2. I beg to differ. A completely de-googled phone is not only extremely difficult to achieve but about as useful as a 2009 blackberry. Yeah it runs and will maybe let you check your email with 5+ hours of work just to get push notifications running but it is so completely impractical for anyone that doesn’t want to devote serious amounts of time to it. With Apple you a good balance of privacy and utility imo.
My intention here isn't necessarily to tell you what to use or buy.
1. There is nothing legally binding here, as far as I can tell. Apple software is almost entirely closed source. Zoom told us they were encrypting our stuff, too. I know that Apple can't get away with too much because of their size, but I have a very strong distrust of big tech companies that I'll likely never shake because of the disgusting track record silicon valley has toward privacy and short-sighted profit-making. Take this text for example: "Apple can’t read your iMessages while they’re being sent between you and the person you’re texting." What does it mean that it can't see them while they're being sent? Can they see them once they're at rest? Is this just innocent vagueness of the English language, or sneaky shit? Similarly, they say they can't see your location in Maps. They make no promise with the browser. In fact, they don't promise they aren't snooping on 100% of the stuff in Safari- they only say they try to protect you from other companies tracking you.
2. I don't disagree with you. And I'm just kind of a Luddite because I just don't care if I can run SnapChat or whatever on my phone. I can browse the web with a solid, privacy-respecting, browser (Firefox) with all of the privacy addons I want. I can use that browser to access the things I care about. I do use a closed-source navigation app, unfortunately, but it isn't Google and doesn't require Play services. I lock down its permissions as best I can. I use Signal for most of my messaging needs, which works fine. The one thing I actually do miss is ride-sharing apps when I travel. That's a major inconvenience. But some shitty game or social media app whose entire purpose is to track you (whether you use/trust Apple/Google's OSes or not...)? No thanks, anyway. In fact, I think there's another point in here that most of these apps are tracking the hell out of you, regardless if you trust your phone's OS.
> they say they can't see your location in Maps. They make no promise with the browser
Apple Maps doesn’t have a browser version, just and iOS and Mac OS app. Additionally see above link, all location and search history is end to end encrypted - maps searches (and other location based events that cannot be encrypted due to server side processing) are not linked to your Apple ID.
> In fact, they don't promise they aren't snooping on 100% of the stuff in Safari
Again see above link, safari history and tab sync is also end to end encrypted
I wasn't being clear with the maps-browser comment. I meant that they make no promise that they aren't tracking your location outside of the Maps app.
It's great that they claim to end-to-end encrypt their stuff. And after the FBI standoff around the San Bernardino shooters phones, I recommend that my friends and family use Apple because the options for most humans are between Windows and macOS on PCS, and iPhone and (stock, OEM) Android for phones. They definitely talk the talk and appear to walk the walk. We can never truly know, though.
I know there's no point in arguing further. I fully acknowledge that I have less objective reason to believe that Apple is tracking me than you have to believe that they're not. But all of my friends thought I was the crazy tinfoil hat guy in the period between the signing of the U.S. Patriot Act and Edward Snowden. And after that... they still think I'm the crazy tinfoil hat guy. Maybe I'm a broken clock and was right once, or maybe Silicon Valley is full of corporate scumbag liars and maybe companies lie about their encryption (Zoom) and about their stance on privacy (Facebook). Maybe Apple is the lone shining beacon of privacy in SV. Maybe.
But you're definitely letting perfect be the enemy of good if you think that closed-sourced drivers means that e.g., a closed source web browser doesn't increase your privacy attack surface.
Life is full of choices between imperfect options. And security/privacy is always qualified with "from whom". Sure, closed source drivers are not ideal and I am more vulnerable to privacy attacks from state actors. But why should my response to that be to just willingly give all of my personally identifiable information to Google, Inc?
Yes, that's what I mean. But you're moving the goalposts. I, too, fear that there will not be a usable, open source OS for smartphones in the near future. But that's not what I said above and it's not what you appear to be arguing.
Today, AOSP is absolutely open source. You're acting like it's not.
And absolutely useless for any company that wants to sell a phone outside of China without Google Play Services. Most phones run with Google’s closed source equivalents not the unmaintained AOSP versions.
You don’t know what the apps on your Android phone is doing because they all interact with Google Play Services. Most phones don’t even use the open source dialer.
That's all true and fine. But is there anything I said that hints that I'm a company trying to sell an Android phone without Google? If not, what are you refuting exactly?
I said that we don't know what Apple software is doing because it's all closed source. You then spent the last several replies trying to convince us that the same is effectively true of Android. It's not. You know how I know? I'm writing this reply from a Pixel 2 running LineageOS without Google Play Services. Is it a pain in the ass to do this kind of setup? Yep. Do I miss out on TikTok? Probably (I don't want it, so I don't know if it requires Play Services). Is it closed source? No.
In any case, refuting my claim that we can't trust Apple by arguing that we also can't trust Google doesn't actually refute a thing.
I'm not looking for a pat on the back from you. Again, all I said was that you (mostly) don't know what closed source software is actually doing. I have yet to understand how in the world you disagree with that.
Of course not. And even if I did, there's no chance I could catch every possible bug or issue or exploitable issue. But, like I said several replies ago: life is full of choices between imperfect options. I try to choose the less bad choice as often as possible.
If you wanted to spy on your users, would you honestly risk publishing your source code? Let's be real.
Location, web searches, app usage etc etc. Try turning all tracking off and your phone becomes a brick. Google Assistant no longer works, google maps can no longer remember where your home and work are (cause that can’t happen on device for some reason). Top it all off and you’ll get constant pop ups asking you to turn it back on.... not fun.
That’s virtually every android device in existence. Just because someone degoogled an android once as an experiment doesn’t mean it becomes the new definition of what android is.
> I am asking how does Android, Google's Android distribution not anything else, tracks users?
And I am saying it is a pointless thought experiment to separate Google from Android. Next you’ll say it’s the hardware that is android, not the software and ask how the hardware directly tracks users.
Edit: Read my original comment again, you are changing the subject. I haven’t said anything remotely conspiratorial, Google is open about their tracking in android. My point is that Google tracks you on android and if you turn it off your phone becomes crippled and in many cases for no reason except that google wants to make it as painful as possible to turn off data collection. Data collection is their business model after all.
iOS too ships with Google as the default search engine and just like on iOS, you can pick a different default on Android too. In fact Android has always allowed for changing all meaningful defaults, not something you can say about iOS. And in fact the world's leading Android makers, like Samsung, all of them ship with different defaults except for the Search engine (we're talking browser, email application, etc).
And all desktops actually ship with a browser that default to a search engine that tracks your searches, including Microsoft's Edge and their integration with Bing Ads. And Google is in fact the most transparent about what they track.
So if your answer is the Google Profile, which is transparent and can be turned off, then it's a pretty shitty answer. Unless you can point to implementation details in Android proper, all of this is just a conspiracy theory, similar to anti-vaxxing.
That's not Android. Those are Google apps. They would track you just the same if you ran them on iOS or any other OS, and you can turn them off very easily.
This is not limited to just those with Google Play Services installed. Even nearly pure AOSP builds like LineageOS still default to Google’s DNS servers, wifi gateway checks, and SUPL server, and replacing those defaults with privacy-respecting alternatives has been made harder due to changes that Google pushed into AOSP.
Google Play Services provides valuable services that need a backend component.
I asked for evidence that Google tracks you in nefarious ways via Android.
Am I being tracked when using their DNS servers, which are otherwise very valuable for people suffering from DNS-level banning of websites?
And what do you mean by "privacy respecting"?
Words are cheap. I hope the privacy respecting apps and services you use can guarantee that either via technology (encryption, open source, reproducible builds), or via contract (and a ToS that can be changed on a whim for a free service isn't a contract that can protect you).
> I hope the privacy respecting apps and services you use can guarantee that either via technology (encryption, open source, reproducible builds)
This is what the F-Droid repository is all about. But again, Google has insisted on changes to AOSP that will shortly make it much more difficult for ordinary users (i.e. those who cannot use the command line) to make use of such free and libre offerings.
You can replace them much more easily than you can on iOS, and you don't even need to install a third party ROM. You can turn SUPL off entirely on any Android phone out of the box, while you cannot on iOS.
On the contrary, iOS actually tracks you far more than Android. This is just marketing-driven conventional wisdom that doesn't hold up when you take even the most cursory look at it.
https://news.ycombinator.com/item?id=23329646
You are comparing default apps privacy and saying that is OS privacy. I specifically pointed out data collection in the OS (that you can't turn off) that make iOS far worse than Android for privacy.
Your paper also compares the amount of data sent to Google for an Android device using default apps vs. an iPhone using default apps and shows that the latter sends much more. That's not a very useful comparison. If you compare how much each device sends to Apple, the Android device would win by a landslide, though again, that is not a useful comparison.
Which part of it my assertions did you have trouble following? I'll quote it below in case you have trouble following the link, but I worry this might violate a repetition rule:
iOS having better privacy is a myth. iOS sends your location to Apple every time any the GPS is used, and you can't turn it off. You cannot install apps on your phone without telling Apple which apps they are, and if you want to develop your own apps for your device without having to reinstall weekly, you have to hand over payment information.
Stock Android devices from nearly any vendor do not suffer from these problems, and reputable vendors do even better (like in this case, where even voice transcription does not send data off device).
Some people just do not understand that employees are more productive if they are comfortable. They think employees need an eye behind its back in order to produce.
And if it is that way, it is their fault, they have chosen bad when hiring.
> Some people just do not understand that employees are more productive if they are comfortable.
I'd wager most people understand it. Like you pointed out, it's an issue with the perception of lost control, and people are willing to trade productivity for power.
You are right, it is a great move. I do not like it either, nor use it, except when I need to find small commerce sites in my city. I know they do not have their own webpages, so it is useless to look them on Google, but they all have a Facebook Fan Page.
With this move, Facebook will get even more business, and less and less small companies will see the need to build and maintain their own sites.
It is also a great move against Shopify
Keep all important data with you, both in your PC (better encrypted) and in an external disk (backup).
If you are really paranoid, you may backup it in the cloud too, S3, Dropbox or any other service.
Hi, realized about this post here in HN thanks to Piwik.
I am the author of the post Tony is linking at the top of his post, and I also use Piwik, where I saw my article was with 300+ visits instead of the 20+ it gets daily. :)
Piwik is great, and I use it to track visits to a few sites I own, all of them are some 6000 page views per day, so no real traffic.
Because my site is powered by Jekyll, I also use vanilla forums as commenting system, so no Disqus or Intense Debate either :)
Have a nice day, and thanks Tony for the link and credit .
