> <i>First, iCloud E2EE is opt-in. The setting is buried, and there are no prompts to enable it, so approximately 0% of iCloud users have turned it on. It might as well not exist.</i><p>This is a feature, not a bug. If my mom or Aunt Millie forgets her password then I still want her to be able to recover data.<p>The main issue for most regular people in the CIA triad most of the time is not confidentiality but rather availability: avoidance of losing photos and videos of (grand) children is the highest priority.<p>Human rights activists and journalists can enable more stringent controls separately from the general public because their threat model is different. Apple has added a suite of extra features for these individuals in recent releases:<p>* <a href="https://techcrunch.com/2022/08/12/apple-lockdown-mode-ios-16/" rel="nofollow noreferrer">https://techcrunch.com/2022/08/12/apple-lockdown-mode-ios-16...</a><p>* <a href="https://www.apple.com/newsroom/2022/07/apple-expands-commitment-to-protect-users-from-mercenary-spyware/" rel="nofollow noreferrer">https://www.apple.com/newsroom/2022/07/apple-expands-commitm...</a><p>* <a href="https://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/" rel="nofollow noreferrer">https://www.apple.com/newsroom/2022/12/apple-advances-user-s...</a><p>For all of Apple/iOS's imperfections, are there other vendors with out-of-box experiences that are at a higher level in this (security/privacy) regard?
This isn't wrong but it's also not just Apple. Virtually all mainstream OSes scream into the cloud constantly and a disturbing amount of that traffic is either not encrypted at all or has unencrypted SNI fields and other easily fingerprint-able content.<p>Apps do it too. I was amazed when I looked into it how many apps contain metrics and other telemetry features and how often this isn't encrypted or has unencrypted SNI data that can identify the app at least.<p>Then there's DNS, of course, which is still usually plaintext and can leak all kinds of information about what you are doing and running.<p>All this stuff taken together can pretty easily be used to fingerprint you.<p>The only way to fix this would be to adopt protocols like QUIC or later versions of TLS with encrypted SNI for <i>everything all the time</i> and block outgoing plain text http.<p>What I really think is that allowing apps carte blanche access to the Internet is just not tenable in 2023. It's a bit analogous to the old MS-DOS days when apps had open unprotected access to all RAM. Outgoing connectivity should be whitelisted.
This article contains some truths but unfortunately also some untruths. For example:<p>> Several important connections (TSS, OCSP) are made from Apple devices in plaintext (that is, completely unencrypted). This began for historical reasons, but has been repeatedly reported to Apple. They have not fixed it.<p>This is inaccurate. Apple did in fact switch from the unencrypted ocsp.apple.com to the encrypted ocsp2.apple.com.<p>> Apple committed in writing a few major versions (i.e. ~3 years ago) to providing a preference setting for disabling online OCSP checks in macOS when I made a stink about it, within one year.<p>The author is mistaken about his role in this. The reason was not his "stink" but rather the fact that Mac apps around the world suddenly refused to launch, which everyone noticed:<p><a href="https://www.theverge.com/2020/11/12/21563092/apple-mac-apps-load-slow-big-sur-downloads-outage-down-issues" rel="nofollow noreferrer">https://www.theverge.com/2020/11/12/21563092/apple-mac-apps-...</a><p>> Apple does not allow plaintext server communications in apps released by developers in the App Store.<p>This is false, as I can attest as an App Store developer. I have several apps with NSAllowsArbitraryLoads.<p>I wish that "sneak" would be more careful in his writing. He has a tendency to undermine his own valid points by burying them in carelessness and overblown rhetoric, which causes people stop taking him seriously.
I think there's a lot of this sort of thing that goes on.<p>Remember when Edward Snowden said you need to remove your phone's battery to be sure you weren't being overheard? The fix to that apparently is to make it so that phones no longer allow batteries to be removed - ie there is a general corporate collusion to give the customer what they do not want.
This swings between so many wildly different things. Yes, Apple should be encrypting the contents of connections, by using a TLS connection and/or app-layer encryption. No, I don't think OSCP is inherently evil, although it should also use encrypted traffic if it doesn't today. And finally, I worked tech support long enough to understand why giant customer-facing corps don't enable E2EE by default, because it's a support nightmare.<p>But if you know what you're doing, turn on Advanced Data Protection (<a href="https://support.apple.com/en-us/HT202303" rel="nofollow noreferrer">https://support.apple.com/en-us/HT202303</a>) and take more of your data protection into your own hands.
This is a wonderfully articulate write-up confirming what I've suspected about Apple for a long time. I'm glad I finally have a good reference to send people when this comes up, because the amount of "Apple is good for privacy" I've heard in my little circle of tech-adjacent but not tech-literate people is too damn high.