6/21/2026 at 7:25:01 AM
I don't understand why internet access isn't opt-in for apps. Preventing exfiltration would prevent much of this harm, and most apps don't have any need to access the internet in the first place. Why am I creating a GE account to read my blood pressure? At least I know it's taking advantage of me. But this is clearly abusive behaviorby throwaway27448
6/21/2026 at 10:20:53 AM
Because 99% of apps would request it & not function without it, desensitising users into blindly accepting it. Most apps do have a legitimate reason for accessing the internet, so a binary yes/no wouldn’t achieve much anyway.I just don’t think it’s an effective way of solving the problem.
by fizwidget
6/21/2026 at 12:58:26 PM
100% of users have legitimate reasons to block internet access for some apps.If internet access wasn't granted by default, a lot more apps would function without it.
Many other apps wouldn't exist at all, because their only reason to exist is to spy on users.
by fauigerzigerk
6/21/2026 at 8:30:46 PM
Not going to lie, it would be an absolute hell to develop an app that's actually used without getting crash/analytics.by tokioyoyo
6/22/2026 at 6:48:08 AM
Sounds like normal development up until ten years ago. Somehow we managed.by AlecSchueler
6/22/2026 at 5:43:20 PM
10 years ago we already had the same tools. 15 years ago they were starting up.If you wanna go further, 20 years ago we didn’t have that much of distribution, users, or differences in software/hardware. Shipping speeds were also much slower.
by tokioyoyo
6/22/2026 at 10:30:40 AM
We do it. We give the user the option to export debugging information and send it to us.by kevincox
6/22/2026 at 5:46:51 PM
Are your users technical people or non-technical? From my personal experience, once you pass certain number of users, most bugs are caught by your own systems through reported telemetry. It’s very rare for non-technicals to report a bug, as it’s easier to close the app and switch to competitor.by tokioyoyo
6/22/2026 at 6:38:50 PM
On iOS those are collected and sent to the developer via the OS so you would still get them via Xcode. Sentry would obviously not work.by st3fan
6/21/2026 at 10:01:35 PM
Surely this could (or should) be facilitated through the app store.by throwaway27448
6/22/2026 at 12:51:53 AM
That'd just be kicking up another lawsuit for giving app stores too much controlby BergaDev
6/21/2026 at 1:55:32 PM
The internet access permission should be implemented. Users of macOS are already accustomed to the local network access permission.Even if it's not the most effective way to raise awareness, it does put pressure on developers to be explicit about the connectivity requirements with users. It would also be a great way to audit an app's local-first / offline-first claim without having to do a network packet capture.
Want telemetry? Send it through Apple and Google. Given Apple's late history and latest trends in Android development, I see them both favoring this approach.
by evanjrowley
6/21/2026 at 5:45:52 PM
"99% of apps would request it & not function without it"Apple could refuse to publish them, then. Isn't that why we are forced to go through the App Store? Because Apple ensures every app there works in the best interest of the user?
by RedComet
6/21/2026 at 2:38:54 PM
Permission should be in the form of a capability, which need not end up on the built-in OS network capability. If an app insists on your car's steering wheel, you can be like "sure, kid, here's your Help Daddy Drive(TM)".by abecedarius
6/21/2026 at 11:33:14 PM
Internet access could be on by default for apps, with no prompt, but a toggle in Settings.by jooize
6/21/2026 at 4:14:56 PM
> Most apps do have a legitimate reason for accessing the internetI just flat out think this is bullshit
by throwaway27448
6/21/2026 at 6:17:34 PM
You are right, it is BS.Non-multiplayer games, clock, camera, contacts, phone, text message, file explorer, keyboard, launcher, notes, document viewer/editor, image viewer, audio recorder...
Most of the apps on my phone do not need internet access.
by rationalist
6/21/2026 at 6:28:49 PM
Almost all of the apps you mentioned sync data to, or access data from iCloud in the vast majority of use cases. I mention iCloud here because this submission is about iOS.That said, I'd love to have a new "Internet access" permission for apps, so users had the choice. Perhaps even separate "Allow iCloud" and "Allow Internet" but that's probably too granular for Apple's taste.
by runjake
6/21/2026 at 6:38:36 PM
For that case, iOS could just run a system daemon to shuttle the app data to/from iCloud. The app itself should not need internet access for this.I have no idea if this is what already happens, but I feel like it might be. (Why would each app have all these network connections when the system could just manage it instead?)
by arcanemachiner
6/21/2026 at 8:35:09 PM
Every single one of those, except for the games, is a pre-installed built in app. It seems like you just don't use apps.by Larrikin
6/22/2026 at 1:02:03 AM
> is a … app> you just don't use apps.
An app isn't an "app" if I don't install it?
I have banking "apps" and others which obviously do require internet access to function properly, but the hundreds of flashlight apps in the app store should not need the internet.
The app I use to back up my text messages and contacts does not need internet, but the other app that I use to copy those backup files and pictures off my phone to other computers does.
The sad thing is, even if I take steps to prevent others getting access to my contacts or text messages, sketchy companies will still get those same contacts and quite possibly most of those messages from everyone else.
We need "herd immunity" when it comes to digital privacy, but it's unlikely to ever happen.
by rationalist
6/21/2026 at 8:13:52 AM
Better yet, a tool like Little Snitch should be built into the OS. Give me a detailed log of every network requests, to which domains, with what data.by gyomu
6/21/2026 at 8:44:27 AM
This isn't effective because Little Snitch only sees the domains so apps can just serve the trackers on the same domain as essential services making blocking impossible.The only way to prevent malicious apps from affecting your privacy is to not install them or not give them network access.
by Cider9986
6/21/2026 at 8:48:00 AM
I derive lots of value from Little Snitch on my Mac, so this approach is more effective than not having anything.And yes, having the ability to deny any app network access on iOS would be great.
by gyomu
6/21/2026 at 10:13:09 AM
Yeah but it might be because you are part of a minority. Once/if this is built into the OS, the app builders will have a strong incentive to do things differently.by amelius
6/21/2026 at 12:39:06 PM
Can, but they don't, because app developers are just as lazy and don't waste time to hide their trackersby inigyou
6/21/2026 at 1:46:56 PM
They don’t because there is no reason to currently. If this was added then they would have a reason to and do it.YouTube used to be separate domains for ads and then it got merged together so that you can’t block the ads network wide without blocking YouTube videos.
by 360MustangScope
6/21/2026 at 2:34:01 PM
That's YouTube. One of the unlaziest dev teams. Spiderman Solitaire isn't going to bother.by inigyou
6/21/2026 at 12:41:19 PM
Yet.by saagarjha
6/21/2026 at 11:20:03 AM
This exists already! You can see it by going to Settings > Privacy & Security and turning on the App Privacy Report at the bottom.by prime17569
6/21/2026 at 11:34:11 AM
Thanks, I did not know about this setting. Curious to see what will show up now that it’s on.by jtmarl1n
6/21/2026 at 10:50:38 AM
If I remember correctly iPhone apps used to use the devices SSL certificates so you as a user could install your own and man-in-the-middle the traffic to see what was being sent. AFAIK now the apps use certificate pinning.by CTDOCodebases
6/21/2026 at 5:38:22 PM
Certificate pinning is actually rarer today than it was a few years ago. You see it mostly in bank apps, and some system services. It’s not a best practice.by floam
6/21/2026 at 12:41:39 PM
Apps can choose to do what they want.by saagarjha
6/22/2026 at 8:26:00 AM
I use DNS-level blocking and audit, a bit like Pi-hole, but as a commercial service I can use anywhere. Definitely blocks a lot of trackers, but probably not all.by physhster
6/21/2026 at 10:26:29 AM
It’s not quite that detailed but iOS’s builtin “app privacy report” does give a fair amount of info, including a list of domains accessed.by fizwidget
6/21/2026 at 3:01:31 PM
Yes and it should work properly instead of making unwanted initial outbound connections (macOS firewalls are broken).by Barbing
6/21/2026 at 10:31:34 AM
iPhones purchased in mainland China (with model number ending in CH/A) do provide options for setting per-app Internet access permissions. There are three options [0]: Off, WLAN only, WLAN and Cellular.[0] https://old.reddit.com/r/ios/comments/aib10i/in_china_ios_al...
by henryhchchc
6/21/2026 at 4:18:12 PM
Crazy. So they're explicitly selling crippled devices to most of the world.by throwaway27448
6/22/2026 at 10:43:21 PM
Many Chinese users actually hate this feature because of how it's designed. There's a mandatory pop-up upon the first launch of every app to ask for your choice, which can be clumsy if you're setting up a new device. If you tap the wrong option (which is common since the dialog is small and crowded), you have to go deep into system settings to restore internet access. Moreover, many foreign app developers know nothing of this and have their apps throw an error even before a Chinese user has the chance to give permission, forcing them to manually kill and reopen the app to be online, adding to the errands.by firexcy
6/21/2026 at 4:05:08 PM
What? Why is this Chinese market only? This is exactly what I wanted. There are Apps I simply don't want them to touch internet.by ksec
6/21/2026 at 6:07:16 PM
Its Chinese market only because of regulation. China mandates it. Don't implement it = you don't get to sell in China.If Apple wanted to provide this willingly they would. That its only available in China due to government regulation tells you all you need to know.
by thewebguyd
6/21/2026 at 7:17:43 PM
i got an old EU market redmi (yes im broke) and you can turn off either wifi or cellular or both for any non system app. remember apple had to put in work to actively block the feature outside of china.by tancop
6/21/2026 at 8:32:33 AM
AOSP has network as a regular permission for apps, so on Lineage at least (idk about Graphene as I haven't used it) you can disable network for any app including google play services etc. I have no idea why most phone companies remove this permission from their roms but android itself supports it perfectly fine.by reorder9695
6/21/2026 at 8:44:06 AM
It's nice to be able to toggle it (it's also possible to revoke this permission on GrapheneOS). However, it is imperfect, since apps within the same profile can still communicate through IPC, so if apps cooperate, network access can still be achieved. I would guess that Play Services is one of the larger offenders, since many apps communicate with Play Services and as far as I understand (but I may be mistaken) Play Services does work that involves internet access on behalf of other apps.You could of course disable network access to Play Services, but at least for me that broke a bunch of apps or made them unreliable.
What AOSP ROMs need besides the network permission toggle is IPC scopes functionality, akin to storage scopes.
by microtonal
6/21/2026 at 10:09:49 AM
> However, it is imperfect, since apps within the same profile can still communicate through IPC, so if apps cooperate, network access can still be achieved.Folks brings up 'IPC' as if this is some chink in the armour in AOSP. It isn't. 'Apps' pretty much on most consumer OSes can 'IPC' their way with other co-operating apps to 'achieve' network access from behind a firewall, just the same.
> since many apps communicate with Play Services and as far as I understand (but I may be mistaken) Play Services does work that involves internet access on behalf of other apps
If the OS or its privileged component will fchown the socket to the origin app, think the INTERNET permission will be enforced as expected.
by ignoramous
6/21/2026 at 12:42:27 PM
There is very little IPC that is allowed for apps that do not share a development team on iOS.by saagarjha
6/21/2026 at 7:56:50 PM
> There is very little IPCI am not familiar with iOS internals, but does "very little IPC" mean "zero IPC"? Because if we are talking IPC in the context of bypassing permission checks, I imagine, 'very little' doesn't cut it?
by ignoramous
6/22/2026 at 7:42:40 AM
I said "very little" because someone is probably going to be like "oh well you can have app A start allocating a bunch of memory and then app B gets a memory warning and this passes 1 bit of information"by saagarjha
6/22/2026 at 11:46:58 AM
Exactly: Some will use "IPC" as a stand in for side channels / memory safety, if it suits their agenda. I don't think it is a valid argument to make that the permission model is broken because "IPC".by ignoramous
6/21/2026 at 8:22:26 PM
What stops the app from opening a link in Safari to trackmyshit.com/uuid-uuid-uuid-uuid that closes itself.by fragmede
6/22/2026 at 7:43:43 AM
You'd need Safari to keep cookies and other persistent storage for the site.by saagarjha
6/21/2026 at 12:40:31 PM
GrapheneOS has user profiles, but they're too heavyweight for most uses.by inigyou
6/21/2026 at 6:48:39 PM
Profiles are a thing in "stock" Android too, they just don't have the toggle to disallow them working in the background, the "Install available apps" option and Google services also keep working across profiles.If you want something less disruptive for isolation, there's Private Space. What I like is that this can stop apps there from working in the background on stock Android as well.
by Hoodedcrow
6/21/2026 at 12:39:46 PM
GrapheneOS not only has this permission, but it asks you every time you install an app.by inigyou
6/21/2026 at 11:58:24 AM
Can confirm Graphene also has itby Hoodedcrow
6/21/2026 at 1:24:49 PM
Because exposed, non-private, abused by-default is a business model. The company is incentivised to not provide restricted access - otherwise you can't have a cut from apps revenue. It's defective by design.by nobody42
6/21/2026 at 2:59:41 PM
Shocked to see iPhones sold in China are less defective by design on this one point, from another comment. It has surely reduced Genius Bar visits but it’s also harmed my privacy.by Barbing
6/21/2026 at 7:29:17 AM
GrapheneOS lets you restrict the internet access of any app on install.But yes, agreed it should be everywhere.
by hellcow
6/21/2026 at 8:46:56 AM
See my comment upthread, it helps a bit, but does not close this hole since apps within the same profile can communicate through IPC, so other apps could provide network access on their behalf. I think the best example is probably Play Services, which provides functionality for a lot of apps and will communicate with Google, etc.(Yes, you can disable network access to Play Services, but it sometimes breaks things and the general point of IPC as a hole still stands.)
by microtonal
6/21/2026 at 9:13:58 AM
I'm not an Android user. What's a profile? Is that a user thing or a developer thing?by deanishe
6/21/2026 at 9:40:38 AM
You can make different profiles. They can have different unlock methods and can have different apps installed. If you have one app installed in both it's shared.They were designed so multiple people could use one device.
Some people use them to separate identities or contain apps they view as bad. I'm not sure if the efficacy of this.
Grapheneos improves them significantly https://grapheneos.org/features#improved-user-profiles
by Cider9986
6/21/2026 at 9:39:18 AM
It is a user thing, you can set up multiple profiles and install apps into each of them. These profiles are isolated from each other. I think they started out as a way of separating private and work apps/data, but you can have many of them. See e.g.:by microtonal
6/21/2026 at 12:42:02 PM
On GrapheneOS, it's like a container, or a virtual phone. Apps in different profiles (and you can install the same app in more than one profile) can't see each other and theoretically can't even tell they're running on the same phone (although I'm sure there are leaks like IP address)by inigyou
6/21/2026 at 8:17:53 AM
And you can limit which contacts you share with nosy app like WhatsApp, and give access to only specific scope of file folders. Horrifying to think all the years every app got everything it wanted and did not have to ask and couldn't be stopped (I had a rooted phone for firewall capability for a while )by backscratches
6/21/2026 at 7:34:11 AM
Yeah it asks on app install if you want to grant network permissions. It's just a little checkbox. You can of course manage it afterwards in app settings or permissions manager.They also added the sensors permission.
by Cider9986
6/21/2026 at 12:12:22 PM
You don't need graphene for this, I've been able to do this on plain android for ages.by nubinetwork
6/21/2026 at 10:18:21 AM
iOS lets you turn off data access (so outside of wifi) for apps as well, it's just not asked at install, which honestly makes sense given the demographics of iPhone users.by iLoveOncall
6/21/2026 at 12:54:03 PM
Which is useless for 99% of users since they use Wi-Fi at some point in the entire phones lifetime….by DavideNL
6/21/2026 at 8:37:19 PM
>most apps don't have any need to access the internet in the first place.It would severely depend on how you categorize "most apps" because I would say I pretty much only use apps that need the Internet, barring Calculator, Camera, and a PDF reader (only because I prefer how it zooms books vs browser. Everything else implicitly needs the Internet as that app is just a better UI to using their mobile web site, if they even offer one.
by dessimus
6/21/2026 at 9:39:25 PM
Apps are more than just a gateway to content. Your phone is also useful as a tool in itself. Most health, hardware, creative, and productivity apps do not need access to the internet. Even downloading, say, content packs could be done via icloud if apple cared about privacy. Syncing with icloud and not some rando company's probably insecure webapp is a great deal of the appeal of an app store in the first place.by throwaway27448
6/22/2026 at 6:43:02 PM
It is opt-in on iOS for Applications. Applications have to declare upfront what sites they will communicate with.It is called app transport security. if you don't set it up your app boots in a sandbox with no network.
Settings -> Privacy Security -> App Privacy Report
Unfortunately 1 - as a _user_ you cannot opt-in or out. I wish Apple would take the next step and let us select which sites an app is not allowed to communicate with. Or ideally even globally for all apps.
Unfortunately 2 - the list of sites the app wants to communicate with is not clearly communicated upfront like before you install.
Unfortunately 3 - the list can also contain wildcard domains
Small steps - they really need to push this to the next phase IMO.
by st3fan
6/21/2026 at 10:38:13 AM
This resonates from the dev side. I made an offline photo search app a while back — you search your library in plain language ("a boy and a girl by the river"), CLIP embeddings all computed on device. It needs full photo access but I deliberately requested zero network permission. Was kind of proud of that.Problem is there's no way for users to actually know that. iOS has no "this app can't reach the internet" indicator, so the whole guarantee is invisible. I even had people assume the opposite — app reads your whole library, therefore it must be uploading it somewhere. Exactly backwards.
by mazzystar
6/21/2026 at 11:46:50 AM
Fantastic work. I regret I can't use it, because this is exactly what I'm looking for for quite a while, but it seems to be an impossible task (I need it on android).by subscribed
6/21/2026 at 2:28:29 PM
The evolution of development was to make things easy and simple for the consumer. If internet was an opt-in (and it cannot be opt-out), then app function would be ostensibly limited. And the user would be given a harder time setting things up.This is the Apple mindset. Make things easy. Do not make things complicated.
by nashashmi
6/21/2026 at 4:21:25 PM
The attitude was never "don't give the user control", though. Until ios.by throwaway27448
6/21/2026 at 12:31:45 PM
Curiously, the Mac App Store sandbox has a com.apple.security.network.client entitlement that a developer must justify to Apple, whereas the iOS App Store does not, allowing unrestricted access to the internet.by lapcat
6/21/2026 at 7:33:48 PM
iPhones sold in China have that in settings, you can block both WLAN(Wi-Fi) and Cellular data per app. Why that turned out to be a nightmare is a different storyby yftsui
6/21/2026 at 8:23:52 PM
What's the story?by fragmede
6/21/2026 at 7:04:29 PM
> most apps don't have any need to access the internet in the first placeCitation needed.
Looking through my phone the vast majority of third party apps I have installed obviously require internet access:
- Social media
- Travel (rideshare/airlines/hotels)
- Streaming
- Finance (credit cards/banks)
- Shopping
Not counting built-in apps like the calculator I'd estimate 80-90% of the apps I have installed require internet access.
by nodamage
6/21/2026 at 8:12:16 PM
It's a selection bias issue. The categories you have listed are essentially web services wrapped in an app shell. Of course they need the internet. Consider these examples:- Photo/Video editors - Snapsheed, Lightroom, Video trimmers etc.
- Document readers & scanners - PDF viewers, e-readers, OCR scanners
- Note taking - Obsidian
- File/Password managers - Authenticators etc.
- Single player games - Chess, puzzles etc.
- Audio/Video players - VLC players
We've just become conditioned to accept that every app needs to phone home for tracking and ad-delivery.
by coffeecoders
6/22/2026 at 10:34:58 AM
A photo/video editor may include the ability to upload images to a sharing service/social media.PDF viewers (like GoodReader) can download a PDF from a URL, or read it from a network drive.
Obsidian has functions that need internet access (e.g., connecting to the Obsidian sync servers, installing community plugins).
Password managers often have a sync feature.
A video player may be able to play files hosted on remote servers or network drives.
They should be useable without an internet connection, but it's entirely reasonable for them to request permissions for network access.
by jamessb
6/22/2026 at 1:57:36 AM
I suppose i use a computer for all of this. Do you not get any utility out of your phone beyond being a glorified frontend to a browser? I use it to track my health, to take and organize photos, to document my life in myriad ways, to compose and edit text/video/music, and virtually none of this requires internet beyond icloud syncing/drive.by throwaway27448