top | item 33900695

(no title)

sneed-oil | 3 years ago

> seriously, anyone at this point advocating for any other phone/os/service out there besides apple is really going out of their way to swim up river.

Their software is not open source. Before this announcement you had to trust Apple not to look into the files you store in the cloud, now you have to trust that they're actually going to encrypt your files and not save the decryption key. Ultimately you still have to trust Apple. A combination of any open source OS, any cloud provider and Cryptomator or Veracrypt wouldn't require as much trust in one company.

discuss

ubermonkey|3 years ago

You're trusting somebody no matter how you do it unless you own all the hardware that supports your ecosystem.

The Free Software world has had ample opportunity to produce something as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.

I've watched the whole FOSS world happen in my career, and there are places where I cannot IMAGINE choosing a closed source solution, given my druthers. But it's also become super clear to me that the FOSS world isn't interested in producing polished user experiences. Sure, you or I could cobble together a FOSS-only phone-and-syncing stack, I guess, but I don't care to. Most people aren't us; doing so is beyond them.

Suggesting a normal person use something OTHER than iOS at this point is questionable at best.

nine_k|3 years ago

A bazaar cannot produce things that are coherent and smooth: it takes a vision of a single person to control a large amount of aspects, implemented by other people the way the leader prescribed. That requires the cathedral approach.

Sometimes it works with a right BDFL, for some time (like Python). It also works with solo projects, and with projects with large commercial support (like Blender), especially those which don't normally accept your pull requests, except as a proof of concept (SQLite).

But the normal open-source model produces things like Linux, git, ffmpeg, VLC, etc, which are wonderful and have immense power, but are hardly sleek or excessively coherent. And each of them is much, much smaller than macOS or iOS.

michaelmior|3 years ago

> as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.

Some of us prefer Android to iOS :) Having used iOS as well, the one thing I miss in Android is Continuity. Other than that, I find Android gives me a better experience. I'm certainly an outlier in many ways though compared to the average user.

kernal|3 years ago

>The Free Software world has had ample opportunity to produce something as carefully assembled, as smooth, and as capable as iOS, and what we got instead was Android.

You mean the same OS that allows you to build your own open mobile OS as opposed to a closed source locked down OS that permits only 1 app store and 1 payment system?

>Suggesting a normal person use something OTHER than iOS at this point is questionable at best.

It's only questionable if you prefer the prison that is iOS.

unknown|3 years ago

[deleted]

rollcat|3 years ago

Acceptable security afforded today - through usability - is better than superior security, that could've theoretically been gained, but wasn't, because it was too difficult to set things up.

In particular, reviewing open source code has been repeatedly proven to be way harder of a task, than the proponents of this strategy are painting it to be. If you want an auditable codebase, you pretty much have to throw Linux, Chromium/Firefox, Gnome/KDE all out the window - there's just way too much code.

Auditable code is naturally always preferable to non-auditable, but you need to choose your trade-offs - or at least stop pretending you can read a hundred million lines in your life time.

On top of that - do you know a single non-tech person who knows how to set up a VPS, or knows what Veracrypt is? OTOH I can just show my wife: click here to enable backups.

Let me reframe the problem: What is your threat model? How much effort are you willing to commit to mitigate the dangers?

chakalakasp|3 years ago

This is a succinct explanation of the problem. Do we give the vast majority of users extremely easy, frictionless access to very high levels of security and privacy? Or do we give the vast majority of users a fundamentally insecure solution that with lots of learning and configuring and time can be have very very very high levels of security and privacy?

The crazy thing is that apple hardware beats most other hardware, too, at a high price. Better phones, better tablets, better laptops. More secure, more private OS than the popular consumer alternatives (Windows, Android). Arguably much better OS all around, too (at least IMO -- iOS beats even stock Pixel Android at use-ability, MacOS v Windows is like the Harlem Globetrotters playing the Washington Generals.)

michaelmior|3 years ago

> stop pretending you can read a hundred million lines in your life time.

For me, and I assume most others, it's not that we expect to read all the code ourselves. It's that there's a large developer community and security researchers who have access to the code who will collectively read it all. Of course this isn't a guarantee that there are no security flaws, and you still have the pipeline problem of ensuring the binaries you get actually come from the code you think they do. But all else being equal, I think open source provides a significant level of threat mitigation.

Even if you fully trust Apple not to intentionally back door anything, there's far fewer eyeballs on their code. Given that access to source code also has the potential to reveal security holes that may have gone unexploited, there of course a tradeoff here too.

beeboop|3 years ago

I think this is less of an issue than you might think - if they're going to decrypt for law enforcement then it will become painfully obvious there's a backdoor literally the first time evidence is brought to a court that shouldn't have been available without a decryption.

StillBored|3 years ago

But that could be a very long time if they just apply some form of parallel construction to most cases. They aren't going to burn such information on the first low level criminal/CP target they find. Instead they will wait 5 years and then sweep up a bunch of people involved in some criminal "ring".

And the problem with all these services that provide some kind of E2EE encryption and still have a way to push application updates (or run something in your browser), is that they just slip a version on your machine that sends the password to the feds/whoever when you type it in.

chakalakasp|3 years ago

Thing is, if law enforcement is patient they can get the data off the actual devices themselves, if they're still alive. Yes, a fully patched iPhone tends to be a fortress of might to anyone other than a nation state willing to burn a few very expensive 0 days, but with almost any phone if you wait a year or two something will inevitably come out that will allow the ol' Cellebrite crowbar a cranny to slip into.

cromka|3 years ago

Not to mention employe whistleblowing.

rootusrootus|3 years ago

> Their software is not open source.

Notably, the only other serious competitor in the space is also not open source. Sure, you can probably carefully construct a phone from only FOSS, with some compromises of course. But this is unfeasible for regular users, who have for all practical purposes only two choices. And those same users are unlikely to go for alternative replacements for built-in functionality just to reduce their exposure. Convenience wins every time.

ir77|3 years ago

my comment was not against someone 100% paranoid using grapheOS and doing their own backups somewhere and trying to figure out how to get a good google maps alternative in open source.

my comment was that against main stream companies apple leads the way, and it's overall great for a consumer.

do you personally expect every piece of open source software? do you run your own email servers, music servers, photo backups, etc.? If not, you somehow trust those companies -- why?

kaba0|3 years ago

Arguably, the chance of fckup might increase, as now you get the problem of integration which will quickly increase the surface area to n*m.