Comment by lathiat
3 months ago
I would argue that iPadOS (built on iPhone's coat tails) moved the field forward significantly in terms of isolation and user security.
While this has left a long tail of inconveniences, many resolved and some not, I am very confident that using 1 app on my iPhone/iPad will not leak data to another in any case that I am likely to care about as a non-significantly interesting person (political figure, etc).
... and for those people Apple even makes lockdown mode to move the bar, while acknowledging it adds extra inconvenience: https://support.apple.com/en-au/105120
I have no such confidence about macOS, Linux or Windows, in fact the reverse. macOS has done the best at trying to bolt on some sandboxing (and linux has it too) but that's still very holey and not all-in like iOS/iPadOS has ended up.
Yes, I know there have been many bugs and leaks in iOS but the security level is far and above the desktops currently, and designed that way from the ground up. So when they finally make something work like copy and paste or sharing between apps, etc... it's by and large done very well.
It's been very difficult to add that kind of thing to Linux because you're trying to do the reverse and lock things down and it breaks everything... making it very challenging.. as opposed to Apple where basically nothing useful worked at the start (no copy/paste, one app at a time, no meaningful filesystem, etc).. but managed to get the product successful in the limited state and has slowly unlocked that stuff over time. Admittedly very slowly.
I cannot speak for Android as I just have never used it or surrounded myself in info about it's design, security, etc.. it may well be very similar although they from my casual observation seemed to do a much worse job at granular privacy permissions (e.g. for the longest time permissions were all granted at install time, and so many apps want so many most people are blind to it.. as opposed to Apple's model where even if notarised for something on the app store in most cases you have to agree to it when the app first uses it.. I know they fixed that a while back but I have no idea how well things have transitioned to that now). As a very techy person deeply knowledge in many things, and using desktop Linux since 2002, it's kindof a hilarious personal failing that I have never used Android.. I really should try and resolve that at some point.
> While this has left a long tail of inconveniences, many resolved and some not, I am very confident that using 1 app on my iPhone/iPad will not leak data to another in any case that I am likely to care about as a non-significantly interesting person (political figure, etc).
Log in to YouTube with one Google account. Log in to Google Drive with a different one.
Google knows that both accounts are owned by the same person, because Apple lets Google's apps access the data of the others on the same system.
I don't think it's something special that Google is doing. I suspect they are just using the built-in App Groups functionality.
Basically, it's a way for different apps from the same developer to share information via a data container.
Correct. Apple is leaking the data between apps for them.
1 reply →
Android permissions began to ask for individual confirmation on first use in Android 6.0 (released in 2015) so the grant-all-on-install model hasn't been how it works in a very long time.
Also your narrative about iOS moving from locked down to opening things up over time isn't entirely accurate, when iOS (iPhoneOS) was first released, it didn't have any concept of permissions at all! Apps could use whatever API the OS offered with the user none the wiser. At that time Android Market forcing developers to disclose which permissions were required was seen as unusually transparent and secure. Random iPhone apps scanning contacts deceptively pushed Apple to adopt a permissions model several years after the iPhone was first released.
The two platforms have historically leap frogged each other in various ways but at this point have started to converge as mobile settled into a boring appliance instead of groundbreaking new computing paradigm. Apart from sideloading, notifications and some minor annoyances here and there I can almost forget which OS I'm using as I switch between iOS and Android (thanks to gestures removing the trademark home/back navigation distinctions).