Hacker News new | past | comments | ask | show | jobs | submit login
Tim Cook makes blistering attack on the “data industrial complex” (techcrunch.com)
697 points by laktak 7 months ago | hide | past | web | favorite | 528 comments



I'd like to think I'm one of the good guys here. I was one of the inventors of RSS and Atom and worked to push open content and social media.

I started a social data search platform named Datastreamer (http://www.datastreamer.io/) which is basically a petabyte-scale content indexing engine.

We provide API feeds to search engines and social media analytics companies needing bulk data but don't want to have to build a crawler.

For the last 5 years we've had major problems with customers coming to us asking for data which we felt was unethical (at best).

We actually had Saudi Arabia approach us... It was clear that they were intending to something pretty evil with the data.

Their RFP questions were a bit frightening:

- can you track people by religion?

- can you give us their email address?

- can you provide their address?

- can your provide their ethnicity?

- can you provide their social connections?

We're actually losing business to other companies that are performing highly unethical and probably illegal techniques.

We just can't compete with data at that type of fidelity.

If you're a researcher and you want to access bulk data for combating this type of non-sense WE WILL PROVIDE DATA AT COST. We can provide up to 1PB of data but for now we have to charge for the shipping and handling of that data. We're reaching out to some other companies like Google and also the Internet Archive to see if we can provide more cost effective solutions.

I'm working on more tools to give the power back to the users.

Polar (https://getpolarized.io/) is a web browser which allows people to control their own data. The idea is that I can keep a local repository of data and eventually build our own cloud platform based on open systems like IPFS and encrypt the data using group encryption.


By other companies I mean companies like Cambridge Analytica.

There are tons of other shady companies out there doing nefarious things with your data.

We're going to need platforms that support group encryption and better security for apps.


As a person living in the current world, I want to thank you for both standing up against these kind of requests, and for leaving money on the table, which other companies like Cambridge Analitica easily grabbed.

I don't know if there's any way for people/companies like you to defend against unscrupulous companies.

I can only say thank you.


I second the hat tip and gratitude


>We're going to need platforms that support group encryption and better security for apps.

Definitely. Though I also feel we need to give a shock to public awareness of just how evil people can be with this data. My perception is that people are trending towards "vaguely uncomfortable" with the news of foreign interference with targeted ads, election hacking, and so on, but we've a ways to go yet before most will give up supremely-engineered convenience in exchange for security.

As long as the modern world is democratic and the voting populace is subjecting itself to targeted manipulation by data-armed bad actors, we have a problem of not just national security, but international security.

Thanks for being one of the good guys.


Maybe some vigilante can create a website where you can type in anyone's name and it connects to these apis, server-side in a sovereign territory, then spits out redacted info about every facet of that person's life so you know it's legitimate and then get a few big news orgs to pick up the story about tech companies abusing data or something....


After the Cambridge Analytica news broke, I thought about writing an amnesiac evil quiz app that did all the CA stuff but then once the user was done, it told them exactly what it did as a way to educate people as to what was possible (and forgot everything it learned once the point was made). This way the evilness is restricted to the person who owns the data (and thus isn't really evil).

I do think there's potential in something along these lines, but I agree with child post that it would need to be done carefully so as not to cause collateral damage. The other question in my mind is how to market it such that people get their friends using it and thus spread the word rather than panicking and reporting it.


So the data is out there and nefarious people are going to be nefarious... but I'd be concerned that such an offering would lower the barrier to entry enough that terrible neighbors might blackmail each over by finding such information. I think a more reasonable approach might be to build up such a service behind a auth lock, execute it for yourself and a journalist and send those two reports and the tool to the journalist.


Thank you very much for being awesome


And people wonder why I've argued that, at some point, IT needs to be a certified and regulated profession like lawyers, doctors, engineers, nurses, pilots, accountants, electricians, plumbers, teachers, etc. If the future is going to be built using software and data, it's probably going to be essential that the general public have some agency -- public or private -- to safeguard the public interest.

It takes years of dedication to be a professional electrician or plumber, but anybody off the street can build an application that aggregates personal information and isn't subject to any sort of regulation or oversight or system of professional ethics.

That doesn't just safeguard the public. It also safeguards the employed individuals when they say, "No, that is not allowed under the ethics of my profession."

This isn't about "let's make the government save us," it's about creating a legal framework to protect the interests of the public and give ethical considerations in data management and software design some legal backing.


That won't help even a little bit in this case. That's like trying place the responsibility to reduce the amount of garbage generated on those who drive the garbage trucks. The decision to engage in the bad behavior usually doesn't come from IT staff or engineers, it comes from management. Hold the leaders of these organizations responsible and you'll see the problem fixed real quick.


Why not? The decision first comes from management, but engineers are the ones who implement it.

I think things would change pretty quick if engineers responded to such requests with "I can't do that, because my professional association would remove me from their membership, which would revoke my license to write software in this country at all".

That's how (AIUI) law, medicine, (real) engineering, etc., work today.


Unless you've got a legal/regulatory structure to enforce it, it can't work. And there is absolutely no will on the part of corporations or Congress to do such a thing as it runs contrary to their interests. Even if it were feasible, software development is one of the easiest things to jurisdiction shop since it can be done anywhere. So unless you further mandate where the development must be done, it still won't work.

Keep in mind that most law/medicine/engineering work has some local component anchoring it to local laws. (i.e. currently, someone typically needs to be 'boots on the ground' in the jurisdiction to provide the service) Software doesn't have that.

(edit: obviously, this is a U.S.-specific view of the situation. Other countries may not have the same issues)


What about an organization which

1) Maintains a membership list 2) Maintains a list of software which is signed off on by members 3) Browser/OS/etc utilities which refuse and/or warn when trying to run software not in the registry 4) Member expulsion if registered software is found to be nefarious

This is basically the system Apple/Microsoft/Debian/etc/etc already use for official software distribution. We just need the organization to move out of their walled gardens.

The big leak here is users which have to use resources they don't control. I can imagine an IaaS company which won't run software unless its in the registry, and then companies can boast that your data is 'safe' (or at least not nefarious) because they run in this kind of environment.


“I can’t prescribe you this drug because it’s more expensive than the generic one ... despite their sponsoring me and my family to their annual conference in the Bahamas.”

“I can’t recommend this additional procedure for you despite it making me $8500 in a day.”

Regulation doesn’t seem to influence for profit medicine much.


How about also give citizens unrestricted access to their medical files through an online platform (possibly government maintained or possibly insurance maintained, or possibly self-maintained see below...)?

The whole conversation is logged or perhaps converted speech2text as they discuss, and both patient and doctor sign each statement they make. Then both doctor and patient have a copy of their interaction.

Any poor advice is now provable to a third party (say court).


How about replacing profit as a primary motivation in healthcare with... care?


You are complicit if your moral compass allows you to create software that challenges fundamental human rights without pushing back or taking a stand.


I generally like the idea— it's probably a sign of maturity.

I'd add that it would be nice to be able to operate outside of certain fields and certain types of operations without that level of certification.

For instance, freelance web devs, small business software employees, etc who aren't dealing in things like personal or trivial data could continue operation. For example: you don't need to be a doctor to be certified in first aid, or even administer first aid—but you likely wouldn't attempt an invasive, life-threatening surgery.

I'd also like to see—if that kind of regulation were to pass—the inclusion of some kind of grandfather clause that would include the ability to test without formal education.

The reason being there are very many highly capable developers/engineers in the field who don't possess the exact formal background—and in many cases came from other formal backgrounds.

I'd definitely hear arguments for not requiring education at any time, but to keep it on par with the other professions you listed I'll leave it as is.

This might not be the thread for a larger discussion on this—because it seems like it would be a larger discussion. An interesting one, though...

Implementation seems like it would be a challenge, but then again I don't know the stories behind who more modern professions like electricians were regulated. I imagine that field grew much more slowly.


I agree, what do you think about some enforceable "do good" prior consent laws, in the same vein as scientists trying to do research on humans and requiring prior consent, where if you are caught being unethical towards the people on the other end of your work product, then there will be sanctions and steep penalties equal to how severe the work is judged against harming human rights etc.

How do you modify the above idea if you think it has merit?

"I'd also like to see—if that kind of regulation were to pass—the inclusion of some kind of grandfather clause that would include the ability to test without formal education."

Why not have some sort of certification process you can do while working that holds the individual accounts to the values of being unethical and will have consequences for not adhering to, at all levels like on the scale of GDPR violations.

Also there should be steeper penalities against companies acting in bad faith, similar to GDPR for human rights. Thoughts?


> Why not have some sort of certification process you can do while working that holds the individual accounts to the values of being unethical and will have consequences for not adhering to, at all levels like on the scale of GDPR violations.

Oh with regard to this one, I don't think my wording was clear. I meant with regard to testing or challenging to be certified without having a formal CS/related background. As: a doctor would have to have an MD to practice as a doctor amongst other certifications— I was contending that an explicit CS degree may not be an optimal equal designation for practicing software engineering/research, as it were. As a background— there are many talented and influential researchers who would be cut out of practicing if the line were drawn at a reputed CS degree. Aligning "software practice" (for lack of better wording) hard with a CS degree might be poor bounds for the field.

But I definitely think I agree, at least on a high level with what you're proposing. I hadn't considered it. Good things have come out of research using the large amounts of data available, so it should continue. But there definitely should be some sort of bounds and method for accountability. Also would include a special permissions and appeal process. There's I'm sure a lot of cost/benefit judgement as there is in many scientific experiments (there's seemingly a great deal of that in biological testing).

And you also might restrict certain entities from performing the research and instead be compensated for their collected data by a reputable research group. Said group can produce the hard/applied research, patents, and license them to groups to use them.


Yeah we are in agreement, background in CS doesn't matter for practicing or entry to field, only your work product would be held to some sort of ethical standard.

Maybe this would also undo some of the effects of outsourcing/offshoring US coding practices due to the need for ethical compliance (at the very least in mission critical systems e.g. vehicle software, hospital software, etc)


And people wonder why I've argued that, at some point, IT needs to be a certified and regulated profession like lawyers, doctors, engineers, nurses, pilots, accountants, electricians, plumbers, teachers, etc.

Awesome idea. The same governments who are sending RFPs to burtonator's company will then have the ability to decide who is even allowed to work in the industry.


How exactly do you think bridges and buildings are built? Who do you think operates the state bar for lawyers? Who do you think operates public school teacher certification?


Looking around the room, I don't see any bridges or chalkboards or courtroom paraphernalia. I see a personal computer. How exactly do you think the machine you're typing on was built?!

Do you want to go back to the 1970s? Because this is how you get back to the 1970s, when only a rarefied priesthood had access to computing power.

Don't expect to accomplish that without encountering strong opposition.


Very true. A "morally flexible" lawyer still has disbarment and legal sanction to worry about, and this may provide a natural balancing force against illegal or immoral client requests. A morally-bankrupt programmer has almost none of those strictures or formal obligations.


>> anybody off the street can build an application

No they can't. The closest is they can steal(copy/paste) portions of other people's applications, change some text, and attempt to take credit for them.

Also, we do have agency(private) that you suggested. Developer certification programs exist for nearly every language and platform. They aren't very popular. Red Hat will certify you as a java developer for JBoss, Oracle will certify you as a java developer as well. If you can't write code, but still want to feel geeky and have a career as a waiter, you can go get certified as an "ethical hacker" too.

There is no shortage of agency - employers and consumers simply do not care, and by that, I mean they do not want to pay(higher prices) for it.

PS: You can go be an amateur electrician or plumber today, without breaking any laws. However, if you'd like to touch private/public power or water/waste infrastructure, then you need endorsement. It's not illegal for you to hire me(a total amateur at those 2 trades) to both wire and plumb the new house you are building. The awkward moment will be when the water and power company refuse to connect your house, because the work I did was not the work of a licensed electrician or plumber. I understand the spirit of your analogy, but it doesn't translate as well with IT. For that analogy to work, then private/public internet infrastructure would have to refuse to inter-operate with your software if you didn't meet their licensing/certification standard.


I don't think regulation is necessarily required, but I think consequences are... and serious ones at that. Data misuse and "oopies" data breaches by shady companies that were about to go out of business are actions that should be seen as malicious and come with serious penalties. Judges aren't the best at tech stuff but if they're lacking we (techy people) should help inform guidelines and let the justice system do its job here.


What about having a designation that is independent of any one profession, but possibly applicable to any or all of them? It could (and probably should) be administered by a self-regulating body. Any government or NGO would be allowed to require work product be fulfilled by professionals holding this designation at their choosing. Something like "Privacy-first Professional".


First, thank you so much for the work you've done with RSS / Atom. I implemented it (and my own static site compiler) myself from scratch on my own personal site and it took me very little time. The only little trick was figuring out absolute vs relative paths.

Second, I've been fighting for regulations for over three years and I'm getting somewhere, but I'm also starting to think that we need technical solutions to many of these problems. One of the things I see as a problem is that people always want more, but privacy and security often require less.

For example, old charsets only supported Latin characters. With the introduction of Cyrillic characters many assumptions started breaking.

Each time I try to think through how to make the web / internet simpler I realize that it either requires pushing the complexity onto people unprepared to deal with it—an English speaking daughter may want to copy and paste her Russian mother's Cyrillic name, say—or it fails to handle the use cases we need it to handle.

I know this seems kinda abstract, but do you ever think about that interplay? Are there any insights or anecdotes you find useful?


> We're actually losing business to other companies that are performing highly unethical and probably illegal techniques.

And you always will. Principles and money are often at odds. This is not an easily fixable problem as the well-intended solutions often cause more problems. Enforcement of existing statutes and accepting legal-yet-unethical practices is unfortunately the most rational approach.

> We just can't compete with data at that type of fidelity.

Only in a situation where interminable growth is required in a race to the top. Otherwise, there's room for everyone and that's why there are thousands of software products that "compete" just fine. The key is just making sure there are platforms that allow everyone to build everything.


> Only in a situation where interminable growth is required in a race to the top.

The key is that they choke you out... They have more engineers, more R&D and a better product because they have more revenue.


If they have a better product, so be it. But I'm not convinced that more engineers and more R&D necessarily lead to that, nor am I convinced that smaller, more niche products are always choked out. If that were the case, we'd only have huge companies and a bunch of choked out entrepreneurs. Rather, a bunch of us out here with small companies are doing just fine. Definitely not a give up situation like "we just can't compete". That mentality gives rise to nuclear options with unintended consequences.


This is very true. I have been a paying customer of Fastmail for many years, and in my opinion, they are the best in the industry and very small to boot.

OpenBSD is yet another example of a small(ish) team of people making some truly great software. On the Windows side, Fookes Software comes to mind, again small operation, great software.


As an engineer who used to work for other firms I would work at a significant pay reduction to do fulfilling work. Companies who have shady business practises are a significant turn off and I doubt I’m the only one.

Now as a manager who has to hire I find it pretty straightforward finding passionate people to work with me simply because the work is compelling.

It’s a matter of getting your story out as the ethical data mining company, or something :) you’ll find like minded clients and employees do exist and that being ethical can be a competitive advantage too.


Despite your intentions, I don't think it's possible for you to be one of the good guys. The mass collection and aggregation of the data in the first place is the problem, not merely a few bad actors downstream.


It's very easy to assign blame in hindsight. "Web 2.0" (i.e. data aggregation) was a fantastic tool and most of us did not have the imagination to see how it would be abused (just as any tool can be abused).


It was very easy to see where this was going from the very beginning and many did raise red flags but were largely disregarded because... FREE! There was plenty of user generated content for decades before Facebook/Google/etc came along (i.e. mailing lists/Usenet/forums/wikis/etc.) and one of the ways some chose to mitigate the risk was behind pseudonyms etc... which the big data collectors/aggregators have a problem with. Those who started requiring 'real names' and other personal details who then integrated disparate data sources to build profiles on users knew exactly what they were doing from day one... it's always been their business model.

That said, I have no issue with anyone who voluntarily trades their personal information for access to a service. That's their choice to make. But it also seems reasonable that there be full disclosure as to the scope and scale of the deal they're making so they can make an informed choice. This isn't even remotely the case today.


You don't need an imagination, there is at least one negative example in living memory of putting data aggregation to work against a mass populace.


What other companies?


If I wanted to offer whatever programming chops I have and support one of the initiatives you're working on, what's the best way for me to do that?

I appreciate all your work and contributions to the community in general. Please keep your chin up and keep moving forward.


IPFS is dope as shit, and aims to be much more than what it advertises on the surface.


Thanks for doing the right thing.


Thank you.


Ultimately, I think there are far too many actors involved to rely on the ethics of third parties to protect your privacy. If Saudi Arabia wanted to track down gays and apostates by mining the same data you did, they could do it themselves.

The first line of defense against this is, and always will be, not publishing so much information about yourself. They can not mine what you do not provide.

We can argue all day about the ethics of the conduct of companies and states looking at these data, but it's a non-issue if the data simply don't exist.


Even if you publish nothing about yourself, information will leak. Some of your friends will post things about you... for example they have a photo together with you, will upload it to a social network, enter your name, provide a date and place for the photo... with enough photos with your name, the social network can make a guess about which other unnamed photos contain the same person... and gradually a profile on you is being built.

And it will only get worse, as more data will be shared by other people. Soon the streets may be full of people using cameras all day long, just because it allows them to make cooler diaries or blogs, and then the data companies will get universal surveillance.

The only way to keep privacy will be to have your face covered in public (but hey, that will be made illegal, because terrorism or something), or avoid public places completely.


Disclaimer: I use Apple products, and trust them slightly more than anything Google/FaceBook/startups because they don't have a business front selling my data to advertisement companies or 3rd party miners(as much as I know of).

But, I'm baffled by this PR as if they are the privacy messiah. Didn't they just sellout their Chinese users icloud data to the Chinese government?

Yeah. "It's the law, and Apple has to obey the law" is an argument, but here is a company that is willing to compromise their user's privacy in order to be able to sell phones in China. So, if US govt finds a way to say "it's the law" to reveal user data, I'm sure they'll bend over. This grand stand in media is just sickening and theatric.

/rant.


I struggle with Apple's China situation as well, but the more I turn it over in my head, the more I think it's that Tim is pulled between two parties:

1) His team + Apple Directors that I firmly believe, both in words AND in their action, are strong proponents of privacy of the user

2) The Apple Board + Sharedholders that would revolt if the privacy principles from (1) prevented access to a market of ~1.4 billion people, and potentially gave a competitor like Huawei a further leg up.

In this scenario, I don't see it as "grand-standing," but more of a necessary public act that US should move more in the policy direction of the EU, in spite of steep lobbying from most of the Valley / FANG group that would benefit from less-strict privacy regulations.


Yes, I agree that there is a nuance to it. But, if they said "We'd like the United States to stand up for the privacy of its citizens and create a law like that if GDPR. Apple is in full support of it because it helps our business too(it is our competitor's weakness)" I'd agree that they are talking the truth. But, writing that we "absolutely" care about your privacy, and that "caring for privacy is in our DNA" and so on just to turn around and give up the same principles to an authoritarian government(one that is building Social credit system nevertheless) is just plain hypocrisy IMO. I know several American and European friends that trust Apple as if they're infallible, and will protect their data in a war. That's what I think is wrong. Apple will give up its users, DNA, principles if there is enough money to be made or leverage to be taken.


I'm not sure I agree that it IS hypocrisy: if you want to operate in a place for business, and you have no choice (i.e. my point about Apple's Board + Shareholders,) you can rail against the policies in public as much as possible and hope that the law favors your principles.

That's what Tim Cook is doing here: hoping the US doesn't go in the direction of an authoritarian government, and lobbying as much as he can to prevent that. Imagine if the US adopted a similar law or set of policies that required "backdoors," or data pooling (a la social credit system) - what are his choices?

1) Not operate in the US? Not realistic

2) Ignore them and pay hefty fines up the whazoo? Maybe for a short period of time until Shareholders revolt or the Feds push to start pulling some folks in court.


> hoping the US doesn't go in the direction of an authoritarian government

> Imagine if the US adopted a similar law or set of policies that required "backdoors,"

That's what they're trying to bring in in Australia now.

I feel that it's a test-case for the other 5 eyes countries to learn from.

I'm hoping that the way they're going about it in such a ham-fisted and causeless way ensures their power-grab falls flat on its face.


You can make this exact argument for Google or Facebook or anyone else. Simply bringing up "evil shareholders" doesn't absolve any company or individual from criticism.


I think you misunderstood my argument - apologies for not being clearer.

There is a difference between a company's _incentives_ to do something that is permitted by law - for which I would agree that said company is worthy of criticism to a reasonable extent - and that which a company is _compelled to do so by law._

My point was that Tim Cook's speech was largely to prevent scenarios that would lead to law-makers wanting to create laws like the latter. And Apple _should_ get credit that they have a bunch of incentives to collect user data at will, like many other tech companies, but explicitly avoid that as company policy.


Apple has a record of doing the right thing.

Google and Facebook don't. It really matters when you are being asked to blindly trust a company.


In the case of Google, I thought a handful of people had controlling interest. (Just Larry and Sergei?) Maybe similarly for Facebook, I haven't checked.


When thinking about this juxtaposition/hypocrisy, we should also consider the differences in consequences wrt collecting data for advertisement use vs giving data to an oppressive government.


I've posted this a number of times before but it's apparently not common knowledge (and for good reason Apple doesn't seem to talk about their situation in China often). Apple's position in China is completely consistent with the rest of the world.

In filings to a court during the FBI legal fight, Apple addressed this topic head on. The reason it was brought up in the first place was because national security establishment water holders were putting out the idea that Apple makes exceptions for China, and the Department of Justice parroted it [1].

From Apple's filing [2]:

>Finally, the government attempts to disclaim the obvious international implications of its demand, asserting that any pressure to hand over the same software to foreign agents “flows from [Apple’s] decision to do business in foreign countries . . . .” Opp. 26. Contrary to the government’s misleading statistics (Opp. 26), which had to do with lawful process and did not compel the creation of software that undermines the security of its users, Apple has never built a back door of any kind into iOS, or otherwise made data stored on the iPhone or in iCloud more technically accessible to any country’s government. See Dkt. 16-28 [Apple Inc., Privacy, Gov’t Info. Requests]; Federighi Decl. ¶¶ 6–7. The government is wrong in asserting that Apple made “special accommodations” for China (Opp. 26), as Apple uses the same security protocols everywhere in the world and follows the same standards for responding to law enforcement requests. See Federighi Decl. ¶ 5.

and a declaration from Craig Federighi personally [3]:

>Apple uses the same security protocols everywhere in the world.

>Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government. We believe any such access is too dangerous to allow. Apple has also not provided any government with its proprietary iOS source code. While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device.

>It is my understanding that Apple has never worked with any government agency from any country to create a "backdoor" in any of our products and services.

>I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct.

That was a few years ago, but Tim Cook basically reaffirmed that a few weeks ago in this interview with Vice [4]. The new law means Apple's Chinese iCloud data needs to be stored in local data centers, but Apple continues to maintain sole control of the keys. Whether you believe them or not, or whether you think that's a meaningful distinction is up to you. But end-to-end encrypted services like iMessage or iPhones itself, remain so and are still unblocked in China.

You might be wondering why Apple seemingly gets an exception when services like WhatsApp are blocked. The answer should be obvious: Apple being an old-world company that still makes products in meat space, (indirectly) employs a lot of people in China. That gives them leverage that other companies don't have.

So they have to comply with certain Chinese laws such as taking down the NYT app, VPN apps, being unable to operate iTunes Books or Movies in China, etc. But that's a small price if it means their core products remain uncompromised.

[1] https://www.lawfareblog.com/deposing-tim-cook

[2] https://assets.documentcloud.org/documents/2762131/C-D-Cal-1...

[3] https://www.documentcloud.org/documents/2762118-Federighi-De...

[4] https://youtu.be/VD1cP8SK3Q0?t=244


> That was a few years ago, but Tim Cook basically reaffirmed that a few weeks ago in this interview with Vice

At that time they were also storing iCloud data on their own servers, correct? To save myself and others from having to watch the Vice video, what did Tim Cook say that reaffirms no blanket Chinese government data access (honest, not sarcasm, I did not watch it)? Why are public statements about privacy always about the US or EU but never China? Surely the lack of consistency/transparency is clear here and causes mistrust.

Be open and honest to your users you claim to care about and there's no problem. Just simple statements like "We have privacy concerns with [insert country here]" or "We aren't allowed to talk about privacy concerns with [insert country here]" or "We do not give blanket data to [insert country here]" or "Although we follow the rules, we disagree with [insert country here]", etc would go a long way. Or continue to be secretive and hidden and anti-user.


Here's the exact time stamp so you can hear his answer yourself: https://youtu.be/VD1cP8SK3Q0?t=244

>Why are public statements about privacy always about the US or EU but never China?

As much as Apple/Cook may believe privacy is a human right, and have seemingly extracted some important concessions regarding their products, they aren't going to shoot themselves in the head so everyone can feel good about Apple publicly standing up to the CPC. That's a job for governments (the recent efforts by the Trump administration to reset the relationship with China is a good example).


Had to watch with CC on, no audio for me atm. But he is saying the encryption is the same around the world and they own the keys. I'm afraid this doesn't allay fears of blanket data access. But a simple public statement on Apple's website like "we only provide icloud data on per user requests" or "we do not give the Chinese government large swaths of data". Or how about something as simple as "We disagree with the lack of privacy laws in China and the US and the [insert other country here]"?

What does it say that you had to link to segment of a YouTube video of an HBO show for Apple's policies left open to interpretation? To me the lack of clarity is 100% indefensible and not worth twisting your personal ethics to do so.

> so everyone can feel good about Apple publicly standing up [...]. That's a job for governments

Only in some cases where it benefits them. In other cases, they absolutely stand up. It is blatantly obvious that their principles are based on borders and are inconsistent here.


>Only in some cases where it benefits them. In other cases, they absolutely stand up. It is blatantly obvious that their principles are based on borders and are inconsistent here.

It's your prerogative if you want to continue to insist they're being hypocrites. I don't need Tim Cook to be a saint, I'm happy with the practical wins they've managed to maintain.


I like Tim Cook, I think his heart is in the right place and as much as a corporation can, Apple generally does the right thing.

I was having lunch with several lawyers at my company a few weeks ago. One of them was talking strongly about quality devices and Apple’s strong privacy stance. He literally said that we as a society should be grateful for having Apple.


Perhaps it is cynicism, but I'm pretty sure this is just Apple exploiting a competitive edge, and does not necessarily reflect his own opinion, he is speaking to benefit the company.

Of course, it's very nice that Apple made the decision to pick this edge, but they did it because they could not compete with Google on web services. So now they're publicly speaking to try and take the sting out of Google's edge. And that's healthy competition, the direct result will be that the consumer benefits, and I can agree we can be grateful to have these powerhouses fighting for our satisfaction.


> Perhaps it is cynicism, but I'm pretty sure this is just Apple exploiting a competitive edge, and does not necessarily reflect his own opinion, he is speaking to benefit the company.

That's my favorite thing about it: I trust their motives. If Cook were saying this but we knew that the board was getting pissed off about it, I would worry that it was just a matter of time. But Apple is making billions by protecting its users' privacy, investors are raking in cash, and I'd bet the board is thrilled with this. That makes it much, much less likely that they're going to announce one morning that they're abandoning privacy and going all Facebook.


That makes it much, much less likely that they're going to announce one morning that they're abandoning privacy and going all Facebook.

One other thing that I'm trusting to keep them from "going all Facebook" is that privacy is the only thing making them something other than "me, too". The day they jump in with the rest is the day I clean out a house full of Apple gear, and I'm pretty sure they know that (or likely more accurate, the day I quit buying more Apple gear).

Apple's virtual assistants, mapping, and other services are arguably inferior to other offerings. I trust they won't bail on their one distinguishing feature.


> Perhaps it is cynicism, but I'm pretty sure this is just Apple exploiting a competitive edge, and does not necessarily reflect his own opinion, he is speaking to benefit the company.

Of course. This is how all companies work. I just really like that this competitive edge exists in the first place. If this competitive edge exists and works, it might actually be stronger as Apple can continue maintaining this stance in the future.

Although I'm not a big Apple user myself (I think/hope I can defend myself enough on other platforms that have a lower cost of entry), it's nice that you can point to iPhones if people are asking for on which they can take reasonable ownership of their privacy without needing to be very tech savvy.


I'm always baffled how even the tech-literate crowd here continues to give Apple a pass. This is the same Apple that gave up its encryptions keys to Chinese government for the servers located in China. If it actually had user's privacy in mind, it wouldn't give those up.


I think that’s an over-simplistic view. Failing to adhere to Chinese law would mean exiting the Chinese market. If the US passed a similar law, Apple would be forced to comply with it (although they would at least have recourse through the courts to eventually show that such a law was, perhaps, unconstitutional).


Sure, but when you make blistering attack on "data industrial complex" and advocate privacy, you are held to the golden standard in the entire world.

I personally believe that Apple complied to Chinese government's demands is because their bread and butter is in that country (the entire manufacturing of hardware devices).


Okay, Apple caved to save their bread and butter; I'm not nominating Apple for corporate sainthood. However, they are not building a business model based on exploiting our data. They should get credit for that and be allowed to point out the problem with that kind of business.


Sounds like you are suggesting Apple should have simply stopped doing any business in China. Simple, right?


As simple as asking a company built on data collection to stop collecting it. Maybe simpler.


No, just observing the hypocrisy in their pro-privacy statements. Or is it that privacy of Chinese users is not worth the same as that of wester users?


Do you follow the laws of foreign countries when you travel, even though you live somewhere else?


If they are that immoral to you, you can just choose not to visit that country.

Edit: Would you go and visit North Korea on a vacation with your family?


Not if they are immoral.


i.e. they don't have a choice?


So, maybe don't say hypocritical statements like this? Google's and Fb's core business is ad-tech. Do they have a choice when it comes to data-collection? (I say this as someone who has uninstalled both Messenger and Fb app)


> Failing to adhere to Chinese law would mean exiting the Chinese market

So? Failing to adhere to ad-tech needs would mean exiting the ad-tech market. Did I miss the other company CEOs' blistering attacks on the "Chinese anti-privacy cooperation complex"? Can we at least admit, since violation of privacy by chosen market is a choice, that Tim Cook is a hypocrite?


Why is that hypocritical? Apple does not require that you upload personal data to their cloud, and Apple has no say in Chinese law.

Additionally, Apple's participation in the market (or lack thereof) would have no impact on Chinese data privacy laws, but participation has positive global effects through economies of scale and R&D revenue.

A real hypocrite would actually have to enable oppressive behavior... selling data mining technology, surveillance cameras, etc.


> Why is that hypocritical? Apple does not require that you upload personal data to their cloud, and Apple has no say in Chinese law.

They have a say in whether they are complicit. That they choose to operate in that anti-privacy market while demeaning others choosing to operate in their anti-privacy market is hypocritical. Could be considered worse if you factor in the consequences of that data.

> A real hypocrite would actually have to enable oppressive behavior

We disagree on whether providing technology for oppressive behavior is "enabling" it.


You are right that Apple is complicit in Chinese domestic surveillance. I am not claiming otherwise.

However, a hypocrite's stated beliefs directly contradicts their autonomous actions, often with intent to deceive. China's state coercion voids any claims of hypocrisy.

Furthermore, from a privacy perspective I'd argue it is more ethical for Apple to participate than withdraw. Apple does try to provide as much privacy as possible within Chinese law, following the letter of the law and no more. Withdrawing forces people to use their competitors, which happily go beyond the law to appease state authorities.


Apple didn't hand over any encryption keys. They are stored on Chinese servers, per Chinese law.

Apple can't legally protect Chinese users from their government the way it can in this country--for now at, least. But Apple can protect Chinese users from other malicious actors.

From Apple's point of view, it was either refuse to follow the law and leave all Chinese users to the general security and privacy shitshow that is what every other phonemaker has to offer, or, play by the rules and give them something that's better in every use case except for the one where their government wants to hurt them.

Your argument is that locking your door can't stop a SWAT team from breaking into your house, therefore people selling locks don't care about keeping your house locked. It's a weirdly simplistic and uninformed argument coming from someone who claims to be tech-literate.


Apple best supports privacy of all the large technology players.


Apple is also the only major computing player that doesn't make its revenue primarily off of mining and exploiting user data. Maybe Microsoft, too? Certainly the rest of FAANG have huge financial temptations to misuse their data.

So Apple is the one big technology player whose interests are most closely aligned with the consumer in terms of supporting data privacy.


Amazon, fwiw, has giant revenue streams (AWS, retail) that they can pile on the privacy bandwagon and attack Google / Facebook / rest of the shitty adtech. In fact, it would be great if Apple, Microsoft, Amazon, Mozilla et al all combine their forces and propose strong privacy friendly regulations.


Amazon has gotten into the advertising business [1] and I believe are growing quickly. I find it a disturbing move on their part; I have to trust that they're not mining my purchase history for ad targeting. If they do do so, it may be susceptible to targeted discovery. (Run ads with unique URLs for each selection keyword; everyone who sees the ad is apparently someone who bought that kind of product.) I hope Amazon is smart about the risks they take.

[1] https://www.fool.com/investing/2018/09/23/amazon-is-now-the-...


> So Apple is the one big technology player whose interests are most closely aligned with the consumer in terms of supporting data privacy.

That's assuming that "the user" (whatever that means) is valuing their privacy more than the free services they receive. I don't think such a statement can generally be applied to the public at large. It's great to have options (ways to pay for services/phones/etc) that don't mean you have to give up your privacy and then let users decide what's best for them, but I wouldn't make generalizations that most users would definitely prefer one other over the other.


Microsoft "lets you choose" between seeing ads and seeing targeted ads during setup. They're a joke.


> Certainly the rest of FAANG have huge financial temptations to misuse their data.

I don't get this. FAANG have every interest in protecting user data as their moat is products users want to keep using, which would not be the case if they started sharing user data widely.


Except that they have already shared their data widely.

Cambridge Analytica didn't steal all of their data. It was obtained legally and with consent from Facebook.


The ability of Facebook as an engineering organization to align with their business incentives has increased over time. The Cambridge Analytica data hoovering happened in 2014-2015.


No, actually trying to "compete" by PR and stifle competitors through public pressure and new laws doesn't seem like "healthy" competition to me, you are essentially attempting to change the rules of the game because you don't think you'd win if you play the game. I mean sure, it's your right to do whatever you legally can, but it's not "healthy" competition at all IMO.

EDIT: To see the equivalent from the "other side", timagine adtech companies starting a PR war against Apple's closed garden system, arbitrary app store decisions, labor conditions (I'm sure we can find some dirt somewhere in their vast business) to get laws enacted to regulate them on what they can do and not do.


> timagine adtech companies starting a PR war against Apple's closed garden system, arbitrary app store decisions, labor conditions (I'm sure we can find some dirt somewhere in their vast business) to get laws enacted to regulate them on what they can do and not do.

That sounds nice though.


Gay people are killed in many parts of the world for just being gay.

Don't believe for a second that privacy isn't personal to him.


This is true but Apple is also vulnerable to the same type of "political" attack. I can imagine Google railing against the evils of employing a workforce of indentured servants to assemble high profit electronic devices. Facebook could begin publicly questioning the wisdom of supporting a technocratic dictator who may be the world's worst offender of oppression through the use of data. Hopefully, Tim is going down this road with his eyes wide open - glass houses and all.


Indentured servants? What are you talking about?

You do understand that Google’s Pixel 3 was built by the same Foxconn that built Apple devices right?


That is correct but it doesn't negate the statement about Apple just because others are also doing it.


Apple sells a walled garden that controls what software you can use, forces upgrades by forbidding repairs and slowing down old phones with software updates, and sells more dongles by eliminating features and changing ports in every generation of their products.

I admit they are better than Google on the privacy issue, but should we be grateful for having an alternative that abuses us in different ways?


Each of your complaints is because of a well-designed compromise (app quality/safety; preventing abrupt phone shutdown; removing a common failure point). You may disagree with the compromises, sure.

PS: I own zero Apple devices (partly because of the reasons you have, not for the way you are misrepresenting those reasons).


Apple's App Store policies are about far more than app quality or safety. Apple has banned many apps for political or financial reasons.

Slowing down old phones without notice or permission wasn't the best response to aging batteries. Even Apple didn't deny it was wrong. They apologized, once they were caught.

And the MagSafe connector was not a common failure point.


My problem with your first comment is that you misrepresent the issues. Your second reply is worse because you introduce other different issues, without addressing the point (that Apple chooses compromises that you might disagree with).

> Slowing down old phones without notice or permission wasn't the best response to aging batteries.

Sure, it wasn't handled well, but you said that they did it to force upgrades... That is patently incorrect in my opinion. Apple are far superior at keeping old devices updated than most actors in the Android world (as a comparison point).

> And the MagSafe connector was not a common failure point.

And your original post complained that "and sells more dongles by eliminating features and changing ports". What does replacing a proprietary magsafe connector with USB C have to do with Apple selling more dongles? There are now plenty of compatible third party options available in more than one category.

Regards app store policies: see sibling reply.


My second post addressed your claim that these issues are "well-designed compromises" by disproving it with counterexamples.

MagSafe was at once an example of a port changed (MagSafe 1 to 2) and a feature removed (replaced with USB) that didn't fit your explanation "removing a common failure point". Even Apple didn't try to claim that slowing down old phones was a well-designed compromise; instead, they apologized. And there are many examples of Apple removing apps for reasons other than "app quality/safety", for one such example, see my response to sibling reply.

These are not "other different issues", these are counterexamples. They may not be the issues you thought of when you read my first post but they were some of the issues I was thinking of.


"About a year ago in iOS 10.2.1, we delivered a software update that improves power management during peak workloads to avoid unexpected shutdowns on iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, and iPhone SE. With the update, iOS dynamically manages the maximum performance of some system components when needed to prevent a shutdown. While these changes may go unnoticed, in some cases users may experience longer launch times for apps and other reductions in performance." https://www.apple.com/iphone-battery-and-performance/

Unexpected shutdowns vs. longer app launch times and other reductions in performance. a compromise.


That's a ... highly rose-colored ... definition of what the issue was.

And if it was such a good, but misunderstood feature, why wasn't it touted as such in the first place, but denied initially, and then only acknowledged apologetically with the removal of such?


Quote the whole phrase: a "well-designed compromise". What's well-designed about secret behavior that angers users?

But it's hard to trust that statement anyway. I'd be more likely to trust them if they'd reported that on their own, instead of hiding it for a year then issuing a PR statement when users proved it was happening.

And if that statement wasn't contradicted by their behavior in shutting down phones after the screen was replaced.

"First and foremost, we have never — and would never — do anything to intentionally shorten the life of any Apple product, or degrade the user experience to drive customer upgrades."

...

They forgot to mention the "unless the user tries to repair it" exception.


> Apple bans competing apps regardless of app quality or safety.

I don't know what criteria they actually use, but this is at best incredibly inconsistent. There's heaps of competing mail apps, calendars, camera apps, photo apps, weather apps, notes apps, reminders app, messaging apps on iOS, including a Google one in most of those categories.


I know that once upon a time they banned competing apps, including Google Voice. I don't know if that behavior continues but I think it's a bit too soon to forget.

https://techcrunch.com/2009/07/27/apple-is-growing-rotten-to...


This is from nine years ago, when the iOS App Store (then just the iPhone App Store, as the iPad didn't even exist yet!) was less than 2 years old.

Calling that "a bit too soon to forget" seems...problematic on several levels.


Why? They continue to use their control of the app store for financial gain. The clock on forgiveness doesn't start until the abuse stops.


When you're replying to a comment pointing out that there are, in fact, lots of competing apps, and your comment claiming that they're still evil points to an article from nine years ago, you don't demonstrate much credibility to your claims.

I think your clocks are just broken.


I didn't say Apple bans all competing apps. They're selectively "evil". And they've faced so much outrage about the app store, and still do (for example, there's a Supreme Court case pending and a recent lawsuit from Spotify) that they are slightly restrained at the moment.


Personally, I think the MagSafe connector was bloody brilliant and I'm not giving up my mid-2015 MBP until it absolutely won't function any more, because of that feature (it's saved my MBP several times when I was a bit clumsy or forgetful).

Another reason: the multiplicity of ports and bunches of things that all use USB-A.


I believe there's a product, or at least a Kickstarter, to add a MagSafe-style dongle to a USB-C port.


I tried several MagSafe-like USB-C cables and found them lacking reliability, ending up having to re-seat the connectors multiple times to get them to connect properly. Don't think USB-C and MagSafe are a good marriage.


The reason Apple moved to the USB-C charging on the MacBook is because it no longer served the purpose it was originally for. Older MacBooks and MacBook pros were a bit bulky and heavy. Tripping on a MagSafe charger cord connected to one of these would disconnect because the friction of the laptop on its its surface was stronger than that of the magnetic pull of the MagSafe connector.

With the new Macook, however, I believe it was much lighter to the point that it would have pulled the laptop down with it upon someone tripping on the cord. It wasn't doing anything to benefit the user at that point. Because of this, they probably opted for a slimmer charging port (USB-C), and it went well with the growing use of USB-C in the industry.

I do wish they included more USB-C ports, however.

I do not know exactly the reason they opted for USB-C in the new MacBook Pro, however. I believe it would still be heavy enough for MagSafe to be effective. However at this point, USB-C is saturating the market and consolidation in their products may be a more important issue for Apple at this point.


They didn’t apologize for doing it; they apologized for not explaining it.


Keeping it secret was part of the design. Who knows what other hidden "compromises" are waiting to be discovered?


" Each of your complaints is because of a well-designed compromise (app quality/safety; preventing abrupt phone shutdown; removing a common failure point). You may disagree with the compromises, sure."

You should add "making more money" to the factors that went into this "well designed" approach. For example I don't see how not adding a MicroSD slot is nothing other than a method of forcing people into buying phones with larger internal storage (and making more money for Apple).


A microSD slot would have slower read/write access, would take up much more room per GB, and would compromise waterproofing.

Your point about money would be better made if you just complained about the cost of larger internal storage, except then it would be obvious - Apple is profit motivated.


Supporting MicroSD is most definitely a compromise. 1. I've lost photos on an Android because I used one (I bought the most reliable brand of card I could, from my most trusted store, with quite a low capacity). 2. Also the UX is crap - I know the Android universe well, and managing the options, the files, and the apps is not something I would recommend to my mum. 3. Finally any hardware interface is a point of failure (e.g. recently I had to reseat a SIM in my friend's iPhone that couldn't connect to it).

I can see your argument re profit in the past, but it is becoming less valid as the minimum flash memory size is increasing. I have just bought an ZTE with 32GB because that is all I need (32GB is the minimum you can get in a new iPhone.)

All these arguments that Apple is trying to "nickel and dime" their users is just tiring. Sure, they charge a lot, and they love profits, but that doesn't mean they are shitting on their users (like say cellular network providers do!) Edit: ironically it is probably because they charge so much for the device and it is so profitable that they don't need to chase every cent they could e.g. they don't provide payday loans to buy their phones!


Apple was never a player in the ad market, so which of these "well-designed compromises" went against their bottom line?


Worth noting that they do have an ad platform, actually, and that all apps on the App Store are mandated to use it if wanting to monetize.


> they do have an ad platform, actually, and that all apps on the App Store are mandated to use it if wanting to monetize.

What? This is not true at all. Source: I released an iOS app that used a non-apple third party to serve ads.


Then use open source. if there's a hardware manufacturer that you trust, then that's all you need. you can install a version of android i.e. open source and without play services (eg. LineageOS) and then download apps from a store like f-droid. (all these apps as well as the f-droid app are all open source).

Your functionality though, will be severely compromised. So the choices are:

1. Apple - hurts your wallet and your choice of apps (only the walled garden and nothing else). 2. Google - you're the product. not the phone. 3. Something else like the open source solution. You'll spend a lot of time here and will be restricted to the limited choice of apps on the the f-droid store.

So take your pic. I'm mostly in #2, with a billion or so others. I'm fully aware that me and my data are the product here, and whenever I start feeling that I made a deal with the devil, I simply tell myself that they can't know what's happening in my head. I then quickly shift focus and start thinking about something else. :P


Being in a walled garden is not a concern of most users, and it often works to their benefit. If dear old grandma can barely tell the difference between the internet browser and Facebook, I don't think I care if she doesn't have root access to her phone.

To roughly quote another HN user who I don't recall, "Not everybody wants to sysadmin their phone".


Yes. There are different degrees of bad. I'll take the hardware walled garden and data protection over the other bads.


"I think his heart is in the right place and as much as a corporation can, Apple generally does the right thing."

Don't assume moral disposition when a CEO is talking his book.

Maybe Tim is really a good person, who knows?

But if Tim were the CEO of Facebook he'd be singing a different tune.

Don't underestimate the ability of CEO's to align their personal views with that of he company.

Apple is sensing blood in the water on Google and Facebook, and this is a smart, basic PR move to go on the offensive against those companies.

Now - I do think it's likely that Cook does actually believe what he is saying - so I'm not fully calling him a hypocrite or anything. But he is a business guy, and were he to be the head of a company for whom this angle would not apply, I suggest strongly he'd have a different story to tell.

When businessmen speak, it's mostly 'just business'. I don't mean that cynically, just pragmatically.


I agree with you, but is it not better that the "talking head" follow the company line rather than their own moral compass? IOW, whether the CEO believes it or not, the company's moral compass says "we're all about privacy for the time being" and the CEO speaks as appropriate to that topic. But if it's the CEO using their personal moral compass, well, that could change with the next CEO. Additionally, the CEO might say one thing, but have a board fight them tooth and nail over it.


Agree. The issue though is anyone - CEO or Company - taking a moral position, when really it's just a tactic to benefit themselves.

The two can overlap, surely, and in 'good capitalism' they mostly do.

But let's not talk about Cooks 'heart' being in the 'right place'. His 'current product strategy' is in 'the right place' :)


They are trying to place themselve as the company that produces hardware versus those software guys who are after your data to complement their income. The argument here is that the hardware guy always has a proper profit margin. Always look at the profit motive, Luke! (Also they have some stake in the data business by following on those apple IDs - i would not bet on the declared principles of their chairman; also Apple is on the stock exchange, therefore under constant pressure to come out with positive growth figures)


I would phrase it differently. I am grateful for Apple, but we should not be—asking companies to have morals is like asking rain to fall upwards. Regulation is the appropriate method for dictating companies to behave in a certain way.


The market is an appropriate method for dictating companies to behave in a certain way. The market could speak tomorrow and Facebook could be finished. That users are apathetic isn’t a failure of the market.


Capitalism is not the only force in the world, as much as capitalists strain to argue.


>He literally said that we as a society should be grateful for having Apple.

Which is utterly cringeworthy.

iPhone user thinks iPhone is best thing since sliced bread. News at 11.


I'm not usually one for fanboyism (and I say this as a full time Linux desktop and Android user) but Apple really do seem to be trying to do right by their customers in most cases. Certainly more than the competition. I've been considering switching for a while, but it seems the quality of their hardware and to some extent their software has slowly been going downhill post-Jobs.


iTunes wasn't fantastic while Jobs was around, either. The first versions of OS X downright sucked. The build quality and aesthetic of the iPhone X rival anything from the Jobs era in my view, and the recent improvements on mobile performance have been nothing short of amazing.

I feel like people get these rose-tinted glasses when they look back on past Apple products, like they were all 100% perfect or something. Truth is - they all had little issues, but they were still often miles ahead of their competition.


My concern with a post-Jobs Apple is not their ability to iterate on existing product lines. I'm not confidant Apple can shift paradigms and disrupt whole industries the way the did under Jobs' leadership.


You know that happened twice, maybe three times, right? The iPod and the iPhone were it (and maybe the iPad).

It's not something Apple did twice a week like clockwork while Jobs was alive, then just suddenly stopped when he died.

This is exactly the kind of rose-colored glasses nneonneo was talking about.


Here are some things I can think of off the top of my head that Jobs had a hand in during his career:

- Created the personal computer industry (Apple Inc)

- Revolutionized the personal computer industry (Macintosh)

- Revolutionized film animation (Pixar)

- Shifted the electronic device industry to minimalist industrial design (iPod)

- Changed the entire music industry's distribution model (iTunes)

- Completely shifted the paradigm of a cellular phone and arguably began the adoption of the mobile internet (iPhone)

There are several other things people may consider visionary (candy colored iMac, getting rid of floppy drives, OSX, Newton, stuff at NeXT, tech advertising with the 1984 & Think Different campaigns, etc). I'm not even including things like the iPad, Apple Watch, Apple TV, health metrics, etc which Jobs may have been working on before his death. Clearly Jobs had lots of help along the way and is not singularly responsible for each of these things - but he's the one who oversaw and, in many cases, drove the vision.

I'm no Apple fanboy and Jobs had a very dark side to his particular brand of genius, but I find it incredibly disingenuous to dismiss the impact that Jobs had on Apple and the industry in general. Tim Cook is a very solid Tech CEO, maybe even a great operational leader, but he is not a visionary leader and my concern is that Apple lost a fundamental element with the passing of Jobs.


> There are several other things people may consider visionary (candy colored iMac

Come on. "We changed the color. Visionary!"

> - Revolutionized film animation (Pixar)

Pixar was doing lots of work before Jobs was on the scene (after seven years, when Lucasfilm decided it was successful / profitable enough on its own to spin it off) - he was an investor.


Hey man, I know it's kind of ridiculous but bringing whimsy and a bit of fun into hardware design could be seen as somewhat visionary. Before this, the boldest thing hardware manufacturers did was change the beige case to black.


When the iMac burst on the scene, clothing irons immediately jumped on its design. And they have not jumped off since.


Even if Jobs was still here, I'm not confident Apple could do it again. That kind of thing is hard.

One place Apple has disrupted/built an industry is with the smart watch. I was skeptical, but got a Series 2 on sale to try it out and recently got a Series 4. When I got the Series 2 I wasn't sure what I would use it for, but it's something I would miss not having now.


> Apple really do seem to be trying to do right by their customers in most cases

Another possibility is that they don't have to take advantage of their users' data because their business is largely a hardware business, with the software a loss-leader.

It might seem like a distinction without a difference but one has to consider intent when scoring individuals and companies' moral high ground.


I'm not sure it even boils down to doing the right thing for the customer. Apple want you as a customer. Google want you as a user. It's that simple.


The cringe was more related to "we as a society should be grateful to Apple".

It's an utterly laughable statement. Not surprised it upset a few worshipers of the Tech Overlords. Apple, the billionaires it produced and the people it employs should be grateful to the rest of society.


The wording is cringeworthy, but essentially I agree with him.

It doesn't need to be Apple specifically, but I'm glad we have competition. If either of Apple or Google were the only real option, we'd be much worse off than we are now.

It's a shame it's come down to a duopoly, but at least they both have something to compete on.


It would be interesting if there were a civil penalty accessible to individuals if their personal data was divulged by someone to collected it. Lets say that it was $1,000 to $10,000. And that individuals need only file a simple form with the appropriate agency naming the company, identifying themselves, and the information divulged and get paid. The amount would vary based on how detailed the information was, more detail more penalty.

So someone like Equifax would be on the hook for $1.4T in civil penalties for losing the data on 143 million customers. That would have effectively put them out of business.

If you set up such a system, then it is very easy for engineering in an organization to explain why they need to invest in the security safeguards they need, and it is very hard for product managers to argue for collecting even more detailed information. All because you have created an existential threat to the company if they screw up.


It would be interesting if there were a civil penalty accessible to individuals if their personal data was divulged by someone to collected it

If you think the business community dislikes taxes, just wait until a law is proposed that gives people a private right of action against companies that leak their data. I don't think the term "white hot" would suffice.


Can I waive the company's liability for my data? Regardless of the answer, herein lies the problem.


I know this is old but I'm catching up:

Note that with Equifax you never signed any sort of permission or ToS for the data collected, so they'd be hit with a fine regardless.

Many companies collect data on people without a contract. So this would still have teeth even with waived rights.


> Regardless of the answer, herein lies the problem.

don't pursue damages?


I think the point being made was companies would add a statement in their terms of service. As always, you would likely agree to this without reading it and one the clauses would have you waive your right to sue for damages. and then we're back to square one.


It's sad how the introduction of a new class of devices "smartphones" brought along with it a surveillance software platform in the form of Android. Where it is clear that the only incentive for google to develop it is exfiltration of as much personal data as they can. In contrast in the case of Apple you have a customer relationship with the company that sold you the device and they have an incentive to keep you as a customer without having a need to extract as much advertisement revenue as they can.


As time passes I'm more and more wary of my Android phone (even though I have only a very limited usage compared to most "connected" people as far as I can tell). I just don't trust Google at all anymore. I think my next smartphone might well be the first Apple product I purchase in my life. Not that iPhones are without problems but as far as security and privacy are concerned they're pretty clearly the lesser evil these days.

It's not so much that I think that Apple is more virtuous than Google, that'd be naive. It's more that their business model seems to align better with actually respecting their user's privacy instead of siphoning as much data as they can even if that means using ridiculous defaults, nagging and dark UI patterns.


I've always had Androids, and my wife has always had iPhones. Recently I setup a Pi-Hole on my home network and I was floored by the number of network requests to various tracking services my android was making in comparison to my wife's iPhone. My wife has the facebook app and is always playing those junk free freemium games - but my relatively clean android was averaging at least double the amount of DNS lookups and blocked tracking domains. Apps that I hardly ever used, that I hadn't even opened since my last phone reboot - were almost constantly phoning in to some tracking service or another. It was an eye opening experience. I just recently switched to iPhone for my first time and have found replacements for most of the android apps I had become accustomed to. I want to be clear that switching devices isn't some magical button to disable all tracking, but I have seen a significant reduction in both the number of tracking domains on my network and the frequency that they are called. Now the blocked requests are much more in line with times that I have various apps open and not all the time whether I'm using it or not. I also feel better about the type of data apps have access to vs. the almost free-for-all of Android. Anyways, that my anecdotal experience with the two types of phones.


I'd love to read a full account of your experience... I feel like if more people had any clue this was happening they'd think a little more about what they are allowing on their personal network.


I would kill for a Linux phone, but until that happens I would settle for a phone that comes with root access (or at least allows technically capable users to get it) and let's me control my own data and device from the bare metal up. Because even if Apple has less incentive to exfiltrate data, I don't want to have to trust any company to do the right thing or to keep doing it.


You don't have to kill... but some compromises you'll have to do. Librem and (partly) Sailfish/Jolla give you much more control but they are by far not as polished/broad as iPhones or Androids. Here a link, maybe the Sailfish 3 version will get a bit more traction?

https://together.jolla.com/question/191235/official-event-sa...


Can I buy a Sailfish phone ready to go that works on Verizon yet? The biggest thing about this niche OSes is you always have to flash them on a limited set of compatible hardware yourself, and they generally only work on GSM carriers.


I'm not sure, but from a https://together.jolla.com/questions/ search I suppose it doesn't work on Verizon. Maybe ask on together?


You might be interested in this project.

https://puri.sm/products/librem-5/


Have you bought one? What are your experiences with PureOS as a phone OS, considering the underlying hardware? One issue with Firefox OS was the non-fit between phone hardware and OS hardware requirements...


They aren't out yet, but it will have similar hardware requirements. Phone manufacturers don't value a free driver availability when building their phones, making it difficult for alternative operating systems to support.


I had the first Jolla one for a bit.

It wasn't too bad, though the swipey interface made it a little to easily to accidentally call people when drunk.


don't get drunk ;-)


“Don’t get drunk” is the new “you're holding it wrong” ;)


It's easy to get root on some Android devices. I think all Google phones purchased directly from Google make it a standard option; some others do as well, and still others have easy exploits.


You still void your warranty though


While I think it's unreasonable that obviously hardware aspects aren't covered by some manufacturers after rooting, is there a straightforward better alternative? I'm honestly wondering, because I wouldn't expect a company to provide support for a device with software they didn't authorize and aren't familiar with. If you want a device that you own, then you need to be responsible for the full cost of ownership, though again that should ideally only extend to software and aspects of hardware controlled by software.

Personally, I don't have a need to root or install alternative ROMs until well after the warranty expires on my devices, so I don't mind the current situation as much as some.


For the record, rooting doesn't void your warranty. https://news.ycombinator.com/item?id=18297361


It doesn't void your warranty, although the manufacturers have done a very good job spreading that lie. It is illegal in the US to void a hardware warranty because the user altered the software. If they can prove that your alteration led directly to damage, then they can refuse to cover that specific damage, but that's all.

Source: https://motherboard.vice.com/en_us/article/yp3nax/jailbreaki...


The main problem is that custom privacy-focused Android versions have to be made compatible for every device and devices come and go all the time.

At some point, hardware progress will be so minimal and devices so easy to manufacture that small companies can offer their own high-end phones and can build for them some years without really being much behind the competition.

When that happens, custom ROMs can really lift off and I don't think we're so far away. One or two more generations of smaller chips and better batteries. We're already at the point where the only innovation is adding more cameras.


I don't think hardware manufacturers will accept that scenario. They must constantly pump out new devices, no matter how incremental the improvement.


In contrast in the case of Apple you have a customer relationship with the company that sold you the device and they have an incentive to keep you as a customer without having a need to extract as much advertisement revenue as they can.

Do you acknowledge this comes at a huge cost? Apple has a fraction of the marketshare as Android in countries like India. Apple's iPhone prices out billions of people. Android-based phones don't. If Android-based phones adopted Apple's business model, billions of people would not have smartphones.


But I can’t help but wonder why there isn’t an alternative. Maybe a phone that is a bit more expensive then an equivalent android. It doesn’t need to have the hardware quality of iPhones or high end android phones but also has good, secure and privacy focused software developed by some company that doesn’t make most of their revenue from advertising.

But I suppose there isn’t a market for that. A majority of users would pick the phone that is only 289 instead of 319 Even if that means selling their data. And the few users that do care are willing to pay the premium for an iPhone. Considering that manufacturing a phone is expensive unless they can mass produce it in quantities such as Samsung and apple, there won’t be a company to make such a phone soon because it would be just as expensive as an iPhone with a lot less features.

And of course the Most important feature of any smartphone are apps and any new platform wouldn’t have any apps. Developer won’t develop for them unless there are enough users and there won’t be enough users unless there are apps. You could probably use googles play services and emulate android but as far as I know there isn’t a way to get around google’s push notifications without compromising the users privacy (which would defeat the purpose). Besides that would be expensive to make and gooogle might not license it at all because there is little in it for them.


You’re right that 99% of people will just pick the cheaper phone over the privacy-focused one if all else is equal.

Look how many people willingly give their phone number to grocery stores in return for a slight discount.


>Look how many people willingly give their phone number to grocery stores in return for a slight discount.

If you're paying with a credit card, giving them your phone number in addition to your CC# doesn't make any difference at all. It doesn't even have to be your phone number, pretty much any 10 digit number will do.


Very little of the cost of an iPhone is to make up for lost advertising revenue.

If you spread all the revenue of Facebook & Google over every android device it still wouldn’t come close to the difference in price.

Apple could make much cheaper devices, but they’d just end up cannibalising the sales of their high end phones.


billions of people would not have smartphones.

But what’s the downside?


It seems like a privileged position to argue that there's no downside to people having smartphones. Many people are unable to regularly access decent laptops or desktops. Internet access is essential.

The Internet lets you communicate with friends and family, access a massive trove of knowledge quickly (freeing up education), discuss current events, and all manner of other things.

Even personally as a well to do American, have saved many, many thousands of dollars by acquiring learning resources online.


Hello FOMO. I grew up in a world where I had to pay by the minute to access the internet or use a phone. I did not have access to a computer 24/7.

Not having/using/carrying a smartphone is a conscious decision one can make with positive and negative aspects. Bruce Schneier points that out in his book Data and Goliath.


Not having a smartphone is much easier to do when you have regular access to a decent laptop or desktop. Many people in developing countries do not.

There is nothing "FOMO" about Internet access, it is extremely important. The world changed a lot from where we were 30 years ago.

The advantages of having a computer you can bring with you (be that a laptop, tablet, or phone) are enormous.

This is why I consider implying that billions of people having smartphones is a bad thing to be an extremely privileged position to take.


Internet access is important, but not a panacea without any disadvantages. Furthermore, a smartphone assumes a device with GSM and data while an other device with on-demand WLAN (such as a cheap tablet) might suffice.

TL;DR if you mean computers and internet access instead of smartphones, use the correct terminology.


Cellular networks are sometimes the only option for people in the developing world. I meant smartphones. Obviously, as I said, if you have a capable computer of any kind without Internet access, that is usually enough.


Internet access is essential.

Now that is the voice of privilege! Clean drinking water is essential. A smartphone is merely a luxury and one that is not without consequences - just as cigarettes are a luxury.


Internet access is not nearly a luxury in the same way cigarettes are.

Yes, it won't literally kill you not to have Internet, but that's a disingenuous argument. I did not say "essential to remain alive", I said "essential".

You are simply not at a level playing field if you do not have Internet access in 2018.

Family emergency while you're not at home? Resources to learn about the world, educate yourself? Increased job opportunities? Housing listings? Mobile financial services?

https://www2.deloitte.com/content/dam/Deloitte/ie/Documents/...

https://www.nytimes.com/2015/04/02/business/dealbook/melinda...

Internet access is most commonly going to be through smartphones in the developing world. Internet access is essential.

Saying it's a luxury in the same way cigarettes are is ludicrous.


Nothing is without consequences. Take water. People die daily from having too much water in their system.


Personally, I find the introduction of devices with software and distribution lockdown to be much more concerning. As a customer, my relationship with Apple has always been a middle finger from them. The saddest thing is watching everyone cheer them on. Many would much rather be surveiled by Google than be treated as hostile by Apple, and that choice is ok.


It's rather absurd that it's pretty much only Apple that will sell you a product rather than seeing you as a data cow to be milked daily.

I'd like some competition that's actually with Apple (that is others who respect privacy, not Google, Microsoft et al) as I am increasingly disappointed in Apple hardware.


I hear what you are saying and agree in the sense that a lot of this is being misused by people who want to take advantage of what they know about you/us in whatever shape or form they can get the data to get away with.

Chinas use of data is definitely not the way to go.

However, I would also caution against the push for almost complete privacy as that IMO leaves out a number of potential advantages from systems having enormous amounts of data about us.

The primary advantage of technology is that it is able to automate and remove a number of things we would otherwise have to do manually, semi-manually etc.

To the extent that we do more and more in the digital space, our digital identity becomes much more important and that creates a new problem that can't be solved through privacy IMO but have to be solved by allowing digital identities to learn how to trust each other (which means exchange data/information).

I don't think there are many ways around that unless you want to get off the grid completely (which is certainly one way to do things).

This is where I think the decentralized part becomes really valuable. How can we own our own data but exchange it with others and build trust over time just like we would in the real world.

Cause in order to take advantage of the technology you will need to feed it with the primary thing that keeps it alive, data.


Name an advantage to google knowing what colour underwear you bought last Thursday at 3pm from an eBay seller called “thrusty jack”?

Siri/iOS/macOS/etc are proof that “smart” services can be done on-device and/or without identifying information and still be useful.

Google does it all server side because it’s the cash cow their entire business is built on, not because it’s the only way to do it.


If they are getting the data from Gmail, then it is useful for the heuristics in understanding what is and what is not spam.

AFAIK, ebay don't use GA although most of the web do. GA is I'm sure largely to help with their advertising business. That is useful because it gives website owners (who choose to use it) analytics.


> If they are getting the data from Gmail, then it is useful for the heuristics in understanding what is and what is not spam.

Do you have evidence that they use their trove of personal data about you to improve spam filtering? No other email provider on the planet has the same amount of data, and they manage to filter out spam.

> AFAIK, ebay don't use GA although most of the web do.

eBay was an example, but my point was more about, if you used Google Pay on a shopping site.

> That is useful because it gives website owners (who choose to use it) analytics.

That isn't beneficial to the person whose data they hold, it's detrimental, and fucking creepy.


Hmm that wasn't actually what I said. So not sure how to respond to that.


You literally said:

> I would also caution against the push for almost complete privacy as that IMO leaves out a number of potential advantages from systems having enormous amounts of data about us.

So I created an example. Forget my example if you wish, I still have the same question. What benefit is there specifically, from companies "having enormous amounts of data about us"?


But I also said:

"This is where I think the decentralized part becomes really valuable. How can we own our own data but exchange it with others and build trust over time just like we would in the real world."

So not sure why you are asking about about something that is only part of what I wrote when I elaborate further down.


> How can we own our own data but exchange it with others and build trust over time just like we would in the real world.

Well that's pretty simple. Don't use services that are paid for with your privacy.

> So not sure why you are asking about about something that is only part of what I wrote when I elaborate further down.

You claimed it's beneficial, I'm asking how.


And I am telling you I wrote some more so you have to read it in it's whole not just that part.


It may be the incentive, it may have been the incentive. But it's not the only possible incentive.

Before they were public Google did a lot of stuff that was seemingly just "because we can". Give geeks a metric-shit-ton of money and that'sb what you get.

This line sounds like the "businesses aren't allowed to do things that don't maximise profits" myth.


They're trying to repeat that in the automotive industry, as well as IoT. It's why most automakers have been resistant to adopting Waymo software.


and knowing that google will track and use their customers' data apple went ahead and made google it's default search engine for a couple of billion $ a year. from bing, who was their previous search provider. but not duckduckgo, the only privacy centric search provider.


Seeing as Google pays Apple $12bn to be the default search engine on iOS devices I’m tempted to call hypocrisy here...

http://fortune.com/2018/09/29/google-apple-safari-search-eng...


> I’m tempted to call hypocrisy here..

You can call it hypocrisy but it doesn't affect the validity of Tim Cook's argument [0].

[0] https://en.wikipedia.org/wiki/Tu_quoque


It may not affect the validity of the argument, but it may suggest something about the motivations of the person making the argument.

Each person's idea of where something sits on the spectrum of right and wrong differs.

If someone is being hypocritical, it can lead people to question the motive behind the words.


This is considerably better than the way I put it! Thanks!


andy_ppp was not trying to invalidate what Tim Cook was saying but just remind everyone that the motivations here may be less than altruistic


I think you are right but then I was never saying anything about the points, I was saying personally I’d find it difficult to make statements in direct contradiction to my actions. Which wasn’t clear and logical fallacies are definitely worth consideration! Maybe you have show a little bit of cognitive bias assuming I was trying to undermine the points he makes.


>>I think you are right but then I was never saying anything about the points

I think perhaps you should. It would improve the quality of the discussion.

http://www.paulgraham.com/disagree.html


I do get your point and agree but most users are uneducated and will most likely have problems with DuckDuckGo and be confused to what happened to their Google and why is it deleted. So I guess it’s another side to consider. That’s no excuse thou. Apple should at least ask the question in the onboarding.


Also you can't just forget the point, that you will not find the same results on DuckDuckGo and Bing and others that you find on Google. That is my #1 problem with switching to another search engine. It doesn't show me the results that I need, especially for technical questions. Google does.


I tried DDG a few years back and was of the same opinion as you until I decided to have another look back in August this year (which coincided with a switch from Chrome to Firefox). I'd say I find 90% of what I need now - ie I only end up using g! for one in ten searches. Probably fewer, actually.

(and like you, a lot of my work-related searches are technical in nature)


The problem isn't that DDG misses 10% and you have to try g!.

It's that you never know whether it's missing 10%.


If it is a while since you last tried the switch, startpage is worth a go.

I recently built a new laptop and set it as the default, after several failed attempts in the past. I now rarely find myself struggling with tech related searches as I had done previously. Consequently, it has stuck this time. YMMV obvs.


I might give it another go. I also really really like the guys behind DuckDuckGo, so I'm still hoping they can get their search algorithm on par (or at least near) Googles'


With DuckDuckGo you can always use the !g syntax to switch to google if first results don't suit you need.

By my experience DDG usually provide way more appropriate answers when you are looking for a reference or a documentation entry. Google still is better for recently pushed contents like news and is still marginally better for finding result inside Q&A sites. After 1-2 years of DDG by default I tend to know in advance which query is best for which search engine and so I half conscientiously add the !g while typing when needed.


I don't know why so many DDG users use '!g' unless they're using Edge or just aren't aware that Chromium and Firefox both let you create an arbitrary keyword like 'g' for a search provider, which is a lot easier to type.

Some of the other bang commands do look useful, though.


Guess I have a "localized" deformation as french keyboard include a ! character accessible without any key modifier, so it's actually pretty straightforward to use.


That won’t take you through DDG’s anonymizing proxy though.


For me, !g just redirects to a normal Google search.


It's either that, or Apple's users use Google for free. I'd take the $12bn as well, thank you.


Google’s probably going to make about $130-140 billion, gross, in 2018. Twelve billion is a huge chunk of their profit margin.

Given that the source on this is one guy at Goldman Sachs, I’d treat that number with some suspicion.


As a user, I can choose to change the default at no cost.


I'm curious what would apple use if google was not paying, or if google charged apple? This seems backwards to me.


They're literally the biggest tech company in the world. Couldn't they build their own? I mean, it wouldn't be great at first but seems like a worthwhile project (and Microsoft managed it with Bing, so there's precedent there).


I work for Google but not on Search.

I think the issue is that besides the money they don't really have a competitive advantage so it'd be difficult to catch up given how long Google has been doing this for.

First of all Search is well outside their domain expertise; they aren't really well known for doing either search/MI or even web services well.

Secondly, it takes a long time just to get all the infrastructure set up. There is an unbelievable amount of build/test/deploy infrastructure that Google has been able to set up over the many years of doing search. I certainly think Apple has engineers smart enough to make it happen but in the end building the stuff takes a large amount of time.

And this is all assuming they use AWS/GCP/Azure instead of deploying their own data centers.

It's very much the same difficulty that Google has trying to make hardware to compete with Apple. They have so much experience and expertise in that area already. There's no way Google could make a phone faster than the iPhone: Apple makes their own chips! So instead Google has to compete in the areas where they have a competitive advantage, for example by using AI to make very good cameras.


Ehh, Bing still isn't that great. I've had to use it on trips to China, and it routinely misses stuff that I'd expect to see on Google.

Apple could do it, but they are a trillion dollar company that hasn't even gotten Maps completely right yet - let them work on one thing at a time...


> They're literally the biggest tech company in the world. Couldn't they build their own?

A search engine is a big enough process—and difficult enough—that you can't just throw money at it and expect it to work in the end. They could try, certainly. And maybe they'd succeed, and maybe they'd fail. And maybe they'd succeed but end up with a successful business unit whose goals are opposed to the rest of the company's.


Bing or Yahoo. Google profits even after spending 12b. It’s a substantial amount of traffic and could help put one of the smaller guys back on the map.


It's very easy to change the search engine to duck duck go.


Google and Facebook aren't selling your data though.


The only problem is that Apple is the Mercedes of mobile devices. We really need a Honda and Kia version, a more affordable device that doesn’t track you.

Apple is never going to give up their premium position.


why not just buy an older device? bought a brand new iPhone se as soon as the new iphones x maxx was announced. mobile phone development as plateaued imo, there is nothing out there you really need unless you're fooling yourself. photos - I bought a nice mirrorless with the money I saved. apps - se runs everything tolerably fast except for snapchat and Instagram, which I've decided to cut down on anyways.comparison is the thief of joy and all the new social media apps promote comparison as the primary feature. games - bought a Nintendo switch and it has fortnite as well.

all told 300+400+300 = 1000 which is STILL lower than the cost of the iPhone x max


This has been my strategy all along. I am always at least two versions below, sometimes more. I still own my iPhone 6, and get all updates. I bought it for 200 bucks, 2 years ago!!


Apple supports old devices well, but app developers seem to have different ideas. I upgraded my SE to an Xs recently, and I had the realization that iOS is not a bug-ridden piece of garbage... it's just that nobody ever tested their app for the SE's screen size and other capabilities. All the apps that I thought were buggy work amazingly on my Xs.

To some extent, I sort of blame Apple here. When you boot up an emulator, it's an iPhone X that you see. If it defaulted to the SE, I bet we'd see more apps that render correctly on its screen. But it doesn't, so we don't.

The faster CPU also eliminates a lot of problems. I am sure I am guilty of writing code that is only viable because I'm running it on a 32 core Xeon machine. So are app developers. The faster the CPU you have, the less likely you the user are to suffer because of their sub-optimal algorithm choice.


I just got a 7 for $250 from a co-worker. I finally untangled myself completely from any Google services, which is a nice feeling.


That’s my strategy for my family. Especially hand me down devices. My Mom still has my 5S and it’s still supported.


>why not just buy an older device?

As devices age, they stop being supported by security updates.


Apple, unlike many Android outfits, supports their hardware for a pretty long time. This chart (https://www.statista.com/chart/5824/ios-iphone-compatibility...) suggests that they're supporting devices up to 5 years old; since the SE is just 2, it has a good 3 years of software and security updates to look forward to.


Microsoft is still supporting several of their smartphones running Windows Mobile. The latest update (https://support.microsoft.com/en-us/help/4316692/june122018k...) was in June of this year. I still have a Lumia 950 and it works fine.

Compared to OnePlus who stopped updated their OnePlus2 past Marshmallow after telling subscribers they would get the Nougat update. This effectively dead ends this model for users. Got rid of my 2 when I found out:

https://gadgets.ndtv.com/mobiles/news/oneplus-2-android-noug...


The iPhone 5S, released five years ago, runs the latest iOS version.


This is what always bugs me about recommendations to buy older devices as a solution to all problems. Updates = security.


That's exactly the problem I have. I don't want the unblockable ads and spying but I need my phone to be some cheap thing I don't have to respect or worry about. Once I started buying $150 phones every 2-3 years, I realised how much I need a device that I don't lose any sleep over it getting beaten to death and possibly replaced prematurely.


Buy second hand iPhones.

A 5S will still run the latest iOS, and with a new battery wont be under “performance management” mode, so it should be quite fast to use.


I'm open to this idea. I discarded it early on because I thought it would either be too expensive or be too "used" to run cleanly for another 3 years.

Are you suggesting some official refurbishment route or just find them on Craigslist or Ebay?


Swappa. A less shady eBay specifically for phones and like gadgets (though as it gets more popular, we'll see if it stays trustworthy). I've bought three used iPhones and an Apple Watch, never a problem.


I personally wouldn't buy something like this from a classifieds site. But that's because I expect you're just as like to get a cardboard cutout of an iPhone as you are an actual iPhone. If you've used these sites before and are comfortable with them, I'm sure there's options there.

I don't know what it's like in the US, but here (SE Asia) there is a massive market for second-hand smart phones/tablets, usually from places that also do repairs of such devices. Go to any shopping mall in Thailand and (usually on the top floor) there will be dozens of places with devices of varying age.

I don't think Apple's official refurbished stuff will be in the price range you're looking (they only have 7's from what I can see) but I'm sure you can find them somewhere.


I’m not sure you’d like it. I recent upgraded from a 5s with a new battery to a 7.

It was night and day in terms of performance. In particular, Siri works much better.

Developers assume the performance of the latest, so they don’t realize how slow things act on older devices.


I'll second this. I'm still using an iPhone 6s and it works great.

I just checked and there are a couple hundred listed on my local Craigslist for $100-$150.


Speaking about unblockable ads, I had to set up a pi-hole to block ads at the network level because I couldn't block them on my ipad on any browser. Why does Apple make it so hard? Am I missing something?


Safari has supported third party ad blockers for a few years. I use 1BlockerX and it works well. There are dozens of other options. Including Firefox Gocus which blocks ads by default and also functions as an ad locker for Safari.

https://1blocker.com


Alright, thanks for the info. I'll look into those.


Get an iphone se with protector


Not really. They own like 50% of the market. They position like 1960 GM. The $1,500 iPhone is the aspirational thing that everyone talks about. If you have money, you buy the iPhone Xs (ie the Cadillac), if you want to look "better", buy the Xr (Buick), if you don't care, you buy the iPhone 7 (the Chevy). There is almost nothing that the $1,500 phone does that the $1 phone does not.

The cheapo androids are more like the Yugo of mobile devices, and the nicer Androids basically cost the same or a little more. iPhone 7 is $1 on many promo deals.

If you go to companies with compliance requirements, iPhone owns the market, and is by far the cheapest solution. One of my "side hustles" in a very large org was managing about 40k iOS devices and 400 android devices... it basically cost about $9/year to manage, including staff. Staffing was basically 40-60% of two IT guys and half of 3 interns. If we broke the cost down further, the Androids would have been significantly more expensive, as additional 3rd party software was required as well as many more man-hours.

The iPhone is magic in that way, with sufficient scale, you deliver almost magical capability to your whole company, including network connectivity, for less than the run cost of a PC. And it costs something like 80% less to manage than a PC. If you look at companies in industries like field service, iPhones are almost a profit center.


Calling that "$1" is an impressive lack of financial clue.


It's a message board, not a business case.

If you have a long-duration, pre-negotiated contract with carriers, where you are essentially financing the $500 phone cost every 18-30 months via the service plan, the marginal cost is the metric that matters.


Where is your evidence supporting the claim that Apple owns 50% of the market? That is way above the figures I have seen. Seems to me you are just pulling metrics out of thin air in this post.


https://www.statista.com/statistics/266572/market-share-held...

Says about 44%, which is pretty close to "like 50%"


* In the United States


Also, they're probably implying the US market.


Yeah globally it's probably closer to 20%...


Try Google.

I focus on the US (and UK and Japan), it's a two horse race. You can segment it all sorts of ways. iOS is somewhere between 40-60% in a given segment, and usually around 43-48% overall. Overall share has been declining as the market growth slows and prepaid plans make total device cost more relevant.

Nothing I said means anything ex US, as the solutions, costs and requirements vary.


It's about that in few countries (US, UK, Japan, Australia).

But it's way less than that worldwide, in India, for example, it's only 1%l


It seems extremely hard to achieve that though. Creating a new smartphone hardware is very difficult and expensive. Creating a new smartphone OS and ecosystem is probably even harder. In order to have a proper "libre" smartphone you'd need to basically do both things. If behemoths like Microsoft couldn't pull it off I'm not sure how a newcomer could.

I suppose the best path would be to create a new phone that could either boot Android or your privacy-respecting OS, this way you could still get the mainstream sales with Android and you'd target the niche users who value their privacy with your custom system. Still seems very difficult to achieve, if you want your phone to be cheap you need to target a high sale volume to dilute the cost of your R&D.

I think the big problem is that smartphones never really had an healthy open source ecosystem going because it was all about closed hardware and locked bootloaders. Without a decent open source stack available it's hard to bootstrap a new system. And even if you did manage to do it you'd still need to convince people to port their apps to it (because not having Whatsapp or Instagram is going to be a deal breaker for many).


If you want an example of how many people it takes to create a cellphone, Google bought HTCs Pixel phone team, which amounted to around 4000 people. This likely includes all the software engineers that do driver work as well, but it worth noting the size.

You can get away with smaller teams if you take the full package that Qualcomm gives (they do most or all of driver work for you). You saw what Essential Products was able to create with around 120 people, but they were heavily using work from other companies to launch it.



Doesn't fit the bill yet. It's not cheap enough (you can get an iPhone 8 for the same price) and it remain to be seen if it'll manage to generate a viable ecosystem of apps around its platform. We also can't judge of the quality of the finished product yet.

I genuinely hope they succeed but that's clearly not the "Honda or Kia" of smartphones the parent was talking about, at least not in this iteration.


Agreed. I don’t know what the solution is, data gathering is lucrative enough to completely pervert the mobile device economy. All the margin is gone.


I imagine part of the reason they can afford to be pro-privacy is that they make enough money on actual sales to matter. If your margins are how, you will start looking for other ways to generate revenue.


Apple devices last a long time. My mother still loves using my old 2012 iPhone 5.

Used iOS devices are the Kia version.


Sad that Apple stopped making iPhone SE, still expensive compared to other brands, but the cheapest to jump on the Apple bandwagon.


Not to mention it has a good fit in the (small) hand.


Yes, especially if you are a kid. Perfect phone to indoctrinate them with when they are young. Not too expensive to give to a kid and a perfect size. Don’t really understand Apples reasoning on this one.


I picked a second hand one up for SGD$200 (~USD$150)


I wonder if they could make a whole new company/brand that’s competes at the low end. If it ran iOS though, would that be enough to cannibalize too many iPhone users than would be acceptable?

Wondering if they could accomplish the same thing many car brands do i.e. Honda <> Acura


Apples 'cheap' iPhone is last years (or the year before). And it works, because unlike most Android devices that get very few updates, with long delays (or no updates, ever, for the very cheap devices), they support devices with newer OS releases. A 5S will still run the latest iOS.


I agree that appears to be the way they are going. If they are working to extend the life of devices even further in coming years that seems to support this direction.


Over time the resources required to run the OS itself should go up slower than the hardware has increased in capability in the last few years.

While the next iOS release may require an iPhone 6 or 6S, I expect it will be quite a while before it changes base requirements again after that.


The only thing that the iPhone 6 can't do which I know of is ARKit, which seems to be one of the most hardware intensive things phones are capable.


Just buy an Android device and opt out of all the tracking?

People behave as if this is impossible, but the options are all right there in the settings. There are a few places you lose some features but not super significant ones, and mostly those are because the tracking is intrinsically involved in the functions of the app.


This is farm from the solution you present it to be. Opt out of google maps history and try the maps search for few days. Then turn it on again and compare the results.

I've even had 'Saved Places' not render without search history being enabled.

My next phone will sadly be an IPhone. Not because I love apple(I don't), but just because I'm quitting google.


Search for places requires knowing your current location to give you the most relevant results. Google would have the same information if you used Google Maps on iPhone.

The difference is that on Android, it is possible to set a default maps app that is entirely local, which means that Android wins on privacy for location tracking. (This is before even considering that AGPS location data collection is mandatory on iOS and merely opt in on Android.)


You can only claim with a straight face that android wins on privacy if you completely ignore google. But since you can only do that in theory land it rings hollow.

Besides, most people upload their photos without removing exif data which makes your photo archive the best tracker - every place you went that you cared about at all. Most people also keep pictures forever. You an count the people who opt out of cloud storage for photos on one hand...


> You can only claim with a straight face that android wins on privacy if you completely ignore google.

The only way you can say iOS wins on privacy is if you listen to marketing instead of what the OS actually does.

1. Aside from losing on location privacy, as I showed above,

2. iOS also loses on message privacy because you can't use a secure messaging system like Signal by default,

3. on tracker and advertising privacy because you can't install a system-wide adblocker like Blokada,

4. on user privacy because you can't install an app without an Apple ID,

5. on developer privacy because you can't develop apps for your own device without an Apple ID (and even worse, without a credit card to give up a verified name and address if you don't want to re-sign your apps every week),

6. and on account privacy because Apple does not allow you to delete your account unlike nearly every other service (even Facebook, which comes a close second to Apple as a bad actor) on the Internet.


Nobody’s stopping you from installing those apps if you want - an offline Maps app, Signal, Firefox with uBlock. It might not be the system default app, but I’m not sure how that’s a fundamental loss of privacy.

Sure, you need an Apple ID, but how hard is it to generate a throwaway account for that purpose? Nobody ever said you had to use one that was tied to your actual identity. Heck you can even use different IDs for the App Store vs. iCloud, but anyone who is extremely privacy sensitive would already not be using iCloud. I don’t know where you read that Apple IDs can’t be deleted - on https://privacy.apple.com/ if you sign in there’s a nice big Delete your Account button.


> Nobody’s stopping you from installing those apps if you want - an offline Maps app, Signal, Firefox with uBlock.

I never said otherwise. Again, you can't install a system-wide adblocker.

> It might not be the system default app, but I’m not sure how that’s a fundamental loss of privacy

Because if it's harder to use on every use, you won't use it.

> Sure, you need an Apple ID, but how hard is it to generate a throwaway account for that purpose?

In that respect, it's exactly like a Google account. I never claimed otherwise. The fact that it's tied to things you do like apps you download and where you search allows deanonymization, just like in the Google case.

> Nobody ever said you had to use one that was tied to your actual identity.

Except if you want to build apps for your own device that you don't want to reinstall weekly. On Android, nobody has to know anything about you, even if you want to develop for your own device, which should not result in loss of privacy on a platform that respects privacy.

> I don’t know where you read that Apple IDs can’t be deleted - on https://privacy.apple.com/ if you sign in there’s a nice big Delete your Account button.

Thanks for this link. Somebody created an Apple ID with my email address, and after I took over their account, I could not figure out how to delete it from the Apple ID Account page, and a search doesn't return that privacy page. It's way harder to find than Facebook's delete account page.


Actually, I tried to create a throwaway Google account just the other day to test a Google API without it being tied to my identity.

Guess how hard it was? If you start from scratch (i.e. without an existing Google cookie thing your new account to your old one), you have to put in a valid, non-disposable mobile phone number and get a verification.

On the other hand, I just made an Apple ID with a disposable email address with absolutely no real-word verification required.

> Because if it's harder to use on every use, you won't use it.

I don’t see how a non-default app is really so much harder to use in iOS. I use Google Inbox and Facebook Messenger as my daily drivers (not claiming I’m a privacy focused person, hah), not Apple Mail or iMessage, and I’ve never suffered for it. iOS has surprisingly few places where a “default” actually matters.

> Except if you want to build apps for your own device that you don't want to reinstall weekly. On Android, nobody has to know anything about you, even if you want to develop for your own device, which should not result in loss of privacy on a platform that respects privacy.

This is a fair criticism. Apple developer policies have always been quite annoying - being a developer for the platform myself (own phone apps only, nothing released), it’s definitely not as smooth as Android. Plus with Android I get to do fun kernel hacking stuff which is strictly off-limits with iOS.


Search knew my current location. I was referring to Search History.


Don't install OpenGApps but use microG [1] instead

[1] https://microg.org/


Carrier IQ, etc. Look it up.


>Apple is never going to give up their premium position.

It would be stupid of them.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: