'Once the precedent has been set that it is fit and proper for even a 'pro-privacy' company like Apple to make products that betray their users and owners, Apple itself will lose all control over how that precedent is applied.'
'This is not a slippery slope. It's a cliff.'
'Neither the message nor the messenger was a mistake. Apple dispatched its SVP-for-Software Ken doll to speak with the Journal not to protect the company's users, but to reassure the company's investors.'
'Apple's proposal to make their phones inform on and betray their owners marks the dawn of a dark future.'
'I can't think of any other company that has so proudly, and so publicly, distributed spyware to its own devices - and I can't think of a threat more dangerous to a product's security than the mischief of its own maker.'
'To put it bluntly, this is not an innovation but a tragedy, a disaster in the making.'
There are many important things going on in the world right now and computer science isn't one of them. That's way down the list. Yet there's a watershed here, and that watershed's name is Snowden.
Who knew Ed could write that well? For that's an extremely well written piece, full of fury, completely on point.
What Ed's pointing out is that Apple irrevocably went over to the Dark Side.
But they're already there, say many. They went over to the Dark Side long ago. And they can cite pieces in Forbes, Fortune, and the New York Times to prove it.
But that's only the MSM. That's not Snowden.
This is Snowden.
What's his point? Take a look.
Ed's POV is 'what Apple may do to you'. But - and we don't know how much he knows about the inner workings of operating systems - this has always been possible. What we can determine right now, this is always going to be possible if your OS isn't a 'DIY'. And it's even worse if your OS can only be downloaded online.
As for mobile users: forget it. You were fools to buy them, you're bigger fools every time you buy a new one. So there's no hope for you anyway.
But consider this, which we covered in a piece of our own.
https://sneak.berlin/20210202/macos-11.2-network-privacy/
The author does everything he can with a bare naked Apple laptop - lots more than most people would know how to do - and still the danged thing phones home!
Here's another one on how your computer isn't yours.
https://sneak.berlin/20201112/your-computer-isnt-yours/
And one more for remedial reading.
https://sneak.berlin/20201204/on-trusting-macintosh-hardware/
'Recall also this is the same Apple who, under pressure from the CCP, censored apps used by pro-democracy protesters in Hong Kong.'
https://www.nytimes.com/2019/10/09/technology/apple-hong-kong-app.html
Please get to the bottom line there. You are under remote control by Apple. Always. You need the Internet and Apple's 'nod' even if you never want to work online.
Snowden draws the line at what Apple declared they intend. Let's look briefly at what they or any commercial vendors for that matter are capable of.
Once upon a time, operating systems were delivered by post. On CD-ROM. This held for Ubuntu too - we have several sets of Ubuntu discs. Free S&H.
The best of course is something that's 'DIY'. But where we were twenty years ago is not where we are today. How many times have you heard 'keep your OS up to date'? Where do you get those updates?
As Jeffrey Paul points out above, Apple's gone to the head of the pack with their new security features - for your protection only of course - and that requires an Internet connection and an 'approval' from the mother ship to just run.
You're joined at the hip to Cupertino. Do you like that? We don't.
So things were better when your box didn't need an Internet connection to run. When systems came in the post. Or were purchased in a physical store. And you took them home on CD-ROM.
Apple's OS Leopard represented a watershed. Users could always download updates to their OS, but at that point you needed to AUTHENTICATE to install. You needed to escalate to root to overwrite files owned and controlled by root. With Leopard, this changed. Although we pointed this out, everyone had deaf ears. Oh happy days as always for fanboys.
Who did this? How could Apple achieve root privilege without our authenticating? We actually tried to find the hook they used, and we warned that this hook could be abused by hackerdom in the future.
But it hardly matters. Apple can pick any of their kernel threads to spawn a root-level process to do anything they want.
So can Microsoft. Who doesn't remember how it was discovered that Microsoft funneled all their 'phone home' messages through a seemingly innocuous DLL?
Or going back even further: perhaps some of you remember how it was discovered that Microsoft actually had a plan - never implemented thankfully - to punish software users whose licences had lapsed by activating code that wreaked havoc on their HDD controllers to physically destroy their machines?
Anyone remember a latter-day investigation by Peter Gutmann which ended with the remark that he might have to purchase his next PC from China of all places? Because there was so much intrusive junk on 'western' OEM PCs trying to be compliant with Microsoft?
Apple and Microsoft - and any OS vendor - can send anything they want over the net without you knowing about it. They can disguise anything. Your only ray of hope is to get your OS from source and build it yourself.
We used to claim that it's OK to have closed source for the upper echelons. We suggested making all our Windows source open, but our curator at the time who took over when yours truly was recuperating advised against it. Too many secrets of good programming in there, he opined.
I've audited driver courses where the delegates asked the teacher for C++ templates. We remember in our early years on the Granta when university students would ask us to complete their programming assignments for them. So there is a point to keeping code proprietary.
Yours truly is still listed in the Firefox credits. Why? Because I heard the call. I took one routine at random. And wrote it correctly, reducing the number of lines of code from 300 to 19. I was contacted by two higher-ups in Mozilla who went 'holy shit' and then asked if I'd rewrite their entire front-end classes for them.
Open source is 'colour by numbers'. You'll rarely find elements of genius there. Things are done methodically and without inspiration. So ultimately it's a tradeoff. One project manager once asked if I could 'automate' the process of cleaning code.
Really.
Code auditors are good. Whilst commercial vendors aren't going to be interested, open source vendors will be. As long as it works - or works better - and as long as it's maintainable. Comments don't go into object code, for example.
Right now, at this point, it's not about saving the world. That may come later, if we're lucky. Right now it's about doing the right thing for yourself and no longer being the fool.
Open source GUI platforms suck. No, they really do. No one's ever done much work there. The original NeXT idea was 25 years ahead of its time back in the 1980s and it's still 25 years ahead today (and about 35 years ahead of Apple as things stand). Perhaps someone will take on that thankless task.
Choosing good hardware is another matter. This could prove rather dicey.
But the subtotal bottom line for now is to not trust Apple. Not for anything. And to get away from commercial vendors as much as you can, as fast as you can. We’re not moving our positions - they are.