WingNews logo WingNews
top | item 46838972

(no title)

wcfrobert | 29 days ago

Apple's commitment to privacy and security is really cool to see. It's also an amazing strategic play that they are uniquely in the position to take advantage of. Google and Meta can't commit to privacy because they need to show you ads, whereas Apple feels more like a hardware company to me.

discuss

order

jtbayly|29 days ago

modeless linked to this article earlier today:

https://james.darpinian.com/blog/apple-imessage-encryption/

My current understanding of the facts:

1. Google defaults to encrypted backups of messages, as well as e2e encryption of messages.

2. Apple defaults only to e2ee of messages, leaving a massive backdoor.

3. Closing that backdoor is possible for the consumer, by enabling ADP (advanced data protection) on your device. However, this makes no difference, since 99.9% of the people you communicate will not close the backdoor. Thus, the only way to live is to assume that all the messages you send via iMessage will always be accessible to Apple, no matter what you do.

It's not like overall I think Google is better for privacy than Apple, but this choice by Apple is really at odds with their supposed emphasis on privacy.

indemnity|29 days ago

Enabling ADP breaks all kinds of things in Apple’s ecosystem subtly with incredibly arcane errors.

I was unable to use Apple Fitness+ on my TV due to it telling me my Watch couldn’t pair with the TV.

The problem went away when turning off ADP.

To turn off ADP required opening a support case with Apple which took three weeks to resolve, before this an attempt to turn off would just fail with no detailed error.

Other things like iCloud on the web were disabled with ADP on.

I just wanted encrypted backups, that was it.

miki123211|29 days ago

Apple's other emphasis is customer experience, and there are more "I forgot my code, help me recover my stuff" people than you can imagine.

It would be bad PR for Apple if everybody constantly kept losing their messages because they had no way to get back into their account.

dd8601fn|29 days ago

ADP isn’t the default, and almost nobody who isn’t a journalist/activist/potential target turns it on, because of the serious (potentially destructive) consequences.

How does Google manage this, such every normie on earth isn’t freaking out?

eddyg|29 days ago

I still like to encourage people to watch all of https://www.youtube.com/watch?v=BLGFriOKz6U&t=1993s for the details (from Apple’s head of Security Engineering and Architecture) about how iCloud is protected by HSMs, rate limits, etc. but especially the timelinked section. :)

bigyabai|29 days ago

I still recommend Mr. Fart's Favorite Colors as a refutation, describing why all of these precautions cannot protect you in a real-world security model: https://medium.com/@blakeross/mr-fart-s-favorite-colors-3177...

  Unbreakable phones are coming. We’ll have to decide who controls the cockpit: The captain? Or the cabin?

jmaker|29 days ago

Can someone explain what the real difference is to a consumer user between an iPhone and a Pixel or a Samsung device? Across all services, push notifications, and device backups.

Both promise security, Apple promises some degree of privacy. Google stores your encryption keys, and so does Apple unless you opt in for ADP.

Is it similar to Facebook Messenger (encrypted in transit and at rest but Meta can read it) and Telegram (keys owned by Telegram unless you start a private chat)?

There are things Pixels do that iPhones don’t, e.g., you get notified when a local cell tower picks your IMEI. I mean it’s meaningless since they all do it, but you can also enable a higher level of security to avoid 2G. Not sure it’s meaningful but it’s a nice to have.

isoprophlex|29 days ago

Some of these companies don't make money from you, the end user, but by selling ads and data to more effectively deliver said ads.

Differences in capabilities, experience and implementation are all downstream from that. In other words, everyone pays lip service to privacy and security, but it's very difficult to believe that parties like Meta or Google are actually being honest with you. The incentives just aren't there.

With Apple, you get to fork over your wallet, but at least you seem the be primarily the user they've got to provide services to.

With Google/Meta, you're a sucker to bleed dry.

bossyTeacher|29 days ago

> Can someone explain what the real difference is to a consumer user between an iPhone and a Pixel or a Samsung device? Across all services, push notifications, and device backups.

By default, Apple offers you at no charge: email aliases, private relay, Ask No Track barrier. These are just the ones I can think of right now. I am sure there are more. A big thing with Apple is not that they offer different privacy services but they make it EASY and SEAMLESS to use. No other company comes close.

traceroute66|29 days ago

> Apple promises some degree of privacy.

Apple also makes it easier to achieve that privacy:

    - They put all the privacy controls in one place in Settings so you can audit
    - App developers are mandated to publish what they collect when publishing apps to the App Store.

derbOac|29 days ago

It's all tempered by them ultimately controlling what you can put on your phone though.

As was demonstrated in LA, it's starting to have significant civil rights consequences.

throwaway290|29 days ago

Security is pointless if platform allows 90% users to be social engineered into running code disabling that security

nozzlegear|29 days ago

What happened in LA?

ioasuncvinvaer|29 days ago

Apple is an ad company now though

baxtr|29 days ago

Apple sells some ads yes. But it’s a tiny fraction of their revenue.

Would Google or Meta go bankrupt if they stopped selling ads? Yes. Apple wouldn’t.

vrosas|29 days ago

[deleted]

candiddevmike|29 days ago

All while slowly stuffing (more?) ads into their software.

In a lot of ways Apple is as aligned to data privacy the same way other "platforms" are: to gatekeep the user data behind their ad service. It's better than selling your data, maybe, but you're still being tracked and monitored.

astrange|29 days ago

You can't sell cell phones and "not care about security". There are these things called government regulators that won't let you sell them anymore if security issues happen.

dangus|29 days ago

> Apple gives zero fucks about security.

Hyperbole doesn’t help your point. They definitely care about security, their profits depend on it.

Noaidi|29 days ago

That people fall for this corporate BS while Tim Cook is giving gold bars to Trump and dining and dancing with him When people are being murdered on the streets by ice is just amazing to me.

OGEnthusiast|29 days ago

Well that’s what Americans voted for. So I don’t think anyone cares that every CEO (definitely not just Tim Cook) is schmoozing with Trump.

raw_anon_1111|29 days ago

I still like their hardware. But let’s not pretend that there is any part of Trump’s body that he won’t kiss and sell out his customers for. If Trump asked Cook to put a backdoor in iPhones or impose tariffs on Apple, Cook would do it in a minute

JKCalhoun|29 days ago

My Mother Night hope is that Cook publicly shows obsequiousness only so that in private he can hold the line on backdoors, etc.

I know, I'm living in a fantasy world in my head.

nozzlegear|29 days ago

Cook couldn't personally put that backdoor in himself though. There would (presumably) be Apple employees who would blow the whistle if they received such a command.

epolanski|29 days ago

I claim bs at this whole apple privacy thing, nothing but propaganda.

Two years ago I was locked out of my MacBook pro.

Then I just booted in some recovery mode and just..reset the password!?

Sure macos logged me off from (most) apps and website, but every single file was there unencrypted!

I swear people that keep boasting that whole apple privacy thing have absolutely no clue what they are talking about, nothing short of tech illiterate charlatans. But God the propaganda works.

And don't start me on iMessage.

n8cpdx|29 days ago

You chose not to enable FileVault during setup. Probably because you were worried about being locked out and wanted an easy way to reset the password.

Would you prefer that Apple did not give you the option to disable the security feature you disabled during setup?

dangus|29 days ago

Apple has ads. See the App Store, Apple Maps is also planning to roll out advertising.

bigyabai|29 days ago

You know what's even cooler? Apple's commitment to hiding US federally-mandated backdoors for dragnet surveillance: https://arstechnica.com/tech-policy/2023/12/apple-admits-to-...

  Apple has since confirmed in a statement provided to Ars that the US federal government “prohibited” the company “from sharing any information,” but now that Wyden has outed the feds, Apple has updated its transparency reporting and will “detail these kinds of requests” in a separate section on push notifications in its next report.

isodev|29 days ago

> Apple's commitment to privacy

We know now that it was all marketing talk. Apple didn’t like Meta so they spun a bunch of obstacles. Apple has and would use your data for ads, models and anything that keeps the shareholders happy. And we don’t know the half of the story where as a US corp, they’re technically obliged to share data from the not-E2EE iCloud syncs of every iPhone.

astrange|29 days ago

> Apple has and would use your data for ads, models and anything that keeps the shareholders happy.

Illegal to do this in (at least) the EU, California and China.