I'll play the (intentional) Devil's Advocate here to present an alternative viewpoint.
I like iOS, but not Android. Let me explain why.
I personally love Linux, Unix philosophy (I'm even sometimes an old beardy zealot about POSIX standards and the old way), and inherent customization possibilities.
On the other hand, I don't want to manage my phone like a desktop or laptop computer, or a server because of a plethora of reasons. First, user interface is not very suitable for that. Second, there's a lot more finicky things to manage. Last but not the least, that management task is continuous.
iOS takes all of these away. Complete backups are built-in (I know android has it, but I don't know how bulletproof is this). Defaults are sensible. Settings do not change spontaneously. OS behavior doesn't change drastically from device to device (Every android vendor tunes their OS and background process policy differently, creating a lot of WTH moments and more finicky management tasks). Updates are not slowed down by the vendor, the operator, the distributor and today's weather.
While iOS is a pretty strict walled garden, devices are set-up and forget. Even you forget that you have an iOS device, because you use it without thinking.
Radio security, isolation and its reasonable and unreasonable parts are discussed here extensively. As a HAM radio operator, I can only say that, radios can do wreak a lot of havoc even with informed tinkering, without any bad intentions. If you take a relatively cheap SDR and listen to your neighborhood spectrum (just see the traffic, not decode anything) your jaw will drop. It's a very crowded up there, and there's a lot of non-public traffic.
Another stuff about custom ROMs and Stock ROMs is SIM services. Yes, many of the SIM menus just sit here unused, but there are useful ones like mobile e-signatures. I carry my e-sig with my phone, in my SIM. So using it requires a verified and official software stack. As far as my experience goes, no custom ROMs run these services (intentionally or unintentionally).
I manage my family's Android phones, and I personally use an iPhone. As far as I can see, it's much easier to leave an iOS device on its terms and it'll fare better.
Feel free to discuss, counter or just burn this comment down. :)
> iOS takes all of these away. Complete backups are built-in (I know android has it, but I don't know how bulletproof is this)
Not to burn you down, but to burn Android down: no, Android does not allow you to take complete backups. Let alone "built-in". The only backups that are made are forced to Google cloud and only backs-up apps that where downloaded through Google Play and app settings for Google stuff. It is an extremely limiting almost non-backup if you're used to going around Google. When switching phones it's still a process of hours / days to get everything set-up the way you had it on a previous phone. Especially if it was rooted.
The only way I know to take a full backup image of an Android phone involves unlocking (not possible on all phones), rooting (not possible on all phones), installing Nandroid and pulling an image over USB. To restore to a "fresh" phone, you need to go through all of those steps again.
This would take hours to weeks depending on who does it and the puzzle your phone manufacturer sets up for you to unlock your phone.
This to me is one of the many absolutely mind-blowing facts about the trash Android OS (disclaimer: I'm still an Android user, because I can't accept a phone without a physical keyboard. Never used Apple products in my life).
Want to wipe your phone and restore an image after you travel into a "spy-state"? Nope. You simply can't with an Android phone.
You know a phone that was able to do this out of the box? My 2013 Blackberry Passport. No rooting or fiddling around required. Just install a desktop app, plug the phone into USB and press "full system backup".
It is ongoingly stunning to me given all Google's BS that Android has no backup option which will get my apps, their data and the state of my home screen back exactly the way I left it if my phone is destroyed.
I run a custom honescreen: it's just another Android app! And yet everytime I have to set that back up again manually.
Yes, I was going to say the same thing. My samsung galaxy s10+ has a cracked screen and I need to take it to repair but the thought of the work needed to backup everything stops me from doing so.
I have very little trust in Google so I don't want to backup to google cloud (I just researched and it seems they do provide end to end backup encryption without Google having the key anywhere since Android 9, is that really the case now?)
Your definition of complete backup exceeds even the definition the parent is using for IOS. There are some things like downloaded files that don't get backed up to the cloud. (Some of them probably do get backed up via iTunes backups, but even there, I'm quite certain that not quite everything gets backed up. Instead it contains nearly everything that an non-jailbroken user might care about.)
Things like the set of apps, settings (both app and system level), game progress, the set of open tabs, etc can be backed up, and IOS is even able to restore old app versions specified in the backup by downloading them from the store.
All that said, both IOS backup options are more comprehensive than the built-in android options.
> IOS is even able to restore old app versions specified in the backup by downloading them from the store.
iOS even restores your open applications and task manager state when you restore from the backup. Even more so, theoretically, it can restore every apps state at the point of backing up. It's a feature ported from macOS.
local backups (used to be iTunes, now it’s just done from the Finder) do indeed backup everything. And as another commenter pointed out, your application state is also backed up and restored.
#1. Local backups are still itunes based on windows.
#2. Stateing everything is still not quite true. The OS is not backed up, since old versions cannot be restored. and unless things have changed since a few versions back, local backups deliberatly omit some data if it can be downloaded on restore. For example, the actually apps just have their names and versions recorded so they can be redownloaded. Which is not really a problem, except in those rare cases where an app has been completely deleted from Apple's servers, which typically only happens for malware or for legal reasons. (I suspect that any apps not in the store at the time of the backup are included in the backup, so hitting this case should be incredibly rare.)
Backups are a total black pattern where you either pay Apple for ever or the respective APIs are horribly broken.
It would require zero effort on Apple's side to integrate backup to other servers using the OS or other Apps. That means without silently stopping them or even worse slowing them down to kb/s once in the background.
You can backup your iPhone anytime you want to your own computer. iCould makes it pretty easy to do settings and config backups that will be included in their free tier.
There is no way Apple is going to let 3rd party could providers do backups directly. I doubt exposing the iPhone as a USB device over the internet with a VM running iTunes would work efficiently.
Assuming you've already paid Apple for the device and you don't want to make use of the 5GB free iCloud storage for backups, you could backup iPhone to iTunes on your laptop (encrypted) and then ensure your laptop was backed up locally also. This way you avoid paying Apple for ever.
So yes you also need to install itunes to backup on your computer, because why directly mount it as a usb drive without an apple app?
That would also need zero effort from apple, but I was talking about an online backup with since forever established protocols.
"I can't back it up completely" and "I can't back it up completely the way I want to" are two different arguments. It's fine if the second is the argument you actually want to make, just be clear you're making it.
"When switching phones it's still a process of hours / days to get everything set-up the way you had it on a previous phone"
From my experience this is completely false. I just switched from Galaxy S8 to S20, and I transferred everything and had the new phone setup exactly like the old one, with all apps (that would allow it, LINE wouldn't) and even ringtones and text tones set how I had them in about 20 minutes.
1) You don't want to risk dumping a mounted filesystem because of inconsistencies
2) Good luck getting the right device - in the end it's devicemapper all the way down with a lot of layers (ecryptfs, sdcardfs, bind mounts, ...) stacked between your shell and the device.
3) Unrooted phones don't allow access to raw Unix devices
4) You can't restore these backups anywhere if your phone (like almost all, I think it's a Netflix requirement) uses hardware key storage - simply because the key is in the secure element of your phone. Rooting a Samsung phone kills the HSM and switches over to software key management though.
5) Assuming encryption keys don't get in your way, you can only restore the dump on exactly the same model and firmware of device you have, because every manufacturer does stuff slightly different.
Makes me wonder if you can just dump the Flash storage chips through JTAG or similar - assuming the JTAG ports are accessible without completely dismantling the phone.
And even if you do root your phone and dd the storage, you'll only be able to conveniently restore to an identical (or the same) phone. I generally prefer Android to iOS, but they're not even on the same planet in terms of backups.
"developer mode" is typically a custom recovery environment that requires an unlocked bootloader to be flashed. A nandroid backup is effectively a dd image.
It's a bit messier if your data also lives on an internalized sd card.
> Android does not allow you to take complete backups. Let alone "built-in".
Android has had full system backup capabilities through `adb backup` for years. It does not require removing carrier locks or rooting and has been available since Android 2.x iirc.
I've used this to transfer all of my apps, app settings, and system settings between all of my Android phones:
Nexus One -> Galaxy Nexus -> Note 3 -> Galaxy S6 -> Galaxy S8 -> Galaxy S9 -> Galaxy S10 -> Z Fold 2, all with one continuous chain of backup and restores via `adb backup` and `adb restore`.
These restores sometimes even worked flawlessly across different Android OS versions! Sometimes this has caused a lot of weird issues wrt system settings, so admittedly this process can be quite buggy.
> This is false. Android has had full system backup capabilities through `adb backup` for years.
Apparently this is false, because apps can "opt out" of ADB backup and many do (see other comments), furthermore it doesn't backup the entire phone, but only the system image (partly). Does it backup the root state of the phone? Nope. Does it backup the restore partition of the phone? Nope. Making it a "maybe full system backup but not full system image backup that is kind of buggy". In other words, like I wrote earlier: not a -full- system backup at all.
I was specifically talking about effortlessly backing up and restoring a full system image. Blackberry OS10 style: plug in phone, press "backup system image" and get a carbon copy of EVERYTHING that runs on the phone that can be restored to a new or existing phone with 1 click. Your post confirms that this is not possible in Android: using ADB is not "effortlessly" and it's not a full system image backup.
Even if I would backup and restore from and to the exact same rooted phone (that's all I'm asking), the restored backup would not be the same as whatever was on the phone when the ADB backup was pulled. Nandroid can do this, in theory, with a lot of hassle (but not on my phone, because TWRP for my phone doesn't support decryption of the system partition).
Many apps opt out of including their state in "adb backup" or act oddly when restored. Maybe this changed in the past few years, but it is still nowhere as complete as any automated or manual iOS backup.
It can if you charge from your PC and set up some very convoluted scripts (not recommended).
I use `adb backup` solely as a means of transferring my settings & app library between devices.
These are full system backups including potentially gigabytes of APKs, so I wouldn't want to run it every night. It is possible to use `adb backup` to only backup settings (no app files) if you want a lighter backup, but those backups aren't as useful for my purposes.
Thanks for the answer. I just wanted to highlight that, I can just take my phone for the day, throw it under a bus, go to an apple store, get a new phone and continue where I exactly left off (minus a couple of 2FA keys, which I have backups of).
This is what I like about iOS. I tested this method a couple of times (with less destruction though), and it just works.
You just described the whole iOS value proposition. Even Macs are basically "set-up and forget". My dad, a 76 year-old with no computer chops, was always losing his track on his computer (my old Windows desktop). I became tired of the permanent parental helpdesk service and I got him a late-13 Macbook Air and it's still running happily.
> iOS takes all of these away. Complete backups are built-in
They’re not. Backups are built-in but they’re not complete. For example google Authenticator data is not backed up. Microsoft Authenticator can be backed up, but you need to go through a few extra steps (and have a Microsoft account). Other secrets are not included either - my banks PhotoTAN app doesn’t store any credentials etc. There are reasons why this is so, but it’s really important to handle if you use your phone for 2FA.
> Authenticator data is not backed up. Microsoft Authenticator can be backed up, but you need to go through a few extra steps (and have a Microsoft account). Other secrets are not included either - my banks PhotoTAN app doesn’t store any credentials etc.
AFAIK, applications allow their secrets to be backed up or not, and I'm not mad that my 2FA keys are no backed up and shipped overseas. I keep another copy of my 2FA codes in another application, so it's not a very big problem from my PoV, though.
> I keep another copy of my 2FA codes in another application, so it's not a very big problem from my PoV, though.
It's not a problem if you took measures to make sure you have a copy. It's a problem if you just take "full backups" for granted until you figure out that some things don't get included in "full".
It’s not “some things”. Its things where the app developer explicitly chose to tag them to not be included.
And yes, for years one had to do the physical cabled backup restores for this, then these same app developers learned how to exclude their data from those as well. However, as of iOS 12, 13 and 14, there seems to be decreasing to zero effective difference in what’s included between tethered (with password), local WiFi (with password), and OTA iCloud backups.
You may be able to forcibly back these up using a third party tool that also lets you back up sandboxed temp files and the like, tools like iExplorer:
I have Google Authenticator with 5 or 6 2FA accounts. Am I to understand that I can use another app like 1Password for those same accounts? I distinctly remember some of them explicitly telling me to use Google Authenticator.
You should be able to, yes. Google Authenticator is pretty basic where it's simply scanning a QR code to get the TOTP token and storing that locally. It's apps like Authy which screw you over by forcing you to use them and ONLY them for 2FA for websites who opt to use it in their service. They don't make it possible (iirc) to get the token out so you can use your preferred authenticator app.
But back to your point: I used to backup to Google Authenticator and LastPass's Authenticator to prevent me from losing access when I migrated to a new iPhone since they don't backup. They both worked just fine interchangeably.
I switched to authy because I can use 2 devices (same "keys") and backup codes easily. I'm too clutzy not to have at least one backup device. I suppose most humans are.
Pretty much noone should be using any of the authenticator apps.
Get Keepass2Android, and it'll track TOTPs just fine. Throw Syncthing on their and you can securely get those to any device you own without involving Google.
2FA is about having a factor which changes everytime you use it so if the medium is intercepted somehow the account isn't permanently compromised.
It's protection for when using untrusted computing devices, or because most people have their passwords in some way visible or shared.
TOTPs can't be reasonably made much longer then they are while still usefully entered, but my password database never leaves my own devices and neither does the password to it.
If someone compromises my phone to the level they can get that database, then they've already got my Google Authenticator or whatever DB as well anyway.
IMO this reduces the protection of 2FA significantly. For me 2FA is primarily not having a single device that's enough to compromise to get access to your important accounts. This means that I never have both factors (password and TOTP key in our case) on a single device. That's why
> they've already got my Google Authenticator or whatever DB as well anyway.
is of course good for them, but they still need to get my password from my other device.
If your device is compromised to the point that someone is reading out the content of non-online, encrypted DBs, or keylogging aggressively, then they've also got your email and can much more easily just send a password reset to 90% of everything out there.
2FA as the internet uses it has always been about dealing with accidental disclosure and public PCs.
As an owner of Xiaomi phone I consider all data on it to be available to mid- and high-profile parties at least in China. Which might eventually leak into my country as well.
That's why my phone doesn't have any bank software installed and doesn't have any password saved. It is logged into my google account though to which you probably can restore some passwords, but for all resources I care about (banking, investements, crypto, etc.) it's not possible. I also use separate email for those. If my HN or reddit account will be compromised via my phone - so be it, I don't really care. I can also tolerate compromised 2FA app as it's useless without passwords which are stored on another machine.
For most of us 2FA as it is works fine. Until I become a CIA operative or drug dealer I suspect the current setups are fine via companies like authy, 1Pass, and google auth.
It's a bit ironic to criticize Apple's mobile solution via an app built by its direct competitor.
Google made the choice of not implementing backups for Google Authenticator, so that's really on them.
I would recommend Authy for 2FA. It supports backup straight out of the box.
Exactly opposite feedback of a colleague who switched from Android to Apple flagship few years back. After few days, he became frustrated how little the phone allows to tweak. I don't mean some low level tinkering, just normal things he got used to being able to change. He regretted the move since then but what happens people get often comfy with their choices and over time lose the will to do a big change again, so did he.
You mention setup & forget, that's how probably 98-99% of Android phones operate. Same for me, all the people and family I know. Initial install&setup after purchase, and then just running 1-click updates if one chooses to. After 3-4 years, switch to another one.
Hardware is +-same, what differences there are are invisible to user (apart from basic things like dual sims and memory card slots, which Apple lacks desperately... and bigger zoom for photos). Some like the smooth Apple UI, some feel they have the same on Android, most don't care. Some care about privacy which Apple seems to be the champion, most of the world simply doesn't care and isn't even aware. Some realize privacy is an illusion even with Apple, if you are 95% of the world that lives outside USA, various 3-letter agencies can do whatever they want and abuse your data in numerous ways without any recourse.
Its all relative, the most important is if one is happy with whatever one has and doesn't have unrealistic expectations.
Honest question: is it simply the fact you can't use a Gecko engine on iOS that makes it useless to you?
My impression is that the Firefox shell offered is still able to provide the various anti-tracking privacy features that many would point to Firefox for, and the variety of browser shells available should mean that you'd be able to find a UI to your liking if Safari's isn't.
At that point, the only thing I can see missing is a non-webkit engine. I get that that's an annoyance and definitely on the same anti-competitive level as 00s era IE, but by and large web developers account for it and it works acceptably. As much as I'd need it to for mobile browsing.
Would just be interested to know if there's something more I'm missing.
Gotcha, that's completely fair and not something I'd considered. Thanks!
As a vague counter point, I use Firefox Focus[0][1] which touts the tracker blocking and ad blocking I'd rely on extensions for normally. It meets my needs as the only additional extensions I use on desktop are for tab and session cookie management, both of which are moot points in a browser without tabs and a "clear cookies after each session" policy.
>That was supposed to be an honest question with an honest answer. There was no need for a snarky remark.
Well, somewhat snarky. It's still a legimate question.
Why would one "need" plugins on a mobile browser? What kind of functionality that mobile Firefox doesn't provide?
>The topic is about owning your own hardware/software combo - so having addons/customization is the definition of it.
Well, the topic is about owing your computer. Which has some merit (even though owing is a kind of a weasel word: you do own it, even if the OS enforces this or that measure. You can sell it at any time, for example, break it and nobody will ask you to return it, etc.).
So, the real topic is "doing whatever you want with your OS, with the ability to disable all checks, protections, etc, install custom everything etc".
Which I can see the appeal in some cases.
For a mobile phone what exactly is the great appeal?
There are ad blockers for Safari. There may be folks waiting to pounce with absolutely true complaints about how unsophisticated they are compared to what's possible in other browsers, but in practice they do a sufficient job.
There are certain extensions that I use on Firefox on the desktop. I would like to have some of those extensions available for my mobile device, in such a way, that I can enhance the usability of my mobile browser.
Because you usually work on a desktop, and might have all kind of handy extensions to help you.
You usually view webpages in a very minimal interface, small screen, often on the go or leisurly, and with limited interaction on a mobile phone. So, aside from something like an adblocker (for which there are solutions), what would one use?
AdGuard works pretty well on iOS. I don’t think there is a way to do a ‘dark reader’ specifically though perhaps pages honour the OS’s ‘dark mode’ setting these days? I would guess support is spotty.
Sites that use the prefers-color-scheme media query honor the OS setting on iOS, but it obviously doesn't work on sites that haven't implemented it - Dark reader[0] takes a invert-colors approach and makes it a little easier on the eyes.
well adguard only have ip, domain names etc. I mean it has less context? Addon has more context about the webpage lets say it can remove ads belonging to DOM with id #ads-1 ?
And in Europe, cookies / nag-popup-removers for all those GDPR compliance dialogs (though vanilla Firefox is becoming better in blocking trackers by default).
The main issue was (I guess still is), iOS does not allow JIT compilation - in order to keep control over the apps available (having JIT would allow running any code effectively).
Of course, nowadays the assets of apps have to be part of the deployable, itself. So it's common to run localhost web server.
Oh I totally agree. I treat my phone as purely a consumption and communication device. It's a dumb brick that should do those things well, including being secure. The more walled garden the better, in my opinion, as long as it's doing those things well and maintaining my privacy.
On the other hand, it's useless for creation. But that's fine, the trade offs are worth it in my opinion. I have dedicated hardware running Linux/Windows for that purpose.
Yeah exactly. I sometimes use it to view documents in a pinch but vast majority of everything I do is on a desktop/laptop. When I backup all I have to do is copy one folder over to my desktop and that folder also gets backed up to icloud. Iphone also obviously will reinstall the apps that I use if I need to switch devices. It works pretty well. my phone isn't the center of my world and in general I don't care about keeping old conversations on chat apps and such. Some people want to keep all their data into perpetuity but I don't.
I'm similar and for the most part don't really use the iPhone as computer. It just acts as a hotspot for the laptop and I use it to take photos so I don't have to worry so much about proprietary stuff running on it.
I agree with you overall, but felt the need of commenting as I thought "Settings do not change spontaneously" was true as well but it is not! I just discovered the other day that you cannot turn off WiFi or Bluetooth. If you do try to disable either of them, they will be turned off but only for a day. The next day they enable themselves automatically.
So much for not changing settings by themselves :)
The control center toggles specifically tell you what’s happening (“disconnecting from X until tomorrow”).
If that isn’t what you want to happen, you go to the Settings app and turn off those toggles. (But I wish they would have a matching statement on screen that clarifies their changes are permanent until you change them again.)
Temporary toggles being in the control center is great. Most of the time that I quickly disconnect from WiFi or Bluetooth, it’s to solve some immediate, temporary issue.
The settings aren’t “changing themselves” — they’re doing what you asked them to do. The written message tells you what you asked them to do in order to teach new users what these buttons do.
I like iOS, but not Android. Let me explain why.
I personally love Linux, Unix philosophy (I'm even sometimes an old beardy zealot about POSIX standards and the old way), and inherent customization possibilities.
On the other hand, I don't want to manage my phone like a desktop or laptop computer, or a server because of a plethora of reasons. First, user interface is not very suitable for that. Second, there's a lot more finicky things to manage. Last but not the least, that management task is continuous.
iOS takes all of these away. Complete backups are built-in (I know android has it, but I don't know how bulletproof is this). Defaults are sensible. Settings do not change spontaneously. OS behavior doesn't change drastically from device to device (Every android vendor tunes their OS and background process policy differently, creating a lot of WTH moments and more finicky management tasks). Updates are not slowed down by the vendor, the operator, the distributor and today's weather.
While iOS is a pretty strict walled garden, devices are set-up and forget. Even you forget that you have an iOS device, because you use it without thinking.
Radio security, isolation and its reasonable and unreasonable parts are discussed here extensively. As a HAM radio operator, I can only say that, radios can do wreak a lot of havoc even with informed tinkering, without any bad intentions. If you take a relatively cheap SDR and listen to your neighborhood spectrum (just see the traffic, not decode anything) your jaw will drop. It's a very crowded up there, and there's a lot of non-public traffic.
Another stuff about custom ROMs and Stock ROMs is SIM services. Yes, many of the SIM menus just sit here unused, but there are useful ones like mobile e-signatures. I carry my e-sig with my phone, in my SIM. So using it requires a verified and official software stack. As far as my experience goes, no custom ROMs run these services (intentionally or unintentionally).
I manage my family's Android phones, and I personally use an iPhone. As far as I can see, it's much easier to leave an iOS device on its terms and it'll fare better.
Feel free to discuss, counter or just burn this comment down. :)