HN Theater @HNTheaterMonth

Steve Jobs words 12 years later are still very relevant today https://youtu.be/39iKLwlUqBo

I just want to thank Apple for pushing this agenda forward, introducing things I believe Google would never do themselves first unless pressured.

I still remember Apple introducing “track me while using the app only” in a new iOS years ago that stopped companies hoarding live geolocation of every app user.

And we still get new bits and bobs every major iOS release.

In just last few years we found out apps that unnecessarily scanned for our network devices or used clipboards for no apparent reason.

Keep them coming.

⬐ danielrhodes

This question about the cloud and services is especially prescient though, because it's about incentives. As a hardware and OS manufacturer, Apple was not highly incentivized to collect data on its users. But as a cloud/services provider, its incentives far more closely align with Google/Facebook. There are services, such as Apple's fitness apps, where they don't seem to play by the same rules as comparable apps. It has been unclear where Apple draws the line between itself and those in its ecosystem. To provide an almost silly example: you don't see the Phone app asking for permission to access your contacts. I do place a lot of trust in Apple, but I don't expect them to stay a neutral party.

⬐ the_gipsy

Yet apple always aggressively pushed their native app platform over web protocols, which would allow much more privacy.

⬐ mattkevan

How would web protocols allow for more privacy? If Safari implemented all the Chrome PWA APIs it would open up the user to far more browser fingerprinting while also increasing the attack surface.

Also every crappy website will think it’s okay to force download a huge PWA payload and fill the phone up with notification spam. No thanks.

⬐ JadeNB

> If Safari implemented all the Chrome PWA APIs it would open up the user to far more browser fingerprinting while also increasing the attack surface.

Surely the answer is "so Safari shouldn't implement those APIs"? It's app makers who think we need constant push notifications from everyone; by and large they're subtractions rather than additions.

⬐ hombre_fatal

Not sure how the protocols themselves help, but at least for now, we still have things like content blockers and extensions for mobile web browsers.

Native apps have more freedom to do whatever they want, and they do it more opaquely. I guess the only thing that comes close to a web browser content blocker for iOS native apps is piping your traffic through one of those ad-blocker VPN apps like Lockdown, which sucks.

Of course, nothing compares to the amount of insight you have into websites on a desktop web browser where you can open a networking tab in the dev tools.

⬐ rodgerd

> Not sure how the protocols themselves help,

Web VR is being routinely used to add fingerprinting and tracking. Direct access to USB devices adds so many vectors for abuse I can't even imagine how it will end up being mis-used.

⬐ daniel_iversen

I don't think there's anything stopping web browsers to have the same level of privacy features as the apps, is there? Apple, Google and Microsoft owns both the OS and the browser, so there's really no excuse I feel.

⬐ Retric

I don’t see how you could replicate blocking all network access with a website. Websites inherently communicate with a remote server which limits privacy guarantees.

⬐ munk-a

With the exception of either investing time into targeted request black-holing or disallowing apps from contacting the outside world entirely (which would produce a pretty crappy AirBnB experience) I don't think this is really reasonable. Most useful apps have some legitimate reasons to talk to servers so blocking access before the app can get it (similar to how browsers block access before the site can get it) seems like the most reasonable approach. And websites don't need to inherently communicate with a remote server - there are a bunch of web tools out there that download a bunch of JS and then essentially run in local mode without ever sending that data home... yes the original stuff is coming from a foreign source but that's the same as Apps - the acquisition method is just different (and a lot more prone to abuse I'll grant you).

However, pretty much every useful app you're using is calling home for some moderately legitimate reason - so I don't think it's helpful to differentiate the two classes of executables based on remote asset usage.

⬐ Retric

The majority of Apps on my phone have zero reason to communicate to the outside world. A calculator, standalone game, etc should function without network access and if it doesn’t then delete the app and get something useful when the network is down.

Honestly, if I can’t block network access I don’t see the value in downloading a AirBnB app or just about any other app companies want me to install.

⬐ sneak

People prefer native user interfaces to APIs over the UI of web apps accessing those same APIs.

A few years ago when phones were slower the difference was much more stark. It's straight amazing what can be done in a webview now.

⬐ endless1234

GP's talking about Apple making PWAs unviable on iOS.

⬐ ghaff

In what way are they unviable? Because it's not as easy (which is not actually easy) to discover and make money? That seems a choice one makes.

⬐ sneak

Notifications. Notifications are why they are unviable.

⬐ ghaff

I allow notifications from virtually nothing other than phone and messages.

⬐ scatters

And yet Apple sell tracking devices that can be used to spy on people who've never used an Apple product.

Are they blind to the harm they're causing, or do they believe that only their own customers deserve to have privacy?

⬐ micromacrofoot

they thought they were ahead of the game by adding the anti-stalk features at all, because no one in the tracker industry does it… but it ended up causing the streisand effect

⬐ drdaeman

One can also use Airpods with ear sensing disabled to spy/listen for private conversations on people (within Bluetooth range), even people who have never used an Apple product. And, you know, some MacBooks are heavy enough to be able to cause physical harm if you'd hit someone on the head.

The wonders of humanity is that humans are creative and imaginative (not me, the examples I thought of are stupid and silly), so if they have a certain task in mind they can solve it through whatever technologies available, even if those technologies weren't designed for it...

⬐ CamperBob2

One can also use Airpods with ear sensing disabled to spy/listen for private conversations on people (within Bluetooth range), even people who have never used an Apple product.

Wait, what?

⬐ Jcowell

I’m not sure what OP is talking about but one can use their iPhone with the Live listen feature & AirPods to listen in to conversations. But you can just as easily leave your phone and record and listen later.

⬐ drdaeman

Yes, that's what I meant, thank you - putting an Airpod in next room to eavesdrop.

Airpods are pretty small, must be much easier to sneak them in compared to a phone. And unlike a phone, they're not providing any means to figure out who is the owner.

⬐ paxys

Apple still doesn't let you pick and choose specific permissions when installing an app. Other than location and a couple others, permissions are still all or nothing, unlike Android.

⬐ can16358p

Apple asks for permission when app actuallys requests it, not upon installing. I think this is superior to Google's from a privacy perspective.

⬐ zibzab

From your answer I can only assume you have not used Android in a long time.

Android permission model changed greatly around Android 6:

https://source.android.com/devices/tech/config/runtime_perms

⬐ can16358p

I actually develop for Android and literally worked with those permissions on 6+ too.

I was answering parent's concerns in their context.

⬐ FinalBriefing

This simply isn't true.

⬐ Flockster

I can choose for each app: contacts, calendar, reminder, photos (whole gallery or choose pictures), Bluetooth, local network, UBW, microphone, speech recognition, camera, health, (sensors?, Never seen that before), Homekit, media, files, movement and focus.

And location of course (never, ask next time, when using and always) with a toggle to set it to "approximated position"

⬐ pydry

They can still do better. I want a feature that will let me programatically lie to any app that requests any permission. E.g. real data while Im in the app but maybe Im in paraguay if it requests it ourside.

Apps shouldnt be able to fully trust the data they get unless the user wants them to trust it.

⬐ poizan42

The XPosed framework for Android let's you do exactly that (requires rooting though).

I haven't tried calling it programmatically, but it has a module system.

⬐ markhelo

Its likely that both OS's allow you to do it, because it is part of their testability APIs. I have used an app on Google to fake my location because a restaurant that is hard to schedule (90+mins waiting) requires you to be within 1 mile of it before getting on their waitlist.

⬐ benrapscallion

They actually do this already in a roundabout way: if you turn on iCloud Private Relay, you can choose the IP Address Location as Use country and time zone

⬐ akomtu

Apple will probably implement this in the coming years. This feature will poison those Big Data datasets and will lower accuracy of user profiles, but so long as Apple can reliably distinguish fake location data, Apple will go for it. Then, I hope, Google will retaliate and do the same on Androids. Facebook will be out of luck, but who cares.

>You're presuming a motive on their part.

Steve Jobs was very clear on this back in 2010.

https://www.youtube.com/watch?v=39iKLwlUqBo

>Apple using that as an excuse to punish a competitor

Steve Jobs in 2010 being asked how Apple's view on privacy differs from Facebook's view (right after one of the early Facebook scandals)

>Privacy means people know what they’re signing up for, in plain English, and repeatedly. That’s what it means. I’m an optimist, I believe people are smart. And some people want to share more data than other people do. Ask them. Ask them every time. Make them tell you to stop asking them if they get tired of your asking them. Let them know precisely what you’re going to do with their data.

https://www.youtube.com/watch?v=39iKLwlUqBo

⬐ gigel82

They should get off their high horse for a bit, or at least level the playing field: https://www.forbes.com/sites/johnkoetsier/2020/08/07/apple-a...

⬐ GeekyBear

They've already added an explicit prompt for that.

> Steve Jobs must be rolling over in his grave.

June, 2010 - Jobs: "Privacy means people know what they're signing up for."

https://youtu.be/39iKLwlUqBo?t=154

December, 2015 - Cook: "If you put a back door in, that back door is for everybody, for good guys and bad guys."

https://youtu.be/rQebmygKq7A?t=66

August, 2021

Interviewer: "Isn't this in a way a back door?"

Federighi: "I really don't understand that characterization."

https://youtu.be/OQUO1DSwYN0?t=426

⬐ arvinsim

Apple really is talking down on people on that last one.

Steve Jobs was talking about privacy since (at least) 2010:

> Privacy means people know what they’re signing up for, in plain English, and repeatedly. That’s what it means. I’m an optimist, I believe people are smart. And some people want to share more data than other people do. Ask them. Ask them every time. Make them tell you to stop asking them if they get tired of your asking them. Let them know precisely what you’re going to do with their data.

> That’s what we think.

* https://www.youtube.com/watch?v=39iKLwlUqBo

What they're doing now seems to simply be a continuation of that thinking. (Sometimes better, sometimes worse.)

Steve Jobs talking about this at D8 in 2010, and of course the privacy features he talks about were baked into the OS APIs from the start.

Apple's rift with Google over user data collection in Google Maps goes back to 2009 when Google held Apple to ransom for the user data in return for turn-by-turn directions. Apple refused and started building their own maps service, buying Placebase in July that year.

https://www.youtube.com/watch?v=39iKLwlUqBo

⬐ shaicoleman

If anyone's interested in reading more, here's an article which discusses why Apple switched from Google Maps:

http://allthingsd.com/20120926/apple-google-maps-talks-crash...

Why would you be concerned?

Going against Facebook/Google and other ad giants is in their DNA.

https://www.youtube.com/watch?v=39iKLwlUqBo

⬐ doobeeus

My concern is for people who take Apple's marketing (what's really in Apple's DNA) at face value, not Google or especially Facebook.

⬐ hu3

I remember when Google was the "good guy".

We should not forget that these companies are nothing but shareholder driven business and their incentives can and do change.

⬐ nojito

It's not marketing. Apple has cared about privacy since the 80s/90s.

Jobs even went so far and envisioned a private mesh network to avoid cell/internet networks from snooping on iPhone users.

>Ten years ago Apple wasn't running ads about privacy and they were working on building out the App Store.

Steve did

https://www.youtube.com/watch?v=39iKLwlUqBo

>Privacy means people know what they're signing up for, in plain English and repeatedly

>I believe people are smart and some people want to share more data than other people do. Ask them. Ask them every time. Make them tell you to stop asking them if they get tired of your asking them. Let them know precisely what you're going to do with their data

I think the issue was that Apple bungled IDFA by not making in opt-in initially and now are trying to correct their mistakes.

Apple was vilified 10 years ago for this stance, but at the end of the day they were right with their opt-in view on tracking and how pervasive silicon valley was going to become with collecting data.

This comment has no basis of truth.

https://www.youtube.com/watch?v=39iKLwlUqBo

Jobs @ D8

People are quick to forget because back then everyone (including HN) was praising Google for everything under the sun.

⬐ conradev

In that video, Steve mentions the fact that iOS had location permission prompts before iOS 6 – is that what you are referring to as incorrect? Because that is a good catch, permission prompts were present at least as early as iOS 4.2:

https://developer.apple.com/documentation/corelocation/clloc...

EDIT: Oh, I see, if you are referring to the PR or marketing portion, I think it is certainly clear that Apple had a pro-privacy stance, but that did not make its way into the company's _consumer_ marketing:

https://web.archive.org/web/20120718122643/http://www.apple....

>I can't buy the Apple "good samaritan" act. Apple is not fighting for privacy.

Why not?

Here's Jobs 10 years ago talking about this.

https://www.youtube.com/watch?v=39iKLwlUqBo

> at least a year now (...) they show a privacy disclosure splash screen before turning on many features for the first time.

This has been the case from the start of the Apple App Store. Here is a 3 minute video of Steve Jobs talking about it in 2010 - https://www.youtube.com/watch?v=39iKLwlUqBo (Zuckerberg comes up too funnily enough).

⬐ rgovostes

I was referring to these, introduced two years ago in iOS 11.3:

https://www.idownloadblog.com/2018/01/26/apple-privacy-icon-...

I think you are referring to the "Allow Facebook to use your location?" pop-ups. Notably, these have gotten progressively more sophisticated—apps now have to specify a reason for the data request. You can block access to backgrounded apps, and opt to provide a coarse location instead of your full GPS fix. Other protections apply to photo sharing, etc.

Yep. Great segment from Jobs that seems to hold true today: https://youtu.be/39iKLwlUqBo

You're making it sound like there is no business opportunity on Apple's side to mine and sell customer data the way Google does. Why can't we assume they are doing it with the best of intentions?

Watch this 10 year old clip of Steve Jobs: https://www.youtube.com/watch?v=39iKLwlUqBo The position is genuine.

>Apple is trying to position itself as more privacy friendly suggesting that the tide may be finally turning.

This isn't a recent thing.

https://www.youtube.com/watch?v=39iKLwlUqBo

> If you recall, Apple's stance on privacy is quite recent.

You should read some of the history of Steve Jobs, and you will learn that he was very serious about privacy and it seems like his values have been imbued into Apple and now Tim Cook.

Here's perhaps the latest clip of Steve on privacy: https://www.youtube.com/watch?v=39iKLwlUqBo

> Now, how do I do it in a non-evil way? I am presuming here that everyone agrees that should be possible to make that work [...] Apparently Facebook did it the wrong way. Why?

I really like Steve Jobs' comments on how to operate, with regards to questions of user privacy: https://www.youtube.com/watch?v=39iKLwlUqBo (3 minutes)

While I'm not convinced about the need for devices to be locked down, the rest of his response should be the gold standard in my opinion.

Apple always took location privacy seriously. I remember an interview between Steve Jobs and Walt Mossberg years ago on this subject. I looked it up again: https://www.youtube.com/watch?v=39iKLwlUqBo

⬐ SiempreViernes

Serious in the sense that they seriously wanted it? July 2010 was when they rolled out their silent tracking of all ios 4 users in an unencrypted database on the device for up to 10 months. In a happy coincidence, a bug ensured that the (presumably untested) feature of turning of location serviced didn't actually prevent the tracking.

And of course they never asked users for consent about this, except by putting something in the end of their 15000 word EULA.

https://www.theguardian.com/technology/2011/apr/20/iphone-tr...

https://www.wired.com/2011/04/iphone-tracks/

⬐ kalleboo

This was the dumbest privacy scandal ever. The database was on your phone. It wasn't sent anywhere. What good does that do Apple? What do they have to gain? It's obvious it was just a bug.

⬐ osteele

If Apple intended to collect locations, I would expect them to have recorded GPS (when otherwise enabled), and WiFi RSSI, instead of just cell tower RSSI.

I can imagine theories that include this omission as part of deniability for a cover-up, or from a combination of incompetence and malevolence, but such theories seem overly complicated compared to the assumption of a simple log leak like Twitter's recent password logging bug.

Whether these theories are too complicated depends on your priors about the evil intent of Apple's management and employees. If you already assume they're hypocrites about privacy, the location logging confirms it. I doubt it's convincing otherwise. (It's not convincing to me, unless there's a simpler story that ties it into ill intent, and that I'm just not coming up with.)

⬐ parthdesai

Explain China then.

Apple is being hypocritical in this case. Giving in to the demands of government when it hurts their business ( if it did take privacy as seriously as HN makes it out to be, they would take a stand in China) while advocating privacy in Western world.

⬐ Jerry2

Like every business operating in China, Apple has to comply with local laws. And that's what they do. Everyone else who operates in China complies with them as well. Apple also complies with US laws and laws of EU.

⬐ ghostly_s

Operating in China is a choice every one of these companies makes.

⬐ fiblye

With China, there's literally no option aside from having their products being barred from being sold or manufactured there.

The fact they're standing up for user rights when given a legal possibility is a good sign, compared to most major companies which are harvesting anything and everything even going beyond the scope of what's legally permissible.

⬐ hungerstrike

Apple is just like any other western company - their shareholders and chiefs don't really give a fuck about privacy. They only care about their bottom line.

If China demanded that someone from your company sacrifice a new-born baby in order to do business there, I'm positive that we'd still have many, many western companies doing business in China.

⬐ SiempreViernes

Maybe some startups would even go to the trouble of getting late aborted featus classified as "new-born" and spin it as an "ethics enhanced feature".

⬐ DmenshunlAnlsis

I can’t be the only person tired of this canard, right? It’s said over and over that the benefit of Apple is an alignment of incentives in Western markets. That is to say, Apple is not faux-idealistic, they are capitalistic, and in most places that aligns with user goals. China is the exception, but for the same reasons.

⬐ Someone1234

Explain what with China?

Apple are legally required to follow the law of countries they do business in. In China the law requires that the government, not third party apps, gains access to additional information. Apple can limit third party app privacy violations while still following the law.

The only stand Apple could take here is:

- Stop selling in China

- Have executives go to jail

Just as if they violated US law or EU-member's law.

⬐ ksk

That is a poor argument. "Selling" a product is not a principle or a virtue that one is required to comply with. Protecting the privacy of users is. Being non-discriminatory is. What if they had to do business in a country that forbids gay people from working? Using your logic - "Oh well they had to fire all their gay employees to just follow the law".

Its hypocritical of Apple to suggest they truly care about privacy other than as a means to simply differentiate themselves to sell some more shiny objects - which might well be a common cutthroat business tactic.

⬐ kilo_bravo_3

It is also hypocritical for privacy advocates to purchase products from China.

Their purchases directly fund a regime opposed to their moral positions, either through taxes and duties or payments to the many thousands of firms (like COSCO) that are controlled wholly or in part by the Chinese government or military.

The hypocritical-ness doesn’t go away because corporations are larger than individuals, the transaction is in a different direction, or because the moral position is privately-held.

⬐ ksk

>It is also hypocritical for privacy advocates to purchase products from China.

If you take Apple out of the argument for a second, thats quite a complex case. I think you can have two positions "we don't compromise on privacy" and "were trying to improve the situation the best way we know how". Under #2, you could make the argument that buying a general purpose tool such as a computer made in china, and using it to promote privacy is a net benefit, than not having the tool to promote your cause.

⬐ simonh

If it’s possible to buy the computer elsewhere and choose not to, it’s hypocritical.

⬐ AstralStorm

Well. In that case you get to skip most of Intel. Minor parts like capacitors and resistors are also almost completely made in China fabs.

You will have to be extremely particular and thorough to get rid of all chibese products.

⬐ simonh

Exactly, it’s not a reasonable position to take.

⬐ JumpCrisscross

> "Selling" a product is not a principle or a virtue that one is required to comply with. Protecting the privacy of users is.

A foreign country has passed laws disagreeing with your value judgement. In any case, Apple is a business. As a consumer, I care first and foremost about my privacy and the privacy of those in my country. That is not impinged upon by China forcing Apple's hand in their own country. Perfect is the enemy of good.

⬐ osteele

Any good act by a corporation can be explained away as a business strategy. Just as any good act by an individual can be explained away as a means to garner status, or because the individual derives personal satisfaction from either the act or the effects of good behavior.

Are you arguing that one must always impute manipulative motives to a corporation? (And should therefore not reward consequentially better behavior, because it must be based on invalid motives?)

Or is your point that Apple is uniquely hypocritical? If so, on what evidence about Apple in particular?

⬐ ksk

>Any good act by a corporation can be explained away as a business strategy. Just as any good act by an individual can be explained away as a means to garner status, or because the individual derives personal satisfaction from either the act or the effects of good behavior.

Sure, I would agree that if the outcome is good, then the intention is not relevant. Apple might have a positive effect in China despite compromising on privacy.

>Are you arguing that one must always impute manipulative motives to a corporation? (And should therefore not reward consequentially better behavior, because it must be based on invalid motives?)

I'm saying recognize the hypocrisy instead of constructing weird arguments to justify it.

>Or is your point that Apple is uniquely hypocritical? (And if so, on what evidence?

Certainly not. I said its a common business tactic.

⬐ osteele

> I'm saying recognize the hypocrisy instead of constructing weird arguments to justify it.

People with different priors on whether Apple's managers (or managers in general, or managers of large corporations in general) are likely to be hypocrites, will probably have opposite judgements about which explanation is a “weird argument”. So I don't think framing it in these terms will resolve any disagreement, unless there's some non-circular criterion (maybe you have one and I haven't seen it or am not understanding it) for judging an argument “weird”.

⬐ ksk

I use the same criterion that people use when they use it in their day-to-day conversations. Lets not get into the definition of words. In any case its not my goal to resolve disagreement or to convince someone of something. I don't view conversations in such narrow ways. I'm only interested in having interesting conversations with reasonable folks.

⬐ __jal

And what, US law just magically happens to be properly balanced, unlike the legal systems elsewhere?

Following your logic, every single company in the US is either ethically aligned with US law or horrible, awful hypocrites. Apparently there are no other possibilities.

⬐ briandear

If we are comparing it to Chinese law, then most definitely.

⬐ ksk

If every single company said stuff like "At Apple, we believe privacy is a fundamental human right." then yes.

-

https://www.apple.com/privacy/

⬐ Steko

Your logic is bonkers. Not every principle or virtue is a hill that every inch is worth dying over. The US and EU (and pretty much every other country) also have many laws and regulations that are not privacy friendly. You claim this means they should close up shop (or only sell to seasteaders) if they are a true privacyman? It's a recycled version of the 'Al Gore has a big house' joke, guess he's doesn't really care about the environment. Heyo!

⬐ ksk

If people simply admitted that Apple (like many others) will compromise on their privacy principles in exchange for commercial gain - we would never have been having a conversation on this topic. People want to hold Apple to a higher standard.. maybe thats also part of the problem.

⬐ CamperBob2

Is it really that simple? Put yourself in the execs' shoes for a few minutes. You can obey the laws of China and do business in China... or you can take a stand on principle and leave the market, giving up not only the revenue, but the small amount of positive influence you might have on their society as a whole.

How is that necessarily any better for humanity than simply obeying the local laws, going along to get along, while making it clear to your Chinese customers that their counterparts in more enlightened countries enjoy more privacy, more features, and an overall better experience?

I spoke with some people at a certain well-known company working on satellite Internet service a while back, and I asked them the same question. "What are you going to do when the Chinese try to shut you down for providing uncensored Internet service?" It was hard to argue with their response. They feel it is possible to make money and be a positive influence in various closed totalitarian societies including China. I think that's basically Apple's take on it as well.

Overt disobedience to the regime is rarely a good option for companies operating at global scale. It will get your employees declared criminals in large areas of the planet, and it can literally get your customers killed.

⬐ ksk

Well, I'm saying that we should probably ignore Apple when they say[1] stuff like "At Apple, we believe privacy is a fundamental human right." My cynical reading would be "At Apple, we're going to compromise on what we believe to be a fundamental human right, to make a few bucks, and if in the process we happen to have a positive impact on some dictatorial regimes, that would be cool too".

>Overt disobedience to the regime is rarely a good option for companies operating at global scale.

To be sure, it is never a good option. People have tried to sue the Chinese government, unsuccessfully so far. Nobody is denying that the chinese government has a horrible human rights record too.

>It will get your employees declared criminals in large areas of the planet, and it can literally get your customers killed.

Are we still talking about Apple in China? I don't know which customer was killed, or which employee was declared a criminal..

--

[1] https://www.apple.com/privacy/

⬐ CamperBob2

Are we still talking about Apple in China? I don't know which customer was killed, or which employee was declared a criminal..

No, I switched contexts to the satellite Internet service developer I mentioned. They are on track to deploy a significant LEO constellation over the next few years. If they succeed, they will effectively be the Internet for a large chunk of the world. So if they don't make arrangements to accommodate various countries' censorship regulations, then citizens of places like China, Iran or North Korea who are caught with their receivers will be in a great deal of trouble, and the company's executives will not be able to travel to those regions without fearing arrest.

⬐ hoi

There is another option. Just abandon any principle of data privacy and continue to sell their products (although GDPR in EU is an issue).

⬐ notyourday

So what you are saying that Apple's core beliefs are location-dependent.

Personally, I think it is totally cool to have location-dependent core beliefs. I just think it is a total fan-boism not to acknowledge it.

⬐ simonh

Providing your users with the maximum freedom, privacy and security possible under the law is a reasonable and ethical position to take, especially if you believe your products provide the best security and privacy on the market and withdrawing them would leave your customers with only worse options available.

If you honestly believed that to be true, how could you justify withdrawing from that market on ethical grounds?

⬐ abc_lisper

Umm. No. I don’t wear the same clothes in a desert and a forest. To do so would be foolish. Imposing yourself on others when you have no power to do is not wise. I can keep my house clean but can’t expect everyone in my neighborhood to do so.

⬐ ams6110

But you can choose not to visit the dirty houses.

Apple could choose to honor principles and not sell in China. But market share is more important.

This is a similar argument we had a couple decades ago about companies doing business in South Africa, which at the time had official racial segregation policies (Apartheid). There was a popular push for divestment and it was fairly successful.

⬐ FussyZeus

> Apple could choose to honor principles and not sell in China. But market share is more important.

They're a corporation, their sole ethic is "to make money," full stop, that is the only reason Apple exists. To ignore China as a market would cost them millions if not billions of dollars.

Tons of businesses with very ethical practices operate in and with China. China's current anti-privacy stances are unfortunate, but if we refuse to do business with them, all we're doing is giving a leg-up to Chinese corporations who don't even pretend to care about user privacy in the form of an insulated market.

⬐ notyourday

I'm glad you are starting to acknowledge that Apple will sell its users for money. It is just for now it seems to have other venues to get that money. Except in China where it needs to sell its users to the government in order to be able to extract money from that market right now.

⬐ pvg

They're a corporation, their sole ethic is "to make money," full stop, that is the only reason Apple exists.

That's a reductive and inaccurate trope which also seems at odds with and unrelated to the rest of your comment.

⬐ ksk

That sounds to me like you're saying Apples core beliefs are simply whatever they fancy depending on the time of the day.

⬐ abc_lisper

Hmm. Let's consider the forces involved here: 1. Apple makes their hardware in China. 2. Apple sells their hardware in China. 3. If Apple doesn't comply with China, 1 could be affected, not just 2. 4. Apple cannot move their hardware manufacturing to US (now), without losing their competitive edge, because everybody makes their hardware in China.

Do you think if Apple could be privacy oriented in China, it wouldn't? It simply doesn't have the power to do it in China. Don't equate it to Google, FB and numerous others who despite having a chance to be privacy oriented in US, won't.

This is like Cantor's infinities. Sure they are all infinities. But they aren't the same.

⬐ ksk

To unpack your #1 statement. Lets say that Apple makes their hardware and then ships it out of China. China makes money, gets some jobs out of it, some tech knowhow etc. China has no reason to stop that.

Now, apple's desire to sell devices in china that comply with chinese laws (which potentially compromise user privacy) is a separate issue altogether. Business wise, I don't think they can afford to avoid china altogether. So maybe they can simply say that "they're doing the best they can" and take the PR hit.

⬐ None

None

⬐ ddalex

But this is not about core-beliefs, but complying with the law.

⬐ 0xCMP

It's not a location dependent core belief. The Chinese laws make it this way. Apple is not a sovereign government with the right to do as they please. They operate in the rules and under the same threat of force everyone else does in every nation they operate.

That we live in an area of the world where you can choose to make the decisions they do without serious repercussions should make you pause and think about how important the checks we have are, because in China there aren't many ways to get around the problem above besides ignoring the largest developing market in the world.

⬐ notyourday

Of course it is a location dependent core belief. And, as I have pointed out above, it is perfectly ok to have a location dependent core belief as long as we stop pretending it is not.

Apple wants Chinese market and it wants Chinese labor. If to do that it needs to sacrifice its principals, it is willing to do so.

IBM did that before with Nazi Germany. Other companies did it before with South Africa.

P.S. It is very amusing to watch the blind apple fanboi-sm on HN.

⬐ millstone

Apple's #1 principle is to make the best product in the market. That's what they've done: the alternatives to iPhones in China are much worse in terms of privacy. Apple would not be helping anyone by going to the mat on this.

⬐ notyourday

You should try to substitute Apple for IBM, iPhones for tabulation machines and China for Nazi Germany.

It would be a fine mental exercise just to see not how far Apple fans would be willing to go to justify Apple's behavior but to see what kind of mental gymnastics they would be willing to do just to avoid saying "Apple will sell its users if it means keeping/gaining the market"

⬐ millstone

What a bunch of crap. When I visited China, my iPhone was the thing that worked. I was able to use e.g. Apple Maps, iMessage without having to install spyware like WeChat.

If I were Chinese, I would get an iPhone and disable iCloud Backup. Yes it sucks that I'd have to do that, but it's way better than having spyware built into the firmware like domestic OEMs do (Huawei, etc.). It's good for privacy that Apple remains an option in China.

⬐ hesarenu

If they were serious they would stop selling in China.

⬐ baxtr

”Privacy means, people know what they’re signing up for, in plain English, and, repeatedly“

“Privacy means people know what they’re signing up for. In plain English, and repeatedly. That’s what it means. I’m an optimist. I believe people are smart. And some people want to share more data than other people do. Ask them. Ask them every time. Make them tell you to stop asking them if they’re tired of you asking them. Let them know precisely what you’re going to do with their data. That’s what we think.” — Steve Jobs, 2010 WSJ AllThingsD Conference

Video: https://www.youtube.com/watch?v=39iKLwlUqBo&app=desktop

Transcript: https://www.digitalmusicnews.com/2018/03/25/steve-jobs-user-...

Recent article: https://qz.com/1236322/apples-steve-jobs-tried-to-warn-faceb...

⬐ zbentley

It's almost like the company he headed made next to no money from selling its users' data.

Sarcasm aside, it's a good quote, but misses the crux of the issue: incentives. User data sharing/selling (whether through partnerships or advertisement targeting) is Facebook's revenue model. Everything else they make money off of is insignificant compared to that. This, I think, is what people mean when they say something is "in a company's DNA": was a dubious partnership with Cambridge Analytica or an only-deceptively-authorized potential collection of contact/SMS data some sinister plot, or the goal all along? Probably not. Was behavior like this considered less-than-scary to Facebook's decision-makers, swept under the rug, or seen as a minor extension of what they already do to make money? Almost certainly.

Privacy has been big at Apple for a long time, this video was posted in this thread of Steve Jobs talking about how important privacy is to Apple https://www.youtube.com/watch?v=39iKLwlUqBo

Have used Android for years (I have been using devices like Pro, rooted, custom ROMS, skins whatever you might imagine). Shifted to Apple's echo system 2-3 years ago. It took me some time to get used to iOS but integration across devices (my mac, my iPad, my watch) is simply amazing. I am not going sound like broken record or fan boy here. Apple got me on this video where Steve Jobs really showed how much they care for privacy https://www.youtube.com/watch?v=39iKLwlUqBo the other day my wife got a notification from Google Photos that it prepared our Album from our trip to SFO. We have turned of location tagging and everything, turns out Google is not content with me asking them to leave me alone, they would use ML and whatever they have built to figure out where I have been. In this day in age, while Apple might sound outdated to a lot of people, nothing can beat the sense of security with privacy Apple carries with itself now.

⬐ kissickas

This is simply an example of Google actually providing you with a service in exchange for the information you give them. If your iPhone photos include the same information but they don't give you a (admittedly mediocre, I've never saved one) album which uses that data in exchange, you're not maintaining any more "privacy." You're just not being made aware of how little privacy you have when syncing to a cloud-based service.

⬐ alphonsegaston

Not the parent, but I think the mentality that the user is wrong and misunderstands their (intentionally limited by Google) options with regard to privacy is why people move away from their ecosystem.

⬐ clappski

The Photos app on my iPhone does geotagging and creates relevant albums of trips away.

⬐ nkristoffersen

Yup! But what’s cool is the iPhone does all of that locally on the phone instead of on the cloud.

⬐ MagnumOpus

And it does not allow any app to export it once you archive your photos - oh, except for iCloud which is a super-expensive pay-to-play service beyond the first few photos.

⬐ matthewmacleod

Super-expensive? It’s $10/mo for a 2TB plan, which is less than the 1TB plans from both Google and Dropbox!

⬐ la_oveja

You can store any kind of files on iCloud or only photos/video?

⬐ virusduck

any

⬐ NicoJuicy

Know that since three months it isn't expensive anymore, but it launched over 6 years ago. So it was 5 years and 9 months expensive, since 3 months it's not expensive.

BUT, there is no 500 gb plan. So everyone who wants more than 200 gb is paying for 2TB.

They are earning more, just in a smarter way

⬐ antihero

I have 33,000 photos and it's happily under 200GB, which I pay £2.49/mo for.

⬐ bigbugbag

Try integration across devices that are not apple's and you'll understand that apple is a hardware seller and this marketing scheme is to push you into buying their devices and keep you locked in as long as possible.

The difference with other big players such as facebook or google is that google business is selling ads based on giving software for gratis and facebook business is being the parasitic middleman between people and their data / online interactions (also company) and scrambling to make the investor story time lie believable as long as possible. They both indulge in strong vendor lock-in.

My point is that apple is not in this to protect your privacy or to defend humanist values but to get more people to buy their hardware for increased profit and shareholders.

⬐ codydh

You're right that Apple services don't integrate as nicely across non-Apple platforms. (Isn't that true of many things?)

However, to dismiss it as a marketing scheme is somewhat disingenuous. It may achieve that, but there are plenty of people out there who simply think they make the nicest hardware. The tight integration is icing on the cake. I own almost entirely Apple hardware. If I thought something else was nicer, I'd get it. I don't.

⬐ eeeeeeeeeeeee

Why do you expect FOR PROFIT corporations to behave like charities or non-profits?

It's telling how you describe Google in comparison; Google is "giving software for gratis" and Facebook is "parasitic." Google is no different than Facebook: using the person as the product to sell advertisements.

⬐ malthaus

Why do you care about the motivation when the outcome is aligned with your preferences (i.e. your privacy being respected)?

⬐ eeeeeeeeeeeee

Exactly. I'm totally fine with economic incentives aligning with improved privacy and security, which is exactly Apple's business model. Apple has made security and privacy "easy" to the end-user, which is no easy feat.

Apple is not a charity and nobody thinks of them as such. For example, the "RED" campaign is an effort to sell THINGS, but it also gives money to charity. Seems win-win to me.

⬐ bigbugbag

It is a tell that it only appears to be aligned and actually is not. (Among my preferences is to not buy/use apple devices for a variety of reason: overpriced, battery life, short life expectency, lack of control and vendor lock-in, having to unlearn 3 decades of muscle memory, etc.)

Where there is vendor lock-in there is no possibility for freedom and freedom requires privacy. Apple has a long history of being the king of vendor lock-in.

My understanding is that apple does not protect privacy, it merely does not disregard it as effectively as the other big players because apple is different in the sense that its business is selling hardware.

Just look at what the posted page actually says: it presents touch id as secure despite being repeatedly shown otherwise, it pretends a complex passcode is secure but it will not protect your privacy when someone is asking you the code with a hammer. It phrases things in a way to induce the reader into thinking apple does not gather data about users: "Apple doesn’t gather your personal information to sell to advertisers or other organizations." which actually means Apple gather your personal information to exploit themselves and to give away or trade with third parties. And so on...

Being better than the worst does not mean it's good enough.

⬐ koffiezet

Could you explain the vendor lock-in? The only-one I experienced is a rather soft-one, where I use an Apple device simply because it's more pleasant or practical over the alternatives. All music I had in iTunes is now moved into Plex, so no lock-in there, Apple even pushed for DRM-free music.

⬐ bigbugbag

It has been self evident for so many years that now that you ask I don't know what to say. Vendor lock-in is so ingrained that it actually defines Apple.

Here are a few examples: try making a backup of your iphone without icloud or itunes (or manual update of iOS, or restoration) try sending GPS coordinates to a non iphone try exporting your contacts to a non iphone When apple finally offered DRM-free music on the itunes music store but refused to licensed their ALAC lossless codec preventing the music to be listened on other devices until it was reverse engineered[1] try installing software on an iphone without using the app store and jailbreaking the iphone jailbreaking is actually made to remove the limitations imposed by apple to its customers integration only works with other apple products

the list goes on

[1]: https://en.wikipedia.org/wiki/Criticism_of_Apple_Inc.#Accusa...

⬐ koffiezet

I've seen real vendor lock-in on corporate level, where in the worst case, the vendor of a client suddenly just did an x20 of the licensing price for the next year, for something that was already a very expensive contract. The client had no other choice but to pay up, moving to another solution would cost many times that cost.

There is nothing Apple does that even remotely resembles such practices. I want to buy an Android? It'll take some time to migrate stuff, but I've done that before, it's not that hard, just time-consuming. It won't cost me multiple times the cost of buying another phone, and I won't lose any data.

> try making a backup of your iphone without icloud or itunes

Is offering a way to backup a device lock-in? It's the same as "oh no you have to use pg_dump to export a postgres database". Also, there are 3rd party apps you can use to backup your phone. And if you make local un-encrypted backups with iTunes, there are many tools to extract stuff like your messages history, and if you really need to - you can just find the right file, fire up sqlite and browse/recover them that way.

> try sending GPS coordinates to a non iphone

Whatsapp can do that, Google hangouts too - there's nothing stopping an app from doing that? What's your point? That you can't send an iMessage to a non-iOS device? I suggest you have a good look at all the alternatives, which can be installed without a problem on an iOS device btw.

> try exporting your contacts to a non iphone

I've done this on multiple occasions. I've had a harder time exporting contacts from Google than from iCloud/iOS devices. Apple simply uses the vCard standard.

The App store would be a vendor lock-in if I could only install Apple made software from it, which is not the case. I use many competing services and apps on my Apple devices.

And yes, ALAC was a problem for a while, but they did release the en/decoder source code under apache2 license in 2011. There are other things that smell a lot more like vendor lock-in: Siri and the maps integration in iOS, but again, that's more an inconvenience than a real hard lock-in.

⬐ dvfjsdhgfv

I made a full circle. First, I was in love with iDevices. Then I was more and more uspet by their limitations - notably inability to directly copy content (music, videos, e-books) to and from as I wished. Mind you, these were the times that in order to even start using the phone you needed a computer with iTunes installed! So I switched to Android, only to discover you need to handle over so much data to Google you have a feeling they know more about you than you do. In the end I realized Android is just a data collection platform. I switched back to Apple, even though I still use some Google services (like Maps).

⬐ madez

You can use Android without Google. It's easy with LineageOS.

⬐ bigbugbag

It's not. Unless you buy a specific devices LineageOS offers good support for, and even then it's only the start.

⬐ madez

There are a lot of devices that are supported by LineageOS. I lately bought one for a family member and the search did not take long.

⬐ bigbugbag

I'm not saying it is hard to buy a device supported by lineageOS, I'm saying that other than buying a device for this purpose chances are your actual device or the device you had plans to buy are not supported.

This happened to me enough times that I do not even bother looking up compatibility and consider lineageOS as not an option to save myself time.

⬐ madez

To put things in context, this discussion started because dvfjsdhgfv said they bought another device because of bad privacy on Android with Google. This means getting rid of Google was already a deciding factor when shopping for a device.

> the device you had plans to buy are not supported

Because of said context, one simply wouldn't have the plan to buy that device.

Checking for support is only a click away:

https://wiki.lineageos.org/devices/

⬐ Loic

If you take the time, but you need to be computer affine, you can setup your Android device to use non Google related services. This is hard work, you need to know about the implications of using one application or another and you have the feeling that Google is trying in every single dialog box to force you enabling data tracking options with dark patterns (like enabling location reporting).

⬐ justonepost

Interesting you say that. Android actually gives you control over security and privacy by telling you what your app API's get access to. iOS apps could be transmitting details back to home without your knowledge.

⬐ IshKebab

> iOS apps could be transmitting details back to home without your knowledge.

Erm, so could Android apps? You don't need to request permission for internet access anymore.

⬐ mlnj

Privacy controls exists both in Android and Apple platforms, but you can be sure of one thing: if you choose to save your data on either clouds, they have the ability to use it for their platform (ML, advertisement suggestions).

⬐ nardi

Not if that data is encrypted with a key that they don’t have. Which is what Apple does.

⬐ mosselman

True, but alas not for every service as far as I have understood it.

I am particularly interested in storing my photos somewhere, but the details about the encryption have not led me to believe that Apple can't access my photos, which is a must-have requirement to me.

Source: https://support.apple.com/en-us/HT202303

It says 'encryption-server: yes' for photos, but around this table you have the text:

" For certain sensitive information, Apple uses end-to-end encryption. This means that only you can access your information, and only on devices where you’re signed in to iCloud. No one else, not even Apple, can access end-to-end encrypted information."

and

"These features and their data are transmitted and stored in iCloud using end-to-end encryption: - iCloud Keychain (Includes all of your saved accounts and passwords) - Payment information - Wi-Fi network information - Home data - Siri information"

So alas, no photos.

⬐ chopin

Wouldn't Google be in the same position? They could grant their apps privileges without your knowledge. They build the OS.

⬐ justonepost

Oh sure, but google has everything to lose for leaking personal data. Rogue app companies simply have nothing to lose

⬐ None

None

⬐ sjwright

> Android actually gives you control over security and privacy by telling you what your app API's get access to.

Simply mentioning a laundry list of the myriad things an app will be permitted to do is NOT giving me control over security and privacy.

http://cdn.makeuseof.com/wp-content/uploads/2014/06/03-Angry...

That's not control, that's bullshit.

Apple got permissions right long before Android did: no third party apps have intrinsic permission to use the microphone, address book, location etc until the OS asks me on behalf of that app. And I can always say no if I want.

⬐ tinus_hn

> no third party apps have intrinsic permission to use the microphone, address book, location etc until the OS asks me on behalf of that app.

Actually some of these permissions need to be requested by the first-party apps as well. You can deny the built-in Maps application location updates.

⬐ justonepost

Yeah, but there are things like some game can backdoor the clipboard while submitting a score or whatever.

I like to know if an app has access to the network. If it does, don't install unless I trust the parent company.

⬐ chipperyman573

That hasn't been the case since android 6 (they're on android 8 now). That picture looks like this now:

https://www.howtogeek.com/wp-content/uploads/2015/10/ximg_56...

It works just the same as iOS, where the first time an app wants to use your location/etc it asks android, which shows a prompt:

https://uit.stanford.edu/sites/default/files/images/2016/08/...

And can be revoked as well:

https://img.gadgethacks.com/img/81/78/63633813117897/0/snapc...

⬐ newscracker

I've heard right here on HN that even in the newer versions of Android, some (prominent?) apps don't work well if you don't grant them the unnecessary (from the user's point of view) permissions. I haven't seen something like that on iOS so far.

With the pace of Android adoption, the new permission model isn't even present on half the devices that have been tracked on the Android Dashboard. [1] Versions 6 and 7 combined are at 48% adoption as of this moment, according to this dashboard.

On the iOS side, the granular permissions model has been around since the last seven years or longer, IIRC. And iOS devices have a much higher rate of new OS adoption, which means almost every iOS device currently in use has the same permission model for a lot longer.

[1]: https://developer.android.com/about/dashboards/index.html#Pl...

⬐ None

None

⬐ lvillani

iOS is different in a subtle way: once you grant an application permission to use location/microphone, it will show a banner if a background app is using it.

Once you grant e.g. permission to access the microphone to an Android app, it can do so at any time without you noticing. Until you manually go to the settings and revoke the permission, that is.

⬐ tinus_hn

This happens only if the permission is for ‘while using the app’. This permission means that part of the app needs to be visible on screen and if it’s not, the banner will show.

If you change the permission to ‘always’ the banner won’t show.

⬐ lvillani

That only applies for location access. Even then, you'll see an arrow in the status bar and there's a page in the settings that lets you see which applications are actually accessing your location in the background, and how often.

Mic recording, on the other hand, is always user-initiated and very explicit.

⬐ benevol

> At Apple, we believe privacy is a fundamental human right.

It is established knowledge that Apple has been for a very long time (and remains) a partner of the NSA's PRISM mass surveillance program.

⬐ Karunamon

PRISM is an endpoint for companies to upload data in response to court orders. The alternative would be that they have to provide the same data but employ an army of engineers to manually scrape the results together.

I’m not convinced this is somehow more virtuous than doing it automatically. The warrant was signed, Apples hands are tied either way.

⬐ danpalmer

Not willingly so.

Apple appears to be doing as much as it legally can to get around that fact, such as in providing end to end encryption on iMessage.

⬐ benevol

The claim that you have privacy when you buy an Apple product is still a lie.

If you buy tech from one of the US big corps, you simply have no more privacy. That is a simple fact.

⬐ Gaelan

[citation needed]

⬐ bigbugbag

It can't do much legally. If Apple was serious about protecting privacy it would move operation to a different place where law actually still offers some privacy protection.

⬐ alien_at_work

>If Apple was serious about protecting privacy it would move operation to a different place where law actually still offers some privacy protection.

Do you appreciate what your asking? You're honestly saying if they do something this radical then they're "not serious about privacy"?

⬐ bigbugbag

Erm, there's a misunderstanding here. I'm saying they cannot be considered as being serious about protecting privacy because they operate from a country that has anti-privacy law.

If they did move to a country with privacy protection then privacy protection could be considered possible.

⬐ vaishaksuresh

>Google is not content with me asking them to leave me alone, they would use ML and whatever they have built to figure out where I have been

Which is precisely why I stopped syncing my images to Google.

⬐ lostlogin

What’s the alternative? Apples Photo’s app is perfectly incapable of syncing photos between 2 Macs and a phone as far as I can tell. It’s not cheap and I’m yet to see it work.

⬐ vaishaksuresh

I use a couple of things. All photos go to my local NAS (QNAP has an app that does this automatically). They also go to iCloud and I don't have the problem you have with it but then again I use it only for mobile photos so I don't really care about sync as much as about backup.

⬐ cjsuk

I’m using it with a 45Gb photo library between a phone, a Mac and an iPad with zero problems.

It does take a while for things to arrive at all destinations due to my crappy internet connection but for me it works quite well.

⬐ vlozko

CloudKit, the API Apple introduced a few years ago and what iCloud syncing is built on, has been pretty rock solid. I think your complaint has been the first one I’ve heard about Photos syncing.

⬐ nkristoffersen

I have over 30,000 photos/videos in iCloud (357GB). Synced between my MacBook Pro, iPhone, and iPad.

Works extremely well for me. Set it and forget it.

⬐ zimpenfish

Currently on ~75k photos+videos in iCloud Photos and yeah, syncing is now[1] really good between Macbook, iPhone and iPad. There's times I've saved a photo on the phone and it's been on the iPad before I've swapped devices.

[1] It has been flakey as a weasel's taint in the past.

⬐ binarysolo1111

Doesn't your iPhone capacity get full up? Can you selectively choose what is synced? Last time I tried (a few years ago) it was all or nothing

⬐ elnygren

iOS saves space by only keeping thumbnails locally and loading better versions on de-mand.

You’re gonna be fine :)

⬐ nkristoffersen

Everything lives in the cloud. Once the photo has been uploaded only the preview is stored on your phone. When you tap on the photo or use the photo/video, the phone pulls the full file down from the cloud.

You can set this in the photos setting. You have the option to store all content locally while also backing up everything in th cloud. However, none of my devices have the space for 357GB of photos so I default everything to “optimize local storage”.

⬐ zimpenfish

I would like the ability to have a single "always local" folder for putting a selection of photos in. Handy for when you have no network, etc.

"Favourites" seems to -almost- have this priority in that they'll more often than not be on the device regardless of age and whether you've specifically downloaded them but it's not -quite- there.

⬐ bigbugbag

Anything marketed "cloud" is a privacy liability. Using this defeats the whole privacy issue raised here.

Besides syncing 357GB requires some serious internet which is a privilege of a limited few.

⬐ unhammer

There's an Android app for https://syncthing.net/ that makes it fairly easy to sync photos between computers+phone, without anything going to the Cloud.

(There's a crowdfund going on for an official iPhone app for Syncthing: https://www.bountysource.com/issues/7699463-native-ios-port-... )

⬐ zimpenfish

In tht interim, fsync() is a decent read-only Syncthing client.

https://itunes.apple.com/gb/app/fsync/id964427882?mt=8

⬐ unhammer

My girlfriend tried that on her iPhone, but it often didn't update the list of files, or updated only after a very long time, so she went back to emailing herself stuff. fsync() unfortunately still feels very beta.

⬐ 1897234235235

People say that apple is dead now that steve jobs is gone. They point to the fact that whenever he leaves apple, apple starts to crash. The difference this time is that he appears to have left a legacy and a succession plan. The other times, he just left and apple decided to run itself differently. Steve Jobs and other staff have engrained privacy into the company, and now apple are pulling it out when it is needed even though he isn't even alive.

⬐ bigbugbag

He did not left as much as been kicked out. Then again he did not engrained privacy but obsession with control into the company. Apple wanting to be in control of every aspect of everything means better apparence of privacy compared to the usual share with third party for profit. The explanation is that the usual is for services based on software who have nothing to sell while apple sells devices.

⬐ Camillo

Google Photos's automatic indexing of pictures is one of its best features. They're not trying to figure out where you have been, they're just saving you the work of tagging your photos. If you put your SF pictures in an album called "Trip to SF" in Apple Photos and sync it with iCloud, Apple "knows where you have been" just as much as Google does.

⬐ icemelt8

That is true, their picture indexing is magical and I don't have any issue if they knew I went to SFO, I mean whats the big deal?

Just a story, I took a picture of my car three months ago, someone asked me to show a picture of my car, I just went to google photos, typed "Grey car" and voila ... This is the future.

⬐ dasil003

It's not really the same because if the NSA wants to know where everyone has been, something automatic that applies to everyone is of significant value, while trying to mine Apple's data of people personal folder hierarchies is worthless.

Also, we know Google is actively engaged in mining this data in order to do something. Today it's to improve the user experience which I believe is an honest motivation, but inevitably this empowers a surveillance apparatus that both governments and powerful corporations want.

I think it's worth pushing back a bit on the sort of standard operating procedure of tech companies today, and question where this is all leading. Apple are definitely not saints, but at least they provide something resembling a dissenting viewpoint on the issue of customer data privacy.

⬐ sametmax

Given that:

- Apple was part of the prism program;

- they denied it;

- their platform is so closed you can't have remotely any idea what's it doing;

I would put Apple in the same bag as anyone else and assume they give away everything and then make a big PR noise to pretend they don't.

Only fanboys or naive people would believe the contrary.

⬐ Gaelan

iMessage is, as far as anyone knows, end-to-end encrypted.* There is a macOS client, so it seems likely that any backdoor in the encryption would have been found via diassembly by now.

* looks like Apple is trusted for key discovery. Abuse of this trust could be tested with the Mac iMessage client. That can’t detect a targeted attack, of course, but I don’t think that’s what you’re claiming is happening.

⬐ sametmax

Openssl was open source and we still got Heartbleed. It's a long strech to think wd can audit correctly imessage by reverse engineering it.

⬐ lillesvin

Difference is that on Android you can use pretty much any photo app/service that you want. Nothing's forcing you into the arms of Google. I don't know much about iPhones, but as far as I understand you don't have much of a choice.

⬐ matthewmacleod

Yeah, I don’t know where you’d get that impression. If you want to use Google Photos on the iPhone, you can go ahead and do that.

⬐ lillesvin

As I said, I don't know much about iPhones. Thanks for clearing it up. Now I just fail to see why the underlying OS is of any consequence. Seems like the original commenter is making an "Android vs iPhone" issue out of something that has to do with a specific application — namely Google Photos.

⬐ antihero

Well with iOS you aren't tied into Google's data mining operation. You just have that option.

⬐ lillesvin

The original comment was about Google Photos, which isn't forced on you in Android either...

⬐ vpol

You can even use google photos app on the iPhone. There is no limitation.

⬐ lillesvin

Ah, cool. But then I don't see why Android vs iPhone is even a topic here. If the original commenter installs Google Photos on iPhone he'll have to accept the same privacy policy. The underlying OS has nothing to do with it.

⬐ bigbugbag

There is no reason to discuss android vs iphone, it is the modern version of a classic endless troll.

A privacy version of the godwin point is mentioning google instead of the nazis. Mention the worst known offender and you'll look better in comparison.

⬐ NicoJuicy

You know what else they launched in 2010 ( when this video was made)

iAd..

It isn't successful though, so i hope you can read between the lines of Apple caring about privacy ;)

PS. I'd like to see if they limit the knowledge of Siri because they care about your privacy.

⬐ giancarlostoro

Another comment mentions why it wasn't successful basically because Apple wouldn't give up user information and dictated banner size.

⬐ NicoJuicy

You mean statistics about who the visitors are? Personal information is never given out, so that's a bogus reason

⬐ adamlett

You are splitting hairs. What the parent commenter meant is that Apple refused to collect a lot of the information that advertisers were interested in to target their audiences.

⬐ gargravarr

Google are really starting to annoy me in this regard - I've been an Android user since 2010, never owned an iPhone, although I've owned Macs and iPods in the past.

For me, Google are very good at giving you security settings and then completely ignoring them or resetting them to defaults when you're not looking. This in addition to, if you want to be able to do anything with an Android phone, even things that don't even seem to relate to this, you have to consent to giving Google more data to mine. You can't just turn on your location to allow your weather app (regardless of its backend location provider) to show you your local forecast, you have to consent to sending your location to Google on a regular basis. Granted, with most of the processing done on the Google cloud, it's probably unavoidable now.

My current gripe with them, though, is that I specifically switch off my GPS. Two reasons for this - 1. is battery life. I have no need for my weather app to refresh and then get my pinpoint location (which it will, it just requests the most accurate location available from the subsystem) when the cell-tower location will suffice. 2. is that I have no desire for every app on my phone to be able to work out where I am at any time.

On several occasions, however, I'll be in a commercial establishment (shop, restaurant etc.) and a notification on my phone will appear, asking me for further information about the exact store I'm currently in. I've been asked to review the restaurant or if I know the website for the fish and chip shop I'm standing in. How does this happen? Why, the Wifi-Scanning-in-Sleep-Mode option gets randomly re-enabled, of course. And because Google decided to log the SSIDs and MAC addresses of every broadcasting wireless network when they drove the Street View cars, this information is as accurate as GPS. Not to mention, I switch my wifi off when I'm not using it for battery reasons, and this totally undermines the point of having a Wifi Off switch.

I keep switching this option off and Google keeps switching it back on. I'm beyond fed up with their total lack of respect for my privacy. There's also the fact that, not only do they go out of their way to figure out where I am, they then expect me to answer questions. It's like a man in a Google uniform suddenly leaps out of the nearest bin with a clipboard as I'm either waiting for dessert or walking out the door.

I've experienced the Apple lock-in before with my iPods and I'm not keen to sign my life over to an iDevice, but I am getting to the point where they seem to be the only way out of this cycle.

⬐ hellbanner

https://news.ycombinator.com/item?id=15302675 ...

⬐ alien_at_work

>In a free system, the users could have done this themselves years ago instead of waiting for Apple.

Is this satire? If there's one thing the open source movement has proven, it's that without the backing of a business very little will happen. If there were some "free" mobile system out there, the only way it could work is if there was a "red hat mobile" type of company funding its development. Random "users" generally wouldn't fix anything just as they don't fix Linux/Mozilla/etc. bugs now.

⬐ Gaelan

Canonical (Red Hat, Ubuntu editon) tried to build a mobile OS. It got scrapped.

⬐ andersonmvd

The video you just mentioned is a little bit more than 3 minutes, without technical evidence and spoken by one of the best public speakers we've seen. It's ok thinking that Apple focus on your privacy but make sure to see some real evidence.

⬐ None

None

⬐ moobsen

> nothing can beat the sense of security with privacy Apple carries with itself now.

That is exactly it. Apple is not good at privacy, they are good at giving you the sense of it. A closed source OS, on proprietary hardware, where they don't even give you root access to your own device, will never be private. You pay them, but really they own the phone and you have to trust them.

But they are obviously very good at making you /feel/ secure and private.

⬐ ismail

I think we are confusing two different but related terms in these comments.

1. Privacy of information

2. Freedom to inspect, modify and change source code.

So Open != automatic privacy of information.

The question then really boils down to do you trust apple to be doing what they say they are doing? Or would you prefer to verify it yourself? (open source)

I think Apple is betting that point 1 is much more important than point 2. More people also care about it. Hence the strategy.

Actually the more I think about it the more i realize this may be apples master stroke strategy. Google, Facebook etc. business models are primarily based around monetizing your personal data. Where as apple is saying you can have the same level of services but with out having to compromise as much of your data.

⬐ ismail

Few other points which may be obvious but non the less.

Apple is actually uniquely positioned for this strategy, since the do not need to sell your data to companies. They make their money of the devices.

It's probably one of the reasons google has been moving to more and more devices. To neutralize the Apple threat.

⬐ lvillani

I don't think privacy can be measured by counting the number of lines of code that are open source.

A device can be perfectly respectful of your privacy despite being closed and proprietary.

The only difference (IMO) between open and closed platform is that with the former you can have 3rd parties inspect it.

However, unless you have the resources to fully audit an open platform (either yourself, or by paying someone else) I believe you should assume the worst from both open and proprietary platforms.

⬐ madez

While it sounds intuitively correct that both open and closed platforms can be malicious, it is justified to a priori distrust a closed system significantly more than then an open one, because opportunity makes the thief.

⬐ bigbugbag

Even if it actually is, there is no way to know if a closed and proprietary is respectful of your privacy. It is a matter of blind trust.

Which does not mean that open source is synonymous of privacy either, only that one can go further than blind trust to the manufacturer.

⬐ willstrafach

You do not neeed blind trust. Download the firmware and reverse engineer any aspect you are concerned about, problem solved.

⬐ bpicolo

There's more than the device code. They're not going to open source their entire web infrastructure. They DO store your data, somewhere. Either way, you need trust.

⬐ bigbugbag

That's going one step further but you're right those computer phone are made so the user will have some of its remotely stored.

Personally I do not trust them and for this reason I have no data plan and no internet on my phone.

⬐ bhnmmhmd

Exactly!

As another example, Telegram claims to be the most secure messaging app out there. They have open-sourced their code, but what really matters is what they do with peoples' data on their servers.

> They're not going to open source their entire web infrastructure.

I think blockchain can actually solve this problem once and for all. When data is stored in decentralized nodes, much of these concerns are gone.

⬐ willstrafach

> Apple is not good at privacy, they are good at giving you the sense of it.

Nothing in your reply counters Apple being good at privacy. Source availability is related to privacy in your own personal opinion.

If you would like to audit each line of source code your phone will run, that is fine, most do not. Personally I like to have it both ways by regularly cracking open various components of iOS in a disassembled (ARM assembly is just as good as source code to some folks).

⬐ jwr

As opposed to what "open source OS" on what "open source hardware"?

⬐ moobsen

My comment wasn't meant to compare it to anything else. Their nice words just don't convince me on a technical level and I'm surprised that so many people here appear to fully trust them. If their phones were perfectly secure there would be no debate if they are willing unlock the phone for any agency or not. It would simply not be possible and there would exist no security company that is able to do so.

⬐ bhnmmhmd

> If their phones were perfectly secure there would be no debate if they are willing unlock the phone for any agency or not.

Total security is not possible, not at least by a long shot.

Although, I understand your concern about why people trust these companies. While I don't know the answer just yet, I think one reason is that most these companies are located in Western countries where "rule of law" is considered extremely crucial. Openness about balance-sheets, government policies, and privacy are - to the best of my knowledge - critical in the US.

⬐ jrs95

The only way for Android to be any better is to basically cripple it and make it incapable of running the vast majority of apps. So Apple might not be perfect on this, but it's basically as good as you're going to get without huge compromises imo

⬐ ksk

Which consumer electronics company is good at privacy?

⬐ hollander

Take my Sony Xperia phone. Is Android Open Source? I think it isn't. Is the hardware proprietary? OK I can root the phone probably, but then what? How can I trust the new ROM if I can't really know what's inside? Google wants to make me feel secure, so they do their best to provide tools to protect my phone and account.

Now tell me what serious alternative there is for a modern smartphone? Firefox and Ubuntu have abondoned their phone OS, and they had no good working system that could compete with Android or iOS? Windows Phone? How's that better than Apple's offering?

Apple seems to have the best arguments here.

⬐ bigbugbag

Android is not FLOSS obviously but the point is that you can 't do more than having blind trust for the manufacturer. Having the best argument is not the same as as actually offering the best privacy.

You could try jolla or fairphone or even a blackphone (or one of the governmental only privacy oriented smartphones not available to the general public).

But this is somewhat irrelevant as having a smartphone with a GSM chip is a severe privacy issue in itself whatever the hardware/OS. Even a simple mobile phone is a privacy liability unless you take some precautionary measures.

To get some privacy one has to accept to have less comfort and ease of use, privacy and security are a tradeoff. something only a few actually do.

⬐ la_oveja

Android is actually FLOSS. The problem comes when people want to add a Google account.

You can use a free version of Android? Yeah! You are going to lack some stuff tho. Google Play Services provides geolocation services, the app store, push notifications,...

⬐ bigbugbag

I think you're confusing android and android open source project (AOSP) here. Android is AOSP + Gapps.

Even the FLOSS nature of AOSP has been questioned for years, but as a manufacturer it's impossible to offer a phone with AOSP, to be able to use android you have to include the Gapps.

Google has slowly been moving functional parts from AOSP to Gapps, the point being to limit the AOSP part and eventually get rid it of the open source part.

⬐ la_oveja

You don't need GApps to run Android. The only closed source blob you need is chipset and modem drivers.

And no: AOSP is Android. It's like saying that Linux is not Linux unless you bundle it with GNU-utils and wrapped by Canonical.

⬐ swinglock

I don’t think it stops with the Google software. You will still more likely than not have proprietary binary blobs running in your kernel to support your proprietary hardware executing proprietary firmware that is as large as operating systems themselves, the largest with the biggest attack surface waiting the process anything they can on 2G, 3G, 4G, WiFi and Bluetooth bands.

Android is more open than iOS but it’s not really open enough to make a significant difference, not for 99% of users and not really for the 1% that think it is more secure or private because they run a (heavily modified, very old, probably abandoned by the manufacturer) Linux kernel but ignore the baseband and closed source camera driver.

> Apple has traditionally been very user hostile

Here's an interview with Steve Jobs on privacy regarding location data:

https://youtu.be/39iKLwlUqBo?t=23s

Apple takes care of their users.

⬐ TremendousJudge

the fact that they care about privacy doesn't mean that they aren't user hostile

⬐ lolsal

'user hostile' is too ambiguous to be useful.

I would argue that some of the perceived 'hostility' is a Necessary Evil® for improved UX elsewhere - specifically implementing DRM paved the way for Apple users to be able to "just buy/lease/get/download" lots of media (or actually licenses to media) very easily. I'm an Apple FanBoi though, so I am heavily biased because I really like their ecosystem.

Specifically about user privacy, Apple has a track record of being a decent advocate for user privacy. More publicly than I have been, that's for sure!

⬐ zeveb

A rancher takes care of his cattle too — but they're not free to leave, and eventually he's going to slaughter them.

With Android, I can choose to load my own OS. With iOS, I cannot.