• Off Topic

  • tempted to transition from GOS to iOS

Pocketstar
They do have good arguments, but they offer no viable alternative. And no, getting a Thinkpad is not an acceptable alternative to a MacBook Pro for me. Love Richard Stallman to death, but I just can't put myself through this torture. Maybe Asahi Linux would be an acceptable solution one day, fingers crossed.

      I'm very tempted to go the other way. One major reason for this is that I'm not at all happy at having facial recognition hardware on a device, and sooner or later Apple is bound to abandon fingerprint readers on all iPhones. Eventually, even if it's not already, the facial recognition hardware will be used to gather data for advertising purposes about whoever's using the device. I'm sure that age/gender/mood/attention etc. data would be very much desired by advertisers. I trust Apple to preserve my privacy only whilst they think there's money in them claiming to do so.
      There are still a few issues to sort out before the switch, such as finding a good replacement for Apple's health app (and ideally transferring data) and waiting for RCS support on iPhones.

        4 months later

        Humorist6543 above all Advanced Data Protection

        ADP is a major step forward, but please read Apple's own documentation on it, it is very easy to switch inadvertently to the less secure Standard Protection, for example when using Sharing:

        Security implications of sharing and collaboration

        "In most cases, when users share content to collaborate with each other—for example, with shared Notes, shared Reminders, shared folders in iCloud Drive, or iCloud Shared Photo Library—and all the users have Advanced Data Protection turned on, Apple servers are used only to establish sharing but don’t have access to the encryption keys for the shared data. The content remains end-to-end encrypted and accessible only on participants’ trusted devices. For each sharing operation, a title and representative thumbnail may be stored by Apple with standard data protection to show a preview to the receiving users.

        Selecting the “anyone with a link” option when enabling collaboration will make the content available to Apple servers under standard data protection, as the servers need to be able to provide access to anyone who opens the URL.

        iWork collaboration and the Shared Albums feature in Photos don’t support Advanced Data Protection. When users collaborate on an iWork document, or open an iWork document from a shared folder in iCloud Drive, the encryption keys for the document are securely uploaded to iWork servers in Apple data centers. This is because real-time collaboration in iWork requires server-side mediation to coordinate document changes between participants. Photos added to Shared Albums are stored with standard data protection, as the feature permits albums to be publicly shared on the web."

        One small slip and there will be cloudside scanning of your Photos.

          Having just experienced this myself - some people (with deep pockets or state actors) are infecting iPhones with malware en masse right now. Lockdown mode doesn't do anything. Apple devices are just a too large target nowadays it seems. I could never go back.

          • de0u replied to this.

            Another datapoint: Even old android devices with lineage are safer. Smaller target -> less off-the-shelf zero days.

              hardballs Having just experienced this myself - some people (with deep pockets or state actors) are infecting iPhones with malware en masse right now.

              What is meant by "en masse"? If the number of comprised devices qualifies as massive, it should be possible to cite a source?

                  de0u I'm referring to the velocity. I don't know if it already happened on a massive scale. The malware seems to be able to spread via hijacked connections to apple servers and they did it from privileged network positions. Even going through another iPhone's hotspot got it reinfected. Thanks to apple for making such a mess of background connections.. Like getting root certs from random seeming Akamai hosts (not within "their" IP block). I've seen enough. Still kept an infected phone and MacBook but now it's dormant or has been remotely wiped.

                      hardballs You seem to be writing from a position of being highly confident in your claims, which are still quite unclear to me. Surely you have some evidence of this "en masse" infection you could provide us with, so we at least could read more about the potential malware that is allegedly spreading with high "velocity"?

                          fid02 Friends and family had their devices malfunctioning and were getting locked out of accounts. Manipulation of local filesystems, pcaps of floods, replay attacks and C2 traffic. All devices were up to date. The evidence would de-anonymize me. Context: I pissed off a large company. Central Europe.

                            hardballs They can compromise the device with generic firmware and OS vulnerabilities. Using a device without full security patches is always a bad idea since you're vulnerable to bargain bin ancient exploits which stopped working on up-to-date phones years ago. It's 99.99% standard AOSP and running on top of widely deployed hardware with standard drivers and firmware, etc.

                                GrapheneOS You're right of course. Nevertheless, those old devices provided me with a last line of defense.

                                  wuseman Honestly, if you can live with using half-baked browsers, mediocre keyboards and being locked in then go for an Iphone.

                                  What are you talking about? Safari has extension support and some pretty damn awesome extensions, not even available for Firefox. What we have in Android with the default Chrome browser is a nasty, locked down spyware ridden concoction that is on its way to kill off proper extension support. The GrapheneOS devs have done a commendable job with Vanadium (even though it is about as bare bones as it gets), but I suspect it will be an uphill battle as Google transforms the codebase of Chrome into a user hostile data harvesting mess.
                                  Also, you can have any keyboard you want. It is obvious that you judge iPhones just by hearsay.

                                      AlanZ Safari has extension support and some pretty damn awesome extensions, not even available for Firefox.

                                      Safari allows me to use I Don't Care About cookies or user scripts? This is news to me.

                                      What we have in Android with the default Chrome browser is a nasty, locked down spyware ridden concoction that is on its way to kill off proper extension support.

                                      I don't care about stock. I care about what I can get.

                                      Also, you can have any keyboard you want.

                                      My experience is that any iOS keyboard is 5 years behind Gboard on Android.

                                          wuseman Safari allows me to use I Don't Care About cookies or user scripts? This is news to me

                                          Yes, there are extensions that allow this functionality and more.

                                            25 days later

                                            knirirr apple already does advertising that's a decent chunk of their business and they also are invested into ai. There incentives are in everyway against privacy