Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It really sounds like: if you care about Privacy, why do you care about anything else?

I want both, privacy and convenience of a Mac OS. I shouldn’t have to compromise.



Note - privacy not guaranteed if Apple is subpoenaed for information: https://www.apple.com/legal/transparency/us.html

In this case, Apple may be compelled to turn over device, account or financial data. So don't do anything bad* and lose your privacy privileges!

*Definition of 'bad' subject to local law and interpretation.


While Apple surely has plenty metadata on users, many of your data is actually e2e encrypted.


I am willing to bet my left nut that they don't encrypt common metadata and telemetry at rest.


Why wouldn’t they? They can analyze it as much as they want even if it’s encrypted (by them), while not doing so would just open them up to to the legal ramifications of data leaks.

So, I would reserve my nuts for better bets.


> not doing so would just open them up to to the legal ramifications of data leaks.

They can already protect themselves by using pseudonymous IDs, and by not storing SSN and full names on the same system/network as your browsing history.

I'm struggling to come up with a general example where an adversary would be prevented from accessing the data if they had already compromized the network, so to me, it's just obfuscation with extra steps. Maybe if an adversary, by some miracle, had a non-root shell in database server, but somehow did not have read-permission on the crypto store ???

Physical theft of drives is a valid argument, but even that is a weak one. The data center facilities are very secure.


Leaks can happen in many ways, like simply by SQL injections, some page displaying data without server side validation/with bugs, etc.


You are correct. Maybe I'm missing the point, but everything you mentioned is still applicable even when the data is encrypted.


End-to-end encryption doesn't secure anything if you don't control the keys. I'd believe they encrypt the data at rest, but I wouldn't ever dupe myself into believing that makes it safe. So... we're back around to square one. Apple will steamroll over your privacy (along with 10s of thousands of other freedom-loving Americans) without a second thought.

It could be worse, though. If you're a Chinese iCloud user, your data just gets uploaded right into state-owned servers: https://support.apple.com/en-us/HT208351


That's for the data they have, which they generally minimize reasonably well.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: