story
Not saying you're wrong, I'm just curious what sources or info you're using to make that claim.
o who you message, when you message.
o Your locations (find my devices)
o your voice (siri)
o the location of your items (airtags)
o what you look at (App telemetry)
o What websites you visit (Safari telemetry)
o what you buy (Apple Pay)
o Who your with (location services, again)
o your facial biometrics (apple photos tags people with similar faces, something FAcebook got fined for)
o Who emails you, who you email
With these changes, you'll need to allow apple to process the contents of the messages that you send and receive. If you read their secuirity blog it has a lot of noise about E2E security, then admit that its not practical for things other than backups and messaging.
they then say they will strive to make userdata ephemeral in the apple private cloud.
I'm not saying that they will abuse it, I'm just saying that we should give apple the same level of scrutiny that we give people like Facebook.
Infact, personally I think we should use Facebook as the shitty stick to test data use for everyone.
You should look more into their security architecture if you’re curious about stuff like this. The way Secure Enclave, E2EE (including the Advanced Data Protection feature for all iCloud data), etc. The reality is that they use a huge range of privacy enhancing approaches to minimize what data has to leave your device and how it can be used. For example the biometrics you mention are never outside the Secure Enclave in the chip on your phone and nobody except you can access them unless they have your passcode. Things like running facial recognition on your photos library is handled locally on your device with no information going up to the cloud. FindMy is also architected in a fully E2E encrypted way.
You can browse their hundreds of pages of security and privacy documentation via the table of contents here to look up any specific service or functionality you want to know more about: https://support.apple.com/guide/security/welcome/web
Moreover, because apple has great PR, you don't hear about privacy breeches. Everyone seems to forget they made a super cheap and for a long time undetectable stalking service. Despite the warnings. (AirTag)
Had that been Facebook or Google, it would have been the end of the feature. They have improved the unauthorised tracking flow, but its really quite unreliable with ios, and really bad in android still.
> You should look more into their security architecture if you’re curious about stuff like this.
I have, and its a brilliant manifesto. I especially love the documentation on PCC.
but, its crammed full of implied actions that aren't the case For example: https://support.apple.com/en-gb/108756
> If you choose to enable Advanced Data Protection, the majority of your iCloud data – including iCloud Backup, Photos, Notes and more – is protected using end-to-end encryption.
Ok good, so its not much different to normal right?
> When you turn on Advanced Data Protection, access to your iCloud data on the web at iCloud.com is disabled
Which leads me to this:
> It seems like you think this means Apple somehow has access and stores all that information in their cloud and we just have to hope/trust that they don’t decide they want to poke around in it?
You're damn right I do. Its the same with Google, and Facebook. We have no real way of verifying that trust. People trust Apple, because they are great at PR. But are they actually good at privacy? We have no real way of finding out, because they also have really reactive lawyers.
and thats my point, we are basically here: https://www.reddit.com/r/comics/comments/11gxpcu/our_little_... but with apple.
