Comment by luk212
11 days ago
Very Apple-ish approach to AI catch up: wrap an external tool in a privacy architecture, embed into the OS and productize the orchestration layer.
It will be interesting to see if the Private Cloud Compute + on-device routing can make third-party model capabilities feel like a first-party system without leaking user context to the model provider.
If Apple handles the Google-Apple boundary right, this will be an elegant move on their part, otherwise it will feel like Apple Intelligence with a just a privacy-polished frontend for Gemini.
> wrap an external tool in a privacy architecture
Wouldn't it be more accurate to call Apple's architecture data protection rather than privacy? As an European citizen in a post Snowden world I would be surprised if any of my data on Apple services was actually kept private from the US government, and Apple certainly wants to own a lot of data/metadata about you. Gotta have Siri listening for carplay and so on. I would aboslutely trust Apple not to sell my data as a commodity though.
> If Apple handles the Google-Apple boundary right, this will be an elegant move on their part, otherwise it will feel like Apple Intelligence with a just a privacy-polished frontend for Gemini.
I'd say this is spot on. At least if what Microsoft is doing with Copilot Cowork is anything to go by. Cowork is not a privacy-polished as much as it's an Enterprise compliant polish to make Opus 4.8 run "safely" in your enterprise organisation. So far Microsoft is winning the AI war in non-tech enterprise with this, especially here in the EU. If Apple manages to do this for the private market that will be great for them.
I'm not personally sold on what an AI should do on my phone though. I use a lot of AI professionally, but I haven't even turned on Bixby or whatever the Samsung AI is called.
From an EU perspective, Microsoft is doing data protection, Apple is doing data privacy.
Microsoft's approach to data is basically "we promise nobody else but you and your government can access it, we can but we pinky swear we won't." This promise is mostly enforced at the legal layer and through legal consequences, not technical safeguards. If they think they can get away with it (or are forced to get away with it by the US government), there's nothing stopping them from using your data in whatever way they want.
When they can, Apple designs their systems so that they physically don't even have the capability to use your data, even if it's processed on their own servers. They're not privacy maximalists like Signal is, they care more about user experience, but they do aim for the highest level of privacy you can get while still having a good experience, and when they do need to make sacrifices, they typically let you opt into the privacy features if you really want to.
I'm far more inclined to believe that Microsoft is secretly (or not so secretly) collaborating with the US government than that Apple is.
There has been anecdotal statements/blogs from Apple employees about the data privacy. They have said building some internal capabilities or user facing features are extremely difficult or impossible because they aren't able to access user data at the level required.
7 replies →
> Wouldn't it be more accurate to call Apple's architecture data protection rather than privacy? As an European citizen in a post Snowden world I would be surprised if any of my data on Apple services was actually kept private from the US government, and Apple certainly wants to own a lot of data/metadata about you.
Your conception doesn’t seem to match PCC at all. The whole point of it is that nobody can access the data, not even the people running the servers.
https://security.apple.com/blog/private-cloud-compute/
I don't trust a single US tech company to keep my data private from the US government. Maybe I need a tinfoil hat, but I don't feel like I'm unjustified in this based on the history going back to echelon. Not that this is a particular jive at the USA, my own government (Danish) actively pushes for mass surveillance and non-functional e2e encryption.
There is still a difference though. Google will sell my data and use it for all sorts of things. Though I've obviously accepted that since I have had a Samsung flip phone since Apple made their iPhones too big for my pockets.
19 replies →
There's no guarantee against data exfiltration, because the data leaks happens through tool calls, which are not made from the PCC, but from your own device.
E.g. "the user asks if their Bitcoin private key is unique, let's make a web search".
Combined with prompt injection attacks, it's quite easy for an attacker to craft a prompt which sends your private data through any supported tool call (web search, database search, email, app APIs, etc.). Everything is wide open for the attacker / or yourself accidentally to exfiltrate your data.
3 replies →
And we have to believe that it's not backdoored because they say so? That's incredibly naïve.
3 replies →
> I use a lot of AI professionally, but I haven't even turned on Bixby or whatever the Samsung AI is called.
I know this was just a small aside, but man do I hate Bixby and other phone AIs. They are so frustratingly difficult to turn off, and turning them on accidentally is as simply as holding the wrong button for a few seconds, such as when your phone is in your pocket. Very frustrating design.
I never turned Bixby on, so it never really bothers me except for when I update and it want me to accept something which I decline. I turned the button off, I forgot what I switched it to but holy hell was that annoying.
1 reply →
I just want to be able to turn things off without affecting completely other unrelated things. Like Siri and Carplay, makes no sense I need one activated to use the other, just a trick to get people to avoid disabling Siri.
> I would be surprised if any of my data on Apple services was actually kept private from the US government
Outside of law enforcement having a warrant, Apple's efforts against CSAM, or their Chinese data centers, I've not heard of Apple doing any of what you assume in a post-Snowden world. iMessage is supposed to be end to end encrypted, and there was a few years ago that whole scandal where Apple wouldn't unlock a literal terrorists cell phone for the FBI.
The FBI had to reach out to... a third party to unlock the phone (I forget the name of the firm that did it - Cellebrite maybe?) for them, what's funny is they spent a lot of money on it, when the rest of the world pointed out that the very specific iOS version in question had known vulnerabilities they could have found online for free (or cheaper?).
Is there a meaningful Google-Apple boundary in operation?
They are buying the right to distill their own Gemini models and run them in their data centres (or at least data centres they control); unless I am missing something, this isn't going to be infrastructure that Google has operational control over.
If Apple is running the inference from Apple iPhones and Apple data centers then Apple has operational control. Google’s influence ends the moment they hand the weights over to Apple.
They are using Google Cloud.
https://security.apple.com/blog/expanding-pcc/?linkId=100000...
"Now, we are collaborating with Google and NVIDIA to run new Apple Intelligence workloads on Google Cloud, extending our industry-leading PCC privacy commitments to third-party data centers for the first time."
36 replies →
Right — I suppose I mis-phrased my first sentence a bit, because I guess it can be interpreted as me saying the boundary is blurred, when what I was trying to write is: in operation there is nothing crossing any boundary; Google are not in the picture.
But google is paying SpaceX/xAi for compute... so...
As someone who doesn't use Android, they showed a lot of integration into the apps, which I think is where the real magic happens, and it's not something I can do with any 3rd party chatbots today (that I'm aware of). I also don't know that I would trust the other 3rd parties with the access required to pull it off.
If anything, having Shortcuts built-in at the OS level was a very long play that’s going to pay off.
And Intents
I'm interested in how it feels to use: whether there is any context leaking, as you mentioned, if it introduces latency, and whether there are any pricing implications? I know they weighed a variety of factors, including the smaller models, but cost had to be a big concern, too... I feel like Google is the only provider giving away so much AI inference for free.
This will further blur the picture about when and how consumers / employees are supposed to pay for AI services. For example, they showed consumer rather than coding tasks, but could you select five files and ask Siri to write a Python script or a small app? Will enterprises just disable Siri AI functionality, or will they be able to route it through their own AI auditing and providers?
Oh yes Apple "wraps" their AI in a "privacy architecture" -- you can't use Carplay unless you turn it (Siri) on.
Yes, but Siri can be turned off from invocation without turning off CarPlay. You can disable the side button and Hey Siri while leaving Siri "on."
No disrespect for your valuable discovery but this attitude of “it’s possible, if you do these non-obvious steps” feels a lot like victim blaming in UI.
If Apple (or anyone else) wanted to make a feature used, they can. For everyone else, if Siri is off CarPlay doesn’t work. And that’s by design.
Not the design of “ooh if Siri is off then voice in CarPlay won’t work” (warnable), but punishment if Siri is off.
Again this pattern isn’t Apple only but it’s bad everywhere.
1 reply →
How do you expect to use a nav system while driving without voice control?
Before you start driving, at stop lights, while waiting in lines, etc.
I don't know how it works on CarPlay but when I turn my car on I have a bunch of suggested addresses (home, work, parents, recent Maps searches, etc) that I just touch-to-go. Having to use voice every time you want to navigate not only sounds unnecessary, but cumbersome.
3 replies →
Put in the destination before start driving?
CarPlay does not work at all if you have not enabled Siri. As in it won’t even connect.
5 replies →
You don’t need to enable Gemini or voice assistant on android to use android auto. Some functionality is lost, of course, but you can still navigate and play music.
I almost never use Siri in my car and use a "nav system" every time I am driving.
3 replies →
I set it before I start moving, and then don't touch it while in motion.
I never use Siri when using CarPlay? I’m confused by your question.
2 replies →
I use Carplay all the time and I didn't even realize it has voice control. I just set things up on my phone and drive.
DIt disn’t even occur to me that I need voice control. Stop car. Enter destination. Drive. How hard is that?
Good luck telling Siri to drive to Hronská Breznica. Outside of English speaking countries voice control is very hit and miss (mostly miss)
“Sorry, I don’t know where you are”
> just a privacy-polished frontend for Gemini
I'd use this.
I'd rather have strong privacy guarantees, but this is still good.
The most Apple-ish thing would be to produce a great platform, enable third parties to do something on top of it, and take a cut.
I REALLY wish they'd do that with voice assistants.
All I know is that Siri is a terrible user experience.
Consider that they described the development process as taking Siri down to bare metal and rebuilding on a new architecture. I don’t think our previous Siri experience will be particularly relevant.
They decided to use the Siri branding, so I am going to do as they tell me an associate it with my prior Siri experience. That's a brands sole purpose, to give a buyer an indication of a product before they buy it. (Or in my case, given my experience with the brand, not buy it).
As long as it’s not the same folks I guess
This is post Jobs era typical Apple.
[flagged]
[dead]
[flagged]
[flagged]
I absolutely adore the historical revisionism that apple cares about privacy.
Run your router through a linux laptop as a proxy so you can capture traffic, connect any apple device to your router, and see the vasts amount of data your device sends to apple.
Apple DGAF about privacy, they want your data as much as anyone else, their only thing is that they should be the only ones to get it and then other people have to pay them for it, rather than your device sending the data to the 3d party directly.
And if you think your data is secure, reminder that The Fappening was all done targeting apple devices.
Apple added e2ee and created the most complete end to end encrypted cloud ecosystem to prevent that from happening again.
Do you trust them to actually implement that correctly, and also do you trust them not to share your data with others, and if so, why?
3 replies →
Is that secret code for “rate-limited auth on the Find My API”?
1 reply →