Microsoft is pretty much a no win. Integrating ads directly into the operating system is quite gross and shows extreme negligence. Worse it shows an environment where business interests have absolute authority over engineering interests. No engineer that cares about security or maintainability would have let OS integrated ads happen.
Linux is probably better on all fronts, but a well configured MacOS is probably reasonably resistant to (non apple) capitalist threats. Apple is also doing considerable work on things like "secure enclaves" which I generally buy in to. They are also actively engineering systems to reduce passwords as a means of authentication. Apple is doing real innovative engineering and culture changing work that I generally consider forward thinking and society improving. I also believe that work has to be rewarded (with money spent) in order to convince other companies that it is something people actually care about. Companies will ask "what are our competitors doing," not "who stopped using our products/competitors products." Forcing companies to add privacy labels to their apps is something pretty much only Apple is capable of doing, and that is backed by the threat of direct monetary and potentially legal consequences.
Of course if all of the "Apple is getting into ads" press starts to ring true and Tim Apple goes full corruption, which is probably likely, I will likely have to begrudgingly move to Linux myself.
If I was worried about the government having access to my laptop, I would consider Apple's ecosystem a rather grave threat, but if I am generally not worried about governments, then I think the convenience of using MacOS exceeds the privacy values gained by choosing a more... ascetic environment. Since I use an iPhone apple already has extreme dominion over and insight into my digital life. Access to my laptop is a marginal loss of privacy compared to what apple gets from my phone anyway. Using an android phone is almost certainly worse and using a third party android OS involves trusting entities that have no form of real accountability.
Little Snitch is a pretty fantastic piece of software that I generally trust and gives what I consider an adequate level of observability into what my computer is doing.
You are going to have to go through and disable features like cloud backup, encryption keys in cloud, autocomplete suggestions, browser syncing, telemetry/crash logs, siri, spotlight indexing etc as well as install things like uBlock, PiHole and LittleSnitch. That kind of hardening would likely have to be done regardless of environment.
Linux seems to me like there is a good possibility of a serious supply chain hack in the next decade. If you ask "Who is trying to prevent this?" it's mildly scary to think there is probably some person with no authority, reputation, or responsibility volunteering their time to try to solve that problem because its the right thing to do.
They've shown a desire to push the line, while the ubuntu community has apparently mostly kept them within it. That article wasn't meant to be a source of truth so much as a starting point to find things to read about.
> I might look into this-
The nice thing is, is that once you set it up, you can tell your router to use the PiHole as a DNS server to hand out via DHCP, and it can even block your TV from contacting the manufacturer. Your router might even give it to your phone that connects to it and prevent a share of ads from showing up on your phone.
> Telemetry with zero identifiable information is probably okay,
Sadly, while they say there is no identifiable information, this is generally not a guaranteed property so much as a "we try to do the right thing" property. Crash logs don't need identifiable information because with 3 database tables in a data warehouse you can probably de-unidentify a log no problem. If any kind of memory is sampled, it is very possible to suck in information that shouldn't be there as well.
Microsoft, for example, has found inventors of viruses (and subsequently handed their info over to the FBI) because the crash logs the viruses caused got reported and they could turn that into an identity.
> Maybe my concerns are overblown
Nah, suggestions and features like that are shady. I do not like them one bit. I will say the more you understand, the more you realize privacy is dead. Privacy must be legislated. From a technical level it is an arms race, and if you try to run in the arms race, you'll just get exhausted and lose anyway. It's still probably a good idea to be a bit ahead of the curve or at least aware. Certainly a lot of people in Hong Kong in 2019 probably wish they were more versed in privacy.
Linux is probably better on all fronts, but a well configured MacOS is probably reasonably resistant to (non apple) capitalist threats. Apple is also doing considerable work on things like "secure enclaves" which I generally buy in to. They are also actively engineering systems to reduce passwords as a means of authentication. Apple is doing real innovative engineering and culture changing work that I generally consider forward thinking and society improving. I also believe that work has to be rewarded (with money spent) in order to convince other companies that it is something people actually care about. Companies will ask "what are our competitors doing," not "who stopped using our products/competitors products." Forcing companies to add privacy labels to their apps is something pretty much only Apple is capable of doing, and that is backed by the threat of direct monetary and potentially legal consequences.
Of course if all of the "Apple is getting into ads" press starts to ring true and Tim Apple goes full corruption, which is probably likely, I will likely have to begrudgingly move to Linux myself.
If I was worried about the government having access to my laptop, I would consider Apple's ecosystem a rather grave threat, but if I am generally not worried about governments, then I think the convenience of using MacOS exceeds the privacy values gained by choosing a more... ascetic environment. Since I use an iPhone apple already has extreme dominion over and insight into my digital life. Access to my laptop is a marginal loss of privacy compared to what apple gets from my phone anyway. Using an android phone is almost certainly worse and using a third party android OS involves trusting entities that have no form of real accountability.
Little Snitch is a pretty fantastic piece of software that I generally trust and gives what I consider an adequate level of observability into what my computer is doing.
You are going to have to go through and disable features like cloud backup, encryption keys in cloud, autocomplete suggestions, browser syncing, telemetry/crash logs, siri, spotlight indexing etc as well as install things like uBlock, PiHole and LittleSnitch. That kind of hardening would likely have to be done regardless of environment.
Linux seems to me like there is a good possibility of a serious supply chain hack in the next decade. If you ask "Who is trying to prevent this?" it's mildly scary to think there is probably some person with no authority, reputation, or responsibility volunteering their time to try to solve that problem because its the right thing to do.
As money gets involved in Linux it too can be corrupted. Here is a thread talking about canonical (ubuntu): https://www.reddit.com/r/privacy/comments/j4cl6t/should_i_tr...
They've shown a desire to push the line, while the ubuntu community has apparently mostly kept them within it. That article wasn't meant to be a source of truth so much as a starting point to find things to read about.
> I might look into this-
The nice thing is, is that once you set it up, you can tell your router to use the PiHole as a DNS server to hand out via DHCP, and it can even block your TV from contacting the manufacturer. Your router might even give it to your phone that connects to it and prevent a share of ads from showing up on your phone.
> Telemetry with zero identifiable information is probably okay,
Sadly, while they say there is no identifiable information, this is generally not a guaranteed property so much as a "we try to do the right thing" property. Crash logs don't need identifiable information because with 3 database tables in a data warehouse you can probably de-unidentify a log no problem. If any kind of memory is sampled, it is very possible to suck in information that shouldn't be there as well.
Microsoft, for example, has found inventors of viruses (and subsequently handed their info over to the FBI) because the crash logs the viruses caused got reported and they could turn that into an identity.
> Maybe my concerns are overblown
Nah, suggestions and features like that are shady. I do not like them one bit. I will say the more you understand, the more you realize privacy is dead. Privacy must be legislated. From a technical level it is an arms race, and if you try to run in the arms race, you'll just get exhausted and lose anyway. It's still probably a good idea to be a bit ahead of the curve or at least aware. Certainly a lot of people in Hong Kong in 2019 probably wish they were more versed in privacy.