's similar to Apple Pay, where you don't get credit card info, but you do get a much easier user flow that will get you more signups.
But will it be lower friction than login with Google or Facebook? It feels like it's more common for someone to have an account from one of those two than from Apple, and so "sign on with Apple" will never be able to be the only SSO option, while Google or Facebook could be.
If the better (for the site) SSO options also have near-universal market penetration, what's the incentive to add Apple?
I would venture a guess that apple/icloud accounts are the highest % account type amongst iPhone holders. All sorts of people have reasons for not having gmail / facebook / etc., but apple account setup is pretty prominent in device setup.
Sure, it might be the highest % among iPhone holders - but for a website, what portion of your users are going to be iPhone holders, and what portion of the Windows/Android crowd have Apple accounts?
You don't have to implement it to the exclusion of other methods. There are plenty of merchants on the web with Apple Pay and also Paypal, straight up credit card numbers, etc.
Of course you don't have to implement it to the exclusion of all others! But let's suppose that, say, 65% of users have a Google account, 75% have a Facebook account, and 40% have an Apple account - and the circles overlap such that adding Apple adds 10% to the total coverage. Now, if everyone who has an Apple account prefers it, and users with an Apple login yield 30% less revenue... gaining that extra 10% of users costs you revenue, because for every user you gained at 70%, three existing users cut their revenue by 30%.
It's lower friction in that instead of having to click through an OAuth screen (and possibly re-enter your Google password), you just auth with FaceID/TouchID. And if you're writing an iOS app, then obviously the user has an Apple account.
I'm on Android, so I don't know how it works on iOS devices, but is reentering the Google credentials common? On my Android phone I doubt I had to enter my password more than 5 times in 2 years.
And the OAuth screen would be required anyway, as they have also shown on stage.
Some apps don't open the "sign in with Google"(/facebook) popup correctly and so cookies end up not being enabled for that browser session, so users need to re-enter their google credentials.
This is being fixed over time with proper implementation.
I frequently have to re-enter my Google credentials on the web on Google properties. I assume Android is storing those deeper in the OS, like Apple is storing your Apple credentials.
This is the ultimate way to manage your incoming email - I’ll be filtering everything based on the `to:` address when this rolls out and my life will be wonderful again
So this is only for mac/iphone users? That's not a large enough segment to warrant adding a sign in option for most sites. Would be nice if Mozilla had done something similar with Persona.
Something like 58% of site visits are from mobile browsers, and mobile Safari makes up over half of all mobile browsers. Of course, your mileage may vary, but that's a pretty large segment.
So its like 25% of Americans and much less everyone else. Plus you will be at the mercy of apple if they decide to remove your app, plus if you need an actual usable email, you have to ask for a second email. Sounds a bit confusing, they shouldnt have tied this to email address.
Maybe I'm cynical, but this looks more like a data hording scheme than a protect my privacy enhancement. If I use Google to sign in, Google and the app has that data and can monetize it.
Now if I sign in using Apple, they are going to have the data to monetize. They may keep the app from getting my information, but that means that their data is better than someone else's data, so it is more valuable. Also, they are getting app usage statistics that I may have opted out of at the OS level, but they now have due to having the sign in history.
Problem is, today I agree, 10 years ago it would've been a tossup, and 5 years from now, who knows? These "trusted central broker" privacy models are nicer than giving your info to dozens of individual actors (when you trust that central broker more than anyone else), but they also become a single point of attack/failure.
My point is some of the information available now is that historically, companies that respect your privacy today might not tomorrow. And might only be respecting your privacy to get a monopoly on your data so they can exploit it later.
Neither would be the only sane choice. Multinational corporations will always screw individual customers for profit.
And the issue with trusting any entity with data isn't really what it will do with it today. The bigger problem is what the entity will do with it tomorrow - under new leadership.
It might also be interesting to know that Apple is also in the business of selling "relevant adds". Its a tiny amount if compared to Google, but gives them the same incentives if the platform ever became the most used one around the globe.
That danger is basically nonexistent considering the pricing of Apple devices but makes most claims of apples trustworthiness pretty hollow.
Some of Apple's services use end-to-end encryption. That makes them better from a privacy angle than Google for example... But still... Don't trust multinational corporations. That can never end well
The question was not "who do you trust", but "who do you trust more".
Given that Google's business model depends on data sharing whereas Apple has made privacy one of their core features, I think the answer has to be Apple, even if you don't trust them entirely.
Absolutely. One would still be able to do that (Apple's providing SSO here, not enforcing any guidelines, as of today). Though, I'm happy that friends and family would be able to choose anonymous per-app email-ids on the fly and still be able to SSO.
op mentioned apple core is privacy. i implies that they care it only for their high end customers. They could anytime do a low end mobile if privacy was their core. Their core is like any other business get maximum profits.
Apple's premium price is exactly what allows them to focus on privacy.
Google/Facebook/etc. are able to offer you cheap products and services because they're selling your privacy to the highest bidder.
Apple is not doing this (because they care about privacy), so they need to charge a much higher price for similar products.
This is somewhat of a chicken and egg problem (did Apple care about privacy and charge a premium price, or did charging a premium price allow them to start caring about privacy?), but that's arguably not important. What's important is that Apple cares about privacy when their competitors do not.
If Apple cared about privacy they would have left China instead of giving up it's iCloud key.
They are focusing on it because of business sense. To upsell people who are able to buy those expensive devices otherwise all devices are now more or less can do the work.
Apple can easily lower their price to match android. They do have insane profits. But I don't see they care about lower class people.
Can we stop being hyperbolic please? If not blocking ads in a very specific way is what it takes to be counted as "evil", that word has officially lost all meaning.
How about 'neither of them'? Trusting Google with your data is like trusting a fox with guarding your hen house, trusting Apple with your data is trusting a fox which claims it turned vegetarian.
Run your own mail server and you'll have all the addresses you care to use, using any scheme you might think off. I've been doing this for decades now and it just plain works. A day or so to get the thing setup, 8 hours of maintenance per year and you're done. Use Google-free Android devices in your pocket, Linux or *BSD on your lap and in the server/broom cupboard and those foxes can claim to be vegans for all I care.
Where do you host your mail server? I've been running my own for years on Rackspace, and it works great, except they recently started adding on a $5/month support fee that old accounts like mine had been grandfathered out of. With that, and other price increases over the years, it now costs about twice what I originally paid.
I originally picked Rackspace over AWS because Rackspace's cheapest acceptable option was about the same price I had been paying for space on a shared hosting service, and that was about half of the cheapest viable AWS option.
But now it looks like AWS is quite a bit cheaper than Rackspace, and it is getting time to build a new server anyway [1], so it is time to consider alternatives.
One thing I'm concerned about is IP blacklists. Every time someone posts an article about setting up your own email server, there are comments about this being a pain because spammers will set up service on neighboring IP addresses, and you'll often get caught up when that gets the whole block blacklisted.
I've never had that problem at Rackspace. I don't know if spammers just don't use them for some reason, or if they are really good at kicking off spammers...but in the 7.5 years I've been doing this at Rackspace I don't think my outgoing mail has ever been caught in an IP-based blacklist (or had any other delivery problems, for that matter).
While I'd like to spend less than I'm spending now, it would not be worth the savings if it makes my mail unreliable.
[1] I'm on Debian 8, which is in the last year of long term support. I prefer to built a new server from scratch with the latest and move to it rather than trying an in place update across major distro versions.
The server sits in a special cupboard I made which has servers, a switch and storage on top, drying racks on the bottom. All the way in the bottom is a forced draft fan (meant for modern air-tight homes, low-power and -noise) which pulls the warm air from the top through the drying racks. All the way on top sits a large air filter. This keeps the equipment clean and relatively cool while using the waste heat to dry produce (now filled with mint leaves, later it will be used to dry apple, possibly some jerky, etc).
The whole is connected through our gigabit fiber to the outside with a possibility for a wireless backup connection should the fiber go down (which it hasn't thus far).
The hardware runs a combination of Debian stable with some unstable packages plus home-grown tools. I've done Debian upgrades on these servers for years, generally without much breakage. That is actually why I moved to Debian from Redhat which I used earlier (before the Fedora days) as upgrading RH was always a hit-and-miss experience compared to Debian.
So, in short: my own hardware on my own connection on my own premises, with off-site (and even out-of-country) backup in a reciprocal agreement: I run backups for my brother in the Netherlands and get to put my (encrypted) backups on his NAS.
Except Google is an advertising company and Apple is a consumer electronics and software company. Their objectives are different, and historically, Apple has been one of the most privacy-focused tech companies.
Not saying Apple can't use your data, but as far as auth providers go, I'd rank Apple higher than all the other Big Tech Cos.
Apple doesn't, to the best of my knowledge, monetize data, either through ads or selling it to third parties. I'd welcome a clarification if I'm wrong.
The difference is that one is a hardware company making services to sell devices; the other is an advertising company making services to get more data for ads. One of them can live without your data, the other cannot.
Companies already massive dislike fake/temporary emails. Go find a throwaway email service and you'll find many many websites blacklist them. I'll actually be angry if Apple succeeds, because it'll just mean I can only have private email address as an apple customer and not anywhere else. Many companies might make an exception for Apple, but not anyone else.
This is neither a fake nor a temporary email. It is unique, made specific by the combination of the user's appleid and the target app/website, and permanent in that it will remain the same. The ability of the user to automatically discard/block content sent to the email address doesn't change this, as it's no different other than (probably) more convenient than setting up a bunch of spam filter rules for those "services" that refuse to remove your address.
It says in the article that it's a 'unique, random address', so I don't know where you're getting the 'combination of the user's appleid and the target app/website' from. The purpose of the service is the same as other temporary email services, to anonymize signing up for services by providing a fake email.
Sounds like a good time to remind people about Telegram having a similar function for quite some time now. And just yesterday they announced a feature to simplify logging into web sites using TG bots: https://telegram.org/blog/privacy-discussions-web-bots
It might be a personal choice, but for stuff when privacy is really important I'd definitely pick Telegram over Apple, no matter how much the latter claims to keep me safe from three-letter agencies as well as marketers.
Like I said, the chats are stored (or are claimed to be stored) in an encrypted form. But I think I understand why it may count as "stored unencrypted" in your eyes. Still, Signal won't cut it. It's too inconvenient to use, and while maybe it provides better security it's like a very strong password policy in a company that entices users to just write down passwords on Post-it notes.
I couldn't get my friends use Signal, it's not there yet in terms of user friendliness (hell, I wouldn't use it). But Telegram works for me, and I consider it a substantial improvement over Whatsapp. YMMV.
Signal requires a phone number. If anything, use Keybase, you'll also get good team handling, file sharing and bunch of other nice convinience features.
Telegram is unencrypted by default. All standard messages are stored on the server. Telegrams secret chat mode (end-to-end encryption) uses home made cryptography, and has been panned by experts in past. All group chat is in the clear and stored on the server. This is not the case with imessage. Comparing Telegram to iMessage, telegram is not in the same league as Apple. I don't trust either from TLA's or well funded adversaries.
It's a feature: history synchronization between different devices and fast search through hundreds of thousands of messages is, for most uses and users, more important than concerns that Telegram or nation-state level attackers (one capable of silently breaching Telegram infrastructure) would choose to read your chats.
Signal also does historical synchronization between devices. It bootstraps the history from another device. It also has search which can be done locally. Telegram is, by design, capable of being accessed by 3rd parties (beyond governments). iMessage is capable of being accessed by 3rd parties via iCloud backups, which is an opt-in situation.
Be aware, wechat sends every message with geolocation to the authorities in real time. It is more critical than ever that we be aware of the mechanisms in the systems we build and use -- else dystopia awaits.
Granted, there are no known weaknesses with their protocol -- however, Telegram leads the user to believe their conversations are encrypted, which, unless they opted in to secret chats (and this is not supported on desktop ), its all in the clear.
So if you are using it on desktop, all your messages belong to Telegram, and whomever they are sharing it with.
But it’s absolutely homemade by math PhDs (not crypto specialists). And if you search for ‘telegram security’ you’ll find any number of articles pointing out a bunch of weaknesses. It’s also only half open source.
Plain wrong. It's not end-to-end encrypted by default, that's true. But all chats are encrypted with key portions distributed between different jurisdictions in case some country gets funny ideas.
Chat archives are stored encrypted, not in plain text. Please cite your sources if you claim otherwise.
> think saying "chats are stored in plain text" is a reasonable way to convey that message
If I keep your messages encrypted in my database and your keys on another unonnected database in another building, would it then be fair to say that I store your messages in plaintext?
No. They are encrypted. It is a matter of fact.
The word you are looking for is "not E2E encrypted" which can be a problem, but a different and smaller problem.
>If I keep your messages encrypted in my database and your keys on another unonnected database in another building, would it then be fair to say that I store your messages in plaintext?
If you can still access them, I don't think it is fair (or maybe rather: it is misleading) to say that you store them encrypted.
Gives them valuable insight on user priority & needs. One who has it controls the web. This is what Google has and Apple wants it too.
Only difference is Apple won’t sell it, just use it to refine its product service mix. Google/FB do both besides preempting/ buying emerging competitors.
543 comments
[ 2.7 ms ] story [ 324 ms ] threadhttps://addons.mozilla.org/en-GB/firefox/addon/idbloc/
https://chrome.google.com/webstore/detail/idbloc-secure-and-...
With Idbloc (and apple sign in) the address is completely random and untraceable, and it’s impossible to tell which addresses belong to which users.
That's something I really dislike. Perhaps it's a necessary evil.
The goal is to explain the concept ahead of the pricing as I think it’s quite novel to most users.
I think it’s great, and use it a lot. Just wonder how you got to that price vs like $10/year.
That and people pay 4 bucks for a coke these days so it’s not really much. Also cPanel is most definitely an expert tool.
I might make it paid only soon and reduce the price but at present there’s not much option to get real feedback and user traction.
$4 is not very much, you’re right, but that doesn’t mean that it should be spent unwisely otherwise it adds up quickly. It seems unlikely that this would need a full time dev to operate and seems more like a “4 hour workweek” type business once it’s set up that would have pretty minimal maintenance, or a super bored developer waiting around for a bug to patch.
Do you think you’ll drop the price once you no longer need a dev?
Except it’s not real time until a support person is notified and responds minutes or sometimes hours later. Chat pop ups feel like a lame trick these days every time I try to use them; they pretend like they’re going to be fast and then make you waste your own time waiting. The last one I used the other day made me wait more than 10 minutes, so I did something else, and when the support person responded and asked a follow up question and I didn’t answer in 5 seconds, they closed the support ticket, making me start over. I’d rather use email.
I usually email them after, too. "I actually clicked through your instagram ad, looked at some clothes that looked nice, and didn't buy anything because I was on my phone and didn't want to make a new account and add credentials to my password manager. Have you considered adding apple pay support to your shopify account?"
I have no idea if i'm helping or not.
One of the reasons I get lunch from Panera and Pei Wei is because I can check out on my phone as a guest when I order ahead.
Heck, even fleaBay lets you do a guest check out now. That was what made me consider using it again.
Look, I use three email domains for online accounts, in addition to a unique address for each account — one domain that links to my actual identity (my public-facing, professional domain), one domain that’s somewhat anonymous, and one domain reserved for highly sensitive accounts, e.g. online banking, PayPal, AppleID, etc. And PayPal sharing my email address with third parties breaks the model, making my sensitive domain less secure.
i don’t care who processes the payment, i just like being able to buy physical goods without making a new account, and ideally without any more friction than faceID while impulse-buying nonsense while i’m on the toilet :)
Password management is a big problem for non-technical users. Even for people who don’t know/care about security and reuse the same password everywhere, it presents a huge issue when their preferred password doesn’t meet the website’s requirements. They are then forced to make one up which they’ll never remember so it’s gonna be a headache down the line when they need to sign in again.
When they learn that the magic “Sign in with Apple” button allows them to avoid all that, they’ll want it even if they don’t care about privacy.
1. Services have little incentive to support mailinator, and indeed may deliberately choose not to if they feel it is leading to signups they don’t like. On the other hand it would be hard to argue with an incentive like the App Store requiring you to support apple’s service.
2. Because the service is built in to apple’s systems there seems to be an implicit contract that apple wont let it be abused for the purposes that many sites claim mailinator is used for (because it isn’t useful to apple customers if sites don’t trust it and it). So they might be more willing to accept these email addresses.
I guess neither of these help services like mailinator gain credibility.
I have been responsible for creating and maintaining an app generation system. Among other things, it taught me that App Store Connect has many sharp edges showing how easy it is to abuse the kind of power you've correctly pointed out Apple has.
And this effect is massive last week I offered two of my old laptops to a friend child wanabee hacker. He quickly considered a 2012 HP for parts, then he kept on thanking me for a working state 2002 PPC iBook.
PS: To be honest he might be ranting about it in a few day, I’ve played around it a little and that 2002 iBook bios is a mostly undocumented nightmare!
The battery glue is like a 3M command strip, you're supposed to remove it by applying tension to the side. You need the heat source if the strip breaks and gets trapped underneath, but I used dental floss instead.
I'm not sure how this is manipulating to get me to purchase a new phone.
That's disingenuous. Apple has a recycling program, where they take apart every component to be reused or recycled into new materials.[1]
[1]: https://www.apple.com/newsroom/2018/04/apple-adds-earth-day-...
7.8 million "Apple devices"[0] in 2018 is a lot, but an average iPhone is far more likely to end up on a landfill. If it were easy to extract the battery, that wouldn't be such a problem.
[0] They group them all together and I can't find any other metric: https://www.apple.com/newsroom/2019/04/apple-expands-global-...
It's perhaps less evil than the kind of wholesale data-farming the other big tech companies are engaged in, but it still doesn't make me like the idea of Apple ascendant.
And I was raised on Macs, giving Apple a heavy nostalgia bonus that they burned years ago.
You find that you're being strongarmed. As a oonsumer, I could not care less. Hell, I am thrilled that developers are being strongarmed when it comes to user privacy and security.
I am concerned with things like Apple's terms of service saying "If you put an app in the store, we reserve the right to copy it and ban yours."
They don't spell it out quite that clearly, but sections 14.4 and 11.2 of the developer guidelines make it clear enough (https://download.developer.apple.com/Documentation/ADP_Progr...).
Yes, there are more charitable interpretations possible, but Apple does have some history of cloning and killing off third party software, so I see no reason to apply the more charitable interpretation.
Who said the Windows/Android model is the morally correct one anyway?
As a customer I'm glad that Apple is providing a truly different alternative.
I'm not scared of this anonymous signin feature, per se.
I'm scared of the sheer amount of power Apple has, and that they can abuse it to force third parties into compliance with what they think software should be.
That's what I was saying I found terrifying.
My comment meant: "Bye bye " for me. As in: I'm not using it anymore.
I don't get you man.
Mailinator can be pretty hard to use, since so many sites can detect the addresses and block their use.
I've pretty much given up on it, and use Fastmail's very easy aliasing features with my domain. It's not quite as private, but it's a lot more reliable.
The truly clever programmer could open an SMTP session to the mail exchangers specified in your email address, and reject you because they point to mailinator. I know of 0 programmers in the world that have written this code. I think you could ask the vast majority of programmers that work with email addresses and dark patterns to do this, and they wouldn't even know how. So you're probably pretty safe.
I use mailinator all the time and I have never had a problem, however, which is why I don't even have the MX records to host my own anymore.
While I'm sure that works. The main reason I'd use mailinator is for privacy (i.e. not exposing anything associated to me). If I have to use my domain, rather than their free ones, I'm still identifying my domain, so I might as well use my own aliases with my own mail system.
Domains are cheap, and mailinator really ought to register and discard a bunch of $1 specials on a regular basis.
https://account.live.com/names/Manage
(not to take away from this announcement at all; just to provide some context. it's an often overlooked feature which people here might appreciate.)
I also like how you can set it so only a specific email can login. That way if your alias is compromised, your account won’t be.
As someone who changed their name but had to keep their Google account with the old one because of how much Google account data/purchases can't be moved to a new account, this felt positively revolutionary. Google accounts can only have one Gmail address for their entire lifetime.
.
Apple can get way ahead of the competition by combining about 3 things.
1) Ephemeral email addresses
2) OAuth or apples equivalent tokens
3) Keychain autogenerate and auto-populate
If all those products are integrated correctly, this becomes the SINGLE sign on of single sign ons. If a service supports Apple OAuth, your name is hidden, and you only have one Apple password to remember. If the service doesnt support Apple Tokens, then apple fills in a private email address and a random password, and abstracts away the fact that the service doesnt support Apple Tokens. The user experience is nearly the same regardless. Tokens and randomly generated passwords should be managed from the same interface, allowing you to either revoke access (token) or cycle the key (both.)
I've felt it for a while, but the banking industry needs to arrive at something similar. Chase, BoA, WF, and Citi should turn Zelle into a banking OAuth Identity Service.
>For people who lack the expertise or will to roll their own infra then they can use something like Apple ID.
SO 99.9% of the population. It's a nice sentiment, but for what apple is doing to work (random username generation, and identity obfuscation) the only way for it to work is strength in numbers, that the Apple userbase of people who will only use frictionless sign in, becomes too big to ignore, and to tempting too left uncourted.
>It seems like it would be _safer_
Im not sure I would say safer. Depending on millions of people to keep their software up to date hasnt historically worked super well for Windows and Wordpress. One central authority patching all its services and 24/7 devops sounds a lot safer than trusting millions of self hosted OAuth servers to be up to date and not compromised. What percent of people who have non-self-updating home routers, do you think go in regularly and press the update firmware button?
I'm sure there's logging or other AD property (think something like sidHistory[0]) to keep track of this.
Companies don't like being liable for not being able to provide data under order[s].
[0] - https://docs.microsoft.com/en-us/windows/desktop/ADSchema/a-...
In a choice between strictly maintaining your privacy and fines/jail time, most - if not all - companies will sell you down the river (if given a feasible chance that it doesn't entirely ruin them, say for example, if they weren't purely in the privacy trade) to save their own hide[s] (e.g.: see the whole PRISM scandal and its fall-out).
[0] - https://www.reuters.com/article/us-facebook-brazil-idUSKCN0W...
"In order to send email messages through the relay service to the users’ personal inboxes, you will need to register your outbound email domains. All registered domains must create Sender Policy Framework (SPF) DNS TXT records in order to transit Apple's private mail relay. You can register up to 10 domains and communication emails."
https://help.apple.com/developer-account/#/devf822fb8fc
The attacker wouldn't even be able to send e-mail messages to the users. He'd also need to compromise the registered domain's mailservers, or their DNS servers (to modify the SPF records), or their Apple dev account to add their own registered domain.
And, they have the money to do it.
For as long as Android has google ownership... they will never, ever be able to compete on the level of privacy that Apple is now buying into.
So far it's only happened once, actually, when Keen.io got bought by a PE firm, I got a bunch of spam, so they clearly sold off my email address.
It's a system that would be hard to operate as a "normal" person, so this is a great step.
That is, if you're signing up for Netflix with this, would you be able to access your account from a Roku box?
Quite a few devices or apps on devices have already done so. Instead of having you enter the account ID and password directly, they give you a URL to visit that is something like https://<device-maker>.com/add-device, and show you a random code.
You go to the given URL in your normal browser on whatever device you normally use for web browsing, where you can login to your account at <device-maker> and enter the code the device gave you.
A few seconds later the device notices you've completed this, and you are then automatically signed in on that device.
I do wonder how many sites will actually implement it.
But SSO wins on mobile, because the PM is clunky even with a custom keyboard. Even then, I keep a dummy entry in my PM just so I'm tracking it.
Apple gives preference to Keychain and gives it special ability. Which is what MSFT got in trouble for with IE embedded into windows.
I'm not sure if they could sustain such a policy.
This is for the devs that specifically want the minimal-friction sign-in.
If you want to know if a purported email address is deliverable, try to deliver email to it.
Fun thing is, Apple themselves block name+addon@gmail.com addresses when using their dev console. You can bet that some companies will disallow Apple’s signature private passwords similarly if they can, in the name of ‘security’ or what have you.
Or am I being too cynical? Feel free to CMV.
EDIT: best response addressing this seems to be ‘The addresses are only generated from the "Sign In With Apple" workflow that a developer has to enable in the first place’
If Apple makes this extremely user friendly and quick to use than blocking it will cause a loss of signups.
‘Error: We love Apple and anonymity but we require a real email address to prevent fraud and to properly secure your account. Please enter your real email address.’
(potentially)
(It remains to be seen if they'll put in the legwork to actually police these things, though)
GDPR would probably want to know specifically why you need someone's real email address.
The useful thing about Apple is that they can force people to do things they don't particularly want to do, like accept anonymous e-mail addresses or stop using Flash. (unfortunately this is also the bad thing about Apple)
Of course they wont. They still want the business and as you've pointed out, these accounts will be in a different customer engagement category. They are almost certainly real people and they a lot of value to marketers, even is you don't have all of their other personal details.
There by, when apple passes a XXXXXXX@privaterelay.appleid.com address back, it won't match the existing account's email address = Sorry, matching account not found ?
There really isn’t much choice here for us. Leave Apple / iOS? Abandon FB login and piss off thousands of people? Implement Apple Sign In regardless of its tech stack / requirements?
Do you have any plans to adopt any other login provider? I would really like to, but other than email/password, I'm not really sure what would be a good alternative, and I'd really like not having any personal information stored at all - email addresses included.
I’m not a FB fan. I post on social media maybe twice a year. As an advertiser I don’t trust the numbers they report. None of my criticisms of Apple in this decision should be interpreted as pro-FB. I just have a very strong distaste for Apple deciding that they get to decide how we run our apps.
They have to mandate usage because it’s the only way devs will do it. And it seems like a fine enough product for Apple-only hardware. But when you get to supporting multiple connected devices it falls apart. Are they going to support this for PCs? What about on the Roku? How will anyone who uses Apple Sign In on the iPhone log in anywhere else?
However they most likely won't for the same reason that people who are upset about Apple's 30% App Store cut still develop apps for iOS: they have their customers spend far more on average than other phone / OS users.
Critical mass might be achieved where if you don't include Apple Sign-In you might lose more users than whatever benefit you see from having more identifiable personal information.
If Apple users use Apple Sign-In en masse then any services which blocks it will face harsh negative publicity. If enough people use it then services will have no choice but to acquiesce.
Note: This comes from my own developer account having 3 name+addon@ accounts live, and working with things like ApplePay etc for testing.
That's $5 a month for 600 private email addresses, which (for me at least) is more than enough to cover all of the services I use.
Unless they're easier to re-associate with your main account for some technical reason I'm not aware of?
If the better (for the site) SSO options also have near-universal market penetration, what's the incentive to add Apple?
And the OAuth screen would be required anyway, as they have also shown on stage.
This is being fixed over time with proper implementation.
Now if I sign in using Apple, they are going to have the data to monetize. They may keep the app from getting my information, but that means that their data is better than someone else's data, so it is more valuable. Also, they are getting app usage statistics that I may have opted out of at the OS level, but they now have due to having the sign in history.
It's exclusively from premium hardware and services. And not from advertising or monetising your data.
And the issue with trusting any entity with data isn't really what it will do with it today. The bigger problem is what the entity will do with it tomorrow - under new leadership.
It might also be interesting to know that Apple is also in the business of selling "relevant adds". Its a tiny amount if compared to Google, but gives them the same incentives if the platform ever became the most used one around the globe. That danger is basically nonexistent considering the pricing of Apple devices but makes most claims of apples trustworthiness pretty hollow.
Some of Apple's services use end-to-end encryption. That makes them better from a privacy angle than Google for example... But still... Don't trust multinational corporations. That can never end well
Given that Google's business model depends on data sharing whereas Apple has made privacy one of their core features, I think the answer has to be Apple, even if you don't trust them entirely.
"No our antenna and keyboards don't break, that's the users fault."
The question doesn't _need_ to be "who do you trust more". (I know that I'm mostly repeating the parents points).
I don't want a Google login.
I don't want a Apple login.
I don't want a Facebok login.
I want a good old email/username login!
Absolutely. One would still be able to do that (Apple's providing SSO here, not enforcing any guidelines, as of today). Though, I'm happy that friends and family would be able to choose anonymous per-app email-ids on the fly and still be able to SSO.
How would that work?
Google/Facebook/etc. are able to offer you cheap products and services because they're selling your privacy to the highest bidder.
Apple is not doing this (because they care about privacy), so they need to charge a much higher price for similar products.
This is somewhat of a chicken and egg problem (did Apple care about privacy and charge a premium price, or did charging a premium price allow them to start caring about privacy?), but that's arguably not important. What's important is that Apple cares about privacy when their competitors do not.
They are focusing on it because of business sense. To upsell people who are able to buy those expensive devices otherwise all devices are now more or less can do the work.
Apple can easily lower their price to match android. They do have insane profits. But I don't see they care about lower class people.
Google isn't outwardly evil.
Apple being anti consumer and anti developer really show you who Apple works for.
Apple doesn't seem to provide competition in the tech space that is pro consumer or pro developer.
Apple is pushing profit more than anyone else in tech.
But with google we're the product and not the customers. They are a spyware company and don't deserve any trust whatsoever.
Run your own mail server and you'll have all the addresses you care to use, using any scheme you might think off. I've been doing this for decades now and it just plain works. A day or so to get the thing setup, 8 hours of maintenance per year and you're done. Use Google-free Android devices in your pocket, Linux or *BSD on your lap and in the server/broom cupboard and those foxes can claim to be vegans for all I care.
I originally picked Rackspace over AWS because Rackspace's cheapest acceptable option was about the same price I had been paying for space on a shared hosting service, and that was about half of the cheapest viable AWS option.
But now it looks like AWS is quite a bit cheaper than Rackspace, and it is getting time to build a new server anyway [1], so it is time to consider alternatives.
One thing I'm concerned about is IP blacklists. Every time someone posts an article about setting up your own email server, there are comments about this being a pain because spammers will set up service on neighboring IP addresses, and you'll often get caught up when that gets the whole block blacklisted.
I've never had that problem at Rackspace. I don't know if spammers just don't use them for some reason, or if they are really good at kicking off spammers...but in the 7.5 years I've been doing this at Rackspace I don't think my outgoing mail has ever been caught in an IP-based blacklist (or had any other delivery problems, for that matter).
While I'd like to spend less than I'm spending now, it would not be worth the savings if it makes my mail unreliable.
[1] I'm on Debian 8, which is in the last year of long term support. I prefer to built a new server from scratch with the latest and move to it rather than trying an in place update across major distro versions.
The whole is connected through our gigabit fiber to the outside with a possibility for a wireless backup connection should the fiber go down (which it hasn't thus far).
The hardware runs a combination of Debian stable with some unstable packages plus home-grown tools. I've done Debian upgrades on these servers for years, generally without much breakage. That is actually why I moved to Debian from Redhat which I used earlier (before the Fedora days) as upgrading RH was always a hit-and-miss experience compared to Debian.
So, in short: my own hardware on my own connection on my own premises, with off-site (and even out-of-country) backup in a reciprocal agreement: I run backups for my brother in the Netherlands and get to put my (encrypted) backups on his NAS.
Not saying Apple can't use your data, but as far as auth providers go, I'd rank Apple higher than all the other Big Tech Cos.
They're monetizing user data/behavior.
One example, I didn't search very hard.
> User response is an important signal of ad relevance. If customers don’t tap on an ad, Apple Search Ads will stop showing it to them.
I think what you quoted is Apple saying "if no one is clicking on your ad we stop showing it to people".
It might be a personal choice, but for stuff when privacy is really important I'd definitely pick Telegram over Apple, no matter how much the latter claims to keep me safe from three-letter agencies as well as marketers.
Why?
Also, stories about FISA overreach, PRISM, the rest of the alphabet soup plus gag orders do not particularly inspire confidence.
Also, we are discussing web login options here which afaik Signal doesn't support.
I couldn't get my friends use Signal, it's not there yet in terms of user friendliness (hell, I wouldn't use it). But Telegram works for me, and I consider it a substantial improvement over Whatsapp. YMMV.
It's a feature: history synchronization between different devices and fast search through hundreds of thousands of messages is, for most uses and users, more important than concerns that Telegram or nation-state level attackers (one capable of silently breaching Telegram infrastructure) would choose to read your chats.
Be aware, wechat sends every message with geolocation to the authorities in real time. It is more critical than ever that we be aware of the mechanisms in the systems we build and use -- else dystopia awaits.
So if you are using it on desktop, all your messages belong to Telegram, and whomever they are sharing it with.
This way Telegram can back up messages without dumping them to Googles servers like WhatsApp does by default.
But it’s absolutely homemade by math PhDs (not crypto specialists). And if you search for ‘telegram security’ you’ll find any number of articles pointing out a bunch of weaknesses. It’s also only half open source.
Not just that. The official clients repos (specifically Android) lag several weeks, if not months, behind the apps, or at least they did at one point.
Though that doesn't matter much with not-quite-verifiable releases...
Chat archives are stored encrypted, not in plain text. Please cite your sources if you claim otherwise.
I think that's what the parent wanted to say.
I think saying "chats are stored in plain text" is a reasonable way to convey that message and I think "plain wrong" is an overstatement.
If I keep your messages encrypted in my database and your keys on another unonnected database in another building, would it then be fair to say that I store your messages in plaintext?
No. They are encrypted. It is a matter of fact.
The word you are looking for is "not E2E encrypted" which can be a problem, but a different and smaller problem.
> and I think "plain wrong" is an overstatement.
No. It is a statement of a fact.
If you can still access them, I don't think it is fair (or maybe rather: it is misleading) to say that you store them encrypted.
If you trust me but are worried that someone else might break into the server it makes a huge difference.
Only difference is Apple won’t sell it, just use it to refine its product service mix. Google/FB do both besides preempting/ buying emerging competitors.
https://auth0.com/docs/scopes/current/oidc-scopes