962
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 01 Jul 2025
962 points (100.0% liked)
News
30709 readers
3112 users here now
Welcome to the News community!
Rules:
1. Be civil
Attack the argument, not the person. No racism/sexism/bigotry. Good faith argumentation only. This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban. Do not respond to rule-breaking content; report it and move on.
2. All posts should contain a source (url) that is as reliable and unbiased as possible and must only contain one link.
Obvious right or left wing sources will be removed at the mods discretion. Supporting links can be added in comments or posted seperately but not to the post body.
3. No bots, spam or self-promotion.
Only approved bots, which follow the guidelines for bots set by the instance, are allowed.
4. Post titles should be the same as the article used as source.
Posts which titles don’t match the source won’t be removed, but the autoMod will notify you, and if your title misrepresents the original article, the post will be deleted. If the site changed their headline, the bot might still contact you, just ignore it, we won’t delete your post.
5. Only recent news is allowed.
Posts must be news from the most recent 30 days.
6. All posts must be news articles.
No opinion pieces, Listicles, editorials or celebrity gossip is allowed. All posts will be judged on a case-by-case basis.
7. No duplicate posts.
If a source you used was already posted by someone else, the autoMod will leave a message. Please remove your post if the autoMod is correct. If the post that matches your post is very old, we refer you to rule 5.
8. Misinformation is prohibited.
Misinformation / propaganda is strictly prohibited. Any comment or post containing or linking to misinformation will be removed. If you feel that your post has been removed in error, credible sources must be provided.
9. No link shorteners.
The auto mod will contact you if a link shortener is detected, please delete your post if they are right.
10. Don't copy entire article in your post body
For copyright reasons, you are not allowed to copy an entire article into your post body. This is an instance wide rule, that is strictly enforced in this community.
founded 2 years ago
MODERATORS
Without open source, it could be a honey pot.
I did check to see what permissions and data it wants access to. None. That seems like a good sign.
A nefarious app might also want permissions to see all your contacts.
Edit to clarify: The app install page says only "Data Not Collected". I would presume they would list IP and/or location if that were amongst the data collected as I have seen other apps do, but I am certainly no expert. The dev is All U Chart, Inc.
Don’t apps self-report this stuff? You presumably need to make a DB query from their backend to see any reportings in a 5mi radius, so at minimum they have your GPS coordinates and IP address (which when combined would uniquely identify you)
Iirc, permissions for iOS are required for devs to be able to use the functions/methods under those permissions.
So if the app doesn't use them, they won't show up as needing them.
That may be true for things like contacts, but here they have your location, and they use the network. Thus they could hoover that up and store it, even mapping everywhere you go over time in their DB.
"Apple keeps most of your location history on your device: the bits of information stored in the cloud are either end-to-end encrypted, meaning only you can decipher them, or anonymized. As such, the risk of having your location history compromised by a data breach, or by a request from law enforcement to Apple for this data, is greatly reduced."
In this case they are anonymized. The service can tell what device is where but not what user that deviceID matches and those identifiers are rotated to make it harder to match that data up.
From: https://privacyinternational.org/guide-step/5537/guide-keeping-your-mobile-phones-location-history-private
That’s for Apple services specifically. If I build an iOS app, I can get geo coordinates.
But if the user doesn't create an account and the deviceID rotates frequently, is there any way to tie those coordinates at a specific time to a specific person in a large enough geographical area and provide notifications (also provided via on device only services)? That's what it seems like the developer has said Apple facilitates better.
The also said they will have a more detailed post up July 2nd about android on their site.
See also: https://techcrunch.com/2025/07/01/iceblock-an-app-for-anonymously-reporting-ice-sightings-goes-viral-overnight-after-bondi-criticism/
The point they're trying to make is that while Apple location collects anonymized data, the app itself could collect that data and send it off with a unique identifier. Like Strava except it's spyware. It has location and internet permissions, and the App Store data privacy thing is self reported and not necessarily factual. We can't know unless we dissect the app because it's not open source. Right now it seems they're not doing that, but nothing is stopping them.
Android's Fused Location Provider, even though it's provided by Google Play Services, works in the same way and is just as private as Apple's location API. They are both on device with anonymized data sent back. So IDK what the devs are talking about. But I am interested in their blog post.
The post is up: https://www.iceblock.app/android
Turns out it's about the notifications not the location, though it still indirectly is about location since the notifications are geographically specific.
Sightings are tiny and compressible you could download all the sightings then diffs and never leak anything but ip or if a VPN not even that.
that mainly applies to trackers and analytics. the company still makes backend calls to its own servers and can do whatever it wants there with the location data it collects from you
TechCrunch did a traffic analysis: https://techcrunch.com/2025/07/01/iceblock-an-app-for-anonymously-reporting-ice-sightings-goes-viral-overnight-after-bondi-criticism/
the fact that i cannot use the app at all if i deny location permissions is a red flag. there’s no reason not to have a read only mode.
there may be no trackers as the other commenter mentioned about the TechCrunch analysis, but who is this random company that owns it: ALL U Chart, Inc. They’re likely pinging back their own servers with your coords
Fake your GPS and put it inside Republican homes
Can you do that on iOS?
Easily? No. You could run an android emulator on desktop though.
you can using xcode and a manual gpx file
Looks like honey to me