Oddbean new post about | logout
 It's called privacy theater. They only apply differential privacy in 0.1% of their products. They only go to court in a few very public cases for marketing. Meaning while everything else is traced. 99.9% of their apps, services, devices call their servers in the open web without any privacy to you.  
 Idk man lot of assumptions there, from my point of view they go to court when it matters. 

Check this little switch right here, removes Apple keys entirely. They can hand over my data, but they can’t decrypt it. 

https://image.nostr.build/30d2f5536955384ea99d6214a488248d3a495376d135a72b331af2f6b8382005.jpg 
 "they can't decrypt it"™

https://video.nostr.build/a5f2d2e0d669f03c7fb6aac0a600b55200824638de9264a960d96487550ee8f2.mp4 
 Yeah my man that’s how cryptography works. I have the only key. Only things that aren’t encrypted are iCloud mail, contacts, and calendar so they can be interoperable with other providers. 

Far FAR better than Android protections. Only one better is graphene, but I don’t see graphene ever getting more than 15% market share
https://proton.me/blog/apple-icloud-privacy 
 They don't need to decrypt it. They control both sides, they can just track you using the app and get the information they need before encrypting. 

Similar to how WhatsApp/Telegram can get information from you even though they are "end to end" encrypted. They can just monitor what you type (which they do).

If the app is not opensource so that you can check it and if you can't change the server that is storing this info, they can track anything they want and you will never know. 
 What app? I’m not sure this makes any sense. If my device is encrypted at rest, and my data is encrypted in iCloud, it’s no different than collecting metadata from any source. I’ve yet to see anyone demonstrate this with iOS. If they could it would be international news like when pegasus spyware came around.

Plenty of audits for the lockdown mode and iCloud advanced protections that show it can stand up to state actors. 

Don’t get me wrong, I love the work put into Graphene as much as anybody. Graphene is best yes, we all know. But out of stock Android, or stock iOS, Apple’s built far superior protections.  
 There is no stock iOS. There is only the Apple-provided iOS which you can't see the code and thus you can't actually check for anything. 

On WhatApp: "Depending on the request WhatsApp’s response may include, if available, basic subscriber information (such as their name, service start date, last seen date, IP address, device type, and email address), and account information (such as a user’s "about" information, profile photos, group information and contacts list). In the ordinary course of providing its service, WhatsApp does not store message logs once the messages are delivered or transaction logs of such delivered messages. In order to comply with a valid legal request, such as a valid Pen Register Trap and Trace Order in the United States, WhatsApp may start collecting message logs and call logs for a particular user indicating who the communication was to or from, the time it was transmitted and from which IP address, and the type of communication (such as a text or call)."

 https://faq.whatsapp.com/808280033839222 
 Yeah “stock” iOS is the version from Apple. I was trying to convey the additional optional security features that put it above all versions of Android, except Graphene. 

WhatsApp is a third party app, created in china, purchased by Facebook. The real answer is don’t use it. But the danger of using WhatsApp is the same between Android and iOS. Again I’m trying to point out Graphene stands on its own here.

Cybersec researchers work pretty hard to breach iOS and their work is in the open, even if the public can’t look at the iOS source code.