[dheera]

I know HN will downvote the hell out of people who doubt Apple, but Apple is most certainly not defending any privacy with their closed-source OS.

For one, it takes quite a bit more on an iOS device to jailbreak it and use an MITM proxy to inspect what apps are doing under the hood than it does for an Android device to do the same. I feel much more peace of mind that I know exactly what apps are sending to their servers and back and that I can inspect it at any time, and Android forks such as LineageOS provide for actually sending fake sensor data back to apps instead of just denying them permissions, which in many cases just cause apps to refuse to function.

[newscracker]

I’m a bit lost here. If all you want is to do MITM, what stops you from installing a certificate and a “VPN profile” on the iOS device and proxying the communication for analysis with appropriate apps? You don’t need to jailbreak to do any of this, as Charles Proxy for iOS (paid app) [1] shows.

Of course, if you need to do more than intercepting network traffic, then it gets a bit more cumbersome on iOS.

[1]: https://www.charlesproxy.com/documentation/ios/

[dheera]

Most apps now use certificate pinning, i.e. they have the root certificate included in the app and signed as part of the app, so that method won't work.

On Android it's much easier to intercept and modify the behavior of apps and tell the system to disregard signatures and things of the sort.

[oefrha]

Maybe you live in an alternate reality, but in this reality most apps aren’t remotely sensitive enough to use cert pinning.

Also, since Android 7, even non-cert-pinned apps simply ignore user/admin-installed certificates; you can’t do anything without (1) rooting and injecting cert into root trust store; or (2) binary patching. Neither is easy, whereas installing a certificate as a profile on iOS is a trivial process.

[dheera]

They use cert pinning anyway.

I spent a while reverse-engineering Clubhouse's API and what data they were sending, and even they use cert pinning. Most of the big apps all do.

[theshrike79]

> On Android it's much easier to intercept and modify the behavior of apps and tell the system to disregard signatures and things of the sort.

This really doesn't increase my confidence in Android as an OS. I'd rather prefer it to be really hard to intercept and modify the behavior of apps and to make the system disregard signatures.

[dheera]

When I say it's easier, that doesn't mean any app can do it in user space, it's only easier because the OS itself is open source, you can modify it to your liking, and there is a decent community around alternate (also open source) images such as LineageOS which can give you very good control over what user space apps can and cannot do.

If you use an open source version of Android you can prevent even Google from tracking you. With iOS no matter how hard you try you can't really stop Apple from getting your info.

[slver]

OK, how about that: everyone who wants to manually inspect the bytes coming out of their phone 24/7 can use Android, while everyone else can use iOS.

(also, iOS supports proxies)

[dheera]

MITM proxies don't work when apps use certificate pinning. Many popular apps do this.

> everyone who wants to manually inspect the bytes coming out of their phone

== everyone who actually gives a damn about their privacy

Do you even know what your phone apps are sending about you? I know what my apps are sending about me. Some of it is pretty scary, honestly.

[slver]

So you like an OS that sends fake sensor data to apps, but you trust it to send real network data to you? What if it doesn't? What if the hardware sends fake network data to the OS? You clearly don't give a damn about your privacy, because everything you do can be subverted through any of those components.

People who give a damn about their privacy write their own OS, apps and install it on their custom built hardware that was built into their own semiconductor factories, using personally sourced materials and designs.

Yes, I can also play this game.

[dheera]

> on their custom built hardware

Sure, make your own phone, I'll very much support and admire you if you do.

Until then, since I don't have that hardware engineering prowess, I'm at least a few steps ahead of any iOS user and at least have control over my OS and what my apps do.

iOS users on the other hand just surrender their privacy management to almighty Apple and trust that Apple does no evil, and trust that the signed apps they run on their devices do no evil.

Yeah, if Qualcomm does evil in their Snapdragons I'm screwed, but at least I've reduced my privacy risks by a few notches, better than nothing.

[slver]

iOS is also better than nothing.

It's the best solution to people who have better stuff to do, but want relative security compared to Android.

[null_object]

> just denying them permissions, which in many cases just cause apps to refuse to function.

Factual question: which apps in your experience "refuse to function" when you deny them permission to track you?

[newscracker]

That’s a hold out from the Android world, where apps are generally written to expect the user to provide requested permissions. Before Android 6, apps would get all permissions requested for on installation (or the user wouldn’t be able to install the app). From Android 6, when the permission model changed to be similar to iOS to get it at runtime, apps didn’t get written for this new world and would crash or refuse to work. Even today, there are apps that will refuse to function if some (non-critical) permission is not granted.

[techrat]

I deny functions to apps in Android all the time. I've yet to run into an app that will refuse to run unless that denied function is explicitly needed for that app to do what it was designed to do: eg, location for maps.

[dheera]

There are plenty. Try getting a Roborock vacuum cleaner and getting it to vacuum your floor without giving away GPS permissions on your phone, it's impossible unless you take the damn thing apart and solder some wires to the RX/TX and root it with its dev serial port.

Wechat also for a while didn't even allow logging in without location permissions. They may have changed that but there are lots and lots of offending apps.

[SilverRed]

This is a complex one. I'm almost certain the reason is they want to scan for bluetooth devices to pick up the vacuum cleaner in the app.

The problem is that scanning for bluetooth devices basically is GPS because marketers started putting beacons all over the place and using their tracking toolkits in apps to pick up these beacons.

So android changed the permissions so you had to ask for location access to scan for bluetooth.

So as an app dev, you get the option to ask for location access and make setup easy, or you can direct the user to go to the bluetooth settings and pair with the vacuum and come back to the app to continue.

[techrat]

That sounds more like a hardware cost cutting measure than an issue to do with Android itself.

[dheera]

At one point WeChat wouldn't permit logging in without location permissions. RoboRock vacuum cleaners also must be set up using an app that requires GPS permissions, and they send your GPS and Wi-Fi passwords and things to their server. It's sad, but they make one of best actual vacuums.

I'm not sure if that's the case still but I've run into several other apps that do similar things. It's pretty widespread.

In any case, it's awesome to have an OS that can make apps think they got permissions and just shove fake data at them.

[haram_masala]

True, it’s very difficult to see what iOS apps and iOS itself are doing. And we can assume that third-party apps are collecting whatever info they can - even after 14.5, when they presumably disclose what they’re collecting.

But, can’t we infer from Apple’s earning statements how much they’re monetizing user data? Currently that seems like not much. Then again, they probably wouldn’t have recruited Antonio Garcia if they weren’t interested in milking that particular cow.

[fshbbdssbbgdd]

The Journal says Apple’s ads business is estimated at $2 billion currently (but this isn’t reported in their financial statements): https://www.wsj.com/articles/apples-privacy-changes-are-pois...

Apple’s services category made $16 billion in revenue last quarter and includes ads in addition to other businesses like music and TV. Apple’s growth story to investors hinges on the services category.

[LegitShady]

>But, can’t we infer from Apple’s earning statements how much they’re monetizing user data? Currently that seems like not much.

That only tells you how they're doing competing against the other ad networks, not how much they're trying to monetize the data. Instead since they couldn't compete, they drew a moat around their devices where other companies can't get the data apple can, now.