iOS client leaking data to third parties without user consent?

I saw this Tweet today, indicating that the most recent version of Jitsi for iOS is making calls to third party services — what looks like crash and app performance analytics services: https://twitter.com/sayho/status/1244642096780324864

I looked at my DNS server while opening jitsi, and I saw some similar look-ups.

I know I use jitsi, as opposed to other services, for privacy reasons, and I’d prefer to disable this kind of reporting / logging, although I appreciate it is probably useful to those of you making the magic happen.

If this is new functionality, would you consider making it “active choice” when the app is first launched, so that a user can choose whether to send it or not, with an option in settings if they change their mind later?

1 Like

Hi @Neil_Brown thanks for getting in touch with us.

We get you, you need to know. So allow me to ellaborate on what the mobile apps do (since this applies to both iOS and Android).

As you’ve seen we use Amplitue for events related to appliaction usage. This allows us to understand what works and what doesn’t with the app /servie, and try and improve it. Note that this is only used when connecting to meet.jit.si, if you use your own server not a single data point is sent.

Next is Crashlytics. It’s a crash reporting tool that allows us to get crashes and stack traces. This is invaluable when running in production sine we are blind otherwise. To give you an example: since the current COVID-19 crisis started we have seen huge growth, and with that also come problems. We have made numerous app updates, almost all of them addressing crashes and problems we have seen thanks to this tool.

I’ll look into disabling Crashlytics for non meet.jit.si deployments, but I cannot guarantee we’ll be able to, since it uses system hooks to be able to get the crash data.

We are very privacy minded ourselves, and these are the minimum things we think are needed to operate the service with quality. We recently updated our privacy policy and terms of service to make it very clear: https://jitsi.org/meet-jit-si-terms-of-service/ and https://jitsi.org/meet-jit-si-privacy/

If these are insurmountable issues for you, you are welcome to use the Jitsi Meet app from F-Droid (Android only, alas). It’s built with a special build time flag which results in a “libre build”, with no Google dependencies, analytics or crsash reporting of any kind. This means that it will also be a lot harder for us to help with problems, since we are cannot see them.

Last, none of this is new. Our apps and web are open source and are available at https://github.com/jitsi/jitsi-meet including the crashlytics integration.

I hope that helps.

Cheers,

1 Like

Much appreciated. Thank you.

And boy are you all doing an amazing job right now.

2 Likes

But how do you explain the requests to the GoogleAPIs on iOS?

Are those really necessary?

I also see requests to app-measurement.com which seems to be Google Analytics for Firebase. Even if it wouldn’t send any in-app data, the request itself sends IP metadata to Google… Seems really unnecessary.

1 Like

@awlnx @lukas2511 AFAICT those are part of the Crashlytics integration. Crashlytics was a product by Fabric, but it got acquired by Google.