iPhone is NOT private

Critiques of Video

1. The title is flat out wrong. Graphene is more private than iphone sure. Yes Apple gave into the government and betrayed the cause of those using it, not arguing that. The reality though is despite the focus on Graphene and pixel devices, Android is not graphene, the pixel phones run on android, but they are not android. A white tiger is a tiger, but not all tigers are white tigers. The sheer fragmentation and dropped device support alone mean a huge number of exploits exist for android any of which jeopardizes the privacy of the users.

2. He states google is the better choice, no. A specific phone within the google ecosystems may be a better option, but that doesn’t mean google is the better company. Trust no corpo.

3. He states “for any regular user, android is better.” Then proceeds to talk about how android is open source, yeah that doesn’t fly here. When you buy a phone, yes android is open source, yes there are a few roms you can run that are degoogled, but there have been no lack of phones which couldn’t be upgraded because proprietary aspects of the code weren’t open sourced. At least with Apple I accept at face value I have a black box, this guy would lead me to believe I have an open box with android which would likely put me in more danger if I were to believe him as a casual user.

4. While discussing the ability to install apps and keep functioning is nice, if we are discussing China how do you establish trust with any app developer? How do you ensure the government isn’t silencing the devs and redirecting to corrupted apps? There are examples of the U.S.A. agencies taking over and then running CSAM websites and there is no reason to believe the Chinese government wouldn’t be capable of doing the same.

5. Yeah my Apple ID is tied to me and I’m a relatively ‘vulnerable’ individual. That said, the fact that I am married in a same sex marriage is public record. The fact that I’ve legally changed my name is public knowledge. No one is going to use a super computing network when a wrench to my fingers will make me tell them whatever they wanna know, and in most cases anyone savvy probably wouldn’t even need to talk to me. I avoid putting a lot of stuff on social media, but I avoid it’s also something that is required to keep an ear to the ground on a lot of queer issues locally.

6. “You can find alternatives to any google apps.” no, you really can’t. I’ve used a degoogled phone for better than 6 months to a year so it’s do-able, but it’s not something the average joe is going to want to put up with. I can’t speak for graphene, but even using aurora which was great, the google services still comes up in the app list and you can still install it. That’s a huge problem for something you can easily do accidentally.

7. “On android users can take that control back” No, they can’t. On pixel phones and other degoogleable phones, sure. Android is not strictly pixel phones. It’s a gigantic mixed bag of devices with vulnerabilities, adware, with far far more going into it. You now have the Manufacturer, Google, the Rom developers if you are using them, so if Apple doesn’t have a very high bar for privacy, googles is under the ground.

8. Oh he finally mentions Apple getting security updates yay. Sure I’ll agree again that iphone and the mandatory association with your real identity means it’s not private, I don’t think it’s wise to handwave concerns about devices being hacked.

9. Discussing dragnets and the ability to sweep devices, Saying you can remove google accounts is irrelevant. If your phone has an internet connection to a cellular tower which can be triangulated to a degree of accuracy that you would be identified period.

10. Mentioning removing default google apps, Yeah no, even if you remove the google account, fully removing google often requires installing a custom rom and if I had to bet, I would place money on more phones having locked boot loaders than not.

11. Graphene finally mentioned! Okay yeah we are nearly 9 mins in and everything mentioned for android ignores the reality of android in the real world. Android Authority The fragmentation means there are many many different factors all of which often mean the things stated in this video are at best half true.

12. “you can install graphene or something else” Aight, as a security nerd this part drives me absolutely insane. Xda is probably ‘reliable enough’ but operating on the assumption that every rom has been vetted or thoroughly examined is putting reliance into a system which may not even be there. How would a casual user even distinguish between a reliable or non-reliable degoogled rom outside the pixel brand? This is absolutely wild and careless.

13. Okay sure, apple does get in the way and collect data an the ‘ask not to track’ is probably misleading I’ll concede that. I will say for me personally not sharing my data with data brokers is significant, but that’s because I am a petty person.

14. This entire video is misleading and could very easily lead any casual user to have a deeply flawed understanding of multiple important topics.

15. As THO himself said, privacy is fluid. Https still reveals what website you’re on, but it keeps your isp from at least seeing the specifics. This is still widely considered an improvement. I am of the opinion THO is talking about privacy like the nerds at one of my previous jobs use to talk about fictional super heroes from entirely different universes fighting eachother. Sure Goku Vs. Superman or Spiderman Vs. Batman is a fun topic, but the truth is they are made up characters and you can make up whatever rules you want to skew it whatever way you want. Phrasing so much of the video as, “you can” is objectively wrong. “It is possible on many android phones to x, y, and z” is true, but what’s possible on some phones isn’t a fast and hard reality for millions if not billions of cell users. Apple is significantly better for most use cases with respect to privacy than android unless you are looking at extremes.

Is Apple private? Well no. It oversells its privacy stance hard imo. That said, if I am going to be locked into one operating system on one phone, Apple is pretty great. For me it’s the better daily driver that offers more privacy than I’ve gotten on android for the better part of 10+ years. If I however needed to communicate or do things in a covert manner, then I (Or anyone) would be foolish for using my edc phone for covert purposes. I am all for injecting privacy when and where I can, being aware of it, and knowing the security risk trade offs, but there are times a burner phone bought in cash is your best option and lets face it, iphones a bit expensive for a burner.

In addition to this (and I agree with what you’ve said, you articulated it well), even if you could care less about “mainstream users” privacy, you should at the very least care about it insofar as it affects your own. privacy

And in the case of smartphones, which are first and foremost communication devices, the extent to which you are able to protect your privacy doesn’t just depend on the device you choose and the apps you use, it very much depends on what your contacts use and do as well. This is one of the deciding factors for many who have weighted the pros/cons and use iOS. iMessage being e2ee by default, makes a meaningful, practical, realworld improvement to my privacy, because it is enabled by default, mainstream users don’t have to know a thing about privacy or security to benefit from it (and by extension I benefit from that). I can’t get every contact to switch to Signal (my preferred messenger), but in switching to iOS, a large swathe of my conversations are now e2ee by default.

Why do you believe this is the case? Other people have also stated this, so maybe I’m missing something, but I recently made an AppleID, as far as I recall, It was no trouble to use a name other than my real name, I didn’t provide my address, and used aliases for email and credit card, you can easily use a phone number not affiliated with yourself either (but I don’t think that would accomplish much since for both iOS and Android both your carrier and the OS must necessarily know the true phone number associated with your device even if you used another number for your appleid or google account).

Or I could just get them to switch to WhatsApp and get actual cross-platform e2ee. Don’t get me wrong, I despise WhatsApp. But a lot of people already uses WhatsApp so the friction of getting people to pick it is already lower, especially when you don’t need to buy a new phone like iOS

It depends where you live and who your circles are. In most of the world Whatsapp is probably the most common messenger full stop. But in the US, and particularly within my extended social circles. iMessage is much more ubiquitous than Whatsapp. I use both and of course Signal to cover as much of my contacts as possible.

Out of these 3 messengers, the biggest positive impact for me has been iMessage since the majority of my close contacts use it over the others. It is a zero effort setup, and ~50% of my conversations are now e2ee. Sure its not crossplatform and its not open source, and its not as secure/privacy preserving as Signal, I really wish it were all those things and I hope something that is all those things will eventually become mainstream and become the standard, but as it stands right now, on a purely practical level, I’ve gained more privacy by switching to iMessage than I did from installing Signal (even though I strongly prefer Signal), and in my context, I give up less privacy with iMessage than I do with Whatsapp. But I can understand how in another context, you might find Whatsapp to be the lesser evil for your own particular use case.

Why do you believe this is the case?

I suppose I should elaborate here. When talking about a daily driver, there is no ‘private’ phone. (Forgive me if this next part is a little lecture-y) The 3A model of cybersecurity is authentication, authorization, and accounting. Apples walled garden I suspect definitely helps with accounting, but even with Graphene in a best case scenario I would argue the internet is an amalgamation of different accounts and at any given time you are picking and choosing who can see what. You’re constantly authenticating yourself, being authorized, and accounted for because this is pretty much the nature of the internet.

If you want a daily driver phone to actually use as a daily driver for the generic needs most of us have a daily driver for, navigation, keeping in touch with family, being contacted by work, etc. It’s going to be on you 24/7, you’re going to message family and friends, and your privacy is shot pretty thoroughly. The accounting will link your alias to you if anyone has the means to scrutinize this information.

So, in this sense labeling any phone ‘private’ that isn’t a burner or phone used only in very specific situations would be to me misleading. To label something, ‘private’ requires an elevated threat model and specific protocols which includes compartmentalizing an alias, alias device, and alias accounts used as minimally as possible. Until how we use the internet is modified to encourage it, this will limit any practical capacity to be private.

For what it is worth

Out of these 3 messengers, the biggest positive impact for me has been iMessage since the majority of my close contacts use it over the others. It is a zero effort setup, and ~50% of my conversations are now e2ee.

Is IMO a reason to use Apple over Android for most of us. Apple has lead the way for quite some time. It’s not perfect and I could gripe about Apple for hours and hours, but at the end of the day I would rather use apple than accept a defeatist mindset. Fight what you can, where you can, how you can.

Totally agree. If someone close to you (your relative, your loved one, your friend) uses privacy-invasive services/software, then you could very well be affected, and your privacy, in turn, could be compromised. It’s like pouring ink (people with bad privacy practices) into a clean lake (people with good privacy practices) — the ink spreads everywhere, and it is then impossible to take the ink back to clean the lake to make it private again. Same goes to a person who has bad privacy practices — they can “poison” the privacy of surrounding people.
I once read some interesting incident on that. Here it is (original link):

Yesterday I asked my wife what she wanted for her birthday. She told me she’d like a cordless Dremel. Later, I was served an advertisement for—you guessed it—a cordless Dremel.

Now, we’d never talked about hand-drills before; I have no interest in power tools, I’d never done a search for them or looked at them on Amazon, so the phone must have been listening to what we were saying. It has a microphone right there, so why wouldn’t it be sending our voices to Google headquarters or wherever so they can send me an ad? What other explanation is there? It turns out there is another explanation, and it’s stranger and more insidious than high-tech eavesdropping.

Advertisers know my wife’s ad profile spends a lot of time in the same location as my ad profile. They know she’s been searching for cordless drills online, and that her birthday is a month away. So throwing me an ad for a drill makes sense, even if it feels like an invasion of privacy.

I’ve only included only the main info of the link. You can read the rest there. The level of sophistication of ad tracking and that whole ad business system is mind-blowing. I’ve read on it, and this abyss goes really deep. If we search that topic up, we can find a lot of other information on how compromised privacy of others — compromises your privacy as well. You are totally right that it’s one of the reasons we should educate people. It’s not only them who gets the benefit, but us, too. We improve our privacy by improving others’ privacy.

It’s sad to me that people refuse to move to Signal.
I never could relate to people who said that moving their partners/relatives/whoever to Signal was extremely difficult, or they refused to move altogether. I don’t know on what basis they refuse, or what reason they have that they refuse. I moved all my relatives, gf, and friends to Signal, and no one never complained about it. They all were like: “yeah sure, fine”. My grandma (literally, not a joke) who is 80 years old soon, is very friendly with technology and is mentally “fresh” and snappy. And she was like “yeah sure, fine”. No problems at all. At most, some only asked “why there?”, to which I simply answered “it’s a more private and secure messenger”. I don’t believe younger people will have a solid/valid reason to refuse moving to Signal. Other than convenience, maybe? Some people like Telegram because it syncs all their messages (including past ones, unlike Signal) between devices without a hassle, also because it’s extremely rich in various groups, channels, and content in general. Even I am forced to use Telegram, as a lot of people who I need to contact for one time only; organizations/businesses in my area; or other important channels — are only on Telegram. Also, people already have all their stuff on Telegram — they chat with other people there, check their channels/groups, use “Saved Messages” as a notes application and save all the important stuff there, etc. It’s convenient for them because everything is in one place. Moving to another messenger for the sake of one person — really isn’t appealing to them. But this is not a justification or solid reason to undermine one’s privacy and security. Telegram is the most convenient and UX-friendly messenger out there, but it’s not really secure or very private. Its desktop app is top-notch, which is written in a native C++. Signal’s desktop app is written in the infamous, hated and slow Electron. I dislike using Signal’s desktop app, but loved using Telegram’s desktop app (in the past). Signal desktop lacks some vital, quality-of-life features that Telegram has: for example on Telegram desktop, you can double-click a message to reply to it. It’s fast and convenient. But you can’t do that on Signal — you are instead forced to move your cursor and click that small reply icon near the message. It eats up my time, and I have been using Signal desktop for a long time, and daily. I of course understand that Signal doesn’t have the same resources that Telegram has. But, ugh, usability really matters in everyday use. I hope one day they will develop a native app for desktop.

That said, after being pampered by cushy software, it is very difficult for regular people to move to a worse (in regards to UX/usability/convenience) alternative, even if it is more private/secure. They may not understand why they need privacy/security, they do not understand the technicalities. But they must use a secure messenger. Just look up the case of Nebraska teen and her mother, and how Facebook turned over their messages. The teen was sentenced for 3 months. This wouldn’t happen if they used Signal. Don’t even get me started on the braindead abortion laws. This case is only one of hundreds of other cases that prove that using secure and private means of communication is one of the most crucial aspects of everyday life. That’s why we should educate people and point to facts, real life evidences (as that of Nebraska teen) that prove that they do need a secure messenger, and that using, for example, Facebook Messenger or WhatsApp — could have a direct effect on their life.

I will now say something more about my previous post.

We should never brush off focusing on normal users. Instead, we should turn their attention on how to be more private and secure, and teach them, non-invasively and gently. Focus on their security in the first place, as we should start with security because it is an urgently important and pressing issue (for example: many people re-use passwords, don’t use password managers, open suspicious files/links, etc), and work on their privacy at the same time. Educate normal users. Spread awareness regarding privacy/security. Tell them why privacy/security is important and what consequences a lack of privacy/security can have. My gf once got a random email with some .pdf file and opened it. The file had a bunch of totally random words, characters and other Unicode junk. It could very well be infected. I told her to never open anything from strangers on the internet, whether it’s a file or email. Report as spam and delete it. Yes, she isn’t as privacy/security-educated as me. But so what? This doesn’t mean I should just ignore everything she does with an excuse “eh, normie, whatever… let her get infected, or let her use anti-privacy software/services”. It should be the other way around: educate, spread awareness, teach. It is our duty (and educating people isn’t a hard thing to do at all — it’s just talking and explaining), as we are the ones here who are privacy/security-educated and can make this world better in regards to privacy/security. It’s like being a volunteer and host a TOR exit node. Someone has to do that. And it’s us who should educate regular people.

We don’t want to turn into that abhorrent, elitist, gatekeeping Linux community, those proverbial 300 lbs “i uSe aRcH bTw” T-shirt basement dwellers with superiority complex, who act immature and cringy by name-calling Microsoft — Micro$oft, and Windows — Winblows. They can very often be seen on the internet (circlejerking Linux forums or websites, specifically). It became a little better over time, as people are getting more sane with every generation. One would think “but it’s 2023, people should be nice and smart already, innit?” Sadly no — this cancer is still alive. It’s wishful thinking that elitism and cultism among Linux users will go away. Years have passed, little has changed regarding that. We don’t want to be that. Privacy/security communities should welcome newcomers, who just begun their journey, amiably and with open arms. And make their transition to privacy/security services and software as smooth as possible. UX is very important, and we should try to minimize sacrificing their UX where possible, and as much as possible.

As for iOS privacy, this comment made me realize how privacy-invasive Apple is (source):

Want to know something crazy? I didn’t agree to apple health or have it installed or let it track me but after owning the phone for six months… I was like eh let’s see what it can do. I agreed to terms to play around and it loaded six months of data from the second I first turned on the phone…

As for iOS privacy, this comment made me realize how privacy-invasive Apple is

Want to know something crazy? Health and wallet data (i.e., the stuff that would be legally dicey to try and harvest) is actually e2ee and apple does not, in fact, slurp it all up like a Samsung, Huawei, or Google would (seriously, take a read of the Huawei Health privacy policy, it’s scary.)

The health data being backdated is probably from the sleep focus mode, that someone in the comments there mentions. And if there’s no Apple Watch in the mix, there’s fuck-all health data that’s actually of use. A very inaccurate step counter? A sleep focus that doesn’t actually say anything about when someone actually slept? Criticise Apple, there’s plenty there. But this is absolutely not evidence of anything.

It’s evidence of them absolutely disrespecting user configuration

Hey, thanks for information. However, as I inferred from that Reddit comment, the thing is that on iOS, the Health app collects user’s data automatically/by default. The app must collect user’s info only when that user gave that application an explicit permission to do so. The app loading all the info from the second they turned on the phone after buying it (even if all the data is E2EE)—is not acceptable.

Interested to hear more. Do you mean that it is inconvenient for you to use a phone with a big screen? Probably related to your Android Auto/driving use-case?

Theres more in the wild then GrapheneOS

Unless there is more than the quoted reddit comment, there really isn’t any details or evidence provided. A random redditors alludes to ‘6 months of data’ but gives no indication of what sort of data they are talking about. Without those details, I don’t feel it is possible to make an informed judgement about whether it is or is not a problem.

I wish the redditor would’ve provided some detail or context. Because it is a potentially important topic. But r/privacy is a huge source of misinformation and clickbait conspiratorial stuff, so my personal rule of thumb for that sub, is to ignore anything that isn’t well sourced, or doesn’t provide some details or data.

I’m not arguing that redditor is right or wrong, only that without details/data, there is not enough info to form an informed opinion.

I fully agree, especially with that:

I’ve seen a lot of it there, as well as in many-many other sources, even including this forum (but only from some users, and misinformation here is very often curbed and kept in check). No place is safe from bulls**t.
I’m, too, usually very careful when listening to some randos on the internet complaining. Would love to see the details too. But that comment doesn’t sound/feel dishonest to me.

My gf has an iPhone, so I asked her about Health app. She says that the app is opt-out. That is, since she bought the phone, the app is enabled and collects the data automatically. Yeah, the kind of data it collects may be not as important, as @pinkandwhite already pointed out, but the kind of data doesn’t really matter, even if it just some pathetic step-counter, which works locally. What matters is that the app is enabled/is opt-out by default, and doesn’t request an explicit permission of the user to collect data.

Do you have a source? Wonder if she accidentally enabled at some point in time as I believe permission to update Health data it is Opt-in.

I asked her about whether there was a prompt something like “Agree to Health’s application ToS” or similar, and she doesn’t remember if there was a prompt. Maybe she did agreed to some prompt, and by saying that the app is enabled automatically, she meant that it collects data automatically after she had agreed to the prompt. Sorry for the confusion! x) It’s better for someone more knowledgeable on that to chime in.

There’s definitely something to what you stated. - I did some testing during a walk this morning. In Privacy & Security there was no health data available for deletion and that remained unchanged before and after my walk. I waited a couple of hours and opened the Health app for the first time. After going through the initial prompts the app reported a fair number of steps at the time I went for a walk with the device. The data produced around my walk time was not available for deletion under “Data Access & Devices” until after I performed the initial setup of the Health app.

I was surprised by this. I could not find any apple documentation explicitly stating it is “opt-in” but I was left with that impression, and there are news articles out there around Health data which state it’s an opt-in feature.

What your Girlfriend is saying (Health app being Opt Out)seems to contradict what the guy in the Reddit comment seems to be saying (that he was asked to opt-in when he first opened the app 6 months after beginning to use the phone)

One thing that I think is being left out of this discussion that I think is leading to some of the disagreement and confusion is that as best I can tell the Health App aggregates data from other sources, it is not the primary source of all that data itself. This could potentially explain what the redditor saw (assuming it is true and accurate), but we can’t know for sure since the redditor didn’t specify what data or give any details.

But looking at my own App, I could see that it was using 3-4 other apps as sources (Fitness, Settings (sleep schedule), a 3rd party fitness app I use, etc). So in the redditors story, it would stand to reason that one explanation is that if they’d opted in to fitness tracking, use the sleep schedule or health/fitness features, which were already keeping track of that data for legitimate purposes, and which the redditor did already opt-in to, when they later opted-in to the health app, it pulls the backdated data as well, because it is just aggregating the data. (I’m struggling to articulate this clearly, does that make sense?)

Yes but ultimately his statement isn’t without merit. On a device fresh out of the box at factory defaults, there does appear to be health data collected in some manor without ever launching the Health app and not enabling 3rd party sources. You can replicate these results yourself by

• factory resetting the idevice
• launching into the home page for the first time
• going for a walk or some form of physical activity with the device
• wait some time and enable health data.
  ** My results were the device did show historical health data without previously opting in.

I appreciate you sharing your test results, I see what you are saying. I suppose where we are not seeing eye to eye is considering a step counter on its own (outside of the health app) to be sensitive ‘health data’.

That said, I’m not sure I’ve really made up my mind on where I fall on this yet, and don’t feel I have all the details needed to have an informed opinion, so I probably shouldn’t be weighing in on this until I give it some thought and investigation. Sometimes I can trick myself into thinking I’ve made up my mind about something when I really haven’t or shouldn’t, its a bad habit.