English
中文
Deutsch
HomeArticle

Why do other apps immediately know what you just searched for?

差评2026-06-23 09:59
Now no one dares to grant permissions arbitrarily.

Have you ever had this experience:

You searched for a pair of Crocs on a social media app one day, and the next day, you saw a recommendation for the same pair of shoes on a completely unrelated shopping app...

You start to panic and recall whether you've ever mentioned this pair of shoes in the second app.

After confirming that you haven't, you start to speculate: either "these two companies must be secretly sharing my data," or "oh no, my phone's microphone is eavesdropping on me."

Although both of the above scenarios are quite absurd, especially the idea of the microphone eavesdropping, which is easily detectable through packet capture, considering the low moral standards of some internet companies, I can't guarantee that they won't do such things.

What I want to talk about today is that advertisers actually have a more covert and safer way to push a pair of Crocs in front of you across different apps:

All they need is for the app to recognize "your phone."

For example, if a phone searches for Crocs on app A, the preference is recorded under the device's name.

When the same phone is recognized on app B, the app can continue to push relevant products based on this preference. It recognizes the device, and it doesn't need to know who you are or what your name is.

So the question is, how do advertisers record this information, and how does this information leak out?

Recently, I found an app developed by a security team called Loupe.

It has only one function, which is to tell users: how much data can a phone app actually access from you? And what additional information will be exposed when you grant each additional permission?

After using this app, I really don't dare to grant permissions casually anymore. It's truly an eye - opener.

For example, when I first opened Loupe without granting any permissions, it gave me a shock.

It knows that I've set my phone's region to Singapore, I use a mixed Chinese - English keyboard, the device was activated in September 2023, I've copied 29,034 times since then, and the last time I turned on the phone was 8 days, 3 hours, and 44 minutes ago.

Moreover, it even created a profile of me. It knows that I've installed Steam and Discord, so it assumes that I'm probably a gamer. It also noticed that I've installed GitHub and Slack, so it infers that I work in the tech industry.

The above is just what's shown on the app. If you view the more detailed report, you'll find that it knows even more.

For example, it knows that my iPhone 15 Pro currently has 105GB of storage left, it's in dark mode, the screen brightness is a little over half, the battery is at 60%, and it's not plugged in. It also knows that I have dual - SIM cards, both on 5G, and even the current tilt and orientation of the phone.

You may still think that knowing these trivial things doesn't matter. Can they be used to locate us?

Indeed, they can't.

But when combined, they become the unique characteristics of this iPhone, that is, the device fingerprint. This is enough for advertisers to distinguish your iPhone from many others.

Moreover, these are just the information that Loupe can access through public APIs:

If I grant Loupe permissions such as access to the photo album and location, like other apps, what other information will it know?

I tried granting the photo album permission.

Soon, Loupe told me that there are 1,119 videos and 9,371 photos in my photo library, and 3,033 of them have location information. It also listed the places I've visited most frequently.

Don't think that the app only shows the location as "Yuhang District." This is just for easy display by Loupe.

You should know that the EXIF information in photos contains latitude and longitude accurate to about ten meters. An app can probably guess the community where I live, the place where I work, and the small county where I probably go during holidays just by analyzing the frequency and time of each location.

Now I kind of understand: Some apps can always push local activities and gossips even though I haven't granted them location permissions. Could it be because I granted them full access to the photo album for convenience?

I suggest that you set all apps to use the system's photo selector, which pops up and asks you to select specific photos for authorization. In this case, iOS won't send the photo location information to the app by default.

By the way, when you encounter pop - ups asking you to grant all permissions for "convenience," remember to click Keep Current Settings.

Next, I'll grant Loupe the local network permission to see what information it can access.

To be honest, who would think much about this permission usually? Isn't it just for connecting to a printer or screen mirroring?

But after I clicked "Allow," all my colleagues' computers on the local area network, the HP laser printer, and two Ugreen NAS devices were displayed.

Of course, it's reasonable for this permission to allow the app to see all the devices around, otherwise, it can't find the devices.

But I don't understand. Shouldn't this permission pop up only when I need to screen mirror?

Why do many apps ask for this permission as soon as they're opened?

I won't go into details about the location, Bluetooth, and calendar permissions. You can check the information in the screenshots.

In short, every time you click "Allow," the app gets to know you better, and your device fingerprint becomes clearer and more diverse.

So how does app B know the fingerprint and preferences calculated for me in app A?

The answer is advertisers.

Many apps don't develop their own advertising systems but integrate an existing advertising SDK. The splash ads and in - feed ads you see in the app are fetched from the advertising platform by this code and then displayed to you.

Meanwhile, the SDK will send the characteristics of your phone back to the advertising platform.

In this way, the preferences you leave in app A are shared by the advertising platform, and apps B, C, and D will all know about them.

It should be easier for the SDK to recognize your phone.

Apple used to issue a proper identifier called IDFV, which means "several apps under the same company share the same ID." So if you've installed several apps from the same company, it's easy for them to recognize you as the same person.

But once it comes to different companies, IDFV is no longer applicable, and IDFA comes into play. Each phone has a unique IDFA, which is universal for all apps and is specifically used by the advertising industry to recognize users across different apps.

But there's another problem.

In 2021, Apple launched App Tracking Transparency (ATT), giving users the control over the IDFA switch. If an app wants to use it, it has to pop up a window and ask you. If you click "Ask Apps Not to Track," this ID will be cleared immediately.

So in the end, advertisers have to use this device fingerprint strategy on their own.

Is this strategy really being used secretly by some apps?

Yes, it is.

The developer team of Loupe is called Mysk. They previously conducted packet captures on Facebook, Instagram, Threads, Chrome, and Spotify. They found that although these apps promised in Apple's privacy list that "they would read this information but never share it," they actually sent the user's phone boot - up time secretly.

Guys, what do you need the boot - up time for? Is your taste more unique than a Walmart plastic bag or an armed helicopter...

Actually, there's only one truth, which is to piece together the device fingerprint.

Similar things have also happened in the Android ecosystem.

In 2025, a Google research team published a paper. They analyzed 180,000 Android apps and 220,000 SDKs and found that 39.4% of the popular apps in the app store had SDKs that collected device fingerprints. If we look at dating and comic apps specifically, this number soared to 82% and 88% respectively.

OK, that's the introduction of this app.

Currently, Loupe is completely free and open - source. I think all iPhone users can give it a try (Android users may have to wait a bit).

Of course, after trying it, you don't have to be overly paranoid.

After all, advertisers have many ways to guess what you like to watch and buy, besides device fingerprints, such as similar user groups, account linking, and collaborative filtering.

I think the biggest function of Loupe is that it can let you know what data of yours is exposed and under what circumstances, so you can improve your security awareness and be more careful in daily life.

Image and data sources:

https://mysk.blog/2024/05/03/apple-required-reason-api

该文观点仅代表作者本人,36氪平台仅提供信息存储空间服务。

For media inquiries, interview requests, business collaboration and Recruit global ecological partners, please contact mohaiying@36kr.com.
Partner:startuprad.io

36kr Europe (eu.36kr.com) delivers global business and markets news, data, analysis, and video to the world, dedicated to building value and providing business service for companies’ global expansion.

© 2024 36kr.com. All rights reserved.