They aren't preventing surveillance at all, they're monopolizing it.
Google is LITERALLY a fucking ad company.
Apple is tracking the exact time and location you use any piece of software on their systems (Don't worry guys, it's just for security purposes! /s)
----
I'm no longer sympathetic to the "They're securing my device from the boogeyman!" argument.
It has the same overtures as "Won't anyone think of the children!!!!" in policy debates - It's rhetoric designed to obfuscate the true intentions of the parties involved, and short-circuit real discussion with an immediate emotional response.
A few months ago it came out that MacOS was constantly making unencrypted calls over the internet to check signatures of non-Apple software; such calls were thus feeding back to Apple (and anyone sniffing the connection) the time and IP address of each application's being opened. (Technically, only the company, but each company usually only has a few apps.)
(I wrote a giant response to this explaining why I was frustrated and who I was frustrated with and how it meant we were just screwed as a society, but I have decided to just suffice it to note that I am not mocking your phrasing--that is the correct phrasing for the demoralizing thought--and that, FWIW, I don't think iOS does this in the same way, even for the "enterprise"-signed software where one would expect it would work identically, which is a bit hilarious.)
True, but it didn't make much difference, since the reports from the thread showed it had a bizarrely short cache time.
>the server didn't keep any logs
Well, that's the rub isn't, it? Part of privacy-centric design is that you shouldn't have to risk such information being exposed or trust such reassurances; if they don't need the information, they shouldn't get it at all. There are privacy-respecting ways to do what they wanted to, which are also more efficient. For example, periodically update the machine's local revoked cert list, and check signatures against that (as several users recommended).
>etc
Was there anything substantively different from my characterization?
Apple is using an industry standard protocol to check and see if an application's developer certificate has been revoked.
>To make sure the certificate hasn’t been revoked, macOS uses OCSP—short for the industry standard Online Certificate Status Protocol—to check its validity.
> I’m glad that I don’t have a direct relationship with shady 3rd party developers.
To enable background locations update, a sales rep has to open a check-in screen, wait 10 seconds to see their location on the map and then press the big check-in button. Because people were often forgetting to check-out, my customers requested auto check-out feature which requires background location updates. Once a sales rep leaves the check-in area, background location updates are stopped. Managers and employees see exactly the same time reports. And if some sales rep is suspicious then it is always possible to disable that GPS icon in the quick menu settings after work hours. It is almost like using your batch card to open doors in a workplace.
A popular alternative solution to my app is to use GSP devices which are installed in all corporate cars. And there managers see their employees background location updates 24/7.
Android already has a very fine grained permission system that allows blocking such behavior, you simply revoke an apps right to access location data.
So the argument then becomes an appeal to protect less knowledgeable users that would be tricked to enable advanced features for some eye candy. It has some merit; but there has to be some compromise there for advanced users, short of relegating then to APK install with no security updates, like in the Windows days.
Google is LITERALLY a fucking ad company.
Apple is tracking the exact time and location you use any piece of software on their systems (Don't worry guys, it's just for security purposes! /s)
----
I'm no longer sympathetic to the "They're securing my device from the boogeyman!" argument.
It has the same overtures as "Won't anyone think of the children!!!!" in policy debates - It's rhetoric designed to obfuscate the true intentions of the parties involved, and short-circuit real discussion with an immediate emotional response.