As a follow-on to these questions:
What unique fingerprinting information can an iOS7 app collect?
What unique device fingerprinting information can an iOS8 app collect?
What unique device fingerprinting information can an iOS9 app collect?
What unique fingerprinting information can an iOS 10 app collect?
Apple Progress:
iOS 11 removed "Integrated" Apps like Facebook and Twitter, due to availability of share sheets.
iOS 11 removed ability for apps to access MAC addresses of devices on the same Wi-Fi network), due to privacy abuses by apps. Since iOS 7, apps can't access the MAC address of the user device.
WebKit (iOS 11 & Mac OS) has new protections against HSTS Fingerprinting, due to in-the-wild abuses.
Open Questions:
As always there is basic system info available similar to what any web page can access: IP address, HTTP headers, etc. Many of these are low entropy or can be changed by the user through various means, but it may be possible to combine enough for a reasonable identification. Or for reasonable enough correlation for cross-device tracking.
It appears that apps can only get enhanced information about a Wi-Fi hotspot with a special entitlement from Apple (it's not clear to the layperson exactly what information). However, there does appear to be a way to obtain network name of the current Wi-Fi network, which is a problem because it can allow location tracking and therefore also correlations to other people or sensitive places.
There are apps in the app store that show system information like uptime, battery level, disk size and usage, memory size and usage, network usage, LAN IP address, etc. These became more restricted in iOS 9 and iOS 10, but is there any review, entitlement, or other mechanism to keep access to these system elements out of typical app or app 3rd-party code?
Is accelerometer and gyroscope data available to apps freely, or does it require "Motion and Fitness" access?
What uses exist of persistent data stores by apps, or by apps across an app group, that survive app (or app group) deletion? Are there any persistent data stores that survive device erase and restore, that can be accessed by an app after restore?
Are there any other fingerprinting vectors or open questions?
In general, what remaining device fingerprinting privacy / security vulnerabilities still exist as of iOS 11, particularly those that have no user settings or user actions that can thwart them?
