Official site: https://www.iceblock.app/
The CNN article talks a bit more about privacy issues. This bit caught my eye:
It’s only available on iOS because Aaron says the app would have to collect information that could ultimately put users at risk to provide the same experience on Android.
I would like to see some details about this. Perhaps there’s a way to work around that problem, even if it meant publishing on F-Droid instead of Google Play.
Without open source, it could be a honey pot.
I did check to see what permissions and data it wants access to. None. That seems like a good sign.
A nefarious app might also want permissions to see all your contacts.
Edit to clarify: The app install page says only “Data Not Collected”. I would presume they would list IP and/or location if that were amongst the data collected as I have seen other apps do, but I am certainly no expert. The dev is All U Chart, Inc.
Don’t apps self-report this stuff? You presumably need to make a DB query from their backend to see any reportings in a 5mi radius, so at minimum they have your GPS coordinates and IP address (which when combined would uniquely identify you)
Iirc, permissions for iOS are required for devs to be able to use the functions/methods under those permissions.
So if the app doesn’t use them, they won’t show up as needing them.
That may be true for things like contacts, but here they have your location, and they use the network. Thus they could hoover that up and store it, even mapping everywhere you go over time in their DB.
“Apple keeps most of your location history on your device: the bits of information stored in the cloud are either end-to-end encrypted, meaning only you can decipher them, or anonymized. As such, the risk of having your location history compromised by a data breach, or by a request from law enforcement to Apple for this data, is greatly reduced.”
In this case they are anonymized. The service can tell what device is where but not what user that deviceID matches and those identifiers are rotated to make it harder to match that data up.
That’s for Apple services specifically. If I build an iOS app, I can get geo coordinates.
But if the user doesn’t create an account and the deviceID rotates frequently, is there any way to tie those coordinates at a specific time to a specific person in a large enough geographical area and provide notifications (also provided via on device only services)? That’s what it seems like the developer has said Apple facilitates better.
The also said they will have a more detailed post up July 2nd about android on their site.
Sightings are tiny and compressible you could download all the sightings then diffs and never leak anything but ip or if a VPN not even that.
that mainly applies to trackers and analytics. the company still makes backend calls to its own servers and can do whatever it wants there with the location data it collects from you
the fact that i cannot use the app at all if i deny location permissions is a red flag. there’s no reason not to have a read only mode.
there may be no trackers as the other commenter mentioned about the TechCrunch analysis, but who is this random company that owns it: ALL U Chart, Inc. They’re likely pinging back their own servers with your coords
Fake your GPS and put it inside Republican homes
Can you do that on iOS?
Easily? No. You could run an android emulator on desktop though.
you can using xcode and a manual gpx file
TechCrunch did a traffic analysis: https://techcrunch.com/2025/07/01/iceblock-an-app-for-anonymously-reporting-ice-sightings-goes-viral-overnight-after-bondi-criticism/
Looks like honey to me
Why can’t it just be a website? Why does everything have to be a fucking “app”?
Chrome?
It’s probably a security risk like Android, and the vast majority use it.
Also, apps are better at sending notifications (like ICE warnings). IMO this is a pretty decent justification for an ‘iOS only’ app.
Regarding the an Android version:
https://www.iceblock.app/android
TL,DR: “It’s difficult, so we’ll hide behind privacy excuses rather than helping the largest number of at-risk people.”
Seriously, if VPN companies and every other company that handles sensitive data anonymously can do it, so can these developers. When 70% of the worldwide smartphone user base uses Android, an iOS-only app is just not good enough anymore.
I think their argument is sounding.
Offering VPN is different from storing private information like a device ID. You don’t get notifications from your VPN.
If a person is armed and masked and does not identify itself, it is most likely a terrorist and a threat to the public.
I’m surprised how non of them were gunned down on self defense,
I think they have been. But they’re not reporting it to avoid copycats.
There was a large number of police shootings in my state when one guy opened fire on a state trooper. Then we were hearing stories every week.
So I’m supposed to believe groups of people with masks running up to folks and grabbing them haven’t been getting retaliation back?
I’m just waiting for a trial where a jury has to decide if shooting at a gang of masked unidentified men in unmarked vehicles kidnapping you or your loves ones counts as self defense.
and regardless of the verdict the supreme court will uphold the right of the state to let unidentified gangs kidnap people off the streets.
It probably helps that they are targeting decent, normal working immigrants, who are unlikely to be armed.
If they were actually going after armed gang members, they probably would be getting shot. But as we can tell by the fact they are hiding their faces, they are chicken shit losers cosplaying as tough guys targeting defenseless people because it’s easier.
Crime statistics plainly show that the immigrant community is objectively one of the least likely groups to commit any crime, let alone violent crimes.
The vast majority of immigrants fear any interaction with police that could jeopardize their path to citizenship, even before trump took office and made everything way worse. These people just want to work and go home to their families. They’re unfortunately a perfect target for fascists like Trump because they are under represented, decent people who aren’t likely to fight back at first. Remember that fascism requires a nebulous “enemy” to rally people towards. You need a group that is simultaneously “evil” and capable of great harm to the government and people, but also easily handled by “security” measures. This allows the dictator to convince the public that all these sweeping powers that are being demanded are for their own safety. And unfortunately the vast majority of people just believe the first thing they hear, and we end up in this situation.
Saw some video clip from “ice” getting beat tf up in a Haitian community. No guns on the civ side, but they were charging and tackling " ice" and not letting any of their people get kidnapped. love to see it.
I agree with every part of this except for the word “most likely,” since the incidence of ICE arrests are extremely high right now but terrorism is otherwise not.
The ICE kidnappings are terrorism.
Did you not notice I said “otherwise”?
Regardless, terrorist is a subjective term, and typically one excludes agencies with jurisdiction or organized militia; so the police, ICE, U.S. military, IDF, etc. don’t qualify regardless of your disposition toward them. This is why newspapers are usually quite hesitant to use the word “terrorist.” There’s a good case for calling the CIA (and other foreign-intelligence TLAs) terrorists though, since they operate outside of places where they have the authority to do so. Obviously, it’s semantics at the end of the day.
remember when these guys couldn’t breathe while wearing a mask during lockdown?
edit: “e”
Breath - rhymes with ‘death’, and is what comes out of your mouth
Breathe - the action of breathing
Try to remember it this way: when you add the ‘e’ on the end, you’re really breeeething.
i just can’t type worth shit on a touch screen
Hey, no judgement here.
While i agree with the point you are making, its just quite the obvious difference. Medical masks have much much denser material so they dont let water droplets through. These masks are usually just some clothing fabric that is full of big openings and really easy to breathe through.
I have tumor riddled lungs and chest muscles that don’t quite do their job any more and I was able to breath just fine with a N95 on for hours at a time. These gigantic turd burglers must be more out of shape than my dead gran if not being able to breathe was their excuse.
I can’t speak for the states but here people I absolutely know wore balaclavas and neck masks before covid also started complaining about those just the same because the medical authorities were saying it was better than nothing.
Oh yes, specially designed masks for MEDICAL purposes, designed to be usable for childreb abd the elderly are harder to breathe through for tough macho guys like this than some bullshit they bought at a gunstore.
Clearly they only care about protecting themselves and can’t be bothered to protect others.
You people are so weird. At no point did i say that medical masks are hard to breathe through. I only said that whatever they are wearing will be easier to breathe through. Obviously the standard masks are also pretty easy to breathe through, billions of people did it for 2-3 years without any major problems.
What you’re doing is white-knighting for the gestapo. That’s weird.
Quit trying ‘to be fair’ towards thugs who absolutely give zero shits about being fair to you.
To be clear: I’m not saying you aren’t factually correct. I’m saying that, in the Thunderdome of public sentiment, that sort of comment comes across as excusing fascism and that’s why people are rightfully getting pissed off at you for making it.
removed by mod
I merely said something designed formedical use is probably easier to breathe tbhough than something designed for military use. Y’know, thick materials are harder to breathe through. Wouldn’t want a wild boar, terrorist or immigrant tearing through it to reveal your identity.
So it’s probably harder to breathe through a bandit mask that than a thin little surgical one.
You people are so weird. At no point did i say that medical masks are hard to breathe through. I only said that whatever they are wearing will be easier to breathe through.
I… Erm…
These idiots didn’t wear medical masks during, I live in conservative hell and they all wore neck gaiters and kept them under their noses and still bitched that they couldn’t breathe.
Well thats fucking dumb
Nice masks. Must feel like they’re doing something wrong.
I thought they were talking about banning masks?
I love how, even when they’re using them to hide their face, half of them still don’t know how to use a mask and put it under their nose
Yeah way to advertise that you’re a mouth-breather, right?
Good stuff, but IOS only at the moment.
Edit to include link: https://www.iceblock.app/
Only for iOS… Oof.
At this point my understanding from other sources is that they can’t distribute via the android App Store in a way that uses location tracking and notifications but is still anonymous where they can with iOS because location services is device side only.
Android Location manager can get the location without Google Services and there are alternative notification services like ntfy.
EDIT: The location manager is part of the official API and ntfy is available on the play store, so apps using them will also be allowed. Besides, it’s android, you can install alternative app stores or install apps directly. Maybe it’s a good time to teach vulnerable communities how to do it safely, because using Big Tech services is not safe for them.
Fused Location Provider data sent to Google is anonymized with a temporary device id anyway. They also can’t tell if you needed location for this, maps, or Pokémon Go. But they do sometimes collect GPS, WiFi, and cell data. Not using it is more private but I don’t think it’s worth worrying about.
Yeah that doesn’t make sense to me. They could easily release it on fdroid and through a website where you can download the apk.
What a good country we live in when this app is the #1 app in the Social Networking category.
“If it’s a legitimate disappearing, the public has ways to try to shut that whole thing down.”
JUST SAY NO!!!
No Android app?
Yep. Pathetic. They think ios will save them
Super skeptical that this is a Honeypot, or they’d just make it a web app.
The developer put up more specific details: https://www.iceblock.app/android
Thanks for the link.
So the problem is that using Android’s push notification system would require ICEBlock to store people’s device IDs, which could then be used against them.
I wonder if this could be avoided by using Web Push instead of google’s native push notification system. Or perhaps some other push notification system using rotating ephemeral IDs.
Not an expert but ephemeral IDs would not give you much.
AFIK under the hoods android notifications is just… a chat app (Ehehe classic google). So for sending a notification you need to send it to the ID of your mobile. Even if you manage to convince Android to register with an additional ephemeral ID Google would be able to map the ephemeral to the real since… well… it is running on the mobile
Note this part of what I wrote:
some other push notification system
Google’s default one is not the only one.
…almost none of what is said about Android push notification is true. A lot of apps uses firebase, which does not require the creation of user accounts or whatever to send push notifications to a device.
Either they’re completely unfamiliar with it, or they don’t want to do it, but what they claim is dubious at best.
How can you tell firebase who to notify?
I guess you need a firebase id of sort… and firebase needs the device id… and firebase is an US Company… so it’s just an extra step but the result is the same. They have to store IDs that can link to devices
The same way with iOS. At some point, the third-party service have a way to link a push to a device. It does not mean that you can link an user to a device, or a specific request to a device. You get a unique ID for the notifications, yeah. And someone could tell that the app server have these ID. But that’s not particularly different with iOS. It not being exposed to the app dev directly does not mean that this info does not exist on the third-party server, that can still get asked about it.
Unless Apple found a way to magically send a message to a specific device, from a specific external server, without anyone, anywhere, having any idea where the notification should go. Which, fair, could be done by sending every messages to everyone after encrypting it for a specific recipient, but that would be a bit inefficient at this scale. The trace for push notifications exists, whether you’re using Apple or Google as the backend.
From what I’ve been reading on this lately (since this started) on iOS a method exists for a service to send out a list of locations, or references list that exists on device (this can work with date/time triggers as well) that would trigger a notification and the local device itself handles notification of the user so the developer has no idea who has been notified for all they know they just shouted locations out into the void and the on-device location services handles the rest.
https://developer.apple.com/documentation/usernotifications/unlocationnotificationtrigger
The gist of what they’re saying is we trust Apple, not Google. Both american companies. But on android it is possible to have real time notifications without google. I also didn’t like the wording of their page, read a lot like Apple apologia if not an utter advertisement - an iPhone XR costs only 50$! Don’t you guys have
phonesiPhones??Let’s go back for a second and think about the people who need this type of service the most, today, in the US. Are they Apple or Android users?
even if it meant publishing on F-Droid instead of Google Play.
Sadly this means it’s not accessible to like 95% of people, even if driven to install it.
BS,
it’s way better to release to F-droid than to just not release it at all for android.
I just got a spare vest from the security department, I could totally costume change into an ICE agent if I wanted…
Anyone can cosplay as an ICE agent; all you’ve gotta do is remove your license plate and wear a facemask+hat.
