I agree with you on the point you're getting at. Really anything that can be potentially logged due to a bug or accessed by a human may as well be considered the same as perpetual, in my opinion.
The difference is I trust Apple enough to turn off Siri on my phone and feel safe nothing is being broadcast online or stored locally for another app to access.
Is this guaranteed? Hell no. I also don't read the source code of every open source program I use (and even if I do I'm aware people exist much smarter than me who can obfuscate their malicious code).
Apple's business strategy, their history of actions, and their security system make me feel confident enough in _assuming_ my voice never reaches their servers and cannot be turned in by an app without explicit permissions. That last bit is also important. Like the Android Facebook background audio "bug", even if it is really a bug, to me it's no different.
Lastly even if Amazon were trustworthy about not listening when they say and not accessing voice data they shouldn't, I don't trust the platform very much. Quick idea, can you create a multi-turn alexa skill that after the first turn pretends Alexa is finished but it is actually actively recording and waiting to fake a response to "Alexa! <do other skill>"? Personally I don't know, don't have the source to check, and I wouldn't really believe any amazon engineer coming in here and saying "It's impossible to exploit". (Even if my 5 minute idea is impossible multiply that times thousands of malicious people spending much longer trying to exploit it)
edit: Don't mean to imply an Apple is impossible to hack or exploit. Just that they take a more active stance and have the history to back it up.
> But once I saw how smartphones were being designed as surveillance devices, I refused to play.
Get a FOSS Android phone. I have a OnePlus 7 Pro, previously a Galaxy S5 (the newer Galaxys also work as long as you don't get the US model); it runs LineageOS (stock Android). I chose not to install the Google Play packages. I get apps from F-Droid, which is a repository + package manager that builds and distributes FOSS applications.
It pings time.android.com for NTP, and I think it also uses a Google server to check when you're behind a captive portal WiFi. The default dialer/SMS/Contacts app have some options in the settings that will connect to proprietary APIs; I don't think they talk to Google but if you do then you can replace them with applications from F-Droid. But other than that it's 100% clean.
In the system settings I can completely block applications from using the network. LineageOS also adds Privacy Guard, which lets you deny permissions to applications. I need WhatsApp to communicate with some people, but I have denied it contact permissions so it gets fed an empty address book. I also have it set to require confirmation from me to use the camera or microphone.
I also installed AdAway from F-Droid, which is a DNS-based firewall like Pi-Hole. From F-Droid I also got Firefox with uBlock Origin, K-9 mail client, NewPipe as a YouTube frontent, OsmAnd+ for maps/navigation, DavDroid to sync contacts & calendar with Nextcloud, the Nextcloud Notes app for synced notes, and a OpenVPN client to prevent AT&T from spying on me and injecting tracking identifiers into my internet usage.
The only real threats in the system are the proprietary driver blobs and the risk of Google putting evil code into AOSP instead of limiting it to their proprietary services - but I hope the LineageOS team would be able to catch that.
Not one developed by Amazon. It's not fair at all to say a microphone in an iPhone is equivalent to a microphone in an Amazon device.