I don’t want to be mean, but why would you entertain such a “deep belief” about a corporation? I’ve heard similar things from many Apple users. What leads people to have this kind of faith in particular corporations? It’s really alien to me.
I don't know how Apple has managed to get the image of a "privacy friendly" company while painting Google as "privacy unfriendly" at the same time. Apple is better than Google, but mostly because they can't gather as much data about you as Google does (this is not related to iOS vs Android; it's about how pervasive Google is on the WWW), and that's about all the practical differences between the two. And on iOS, Apple is also just one silent App Store update away from being able to exploit your data, not very different from Android.
Even if I consider Google enemy #1 right now, I also don't really see them as privacy unfriendly. They have a shitton of data, but what have they exactly done with it that warrants the moniker? Microsoft seems to me to be much more privacy unfriendly (e.g., LinkedIn)
This one is annoying to me. I'm pretty sure Apple literally paid for that reputation. They just started marketing themselves as privacy focused a few years ago and everyone slurped it up. What's annoying about it? Well beyond them milking the privacy wave, I do believe that at a hardware and system software level Apple did outplay the competition for a very long time. Keychain, Secure enclave, biometric auth, secure boot, signed binaries, pointer auth, etc. They've pushed the state of the art in regards to those technologies making it into consumer hands and did it better than anybody else. So it's somewhat justified. But then they milked it and because the left hand doesn't know what the right is doing, are now taking a complete 180 "for the kids".
With the exception of Keychain and Biometric auth, everything you mentioned ultimately benefits the party that controls the trust root on the device (apple) significantly more than the user of the device.
At least with the right Android device I can flash my own keys to the trust root.
Sure but it also is good security. I too would prefer Apple to let me flash my own trust root. Doesn't mean the tech isn’t valid and security/privacy centric just because Apple uses it to lock their platform down.
No what I’m saying is it’s annoying me because they’ve both earned the reputation and also marketed the hell out of it. Apple seems to want it both ways then they go and do this.
It’s not just marketing fluff though, Apple actually is better from a privacy perspective on many fronts:
- iMessage is E2EE (with a big asterisk here of course)
- Maps data stays on device unless you explicitly enable anonymous aggregated crowd sharing data. “Significant locations” never leaves your device
- Apple Photos machine learning recognition all happens on device, not on Apple servers. This is one of my favorite features of my iPhone
- As of the next iOS update, Siri voice command processing happens on device
- The new Apple Private Relay (or whatever it’s called)
No they’re not perfect and they could (and should) do a lot more, but there are objective things that they do better from a privacy standpoint than most other tech companies.
But it IS marketing fluff, because you literally have to trust them on their word. They provide no means to verify what they are claiming and even if you could verify they could still silently update the client apps the next day (since they _exclusively_ control all platforms, all clients and all servers) and you would be none the wiser.
Technically Google also "promises" practically the same (E2EE in Chats, only sharing map data if you enable it, local photo recognition, local voice assistant on the new Pixel whatever, etc.). But since you have to trust them on this, all of it is not really much better than just having a reasonable "privacy policy" which we all know is meaningless.
The local voice assistant model is on a fraction of Android devices.
E2EE for Messages literally rolled out last month, relies on spotty RCS support and doesn't work with group messages.
Apple Location tracking designed so that even when shared between your devices via Apple's servers it's not visible to Apple.
I have literally never seen Google claim Google Photos is using on device classification, I'd love a source for that since nothing about how it works implies that. Maybe you mean it does some very specific type of classification as a pre-processing step?
> But since you have to trust them on this, all of it is not really much better than just having a reasonable "privacy policy" which we all know is meaningless.
You're free to be wrong? You need to trust someone on a claim vs someone not making the claim at all... those are not the same thing.
Apple hasn't shown a reason to lie, and here's no equivalent financial incentive to Google unless you think Apple is pulling the equivalent of a fake moon landing and somehow running a 147 billion dollar data selling operation no one knows about...
I am not going to enter a discussion on who rolled whatever first, whose userbase has the most up to date OS, or the like. iOS is not going to win any privacy argument here anyway for the simple reason that at least I can de-googlefy Android.
The point is that they make extremely similar promises that you can't verify.
> You need to trust someone on a claim vs someone not making the claim at all... those are not the same thing.
What is the difference between someone saying that your data is not visible to them (oh but you can't verify it!) versus someone saying that they will not touch or store your data after processing it on their privacy policy?
When they control the entire platform, the fact that they claim to be doing something technical to prevent them from accessing the data is absolutely pointless. Even if it were true, they could be able to change it in an instant after a silent update (by themselves, by the government, or even by a third party attack!), and no one would be the wiser.
> Apple hasn't shown a reason to lie, and here's no equivalent financial incentive to Google unless you think Apple
Not sure I understand.
In any case, most companies have already lied multiple times, and _all_ companies share at least one big reason to lie: Come tomorrow, some three letter agency could send them the letter and outright force them to capture your data, and since the only thing that prevents them from capturing your data is empty promises, they could do it in an instant. And would do it. And in fact do it regularly (TFA could in fact be an example of Apple trying to get rid of that).
Btw,
> I have literally never seen Google claim Google Photos is using on device classification,
I have never put a SIM nor network credentials on my only Google Android device that has practically never abandoned my residence and yet it is tagging photos of objects. That's my source. I have not put a SIM either on my iOS devices and they do not tag pictures :)
I stopped reading at "what's the difference between a massive cover up of subverting the most basic tenants of how your systems are designed and never claiming those tenants in the first place".
That's exactly what I just explained, and I don't enjoy these kinds of circular back and forth.
If you feel like an OS where the biggest comfort is you can tear out it's core works best for you, go ahead.
But I will point out starting your comment with "I'm not going to get into the most important aspects of how secure a modern platform" is not a ringing endorsement.
-
I work on embedded Android for a living, so it's not like I'm afraid if what I don't know or something, iOS is a demonstrably privacy-oriented platform.
A mentality of privacy first even if it's just for the sake of marketing differentiation will always come ahead of a mentality of "data collection so we can sell ads", you're not going to change that for me with baseless insistence.
> I stopped reading at "what's the difference between a massive cover up of subverting the most basic tenants of how your systems are designed and never claiming those tenants in the first place".
I do not see who is "subverting the most basic tenants of how your systems are designed", and if this is trying to say that the other companies are never claiming those tenants in the first place, then that is objectively false. Google, Microsoft, Apple, etc. have claimed being "privacy first" more times than I count, and, my point is, they are all making similarly dubious promises regarding policy (like, closed-source encryption, no data sent unless you ask for it, etc.).
> If you feel like an OS where the biggest comfort is you can tear out it's core works best for you, go ahead.
This is misleading. Thing is, it is not "tearing out its core" precisely because Google services are actually _not_ at the core of Android, yet. You still cannot do that with iOS (because they do not allow tampering to begin with, least you figure out a way to avoid leaving a fingerprint in their servers).
> "I'm not going to get into the most important aspects of how secure a modern platform" is not a ringing endorsement.
First, none of the topics mentioned are the "most important aspects of how [to?] secure a modern platform".
Second, I distinguish privacy from security. i.e. it doesn't matter if it was the most secure platform in the world if I have to trust all the data to a distrustful entity to begin with.
In fact, I actually prefer privacy over security. E.g. for messaging, I value using servers _I_ control/trust much higher than E2EE encryption, which is definite secondary worry. Metadata is a dangerous thing to leak.
> A mentality of privacy first even if it's just for the sake of marketing differentiation will always come ahead of a mentality of "data collection so we can sell ads",
This is basically trying to answer "to whom I put my blind trust?", so it's subjective. But in my experience it is usually the most "privacy marketing" companies that are usually the worst regarding privacy. See most VPN resellers. Most privacy marketing is just bullshit.
I can't tell if you're unintentionally talking past the points everyone else with, or if you just think that your personal preferences/thoughts/observations just supersede the reality everyone else lives in.
Like
> they are all making similarly dubious promises regarding policy (like, closed-source encryption, no data sent unless you ask for it, etc.).
I just listed multiple of the most common pieces of software where Google and Apple make claims to wildly differing levels of privacy! Does your decision that none of that matters because both companies mention privacy in marketing somehow override reality?
> First, none of the topics mentioned are the "most important aspects of how [to?] secure a modern platform".
You're not sure if "to" is the missing word?
And if you think the number of updated devices is not one of, if not the most important aspect of securing a modern platform, then your opinion on security doesn't matter. And contrary to your implications, privacy and security are not something you prefer over each other, privacy does not exist without security.
> Second, I distinguish privacy from security. i.e. it doesn't matter if it was the most secure platform in the world if I have to trust all the data to a distrustful entity to begin with.
It doesn't matter if you have the most private platform in the world if it's not secure? You can control all the servers you want, if they're not secure your privacy is even worse off than it'd be with a 3rd party at least trying to anonymize it for an ad platform...
> This is basically trying to answer "to whom I put my blind trust?", so it's subjective. But in my experience it is usually the most "privacy marketing" companies that are usually the worst regarding privacy. See most VPN resellers. Most privacy marketing is just bullshit.
Lol so your hunch based on VPNs is supposed to just supersede basic reasoning that if a company can profit off not selling your data wholesale, and is openly designing systems that do benefit your privacy... they're somehow less trustworthy than one that is openly selling your data and requires that they do to exist.
> I just listed multiple of the most common pieces of software where Google and Apple make claims to wildly differing levels of privacy!
Wildly different? Apple claims E2EE, Google claims E2EE, _Facebook_ of all companies claims E2EE! Did it really change it your opinion of Whatsapp the fact that they claim E2EE? Everyone just laughed and forgot. Whatsapp is going to E2EE your chats right until they moment they don't, and without warning, and you have no way to check! Why take Apple's word differently? They also lied multiple times already! (e.g. Jabber federation)
> And if you think the number of updated devices is not one of, if not the most important aspect of securing a modern platform, then your opinion on security doesn't matter.
I am not sure why my "opinion on security" would be relevant but I for sure think that _ability to verify the security claims_ ranks much higher than anything that has been mentioned so far, including "software updates" of unknown content.
> You can control all the servers you want, if they're not secure your privacy is even worse off than it'd be with a 3rd party
The example is just to show the difference between security and privacy. Your analogy is creating a false association since I can just keep my data offline.
> Lol
And you have the incorrect "hunch" that Apple is not a services company. And that they design systems that "benefit your privacy". They only design systems that tie you to _their_ systems. Wake me up when they design something that doesn't, which would start to look like real privacy.
Like, I spoke about some very specific features, and now you've literally reduced it to "E2EE"... like the entire honking app that it's built around doesn't matter.
If you won't accept that Android's carrier-dependent, 1:1 only RCS app isn't equivalent to iMessage, then there's nothing to talk about.
> The example is just to show the difference between security and privacy. Your analogy is creating a false association since I can just keep my data offline.
How do you keep a messaging app offline.
> And you have the incorrect "hunch" that Apple is not a services company. And that they design systems that "benefit your privacy". They only design systems that tie you to _their_ systems. Wake me up when they design something that doesn't, which would start to look like real privacy.
Do you even knows what you're talking about? Or Apple is 100% a services company that's the whole point. They're a public company, following the money is easy, they make a lot of money off selling people services and hardware.
Meanwhile Google makes most of it's money selling people's data.
It's not rocket science figuring out which is easier to trust, but you just seem hellbent on rationalizing your opinions with more opinions stated as fact and vague paranoia.
That's your right, but don't be surprised if people call you out on it!
> Like, I spoke about some very specific features, and now you've literally reduced it to "E2EE"... like the entire honking app that it's built around doesn't matter.
Okey, choose any other! What else did you mention? Location services? The same. * Local photo classification? The same. And so on and so forth.
* Both claim "Anonymous and encrypted", for whatever is worth, but we all know how "anonymous" and "encrypted" it must be since they are both using to build their beacon/SSID location database "to be used for augmenting this crowd-sourced database of Wi-Fi hotspot and cell tower locations.", wherever you want it or not (source: Apple's privacy policy).
> How do you keep a messaging app offline.
Or accessible to the relevant parties only.
> Meanwhile Google makes most of it's money selling people's data.
Google, Microsoft, Facebook, etc. also all are oficially _services_ companies....
> It's not rocket science figuring out which is easier to trust
It's not easy because you have practically nothing material to base your trust on, so you have to resort to fluffy marketing.
Claiming that Google is not that much worse than Apple is hardly "paranoia" material. Hitting a nerve there, I guess...
The only nerve you're hitting is the one that fires when I read poorly informed pseudo intellectual drivel
You're asking why someone would trust someone making a claim over someone not even making the claim.
I could ask a toddler "who is more likely not to eat your lollipop, the man who says he will eat it or the man who claims he won't" and they'd understand, yet you've managed to convince yourself that's a tough question.
Have a good one, good luck with your privately owned servers and home-brew OS. I'm sure your privacy is very well protected by giving the world a fingerprint on your identity.
... Since we are dropping the standards now, I will accuse you of being brainwashed. At one point you said:
> I have literally never seen Google claim Google Photos is using on device classification, I'd love a source for that since nothing about how it works implies that. Maybe you mean it does some very specific type of classification as a pre-processing step?
When Apple puts fluffy marketing claiming that now they are doing photo classification on-device, you immediately assume not only that it is true, but that they are _the first_ to do it, and that everyone else is doing photo classification on some fancy remote service. "Why, if Apple markets it, then everyone else would also have marketed it, otherwise it means they are not doing it!"
The thought that perhaps it was actually the opposite - that the majority of vendors were already doing photo classification on-device, and that it was _only Apple_ who was doing the stupid move of sending your photos to the cloud for tagging - never entered your mind.
This is the power of marketing.
And guess which one is rather likely to be true. I just took a couple of pictures of bananas in my 2018ish Android device with no network connectivity of any kind and after one minute they were tagged as "bananas" and "fruit".
This is precisely what I was complaining on my original post. Apple's privacy strategy is mostly marketing fluff at best, and yet it is having an unreasonable effect on people like you.
> I could ask a toddler "who is more likely not to eat your lollipop, the man who says he will eat it or the man who claims he won't" and they'd understand
A more correct analogy would be: who of the men from the shady vans is most likely to kidnap your children. The ones who claim to be "experts in not kidnapping children" or the ones who claim to be "experts in not kidnapping children, those guys at the other van are the real kidnappers".
> Have a good one, good luck with your privately owned servers and home-brew OS. I'm sure your privacy is very well protected by giving the world a fingerprint on your identity.
Again another ridiculous analogy that does not work.
You do not need a "home-brew OS", and I have in fact mentioned several alternatives during the above conversation (e.g. de-googling).
You'll never get the developers (who are largely fungible) to fully grok the long term consequences of what they are creating because they are blinded by the (entirely natural) fact that the company is keeping them fed.
I think you’re being unnecessarily cynical and actually incorrect here. It’s not like I’m told to implement some tiny thing where the left hand doesn’t know what the right hand is doing. The entire premise of whatever system is being built is clear, as are all the discussions with the privacy folks, the execs, marketing, designers, etc. Privacy is a constant point of discussion, and often times what engineering wants is made far more difficult by privacy, and they get the final word.
A single person can implement a chosen weakening, compromising everything done by lower-level staff. If you don't think this is trivially possible, you know nothing about the fragility of security.
“ Messages uses on-device machine learning to analyze image attachments and determine if a photo is sexually explicit. The feature is designed so that Apple does not get access to the messages.”
The asterisk I was referring to is the fact that the E2EE keys are backed up to iCloud Backups along with your messages, and those backups are not E2EE. So the encryption of iMessages is fairly easy to get around if either the sender or the recipient uses iCloud backup.
> Even if I consider Google enemy #1 right now, I also don't really see them as privacy unfriendly. They have a shitton of data, but what have they exactly done with it that warrants the moniker? Microsoft seems to me to be much more privacy unfriendly (e.g., LinkedIn)
Collecting and having that data to begin with is awful & dangerous. The behavior of collecting it is creepy and gross. The existence of the collected data is threatening.
The reason I consider Google a public enemy is not because they collect data or have a poor privacy policy or whatever (because I don't think they are particularly bad at that). The reason is because I think they are "unavoidable". It's very hard to do anything online without it leaving a fingerprint on some Google server. Even governments seem to be ready to endorse Google services (e.g. recaptcha, Android) for fulfillment of basic services.
Apple, Facebook, etc. may have (or not have) worse privacy policy, but it is much easier to avoid leaving fingerprints on their servers. Amazon & Microsoft are on the other hand particularly dangerous, though.
You hit a nerve. I have to go through two reCaptchas to prove that I am not a robot so that I can pay my children’s school activities. Why would they care if I am a robot that wants to pay them? For some time checking in for COVID in NSW Aus took 3 reCaptchas if you were in private mode on your browser. Similar in many government services where they are pervasive and injected right in the middle of potentially very private workflows.
> Why would they care if I am a robot that wants to pay them?
I’ve seen scammers find obscure payment portals and run through a bunch of card numbers to see if they approve/deny. Recaptcha prevents that. It’s obviously not the only way, but it’s low dev effort and it works.
This is an easy fix. Just require being signed in and only allow payment with a valid child attached to the account. You can allow anonymous payments only if you have a valid child account code.
> They have a shitton of data, but what have they exactly done with it that warrants the moniker?
Uh... they've aggressively gathered that data? If I take a bunch of photos of you sitting on the toilet, the concern isn't whether I've publicly done anything with those photos, it's that I took them in the first place.
> I don't know how Apple has managed to get the image of a "privacy friendly" company while painting Google as "privacy unfriendly" at the same time.
I guess that's all about incentives. Since Google is an advertising company, it has most to gain by knowing your deepest personal info, i.e., so that it can "sell" this info to their customers.
> don't know how Apple has managed to get the image of a "privacy friendly" company while painting Google as "privacy unfriendly" at the same time. Apple is better than Google..
Most of the commentators are upset because they don’t understand cloud and what it means. As an individual, once you provide data to a third party, you’ve lost exclusive control, period. How you feel about a company is just a feeling.
With respect to this Apple thing, it’s pretty clear that Apple thinks this is more respectful of privacy than what the other providers do. IMO, this is what allows E2E messaging to actually remain E2E.
The EFF and some HN commenters are blending together the parental control aspect from the detection of illegal images aspect. They are two very different things.
And when you talk about the reality of privacy, you can, trivially, turn off the the third party features that trigger the use of cloud services.
With respect to privacy, history shows that Apple keeps adding more and more user control of privacy. Per app location, access to other data, location permission in the browser, tracking, forcing app disclosure of data collection, etc. Can you point me to a privacy related preference they have removed and not replaced with something else? I can't think of one.
> Apple keeps adding more and more user control of privacy
Against other tech companies. This whole debacle is a clear example where customers have no control. They can't even not update their device because its already there.
I can actually name a privacy feature that they took a long time to replace: Siri voice recording accountability. Siri voice recordings were saved in the cloud. They were linked to your identity. If you GDPR'd apple they deleted these recordings. They stripped the identifiers. Then you can't GDPR them, and its arguably no more private. LATER they stopped saving them to the cloud (yay more private again!).
To be clear: the voice recordings can identify you even without identifiers. Its your voice. You might say "how do i get too <work address> or <home adddress>. You might say "Hey siri, tell <secret lover> that i love them" and boom now that is out there. Lots of reason people want control there.
Yes, they can identify you. First, you can always delete all of that data at any time in Siri Settings.
Second, starting in IOS 15 with an A12 or newer, the processing is moving on device. Here is an excerpt from https://developer.apple.com/ios/:
"iOS 15 introduces even more privacy controls to help protect user information. With on-device speech recognition, audio of Siri requests is now processed entirely on iPhone by default, and performance improves significantly. Mail Privacy Protection stops senders from learning whether an email has been opened, and hides IP addresses so senders can’t learn a user’s location or use it to build a profile on them. App Privacy Report offers an overview of how apps use the access that has been granted to location, photos, camera, microphone, and contacts in the last seven days, and which other domains are contacted."
I wouldn't say I have a "deep belief" in Apple, but I trust Apple more than the other available options, because Apple's financial incentives are basically the opposite of Google or Facebook's.
Instead of being motivated to use and/or sell user data, it's in Apple's best interest to keep that data secure and play to its competitive advantage as the company who is not trying to pry into its users' lives.
That said, I really don't understand why Apple would do this, and it is very disconcerting. Obviously child pornography is absolutely horrible, but this move seems to throw out everyone's privacy in exchange for catching what I have to imagine is a tiny minority of users who are involved with that.
> I wouldn't say I have a "deep belief" in Apple, but I trust Apple more than the other available options
That, for me too. From my perspective they basically don't have competition. The only viable alternative to Apple is "do everything yourself with open software, and just accept everything being buggier, jankier, and less helpful, while eating way more of your time". Obviously I'm not in love with that option, but what else? MS? Google? Ha.
If Apple stops being Apple it'll be the elimination of a whole category of products and services, essentially. Just won't exist anymore.
This is all less a product of Apple being wonderful than of user-facing computing everywhere else being an embarrassing shit-show.
While also seeing deep belief in corporations sceptically myself, I don't think it should be the root cause of scepticism toward apple. The maximisation of proprietariness paired with this "deep belief" breads a really hard possibility to switch vendor (of whatever product), locking people in so much that the perceived cost of privacy-breaching software is lower than the cost of switching.
>I’ve heard similar things from many Apple users. What leads people to have this kind of faith in particular corporations?
It is all part of their PR and marketing. And they are very good at it. This happened in Tim Cook's era, not Steve Jobs. May be too good it backfired. If you pay close attention to all the Apple news, ( not some, but ALL ). Pick the top 10 Apple news site and read through it for a few years and it will surely get to most people. And Apple news are the most sort after, highest paid Ads revenue in tech sector. So it is sort of a feedback loop. Worth remembering there are relatively little journalist left, only reporters. No one bother to fact check anything any more. That is why we have so much crap that anyone has some domain knowledge on the subject will immediately smells BS.
And their PR tactics are.... dull or should I say predictable? Controlled Leaks ( I mean come on from the same press again? ) on the same subject or using same allies in testimony ( SnapChat again? )? Unfortunately most people dont do any analysis like this. ( Although I guess that is borderline forensic ).
It probably stems from the well-known history of the start of the company. Who knows who started Dell, McDs, any number of SSD manufacturers, Lenovo, BlackBerry, etc.? I guess we all know about Microsoft and Bill Gates, but their story trajectory went the other way (more corporate). So, I imagine people say that because something Steve Jobs or Ives said or was recorded as saying resonated with them, and thus they share that deep belief.
Cynically, I would say I also had a deep belief that Apple would respect user privacy because Apple and Google are in a fight over control over the internet and your whole life. Google goes at it by giving away free shit then making billions off your data, Apple goes at this by making billions off hardware and software. From that point of view respecting user privacy is Apple's most powerful weapon in their fight against Google since its a place that Google simply cannot go.
Because privacy is an obvious goal that Apple can crediblebly target because of the nature of what they sell. Google is fundamentally an advertising agency, Amazon sells cheap stuff but steals your data in the process. Apple sells premium hardware and services, which means they have the margin to do things that neither google or amazon has. They also make money the old fashioned way: when you pay them.
Therefore Apple could focus on privacy in a credible manor, because it didn't threaten their business model and it was an argument they could use, but their competition couldn't.
