I am not going to enter a discussion on who rolled whatever first, whose userbase has the most up to date OS, or the like. iOS is not going to win any privacy argument here anyway for the simple reason that at least I can de-googlefy Android.
The point is that they make extremely similar promises that you can't verify.
> You need to trust someone on a claim vs someone not making the claim at all... those are not the same thing.
What is the difference between someone saying that your data is not visible to them (oh but you can't verify it!) versus someone saying that they will not touch or store your data after processing it on their privacy policy?
When they control the entire platform, the fact that they claim to be doing something technical to prevent them from accessing the data is absolutely pointless. Even if it were true, they could be able to change it in an instant after a silent update (by themselves, by the government, or even by a third party attack!), and no one would be the wiser.
> Apple hasn't shown a reason to lie, and here's no equivalent financial incentive to Google unless you think Apple
Not sure I understand.
In any case, most companies have already lied multiple times, and _all_ companies share at least one big reason to lie: Come tomorrow, some three letter agency could send them the letter and outright force them to capture your data, and since the only thing that prevents them from capturing your data is empty promises, they could do it in an instant. And would do it. And in fact do it regularly (TFA could in fact be an example of Apple trying to get rid of that).
Btw,
> I have literally never seen Google claim Google Photos is using on device classification,
I have never put a SIM nor network credentials on my only Google Android device that has practically never abandoned my residence and yet it is tagging photos of objects. That's my source. I have not put a SIM either on my iOS devices and they do not tag pictures :)
I stopped reading at "what's the difference between a massive cover up of subverting the most basic tenants of how your systems are designed and never claiming those tenants in the first place".
That's exactly what I just explained, and I don't enjoy these kinds of circular back and forth.
If you feel like an OS where the biggest comfort is you can tear out it's core works best for you, go ahead.
But I will point out starting your comment with "I'm not going to get into the most important aspects of how secure a modern platform" is not a ringing endorsement.
-
I work on embedded Android for a living, so it's not like I'm afraid if what I don't know or something, iOS is a demonstrably privacy-oriented platform.
A mentality of privacy first even if it's just for the sake of marketing differentiation will always come ahead of a mentality of "data collection so we can sell ads", you're not going to change that for me with baseless insistence.
> I stopped reading at "what's the difference between a massive cover up of subverting the most basic tenants of how your systems are designed and never claiming those tenants in the first place".
I do not see who is "subverting the most basic tenants of how your systems are designed", and if this is trying to say that the other companies are never claiming those tenants in the first place, then that is objectively false. Google, Microsoft, Apple, etc. have claimed being "privacy first" more times than I count, and, my point is, they are all making similarly dubious promises regarding policy (like, closed-source encryption, no data sent unless you ask for it, etc.).
> If you feel like an OS where the biggest comfort is you can tear out it's core works best for you, go ahead.
This is misleading. Thing is, it is not "tearing out its core" precisely because Google services are actually _not_ at the core of Android, yet. You still cannot do that with iOS (because they do not allow tampering to begin with, least you figure out a way to avoid leaving a fingerprint in their servers).
> "I'm not going to get into the most important aspects of how secure a modern platform" is not a ringing endorsement.
First, none of the topics mentioned are the "most important aspects of how [to?] secure a modern platform".
Second, I distinguish privacy from security. i.e. it doesn't matter if it was the most secure platform in the world if I have to trust all the data to a distrustful entity to begin with.
In fact, I actually prefer privacy over security. E.g. for messaging, I value using servers _I_ control/trust much higher than E2EE encryption, which is definite secondary worry. Metadata is a dangerous thing to leak.
> A mentality of privacy first even if it's just for the sake of marketing differentiation will always come ahead of a mentality of "data collection so we can sell ads",
This is basically trying to answer "to whom I put my blind trust?", so it's subjective. But in my experience it is usually the most "privacy marketing" companies that are usually the worst regarding privacy. See most VPN resellers. Most privacy marketing is just bullshit.
I can't tell if you're unintentionally talking past the points everyone else with, or if you just think that your personal preferences/thoughts/observations just supersede the reality everyone else lives in.
Like
> they are all making similarly dubious promises regarding policy (like, closed-source encryption, no data sent unless you ask for it, etc.).
I just listed multiple of the most common pieces of software where Google and Apple make claims to wildly differing levels of privacy! Does your decision that none of that matters because both companies mention privacy in marketing somehow override reality?
> First, none of the topics mentioned are the "most important aspects of how [to?] secure a modern platform".
You're not sure if "to" is the missing word?
And if you think the number of updated devices is not one of, if not the most important aspect of securing a modern platform, then your opinion on security doesn't matter. And contrary to your implications, privacy and security are not something you prefer over each other, privacy does not exist without security.
> Second, I distinguish privacy from security. i.e. it doesn't matter if it was the most secure platform in the world if I have to trust all the data to a distrustful entity to begin with.
It doesn't matter if you have the most private platform in the world if it's not secure? You can control all the servers you want, if they're not secure your privacy is even worse off than it'd be with a 3rd party at least trying to anonymize it for an ad platform...
> This is basically trying to answer "to whom I put my blind trust?", so it's subjective. But in my experience it is usually the most "privacy marketing" companies that are usually the worst regarding privacy. See most VPN resellers. Most privacy marketing is just bullshit.
Lol so your hunch based on VPNs is supposed to just supersede basic reasoning that if a company can profit off not selling your data wholesale, and is openly designing systems that do benefit your privacy... they're somehow less trustworthy than one that is openly selling your data and requires that they do to exist.
> I just listed multiple of the most common pieces of software where Google and Apple make claims to wildly differing levels of privacy!
Wildly different? Apple claims E2EE, Google claims E2EE, _Facebook_ of all companies claims E2EE! Did it really change it your opinion of Whatsapp the fact that they claim E2EE? Everyone just laughed and forgot. Whatsapp is going to E2EE your chats right until they moment they don't, and without warning, and you have no way to check! Why take Apple's word differently? They also lied multiple times already! (e.g. Jabber federation)
> And if you think the number of updated devices is not one of, if not the most important aspect of securing a modern platform, then your opinion on security doesn't matter.
I am not sure why my "opinion on security" would be relevant but I for sure think that _ability to verify the security claims_ ranks much higher than anything that has been mentioned so far, including "software updates" of unknown content.
> You can control all the servers you want, if they're not secure your privacy is even worse off than it'd be with a 3rd party
The example is just to show the difference between security and privacy. Your analogy is creating a false association since I can just keep my data offline.
> Lol
And you have the incorrect "hunch" that Apple is not a services company. And that they design systems that "benefit your privacy". They only design systems that tie you to _their_ systems. Wake me up when they design something that doesn't, which would start to look like real privacy.
Like, I spoke about some very specific features, and now you've literally reduced it to "E2EE"... like the entire honking app that it's built around doesn't matter.
If you won't accept that Android's carrier-dependent, 1:1 only RCS app isn't equivalent to iMessage, then there's nothing to talk about.
> The example is just to show the difference between security and privacy. Your analogy is creating a false association since I can just keep my data offline.
How do you keep a messaging app offline.
> And you have the incorrect "hunch" that Apple is not a services company. And that they design systems that "benefit your privacy". They only design systems that tie you to _their_ systems. Wake me up when they design something that doesn't, which would start to look like real privacy.
Do you even knows what you're talking about? Or Apple is 100% a services company that's the whole point. They're a public company, following the money is easy, they make a lot of money off selling people services and hardware.
Meanwhile Google makes most of it's money selling people's data.
It's not rocket science figuring out which is easier to trust, but you just seem hellbent on rationalizing your opinions with more opinions stated as fact and vague paranoia.
That's your right, but don't be surprised if people call you out on it!
> Like, I spoke about some very specific features, and now you've literally reduced it to "E2EE"... like the entire honking app that it's built around doesn't matter.
Okey, choose any other! What else did you mention? Location services? The same. * Local photo classification? The same. And so on and so forth.
* Both claim "Anonymous and encrypted", for whatever is worth, but we all know how "anonymous" and "encrypted" it must be since they are both using to build their beacon/SSID location database "to be used for augmenting this crowd-sourced database of Wi-Fi hotspot and cell tower locations.", wherever you want it or not (source: Apple's privacy policy).
> How do you keep a messaging app offline.
Or accessible to the relevant parties only.
> Meanwhile Google makes most of it's money selling people's data.
Google, Microsoft, Facebook, etc. also all are oficially _services_ companies....
> It's not rocket science figuring out which is easier to trust
It's not easy because you have practically nothing material to base your trust on, so you have to resort to fluffy marketing.
Claiming that Google is not that much worse than Apple is hardly "paranoia" material. Hitting a nerve there, I guess...
The only nerve you're hitting is the one that fires when I read poorly informed pseudo intellectual drivel
You're asking why someone would trust someone making a claim over someone not even making the claim.
I could ask a toddler "who is more likely not to eat your lollipop, the man who says he will eat it or the man who claims he won't" and they'd understand, yet you've managed to convince yourself that's a tough question.
Have a good one, good luck with your privately owned servers and home-brew OS. I'm sure your privacy is very well protected by giving the world a fingerprint on your identity.
... Since we are dropping the standards now, I will accuse you of being brainwashed. At one point you said:
> I have literally never seen Google claim Google Photos is using on device classification, I'd love a source for that since nothing about how it works implies that. Maybe you mean it does some very specific type of classification as a pre-processing step?
When Apple puts fluffy marketing claiming that now they are doing photo classification on-device, you immediately assume not only that it is true, but that they are _the first_ to do it, and that everyone else is doing photo classification on some fancy remote service. "Why, if Apple markets it, then everyone else would also have marketed it, otherwise it means they are not doing it!"
The thought that perhaps it was actually the opposite - that the majority of vendors were already doing photo classification on-device, and that it was _only Apple_ who was doing the stupid move of sending your photos to the cloud for tagging - never entered your mind.
This is the power of marketing.
And guess which one is rather likely to be true. I just took a couple of pictures of bananas in my 2018ish Android device with no network connectivity of any kind and after one minute they were tagged as "bananas" and "fruit".
This is precisely what I was complaining on my original post. Apple's privacy strategy is mostly marketing fluff at best, and yet it is having an unreasonable effect on people like you.
> I could ask a toddler "who is more likely not to eat your lollipop, the man who says he will eat it or the man who claims he won't" and they'd understand
A more correct analogy would be: who of the men from the shady vans is most likely to kidnap your children. The ones who claim to be "experts in not kidnapping children" or the ones who claim to be "experts in not kidnapping children, those guys at the other van are the real kidnappers".
> Have a good one, good luck with your privately owned servers and home-brew OS. I'm sure your privacy is very well protected by giving the world a fingerprint on your identity.
Again another ridiculous analogy that does not work.
You do not need a "home-brew OS", and I have in fact mentioned several alternatives during the above conversation (e.g. de-googling).
The point is that they make extremely similar promises that you can't verify.
> You need to trust someone on a claim vs someone not making the claim at all... those are not the same thing.
What is the difference between someone saying that your data is not visible to them (oh but you can't verify it!) versus someone saying that they will not touch or store your data after processing it on their privacy policy?
When they control the entire platform, the fact that they claim to be doing something technical to prevent them from accessing the data is absolutely pointless. Even if it were true, they could be able to change it in an instant after a silent update (by themselves, by the government, or even by a third party attack!), and no one would be the wiser.
> Apple hasn't shown a reason to lie, and here's no equivalent financial incentive to Google unless you think Apple
Not sure I understand.
In any case, most companies have already lied multiple times, and _all_ companies share at least one big reason to lie: Come tomorrow, some three letter agency could send them the letter and outright force them to capture your data, and since the only thing that prevents them from capturing your data is empty promises, they could do it in an instant. And would do it. And in fact do it regularly (TFA could in fact be an example of Apple trying to get rid of that).
Btw,
> I have literally never seen Google claim Google Photos is using on device classification,
I have never put a SIM nor network credentials on my only Google Android device that has practically never abandoned my residence and yet it is tagging photos of objects. That's my source. I have not put a SIM either on my iOS devices and they do not tag pictures :)