starting my privacy journey - would apple be a bad choice?

hello everyone,

i am in the beginning stages of starting my privacy journey. i have read a lot of what privacy guides has to offer and have learned a lot about this topic and what i am actually trying to protect. however, i still have a looming question or two and would like some advice.

while i do want to better protect my privacy, i also don’t want to make my life more difficult or accept weaker security. i primarily work as a journalist and i sometimes cover stories that can make people mad. right now i have no reason to believe i would be a target, but in this line of work it is a possibility to be aware of. as a result , i have to take security more seriously than most. kind of like a better safe than sorry type of deal.

aside: i realize with how i am typing it might be hard for many to believe i am a journalist. i am intentionally typing with minimal grammar and intentional mistakes because i don’t want anyone comparing this post to my work and potentially linking my professional identity to it.

up until this point i have been using windows. i did take steps to improve my security by using bitlocker to encrypt my drive, made sure the computer i use supported advanced security features and so on. however, i have become increasingly aware of how much of my privacy i am sacrificing online and am trying to walk it back. for my first main step i am wanting to ditch windows and delete my microsoft account.

as far as security and professional work is concerned, i feel like macOS with lockdown mode might be a good fit for me. based on some reading i have done, apple does a lot to secure their devices, so long as i do my part to have good internet hygiene and be responsible for my own online safety by keeping myself informed of threats that may impact me. this would also pair nicely with my iphone that i do enjoy using. if i go this route i would also opt to use icloud with advanced data protection. the main exception here being that i would choose to use bitwarden for my password manager in case i ever want to leave the apple ecosystem.

i don’t mind changing email addresses on accounts and things like that and i keep local backups of my important data, so i think this would be a good fit for me. i also don’t talk to people using email, so i am okay with it not being encrypted at rest. to me email is mostly for receipts, signing up to websites, etc. i think icloud email would provide reasonable security and privacy for these needs. who knows, maybe one day the advanced data protection would cover emails too.

i realize this is a journey and not an actual destination, but am i being naive to believe in the promises of privacy apple is marketing? i know it won’t be a perfect solution, but it does look like most of their software processes things on-device or has it end-to-end encrypted. this alone makes me trust them a lot more than other big tech. couple this with their strong security with minimal hassle, and i think it might be good enough for me. don’t get me wrong, i would still try to increase my privacy when possible, but i also want to stick with protecting my privacy long-term and want the biggest gains with minimal friction and no sacrifice to security.

do you all think i might be making a mistake? to give a little more information, here is a highlight of the common threats i am concerned with and why:

• anonymity: this will mostly come in the form of creating different identities for different parts of my life. for example, i publish things online under different identities to make it more difficult for people to relate online activities with my real identity

• targeted attacks: i am not under any threat of being targeted right now, but with my line of work it is possible in the future. i also really do worry about being stalked, which has happened before. i am not sure if stalking falls under a targeted attack, but i will list it here.

• passive attacks: i think we all need protection from malware, data breaches, etc.

• service providers: i need to use services that offer end-to-end encryption for things like notes, pictures, and so on. however, my emails/contacts don’t need to be encrypted since i only use signal to discuss things and add important contacts. i do sometimes talk with family members via text and phone calls, but this is not avoidable and i try to be very mindful of what is shared there.

• mass surveillance: i just want to protect myself from this to the extent as everyone else. sometimes i write about law enforcement or people in law enforcement and that can be a little intimidating/scary, if that matters here.

• surveillance capitalism: i’d rather companies not make money selling my data. i understand this will be impossible to fully protect against. i know apple may not be ideal with this aspect, but i do feel like they are way better than most and that i could still guard myself reasonably well in this category even using their software

• public exposure: this is what i worry about the absolute most! largely because i need to protect against stalkers and the general public. possibly even people in law enforcement who might want to dig into me a little bit without an actual legal warrant. i already use a service that helps me delete my info from people search sites, but this is a category i have been working really hard to try and improve.

censorship: the organizations i write for worry about this for me to an extent. at the moment this isn’t a concern for me outside of what normal people face.

now that you know a little bit more about my situation, what do you all think? am i making the right choice here or am i making a mistake by thinking apple will be any better with my privacy?

i did look into linux and i probably could force it to work, but it would probably have a lot of friction and it does not seem to offer the same level of security if i am ever specifically targeted. especially when it comes to protecting the boot process, which is really important to my needs.

i look forward to any advice you could all offer me.

thank you. once again, sorry for the poor spelling, grammar, formatting, etc.

There are definitely some drawbacks to Apple here, it is challenging to properly isolate things on macOS/iOS, especially compared to using Qubes or user profiles on Android.

Compared to Windows the difference in privacy is a complete no-brainer though. The word of warning I’d say is that Apple is heading in a pretty poor direction as of late, and I’m not super optimistic about what the state of their ‘ecosystem’ will be in the next 5-10 years. But for now compared to the commercial competition they are still far ahead of the pack.

As far as Linux, the security downsides are vastly overstated by many, and it provides a more than reasonable amount of protection for most people. For someone juggling multiple identities like yourself I would still lean towards Qubes.

You did not specify who you think you might be targeted by, and you don’t think you are a target now, so it seems likely to me that Linux would be perfectly fine for you. There are not really accounts of people on Linux being compromised outside of targeted law enforcement investigations. A well resourced state actor is a completely different situation than a stalker or criminal targeting you, so keep that in mind.

I haven’t finished reading, but I think “stalking” is definitely a targeted attack. I will continue reading and hopefully have something useful to say.

Finished reading. The biggest mistake I think you are at risk of making here is locking yourself into their ecosystem. I do not personally trust Apple, to be clear with my bias. But it is pretty well known that Apple has a “walled-garden” approach to things. This can reduce friction and make life easier IF you stick with them, but it also means that you will have a very bad time trying to leave if you decide you need to in the future (ie, if things continue to get worse as Jonah has suggested).

If you can avoid that, then for general use, it might be a good solution for you. For your journalism in particular, though, if you aren’t publishing under your real name (which would obviously be an issue), it might be worth considering using Tails for your work. It isn’t meant to be your daily use OS; this seems like exactly the kind of use case it exists for. You can set up persistent storage if you need to keep certain work related files around between sessions (ie, documents you’ve been researching). Or you could keep those elsewhere.

It’s always going to boil down to convenience. But there are relatively easy ways to get around major hurdles. The key is isolation.

E.g. take Windows’ privacy. Need to game but don’t trust it with your personal files? Use Linux as daily driver, buy a 50 dollar SSD, isolate Linux with full-disk encryption and be done with the problem categorically. Need to ensure randomware security? Have an airgapped backup you update periodically from Linux side. You’ll want backup drive anyway, not keeping it connected all the time saves increases spindle lifespan and makes life easier.

https://www.qubes-os.org/ is made for you. Have a dedicated work machine, learn to open email attachments in disposable VMs, to move received Signal attachments to disposable VMs. Not hard, at it will save you hours and hours of reinstalling if you get concerned with what you received.

locally run LLMs can also be used to obfuscate your writing style if that’s a concern.

The track record is not that good since Windows likes to offload bitlocker to SSDs that may or may have decent cryptographic system. SSD encryption failures made worse by BitLocker settings | TechTarget

Windows is slowly turning into spyware. Microsoft to re-launch ‘privacy nightmare’ AI screenshot tool The best time to jump ship was yesterday.

Yeah Apple has pretty good protections, including strong hardware security and protection for journalists About Apple threat notifications and protecting against mercenary spyware - Apple Support

But Apple is also NSA PRISM partner and apparently they didn’t have too much trouble installing malware on Apple devices ~10 years ago. How the NSA Can Get Onto Your iPhone | FRONTLINE | PBS | Official Site | Documentary Series Who knows what it’s like today.

I have no idea where you physically are but geopolitics can help ensure the devices aren’t in bed with your host country’s government. This meme is old but relevant

image2048×516 139 KB

Make sure whatever cloud-service you use, you’re encrypting data before it leaves your device. This so-called client side encryption is vital. You shouldn’t have to trust the vendor. You can encrypt the cloud backup with veracrypt, or you can use some client-side encrypted cloud service like SpiderOak. Some tools like cryptomator let you client-side encrypt data on the fly.

Bitwarden is fine, just make sure to select Argon2 as the key derivation algorithm, and learn a strong master password.

It’ll boil down to who you want privacy from. Apple can be great, but it’s not a trust-nobody, but trust Apple, solution.

Time to learn how https://www.torproject.org/ works. For anonymous comms with sources you should look into https://docs.cwtch.im/

Rotate accounts as often as you can, make sure names and passwords and recovery emails don’t match previous ones, use Tor Browser where you can to mask where you’re connecting from. The longer you retain the account the easier it is to build the puzzle.

There’s very little you can do in practice for endpoint security aside sandboxing everything in Qubes, or doing ephemeral research with Tails. Apple has good HW, and Graphene OS with a Google Pixel apparently sits at the top. For laptops, see https://puri.sm/. They have decent anti-tamper seal for delivery IIRC but you’ll have to pay for the service.

Yeah Signal is good, if Cwtch is for situations where your source wants to remain anonymous from you, and to hide the fact you’re even talking to them.

There’s probably decent set of guides written to e.g. streamers, and companies willing to consult celebrities on OPSEC. You should ask your boss to hire someone to consult on this.

There’s always a learning curve for new things. There’s plenty of good guides

You should again solve this with burner devices when traveling. Your boss should see this as cost the of doing business. Purism laptops have decent boot protection for Qubes PureBoot – Purism

So I’d say burner device with live booted Linux like Tails during travels is relatively good starting point.

For work laptop where you work on graphics or design or whatever, Apple has you, and for opening emails or receving attachments from sources, use a Librem or basic laptop with Qubes.

Isolation comes with a bit of learning curve and some upfront costs, but the process you’ll develop will save you a ton of time and money in the long run. Also, you don’t have to learn how to do everything on Qubes, just the relevant tasks i mentioned above.

Compared to 10 years ago? Basically infinitely better. I still wouldn’t put it past the NSA though.

It’s also important to keep in mind the difference between being targeted by the full force of a government agency, versus being targeted by some low-level cop abusing their privileges on their own. Even if someone is reporting on law enforcement that doesn’t mean they’re going to have the full force of the FBI/NSA/whatever up their ass. If that is a worry you’re entering “don’t use computers” territory, but you’re probably not Edward Snowden.

I definitely would want to know whether OP has a news room which is capable of answering some of these questions for them.

I wouldn’t necessarily advise using Purism’s laptops or products

https://xcancel.com/GrapheneOS/search?f=tweets&q=Purism&since=&until=&near=

I feel like these questions are so hard to answer, because it all depends on how much time you want to invest in the short term and long term in your privacy journey.

If you want quick “easy” wins, versus what you should do in the long run, the answer would be different.

I also depends on the knowledge you have of the OS. If you only know Windows as an OS and you don’t know Apple. Then for sure, if you’re aware of the implications of learning a new OS, then go the Linux route.

Again, depending on the time you invest short term versus long term, the answers will vary.

I’m personally using hardened Windows 11 with the intention to switch to Linux in about 3 years (also depends on how much scummy Microsoft becomes).

I’m fairly new in this journey as well and have lots of thoughts about your move. I’m a longtime Apple users, 30+ years and until 2025 I mostly trusted the company and had given no thought to making any changes. Privacy is core to their marketing. But Tim Cook has famously said on several occasions that Apple obeys the laws of the countries they operate in. That’s nearly an exact quote. Initially that was about China. And Apple’s relocation of data from the US to China at that government’s demand.

I don’t know your location but in the US under the new regime and Tim Cook’s behavior and Apple’s actions this year, I no longer trust Apple’s marketing. Apple has clearly bent the knee and it should be assumed that they will comply. My response in February was to begin a move to GNU/Linux and to move my data out of iCloud and to reduce my dependence on that service. I had EVERYTHING in iCloud.

So, my feelings about Apple are very different now but closer to what they should have been all along.

Apple’s hardware and operating systems are famously proprietary and tightly controlled. They’ve invested a lot into this control and the security that comes with it. I don’t think they’ll throw that out the window anytime soon so I do think that the hardware/OS is likely to be “trustworthy” for sometime to come. But, because it’s closed and proprietary trust is involved. So, there’s that.

Assuming there can be some trust that the company will (for now) defend the security of the hardware and OS, I have decided to continue using an iPhone and iPad. By default both of those are encrypted and fairly secure but for the privacy minded I would recommend NOT using iCloud for photos, email and file storage. Depending on your workflow, what kinds of software you use, work location (home or are you often mobile using public Wi-Fi or do you use your iPhone as a hotspot if mobile), etc different devices/services/software might be more appropriate.

iCloud definitely provides convenience and it is required for some of those handy iPhone-Mac integrations but you’re getting into a kind of dependency/lock-in that you mentioned you want to avoid. (By the way, you can easily export your passwords from the Passwords app so you’re actually not locked in there. I exported mine and imported them into KeePass on my GNU/Linux computer with no problem though I’m not sure how that would go with other password apps.)

Before you jump in with iCloud I would suggest:

• Tutamail for email. I know you said you don’t need encrypted email but it doesn’t cost anything extra and you get calendaring as well. Both apps available for iPhone/iPad and are open source.
• If you want to avoid lock-in consider writing in markdown or LibreOffice. Don’t use the Apple Notes App or Pages, use a text editor and save as text/markdown files on your device.
• If you often work away from home you may want to consider using an iPad as your mobile computer rather than a Mac. You can purchase an iPad with built in cellular then buy a third party eSIM for data. This can be handy for locations that offer public Wi-Fi but do not allow the use of a VPN. My local library does this.
• Depending on your budget, a home-based Mac used in conjunction with an iPhone and iPad for mobile computing allows for a local file “cloud” that is private, secure and fairly easy to set-up with Syncthing. You’ll have no dependence on iCloud storage or any other remote storage. I’ve come to prefer this method as it gives me more control and is easy to use. Combined with an external drive for backups you’ll have some file redundancy.
• While Apple devices are fairly secure by default there are quite a few settings to make it more private so that you’re not leaking a good bit of data to Apple.

I don’t think it’s a mistake to move into the Apple ecosystem but do so knowing that the company wants to lock you down for themselves. And do it knowing that any hardware you buy from them is never fully yours because of the amount of control they exert through their proprietary OS. Be vigilant in pushing back against them and assert as much control and ownership over the devices you paid for. They are not your friend but an adversary especially in today’s environment.

Finally, not specific to Apple, if you’re in the US and a journalist in 2025, consider your phone and carrier arrangement. Until two months ago I had only a sort of vague (hand wavy) notion of what my carrier tracked. From what I’ve read, they track everything. Obviously, your calls are all logged and metadata stored and texts. But, crucially, your daily locations. I’m not a journalist but I have a history of activism, so I’ve also taken the measure of turning my carrier eSIM off. I’ve downgraded the plan to a voice/text only plan that costs far less $20/month and I’ll keep the account and number for now but I leave that eSIM toggled off. It’s a back-up that I don’t intend to use very often.

I’ve bought a data-only eSIM with a couple of gigs of data for the phone and now make my phone calls via MySudo which provides VOIP lines. It’s not perfect anonyminity but it’s far more obscure than using a standard carrier that keeps detailed logs available for sale or sharing to government and data brokers.