Is it worth taking all the effort and struggle with the privacy friendly apps if I am using Apple devices?

Why would you assume I hate challenges? And why would you assume I think proprietary is the devil?

In fact, I support the use of many proprietary related software if I deem it’s appropriate in my eyes. For example, I would use Chrome over Firefox (if there’s no Brave), or I would use official Snap apps over unofficial Flatpak apps. But that’s not related to the matter of this topic.

I am simply stating the fact regarding the situation of WhatsApp’s E2EE, which you seem to fail to counter reasonably.

No, it isn’t. Becuase…

You are not Meta. Therefore, you can’t assume for them.

However, everyone here can think of the possibility of something happening, not saying it will happen for 100%. It’s just nobody knows. But it seems you always assume otherwise. Believing everything they told you? Without any curiosity?

Did they know all the facts inside out of Meta/WhatsApp operations and government orders?

From my point of view regarding Signal’s article, they just wanted to protect their protocol, which WhatsApp is using. And there’s nothing wrong about it. They just needed to do their things. But the fact as stated in the article is only one part of the whole story. For one, I don’t see they talked about the metadata. Interestingly, the article ended with:

We believe that WhatsApp remains a great choice for users concerned with the privacy of their message content.

Yes, the great choice for privacy concerned users. Maybe, they should tell that to Natalie Edwards, who somehow got caught because WhatsApp’s E2EE didn’t work as intended, in which all the evidences used in the case, which were leaked by the system, are still unknown to the public.

I’m just a single data point and anecdotal at that but searching for myself indicates they are honoring my opt-out requests. For how long? Who knows. Friends and relatives have searched for me using various engines and they get no results. Currently, Google Search Services have been rummaging around for two weeks and only finding very obscure posts from a job related site from 2005.

Yes, but since you can compile the source code and check whether that matches the binary (which is 100% impossible with proprietary software), it is much much easier to detect malicious code. Yes, free software isn‘t perfect, but it‘s much much better than proprietary software.

Correct me if I am wrong but the only thing Apple doesn’t EE encrypt via Advanced Data Protection is contact, calendar, and email.

We can be reasonably certain that Apple isn’t bs with their recent hubbub regarding disabling ADP for the United Kingdom, then the UK gov backing off of that move.

Covering the holes Apple can’t end to end encrypt can be done with proton? For your phones contacts, limit info to just phone numbers. Expanded contact info in proton contacts. Use proton calendar and email.

I don‘t really think Apple takes the privacy of the users serious. My personal opinion is that they just make it look from the outside as best as they can that they care about the privacy and security of the users.

One example from that link:

Apple left a security hole in iTunes unfixed for 3 years after being informed about the problem. During that time, governments used that security hole to invade people’s computers.

The Stallman website linked has info written awhile ago. Do we know if all of what’s in it about Apple is still true today?

? All sources are linked you can check

I did. And that’s why I replied to you.

Many links are linking to pages that are many years old now. Hence my skepticism of all the claims made. Sure, it does appear to be be true at one point. But I am also trying to figure out if its gotten better or worse and because all info is many years old now, it’s hard to say without diving deep into each claim and piece of info and updating it.

I’m going to need a more persistent pattern than a security fuckup from more than a decade ago.

Since we don’t know anything, it’s possible that intelligence services pressured to leave the vulnerability open. It’s pre-Snowden when Gov could walk up to companies, say that there’s a terrorist only said company can help stop, and national security letter a few employees. Since then every company knows that it’s every company getting a NSL and now cooperation is a lot more strategic/political.

Or that it was sent to iTunes team to patch, they threw a hissy fit about their deadlines, security was told to fix other pressing bugs, finally the story got noticed by an executive who walked downstairs. And that gap in handling of security bug reports was fixed.

I have to admit, that‘s a fair point regarding that argument.

Apple still asks for the address of the person setting up an Apple-ID (and they don’t need it, they are not going to send you a letter).

And of course, any privacy promise from Apple is not verifiable because everything is closed-source.

An address helps them address legal liability. We’re entering a balkanization of privacy rights, where your address determines what a company is liable for.

I am not 100 % sure on this since I don‘t have a Google account, but Google doesn‘t asks for an address, doesn‘t it?

If that is true, then Apple is asking for more information than necessary which is a privacy problem.

Being a data broker company, Google would rather not know your address so they can treat you like an American.

I can’t locate a public explanation from Apple but the best guesses I’ve seen is for sales tax or some apps are geo restricted.

Yes, because eventually you’ll switch to Linux where those tools will pay off. In this spirit, ensure the apps have cross-platform compatibility!

Come on, you know yourself that this is illegal and that Google of course does not do this, right?

Then IP address would be a much more reliable source for that