[Sigmoid]

"The main difference is that this time around there are people who are claiming that Apple is using the OCSP checks for some kind of nefarious tracking purposes."

What proof is there that we should trust Apple? They could tracking for nefarious purposes for all you know. Thats the problem.

[zepto]

That’s true of every single organization and every single individual.

You can always justify a conspiracy theory on the basis that you can’t prove a negative like this.

Let’s consider another conspiracy theory:

“A state actor wants to install spyware, and Apple’s OCSP is a barrier to their goal. They are running an influence campaign to get users to opt out of security protections.”

There is no evidence for this theory.

But “for all you know” certain people posting here have been paid to spread disinformation as part of this conspiracy.

(Just to be clear - there is no evidence for this, and I don’t think it is likely)

In the absence of evidence, it is not rational to completely dismiss either or both possibilities (that Apple has a hidden agenda or that there is a conspiracy to weaken Apple’s security).

What is irrational is to use the absence of evidence to the contrary to convince yourself that something is obviously true.

However on the broader point - I agree that we should not be reliant on trusting Apple for our privacy and security, and cannot afford to be as we move into the future.

We need a public domain infrastructure that produces similar or better security and privacy outcomes to the ones Apple is claiming to provide.

[Sigmoid]

> You can always justify a conspiracy theory on the basis that you can’t prove a negative like this.

Its not about definitively claiming they are being nefarious, its about they CAN be, and Apple isn't transparent enough for us to know if they're not. So its about risk. People can use Apple products, I don't really care, but they risk their privacy when they do, and thats not a risk people should have to take when using an OS.

[zepto]

Any software vendor CAN be nefarious.

It is just innuendo to claim it about a particular one without evidence.

People don’t risk their privacy by trusting Apple any more than they do by trusting anyone else. Almost certainly less so than by trusting a company that makes money out of personal information.

Singling Apple out without evidence is misleading innuendo.

If we want people to have the option not to trust private corporations, we need to create infrastructure that currently doesn’t exist.

[Sigmoid]

> Any software vendor CAN be nefarious.

I'm glad you finally realized this! And thats why people should use FOSS.

[zepto]

I think people should use FOSS, but lying about Apple doesn’t help with that, nor does it solve the problems that FOSS has when it comes to creating a trustworthy ecosystem for end user software delivery.