> Then perhaps dial back the anti-Apple rhetoric, or at least post something more substantial and thoughtful when you do.
I don't have to be a mechanic to know when a car is broken, just like I don't have to know how all of Apple's software works to know that they don't actually value privacy. Please, prove me wrong. I'd love it if Apple actually put their money where their mouth is. Until then, I know enough about their stack to know that they don't build it in a way that ensures privacy.
> You’ve seen enough responses from people to anticipate objections.
And? I can anticipate objections as to any argument. That doesn't change the validity of either side. I don't think I get what you mean by this.
> It’s tedious and boring to see the same arguments again and again.
Once those arguments become invalid, I'll stop. If I'm saying something that isn't true, please point it out. Until then, I'll will proudly correct the lie that "Apple cares about privacy". I'm sorry that the truth is tedious to you, but there's not much that I can do about that.
> Mail is a mail client: if you use an Apple domain, you’ll use their servers. If not, then not. And you don’t need to use the built-in mail client. If you use Apple Maps, yeah, you’re using their service. You can use Google Maps or Waze or other alternatives if you choose. GPS is a radio: it doesn’t involve any service provider other than the satellites it receives information from, same as any other GPS radio.
But they could build their systems so that I don't have to go through Apple to use their app, just in the same way that email works. They choose not to. My point is that, until they design their systems so that I can use all of the standard functionality without going through their servers, they aren't taking privacy seriously.
When asking you to "post something more substantial and thoughtful when you do. You’ve seen enough responses from people to anticipate objections.", I'm asking you to do more than repeat "Apple pretends to care about privacy as long as it is good for the bottom line." to start out. From what I gather, your complaints with respect to Apple and privacy center around the source code not being open and you'd like them to provide more choice. Those are reasonable and understandable positions. I'm not trying to build a straw man here, so please correct me if I'm misreading you. When you start a conversation with only "Apple pretends to care about privacy as long as it is good for the bottom line", that's indistinguishable from trolling, when you can easily sum up your issues there as well and encourage a substantive conversation.
From that, you make an absolute claim that "Apple cares about privacy" is a lie. I think a more accurate description is "Apple doesn't care about privacy as much as I want them to." The latter is a perfectly valid, understandable opinion. The former is not. Apple has sunk substantial resources into privacy; you may feel that the Secure Enclave isn't really, because it's not open, but it's wrong to deny that they've put money into developing it. That's an example of putting their money where their mouth is. Likewise refusing to assist the FBI in unlocking their phones. That cost them money (if only in legal fees), and raised the ire of some in law enforcement and the government.
You can point to decisions Apple has made to operate in China, and reasonable people can disagree about their decision there. It's fair to also hold other companies to the same criteria when doing so. It'd also be helpful to point to examples of what you think are good examples of privacy.
You also mention "I do agree that they seem like the best tech giant for user privacy, but that is a super low bar. Just because they are "the best", doesn't mean they are good at it." Can things be better? Sure. If you care about privacy and "agree they seem like the best tech giant for user privacy", do you use Apple devices? Not since the first iPhone, you say. Then, why not? Are you working to improve security on other platforms? It's understandable if you're not: security is tough, and I don't necessarily expect everyone to contribute to open source. Are you evangelizing for those platforms? That sounds like something you could be doing, along with making reasonable arguments about issues you see with Apple.
Similarly "they could build their systems so that I don't have to go through Apple to use their app". Are you referring to the App Store? Getting software updates through Apple? As for other software, as far as I know, there are alternatives you can use. If you've got specific examples, please do provide them. Again, people can reasonably disagree about these. For a counterpoint, by controlling the marketplace, Apple has more control over quality and security, as well as the responsibility when something goes wrong. One can reasonably argue that they prefer this over letting anyone provide apps because they're concerned about malware being loaded, that other providers won't be paying as close attention. You may reasonably disagree that that's the best way to handle it.
On the other side, Apple doesn't have an business model where they make money from user data: they make money through hardware. The way they've had a hard time providing a good ad platform is an example of this: if they were really interested in selling Apple customers to advertisers, they would have figured this out. A customer benefit of this is that Apple can take privacy seriously: they don't have a motivation to make user data accessible. The other big player here, Google, is in the business of advertising. That's very much not to my liking, but I don't go around commenting only "Google doesn't care about privacy": I know the discussion is more nuanced that that, and to do otherwise is just encouraging flamewar.
All of this comes down to "Apple doesn't care about privacy as much as I want them to". Perfectly reasonable. The absolute "Apple doesn't care about privacy", not so much.
I don't feel like anticipating arguments is very helpful, as much as it just adds noise. I could anticipate that someone will argue that because the sun is round, it proves that Apple can do no wrong, yet I don't bring that up, because until someone does, it seems to me to be a waste of time. In short, I am trying to be succinct rather than waste everyone's time arguing over something that nobody wants to argue about.
I don't view "Apple pretends to care about privacy as long as it is good for the bottom line" to be trolling, though I do admit I could phrase it better. Possibly "We don't know how much Apple cares about privacy, but they have taken a lot of actions that suspiciously point to them not caring about it more than they care about their bottom line. They also refuse to take actions that would prove to us that they do take privacy seriously.".
In trying to be succinct, it seems that I lost a lot of the important nuance, which I agree is important.
I would like to point to tech-giants that are pushing good security/privacy, but unfortunately, I don't know of any. I think the best I can point to might be Librem, but they don't have a functioning phone AFAIK.
> For a counterpoint, by controlling the marketplace, Apple has more control over quality and security, as well as the responsibility when something goes wrong. One can reasonably argue that they prefer this over letting anyone provide apps because they're concerned about malware being loaded, that other providers won't be paying as close attention.
I get this concern, but until they let go of that control, they are not enforcing reasonable privacy. It's a trade-off, and it's totally Apple's decision to make, but that means that they aren't doing "privacy right" if they choose the option that disregards privacy. Maybe that's better for their users, maybe not, but they have chosen the side that disregards privacy either way.
> On the other side, Apple doesn't have an business model where they make money from user data
That you know of. Unless you know something that I don't, you don't have access to see where all of their money is coming from. I agree it provides them a better incentive, but incentives don't mean anything.
I don't like comparing Apple to Google, because I find it irrelevant what Apple does. Google is an entirely different business. I dislike Google, and I believe that in many ways they are worse than Apple, but that's irrelevant to the discussion.
"Apple doesn't care about privacy as much as I want them to" doesn't accurately represent what my issue is. My issue is that the statement "At least Apple seems to care about privacy" is true, but the statement "Apple cares about privacy" is not true based on the decisions they make. They may care about it but their actions speak otherwise, and it doesn't matter what groups say, it matters what they do. Just because they "seem" to care about privacy doesn't mean that they do, and I don't want unaware users to support a company that, based on their actions, is likely lying to them.
What would satisfy you that Apple takes privacy seriously?
- Open source the enclave?
- Open source the OS (be it macOS, iOS)?
- Allow you to install your own OS and software?
- Refuse to do business in China?
- Open all of their books so you can view the revenue stream?
If this is wrong or incomplete or to expansive, please do clarify, but also please be specific. I want to understand in detail what your reservations are.
All of the above would be great, obviously, but for me to take Apple seriously, I'd say that they'd need to:
Open source pretty much anything that they can, allowing me to compile and install my own os and software. And this would have to be without having to contact apple's servers in any way.
There might be more that I can't remember ATM, but I think that's the main gist of it.
By not allowing me to see how the code works, I can't know what they are doing with my data. And by designing a system where I could set up as much of the stack as possible without having to contact any central source, would ensure that everyone could use it without fear of that data being mis-handled.
That's not the intent of my question. I'm asking "how" in the sense of explain (as opposed to just a "yes" or "no" answer). I'm asking you to apply those same criteria to the system you're using with the same critical eye and see how it stacks up. I don't know you system and I want to learn more about it.
Oh, my apologies then for assuming the intent of your question.
My current phone is somewhat open-source (cyanogenmod), though I think Google's version of "open-source, but you totally need to rely on our stuff to get basic functionality" is fairly bullshit.
I can compile my own OS and additional software
I can put tools on my phone that severely limit it's contact with Google's servers, although I suspect that there is an underlying system that ignores those tools.
As for my computers, I use Linux. I typically run them on Thinkpads, but I've tried a few other systems as well. My next computer will be a Purism or System76 laptop.
All in all, I'm not happy with any phone that I've seen. I can't think of any that I believe has taken legitimate action to show that they care about my privacy.
As far as computer OS's, I think Linux has strongly taken action to ensure my privacy.
Thanks for elaborating. Where do you get your software? Do you compile it all yourself? Have you audited the code? Which servers do you connect to using your devices? Which services do you use? Do you run the tools you mention that limit network access to specific servers?
I typically download it from the official website or a mirror. Sometimes I compile it, sometimes I don't. I typically only try to connect to my own servers, but I obviously connect to the open web in some circumstances. I sometimes do audit the code, but not always. I run a bunch of my own services, including a mail-server and some social-media stuff. The tools that I use to limit connections typically just turn off access to the internet as a whole, rather than to specific servers, though some of my firewall rules only allow certain things to hit certain servers.
That's probably a good summary, though I do reserve some wiggle room in case I'm forgetting something
FYI, this thread is getting a bit out of hand, so if you'd like to continue this conversation, I don't mind, but LMK how I can contact you because I'm not likely to keep checking for responses |;)
If that's the case, then you can replace your original
> "Apple pretends to care about privacy as long as it is good for the bottom line."
with
> "If Apple truly cared about privacy, they'd allow open access to their hardware and software"
That would provide actual substance and be less flame-baity. HN strives for substantive discussion. Yes, this conversation may be a bit unwieldy, but it's length is, I'd argue, at least in part a result of your initial comment.
People have different priorities. You acknowledge you can't really know what's going on with the hardware. Acknowledging that having the option is a benefit, you also don't always fully audit or compile your on OS, so you're relying on some level of trust. You're also making a tradeoff by supporting/benefitting from an organization (Alphabet/Google) that does earn its revenue based on collecting user data (in that CyanogenMod is based on Android).
A tradeoff I've made is to go with a vendor that provides good hardware and good software while acknowledging I don't have access to the source. I can disable services on iOS that I don't want to use. You continue to bring up that we can't know that Apple isn't dealing in user data. There's no evidence that they do, and you end up arguing for Russel's Teapot when you continue to bring up this point.
I prefer this than relying on software that doesn't work as I expect it to (yes, that's a preference) and not buy further into the Google system. Android has not created a system with universally more secure hardware and software, while benefitting Google's advertising system, which relies on that user data. I understand you're likely not contributing to that directly, but that's part of the system buying Android-compatible devices supports. Clearly your priorities are different, and that's okay.
If you find anything to take away from this, I hope it's at least two things: it's important to error on the side of substance and balance as opposed to flamebait; and that reasonable people can disagree on their choices and priorities.
I don't have to be a mechanic to know when a car is broken, just like I don't have to know how all of Apple's software works to know that they don't actually value privacy. Please, prove me wrong. I'd love it if Apple actually put their money where their mouth is. Until then, I know enough about their stack to know that they don't build it in a way that ensures privacy.
> You’ve seen enough responses from people to anticipate objections.
And? I can anticipate objections as to any argument. That doesn't change the validity of either side. I don't think I get what you mean by this.
> It’s tedious and boring to see the same arguments again and again.
Once those arguments become invalid, I'll stop. If I'm saying something that isn't true, please point it out. Until then, I'll will proudly correct the lie that "Apple cares about privacy". I'm sorry that the truth is tedious to you, but there's not much that I can do about that.
> Mail is a mail client: if you use an Apple domain, you’ll use their servers. If not, then not. And you don’t need to use the built-in mail client. If you use Apple Maps, yeah, you’re using their service. You can use Google Maps or Waze or other alternatives if you choose. GPS is a radio: it doesn’t involve any service provider other than the satellites it receives information from, same as any other GPS radio.
But they could build their systems so that I don't have to go through Apple to use their app, just in the same way that email works. They choose not to. My point is that, until they design their systems so that I can use all of the standard functionality without going through their servers, they aren't taking privacy seriously.