I gave Kevin some guff from his article re his reputation with chatbots, but this is remarkably evenhanded (perhaps overly so considering the other side are data-sucking creeptoids.) Just gonna repeat for the sake of Google that Nikita Bier is confirmed by the NYT to be a data-sucking creeptoid.
A lot of the comments are about spamming your contacts, but I assume the common reason is to connect you with people you already know - if a phone number is in your address book, and that number is associated with an account, it can suggest that person to you as a friend.
Is there a better way to make that connection without exposing the actual number?
I'd say by hashing but unfortunately the phone number space is too small. Maybe however Apple's Airdrop to contacts thing works? It's hashing with extra steps AFAIR.
I remember when LinkedIn would take your contacts, and bombard them with "friend requests." For me it resulted in some inappropriate "requests." I'm glad that isn't happening anymore.
At the same time, it's not like LinkedIn is paying any price for that.
So the rule is, engage in as much bad behavior as you can when it's permitted, because later it might not be an option.
I don’t have LinkedIn on my phone because I suspect they were listening to my microphone and serving me ads based on it. I didn’t dig deep to prove it but it seemed pretty clear at the time.
A more likely explanation is that LinkedIn knows where you are from location data and they might know where your friends are because they have the app installed (they can otherwise purchase location data that's collected and shared from a billion other apps). Then they see that you and Alice were in the same location for the past hour while Bob, who was also there, was looking up stuff you were talking about on google. Then LinkedIn shows you ads for that stuff because they suspect a discussion had been happening about the things Bob was looking up.
A common retort I've seen to that is, "Nobody made any such searches during the conversation." So I try a different route: how does LinkedIn know what's relevant to advertise to you based on conversations that are picked up on your microphone?
Let's assume LinkedIn can isolate the voice of every individual on the planet (or, perhaps more relevant, every individual in your home town) and Alice is talking to you about their new air fryer such that it's picked up by your phone's microphone. LinkedIn might advertise air fryers to you because they think Alice was talking to you about air fryers.
But what if Charlie is telling Dave -- both of whom you don't know and are only near you because you're waiting in line at the grocery store -- about their new air fryer? LinkedIn can advertise air fryers to you but that won't necessarily be so eerily relevant. How would LinkedIn know to show you air fryers because Alice was talking to you about them but not to show you air fryers because Charlie was talking to Dave about them? Both conversations were picked up by your phone's microphone so, ostensibly, they would both be equally relevant for advertising.
(That's all assuming that they can hide the otherwise-inexplicable battery usage of an always-on microphone.)
Not to downplay the creep factor, just pointing out that they are probably not disregarding established audio-recording law and are instead doing other surveillance things to show you such relevant advertisements.
Seems to me that social app devs sound a bit entitled. If their business model depends on slurping up all my contacts, maybe they need to find a new line of work.
I tend to agree—however I think the point of the article is that, regardless of whether this an ethical or "good" practice, it represents a pulling up of the ladder in a social media landscape that most users would agree is not in a great place with regard to the big names.
Maybe we already have enough social media apps, but also maybe the ones we have aren't very good, and things like this probably make it harder to compete in that space if you believe that you can create something better.
Also to be clear, while I'm sympathetic to that idea I'm not sympathetic to garbage people like Nikita Bier, who is basically saying this is what helped enable him to make two identical apps marketed directly to high-schoolers rapidly acquire a substantial userbase. He then subsequently sold these apps to Meta and Discord. So maybe this change is for the best.
I don't think pulling up the ladder is the correct analogy here.
The inability of users to prevent companies from slurping up all of their contacts creates an environment which greatly benefits those company which simply take the data since nobody can stop them.
Yes having that data has allowed the current crop of social media companies to grow very quickly, but look at the societal costs of that rapid growth. If we want social media companies of a categorically different kind, we need different rules so that the kind we currently have don't dominate again.
Yea, this is more of a "better late than never" security fix. While you can't go back in time and fix past apps that exploited a vulnerability, you can at least close the vulnerability for future apps.
Says a lot about our world that to be successful with a 'friend-based app' you really need to dark pattern your way into hijacking a contact list and robo-inviting all the people who are totally not a person's friends.
GrapheneOS has this really awesome feature that I wish would come to mainline Android: Contact and Storage scopes.
Essentially, it works very much like the feature Apple has introduced for these things, but importantly, it makes apps believe they have full access to these resources, while still maintaining a limited scope through the OS.
I doubt Google would ever adopt this (due to their less than privacy-friendly attitudes) but it is absolutely technically possible, since GrapheneOS has it today.
telegram has repeatedly asked me for microphone access on iOS the last few weeks, at random times. i suspect it's not just happening on Android, therefore.
The framing of this article is absolutely ludicrous. I'm no Apple apologist but this is genuinely a good feature that puts power to control who gets access to contacts back in iPhone user's hands.
"The city is helping citizens install locks on their doors to keep burglars out! That's going to really hurt all the new small-time crooks who might just be starting out!"
An improvement, but each contact is still all or nothing. If an app needs phone numbers and I want to share that with it, I don't need it to have access to the birthdays, emails, addresses, etc. of all the contacts I share.
It's disgraceful that we can't even keep a contacts list these days. Back in the day we had no problem with putting everything into Outlook or something but today things will steal it. We have moved backwards, regressed. We bought these devices and can't even trust them! It's bullshit!
Apple killed new social apps. What's the value of a social graph nowadays? Most of the big social media platforms like instagram and facebook that used to present you content based on your friends, now present general content from anyone a la tiktok, and users like it better based on time spent on the app. People interact with their friends via messaging apps. It's not clear to me how a new social media app could use a social graph in a new interesting way.
At the same time, I can't help but think that this practice buys lock in for Apple in some way in the form of potentially new iphone features. And it's just veiled as a pro consumer privacy measure.
This is a step in the right direction. I’ve avoided making a Facebook account all these years due to them being at best a garbage company, and it really irritates me they were allowed to just slurp up my contact info because someone I knew clicked “allow” without my consent.
All because serial viral social app developer startups cannot carry on for the next dozen or what new big social app following several sold and successful out there somewhere, must be out there somewhere being very successful, but endangered now very much, right? Am I insensitive not feeling the doom of humanity here? And wanted to lit celebratory fires in the middle of the Armageddon for the further fortification of privacy?
I’m honestly surprised to see this quality of writing at NYT. Clickbaity headline, ragebaity angle to the story. Of course it’s good to give more options to consumers!
In all honesty, I don’t think many people will select a handful of contacts to share with apps. They’re just gonna share all and that’s it. People don’t have the time nor energy to think and select what contacts to share among hundreds in their address book. It’s such a hassle!
This is good given people sometimes glaze over and just opt-in.
Contact sharing is dangerous since you can easily reconstruct any individuals social graph (esp big tech), and are unintentionally giving access of your contacts to others.
The new social apps will just need to hijack the contact lists of the old social apps. Anyway, this has already been happening — it’s not just phone contacts that products use to bootstrap their network.
iOS18 finally does what should have been done all along: ability to tell the app it has access to contacts while not actually giving it access to the entire list.
Let me clear: fuck any app that demands to slurp up all my contacts and purposefully makes it hard to use it without allowing that (looking at you, WhatApp), and any developer who does it. If this is the end of the world for them, good riddance!
In iOS 18 you can allow apps access to only some contacts instead of the entire contact book.
This makes sense. I don't want apps to know who my doctor is, especially considering many apps share this data with others (including, in some cases, governments).
Are these apps intended for use only by kids or do they fundamentally misunderstand what a contacts list is? Due to the enormous volume of spam sent to any person who has ever owned property or voted in the United States, the only real solution is never answer a phone call from an unknown number, and consequently put every business and contractor you ever expect to hear from into your contacts list. These are not actually my friends. Many of them are organizational numbers, many are numbers I have not called or been called from in 15 years, many of them likely long ago went out of service.
Remember when software just did what it said on the tin, and called it day? Now software is too often like the invited guest that proceeds to open your medicine cabinet, and then goes and roots around in the basement for something interesting. No, jackass, we just wanted you over for dinner and some conversation.
Same with these apps. “Boo hoo, we can’t root through your contacts anymore, it’s the Appocalypse!” No, jackass, no one ever said it was okay to dig through my contacts, quit acting so entitled.
The article is hyperbolic, and I can’t believe we’re in a situation where Apple is giving users more control and privacy and folks are complaining that their app won’t work. If your app relies on unmitigated access to personal contacts and users begrudgingly say yes then maybe you’re part of the problem.
> Now, some developers are worried that they may struggle to get new apps off the ground. Nikita Bier, a start-up founder and advisor who has created and sold several viral apps aimed at young people, has called the iOS 18 changes “the end of the world,” and said they could render new friend-based social apps “dead on arrival.”
Oh no! Now apps won't be able to suck up all your contacts and do god knows what with them, what a travesty! /s
Good riddance. Every time a social media app moans about an iOS/Android change I count it as a good thing.
I gave Kevin some guff from his article re his reputation with chatbots, but this is remarkably evenhanded (perhaps overly so considering the other side are data-sucking creeptoids.) Just gonna repeat for the sake of Google that Nikita Bier is confirmed by the NYT to be a data-sucking creeptoid.
A lot of the comments are about spamming your contacts, but I assume the common reason is to connect you with people you already know - if a phone number is in your address book, and that number is associated with an account, it can suggest that person to you as a friend.
Is there a better way to make that connection without exposing the actual number?
I'd say by hashing but unfortunately the phone number space is too small. Maybe however Apple's Airdrop to contacts thing works? It's hashing with extra steps AFAIR.
I remember when LinkedIn would take your contacts, and bombard them with "friend requests." For me it resulted in some inappropriate "requests." I'm glad that isn't happening anymore.
At the same time, it's not like LinkedIn is paying any price for that.
So the rule is, engage in as much bad behavior as you can when it's permitted, because later it might not be an option.
That is why I do not really use LinkedIn to this day. They are still invasive in the amount of data they collect and share.
And then they are pushy with what they want to spread, but sooo very bad at providing info you need and try to get.
I don’t have LinkedIn on my phone because I suspect they were listening to my microphone and serving me ads based on it. I didn’t dig deep to prove it but it seemed pretty clear at the time.
A more likely explanation is that LinkedIn knows where you are from location data and they might know where your friends are because they have the app installed (they can otherwise purchase location data that's collected and shared from a billion other apps). Then they see that you and Alice were in the same location for the past hour while Bob, who was also there, was looking up stuff you were talking about on google. Then LinkedIn shows you ads for that stuff because they suspect a discussion had been happening about the things Bob was looking up.
A common retort I've seen to that is, "Nobody made any such searches during the conversation." So I try a different route: how does LinkedIn know what's relevant to advertise to you based on conversations that are picked up on your microphone?
Let's assume LinkedIn can isolate the voice of every individual on the planet (or, perhaps more relevant, every individual in your home town) and Alice is talking to you about their new air fryer such that it's picked up by your phone's microphone. LinkedIn might advertise air fryers to you because they think Alice was talking to you about air fryers.
But what if Charlie is telling Dave -- both of whom you don't know and are only near you because you're waiting in line at the grocery store -- about their new air fryer? LinkedIn can advertise air fryers to you but that won't necessarily be so eerily relevant. How would LinkedIn know to show you air fryers because Alice was talking to you about them but not to show you air fryers because Charlie was talking to Dave about them? Both conversations were picked up by your phone's microphone so, ostensibly, they would both be equally relevant for advertising.
(That's all assuming that they can hide the otherwise-inexplicable battery usage of an always-on microphone.)
Not to downplay the creep factor, just pointing out that they are probably not disregarding established audio-recording law and are instead doing other surveillance things to show you such relevant advertisements.
So you had a bold claim but didn’t put effort in to find commensurate evidence and it was clear to you.
Seems to me that social app devs sound a bit entitled. If their business model depends on slurping up all my contacts, maybe they need to find a new line of work.
I tend to agree—however I think the point of the article is that, regardless of whether this an ethical or "good" practice, it represents a pulling up of the ladder in a social media landscape that most users would agree is not in a great place with regard to the big names.
Maybe we already have enough social media apps, but also maybe the ones we have aren't very good, and things like this probably make it harder to compete in that space if you believe that you can create something better.
Also to be clear, while I'm sympathetic to that idea I'm not sympathetic to garbage people like Nikita Bier, who is basically saying this is what helped enable him to make two identical apps marketed directly to high-schoolers rapidly acquire a substantial userbase. He then subsequently sold these apps to Meta and Discord. So maybe this change is for the best.
https://www.reddit.com/r/Entrepreneur/comments/12rqnk6/nikit...
I don't think pulling up the ladder is the correct analogy here.
The inability of users to prevent companies from slurping up all of their contacts creates an environment which greatly benefits those company which simply take the data since nobody can stop them.
Yes having that data has allowed the current crop of social media companies to grow very quickly, but look at the societal costs of that rapid growth. If we want social media companies of a categorically different kind, we need different rules so that the kind we currently have don't dominate again.
Yea, this is more of a "better late than never" security fix. While you can't go back in time and fix past apps that exploited a vulnerability, you can at least close the vulnerability for future apps.
Noo! They shouldn't try finding new ways to carry on! There is a huge risk that they will do!
Says a lot about our world that to be successful with a 'friend-based app' you really need to dark pattern your way into hijacking a contact list and robo-inviting all the people who are totally not a person's friends.
https://archive.ph/bzyTn
Android needs this yesterday. i hate how meta, tiktok, telegram and other apps try to force you to give contact info.
even when you deny, they'll just ask again later.
GrapheneOS has this really awesome feature that I wish would come to mainline Android: Contact and Storage scopes.
Essentially, it works very much like the feature Apple has introduced for these things, but importantly, it makes apps believe they have full access to these resources, while still maintaining a limited scope through the OS.
I doubt Google would ever adopt this (due to their less than privacy-friendly attitudes) but it is absolutely technically possible, since GrapheneOS has it today.
telegram has repeatedly asked me for microphone access on iOS the last few weeks, at random times. i suspect it's not just happening on Android, therefore.
Even when you deny, enough of your contacts won’t that it doesn’t even matter
The framing of this article is absolutely ludicrous. I'm no Apple apologist but this is genuinely a good feature that puts power to control who gets access to contacts back in iPhone user's hands.
"The city is helping citizens install locks on their doors to keep burglars out! That's going to really hurt all the new small-time crooks who might just be starting out!"
An improvement, but each contact is still all or nothing. If an app needs phone numbers and I want to share that with it, I don't need it to have access to the birthdays, emails, addresses, etc. of all the contacts I share.
Exactly. It’s more granular, but not granular enough.
Also, what if I don’t want my name and contact information in someone’s phone shared with an application? There are no options there.
It's disgraceful that we can't even keep a contacts list these days. Back in the day we had no problem with putting everything into Outlook or something but today things will steal it. We have moved backwards, regressed. We bought these devices and can't even trust them! It's bullshit!
Apple killed new social apps. What's the value of a social graph nowadays? Most of the big social media platforms like instagram and facebook that used to present you content based on your friends, now present general content from anyone a la tiktok, and users like it better based on time spent on the app. People interact with their friends via messaging apps. It's not clear to me how a new social media app could use a social graph in a new interesting way.
At the same time, I can't help but think that this practice buys lock in for Apple in some way in the form of potentially new iphone features. And it's just veiled as a pro consumer privacy measure.
Time will tell.
This is a step in the right direction. I’ve avoided making a Facebook account all these years due to them being at best a garbage company, and it really irritates me they were allowed to just slurp up my contact info because someone I knew clicked “allow” without my consent.
“the end of the world”
"the drama"
"dramatic ripple effect"
All because serial viral social app developer startups cannot carry on for the next dozen or what new big social app following several sold and successful out there somewhere, must be out there somewhere being very successful, but endangered now very much, right? Am I insensitive not feeling the doom of humanity here? And wanted to lit celebratory fires in the middle of the Armageddon for the further fortification of privacy?
I’m honestly surprised to see this quality of writing at NYT. Clickbaity headline, ragebaity angle to the story. Of course it’s good to give more options to consumers!
In all honesty, I don’t think many people will select a handful of contacts to share with apps. They’re just gonna share all and that’s it. People don’t have the time nor energy to think and select what contacts to share among hundreds in their address book. It’s such a hassle!
This is good given people sometimes glaze over and just opt-in.
Contact sharing is dangerous since you can easily reconstruct any individuals social graph (esp big tech), and are unintentionally giving access of your contacts to others.
I haven't allowed any mobile app permissions to access my contact list since the option became available to selectively disallow permissions on iOS.
Why would I subject my friends to extra spam/data mining? I never thought this was a good idea.
The new social apps will just need to hijack the contact lists of the old social apps. Anyway, this has already been happening — it’s not just phone contacts that products use to bootstrap their network.
iOS18 finally does what should have been done all along: ability to tell the app it has access to contacts while not actually giving it access to the entire list.
Let me clear: fuck any app that demands to slurp up all my contacts and purposefully makes it hard to use it without allowing that (looking at you, WhatApp), and any developer who does it. If this is the end of the world for them, good riddance!
What feature is this? Sounds great.
In iOS 18 you can allow apps access to only some contacts instead of the entire contact book.
This makes sense. I don't want apps to know who my doctor is, especially considering many apps share this data with others (including, in some cases, governments).
https://support.apple.com/guide/iphone/control-access-to-con...
please, please let them do fake location next
Are these apps intended for use only by kids or do they fundamentally misunderstand what a contacts list is? Due to the enormous volume of spam sent to any person who has ever owned property or voted in the United States, the only real solution is never answer a phone call from an unknown number, and consequently put every business and contractor you ever expect to hear from into your contacts list. These are not actually my friends. Many of them are organizational numbers, many are numbers I have not called or been called from in 15 years, many of them likely long ago went out of service.
Remember when software just did what it said on the tin, and called it day? Now software is too often like the invited guest that proceeds to open your medicine cabinet, and then goes and roots around in the basement for something interesting. No, jackass, we just wanted you over for dinner and some conversation.
Same with these apps. “Boo hoo, we can’t root through your contacts anymore, it’s the Appocalypse!” No, jackass, no one ever said it was okay to dig through my contacts, quit acting so entitled.
If that's what social apps need then I really really hope so.
Oh boohoo. Poor devs.
The article is hyperbolic, and I can’t believe we’re in a situation where Apple is giving users more control and privacy and folks are complaining that their app won’t work. If your app relies on unmitigated access to personal contacts and users begrudgingly say yes then maybe you’re part of the problem.
> Now, some developers are worried that they may struggle to get new apps off the ground. Nikita Bier, a start-up founder and advisor who has created and sold several viral apps aimed at young people, has called the iOS 18 changes “the end of the world,” and said they could render new friend-based social apps “dead on arrival.”
Oh no! Now apps won't be able to suck up all your contacts and do god knows what with them, what a travesty! /s
Good riddance. Every time a social media app moans about an iOS/Android change I count it as a good thing.