TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

80% Positive

Analyzed from 316 words in the discussion.

Trending Topics

#apps#setup#still#store#device#second#bits#macos#mostly#user

Discussion (15 Comments)Read Original on HackerNews

regecks42 minutes ago
Damn. The "iPhone last setup or erased on ..." is really nasty. What can a user really do about that? I feel like this should be fudged somehow by the OS.
matthewfcarlson29 minutes ago
Is the threat model tracking across multiple apps to correlate what you're doing? In that case, a single app wouldn't show you the fudging.
ramses04 minutes ago
```Based on a binomial/Poisson distribution and a baseline of 21 million U.S. device sales per release, a fingerprint relying on "seconds since setup" fails to uniquely identify individuals. In the high-density Early Adopter phase, you will share your exact setup second with an average of 1.01 other people (a total matching pool of ~2 people). Six months into the cycle, you will still share that second with an average of 0.68 other people.```

In the U.S., device setup time (to the second) very conservatively gets you clubbed into a single group of 100 individuals as an "advanced persistent threat" tracker. Even compressing activations to "80/20 during business hours" the math kindof maxes out at a pool of ~5 people, and assuming worst case "20x" of that still means you're still pretty darned identifiable.

If you get ~6-8 more bits of entropy (eg: Device Type + Capacity is easily 2-3 bits, and Time Zone is probably another 2-3 bits) you're cooked!

ChrisMarshallNY32 minutes ago
It's likely to be trolled by the WPA folks, who will insist that WPAs are just as insecure as native apps, so there's no difference ...

But very cool.

njsubedi10 minutes ago
You mean PWA?
ChrisMarshallNY9 minutes ago
Yes. Got my ps and ws mixed up. I was just reading about the Mt. Rushmore project (impressive).
paulirishabout 2 hours ago
Would love this for MacOS as well.
weikjuabout 2 hours ago
Fortunately, if you read the README (and decide to go past the “this was mostly built by AI” part,

> Loupe also builds for macOS. The Mac version is mostly complete, but a few things still need work before it's polished.

heavensteeth12 minutes ago
> and decide to go past the “this was mostly built by AI” part

I got that feeling just seeing the title use "native" as a synonym of "not a website".

bethekidyouwantabout 2 hours ago
What “apps” do you use on a mac?
VertanaNinjaiabout 1 hour ago
Probably a ton since macOS apps are literally distributed as .app bundles.
winstonwinston43 minutes ago
Though there is a difference what store apps and non-store apps can do. I think is about store apps which are “sandboxed” and have to use public api to request then access information which non-store apps can access without.
internet2000about 1 hour ago
Google Chrome, VS Code, among others
bethekidyouwant27 minutes ago
Well “they” can technically “read” anything your user can.