[plusquamperfekt]

Huh? Apple and MS have a record of communicating in sharing data with US government - plus as companies providing closed source software they are likely to introduce backdoors ... also something you might have heard of since Snowden.

[tptacek]

I'm making an engineering point, and you're making a conspiracy-theoretic point.

[mapgrep]

Engineering and corporate behavior aren't really orthogonal topics, are they, when the actual engineering you want to inspect is unavailable (closed source) and you have to rely on observed behavior and trust?

If Apple actually did have a history of, say, pushing customized "iOS update" binary blobs at USG targets that undermined all the security features they describe in their white papers and in their (other) marketing, that would actually be entirely relevant to claims about the security of iOS, would it not? Even without such on-device updates, a system like iMessage can potentially be thwarted if Apple itself decides to cooperate with MiTMing, at least in certain scenarios.

(Btw I'm not actually endorsing OPs point that Apple is too close with the U.S. government. That does not seem accurate given the public heat brought down on Apple by entities like the FBI recently. But if it were Microsoft, there would be a point there.)

[tptacek]

I think Apple has gone through a lot of trouble to avoid being forced to compromise iMessage, but I am not recommending iMessage. iMessage is orthogonal to Apple's platform security, which is simply better than Android's.

That's all I'm saying.

[jacquesm]

Closed source it may be but what's stopping you from reverse assembly? After all even in 'open source' you still don't know what you run unless you built it yourself. And even then you have to trust your toolchain.

[wtracy]

And the Android build shipped with your phone is provided by your telecom provider, which presumably cooperates with your favorite Three Letter Agency.

So, you flash the phone with your own build? Most phones on the market rely on proprietary drivers only available as binary blobs. Even if you find a phone that has all Free drivers, can you replace the bootloader with your own trusted binary? Even the bootloader isn't nearly as dangerous as the baseband processor, and I don't know of a single phone with a Free baseband OS.

Sorry, as much of a fan as FOSS as I am, with your threat model, every phone on the market is equally bad. This might change once we're able to eliminate baseband processors from smart phones, but even then I wouldn't hold my breath.