Oddbean new post about | logout
 Well of course, and people like us know the possibilities. But I’m a realist, I’ve worked with the public fixing their tech for years and nobody will take a phone home and flash another operating system. 

We’re talking less than 10% of the population even know about alternatives like graphene. The real choices are what people buy at the store. 

Google which is just corporate spyware

Apple which controls the experience to a high degree, but doesn’t surveil a persons every action 
 "doesn't surveil a persons"

Are you kidding? Apple knows everything about you. They surveil you in every single device, in every single connection. They even have an ad-platform that Facebook was forced to use and share data with so that Apple can know you better to sell ads. 

Don't think for a second that the two companies are any different. Google is just upfront about it.  
 Nope. 

I understand the jump to say they’re the same. But the business model tells you everything you need to know. Google revenue comes from people, Apple revenue comes from products. 

Do more reading on differential privacy advertising, lockdown mode, advanced data protection for iCloud etc etc

Apple built really great privacy tools. I know I was there.  
 Oh I did.. I know their differential privacy stuff... That doesn't change anything. Apple only offers privacy against everybody else. Not against themselves. 
 They make a whole lot more effort than any other tech company, I feel the public should give them more credit. Lots of good stuff that other companies wouldn’t touch. 

Remember when they went to court against the US government and still defied the court order to unlock everyone’s iPhones? 
 It's called privacy theater. They only apply differential privacy in 0.1% of their products. They only go to court in a few very public cases for marketing. Meaning while everything else is traced. 99.9% of their apps, services, devices call their servers in the open web without any privacy to you.  
 Idk man lot of assumptions there, from my point of view they go to court when it matters. 

Check this little switch right here, removes Apple keys entirely. They can hand over my data, but they can’t decrypt it. 

https://image.nostr.build/30d2f5536955384ea99d6214a488248d3a495376d135a72b331af2f6b8382005.jpg 
 "they can't decrypt it"™

https://video.nostr.build/a5f2d2e0d669f03c7fb6aac0a600b55200824638de9264a960d96487550ee8f2.mp4 
 Yeah my man that’s how cryptography works. I have the only key. Only things that aren’t encrypted are iCloud mail, contacts, and calendar so they can be interoperable with other providers. 

Far FAR better than Android protections. Only one better is graphene, but I don’t see graphene ever getting more than 15% market share
https://proton.me/blog/apple-icloud-privacy 
 They don't need to decrypt it. They control both sides, they can just track you using the app and get the information they need before encrypting. 

Similar to how WhatsApp/Telegram can get information from you even though they are "end to end" encrypted. They can just monitor what you type (which they do).

If the app is not opensource so that you can check it and if you can't change the server that is storing this info, they can track anything they want and you will never know. 
 What app? I’m not sure this makes any sense. If my device is encrypted at rest, and my data is encrypted in iCloud, it’s no different than collecting metadata from any source. I’ve yet to see anyone demonstrate this with iOS. If they could it would be international news like when pegasus spyware came around.

Plenty of audits for the lockdown mode and iCloud advanced protections that show it can stand up to state actors. 

Don’t get me wrong, I love the work put into Graphene as much as anybody. Graphene is best yes, we all know. But out of stock Android, or stock iOS, Apple’s built far superior protections.  
 There is no stock iOS. There is only the Apple-provided iOS which you can't see the code and thus you can't actually check for anything. 

On WhatApp: "Depending on the request WhatsApp’s response may include, if available, basic subscriber information (such as their name, service start date, last seen date, IP address, device type, and email address), and account information (such as a user’s "about" information, profile photos, group information and contacts list). In the ordinary course of providing its service, WhatsApp does not store message logs once the messages are delivered or transaction logs of such delivered messages. In order to comply with a valid legal request, such as a valid Pen Register Trap and Trace Order in the United States, WhatsApp may start collecting message logs and call logs for a particular user indicating who the communication was to or from, the time it was transmitted and from which IP address, and the type of communication (such as a text or call)."

 https://faq.whatsapp.com/808280033839222 
 Yeah “stock” iOS is the version from Apple. I was trying to convey the additional optional security features that put it above all versions of Android, except Graphene. 

WhatsApp is a third party app, created in china, purchased by Facebook. The real answer is don’t use it. But the danger of using WhatsApp is the same between Android and iOS. Again I’m trying to point out Graphene stands on its own here.

Cybersec researchers work pretty hard to breach iOS and their work is in the open, even if the public can’t look at the iOS source code.  
 Imagine thinking that pixels aren't hardware backdoored. The cope is real sometimes in the PrivSec community. 
 Imagine thinking iPhones are not.  
 I know they are lol. Just about every thing is these days. Unless you get a Librem 5😔 
 in between the time of mercantilism, where only one guy could get a license to do some business (with a letters patent and cosy relations with the monarch) and the arrival of the warfare modality of espionage, there were companies but they didn't register themselves

not long after monarch started hiring spooks, about 200 years, we saw the beginning of the modern liberal democratic state, and shortly thereafter, the wide deployment of fractional reserve banking, insurance, and income tax

at which point, multi-person enterprises were required, and much propaganda was made to make everyone think that doing business in a structured way required you to register for taxation

guess what

the real reason why they do all this is because it gives them a lever... once you are a publicly registered corporation, the spooks can come and talk to you and make you do things and at threat of death you must not tell anyone about this, and you must obey their commands

not only is google a NSA- and CIA- funded operation, so is Facebook, and before this, the spooks captured Apple, Microsoft ... and so on... and let's just say that in many cases, a lot of the money for these behemoths came from dark places that nobody really talks about and very few have even tried to find out

the entire situation is the most literal realisation of the allegory of Plato's Cave that you can imagine, they are controlling enough people's minds that the rest who are not sure, just go along with it either to fit in or out of fear

sooner or later, the human spirit will break out of this enslavement

so, yeah, don't be fooled

if the government approves it, or a faction of the government is trying to cast it as an enemy

it's part of the government

if it's a publicly registered corporation

it can effectively become part of the government at any moment, just waits on a bunch of MIBs to go out and have some conversations and make threats and give orders to the entrepreneurs involved

and yes they are a competitive bunch, there is at least two factions in every government, and they compete to increase the amount of control with their differerent philosophies of how to achieve it

nostr:nevent1qvzqqqqqqypzq3svyhng9ld8sv44950j957j9vchdktj7cxumsep9mvvjthc2pjuqqspmzej4afu6h6hq2q0gjgr63rkr0w4zeyfg2ryq5rynna27huz8hqd4xnqu 
 A thought to ponder. I think about this a lot and it is good to keep in mind going forward. 
nostr:nevent1qqsvpdh4hgd0vvdslpsc2wjzre4r0pg8scf4w90rytvc3eruc8mxncspz9mhxue69uhkummnw3ezuamfdejj7q3qfjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsxpqqqqqqzgvgtxf 
 iPhone users are invited to watch this man's content...

https://www.youtube.com/watch?v=_c8UrgGG3NA

https://www.youtube.com/watch?v=Mg4HWEdar2Q

https://www.youtube.com/watch?v=82N5SiOvStI

https://www.youtube.com/watch?v=kqBl6y0GY4g



nostr:nevent1qqsw5aqg9vdv3xkflh8ajmufqvyxrayvdgrn4que74y6j5ugrhlwrqspzpmhxue69uhkummnw3ezumt0d5hsyg8tw0jruahfvngnmec5dh3yelc6xt90m6snmtjkcnws9qzdsgfspupsgqqqqqqs0axem8 
 🤣 sure, the random youtube guy who happens to sell his own privacy phones can be trusted for unbiased opinions…
 
 Everyone is free to form their own opinion. This individual has significant technical experience and knowledge, far exceeding most on Nostr. Also, I don't about what he sells. I refer to facts to choose the tech I use... and nothing beats GrapheneOS. 
 https://brax.me
https://www.braxtech.net
Here’s his sites, linked right in his YouTube videos. Understanding a persons motive gives insight whether their word can be trusted 
 I've been following this man for years. He's knowledgeable about a wide range of software and hardware and still does. Are you suggesting he's created his own alternatives to all of these? I've never heard him criticize open-source systems unless they have legitimate flaws, like Linux phones. He's often mentioned various AOSP alternatives, not just the one he sells. And speaking of that, anyone could theoretically do what he's done with his Android system and phones, which is why I've never felt the need to buy it. 
 Nah my point is very simple. His content on iPhone privacy cannot be trusted as 100% factual because he has personal incentive to get his viewers to buy his product. If he was acting out of altruism or helping the community he would purely recommend graphene. 

It’s particularly telling that nobody in the PrivSec community has even heard of his products. A phone, os, communication clients…far more likely this guy is a honeypot for people seeking  privacy 
 I understand your concern, and it's valid. However, I don't entirely agree. A lot of what he says seems logically sound. Personally, I can't imagine ever using a closed-source OS again. As an African living in Africa, I see iPhone and the likes of Huawei as two sides of the same coin... Interests can vary based on the context. 
 We all know open source like graphene is top tier for hardcore privacy. However the general public will never learn or install alternative operating systems. Never gonna happen. They buy a phone and use it as is. 

The real choices for 90% of the public are manufacturer customized Android, or iOS. I will always recommend iOS between the two, it’s far more secure. Ask cellebrite or the NSO group. If you’re an “at risk” individual, turn on lockdown mode and advanced data protection. Regardless of jurisdiction, nobody can decrypt your data.

All comes down to knowing about the tools 
 Now you can buy degoogle phones straight out of the box. Rob also mentioned these guys. I agree that grapheneos is the best choice but generally I prefer that people start their degoogle journey with other options and move to grapheneos at a later stage
https://shop.iode.tech/ 
 Sure no disagreement here, I’m happy these options exist. However we are not the common denominator with tech knowledge. I have extensive experience with the public, you’d be shocked how many can’t tell you what phone they’re holding let alone understanding operating systems.

iOS is the best way to get easy default security into as many hands as possible. These charts from Cellebrite help illustrate my meaning
https://nostrcheck.me/media/eb73e43e76e964d13de7146de24cff1a32cafdea13dae56c4dd02804d821300f/c3a08ecc8b2239be485f2709941b0adc20f09b36a0d56670dfe8a26acd3822cc.webp
https://nostrcheck.me/media/eb73e43e76e964d13de7146de24cff1a32cafdea13dae56c4dd02804d821300f/b57eeeb37e1b34e53a63ff348bdfcfd1655baf625bb6f7edf99a795ad4985f51.webp