Remember the CSAM scanning debacle almost a year ago? I and others speculated that the reason Apple was trying to make the CSAM-scanning and Safety Vouchers client-side was so that they would be able to allow E2E encryption while having a plausible reason to shut down law enforcement's biggest argument against E2E.
I could have sworn apple even straight up said that was their goal?
Maybe I am just misremembering since like you I figured that was the reason they were doing it, no other reason to do something like that if it was all going too sit there unencrypted.
No, they didn't say anything like that at the time, so I was even downvoted on HN and argued with for making the suggestion. Because Apple was definitely just being evil and had no bigger picture.
That's a very optimistic point of view. On the other hand, I and others speculated that the reason Apple wants to introduce code on your device that scans local content on your device against a government mandated database of "wrong content" was to appease law enforcement's desire for more control.
I don't understand how your other hand argument is more pessimistic. Isn't your phone scanning locally for checksums better than requiring the data to be unencrypted and scannable server-side? Surely they couldn't just do _nothing_.
edit: I take this back—"nothing" should be the right answer.
_nothing_ is exactly what I expect them to do when it comes to my local files.
We all like to vilify Microsoft (rightfully so for all the telemetry crap they pull) but imagine if Windows started scanning all your local disks for files matching certain checksums then notifying authorities when matches occur (thumbnails / other metadata uploaded with the reports) like Apple was planning. Sure, it'll be CSAM first. Then, domestic terrorism; then RIAA / MPAA would jump in on the action... and finally, opaque checksum databases from local governments ("wrong think", Winnie the Pooh memes, pictures from protests, etc.) ; if we don't stop it in its infancy we're quickly tumbling down the slippery slope.
The "damn spec" clearly stated that they would be introducing functionality on your device that is capable of scanning content on your device and matching that against a database of opaque hashes downloaded from a 3rd party. That's functionality I don't want on my device.
FWIW, I don't use iCloud and never have used it; I don't care if they scan content once uploaded (it's their servers and I'm confident they'll continue scanning content there no matter how "E2EE" it is - see China and key sharing). As long as they keep their scanning on their devices and off of my device it's all good.
People don't care about them scanning the files, they care about them doing it on their own device. People read the damn spec, and that's why they disagreed with it.
> The CSAM scanning was only enabled if you had iCloud uploads enable.
This is nonsensical. iCloud Photos is not e2ee and Apple already scans everything serverside. There is no need for redundant clientside scanning of iCloud Photos.
The clientside scanning is only needed in the cases where:
They wanted to enable #2 with the local CSAM scan. That way the authorities wouldn't have a reason to ask for cloud data to be decrypted. And Apple could lock it so that they couldn't de-encrypt it even if they wanted to.
Apple actively doesn't want to know your shit or analyse it on their servers. That's why they constantly do things on-device even if it's of worse quality than Google's approach of doing everything in the cloud.
Apple is a business and does indeed "want to know your shit" for many legitimate revenue-generating activities, such as growing their services business, a top priority for the company.
It seems to me a little bit suspect that they wanted to do clientside scanning as a prerequisite for e2ee, as if they simply would not be allowed to publish society-wide e2ee privacy software (without government/regulatory retaliation) without such a law enforcement backdoor. This screams of prior restraint and we should be loudly asking our legislators why the fuck the FBI is pressuring Apple about what software they do or do not publish.
Every day the US government takes more steps to erode our civil rights, even against the largest companies in the world. Someone needs to rein them in.
It wouldn't stop at CSAM. Along side it in urgency of appeal to fear is counter-terrorism* . Next would be drug dealing, threats of violence. Then copyright infringement. And finally Amber Alerts and silver alerts. A backdoor or warrant-less search for one category is a backdoor for all. The point is for government power to trump privacy.
*The definition of terrorism depends on your jurisdiction.
While the on-device CSAM scanning was a huge overreach I'm not sure how you could leverage that system for things like Amber/silver alerts or threats of violence. It's not really backdoor, more of a snitch system.
The section of the announcement is emphatically about 3rd party security keys support, so the worry about lack of support of YubiKey over some push for some imaginary Apple Dedicated Key didn't make much sense to me.
Also, security key (at least to me) implies a small, keychain sized device. I wouldn't think of calling my Mac Studio a security key. There is no device marketed as such, even though yes, the SEP can and has fulfilled these purposes.
Given they already support standard WebAuthn (passkey or other), I think it’s a pretty safe guess to say they’ll support Yubikeys. I can’t find any written confirmation yet though.
I don’t think this is directly related to the E2EE announcement, rather it is an option to replace the current MFA method of receiving codes on your Apple devices.
That's what I am most looking forward to. I hope they also allow you to disable the phone-based recovery scheme that is just a boulevard for SIM-swapping hackers to breach through.
(This comment was posted when the linked URL was https://www.apple.com/newsroom/2022/12/apple-advances-user-s..., which contains the physical security key announcement as well as the E2EE stuff. If there's a better URL for the security key announcement, we can factor this topic into its own thread, since it's a minority topic in this one and mostly getting overlooked.)
> The new encryption system, which will be tested by early users starting Wednesday, will roll out as an option in the U.S. by year’s end, and then worldwide including China in 2023, Mr. Federighi said.
They seem to be abandoning China, they are planning to move some 40% of the total iPhone production to India within the next couple of years, so China might not have all that much leverage.
The times have changed in the past 5 years, going all out on China is simply untenable. Leaving China on the other hand is positive PR.
Just because Apple couldn't officially sell any iPhones in China doesn't mean that the Chinese public would suddently stop coveting them. I don't think they'd blame Apple if it came to that.
They have to respect the laws of the countries they operate in but they don't necessarily have to do so silently.
If you go to set up encrypted backups and find out the feature isn't available or get a message saying something like "Feature cannot be activated in China, Turkey, and Russia", that's better than the feature not being available anywhere.
Even better security would be to allow users into their own devices. This would mean that critical data just wouldn't leave the device via the network.
(letting users into their own devices means the ability to access the entire device, examine what their device is doing, and firewall it if wanted)
1. iMessage without internet would be tricky.
2. You don’t have to backup in iCloud. Just plug your phone on a Mac or Windows computer with iTunes installed and backup it locally.
It‘s ridiculous that I can only backup my (iOS) device to either a computer via USB (what is this, 2005?) or to the cloud.
Just let me use my local Time Machine backup server!
Sadly, I am convinced I'll never see that feature – it would basically remove the need for any iCloud subscription for me and thereby undermine Apple's "service" efforts too much.
They do. Parent just wants to back up directly to a Time Machine backup, rather than backing up to computer, then backing that up to TM.
A reasonable desire, but clearly niche enough that it's unlikely to come to pass. (Particularly since, given what little I've seen of how Time Machine works, it would likely require some quite significant dev work on Apple's end to enable.)
Yes, to its local storage only, which makes it completely useless to me. (I have more data on my phone than on my computer, and I can't be the only one.)
> TM doesn’t make much sense without the Finder’s interface.
Why? I can even already connect to the same SMB mount that holds my Mac's backup via my iPhone's "Files" app. Just let me backup to that!
Yes, but I don't want that data on my Mac in the first place. It takes up almost all disk space there, completely needlessly.
(Actually it doesn't – I symlinked the backup directory to an external drive, and fortunately ~iTunes~ Finder follows that. But this is something completely unrealistic to ask of an average user, in my opinion.)
True. My situation is probably different: I've got a fairly large disk (1TB), and a tiny phone (16GB). I guess they prefer to sell iCloud subscriptions.
I think other commenters are missing your point: an iPhone should be able to back up to a "server" the same way a macbook does. I have a 24 TB NAS with Time Machine on it so the phone should be able to backup to it (over wifi, usb, whatever) the same way it does to a Mac. And this should be possible out of the box by-design (not by using Linux based tools to backup the iPhone in ways Macs do not let you do).
That's still not access to the data. That's limited access to data that Apple allows. I remember when Tinder stored their messages in a local unencrypted SQLite database. I wanted to save the conversations between my GF and myself, but I had to get an Android phone and extract the db manually as I couldn't do that with my iPhone at the time.
One can argue the iOS approach was more secure, since someone getting hold of your iPhone wouldn’t be able to snoop on your Tinder messages.
On the other hand I appreciate the hackability, and it is your data. If you’re in the EU, maybe you could have made a GDPR request to get the messages in a database.
Ultimately I don’t disagree with this iOS choice because we’re the odd ones; I understand the decision to put the privacy of “regular users” above a niche developer method which could be exploited more than used in a legitimate way.
It feels to me the correct solution in this case is that Tinder’s database should be encrypted on both iOS and Android and they would provide a way to export chats.
> On the other hand I appreciate the hackability, and it is your data.
I really think this is the wrong attitude and the result of boiling frogs. Having access to data on our devices should be a given. To me it makes me think of the non-touch iPods of yesteryear. Music files were obfuscated on the device by shoving into human-unfriendly folders and filenames. The argument that this was to avoid music piracy is laughable since we originally had DRM'd music for downloads. The database was proprietary and undocumented which meant the only real way to get music on the device was through iTunes. It also meant that unless your ID3 tags were really good and you went through the process to copy all the tracks off and rename them, your music was locked to your device.
Even then, at least you _had_ a way of getting your music back. I'm not going to say E2EE isn't good or that the security protocols put into place for modern OS's isn't important, but imo it's eroding ownership of data and killing third party businesses. Everything has to be done through a web API now, which means your data has to exist in the cloud. This isn't good.
> I really think this is the wrong attitude (…). Having access to data on our devices should be a given.
I don’t get your post. You quote a part to disagree with but everything after that agrees with it. I did say you should have access to your data. I did not say you should have DRM, or that your data should exist in the cloud, or that you should have to access it through an API. I also said “feels to me the correct solution in this case is”. In this case where we are discussing personal, private, possibly sensitive conversations. That has nothing to do with downloaded music, purchased or pirated.
> the result of boiling frogs.
That’s a myth¹, but it wouldn’t apply anyway. I don’t agree with Apple’s decision in the case you presented, but I do agree with it in the other instance. It isn’t incongruent to believe you should have access to your data while also believing it should be reasonably protected from snooping bad actors.
¹ From https://en.wikipedia.org/wiki/Boiling_frog: “While some 19th-century experiments suggested that the underlying premise is true if the heating is sufficiently gradual, according to modern biologists the premise is false: changing location is a natural thermoregulation strategy for frogs and other ectotherms, and is necessary for survival in the wild. A frog that is gradually heated will jump out. Furthermore, a frog placed into already boiling water will die immediately, not jump out.”
this wouldn't backup the apps, and app private data
for example, if your phone was running myapp 1.0 and 1.1 was out, restoring might cause your phone to download myapp 1.1
Also, I think if you had 20 kindle books in the kindle app on your phone and backed it up, after restoring you would have no books. You would have to redownload them all.
(strangely, I wonder if you have icloud backups, do these kinds of thing count against your storage space?)
Wow, Apple enabling E2EE for backup is huge, since before they would bypass iMessage security by including your iMessage keys in the unencrypted cloud backup (so governments could request that copy then watch your messages in real time).
I’m sure they’ll get pushback for closing this loophole
They planned to scan only the files that would end up in the cloud anyway.
iCloud off -> no local CSAM scan.
Local CSAM scan with multiple failsafes (+ actual person checking) + E2EE iCloud -> zero need to allow law enforcement access to iCloud servers. This would also mean that Apple cloud've encrypted them in such a way that even they can't access them.
I’m not quite sure what you’re getting at. It’s not a sin to comment on a security issue while the issue still exists. Furthermore, correcting a security issue doesn’t render somebody immune to all complaints on future security issues.
But in some cases, that's the point. A well written press release will often gloss over potentially relevant/important details that a neutral source will not.
The difference is that the HN comment thread will rarely have insights that a reporter can often provide after following up with their inside contacts.
Edit: on reflection, I don’t agree with this and wrote this too hastily. I’d still prefer 3rd party by default and believe it’s often a better basis for a discussion.
Reporters rarely add much unless they've got several days to do an analysis piece, which there are very few of. And is never the case for breaking news.
HN threads regularly supply oodles of context and counterpoints you don't find in any articles anywhere. Which is one of the big reasons we come here, right?
I probably wrote that too hastily, and will give you that many threads are indeed deeply insightful by themselves.
I still believe that a 3rd party source that at least has a chance of being more objective than a company issued press release is the ideal basis on which to form a discussion.
I have been waiting a long time for backups and photos to support this, and I am glad we are finally getting it.
I don't feel like updating to a beta to get this feature (especially for the risks associated with it). But I am curious how the migration will work. Will this basically re-encrpt everything locally and then upload it or will what is already there stay unencrypted.
Also does anyone know, how do features like this work for someone with a single apple device? I don't worry about loosing access to anything because if my phone dies I have... several other devices with keys. But what about someone who doesn't?
"Because Apple will not have the keys required to recover your data, you will be guided to set up an alternate recovery method in case you ever lose access to your account."
I would assume a physical sheet of paper containing recovery codes is a suitable alternative recovery method.
I should have looked closer at the screenshot, didn't really think it would tell me anything beneficial for an e2e system.
Thanks for pointing that out!
Honestly might not be a bad idea to have a backup somewhere else just in case. Like in the event of a fire or something have a backup sitting in a safe.
It does bring up an interesting conversation, what levels do we go to make sure we can recover accounts in situations like this? Store a USB or a paper in a safety deposit box on the other side of the country? I tend to store all of my backups for my other accounts on my iCloud Drive so... loosing access to that would be catastrophic.
For everyone else who was hoping to enable E2EE for backups right away:
> Advanced Data Protection for iCloud is available in the US today for members of the Apple Beta Software Program, and will be available to US users by the end of the year. The feature will start rolling out to the rest of the world in early 2023.
This all just seems like pandering while they continue to accept billions from Google in exchange for their user's privacy. If they really wanted to protect users' data that would be a simple starting point.
Does it protect you from Google's tracking? No. And it isn't about me, I don't have Apple or Safari. It's about the fact the privacy shouldn't be "opt in." Claiming that safari has good privacy protections while it by default does the opposite becuase you can opt in to a less inavsive version which many don't even know about is, in my opinion, disingenuous.
If Apple would just go ahead and say "we've extracted tens of billions of dollars from you indirectly by letting google do the dirty work, but here's some encryption that doesn't make up for what we've done and continue doing" that would be more accurate.
They can still simply push a software update that sends the victim's keys to the mothership and/or simply decrypts everything. Can even be pushed silently. The victim cannot do anything, not even detect when this has happened.
Why would governments push back, when this hole which has already been used will _always_ be available?
The difference is in asking Apple for something they already have access to, vs. asking them to create something entirely new (a signed software update). That’s what the FBI case a few years back was about.
The alternative is to admit that, while all megacorporations are fundamentally bad, Apple does occasionally do good things. This is clearly infeasible.
That’s along the lines of asking “Do you have evidence that UFOs have NEVER landed on earth?” in response to someone asking if you have evidence that UFOs have landed…
You're asking for proof of a negative that cannot be fulfilled without having access to all copies of all versions of the source code deployed for every Apple device in the world for their entire history. This seems an unreasonable burden.
Either we accept some amount of vulnerability at the minimum and deal in likelihoods rather than certainties, or we simply do not use modern communication devices whatsoever. Given we're here on HN, we all have clearly chosen the former, so the question becomes: "is it likely that Apple have violated individual users' privacy in this manner?", to which I think the answer is "no" because (a) it's never been necessary before given the availability of alternate methods, (b) we have absolutely no evidence to suggest otherwise, and (c) we do have evidence of a history of Apple being at least somewhat reluctant to cooperate with the federal government of the US when it comes to individuals' privacy, to the extent that they are able (e.g., the San Bernardino case). So although it is true that we cannot be certain of our privacy, it seems very likely that Apple's efforts to improve user privacy are not disingenuous.
Even then the OP will ask us to prove that you do have all the versions of code and that there was no self destruct mechanism that wiped itself clean. You can’t prove a negative. That’s the point of those assertions. It’s not without reason that most conspiracies use this tactic.
Can somebody explain the room for debate and expression of sentiment here? If Apple was legally required to do x in regards to privacy, I have to assume they would and everyone could know they would (because it does not seem very big US company to outright defy national law). If they were not, on what ground, could the gov pressure Apple?
The theory would be that it would be extralegal pressure. Out of the Snowden era, for this generation, came the belief that the government would use extralegal coercion to get what they want when it comes to domestic espionage. This showed up in eg how the government battled Yahoo over PRISM [0], and the story of Joseph Nacchio of QWest [1] supposedly being targeted by the Feds for refusing to go along with the program/s.
For prior generations, Hoover, Nixon, MLK (how they targeted him), the Church hearings, and many other things provided evidence as to the extralegal behavior of the government at times.
Given what we learned from the Snowden leaks, I would be willing to believe that any PR in apples favor is awarded by the govt for exchange of their cooperation relating to providing the govt data / access they request.
I don't trust any corporation to actually side against the govt.
Like when they started recording what programs you launch on your Mac, sent to them in cleartext? Or when they force you to have an account with them to install apps from the official sources (and of course the unofficial ones are absolutely atrocious).
Apple are better on the privacy front than their competitors, but not by that much.
They pushed back on that after falsely telling their customers that they were technically incapable of helping the FBI with such requests. After this incident, they no longer make that claim. https://appleinsider.com/articles/14/09/18/apple-says-incapa...
They never told customers it was technically infeasible. From the contemporaneous Q&A from the 2016 letter opposing coerced access:
“ Is it technically possible to do what the government has ordered?
Yes, it is certainly possible to create an entirely new operating system to undermine our security features as the government wants. But it’s something we believe is too dangerous to do. The only way to guarantee that such a powerful tool isn’t abused and doesn’t fall into the wrong hands is to never create it.”
Apple: "So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8."
Also, "create an entirely new operating system" is an intentionally misleading exaggeration on Apple's part, meant to fool customers but not governments. It makes it sound like the amount of work they would have to do is larger than changing one constant about how many retries are allowed and another constant controlling rate liming, build and sign and flash it to the phone, and delete it after.
Seems like a semantic quibble about the meaning of “technically feasible.” If you understand it as making claims about the system as it exists, it is true. If you understand it as making a claim about what Apple could theoretically do in all circumstances, then you have an absurd definition because everything is technically feasible.
I think the FAQ and letter both make clear that Apple could comply with the FBI request and their objection was over whether they should be forced to.
> If you understand it as making a claim about what Apple could theoretically do in all circumstances, then you have an absurd definition because everything is technically feasible.
If iOS 8 required a user key for updating the system, this would be technically infeasible. It's not technically infeasible as iOS 8 was implemented, so Apple stopped claiming it is, but only after the FBI embarrassed them about that claim.
> their objection was over whether they should be forced to.
Apple's objection had nothing about being forced to do it. They were forced to provide data from devices before iOS 8 and even provided a document about how to ask them to do it. Apple instead made specious claims about how hard it was and how it would affect other customers' privacy.
Hasn't the solution to this problem always been easy? Just encrypt before you type it into imessages; this applies to _all_ untrusted communication channels. Don't tell me base64-encoding/decoding is what's stopping you from having perfect security?
Exactly, if you're dealing with truly sensitive information where any leak is unacceptable, make your own encrypted blob. Don't trust any communication software to do it for you.
The concern typically isn't backdoors, it's bugs. I've had plenty of terrible experiences with Enigmail.
>Why would governments push back, when this hole which has already been used will _always_ be available?
I'm not aware of a time when Apple pushed a software update (silently or otherwise) to defeat security for a user (or users). Can you provide a reference?
The parent comment said “hole which has already been used”, that’s a claim that Apple has actually done it, not only a speculation that they could. They are being asked to back up that claim.
The thing that people always miss is that the damn SIM card is running its own little processor already. If the government really wants to read your shit they can probably just do some behind the scenes work with your mobile ISP and find a way to access your phones screen output or microphone data or something.
If I really wanted a physical SIM and imported a European SKU which does have it (only North American variant is eSIM-only), would I expect seamless support in the US? E.g. would AppleCare just work?
So there's no level of security that will ever be enough for anyone. The number of people who know the source for the current version of every piece of software, firmware, and hardware they use almost certainly approaches 0.
I don't know what people expect. These moves are good things and everyone is whatabouting situations that there is 0 evidence has ever happened or would ever happen. It's unfalsifiable, impractical, and honestly just annoying.
With Apple's current lack of encryption on iCloud backups, we are very aware of government access because those files end up as evidence in court cases after being obtained by police and prosecutors.
If government were to compromise end to end encryption in the manner described above, it would either be visible when used to prosecute people, or invisible because it would never be used to prosecute people (but presumably for intelligence purposes). Even if it were used for intelligence purposes through the method above, which I don't think is at all established, it would still be a significant improvement over having data in a form that is actively used to prosecute people.
> Even if it were used for intelligence purposes through the method above, which I don't think is at all established,
The snowden revelations were precisely about information gathering for intelligence purposes. The vast majority of intel gathering is not for prosecutionary purposes.
I didn’t say it’s good that intelligence agencies hypothetically could spy on this data by having Apple push malicious software.
What is absolutely good is that they have e2ee now, and the only way they could even hypothetically open a back door would be one that was completely secret, for the government, which definitionally closes off a whole class of government use of the data, for example in domestic prosecutions of citizens.
This may not be perfect (it’s not open source etc) but it’s a vast improvement over non encrypted data that was openly routinely given to the government.
I think we are talking cross purposes. I agree with your evaluation that this is an improvement over current state. I did not cite whether you think it is good or bad that intelligence agents could spy on this data. I was referring to the fact that most secret surveillance is expressly for the purposes of intelligence rather than prosecution. Surveillance methods that are secretive are, by their very nature of being secretive, typically not used for prosecutionary evidence gathering due to the fact that such use would reduce the method's secrecy. Until Apple can provide some verifiable proof that my keys cannot be handed off to governmental parties wishing to decrypt my data, I will not feel comfortable using their cloud service for my personal data (not that my family vacation photos and pictures of our dog will be that interpreting to anyone).
"You can't prove that they don't already do X, because X is by definition a secret action" is a pretty useless epistemology though. Every electronic device you've ever used could secretly have a cellular modem that can secretly download over-the-air firmware updates that alter its behavior to be maximally evil. You by definition can't prove that your coffee machine doesn't secretly have the ability to change its behavior to start connecting to the internet and DDOSing charities or something.
You make this sound easy but look at how that worked for NSLs. They got a ton of pushback for that and there’s no way to keep that a secret for very long – especially since things either end up in court or involve foreign governments who won’t share the desire to keep things secret.
On some level the US could also pass a law that says every iPhone user will be summarily executed. That’s how sovereignty works. Is it a realistic concern? Probably not.
That's not the point. The point is that Apple hasn't closed the government out of Apple user's phones. The point of E2EE is to remove the power of the middleman to read the data but that middleman also has complete control over the device and the software running on it with remote root access.
Apple's ecosystem is, by default, design and necessity, insecure to Apple. Keys stored on an Apple device are insecure.
One can easily make a similar argument for Android/Google, however, a security conscious user could still take control over their device and install a more secure OS.
Seeing as context is conspicuously missing, all cloud services offered by foreign business in China a required to be hosted and controlled by state owned providers. For instance, China has a separate Microsoft 365/Azure region hosted and controlled by 21Vianet. Apple still controls the encryption keys and there is no evidence that they have handed them over to the CCP, but it is largely assumed. Federighi has said that Apple will offer EE2E in China.
Why is data residency law cool and progressive when the EU does it and Big Tech complies, but Bad and Dystopian when China does the same? Tim Cook has said on the record that iCloud is the same regardless of data center.
Because the reasons for data sovereignty as legislated by the EU and countries within it, and China, are drastically different. Which one is the authoritarian regime which jails dissidents and which one has regulations giving consumers rights over their data? I'm fairly certain the motives for data sovereignty are wildly different.
I’m not sure if you’re aware, but there are anti-encryption legislative proposals in the EU which are as ill-informed and scary as anything I’ve heard of in Mainland China. It’s very unclear to me if motives matter in this case.
China has a reputation for hunting down religious minorities and political dissidents, Europe is known for a more moderate take on those matters. I think there's cause for concern when China demands domestic ownership of iCloud info.
You seem to have missed my point entirely then. I'm in full support of Apple holding themselves accountable for the data they hold, but they don't. As a result, we rely on "broader political vibes" to read between the lines.
I’m not sure what you mean by “holding themselves accountable for the data they hold”, but you began by implying data residency was compromising security at the behest of a government, but it does not itself do anything of that sort. Your technical claim is outright false.
Would it surprise you to learn that France also bans female genital mutilation, another religious practice enforced on people who typically have no say in the matter? These bans apply to people of any religion and of no religion.
Let's not pretend this is the same thing as kidnapping you and taking you to a reeducation camp because of your religion, leaving your kids alone and confused.
Let's be clear about what we're discussing. France prevented a law that would have allowed burkinis to circumvent existing public pool rules that require a swim cap and forbid baggy clothes and certain sun protection suits. People forced to wear certain clothes by others in their religion do not get special exceptions. https://www.nbcnews.com/news/amp/rcna34833
You realize that your citation actually reinforces the idea that the only reason this law was passed was because the government was against them to enforce “secularism”?
No one claimed that they were being “forced” to be part of a religion. What next? Forcing people to eat pork even if it is against their religion to enforce “secularism”?
This was nothing more than discrimination.
In the US, we had to have laws that allowed Black girls to wear their hair the way they wanted and schools were forcing black girls to straighten their hair to fit in.
The pool rules considered no religion and only what is necessary for pool safety and cleanliness. The law that the city passed made concessions for a religion (just one). If your religion requires you to defecate in the pool each time you enter, should they make laws allowing that?
People who are forced to wear certain clothes by others in their religion are also often forced to have that religion.
Confusing race with religion is even crazier. We should accommodate people who are physically different, but there is no reason to go out of our way to accommodate people with arbitrarily wacky beliefs and even less reason to go out of our way to accommodate oppression by people with arbitrarily wacky beliefs.
The pool rules are about sanitation and safety. The law allowing burkinis was removed because "it violates the principle of government neutrality toward religion" by being written to accommodate a single religion.
The secularism rule basically says that the government should not make laws to accommodate one religion because then it would have to make laws to accommodate any and all religions, and there is no limit to how wacky a religion can be.
You can’t believe that. That’s just like saying that laws against “sodomy” weren’t discriminatory and only passed for the welfare of the state when they were clearly passed to criminalize non heterosexual consenting sex between adults.
Once again, there isn't a law against burkinis. There are pool rules that predate the invention of the burkini and disallow many things, wearing burkinis (though not mentioned specifically in the rules) in the pool among them. Writing a law specifically about allowing burkinis is discriminatory against other religions and beliefs.
> The ruling was the first under a controversial law, championed by President Emmanuel Macron, aimed at protecting “republican values” from what his government calls the threat of religious extremism.
Now you're confusing a law passed in a city with a national law. The law passed in the city was specifically making accommodation for one religion, which is not allowed: “the Grenoble vote was made ‘to satisfy a religious demand’ and ‘harms the neutrality of public services.’”
The law passed in the country was set up to disallow laws that favored one religion, but ever since the revolution cast aside Christianity for enlightenment ideals, no such laws had been attempted. It is true that this law was made to prevent laws that favor Islam, but it puts it on equal footing with all other religions. Members of The Native American Church cannot get laws passed to give themselves exemptions to use mescaline.
Indeed, you can opt out of more of it on Android than you can on iOS. Try to get your location on iOS without telling Apple. You can't. Try installing an app without telling Apple. Same.
Even MacOS is infected with this privacy invading nonsense that I can't opt out of. It has an Apple News app that I can't uninstall, and whenever anybody sends an Apple News link, even in a private tab, it opens the Apple News app, a handler that I can't disable, sending the article I want to read together with my Apple ID to Apple.
> Apple loves harvesting your store interaction data within store apps for commercial use
FTFY.
Please stop spinning that as if Apple were siphoning every single of one's moves everywhere, irrespective of any telemetry setting one has set.
Both the linked piece and the reporter's Twitter thread seem to have taken great care to bury behind clickbait headlines and scary words the fact that this applies only to App Store, Books, Apple TV, and iTunes Store apps, which are all "store" apps (presumably that's where commercial stuff typically happens) that used to outright be webviews (not entirely sure they are 100% native as of today). I don't think anyone would be appalled if a React-based web app would send vast amounts of requests based on user interaction.
So yeah, they should probably not collect as much data as that and probably should have a toggle to nerf such data collection within the store apps (which is not the same as OS/actual app/service telemetry), but the way things keep getting spinned is beyond ridiculous and does not help in improving anything.
Yes true. What’s your threat model though? If my government wants to own me they can do that without going to Apple.
For myself I’m quite happy with this as it is a huge improvement over what we had. My only irk is that they called themselves a champion of security and privacy before this..
The tricky thing with Apple is that they sell phones in China, given that that govt demands visibility into what it's citizens do, it is reasonable to assume that anything Apple launches to secure your data from prying eyes will have an asterisk to accommodate a big part of their market.
That's because Chinese and US law are fundamentally different. The US has laws that enable Apple to contest those requests. It is not just possible to run a large business in violation of any (competent) government. It doesn't matter who it is.
FWIW, Apple does not treat US and Chinese users the same. If you have a Chinese mainland iPhone, you use a completely different iCloud that isn't even run by Apple.
It looks to me like Apple and China have a complicated and somewhat adversarial relationship.
Apple likely conceded early on that China-based iPhones use China-based iCloud, and the Chinese government likely conceded that Apple phones will use the same OS everywhere, with region-based feature blocking being as far as they'll go in customizing the OS. Both have a lot to lose from the other party terminating the relationship.
It’s not that tricky as iCloud in a China isn’t run by Apple at all. [0]
The laws are different there and the only way that Apple could meet the requirements of the Chinese government without also weakening their product for the rest of the world was to cede control of iCloud there.
So could your Android phone - even if it runs GrapheneOS. How do you know that GrapheneOS isn't a CIA project like ArcaneOS that won't push a sneaky software update to your device? You don't and you never know, so it's not really fair to target Apple for this. You will always be vulnerable to such an attack no matter what you choose.
The only true secure option is to build the source yourself, sign it with your own keys, and run it. Assuming you can read all the code and make sure its safe, and read all the code on your compiler to make sure that is safe. And you'll still need to trust the Google-signed bootloader code, which totally hasn't had suspicious custom builds released previously (ArcaneOS?)
They couldn’t without bypassing all their controls and assurance measures, which are required by not just governments but corporations who don’t trust apple or the government, as well as regulators across the world who also don’t trust either apple or the us government. If you’ve ever worked in a highly regulated highly sensitive enterprise tech environment you would know this is hogwash.
You missed out the punchline: all of this follows from that the software is
proprietary/closed-source/non-Free.
You can't see how it works, you can't change how it works, and you have to
trust that it does as advertised. You must do all this in the knowledge that
over the years plenty of proprietary software vendors have outright lied to
their customers about exactly this kind of thing, e.g. [0][1].
I'm not aware of Apple ever doing so though, for what that's worth.
Apple never said that it was scrapped. They did, however say that they intend to do it.
EDIT:
Follow the links from those articles. Apple never killed the plan! This is what Apple actually said:
> Based on feedback from customers, advocacy groups, researchers and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features.
That's not killed. That's just delayed. It's
also them
reiterating their intention to ship these misfeatures. It was, as pointed out, widely misreported.
Apple is very good at writing technically truthful things that say one thing that cause reporters to report a different thing (which is not factual). This becomes an "everybody knows" sort of thing where the narrative that is widely believed/accepted is not what Apple actually said. They exploit poor reading comprehension ability.
Apple has introduced three new security features to better protect users' data in the cloud. The new services will provide the company's highest-ever levels of data security for the iCloud. The services, called iMessage Contact Key Verification, Security Keys for Apple ID and Advanced Data Protection for iCloud, will be available for users to choose from. Apple is committed to providing users with the best data security in the world, said Craig Federighi, the company's senior VP of software engineering.
iCloud was convenient and I was even paying for it, but when the "we will scan your photos and snitch on you" debacle I started backing up my photos at home and removed all my spreadsheets from iCloud (who knows what crappy software can interpret as CSAM).
This will go a long way into restoring my trust on Apple. Yet, I can't help but notice that the "we will scan your photos and snitch on you" workflow they published then is still compatible with enhanced iCloud security. Hell, they can always send a command to the photo's app in your phone to upload all your photos straight to FBI's servers. So in this case technology is like 50% of the trust, the other 50% is sheer commitment to customers and that was tainted by that episode.
> In a second victory for privacy advocates, Apple said it was dropping a plan to scan user photos for child sex abuse images. The company had paused that plan shortly after its announcement last year, as security experts argued that it would intrude on user’s device privacy and be subject to abuse.
Sorry mate but you have no idea how anything works. Literally every photo hosting service on the internet will scan your photos against an abuse list and work with LE - otherwise they get to become the “cp-friendly” hoster.
When apple released client-side scanning (which only ever applies to photos uploaded to iCloud Photos) the only thing that changed was now the scanning takes place on your device where you have transparency and ability to see what hashes are checked. The folks paying attention knew what this was - Apple redesigning a workflow to make LE cool with e2e encrypted photos. You read some false outrage articles and are now somehow still upset at a company doing work that is currently in your best interest. Baffling.
I'm baffled how people can be so okay with letting their whole device being scanned always. I don't want it to be scanned no matter what the intention is, it's not the phone or Apple's business. Device ownership and to decide for my own what the device is doing with MY data is my liberty. If you want your device to scan your data always is maybe cool with you. But not cool with me.
I've read all the technical documentation too. However who says that the mechanism is implemented like intended forever? Maybe Apple or (local) law will change and voila: Your device scan report is reported to Apple and authorities because it is anyway already in place on your device.
>Sorry mate but you have no idea how anything works.
>The folks paying attention knew what this was - Apple redesigning a workflow to make LE cool with e2e encrypted photos.
They have just canceled this spyware wholesale,[0] ivalidating your entire point. Interesting how Apple fans can come up with a thousand ways to justify being spied on and then call anyone who points it out cluless.
Excellent, I’ll be adding hardware keys right away. Their existing iCloud-connected-device 2FA is better than SMS but it’s always bugged me that I wasn’t able to use a hardware key.
Now if we could just get banks on board… they’re probably the single biggest glaring hole in non-SMS 2FA. To my knowledge there’s only 2-3 US banks that even support TOTP, let alone hardware keys, which is insane given how important they are.
Yea super annoying - this is the one thing stopping me from getting a Yubikey. Whats the point if I cannot use it on the stuff I really want to use it for?
While I agree it would be great if more sites like banks supported hardware keys, your reply reminds me of the saying "Don't let perfect be the enemy of good". There's plenty of services you can use a Yubikey with right now.
AFAIK no Canadian banks even support TOTP - it's all SMS (or in one case a bank "app" that does TOTP, but frequently logs you out so you have to use SMS anyways). Maybe they'll catch up in a decade or so.
I wonder if they will push for client side scanning for CSAM material again, since photos are covered under end to end encryption based on this announcement. As a consumer, it feels like two different teams with two different ideas of what kind of consumer privacy should be protected are trying to guide Apple in opposite directions.
Apple, the client side scan pushing and ad platform expanding company is now the same company that is releasing strengthened cloud data protection. Deduplication becomes impossible at any sort of scale and for safety Apple even turns off web access to iCloud when E2E cloud protection is turned on for the first time.
Apple has stated it will cache thumbnails using standard protections when sharing files, using "anyone with a link" will expose the unencrypted data to Apple servers. I wonder if CSAM scanning can take place for those files only.
According to The Washington Post [0], "In a second victory for privacy advocates, Apple said it was dropping a plan to scan user photos for child sex abuse images. The company had paused that plan shortly after its announcement last year, as security experts argued that it would intrude on user’s device privacy and be subject to abuse."
Thank you for the link, I had not come across that news. It seems like Apple is still scanning photos when NSFW photos are sent to phones belonging to minors.
"When receiving this type of content, the photo will be blurred and the child will be warned, presented with helpful resources, and reassured it is okay if they do not want to view this photo. Similar protections are available if a child attempts to send photos that contain nudity. In both cases, children are given the option to message someone they trust for help if they choose.
Messages analyzes image attachments and determines if a photo contains nudity, while maintaining the end-to-end encryption of the messages. The feature is designed so that no indication of the detection of nudity ever leaves the device. Apple does not get access to the messages, and no notifications are sent to the parent or anyone else."
They are offering E2EE despite not currently having plans for client side scanning of content. I have to imagine it's different teams because I want to give the encryption team the benefit of the doubt.
I can't imagine people working on E2EE at Apple would be okay with client side scanning. The reasoning isn't important, it's an easy slippery slope once implemented. I imagine the encryption team has to constantly push for consumer privacy in a climate where privacy is challenged and compromised for ad companies and governments. I would be absolutely shocked if there wasn't a large amount of internal pushback when the old CSAM detection plan was first announced publicly.
1) they just ate every other 3rd party "secure" backup services lunch just like they did to the Hi-Res music industry.
2) details of what they backup securely, besides photos (which is top priority for me): iCloud Drive: Includes Pages, Keynote, and Numbers documents, PDFs, Safari downloads, or any other files manually or automatically saved to iCloud Drive.
3)BUT, perhaps the BIGGEST news here is that Apple is making a backup statement to what they've been saying for years and what they've recently gotten negative attention on: They don't want your data. They're not Goodle/FB/Amazon. They're giving you 2TB+ of space and you can encrypt it to the point that you'll lose your data and they don't care -- they don't want to mine your data, they don't want to know what you store on there, the don't care to scan your pictures with AI 20 different ways, they don't want to monetize it, etc, etc., just pay them money for their service and transactionally they give you only thing that you want in return -- reliable, secure, private service.
seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
It's good to be passionate, but blind devotion is dangerous, especially since we already know by now Apple is positioning itself to become a major player in the advertising space and - with a dwindling economy and an increased pressure to sustained growth from shareholders - that's going to continuously encroach on our privacy guarantees for monetization purposes.
I'm advocating for an open and interoperable ecosystem of operating systems, services and applications, which is the only way to ensure sustainable customer freedom. Unfortunately that ecosystem doesn't exist yet so we're stuck with the duopoly of evil-doers (and while Google openly admits it is their business model to monetize you and your data, Apple has been caught with their hands in the cookie jar a bunch of times already and they're just developing a sweet tooth, so...).
Full disclosure: I've been using only iPhones for 12 years and am still using one today.
Are these ads? If I see a large derivative, I can usually glance down at the relevant news to see why. More often than not, it says "No Recent Stories", which shouldn't be the case for an ad.
The news articles in the main view are just top business stories from Apple News. I don't see anything ad like at all, actually.
Yeah, this has been so depressing to see. I disliked that there were ads when I signed up, but it was part of a bundle with other things (arcade, music, tv, fitness, etc.), so I gave it a try. But they've been increasing in frequency and they've been added to places they didn't exist before (like when you swipe to see the next article). It's still nowhere near as bad as reading a web page without an ad blocker, but it's definitely past my threshold of pain, and so I'm just using it less. I want the other things in the bundle, so they'll count me as a subscriber, but I'm using it less each day.
What's particularly odd is that some articles have no ads at all. Some have the same ad repeated literally 3-5 times in a short 1,000 word article. And the ads are all trash. They seem like those awful chum-boxes you see on web sites. Who in their right mind thought this would be appealing to the typical Apple user? I mean, regardless, I have never intentionally clicked on any ad on the web in 30 years, and I'm not going to start now.
It's sad because it's exposed me to regional newspapers from around the world. I live in California and see articles from newspapers in Idaho, Utah, Connecticut, upstate New York, Dallas, Miami, Chicago, etc. and even from other (mostly English-speaking) countries like Canada, England, Ireland, Isreal, and Australia. They even include some (English-language) stuff from China. I don't normally see news sources that diverse on the web because it takes more effort. But the ads just make it not worth it to continue using.
Even with the amount of leverage they have to control third parties, media companies are too big for them to control. I’d be willing to bet they had little choice but to let the various publications run ads as they please. Those companies don’t need to be available on Apple News+ to survive. But Apple News+ has no chance without them.
News+ silently dropped one of my preferred news sources last week. No updated articles for a week now and it's no longer listed on the news sources page on the web site. Oh well, I'm still in a free 6 month trial but no longer intend to become a paid subscriber next year.
I hate ads, but for most people paying some bucks a month to make sure their 2nd brain of photos/notes/passwords/texts/etc is totally (and now privately) backed up is a worthwhile insurance policy.
I think the argument that advertising iCloud plan upgrades in settings, where you’ll be pointed to if you run out of backup storage, is very benign as far as ads go. Although I do think that they should have a method to dismiss it(I don’t see this so I’m projecting that they don’t).
Yes, Apple is slightly less bad than Windows. On the other hand, Linux doesn't have any ads (other than the silly ones Ubuntu is trying to push on the command line these days).
Calling a onetime pop-up of a service offering an ad is stretching the description somewhat. Also, it's losing sight of the main argument - ads driven by gathering personal data is what causes concern.
I don't have ads on my phone or my desktop. Why should I settle for a shittier experience A? The fact that there is an even shittier experience B is no argument.
The only 'ads' I've seen from Apple have been the aforementioned iCloud invitation in Settings, there is also a prompt to sign up for iCloud when first setting up the system. That's an element of user choice - 'use our service, or don't, we won't ask twice'.
Unlike MS - you have to link everything with an ID when first setting up W11, no choice unless you go to extreme workarounds. Constant nagging and manipulation thereafter.
With that said, what platform are you using that has no ads at all? Presumably Linux on the desktop, which I can almost use. But unfortunately I can't use it on mobile, I have too many use cases in the personal and business world that require a 'normie' grade phone.
If you consider that an ad, then we are not talking about the same topic. Like sure, pedantically it is an ad, but is not the kind people mind or hurts their privacy at all, nor does it have shady incentives (it is not a third-party service).
> Google, for instance, used to show you ads based only on your search keywords.
This is still true. You basically never see personalized ads on search, since getting a contextual ad for cruises when searching for programming answers probably isn't going to end up with many clicks. Instead, it's only really 'Google Ads' (AdSense on other websites) and YouTube where personalized ads result in higher CPMs.
(Although Google does indeed use your search history for ad targeting.)
> (Although Google does indeed use your search history for ad targeting.)
Yes, and it's not the advertising part that is evil. It's the part where they spy on every aspect of your life because doing so makes ad sales more profitable.
Point of order: their inline-ad-placement on search results is evil. It exists to trick the unwary, including vulnerable people like the elderly, sometimes into landing on scams, thinking they're legitimate because Google presented them as top-level search results.
> Point of order: their inline-ad-placement on search results is evil.
I don't think that is necessarily evil, but it certainly is embarrassing for Google since Google used to make fun of competing search engines for that exact behavior back when Google was still the underdog.
Spying on everyone's credit/debit card transaction data, on the other hand, is definitely evil.
> as Google said in a blog post on its new service for marketers, it has partnered with “third parties” that give them access to 70 percent of all credit and debit card purchases
Personalized is "we're showing you ads for local gyms because we noticed that you've been watching a lot of Youtube videos about workout routines". Or whatever.
If I see ads posted in the wall on a subway in Manhattan, that they are talking about restaurants nearby and not in San Francisco does not cross the threshold of 'personalized advertisement'.
If a digital panel switched to show me restaurants in San Francisco because they detected that I travel there a lot, that is absolutely personalized.
Similarly, if a maps service shows me restaurants near my destination that have paid for placement, thats not personalized. If they show me fast food restaurants on my route because I got directions to one previously, that is personalized.
It is a moot point because Apple isn't anti-advertising _nor_ anti-personalization. They are pro-privacy. Like Google, they will just move ad determination onto the device.
I'd argue that the difference is memory. When a service provider starts making decisions based on an individual user's history, rather than only using factors which they can infer on the spot, that's the point at which I'd call the behavior "personalization".
> we already know by now Apple is positioning itself to become a major player in the advertising space
We don’t know that. We know that they put ads in the App Store, that’s it. I wish they did not, because it made the store even more of an unusable mess, but it really is not even in the same league as Google and Facebooks, systematic surveillance.
> increased pressure to sustained growth from shareholders
This sounds truthy, but is there any evidence of this? Apple is famously the company that tells rent seekers after more ROI above all to fuck off (both Jobs and Cook).
> I'm advocating for an open and interoperable ecosystem of operating systems, services and applications, which is the only way to ensure sustainable customer freedom.
Now that’s a real point, which deserves more than being buried after a paragraph of half-truths (and I almost entirely agree, FWIW).
> It's good to be passionate, but blind devotion is dangerous,
After starting a post like this, it is disappointing that you fell in the trap you warned the OP about. Being contrarian and using mis-informed tropes is not a good way of having a rational discussion. It is not being cool or clever at all.
> Apple is famously the company that tells rent seekers after more ROI above all to f off (both Jobs and Cook).
One of my favorite CEO moments comes from Tim Cook on an earnings call:
“If you want me to do things only for ROI reasons, you should get out of this stock,”
And then more recently “If you're a short-term trader, do not invest in the Apple stock,”
I understand both, but it’s so odd to hear a CEO tell people “no, we don’t want your money” and I will grant that Apple is luckily not in the position of needing it.
Doesn't matter what they claim, look at the numbers and what they're actually doing. Apple has a good product with the iphone but they aren't running a charity, it's a hugely profitable business that puts money over everything, even human lives (see how they aid the CCP's totalitarian regime as an example).
For users to trust them as a guarantor of privacy and rights is naive at best if not outright idiotic. Since they comply with Beijing why would one assume they won't feed your data to Fort Meade and Brussels - who as a sidenote are planning to outlaw end-to-end encryption for major apps: https://www.patrick-breyer.de/en/posts/messaging-and-chat-co...
Keep in mind when a stock is trading the original company doesn't get any of that money unless they have shares.
What Cook is saying is that Apple is in the enviable position of being to make long term plans. Not every decision can immediately be boiled down to an ROI calculation, but that's what short term thinkers want.
For example, how much has Apple invested to develop this E2E system (the tech, support, etc...), and what is the ROI? IMO, over the long term it should have a positive ROI, even if I can't draw a direct link from quarter to quarter right now.
> We don’t know that. We know that they put ads in the App Store, that’s it. I wish they did not, because it made the store even more of an unusable mess, but it really is not even in the same league as Google and Facebooks, systematic surveillance.
They also put ads in Maps, Stocks, and News, and they "started asking people last year if they wanted to enable personalized ads on these apps."[0]
> This sounds truthy, but is there any evidence of this? Apple is famously the company that tells rent seekers after more ROI above all to fuck off (both Jobs and Cook).
"Inside the ads group, Teresi has talked up expanding the business significantly. It’s generating about $4 billion in revenue annually, and he wants to increase that to the double digits. That means Apple needs to crank up its efforts. "[0]
Plus the advertise iCloud in the Settings app with a red badge, which is just annoying.
For a maps app I'd imagine it'll be more a case of businesses will be able to 'boost' themselves to people in the area. Slapping big banner ads across a maps app isnt going to generate much ROI given most people will be using it in carplay mode.
> "Inside the ads group, Teresi has talked up expanding the business significantly. It’s generating about $4 billion in revenue annually, and he wants to increase that to the double digits. That means Apple needs to crank up its efforts. "[0]
This doesn't mean they need to do it with targeting/data mining. I swear all the data mining does is show me ads for stuff I just purchased 3 days ago, and that's with google-level surveillance.
They either have to do way more ads, or way more targeted ads. Would you prefer an endless stream of low-relevance ads, or a few high-relevance ones that required massive amounts of data mining to produce?
I don't like the idea that we discuss this as a law of nature.
I am an iPhone user since three years ago but if at some point I get a better deal elsewhere, I'm off.
And with Apple I pay extra for premium, and there is only so many ads[1] one can shove in before the premium feel is gone.
As for the targeted ads, I share your feeling that the targeting is badly over hyped, except you are lucky compared to me:
Ads for products I bought 3 days ago would be wildly relevant compared to most of the ads I can remember from Google. It was almost always scammy-looking dating sites. For a decade. Don't know what I did wrong but it seems there was a fluke with my account. Or they just god more money from scammy-looking dating sites than from anyone else.
Oh, and when it wasn't ads for scammy-looking dating sites it was pay-to-win games, and based on the ads you could be forgiven for thinking they were made by the same folks.
[1]: I'm no hardliner here: contrary to many on HN I actually see value in some ads and think I have sometimes made better purchases/been reminded to do things I wanted to do anyway.
> It was almost always scammy-looking dating sites. For a decade.
Every time people tell me that AI is great, I remind them that the most frequent ads I see are: 'Goth Muslim hookups' and 'automatic chicken coop door'.
It unfortunately seems to work if you don't go out of your way to block all trackers everywhere and never sign up for anything. I don't personally get any ads I would ever give a crap about, but my wife has been complaining like crazy and constantly blowing up our family plan with data overages since I started ad-blocking at the DNS level because she's constantly being served ads for stuff she actually wants and tries to click on it only to get blocked by my DNS server when it tries to go through a known tracker redirect to grab conversion stats for their campaign or whatever, and then she switches from WiFi to data in order to use the ISP's DNS instead.
> Apple’s VP of advertising platforms Todd Teresi has been asked to bolster annual revenue into 'double digits' from about $4 billion today" (Aug 2022)
Double digits isn’t a major player. Google and FB are already making nearly 200B ad revenue each. If every Apple app and device showed ads constantly it still wouldn’t come close to the views that fb and web pages get to display ads used by Google and Facebook.
Just to put everything onto the same scale, 4 to "double digits" requires a 2.5X increase. "Double digits to triple digits" would require a further 10X increase.
Basically take everything lost by Meta/Facebook directly attributed to ATT and you'll get a very clear picture on what they can very easily get back with their own ecosystem.
That's only the immediate goal. It would be bad for them to eat up the percentage of the market lost by their competition right away; that would get some unwanted attention regarding monopolistic behavior.
They clearly want a slice of that market, and they have the patience needed to wade in.
> If every Apple app and device showed ads constantly it still wouldn’t come close to the views that fb and web pages get to display ads used by Google and Facebook.
I can’t begin to imagine how irritated Tim Cooke is by the revenue Google and Facebook make from adverts on iOS and he clearly wants in on it.
Given that both those ad companies make revenue off iOS, it’s not unreasonable to aim for a similar level on the platform.
The only way for a 2T business to grow is by expanding the Services business significantly, in some market that is already known to be close to half a trillion dollars in revenue.
You really think Apple is trying to make small change with ads in Apple Maps?!
Everyone uses Google Play because it's convenient. But as a notable example, Fortnite refused to use Google Play for a while precisely because of that 30% fee, and it worked out pretty well for them. Eventually they gave in and put Fortnite on Google Play. Although Google kicked them off later (they pushed an update which allowed users to bypass Google's 30% cut using their own payment system) so it's back to direct download from the website.
> 30% of all revenue that passes through an iPhone
A bit of hyperbole there. 30% of revenue from sales of digital goods after the first $1m (15% before).
I’ve probably spent $20k on Amazon using my iPhone this year alone. You don’t think Apple takes 30% of that, do you?
Besides, it’s so funny when people use “rent seeking” as a pejorative. Like, yes, the reason my landlord bought this house for a lot of capital up front was that they believed it would be profitable rent it for much smaller amounts for a long time. What, am I supposed to feel entitled to use the house for free?
A bunch of years ago I made several hundred thousand dollars from the App Store. You know how much I would have made without the app store? Zero. Do you think I begrudge the 30% I paid, any more than I begrudge the rent I pay for this house?
I understand people who dislike the Apple walled garden and want no part of it. I do not understand people who want all of the benefits but expect Apple to provide it for free.
>Besides, it’s so funny when people use “rent seeking” as a pejorative
"People" including anybody from Marx to the left, all the way to Friendman and Hayek to the right, including Adam Smith...
Sorry, rent-seeking is milking assets without producing value (or with only minimal investment/maintainance costs). It's the opposite of a functional market.
>Like, yes, the reason my landlord bought this house for a lot of capital up front was that they believed it would be profitable rent it for much smaller amounts for a long time. What, am I supposed to feel entitled to use the house for free?
No, you're supposed to not want an economy where people don't mouch off of standing assets, but actually contribute to making value (and products and progress and stuff).
Rent-seeking 101: "Rent-seeking activities have negative effects on the rest of society. They result in reduced economic efficiency through misallocation of resources, reduced wealth creation, lost government revenue, heightened income inequality, and potential national decline."
The Apple ecosystem is not the App Store. They make money off the sales of physical products and their own services like iCloud.
Making money off of the App Store is pure rent seeking. It's maintainance and (very infrequent) improvement costs (negliblible compared to its profit) don't make it any less so. Heck, actual rented properties like houses also incur some maintainances costs on the owner.
> 30% of revenue from sales of digital goods after the first $1m (15% before).
Not quite - if you go over $1m in revenue you pay 30% on all revenue in the following year.
I honestly believe that if the App Store were to start now, they would feel entitled for a cut of all physical goods transactions that happen.
I don't believe Apple produces 30% of value when someone (hypothetically) signs up for Netflix on an iPhone. Apple's App Store actively hinders value creation when they prevent Netflix from using their existing saved credit cards to re-subscribe a user on an iOS device.
> Do you think I begrudge the 30% I paid, any more than I begrudge the rent I pay for this house?
It sounds like you saw value in something, and you paid for it. A competitive product would be able to stand on it's own and developers (and users) could make a decision on what product they wish to use - I'm sure that a lot of developers would continue to use Apple's payment infrastructure because they find it easier!
> I honestly believe that if the App Store were to start now, they would feel entitled for a cut of all physical goods transactions that happen.
There must be a name for this fallacy, where one bases their opinions on speculations about how things would be different today if their already-held opinions had been true long ago. Some kind of retroactive confirmation bias?
> It sounds like you saw value in something, and you paid for it. A competitive product would be able to stand on it's own and developers (and users) could make a decision on what product they wish to use - I'm sure that a lot of developers would continue to use Apple's payment infrastructure because they find it easier!
You're not paying for the payment infrastructure. You're paying for the discoverability and distribution. I cheerfully paid 30% to reach a few hundred thousand users when I could have reached, maybe, tens of users on my own. I find it hilarious when people explain how I was ripped off with exorbitant fees.
> Besides, it’s so funny when people use “rent seeking” as a pejorative. Like, yes, the reason my landlord bought this house for a lot of capital up front was that they believed it would be profitable rent it for much smaller amounts for a long time. What, am I supposed to feel entitled to use the house for free?
They mean "rent" the econ jargon, not "rent" the thing you pay to your landlord.
Tim Cook told ROI-focused investors to "get out of the stock."
Unfortunately now you've unlocked the "haven't you heard of platform fees (Google Play) or walled gardens (Nintendo eShop) before?" tangent.
There is no new information here - some people are perfectly happy with Apple's walled garden business model as it is and/or don't think Apple should be forced to change, while some think that Apple should be forced to change it so that customers can have more freedom or developers can collect more money.
You mean “infamous” as in what every other platform does - including Google and the console makers? The console makers even force game developers to pay a royalty on every physical game sold.
I don’t think Apple is seriously considering a major play in ads and if they are I think this signals pretty hard that they won’t be doing it off the back of consumer data.
It just doesn’t make sense to their business strategy. Apple is premium, ads are the antithesis of premium. Just doesn’t make business sense.
So the fact that you don’t have to use Apple’s in app subscriptions for users to be able to subscribe is irrelevant to the argument that apps have to use in app purchases for subscriptions?
You're missing the point. The lack of alternative app stores or the ability to accept payments and control subscriptions via other gateways is the problem. You either use Apple app store/payments and accept the fee or you don't have any transaction ability in the app.
I want to make an iOS app. I've already paid Apple the $100 bucks per year or whatever it is, so I've "done my part".
Then, I want to have in-app subscriptions and payments, and I found a great service, XYZ, that does this.
So, on my own time, with my own device I bought (which by the way, in another money-grubbing move, HAS to be another Apple device, even though there are 0 solid technical reasons to force this), I write the app, I put in the integration for XYZ.
Can I publish this to large amounts of iOS devices?
They're both Turing machines, if that's what you're getting at.
In practice, no, a console is not a general purpose computing machine.
On iOS, by design, you can install almost any kind of application even without jailbreaking it. Which people do, you can have Excel and Maps and IDEs and whatever.
Consoles, by design, do not allow that. It's almost strictly meant for games and media.
And again. I don't care. Both types of walled gardens should be abolished.
> After starting a post like this, it is disappointing that you fell in the trap you warned the OP about. Being contrarian and using mis-informed tropes is not a good way of having a rational discussion. It is not being cool or clever at all.
Once a brand starts to build large-scale mindshare, there is of course the inevitable brand-wars fanboy faction, but there also pretty reliably seems to emerge an anti-brand faction - this pattern is consistent across NVIDIA, Apple, and many other leading-but-controversial companies. The mere mention of these companies in a positive context gets another faction reliably winding up about how awful they are and how everything they do is actually fake and a lie and intended to rip off customers unlike my favorite brand, etc.
It's essentially another form of parasocial relationship - but it's a negative parasocial relationship instead of a positive one. People gain identity from opposing the brand-signifier rather than supporting it.
The existence of fanboy factions is oft-observed at this point, but I rarely see anyone acknowledging the opposite side - the people who just are reflexively contrarian and negative about anything surrounding a brand, regardless of any counterbalancing concerns or factors. The hateboy, if you will.
And blind hate is just as destructive to nuanced conversation as blind devotion. It's also destructive to actual progress - positive steps need to be acknowledged and encouraged even if you think it's still the overall worse option, and negative steps from a brand you favor need to be acknowledged even if you think they're still the overall better option.
To do otherwise is to oppose actual progress over what amounts to parasocial tribalism - in both directions. The hateboys are just as toxic as the fanboys to reasoned discourse.
I can see your point, but wouldn't classify myself as an Apple "hateboy": I've been using iPhones since the 3GS (we have 4 iPhones in the family, 2 iPads and a MacBook).
I've just been extremely disappointed by their hypocrisy around privacy (which is a subject I'm very passionate about). They've betrayed my trust when they announced the on-device scanning functionality a few years ago; yes, I know they eventually dropped it after massive pushback from everyone that understands its privacy implications but before doing that they treated us "screeching minority" like dirt, I've never seen such condescending behavior from a legitimate company, especially one that I previously respected.
Their massive push in the ad space, combined with other scummy behavior (phone-home on macOS, backdoor access that sidesteps firewalls from 1st party apps, etc.) just paints a bleak future where all the big players (Google, Microsoft and now Apple) treat us like sheep; it's just so frustrating and sad...
I can't generalize, but could point out to the contraction of venture capital investments, for example. Does that mean "dwindling economy"? Maybe not, but it does constitute some type of signal.
Subjective and rhetorical, but yes lots of people think there's too much money on the table to just eschew ads in their products. Let's be honest, Apple has a captive market, and their largest real issue is that they make too much money and can't find anything to spend it on.
>Apple is positioning itself to become a major player in the advertising space and - with a dwindling economy and an increased pressure to sustained growth from shareholders - that's going to continuously encroach on our privacy guarantees for monetization purposes.
Or they could sell us a rugged iPhone with a removable battery and SD card slot to extend storage but keep the proprietary OS to keep the music/movie ppl happy plus keep out malware not sent via FISA warrant, but if they did that Tim Cook might jump off the top of the donut apparently, so they keep going the way you describe.
> Or they could sell us a rugged iPhone with a removable battery and SD card slot to extend storage but keep the proprietary OS to keep the music/movie ppl happy plus keep out malware not sent via FISA warrant, but if they did that Tim Cook might jump off the top of the donut apparently, so they keep going the way you describe.
I'm sure 3.5 humans who want that will appreciate that product.
We aren’t talking about blind devotion, though, are we?
We have a tangible actual important thing. Apple can’t plumb our backup data for their own profit.
You want to be careful not to ignore information just because it doesn’t comport with your preconceived assumptions. At least consider weighing them against your assumptions? I’m never going to be against a cookie-based metaphor, but that doesn’t make it apt.
Nextcloud is more a backup-adjacent system. You can use it for backups, but you're on the hook for maintaining that system and keeping it secure. Maybe you have time and will to do so but most don't. It's a lot simpler than it used to be on Ubuntu (nowadays just `snap install nextcloud` and you're good to go) but that doesn't make it carefree.
I ran my own Nextcloud instance for ~3 years, recently moved to Syncthing for simplicity. But that use case is more about making certain pieces of data available to all my devices, not for backups.
File backup is just one of its many capabilities. I use these apps in Nextcloud currently which sync to all my devices:
News/RSS reader
Cospend like Ihatemoney
Contacts
Calendar
Music
Mail
Photos
Talk for voice and video
Bookmarks
Deck/kanban board
Tasks
Notes
Maps
Polls
Forms
Money
Health
Passwords
Collectives/Wiki
I did the same with my instance. More power to you if the tools are good enough for you, but I found them too clunky to use compared to dedicated products in the space.
Still, I did appreciate the breadth of apps that one could install.
Nextcloud ecosystem is best of class rather than best of breed. Not every app is the best, but many are under active development and improving rapidly. I might have too many eggs in one basket, the the maintenance is very easy this way.
> It's good to be passionate, but blind devotion is dangerous
Agree with you there -- the data might be encrypted on Apple's servers but that doesn't mean Apple can't scan your data on your device and report the findings back to the mother ship. They've made it increasingly difficult to know or control what system processes do.
Can you give examples of some of the times Apple has been caught with their hand in the cookie jar? Otherwise it seems like a bit of a false equivalence.
> we already know by now Apple is positioning itself to become a major player in the advertising space
There's a fundimentally different approach to advertising by Apple than say, Google or Facebook. For one thing Apple isn't doing web ads. They've not got an adsense style platform and likely never will.
The ad network they're building is for inside their own apps, and likely eventually for app developers to integrate into their own apps - apps only.
In addition those ads are for items within their existing ecosystem, ie more apps.
In terms of data collection this means they dont need the insane levels of information that Google and Facebook collect. All they need is a rough idea of your interests, which can be gained from the apps you use, and your activity in their own apps. Everyone using an Apple device must know they store your location, so that ones an obvious no brainer.
They dont however need to know your browsing habbits. Would it help target better? Absolutely, but the whole aim of their ad network is to keep you inside apps, not browsing the web. If you're using Chrome, Safari, etc they cant advertise to you as again, its not a web-based ad network.
As data collection goes, the way they're doing it is about as least intrusive as you can get. Theres no following you around the internet going on, which has always been the biggest issue with Google and Facebook.
I'm not saying Apple is a 'saint' in all of this, but its not even close to the level of tracking other companies use.
> The ad network they're building is for inside their own apps, and likely eventually for app developers to integrate into their own apps - apps only.
The money generated there will affect behavior elsewhere. These walled garden profit centers always do - having disproportionate number of resources for the task and with it the ability to ignore the needs of the greater business.
"Unfortunately that ecosystem doesn't exist yet so we're stuck with the duopoly of evil-doers..."
That is no longer the case. There are projects starting to come out which are open source and building on top of AOSP like GrapheneOS, CalyxOS and a few others but those two are solid options at the moment.
I am not sure why GrapheneOS doesn't get mentioned here on HN but it's seriously a wonderful project that includes privacy features not available even on iOS. They are this far ahead of the game when it comes to privacy and security. Highly recommend checking them out.
> I am not sure why GrapheneOS doesn't get mentioned here on HN
Probably because with GrapheneOS you have to rely on Android phone vendors which lock down the devices more every year. In my opinion, this is not a sustanable solution in the long term. GNU/Linux phones could be more sustainable.
> anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river
Ok, come on. What apple’s done here is great, and I personally use an iPhone, but you couldn’t think of a good reason to use anything else? An open-source OS?
The GNU/linux distros (in contrast to android) available for mobile phones are so far from usable, it is not funny. Android is a viable choice, but only if it doesn’t come with all the shit from the vendo/Google, which gives you effectively.. a pixel phone with GrapheneOS? Not too much of a choice, especially if you would like to filter based on hardware as well (where apple is just laughably ahead, iphones are ~2 generations ahead in raw performance)
I don't bring this up to start an argument, only because someone reading might look at this comment and assume they can't use a DeGoogled ROM for their phone unless it's a mainline Google flagship -- but LineageOS maintains a list of fairly lengthy list of supported devices, so if you want to use something other than your phone's stock ROM, you should definitely check to see if it's supported, it very well might be.
I also encourage people to check if their devices are supported by LineageOS when they run past their support period, it can be a good way to keep getting security updates past official support windows.
Good point, though pay very close attention for which device you have, some vendors (e.g. Sony) will wipe their camera’s fancy firmware or pull similar shenanigans. That way the tradeoff may very well not be worth it.
Yep, thanks for bringing that up. I should have mentioned that.
The forums should list some caveats for the device if they exist, but don't assume just because it shows up on the list that everything will work perfectly out of the box -- double check to see if there are any downsides.
Also, I should bring up that LineageOS comes in two variants: one without Google services and one with Google services. If you want to actually de-Google your phone, check to see that you are not going to run into problems with the apps you use.
Occasionally I see people who don't realize how deep Google services can go on Android, which in some ways gets back to your argument about how "open" Android really is. So it's just good to make sure that your stuff will all work afterwards if you're planning to go down that route.
You cannot match the features or usability of iOS with anything open-source. Full stop. It's not even a comparison.
Sure, if you're so laser-focused on privacy that you want some obscure phone which will do nothing aside from text, call, and send Signal messages, go buy the weirdest one you can find. otherwise you won't be finding anything remotely enjoyable if it's not iOS or a major android flagship. And out of those options, only one respects the user's privacy and security.
* Their executives admit that they want you and your family locked into their ecosystem (leaked emails).
Sorry, but advocating for them seems like very bad idea. Google was cool, pro-customer company once too. Until they had position to not be anymore. Open standards, without any vendor lock are only reasonable way.
I think you and I have vastly different ideas about what "giving" means.
I get 5GB of iCloud storage, unless I pay them £6.99/month for 2TB. No idea what the rate is over 2TB.
Have I missed a trick to getting this 2TB+?
(I have 7 Apple devices in my possession and have owned a further 2 that I've passed on to my kids; given the premium I paid for those I almost expect that I should get 5GB PER DEVICE, but of course that's fairly unreasonable in reality)
You can't even get over 2TB unless you subscribe to Apple One and even then you only get another 2TB. Pretty useless as a large scale backup service if the maximum you can ever pay them for is 4TB.
Per user. I know you would probably like to backup your linux isos to icloud but besides that the 4tb per account/user is pretty much all one would need.
This is for personal use, not business ;)
Been seeing a lot more of these snarky sort of comments on HN as of late, and its not encouraging. Can we keep it civil without making light jabs at others preferences or tech needs?
Oh come on, that's over-sensitive. The person made a lightweight remark, complete with wink at its conclusion. It was on topic and conveyed information.
Your reaction is derailment because you grabbed the wheel and steered the topic down a road about you and your expectations of discussion standards.
Part of respectable human interaction includes humorous, short and sharp casual responses on occasion. In this case, the post was replying to someone who called Apple's storage limit "pretty useless"... so we're well and truly in the fun zone of casual conversation. Not sure what you're seeking, the equivalent of a formal meeting with diplomats and official representatives?
Except the previous comment had no level of snark involved. You clipping out the "pretty useless" from the context is also misleading.
You then add on hyperbole to end of your reply that I'm expecting some sort of formal discourse. I'm commenting on the "linux distros", which seems irrelevant. Putting a ;)
Except the previous comment had no level of snark involved. You clipping out the "pretty useless" from the context is also misleading. You turn to hyperbole and end of your reply insinuating that I'm expecting some sort of formal discourse. I'm commenting on the "linux distros" portion and the which makes it sound more like a cheap karma harvesting reddit post.
Just imagine if more people made these sorts of quips out of the blue and how crap it would make the forum over time?
I wasn't aware linux distros would push the limits of 4TB cloud storage, so for me it was micro-informative. I also wasn't insinuating, I was asking you directly how much formality you want in online tech discussions.
All good. I don't want to drown in cheap karma-harvesting reddit posts either, but I don't see that happening here.
When "snark" is measured like spice in cooking, it adds flavour. I'm not suggesting popping the lid and dumping a jar of snark in the broth!
Unless something has recently changed, Apple One gives you either 200GB or 2TB to share in a family group. It’s not per user. Each user can purchase an iCloud+ plan on top of the shared iCloud storage included in Apple One.
sorry, yes, i meant it that you can can now purchase 2TB of stand alone E2E storage from apple for 9$/mo, or get it as part of iCloud+. "giving" was a poor word and should have been "available".
Of course you are correct, Apple is not giving that storage away.
They do make a family plan for Apple Plus ($30/month) fairly compelling: 2TB per family member, Apple TV both has some good original content as well as serving as a quick index into most other stream services, the Arcade Games are fun enough, Fitness+ is something I use about 90 minutes a week, and Apple Music. That is a lot of “stuff.”
Then there are some things that Apple gives away for free. Their podcast app is free and lets you subscribe to a lot of interesting stuff that I might otherwise subscribe to Spotify for. Handoff saves me about 5 minutes a day. Anyway, I don’t much like the walled garden aspect of Apple, but for value and convenience they must be difficult to compete against.
> 1) they just ate every other 3rd party "secure" backup services lunch just like they did to the Hi-Res music industry.
This is an excellent point as to why you shouldn't even bother trying to develop software for apple machines. If it's anywhere near successful apple will just destroy you, after having taken a 30% cut from your revenue for years.
I get this sentiment, but where do we draw the line? Shouldn’t OS makers (Apple, Microsoft) add additional apps just because third party developers have done it already?
"If you buy a phone or general purpose computing device, you have the legal right to choose your app store and applications installed on it seperate from manufacture demands".
The particular problem with Apple is not only duplicate your app, they can underprice it by 30% because they don't self pay their own store tax, and they can kick you out of the only app store for whatever reason they choose to make up that day.
I remember back in the early days of the iPhone, new feature releases would coincide with lots of apps being removed from the app store with the reason "this app duplicates core functionality of iOS."
I like this view, though many people aren't just purchasing the phone from Apple, they are purchasing the OS and integration into the Apple ecosystem. Definitely think the user should have the option to pick the app store though
Apple doesn't seem to be in the business of selling software very much. Instead it's mostly used to increase the value of the hardware. The stuff I've seen them incorporate that at one time were apps weren't 30% cheaper when bought from Apple, they were free (i.e., they came with the device).
If they think some third party feature should be part of the core experience, they're going to incorporate it. This is true when building on anyone's platform (e.g., Microsoft, Facebook). Non-core experiences, like domain specific software, are less likely to suffer this fate. It's similar to when MS decided to ship a browser. God help you when the platform you're on decides they want to subsume your features.
> Apple doesn't seem to be in the business of selling software very much.
This is veritably false, they made $80 billion selling software this year. You might not see the App Store as software revenue, but Apple certainly does.
The context of the text you quoted seems to pretty clearly be about Apple selling their own software, e.g., as a publisher, not as a distributor. This whole branch of the discussion thread is, after all, about whether Apple adding end-to-end encryption for iCloud backups is "sherlocking" other cloud backup providers (spoiler: no).
> Apple doesn't seem to be in the business of selling software
As sheer hardware revenue growth slowed, they moved their focus to services [0].
That’s also what we’re seeing on their push into more ads for instance, and this new feature goes the same direction: to benefit these encrypted backups you’ll need to sign up for storage. For most people wanting to cover more than one device, they’ll probably end up with the 2Tb plan which is at 10 bucks a month, the bare minimum 50GB being at 1$ a month.
> If you buy a phone or general purpose computing device
Point of clarity, the devices we are discussing are neither telephones, nor are they general purpose.
They are smartphones, a sort of miniature computer with a bunch of general-purpose sensors, and actuators viz. a screen and a speaker and some haptic feedback. They don't really do much computing per se; we outsourced most of that to The Cloud some 15-odd years ago. These things are just highly capable I/O devices, or clever terminals if you prefer.
And while Android has the PlayStore or whatever they call it this week, one can usually choose to load rogue APKs and one can usually succeed; and things like the Pinephone or Fairphone have been attempted that leave more power (and responsibility) in the hands of the user, but in practice it seems that they simply don't _work_ that well.
I agree with you wholeheartedly; I just think the "if" part is a bit out of sync with reality.
Microsoft had something around 95% of the desktop market share in the 90s. Apple is not anywhere close that. I would agree it's similar in behavior but not intent. Microsoft was terrified of the Internet and applications that could "run anywhere" so they tried to control how people accessed the Internet. Apple is arguably adding these features because it's what their user's want.
> Microsoft was terrified of the Internet and applications that could "run anywhere" so they tried to control how people accessed the Internet
I see reflections of this throughout the history of the iPhone. Apple has always controlled how people access both the internet and even what applications they can install. Every "browser" on iOS is just Safari with a skin for example, because Apple will not allow any other browser engine.
Apple will not allow other browser engines because they are a subset of "programs that run arbitrary code".
Allowing anyone to put their browser engine on iOS through the App Store would open the door to a wide variety of security problems. It would also effectively bypass the App Store, as Google (just as a totally random example) could release their own iOS "browser" that's actually their own platform for apps that they sell. Not to mention inserting their own ads into anything people browsed on it. And tracking literally every single tap and text entry that people do in that browser, including bank passwords, credit card info, etc.
On a platform like the Mac, that doesn't matter very much, because it's small enough that basically no one would bother.
On iOS? If you could get 0.0001¢ per website visit from even 1% of iOS users, that would be a money-printing machine.
> Apple is arguably adding these features because it's what their user's want.
Apple would certainly argue that, yes. Foremost though, they're adding it because it's what Apple wants, and conveniently converges with the desire of the user.
People who didn't live through that era really don't appreciate a key aspect of it, which was that MSFT OWNED the desktop -- like, 90+% of the market. There were no other real options. For a good chunk of that period, Apple was seriously on the ropes and might not have survived. (Michael Dell famously said it should be sold off and the money returned to the investors.)
Microsoft had deals in place with PC makers so that it was impossible, nearly, to buy a computer without buying a Windows license. BillG specifically told Netscape he planned to "cut off their oxygen supply" by shipping a browser with Windows, and he did this because he was smart enough to see that browser-based software could endanger their control of computing. That was literally illegal.
No one has anything like the control they had back then. The desktop market is still mostly Windows, but Apple got healthy and took a decent chunk back. Now there's also ChromeOS and Linux out there, too -- plus, we have mobile, which is an even BIGGER chunk of the platform market, and it's split between iOS and Android.
So that's at least 6 different software platforms a hypothetical user could pick in 2022, and they're spread over dozens of hardware manufacturers. That's been the norm for so long now that it's easy to forget how little choice we had in 1998.
*ANYWAY* the bigger point is that adding features to your system isn't a problem if you're not acting as a monopolist. Microsoft WAS in the 90s. Nobody has that ability now.
There are still a lot of companies out there with significant control over their respective markets. Apple, for example, still has a huge control over the mobile device market and is not afraid to use it to their advantage. Companies like Amazon and Google also have significant control over their respective markets, particularly in the technology space.
Seems like we can never relax, always some company waiting for the chance to take over a space. Gotta stay vigilant.
Apple just undercut this by creating an ecosystem which funnels something like 80% of mobile profits in their pockets.
Then they just point at marketshare and say: "we only have 30% worldwide". Yeah, but your stuff is aspirational and the vast majority of Android users have lower disposable income so spend less and many switch to iOS when they have enough money.
It's very sneaky and it's breaking everything down.
They do not control the market, and thus are not subject to -- and should NOT be subject to -- the kinds of restrictions justifiably imposed on actual monopolists.
>Android is stagnating, if anything despite the free and Open Source operating system
I might argue that Android is stagnating BECAUSE it's free/open source, and as such lacks effective leadership.
If a company could have 1 single user and that user could pay them $500bn in perpetuity for a product costing $1, they'd only want that customer.
They want more customers because they can't have that ideal case. First of all nobody would pay that much for such a cheap thing, secondly, nobody lives for ever. So companies expand to make more money (= profit) and to future proof themselves.
Again, as I said, very sneaky from Apple, and I'm arguing it's breaking down existing economic models.
It's basically another run-around at "winning capitalism". Monopolies were one way. This is another one.
I think you misunderstand why monopolies are regulated.
There is AMPLE computing choice today. There is even healthy choice available in mobile alone.
Monopoly regulation is about preventing those with market-controlling power from exploiting that position in unfair ways to the detriment of consumer choice. Microsoft did this when they tried to destroy Netscape by bundling a browser with Windows. There really WASN'T another viable desktop system at the time, and mobile didn't really exist; they owned the market.
Apple is free to improve their offerings in any way they see fit. They are even free to incorporate features into their systems that began life as products from other vendors; this is the normal way of things. If you don't like how Apple is behaving, you are free to shift your desktop to Linux or Windows or ChromeOS, or to migrate to mobile devices running ChromeOS or Android. That's a functioning market.
There's nothing sneaky about openly continuing to improve one's offerings.
HN is really, really bad about ascribing dark motives to every tech company not on the Approved List (which, of course, is constantly changing). Apple is pretty smart. Adding encryption to their backup scheme is one of those scenarios where yes, it's good business, but it's also the right move for customers.
Why do people act like what happened in the MS anti trust case is lost to the annals of history? Absolutely nothing came of the bundling IE with Windows in the US. There was never a time that IE was not bundled with Windows because of the lawsuit and there was no browser choice mandate in the US.
Spotify is pretty successful and yet, Apple went in direct competition with them, using APIs that only Apple gets to use in their Music app (like integration with Siri).
Or use Linux, the highly advanced MPRIS protocol is capable of tracking multiple media applications and presenting their playback controls. It's like space-age tech!
In recent versions, the "default" is just whatever last played media—if you were watching a YouTube video yesterday, and the tab is still open, pressing the play/pause key will start it playing again. There's even a little menu bar widget (it's called the Now Playing menu, and you can find it under Control Center in the system settings) that shows all the instances of actively- or recently-playing media the system knows about. Whatever is on top (IIRC) is what will automatically be controlled by the media keys.
In the car today I asked Siri to play me a particular song (I have had Spotify defaulted for a while), it helpfully signed me up for a 7 day preview of Apple Music Voice and started playing it there! Where's the FTC? Is Apple too big to fail?
ok, i may buy your argument from a perspective of a brand new cloud storage provider that's try to come up online and break into the market, but you're telling me that Dropbox, OneDrive, Box., etc., are all indie developers living in their parent's basements? These companies made a conscious choice not to offer encryption and now got the rug pulled out from under them. steve jobs famously said that this "Storage" is just a feature, not a product, and now they've proved it.
additionally, as far as i can see, those apps all free to download and you can buy their plans outside of the apple ecosystem and thus they get a free ride in the App Store without giving away any cut to apple.
While I am the very first one to fight for allowing side loading on apple devices, didn’t Netherland’s dating services decided in the end to go with Apple’s payment processing even with that cut?
You pretty much have to be on their store to sell something, which means you give them access to your sales and customers. Which is a concept that is absolutely wild in any normal healthy competitive landscape.
Then they'll monitor and if you manage to actually be successful, 3 months later there's an Amazon Basics version of your product.
It's so incredible to me how these practices get no push-back. There used to be a time where in the case of Windows, people were wondering if its fair that they ship it with a calculator program. Now you can just use your massive platform and extend in every possible direction, seize secondary markets, nobody seems to care.
I think this is the part that is not legal, and which they say the don't do, etc
* Amazon uses third-party seller data to copy the site's most popular products, an antitrust report by the House Judiciary Committee alleged on Wednesday.
* Former Amazon sellers told an antitrust subcommittee the company released new products almost identical to their own and "killed" their sales.
* Amazon has denied accusations of this behavior in the past.
"We have a policy against using seller-specific data to aid our private-label business," Amazon CEO Jeff Bezos said in July.
> There used to be a time where in the case of Windows, people were wondering if its fair that they ship it with a calculator program. Now you can just use your massive platform and extend in every possible direction, seize secondary markets, nobody seems to care.
Windows was artificially crippled by the DoJ ruling and not including a PDF reader by default. I, for one, like it when more is built into the OS by default.
Well on the optimistic side, they might buy your product or company, which they have done numerous times in the past like with Beats, Shazam, Siri, etc..
Yeah but it’s still basically the great philosophical question of the douche or the turd sandwich.
With everything that has happened with Apple since Job’s death, my trust has been eroded so much that yeah I still use Apple but they are the turd sandwich at the end of the day. I trust Google a percent or two less.
I like that they are doing with this E2E encryption. It protects against hackers better. It doesn’t protect against Apple though… they will still continue to sell the analytics on you. Which is fine if you don’t care.
This. Technically the iphone can process images locally. Photos app shows what is in the picture (faces, pets, food) and can do ocr on text in screenshots and photos. This is a very real possibility to outsource the processing to your device.
The camera itself does software processing and you can't encrypt the light. It detects faces even before you click the shutter for capture. There is no way to keep the device itself from ever knowing what it was looking at. Something that sensitive is something you don't photograph.
we agree I believe. I am saying that technically the device gets thst information on-device, and could send it. Idk if that is the case, but it is possible.
Edit:The ocr and face recognition on the iphone is definitely more advanced than usual, thanks to the custom hardware on device.
I mean, if you can’t trust the very OS that handles your encrypted data, then you are lost either way, so that argument doesn’t make sense. It is similar security LARPing then hardware kill switches.
It's fine that very few people care Apple is very good at attracting customers without it anyway, so it's not the classical situation where we, tech people should feel sorry that non-tech people "just don't get it" and don't use Apple services.
And lastly, if indeed no customers care, then that speaks for even bigger respect toward the individuals working at Apple who pushed for this and made it happen. (But I think Apple believes this will be a good business decision, not altruism.)
>>>seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
Lol I would never advocate for any company I engage with to use apple products. Why? Because they suck.iphoto and iCloud are pieces of trash. Most basic thing like, delete local but keep cloud copy seems to be missing. Can't keep a iPhone synced and do this with iCloud. Lulz worthy sitcho.
Also can't even copy files off device easily. Can't put custom apps on devices easily. The company actively kicks back against things like, freedom of information, following standards, reducing e-waste.
You know some of us make decisions around the companies we support on greater levels than just feature a or b is present in device. Apple are a predatory company that in no way promote a software or hardware ecosystem that is ethical imho and they don't promote one I want to participate in.
I wouldn't touch their shit with a barge pole and ontop of this due to being IT everytime I'm forced to I'm mostly confused by wtf folks think is so great. I legit find the kids toy ux difficult to work with, borderline impossible.
I also like blowing clients away with simple tasks like....copying photos to a usb...browsing files on my phone on a pc. You know the basic stuff like they used to do when they were younger but apple cucked it along the way for zero reason lol.
Downloading some random GitHub app to access a phones storage sure as shit won't be happening on any managed corporate devices I deploy. Or unmanaged devices tbh. That's the kinda shit I leave for quarantined VMs.
Data is still not easily accessible once it's on a iPhone.
Okay... then use iTunes on Windows or Mac? (Not sure how those work, never used them, but I assume they provide the same functionality as imobiledevice)
Nah I thought that was the case too. Turns out it is not. Had a clients employee as me for help w/ her iphone about 2 weeks back. 32gb phone, no storage space left on device so it legit just stopped working, wouldnt recieve texts or anything cus it was full. So clients like, help me get photos off phone onto a USB or set photos to store in icloud only and ill delete the phone copies (well this is what I thought was an option because I can do it w/ just about every other backup software I use). Turns out big fat nup to either options. Only way she could delete phone photos but keep cloud ones was to disable sync entirely (lol wtf is the point of linked cloud if sync is so shithouse?). Plug phone into itunes, all you get re. access to device is no ability to view pics as files too extract, you cant even control apps on the device (good luck finding out what apple referred to as other apple software that used up >30% of phones internal space it just gets all lumped in under one grey color of storage being used.
Got forced to use a iphone 11 or someshit a few years back as a company issued device. Man it was alright at making phone calls, complete POS for doing any actual work on. Basically found it to be an overpriced paperweight that could take ok photos but was impossible to retrieve photos from. No i dont want a icloud account or any of that bs i just want to plug in to pc and pull files like I've been doing for 25+ years on every other platform ive ever used.
> You will, from May, thanks to the EU Digital Markets act.
Is this fact? Last I read about this the law was passed, but it's still unclear if apple will actually allow this.
I absolutely would love if I could use the latest version of iOS and install apps that are not in the app store. I'm currently using trollstore to do this but that means using older versions of iOS that are vulnerable to exploits.
The law has passed - but it also has exemptions for security.... So we can expect a lot of negotiating between the EU & Apple/Google on what they actually have to do.
> seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
That's an awfully bold statement! I'm quite happy in the Microsoft ecosystem for OneDrive, etc, and I'm not reading this and jumping to Apple. I'm not sure if most people care about these claims, and the people who are very security aware probably don't believe them.
> the don't care to scan your pictures with AI 20 different ways
They actually systematically scan photos and declare people to the police if IA determines it looks wrong.
With Apple, you’re at risk of losing your business just like with any other company who wants your data. Apple didn’t solve the “An offline account is better than a Cloud account” problem.
That’s a non sequitur. Also, there is no reliable way to check whether a given source code is the actually deployed version, neither on servers, nor local devices.
Give me open source dev tools for the iPhone and I'll jump.
While it is a closed garden, I'll begrudgingly accept it can be marginally better in some fields than other options, but Apple tries very hard to be a proprietary island in a world that has switched to free software.
The world of phones is based on free software. Android is based on the Linux kernel and AOSP - iOS is based on XNU, which is a combination of GNU implementations and BSD patches.
Apple offers hi res audio, but most cant and wont take advantage of it. Why? because most users of apple music use AirPods, and apple claims lossless wireless audio is not possible (despite the existence of LDAC). Therefore, you are streaming hi res audio to your phone only to downscale it when listening via your headset. Only people who really benefit are carriers, who can rate limit your data.
"most can't and won't take advantage" of it is a broad statement. i would think there are a lot more DAC/lighting adapters and analog headphones in the world than there are of AirPods, anyone that wants to listen to CD (16/44) quality can probably do so for free or a few $ already. my home "hi-fi" now consists of an old iPhone 8+ hooked up to a DAC piped into my receiver utilizing 24/96 setting from iTunes, no longer need for Tidal or Qobuz.
With high enough “resolution” does it really matter? (Don’t trying to start a fight, genuinely curious as I’m not too well versed in audio)
We don’t cry over bitmaps vs vector graphics in most contexts, especially that the hardware is trivially limited. It’s probably a bit more nuanced with speakers, but I imagine that they also have very real limits on distinguishable outputs for a given input, even if it is not as trivial to see as in the case of a w*h pixel grid of depth n.
It does to some - I recently rediscovered my love of CD's and was surprised to find they sounded much better than I remembered - I am currently in the process of upgrading my music to CD quality and higher, and was equally surprised to find that Apple doesnt support a hi-res codec for their wireless headphones, even though they offer hi-res music. For me, it makes their $549 (!!!) AirPod Max product extremely confusing, laughable even.
So yes, I think mp3/aac to CD, the change is very noticable. CD to HD (24bit), not so much
It might be possible that with very ($1000+) high end headphones about 5% of people could tell a difference, but even that is questionable. I have done many blind A/B tests with my $500+ headphone setup and no one has ever been able to accurately tell the difference repeatedly. There is absolutely no way that someone would be able to discern the sound difference between 320 and lossless on an AirPod-quality speaker.
I’m not sure about large speakers however. I assume that it’s equally difficult to tell any difference, and I couldn’t when I tested my setup. However, I have listened to some incredible $4000+ speakers before, and at that level I wouldn’t be surprised if differences emerged.
There’s so much snake oil in audio and placebo can effect sonic perception so heavily that it’s nearly impossible to find anything objective. There’s also a lot in the chain - the DAC, the AMP, room acoustics… that will effect the sound, sometimes substantially - let alone the speakers and the actual source.
While microphones obviously exist, you can’t measure sound the same way that you can measure the nits and white point of a monitor - it’s far more intangible.
Using lossless audio with AirPods is still preferable. Rather than re-encoding a lossy stream with another lossy codec, you only encode it once. Is it minor? Yeah. Can I actually hear it on AirPods? No. But it's not entirely moot.
This is true. It's better than nothing, but the price they are asking for ($549) for a top tier headset that CANT do hi-res audio is offensive if you know what you are looking for.
> they just ate every other 3rd party "secure" backup services lunch just like they did to the Hi-Res music industry.
Cross platform support is always a problem though. And frankly I don't buy the "like they did to the hi-res music industry"-- Spotify is still king here.
> seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
Their software is not open source. Before this announcement you had to trust Apple not to look into the files you store in the cloud, now you have to trust that they're actually going to encrypt your files and not save the decryption key. Ultimately you still have to trust Apple.
A combination of any open source OS, any cloud provider and Cryptomator or Veracrypt wouldn't require as much trust in one company.
I think this is less of an issue than you might think - if they're going to decrypt for law enforcement then it will become painfully obvious there's a backdoor literally the first time evidence is brought to a court that shouldn't have been available without a decryption.
But that could be a very long time if they just apply some form of parallel construction to most cases. They aren't going to burn such information on the first low level criminal/CP target they find. Instead they will wait 5 years and then sweep up a bunch of people involved in some criminal "ring".
And the problem with all these services that provide some kind of E2EE encryption and still have a way to push application updates (or run something in your browser), is that they just slip a version on your machine that sends the password to the feds/whoever when you type it in.
Thing is, if law enforcement is patient they can get the data off the actual devices themselves, if they're still alive. Yes, a fully patched iPhone tends to be a fortress of might to anyone other than a nation state willing to burn a few very expensive 0 days, but with almost any phone if you wait a year or two something will inevitably come out that will allow the ol' Cellebrite crowbar a cranny to slip into.
my comment was not against someone 100% paranoid using grapheOS and doing their own backups somewhere and trying to figure out how to get a good google maps alternative in open source.
my comment was that against main stream companies apple leads the way, and it's overall great for a consumer.
do you personally expect every piece of open source software? do you run your own email servers, music servers, photo backups, etc.? If not, you somehow trust those companies -- why?
Acceptable security afforded today - through usability - is better than superior security, that could've theoretically been gained, but wasn't, because it was too difficult to set things up.
In particular, reviewing open source code has been repeatedly proven to be way harder of a task, than the proponents of this strategy are painting it to be. If you want an auditable codebase, you pretty much have to throw Linux, Chromium/Firefox, Gnome/KDE all out the window - there's just way too much code.
Auditable code is naturally always preferable to non-auditable, but you need to choose your trade-offs - or at least stop pretending you can read a hundred million lines in your life time.
On top of that - do you know a single non-tech person who knows how to set up a VPS, or knows what Veracrypt is? OTOH I can just show my wife: click here to enable backups.
Let me reframe the problem: What is your threat model? How much effort are you willing to commit to mitigate the dangers?
This is a succinct explanation of the problem. Do we give the vast majority of users extremely easy, frictionless access to very high levels of security and privacy? Or do we give the vast majority of users a fundamentally insecure solution that with lots of learning and configuring and time can be have very very very high levels of security and privacy?
The crazy thing is that apple hardware beats most other hardware, too, at a high price. Better phones, better tablets, better laptops. More secure, more private OS than the popular consumer alternatives (Windows, Android). Arguably much better OS all around, too (at least IMO -- iOS beats even stock Pixel Android at use-ability, MacOS v Windows is like the Harlem Globetrotters playing the Washington Generals.)
> stop pretending you can read a hundred million lines in your life time.
For me, and I assume most others, it's not that we expect to read all the code ourselves. It's that there's a large developer community and security researchers who have access to the code who will collectively read it all. Of course this isn't a guarantee that there are no security flaws, and you still have the pipeline problem of ensuring the binaries you get actually come from the code you think they do. But all else being equal, I think open source provides a significant level of threat mitigation.
Even if you fully trust Apple not to intentionally back door anything, there's far fewer eyeballs on their code. Given that access to source code also has the potential to reveal security holes that may have gone unexploited, there of course a tradeoff here too.
> It's that there's a large developer community and security researchers who have access to the code who will collectively read it all. Of course this isn't a guarantee that there are no security flaws.
Yeah, about that, I'm as much of an Open Source buff as anyone, but:
> Analysis of the source code history of Bash shows the Shellshock bug was introduced on 5 August <<1989>>, and released in Bash version 1.03 on 1 September 1989.
[...]
> The presence of the bug was announced to the public on <<2014-09-24>>, when Bash updates with the fix were ready for distribution, though it took some time for computers to be updated to close the potential security issue.
Especially older Open Source software tends to have maintainers that haven't adopted modern software development practices so we're back to square one, since most of this older software is foundational technology, like Bash.
I'm not sure I understand the concern. I don't think it's at all unlikely that there are such long standing bugs in closed source software that's been around the same amount of time. We might just never hear about it or those bugs might never be found. Of course, I have no proof that's the case, but I'm not convinced that finding longstanding bugs in open source software is evidence of inferior quality (this is what you seem to be implying, but I may be mistaken).
> but I'm not convinced that finding longstanding bugs in open source software is evidence of inferior quality (this is what you seem to be implying, but I may be mistaken).
I'm not implying inferior quality, I'm implying no correlation.
There was a very strong assumption from back in 1999, that "lots of eyes make all bugs shallow", with a focus especially on security.
In reality, there's no correlation.
You need those eyes to actually be looking at stuff proactively, you want automated scans, you want modern software development practices and CI/CD pipelines, you want those eyes to actually be qualified to look at what they're looking correctly, etc.
Just putting stuff out there and assuming "people will look at its insides" is a bad assumption.
Open Source in my experience is not inherently superior from a security perspective to proprietary software.
You're trusting somebody no matter how you do it unless you own all the hardware that supports your ecosystem.
The Free Software world has had ample opportunity to produce something as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.
I've watched the whole FOSS world happen in my career, and there are places where I cannot IMAGINE choosing a closed source solution, given my druthers. But it's also become super clear to me that the FOSS world isn't interested in producing polished user experiences. Sure, you or I could cobble together a FOSS-only phone-and-syncing stack, I guess, but I don't care to. Most people aren't us; doing so is beyond them.
Suggesting a normal person use something OTHER than iOS at this point is questionable at best.
A bazaar cannot produce things that are coherent and smooth: it takes a vision of a single person to control a large amount of aspects, implemented by other people the way the leader prescribed. That requires the cathedral approach.
Sometimes it works with a right BDFL, for some time (like Python). It also works with solo projects, and with projects with large commercial support (like Blender), especially those which don't normally accept your pull requests, except as a proof of concept (SQLite).
But the normal open-source model produces things like Linux, git, ffmpeg, VLC, etc, which are wonderful and have immense power, but are hardly sleek or excessively coherent. And each of them is much, much smaller than macOS or iOS.
Something I've come to understand is that just as we have "time vs. space" tradeoffs in, well, primarily computing (but can be applied to virtually everything), we can also reduce essentially all preferential decisions down to "freedom vs. convenience".
The kind of person that uses Apple products/services cares about convenience. The person that uses the third party Android ROMs, in particular, cares more about the freedom.
FOSS people who see themselves as digital freedom fighters LOVE to trot this out, but I don't think it's true in any meaningful sense.
It's more accurate to frame it as preferring low hassle to high hassle. Or to preferring well-designed tools to haphazard efforts. Or, from the other side, preferring some degree of DIY to turnkey products. (In particular, I think this is a HUGE piece of it; lots of hackers want to build their own toolchain, and then they get to feel noble because they're doing it for "freedom.")
I'm pretty "all in" on the Apple ecosystem. Each step of the way, I thought pretty deeply about my choices, and still ended up with an Apple option. But to characterize this as me caring more about convenience than "freedom" implies that I have somehow given up or endangered MY freedom, which isn't the case.
I'm able to do anything I want to do in this ecosystem. Macs are general purpose machines; I can build from source, and I can run code from any repository I want.
iOS is closed by design, and the result has been a very stable and predictable platform that I do not believe is possible WITHOUT that closed nature. I can't hack code on my phone, but I also don't WANT to. There are lots of appliance devices in my life I don't want to hack, and that I just want to USE.
You're right, you have the freedom to choose a device with less freedom. And that's fine. I'm not trying to be condescending to people who prefer convenience. It's a reasonable preference to have. I don't see how this disproves my point though.
I will admit, Macs are much better in the software realm, but the hardware has almost no internal upgradeability. There's some, but it's less. That's my point. And yes, many non-Apple computers also have that same problem. My gripe isn't with Apple. It's with companies who don't give maximal freedom with their devices, as I prefer more open systems, personally.
I am one of those FOSS people. I was all in on Apple up until about 6 months ago (iPhone 13, 13" M1 MBP, AirPods, an iCloud+ sub and some peripherals). My wife still is.
The main reasons I left are repairability and upgradability; forms of freedom that you simply cannot deny Apple isn't great at, from design all the way up to policy. Privacy was also a reason. It is true that you have to place trust somewhere up the chain when it comes to the way specific software handles your data, but things like where it is stored and how it is encrypted are in your own hands when you DIY.
These things are not theoretical; if I want to use a different Wi-Fi adapter, a new SSD, RAM, a replacement screen, speakers or barrel jack then I can. There are parts available for very reasonable prices as well as the manufacturers' repair manual. It doesn't require solvents or esoteric tools.
Now I use a business notebook with Linux that is worse than the M1 in some respects, but in hindsight I'm willing to give up the battery life and cool runnings for the ability to repair and upgrade (and ports! Ethernet, yay!). Same goes for the phone (I went for a FairPhone).
It isn't as polished, very true. There's some rough edges and it takes a little more work, and yes, sometimes a bit of frustration. But the upside is tangible, it's not some form of feigned nobility.
Wild. I can't imagine that transition. I can't imagine that thought process. It seems goofy to me. It's not just that you abandoned the high-polish, high-usability world of Apple; it's that you also had to bail from high-quality, high-polish hardware from any vendor. I've seen the kinds of laptops you're talking about; they're kind of awful, miles away from the best that Apple or even Dell or Lenovo are bringing to market. But you do you.
Honestly, I suspect you just like having to tinker with your stack to get work done. (I mean, I've been there - I use OrgMode.)
Sure, being able to swap out parts is theoretically nice, but you'll do that maybe once in the useful life of a computer -- but I haven't needed or wanted to do either in easily a decade. How often does this really come up? On the other hand, you'll confront that lack of whole-package QA and general polish every time you turn your computer on.
And I'm really curious about anyone's privacy needs if they abandon APPLE for roll-your-own. Yes, it's all in your hands now, but most people don't have the time or inclination to be sure they're doing all the right things, security-wise and privacy-wise, to stay safe. There's a good chance your DIY approach is less secure than iCloud unless you literally do this sort of thing for a living. I mean, this is why I don't run my own mail server anymore (hello, Fastmail!).
So yeah, I think lots of people say "freedom" when they mean "I just want to tinker with my toolchain a lot and occasionally feel superior about it."
>it's that you also had to bail from high-quality, high-polish hardware from any vendor. I've seen the kinds of laptops you're talking about; they're kind of awful, miles away from the best that Apple or even Dell or Lenovo are bringing to market. But you do you.
I use an HP 830 G5, a high end 13" thin notebook from 2018. It cost me 350 bucks. I sold my M1 for 70% of what I paid, and I can replace this thing for something similar, so it makes financial sense in my case. It's just a platform, I don't really care about the thing itself. It hooks into a thunderbolt dock for a lot of it's life anyway.
>Honestly, I suspect you just like having to tinker with your stack to get work done. (I mean, I've been there - I use OrgMode.)
I run Fedora 37 (35 and 36 upgraded without issue). I'm in the process of building a new house, which requires insane amounts of paperwork and communication as well as document storage and exchange. I need this to be rock solid, running E2EE on a NextCloud VPS in combination with this workstation setup does that for me. It's a little work up front, but it's been smooth sailing ever since setup was done. It just gets out of my way; I don't care about this WM versus that, this display manager, the whole systemd discussion. Everything except the fingerprint scanner just works, no tinkering required.
>Sure, being able to swap out parts is theoretically nice, but you'll do that maybe once in the useful life of a computer -- but I haven't needed or wanted to do either in easily a decade. How often does this really come up?
You can't predict breaking your computer. I managed a pretty large fleet of Macs for a living for about 2 years; build quality is great but they're not infallible. When they do break, you're at the mercy of Apple, and I simply do not have the time to wait for their repairs. With this setup, not only can I upgrade whatever, whenever, but anything that will run Fedora and has a modest amount of local storage can replace it for at least the time being.
Compare that to the situation I was in: Any repairs that I couldn't have DIY'd probably would have cost me at least the total cost of this computer (maybe even twice over) and would have put me out of business for a few days.
>And I'm really curious about anyone's privacy needs if they abandon APPLE for roll-your-own. Yes, it's all in your hands now, but most people don't have the time or inclination to be sure they're doing all the right things, security-wise and privacy-wise, to stay safe.
Sure, but I do. I simply hate surveillance capitalism with a burning passion; I honestly think there is a logical set of steps from that to political division and a worse world to live in. So I don't want any part in it. I must admit that that sounds like philosophical grandstanding, but I promise you it's a sincere belief. It's not so much about privacy from state entities; that's a lost battle in my threat model.
If you're locked into an ecosystem that you cannot easily get out of (and there's a BUNCH of dark patterns Apple applies to try and poke you to stay as well as the obvious loss of software licenses) you're a boiling frog. I see Apple going in a worse direction incentive-wise. Nowadays, I just don't care about where they're going anymore, it's not my problem.
Well, that one's not so bad, but is also mostly a commercially-supported endeavor and has been for a long time.
Now, the Linux desktop is a shitshow, sure. It'll remain that way until they can settle on One Windowing & UI Toolkit to Rule Them All, which looks to be happening never and is definitely in part a consequence of so many very basic parts of the GUI being swappable and having tons of competing options. Though the kernel's attitude toward providing stable driver ABIs (or rather, not doing so) isn't helping.
Is it a shit show, though? Things were more rocky two decades ago, but my computing experience with Linux today is unmatched by any other kernel or operating system. Comparatively it feels like the UX of OS X and Windows are the total shitshows.
> as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.
Some of us prefer Android to iOS :) Having used iOS as well, the one thing I miss in Android is Continuity. Other than that, I find Android gives me a better experience. I'm certainly an outlier in many ways though compared to the average user.
My favorite part of android is how security patches go through a multi-tiered trickle-down system of testing to make sure they work with the dozens of custom flavors each manufacturer has so that by the time you get patched it's been in the wild for weeks or months. Oooh, ooh, no that's not my favorite thing, my favorite thing is how each cellular company gets to put their own bloatware on top of the bloatware that each phone manufacturer gets to add to it. Oh wait, maybe it's patch support ending for new phones 3 years after they were released. There is so much to love about how Android turned out it's hard to pick just one thing.
> My favorite part of android is how security patches go through a multi-tiered trickle-down system of testing to make sure they work with the dozens of custom flavors each manufacturer has so that by the time you get patched it's been in the wild for weeks or months.
This is not the reason for security patches taking too long to be released to certain phones; Google has a monthly cadence of releasing security patches and zero-days have rarely (I can't remember a case of that happening but maybe it has happened) missed do you have a source for it?
> Oooh, ooh, no that's not my favorite thing, my favorite thing is how each cellular company gets to put their own bloatware on top of the bloatware that each phone manufacturer gets to add to it.
There are unlocked phones available and honestly this problem is mostly a US problem. Rest of the world isn't in the iron fists of their carriers.
> Oh wait, maybe it's patch support ending for new phones 3 years after they were released.
You can vote with your wallet and choose vendors where this is not the case; Google, Samsung and Recently OnePlus offer 5 years of security updates.
> This is not the reason for security patches taking too long to be released to certain phones; Google has a monthly cadence of releasing security patches and zero-days have rarely (I can't remember a case of that happening but maybe it has happened) missed do you have a source for it?
Yet and still Microsoft solved this problem years ago. Why can’t Google? Hell my 2006 Mac Mini got years of Windows 7 updates after installing Windows on it.
This is interesting, they’ll try to tell you it’s because the cellular modem requires extra testing by the carriers and manufacturers, but windows can support upgrades that don’t affect an add-in card cell modem… so what gives?
I'm sure they do the same testing but because they control all the hardware and there are so few models to test on, it makes things much easier. I don't think there's anything in particular about Apple's process that would scale better to the number of devices supported by Android.
Tbf the pixel phone does have issues making emergency calls, every time they claim to have fixed it we hear another report of an updated phone not being able to connect.
I don't, and that's not what I said. My point was that Apple doesn't have to think about testing vendor-specific bloatware every release across a wide range of very different devices.
>There are unlocked phones available and honestly this problem is mostly a US problem. Rest of the world isn't in the iron fists of their carriers.
In the rest of the world phones are unlocked in terms of being able to use different SIM cards, but mostly the bloatware is still there and can only be disabled (not removed)
>The Free Software world has had ample opportunity to produce something as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.
You mean the same OS that allows you to build your own open mobile OS as opposed to a closed source locked down OS that permits only 1 app store and 1 payment system?
>Suggesting a normal person use something OTHER than iOS at this point is questionable at best.
It's only questionable if you prefer the prison that is iOS.
Notably, the only other serious competitor in the space is also not open source. Sure, you can probably carefully construct a phone from only FOSS, with some compromises of course. But this is unfeasible for regular users, who have for all practical purposes only two choices. And those same users are unlikely to go for alternative replacements for built-in functionality just to reduce their exposure. Convenience wins every time.
So that they are legally saved from “storing child porn on their servers”. They explicitly wanted that feature so that they can freely upload user content, fully encrypted, without worrying about that - it was just grossly miscommunicated.
so did apple, you could encrypt through iTunes for decade, and if you're that paranoid about encrypted backups i would trust an off-line encrypted backup more than i would an encrypted backup in google's cloud.
>>seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
Well for your use case maybe, but I do not find the value of trading privacy for freedom to be a good one, specifically since I can secure my data other ways including not storing it at all on my phone.
My phone is a tool, and I prefer to own and control completely that tool
What phone do you own and control completely? I was under the impression that every phone capable of being a phone contains BLOBs that you have no control over.
Not to mention a veritable panoply of chips that you could probably spend a lifetime on trying to prove correct and not malware'd, assuming you could even get the schematics, etc.
The fundamental iCloud product itself however is subpar and until that is dealt with, it won't be that huge.
Few examples:
Still can't keep photos on iCloud and delete thumbs on the phone. A real issue my old iPhone had insufficient space and I had to move to OneDrive.
Support for other operating systems is lacklustre. One of the core benefits of cloud is accessing your files anywhere when you need them, not possible unless you're lucky enough to find yourself on a Mac at that moment.
This is the biggest gotcha that causes people to lose data every day. They try to free up space on their phone only to unwittingly permanently delete photos.
The other really annoying thing is you pay $3/m for 200gb or $10/m for 2tb… there’s no middle ground, I’d like to pay $4 for 500gb or $6 for a tb.
you know your first two sentences aren't really honest. there's the secondary market, considering that apple keeps updating their devices past typical android equivalent you're getting same $/years of use value. there are SE models that are in line to cheaper android alternatives.
if you're poor you're probably not data hording TBs of data, because you've got other problems, so yes, this is all speaking from the point of the privilege, and you being here is also from the point of privilege.
and to answer your 3rd question -- i'll bite and say that this maybe true. but is it really apple's problem or the problem overall? where we're all mined for data and now when someone does offer security you scream that it's unfair. shouldn't you take the equivalent effort and write your legislator and ask them what they're doing about bringing the bar to the level that apple is bringing it to, for all of the poor people out there?
Obviously a device doesn't become useless once it stops receiving OS patches. For one, it'll keep receiving security patches for other components (eg the browser, which is in many ways more important than the OS) for many years past end of life.
>seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river
Fanboyism is expected, but this kind of statement is always bizzare to me. I run an aosp build with no Google software. How can a closed, proprietary system which pinky swears they will not do nasty stuff with your phone possibly be better than that?
> seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
This is a little hyperbolic. E2EE backups are fantastic; Apple seriously deserves a ton of praise for this. And iPhones have been getting a ton of security/privacy features that I really love, I am not going to dismiss their contributions to privacy. And while I wish some of their services like the Apple VPN/masked emails were better done, they are still fantastic features that I encourage iPhone users to enable, and that I am thrilled to see rolled out to a mass audience.
Alongside that praise, I am though going to point out that the adblocking on the iPhone is sub-par[0] because mobile Safari lacks Firefox's extension APIs, and I'll point out that their app store model blocks some privacy apps like Newpipe, which forces people into using more invasive alternatives that require stricter privacy controls. I'll point out that it is harder in some ways to get away from the default tracking that happens in Apple's apps than it is to root an Android phone and disable/swap Google services.
Threat model and personal expertise matters here; I like a lot of what iPhone do, but I also dislike a lot of what they do. Personally, I feel more confident in my ability to secure a rooted Android device than I do to secure an iPhone against the majority of privacy attacks I'm worried about. That doesn't mean that iPhones aren't the correct choice for a lot of people. I feel much less confident in a family member's ability to secure an Android phone if I can't give them advice or help them through the process.
And all of this is ignoring that privacy is one aspect of consumer freedom and rights. I think we can praise Apple for what is objectively a great move for privacy without being this over-the-top.
----
[0] Before someone complains, I'm not saying that iPhones don't have adblocking. They do have adblocking and I encourage you to use it, it's great. But that adblocking is objectively not as powerful or comprehensive as it would be to use a tool like Ublock Origin.
I think this might be the single strangest objection to using an adblocker I have ever heard. Are you implying that installing uBlock Origin in a browser raises your risk of being tracked online?
I don't think I've ever seen someone make the argument that Gorhill should be trusted less than the advertising industry, that's a new one for me.
Well seeing there is a proven alternative method with iOS that allows ad blocking without the extension being able to intercept your browsing history, you don’t have to make that choice.
I already explained this in my parent comment, but the Safari APIs for adblocking are factually, objectively less effective at blocking trackers than uBlock Origin is. It's not a matter of opinion, there are things that uBlock Origin can do that Safari adblockers can't do.
People get really offended when I bring this up. I'm not saying that Safari adblocking is useless (you should use an adblocker with Safari, and there are devs doing excellent work to get around Apple's limitations, I have a lot of respect for them), but you are making a tradeoff for that sandboxing/permissions in the form of a less effective adblocker. This isn't just me saying this, if you talk to people writing iOS adblockers, they will tell you the same thing.
If you are so scared of Gorhill that you need to make sure he isn't tracking you, then sure, make that tradeoff. Or more realistically, if there are other privacy features on iOS that you care about more than adblocking, then make that tradeoff. But it's not just silly to pretend that the browsers are equivalent, they aren't.
And it's even sillier to pretend that an Open Source standard in adblocking should be rated higher on someone's threat model than the actual websites that are tracking you when you use a browser.
Once again, it's OK for people to like iOS or to point out that it has some excellent privacy features that make it a good choice for privacy-conscious consumers. And I'll give Apple praise that on iOS, the default browser supports an adblocker at all -- it doesn't require you to install a separate browser to get access to one. But we don't need to get hyperbolic and start arguing that Apple is somehow leading the pack on literally every single privacy issue; they aren't. It's OK to say, "in this specific issue, it isn't possible on iOS to get the same anti-tracking behavior that we could get on Android or on a desktop PC/Mac."
This is specifically looking at (pre-manifest-V3) Chrome, so there are some other differences with Safari, but CNAME uncloaking is the most obvious example.
See also some of the previous comments I've made about this in the past (https://news.ycombinator.com/item?id=23622206). A few of these details might have changed (I vaguely think I remember Apple raising the rule limit), but I think the fundamentals are all still true.
> Did you personally vet the open source code? Did you compile it from scratch and install it on your phone or are you trusting it’s the same code?
I have read through parts of uBlock Origin's code, yes, but ultimately I'm trusting the broader Open Source community to say it doesn't have holes in it. And yes, I'm trusting Mozilla's vetting process for its "trusted extension" category. I think that's a reasonable thing for most people to do.
Of course, I could compile the extension myself, but I think to a certain degree that would be security theater.
----
Again, just really surprising to see an argument that boils down to "this Open Source application might potentially spy on me, and that's a greater danger than the websites that I know are actively spying on me right now." If Safari adblocking is good enough for you and your threat models, great. You don't need to justify that by pretending that uBlock Origin is insecure.
I will note, by the by, that Safari's limitations mean that (at least on desktop) the top-rated adblockers like AdGuard have shifted to running as external applications separate from the browser (https://adguard.com/en/welcome.html). This is not a dig at AdGuard, I think the AdGuard devs (as of last time I checked) are doing really great work. But if you're worried about sandboxing, running a desktop app is a lot more invasive than running a browser extension. I don't know if there are ways to do the same circumvention on iOS, so it's possible that AdGuard devs are staying in the browser sandbox there; I'd need to double-check.
Of course, you can use apps like AdGuard as pure extensions in their more limited form (I don't recommend a specific iOS app, but unless something has changed since the last time I checked, AdGuard is a solid choice) -- but you will get a more limited adblocker as a result. The performance might be good enough for you, and that's fine. But it's still correct to say that it will be more limited.
----
I will also add to this just to preempt anyone arguing otherwise that I am not saying that browser extensions shouldn't have better sandboxing. They should, extension sandboxing is awful and it needs to improve. What I am saying is that the specific sandboxing model that Safari uses (and that Chrome is moving towards) for adblocking limits their effectiveness.
> they just ate every other 3rd party "secure" backup services lunch just like they did to the Hi-Res music industry.
... so, they... didn't? Plenty of those services, including Tidal, probably the most prominent one, still exist.
> seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
This is the top comment in this thread right now, and I'm guessing it's because the readers of Hacker News value satire. If Apple's ecosystem is so bewilderingly excellent that nobody in their right mind would choose anything else, why did Apple start offering a bunch of their services, like Apple Music and Apple TV, on other hardware ecosystems?
Can I use AppleTV+ without them tracking what programs I'm watching? Can I get them to stop showing me an ad in front of each program? Can I use Apple Music without them tracking the music I listen to? Can I use the App store without them tracking what apps I browse and download? Can I remove the ads from the App Store? Can I remove the ads for Apple Music from my iPhone?
> they just ate every other 3rd party "secure" backup services lunch just like they did to the Hi-Res music industry.
Except they only control 50% of the smartphone market and 15% of the PC market. So there is still a large market they're not covering
> Can I use AppleTV+ without them tracking what programs I'm watching?
Can I buy something from my local supermarket without them knowing what I bought? Can I create an EC2 instance on AWS without Amazon knowing who created the instance?
I don't like a super powered monopolistic company as much as the next guy and I totally agree that ads situation in App Store is not a straight business but come on.
Some people want to use their computer completely privately and that's totally fine, but when you are using a cloud service, they probably will know how you use it. What they do with that data and how they handle it on the other hand is of importance. The problem with the whole tracking fiasco starts when the provider sells your data or "access", collected using dark patterns for example to others.
I interpreted GP's comment to be more about how it's inevitable that businesses track consumer patterns, because after all it's directly their data. Who bought it is usually irrelevant.
That still leaves the purchase data freely available, and if you purchase the same kinds of items regularly you can probably build a profile. The purchase data itself is still valuable and still tracked.
I don’t know about you but when I go to our local supermarket and use cash to buy a beer, the person behind the register kinda sees me and recognizes what I picked. They even happen to know my name as they live in the neighborhood. Do you cover your face when you shop? Because this is the scenario I was talking about.
Apple doesn’t control ads shown on TV outside of Apple TV+.
How will they do recommendations if they don’t keep track of what you listen to? How will they do recently played lists?
How will they know if they should send notifications to your phone for your apps if they don’t have a record of what apps you have installed? All notifications are bundled together and sent from their servers to save battery life.
That was a bombastic final sentence. I'm going to assume you're ignoring third party Android ROMs like Graphene, Calyx, Divest, etc.? And all of the excellent open source projects that substitute Google's stuff?
i'm speaking from the perspective of the mass consumer and thus am comparing them to other mass consumer product companies.
what you're describing is not the norm and those options should always be available, but the effort to value is simply not there to large portions of the mobile users.
Apple has a lot of things going for it, but let's not pretend they're perfect and anyone who doesn't use their products is unreasonable.
iOS still doesn't allow you to sideload without shenanigans (requiring your to not only have a Mac, but also have it resign any custom apps every week is beyond unreasonable). Some people don't care about that, but I do and not being able to do so is 100% a dealbreaker for me.
Not using Apple because you disagree with their decisions does not make one intentionally "going out of their way to swim up river." It just makes one a normal person who doesn't want to use, what it to them, an inferior product.
> the don't care to scan your pictures with AI 20 different ways
This is especially ironic as another post on the HN front-page today is about Apple giving up on their plan to scan iCloud photos for CSAN after months of pushback.
> 1) they just ate every other 3rd party "secure" backup services lunch just like they did to the Hi-Res music industry.
This is not something to celebrate IMO, Apple keeps doing this and then pushing out the 3rd party options either by pure positioning and bankruptcy or by app store policy.
The result is no choice, no competition, and over time a worse product due to absence of market forces ... beyond the high resistance threshold of getting bad enough for a user to flip the table and exit the entire iOS ecosystem they've invested in - this is the danger of 100% vertical integration.
Jesus, the Apple fanboys truly are a different breed. E2E encrypted backups are nice, great even, but the rest of your post and especially the last paragraph are cringe worthy.
> anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
Did Apple ever implement the ability to run software without first phoning home and asking for permission? The last time I checked they had not followed through on their promise to do so.
> they just ate every other 3rd party "secure" backup services lunch...
Really? Isn't this the same Apple that told the FBI that they could get access to a suspect's data from their iCloud account. And the same Apple that was part of the US government's PRISM program to sell user data to the NSA? What makes you think people happy with competing services will jump to them blindly?
> They're not Goodle/FB/Amazon.
They are exactly like them. All of them claimed they care about user privacy, before massively collecting the private data of their users and then exploiting it.
> ... reliable, secure, private service ...
Reliable, sure. "Secure" is debatable when the keys are stored on the iDevices that only Apple can access any time. "Private" is laughable when every Apple product now comes with a disclaimer / popup permission informing that they will use your data to enhance personalised ads served to you by their ad platform.
What's the truth though? Are they able to coordinate with law enforcement if needed or not? I find it hard to believe there's no government agency paying attention to iMessage of criminals. Am I mistaken?
> seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
If there's anything I learned about any offers made from big tech, I would never trust any of them until proven for long-term usage for half a decade at bare minimum.
3-2-1 strategy is still a proven method for decades and will still be over any cloud services out there, including iCloud's.
So two words I can't find in this thread are "lawful intercept". If a judge comes down on Apple and says they are required to produce your private content, is Apple going to throw up its hands and say, "Nope, it's e2e encrypted." No, they will not. They will either run something on your device to scan it, or they will exfiltrate your encryption key, because at the end of the day they own your device. Maybe this makes it harder for man-in-the-middle attacks or whatever, but if someone with the right amount of power cares, your data isn't secure.
so that means if your iphone breaks or gets stolen the data is lost? I guess they would have to enable exporting the encryption key to users to make the backup useful in these cases.
>"seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river."
Not sure how common is my attitude but I do not give a flying fuck about what Apple does. I keep my own backups (been doing it since the 80s). Today's Apple to me looks like a money company that makes some hardware by accident.
and in general, the less I attached / depend on a single company for anything significant, the better I feel.
So up until now the government have had access to all your data because of the backups. This renders the e2e encryption on their different messaging platforms useless. Kind of a joke:"your convo can't be read because it is e2e encrypted, bit when we backup, we can read it".
I don't want to be offensive but this comment really feels like an intelligently-made shitpost. Or maybe I hope it is, and I hope OP doesn't have as much devotion to any company as they are displaying through this comment.
You’re calling out FB here but they’re one of the few to have rolled out similar backup encryption for WhatsApp messages and that was quite a while ago at this point.
I think FB really wants data about your behavior but based on what they’re been doing with chat security I don’t get a sense they want to or need be able to read through peoples chat history to get that.
Seriously. Your data is probably going to be mined on-device. Would make way more sense to further screw you by using your resources to mine you while you sleep.
I genuinely do not understand why you say other backup solutions aren't secure. Do you have anything to back that up?
re: point 3 - they really TRIED to scan all your data with your CSAM tool but got too much pushback. They are only doing this now because they are dropping CSAM and trying to garner public favor.
> they don't want to mine your data, they don't want to know what you store on there, the don't care to scan your pictures with AI 20 different ways, they don't want to monetize it, etc, etc...
What's stopping them from doing this scanning at acquisition or access by the user? We already see Google running models on your phone for things like Magic Eraser.
All Apple has really announced here is that if you're using Apple Apps and Services then they're the only ones who can mine your data. This pivots nightly into their Ad Services.
> They don't want your data. They're not Goodle/FB/Amazon. They're giving you 2TB+ of space and you can encrypt it to the point that you'll lose your data and they don't care -- they don't want to mine your data
Their devices are still sending a bunch of telemetry. They're still in the ads business
Not saying that this recent move is bad, it's good to see. But at the same time, I'd rather manage and encrypt my own files on my own dfs than get trapped in the walled garden
> just pay them money for their service and transactionally they give you only thing that you want in return -- reliable, secure, private service.
In every country they operate in? Especially those run by dictators, autocrats and wannabe dictators/autocrats?
If not would their next Ad or Speech on humanity, morals, rights, privacy and other virtue signalling include a disclaimer that those are not available in such countries?
I'm baffled that the information security requirement has reduced from zero-trust to trust the shiny hardware maker because 'they say so'.
> anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
I'd happily swim (or) drown trying instead of blindly trusting privacy claims of a Child labor exploiting, Union Busting, Virtue Signalling insanely hypocritical ultra-mega corporation.
> seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
Probably. Android is getting locked down with remote attestation anyways. There's no point to it anymore, might as well choose the better tended walled garden.
>BUT, perhaps the BIGGEST news here is that Apple is making a backup statement to what they've been saying for years and what they've recently gotten negative attention on: They don't want your data.
If they don't want their user's data then why are they running an ad business?
Yeah, and this also shows that the future is not necessarily all decentralized/run by crypto punks in basements. There is an elegant way we can move to a safer, more reliable Internet all while using the current stack that might be hyper-centralized, but has proven to be the most cost-effective and reliable way to do things.
Great stuff. The question I have is what is Apple's position on scanning for contact on phones themselves? In the past they hinted that they would not enable e2e encryption unless that was in place.
Now will they offer icloud tiers over 2tb next, like google does? Will icloud be actually usable for 3rd party apps outside of ios without constant reauth?
FWIW, there's a "product packaging hack"¹ that gives you 4TB if you pay for both Apple One Premium and iCloud+ at total cost of $40/mo. It's not a great value, but it's possible. I'd bet on them adding a 4TB plan in 2023.
All I want is a roadmap to ever increasing tiers of storage, like google, so I know if I need to, I don't need to do a big migration once my life history gets too big. Good to know about the hack.
Encrypted iCloud! Never thought I’d see the day- figured intelligence agencies wouldn’t be a big fan- I guess it’s only optional though. Still won’t be using iCloud on my iPhone, but I could at least consider it.
Okay, so when is Apple going to certify against any standards[1][2] higher than "Applies when you require confidence in a product's correct operation, but do not view threats as serious."[3] with a security standard, AVA_VAN.1, whose objective is: "A vulnerability survey of information available in the public domain is performed by the evaluator to ascertain potential vulnerabilities that may be easily found by an attacker. ... Penetration testing is performed by the valuator assuming an attack potential of Basic." [4][5].
On page 25 of [1], we can see the security auditing done as part of their only official security certification for the iOS was: "The evaluators searched for publicly known vulnerabilities applicable to iOS using the following sources... The search was performed on multiple occasions between... using the following search terms... The valuator's CVE search found no vulnerabilities apart from the ones listed in the developer's security content disclosure statements, all of which have been fixed in subsequent releases on iOS. The validators reviewed the work of the valuation team, and found that sufficient evidence and justification was provided by the valuation team to confirm that the evaluation was conducted in accordance with the requirements of ..." tl;dr The evaluation process is that they do a web search of key words, check that all the publicly disclosed vulnerabilities have been patched, then call it a day.
To put that into perspective, their are certifying against AVA_VAN.1. It is only at AVA_VAN.2 that the evaluator is required to do any independent vulnerability analysis as seen in [5] Page 155 AVA_VAN.2.3E (bold is changes from the previous level). At AVA_VAN.3 you need to evaluate against "Enhanced-Basic" attack potential. It is only at AVA_VAN.4 that you need to evaluate against attackers with a "Moderate" attack potential. At AVA_VAN.5 (the highest level) you need to evaluate against attackers with a "High" attack potential. Apple's only security certification, which in their own words "provide a measure of confidence—that is, security assurance—that the security needs of a system are being satisfied" and are "used by many organizations as a basis for performing security evaluations of IT product" is wholly three levels below "Moderate" and is effectively self-graded.
Until they actually certify against a standard requiring moderate security, it is only prudent to take them at their word and assume that their products are only fit for systems that "do not view threats as serious". If they want their security to be taken more seriously they should prove it against internationally recognized standards assessed by independent third parties rather than issuing unsupported marketing fluff.
One must understand that E2EE is used when you don't trust your service provider to handle your data. In other words, the adversary in your threat model is the service provider - and in this case, Apple. And what good is that encryption, if Apple obviously can do almost anything with your device?
They can remotely wipe apps. They can force-install apps and force updates. It is not too far-fetched to think that they can just remotely copy anything stored on your device to their servers. So, with an adversary that capable, I'm not sure encrypted backups provide a meaningful improvement to security and privacy.
I think it mostly matters in the context of US case law, specifically the third party doctrine.
> The third-party doctrine is a United States legal doctrine that holds that people who voluntarily give information to third parties—such as banks, phone companies, internet service providers (ISPs), and e-mail servers—have "no reasonable expectation of privacy" in that information. A lack of privacy protection allows the United States government to obtain information from third parties without a legal warrant and without otherwise complying with the Fourth Amendment prohibition against search and seizure without probable cause and a judicial search warrant.
In theory it adds a speed bump. Apple as the cloud service provider can respond to the legal order by saying they don't have the key. And then the police can ask for a booby trapped update for just your phone which may or may not happen. Or they can lobby the legislature for an encryption backdoor for all devices which will force them to show their hand in terms of "lawful intercept" capability.
If you want maximum security use an air gapped computer. But that won't let you send messages on the go.
If you want maximum security then just obviously don't use Apple services, or any other provider that has a capability to fetch your data under any circumstances.
Yes, I have heard of the GDPR and in my opinion it has improved/consolidated my digital privacy rights and not affected the "web browsing experience" in any negative way. I believe you are referring to the ePrivacy Directive (aka cookie law). As you may know, it's only mandatory to inform the user when the website is collecting information from the user beyond what is necessary for technical purposes - and in that case I do want the option to refuse that.
It won't help to download apps on an iPhone, which, I must say, isn't even yours: you don't get to decide which apps you can install on your phone. Apple gets to decide. Factually speaking you're merely renting the iPhonefrom Apple, which, being the device owner, decides the terms under which you can use it.
In practice this distinction is meaningless. In fact I trust Apple more than my own government. To take your argument to an absurd logical conclusion, I don’t own ANYTHING because my government can take it.
It is known that Apple would do quite a lot of what governments will ask of it. It removes app from national AppStores on a simple request from countries like China or Russia. (Well, now Apple might ignore Russian takedown requests, but prior to the war with Ukraine they were very receptive to their demands)
This is why side-loading and the option for alternative app stores is so crucial. If Apple bans Signal or other E2EE messenger apps from your national app store, you can't get them. Full stop.
If people in China and other privacy-hostile countries can side-load from alternative app stores (like F-droid for Android), the government/Apple doesn't control user access to particular undesireable apps.
There's obviously reverse concerns to this side of the coin but the overall concept has arguably always existed eith jailbreaking (Cydia store, AltStore(?)) and I haven't heard any stories about people becoming massively compromised in the way all the naysayers and Apple would have us believe.
Starting in May next year, the Digital Markets Act [1] requires Apple to "allow the installation of third-party software applications [...] by means other than the relevant core platform services of that gatekeeper."
I'm still on the fence about whether this will end up being a net good or not but people don't seem to consider the potential knock on effects of this. Apple puts some nice pro-consumer, along with some less nice anti-developer, requirements on Apps in the AppStore. Easy subscription management, privacy disclosure, parental controls etc. If the developers of an app decide to only make it available outside the AppStore you as a consumer may be forced to choose between using that app and getting those benefits.
> If the developers of an app decide to only make it available outside the AppStore you as a consumer may be forced to choose between using that app and getting those benefits.
And Apple already chooses the reverse for you by not allowing apps you may want and by charging at 30% tax for doing so. There is a vast disparity between the behaviors!
Nothing is secure. Once we remember that, we'll stop nitpicking improvements.
Use your own server? Great, it's secure software-wise, but if someone broke into your house, it's all of the sudden the worst liability ever. The next thing you know, your entire identity, your photos, everything is stolen. You have excellent technical security, perhaps the weakest physical security.
So new plan, you use a self-hosted NextCloud instance on a VPS somewhere. That's actually not much smarter than using iCloud - VPSs handle data warrants all the time. They also move your data around as they upgrade hardware, relocate servers, and so forth.
So new plan, you use iCloud E2E encryption. You have to trust that Apple does as they say, and trust that their algorithms are correctly functioning. Maybe you don't want to do that, so new plan:
You use a phone running GrapheneOS, with data stored on a VPS, with your own E2E setup. Great - except you need to trust your software, and all the dependencies it relies on. Are you sure GrapheneOS isn't a CIA plant like ArcaneOS was? Are you sure your VPN isn't a plant, like Crypto AG? And even if the VPN is legitimate, how do you know the NSA doesn't have wiretaps on data going in and out, allowing for greatly reducing the pool of suspects? Are you sure that even if the GrapheneOS developers are legitimate, the CIA hasn't stolen the signing key long ago? Apple's signing key might be buried in an HSM in Apple Park requiring a raid, but with the GrapheneOS developer being publicly known, perhaps a stealth hotel visit would do the trick.
So new plan, you build GrapheneOS yourself, from source code. Except, can you really read it all? Are you sure it is safe? After all, Linux was nearly backdoored with only two inconspicuous lines hidden deep in the kernel (the 2003 incident). So... if you read it all, and verify that it is perfect, can you trust your compiler? Your compiler could have a backdoor (remember the "login" demo?), so you've got to check that too.
At this point, you realize that maybe your code, and compiler, is clean - but it's all written in C, so maybe there are memory overflows that haven't been detected yet, so the CIA could get in that way (kind of like with Pegasus). In which case, you might as well carefully rewrite everything in Rust and Go, just to be sure. But at that point, you realize that your GrapheneOS phone relies on Google's proprietary bootloader, which is always signed by Google and not changeable. Can you trust it?
You can't, and then you realize that the chip could have countless backdoors that no software can fix (say, with Intel ME, or even just a secret register bit), so new plan. You immediately design and build your own CPU, your own GPU, and your own silicon for your own device. Now it's your own chip, with your own software. Surely that's safe.
But then you realize there's no way to verify, even after delidding the chip, to verify that the fabrication plant didn't tweak your design. In which case, you might need your own fabrication plant... but then you realize that there's the risk of insider attacks... and how do you even know those chip-making machines are fully safe? How do you know the CIA didn't come knocking and make a few minor changes to your design, and then gag the factory with a National Security Letter from giving you any whiffs about it?
But even if you managed to get that far, great, you've got a secure device - how do you know that you can securely talk to literally anyone else? Fake HTTPS Certificates from Shady Vendors are a thing (TrustCor?). You've got the most secure device that is terrified to talk to anybody or anything. You might as well start your own Certificate Authority now and have everyone trust you. Except... aren't those people... in the same boat now... as yourself... And also, how do you know the NSA hasn't broken RSA and the entire encryption ecosystem with that s...
I've been running my own Nextcloud instance on a Linode with 2FA and your response made me question how secure it is.
Even though I get an A+ on the Nextcloud Security Scan (https://scan.nextcloud.com/), have 2FA, and custom IP blocking set up in my .htaccess file, it's disheartening to know that I'm not as secure as I thought I was.
I removed all my photos/files from iCloud for privacy reasons, and now I feel helpless contemplating how Linode may just hand my data over if served a warrant.
Any other Nextcloud hardening tips besides Fail2ban and reverse proxying you'd recommend? May I ask what your workflow looks like for preserving files throughout time?
Nextcloud has three recommended add-ons that you can install in a few clicks:
-Brute force protection
-End to end encryption
-Multi-factor Authentication
> Use your own server? Great, it's secure software-wise, but if someone broke into your house, it's all of the sudden the worst liability ever.
this doesn't invalidate the rest of your point, but if your data isn't encrypted at rest on your own hardware, that one very particle point? that's your own fault.
you will need some kind of remote mounting mechanism. Imagine you are abroad and your power at home is off for a short period of time. How to boot remotely and mounting the encrypted filesystem?
Not an easy task. You will need some kind of dropbear ssh that you dial into and input your encryption key. Many moving parts. Don't get me started if you have to update the packages due to security fixes.
I run Nextcloud on a RPI at home with fail2ban, brute force protection, MFA, and E2EE which is backed up remotely using encrypted Borg backup. The 4TB SSD drive safely serves my friends and family too. My laptop and Graphene phone's files, apps and settings are backed up automatically to it daily. I have too many apps installed on Nextcloud to list, but it is basically an all in one solution to your cloud needs.
Both Nextcloud and GrapheneOS are FOSS which addresses your concern about it being a government trap.
My partner is able to access my Bitwarden account if I were ever to be indisposed.
Sure nothing is perfect, but tell me how this is not a better solution than trusting the closed source ecosystem of the biggest corporation in the world.
“Both Nextcloud and GrapheneOS are FOSS which addresses your concern about it being a government trap.”
I was merely referring to the fact that unless you build the code yourself, there is no certainty that you have that a government has not shipped a custom hacked build to your device and stolen a FOSS signing key. Unlikely? Yes. Possible? Yes. Also, backdoors, as seen in the 2003 Linux incident, can be as hidden as a deliberately missing equals sign in 1 line of code - so, a sneaky government commit with the smallest backdoor could be undetected even if FOSS. I still think it’s better than proprietary - don’t get me wrong - but it’s not invincible which was my main point about how security does not end.
Right, but nobody can write all the code they need for every service. I agree nothing is invincible. We put varying degrees of trust in people and processes of communities who maintain the SW. FOSS requires much less trust than proprietary SW developed by megatech.
> If you want maximum security use an air gapped computer. But that won't let you send messages on the go.
You can, with some inconvenience, use optical diodes to transmit data from a trusted input device to an untrusted network device for transport over tor, and then push the received messages over a second diode to a display device that decrypts the messages, so that even if you receive an exploit/malware, there is no physical connection that allows unencrypted data to be exfiltrated.
They don't have to lobby anyone for this. Apple has operations in aus. We have laws here gov can force you to put a backdoor in software or hardware and you are not allowed to tell even your employer you have been requested to do so.
Tbh in theory apple aren't allowed to tell you they have done it or otherwise. So their phones have probably been backdoored for a few years now at request of aus gov.
I would not be surprised if there is a backdoor already. Either explicitly ordered or secretly inserted like Dual_EC_DRBG. They’re not burning a zero day vulnerability or certificate authority just to convict one defendant. They’re saving them for something like Stuxnet.
> And what good is that encryption, if Apple obviously can do almost anything with your device?
Because apple isn’t in control of apple for data at rest, and that’s the specific risk.
You have to trust control of the device sure, but you cannot trust cloud data - almost at all - between subpoenas from over eager LEOs and break ins from criminal and state hackers
> Because apple isn’t in control of apple for data at rest
That's not really true if Apple also holds copies of your iCloud decryption keys. If they want to access your data, they already have all the necessary components.
Let me re-phrase, by giving Apple control over the keys, you give control over the data to whoever controls apple - which is non-zero (Eg. LEO), and whoever may gain control (security vuln).
Now we're going in full circle, so I'll just point you to the parent thread:
> One must understand that E2EE is used when you don't trust your service provider to handle your data. In other words, the adversary in your threat model is the service provider - and in this case, Apple. And what good is that encryption, if Apple obviously can do almost anything with your device?
Ironic, since if you follow the thread you'll learn that since Apple still has complete control of your device, it essentially still has access to the keys.
Apple isn't a monolithic entity. For example, a rogue engineer might be able to access your iCloud data, but it's orders of magnitude more complicated to push a specifically manufactured app to your device.
There's a similar variance of complexities for hacking and law enforcement overreach scenarios.
E2EE isn't a solution for all attack vectors, but it's a significant mitigation in itself.
There are multiple meanings of trust in this scenario: belief in honesty, and confidence of ability. Eg I can trust you to tell me the truth but not trust you to protect me from a missile.
I trust Apple’s honesty. I don’t trust many attack vectors. Someone could gain access to their data center. E2EE protects that. A gov could legally compel them to provide data. I trust when they say they’ve engineered it in such a way that they can’t currently do it, and that they would publicly cause a scene and legal battle if attempted-as they have before. Accidental data leaks also happen. In all these scenarios I trust Apples intentions but know that nothing is perfect. E2EE adds a lot for me.
Also, companies like Apple are huge, with thousands of staff.
These protections aren't there to protect you from "Apple", but Apple staff.
So for example if someone at Apple has been compromised by a foreign state, they can't copy sensitive customer data just willy nilly. They'd have to jump through a lot of hoops that would be prohibitively difficult.
Google had issues like this in the past where some employees were sending data to the Chinese government. E.g.: information about dissidents, political opponents in Taiwan, etc...
This is one of the reasons Google encrypts even internal server-to-server traffic, because the threat is on the inside of the firewall!
Technically no. I still have Fortnite on my iPhone, it just can't be opened. Apple can't wipe apps from your phone, but if they're App Store installed (as opposed to Ent MDM/Sideloaded), they can render them inoperable by revoking the certificate attached to the bundle.
What's the functional difference between "remotely deleting" and "remotely rendering inoperable"?
Remotely deleting probably just exposes them to all kinds of legal issues, since it would wipe user data too (which you can otherwise possibly still extract, e.g. through the "Files" app).
What’s missing is context - Fortnight’s account is in breach of the agreement and can’t deliver updates to address issues with the latest version of iOS.
This is identical to any developer that doesn’t deliver updates or suspends their developer account.
Those which have downloaded Fortnight at least once can still download and use the game on earlier versions of iOS and even with iOS 16 by following certain mitigations.
Contrary to some online posts Apple haven’t done anything unique to the fortnight account.
It's all a closed source jumble though. Even if they can't do it right now, they have the power to install an update that allows them to add that power, if they had to.
One must also understand that you're wrong. My threat model isn't Apple. My threat model is
a) Overreaching law enforcement, which want to take a look at what I'm up to.
b) Data breach at Apple exposes all my data
c) Errors where my pictures gets in another users photo album, as seen on Google Photos once.
> In other words, the adversary in your threat model is the service provider - and in this case, Apple. And what good is that encryption, if Apple obviously can do almost anything with your device?
The adversary in this threat model isn't the service provider. The adversary is someone attacking the service provider, like a hacker or a government with a warrant, and getting access to Apple's storage of your data.
Now of course it's not impossible for such an adversary to also defeat other systems at Apple and get your data another way, for example by controlling Apple's ability to send over-the-air updates to Apple devices. But I think that is a sufficiently distinct threat that it's not worth dismissing solutions to the first threat. That would be like dismissing the importance of a web server storing passwords salted and hashed, since attackers could just use a totally different attack to bypass the web server's database access control. Another way to illustrate this might be to point out that attackers can physically coerce you to hand over data regardless of any security measures any service provider could possibly make, but that doesn't mean we should dismiss all such security measures.
I think the right way to advocate for this really is to focus on the warrant aspect. It’s not about preventing law enforcement but keeping it above board where there’s at least the possibility of oversight and targets can exercise their rights to things like legal representation.
I disagree - the service provider should be considered an adversary and their service - and your tooling - should make it possible to obfuscate every single bit of data and metadata that you store there.
However, as with all things here, you can just email and discuss with a real person and we'll set you up the way you need to be set up wrt billing and pricing, etc.
I don't get it. If you don't trust Apple, then you don't take photos with an iPhone. There is no possible service they could offer that assures you every bit of data and metadata is obfuscated end to end in any sense of before Apple software has a chance to see it. At bare minimum, the camera app has to put together a file before there is anything to encrypt. A malicious Apple could just keep a second copy of that file, and even if you used a different backup service, they'd still have it.
rsync.net is great and I've always appreciated the exposed ZFS capability, even if at this point 3x the cost per gb for a small scale users vs B2 is a lot more painful. Having encryption, including for transfers, also be part of the filesystem (which is open source) is great. Pity but for a small turn of history ZFS didn't become the native FS for Apple. And I think backups in particular is one of the focused completely unambiguous areas where Apple really has behaved in textbook anticompetitive fashion, and they should be required to allow people to point their iOS devices at any 3rd party service (including their own!) they wish that implements the right API (which Apple should have to document and follow themselves).
Still with all that said:
>I disagree - the service provider should be considered an adversary and their service - and your tooling - should make it possible to obfuscate every single bit of data and metadata that you store there.
If you're using Apple devices at this point then I think they do unavoidably form some part of your core trust foundation. With current hardware Apple is everywhere in the stack right down to the CPU level, heck arguably below that since they have a special license with ARM and can implement their own custom extensions. If you really think they're an adversary to the point of doing custom backdoors explicitly going after you, then the hardware just can't be trusted.
It's not unreasonable though to look at both Apple's incentives and the state of American law at least and see distinctions between Apple being compelled (or hacked) to provide something they have passive access to on their side anyway vs being compelled to engage in non-consensual active work and feature development (or having that slipped in and make it into general deployment) on things that necessarily must go out to end user devices. The former is both bog standard warrant/subpoena territory and not inherently detectable outside of Apple and the government, since it doesn't directly involve the user as a party at all. The latter is very arguably illegal and provokes far more public response, and involves deploying in ways that make it far harder to keep concealed (and open up other avenues of challenge).
I think that's a separate issue. I'm not saying that Apple or any other service provider should not be considered a potential adversary. I'm saying it's still a good thing for service providers to implement solutions to threats.
remember Lavabit [0]? will Apple choose to shut down rather than to comply [1]? if the government comes with a warrant, it will be with a gag order, and they will be compelled to silently update your phone to extract whatever the govt needs over the course of a few months.
> will Apple choose to shut down rather than to comply
Apple will probably comply, just like I would probably comply rather than go to jail or suffer injury to myself or my loved ones. But I think it's fair to treat that as a distinct threat.
What is your actual point here? It feels like we’re just playing a game if hypotheticals that are no longer based in reality.
Sure Apple could update your device to send all your photos unencrypted to them. They could also remotely turn on the mic and spy on all of us. They could also add key word detection to iMessage and flag law enforcement if you text out the wrong words.
I think everyone here understands what Apple could do. Which is why it’s a good thing that signs point to Apple not wanting their customer data. And why Apple refusing government orders that they feel violate their customers is unequivocally a good thing (even if they’re doing it for selfish reasons)
that e2e encryption by a third party does not give you privacy from the US government if that third party can remotely control or update your device and is subject to US laws. it is a direct reply to the assertion made in the GP: "The adversary is someone attacking the service provider, like a hacker or a government with a warrant, and getting access to Apple's storage of your data."
1,082 comments
[ 2.5 ms ] story [ 349 ms ] threadMaybe I am just misremembering since like you I figured that was the reason they were doing it, no other reason to do something like that if it was all going too sit there unencrypted.
edit: I take this back—"nothing" should be the right answer.
We all like to vilify Microsoft (rightfully so for all the telemetry crap they pull) but imagine if Windows started scanning all your local disks for files matching certain checksums then notifying authorities when matches occur (thumbnails / other metadata uploaded with the reports) like Apple was planning. Sure, it'll be CSAM first. Then, domestic terrorism; then RIAA / MPAA would jump in on the action... and finally, opaque checksum databases from local governments ("wrong think", Winnie the Pooh memes, pictures from protests, etc.) ; if we don't stop it in its infancy we're quickly tumbling down the slippery slope.
They would've only scanned the files that would end up in the cloud anyway.
But people went "omg my files", stuck their fingers in their ears and refused to read the damn spec.
FWIW, I don't use iCloud and never have used it; I don't care if they scan content once uploaded (it's their servers and I'm confident they'll continue scanning content there no matter how "E2EE" it is - see China and key sharing). As long as they keep their scanning on their devices and off of my device it's all good.
This is nonsensical. iCloud Photos is not e2ee and Apple already scans everything serverside. There is no need for redundant clientside scanning of iCloud Photos.
The clientside scanning is only needed in the cases where:
1) iCloud Photos is turned off
or
2) iCloud Photos is e2ee
Apple actively doesn't want to know your shit or analyse it on their servers. That's why they constantly do things on-device even if it's of worse quality than Google's approach of doing everything in the cloud.
It seems to me a little bit suspect that they wanted to do clientside scanning as a prerequisite for e2ee, as if they simply would not be allowed to publish society-wide e2ee privacy software (without government/regulatory retaliation) without such a law enforcement backdoor. This screams of prior restraint and we should be loudly asking our legislators why the fuck the FBI is pressuring Apple about what software they do or do not publish.
https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...
There is a major 1A violation happening here.
Every day the US government takes more steps to erode our civil rights, even against the largest companies in the world. Someone needs to rein them in.
*The definition of terrorism depends on your jurisdiction.
I hope they will support existing Yubi-Keys etc and not force users to get the dedicated Apple hardware key.
I don't think there is one?
The section of the announcement is emphatically about 3rd party security keys support, so the worry about lack of support of YubiKey over some push for some imaginary Apple Dedicated Key didn't make much sense to me.
Also, security key (at least to me) implies a small, keychain sized device. I wouldn't think of calling my Mac Studio a security key. There is no device marketed as such, even though yes, the SEP can and has fulfilled these purposes.
> [Apple] will now allow users to log in to their Apple accounts with hardware-based security keys made by other companies such as Yubico.
"users will have the choice to make use of third-party hardware security keys"
> The new encryption system, which will be tested by early users starting Wednesday, will roll out as an option in the U.S. by year’s end, and then worldwide including China in 2023, Mr. Federighi said.
https://www.wsj.com/articles/apple-plans-new-encryption-syst...
Same reason they edit movies to appease chinese audiences
Manufacturing, sure. Consumers? no.
Apple traded it's privacy priority for profits back in 2017 when it gave backdoor access to all the iCloud backups - https://www.nytimes.com/2021/05/17/technology/apple-china-ce...
Just because Apple couldn't officially sell any iPhones in China doesn't mean that the Chinese public would suddently stop coveting them. I don't think they'd blame Apple if it came to that.
If you go to set up encrypted backups and find out the feature isn't available or get a message saying something like "Feature cannot be activated in China, Turkey, and Russia", that's better than the feature not being available anywhere.
(letting users into their own devices means the ability to access the entire device, examine what their device is doing, and firewall it if wanted)
Just let me use my local Time Machine backup server!
Sadly, I am convinced I'll never see that feature – it would basically remove the need for any iCloud subscription for me and thereby undermine Apple's "service" efforts too much.
A reasonable desire, but clearly niche enough that it's unlikely to come to pass. (Particularly since, given what little I've seen of how Time Machine works, it would likely require some quite significant dev work on Apple's end to enable.)
Yes, to its local storage only, which makes it completely useless to me. (I have more data on my phone than on my computer, and I can't be the only one.)
> TM doesn’t make much sense without the Finder’s interface.
Why? I can even already connect to the same SMB mount that holds my Mac's backup via my iPhone's "Files" app. Just let me backup to that!
Don’t exclude the back-up folder from TM, though.
(Actually it doesn't – I symlinked the backup directory to an external drive, and fortunately ~iTunes~ Finder follows that. But this is something completely unrealistic to ask of an average user, in my opinion.)
On the other hand I appreciate the hackability, and it is your data. If you’re in the EU, maybe you could have made a GDPR request to get the messages in a database.
Ultimately I don’t disagree with this iOS choice because we’re the odd ones; I understand the decision to put the privacy of “regular users” above a niche developer method which could be exploited more than used in a legitimate way.
It feels to me the correct solution in this case is that Tinder’s database should be encrypted on both iOS and Android and they would provide a way to export chats.
I really think this is the wrong attitude and the result of boiling frogs. Having access to data on our devices should be a given. To me it makes me think of the non-touch iPods of yesteryear. Music files were obfuscated on the device by shoving into human-unfriendly folders and filenames. The argument that this was to avoid music piracy is laughable since we originally had DRM'd music for downloads. The database was proprietary and undocumented which meant the only real way to get music on the device was through iTunes. It also meant that unless your ID3 tags were really good and you went through the process to copy all the tracks off and rename them, your music was locked to your device.
Even then, at least you _had_ a way of getting your music back. I'm not going to say E2EE isn't good or that the security protocols put into place for modern OS's isn't important, but imo it's eroding ownership of data and killing third party businesses. Everything has to be done through a web API now, which means your data has to exist in the cloud. This isn't good.
I don’t get your post. You quote a part to disagree with but everything after that agrees with it. I did say you should have access to your data. I did not say you should have DRM, or that your data should exist in the cloud, or that you should have to access it through an API. I also said “feels to me the correct solution in this case is”. In this case where we are discussing personal, private, possibly sensitive conversations. That has nothing to do with downloaded music, purchased or pirated.
> the result of boiling frogs.
That’s a myth¹, but it wouldn’t apply anyway. I don’t agree with Apple’s decision in the case you presented, but I do agree with it in the other instance. It isn’t incongruent to believe you should have access to your data while also believing it should be reasonably protected from snooping bad actors.
¹ From https://en.wikipedia.org/wiki/Boiling_frog: “While some 19th-century experiments suggested that the underlying premise is true if the heating is sufficiently gradual, according to modern biologists the premise is false: changing location is a natural thermoregulation strategy for frogs and other ectotherms, and is necessary for survival in the wild. A frog that is gradually heated will jump out. Furthermore, a frog placed into already boiling water will die immediately, not jump out.”
Here's an overview of how to remove the various layers of encryption (starting from the backup password): https://stackoverflow.com/questions/1498342/how-to-decrypt-a...
And how to do it if you want to access the WhatsApp chat database: https://yasoob.me/posts/extracting-whatsapp-messages-from-io...
Also some Go tools to inspect iOS encrypted backups https://github.com/dunhamsteve/ios
this wouldn't backup the apps, and app private data
for example, if your phone was running myapp 1.0 and 1.1 was out, restoring might cause your phone to download myapp 1.1
Also, I think if you had 20 kindle books in the kindle app on your phone and backed it up, after restoring you would have no books. You would have to redownload them all.
(strangely, I wonder if you have icloud backups, do these kinds of thing count against your storage space?)
I’m sure they’ll get pushback for closing this loophole
iCloud off -> no local CSAM scan.
Local CSAM scan with multiple failsafes (+ actual person checking) + E2EE iCloud -> zero need to allow law enforcement access to iCloud servers. This would also mean that Apple cloud've encrypted them in such a way that even they can't access them.
Edit: on reflection, I don’t agree with this and wrote this too hastily. I’d still prefer 3rd party by default and believe it’s often a better basis for a discussion.
Reporters rarely add much unless they've got several days to do an analysis piece, which there are very few of. And is never the case for breaking news.
HN threads regularly supply oodles of context and counterpoints you don't find in any articles anywhere. Which is one of the big reasons we come here, right?
I still believe that a 3rd party source that at least has a chance of being more objective than a company issued press release is the ideal basis on which to form a discussion.
I don't feel like updating to a beta to get this feature (especially for the risks associated with it). But I am curious how the migration will work. Will this basically re-encrpt everything locally and then upload it or will what is already there stay unencrypted.
Also does anyone know, how do features like this work for someone with a single apple device? I don't worry about loosing access to anything because if my phone dies I have... several other devices with keys. But what about someone who doesn't?
"Because Apple will not have the keys required to recover your data, you will be guided to set up an alternate recovery method in case you ever lose access to your account."
I would assume a physical sheet of paper containing recovery codes is a suitable alternative recovery method.
Thanks for pointing that out!
Honestly might not be a bad idea to have a backup somewhere else just in case. Like in the event of a fire or something have a backup sitting in a safe.
It does bring up an interesting conversation, what levels do we go to make sure we can recover accounts in situations like this? Store a USB or a paper in a safety deposit box on the other side of the country? I tend to store all of my backups for my other accounts on my iCloud Drive so... loosing access to that would be catastrophic.
> Advanced Data Protection for iCloud is available in the US today for members of the Apple Beta Software Program, and will be available to US users by the end of the year. The feature will start rolling out to the rest of the world in early 2023.
If Apple would just go ahead and say "we've extracted tens of billions of dollars from you indirectly by letting google do the dirty work, but here's some encryption that doesn't make up for what we've done and continue doing" that would be more accurate.
Why would governments push back, when this hole which has already been used will _always_ be available?
You have evidence that Apple has been pushing silent updates to individual users ?
Either we accept some amount of vulnerability at the minimum and deal in likelihoods rather than certainties, or we simply do not use modern communication devices whatsoever. Given we're here on HN, we all have clearly chosen the former, so the question becomes: "is it likely that Apple have violated individual users' privacy in this manner?", to which I think the answer is "no" because (a) it's never been necessary before given the availability of alternate methods, (b) we have absolutely no evidence to suggest otherwise, and (c) we do have evidence of a history of Apple being at least somewhat reluctant to cooperate with the federal government of the US when it comes to individuals' privacy, to the extent that they are able (e.g., the San Bernardino case). So although it is true that we cannot be certain of our privacy, it seems very likely that Apple's efforts to improve user privacy are not disingenuous.
Well that's how some would want them to work, but around here to be heard you must back with evidence.
For prior generations, Hoover, Nixon, MLK (how they targeted him), the Church hearings, and many other things provided evidence as to the extralegal behavior of the government at times.
[0] https://www.wired.com/2014/09/feds-yahoo-fine-prism/
[1] https://www.businessinsider.com/the-story-of-joseph-nacchio-...
I don't trust any corporation to actually side against the govt.
Apple are better on the privacy front than their competitors, but not by that much.
“ Is it technically possible to do what the government has ordered? Yes, it is certainly possible to create an entirely new operating system to undermine our security features as the government wants. But it’s something we believe is too dangerous to do. The only way to guarantee that such a powerful tool isn’t abused and doesn’t fall into the wrong hands is to never create it.”
- https://www.apple.com/customer-letter/answers/
Apple: "So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8."
Also, "create an entirely new operating system" is an intentionally misleading exaggeration on Apple's part, meant to fool customers but not governments. It makes it sound like the amount of work they would have to do is larger than changing one constant about how many retries are allowed and another constant controlling rate liming, build and sign and flash it to the phone, and delete it after.
I think the FAQ and letter both make clear that Apple could comply with the FBI request and their objection was over whether they should be forced to.
If iOS 8 required a user key for updating the system, this would be technically infeasible. It's not technically infeasible as iOS 8 was implemented, so Apple stopped claiming it is, but only after the FBI embarrassed them about that claim.
> their objection was over whether they should be forced to.
Apple's objection had nothing about being forced to do it. They were forced to provide data from devices before iOS 8 and even provided a document about how to ask them to do it. Apple instead made specious claims about how hard it was and how it would affect other customers' privacy.
The concern typically isn't backdoors, it's bugs. I've had plenty of terrible experiences with Enigmail.
I'm not aware of a time when Apple pushed a software update (silently or otherwise) to defeat security for a user (or users). Can you provide a reference?
I don't know what people expect. These moves are good things and everyone is whatabouting situations that there is 0 evidence has ever happened or would ever happen. It's unfalsifiable, impractical, and honestly just annoying.
If government were to compromise end to end encryption in the manner described above, it would either be visible when used to prosecute people, or invisible because it would never be used to prosecute people (but presumably for intelligence purposes). Even if it were used for intelligence purposes through the method above, which I don't think is at all established, it would still be a significant improvement over having data in a form that is actively used to prosecute people.
The snowden revelations were precisely about information gathering for intelligence purposes. The vast majority of intel gathering is not for prosecutionary purposes.
What is absolutely good is that they have e2ee now, and the only way they could even hypothetically open a back door would be one that was completely secret, for the government, which definitionally closes off a whole class of government use of the data, for example in domestic prosecutions of citizens.
This may not be perfect (it’s not open source etc) but it’s a vast improvement over non encrypted data that was openly routinely given to the government.
On some level the US could also pass a law that says every iPhone user will be summarily executed. That’s how sovereignty works. Is it a realistic concern? Probably not.
Apple's ecosystem is, by default, design and necessity, insecure to Apple. Keys stored on an Apple device are insecure.
One can easily make a similar argument for Android/Google, however, a security conscious user could still take control over their device and install a more secure OS.
In any case, selective support for technical proposals based on broader political vibes is not a particularly inspiring stance.
https://www.cnn.com/2022/06/21/europe/grenoble-france-burkin...
Let's not pretend this is the same thing as kidnapping you and taking you to a reeducation camp because of your religion, leaving your kids alone and confused.
No one claimed that they were being “forced” to be part of a religion. What next? Forcing people to eat pork even if it is against their religion to enforce “secularism”?
This was nothing more than discrimination.
In the US, we had to have laws that allowed Black girls to wear their hair the way they wanted and schools were forcing black girls to straighten their hair to fit in.
https://www.naacpldf.org/natural-hair-discrimination/
People who are forced to wear certain clothes by others in their religion are also often forced to have that religion.
Confusing race with religion is even crazier. We should accommodate people who are physically different, but there is no reason to go out of our way to accommodate people with arbitrarily wacky beliefs and even less reason to go out of our way to accommodate oppression by people with arbitrarily wacky beliefs.
Honestly, every religion is “wacky” to an outside observer.
The secularism rule basically says that the government should not make laws to accommodate one religion because then it would have to make laws to accommodate any and all religions, and there is no limit to how wacky a religion can be.
The law was specifically aimed https://apnews.com/article/religion-france-government-and-po...
> The ruling was the first under a controversial law, championed by President Emmanuel Macron, aimed at protecting “republican values” from what his government calls the threat of religious extremism.
The law passed in the country was set up to disallow laws that favored one religion, but ever since the revolution cast aside Christianity for enlightenment ideals, no such laws had been attempted. It is true that this law was made to prevent laws that favor Islam, but it puts it on equal footing with all other religions. Members of The Native American Church cannot get laws passed to give themselves exemptions to use mescaline.
Very recently in history. China is bad now, European nations have been bad in the past… but who knows what the future holds.
Once data is released (keys, databases, plaintext messages, it doesn’t matter) it can’t be made private later.
https://www.secureworld.io/industry-news/new-eu-push-for-enc...
But Android already collects a lot data from the device before encrypting.
Even MacOS is infected with this privacy invading nonsense that I can't opt out of. It has an Apple News app that I can't uninstall, and whenever anybody sends an Apple News link, even in a private tab, it opens the Apple News app, a handler that I can't disable, sending the article I want to read together with my Apple ID to Apple.
https://www.extremetech.com/mobile/340887-apple-sued-for-all....
FTFY.
Please stop spinning that as if Apple were siphoning every single of one's moves everywhere, irrespective of any telemetry setting one has set.
Both the linked piece and the reporter's Twitter thread seem to have taken great care to bury behind clickbait headlines and scary words the fact that this applies only to App Store, Books, Apple TV, and iTunes Store apps, which are all "store" apps (presumably that's where commercial stuff typically happens) that used to outright be webviews (not entirely sure they are 100% native as of today). I don't think anyone would be appalled if a React-based web app would send vast amounts of requests based on user interaction.
So yeah, they should probably not collect as much data as that and probably should have a toggle to nerf such data collection within the store apps (which is not the same as OS/actual app/service telemetry), but the way things keep getting spinned is beyond ridiculous and does not help in improving anything.
For myself I’m quite happy with this as it is a huge improvement over what we had. My only irk is that they called themselves a champion of security and privacy before this..
https://en.m.wikipedia.org/wiki/FBI–Apple_encryption_dispute
Can you show me another company that has done this?
FWIW, Apple does not treat US and Chinese users the same. If you have a Chinese mainland iPhone, you use a completely different iCloud that isn't even run by Apple.
Apple likely conceded early on that China-based iPhones use China-based iCloud, and the Chinese government likely conceded that Apple phones will use the same OS everywhere, with region-based feature blocking being as far as they'll go in customizing the OS. Both have a lot to lose from the other party terminating the relationship.
The laws are different there and the only way that Apple could meet the requirements of the Chinese government without also weakening their product for the rest of the world was to cede control of iCloud there.
[0] https://support.apple.com/en-us/HT208351
The only true secure option is to build the source yourself, sign it with your own keys, and run it. Assuming you can read all the code and make sure its safe, and read all the code on your compiler to make sure that is safe. And you'll still need to trust the Google-signed bootloader code, which totally hasn't had suspicious custom builds released previously (ArcaneOS?)
You can't see how it works, you can't change how it works, and you have to trust that it does as advertised. You must do all this in the knowledge that over the years plenty of proprietary software vendors have outright lied to their customers about exactly this kind of thing, e.g. [0][1].
I'm not aware of Apple ever doing so though, for what that's worth.
[0] https://news.ycombinator.com/item?id=25044254
[1] https://news.ycombinator.com/item?id=33820538
https://9to5mac.com/2022/12/07/apple-advanced-data-protectio...
Was client side scanning implemented finally? Perhaps E2E paves the way to client side scanning?
For the hardware key, Apple is a bit late though. All other cloud companies have that 2FA.
Maybe they'll try it again after this.
Apple never said that it was scrapped. They did, however say that they intend to do it.
EDIT:
Follow the links from those articles. Apple never killed the plan! This is what Apple actually said:
> Based on feedback from customers, advocacy groups, researchers and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features.
That's not killed. That's just delayed. It's also them reiterating their intention to ship these misfeatures. It was, as pointed out, widely misreported.
Apple is very good at writing technically truthful things that say one thing that cause reporters to report a different thing (which is not factual). This becomes an "everybody knows" sort of thing where the narrative that is widely believed/accepted is not what Apple actually said. They exploit poor reading comprehension ability.
"Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next"
That's dead enough for me.
No one wanted that, regardless of how the implementation worked.
Is there a similar URL for the security key stuff? If so, we can factor that out of this thread, which is almost all about E2EE backups.
This will go a long way into restoring my trust on Apple. Yet, I can't help but notice that the "we will scan your photos and snitch on you" workflow they published then is still compatible with enhanced iCloud security. Hell, they can always send a command to the photo's app in your phone to upload all your photos straight to FBI's servers. So in this case technology is like 50% of the trust, the other 50% is sheer commitment to customers and that was tainted by that episode.
https://www.washingtonpost.com/technology/2022/12/07/icloud-...
When apple released client-side scanning (which only ever applies to photos uploaded to iCloud Photos) the only thing that changed was now the scanning takes place on your device where you have transparency and ability to see what hashes are checked. The folks paying attention knew what this was - Apple redesigning a workflow to make LE cool with e2e encrypted photos. You read some false outrage articles and are now somehow still upset at a company doing work that is currently in your best interest. Baffling.
I've read all the technical documentation too. However who says that the mechanism is implemented like intended forever? Maybe Apple or (local) law will change and voila: Your device scan report is reported to Apple and authorities because it is anyway already in place on your device.
>The folks paying attention knew what this was - Apple redesigning a workflow to make LE cool with e2e encrypted photos.
They have just canceled this spyware wholesale,[0] ivalidating your entire point. Interesting how Apple fans can come up with a thousand ways to justify being spied on and then call anyone who points it out cluless.
[0]https://news.ycombinator.com/item?id=33898153
The features were almost certainly related to each other given their timeline, even if one did not end up shipping.
Now if we could just get banks on board… they’re probably the single biggest glaring hole in non-SMS 2FA. To my knowledge there’s only 2-3 US banks that even support TOTP, let alone hardware keys, which is insane given how important they are.
Apple, the client side scan pushing and ad platform expanding company is now the same company that is releasing strengthened cloud data protection. Deduplication becomes impossible at any sort of scale and for safety Apple even turns off web access to iCloud when E2E cloud protection is turned on for the first time.
Apple has stated it will cache thumbnails using standard protections when sharing files, using "anyone with a link" will expose the unencrypted data to Apple servers. I wonder if CSAM scanning can take place for those files only.
[0]: https://www.washingtonpost.com/technology/2022/12/07/icloud-...
"When receiving this type of content, the photo will be blurred and the child will be warned, presented with helpful resources, and reassured it is okay if they do not want to view this photo. Similar protections are available if a child attempts to send photos that contain nudity. In both cases, children are given the option to message someone they trust for help if they choose.
Messages analyzes image attachments and determines if a photo contains nudity, while maintaining the end-to-end encryption of the messages. The feature is designed so that no indication of the detection of nudity ever leaves the device. Apple does not get access to the messages, and no notifications are sent to the parent or anyone else."
https://www.apple.com/child-safety/
I can't imagine people working on E2EE at Apple would be okay with client side scanning. The reasoning isn't important, it's an easy slippery slope once implemented. I imagine the encryption team has to constantly push for consumer privacy in a climate where privacy is challenged and compromised for ad companies and governments. I would be absolutely shocked if there wasn't a large amount of internal pushback when the old CSAM detection plan was first announced publicly.
1) they just ate every other 3rd party "secure" backup services lunch just like they did to the Hi-Res music industry.
2) details of what they backup securely, besides photos (which is top priority for me): iCloud Drive: Includes Pages, Keynote, and Numbers documents, PDFs, Safari downloads, or any other files manually or automatically saved to iCloud Drive.
3)BUT, perhaps the BIGGEST news here is that Apple is making a backup statement to what they've been saying for years and what they've recently gotten negative attention on: They don't want your data. They're not Goodle/FB/Amazon. They're giving you 2TB+ of space and you can encrypt it to the point that you'll lose your data and they don't care -- they don't want to mine your data, they don't want to know what you store on there, the don't care to scan your pictures with AI 20 different ways, they don't want to monetize it, etc, etc., just pay them money for their service and transactionally they give you only thing that you want in return -- reliable, secure, private service.
seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
I'm advocating for an open and interoperable ecosystem of operating systems, services and applications, which is the only way to ensure sustainable customer freedom. Unfortunately that ecosystem doesn't exist yet so we're stuck with the duopoly of evil-doers (and while Google openly admits it is their business model to monetize you and your data, Apple has been caught with their hands in the cookie jar a bunch of times already and they're just developing a sweet tooth, so...).
Full disclosure: I've been using only iPhones for 12 years and am still using one today.
The news articles in the main view are just top business stories from Apple News. I don't see anything ad like at all, actually.
What's particularly odd is that some articles have no ads at all. Some have the same ad repeated literally 3-5 times in a short 1,000 word article. And the ads are all trash. They seem like those awful chum-boxes you see on web sites. Who in their right mind thought this would be appealing to the typical Apple user? I mean, regardless, I have never intentionally clicked on any ad on the web in 30 years, and I'm not going to start now.
It's sad because it's exposed me to regional newspapers from around the world. I live in California and see articles from newspapers in Idaho, Utah, Connecticut, upstate New York, Dallas, Miami, Chicago, etc. and even from other (mostly English-speaking) countries like Canada, England, Ireland, Isreal, and Australia. They even include some (English-language) stuff from China. I don't normally see news sources that diverse on the web because it takes more effort. But the ads just make it not worth it to continue using.
I hate ads, but for most people paying some bucks a month to make sure their 2nd brain of photos/notes/passwords/texts/etc is totally (and now privately) backed up is a worthwhile insurance policy.
I think the argument that advertising iCloud plan upgrades in settings, where you’ll be pointed to if you run out of backup storage, is very benign as far as ads go. Although I do think that they should have a method to dismiss it(I don’t see this so I’m projecting that they don’t).
Windows even sent a notification questioning my choice to disable location tracking.
Unlike MS - you have to link everything with an ID when first setting up W11, no choice unless you go to extreme workarounds. Constant nagging and manipulation thereafter.
With that said, what platform are you using that has no ads at all? Presumably Linux on the desktop, which I can almost use. But unfortunately I can't use it on mobile, I have too many use cases in the personal and business world that require a 'normie' grade phone.
https://www.theregister.com/2022/10/13/canonical_ubuntu_ad
Advertising does not require that you spy on each individual person.
Google, for instance, used to show you ads based only on your search keywords.
This is still true. You basically never see personalized ads on search, since getting a contextual ad for cruises when searching for programming answers probably isn't going to end up with many clicks. Instead, it's only really 'Google Ads' (AdSense on other websites) and YouTube where personalized ads result in higher CPMs.
(Although Google does indeed use your search history for ad targeting.)
Yes, and it's not the advertising part that is evil. It's the part where they spy on every aspect of your life because doing so makes ad sales more profitable.
I don't think that is necessarily evil, but it certainly is embarrassing for Google since Google used to make fun of competing search engines for that exact behavior back when Google was still the underdog.
Spying on everyone's credit/debit card transaction data, on the other hand, is definitely evil.
> as Google said in a blog post on its new service for marketers, it has partnered with “third parties” that give them access to 70 percent of all credit and debit card purchases
https://adwords.googleblog.com/2017/05/powering-ads-and-anal...
Personalized is "we're showing you ads for local gyms because we noticed that you've been watching a lot of Youtube videos about workout routines". Or whatever.
If a digital panel switched to show me restaurants in San Francisco because they detected that I travel there a lot, that is absolutely personalized.
Similarly, if a maps service shows me restaurants near my destination that have paid for placement, thats not personalized. If they show me fast food restaurants on my route because I got directions to one previously, that is personalized.
It is a moot point because Apple isn't anti-advertising _nor_ anti-personalization. They are pro-privacy. Like Google, they will just move ad determination onto the device.
We don’t know that. We know that they put ads in the App Store, that’s it. I wish they did not, because it made the store even more of an unusable mess, but it really is not even in the same league as Google and Facebooks, systematic surveillance.
> increased pressure to sustained growth from shareholders
This sounds truthy, but is there any evidence of this? Apple is famously the company that tells rent seekers after more ROI above all to fuck off (both Jobs and Cook).
> I'm advocating for an open and interoperable ecosystem of operating systems, services and applications, which is the only way to ensure sustainable customer freedom.
Now that’s a real point, which deserves more than being buried after a paragraph of half-truths (and I almost entirely agree, FWIW).
> It's good to be passionate, but blind devotion is dangerous,
After starting a post like this, it is disappointing that you fell in the trap you warned the OP about. Being contrarian and using mis-informed tropes is not a good way of having a rational discussion. It is not being cool or clever at all.
One of my favorite CEO moments comes from Tim Cook on an earnings call: “If you want me to do things only for ROI reasons, you should get out of this stock,” And then more recently “If you're a short-term trader, do not invest in the Apple stock,”
I understand both, but it’s so odd to hear a CEO tell people “no, we don’t want your money” and I will grant that Apple is luckily not in the position of needing it.
For users to trust them as a guarantor of privacy and rights is naive at best if not outright idiotic. Since they comply with Beijing why would one assume they won't feed your data to Fort Meade and Brussels - who as a sidenote are planning to outlaw end-to-end encryption for major apps: https://www.patrick-breyer.de/en/posts/messaging-and-chat-co...
What Cook is saying is that Apple is in the enviable position of being to make long term plans. Not every decision can immediately be boiled down to an ROI calculation, but that's what short term thinkers want.
For example, how much has Apple invested to develop this E2E system (the tech, support, etc...), and what is the ROI? IMO, over the long term it should have a positive ROI, even if I can't draw a direct link from quarter to quarter right now.
They also put ads in Maps, Stocks, and News, and they "started asking people last year if they wanted to enable personalized ads on these apps."[0]
> This sounds truthy, but is there any evidence of this? Apple is famously the company that tells rent seekers after more ROI above all to fuck off (both Jobs and Cook).
"Inside the ads group, Teresi has talked up expanding the business significantly. It’s generating about $4 billion in revenue annually, and he wants to increase that to the double digits. That means Apple needs to crank up its efforts. "[0]
Plus the advertise iCloud in the Settings app with a red badge, which is just annoying.
[0] https://www.forbes.com/sites/kateoflahertyuk/2022/08/15/appl...
(I don’t use stocks and news isn’t available outside the US, or atleast Singapore/Taiwan.)
https://www.macrumors.com/2022/08/15/apple-could-bring-ads-t...
This doesn't mean they need to do it with targeting/data mining. I swear all the data mining does is show me ads for stuff I just purchased 3 days ago, and that's with google-level surveillance.
If all this additional surveillance, sorry "targeting", is that worthless why should we even consider allowing it?
I am an iPhone user since three years ago but if at some point I get a better deal elsewhere, I'm off.
And with Apple I pay extra for premium, and there is only so many ads[1] one can shove in before the premium feel is gone.
As for the targeted ads, I share your feeling that the targeting is badly over hyped, except you are lucky compared to me:
Ads for products I bought 3 days ago would be wildly relevant compared to most of the ads I can remember from Google. It was almost always scammy-looking dating sites. For a decade. Don't know what I did wrong but it seems there was a fluke with my account. Or they just god more money from scammy-looking dating sites than from anyone else.
Oh, and when it wasn't ads for scammy-looking dating sites it was pay-to-win games, and based on the ads you could be forgiven for thinking they were made by the same folks.
[1]: I'm no hardliner here: contrary to many on HN I actually see value in some ads and think I have sometimes made better purchases/been reminded to do things I wanted to do anyway.
Every time people tell me that AI is great, I remind them that the most frequent ads I see are: 'Goth Muslim hookups' and 'automatic chicken coop door'.
> We don’t know that
"Apple’s VP of advertising platforms Todd Teresi has been asked to bolster annual revenue into 'double digits' from about $4 billion today" (Aug 2022)
https://www.forbes.com/sites/kateoflahertyuk/2022/08/15/appl...
Double digits isn’t a major player. Google and FB are already making nearly 200B ad revenue each. If every Apple app and device showed ads constantly it still wouldn’t come close to the views that fb and web pages get to display ads used by Google and Facebook.
Just to put everything onto the same scale, 4 to "double digits" requires a 2.5X increase. "Double digits to triple digits" would require a further 10X increase.
If Apple is indeed going full adtech and data harvesting, there is nowhere for consumer left to go, no competitor.
And regulators aren't stepping in either - multuple companies were caught illegally selling private customer data and there were no consequences.
But I would agree it is not sufficiently deterrent for a company this size.
They clearly want a slice of that market, and they have the patience needed to wade in.
I can’t begin to imagine how irritated Tim Cooke is by the revenue Google and Facebook make from adverts on iOS and he clearly wants in on it.
Given that both those ad companies make revenue off iOS, it’s not unreasonable to aim for a similar level on the platform.
Wow, thanks for using your psychic powers to tell us what Tim Cook thinks and feels and share that exclusively here on HN!
...Unless you have an actual source for this claim?
The only way for a 2T business to grow is by expanding the Services business significantly, in some market that is already known to be close to half a trillion dollars in revenue.
You really think Apple is trying to make small change with ads in Apple Maps?!
The App Store, and their demand of 30% of all revenue that passes through an iPhone is the most infamous example of digital platforms rent seeking.
Google does not take a cut if you use an alternative app store (which isn't possible on iOS)
A bit of hyperbole there. 30% of revenue from sales of digital goods after the first $1m (15% before).
I’ve probably spent $20k on Amazon using my iPhone this year alone. You don’t think Apple takes 30% of that, do you?
Besides, it’s so funny when people use “rent seeking” as a pejorative. Like, yes, the reason my landlord bought this house for a lot of capital up front was that they believed it would be profitable rent it for much smaller amounts for a long time. What, am I supposed to feel entitled to use the house for free?
A bunch of years ago I made several hundred thousand dollars from the App Store. You know how much I would have made without the app store? Zero. Do you think I begrudge the 30% I paid, any more than I begrudge the rent I pay for this house?
I understand people who dislike the Apple walled garden and want no part of it. I do not understand people who want all of the benefits but expect Apple to provide it for free.
"People" including anybody from Marx to the left, all the way to Friendman and Hayek to the right, including Adam Smith...
Sorry, rent-seeking is milking assets without producing value (or with only minimal investment/maintainance costs). It's the opposite of a functional market.
>Like, yes, the reason my landlord bought this house for a lot of capital up front was that they believed it would be profitable rent it for much smaller amounts for a long time. What, am I supposed to feel entitled to use the house for free?
No, you're supposed to not want an economy where people don't mouch off of standing assets, but actually contribute to making value (and products and progress and stuff).
Rent-seeking 101: "Rent-seeking activities have negative effects on the rest of society. They result in reduced economic efficiency through misallocation of resources, reduced wealth creation, lost government revenue, heightened income inequality, and potential national decline."
Making money off of the App Store is pure rent seeking. It's maintainance and (very infrequent) improvement costs (negliblible compared to its profit) don't make it any less so. Heck, actual rented properties like houses also incur some maintainances costs on the owner.
Not quite - if you go over $1m in revenue you pay 30% on all revenue in the following year.
I honestly believe that if the App Store were to start now, they would feel entitled for a cut of all physical goods transactions that happen.
I don't believe Apple produces 30% of value when someone (hypothetically) signs up for Netflix on an iPhone. Apple's App Store actively hinders value creation when they prevent Netflix from using their existing saved credit cards to re-subscribe a user on an iOS device.
> Do you think I begrudge the 30% I paid, any more than I begrudge the rent I pay for this house?
It sounds like you saw value in something, and you paid for it. A competitive product would be able to stand on it's own and developers (and users) could make a decision on what product they wish to use - I'm sure that a lot of developers would continue to use Apple's payment infrastructure because they find it easier!
There must be a name for this fallacy, where one bases their opinions on speculations about how things would be different today if their already-held opinions had been true long ago. Some kind of retroactive confirmation bias?
> It sounds like you saw value in something, and you paid for it. A competitive product would be able to stand on it's own and developers (and users) could make a decision on what product they wish to use - I'm sure that a lot of developers would continue to use Apple's payment infrastructure because they find it easier!
You're not paying for the payment infrastructure. You're paying for the discoverability and distribution. I cheerfully paid 30% to reach a few hundred thousand users when I could have reached, maybe, tens of users on my own. I find it hilarious when people explain how I was ripped off with exorbitant fees.
And neither did Netflix and they haven’t allowed in app purchases for years and are still doing quite well.
They mean "rent" the econ jargon, not "rent" the thing you pay to your landlord.
See: rent-seeking
https://en.wikipedia.org/wiki/Rent-seeking
It's a bad thing basically by definition.
Unfortunately now you've unlocked the "haven't you heard of platform fees (Google Play) or walled gardens (Nintendo eShop) before?" tangent.
There is no new information here - some people are perfectly happy with Apple's walled garden business model as it is and/or don't think Apple should be forced to change, while some think that Apple should be forced to change it so that customers can have more freedom or developers can collect more money.
And 30% take rate of everything from your app including later subscriptions and services is extremely rent-seeking.
It just doesn’t make sense to their business strategy. Apple is premium, ads are the antithesis of premium. Just doesn’t make business sense.
Also the "necessary costs" argument for the App Store fees falls apart when the unmonetized apps are all free.
I want to make an iOS app. I've already paid Apple the $100 bucks per year or whatever it is, so I've "done my part".
Then, I want to have in-app subscriptions and payments, and I found a great service, XYZ, that does this.
So, on my own time, with my own device I bought (which by the way, in another money-grubbing move, HAS to be another Apple device, even though there are 0 solid technical reasons to force this), I write the app, I put in the integration for XYZ.
Can I publish this to large amounts of iOS devices?
Plus, are we actually comparing general use mobile computing devices to niche and mostly fixed computing devices?
In practice, no, a console is not a general purpose computing machine.
On iOS, by design, you can install almost any kind of application even without jailbreaking it. Which people do, you can have Excel and Maps and IDEs and whatever.
Consoles, by design, do not allow that. It's almost strictly meant for games and media.
And again. I don't care. Both types of walled gardens should be abolished.
But apparently we know that they will never put ads or sell our data pinky swear!
Despite the fact that they have already done so.
Once a brand starts to build large-scale mindshare, there is of course the inevitable brand-wars fanboy faction, but there also pretty reliably seems to emerge an anti-brand faction - this pattern is consistent across NVIDIA, Apple, and many other leading-but-controversial companies. The mere mention of these companies in a positive context gets another faction reliably winding up about how awful they are and how everything they do is actually fake and a lie and intended to rip off customers unlike my favorite brand, etc.
It's essentially another form of parasocial relationship - but it's a negative parasocial relationship instead of a positive one. People gain identity from opposing the brand-signifier rather than supporting it.
The existence of fanboy factions is oft-observed at this point, but I rarely see anyone acknowledging the opposite side - the people who just are reflexively contrarian and negative about anything surrounding a brand, regardless of any counterbalancing concerns or factors. The hateboy, if you will.
And blind hate is just as destructive to nuanced conversation as blind devotion. It's also destructive to actual progress - positive steps need to be acknowledged and encouraged even if you think it's still the overall worse option, and negative steps from a brand you favor need to be acknowledged even if you think they're still the overall better option.
To do otherwise is to oppose actual progress over what amounts to parasocial tribalism - in both directions. The hateboys are just as toxic as the fanboys to reasoned discourse.
I've just been extremely disappointed by their hypocrisy around privacy (which is a subject I'm very passionate about). They've betrayed my trust when they announced the on-device scanning functionality a few years ago; yes, I know they eventually dropped it after massive pushback from everyone that understands its privacy implications but before doing that they treated us "screeching minority" like dirt, I've never seen such condescending behavior from a legitimate company, especially one that I previously respected.
Their massive push in the ad space, combined with other scummy behavior (phone-home on macOS, backdoor access that sidesteps firewalls from 1st party apps, etc.) just paints a bleak future where all the big players (Google, Microsoft and now Apple) treat us like sheep; it's just so frustrating and sad...
Do we though?
And “ads in their products” but not “a major player in the advertising space”
[1] https://www.forbes.com/sites/kateoflahertyuk/2022/08/15/appl...
Or they could sell us a rugged iPhone with a removable battery and SD card slot to extend storage but keep the proprietary OS to keep the music/movie ppl happy plus keep out malware not sent via FISA warrant, but if they did that Tim Cook might jump off the top of the donut apparently, so they keep going the way you describe.
I'm sure 3.5 humans who want that will appreciate that product.
(Same for an sd slot.)
Especially paired with a form factor like the 6s for those who don’t want a phablet.
We aren’t talking about blind devotion, though, are we?
We have a tangible actual important thing. Apple can’t plumb our backup data for their own profit.
You want to be careful not to ignore information just because it doesn’t comport with your preconceived assumptions. At least consider weighing them against your assumptions? I’m never going to be against a cookie-based metaphor, but that doesn’t make it apt.
I ran my own Nextcloud instance for ~3 years, recently moved to Syncthing for simplicity. But that use case is more about making certain pieces of data available to all my devices, not for backups.
Still, I did appreciate the breadth of apps that one could install.
Agree with you there -- the data might be encrypted on Apple's servers but that doesn't mean Apple can't scan your data on your device and report the findings back to the mother ship. They've made it increasingly difficult to know or control what system processes do.
There's a fundimentally different approach to advertising by Apple than say, Google or Facebook. For one thing Apple isn't doing web ads. They've not got an adsense style platform and likely never will.
The ad network they're building is for inside their own apps, and likely eventually for app developers to integrate into their own apps - apps only.
In addition those ads are for items within their existing ecosystem, ie more apps.
In terms of data collection this means they dont need the insane levels of information that Google and Facebook collect. All they need is a rough idea of your interests, which can be gained from the apps you use, and your activity in their own apps. Everyone using an Apple device must know they store your location, so that ones an obvious no brainer.
They dont however need to know your browsing habbits. Would it help target better? Absolutely, but the whole aim of their ad network is to keep you inside apps, not browsing the web. If you're using Chrome, Safari, etc they cant advertise to you as again, its not a web-based ad network.
As data collection goes, the way they're doing it is about as least intrusive as you can get. Theres no following you around the internet going on, which has always been the biggest issue with Google and Facebook.
I'm not saying Apple is a 'saint' in all of this, but its not even close to the level of tracking other companies use.
The money generated there will affect behavior elsewhere. These walled garden profit centers always do - having disproportionate number of resources for the task and with it the ability to ignore the needs of the greater business.
That is no longer the case. There are projects starting to come out which are open source and building on top of AOSP like GrapheneOS, CalyxOS and a few others but those two are solid options at the moment.
I am not sure why GrapheneOS doesn't get mentioned here on HN but it's seriously a wonderful project that includes privacy features not available even on iOS. They are this far ahead of the game when it comes to privacy and security. Highly recommend checking them out.
https://grapheneos.org
Probably because with GrapheneOS you have to rely on Android phone vendors which lock down the devices more every year. In my opinion, this is not a sustanable solution in the long term. GNU/Linux phones could be more sustainable.
Ok, come on. What apple’s done here is great, and I personally use an iPhone, but you couldn’t think of a good reason to use anything else? An open-source OS?
I also encourage people to check if their devices are supported by LineageOS when they run past their support period, it can be a good way to keep getting security updates past official support windows.
https://wiki.lineageos.org/devices/
The forums should list some caveats for the device if they exist, but don't assume just because it shows up on the list that everything will work perfectly out of the box -- double check to see if there are any downsides.
Also, I should bring up that LineageOS comes in two variants: one without Google services and one with Google services. If you want to actually de-Google your phone, check to see that you are not going to run into problems with the apps you use.
Occasionally I see people who don't realize how deep Google services can go on Android, which in some ways gets back to your argument about how "open" Android really is. So it's just good to make sure that your stuff will all work afterwards if you're planning to go down that route.
Sure, if you're so laser-focused on privacy that you want some obscure phone which will do nothing aside from text, call, and send Signal messages, go buy the weirdest one you can find. otherwise you won't be finding anything remotely enjoyable if it's not iOS or a major android flagship. And out of those options, only one respects the user's privacy and security.
* They are more and more into advertising business https://news.ycombinator.com/item?id=32520894
* Their executives admit that they want you and your family locked into their ecosystem (leaked emails).
Sorry, but advocating for them seems like very bad idea. Google was cool, pro-customer company once too. Until they had position to not be anymore. Open standards, without any vendor lock are only reasonable way.
I think you and I have vastly different ideas about what "giving" means.
I get 5GB of iCloud storage, unless I pay them £6.99/month for 2TB. No idea what the rate is over 2TB.
Have I missed a trick to getting this 2TB+?
(I have 7 Apple devices in my possession and have owned a further 2 that I've passed on to my kids; given the premium I paid for those I almost expect that I should get 5GB PER DEVICE, but of course that's fairly unreasonable in reality)
Your reaction is derailment because you grabbed the wheel and steered the topic down a road about you and your expectations of discussion standards.
Part of respectable human interaction includes humorous, short and sharp casual responses on occasion. In this case, the post was replying to someone who called Apple's storage limit "pretty useless"... so we're well and truly in the fun zone of casual conversation. Not sure what you're seeking, the equivalent of a formal meeting with diplomats and official representatives?
You then add on hyperbole to end of your reply that I'm expecting some sort of formal discourse. I'm commenting on the "linux distros", which seems irrelevant. Putting a ;)
Just imagine if more people made these sorts of quips out of the blue and how crap it would make the forum over time?
I wasn't aware linux distros would push the limits of 4TB cloud storage, so for me it was micro-informative. I also wasn't insinuating, I was asking you directly how much formality you want in online tech discussions.
All good. I don't want to drown in cheap karma-harvesting reddit posts either, but I don't see that happening here.
When "snark" is measured like spice in cooking, it adds flavour. I'm not suggesting popping the lid and dumping a jar of snark in the broth!
They do make a family plan for Apple Plus ($30/month) fairly compelling: 2TB per family member, Apple TV both has some good original content as well as serving as a quick index into most other stream services, the Arcade Games are fun enough, Fitness+ is something I use about 90 minutes a week, and Apple Music. That is a lot of “stuff.”
Then there are some things that Apple gives away for free. Their podcast app is free and lets you subscribe to a lot of interesting stuff that I might otherwise subscribe to Spotify for. Handoff saves me about 5 minutes a day. Anyway, I don’t much like the walled garden aspect of Apple, but for value and convenience they must be difficult to compete against.
This is an excellent point as to why you shouldn't even bother trying to develop software for apple machines. If it's anywhere near successful apple will just destroy you, after having taken a 30% cut from your revenue for years.
"If you buy a phone or general purpose computing device, you have the legal right to choose your app store and applications installed on it seperate from manufacture demands".
The particular problem with Apple is not only duplicate your app, they can underprice it by 30% because they don't self pay their own store tax, and they can kick you out of the only app store for whatever reason they choose to make up that day.
If they think some third party feature should be part of the core experience, they're going to incorporate it. This is true when building on anyone's platform (e.g., Microsoft, Facebook). Non-core experiences, like domain specific software, are less likely to suffer this fate. It's similar to when MS decided to ship a browser. God help you when the platform you're on decides they want to subsume your features.
This is veritably false, they made $80 billion selling software this year. You might not see the App Store as software revenue, but Apple certainly does.
As sheer hardware revenue growth slowed, they moved their focus to services [0]. That’s also what we’re seeing on their push into more ads for instance, and this new feature goes the same direction: to benefit these encrypted backups you’ll need to sign up for storage. For most people wanting to cover more than one device, they’ll probably end up with the 2Tb plan which is at 10 bucks a month, the bare minimum 50GB being at 1$ a month.
[0] https://www.insiderintelligence.com/content/how-services-bec...
Amazon seems to be doing well despite Apple Books.
Point of clarity, the devices we are discussing are neither telephones, nor are they general purpose.
They are smartphones, a sort of miniature computer with a bunch of general-purpose sensors, and actuators viz. a screen and a speaker and some haptic feedback. They don't really do much computing per se; we outsourced most of that to The Cloud some 15-odd years ago. These things are just highly capable I/O devices, or clever terminals if you prefer.
And while Android has the PlayStore or whatever they call it this week, one can usually choose to load rogue APKs and one can usually succeed; and things like the Pinephone or Fairphone have been attempted that leave more power (and responsibility) in the hands of the user, but in practice it seems that they simply don't _work_ that well.
I agree with you wholeheartedly; I just think the "if" part is a bit out of sync with reality.
I see reflections of this throughout the history of the iPhone. Apple has always controlled how people access both the internet and even what applications they can install. Every "browser" on iOS is just Safari with a skin for example, because Apple will not allow any other browser engine.
Allowing anyone to put their browser engine on iOS through the App Store would open the door to a wide variety of security problems. It would also effectively bypass the App Store, as Google (just as a totally random example) could release their own iOS "browser" that's actually their own platform for apps that they sell. Not to mention inserting their own ads into anything people browsed on it. And tracking literally every single tap and text entry that people do in that browser, including bank passwords, credit card info, etc.
On a platform like the Mac, that doesn't matter very much, because it's small enough that basically no one would bother.
On iOS? If you could get 0.0001¢ per website visit from even 1% of iOS users, that would be a money-printing machine.
Apple would certainly argue that, yes. Foremost though, they're adding it because it's what Apple wants, and conveniently converges with the desire of the user.
People who didn't live through that era really don't appreciate a key aspect of it, which was that MSFT OWNED the desktop -- like, 90+% of the market. There were no other real options. For a good chunk of that period, Apple was seriously on the ropes and might not have survived. (Michael Dell famously said it should be sold off and the money returned to the investors.)
Microsoft had deals in place with PC makers so that it was impossible, nearly, to buy a computer without buying a Windows license. BillG specifically told Netscape he planned to "cut off their oxygen supply" by shipping a browser with Windows, and he did this because he was smart enough to see that browser-based software could endanger their control of computing. That was literally illegal.
No one has anything like the control they had back then. The desktop market is still mostly Windows, but Apple got healthy and took a decent chunk back. Now there's also ChromeOS and Linux out there, too -- plus, we have mobile, which is an even BIGGER chunk of the platform market, and it's split between iOS and Android.
So that's at least 6 different software platforms a hypothetical user could pick in 2022, and they're spread over dozens of hardware manufacturers. That's been the norm for so long now that it's easy to forget how little choice we had in 1998.
*ANYWAY* the bigger point is that adding features to your system isn't a problem if you're not acting as a monopolist. Microsoft WAS in the 90s. Nobody has that ability now.
Seems like we can never relax, always some company waiting for the chance to take over a space. Gotta stay vigilant.
Then they just point at marketshare and say: "we only have 30% worldwide". Yeah, but your stuff is aspirational and the vast majority of Android users have lower disposable income so spend less and many switch to iOS when they have enough money.
It's very sneaky and it's breaking everything down.
Laws just haven't caught up to it.
Are you suggesting that a successful business with a small fraction of the overall market be treated like a proven monopolist? That's risible.
https://www.counterpointresearch.com/global-handset-market-o...
> Apple Captures 75% of Global Handset Market Operating Profit in Q2 2021
At this point everyone competing, including Samsung, are getting close to also-rans.
I felt otherwise a few years back, but Apple's marketshare is actually going up almost universally, as countries develop:
https://www.statista.com/statistics/272698/global-market-sha...
Android is stagnating, if anything despite the free and Open Source operating system and the million models of phones.
They do not control the market, and thus are not subject to -- and should NOT be subject to -- the kinds of restrictions justifiably imposed on actual monopolists.
>Android is stagnating, if anything despite the free and Open Source operating system
I might argue that Android is stagnating BECAUSE it's free/open source, and as such lacks effective leadership.
No, it's even better.
If a company could have 1 single user and that user could pay them $500bn in perpetuity for a product costing $1, they'd only want that customer.
They want more customers because they can't have that ideal case. First of all nobody would pay that much for such a cheap thing, secondly, nobody lives for ever. So companies expand to make more money (= profit) and to future proof themselves.
Again, as I said, very sneaky from Apple, and I'm arguing it's breaking down existing economic models.
It's basically another run-around at "winning capitalism". Monopolies were one way. This is another one.
There is AMPLE computing choice today. There is even healthy choice available in mobile alone.
Monopoly regulation is about preventing those with market-controlling power from exploiting that position in unfair ways to the detriment of consumer choice. Microsoft did this when they tried to destroy Netscape by bundling a browser with Windows. There really WASN'T another viable desktop system at the time, and mobile didn't really exist; they owned the market.
Apple is free to improve their offerings in any way they see fit. They are even free to incorporate features into their systems that began life as products from other vendors; this is the normal way of things. If you don't like how Apple is behaving, you are free to shift your desktop to Linux or Windows or ChromeOS, or to migrate to mobile devices running ChromeOS or Android. That's a functioning market.
There's nothing sneaky about openly continuing to improve one's offerings.
HN is really, really bad about ascribing dark motives to every tech company not on the Approved List (which, of course, is constantly changing). Apple is pretty smart. Adding encryption to their backup scheme is one of those scenarios where yes, it's good business, but it's also the right move for customers.
No, there isn't.
If I want to be a functional human being, not some dork, it's either:
1. iOS (not jailbroken).
2. Android (not rooted).
Everything else is a FOSS hippie pipe dream, to be blunt.
And in economics there aren't just monopolies. There are also oligopolies and cartels.
We will need new laws for software ecosystems, if anyone will be bold enough to write them (they won't, see lobbying).
https://www.macrumors.com/how-to/set-preferred-music-streami...
Also Spotify has access to all of the APIs it needs. It just refuses to use them.
additionally, as far as i can see, those apps all free to download and you can buy their plans outside of the apple ecosystem and thus they get a free ride in the App Store without giving away any cut to apple.
You pretty much have to be on their store to sell something, which means you give them access to your sales and customers. Which is a concept that is absolutely wild in any normal healthy competitive landscape.
Then they'll monitor and if you manage to actually be successful, 3 months later there's an Amazon Basics version of your product.
It's so incredible to me how these practices get no push-back. There used to be a time where in the case of Windows, people were wondering if its fair that they ship it with a calculator program. Now you can just use your massive platform and extend in every possible direction, seize secondary markets, nobody seems to care.
* Amazon uses third-party seller data to copy the site's most popular products, an antitrust report by the House Judiciary Committee alleged on Wednesday.
* Former Amazon sellers told an antitrust subcommittee the company released new products almost identical to their own and "killed" their sales.
* Amazon has denied accusations of this behavior in the past. "We have a policy against using seller-specific data to aid our private-label business," Amazon CEO Jeff Bezos said in July.
https://www.businessinsider.com/amazon-uses-seller-data-copy...
Windows was artificially crippled by the DoJ ruling and not including a PDF reader by default. I, for one, like it when more is built into the OS by default.
How is this different than Walmart doing the same thing with their house brand? Or a sporting goods store, or any other store for that matter?
With everything that has happened with Apple since Job’s death, my trust has been eroded so much that yeah I still use Apple but they are the turd sandwich at the end of the day. I trust Google a percent or two less.
I like that they are doing with this E2E encryption. It protects against hackers better. It doesn’t protect against Apple though… they will still continue to sell the analytics on you. Which is fine if you don’t care.
Maybe images/photos isn't something they want to expand at this moment in time but let's not get ahead of ourselves.
Edit:The ocr and face recognition on the iphone is definitely more advanced than usual, thanks to the custom hardware on device.
Outside tech people I know at least
It's fine that very few people care Apple is very good at attracting customers without it anyway, so it's not the classical situation where we, tech people should feel sorry that non-tech people "just don't get it" and don't use Apple services.
And lastly, if indeed no customers care, then that speaks for even bigger respect toward the individuals working at Apple who pushed for this and made it happen. (But I think Apple believes this will be a good business decision, not altruism.)
Lol I would never advocate for any company I engage with to use apple products. Why? Because they suck.iphoto and iCloud are pieces of trash. Most basic thing like, delete local but keep cloud copy seems to be missing. Can't keep a iPhone synced and do this with iCloud. Lulz worthy sitcho.
Also can't even copy files off device easily. Can't put custom apps on devices easily. The company actively kicks back against things like, freedom of information, following standards, reducing e-waste.
You know some of us make decisions around the companies we support on greater levels than just feature a or b is present in device. Apple are a predatory company that in no way promote a software or hardware ecosystem that is ethical imho and they don't promote one I want to participate in.
I wouldn't touch their shit with a barge pole and ontop of this due to being IT everytime I'm forced to I'm mostly confused by wtf folks think is so great. I legit find the kids toy ux difficult to work with, borderline impossible.
I also like blowing clients away with simple tasks like....copying photos to a usb...browsing files on my phone on a pc. You know the basic stuff like they used to do when they were younger but apple cucked it along the way for zero reason lol.
See https://news.ycombinator.com/item?id=33898890.
> Can't put custom apps on devices easily.
You will, from May, thanks to the EU Digital Markets act.
> [...] simple tasks like....copying photos to a usb...browsing files on my phone on a pc.
You can do this with ifuse: https://github.com/libimobiledevice/ifuse
Downloading some random GitHub app to access a phones storage sure as shit won't be happening on any managed corporate devices I deploy. Or unmanaged devices tbh. That's the kinda shit I leave for quarantined VMs.
Data is still not easily accessible once it's on a iPhone.
Got forced to use a iphone 11 or someshit a few years back as a company issued device. Man it was alright at making phone calls, complete POS for doing any actual work on. Basically found it to be an overpriced paperweight that could take ok photos but was impossible to retrieve photos from. No i dont want a icloud account or any of that bs i just want to plug in to pc and pull files like I've been doing for 25+ years on every other platform ive ever used.
Also, https://support.apple.com/en-us/HT201301 ?
[1] I assume because then it's guaranteed the photos are stored on the phone, not just links to the iCloud versions.
[2] https://support.apple.com/en-gb/guide/image-capture/imgcp100...
Is this fact? Last I read about this the law was passed, but it's still unclear if apple will actually allow this.
I absolutely would love if I could use the latest version of iOS and install apps that are not in the app store. I'm currently using trollstore to do this but that means using older versions of iOS that are vulnerable to exploits.
That's an awfully bold statement! I'm quite happy in the Microsoft ecosystem for OneDrive, etc, and I'm not reading this and jumping to Apple. I'm not sure if most people care about these claims, and the people who are very security aware probably don't believe them.
No they don’t. They sell it to you
Otherwise apple likes to track your moves in the areas they do advertising on as much as everyone else.
They actually systematically scan photos and declare people to the police if IA determines it looks wrong.
With Apple, you’re at risk of losing your business just like with any other company who wants your data. Apple didn’t solve the “An offline account is better than a Cloud account” problem.
Obviously the commenter is talking about the new E2EE plan. No way to scan it then, under they do it on device, which they also walked away from.
Apple was developing this technology, but they dropped their plans.
[0] https://www.theverge.com/2022/12/7/23498588/apple-csam-iclou...
They DO want people's data, and they DO hoard it. If they didn't, they would share the source code with the community.
While it is a closed garden, I'll begrudgingly accept it can be marginally better in some fields than other options, but Apple tries very hard to be a proprietary island in a world that has switched to free software.
https://support.apple.com/en-us/HT212183#:~:text=Can%20I%20l....
We don’t cry over bitmaps vs vector graphics in most contexts, especially that the hardware is trivially limited. It’s probably a bit more nuanced with speakers, but I imagine that they also have very real limits on distinguishable outputs for a given input, even if it is not as trivial to see as in the case of a w*h pixel grid of depth n.
So yes, I think mp3/aac to CD, the change is very noticable. CD to HD (24bit), not so much
It might be possible that with very ($1000+) high end headphones about 5% of people could tell a difference, but even that is questionable. I have done many blind A/B tests with my $500+ headphone setup and no one has ever been able to accurately tell the difference repeatedly. There is absolutely no way that someone would be able to discern the sound difference between 320 and lossless on an AirPod-quality speaker.
I’m not sure about large speakers however. I assume that it’s equally difficult to tell any difference, and I couldn’t when I tested my setup. However, I have listened to some incredible $4000+ speakers before, and at that level I wouldn’t be surprised if differences emerged.
There’s so much snake oil in audio and placebo can effect sonic perception so heavily that it’s nearly impossible to find anything objective. There’s also a lot in the chain - the DAC, the AMP, room acoustics… that will effect the sound, sometimes substantially - let alone the speakers and the actual source.
While microphones obviously exist, you can’t measure sound the same way that you can measure the nits and white point of a monitor - it’s far more intangible.
Cross platform support is always a problem though. And frankly I don't buy the "like they did to the hi-res music industry"-- Spotify is still king here.
Their software is not open source. Before this announcement you had to trust Apple not to look into the files you store in the cloud, now you have to trust that they're actually going to encrypt your files and not save the decryption key. Ultimately you still have to trust Apple. A combination of any open source OS, any cloud provider and Cryptomator or Veracrypt wouldn't require as much trust in one company.
And the problem with all these services that provide some kind of E2EE encryption and still have a way to push application updates (or run something in your browser), is that they just slip a version on your machine that sends the password to the feds/whoever when you type it in.
Apple has very publicly refused to do this for law enforcement and there's no evidence they have or ever will
my comment was that against main stream companies apple leads the way, and it's overall great for a consumer.
do you personally expect every piece of open source software? do you run your own email servers, music servers, photo backups, etc.? If not, you somehow trust those companies -- why?
In particular, reviewing open source code has been repeatedly proven to be way harder of a task, than the proponents of this strategy are painting it to be. If you want an auditable codebase, you pretty much have to throw Linux, Chromium/Firefox, Gnome/KDE all out the window - there's just way too much code.
Auditable code is naturally always preferable to non-auditable, but you need to choose your trade-offs - or at least stop pretending you can read a hundred million lines in your life time.
On top of that - do you know a single non-tech person who knows how to set up a VPS, or knows what Veracrypt is? OTOH I can just show my wife: click here to enable backups.
Let me reframe the problem: What is your threat model? How much effort are you willing to commit to mitigate the dangers?
The crazy thing is that apple hardware beats most other hardware, too, at a high price. Better phones, better tablets, better laptops. More secure, more private OS than the popular consumer alternatives (Windows, Android). Arguably much better OS all around, too (at least IMO -- iOS beats even stock Pixel Android at use-ability, MacOS v Windows is like the Harlem Globetrotters playing the Washington Generals.)
For me, and I assume most others, it's not that we expect to read all the code ourselves. It's that there's a large developer community and security researchers who have access to the code who will collectively read it all. Of course this isn't a guarantee that there are no security flaws, and you still have the pipeline problem of ensuring the binaries you get actually come from the code you think they do. But all else being equal, I think open source provides a significant level of threat mitigation.
Even if you fully trust Apple not to intentionally back door anything, there's far fewer eyeballs on their code. Given that access to source code also has the potential to reveal security holes that may have gone unexploited, there of course a tradeoff here too.
Yeah, about that, I'm as much of an Open Source buff as anyone, but:
> Analysis of the source code history of Bash shows the Shellshock bug was introduced on 5 August <<1989>>, and released in Bash version 1.03 on 1 September 1989.
[...]
> The presence of the bug was announced to the public on <<2014-09-24>>, when Bash updates with the fix were ready for distribution, though it took some time for computers to be updated to close the potential security issue.
Especially older Open Source software tends to have maintainers that haven't adopted modern software development practices so we're back to square one, since most of this older software is foundational technology, like Bash.
I'm not implying inferior quality, I'm implying no correlation.
There was a very strong assumption from back in 1999, that "lots of eyes make all bugs shallow", with a focus especially on security.
In reality, there's no correlation.
You need those eyes to actually be looking at stuff proactively, you want automated scans, you want modern software development practices and CI/CD pipelines, you want those eyes to actually be qualified to look at what they're looking correctly, etc.
Just putting stuff out there and assuming "people will look at its insides" is a bad assumption.
Open Source in my experience is not inherently superior from a security perspective to proprietary software.
The Free Software world has had ample opportunity to produce something as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.
I've watched the whole FOSS world happen in my career, and there are places where I cannot IMAGINE choosing a closed source solution, given my druthers. But it's also become super clear to me that the FOSS world isn't interested in producing polished user experiences. Sure, you or I could cobble together a FOSS-only phone-and-syncing stack, I guess, but I don't care to. Most people aren't us; doing so is beyond them.
Suggesting a normal person use something OTHER than iOS at this point is questionable at best.
Sometimes it works with a right BDFL, for some time (like Python). It also works with solo projects, and with projects with large commercial support (like Blender), especially those which don't normally accept your pull requests, except as a proof of concept (SQLite).
But the normal open-source model produces things like Linux, git, ffmpeg, VLC, etc, which are wonderful and have immense power, but are hardly sleek or excessively coherent. And each of them is much, much smaller than macOS or iOS.
The kind of person that uses Apple products/services cares about convenience. The person that uses the third party Android ROMs, in particular, cares more about the freedom.
It's more accurate to frame it as preferring low hassle to high hassle. Or to preferring well-designed tools to haphazard efforts. Or, from the other side, preferring some degree of DIY to turnkey products. (In particular, I think this is a HUGE piece of it; lots of hackers want to build their own toolchain, and then they get to feel noble because they're doing it for "freedom.")
I'm pretty "all in" on the Apple ecosystem. Each step of the way, I thought pretty deeply about my choices, and still ended up with an Apple option. But to characterize this as me caring more about convenience than "freedom" implies that I have somehow given up or endangered MY freedom, which isn't the case.
I'm able to do anything I want to do in this ecosystem. Macs are general purpose machines; I can build from source, and I can run code from any repository I want.
iOS is closed by design, and the result has been a very stable and predictable platform that I do not believe is possible WITHOUT that closed nature. I can't hack code on my phone, but I also don't WANT to. There are lots of appliance devices in my life I don't want to hack, and that I just want to USE.
I will admit, Macs are much better in the software realm, but the hardware has almost no internal upgradeability. There's some, but it's less. That's my point. And yes, many non-Apple computers also have that same problem. My gripe isn't with Apple. It's with companies who don't give maximal freedom with their devices, as I prefer more open systems, personally.
Sure. But this is also true of most modern, lightweight, thin laptops. And I'm pretty sure it's true of any phone worth using.
My experience is that a certain sort of FOSS person prefers theoretical freedom to actual usability.
The main reasons I left are repairability and upgradability; forms of freedom that you simply cannot deny Apple isn't great at, from design all the way up to policy. Privacy was also a reason. It is true that you have to place trust somewhere up the chain when it comes to the way specific software handles your data, but things like where it is stored and how it is encrypted are in your own hands when you DIY.
These things are not theoretical; if I want to use a different Wi-Fi adapter, a new SSD, RAM, a replacement screen, speakers or barrel jack then I can. There are parts available for very reasonable prices as well as the manufacturers' repair manual. It doesn't require solvents or esoteric tools.
Now I use a business notebook with Linux that is worse than the M1 in some respects, but in hindsight I'm willing to give up the battery life and cool runnings for the ability to repair and upgrade (and ports! Ethernet, yay!). Same goes for the phone (I went for a FairPhone).
It isn't as polished, very true. There's some rough edges and it takes a little more work, and yes, sometimes a bit of frustration. But the upside is tangible, it's not some form of feigned nobility.
Honestly, I suspect you just like having to tinker with your stack to get work done. (I mean, I've been there - I use OrgMode.)
Sure, being able to swap out parts is theoretically nice, but you'll do that maybe once in the useful life of a computer -- but I haven't needed or wanted to do either in easily a decade. How often does this really come up? On the other hand, you'll confront that lack of whole-package QA and general polish every time you turn your computer on.
And I'm really curious about anyone's privacy needs if they abandon APPLE for roll-your-own. Yes, it's all in your hands now, but most people don't have the time or inclination to be sure they're doing all the right things, security-wise and privacy-wise, to stay safe. There's a good chance your DIY approach is less secure than iCloud unless you literally do this sort of thing for a living. I mean, this is why I don't run my own mail server anymore (hello, Fastmail!).
So yeah, I think lots of people say "freedom" when they mean "I just want to tinker with my toolchain a lot and occasionally feel superior about it."
I use an HP 830 G5, a high end 13" thin notebook from 2018. It cost me 350 bucks. I sold my M1 for 70% of what I paid, and I can replace this thing for something similar, so it makes financial sense in my case. It's just a platform, I don't really care about the thing itself. It hooks into a thunderbolt dock for a lot of it's life anyway.
>Honestly, I suspect you just like having to tinker with your stack to get work done. (I mean, I've been there - I use OrgMode.)
I run Fedora 37 (35 and 36 upgraded without issue). I'm in the process of building a new house, which requires insane amounts of paperwork and communication as well as document storage and exchange. I need this to be rock solid, running E2EE on a NextCloud VPS in combination with this workstation setup does that for me. It's a little work up front, but it's been smooth sailing ever since setup was done. It just gets out of my way; I don't care about this WM versus that, this display manager, the whole systemd discussion. Everything except the fingerprint scanner just works, no tinkering required.
>Sure, being able to swap out parts is theoretically nice, but you'll do that maybe once in the useful life of a computer -- but I haven't needed or wanted to do either in easily a decade. How often does this really come up?
You can't predict breaking your computer. I managed a pretty large fleet of Macs for a living for about 2 years; build quality is great but they're not infallible. When they do break, you're at the mercy of Apple, and I simply do not have the time to wait for their repairs. With this setup, not only can I upgrade whatever, whenever, but anything that will run Fedora and has a modest amount of local storage can replace it for at least the time being.
Compare that to the situation I was in: Any repairs that I couldn't have DIY'd probably would have cost me at least the total cost of this computer (maybe even twice over) and would have put me out of business for a few days.
>And I'm really curious about anyone's privacy needs if they abandon APPLE for roll-your-own. Yes, it's all in your hands now, but most people don't have the time or inclination to be sure they're doing all the right things, security-wise and privacy-wise, to stay safe.
Sure, but I do. I simply hate surveillance capitalism with a burning passion; I honestly think there is a logical set of steps from that to political division and a worse world to live in. So I don't want any part in it. I must admit that that sounds like philosophical grandstanding, but I promise you it's a sincere belief. It's not so much about privacy from state entities; that's a lost battle in my threat model.
If you're locked into an ecosystem that you cannot easily get out of (and there's a BUNCH of dark patterns Apple applies to try and poke you to stay as well as the obvious loss of software licenses) you're a boiling frog. I see Apple going in a worse direction incentive-wise. Nowadays, I just don't care about where they're going anymore, it's not my problem.
Well, that one's not so bad, but is also mostly a commercially-supported endeavor and has been for a long time.
Now, the Linux desktop is a shitshow, sure. It'll remain that way until they can settle on One Windowing & UI Toolkit to Rule Them All, which looks to be happening never and is definitely in part a consequence of so many very basic parts of the GUI being swappable and having tons of competing options. Though the kernel's attitude toward providing stable driver ABIs (or rather, not doing so) isn't helping.
Some of us prefer Android to iOS :) Having used iOS as well, the one thing I miss in Android is Continuity. Other than that, I find Android gives me a better experience. I'm certainly an outlier in many ways though compared to the average user.
This is not the reason for security patches taking too long to be released to certain phones; Google has a monthly cadence of releasing security patches and zero-days have rarely (I can't remember a case of that happening but maybe it has happened) missed do you have a source for it?
> Oooh, ooh, no that's not my favorite thing, my favorite thing is how each cellular company gets to put their own bloatware on top of the bloatware that each phone manufacturer gets to add to it.
There are unlocked phones available and honestly this problem is mostly a US problem. Rest of the world isn't in the iron fists of their carriers.
> Oh wait, maybe it's patch support ending for new phones 3 years after they were released.
You can vote with your wallet and choose vendors where this is not the case; Google, Samsung and Recently OnePlus offer 5 years of security updates.
Yet and still Microsoft solved this problem years ago. Why can’t Google? Hell my 2006 Mac Mini got years of Windows 7 updates after installing Windows on it.
That's crazy, though. It's not like there isn't a module for that cellular modem, and they don't touch that code for every release.
That's like blocking a Firefox update because the Windows driver for the mouse could be impacted.
In the rest of the world phones are unlocked in terms of being able to use different SIM cards, but mostly the bloatware is still there and can only be disabled (not removed)
You mean the same OS that allows you to build your own open mobile OS as opposed to a closed source locked down OS that permits only 1 app store and 1 payment system?
>Suggesting a normal person use something OTHER than iOS at this point is questionable at best.
It's only questionable if you prefer the prison that is iOS.
I lol'd at "prison that is iOS."
Notably, the only other serious competitor in the space is also not open source. Sure, you can probably carefully construct a phone from only FOSS, with some compromises of course. But this is unfeasible for regular users, who have for all practical purposes only two choices. And those same users are unlikely to go for alternative replacements for built-in functionality just to reduce their exposure. Convenience wins every time.
I thought just a couple of months ago they wanted to scan everyone's phones for illegal content.
No, google has had encrypted android backups for years.
Well for your use case maybe, but I do not find the value of trading privacy for freedom to be a good one, specifically since I can secure my data other ways including not storing it at all on my phone.
My phone is a tool, and I prefer to own and control completely that tool
in financial circles, an immediate thought would also be "is such a person short AAPL?".
Count me in amongst the salmon then.
Note that they still want some data, especially given the recent increase in advertising activity.
Few examples: Still can't keep photos on iCloud and delete thumbs on the phone. A real issue my old iPhone had insufficient space and I had to move to OneDrive. Support for other operating systems is lacklustre. One of the core benefits of cloud is accessing your files anywhere when you need them, not possible unless you're lucky enough to find yourself on a Mac at that moment.
The other really annoying thing is you pay $3/m for 200gb or $10/m for 2tb… there’s no middle ground, I’d like to pay $4 for 500gb or $6 for a tb.
if you're poor you're probably not data hording TBs of data, because you've got other problems, so yes, this is all speaking from the point of the privilege, and you being here is also from the point of privilege.
and to answer your 3rd question -- i'll bite and say that this maybe true. but is it really apple's problem or the problem overall? where we're all mined for data and now when someone does offer security you scream that it's unfair. shouldn't you take the equivalent effort and write your legislator and ask them what they're doing about bringing the bar to the level that apple is bringing it to, for all of the poor people out there?
If you wouldn't mind reviewing https://news.ycombinator.com/newsguidelines.html and taking the intended spirit of the site more to heart, we'd be grateful.
Fanboyism is expected, but this kind of statement is always bizzare to me. I run an aosp build with no Google software. How can a closed, proprietary system which pinky swears they will not do nasty stuff with your phone possibly be better than that?
Where are you seeing this?
This is a little hyperbolic. E2EE backups are fantastic; Apple seriously deserves a ton of praise for this. And iPhones have been getting a ton of security/privacy features that I really love, I am not going to dismiss their contributions to privacy. And while I wish some of their services like the Apple VPN/masked emails were better done, they are still fantastic features that I encourage iPhone users to enable, and that I am thrilled to see rolled out to a mass audience.
Alongside that praise, I am though going to point out that the adblocking on the iPhone is sub-par[0] because mobile Safari lacks Firefox's extension APIs, and I'll point out that their app store model blocks some privacy apps like Newpipe, which forces people into using more invasive alternatives that require stricter privacy controls. I'll point out that it is harder in some ways to get away from the default tracking that happens in Apple's apps than it is to root an Android phone and disable/swap Google services.
Threat model and personal expertise matters here; I like a lot of what iPhone do, but I also dislike a lot of what they do. Personally, I feel more confident in my ability to secure a rooted Android device than I do to secure an iPhone against the majority of privacy attacks I'm worried about. That doesn't mean that iPhones aren't the correct choice for a lot of people. I feel much less confident in a family member's ability to secure an Android phone if I can't give them advice or help them through the process.
And all of this is ignoring that privacy is one aspect of consumer freedom and rights. I think we can praise Apple for what is objectively a great move for privacy without being this over-the-top.
----
[0] Before someone complains, I'm not saying that iPhones don't have adblocking. They do have adblocking and I encourage you to use it, it's great. But that adblocking is objectively not as powerful or comprehensive as it would be to use a tool like Ublock Origin.
I don't think I've ever seen someone make the argument that Gorhill should be trusted less than the advertising industry, that's a new one for me.
People get really offended when I bring this up. I'm not saying that Safari adblocking is useless (you should use an adblocker with Safari, and there are devs doing excellent work to get around Apple's limitations, I have a lot of respect for them), but you are making a tradeoff for that sandboxing/permissions in the form of a less effective adblocker. This isn't just me saying this, if you talk to people writing iOS adblockers, they will tell you the same thing.
If you are so scared of Gorhill that you need to make sure he isn't tracking you, then sure, make that tradeoff. Or more realistically, if there are other privacy features on iOS that you care about more than adblocking, then make that tradeoff. But it's not just silly to pretend that the browsers are equivalent, they aren't.
And it's even sillier to pretend that an Open Source standard in adblocking should be rated higher on someone's threat model than the actual websites that are tracking you when you use a browser.
Once again, it's OK for people to like iOS or to point out that it has some excellent privacy features that make it a good choice for privacy-conscious consumers. And I'll give Apple praise that on iOS, the default browser supports an adblocker at all -- it doesn't require you to install a separate browser to get access to one. But we don't need to get hyperbolic and start arguing that Apple is somehow leading the pack on literally every single privacy issue; they aren't. It's OK to say, "in this specific issue, it isn't possible on iOS to get the same anti-tracking behavior that we could get on Android or on a desktop PC/Mac."
Did you personally vet the open source code? Did you compile it from scratch and install it on your phone or are you trusting it’s the same code?
https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-b...
This is specifically looking at (pre-manifest-V3) Chrome, so there are some other differences with Safari, but CNAME uncloaking is the most obvious example.
See also some of the previous comments I've made about this in the past (https://news.ycombinator.com/item?id=23622206). A few of these details might have changed (I vaguely think I remember Apple raising the rule limit), but I think the fundamentals are all still true.
> Did you personally vet the open source code? Did you compile it from scratch and install it on your phone or are you trusting it’s the same code?
I have read through parts of uBlock Origin's code, yes, but ultimately I'm trusting the broader Open Source community to say it doesn't have holes in it. And yes, I'm trusting Mozilla's vetting process for its "trusted extension" category. I think that's a reasonable thing for most people to do.
Of course, I could compile the extension myself, but I think to a certain degree that would be security theater.
----
Again, just really surprising to see an argument that boils down to "this Open Source application might potentially spy on me, and that's a greater danger than the websites that I know are actively spying on me right now." If Safari adblocking is good enough for you and your threat models, great. You don't need to justify that by pretending that uBlock Origin is insecure.
I will note, by the by, that Safari's limitations mean that (at least on desktop) the top-rated adblockers like AdGuard have shifted to running as external applications separate from the browser (https://adguard.com/en/welcome.html). This is not a dig at AdGuard, I think the AdGuard devs (as of last time I checked) are doing really great work. But if you're worried about sandboxing, running a desktop app is a lot more invasive than running a browser extension. I don't know if there are ways to do the same circumvention on iOS, so it's possible that AdGuard devs are staying in the browser sandbox there; I'd need to double-check.
Of course, you can use apps like AdGuard as pure extensions in their more limited form (I don't recommend a specific iOS app, but unless something has changed since the last time I checked, AdGuard is a solid choice) -- but you will get a more limited adblocker as a result. The performance might be good enough for you, and that's fine. But it's still correct to say that it will be more limited.
----
I will also add to this just to preempt anyone arguing otherwise that I am not saying that browser extensions shouldn't have better sandboxing. They should, extension sandboxing is awful and it needs to improve. What I am saying is that the specific sandboxing model that Safari uses (and that Chrome is moving towards) for adblocking limits their effectiveness.
What if it's for somebody that wants to play Fortnite on their phone?
... so, they... didn't? Plenty of those services, including Tidal, probably the most prominent one, still exist.
> seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
This is the top comment in this thread right now, and I'm guessing it's because the readers of Hacker News value satire. If Apple's ecosystem is so bewilderingly excellent that nobody in their right mind would choose anything else, why did Apple start offering a bunch of their services, like Apple Music and Apple TV, on other hardware ecosystems?
> they just ate every other 3rd party "secure" backup services lunch just like they did to the Hi-Res music industry.
Except they only control 50% of the smartphone market and 15% of the PC market. So there is still a large market they're not covering
Can I buy something from my local supermarket without them knowing what I bought? Can I create an EC2 instance on AWS without Amazon knowing who created the instance?
I don't like a super powered monopolistic company as much as the next guy and I totally agree that ads situation in App Store is not a straight business but come on.
Some people want to use their computer completely privately and that's totally fine, but when you are using a cloud service, they probably will know how you use it. What they do with that data and how they handle it on the other hand is of importance. The problem with the whole tracking fiasco starts when the provider sells your data or "access", collected using dark patterns for example to others.
That still leaves the purchase data freely available, and if you purchase the same kinds of items regularly you can probably build a profile. The purchase data itself is still valuable and still tracked.
Tell me your secrets! :P
How will they do recommendations if they don’t keep track of what you listen to? How will they do recently played lists?
How will they know if they should send notifications to your phone for your apps if they don’t have a record of what apps you have installed? All notifications are bundled together and sent from their servers to save battery life.
what you're describing is not the norm and those options should always be available, but the effort to value is simply not there to large portions of the mobile users.
iOS still doesn't allow you to sideload without shenanigans (requiring your to not only have a Mac, but also have it resign any custom apps every week is beyond unreasonable). Some people don't care about that, but I do and not being able to do so is 100% a dealbreaker for me.
Not using Apple because you disagree with their decisions does not make one intentionally "going out of their way to swim up river." It just makes one a normal person who doesn't want to use, what it to them, an inferior product.
> the don't care to scan your pictures with AI 20 different ways
This is especially ironic as another post on the HN front-page today is about Apple giving up on their plan to scan iCloud photos for CSAN after months of pushback.
sideloading is a deal breaker for me, so I'd rather stay out of the walled garden on my Android
This is not something to celebrate IMO, Apple keeps doing this and then pushing out the 3rd party options either by pure positioning and bankruptcy or by app store policy.
The result is no choice, no competition, and over time a worse product due to absence of market forces ... beyond the high resistance threshold of getting bad enough for a user to flip the table and exit the entire iOS ecosystem they've invested in - this is the danger of 100% vertical integration.
Did Apple ever implement the ability to run software without first phoning home and asking for permission? The last time I checked they had not followed through on their promise to do so.
https://www.howtogeek.com/701176/does-apple-track-every-mac-...
https://mjtsai.com/blog/2022/06/16/apple-reneged-on-ocsp-pri...
https://security.googleblog.com/2018/10/google-and-android-h...
Google Workspace also apparently supports client-side encryption/decryption.
https://support.google.com/docs/answer/10519333?hl=en
wouldn't be photos scanned on the iphone? - not sure if it's all local or goes to the mothership
Really? Isn't this the same Apple that told the FBI that they could get access to a suspect's data from their iCloud account. And the same Apple that was part of the US government's PRISM program to sell user data to the NSA? What makes you think people happy with competing services will jump to them blindly?
> They're not Goodle/FB/Amazon.
They are exactly like them. All of them claimed they care about user privacy, before massively collecting the private data of their users and then exploiting it.
> ... reliable, secure, private service ...
Reliable, sure. "Secure" is debatable when the keys are stored on the iDevices that only Apple can access any time. "Private" is laughable when every Apple product now comes with a disclaimer / popup permission informing that they will use your data to enhance personalised ads served to you by their ad platform.
This comment is made every time Apple makes one step forward but it's apparently easy to forget that Apple also took ten steps back.
I'm using LineageOS + MicroG happily and there are other alternatives that don't buy into any of these big corporate monoliths.
I'm not swimming up river but you are carrying water for a multi-trillion dollar behemoth.
Apple is hella late to the game encrypting data and you better bet there's a backdoor to getting that data if an FBI request comes in.
What's the truth though? Are they able to coordinate with law enforcement if needed or not? I find it hard to believe there's no government agency paying attention to iMessage of criminals. Am I mistaken?
If there's anything I learned about any offers made from big tech, I would never trust any of them until proven for long-term usage for half a decade at bare minimum.
3-2-1 strategy is still a proven method for decades and will still be over any cloud services out there, including iCloud's.
Not sure how common is my attitude but I do not give a flying fuck about what Apple does. I keep my own backups (been doing it since the 80s). Today's Apple to me looks like a money company that makes some hardware by accident.
and in general, the less I attached / depend on a single company for anything significant, the better I feel.
Whatever they say and do, they'll eventually revert to that simple logic when it matters.
If you want to unload photos out of your devices with assurance no one's gonna look, buy a NAS and dont connect it to the internet.
I think FB really wants data about your behavior but based on what they’re been doing with chat security I don’t get a sense they want to or need be able to read through peoples chat history to get that.
This kind of thinking is a lot more dangerous than OEMs not giving us better privacy and data protection.
re: point 3 - they really TRIED to scan all your data with your CSAM tool but got too much pushback. They are only doing this now because they are dropping CSAM and trying to garner public favor.
What's stopping them from doing this scanning at acquisition or access by the user? We already see Google running models on your phone for things like Magic Eraser.
All Apple has really announced here is that if you're using Apple Apps and Services then they're the only ones who can mine your data. This pivots nightly into their Ad Services.
Their devices are still sending a bunch of telemetry. They're still in the ads business
Not saying that this recent move is bad, it's good to see. But at the same time, I'd rather manage and encrypt my own files on my own dfs than get trapped in the walled garden
In every country they operate in? Especially those run by dictators, autocrats and wannabe dictators/autocrats?
If not would their next Ad or Speech on humanity, morals, rights, privacy and other virtue signalling include a disclaimer that those are not available in such countries?
I'm baffled that the information security requirement has reduced from zero-trust to trust the shiny hardware maker because 'they say so'.
> anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.
I'd happily swim (or) drown trying instead of blindly trusting privacy claims of a Child labor exploiting, Union Busting, Virtue Signalling insanely hypocritical ultra-mega corporation.
This does not in any way make me want to switch back from GrapheneOS.
Probably. Android is getting locked down with remote attestation anyways. There's no point to it anymore, might as well choose the better tended walled garden.
If they don't want their user's data then why are they running an ad business?
I genuinely refuse to believe a real human wrote that sentence, there's just no way, right?
(more at https://news.ycombinator.com/item?id=33899699)
¹ https://mashable.com/article/apple-icloud-plus-plans#:~:text....
On page 25 of [1], we can see the security auditing done as part of their only official security certification for the iOS was: "The evaluators searched for publicly known vulnerabilities applicable to iOS using the following sources... The search was performed on multiple occasions between... using the following search terms... The valuator's CVE search found no vulnerabilities apart from the ones listed in the developer's security content disclosure statements, all of which have been fixed in subsequent releases on iOS. The validators reviewed the work of the valuation team, and found that sufficient evidence and justification was provided by the valuation team to confirm that the evaluation was conducted in accordance with the requirements of ..." tl;dr The evaluation process is that they do a web search of key words, check that all the publicly disclosed vulnerabilities have been patched, then call it a day.
To put that into perspective, their are certifying against AVA_VAN.1. It is only at AVA_VAN.2 that the evaluator is required to do any independent vulnerability analysis as seen in [5] Page 155 AVA_VAN.2.3E (bold is changes from the previous level). At AVA_VAN.3 you need to evaluate against "Enhanced-Basic" attack potential. It is only at AVA_VAN.4 that you need to evaluate against attackers with a "Moderate" attack potential. At AVA_VAN.5 (the highest level) you need to evaluate against attackers with a "High" attack potential. Apple's only security certification, which in their own words "provide a measure of confidence—that is, security assurance—that the security needs of a system are being satisfied" and are "used by many organizations as a basis for performing security evaluations of IT product" is wholly three levels below "Moderate" and is effectively self-graded.
Until they actually certify against a standard requiring moderate security, it is only prudent to take them at their word and assume that their products are only fit for systems that "do not view threats as serious". If they want their security to be taken more seriously they should prove it against internationally recognized standards assessed by independent third parties rather than issuing unsupported marketing fluff.
[1] https://support.apple.com/guide/certifications/ios-security-...
[2] https://support.apple.com/library/APPLE/APPLECARE_ALLGEOS/CE...
[3] https://www.cisa.gov/uscert/bsi/articles/best-practices/requ... EAL1: Functionally Tested
[4] https://commoncriteriaportal.org/files/ppfiles/pp_md_v3.1.pd... Page 136 Section 5.2.6 AVA_VAN.1
[5] https://...
They can remotely wipe apps. They can force-install apps and force updates. It is not too far-fetched to think that they can just remotely copy anything stored on your device to their servers. So, with an adversary that capable, I'm not sure encrypted backups provide a meaningful improvement to security and privacy.
> The third-party doctrine is a United States legal doctrine that holds that people who voluntarily give information to third parties—such as banks, phone companies, internet service providers (ISPs), and e-mail servers—have "no reasonable expectation of privacy" in that information. A lack of privacy protection allows the United States government to obtain information from third parties without a legal warrant and without otherwise complying with the Fourth Amendment prohibition against search and seizure without probable cause and a judicial search warrant.
https://en.wikipedia.org/wiki/Third-party_doctrine
If you want maximum security use an air gapped computer. But that won't let you send messages on the go.
How is this possible on iPhone/iPads, where using Apple services like the App Store is required to install software?
[0]: https://en.wikipedia.org/wiki/PinePhone
We cannot say the same for Apple.
If people in China and other privacy-hostile countries can side-load from alternative app stores (like F-droid for Android), the government/Apple doesn't control user access to particular undesireable apps.
There's obviously reverse concerns to this side of the coin but the overall concept has arguably always existed eith jailbreaking (Cydia store, AltStore(?)) and I haven't heard any stories about people becoming massively compromised in the way all the naysayers and Apple would have us believe.
[1] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%...
And Apple already chooses the reverse for you by not allowing apps you may want and by charging at 30% tax for doing so. There is a vast disparity between the behaviors!
Use your own server? Great, it's secure software-wise, but if someone broke into your house, it's all of the sudden the worst liability ever. The next thing you know, your entire identity, your photos, everything is stolen. You have excellent technical security, perhaps the weakest physical security.
So new plan, you use a self-hosted NextCloud instance on a VPS somewhere. That's actually not much smarter than using iCloud - VPSs handle data warrants all the time. They also move your data around as they upgrade hardware, relocate servers, and so forth.
So new plan, you use iCloud E2E encryption. You have to trust that Apple does as they say, and trust that their algorithms are correctly functioning. Maybe you don't want to do that, so new plan:
You use a phone running GrapheneOS, with data stored on a VPS, with your own E2E setup. Great - except you need to trust your software, and all the dependencies it relies on. Are you sure GrapheneOS isn't a CIA plant like ArcaneOS was? Are you sure your VPN isn't a plant, like Crypto AG? And even if the VPN is legitimate, how do you know the NSA doesn't have wiretaps on data going in and out, allowing for greatly reducing the pool of suspects? Are you sure that even if the GrapheneOS developers are legitimate, the CIA hasn't stolen the signing key long ago? Apple's signing key might be buried in an HSM in Apple Park requiring a raid, but with the GrapheneOS developer being publicly known, perhaps a stealth hotel visit would do the trick.
So new plan, you build GrapheneOS yourself, from source code. Except, can you really read it all? Are you sure it is safe? After all, Linux was nearly backdoored with only two inconspicuous lines hidden deep in the kernel (the 2003 incident). So... if you read it all, and verify that it is perfect, can you trust your compiler? Your compiler could have a backdoor (remember the "login" demo?), so you've got to check that too.
At this point, you realize that maybe your code, and compiler, is clean - but it's all written in C, so maybe there are memory overflows that haven't been detected yet, so the CIA could get in that way (kind of like with Pegasus). In which case, you might as well carefully rewrite everything in Rust and Go, just to be sure. But at that point, you realize that your GrapheneOS phone relies on Google's proprietary bootloader, which is always signed by Google and not changeable. Can you trust it?
You can't, and then you realize that the chip could have countless backdoors that no software can fix (say, with Intel ME, or even just a secret register bit), so new plan. You immediately design and build your own CPU, your own GPU, and your own silicon for your own device. Now it's your own chip, with your own software. Surely that's safe.
But then you realize there's no way to verify, even after delidding the chip, to verify that the fabrication plant didn't tweak your design. In which case, you might need your own fabrication plant... but then you realize that there's the risk of insider attacks... and how do you even know those chip-making machines are fully safe? How do you know the CIA didn't come knocking and make a few minor changes to your design, and then gag the factory with a National Security Letter from giving you any whiffs about it?
But even if you managed to get that far, great, you've got a secure device - how do you know that you can securely talk to literally anyone else? Fake HTTPS Certificates from Shady Vendors are a thing (TrustCor?). You've got the most secure device that is terrified to talk to anybody or anything. You might as well start your own Certificate Authority now and have everyone trust you. Except... aren't those people... in the same boat now... as yourself... And also, how do you know the NSA hasn't broken RSA and the entire encryption ecosystem with that s...
Even though I get an A+ on the Nextcloud Security Scan (https://scan.nextcloud.com/), have 2FA, and custom IP blocking set up in my .htaccess file, it's disheartening to know that I'm not as secure as I thought I was.
I removed all my photos/files from iCloud for privacy reasons, and now I feel helpless contemplating how Linode may just hand my data over if served a warrant.
Any other Nextcloud hardening tips besides Fail2ban and reverse proxying you'd recommend? May I ask what your workflow looks like for preserving files throughout time?
E2EE will consume more space.
this doesn't invalidate the rest of your point, but if your data isn't encrypted at rest on your own hardware, that one very particle point? that's your own fault.
Both Nextcloud and GrapheneOS are FOSS which addresses your concern about it being a government trap.
My partner is able to access my Bitwarden account if I were ever to be indisposed.
Sure nothing is perfect, but tell me how this is not a better solution than trusting the closed source ecosystem of the biggest corporation in the world.
I was merely referring to the fact that unless you build the code yourself, there is no certainty that you have that a government has not shipped a custom hacked build to your device and stolen a FOSS signing key. Unlikely? Yes. Possible? Yes. Also, backdoors, as seen in the 2003 Linux incident, can be as hidden as a deliberately missing equals sign in 1 line of code - so, a sneaky government commit with the smallest backdoor could be undetected even if FOSS. I still think it’s better than proprietary - don’t get me wrong - but it’s not invincible which was my main point about how security does not end.
You can, with some inconvenience, use optical diodes to transmit data from a trusted input device to an untrusted network device for transport over tor, and then push the received messages over a second diode to a display device that decrypts the messages, so that even if you receive an exploit/malware, there is no physical connection that allows unencrypted data to be exfiltrated.
https://github.com/maqp/tfc
BRB, just setting up six new PCs so I can chat with my friend, lol.
Tbh in theory apple aren't allowed to tell you they have done it or otherwise. So their phones have probably been backdoored for a few years now at request of aus gov.
Because apple isn’t in control of apple for data at rest, and that’s the specific risk.
You have to trust control of the device sure, but you cannot trust cloud data - almost at all - between subpoenas from over eager LEOs and break ins from criminal and state hackers
That's not really true if Apple also holds copies of your iCloud decryption keys. If they want to access your data, they already have all the necessary components.
Let me re-phrase, by giving Apple control over the keys, you give control over the data to whoever controls apple - which is non-zero (Eg. LEO), and whoever may gain control (security vuln).
That is literally the thing that this announcement changes.
I see that Hacker News has plummeted below Reddit in the "bothering to check the link" stakes.
> One must understand that E2EE is used when you don't trust your service provider to handle your data. In other words, the adversary in your threat model is the service provider - and in this case, Apple. And what good is that encryption, if Apple obviously can do almost anything with your device?
There's a similar variance of complexities for hacking and law enforcement overreach scenarios.
E2EE isn't a solution for all attack vectors, but it's a significant mitigation in itself.
I trust Apple’s honesty. I don’t trust many attack vectors. Someone could gain access to their data center. E2EE protects that. A gov could legally compel them to provide data. I trust when they say they’ve engineered it in such a way that they can’t currently do it, and that they would publicly cause a scene and legal battle if attempted-as they have before. Accidental data leaks also happen. In all these scenarios I trust Apples intentions but know that nothing is perfect. E2EE adds a lot for me.
These protections aren't there to protect you from "Apple", but Apple staff.
So for example if someone at Apple has been compromised by a foreign state, they can't copy sensitive customer data just willy nilly. They'd have to jump through a lot of hoops that would be prohibitively difficult.
Google had issues like this in the past where some employees were sending data to the Chinese government. E.g.: information about dissidents, political opponents in Taiwan, etc...
This is one of the reasons Google encrypts even internal server-to-server traffic, because the threat is on the inside of the firewall!
Was that reported anywhere?
Technically no. I still have Fortnite on my iPhone, it just can't be opened. Apple can't wipe apps from your phone, but if they're App Store installed (as opposed to Ent MDM/Sideloaded), they can render them inoperable by revoking the certificate attached to the bundle.
Remotely deleting probably just exposes them to all kinds of legal issues, since it would wipe user data too (which you can otherwise possibly still extract, e.g. through the "Files" app).
This is identical to any developer that doesn’t deliver updates or suspends their developer account.
Those which have downloaded Fortnight at least once can still download and use the game on earlier versions of iOS and even with iOS 16 by following certain mitigations.
Contrary to some online posts Apple haven’t done anything unique to the fortnight account.
a) Overreaching law enforcement, which want to take a look at what I'm up to. b) Data breach at Apple exposes all my data c) Errors where my pictures gets in another users photo album, as seen on Google Photos once.
E2EE defends against all 3
The adversary in this threat model isn't the service provider. The adversary is someone attacking the service provider, like a hacker or a government with a warrant, and getting access to Apple's storage of your data.
Now of course it's not impossible for such an adversary to also defeat other systems at Apple and get your data another way, for example by controlling Apple's ability to send over-the-air updates to Apple devices. But I think that is a sufficiently distinct threat that it's not worth dismissing solutions to the first threat. That would be like dismissing the importance of a web server storing passwords salted and hashed, since attackers could just use a totally different attack to bypass the web server's database access control. Another way to illustrate this might be to point out that attackers can physically coerce you to hand over data regardless of any security measures any service provider could possibly make, but that doesn't mean we should dismiss all such security measures.
This is now possible to achieve in AWS, for example.
https://aws.amazon.com/about-aws/whats-new/2022/11/aws-kms-e...
If only such a service existed.
If only …
[1]: https://news.ycombinator.com/item?id=32768182
However, as with all things here, you can just email and discuss with a real person and we'll set you up the way you need to be set up wrt billing and pricing, etc.
Still with all that said:
>I disagree - the service provider should be considered an adversary and their service - and your tooling - should make it possible to obfuscate every single bit of data and metadata that you store there.
If you're using Apple devices at this point then I think they do unavoidably form some part of your core trust foundation. With current hardware Apple is everywhere in the stack right down to the CPU level, heck arguably below that since they have a special license with ARM and can implement their own custom extensions. If you really think they're an adversary to the point of doing custom backdoors explicitly going after you, then the hardware just can't be trusted.
It's not unreasonable though to look at both Apple's incentives and the state of American law at least and see distinctions between Apple being compelled (or hacked) to provide something they have passive access to on their side anyway vs being compelled to engage in non-consensual active work and feature development (or having that slipped in and make it into general deployment) on things that necessarily must go out to end user devices. The former is both bog standard warrant/subpoena territory and not inherently detectable outside of Apple and the government, since it doesn't directly involve the user as a party at all. The latter is very arguably illegal and provokes far more public response, and involves deploying in ways that make it far harder to keep concealed (and open up other avenues of challenge).
remember Lavabit [0]? will Apple choose to shut down rather than to comply [1]? if the government comes with a warrant, it will be with a gag order, and they will be compelled to silently update your phone to extract whatever the govt needs over the course of a few months.
[0] https://en.wikipedia.org/wiki/Lavabit
[1] https://en.wikipedia.org/wiki/Pen_register#Pen_Register_Act
Apple will probably comply, just like I would probably comply rather than go to jail or suffer injury to myself or my loved ones. But I think it's fair to treat that as a distinct threat.
https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_d...
in this case it could have set a dangerous (and expensive) precedent for them.
that does not mean they will fight any and all requests.
Sure Apple could update your device to send all your photos unencrypted to them. They could also remotely turn on the mic and spy on all of us. They could also add key word detection to iMessage and flag law enforcement if you text out the wrong words.
I think everyone here understands what Apple could do. Which is why it’s a good thing that signs point to Apple not wanting their customer data. And why Apple refusing government orders that they feel violate their customers is unequivocally a good thing (even if they’re doing it for selfish reasons)
that e2e encryption by a third party does not give you privacy from the US government if that third party can remotely control or update your device and is subject to US laws. it is a direct reply to the assertion made in the GP: "The adversary is someone attacking the service provider, like a hacker or a government with a warrant, and getting access to Apple's storage of your data."