If Apple had supported open iCloud alternatives for backup and other services from day one, it woudn't even be a discussion now. The UK probably wouldn't have thought of the idea of mandating against E2E encryption because it would be self evident it would actually just churn people to alternatives where they have less leverage and visibility. But Apple couldn't resist bricking up the walled garden and now it's hostile to both them and their users, and to be honest, everyone on the planet since it is obvious that once this happens in the UK it will be silly for every government everywhere not to follow suit.
Powerful people don't think this way. They think they can leverage the authoritarian regime to their own advantage. They're biased to ignore risks and seek out opportunities. That's what got them to their position of success!
This myth that capitalist perpetuate that the rich are not the government is the best lie out there.
The rich are the government. They are the national interests, countries' industries' is their property.
This shouldn’t be surprising. Political competitive advantage is even taught in business schools, as Michael E. Porter explains in Competitive Strategy.
The only way to counter it is through competition: support companies that offer substitute services and stop playing into Google’s and Apple’s hands by calling for more regulations.
[1] https://www.cnbc.com/2022/03/30/how-google-and-amazon-bankro...
[2] https://www.iccr.org/resolutions/lobbying-expenditures-discl...
I think the UK is ultimately going to roll back this law. I don’t think this means that iCloud E2E is hostile to Apple or its users. I think Apple is going to win.
The war isn’t won by telling people to use GPG https://moxie.org/2015/02/24/gpg-and-me.html
Tangent, a friend and I started using Delta Chat with a chatmail relay and it's incredibly friendly to get started, and hides the fact GPG tech is being used from the user; one can export a bundle of the key data as needed and easily copy the key profile to a second device over local wifi (I was impressed at how smooth it was).
Not that I've kept track, but Delta Chat's UX is probably the first easy, no-nonsense implementation of using GPG tech as a foundation but keeping it away from the user experience I've encountered (and liked). It has it's pain points but I mean it just works and my buddy and I chat all day over it using a public relay.
Would you mind explaining? I don't see how that's evidence.
You think the OS vendor is unable to snoop on data written to 3rd party clouds from their devices?
Did they even really try?
As far as iCloud "alternatives" go... Android doesn't offer ANY legitimate syncing infrastructure to compete with iCloud, open or not.
I'm sure someone in a board meeting saw something about GrapheneOS and LineageOS and Cyanogen and feels like if they de-open Android, some (or most) of those users will move to vanilla Android, and that will lead to profits.
I'm not saying that they're right about this; I think ultimately very few (if any) people actually know how to run businesses and it's all about giving an appearance of maximizing profitability, and as long as it leads to a potential short term stock boost then these executives get their huge bonuses and they can just blame the next guy when things break.
This isn't really theoretical; look at how Jack Welch took one of the most respected companies in the world, more or less integrated ponzinomics to temporarily bump the stock prices, and 20+ years later GE is kind of a joke and isn't even on the S&P500 anymore.
Posting this from my lineage phone.
Why does Apple need to do extra work and increase support? The average user really doesn't care and choices just make it more complicated.
> The UK probably wouldn't have thought of the idea of
The UK has lost the plot long ago. It's been drama after drama.
The gatekeepers.
Apple created a product, not just the iPhone but a whole ecosystem that’s supposed to help the user feel secure. There’s isn’t the only product out there and as long as they’re not preventing new competitors, everyone needs to back off.
Everyone who is not a public service is just "making a product", but when your product is actually half of all endpoints for digital services and communication and you insist on not handing control to the users, then you effectively control half the infrastructure.
Tech bros helped Israel genocide Gaza. Tech bros are pro-authoritarianism.
Citizens will regain their right to e2ee privacy, they will not have to deal with voting for mediocre politicians to lead them. Instead, Tim Cook will be their new leader, and every morning over the mandatory installation of HomePods in each home, citizens will be greeted with an ecstatic "Good morning!" to get them energized for the day ahead.
Voting will be done via iPhones, where FaceID will verify the eligibility of the voter before the vote has been submitted.
2. Note that the consulting firms already managed to get the legislation they most cared about – creation of the LLP as a kind of entity – despite not having any candidates
3. If the government is too associated with a big consultancy then (a) they may be pressured out of giving them contracts (not good for McKinsey!) and (b) failures by that consultancy will be highlighted more than usual in the news (also not good!)
4. I mean plenty of people would go through the consultancy meat-grinder before becoming politicians. If you are training juniors to think similarly then that may carry over after they leave.
However, they don't ask questions, so one layer of money laundering is completely fine. Nobody asks where the funding for Farage's various projects comes from, for example.
you just don't hear about which candidates are theirs
Only Apple shareholders will be eligible for voting. Citizen services like Medical Insurance, etc will be subject to performance review. A poor score will have you relinquished and deported.
> Header image by me: Alan Turing memorial, Manchester, where he reminds you why keeping data private can be a matter of life and death.
The image shows a close up of a statue of Alan Turing, his hand holding an apple.
The suicide story will probably never go away, because it's too good a story. It fits so neatly into popular culture.
How would he have put himself quietly to bed if he had gotten a fatal dose of cyanide in the spare room where the electroplating was taking place? Wouldn't there be very fast respiratory distress?
> Otherwise, please make sure you de-Apple, de-Google, and de-American Stack yourself when you have time, clarity, and focus to do it. Start today.
I don't understand the core of this advice. So if you're in the UK and do all the above, can you suddenly get similar E2EE cloud storage from a different provider without a UK government-mandated backdoor?
Not that there aren't other reasons to be skeptical of American companies' right, but it's just so easy to fall into nationalistic prattle instead of fixing the real problem.
Right. This, right now, is 100% a UK problem. De-Americanising your tech stack isn't going to fix the political issues domestically. Hence Apple pulling ADP out, they made the choice of not complying with the UK and not offering the service instead of compromising the service for everyone else in the world.
UK citizens need to direct their attention inwards against their own government.
Disagree. Australia and also likely Canada have identical these laws. And once the capability is in place, its likely that the US can all writs access to the same tool. Apple is unique in that it has a semi legal canary, in choosing to withdraw the services instead of complying.
You cant trust any tech company that remains located in the 5 eyes nations.
I am not aware of good alternatives, but worst case you can run up a VPS with Owncloud or something.
How do you figure that? If you're worried about your privacy in the UK, keeping your data in a Five Eyes country cloud provider is a very bad idea, arguably even worse than keeping it in a UK cloud provider where it becomes a domestic legal matter where you at least get a day in court, not a foreign intelligence matter where you don't. And the US is a pretty bad place for anyone's data given a) its lack of robust privacy laws (and large commercial data-trafficking ecosystem) and b) the National Security Letter system.
While there is no perfect country, somewhere like Germany or the Netherlands seems a much better bet.
They are just going for service providers that make E2EE easy for users - clearly betting on the fact that people they want to surveil would be too lazy/incompetent to use a custom solution providing strong E2EE encryption. And they may be right - most iphone users would keep using the same services even with the knowledge that the data is now widely open - and eventually of course will be breached and available to every kind of criminal, as it happened many times already with other massive data warehouses.
But I believe even is the UK you still can encrypt your own backup and upload it, e.g., to rsync.net and nobody would be able to stop you. Just most people won't.
What we have in effect today (ban of E2EE, chat control) was laughably impossible to conceive just five years ago.
ttyl
If you're in England and have to keep things secured (including from government eyes), i have no idea how you can do. They soon will be allowed to put a camera in your small room and watch you take a dump.
Never trust US services, 3-letter agencies are endlessly greedy to fill your profile with another tens of thousands of data points. As do all advertisers all around the globe. As do (with various success) all other governments and private companies who have something to gain, HDD storage has never been cheaper and all personal data are worth gold and beyond.
Or if you have to use them, use your own encryption with strength to not be broken for next few hundreds of years, to stand a chance. That is, if you actually have something to hide, but I have never met a person who really doesn't :)
I don't know why everything must be digital. If you don't put it on a computer, it's almost as if it doesn't exist. If you do this often enough, it is almost as if you don't exist.
The thing that he was about to do was to open a diary. This was not illegal (nothing was illegal, since there were no longer any laws), but if detected it was reasonably certain that it would be punished by death, or at least by twenty-five years in a forced-labour camp. Winston fitted a nib into the penholder and sucked it to get the grease off. The pen was an archaic instrument, seldom used even for signatures, and he had procured one, furtively and with some difficulty, simply because of a feeling that the beautiful creamy paper deserved to be written on with a real nib instead of being scratched with an ink-pencil. Actually he was not used to writing by hand. Apart from very short notes, it was usual to dictate everything into the speak-write which was of course impossible for his present purpose. He dipped the pen into the ink and then faltered for just a second. A tremor had gone through his bowels. To mark the paper was the decisive act. In small clumsy letters he wrote:
April 4th, 1984.
Even if you monitor downloads, every VPN, every ISP..... can't I copy paste the source code?
Isn't SFTP already E2EE? They're not going to come down on SFTP....right? I really hope not...
If you're making money in the UK, they have a lot of legal authority over you.
If you're based in the UK, they have a lot of legal authority over you.
If you're neither of those things, they might complain, but the actual consequences are close to nil.
And they're not banning the tools (this is arguable, but they "can't" logically, as you point out). They're banning businesses from providing the tools.
It’s easy to make Apple budge because they have money ties to the Uk.
This works less well for unsavory websites not complying with UK law. See https://prestonbyrne.com/2025/10/16/the-ofcom-files/
edit: This is apparently currently not working for Apple and MS builds.
https://github.com/signalapp/Signal-Desktop/blob/main/reprod...
# Decrypt openssl enc -d -aes-256-cbc -in secret.enc -out secret.txt
Wow that was hard.
And, for 99.9% of people who know how to do that, they'd still be too lazy to do it properly (hint: where do you keep secret.txt exactly? What happens if your dog eats it?) and will use some third-party solution instead.
Now explain how my mum can select that in settings of her phone, thx.
Not all of those companies will loudly object in the way Apple does.
This assumes that Apple has loudly objected to every government request for backdoor access and also that they have never acquiesced to any of those requests.
And, it's just ADP being affected by the UK mandates? What % of users bother enabling ADP? I probably should, but haven't bothered (am I being foolish?).
https://www.catribunal.org.uk/cases/16897724-consumers-assoc... (hearing in 9 days)
Technically this can even be correct. You can build and operate a good, secure solution for yourself if you have time and skill to build. Could make sense for a company handling sensitive data. Would hardly make sense for most individuals who are not professional SREs / SWEs. (To check how it feels, an engineer can try to sew themself a pair of pants to wear daily, or do something similarly mundane in what they are not skilled.)
A solution that can reliably work for non-experts is very important.
i thought this a joke, lol
So, a UK-only advice, and it strangely assumes that any other service in UK wouldn’t be bound by the same laws.
Do you know of a good piece of software or tool that lets a layperson interface with any cloud storage provider?
https://thblegal.com/news/can-i-be-prosecuted-for-failing-to...
https://www.ilfattoquotidiano.it/in-edicola/articoli/2025/01...
etc.
I suspect it's because whilst other services would be affected we only know about Apple currently and, thanks to iOS and Mac, a large percentage of the population will be using Apple by default for the services impacted. Only Google (Android) and Microsoft (Windows) really overlap in that regard.
Not for long
So what?
> it strangely assumes that any other service in UK wouldn’t be bound by the same laws.
From the linked article:
> I’m not going to tell you where to move your stuff other than to say that if you’re moving it from one big tech company to another, you’re just being daft. Likewise, if you’re moving your stuff to a non-e2ee service, don’t bother. If you need an e2ee service try Proton. They have a Black Friday sale on.
The title felt like there was a greater issue with Apple specifically. There wasn't. There was a greater issue with the new UK laws and cloud storage systems. I think people deserved a clarification before getting wound up about it before reading the article.
So American companies are complying UK laws, and the conclusion is that UK citizens should "de-American"...?
Am I reading it wrong?
One of the most shocking things about Europe when I have visited is what your average European (or Brit, since I guess they don't call themselves European anymore) thinks the US is like (even ignoring politics, just basic standard of living stuff). They've never been and probably will never be able to visit so all they know is what they've been told. When they do visit, they return with a much poorer opinion of how their country is doing. That's why the "I was lied to..." clickbait is so common in European made US travel videos now.
Years ago when I was still giving Android a chance I found that things like banking apps refused to work if I loaded a custom ROM or IIRC even if I enabled superuser access on the stock ROM. Those things are probably even more tightly controlled now, so de-Googled Android doesn’t seem worth trying again.
Too bad other truly OSS mobile options are in their infancy, heck I couldn’t even get all the drivers configured stably on a work provided laptop with Linux support supposedly validated by the manufacturer. It could be years before we get good OSS phone and tablet software, if it ever comes at all.
As for other uses of your data, and what they "send back home", there you might be right about the differences between Apple and Google, but I would again not put faith in either.
(Crazy rats nest of CSS rules, I assume this is a wordpress/wordpress template thing.)
margin-right: -34.0740%;Then there's the websites that have a menubar or other UI floating on top of the content it takes you to (this is far more common, and incredibly frustrating as I'm usually using either a toc or a search function and unable to see the content I'm looking for at all)
So nu, it makes no sense to blame Apple here.
I don't think there's any blaming of Apple going on here. This is about dealing with the practical realities of the circumstances for people in the UK.
Same (but different) in Denmark where politicians vote to give themselves more money[1], snoop on everything[2], violate our constitution unpunished[3], delete evidence of corruption[4], open the borders[5], etc. etc. etc. I used to care - a lot - I really did. But I'm done.
[1]https://www.dr.dk/nyheder/politik/ny-aftale-politikeres-loen... [2]https://www.justitsministeriet.dk/pressemeddelelse/i-dag-tra... [3]https://www.information.dk/indland/2020/12/jurister-ja-grund... [4]https://www.dr.dk/nyheder/politik/politisk-flertal-presser-m... [5]https://integrationsbarometer.dk/tal-og-analyser/INTEGRATION...
Personally I do not think its just the UK and Denmark, its pretty much everywhere.
The current ruling party in the US has given its voters exactly what they think they wanted, and it's a fucking disaster.
Author doesn’t. Not sure who you are disagreeing with.
Sixth paragraph: "But I will say that the shutdown of ADP is Apple being on the right side of the geopolitical fight, as inconvenient as that may be to you and me."
> But I will say that the shutdown of ADP is Apple being on the right side of the geopolitical fight, as inconvenient as that may be to you and me.
No, they don't:
https://news.ycombinator.com/item?id=45854441
Corporations can't really resist governments unless they're not operating in a given government's jurisdiction and therefore have nothing to lose. They can take things to court, but in lieu of a verdict or an injunction they have to comply with the law or they can be fined, have assets frozen, be de-banked or banned from processing payments, etc.
I'm sure there's services out there that will secretly comply and still claim to be secure.
There's also a lot of companies that will simply abandon security features like ADP or never develop them. Apple is going to the trouble of disabling it only for UK people not everyone, instead of just deprecating it. The latter would be less expensive and expose them to less legal risk.
If you really want security in the UK now you have to roll your own and do the encryption yourself. Honestly that's always the best security, since you can never be 100% sure a closed cloud or software vendor isn't messing with you.
It is also maybe a good thing? Corporations should not be stewards of our rights, we do not want to be governed by tech-barons.
The problem here lies clearly in UK's laws and government and they cannot be fixed by Apple. The West in general is in this crumbling state, where we take corrupt bastards chewing off our rights for a law of nature, instead of getting furious. France is the only western country where people dare to really protest.
That’s not to say they’re bad. They do an important thing. But they have a limited sphere. You wouldn’t expect the police to make a laptop or a church to direct air traffic either.
Ok, I was going to ask, but taking "yes, that one" seriously I suppose confirms the author is the actress Heather Burns best known for playing the best friend role in a string of successful romantic comedies.
https://www.imdb.com/name/nm0122688/
https://en.wikipedia.org/wiki/Heather_Burns
Kind of weird to be reading some blog post about tech privacy from such a well known actress.
Am I missing something?
https://heatherburns.tech/about/
If you scroll down you’ll see an image of the author.
A joke? A fun tagline? A little zing for under the heading?
To clarify, by "technical limitations" here you don't mean "it's not possible with our current technology", you mean "Apple purposely blocks this".
Not according to the UK, lately. The problem is still domestic. UK wants to exert this control over any service a UK citizens happens to use, whether they have a UK presence or not. Same with the ID/Age verification stuff.
Moving away from Apple and Google probably is something they should do, but it's not going to be a solution to the problem of the UK government's overreach.
UK citizens need to turn their attention inward against their government.
They are, and most time this allows them to abuse you. But what do you think happens once you that gateway is blown open, isn't your front door next?
> There are multitudes of online storage providers outside of the UK's reach and jurisdiction
What I said above means that once you normalize the situation that providers have to open the gate to your yard whenever the state comes knocking, the state will just come knocking directly at your door. In other words I'm not sure the state will stop in its pursuit of access to your data when it can just incriminate trying to evade the law by storing it out of reach.
ah thats not quite true is it now?
Remember, people, these are WAR CRIMINALS driving these policies forward. To expect this class of individuals to adhere to democratic, western values, is naive in the extreme.
The same people who have no problem with genociding a million people in the middle east enemy-state-de-jour are not going to give one fig of care to the local human rights violations that they are also getting away with.
The West has a war criminal problem. Until we solve that we cannot do a damn thing about our human rights problem.
Seems like it is time to de-Britain, rather than de-Apple.
Like buy cd's and blu-rays instead of digital/drm locked/streaming service shit. Be an owner again instead of a renter.
The part I haven’t been able to crack is syncing the Documents folder on my iPhone. All the syncthing apps for iOS are abysmal because there’s no real background sync. You can add a SMB share in the Files app, but that doesn’t get you offline access.
Looking at the list, perhaps moving documents off iCloud Drive (to where? Dropbox? That isn’t E2E is it?) and Notes is enough.
Do I really care if my photos are E2E encrypted? Most of my photos are in Lightroom cloud so those are not anyway.
I don’t use reminders or Freeform or voice memos, and I couldn’t care less about safari bookmarks. If I move off Drive and Notes, I don’t really care about iCloud backup either.
Is this sufficient? My notes will go to Obsidian (except some disposable shared ones) but where do I move my documents if not on iCloud Drive? Is Dropbox any better?
Although this is just anecdata, I moved my senior parents from iCloud Photos to Immich recently and their response was something like:
"Wow, the new Photos program on the iPad looks nice!"
For them it works out fine, since their use-cases are checking out vacation photos by scrolling the timeline and also occasionally clicking on the "memories" from N years ago. Helps that the app icon is very similar, too.
It works transparently, and has clients for Mac/Windows as well as iOS/Android.
It's also open source, and "free" (IIRC there's a one time fee for the mobile client).
How would we go about actually exerting political pressure in the other direction? Expanding rights and expanding freedoms outside one small corner, so that more people become aware of them and start exercising them.
``` @media screen and (min-width: 1200px) { .site-content .entry-content .wide-content, .alignwide, .alignfull { margin-right: -34.0740%; } } ```
that margin-right is causing some of the content to move too far to the right and gets hidden in `.entry-content`
It's not an article about advocacy so much as the pragmatics an upcoming data migration.
If Apple was transparent, I would be. But they are user-hostile and trust the federal government more than their customers. Apple is on-record[0] admitting that the US government requires them to their cover-up cooperation with surveillance. After decades of users demanding proper accountability from Apple, this is exactly what they warned would happen.
You have no right to demand that I take their side - Apple's disregard for privacy nauseates me. Everyone who sincerely trusted Apple to protect them against the fed is a lost cause. Go ask Apple to save you.
[0] https://arstechnica.com/tech-policy/2023/12/apple-admits-to-...
That's a shoddy job of de-Googling, a thorough job would have seamless redirection to whatever current calendar service you use.
> I’m not going to tell you where to move your stuf
But that's the most important stuff!!! Don't leave poor users dry with an impractical advice that will lead them missing important meetings
I can move her entirely to the family server, but even I'm confused. There's too many Calendar servers with different features, and all with a generally terrible UI. Once I finally settle for one of the server options, I'd have to get her using whatever calendar agent is good on Android, but that's another 20+ options to look at.
Sometimes the bazaar is quite confusing and overwhelming.
? Who is this person?
I was using CloudMounter to do this, but the software was unfortunately a bit rough around the edges and didn't feel as reliable and seamless as the other options.
These days I have some hacked together tar + PGP scripts for encrypted backups, but still rely on iCloud + ADP for the rest.
De-googling however is extremely hard. I have been slowly chipping away at it, but there are things I just have no decent option to (such as Waze and Android Auto).
Android itself is another problem. I have high hopes for a Graphene device.
Perhaps the only thing I use directly is Recaptcha.
The bigger problem is doing both.
DIY is pretty hard though even for the reasonably skilled. Even if you go full nextcloud or whatever - that’s not exactly risk free either
Extremely interesting.
the international monetary fund has every state in debt. some third-world countries become subordinate to it, when they're not able to pay the interest payments.
as for the MPs, theyre ok. not as stupid as most think. they are very self-interested and not in the business of 'rocking the boat'. strongly prefer managed decline than any risk taking that could result in things going sideways.
its easy to critique but truthfully the UK is structurally in a dead end (well ok, maybe not... but it does feel that way). but things could be a lot worse, and many don't appreciate that reality. having clean tap water and paved roads is pretty damn good for a country held up by fintech and scraps of last century's industry.
people calling for reforms have no idea what they're in for. Thankfully Reform was deployed together with Nigel Farage, God bless him, rolled in to do narrative control and provide a safe and controlled sponge for dissent. That guy is a 'fixer' for UK political radicalism - every time the crowd starts to have funny ideas, he magically appears and slowly but surely everyone goes back to their £32k/year jobs. I think he's 'retired' from politics thrice now.
truthfully, nobody does politics better than the Brits. but then again, they invented this game to begin with!
Always have been.
It's unfortunate that gross government overreach and corporate cooperation with it is what it takes for people to even recognize the concept of data privacy and data ownership is a thing, much less that they should do something about it and that their data is and never was "safe" in the cloud, no matter which corporate overlords walled garden you called home. Apple has never been an exception to this rule.
its entering another country that suddenly becomes a real problem, and ofcourse, if you're in the UK, the only country worth moving to at that point is the US with (as I understand) quite stringent immigration restrictions.
in reality, if the US were to open their doors to the UK, holy moly - this entire country would turn into Ukraine overnight, with nobody but pensioners left. which actually isn't in either governments interest: obviously not the UK, but infact, the UK presents a source of cheap labour for the US: read any hackernews thread concerning tech wages in the UK, the comments are hysterical/diabolical ("you make HOW much!?" - "A fast food worker makes more..." - etc.)
so, the current state of affairs is probably a good business arrangement for both parties involved, and aren't gonna change any time soon.
And the most popular choice -- the USA -- is off the table for the majority of Brits, I think, who cannot comprehend The Other Foolishness. (Mind you, the ones it encourages... I hope they follow their hearts)
That's the message. It's high time. We can what-about-argume about what's E2EE and what Apple "pinky promises" isn't used or sold but the reality is that anything seated in the US may as well be a publicly open http for the right buyer (be it the US government, Saudi Arabia, Israel or whatever...)
Especially if you're in charge of customer data, you can't "just" setup something on a EU server if the corp is based in the US, those days are over now. You need to do the legwork.
Brexit was the tipping point.
> What about that second TCN?
> On the 1st of October, the Home Office issued a second TCN against Apple for the same as before, but only for _British citizens’_ data. World-leading!
> Those who follow my work know that this phrase made me spew a double barrel of Glaswegian swearing. British citizens’ data, as opposed to British users’ data? The dividing line here is not e.g. being located in the UK or having registered an account here, but what it says on your passport? How is Apple going to know that, much less roll it out? (/s)
> Did Apple just publicly state that they’re going to be removing a security layer and adding a nationality check layer?
> We don’t know.
> We don’t know because as with the first TCN, that information only became available in the public domain due to someone leaking it to the media. That’s all there is to know. Everything else is confidential and NCND. There is nothing else to say because nothing else is known. If someone who did know something was sitting across from me right now, and they told me, they would be committing a crime.
Does that mean my non-UK citizen friends who are resident in the UK now have better privacy rights than UK citizens in the UK? Does it mean it's better to remain only a resident, than to attempt to obtain citizenship in the long run?
What next, become stone masons? nah, that's too corporate, pick berries instead ;)
Come on, what happened to moderation, discipline and planning? How about use what you need, hedge your risks (mix providers, products), be more proactive than reactive to demands for consumption?