[mirimir]

You can read their policies as well as I can. Or better, perhaps.

But my point is that Apple does have lots of rules about what apps can do, and can't do. And that it's been rather aggressive in applying those rules. If you search HN re some mix of ["Apple", "iOS", "app", "store", etc] you'll find complaints from developers about Apple removing their apps from its store.

So, in that context, why were they silent for years about privacy risks of third-party apps? That wouldn't be a remarkable omission by Google, given that its business model is largely about monetizing users' information. But for Apple, which has been promoting itself as privacy-friendly, it strikes me as a glaring omission.

I'm getting criticism for not acknowledging Apple for its stance on privacy, and for how much better it is than Google. And for blaming it for not being perfect. And yes, it is privacy-friendly, and does a far better job at privacy than Google does.

What I'm criticizing is the failure to clearly acknowledge limitations. And I'm coming at this from the perspective of users who are concerned about threats to their privacy. Users who aren't very technical, and who may misunderstand just what Apple protects them from.

Also, this isn't just me hating on Apple. I've said pretty much the same things about the Tor Project. Back in the day, when many users actually saw Tor start at the command line, they saw "[notice] Tor v0...(...). This is experimental software. Do not rely on it for strong anonymity." But the new https://www.torproject.org/ starts with "Browse Privately. Explore Freely. Defend yourself against tracking and surveillance. Circumvent censorship." Finding anything at all about limitations is not so easy. About risks from global adversaries. About Tor-bypass risks in Tor browser. About risks from malware that phones home through clearnet, bypassing Tor. Conversely, when you start Tor browser in Whonix, you see "Whonix is experimental software. Do not rely on it for strong anonymity."

[la_barba]

>You can read their policies as well as I can. Or better, perhaps. >So, in that context, why were they silent for years about privacy risks of third-party apps?

My point was, you seem to have an interpretation of "Apple approved this app so therefore this means that X,Y, Z is true". I'm asking if that is actually what Apple is claiming.. officially, and also what X, Y, Z mean to you.

If you're claiming that "Approved third party app" == "no data ever leaves your phone" then this has never been the claim of Apple AFAIK.

>What I'm criticizing is the failure to clearly acknowledge limitations.

I see. But why would a company acknowledge their limitations in a commercial competitive marketplace? People who appreciate companies being honest about their limitations in such a public manner, and still end up buying their product are not in the majority, I think.

People try to avoid mentioning anything negative about their past in a job interview - which is kinda the position companies are in, when they go look for customers.

[mirimir]

> My point was, you seem to have an interpretation of "Apple approved this app so therefore this means that X,Y, Z is true".

There's arguably an analogy to potential limitation in DCMA safe harbor protection for sites moderate user posts. So if Apple didn't vet apps in its store, and only removed apps after complaints about malicious behavior, it would have no burden for disclosure.

But Apple clearly does vet apps. Aggressively so, given what I've read. So allowing apps that violate users' privacy does create a burden for disclosure. Unless you argue that Apple didn't know that they were doing that, which seems unlikely.

> I see. But why would a company acknowledge their limitations in a commercial competitive marketplace? People who appreciate companies being honest about their limitations in such a public manner, and still end up buying their product are not in the majority, I think.

Yes, for better or worse, that's how things are.

But if you play the "you can trust us" card, and are not in fact being totally honest, it's arguably worse than not promising anything.

Google did pretty much the same, with its "do no evil" mantra. But nobody believes that anymore. I was hoping that Apple was really trustable, but now I'm dubious.

[scarface74]

When an app asks for access to your location, you are given three choices - never, when using, or always. How technical do you have to be to know that when you allow an app access to your location - it has access to your location?

[mirimir]

All apps always that honest about it?

[scarface74]

Apps don’t have to be “honest”. iOS enforces it.

But to be clear by saying “the app asks you”, it would be more accurate that the app asks the operating system for the location, the operating system asks you and the OS enforces it.