Comment by port11
15 days ago
We use Nara to track our baby's food intake and sleep.
A couple of months ago I noticed Little Snitch complaining about the app making new connections to malware domains. Thankfully I can run the app on macOS and noticed it.
When confronted with how this violated their Privay Policy, they gave a condescending reply. When I contacted Apple about this new update to the app, they ignored my report.
So… no, we're not safer on iOS. Perhaps the barrier to entry is a bit higher to discourage some low-hanging fruit, but Apple does very little for the 30% commission it takes.
They mean safer from apps like NewPipe which threaten their margins by giving users their attention back.
Safer from apps that do insane but legal data collection is what I am worried about. Why would a foreign adversary need a hacking team when they can just buy what they need from an American company built to sell detailed personal information on Americans using shitty malware-riddled products?
It's not like they're the only bullies in town (@bigG: try to remember "do no evil" and you were an actually cool tech company rather worth applying to, worth having on your resume).
I paid for Prime Video to remove ads only to find that now they'll play skipable ads again at the start of a movie and this time I don't even have the option of paying again..
I'm not against big profits, and I'm definitely not in favor of more regulation to attempt to fix it but I am against mico-maximization of profit with obviously consumer-unfriendly behavior. The way to fix it, IMHO, is to start over with yet another small guy that comes in and does it right. Angel Studios is doing pretty good and although the content selection is much more limited, the overall vibe is great, feels safe to leave children around for more than 2 minutes (unlike youtube kids).
we must think of the shareholders!!! No, how can you! I want to give billionaires more profits that would most likely just be a number to them while selling myself for them, Noo.
(satirical post)
> Perhaps the barrier to entry is a bit higher to discourage some low-hanging fruit, but Apple does very little for the 30% commission it takes.
As someone who is diligent about staying on top of these things, I thank you for sharing this because this is what I'm talking about: it is not clear at all to an average user who is trying to do task X with their phone (note that's *not* "do task X securely while protecting personal data").
I figured Apple didn't do a whole lot, but I still feel the policies must do something. Please do tell if you know specifics though. And I am very disappointed with all the near-literal shit that's flooded the iOS app store the last few years. Overall, my opinion about it all is that we need to take some time to think about everything we've learned and rebuild something new from the ground up. GrapheneOS seems promising.
> but I still feel the policies must do something
That has been the problem with Apple, a lot of feeling inspired by nice UI design, and a lot of screw-you-over in the background (draconian dev policies, nonsense security requirements that make you less, not more, secure, and money grubbing that doesn't make the users any better off)...
Maybe in a world with Steve Jobs, it could have been different, who knows. I don't get the sense that Tim Cook "gets" it.
Companies are made of people, not just their figurehead.
Jobs wasn't a nice person, as it's been documented. And if he was surrounded by MBAs and PMs trying to make a career, the results might be similar to what we have.
I do think Cook is a terrible CEO on the product side. But he's made Apple richer than ever. I'm not upgrading to the 26 version of the OS'es (btw what a stupid version bump).
Can you give examples of nonsense security policies that make you less secure? I’ve always thought Apple’s security policies have been exemplary, forward thinking, and balanced.
I have lost faith in Apple as a current best choice because of the things you say. Maybe it's dumb for me to think of it this way, but I was just expressing that I'm happier overall with how Apple handled it while I've had an iPhone. I felt like I was in better hands, even though I know just about all their shortcomings that have been made public. Still, I don't think there was a better choice for the general average Joe than an iOS device. They have kept my parents safe from identity theft, any malware (that I know of), stolen credit cards, etc. And I think they deserve some (intangible, feelings-based) credit for that.
This morning I ordered a Pixel phone after realizing they are available in my price range after all (thanks to this discussion, specifically one of the few who didn't try to argue with me) so GrapheneOS is what I would personally recommend if anyone was thinking I was trying to say "iOS is better, prove me wrong". I was more looking for others to share similar thoughts, not attempt to shut me down, but such is life.
To be clear, Apple's authoritarian tendencies are directly downstream of Steve Jobs' authoritarian tendencies. Tim Cook's just continuing what was already there in 2014. It was Apple policy to lock down everything with code signing since the iPhone. Hell, I think it started being a company mandate around the 4th or 5th gen iPod.
The one thing Jobs didn't account for[0] was that iOS apps were going to take off and thus owning the signing keys to iOS would be extremely lucrative. Jobs' original iOS development mandate was "webapps only", at least until the jailbreak developers embarrassed him enough to change his mind. Even then, he genuinely thought 30% was going to just barely defray the costs of running the App Store.
The actual difference between Jobs and Cook is that Tim Cook isn't nearly as charismatic. Jobs had the "reality distortion field" - the ability to confidently lie so hard that the engineers believe the lie and actually make it true. It's the sort of authoritarian manifestation that Donald Trump is desperately trying (and failing) to tap into.
[0] In Jobs' defense the last SDK they'd shipped for portable devices was iPod games.
I've ran Graphene for a year to complement an iPhone; sadly, Device Attestation makes it non-viable as a main phone. Banking apps and what we used to id ourselves are a whack-a-mole of incompatibility. For everything else, I do think it's a great solution.
For reference on Nara, it tries to connect to domains such as dewrain.*, vaicore, akisinn, etc. (many TLDs) Little Snitch was the only way I'd know. Sadly it means we're unsafe on iOS and Android, so we've stopped using any features that might be or leak PII. Just milk and sleep.
This unnerved me so much that I'm building an app for parents on the side. I can't believe our options are free with trackers or expensive (with trackers). And Nara was clean before the update around March.
Wow! Well you never know where simple frustrations will lead, or in your case noticing something that you just can't shake that no one else seems to think is important. I'd say keep me posted, but that's not on you especially while you're developing that app. I wish you the best of luck, and it sounds like you're doing it with a really unique and authentic perspective that I wouldn't be sure that any of the apps that become popular on either App Store can guarantee. Seriously, the world might depend on you :)
I had a feeling about what you described with GrapheneOS would be the case, and that's what kept me from really considering it as a replacement for my iPhone until talking with some folks in this thread. I really don't see myself getting out of using an iPhone as my "main phone" tied to my phone number since my wife is neck-deep in the whole Apple ecosystem (and I truly believe that being flexible in this regard is worth it and makes our lives a whole lot better, even when the issue in question is what I would consider a simple moral non-negotiable, securely protecting my and my family's personal data. just means that I have more solving to do before the solution).
My solution for now is to always run everything through a trusted VPN and NextDNS on the iPhone, or as much as iOS will let me I guess, and using this as my new Pixel's gateway to the internet when I'm away from a trusted connection. I will also be running everything through the VPN when I'm using GrapheneOS, so when I am out and about I'm not treating my not-entirely-trustworthy iPhone any differently than a Starbucks hotspot. Sometimes the convenience really makes a difference, not all the time but it does matter occasionally.
1 reply →
:( Would you be willing to share Nara's full reply?
Oh, I remembered it wrong. It's just an automatic reply. The condescending one was to my suggestion to use median values instead of averages.