"App graph". Something about that phrase makes it sound even sneakier, like an innocuous technical thing that has nothing to do with people. Nothing to see here. Just an app graph.
I think I will build a social network where your profile pic is a split screen of your headshot and your exposed genitals. You will use your real name, home address, and cell phone number, and frequently upload your credit card statements.
This way, we can all just get it over with already.
Apps can register custom URL schemes to enable other apps to open them, pass them data and even deep-link to within them. There is an official API called canOpenUrl: which will let you check if a particular URL scheme is registered on a particular device. So that, along with a database of public URL schemes published by other apps, lets you detect which apps are installed.
I wasn't aware of this before but apparently you can also use sysctl() to check the names of running processes (which is less reliable as processes will get bumped off if the foreground app requires more memory).
Hardcode the address on all known platforms and skip it on unknown ones, or disassemble a public function that calls it and figure out the address from there, or read the Mach-O headers and write your own dlsym, etc. etc.
Apple once blocked a updates for everyone using a common SDK because it had named a symbol something that happened to be the name of an unrelated private API, and the review process couldn't tell the difference. That implies things about the rigor of the review process.
1.) Scan for custom URL schemes the applications register so you can open them from other apps or web URLs.
2.) Retrieve a list of currently running processes in the background
"We will notify you about this feature being turned on for your account by showing a prompt letting you know that to help tailor your experience, Twitter uses the apps on your device. Until you see this prompt, this setting is turned off and we are not collecting a list of your apps. If you do not see Tailor Twitter based on my apps in your account settings, app graph collection is not occurring for your account."
I didn't down vote, but it might be because it doesn't appear that btdollar is hell banned. I though hell ban = all their comments are dead, but it's plausible that his [dead] comments were just down voted.
I'm trying to think of a scenario wherein an app would wholesale collect all other installed apps for local use. Querying for specific capability via the existence of an app or URL handler, maybe. But iterating all installed apps?
Tasker (for Android) does, to let you choose one to launch automatically when something happens. But apart from automation and possibly "personal analytics", I don't remember any other use case.
Notice how they casually slip in "..and occasionally updating". This means that Twitter now has a nice list of all apps on your Mobile via the malicious Twitter app that snoops on your phone.
They get to then sell this info to advertisers so that they can tailor their "tweets" to you.
And Twitter is a relatively good citizen as far as apps go. Just imagine what other apps who don't care where their next buck comes from are capable of...truly scary stuff.
The worse problem is that even if you do research on the developers and owners of an app before allowing a permission that warrants a lot of trust, they can at any time be sold to a scummy company or data-mining agency who exploits the trusting user-base. This is exactly what happened to SourceForge.
The majority of Twitter's revenue comes from mobile ads, and app install ads are a major component of that major component. Knowing what apps you do or don't have installed allows them to better target app install ads, and I imagine that's the reason for collecting this data.
So, if you don't have Clash of Clans installed, they can show you a Clash of Clans ad.
If do you have Clash of Clans installed, they can then prompt you to reengage with it, or suggest other apps you're likely to install on the basis of your having shown an interest in games.
Why do iOS and Android give apps this data in the first place? Mobile apps will invariably abuse any trust granted to them, so platforms should just stop granting any more trust than necessary.
They don't explicitly provide it. Twitter uses a form of IPC built into iOS (canOpenUrl) to find out by brute force whether or not well known apps are installed.
In other words if you just submitted mynewobscureapp to the AppStore, Twitter would not be able to detect it until they added your app to their targeted list.
They don't explicitly give it. You can define your own URL schemes, e.g. hackernews://, and the OS will tell you if a handler for that URL scheme is installed.
Ironically, currently a few entries away from this article on HN, there's this one [1] about iHasApp that has shut down due to "using public APIs in a manner not prescribed by Apple".
Not only that, I followed the instructions (on iOS) and there is no "Tailor Twitter based on my apps", only "Tailor ads based on info from ad partners".
I've noticed this with other services, apparently it's difficult to distinguish between "love thing X so much you share it" and "hate thing X so much you complain about it"
To be clear, I don't hate the content I choose to view from the people I follow, I hate the content that Twitter provides for advertising. There was a weird time when Twitter was actually showing me relevant ads - about computer stuff, startups (close enough). Now the ads are all random.
to be fair the web apps work well. I did the same on my mobile, no more snooping. But i had to root my phone to remove Twitter and Facebook so everybody can't do that.
Twitter really is a terrible:
Refer to first comment in link below. In the name of providing open source tools to Developers, They are collecting Contact lists of app users that has their SDK's:
http://www.reddit.com/r/androiddev/comments/37hx7y/twitter_j...
We've designed app graph to exclude apps that appear to be especially sensitive, such as ones dealing with your health, sexual orientation, or religious beliefs.
I was alarmed until I read this. It is really nice of them to choose to keep our sensitive private information private. Thanks Twitter!
( Of course I completely trust Twitter to make the right decision on which apps are considered sensitive. )
I feel sorry for the apps that are trying hard to fit in and "appear" unsensitive. They probably still get snooped. That must really hurt their feelings.
164 comments
[ 2.0 ms ] story [ 76.2 ms ] threadI think I will build a social network where your profile pic is a split screen of your headshot and your exposed genitals. You will use your real name, home address, and cell phone number, and frequently upload your credit card statements.
This way, we can all just get it over with already.
http://danielamitay.com/blog/2015/5/29/shutting-down-a-500mm...
I wasn't aware of this before but apparently you can also use sysctl() to check the names of running processes (which is less reliable as processes will get bumped off if the foreground app requires more memory).
More here: http://danielamitay.com/blog/2011/2/16/how-to-detect-install...
Apple once blocked a updates for everyone using a common SDK because it had named a symbol something that happened to be the name of an unrelated private API, and the review process couldn't tell the difference. That implies things about the rigor of the review process.
1.) Scan for custom URL schemes the applications register so you can open them from other apps or web URLs. 2.) Retrieve a list of currently running processes in the background
I really think this is a cruel waste of peoples time, and HN should strongly reconsider this method of moderation.
EDIT: Down votes for telling someone they are hell banned? Pathetic.
And Twitter is a relatively good citizen as far as apps go. Just imagine what other apps who don't care where their next buck comes from are capable of...truly scary stuff.
So, if you don't have Clash of Clans installed, they can show you a Clash of Clans ad. If do you have Clash of Clans installed, they can then prompt you to reengage with it, or suggest other apps you're likely to install on the basis of your having shown an interest in games.
iOS - https://itunes.apple.com/us/app/twitter/id333903271?mt=8
Android - https://play.google.com/store/apps/details?id=com.twitter.an...
In other words if you just submitted mynewobscureapp to the AppStore, Twitter would not be able to detect it until they added your app to their targeted list.
[1] https://news.ycombinator.com/item?id=9625916
That's provided because 99% will never even know it's there. It doesn't matter if it's technically an option.
When your product is used by millions of people and updates automatically, the defaults matter.
> Twitter is using your app graph to help build a more tailored experience for you on Twitter.
No thanks.
> Some examples of how we may use your graph data include:
> - Improved “who to follow” suggestions that share similar interests
No.
> - Adding Tweets, accounts, or other content to your timeline that we think you'll find especially interesting
Good lord, no.
> - Showing you more relevant promoted content.
Please, no.
They're likely making it better for their customers. (Hint: if you're not paying them, you are not the customer).
There's a big difference between a user and a customer. Users are the raw materials used to make the product that gets delivered to customers.
Then why do you use Twitter at all?
> Twitter is using your app graph to help build a more tailored experience for you on Twitter.
The more we can prove to advertisers we deliver targetted content, the more they will pay us.
> Improved “who to follow” suggestions that share similar interests
We will continue to suggest you to follow people who paid us but they are more likely to actually be remotely interesting to you (no promise, though).
> Adding Tweets, accounts, or other content to your timeline that we think you'll find especially interesting
See first item.
> Showing you more relevant promoted content.
See first item.
I was alarmed until I read this. It is really nice of them to choose to keep our sensitive private information private. Thanks Twitter!
( Of course I completely trust Twitter to make the right decision on which apps are considered sensitive. )
get spammed with weight loss products
The read me explains that Apple does not approve of this.
Twitter should back off on this. The goodwill lost is not worth what they are getting here.