this post was submitted on 15 Jun 2024
91 points (77.9% liked)
Privacy
29798 readers
786 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Security theater: All you stuff is encrypted but they have the decryption keys
Proprietary App Store: The apps and the store itself are proprietary and I don't trust Apple.
Gaslighting their customers: Images shared with Android users from iPhone are purposely crushed to a unreviewable quality. The idea is to convince people that Android takes terrible photographs.
About "Security theater": you can enable what's called "Advanced Data Protection" so the encryption keys are only stored on-device for most types of data including photos, backups and also notes for example. Mail and calendar is one exception that comes to mind, but you could also always use a different mail and calendar service. This is a fairly recent feature, so you may have missed it. Sure, it's not your fully self-hosted "cloud" on which you can audit every single line of code and whatnot, but it might actually be the best "compromise" of ease-of-use vs. privacy for many people outside the tech bubble we're in in this community.
About "Proprietary App Store": the store itself and many apps on there are proprietary, but there are a lot of open source apps on the App Store as well. The bigger problem is the fact that the App Store is the only (hassle-free) way to install apps to the iPhone and only recently the EU seems to change that with alternative storefronts now emerging, but Apple is limiting the use of them to the EU, so they're essentially doing the bare minimum to comply with EU law.
About "Gaslighting their customers": I'd like to see hard proof on that. I think what you're talking about is the fact that messages sent to Android users using the default "Messages" app are sent as MMS, which is an ancient technology and as such only support tiny, low-quality images. Android doesn't support iMessage and Apple seems to like to keep it that way as it's apparently selling a lot of iPhones this way in the US (and sure, I agree that's a bad thing). It does get better with the just-announced RCS support (a supposedly open protocol which Google added so many proprietary extensions to you can't really call it open anymore) so pictures can be send in full quality to Android users using the Messages app. Also, you could always use a third-party messenger like Signal or WhatsApp and send full-quality pictures just fine.
I'm not saying there aren't any concerns, but some of the information you provided is at least out of date.
keep in mind that companies can lie on how their stuff works, also I don't think the nature of the store matters, as much as the fact that you're only allowed to get the open source apps from there which will also run on top of a proprietary OS, with proprietary firmware
Consider that I have a low standard on what a hard proof should be,.. I consider telling people that : "Privacy, that's iPhone", while literally developing nothing in the open, which is the best and ONLY way to guarantee transparency, instead they went with the "trust me bruh" method, plus they display ads... like.....they have... a.. dedicated.. ad .. platform...
You don't respect my Privacy while you target me with ads
They can lie about how the advanced data encryption works…. But then they also tell you that you’re shit outta luck if you forget or screw up your decryption code. If they really had a back door, then I would expect them to take a much less hard line on you’re screwed if you lose the key.
I would be surprised if they had a back door too given how they’ve pushed back on back doors from the NSA and EU
I mean they understand their encryption algorithm, they made it after all, and with the advancements of Quantum computing it could be possible to decrypt someone's data... So what good does providing quantum computing for Imessages do... If they : understand how the algorithm works + they have enough computing power to decrypt it + it's proprietary.
I wouldn't be surprised if it was all a theater, and it's the best backdoor implementation to exist
This feels a lot like the argument of well what if they break TLS? A lot of hypotheticals when I don’t have any reason or proof to believe that they’ve made a back door
No, breaking an encryption is all about knowing how it works, many cryptographers make their algorithm proprietary in hopes that an attacker will have a hard time figuring how it works, however they turn out to be weak, other encryption algorithms are developed in the open so that many people look at it and see the flaws
The key word is : weak The idea is not making a backdoor directly, the idea is making it flawed, it's like securing a bank with steel doors with the exception of one door, that door is made out of wood and only you know where it's located.