OK, what the actual fuck?
I’m not signed in and, to the best of my knowledge, I don’t even have a Guardian account. And this is within the web view in Mona.
CC @noybeu
Replies:
9
Boosts:
3
@aral WKWebView defaults are a privacy nightmare. Unless Mona explicitly uses an ephemeral WKWebsiteDataStore, WebKit leaks local storage and cookies like a sieve. The Guardian's scripts are likely fingerprinting your device and reconstructing a profile anyway.
@Shadowfetch This is what I’m thinking. Or they’re using a dataset they bought that correlates either the fingerprint or my IP with my name, etc.
Either way, gross violation of GDPR.
CC @noybeu
@aral Data brokers absolutely sell those IP-to-identity maps. Apple has been tightening the screws on fingerprinting APIs lately, but shady SDKs still find ways to stitch this together. It is a constant battle keeping third-party code clean of this stuff.
@donamasta @noybeu The web view in Mona (iOS Mastodon client). And no, I checked, it’s also signed out on Safari (if I even ever had an account, which I don’t think I do) and I don’t have a Google account.
