In the last few years the combined privacy invasion from:
1. Google at the very heart of Android (and even Cyanogen/LineageOS with DNS, Google Play Services etc.) and everything I do on the phone.
2. OnePlus with sending data and telemetry back to China and being caught out multiple times after saying they respect the user.
3. Facebook with asking for/getting insane levels of permissions from Android for their apps.
Has made me realise that Apple are the only option for anyone who cares about privacy and wants some simplicity.
Sure I'd love for the ello (/e/) project to eventually take off and provide a real solution but in the meantime and for now Apple aren't showing any signs of wanting to (or needing to) exploit/sell my personal data.
I'm degooglifying as much as possible and my tech friends are too after the recent scandals. Google's a company we will look back on in 50 years as being a blight on freedom.
Which, is also the main argument of the OP for preferring Apple.
I'd guess that Apple really collects less data because they want to preserve your battery life, not your privacy.
I assumed that PRISM data came from a "backdoor" it had to iPhones. There's no proof that PRISM data didn't come from a backdoor to iPhones. But there's no proof it did come from a backdoor either. So I'll take back that comment.
1. Do they share this data with people?
2. Is this data anonymized?
3. Is this data directly monetized, or otherwise give incentives to violate user privacy?
- available for access by employees
- retained, deleted, and stored
etc.. are at least as important for your privacy.
As someone who works in security, I am as concerned or more about the seemingly inevitable breach's impact on my privacy.
So it is simple: Apple has a choice. Google doesn’t.
Where? I can't identify a single non-tech-oriented person in my life who makes phone purchasing decisions based off of vague notions like privacy.
In fact, I'd say that the market does not demand privacy, it is ambivalent to it. I don't agree with ambivalence, but I also don't see consumers making privacy-minded purchases, either.
Google was once the "don't be evil" company.
- does not use that data to sell stuff to you.
- don't have a reason to profile you and store those profiles constantly updated.
- don't have a reason to "follow" you across the web everywhere you go to update that profile.
Just having that profile on you makes a company a liability. C you trust a company that makes money solely based on the information they collect about you to make decisions that benefit you? or your privacy and security?
Why then use the app in the first place? I mean, the mobile sites of fb are pretty much functional to me. (Admittably, I am happy to have no notifications on my phone outside sms and calls)
There have been times when mbasic has shown me two items, and that's it. Switching to m returned more. But only going to the full www showed me everything going on.
So now I restrict myself to using Facebook just one day a week. It's not as good as cutting Facebook off entirely, but it at least reduces some of its data gathering on me.
I suspect it'd be trivial to remove the overlay with CSS.
People's will towards privacy is still weak, they don't know what those company could do with that amount of data. Ignorant, that's why those company keep doing what they do.
It's just like running a restaurant, as long as people can't see disgusting thing in their food, then everything will be fine and dandy, no matter how unhygienic the kitchen was.
It boils down to trust. Do you trust Google? Do you trust Apple?
I trust Google to care very much about security. I also trust that they are gathering as much information as they can about me. Even as a paid customer. It’s baked into their business model.
I trust Apple to care very much about security. I also trust that they fundamentally believe in privacy and are not gathering large swaths of data about me, and are doing what they can to keep others from doing so if I play in their garden. It’s baked into their business model.
Why don't boil down even further? How comfortable you are when you put your own security on other people's hand? Do you trust others will protect you no matter what? Do you trust others will completely be honest with you no matter what?
I don't know about you, but for me, I always trying to figure out the detail of the thing that will be rely on, even it's just a door alarm. Only after that, I can then tell whether or not I trust it.
If I understand you correctly, I can say that your "trust" is actually a form of trade off: I want to use the awesome __________ Phone, so I can ______________. For that, I could take some shit from __________ as long as they don't ______________.
However, that just means you've convinced yourself to trust something, hardly anything else.
And speak of "business model", many company was cool and awesome when it's young. Things change.
So, if it's a question: Do you trust Google? Do you trust Apple? Both no. I kept my file encrypted when uploading to Google Drive, and I don't use iCloud at all. I have 16 different Google accounts and 3 Apple accounts, each for different things, and I replace most of then every two years (Or when Google start to ask me for my phone number).
My advise: Don't dip yourself into that situation when you have to make a choice like that.
So, given that I have to trust someone (and for 99% of people on the planet this is also true) I choose to trust Apple.
Currently I'm running with an MS Lumia 950 and when necessary, I'll switch back to Android. I've completely removed all my social media apps on both phones.
The most recent reason I needed to switch back to my OnePlus 2 was because my hockey manager now uses Venmo to accept payment for the upcoming season. I was pissed when I found out Venmo won't allow you to process payments from your desktop account anymore. You are forced to download and install the Android app, and then send money that way.
It just feels so invasive. I felt like they were saying, "We can't get the data we want on your PC, so we'll force you to download and install the app, and in the process, give us the permissions we want to get to your data.
Check out the comments here:
I have high hopes for Librem 5 where privacy of user is the core product of the company.
Either you choose a somewhat open platform, or you choose privacy. One would have thought/hoped that they were tightly coupled.
As it is today I can not buy a phone without having a deep bottomless disdain for it. Not the hardware but the software. And I don't even expect that much.
I have given up entirely, the slither of hope is that in the future we can decouple the smart in smart phone with the phone. A truly dumb phone that I can interface from another device, a device I have some control over that I don't have to sell my soul to.
I think this comes down to two things:
If we define "polish" as: consistency+predictable UX+aesthetics
1. openness involves interoperability, and polish is more expensive to achieve when interoperability is a requirement
2. the primary market for polish tends to value exclusivity, which—while not entirely contradictory to openness—tends towards non-openness
The combination of these two means that when you focus on polish you end up with a product line that is likely to be non-open.
The fact that the primary market for polish also tends to be economically comfortable also conveniently leads to margins that allow for privacy, but I think this is just a happy accident.
It's my belief that if we want a private + open platform we need to:
- Accept very large sacrifices* in polish because doing both is only economically viable when catering to a market that doesn't want/need openness
- Choose a different economic model where resources are available to do both simultaneously.
* Also worth noting that sacrificing quality and/or UX can lead to less privacy given that privacy depends on security and security depends on both quality, and also on UX to prevent social attacks.
Modern windowing systems are also very similar. A Windows 3.1 or early MacOS user would have no trouble using a computer today.
Touch and phone interfaces will get there, too, as both software and culture evolve together.
I can't wait for, and would love to support, the Debian of phone architectures. In past HN threads, it has been suggested to me that the real blocker for a good open phone OS is at the hardware/kernel level. That was the state of the hardware environment in the late nineties and early 2000s.
Give it time, effort, and support, and a great and open OS will emerge.
I would like to be that optimistic, but I am not. The PC has always been a fundamentally open platform and hardware has been supported by many OSes for a long time. When I was young, we would run MS-DOS, DR-DOS, OS/2 and Windows 3.x (which was strictly spoken not an OS). After 1994 I also ran Linux and BSD and I never had any real problems hardware-wise. There was a difficult time around the turn of the century with WinModems and printers that only supported Windows. But that was more of a temporary regression.
The biggest blocker in our experimental labs for open-source software was always hardware drivers. These days, linux is extremely common and generally well-supported.
Sadly yes, which is why I backed the Librem 5 and hope it pans out, the promise of an open platform that respects your privacy is a really compelling one right now.
- lack of time to implement (this would be great but we have three people on a team, and five features to deliver...)
- lack of people who care enough and have the resources to fix it (this would be great, but manager has other priorities that are more important at the moment)
- conscious choice as expression of philosophy or style (like flat UI)
- conscious technical trade off (like on-device photo analysis)
What are some of the things you think are wrong and would be easy to solve? Openradar links would be useful too :)
There is no way to make the &%*#ing thing stop whining about lack of wifi - it literally waits until I'm trying to do something else to throw up a shitty dialog trying to annoy me into turning it on.
I turn connectivity off for a reason, and no, Apple does not know better in this instance. It is incredibly user-hostile and irritating, and I hope the engineer that wrote that code gets pink eye.
 I know, I'm a weirdo. Trying to explain how I'm Doing It Wrong will lead me to ignore you.
 I kid. It is really annoying, though.
I can't run real Firefox.
I can't route all calls through Google Voice.
I can't run CarPlay without a head unit.
I can't open all map links in my preferred maps app.
I can't create restricted accounts for my kids.
It's essentially unusable as a "smart" phone.
Any claims about privacy fall apart after investigation. Google will still get my location on iOS if I use Google Search, exactly as it does on Android.
Well, unless you pay, or use Swift Playgrounds.
> I can't create restricted accounts for my kids.
Does the standard set of restrictions not do what you want?
> Google will still get my location on iOS if I use Google Search, exactly as it does on Android.
You don't have to use Google…
Separate accounts have separate data, not just restrictions.
> You don't have to use Google…
That's the point.
This is on Google now. Apple provides ways for app developers to use the native phone UI now. If I set up my number with the Google Hangouts app, I can get calls from my Google Voice number via the Voice app or the native UI. You can't do this with the Google Voice app but I have a feeling that's because they haven't updated it to support this API.
If Google Voice has Siri integration which has been around for awhile, you can say “Call X using Google Voice” and it will call using GV and activate the phone Bluetooth protocol if you are connected to your car’s Bluetooth system.
What’s the fundamental difference between clicking on Contacts and making a call and clicking on the GV app?
If the GV app has been updated to take advantage of the latest APIs, calls to and from the GV app will show up in your call history along with the native dialer.
If you like GV, why use the native contacts app at all? Any app that adds to contacts will automaticallly be added to GV.
If Google wanted to since they already have all of the apps, you could completely stay in the Google ecosystem on iOS - Browser, mail client, google voice, etc.
If I trust a phone app enough to use its dialer, I should be able to route all calls through it. If I trust a maps app enough to use it manually, I should be able to set it to open for all address links. It really is that simple.
For somebody who is seriously privacy-conscience, Android is strictly better.
All claims about privacy appear to stem from using fewer Google apps by default. Those default apps (like Safari and Siri) are inferior to their Google equivalents for most users, and for the people who don't want to give Google information, Android users can choose to use non-Google apps as well (like Firefox and local assistants and maps).
You can't block ads across all apps without running your own ad-blocking proxy, jailbreaking, or paying Apple for the privilege of building an ad-blocking app on your phone. You can on Android by just installing an app (one example:
> and iOS collections an order of magnitude less tracking data than Android.
iOS collects the same data that Android collects. The difference is how much data the default apps collect that go to Google as I stated earlier. The Google apps are strictly better than the equivalent Apple apps for most users (maps, assistant, photos, mail, etc.). For the relatively fewer users who care more about privacy than about their apps doing things for them by knowing about them, Android has more and better options as well (Firefox, local apps, system-wide ad blocking, etc.).
Nope. Google was caught collecting location data even when everything was turned off:
They also made their settings very misleading:
Your first link is about accidental collection that no longer occurs according to the article.
I file radars when applicable, my gripes are more general:
- No universal 3D Touch puts it in a weird spot. I like 3D Touch! Why not say we equip all models with 3D Touch, similar to when they made ips display the standard even for entry level MacBooks.
-prohibiting self signed applications. You have all the right to keep Steam Link off your shop, but not off my device. And if I had the desire to install Alex Jones’ app I would like to do that. You’re not my mom Apple. I’m still hoping the EU will fix this at some point.
-iTunes. I use it. It’s awful. If they would at least kill it off I’d know not to use it anymore.
-Seriously lagging behind in standards like PWAs, wireless charging or NFC.
-iMessage and Airdrop are awesome. Too bad I can rarely use them because the majority around me use Android.
What if, fixing things the way you like breaks these features for someone else?
1. There's really no space for it, if you look at teardowns. So something took its place.
2. It does give better water resistance. Google the water resistance tests between iPhones and others. The difference is night and day in real world performance.
This guy was able to add the headphone jack back into an iPhone (https://www.youtube.com/watch?v=utfbE3_uAMA). The argument that there is really no space just isn't true.
2. No. Samsung phones are far more water resistant than iPhones are with a jack on it. I would love to see your links to said research.
Earbuds that work with the iPhone come in the box (and prior to the just announced models even an adapter was included). I'm not sure how lack of a jack pushes someone to buy AirPods. Maybe it makes them think about buying bluetooth headphones over wired if they were already thinking about third party headphones? Maybe.
Also while you may disagree about the 'barometric vent', it was put in the space that the headphone jack would have taken.
As pictured above, you can see a piece of plastic sits behind the ingress protection (waterproofing!), right where the headphone jack would have been. And (update!) according to Apple it's a "barometric vent." Apparently adding all the waterproofing to the iPhone 7 and 7 Plus meant that it was more of a sealed box, and so to be able to have an accurate and working barometer, Apple used that space. The barometer is the thing that allows a phone to measure altitude, and Apple points out that on the iPhone 7 it can measure even minor changes like climbing a flight of stairs.
Knowing my altitude is something I need on at least a weekly basis. I'm OK with losing a port I haven't used in a couple of decades.
And AirPods? If you keep them in the case between uses they should always be charged.
How are people being "pushed" to buy Airpods when they can use any Bluetooth headphone, the headphones that come bundled with the phone, or use their own headphones with a $9.99 adapter that they have included up until yesterday?
So, if your headphones don't support AAC, they will (most likely) fallback to SBC encoding with a subpar sound quality. Don't want a subpar sound quality? Buy Airpods. Or Beats. Or some other overpriced thing that understands AAC. There was some 100 year-old industry standard regarding sound transmission, but apparently it's "obsolete" now, because Apple said so. And bundled headphones don't sound too good.
The removal of headphone jack was purely a political decision to spite Qualcomm and screwing over Apple's customers.
But if you aren’t satisfied with the Apple wired headphones, up until the 12th Apple bundle an adapter, you could choose any wired headphones you wanted. After the 12” it would be $9.99. It’s still not forcing you to buy AirPods.
As far as Bluetooth, there are other non Apple/Beats Bluetooth AAC headphones. Nothing forcing anyone to buy them from Apple.
FWIW, my lack of headphone jack had nothing to do with me buying $170 airpods. The product sells itself. It literally felt like something out of the future when it launched. Opening and closing the lid makes me happy on a daily basis. I can't think of a better use for that $170. It's a product that is pure joy to use, and completely eliminates one of the biggest annoyance factor in my daily life: tangled headphones, and worse, that feeling on your ears when you accidentally tug earbuds that are in your ear. So frustrating!
Edit: Oh, and when I broke my older model with saltwater, they replaced it. Twice.
Work for hire is a statutorily defined term (17 U.S.C. § 101), so a work for hire is not created merely because parties to an agreement state that the work is a work for hire. It is an exception to the general rule that the person who actually creates a work is the legally recognized author of that work. According to copyright law in the United States and certain other copyright jurisdictions, if a work is "made for hire", the employer—not the employee—is considered the legal author.
I think Daniel's in the process of learning that verbal agreements don't mean anything when the shit hits the fan. IMO that's what he gets for switching to a non copyleft license.
How so? I just upgraded to a Pixel 2 XL from a phone much older than the pixel, a Nexus 6. I would not have even upgraded so soon if I didnt up with one too many crack on my screen when it gave up.
It depends on definition of 'require'. Almost all apps 'require' it in app manifest file. But very many of them actually works perfectly fine with an absense of Google Play Services on device.
You'll be part of the system as long as you have a phone.
(...and as long as you have a face, if projections are to be believed.)
Huh? Isn't Linux (the original one, not derivates like Android) relatively private, while being completely open?
I feel the same way, but I don't feel negatively about it.
I have an iPhone and I treat it like a hostile/suspect device and that is working quite well for me.
Apple has no idea who I am - I have never even typed my own name into the phone. Apple doesn't even know my phone number as my "real" phone number is one I control and forward to the burner SIM (straighttalk) that is in the phone.
My actual phone provider (twilio) doesn't know who I am.
Straighttalk doesn't know who I am - they got an assumed name and email address. Same for the very, very few apps that I use.
So unless Apple decides to acquire twilio and whatever verizon MVNO I am using this quarter and my credit card issuer, all they've got is Fakey McFakefake.
None of this was difficult, aside from building my own carrier inside twilio, but that was fun.
 Remember: VISA/MC do not verify names on purchases. The user interface strongly suggests that they do, but they do not - if you correctly enter your number/expiry/CVV/zipcode/etc., you can put in any old name you want. There is really no reason for any app to know your real name.
That's a terribly wrong dichotomie
iOS and Android are the choices. I say pick your poison. If a new choice comes along, I don't see any reason for the dynamics to be any different. People want high quality well-integrated electronics, and you only get that by being beholden to the manufacturer.
By the way, the time when installing an alternative Android distribution on your phone was 'hacky' is past for many devices, several distributions offer OTA updates so it is perfectly possible to run a mostly-open device without ever having to do anything 'hackish'.
As to whether an always-on radio beacon transmitting your location to the authorities can ever be seen as a plus in a privacy context remains to be seen of course, that is something which can not be fixed by either AOSP or Apple.
Those who would give up essential Openness, to purchase a little temporary Privacy, deserve neither Openness nor Privacy. -Benjamin Franklin
Apple do seem to have some respect for privacy at the moment, but it's still a phone that scans the user's face (far too creepy for me) or makes it difficult to restrict outgoing connections (I'm not keen on apps connecting to flurry, facebook and so on).
Upon enrollment, the phone illuminates your face with a grid of dots, and creates a three dimensional depth map of your face from multiple angles.
The results of that are stored in the secure enclave, and when an unlock is requested the device re-scans the face that is in front of it. If the two maps match "close enough" the phone is unlocked.
You cannot recreate a face from the data, and the phone has no idea what you look like unless you actually look like this in real life: https://i.imgur.com/fNBiIUU.jpg
If you're worried about the very low resolution biometric map of your face being used to impersonate you, that can already be accomplished with just a couple of seconds of video, or a photograph and the only known defense against that is never venturing outside a secure perimeter into which camera lenses cannot see.
Face tracking for faceId you can turn off but I agree it can be creepy. So far it's been limited to only on the device and encrypted so I've been ok with it but that's obviously a very personal choice.
Adguard works rather well, but Apple doesn't seem too keen on their product:
Of course, there's ad blocking in Safari but tracker blocking in apps also concerns me.
As for the FaceID I would indeed turn it off and use a PIN, but it would be a bit of a faff; a fingerprint plus a means to quickly turn that off is quite convenient.
I then have content rules on the firewall between the OpenVPN server and the Internet.
As an added benefit, this makes the monitoring done by all cellphone providers (not just Verizon!) irrelevant because all they see is a constant, 24x7 stream of encrypted traffic to the same IP address.
Another that I have heard of but not used (your milage may vary and all that): Alice https://itunes.apple.com/us/app/alice-network-proxy-utility/...
You can also run a proxy on a server remotely and intercept all the network calls from your phone, something burp is common in the security industry. It's under your network settings, HTTP Proxy. It's more limited than an app like Charles that inspects all traffic but it's another option.
I think it's come up here a few times, with various anecdotes about surfacing badly behaving apps.
Don’t underestimate the lure of ad money, even to a company as large as Apple. They realize the second you start taking ad money your customers are no longer your customers, but your product.
But I've noticed that more and more, even when you do pay for something there's a good chance your data will still get sold.
They also summarize the security of iCloud services, delineated by "in transit" and "on server", here: https://support.apple.com/en-ca/HT202303
I wanted to actually call out one important detail in the latter link above:
"iCloud secures your information by encrypting it when it's in transit, storing it in iCloud in an encrypted format, and using secure tokens for authentication. For certain sensitive information, Apple uses end-to-end encryption. This means that only you can access your information, and only on devices where you’re signed into iCloud. No one else, not even Apple, can access end-to-end encrypted information."
So, we can discern that anything you store on iCloud that isn't using end-to-end encryption can be accessed by Apple. This includes (but is not limited to) Contacts, Photos, Notes, device Backups, and everything you're storing on iCloud Drive.
This article is solely about Apple making it harder for 3rd party apps and websites to track you. That's certainly a good thing, but the downside is that it just makes the data Apple has (or can have) far more valuable, which only increases the likelihood that they're collecting and selling a lot of data.
This article is just one guy speculating about his thoughts, and he was possibly paid to do it by Apple. If Apple wants to make privacy a selling point for their products, they would no doubt seize the opportunity to do so very loudly. And, if it's not Apple saying it, then it's not legally binding.
They have definitely been doing this over the past four or five years and certainly claim they aren't selling your data: https://www.apple.com/privacy/
"Whether you’re taking a photo, asking Siri a question, or getting directions, you can do it knowing that Apple doesn’t gather your personal information to sell to advertisers or other organizations."
That only applies to two things, taking a photo and asking Siri a question. It does not prohibit them from collecting the data for their own use. And does not prohibit them from selling analysis of that data.
> Your iOS device can collect analytics about your iOS device and any paired Apple Watch and send it to Apple for analysis. The collected information does not identify you personally and can be sent to Apple only with your explicit consent.
You have to opt in to analytics collection when you set up the device and in Settings>Privacy>Analytics>Analytics Data you can examine or download everything which has been sent to Apple.
If you take Apple at their word that they're only collecting what they say they are, they're not bad.
"When it’s collected, personal data is either not logged at all, removed from reports before they’re sent to Apple, or protected by techniques such as Differential Privacy."
And the fact that you can download the data unquestionably proves that it can be traced back to you. I think you're just seeing what you want to see, and aren't paying attention to all of the loopholes they create for themselves.
I think it is highly unlikely to come out that they are selling company data. Look at all the comments that Tim Cook made about Facebook - that he wouldn’t be in that situation as it would compromise his morals etc..
Does the GDPR not require this?
At the recent iPhone / Watch launch event a few days ago, Apple COO Jeff Williams stood on stage with a single word backdrop "Privacy" and said:
"At Apple we believe your personal information belongs to you, you should decide who you share your information with and who gets to see it. Period. All your (Watch) health and fitness data is encrypted on the device and in the cloud".
That's not a legally binding statement from Apple stating exactly what they collect, but it certainly is Apple making privacy a selling point and doing so very loudly.
Answers to my questions why apple products are way more expensive, even compared to devices with similar features and hardware specs, remained pretty superficial "it's that way" or "apple is just better" weren't obviously satisfying. Blinded by my own conclusion that apple products just sell because of apple fanboyism I remained with google.
Now, in the year of 2018 were everyone is interested in your data im still pretty wishy-washy of getting an iPhone but recent news drive me towards it. But in the end it might be a decision between pest or cholera.
It obviously depends a lot on how much you care about software updates, how gently you treat your device, etc. But if you’re the sort of person who buys a new phone every two years and sells your old phone, the resale value of the old phone tends to be high enough that the costs look about the same as reasonably comparable domestically available devices.
If you’re buying your phone straight from China, or don’t care much about high-end phone features, your mileage may vary.
Or as many in this thread do, preach complicated (and often broken in practice) processes and tooling that might theoretically protect ones data, but require Stallman's PC levels of configuration and not actually get anything done while Apple's UX does.
The fact that (for the moment) the top comments are all software engineers giving up and advocating for dumbphones is a laughable abdication of responsibility/competence/design.
Most people aren't going to care about things until it effects them in some way.
> From the program, the Chinese SCS will be fully implemented starting in 2020 and will be made mandatory for every citizen. Once implemented, every citizen will be rewarded, or punished, on the basis of their behavior. Some types of punishments can be: flight ban, exclusion from private schools, slow internet connection, exclusion from high prestige work, exclusion from hotel, registration on a public blacklist.
So, Android devices sucks with privacy and cheap space to farming to other companies. Heard some Chinese companies sell phones with ad injections in default apps.
Nobody would write apps with this sort of policy in place... so here we are. If you really think the Chinese government is out to get you, which is a very real concern, I would not use any apps on your phone. The app developers do not care about your safety, and neither does Apple.
And having developers post a bond is logistically impossible to implement. Far better just to have Apple kick them off the store entirely. Which is what they do already.
It's quite amazing that Apple has not added this simple requirement to their app store until now.
Or if you're big enough like Uber, just get a firm warning and be told to stop doing whatever it is that's wrong.
A year and a half after their more privacy-conscious competition but good
> And having developers post a bond is logistically impossible to implement.
Require a credit card at publisher signup. Explain it will be charged for violations.
I don't want to assume you're trolling, but this is literally the first time I've heard anyone ever say Google is more privacy conscious than Apple.
When you think of a toxic hellstew of vulnerabilities, you probably don't think of Apple either, even though its App Store infected more users with malware than all its competitors combined. https://researchcenter.paloaltonetworks.com/2015/09/malware-...
The malware you’re referring to—XcodeGhost—was produced by compromised non-Apple copies of Xcode installers downloaded by (mostly) Chinese developers from non-Apple (Baidu) servers, who then produced iOS apps with the non-Apple Xcode. The modified copies of Xcode would inject malware into iOS app builds. The link you provided says nothing about actual numbers of end users with malware infections, much less that there were more users infected than all Apple’s competitors combined. It merely suggests potential number of users who could be affected if they installed known compromised versions of apps built with the non-Apple Xcode—and it provides no methodology for what these estimates of total potentially affected users is based on.
Privacy policies do nothing to actually protect user privacy. Facebook’s requiring of privacy policies hasn’t protected users or the company from multiple privacy fiascos.
What GPS data collection are you referring to here? Apple-collected data stays on user devices. Third-party apps are granted permission (or not) to use location services however they see fit. Location services can be disabled entirely. What third parties do with your location data is between you and them, not Apple.
iMessage being replaceable by Signal or any other app as a default messaging app says nothing about Apple’s commitment to user privacy. You are free to use Signal.
The best outside estimates show XCodeGhost infected at least 400 million users. That estimate is from knowing which apps were infected and using publicly available estimates for their users. Apple didn't say how many exactly (or even warn its users about the malware) because Apple only pays lip service to security for marketing purposes.
> Privacy policies do nothing to actually protect user privacy.
You disagree with Apple on this then.
> What GPS data collection are you referring to here?
I told you exactly what data collection I was referring to there. Apple (not third parties) collects GPS data from user's phones to run its AGPS service. Unlike Android, which has an opt-in for this, Apple doesn't even let you opt out.
> You are free to use Signal.
But not as your default SMS app. Instead, you have to use Apple's closed source and unverified app.
Yep. I bought a cheap tablet off of Amazon with the only use for it needing to be able to read digital textbooks at close to their equivalent physical size. This was back when tablets larger than 7" were crazy expensive. This one wasn't.
It has so many ads injected into and between apps (full-screen popups on app change) that it's unusable for anything other than reading static content (which is luckily what I bought it for). Response time is on par with a 1st-gen Kindle.
I thought I'd be cute and implement DNS adblocking at the router level but that just causes crashes and hangs since they didn't see a need to implement a graceful failure mode for the ad callbacks.
With the more recent changes in Firefox, I find the UX acceptable and may go through switching back... I've got a few things on google but may migrate out.
It would be more accurate to say that Google Play sucks.
Cubot is a good example:
"However, it was discovered that Cubot had removed the malware from the System UI package and hidden it under a new package, com.android.telephone, disguised as the phone dialer. On further digging, it was discovered that the new package does not have any real function and it manages to evade any detection by antivirus apps such as NetGuard, that would detect the malware under System UI previously."
The only thing they have is low prices.
The nice thing is they still give you drivers even to Windows 7.
When I get new Lenovo laptop, I immediately throw away their drive, put a bigger one and install Windows 7 from scratch.
At least for some time, this was not good enough. The shipped crap/spyware in the firmware and exploited Windows Platform Binary Table to inject their spyware into freshly installed Windows. So, even a clean disk and an official Windows CD didn't evade the spyware:
Luckily, desktop Linux/BSD is probably too obscure to be on their radar.
With XPrivacy you're able (or used to be able - I'm not sure if it works on recent Android versions) control things like how apps can use WebViews (e.g. what URLs they are allowed to open there), or whenever app is allowed to read or write (all separately) clipboard data. Etc etc.
Most of these permissions either require individual consent after you run the app (and can be revoked in settings) or aren’t allowed under any circumstances.
The exceptions I see are:
Internet access (you can block cellular internet access on iOS and 3rd party keyboards can be blocked from allowing any network access)
Prevent links from opening in a view - depending on which type of web view that an app uses, the native content blocking framework that third party ad blockers use for Safari also work in the WebView. For instance, the ad blocker I have installed works with Feedly - my RSS reader.
The only sensor I think that can be blocked is the GPS.
PrivacyGuard in LineageOS is about blocking.
My phone number is 000 000 000
and my email is firstname.lastname@example.org
and they work fine then
Also, have you really audited the code of xposed and xprivacy to see that there isn't any single security flaw that expose your whole phone?
I'm tired of the endless android situations where an app seems to be able to do whatever regardless of permissions... and permissions can't really be managed anyway. I also don't belive Google will ever get a handle on those permissions / privacy, they just don't care to.
It doesn't help that google killed the nexus line and now we have pixels that are premium priced anyway so I may as well consider Apple where I didn't before.
The camera is also a big deal to me so a lot of the "hey it's not a pixel but" options just don't do it for me.
Some it appears also does some dns trickery to disable ads in apps.
I say this as an old apple fanboy. The apple products are by far the best privacy wise, but I recommend against them anyway. I like Mac os, but feel I can't pay apple any more money.
I have repaired enough phones and computers to recommend people to not use apple. Unless you there is a class action lawsuit they won't extend warranty, even for obviously faulty products.
The last 2 years I have fixed more than 5 broken macbooks that Apple refused to fix for less than $400 with 10 minute solder jobs, and I'm just a hobbyist helping friends. Two of them were fixing issues that Apple had already "fixed" by doing what could be called the worst solder jobs of the century (one was actually just using a rubber pad to push a chip in place instead of doing a proper resolder. According to the guy linked later in this post this was apples official fix :( :( :( ...)
Don't take my word for it, though:
I wouldn't go for those devices either. The Nexus 5 (not s. I don't know that one) is very easy to open and replace parts in (at least as far as phones go),but finding someone that can properly diagnose it and fix it can be hard.
I am not saying that andoid is all roses, but many devices are still realpairable even though things are going in the wrong direction.
When an iPhones warranty is up, apple has been trying their hardest to make fixing your device impossible.