this post was submitted on 11 Nov 2024
582 points (99.2% liked)
Privacy
1213 readers
68 users here now
Icon base by Lorc under CC BY 3.0 with modifications to add a gradient
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If anyone is in need of a more secure option in these dystopian times: drip keeps all your data on your phone. You can export the data, so you can keep the tracked data when changing phones. I only use it for tracking my cycle and sometimes symptoms though, so I can't say much about using it for birth control.
Apple’s Cycle Tracking app is also locally and E2E encrypted in iCloud.
https://support.apple.com/en-us/120356
Sure. It's encrypted. And your private data only stays on your device. Pinky swear.
With our 10 billion $ in ad revenue, you can trust that your data never makes it to a third party unencrypted 😚
Anti Commercial-AI license
"If you are paying, it doesn't mean you are not the product"
- Cory Doctorow
I’m not sure what that license has to do with Apple’s privacy policy. Apple uses ML to place ads alongside relevant content. They provide no customer information to advertisers. They generate so much ad revenue by keeping a sizable 30% from the advertisers.
https://support.apple.com/guide/news-publisher/earn-revenue-with-advertising-on-apple-news-apdd44eeeeeb/icloud
https://support.apple.com/guide/adguide/generate-revenue-apd51c721ca9/icloud
onlinepersona posts that on every comment they make. They're licensing their comments under CC BY-SA-NC 4.0. Given the context of the conversation it may have sounded confusing.
I too trust every word apple says.
Anti Commercial-AI license
That’s the second time you posted that. What does it have to do with Apple’s privacy?
The link has nothing to do with the comment, some people just add that to all their posts because they think it will prevent LLMs from using their comments as training data. It's useless and very stupid imo, equivalent to people on facebook a few years back copy and pasting that text about owning their pictures and not giving fb permission to use them even though permission was already given in the sign up agreement.
I actually hate this take. Unlike facebook, on lemmy, you actually own your data. Will this ownership of data be enforced against LLM companies? Probably not. Stackoverflow had everything under a license that requires attribution, but LLM's don't attribute and got away scot free.
But... the license that onlinepersona uses is less restrictive, rather than the default of an individual having absolute copyright over content they make. With onlinepersona's comments, I know exactly what I can legally do with their comments.
As for everybody's else comments, like yours, I don't really know. Can I quote you, with or with out attribution? Can I legally remix comments? Do I have to ask permission before I use your comment in my presentation? You didn't sign any kind of license/agreement that explicitly stated what they can do with your comments, did you?
I'm never gonna complain about someone explicitly releasing their work under a more free license. I find it frustrating that the fediverse is the "free culture" place and all that, but we don't have a way to set copyright (or more likely, copyleft), on our comments. Instead, every comment is the equivalent of proprietary, source available software.
People mad about onlinepersona's CC BY-NC-SA 4.0 license, like the other poster who is calling them stupid, are literally mad about receiving free shit. Stay mad, I guess. Personally, I'm happy that I am given content under a more free license than proprietary.
I completely understand where you’re coming from, but let’s be real, it doesn’t matter. Copyright is for corporations to protect their assets, not for individuals. The legal system is set up in such a way that it can be weaponised by the wealthy, but is basically unusable by the poor.
If some company started selling your comment printed on a T-Shirt with no attribution, there is nothing you could really do about it unless you could get the story to go viral.
If a corporation wants to include their comments in an AI training dataset, it will. It won’t matter what license the comment is released under.
This is why I am pro-piracy, particularly against large corporations - because corporations don’t respect the copyright of individuals, so why should we respect their copyrights?
Oh that guy posts that link in every post he makes because he trusts the data scraping companies and legal authorities to enforce it/make it a pain to ingest his data. When in reality he is a hypocrite as his sarcasm is stupid.
Is the app and the OS open source? No? Then please shut the fuck up with your dangerous "advice". People really still havent understood how this shit works. How is this being upvoted? Corporations do not deserve your trust when they claim things without proving them.
This is not a joke, this shit affects peoples lives. After spearheading the technology for creeps to stalk people with physical tags, and being the first to experiment with client side communications scanning, how do people still not understand that apple is just as bad as the rest.
Apple is very clear how they make their money. Desirable products at high margins, free customer support, and an ecosystem that encourages the purchase of additional devices and services.
They have also been very clear about their commitment to privacy, and have consistently led the industry in customer-focused privacy software. It’s the primary reason many customers choose Apple over their competitors.
Realistically, why would Apple blow up a $3.3T global success for an extra $10M? That 1/330 of the company value. For comparison, Apple sells ~$54M in Apple Pencils every year.
"If you are paying, it doesn't mean you are not the product"
- Cory Doctorow
What apple wants or doesnt want to do is completely irrelevant. The fact that they have the ability to remotely modify your device is a disqualifying factor for any rational person thinking about risk of life level privacy.
Also they can be legally forced to put backdoors into their software while, under the threat of state violence, being prohibited from telling the public about it. Thats how the US legal system works.
They can also be forced to put on a theater to make it look like they are not giving the feds access btw.
How can Apple remotely modify your device? Software updates? They have no access to your data.
Correct, forced software updates i.e. remotely modifying your device. Also what makes you think they have no access to your data already? Do just trust them when they say "we promise uwu" ?
Also phones can be caught during shipping and modified, thats how the feds did it for one of their more recent big drug operations. Under Trump who fucking knows what justifications will be used to do the most vile shit.
Updates aren’t forced. You have the ability to enable automatic updates, but they are turned off by default. They also cannot affect user data. iOS and app software is sandboxed. The kernel keeps application and OS layers independent, just like Linux. User data is stored in a separate partition.
Apple users will experience the same thing that all other computer owners experience when they disable updates entirely; outdated security software and limited compatibility.
Brother in christ, how hard is this to understand.
How do you know? Have you checked the code that runs the updates? Just because the phone usually gives you the option to postpone regular updates doesnt mean that they cant be forced.
What makes you believe that? Did you write the software that keeps it sandboxed?
Do people just believe anything that companies claim? If we could believe the things that companies claim, then the world would be a much nicer place but its not.
If its not proven, then its not the case as far as anyone should be concerned. Do we believe in religion now because the pope says that god is real?
And i havent even talked about code quality. Nobody can verify how well designed their software is. It could be a complete shitfest filled with old and insecure code that nobody does any auditing on.
Yes. I worked for Apple for over a decade.
You could be Tim Cook and i would still not believe a word out of your mouth.
You don’t have to. Opinions are subjective, and you’re entitled to believe whatever you’d like.
That still doesn’t mean you’re correct.
I am 100% correct in my assessment that iOS source code is not public which proves every single point i made beyond any doubt. Not a matter of opinion whatsoever.
Edit: I would be very happy if you could use your apple employee access to leak the source code ofcourse :)
All you’ve proven is that neither your claim nor mine is provable.
That still doesn’t make you correct. It means neither argument can be proven.
At least my argument is logical. You’re convinced Apple would risk blowing up a $3.3T empire for $10M.
Get real.
Their opinion is more valid regarding safety, because it's skeptical of the behaviors of an international megacorp, which is the smarter approach.
In software security, not proven to be secure = not secure
https://en.wikipedia.org/wiki/Provable_security
Prove it.
https://security.apple.com/bounty/
No. Apple claims updates aren't forced. With proprietary software, we have no way to verify if they have some way of forcing an update through.
No. Apple claims that only the user can enable automatic updates. With proprietary software, we have no way to verify if Apple can enable them remotely.
Also, are you really going tell users to not update?
No. Apple claims that updates cannot affect user data. Again, with proprietary software, there is no way to truly verify.
Oh...so updates are good now, and we should update, even if it puts us at risk of something malicious?
You are taking Apple's claims as truth and pretending they are good. They probably aren't.
But, as someone else mentioned in the thread: The US government can force companies to spy for them. Even if Apple was as good as they market themselves to be, they cannot outrun the government.
Now, it's not realistic to force everybody to switch away from iPhones. But, we should stop treating proprietary software as truly trustworthy with our data.
Because they know that even after being caught harvesting user data for advertising, people will still claim they don't do that even on a specialist privacy community on lemmy. Now think just how long it will take for the average apple user to realize it
Yes. There was an issue with iOS 14.1 that enabled personalized ads by default if you didn’t restore from a backup. I was working for Apple at that time. It wasn’t intentional or malicious, and a hotfix was implemented as soon as the bug was identified. The lawsuit was just. Apple fucked up.
For better E2E encryption, you should turn on Advanced Data Protection: https://support.apple.com/en-us/108756
What a name lol
Best to write your data down. Do not put on device or online.
I mean, the app offers encryption of the data, so you'd have to enter a password. And you can encrypt your phone as well. If it gets to a point where you are forced to enter the password, a piece of paper in your drawer is probably not much safer.
It's really beyond fucked up that this is something people have to think about.