invidious redirect of the yt video

One thing is being aware of bad actors on the internet, in that case IOS could be an option, other thing is being aware of the mass surveillance and manipulation across the digital space, and that’s the thing we’re more worried about in communities like this, in such case, IOS is no better than shooting yourself (i understand the point of the difficulties of having a custom rom, but that’s just a skill issue).

You can’t become privacy conscious without sacrificing something, some friend will go away calling you a paranoid, somo products you own will become garbage, that’s just normal here.

    • disguy_ovahea@lemmy.world
      link
      fedilink
      arrow-up
      8
      arrow-down
      2
      ·
      edit-2
      8 months ago

      They’re really not. Former employee here. They want nothing to do with your data. The more access they have, the greater the responsibility to protect it. Ask someone in a GDPR compliant nation to request their data abstract from Apple. It’ll be your name, billing address, and phone number. Even handling that data required extensive personal information training.

      When it comes to learning about use to improve products, if you choose to opt-in, Apple hashes and anonymizes the data before using multiple server relay to the engineers. The engineers see data collated anonymous charts and bug reports with no ability to trace it back to the user.

      Internally, it’s a point of pride for the company to protect the right to privacy. They created iMessage encryption before anyone was standardizing free E2EE, and rolled out iCloud with 128 bit AES encryption (same as the international banking standard). They created the Secure Enclave as a hardware lockout point and repeatedly refuse to add a bypass (back door) despite repeated pressure from the FBI. They can’t hand over the keys if the customer has the only copy.

      • foremanguy@lemmy.ml
        link
        fedilink
        arrow-up
        5
        ·
        edit-2
        8 months ago

        I think you’re right with the fact that employees themselves cannot access to your data directly from you. But I think that all the automation to personalized ads, to track your activity is basically in several companies included apple. They are not the worst (really not), but they are not the best. So as Murphy says in its video, buying an iPhone is better than buying a stock Xiaomi phone, but they are not 100% clean. Apple is more private only because their business model is not advertising and tracking, so you’re right on this point.

        To conclude you say that it’s a priority for the company to protect our privacy… I don’t think so, as explained in the video, they implement some privacy feature to let show to the public that they are privacy-friendly, the first reason is marketing, as simple as this. Why do not make an open iMessage compatible with all smartphones? Why do not enable Encryption in iCloud by default? And why not in 256 bit AES? For sure the banks use the same encryption but it is a proof of greatness?

        • disguy_ovahea@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          8 months ago

          Sure. For example, they’ve implemented cross-site tracking prevention in Safari. That disables tracking on the user end, but companies that pay for cookies on countless websites, like Google and Meta, will still obtain your site traffic through purchases. You can completely disable cookies to prevent this, but that’s really going to inhibit your browsing experience. Apple does not collect user data for their own ad purposes. If you opt-in to receiving marketing emails from Apple, you receive the same emails as everyone else.

          I’m not sure why Apple hasn’t offered iMessage as a standard for all devices. E2EE commonly uses four transmissions per message (sender encryption, recipient encryption, sender decryption, recipient decryption), so it may not be economically justified to offer the service for non-customers at the cost of their servers. That’s honestly just a guess.

          iCloud is secured with 256-bit AES encryption as of 2022. It was released with 128-bit in 2011. It was well above any competitor encryption offered at the time.

  • skuzz@discuss.tchncs.de
    link
    fedilink
    arrow-up
    9
    arrow-down
    3
    ·
    8 months ago

    No, they don’t care about privacy. It is just marketing buzz. They give Google and Facebook access to internal data for money. They give governments access to iCloud data for market share.

    They then design the OS full of dark patterns to trick you into enabling iCloud. They have telemetry on every aspect of the operating system from a timeline down to the millisecond as to when and where you opened and closed browser tabs, to what application was consuming power at a given time, to where you go and what bluetooth and wifi devices you saw along the way. Metadata scrapers index the contents of your devices under the guise of making it “smart and helpful.” The health monitor is ostensibly capable of dead reckoning location tracking, and you have to jump through hoops to even shut off BTLE when the phone is off.

    Their communications platforms log all sorts of metadata, (this can easily be seen by requesting a GDPR data dump) and if one believes they don’t tee every iMessage conversation off to three letter agencies and who knows where else, one would be sorely mistaken. (This, I don’t know of direct evidence of, so it is more inferred based on how the messaging technologies work and how the government(s) wouldn’t truly allow privacy to exist.)

    One can’t even stop their Apple product from talking to Apple servers, as they run access to their own systems on a layer of abstraction above the user’s userspace network layer. If they so choose, they can brick your phone at a moment’s notice using their “activation” infrastructure.

    Nothing they do is privacy-oriented, beyond making it slightly difficult for Johnny the bicycle thief to gain access.

    All without any of the code being available for inspection.