_-__--- on Oct 8, 2015 | parent | favorite | on: Verizon revives "zombie cookie" device tracking on...
Tor as an OS-level feature may not spark the best reaction. It's been given a bad name ("deep web," silk road, etc) in mass media and many people don't understand it enough to think of it as anything other than bad.
I think that it'd be cool to have, but I don't think that Apple would ever implement it.
jameshart on Oct 8, 2015 [–]
Agree, it's phenomenally unlikely, but then again there is a part of me which could actually imagine Apple doing something like it. They wouldn't use Tor, of course, they'd build a proprietary equivalent, and then come out on a black stage to 'introduce Apple Undercover, a revolutionary enhancement to personal network privacy and security'.
So much so that I would accept Apple using something other than Helvetica this one time for a Miami Vice typeface and a Michael Knight and Kitt intro at WWDC.
I cannot stress enough that Hasselhoff needs to stay in character the entire time or the whole concept doesn’t work.
At this point, Helvetica itself would give a retro feeling if used by Apple. They’ve been all in on San Francisco for several years.
(a) There is pressure from many governments to give backdoor for surveillance. Or just comply with subpoenas that are against human rights.
(b) Complying with local laws generates PR damage. It makes privacy and ethics as a brand strategy look disingenuous.
The solution is, of course, to generate truly secure system where Apple can't make backdoors. Those services may not be available in some countries, but then it's just missing service, not a compromised system.
The goal of this is to make it so that even if the FBI had an incident similar to 2016, Apple would not be able to fulfill their request to make a backdoor, and the FBI wouldn't be able to make a backdoor even if they had the power to sign and run any code they wanted on the phone.
That's how you make a secure system these days. You can't just make it secure to everyone but yourself and fight the government - you need to secure it from yourself as well.
Apple's already shown they don't like this behaviour with their randomised MAC addresses in iOS 8+.
I think there is a sense in which privacy was already a differentiator for Apple in iOS (as contrasted with Google’s motives in android in particular of course) - so this did feel like a not completely implausible way they could go to double down on that differentiator.
Apple's rift with Google over user data collection in Google Maps goes back to 2009 when Google held Apple to ransom for the user data in return for turn-by-turn directions. Apple refused and started building their own maps service, buying Placebase in July that year.
By making it a feature for paying subscribers only, Apple probably hopes that their solution won't be interesting for criminals. (Apple will likely cooperate with law enforcement)
"Oh, let me turn on undercover... why is my bank online account suspended and my PayPal banned?"
(No snark, I really do love it.)
Enjoy the moment, future seer.
I use a VPN for other reasons (downloading Ubuntu ISOs mostly) but I'll probably turn this on and leave it running on all my devices because of how transparent it appears to be. I trust Apple's onion-routing design more than I trust my VPN provider not to log things.
* I'm actually glad they don't try to get around region locks. I consume a lot of BBC content and live in the UK. I'm constantly struggling with my VPNs (with UK endpoints) being blocked because others outside the UK could be using them. It would be nice if the BBC didn't block like this, but UK residents do typically pay for the content whereas those outside the UK are unable to.
This made me smile. Good one.
For context, copyright trolls recently tried to extort torrent users for downloading and sharing Ubuntu ISOs.
Importantly, OpSec (the company doing this torrent-dmca-for-hire stuff) says the DMCA itself was spoofed
> OpSec Security’s DCMA notice sending program was spoofed on Wednesday, May 26, 2021, by unknown parties across multiple streaming platforms.
> We shall look forward to hearing from you.
We look forward to receiving more of your so exquisitely designed HTML
e-mails with the shiny wanna-be-police-star.
> Dear Frederik,
Hi! Please, learn to quote properly in your e-mail messages. You can
learn from how I do - I promise you that proper quoting is not patented.
So yes, Linux ISOs is an old thing indeed
The other reply told about a uni tale. I've heard about a similar story about someone torrenting actual Linux ISOs on university network. That resulted in a stern warning else the student would be barred from using the network and computers. Basically an automatic fail for future studies.
Semi-related to this, but they do offer an option to pick between preserving your approximate location and using a broader location.
The example they took in one of the sessions was, if you live in San José, with the first option, you'll get an exit node near San José so you can still get local "content". With the second one, you could get an exit node in Los Angeles.
In practice in Europe, it looks a bit different. I do live in the north west of France, and with the first option I regularly get an exit node in the southwest of France (from Fastly), about 700km away (which is pretty fine by me).
With the second one however, I get exit nodes in Germany and the Netherlands (pretty much exclusively Cloudflare), which can become an issue with region locked content. I had the issue with Prime Video last week not offering me a Tennis match for which they only bought rights for in France.
Obviously it's still early and they might tighten a bit the locations outside of the US, but overall it's definitely quick and well thought out.
Last thing, all your traffic from Safari (and presumably some other Apple services ? Still unclear) whether http or https will be routed through it. Only http traffic from 3rd party apps (Firefox, curl etc) is routed through the relays, which I think is a pretty sensible default.
As an exiled Londoner, I would love to be able to pay to access BBC programmes. Unfortunately I can’t, so a VPN is often the only solution (well, I guess torrenting would be another one, but it’s not really better).
Obviously, this is something licensing agreements do not allow for, but it seems like such an obvious user friendly concept that it will never be allowed.
In essence, what you're saying boils down to "it's already paid for, but nobody else can have it anyway". It's unreasonable and there is no need to make excuses for this behaviour.
This is big money, up-front, with no need to build out a global delivery system or deal with millions of customers.
This is one of those classic examples of something that looks really simple from an outsiders perspective but once you have to deal with the details you realise it's anything but simple. And through no fault of the BBC either, I might add. Various commercial stations and news outlets have campaigned relentlessly to shut the Beeb down. It's a miracle the service is still operating, even if their hands are tightly tied.
Hell, I thought the practice would die (or at least slow down) when Netflix started transitioning away from syndicated TV and movies; this never happened. Netflix will totally geoblock their own shows so they can, say, release a cartoon on a weekly basis in Japan but in binge-watchable chunks in America.
You will continue to see anything more premium than a high-subscriber-count YouTube channel be geoblocked until and unless one of two things happens:
- Geoblocking gets so heinous that it starts to push people away from shows and services, beyond ordinary subscriber churn. This is unlikely - the US is the biggest market for a lot of this stuff, and that's a market full of people who have no desire to watch foreign media ahead of an official release. Hell, most of us don't even have passports, and think that you can just move to another country by asking politely.
- Some country or trading bloc gets enough of a bug up their butt about getting releases late that they start amending copyright law to ban the practice. AFAIK, I've heard Australia was considering banning region locked DVD players at one point; and that the EU was considering forcing online video providers to license content on an EU-wide basis.
I have a funny feeling that a very large percentage of that market comes from VPNs. Everyone I know watches the US Netflix and we aren’t in the US.
The BBC is complete license owner of virtually zero programming. Almost all (as in 99.9%+) of their content uses substantial third party copyright works where the cost implications of selling internationally still apply (just the music rights alone will drive you mad, and it's far from uncommon for BBC content that is shown in the UK to have a different soundtrack to the internationally sold version to the likes of Netflix due to the licensing cost and complexity).
It is also worth noting that the BBC makes a lot less than people think, especially if you consider BBC studios to be a quasi-separate production entity now (which it is!).
Ha! There's SO SO MUCH. More than you can imagine.
They are a domestic ISP, so I guess iplayer should work over the service.
I'm paying around half the price for unlimited viewing of direct streams (no faffing with client protocols) which come transcoded for home and mobile usage
That number almost always works for store 'loyalty program' discounts too.
<local area code> 867-5309
This is already paid for but the next show isn’t.
If the BBC were sold to the public as a soft dollar expenditure, it would be one thing. But it wasn’t. I’m not sure it could be in today’s Britain. Ignoring the freeloader problem threatens the support on which the BBC’s funding depends.
This is a debate with reasonable arguments on both sides.
I don't think the content was identical, but it was pretty broad. Some EU countries, maybe Canada?, at least.
Do you download directly from a mirror or use BitTorrent for this? (If the latter I think I kind of understand the rationale for the VPN)
(I think I was running uTorrent on Windows, it was weird and I really didn't know how to use it.)
However, in order to "acquire" [this], torrenting was realistically the only sensible option I had. A direct download from the Internet Archive would have taken roughly 7 hours @ 100 Mb/s. The torrent file was done in an hour.
To my great surprise, the link isn't dead, so...yeah :)
Transmission CLI FTW.
Yes, 100Mbps is ~12.5 MB/s, however when I initially tried the .mp4 link I found actual speeds to be much less, (hence the hours long wait I mentioned) so there's definitely throttling going on somewhere.
Also, don't count your chickens before they hatch. I remember downloading Flight Simulator 2002 mods over a 56K modem in my youth - anything over 10MB was a stretch - and I didn't actually have a broadband connection until I went off to college in 2005.
I used to use NordVPN but found it to be much slower, less stable, worse macOS integration, not as good on the privacy front.
Everybody recommends them, but all of these things make me uneasy.
NordVPN is oversubscribed crap.
PIA was founded by Andrew Lee, the big brain behind the current Freenode drama, with help of the infamous Mark Karpeles of Mt. Gox fame. I'd rather use something else.
I was under the assumption that it was mostly Cloudflare Warp repackaged with a different name?
I'm not sure if my assumption is completely incorrect. While it's onion routed, the grunt of the work seems to be done by "trusted partners".
Props to Apple for offering an (albeit low entropy) onion router on their own infrastructure. I can't imagine this is going to win them any friends in government circles but it's definitely a step in the right direction.
I'd also really like to see Apple come clean about the iCloud backup encryption debacle. A lot of people are trusting it to be something it's not and it should really be clarified on-device what it is and is not before opting in.
Are you referring to this article?:
It's why I only use my Apple ID for grabbing apps from the app store. I have disabled all the `cloud storage` features of iCloud. iCloud is a privacy nightmare.
I utterly agree that other direct-to-consumer options are in the same boat - but Apple is quite heavy-handed in it's messaging about, well, messaging being encrypted and private and no-one (including Apple) being able to read your messages. That's only true if you don't backup to iCloud.
I would expect most people on HN to be aware of all of this of course but when you're so strongly selling your privacy protections as part of your brand, it's a pretty glaring window to leave wide open.
And like the article says, they didn’t want to poke the bear anymore. Of course the FBI has congressional friends. It is possible that Apple saw the risk of it backfiring and making things worse as too great.
I think market share is another sign. Does anyone use actual Android Backup, or do they use the unencrypted “backups” in G Photos and elsewhere? For that reason should the FBI care? Maybe I’m wrong but I believe actual Android Backup is much less used than iCloud and confusingly named alternative “backups” within Google apps.
I'd just like to see Apple be more transparent with this one particular issue because it undermines so much of what they're advertising to the consumer.
A transparency label for iCloud backup showing what is and is not E2E before enabling would do. Most people (myself included) would be quite happy with photos being encrypted by an Apple-held key (I'm not worried about the police seeing my boring lunch pics, I just don't want photos of my kids being readily accessible to everyone else).
It should be made clear if they're offering E2E for some features that other settings will render it pointless is all I'm saying.
Despite there been reasonable solutions like bloom filters and client sided hash detection, so that known child abuse material can be detected, without it needing to compromise the privacy of 99.99999% of users?
And that photos present some of the most sensitive materials on your device:
- geo-IP location showing basically everywhere you have taken a photo in, ever since the dawn of time
- people's consensual sex tapes
- photos of passwords, account recovery codes, private keys, seed words
Not saying it's not possible to build an E2E image storage service that also has the protections society tends to demand. Just saying that I haven't seen anyone do it yet, because these problems are subtle.
So a 'malicious client' doesn't need to be part of the threat model here. And also, if you really stretch your argument, that's like saying we need to outlaw Linux and open source software because malicious actors can modify the code.
The whole idea that society demands content providers compromise ETE just because of child pornography isn't something I've heard of being 'accepted as common truth' outside of this post.
Some politicians demand it, but I thought at least amongst tech, there's the recognization that strong, *unbreakable* encryption is important.
There's an implicit obligation to build services and technology that is resistant to abuse, but that isn't an argument to not implement ETE.
FWIW, I wasn't really trying to make a prescriptive statement about how the world ought to be, I was more trying to describe what (I think) the perspective of these corporations has been on the matter.
In the past, I've been an encryption advocate with the knowledge that we (tech) must sacrifice some ability to appease politicians in implementing it. What you're describing sounds like an innovative way to preserve privacy and provide security for at-risk people, which is a perspective I haven't heard before.
This is not a good argument. “Known child abuse material” is the tip of the iceberg. There’s nothing stopping people from creating new “child abuse material”, and the people who are doing that sort of thing are the ones who are more important to catch.
Should we build backdoors in AES because there are terrorists in the world?
That’s not what I’m saying and I can’t possibly imagine how you could infer that in good faith.
I agree with you in terms of photos being some of the most private information we have, but the E2E argument doesn’t ever get won by the tech community without a guarantee of blocking/catching/preventing CP and being able to make that evidence available for prosecution.
To the arguments above: Any processing server side implies no real E2E. Any processing client side is by definition under the control of the client and subject to forgery/hacking/spoofing/tampering.
Facebook is the largest platform for child trafficking, and Google is the world's largest resource for finding out how to commit criminal acts.
Crime always exist. We shouldn't build a techno-totalitarian surveillance state just because crime exists.
"It is better that ten guilty persons escape than that one innocent suffer".
Chinese Communists employed similar but opposite reasoning during the uprisings in Jiangxi, China in the 1930s: "Better to kill a hundred innocent people than let one truly guilty person go free".
Geo-IP is the process of taking an IP address and attributing an location to that IP address.
I think you meant GPS location?
Are you suggesting that Apple or the government should be able to search your personal photo library stored in the cloud at any time because maybe you might have child porn in there?
I understand that companies need to scan groups and social features that are used for trafficking underage porn. But do we really need to snoop into the private libraries of innocent people just because they might have illegal material?
Having access to millions of peoples photos is such a huge privacy risk that I can't think giving it up is worth while to make it slightly easier to catch a handful of criminals.
Cloud services offered there must store data in the country and be operated by Chinese companies. (Apple is complying with this)
But Chinese companies HAVE TO assist the authorities in obtaining systematic access to private sector data. (This is not possible with E2E for backups and photos)
But I would be happy with iOS Time Capsule. Or even sell E2E Backup solution only with an iOS Time Capsule. Great way to increase their Services Revenue.
How it all works is documented: https://support.apple.com/guide/security/welcome/web
The point is that the deep compromises made inside iCloud Backup are hidden from the user and (at best) buried deep in technical documentation. So deep in fact that I can’t find any mention of it on that site at all.
What is being misunderstood?
Apple is not without sin. If we get out of this entire epic lawsuit (another company not without sin) with consumers winning the ability to side-load, it's a win. But for the most part, Apple has a multi-decade history of usually working for customers in above-board ways, as opposed to Facebook, Googles and other(s).
re: non-encrypted iCloud storage: I agree with you. I keep medical and financial data encrypted (e.g., their Pages app supports encrypting documents, and you can encrypt PDFs, etc.) but I would rather they did this for me. That said, for the 90% of my files that I would post on a street corner, I find iCloud storage across my devices is handy.
Apple already has all the friends they need in the "government circles". They're fully enrolled in PRISM and are well-known to kowtow to the demands of corrupt leadership (see: Russian iPhones, Chinese iCloud hosting)
Quite the opposite. Governments probably already have taps to decrypted traffic.
Otherwise how come that would even be legal to run?
If someone commits a crime and government cannot find evidence, because Apple gives shielding, then isn't that making them hypothetically an accomplice?
Why wouldn’t it be? I was under the impression that what isn’t forbidden by law was legal by default. AFAIK, running a VPN platform isn’t illegal.
> If someone commits a crime and government cannot find evidence, because Apple gives shielding, then isn't that making them hypothetically an accomplice?
I hate this argument. It’s lazy and can be used to accuse anybody in any context, and shut down discussions that we should be having. By that standard we are all accomplices for some crimes.
Even beyond that, personal privacy from the government is enshrined in the 4th amendment. Just because there was some executive actions and illegal laws made does not mean the 4th amendment suddenly disappears. No person or entity has the right to dragnet all communications.
Yeaaaaah, let's just pretend Snowden and Manning never happened.
It's an aspirational document in a largely lawless land, more a historical oddity than the supreme anything. If you wait for legislators and law enforcement to fix personal privacy, you've already lost... the US law enforcement culture is actively hostile towards individual rights because it makes their jobs harder. The only real difference to, say, China, is that we like to pretend otherwise. But the reality in the ground is that nobody on the grid has had meaningful privacy for decades now.
IANAL but this sounds fundamentally wrong in every way I interpret it. The Constitution is a set of laws that cannot be contradicted by any other law, executive action, or judicial action, with the exception of an amendment.
Indeed. And the fact that this is not recognised as a fundamental human right is a serious limitation of the charter and universal declaration. And yet, it comes up regularly.
I’m the scientist who purified the water that the criminal used to get enough strength to run away. I’m an accomplice now.
We have recent and specific case law around this. The cherry on top is it was Apple on the other side.
No, this is not how being an accomplice works in the U.S. It’s not how it works anywhere with the rule of law.
A pretty decent overview of the scope of the product.
As mentioned in the video, the service also is involved if your app does HTTP over port 80, offering at least some marginal level of improvement. Otherwise it leaves your app traffic as is.
As to Mail, the linked comment mentions that but I don't remember it being a part of the solution (nor does it seem feasible that it could be). Apple offers privacy improvements in mail, but not via the private relay.
Privacy Relay is also discussed in the privacy pillars video for a few minutes, starting at 24m30s.
> The first assigns the user an anonymous IP address that maps to their region but not their actual location. The second decrypts the web address they want to visit and forwards them to their destination. This separation of information protects the user’s privacy because no single entity can identify both who a user is and which sites they visit.
Apple is not saying nobody can deanonymize you - they are being very careful to only state that no single entity can deanonymize you. Hence you should still assume this is not a good protection against any entity with subpoena power, or the ability to compel the cooperation of Apple and their 3rd-party egress relay providers.
Are they able to assign a set for an entire country? If so, that doesn't narrow it down all that much. However, major league sports blackouts wouldn't work, so is it by city?
Apple has already confirmed that other app traffic will go through iCloud Private Relay “no matter what networking API you're using”, with some exemptions:
> Not all networking done by your app occurs over the public internet, so there are several categories of traffic that are not affected by Private Relay.
> Any connections your app makes over the local network or to private domain names will be unaffected.
> Similarly, if your app provides a network extension to add VPN or app-proxying capabilities, your extension won't use Private Relay and neither will app traffic that uses your extension.
> Traffic that uses a proxy is also exempt.
Maybe I am missing something but I view this is a rather genius move. They have plausible deniability + actually introduce some protection for their users.
Not sure how to read the original post though. Is it praising Apple? Is it mocking them? We don't have to be polar of course, I am just wondering.
Courts can compel them to log this information, so all claims about not keeping logs are just theater. The second they're ordered to by a court in the US, they will.
So they can stop you from deleting existing logs, but they cannot require you to collect logs you aren't already collecting.
I have no idea how well this idea has been tested in court, but that's the theory on which providers who don't even have hard drives are relying.
Courts order individuals, businesses and officials to take actions as a matter of course: to stand trial, to comply with subpoenas, to adhere to a contract, to make restitution, and so on.
I am not deeply familiar with lawful intercept law and case law around national security letters (what little there is), but I would not gamble anything of value on the principle that courts cannot compel someone to take actions.
With an NSL, they could approach a company and require them to start collecting logs and also to not communicate about the new requirement, at which point a privacy-focused company's only choice would be to either comply or stop offering the VPN service entirely without saying why.
Without an NSL, the company would be free to communicate about why it was no longer offering the VPN service, or to announce that they were going to be logging from that point on, giving people an option to stop using the service if that's a problem for them.
But not having a hard drive in place currently, that prevents the courts from getting information about any activity before the court order or NSL is issued, as far as I can tell, which I guess is what those companies are counting on.
Not an easy business to be in, in any case.
Sounds like praise to me.
Having a US megacorporation kill a whole market segment and pull it into their monopolized walled garden sure seems like an improvement. After all, they pinky promise they will not ever abuse that! /s
Every single field you mention was thriving when there were multiple players fighting over your money and have started to become exploitative and abusive as soon as one player killed the others and started rent-seeking. Competition is crucial for market economy to work.
I find it utterly bizarre that someone educated would think that a death of market by megacorp monopoly would somehow drive improvement.
The differentiation is purely marketing. Some VPN providers are basically grey market means to bypass TV blackouts. Others claim to be privacy focused, but are in fact the opposite. A few are actually privacy focused.
IMO, having megacorp(s) roll up the junk use cases actually drives meaningful competition by putting the lousy players out of business or driving consolidation in a crowded market.
Competition is great and works, except when it isn’t and doesn’t. Dogmas are usually bad, try to avoid them.
>Preference falsification is the act of communicating a preference that differs from one's true preference. The public frequently conveys, especially to researchers or pollsters, preferences that differ from what they truly want, often because they believe the conveyed preference is more acceptable socially.
The reason why the VPN business is booming is to avoid those pesky content infringement letters, and to workaround geo restrictions.
OP is upset that they advertise themselves as privacy tools, but that's just marketing.
I find it funny that people here mistrust companies like Facebook and Google, but then turn around and hand off their entire network activity to a faceless, anonymous VPN company.
Yes, I get that now my VPN provider can build that data profile, but I am certain that my ISP is a vile monopoly that has corrupted the regulators that are supposed to represent me.
That’s complete FUD. HTTPS completely avoids this issue (especially with a bank). Very few websites use HTTP now.
While VPNs do have their valid use (preventing your ISP from spying, changing geolocation, and private networks for eg, work), most of the marketing is spreading misinformation.
They don't tend to advertise that. Some do, but it's not their main message, because "prevent ISPs from spying" is cleaner.
iCloud+ does not solve this, so there will be a sustained need for VPNs, particularly those that invest effort into into avoiding Netflix blacklists.
IME of podcast advertising they all advertise this very openly.
I've also heard this from a reputable news source (NPR) in the past few years, even though it hasn't been true for banks for at least 15 years, ~5 for most websites.
A lot of browsers have their own root chain, and also now do certificate pinning, so will (IIRC) only accept specifically designated certs for particular sites (doesn't Google/Chrome/Gmail do this?).
Not really, because, you can use on-demand certificate issuance.
Hell, if you really want to, you can even name your certificates the same as existing certificates and the only way to detect the forgery would be to compare the actual public keys (and who does THAT).
I feel like I'm writing an evil roadmap here, but, you can even do multiple root certs with different names and trust them all, do a whole "fake" PKI infrastructure which would be impossible to detect unless you were comparing the actual keys.
Yeah, just imagine being beholden to some federal statue impropriety (easiest in taxes) and running one of the these vpn organizations...
If you are only hiding from your local network and ISP its fine
If you want to do that and change your location to a website it’s fine
If you are hiding from any government for a civil or criminal charge it is not fine
If you are hiding from any government intelligence so nobody knows anything it is not fine
It doesnt matter what “no logging” claims the internet reseller has, this is not verifiable and can also change at any moment
This isn’t true though, they have specified who the independent third parties will be: CloudFlare Warp, Fastly, and Akamai. See here: https://www.barrons.com/articles/fastly-stock-outage-think-a...
I don't think Apple cares as much about video content providers, though.
A more likely reason is that video streaming services with georestrictions like Netflix, Amazon, or BBC would have lost their minds.
But I agree that making the exit node in the same country probably goes beyond video content providers, it avoids all sorts of potential legal, diplomatic and practical issues.
Not being able to watch Netflix, Amazon Video etc. in Safari seems like something Apple would in fact care about.
It does mean you now have to trust Apple since that's the first hop. However you're already doing this when you spin up your AWS Lightsail Wireguard instance, say. AWS can see ingress and egress traffic and so you just need AWS to not be part of your threat model. Same here. Though I dont see this as too much of a problem since it applies to devices and services where you've already made this explicit choice.
The app limitation thing is a shame and hopefully there will be an API at a later date.
The exit node choice based on exit-locality kinda makes me think Apple either:
- Want to restrict this service being (ab)used for geolocked content (Netflix etc)
- Want to speed up the service by providing the closest exit node (Performance)
Of course given all the FBI cases, you also have to consider other possibilties for the creation of this service.
This will still be your fixed IP, not adding much to your privacy.
Some of them make sense to me, i.e. China which has a long history of censoring their citizens.
But in particular, I'm trying to find out why South Africa is on that list seeing as I live there.
Edit: In , Apple is quoted as saying, "We respect national laws wherever we operate" but did not elaborate further.
And, of course it could be politics. The South African government, I wouldn’t know, but it could be possible that they wouldn’t let tech companies from the US build servers in their nation.
Google, the engineering company, always plays second fiddle to Google, the advertising company.
apple having less advertising influence is more trustworthy, I think, in terms of privacy. don’t lump google in with them.
Meanwhile apple has many many anti consumer anti competitive policies so while I may trust my privacy with them more, I wouldn’t trust them to fight for my privacy rights in the long run.
Worrying about the carriers was really hot for a while especially post Snowden, but it’s really not a genuine threat.