Wow, this was a long article, so let me try to unpack it:<p>> iOS devices (even non-cellular devices) on first boot and, occasionally for unclear reasons after OS upgrades, will require “Activation” and an internet connection to contact an array of Apple servers.<p>The linked patent says that this is for carrier locking. It's possible that the code is used even on non-cellular devices because they just found it more convenient to not remove it? There might be more to this; maybe it allows for something like Activation Lock to work or allow Apple to track stolen inventory.<p>> Apple links the credit card used at purchase, the purchaser's name and email, and of course, the serial number and all components required to generate a UUID<p>Of course they do; these are all components of an Apple ID, so it would be impossible for them to keep them apart.<p>> This means, for example, that if you were to use a certain app for a social network under a pseudonym on an iOS device (not that I would recommend installing any social networking site’s apps on your device) and that service sends information via APNS, Apple (and possibly the social networking service) can most likely link the pseudonym account to your real identity.<p>I'm not very familiar with APNS, but doesn't it work something like "social media server sends Apple message, and Apple forwards it to the right device"? How would device-specific information get to third parties?<p>> if you enter contacts into the address book, contacts’ details are hashed and automatically sent to Apple, supposedly to check for presence in Apple’s iMessage database to determine whether to show iMessage as an option on that contact’s page<p>I agree that this is a stupid decision. This is a reasonably large loss of privacy for a very small benefit.<p>> ust try to remove your Mac’s WiFi card and rebooting - all Mac App Store apps will likely fail to open<p>Wait, what? I've been able to open Mac App Store apps without a network connection. You <i>can</i> try to validate with the App Store over the network, but that's an <i>option</i>, not a requirement: <a href="https://developer.apple.com/library/content/releasenotes/General/ValidateAppStoreReceipt/Introduction.html" rel="nofollow">https://developer.apple.com/library/content/releasenotes/Gen...</a><p>> Apple really wanted the DRM aspect<p>I'm not even sure what the purpose behind Apple's "DRM" is. It's trivially bypassed on jailbroken devices, and I think on macOS as well.<p>> On macOS you can separately download an update/upgrade DMG, which will be signed by Apple, and then simply install it without a network connection.<p>On macOS you can also downgrade your OS to whatever you like. iOS requires a firmware to be signed before it will install, which obviously means that it will have to reach out to Apple somehow.<p>> if a user feels like removing/modifying certain Apple system binaries they are uncomfortable with<p>What if a user removes AMFI or the Sandbox?<p>> The fact that there is no way of monitoring or intercepting file system events, network connections and other system calls on said device and that you are giving apps many, many more privileges than you realise<p>It takes work, but this is possible. What you need to do is sign every app you download with your own entitlements that allow for debugging.<p>Despite the author's hesitations, I'm still pretty convinced that macOS/iOS are probably some of the most secure operating systems you can buy today; the amount of time Apple has put into this clearly shows. Plus, it's obvious to see that Apple's incentives don't really align along data collection, even when taking a cynical viewpoint. Not collecting user information allows them to resist government requests for data and increases public goodwill; unlike other companies they have a clear source of revenue that's not tied to data collection, and it's highly unlikely that they'd burn that money to go after data collection for AI or whatever given that's not an area they have a whole lot of experience in.<p>That being said, there are many good points brought up in the article, namely the centralized control that Apple has over devices. We've already seen occasions where this has caused Apple to acquiesce to third-party requests: for example, the removal of network extension apps from China's App Store. Apple is playing a delicate balancing game of trying to maintain some control over the hardware they vend while trying to keep it secure, and this is a difficult thing to do, especially when they need to cater to the needs of users for whom features are important and privacy is invisible.