I'm actually a little gobsmacked anyone on this forum can type those words without physically convulsing.
The even more terrible part is I'm sure it's common. And so via network externalities the rest of us who do NOT trust any of these companies on the basis that all of them, time and again, have shown themselves to be totally untrustworthy in all possible ways, will get locked into this lunacy. I now can't deal with the government without a smartphone controlled by either google or apple. No other choice. Because this utter insanity isn't being loudly called out, spat upon, and generally treated with the withering contempt that these companies have so richly and roundly earned this decision is being made for all society by the most naive among us.
I don't think the GP meant "trust" as in "I think Apple has my best interests at heart."
Rather, I think they meant "trust" as in "Apple is observably predictable and rational in how they work toward their own self-interest, rarely doing things for stupid reasons. And they have chosen to center their business on a long-term revenue strategy involving selling high-margin short-lifetime hardware — a strategy that only continues to work because of an extremely high level of brand-image they've built up; and which would be ruined instantly if they broke any of the fundamental brand promises they make. These two factors together mean that Apple have every reason to be incentivized to only say things if they're going to mean them and follow through on them."
There's also the much simpler kind of "trust" in the sense of "I trust them because they don't put me in situations where I need to trust them. They actively recuse themselves from opportunities to steal my data, designing architectures to not have places where that can happen." (Of course, the ideal version of this kind of trust would be a fully-open-source-hardware-and-software, work-in-the-open, signed-public-supply-chain-ledger kind of company. You don't get that from Apple, nor from any other bigcorp. Apple's software is proprietary... but at least it's in your hand where you can reverse-engineer it! Google's software is off in a cloud somewhere where nobody can audit changes to it.)
At the heart of it: I feel like I'm Apple's customer in a way that I never feel like Google's customer (in everything they do it always seems like their real customers are Ad Buyers, even when you are ostensibly paying for services). (And Microsoft is in the middle and all over the map where some divisions treat you like a customer and others don't depending on the prevailing winds and the phase of the moon.)
They are anti right to repair & they have their walled garden on their mobile devices. Their vertically integrated model also leads to unusually high prices. This website in particular would also directly feel the pain of Apple killing apps to implement themselves later, the greedy apple store cut and also not allowing use of hardware features that Apples themselves can use. Consumers feel this indirectly (higher prices, less competition).
Also, don't get it twisted, Apple is still collecting all of your data, even if you ask them not to [0].
There's absolutely several axes in play here. You have very different concerns than I do, and that's valid.
Their vertically integrated model leads to very good customer service. I don't pay extra for Apple Care and I still get treated like an adult if I show up to an Apple Store with some need.
Even when Apple makes a mistake and collects more data than they should, I don't expect that data to influence ads that I see or to be sold to the highest bidder. (As a developer myself, I find that I can be quite lenient on app internal telemetry.) I can also see that ad review is barely a small side hustle to them in their Quaterly Reports and I can also see that most of their ad revenue is from untargeted campaigns. (Microsoft is a bigger ad company than Apple. Google is an ad company deep into its DNA at this point with everything else a side hustle.)
There is a beauty to a well maintained walled garden. Royalty invested a lot of money into walled gardens and Apple maybe doesn't treat you exactly like royalty, but there's a lot of similar respect/dignity there in their treatment of customers, even if they want you to trust them not to touch the flowers or dig below the walls too much. They want you to have a good time. They want their garden to be like a Disney World, safer than the real world.
You may not appreciate those sorts of comforts and that's fine. Plenty of people prefer the beauty and comfort of a walled garden than the free-for-all of a public park (or the squatter's rights of an abandoned amusement park if you don't mind playing unpaid mechanic more often than not). There's a lot of subjective axes to evaluate all of this on.
France’s data protection authority, CNIL, fined Apple €8 million ... for illegally harvesting iPhone owners’ data for targeted ads without proper consent.
If ads are a small percentage of Apple's quarterly reports, that isn't sound reasoning; after all, they make a lot of money in general in a lot of areas.
And if ads are leading to services growth (which they are), you should expect them to do more, scummier ad related things over time.
Fundamentally, ads is an incredibly high margin business with lots of room for growth (particularly when you own the platform and can handicap your competitors) so over time, all tech companies will become ads companies.
I don't think this applies to their watch or tablet business where the limiting factor on lifetime in the market is security/os updates. Most alternatives in that space have significantly worse support cycles.
This used to be true of their phones as well, but the android market seems to be catching up in ways that tablets/wearables have not (see google's 7 year commitment for pixels).
Not sure if it applies to general purpose. Certainly there are non mac computers that we can throw linux on and use for 10+ years and there are examples of apple laptops getting cut off earlier than I'd like (RIP my beloved 12" macbook), but there are often some pretty serious tradeoffs to machines older than 7 years anyway. Also, I'm not sure if apple's strategy re: support lifecycles on products after the AS migration have shifted. It wouldn't surprise me if the first gen m1 products get 10 years of security updates.
it's not that I blindly trust apple; it's more that they're the one FAANG company where I am the actual customer and their incentives align/depend on keeping me happy. Google/MS could care less how I feel; and I am well aware that I am most certainly not their customer.
> it's more that they're the one FAANG company where I am the actual customer and their incentives align/depend on keeping me happier
Do they though? Battery performance that 'lies' to you intentionally, planned obsolescence, locked in ecosystems, overtly undercutting the alternatives, marketing that hypes up rather bland features...I admit I don't see your point.
Apple, if anything, seem about as user hostile as Microsoft is these days.
> Battery performance that 'lies' to you intentionally, planned obsolescence ...
Everything is relative. Apple generally supports their devices with OS updates for longer than most Android phone makers. Their incentives here are well aligned: they get a decent profit from Apple Store no matter how long you use their phone.
I think a lot of the reporting on Apples actions is very click-baity and lack nuance. Take the case when Apple throttled CPU performance of their phones when the battery got old and degraded. It was reported as a case of planned obsolescence, but it was in fact the exact opposite: by limiting the power consumption of the CPU they avoided unexpected phone shutdown due to battery voltage going too low during bursts of high power consumption. A phone that randomly shuts down is borderline use-less. A phone that is slower can at least be used for a while longer. Apple didn't have to do this. They would have spent less R&D money, and had a much lower chance of bad PR backlash, if they just simply did nothing. Yet they did something to keep old phones useful for longer.
> locked in ecosystems
That's a fine balance. Creating a good ecosystem is part of what makes Apple so user friendly. And it's a lot harder to create open ecosystems than having closed ones. Especially when you factor in security and reliability. If Apple diverted resources to making their ecosystems more open I think their ecosystem integration would have been significantly worse, which would have made them lose the thing most users considers Apples primary advantage.
Apple is a mixed bag. They were one of the first to go all-in on USB-C. Sometimes they push aggressively for new open standards that improve user experience. Yet they held on to Lightning for far too long on their phones. But here you get back to the planned obsolescence factor: there's a HUGE amount of perfectly fine Lightning accessories out there that people/companies are using with iPhones. If they killed Lightning too fast I can guarantee you they would have gotten a lot of hate from people who couldn't use their Lightning accessory anymore. With laptops that wasn't a big issue. Adapters are significantly less convenient to use with phone accessories.
Apple is tinker-hostile, but they’re great at getting-things-done for the majority of people. It’s frustrating when you have the knowledge to build custom workflows, but the happy path and the guardrails work great for many.
Microsoft have no consistency and Google wants you to pray at the altar of advertising.
> I'm actually a little gobsmacked anyone on this forum can type those words without physically convulsing.
Apple tells a pretty compelling lie here. Rather than execute logic on a server whose behavior can change moment to moment, it executes on a device you "own" with a "knowable" version of its software. And you can absolutely determine no network traffic occurs during the execution of the features from things announced this week and going back a decade.
The part that Apple also uploads your personal information to their servers on separate intervals both powering their internal analytics and providing training data is also known, and for the most part, completely lost on people.
Are you claiming Apple uses personal user data (e.g someone’s photos or texts) as training data for their server-side models? That’s a massive claim and there are some journalists you should definitely shoot a message to on signal if you have proof of that and aren’t just blowing smoke.
- They upload your data to their servers. This is a requirement of iCloud and several non-iCloud systems like Maps.
- Where analytics is concerned, data is anonymized. They give examples of how they do this like by adding noise to the start and end of map routes.
- Where training is concerned, data is limited to purchased data (photos) and opted-in parties (health research).
My point is that Apple's code executing on device can be verified to execute on device. That concept does not require trust. Where servers are involved and Apple does admit their use in some cases, you trust them (as much as you trust Google) their statements are both perfectly true and ageless. Apple transitions seamlessly between two true concepts with wildly different implications.
Apple's marketing and branding is truly impressive when even Hackernews crowd, who'd you assume are very tech savvy, are eating it up all of the propaganda.
Despite your snark - you'll never win an argument where trusting a for profit corporation is some sort of win over transparent secure system. Yes Apple might be better of the lesser evils but is this really where us as a privileged class of people who actually understand all this give up and give in? This is sad.
You’ll also never win an argument when assuming that the people you disagree with haven’t thought this through and come up with a different conclusion. The snark is from the implication that we’re either clueless or blind to it. The more likely explanation is that we have different priorities, and that we’re viewing the question from a different angle. That doesn’t make us ignorant or unprincipled, any more than you disagreeing with me makes you naive or unserious.
We have different ideas. That’s all. There’s no need to look down on each other for it.
Yeah, at this point, for me, it’s “use Apple stuff” or “barely use computers in my personal life”. I did the Linux and (later) Android tinkering thing for a good long while, and I’m over it. Losing all the features and automation and integration I get with no time lost, for a bunch of time consuming and janky DIY that still wouldn’t get me all of it, isn’t something I’ll do these days. I’d just avoid computers.
I’ve been diagnosed with ADHD. I lost so much time to screwing around with a million config options. Recompiling with slightly different flags to make things 2% faster. Keeping my system bleeding-edge up to date. All that nonsense was fun but it was a way to avoid getting started on what I was suppose to be doing.
Going back to a Linux desktop would be the end of me. I know it.
Same. Aside from a few self hosted services, I use Apple for my phone and work machines because I just want it to fucking work all the time. My parents understand that if they want IT support from me that they must use a Mac or iPhone - because then I rarely have to help them with anything.
The one exception I made recently was to dump Windows and move to a Fedora immutable build after seeing how capable the Steam Deck (and Linux) was for all the games I play. I’ll get shot of that if it causes me grief though - or just stop playing games on my PC.
I just don’t have the energy to mess about with it all these days and Apple is the 2nd best option in lieu of that.
Tried that route, and while it is quite viable in 2024, I reverted to dual booting. I can turn on my computer to work or to play games, and those two environments are completely separate. Nvidia terrible corporation, but similar with Apple in the #justworks category. Getting much better on linux recently, but you lose stuff like the new hdr feature, and occasionally have to worry about anticheat
Yeah, I’m lucky in that I’m pretty stable now in which games I’m playing and they all run flawlessly via Proton or Lutris. It seems to mostly be the controversial kernel-level anticheats which don’t play ball or where devs don’t enable the Linux support flags for things like EAC which cause a problem. For those, I kinda just have to suck it up and play something else.
I did have a ton of issues with NVidia in the same environment, but after putting a Radeon card in it has been smooth sailing. That’s to be expected I guess.
I doubt I would have tolerated this even a few years ago though and would have ended up like yourself with a dual boot setup.
Uh, friend, this is still just an internet technology enthusiast forum. Popular opinion here is equally as reliable as Reddit. If you are taking hn upvotes as some kind of expert input, you're in for a rough time.
No argument from me. I was replying to someone who couldn't believe the readers here, "who'd you assume are very tech savvy", didn't agree with their opinions.
"Wow, so many of these people disagree with me, it might be because they have a huge dangerous blind spot because of a lack of knowledge and/or experience and/or have trouble seeing things from the outside"
...is a thing I experience on a regular basis (and that I only really gained confidence in once I actually saw the mistakes cause problems, e.g. password managers)
I would give multiple upvotes to this, were it possible.
I do not have either Google or Apple accounts and I do not intend to ever open such accounts (despite owning some Android smartphones and having owned Apple laptops).
Because of this, I am frequently harassed by various companies or agencies, which change their interaction metods into smartphone apps and then deprecate the alternatives.
Moreover, I actually would be willing to install such apps, but only if there would be some means to download them, but most of them insist on providing the app only in the official store, from which I cannot install it, because I have no Google account.
I have been forced to close my accounts in one of the banks that I use, because after using their online banking system in the browser for more than a decade, including from my smartphone, they have decided to have a custom app.
In the beginning that did not matter, but then they have terminated their Web server for online banking and they have refused to provide directly their app, leaving the Google store as the only source of it.
I have been too busy to try to fight this legally, but I cannot believe that their methods do not break any law. I am not an US citizen, I live in the European Union, and when an European bank (a Societe Generale subsidiary) refuses to provide its services to anyone who does not enter in a contractual relationship with a foreign US company, such discrimination cannot be legal.
I sympathize with the plight, as I have also occasionally tried to fight this fight.
However, to quibble with your last analysis, you're almost certainly entering an agreement with the EU registered legal entity of a multinational company, and you almost certainly already had to do that to obtain the hardware, run the OS, use the browser, etc. The degree to which any of those contracts are enforceable is another matter.
Even if Google were treated as a local company, that does not change anything.
I find unbelievable that a bank has the arrogance of conditioning their services on whether their customers accept to do business or not with some third party.
I see no difference between the condition of having a Google account and for instance a condition that I should buy my car from Audi or from any other designated company, instead of from wherever I want. It is none of my bank's business what products or services I choose to buy or use (outside of special circumstances like when receiving bank credits).
Could you provide an alternative model where you get what you want, that is economically viable for vendors and manufacturers to invest in, and that does not require me to teach my parents how to sysadmin their phones to keep them safe?
I trust Apple more than I trust Google to not share my data with a large group of corporate entities who want to sell me things I do not wish to buy.
I believe both - and if required, organizations like Mozilla, Ubuntu, Redhat/Oracle, whoever - to comply with law enforcement requests made of them to hand over any data relating to me that they might hold. I'm OK with that. I think Apple has less of that data than Google, and works actively to have less of it. Google works actively to increase the amount of data they have about me.
I think even if you had a functional device using entirely open software, that any organisation you share that data with or use to communicate with using that device - including cloud service providers, network providers, and so on - would also comply with law enforcement.
"Ah!", you say, "But I get to choose which crypto to use! I know it won't have backdoors!". To which I will reply you are unlikely to have read and truly understood the source code to the crypto software you're using, and that such software is regularly shown to have security issues. It's just not true that open source means that all bugs become shallow, and the "many eyes" you're hoping for to surface these issues are likely employed at, err, Apple, Google, Redhat, Ubuntu, Mozilla...
I look at the landscape and I conclude that true open source environments have a ton of issues, Google/Android have far more (for my taste), and that I am more confident in Apple than I am in either myself (even as an experienced tech expert), or Google, or Microsoft, to keep my data private to me to the greatest extent legally permissible.
Do I think "legally permissible" should be extended? Sure. Do I wish a multi-billionaire would throw 50% of the net worth at making open source compete on the same level? Yeah, cool. Do I think any of that is realistic in the next 5 years? No. So, I make my bets accordingly, eyes wide open, balancing the risks...
You should remember that in December 2023 it was revealed that the "Apple Silicon" CPUs have some undocumented testing features, which have unbelievably remained enabled in the Apple devices for many years until being notified by the bug finders, instead of being disabled at the end of production.
Using the undocumented but accessible control registers, all the memory protections of the Apple devices could be bypassed. Using this hardware backdoor, together with some software bugs in the Apple system libraries and applications, for many years, until the end of 2023, it has been possible to remotely take complete control of any iPhone, with access to its storage and control of the camera and microphone, in such a way that it was almost impossible for the owner to discover this (the backdoor bugs have been discovered only as a consequence of analyzing some suspicious Internet traffic of some iPhones that were monitored by external firewalls).
It is hard to explain such a trivial security error as not disabling a testing backdoor after production, for a company that has claimed publicly for so long that they take the security of their customers very seriously and that has provided a lot of security theater features, like a separate undocumented security processor, while failing to observe the most elementary security rules.
It is possible that the backdoor was intentional, either inserted with the knowledge of the management at the request of some TLA, or by a rogue Apple employee who was a mole of such a TLA, but these alternative explanations are even worse for Apple than the explanation based on negligence.
> all of them, time and again, have shown themselves to be totally untrustworthy in all possible ways
Sorry, but this seems like a very vague claim to me. Can you specifically point out a time where Apple proved itself untrustworthy in a way that impacts personal privacy?
When Apple says they treat my data in a specific way, then yes I do trust them. This promise is pretty central to my usage of them as a company. I'd change my mind if there was evidence to suggest they're lying, or have betrayed that trust, but I haven't seen any, and your post doesn't provide any either.
It depends on what you'd consider "untrustworthy", but some (myself included) feel it's hypocritical for Apple to position itself as a privacy conscious choice, and use its marketing / PR machine to give the impression it only makes money on devices/subscriptions, when they're silently managing an ads-funded cash cow, with billions of dollars that go directly to the bottom line, as pure profit.
Here's a few pointers, to get you up to speed [1-5]. Of course there's nothing wrong with monetizing their own user base and selling ads based on their 1PD (or, in the case of Safari, monetizing the search engine placement). But I find it ironic that they make a ton of money by selling ads based on the exact same practices they demonize others for -- user behavior, contextual, ___location, profile.
> they're silently managing an ads-funded cash cow, with billions of dollars that go directly to the bottom line, as pure profit
Advertising isn't anti-privacy. Apple's fight was with tracking by third parties without user knowledge or consent. That is independent of, but often used for, advertising purposes.
This is different from say Google determining ads on Youtube based on what you are watching on Youtube.com, and from Amazon or Apple promoting products based on your product searches solely within their respective stores.
Tracking-based Ad targeting is blip in the history of advertising and goes against previous decades of "common sense" in advertising that the best ads cast the widest net and catch the eye of people you (and they) don't even know are potential targets.
I hope this current fad dies and people return to that older marketing "common sense". Over-targeting is bad for consumers and bad for advertisers, the only people truly benefiting seem to be Google and Meta.
As someone who has to help my father with his personal tech as his mental health deteriorates (several brain tumors), I'm thrilled every time I find something that ISN'T locked down behind pin codes, passwords or other authentication methods that he no longer remembers or can communicate.
His current state really has made me think about my own tech, about what should be locked down and what really should not be - things that we lock down out of habit (or by force) rather than out of necessity.
Given the rate at which the elderly find themselves swindled out of money due to scams, hacks or any other method of invasion, I really don’t think loosening controls makes the most sense.
Might be interesting if companies offered the ability for someone to be a “steward” over another when it came to sensitive choices (like allowing new logins, sending money, etc). Of course that itself is a minefield of issues with family members themselves taking advantage of their elderly members. But maybe power of attorney would have to be granted?
What I hinted at was more granularity in how we treat different types of data, or other accesses, in response to the idea of being forced to turn on "Advanced Data Protection on iCloud".
Rather than putting all of our personal data and accesses under a thick virtual fire blanket, perhaps it is perfectly fine if some of it isn't protected at all, or is protected in ways that could be easily circumvented with just a tiny bit of finagling.
This is now how I'm approaching my own digital foot print, that some not secret things are nowadays wide open, unencrypted and you just need to know where to look to access all of it.
Relatedly, I think a lot of us under-estimate/under-appreciate physical security in our threat models. A desktop tower that never leaves my house and would be a pain for anyone but a dedicated burglar to steal maybe doesn't need the same sort of security/encryption/authentication requirements for physical access in person that a phone or laptop might need. Certainly there are plenty of fears of people targeting me specifically and getting physical access to my house, but there are also more legal protections from some of those. Threat models are all about trade-offs and physical security/physical access restrictions trade-offs can be under-appreciated as places to make choices that can be in your favor.
I understand what you mean but I think maybe your example wasn’t terrific given I think the elderly are actually frequent and vulnerable targets for crims. I’ve actually had scenarios where my parents were unable to log into an account and when I asked why they needed to, it was to give some “support specialist” information they were asking for. Is it a pain in the ass to help your parents install a mobile app sometimes? Yeah I guess. I’m just glad someone didn’t drain their bank account on them.
There is sometimes a point to inconvenience in that it requires time and assessment.
Yeah, the thing about "security" is that there is a lot more chance that it will come to bite you in the ass later down the road than being successful (actually prevent an issue). I have some funny stories about unrecoverable drives because of forgotten encryption keys.
For most people the only security they need is actually access to their money, everything else is mostly irrelevant, nobody really cares about weird habits or whatever.
Not when you understand the tradeoffs being made. If you enable Advanced Data Protection and lose or forget your password, Apple cannot help you recover it. It makes sense that it's opt-in and users make a conscious choice to make that trade-off.
Yeah, you’re right. Apple’s approach to privacy is like one of those fairytale genies. On paper, and in many technical aspects, class-leading, but useless because anyone powerful and/or determined enough to hurt you will be able to use the backdoors that they willingly provide.
End to end encryption? Sure, but we’re sending your ___location and metadata in unencrypted packets.
Don’t want governments to surveil your images? Sure, they can’t see the images - but they’ll send us hashes of illegal images, and we’ll turn your images into hashes, check them against each other, and report you to them if we find enough.
Apple essentially sells unbreakable locked doors while being very careful to keep a few windows open. They are a key PRISM member and have obligations under U.S. law that they will fulfil. Encryption backdoors aren’t needed when the systems that they work within can be designed to provide backdoors.
I fully expect that Apple Intelligence will have similar system defects that won’t be covered properly, and will go forgotten until some dissident gets killed and we wonder why.
For a look at their PR finesse in tricking media, see this, over the CSAM fiasco that has been resolved, in Apple’s favour.
> Sure, they can’t see the images - but they’ll send us hashes of illegal images, and we’ll turn your images into hashes, check them against each other, and report you to them if we find enough.
> I fully expect that Apple Intelligence will have similar system defects
Being able to scan devices for CSAM at scale is a "defect" to you?
- it's anti-user: a device spying on you and reporting back to a centralized server is a bad look
- it's a slippery slope: talking about releasing this caused them to get requests from governments to consider including "dissident" information
- it's prone to abuse: within days, the hashing mechanism they were proposing was reverse engineered and false positives were embedded in innocent images
- it assumes guilt across the population: what happened to innocent by default?
and yes, csam is a huge problem. And btw, apple DOES currently scan for it- if you share an album (and thus decrypt it), it is scanned for CSAM.
This is true, but your examples aren't directly trying to pretend they are the better alternatives for that. Apple is doing its best to paint itself as some golden company when reality dictates they are no better (if honestly worse in some categories).
Don't expect balanced objective opinions on Apple on HN, that was never ever the case. Some of it are tech enthusiasts, some are maybe employees or investors, some is paid PR.
Nothing wrong there per se, its just good to realize it.
The Australian Government required you to have an app called MyGovID to do you business taxes and other administrative tasks. This app is only Apple or Android, there is no web interface.
That’s crazy. Why no web interface? In Poland for taxes we have a web interface that is mobile and stationary, and for many other things it’s a choice between an app and web and paper.
Ahl. In our case, we have mobile app 2fa, but also an sms 2fa, and authentication through bank login - it’s quite neat that the government struck deal with a bunch of banks, and they serve as identity providers too.
Not a requirement, but in Poland a ton of administration things can be done from a dedicated iphone/android app - including using your official ID. It is optional though, and you can alway do the same stuff (ID aside) from the web, or using paper and going places in person.
> Because this utter insanity isn't being loudly called out, spat upon, and generally treated with the withering contempt that these companies have so richly and roundly earned this decision is being made for all society by the most naive among us.
Ah yes, blame the simple-minded plebes who foolishly cast their noses up at Windows Phone. If only Ballmer were still in charge, surely he'd have saved us from this horrible future of personal, privacy-respecting AI at the edge...
I'm actually a little gobsmacked anyone on this forum can type those words without physically convulsing.
The even more terrible part is I'm sure it's common. And so via network externalities the rest of us who do NOT trust any of these companies on the basis that all of them, time and again, have shown themselves to be totally untrustworthy in all possible ways, will get locked into this lunacy. I now can't deal with the government without a smartphone controlled by either google or apple. No other choice. Because this utter insanity isn't being loudly called out, spat upon, and generally treated with the withering contempt that these companies have so richly and roundly earned this decision is being made for all society by the most naive among us.