The way I see it the users have two crappy options based on business model:
1) Apple's freedom from inspection: they control your device and their ecosystem because they make money off the ecosystem. The take a cut of the phone/computer/watch you buy then anything you buy in their ecosystem because the ecosystem is their product. Your data is (mostly) safe from advertisers because that's not their business.
2) Google's device freedom: you can do whatever you want with your device because your are the product. Sure you can load a complete separate system of mail and chat clients and not sign into google, but really, will you?
Of course there's option 3, linux. Neither the ecosystem or you is the product, but where's the money in that. No one is going to spend billions of dollars to get you to buy Linux.
Whether Apple or Google (or MS or w/e) is the arch villain is really just a matter of perspective. Is two or three options a great place for consumers? No, of course not, it all sucks. I think a system built around who-gets-the-most-money-wins is the real problem.
The big competitor to Apple is Samsung, and Samsung devices tend to be just as locked down as Apple devices (though the prevalence of jailbreaks has been higher, and of course you can sideload apps). Those two companies make up over 75% of smartphones in the US, and neither of their next competitors down (OnePlus and Lenovo) are Google.
People talk about Android like it is the "do anything you want device marketed at end users", but it is the "do anything you want operating system marketed at device manufacturers". One of the many things you can do with such a device is lock it down, and that's what companies who make devices that run Android, like quite-notably Samsung, have largely decided to do.
Google's first-party devices are often quite open, and that's cool and all, but they do not have much marketshare because, in the end, they kind of suck with the various limited hardware tradeoffs they make. Users, generally, are unable to provide a very strong purchasing signal
preference on "is an open device" because they are too busy optimizing for having good cameras or screens or whatever it is that they consider the primary point of owning the phone in the first place is.
At the end of the day, Android then become more of a coalition of brands herded by Google--but led by Samsung, whom at least used to make the vast majority of the actual profit, disproportionate even to their marketshare--in attempts to reign them in on what crazy changes they make, but those limitations do not enforce the device to be open... far from it, really! And so we have seen Google also the target of lawsuits for anti-competitive behavior with their store (including by Epic, whose argument almost made more sense against Google than Apple).
I have owned many Samsung android devices over the years and have always been able to install fdroid and other alternate app stores as well as "side load" applications from apk files. Is there a new thing where Samsung have removed this feature in recent (last two years or so) devices?
Typically, no, Samsung are one of the few manufacturers who consistently don't lock bootloaders. I've been flashing Samsung Android phones for over 10 years: https://github.com/Benjamin-Dobell/Heimdall
That said, they have locked bootloaders on some devices. Predominantly in the US market, I believe at the request of carriers. However, it's traditionally been the minority of devices.
What? Samsung is the most hostile of manufacturers in this regard. Unlocking the bootloader, installing another bootloader, or running a different kernel burns fuses permanently in the device and renders it unable to use their version of hardware-secured storage, aka "Knox."
Kiss some multimedia apps, payment apps, and enterprise security features goodbye...along with a bunch of random features like private mode in their browser.
Flashing an unsigned (or potentially differently signed) bootloader burns fuses. Sure. However, other manufacturers don't just burn fuses, you specifically need to apply for permission to flash your bootloader e.g. https://www.oneplus.com/support/answer/detail/op588
Samsung at least don't require personal details for you to take control of your device. Sure, you lose access to some multimedia, but don't blame Samsung for that, blame Widevine DRM certification. Knox goes out the window, but the entire point of Knox is to (try) guarantee a device isn't tampered with. At least you can remove it!
well, Miami and one plus requires you to provide phone number etc., so that seller and other people don't sell you malicious second hand phone or tampered phone. However, there are no fuses, so your phone will still be on warranty if you unroot it.
What does “tampered with” mean? Particularly in the context of a device you own?
I would consider a device tampered with if someone besides me (the owner) did something with it, without my authorization. But anything short of that is surely just me using the device. I mean, I have physical possession after all.
Signing images and requiring that the bootloader can't flash anything else is just vendor lock in / ceding your power as an end user. It doesn't make you more secure in any way since a bad actor will figure out a way to bypass making writes to the system partition.
Umm I remember ordering Chinese phones way back when (think android 4) with unlocked boot loaders - both had some random junk installed via custom ROM and you couldn't uninstall it.
Why would Samsung allow its proprietary 'Knox' to work with other bootloaded OS? They have every right to not support any other OS other than their own.
They aren't "not supporting any other OS", they're causing the hardware to damage itself to prevent that software from working.
It's like your laptop's motherboard detected you installed another OS in place of the OEM-provided Windows installation, and overvoltaged your NVidia GPU to burn it out. "We have every right to not support high-performance graphics on any other OS other than our own - if you want to install your own OS, you can still use the integrated Intel GPU".
Damaging the hardware is a bit of an overstatement. What people are calling fuses isn't really a fuse in the traditional sense. An eFuse usually is just write once memory. All the limiting features are implemented in software which reads out the state of this memory.
Correct me if I'm wrong, but once the eFuse is triggered (which, if it's write-only memory, still involves a physical change that could be interpreted as damage), it's effectively unfixable without replacing the whole motherboard, reflashing it with your original serial number, IMEI, etc. At least that's what I recall from reading about it - Samsung service can "reset" the Knox lock-out, but they do it by replacing the whole board.
In other words: there's no way for me to just take the phone to my workshop / local hackerspace, and fix it with a soldering iron. Even if I could source the right parts, it's going to be a PITA to make them work. I didn't investigate it further, but I assume that these days, cryptography is used for critical parts to attest each other as genuine (similar to what new iPhones do, which is why you can't just replace the "home" button if it breaks).
Additionally, since I haven't heard of people doing software workarounds, whatever in Knox is reading the state of the eFuse, cannot be trivially patched. I recall reading somewhere that triggering the eFuse somehow overwrites Knox itself - if that's correct, then they may not even be anything left to enable afterwards.
----
I'm going to concede here that my example was somewhat hyperbolic - burning a single eFuse isn't the same as overvolting the whole GPU. But only somewhat - the reasoning/intent behind the two cases is the same. Additionally, cryptography blurs the line between what's hardware damage and what's a software limitation. Take, for example, secure erasure of data: you can smash a hard drive with a sledgehammer and then microwave the remains to slag, but you can get the same result by keeping the data encrypted, and then... losing the keys.
This entire comment is irrelevant. The Knox fuse only matters if you're flashing the stock rom back. Only the stock rom actually cares about Knox. The custom roms all ignore the value from Knox or simply spoof it. In other words it's just punishing you for daring to flash a custom ROM.
If someone goes to the trouble of implementing an efuse, they will also implement the check in the hardware so it can't be bypassed. An easy example is optical drives with fixed numbers of region switches that refuse at the hardware level to read discs from the wrong region and also refuse at the hardware level to switch regions once all the fuses have been blown.
Knox is actually irrelevant as most custom roms just fake whatever value is needed to get certain apps going and it's really just Samsung pay I believe.
That's sorta the status-quo. But I'd fully support any legislation that mandates open bootloaders on all devices, definitely would help save the iPad from obscurity.
My experience is that Samsung devices are quite easy to root. There is that e-fuse thing that disable some features permanently, but to my knowledge, these are mostly intended for corporate devices and you can ignore them for personal use.
With Galaxy phones they are extremely hostile to unsigned flashes to the device. You essentially need to exploit a zero day in the stock rom to get temporary root and then while you have temporary root you flash a new recovery. And then you gotta make sure it doesn't flash the stock recovery back in the next boot by making sure your next reboot goes into the recovery. And then you can flash your custom ROM. I skipped some steps too.
After looking a bit into it, it looks like most US/Canada models have a locked bootloader. Other models, including mine (Europe) don't and it only needs booting into download mode using a key combination and flashing a custom recovery using Odin.
It doesn't matter anyway. Thanks to Google pushing remote attestation, all you can expect from a custom ROM is the actually important apps (like bank) no longer working.
I think you mean hardware attestation. And yes, it is the biggest problem I have. I can do without KNOX, but it is becoming harder to do without these locked down apps (ex: bank), and workarounds are harder to get by, no matter the manufacturer.
And of course forget about anything that isn't iOS or Android. I don't expect banks to support alternative OSes anytime soon.
I probably won't root my next phone, not worth the hassle for a daily driver.
What could be nice is if phones could run VMs, so you have your stock ROM with all your "important" apps, and a VM where you can run anything you want: hacked Android, Linux, maybe even a desktop OS. Modern phone hardware should be more than powerful enough to do that.
The only two apps that are affected by Knox is Samsung Pay and Samsung Health. And that is only an issue if you decide to flash the stock rom back on the device. If you use custom roms they typically have a workaround to get both of those apps working with the Knox fuse tripped.
The easiest daily driver to root is Sony and Google phones. You simply unlock the bootloader and flash. There's no nonsense to deal with.
He might be talking about the fact that the moment you unlock the phone the e-fuse is tripped and a bunch of features get downgraded permanently on their devices. I think they're generally good devices, but they have a nightmare support system and this e-fuse thing is just a major turn off to a lot of people.
yeah but you're also knowledgeable about all that shit and 99% of people with Android devices won't use alternate app stores. they'll download apps from the google play store, use google services, stream on google chromecast, watch things on youtube tv. google and/or samsung will get all that data and that's how they make money.
Just desparate apple apologists equating installing your own OS to installing an app.
Would I like to have an unlocked bootloader? Sure. Is having a locked bootloader equivalent to only being allowed to install Apple approved apps? Of course not.
> The big competitor to Apple is Samsung, and Samsung devices tend to be just as locked down as Apple devices
Please, you can sideload apps by selecting a single option... Not to mention you have all the options to make alternative apps default like any Google device.
That alone is significantly more open than Apple devices...
Both your links go to the same Proton article and the heart of it seems to be this:
> Apple monitors your every move in the App Store and its News and Stocks apps and then uses that data to sell ads targeting you in those same apps. To meet its growth forecasts, experts expect Apple to start selling ads in its Maps, Podcast, and Books apps, meaning it could replicate this model across more of its services. Much more of your activity could be monitored in the future.
Tracking every click in the App Store/News/Stocks is not great but it is in NO WAY similar to tracking every website I view and reading every email I send.
People keep saying Google reads your emails (even when Google explicitly says otherwise), but have no proof, and trust Apple's words as the gospel of truth - how strange. It's almost as if it's fashionable to criticize them.
This is on Gmail's homepage:
"We never use your Gmail content for any ads purposes.
Gmail uses industry-leading encryption for all messages you receive and send. We never use your Gmail content to personalize ads."
Why do you assume Apple doesn't also track every website and email you read (especially if you use the default Apple-made apps)? After all, they make the OS, they can track whatever they want.
Nobody's reported seeing that sort of network traffic sent off of iOS devices. It's trivially easy to spot it, and it's well documented, going to Google and others across the web, though.
Is there any evidence that Apple is lying, and is actually decrypting them somehow and using them for advertising purposes, rather than for the "coherence" feature?
I don't actually want browsing sessions to be unified across devices, so I do wish that it was turned off by default. (Though being able to close tabs remotely is a sort of interesting capability.) However, it doesn't seem to be actual spyware used for advertising or tracking purposes.
It's trivially easy to spot it going to Google/FB/whoever if you visit a page with a GA or FB or whatever pixel. That's part of the second sentence, not the first.
For spotting it going to Apple you'd have to do more fancy correlation over time and such, but you can find people out there who are researching this stuff... so that's who I'm waiting for to hear more from.
Safari on iOS is auto-completing stuff as you type. The option to search with google comes up if you get far enough.
And it’s not going to google first. If you type an address the “link” at the top is to Apple Maps. They seem to do a similar thing with place names. I’m not sure but one can be fairly certain they’re using the phones location to help….
Interesting.. I just saw an add in my Apple Maps yesterday and I was really confused at first. Had no idea they are considering moving in this direction and must already be testing it.
On a different note I attended an apple event for IT Government and Education in Chicago. Eye opening.. Apple's "privacy" stance is all just a horse and pony show for marketing. Unbelievable how open they were about tracking everything at the event.
My understanding around how this works (and I might be wrong!) is that Apple tracks a variety of usage on device and your device itself knows which ad to serve, versus say Google or Facebook collating your data on their own servers.
I'd not be surprised to learn there was some level of phoning home though.
There’s a common misconception that ad tracking is all about targeting ads. That’s part of it, but the truth is that tracking conversions is a more important differentiator for advertising platforms. A conversion is where the user clicks on the ad and then makes a purchase. The top digital ad companies (Apple, Google, Meta, Amazon) all charge for conversions. There is no way to charge for conversions without sending data about the user’s behavior off the device (which ads they saw, and which purchases they made).
That’s not true. They could use differentially private on-device joins using anonymously downloaded ad data. Or they could securely aggregate the results. Or both.
Can you elaborate? I see an ad in the News app, then click on it and make a purchase from Clash of Clans in the App Store. Apple needs to charge Clash of Clans for the conversion. How do they do it?
Apple knows that I bought the app (they charged me for it).
In order to charge Clash of Clans for the conversion, my phone needs to connect to Apple and send them a record of the ad click. What if clicking on that ad and buying the app are the only thing I ever did on the phone? There’s nothing to aggregate locally, and Apple knows they got the conversion data from me.
Perhaps the claim is that my phone is going to send all these records to Apple, and Apple is just going to do the right thing and run programs that do the business without letting any of their people look at anything they aren’t supposed to look at (they could internally accomplish this by differential privacy, rigorous internal controls, etc). That’s the same claim Google and everyone else is going to make.
That's not at all how adtech works. You cannot download all activity between ad supply (website/app/etc) and advertisers and every vendor in the middle onto your device for some joins.
You misunderstand, completely. A device needn't download all activity, or indeed download anything additional at all. It knows which ads it clicked on and it knows the conversion signal for each ad the user saw. It can thus easily count the user's conversions on the device, then privately aggregate the result with its peers using secure multi-party computation (or a secure enclave).
Even the ads can be anonymously downloaded using a shuffler/mixer, such that nobody knows which ads out of the universe of ads the device chose to target the user with.
This just has all of the negative privacy implications FLoC does[1], which is also something pushed by Google that was heavily criticized. I guess now that Apple is doing it, it's okay.
Similar! The biggest difference in my mind is that any website using FLoC would be able to know what cohort I belonged to.
FLoC is definitely more anonymous than "davidlumley visited nytimes.com twice on December 1st 2022". However, that particular usage information was previously only available to nytimes.com, any ad/data vendor using third party tracking cookies that were present on nytimes.com at the time of my visit, and finally any company that purchased data from the ad/data vendor.
My FLoC was theoretically available to any website and had much of the same intent data that intent ad/data vendors were/are selling.
If my understanding of Apple's ad platform is correct, advertisers don't know which cohort the user davidlumley belongs to, or that their ads are being served to me because that's all handled on device.
is that Apple tracks a variety of usage on device and your device itself knows which ad to serve
This is a distinction without a difference. Do you regularly share your phone with other people, to the extent that "device data" can not be correlated back to you?
The Mac defaults to signed apps. And you need to change a setting to allow unsigned apps.
iOS could easily default to what we have today, but allow the installation of non App Store apps after users change a setting and confirm after reading a scary warning pop up, that tells users they may be exposing themselves to data theft, hacking, viruses and money theft.
I really want this to happen, and I hope Apple is forced to make it happen — a fairly likely scenario in the EU I think — but if they do allow side-loading I fear they will disable all sorts of Apple services when you flip that switch.
No more Apple Pay, for starters. Maybe no iMessage. Things where they can argue they have to turn them off to protect the user, and/or themselves, from rogue apps.
And then you could have a kind of freedom, but it wouldn’t be a very useful one. You can already load whatever you want on your own phone if you have the source and do the build yourself. I can pretty easily imagine Apple making it so you can side load closed apps but almost nobody ever does.
Agreed. The real reason is the inevitable avalanche of support requests that hit when some popular side loaded app introduces a 0-day. No one at the Genius Bar is going to touch your toxic device. That means no Apple Care or iCloud backups either.
Support is expensive. Apple spends a lot of money to provide what is generally very excellent support. It’s a huge component of the overall brand for many users that stay in their ecosystem.
Apple wouldn't want that in the first place because a customer who's angry at a 0-day (even if it wasn't caused by Apple) still hurts Apple's brand image.
Apple has gone a long way by sticking to the safest paths, meaning they do things that cause the most customer satisfaction, and don't do anything that can go wrong. That's why Apple abandoned the iCar project because while many would like the concept, a car experience is not something that Apple can have control over; if users get into car accidents, for example, that hurts Apple's brand no matter the cause of the incident. In comparison, making phones, Macs, tablets, etc. is fairly safe as long as Apple retains its full control over the experience (which must be perfect for most consumers).
Because of this, I don't really see Apple allowing app sideloading, even though I personally like it. I think the more pressing issue right now is the 30% cut on AppStore.
Hear these excuses time and time again that it’s impossible for them to do this when they ship an entire product line and have for decades that does exactly what people claim is impossible for them to support.
And with Apple you are not the product? You're being tracked and shown ads on Apple devices too, it's just that you have even less control and Apple has a "worked" on their image in that regard.
So just long tap and uninstall them? It’s not analogous to the Windows Start Menu showing ads you can’t turn off.
What are the nags? I also don’t use Apple TV and don’t recall being nagged to use it.
The only thing that annoys me is the prompt to “finish setting up” my phone when I don’t want to turn on Siri. I get the prompt a few times and then it gives up trying to get me to turn on Siri and stays happily disabled.
>So just long tap and uninstall them? It’s not analogous to the Windows Start Menu showing ads you can’t turn off.
On the contrary, it's exactly analogous to Windows start menu ads as they are just icons that you can tap/right-click and uninstall, exactly like on Apple.
But I do love the HN double standards here:
Apple ads: "Pfff, just tap and uninstall, nothing newsworthy here."
Windows ads that you can also right-click and uninstall: "OMG, the audacity from Microsoft, let's up-vote every single FUD blog post about this while frothing at the mouth."
I mean, I can also click the little 'x' button on YouTube banner ads, but that doesn't make them any less annoying. Apple's promotion of their own services in MacOS makes it impossible to live in for me in the same way I can't browse the web without uBlock Origin. Blocking out nagware helps me focus.
I would totally agree but isn’t the uninstall a one time thing and then you never deal with again?
If Apple News keeps advertising to you after you uninstall News then Apple has overstepped and should be held to account. I don’t hold it against them showing Apple News content on the Home Screen / Notification Tray iff Apple News is actually installed.
Well, that's a little bit different from an ad, but I take your point.
That doesn't happen to me when I use the cheap earbud things that Apple sells (I use a Subsonic client app for music); do you have any idea what triggers it?
Curious which subsonic client? I’ve been using play:sun for a few years and sometimes AVSub. These clients are okay, but I do get some weird issues with them sometimes.
Having said that, I love subserver more than any other media server options.
I currently use iSub, but I’m in the same position: occasional weird issues, some that I think are compounded by my use patterns (I tend to listen on the subway, so the frequent network disconnects seem to break the cache.)
I wouod sqy you werent the product originally but apple figured out they were leaving money on the table and quickly converted to adding that business model on top of overcharging for devices over the last decade. Nowbitvis atleast as bad as android if nit worse
> 2) Google's device freedom: you can do whatever you want with your device because your are the product. Sure you can load a complete separate system of mail and chat clients and not sign into google, but really, will you?
Typing this from a Pixel running GrapheneOS, and it's a great experience.
I personally think their migration to subscription based revenue and advertising says differently (just personal opinion). Were now the product with Apple too, not the customer. We used to pay more to not deal with that.
It seems that advertisers can outbid users to the point that nobody is willing to pay enough to be the customer.
The amount of money in advertising is staggering. Can it actually work that well? Or is this a category of spending that just tends to be greenlit in big companies?
There’s a huge difference, including from a privacy perspective, between subscriptions and internet targeted advertising.
How are you the product, when you’re giving money? That’s like saying, when you buy a ticket to Black Panther, you are the product Hollywood is selling, not the movie.
> How are you the product, when you’re giving money?
Why can't you be both? After all, an advertiser's best target is someone who already has a propensity to spend. Companies can and do sell you stuff then also target you for ads.
Great to see Apple users are still deluding themselves into thinking they're not the product despite constant reports of Apple spying on them just like everyone else
The extent really matters. I don't care if Apple tracks App Store clicks or what I (don't) read on Apple News. I would care, a lot, if they tracked my browser history, chats, and email.
Could Apple conceivably be spying on my every move? Well... they really don't need to to make App Store recommendations so I doubt it.
When, and if, ever launches its own web advertising client which they bill as "privacy focused" I'll start being skeptical but until then there's way better things to throw tin foil at.
In case its not clear, Linux the operating system typically means the Linux kernel plus a set of unix-inspired GPL-licenced userspace tools. Some (still) call this GNU/Linux, although that is a bit of a mouthful.
Android has a completely different userspace to "Linux". The kernel is not the issue.
Well that's silly, the userspace you are talking about is strictly useless on phones. Every single attempt at building a reasonable mobile userspace for GNU/Linux has been a complete failure. What would that even look like? Almost all graphical GNU/Linux tools depend on X11, which is completely unsuited for phones.
But if you want, you can totally install all the GNU userspace tools on Android. Nothing is stopping you from doing that.
Marrick's comment makes even less sense using a definition of Linux that includes Android, since they lists three different options: iOS, Android and Linux.
"No one is going to spend billions of dollars to get you to buy Linux.", Marrick said. Perhaps they were including the resources required to make something that is recognisably Linux that is compatible with phones, and polished enough to be appealing to the average consumer?
>Marrick's comment makes even less sense using a definition of Linux that includes Android, since they lists three different options: iOS, Android and Linux.
They could just have not known this, it's not obvious if you've never tried to open a terminal on an Android phone.
But how is Android not recognisably Linux? You can natively run all the Linux stuff you'd like on Android.
What you are referring to isn't Linux. It's Linux + a free desktop compliant userspace. Linux is just a kernel which is in fact shared between both. I'm not sure why the community hasn't come up with a better name to help disambiguate the two.
1) Apple's freedom from inspection: they control your device and their ecosystem because they make money off the ecosystem. The take a cut of the phone/computer/watch you buy then anything you buy in their ecosystem because the ecosystem is their product. Your data is (mostly) safe from advertisers because that's not their business.
2) Google's device freedom: you can do whatever you want with your device because your are the product. Sure you can load a complete separate system of mail and chat clients and not sign into google, but really, will you?
Of course there's option 3, linux. Neither the ecosystem or you is the product, but where's the money in that. No one is going to spend billions of dollars to get you to buy Linux.
Whether Apple or Google (or MS or w/e) is the arch villain is really just a matter of perspective. Is two or three options a great place for consumers? No, of course not, it all sucks. I think a system built around who-gets-the-most-money-wins is the real problem.