IDFA is Sandbox-specific

Originator:blochberger.max
Number:rdar://46310193 Date Originated:2018-11-28
Status:Open Resolved:
Product:macOS Product Version:10.14
Classification: Reproducible:yes
 
Since macOS 10.14 the Identifier for Advertisers (IDFA) is available on macOS as well. The implementation however is flawed in a way that defeats the whole purpose of the IDFA. The IDFA is unique per sandbox container, at one hand not respecting user configuration, and at the other hand not shared between different applications.

Steps to Reproduce:
You can use my IDFA project [1] in order to quickly reproduce the issue.

Build the "IDFA_macOS" target and run it.
Compare the IDFA displayed by the demo application with the one returned by  `defaults read com.apple.AdLib AD_DEVICE_IDFA`. They are different, indicating that the user configuration is not respected.

The IDFA displayed in the demo application is stored in `~/Library/Containers/<bundle identifier>/Data/Library/Preferences/com.apple.AdLib.plist` which is not copied from the user configuration at `~/Library/Preferences/com.apple.AdLib.plist`.

Change the bundle identifier of the demo application and run it alongside the other process (with the old bundle identifier). The IDFA will be different, again. The clear function will not affect the other process (unless the two processes share the same sandbox container).

If the demo application is run without sandboxing the IDFA will be different as well – which I think is unexpected. I did not look further into this.

Expected Results:
The IDFA should work as on iOS. It should be equal for all applications (whether they are sandboxed or not).

Actual Results:
The IDFA is unique for each application container – defeating the whole purpose of the IDFA.

Since the user configuration is not respected, there is currently no way for application developers to see whether the user has opted out of Ad tracking.

[1] https://github.com/blochberger/IDFA

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!