The original post: /r/mullvadvpn by /u/7heblackwolf on 2024-07-17 04:27:36.
I know this could be useful for the most, but according to the Apple docs, Differential Privacy takes a big step anonymizing the data sent.
As fair as I could research, most of the analytics generated are safe to send, except:
- Enhanced Beta Feedback (THE BIG NO NO for most, sends contextual data and could include non-anonymized info)
- Improve Handwashing (sends small chunks of data when white-like noise is detected)
- Improve health and activity (sends non-accurate geo-location)
- Safety data (UNCLEAR)
- Improve assistive voice features (sends audio recordings)
- Improve AR location accuracy (states that doesn't link to your account, but is linked to your surroundings and can be inferred)
So for most of the analytics created, "Share iPhone and Watch Analytics" and "Share with app developers" have DP applied and wont expose you directly or by inferred data.
Problem being (and the reason of this post) is that Mullvad seems to block BY DEFAULT on any DNS content block option, any domain request made to securemetrics.apple.com, metrics.apple.com and metrics.icloud.com.
It's important to note that Apple has beta programs which are not mainly to use future features in advance, but more importantly, to report bugs. And those domains are in charge of those reports, that are genuinely useful and user privacy-wise by using DP. So this design doesn't help the beta program at all by blocking entirely the enabled analytics. The only option is to completely disable the tracking blocker, leaving you naked to well known and malicious tracking.
I think there should be at least an small text box to enter some excluded domains/patterns to avoid blocking legitimate requests while still protected from the rest.
This can be tested by using dig command as following:
dig @100.64.0.1 securemetrics.apple.com
dig @100.64.0.7 securemetrics.apple.com
Which returns atm:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 190