You do if you want cloud backups (as most people do), because Apple prohibits you from doing it any other way. You can't uninstall the iCloud backup software, you can't replace it, and you can't buy an iOS device without it. It's literally inseparable from iOS by Apple's design, and iMessage is too in exactly the same way.
> So that must mean HTTPS is somehow no longer E2EE either
Safari doesn't backup the contents of your HTTPS connections to Apple, nor even the URLs for the vast majority (only top level page navigations are stored in history). The analogous situation would be if Safari would relay all the content of every HTTPS connection to Apple servers along with the keys to decrypt it. Maybe you would defend such a system as "end-to-end encrypted", but you would be in a very small minority.
> My phone password is
... completely irrelevant. Who cares? You're not seriously arguing that 21 character phone unlock passcodes are typical? We're talking about defaults here.
> I almost never enter it because of Face ID
I was wrong. I thought that you had to enter the passcode at least once daily, but it's actually at least once weekly. However my point stands. It's extremely unlikely for the vast majority of people to forget their passcode, which is distinct from their account password, which is almost invariably very short, and which they practice entering at least weekly.
As for the edge cases you mention, every system has edge cases. The non-E2EE account recovery case has edge cases too. It requires navigating Apple's support process and proving your identity via whatever means they request which not everyone will be able to do successfully. Also it's vulnerable to social engineering attacks on the support reps. No system is perfect. If the forgetting issues were so bad, then Apple wouldn't by default encrypt Keychain passwords with true E2EE. Losing those is actually super inconvenient too, but Apple has no problem with E2EE there. That's because law enforcement cares more about reading your messages than logging into your Reddit account (or they can just go to Reddit directly).
> PINs are just a kind of password
A very special kind of password which is by design much easier to remember and practiced more often. They are very different in practice, don't pretend there's no relevant difference.
> I'm starting to wonder if you actually own and use iDevices at all
I owned and loved the OG iPhone and many other generations too. Although my current phone is Android, I still use iPhones and iPads casually from time to time.
Look, I could continue all day, but long experience has taught me that it's pointless to argue with someone so clearly stuck in the reality distortion field. I believe I've made my points clearly for any other reader of this thread. I won't be responding further.
You do if you want cloud backups (as most people do), because Apple prohibits you from doing it any other way. You can't uninstall the iCloud backup software, you can't replace it, and you can't buy an iOS device without it. It's literally inseparable from iOS by Apple's design, and iMessage is too in exactly the same way.
> So that must mean HTTPS is somehow no longer E2EE either
Safari doesn't backup the contents of your HTTPS connections to Apple, nor even the URLs for the vast majority (only top level page navigations are stored in history). The analogous situation would be if Safari would relay all the content of every HTTPS connection to Apple servers along with the keys to decrypt it. Maybe you would defend such a system as "end-to-end encrypted", but you would be in a very small minority.
> My phone password is
... completely irrelevant. Who cares? You're not seriously arguing that 21 character phone unlock passcodes are typical? We're talking about defaults here.
> I almost never enter it because of Face ID
I was wrong. I thought that you had to enter the passcode at least once daily, but it's actually at least once weekly. However my point stands. It's extremely unlikely for the vast majority of people to forget their passcode, which is distinct from their account password, which is almost invariably very short, and which they practice entering at least weekly.
As for the edge cases you mention, every system has edge cases. The non-E2EE account recovery case has edge cases too. It requires navigating Apple's support process and proving your identity via whatever means they request which not everyone will be able to do successfully. Also it's vulnerable to social engineering attacks on the support reps. No system is perfect. If the forgetting issues were so bad, then Apple wouldn't by default encrypt Keychain passwords with true E2EE. Losing those is actually super inconvenient too, but Apple has no problem with E2EE there. That's because law enforcement cares more about reading your messages than logging into your Reddit account (or they can just go to Reddit directly).
> PINs are just a kind of password
A very special kind of password which is by design much easier to remember and practiced more often. They are very different in practice, don't pretend there's no relevant difference.
> I'm starting to wonder if you actually own and use iDevices at all
I owned and loved the OG iPhone and many other generations too. Although my current phone is Android, I still use iPhones and iPads casually from time to time.
Look, I could continue all day, but long experience has taught me that it's pointless to argue with someone so clearly stuck in the reality distortion field. I believe I've made my points clearly for any other reader of this thread. I won't be responding further.