[moobsen]

> nothing can beat the sense of security with privacy Apple carries with itself now.

That is exactly it. Apple is not good at privacy, they are good at giving you the sense of it. A closed source OS, on proprietary hardware, where they don't even give you root access to your own device, will never be private. You pay them, but really they own the phone and you have to trust them.

But they are obviously very good at making you /feel/ secure and private.

[hollander]

Take my Sony Xperia phone. Is Android Open Source? I think it isn't. Is the hardware proprietary? OK I can root the phone probably, but then what? How can I trust the new ROM if I can't really know what's inside? Google wants to make me feel secure, so they do their best to provide tools to protect my phone and account.

Now tell me what serious alternative there is for a modern smartphone? Firefox and Ubuntu have abondoned their phone OS, and they had no good working system that could compete with Android or iOS? Windows Phone? How's that better than Apple's offering?

Apple seems to have the best arguments here.

[bigbugbag]

Android is not FLOSS obviously but the point is that you can 't do more than having blind trust for the manufacturer. Having the best argument is not the same as as actually offering the best privacy.

You could try jolla or fairphone or even a blackphone (or one of the governmental only privacy oriented smartphones not available to the general public).

But this is somewhat irrelevant as having a smartphone with a GSM chip is a severe privacy issue in itself whatever the hardware/OS. Even a simple mobile phone is a privacy liability unless you take some precautionary measures.

To get some privacy one has to accept to have less comfort and ease of use, privacy and security are a tradeoff. something only a few actually do.

[la_oveja]

Android is actually FLOSS. The problem comes when people want to add a Google account.

You can use a free version of Android? Yeah! You are going to lack some stuff tho. Google Play Services provides geolocation services, the app store, push notifications,...

[swinglock]

I don’t think it stops with the Google software. You will still more likely than not have proprietary binary blobs running in your kernel to support your proprietary hardware executing proprietary firmware that is as large as operating systems themselves, the largest with the biggest attack surface waiting the process anything they can on 2G, 3G, 4G, WiFi and Bluetooth bands.

Android is more open than iOS but it’s not really open enough to make a significant difference, not for 99% of users and not really for the 1% that think it is more secure or private because they run a (heavily modified, very old, probably abandoned by the manufacturer) Linux kernel but ignore the baseband and closed source camera driver.

[bigbugbag]

I think you're confusing android and android open source project (AOSP) here. Android is AOSP + Gapps.

Even the FLOSS nature of AOSP has been questioned for years, but as a manufacturer it's impossible to offer a phone with AOSP, to be able to use android you have to include the Gapps.

Google has slowly been moving functional parts from AOSP to Gapps, the point being to limit the AOSP part and eventually get rid it of the open source part.

[la_oveja]

You don't need GApps to run Android. The only closed source blob you need is chipset and modem drivers.

And no: AOSP is Android. It's like saying that Linux is not Linux unless you bundle it with GNU-utils and wrapped by Canonical.

[ismail]

I think we are confusing two different but related terms in these comments.

1. Privacy of information

2. Freedom to inspect, modify and change source code.

So Open != automatic privacy of information.

The question then really boils down to do you trust apple to be doing what they say they are doing? Or would you prefer to verify it yourself? (open source)

I think Apple is betting that point 1 is much more important than point 2. More people also care about it. Hence the strategy.

Actually the more I think about it the more i realize this may be apples master stroke strategy. Google, Facebook etc. business models are primarily based around monetizing your personal data. Where as apple is saying you can have the same level of services but with out having to compromise as much of your data.

[ismail]

Few other points which may be obvious but non the less.

Apple is actually uniquely positioned for this strategy, since the do not need to sell your data to companies. They make their money of the devices.

It's probably one of the reasons google has been moving to more and more devices. To neutralize the Apple threat.

[lvillani]

I don't think privacy can be measured by counting the number of lines of code that are open source.

A device can be perfectly respectful of your privacy despite being closed and proprietary.

The only difference (IMO) between open and closed platform is that with the former you can have 3rd parties inspect it.

However, unless you have the resources to fully audit an open platform (either yourself, or by paying someone else) I believe you should assume the worst from both open and proprietary platforms.

[bigbugbag]

Even if it actually is, there is no way to know if a closed and proprietary is respectful of your privacy. It is a matter of blind trust.

Which does not mean that open source is synonymous of privacy either, only that one can go further than blind trust to the manufacturer.

[bpicolo]

There's more than the device code. They're not going to open source their entire web infrastructure. They DO store your data, somewhere. Either way, you need trust.

[bhnmmhmd]

Exactly!

As another example, Telegram claims to be the most secure messaging app out there. They have open-sourced their code, but what really matters is what they do with peoples' data on their servers.

> They're not going to open source their entire web infrastructure.

I think blockchain can actually solve this problem once and for all. When data is stored in decentralized nodes, much of these concerns are gone.

[bigbugbag]

That's going one step further but you're right those computer phone are made so the user will have some of its remotely stored.

Personally I do not trust them and for this reason I have no data plan and no internet on my phone.

[willstrafach]

You do not neeed blind trust. Download the firmware and reverse engineer any aspect you are concerned about, problem solved.

[madez]

While it sounds intuitively correct that both open and closed platforms can be malicious, it is justified to a priori distrust a closed system significantly more than then an open one, because opportunity makes the thief.

[willstrafach]

> Apple is not good at privacy, they are good at giving you the sense of it.

Nothing in your reply counters Apple being good at privacy. Source availability is related to privacy in your own personal opinion.

If you would like to audit each line of source code your phone will run, that is fine, most do not. Personally I like to have it both ways by regularly cracking open various components of iOS in a disassembled (ARM assembly is just as good as source code to some folks).

[jwr]

As opposed to what "open source OS" on what "open source hardware"?

[moobsen]

My comment wasn't meant to compare it to anything else. Their nice words just don't convince me on a technical level and I'm surprised that so many people here appear to fully trust them. If their phones were perfectly secure there would be no debate if they are willing unlock the phone for any agency or not. It would simply not be possible and there would exist no security company that is able to do so.

[bhnmmhmd]

> If their phones were perfectly secure there would be no debate if they are willing unlock the phone for any agency or not.

Total security is not possible, not at least by a long shot.

Although, I understand your concern about why people trust these companies. While I don't know the answer just yet, I think one reason is that most these companies are located in Western countries where "rule of law" is considered extremely crucial. Openness about balance-sheets, government policies, and privacy are - to the best of my knowledge - critical in the US.

[jrs95]

The only way for Android to be any better is to basically cripple it and make it incapable of running the vast majority of apps. So Apple might not be perfect on this, but it's basically as good as you're going to get without huge compromises imo

[ksk]

Which consumer electronics company is good at privacy?