Don't get me wrong, I'm impressed with the progress Apple has made in spearheading consumer privacy practices — but unfortunately, half of the benefits listed here are negated by the fact that my iCloud backups are fully unencrypted (or "encrypted" with a common key that Apple holds; same thing in my view).
So, if I want convenient nightly backups (without plugging my phone in and using the "new" Catalina apps, which I'm still convinced are just new iTunes skins), Apple — and adversaries — will still have unfettered access to all my iMessages, Maps history, photos, health records, almost everything listed here and more [0][1].
Tim Cook has claimed a fix is coming for a while now [2], but meanwhile using iCloud for its intended purpose is a huge, and largely unadvertised, gaping hole in Apple's otherwise impressive privacy promises. :(
> if I want convenient nightly backups (without plugging my phone in ...)
I haven't found a need for iCloud.
I get regular (daily?) backups to my Apple desktops/laptops over WiFi -- it works after you pair the mobile device with the desktop once and check the sync over WiFi box.
Apple cares more about privacy than, e.g., Google, for sure, but it is extremely complicated to use an iOS device without an Apple ID, and Apple employs "know your customer" logic that caused me to give up after a few hours trying to create an Apple ID not connected with my real name and credit card.
Not sure what you tried and from which location, but Apple doesn’t need the real name or a valid payment method for creating an account to be used for purchases. Such an account can be used to get all the free apps and content on its stores.
On the other side, does stock Android allow one to use a phone without creating a Play Store account and associating it for other services from Google? I’m just curious how that works. I’d presume that Google doesn’t need a payment method or one’s real name either.
> What you share from those experiences, and who you share it with, should be up to you.
They should have added this: ultimately it's up to you to trust us, you don't control Apple devices, we do :-) and we make decisions that are best for you - just give us money.
Privacy coming from Apple is laughable.
If you have an iPhone and have location services on ( which most of us do) go to location settings and check “system services”.
Google what those services do. They’re all for sending unnecessary location data to Apple for analytics, which is all enabled by default.
They claim to respect your privacy, but under the hood it’s a different story.
Privacy my ass. Allow me to setup MY phone without a ping back to the mothership, and allow us to side-load apps or download free apps from the store without an apple ID.
Privacy coming from Apple is laughable.
If you have an iPhone and have location services on ( which most of us do) go to location settings and check “system services”.
Google what those services actually do. They’re all for sending unnecessary location data to Apple for analytics, which is all enabled by default.
They claim to respect your privacy, but under the hood it’s a different story.
"Messages are only seen by who you send them to." - Unless that person shares an Apple ID with someone else.
I recently sent an iMessage and got a "who is this?" response. Turns out the message went to one of their family members.
I guess they shouldn't be sharing an Apple ID, but I don't think it's a super crazy thing to do among family members (e.g. a parent who provides a phone for their child), and having private text messages go to the wrong person seems like a pretty bad failure mode.
Apple protects the message in transit. What you are talking about is the equivalent of letting someone borrow your phone, then getting mad when your carrier delivers sms messages to your phone number while someone else was holding your phone. Apple has done their part, it's up to the users to enforce security of their endpoints as well.
Are you saying that 2 people logged into iMessages on 2 devices with the same Apple ID and you want only one of those people to see an iMessage? How would that work?
I either don't understand the scenario you are describing or I don't understand the failure mode you mention?
By this logic, every other secure messaging method (Signal, Matrix, etc.) all have the same issue because someone could have it open on multiple devices.
It's really not up to Apple to enforce whether you use your one Apple ID with multiple devices.
I don't think privacy works when I don't trust Apple period. They have done shady anti consumer things like decreasing battery life. This feels like lip service till I see implementation details(and even then I want to see the code).
When you say "implementation details", do you mean things like their Safari Privacy White Paper[0], their Photos Tech Brief[1], their Location Services White Paper[2], or their Apple Sign On White Paper[3]?
By decreasing battery life, do you mean decreasing performance so the battery doesn’t prematurely die? I think most of us admit they could have relayed it to users better; but, what they did was far from nefarious.
They throttled the phones with bad batteries so the peak energy usage doesn’t exceed what the battery can provide and shuts down the phone. But unfortunately people just remember the click bait headlines.
[+] [-] jakejarvis|6 years ago|reply
So, if I want convenient nightly backups (without plugging my phone in and using the "new" Catalina apps, which I'm still convinced are just new iTunes skins), Apple — and adversaries — will still have unfettered access to all my iMessages, Maps history, photos, health records, almost everything listed here and more [0][1].
Tim Cook has claimed a fix is coming for a while now [2], but meanwhile using iCloud for its intended purpose is a huge, and largely unadvertised, gaping hole in Apple's otherwise impressive privacy promises. :(
[0] https://www.theverge.com/2016/3/2/11144588/walt-mossberg-app...
[1] https://www.cellebrite.com/en/productupdates/move-your-inves...
[2] https://www.macrumors.com/2019/02/28/eff-user-encrypted-iclo...
[+] [-] ls612|6 years ago|reply
[+] [-] thephyber|6 years ago|reply
I haven't found a need for iCloud.
I get regular (daily?) backups to my Apple desktops/laptops over WiFi -- it works after you pair the mobile device with the desktop once and check the sync over WiFi box.
[+] [-] 084537|6 years ago|reply
[+] [-] newscracker|6 years ago|reply
On the other side, does stock Android allow one to use a phone without creating a Play Store account and associating it for other services from Google? I’m just curious how that works. I’d presume that Google doesn’t need a payment method or one’s real name either.
[+] [-] trca|6 years ago|reply
[+] [-] rchaud|6 years ago|reply
[+] [-] type0|6 years ago|reply
They should have added this: ultimately it's up to you to trust us, you don't control Apple devices, we do :-) and we make decisions that are best for you - just give us money.
[+] [-] byteshock|6 years ago|reply
Google what those services do. They’re all for sending unnecessary location data to Apple for analytics, which is all enabled by default.
They claim to respect your privacy, but under the hood it’s a different story.
[+] [-] unknown|6 years ago|reply
[deleted]
[+] [-] dagdesheren|6 years ago|reply
[+] [-] thephyber|6 years ago|reply
It's a feature to me that I can't accidentally download an (potentially hostile) app from a (potentially hostile) app store, but a bug.
[+] [-] t-writescode|6 years ago|reply
[+] [-] byteshock|6 years ago|reply
Google what those services actually do. They’re all for sending unnecessary location data to Apple for analytics, which is all enabled by default.
They claim to respect your privacy, but under the hood it’s a different story.
[+] [-] ssfrr|6 years ago|reply
I recently sent an iMessage and got a "who is this?" response. Turns out the message went to one of their family members.
I guess they shouldn't be sharing an Apple ID, but I don't think it's a super crazy thing to do among family members (e.g. a parent who provides a phone for their child), and having private text messages go to the wrong person seems like a pretty bad failure mode.
[+] [-] sparkywolf|6 years ago|reply
[+] [-] maineldc|6 years ago|reply
I either don't understand the scenario you are describing or I don't understand the failure mode you mention?
[+] [-] neighbour|6 years ago|reply
It's really not up to Apple to enforce whether you use your one Apple ID with multiple devices.
[+] [-] bibbitybobbity|6 years ago|reply
[+] [-] StevenRayOrr|6 years ago|reply
[0]: https://www.apple.com/safari/docs/Safari_White_Paper_Nov_201...
[1]: https://www.apple.com/ios/photos/pdf/Photos_Tech_Brief_Sept_...
[2]: https://www.apple.com/privacy/docs/Location_Services_White_P...
[3]: https://www.apple.com/privacy/docs/Sign_in_with_Apple_White_...
[+] [-] t-writescode|6 years ago|reply
If you mean something else, I’m curious.
[+] [-] dewey|6 years ago|reply
[+] [-] x2f10|6 years ago|reply
I was under the impression they throttled devices with poor batteries to _increase_ battery life.
[+] [-] zepto|6 years ago|reply
They have sometimes reduced performance in order to increase battery life.