Overcast 4.2: The privacy update
Overcast 4.2 is out now. It enhances privacy in two major areas:
Anonymous sync by default
Overcast has offered anonymous sync accounts since 2014. They’re fully functional, but they lack email addresses or passwords, so they can’t log into the website. A login token is stored in iCloud so the account can be accessed after a restore or upgrade, or from other devices you own.
Previously, the login screen pushed email logins. But with four years of perspective, feedback, and usage data, I now think that’s the wrong move. Only a single-digit percentage of customers use the website, and the iCloud token-sync method solves cross-device logins for almost everyone.
Your personal data isn’t my business — it’s a liability. I want as little as possible. I don’t even log IP addresses anymore.
If I don’t need your email address, I really don’t want it.
68% of Overcast accounts have email addresses today. To reduce that as much as possible, I’ve made major changes to account handling:
The previous login screen (left) and the new one.
In Overcast 4.2, the login screen now prominently encourages anonymous accounts by default.
If you already have an account in iCloud, it’ll pop up a dialog box over this screen asking if you want to use it.
And the first time you launch 4.2, people with email-based accounts will be encouraged to migrate them to anonymous accounts:
The migration prompt that shows on the first run.
Finally, you can now change your account between email-based and anonymous whenever you want.
Blocking ad-tracking images
In most podcast apps, podcasts are downloaded automatically in the background. The only data sent to a podcast’s publisher about you or your behavior is your IP address and the app’s name. The IP address lets them derive your approximate region, but not much else.
They don’t know exactly who you are, whether you listened, when you listened, how far you listened, or whether you skipped certain parts.
Some large podcast producers are trying very hard to change that.
I’m not.
Big data ruined the web, and I’m not going to help bring it to podcasts. Publishers already get enough from Apple to inform ad rates and make content decisions — they don’t need more data from my customers. Podcasting has thrived, grown, and made tons of money for tons of people under the current model for over a decade. We already have all the data we need.
One of the ways publishers try to get around the limitations of the current model is by embedding remote images or invisible “tracking pixels” in each episode’s HTML show notes. When displayed in most apps, the images are automatically loaded from an analytics server, which can then record and track more information about you.
In Overcast 4.2, much like Mail (and for the same reason), remote images don’t load by default. A tappable placeholder shows you where each image will load from, and you can decide whether to load it or not.
I believe I’ve done this in the most secure way possible — I’m actually displaying the show notes using a strict Content Security Policy — and I would love to hear from anyone who finds a way to inject auto-loading remote images or execute arbitrary JavaScript in show notes.
Bug fixes
Overcast 4.2 also includes a bunch of minor fixes, and two big ones:
- Fixed the major slowdowns and high battery usage that resulted from extremely large podcast artwork.
- Password-protected episodes are now supported on password-protected feeds.