So a lot of the basic security of iPhone OS, as it was originally called, was supposed to stop your carrier from fucking it up.
That legacy continues today, even though Apple is pivoting to a "privacy is the product" model. I suspect a lot of these criticisms are a byproduct of that legacy, and not necessarily a sign of trouble in the future.
I still trust Apple - but Apple will have to continue to work hard to maintain that trust.
This is too misleading and dismissive. Differential privacy collection requires that the device will send back data which doesn't contain enough information to tell anything significant about the individual, but does allow for population-level statistics to be computed from many samples (eg. the old private-survey trick of flip a coin and answer truthfully if it's heads or randomly if it's tails). If they're collecting more data with this system, then it's supposed to mean that they don't know more about you.
Almost all tech companies collect extensive usage data; Apple seems to have made a genuine and rare attempt to improve the privacy of their users (admittedly without damaging their ability to make informed product decisions). Given the popularity of AI tech and the huge amounts of data it requires, systems like this are probably the only plausible way to improve user privacy without getting left-behind in the AI and product-development race.
I don't understand this claim. iOS had full disk encryption starting with iOS 3.0, in 2010. Or at least Apple (and other security experts) says it does:
https://darthnull.org/security/2014/10/06/ios-encryption/
Am I missing something here?
Which is to say, it's not classic FDE, but if you were to take the storage out of an iPhone and inspect it, you'd find that everything in the filesystem is in fact encrypted.
Making this technology more convenient is just as important for making people secure as the algorithms themselves, because otherwise, almost no one will use them (PGP-encrypted email being the classic example).
Anything you can see after starting the phone without entering your passcode is effectively not encrypted.
If iOS is to really be considered a secure OS, and if vanilla macOS is to become more secure, independent end-user control must be considered. Increased low-level design security at the cost of control, and the ability to prevent leaking data, cannot be considered a real improvement in security.
Whoever you are, thank you greatly for not being another one of those authoritarian cargo-cult "users are stupid so we should remove all control from them" people which the greater security community seems to be full of.
the state and details of disk encryption on both OSes is slightly unclear, but hopefully will become clearer when iOS 10.3 is released.
10.3 was released 9 months ago. And I find it hard to take seriously any article where every other sentence is bolded.
Before iMac Pro, I’d guess.
I feel like one may have to understand his preferences towards bitcoin, libertarianism, etc. though to truly get the deos vision to discern whether it's actually a better solution or a sleight of hand. I don't follow desantis or the bitcoin community closely enough to know.
This seems pretty troubling, as I as well as many I suppose, trust Apple and think that they're one of the good guys. I know it's cliché but I think this is the part where "[..] live long enough to see yourself become the villain." applies.
The more important question, imho, then is: what can we do about it ? If nothing, what should be done ?
Use Linux? How do you trust that? QubesOS? Pen and paper?
If you walk outside, you’re on camera. Living off grid with no phone or computer seals the deal, but not very practical.
I’m all about security and privacy, but everything is on balance with practically. If a three digit govt agency wants to find you, they have so many other ways than Apple.
Can't argue with that.
I'd say you use as much privacy respecting hardware/software as is feasible given your present use case and circumstances and progressively look to improve this situation funneling your money towards people and projects that respect you and your privacy in order to encourage people to build the things you need.
If you already have expensive hardware that doesn't work with open source software I don't think it terribly reasonable to suppose you throw it in the trash for example.
Just buy something better next go round.
I find it ironic that one of the features removed starting with Win7 was the network activity indicator in the system tray. Of course, recent Apple hardware and software has no indicators either. The opaqueness is unsettling.
Wouldn't this be devastating to about 10000 other businesses as well?
> iOS devices (even non-cellular devices) on first boot and, occasionally for unclear reasons after OS upgrades, will require “Activation” and an internet connection to contact an array of Apple servers.
The linked patent says that this is for carrier locking. It's possible that the code is used even on non-cellular devices because they just found it more convenient to not remove it? There might be more to this; maybe it allows for something like Activation Lock to work or allow Apple to track stolen inventory.
> Apple links the credit card used at purchase, the purchaser's name and email, and of course, the serial number and all components required to generate a UUID
Of course they do; these are all components of an Apple ID, so it would be impossible for them to keep them apart.
> This means, for example, that if you were to use a certain app for a social network under a pseudonym on an iOS device (not that I would recommend installing any social networking site’s apps on your device) and that service sends information via APNS, Apple (and possibly the social networking service) can most likely link the pseudonym account to your real identity.
I'm not very familiar with APNS, but doesn't it work something like "social media server sends Apple message, and Apple forwards it to the right device"? How would device-specific information get to third parties?
> if you enter contacts into the address book, contacts’ details are hashed and automatically sent to Apple, supposedly to check for presence in Apple’s iMessage database to determine whether to show iMessage as an option on that contact’s page
I agree that this is a stupid decision. This is a reasonably large loss of privacy for a very small benefit.
> ust try to remove your Mac’s WiFi card and rebooting - all Mac App Store apps will likely fail to open
Wait, what? I've been able to open Mac App Store apps without a network connection. You can try to validate with the App Store over the network, but that's an option, not a requirement: https://developer.apple.com/library/content/releasenotes/Gen...
> Apple really wanted the DRM aspect
I'm not even sure what the purpose behind Apple's "DRM" is. It's trivially bypassed on jailbroken devices, and I think on macOS as well.
> On macOS you can separately download an update/upgrade DMG, which will be signed by Apple, and then simply install it without a network connection.
On macOS you can also downgrade your OS to whatever you like. iOS requires a firmware to be signed before it will install, which obviously means that it will have to reach out to Apple somehow.
> if a user feels like removing/modifying certain Apple system binaries they are uncomfortable with
What if a user removes AMFI or the Sandbox?
> The fact that there is no way of monitoring or intercepting file system events, network connections and other system calls on said device and that you are giving apps many, many more privileges than you realise
It takes work, but this is possible. What you need to do is sign every app you download with your own entitlements that allow for debugging.
Despite the author's hesitations, I'm still pretty convinced that macOS/iOS are probably some of the most secure operating systems you can buy today; the amount of time Apple has put into this clearly shows. Plus, it's obvious to see that Apple's incentives don't really align along data collection, even when taking a cynical viewpoint. Not collecting user information allows them to resist government requests for data and increases public goodwill; unlike other companies they have a clear source of revenue that's not tied to data collection, and it's highly unlikely that they'd burn that money to go after data collection for AI or whatever given that's not an area they have a whole lot of experience in.
That being said, there are many good points brought up in the article, namely the centralized control that Apple has over devices. We've already seen occasions where this has caused Apple to acquiesce to third-party requests: for example, the removal of network extension apps from China's App Store. Apple is playing a delicate balancing game of trying to maintain some control over the hardware they vend while trying to keep it secure, and this is a difficult thing to do, especially when they need to cater to the needs of users for whom features are important and privacy is invisible.
I've never encountered this behavior. I can load this fine when logged out in Safari.
http://www.sacrideo.us/openbsd-on-macbook/
However I have not heard any reports of anyone running an alternative OS on iPhone or iPad hardware.
With every passing year I continue to think it would be interesting to observe how users would choose if Apple hardware and Apple software were sold separately.
Would all users choose Apple software?
For a long time now—and an astonishing number of posts—you've been using HN basically to post agitprop. The trouble isn't your opinions—whatever they are, I'm sure plenty of other users agree with them, all of whom manage to use HN just fine. The trouble is that you've crossed into being a single-purpose account, which is not cool. HN threads are for conversations, not agendas. One can't have a conversation with a megaphone.
Since we already asked you once to stop and you don't seem interested in changing, I'm going to ban this account. If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future.
Edit: Notice that youve toned down your original reply, which had statements like "No one cares about your opinions about Google, Apple or Facebook." It seems I have agitated you. I apologise.
http://www.sacrideo.us/openbsd-on-macbook/
However I have not heard any reports of anyone running an alternative OS on iPhone or iPad hardware.
With every passing year I continue to think it would be interesting to observe how users would choose if Apple hardware and Apple software were sold separately.
Would all users choose Apple software?
Expecting to take a little karma subtraction from the thought police for daring to entertain such a nonpermissible idea. Par for the course here and well worth it.
Please don't comment about the voting on comments. It never does any good, and it makes boring reading.
