What is the factual truth about PRIVACY differences or similarities between the Android & iOS mobile phone ecosystems?

[arlen holder]

I only care that people post facts for this thread:
o What is the factual truth about PRIVACY differences or similarities
between the Android & iOS mobile phone ecosystems?

Please cite references for your claims, where my understanding, overall,
is, in general, that the "privacy" between the two ecosystems is "about the
same", in the end.

As my first argument that the privacy implications are 'about the same', I
bring up the fact that the US CARRIERS are selling our location data:
<https://groups.google.com/forum/#!topic/comp.mobile.android/29C6Tqz0jo4>

As another example that the privacy implication is "about the same", I
bring up the fact that logging into a Google app on iOS versus on Android
confers no privacy advantage, either way, as far as I am aware. (Are you
aware that logging into Google Apps is more or less private on either
platform?)

Keeping an adult factual logical intelligence about us, I will also state
that, on Android at least, you have ZERO NEED for any Google Account, which
we've covered in gory detail (since you can get APKs from anywhere), while
on iOS, you _must_ (AFAIK) not only have an Apple ID (and concomittent
marketing id) but that id is uniquely associated with EVERY APP you
download and use (whereas, on Android, that's not the case if you're smart
about it).

On the other hand, iOS devices don't typically report to the mother ship
all the nearby access points (BSSID, signal strength, SSID, & GPS) which
Android devices do - but that can be turned off on Android - so the amount
of privacy is partly related to the intelligence of the user on Android.

In the case of the Apple user, intelligence won't help much because there
is much less that you can do (e.g., you MUST have an advertiser ID, and you
MUST associate your apple id with ALL your apps, etc.) - but Apple
themselves, claims to spy far less than Google is known to spy.

Overall, while the privacy issues are certainly different between the
platforms, I think it could very well be that the weakest privacy links
are, essentially, the same (e.g., the carriers are the same, and most of
the Google apps are the same).

In addition, the sheer number of "user tweaks" are vastly greater on
Android, for most things, than on iOS (e.g., rooting is trivial on Android
and less so for iOS since Apple keeps breaking each published jailbreak
method).

However, I know most Apple users believe that they're *far* more private
than Android users, so that's why I ask this question. I have both
platforms, so I can test any suggestions.

I only care that people post facts for this thread:
o What is the factual truth about PRIVACY differences or similarities
between the Android & iOS mobile phone ecosystems?

[badgolferman]

I found this interesting.
https://www.cultofmac.com/396979/wtf-study-finds-android-is-actually-safer-than-ios/amp/

[badgolferman]

It it seems sandboxing is the real difference between the two operating
systems.

[nospam]

In article <q1in3g$s47$1...@dont-email.me>, badgolferman

<REMOVETHISb...@gmail.com> wrote:

> It it seems sandboxing is the real difference between the two operating
> systems.

actually quite a bit more than that.

google makes money by collecting and selling data. apple does not. thus
the privacy benefits.

it's also a helluva lot harder to break into an iphone than an android
phone. thus, the security benefits.

[sms]

On 1/14/2019 11:11 AM, badgolferman wrote:

> I found this interesting.
> https://www.cultofmac.com/396979/wtf-study-finds-android-is-actually-safer-than-ios/amp/

"...Google’s platform isn’t the complete security shambles some believe
it to be — _unless you carelessly download apps from untrusted
third-party sources_."

And that's the key security problem with Android. There are a great many
untrusted third party sources. The benefit is that you can get some very
good apps that are not available in the Google Play store, which is a
major reason why Android is so popular in China.

With iOS you simply cannot install apps from third party sources (unless
your phone is jailbroken).

[Hergen Lehmann]

Am 14.01.19 um 20:50 schrieb nospam:

> google makes money by collecting and selling data. apple does not. thus
> the privacy benefits.

Google uses the collected data for optimizing their services and for
targeted advertising (which is their main source of income). If you
believe their privacy policy, they are NOT selling the data itself.

Exactly the same for apple. You have to *believe* that they do what they
say they are doing.

> it's also a helluva lot harder to break into an iphone than an android
> phone. thus, the security benefits.

If one iphone has been exploited, all other iphones of the same model
line are basically open like a barn door, because all of them are using
exactly the same software with exactly the same bugs.

There is much more diversity in the Android world, which makes it much
harder for an attacker to gain control over more than a small subset of
devices.

[nospam]

In article <q1itn7$5me$1...@dont-email.me>, sms

<scharf...@geemail.com> wrote:

>
> With iOS you simply cannot install apps from third party sources (unless
> your phone is jailbroken).

false.

you've been told it's possible many times before, along with everything
else you get wrong.

[nospam]

In article <5lbvgf-...@hergen.dyndns.org>, Hergen Lehmann

<hlehmann.e...@snafu.de> wrote:

>
> > google makes money by collecting and selling data. apple does not. thus
> > the privacy benefits.
>
> Google uses the collected data for optimizing their services and for
> targeted advertising (which is their main source of income). If you
> believe their privacy policy, they are NOT selling the data itself.

they are selling data. it doesn't have to be the same data.

> Exactly the same for apple.

no, definitely not the same. not even close to the same.

apple goes well out of its way to *not* collect user data, but if they
have to, they obfuscate anything that directly identifies users
wherever possible, including breaking map routing into multiple
segments *and* fuzzing the origin and destination so that the entire
route can't be determined as well as differential privacy.

meanwhile, google tracks users when location services has been
disabled, and quite a bit more.

> You have to *believe* that they do what they
> say they are doing.

given that it's a legally binding document, there is no reason not to.

apple does not make money selling user data.

> > it's also a helluva lot harder to break into an iphone than an android
> > phone. thus, the security benefits.
>
> If one iphone has been exploited, all other iphones of the same model
> line are basically open like a barn door, because all of them are using
> exactly the same software with exactly the same bugs.

not necessarily true. it depends what the exploit is and how easy it is
to use. if it requires downloading an app, that's not going to help
much if you can't unlock the phone to download it. in any event, once
patched, it no longer matters.

unlike android, ios devices get security patches for *years*.

> There is much more diversity in the Android world, which makes it much
> harder for an attacker to gain control over more than a small subset of
> devices.

nope. that actually makes it easier since it's impossible to patch
*all* of them, and since android phones stop getting updates fairly
quickly (2 years is typical), there's a very good chance it never will
be patched.

and it doesn't even need an exploit. it's not that hard to crack into
an android device.

most lack a secure enclave, and one phone in particular stored
fingerprints in an unencrypted image:

<https://www.theregister.co.uk/2015/08/10/htc_caught_storing_fingerprint
s_as_worldreadable_cleartext/>
The team found a forehead-slapping flaw in HTC One Max in which
fingerprints are stored as an image file (dbgraw.bmp) in a open
"world readable" folder.
...
"To make the situation even worse, each time the fingerprint sensor
is used for auth operation, the auth framework will refresh that
fingerprint bitmap to reflect the latest wiped finger," the team says.

[arlen holder]

On Mon, 14 Jan 2019 13:07:50 -0800, sms wrote:

> And that's the key security problem with Android. There are a great many
> untrusted third party sources. The benefit is that you can get some very
> good apps that are not available in the Google Play store, which is a
> major reason why Android is so popular in China.

On Sun, 13 Jan 2019 19:55:08 -0800, sms wrote:
> On the iPhone it's NOT POSSIBLE to use non-Apple vetted apps. On Android
> apps can be installed that come from a huge number of app stores,
> especially in China where you can't even have access to the Google Play
> store. It's a big security hole on Android but it does result in some
> very good apps that the Google Play store won't allow, not because of
> any security risk but for other reasons.

Hi sms,
I think this "privacy" debate is healthy, as it's a valuable topic.
(This thread is not about "security" - but about "privacy".)

I think that a key problem is that Apple MARKETING has poisoned the well.
Apple Marketing spews religious dogma that just isn't even close to true.

Hence, I will ask everyone who posts to this thread to stick to the facts.
I only speak facts, and I'm reasonably intelligent, and an adult.
Just like you are.

I easily agree with you that there _are_ privacy risks (you said security,
but I'm talking privacy) on Android - just as they also exist on iOS.

It's a fact the iOS iTunes App Store apps are "vetted" just as Google Play
apps are "vetted", where we can argue how "good" or how "bad" that vetting
process might be - where I opened a thread for that specific purpose:

o What is the factual truth about PRIVACY differences or similarities between the Android & iOS mobile phone ecosystems?

<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/MiZixhidmOs>

As you noted, on Android, by default (AFAIK), non-vetted apps aren't
allowed; however, as you're well aware, it's only a flip of a few switches
(different with each Android release it seems) to allow apps from outside
the vetted Google Play store.

As you may be aware, that provides Android users both PRIVACY and
FUNCTIONALITY if those apps are judiciously chosen (e.g., on Android, you
have a vast array of privacy-threat detection utilities, such as detecting
hidden cameras, an officially sanctioned tor browser, non-Internet based
calendar apps, IMSI catchers, fake hotspot detectors, app snitchers to
detect data exchange and server changes, etc.).

As I have always compared iOS and android functionality as the difference
in chopping down a tree using a handsaw (iOS) or a chain saw (Android),
with all that added privacy protection comes a bit of danger. I agree.

If we both keep our adult factual logical hats on our heads, we can both
easily agree that the iOS environment, overall, while being far less
functional, is vastly more controlled.

That control may or may not result in privacy enhancement.

For example, as you're likely aware, YouTube REVENUE (i.e., people are
paying money ... presumably for YouTube Red subscriptions) is the number 4
earner on the iOS App Store, and yet, YouTube doesn't even show up on
Android when we look at the top ten earners.
<<https://venturebeat.com/2018/12/28/netflix-permanently-pulls-itunes-billing-for-new-users/>

Why are iOS users paying for YouTube when Android users don't pay?

I can't explicitly say why, but I can tell you that YouTube is NOT an app
based on privacy considerations - and - as you're well aware, the owner of
YouTube tracks all sorts of things you and I might consider invasions of
our privacy.

I'm sure you're also aware that on Android, you get the YouTube Red
functionality completely for free as noted in this thread - where that
privacy-based functionality is NOT available on iOS for any user:
o Why doesn't iOS have a single free app that completely replaces the YouTube app entirely (with far more powerful functionality)?
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/GSy2yOsVg68/0oeJY1GXAwAJ>

In summary, I am well aware of the religious dogma that Apple iOS protects
the users' "privacy" better than does Android - where I openly and
factually question that dogmatic assumption in this very thread, since I
can easily list a series of privacy-enhancing features on Android that
don't exist on iOS.

In the end, I will be charitable to iOS and state that the privacy is
"about the same" between the two platforms; but if anyone here thinks that
the privacy on iOS is better than that of Android, then they will have to
refute my arguments above, which are based on facts, not religion.

HINT: Most of what people "think" about iOS was fed to them by Apple.
DOUBLEHINT: Almost all of what was fed to them, turns out to be wrong.

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

[Rod Speed]

"badgolferman" <REMOVETHISb...@gmail.com> wrote in message
news:q1imt8$r37$1...@dont-email.me...

I didn't because they didn't even bother to spell out just
what vulnerabilitys they were actually talking about.

[Rod Speed]

"badgolferman" <REMOVETHISb...@gmail.com> wrote in message

news:q1in3g$s47$1...@dont-email.me...

And the lack of it is a very important vulnerability because a
malicious app can do what it likes with the data on the android
and that isnt even possible with iOS because of the sandboxing.

[Rod Speed]

"Hergen Lehmann" <hlehmann.e...@snafu.de> wrote in message
news:5lbvgf-...@hergen.dyndns.org...

> Am 14.01.19 um 20:50 schrieb nospam:
>
>> google makes money by collecting and selling data. apple does not. thus
>> the privacy benefits.
>
> Google uses the collected data for optimizing their services and for
> targeted advertising (which is their main source of income). If you
> believe their privacy policy, they are NOT selling the data itself.
>
> Exactly the same for apple. You have to *believe* that they do what they
> say they are doing.

No you don’t. It trivial to test whether apple is using your data
or not and to see that goggle really does target advertising.

>> it's also a helluva lot harder to break into an iphone than an android
>> phone. thus, the security benefits.

> If one iphone has been exploited, all other iphones of the same model line
> are basically open like a barn door, because all of them are using
> exactly the same software with exactly the same bugs.

There is no barn door given that its closed as soon as the vulnerability is
discovered.

> There is much more diversity in the Android world, which makes it much
> harder for an attacker to gain control over more than a small subset of
> devices.

On the other hand, the lack of sandboxing means that a malicious
app can do what it likes with the data on your phone. No thanks.

[badgolferman]

My corporate phone installs MDM app from a non-Apple Store source.

[nospam]

In article <q1jelp$pl3$1...@dont-email.me>, badgolferman

<REMOVETHISb...@gmail.com> wrote:

> >> With iOS you simply cannot install apps from third party sources (unless
> >> your phone is jailbroken).
> >
> > false.
> >
> > you've been told it's possible many times before, along with everything
> > else you get wrong.
> >
>
> My corporate phone installs MDM app from a non-Apple Store source.

yep, and that's not the only method.

[xJumper]

As for the whole Android vs Apple when it comes to privacy. Depends what
kind of "Android" you are talking about...

If you are a power user, so running a custom ROM, rooted with a proper
root manager, xposed running modules like xprivacy, root apps like
AFWall which give you a proper OS level firewall (Linux iptables) and
not some VPN hack, modified hosts system level ad blocking, microG to
spoof Google services while still being able to use them, Lineage OS
privacy guard, etc...

...Then it's not really a comparison, custom/modded Android blows Apple
iOS out of the water for privacy and performance/features.


Stock vs Stock, Apple wins hands down. Stock Android from the OEM's is
basically Google spyware.


Bryan Lunduke (very renowned in the Linux community) quotes a few
reputable sources in this video about Android privacy and how much it
spies on it's users.

Android vs iOS: Which spies on you more?

https://www.youtube.com/watch?v=8n6ubzCzZ5I

[sms]

On 1/15/2019 1:09 AM, xJumper wrote:
> If you are a power user, so running a custom ROM, rooted with a proper
> root manager, xposed running modules like xprivacy, root apps like
> AFWall which give you a proper OS level firewall (Linux iptables) and
> not some VPN hack, modified hosts system level ad blocking, microG to
> spoof Google services while still being able to use them, Lineage OS
> privacy guard, etc...
>
> ...Then it's not really a comparison, custom/modded Android blows Apple
> iOS out of the water for privacy and performance/features.

OMG, how many Android users root their devices and flash custom ROMs?
0.00001% (1 in 100,000) is probably a high number.

[sms]

On 1/14/2019 5:57 PM, badgolferman wrote:

<snip>

> My corporate phone installs MDM app from a non-Apple Store source.

Yes, for corporate phones, it's possible to install custom enterprise
apps using MDM (Mobile Device Management). My wife's iPhone has some of
those. But that's a far cry from the insecurity of Android which allows
the user to install apps from "Unknown Sources" by just enabling the
device to do so from a Setup screen, and either going to a non-Google
app store or by downloading APKs.

But for the regular user, without a jailbroken phone, it's strictly apps
from the Apple App store.

<https://support.apple.com/en-us/HT204460>

[nospam]

In article <irh%D.39626$dC4....@fx07.iad>, xJumper

<suga...@mailinator.com> wrote:

> As for the whole Android vs Apple when it comes to privacy. Depends what
> kind of "Android" you are talking about...
>
> If you are a power user, so running a custom ROM, rooted with a proper
> root manager, xposed running modules like xprivacy, root apps like
> AFWall which give you a proper OS level firewall (Linux iptables) and
> not some VPN hack, modified hosts system level ad blocking, microG to
> spoof Google services while still being able to use them, Lineage OS
> privacy guard, etc...
>
> ...Then it's not really a comparison, custom/modded Android blows Apple
> iOS out of the water for privacy and performance/features.

that removes google from the equation, however, anyone with physical
access can still pwn the android device relatively easily.

and the number of people who go to that extent is almost zero.

> Stock vs Stock, Apple wins hands down. Stock Android from the OEM's is
> basically Google spyware.

yep. that's the point.

[nospam]

In article <q1k9ud$tjm$1...@dont-email.me>, sms

<scharf...@geemail.com> wrote:

> But for the regular user, without a jailbroken phone, it's strictly apps
> from the Apple App store.

once again, *false*.

you are trolling.

[arlen holder]

On Mon, 14 Jan 2019 17:10:03 -0500, nospam wrote:

> you've been told it's possible many times before, along with everything
> else you get wrong.

With respect to PRIVACY, nospam, I'd like to ask you this question:
o How did you download a free app on iOS that doesn't have your APPLE ID?

With respect to PRIVACY, nospam, I'd like to ask you another question:
o How did you scrape the excellent Google database on iOS for addresses?

And another question, with respect to PRIVACY, nospam:
o How did you subscribe to a YouTube channel on iOS sans any login?

HINT: I've done all three, on Android, but nobody has provided any answers
in my threads on those topics in any of the iOS newsgroups.

DOUBLEHINT: That's because the answer is that you don't have that kind of
privacy on iOS.

Bear in mind, I'm _not_ saying Android is 'more or less private than iOS'.
I'm just providing FACTS which PROVE that both have privacy issues.

--- news://freenews.netfront.net/ - complaints: ne...@netfront.net ---

[arlen holder]

On Mon, 14 Jan 2019 22:30:45 +0100, Hergen Lehmann wrote:

> Google uses the collected data for optimizing their services and for
> targeted advertising (which is their main source of income). If you
> believe their privacy policy, they are NOT selling the data itself.

Thank you for sticking to facts - so that we discuss reasonable ideas.
Yours is a key point, where "privacy" is a complex issue, I agree.

For our purposes, we can try to use as simple a definition as possible:
o Privacy === personal information
o Security === system intrusion

Part of "privacy" is proper protection for our personal information.
For example:
o proper security where it's stored on the mother ship, and
o proper disposal after a proper time period,
o and proper anonymization of that data
etc.

Personally, I prefer to aim for _zero_ data be provided to the mother
ship, whether that be my iOS devices or my Android devices. It's rather
easy to do (AFAIK) on Android, but I've been unable to do it, to date, on
iOS, so that's partly why I ask here.

> Exactly the same for apple. You have to *believe* that they do what they
> say they are doing.

I must point out facts that I think the privacy is "about the same" between
the two platforms, where I base my initial assumptions on some facts
o Both platforms suffer from the same carrier privacy weaknesses
o People log into Google apps on both platforms
o Both platforms (iOS in particular) have a user id & advertiser id

Bear in mind, only iOS forces you to have a user id and an advertiser id.
The fact is that Android does not.

However, the main thing we have to discuss, I think, is how much of Google
apps *permeate* the users' homescreen on iOS versus Android
o Is it possible, for example, on either platform, to avoid Google apps?

>> it's also a helluva lot harder to break into an iphone than an android
>> phone. thus, the security benefits.
>
> If one iphone has been exploited, all other iphones of the same model
> line are basically open like a barn door, because all of them are using
> exactly the same software with exactly the same bugs.

I think nospam has to be taken with a grain of salt because of his poison
that he has injested from his religious maker, Apple.

It takes less than 10 seconds to prove nospam wrong.
o His credibility is worthless.
o He just makes everything up
o And he's wrong, so often, I say he's worse than the monkey

Since nospam typically can be disprove in ten seconds, let's not take what
nospam says too seriously, unless nospam actually makes an adult comment,
backed up with facts.

HINT: Nospam has this trick of making a comment and then shoving _any_ URL
in our faces (Jolly Roger _loves_ that approach, as does BK). But when you
actually _read_ the reference, you find out it doesn't say what the
Apologists claimed said.

For example, here's a an analysis of what Tim Cook recently said:
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/oulJsYSmDDM%5B1-25%5D>

The point is that we all KNOW the poisoned religious beliefs.
What I'm seeking here are FACTS.

While Android does appear to be somewhat more private than iOS, so far,
nobody has shown anything that proves the better privacy on Android is all
that much better than on iOS, even if iOS enforces ids that Android doesn't
enforce, simply because
o The carriers are leaking our location data on BOTH platforms, and,
o Users tend to use Google apps on BOTH platforms.

Don't they?
It's a key question of which Google apps are used on each platform.
(Because once you use a Google app, you're almost always doomed.)

> There is much more diversity in the Android world, which makes it much
> harder for an attacker to gain control over more than a small subset of
> devices.

I think that statement conflates security with privacy.
For this thread, let's try to keep them apart (it's hard enough already).

So far, it seems that clearly Android has privacy advantages over iOS
(e.g., no need for a mother-ship ID, no need for an advertiser ID, ability
to use Google apps without letting Google know who you are, etc.).

Two things I haven't seen any proof of yet are:
o Nobody has shown FACTS (yet) where iOS users are "more private"
o Even so, so far, iOS/Android privacy seems to be "about the same"

[arlen holder]

On Mon, 14 Jan 2019 21:00:37 -0500, nospam wrote:

>> My corporate phone installs MDM app from a non-Apple Store source.
>
> yep, and that's not the only method.

Let's stop assuming only Apple religious dogma and start talking FACTS.
Facts please.
Facts.

Let me ask both of you a simple matched-set of PRIVACY related questions:
o When you download the Android IDE, do you give Google your Google ID?
o When you download the iOS IDE, must you give Apple a valid Apple ID?

HINT: I know the answer to the question.
DOUBLEHINT: The point is that privacy on iOS has its flaws too.

One question I'd like to ask of "intelligent" iOS users on this newsgroup,
is what happens when you provide Apple with a "bogus ID" to attempt to
download the IDE. Does that "bogus ID" get associated with _every_ app you
create?

If so, then your PRIVACY is clearly adversely affected on iOS
whereas on Android, every side-loaded app can have ANY identifiers
whatsoever.

[arlen holder]

On Mon, 14 Jan 2019 13:07:50 -0800, sms wrote:

> And that's the key security problem with Android.

Hi sms,

May I ask you to refrain from discussing "security" when the topic is
"privacy"?

I realize people conflate the two, and that they partially overlap.
We can open a _separate_ thread on "security" when we've fully handled
"privacy".

I think it's amazing that most people who posted don't konw the difference
AND they still have strongly held opinions.
o I don't mind people not knowing the difference between security & privacy
o I don't mind people having strong opinions

What I mind is that people who don't know the difference, still THINK that
their strongly held opinions are facts - but - they don't even know the
difference between security & privacy - so - their strongly held opinions
are suspect, are they not?

Please show that you UNDERSTAND what "privacy" means.
Only then do your strongly held opinions make any sense.

HINT: You're discussing a completely different topic than privacy.

[arlen holder]

On Tue, 15 Jan 2019 12:07:14 +1100, Rod Speed wrote:

> And the lack of it is a very important vulnerability because a
> malicious app can do what it likes with the data on the android
> and that isnt even possible with iOS because of the sandboxing.

Hi Rod Speed,

I looked at the article that badgolferman referenced, where it appears
o It was talking about security (not privacy)
o And, even so, it concluded the security was "about the same"

Specifically it concluded iOS was worse - but only slightly worse.

You (and nospam) keep harping on ideology likely fed to you by Apple.
This thread isn't about your religious fact-free strongly held convictions.

This thread is simply about
o Facts about the delta in PRIVACY between the iOS & Android platforms

Why can't you Rod Speed, comprehend that?
Must you insist on your God-given right to perform off-topic trolls, Rod Speed?

[arlen holder]

On Tue, 15 Jan 2019 12:22:35 +1100, Rod Speed wrote:

> No you don¢t. It trivial to test whether apple is using your data
> or not and to see that goggle really does target advertising.

Hi Rod Speed,

It's amazing that such strongly held opinions as you own Rod Speed,
are backed up with absolutely zero facts.

I know you well, so I'm going to simply ask you to back up your claims.

I know you generally don't prefer to back up anything you say, but I'm
going to ask you, adult to adult, to back up your claim above.

Facts.
Facts Rod Speed.
Facts.

I ask the question so that you, Rod Speed, will BEGIN to talk facts.

Here's a question I ask you, Rod Speed, that I know the answer to:
o How do you REMOVE the Apple ID from an iOS device?
o How do you REMOVE the Apple ID from all your apps (even free ones)?
o How do you REMOVE the Advertiser ID from an iOS device?

HINT: On Android, all that is trivial.
DOUBLEHINT: I already know the answer for iOS.

Facts.
Facts Rod Speed.
Facts.

I ask the question so that you, Rod Speed, will BEGIN to talk facts.

> There is no barn door given that its closed as soon as the vulnerability is
> discovered.

Rod Speed ... please act like an adult. Please.

It's amazing that you, Rod Speed, have such strong opinions,
which not only are not based on any facts that you have supplied,
but which are clearly not the topic of this conversation?

Why is it that you, Rod Speed, and nospam, have no clue about
o Privacy, .versus
o Security

All you Rod Speed (and nopsam) can spew is Apple MARKETING dogma
about security - where it's just as likely that Android and iOS security is
"about the same", but that's not the topic of this thread.

>> There is much more diversity in the Android world, which makes it much
>> harder for an attacker to gain control over more than a small subset of
>> devices.
>
> On the other hand, the lack of sandboxing means that a malicious
> app can do what it likes with the data on your phone. No thanks.

Again, you Rod Speed have such strongly held opinions that
o Are NOT the topic of this thread, and,
o That you supply zero facts to support anyway.

While I give both you, Rod Speed, and nopsam, "credit" for being
intelligent, you haven't yet acted like an adult should act in this thread.

1. We're talking about privacy (not security)
2. If you don't know the difference, then please look it up.

It's amazing that such strongly held opinions as you own Rod Speed,
are backed up with absolutely zero facts.

[arlen holder]

On Mon, 14 Jan 2019 17:10:06 -0500, nospam wrote:

> unlike android, ios devices get security patches for *years*.

I have to ask you, nospam, to stop acting like a child, please.
*There is a difference between privacy and security.*

As always, you don't appear to know the difference.
o However, I suspect you do _know_ the difference.

I also suspect you _know_ that the privacy on iOS is "about the same" as
the privacy on Android.

Certainly I've already listed cases where privacy on iOS is *worse*.

All you can speak about, nospam, is pseudomeaningful bullshit.
You parrot Apple marketing like nobody else on this newsgroup.

You _never_ have facts to back up your religigiously held convictions.
You can easily be disproven in most cases in fewer than ten seconds.

For Christs' sake, nospam, when are you going to grow up?

*What we want here, are facts about privacy between the platforms.*
The difference between you and me, nospam, is that I speak facts.

For example, for a long time, I had been "scraping" the YouTube database of
Google using NewPipe and AddressToGPS apps, which allow people on Android
to _anonymously_ scrape Google's excellent databases.

*You just _can't_ have that kind of privacy on iOS.*
o You just can't have that type of privacy on iOS
o That privacy just doesn't exist on iOS.

So nospam, please STOP spewing your idiotic religious dogma here.
Let's talk facts.

Please don't confuse privacy with security (although I know they overlap).
Please use facts.
Please indicate that your brain is NOT that of a child, nospam.

Please act like an adult.
Please.

That means:
o Facts only.
o Privacy only.

[arlen holder]

On Mon, 14 Jan 2019 14:50:16 -0500, nospam wrote:

> actually quite a bit more than that.

Hi nospam,

I realize Apple doctrine permeates the weak mind such as that of nospam.
I'm not asking for nospam's religious doctrine here - I'm asking for facts.

The problem with you nospam, is you make pseudo-profound statements.
And yet, you _never_ have any cites to back up a single claim you make.

*It takes less than ten seconds to disprove every idiotic thing you write.*

> google makes money by collecting and selling data. apple does not. thus
> the privacy benefits.

Again, nospam, your credibility is worthless because you make it all up.
I realize Apple MARKETING is dogma to you - hence you spew its doctrine.

We're not asking for your unsupported religious doctrine.
We're asking for well-cited facts.

For example, we already know that YouTube is the number 4 earner
for Apple, while YouTube doesn't even shown up on the top 10 for Android.

We also know that YouTube can't be used without sending personal
information to the mother ship - and we know that privacy-based YouTube
clones are well known, freely available, and certainly they work as well or
better than YouTube does (there's no need to pay, for example).

Notice it takes less than ten seconds to disprove your ideological dogma!

> it's also a helluva lot harder to break into an iphone than an android
> phone. thus, the security benefits.

Please nospam, for once in your life, act like an adult.

If _every_ statement you make can be disproved in ten seconds, you're not
acting like an intelligent adult should.

You don't even know the _difference_ between PRIVACY & security.

What you post, nospam, can easily be disproved in less than 10 seconds.

[arlen holder]

On Mon, 14 Jan 2019 19:14:56 -0000 (UTC), badgolferman wrote:

>> I found this interesting.
>> https://www.cultofmac.com/396979/wtf-study-finds-android-is-actually-safer-than-ios/amp/
>
> It it seems sandboxing is the real difference between the two operating
> systems.

Thanks for that cite, where the topic is "privacy", so we have to steer
clear of "security" (which is different, but the concepts may overlap).

For our purposes, we can perhaps use this two-word definition:
o Mobile data privacy === protect *personal information*
o Mobile data security === protect *system intrusion*
Based on this cite:
o What is the difference between privacy and security?
<https://www.csoonline.com/article/3075023/privacy/the-difference-between-privacy-and-security.html>

I read that Cult of Mac article you kindly cited:
o WTF?! Study finds Android is actually safer than iOS
<https://www.cultofmac.com/396979/wtf-study-finds-android-is-actually-safer-than-ios/amp/>

Keeping in mind we're seeking "privacy" issues as defined in the 2 words:

o Privacy === personal information
o Security === system intrusion

The article first states that "you're more likely to download a dangerous
app" from the iOS App Store (40%) than from Google Play (36%), which is
likely both a privacy and security issue (but more security, I think, than
privacy perhaps). Even so, the percentages are "about the same".

One thing that article did was define what they called the "wall garden"
(I've always seen it as the "walled garden") in a way differently than I
do. That article seems to think the "wall garden" is the review process at
Apple, where I've thought of the "walled garden" as being something quite
different and more akin to the interaction of apps in the users' hands.

While that article really simply said that iOS & Android were "about the
same" (40% versus 36%), I think they may have been reporting on a study
which examined "security" far more than it examined "privacy", based on
this quote:
"While 36 percent of Android apps were found to have
"potentially catastrophic vulnerabilities for system stability
and data protection," that figure rose to 40 percent on iOS,
crushing the common misconception that iOS is a safer
platform overall."

Given these two facts, I won't delve deeper into that report of the study:
o The study seems to have concentrated on "security" more than "privacy"
o Even so, IMHO, they concluded the two platforms were "about the same"

[123456789]

sms <scharf...@geemail.com> Wrote in message:

> the insecurity of Android which allows
> the user to install apps from "Unknown Sources" by just enabling the
> device to do so from a Setup screen,

> and either going to a non-Google
> app store or by downloading APKs.

Another thing I use this "insecure" Android
capability for is to load old archived apps
I've saved over the years onto a new device.
They're apps that haven't yet been spoiled
by garbage updates, ads, etc. A very handy
feature IMO...

[nospam]

In article <q1l64a$gom$1...@dont-email.me>, 123456789 <12...@12345.com>
wrote:

easily done on ios.

[Chris]

Hergen Lehmann <hlehmann.e...@snafu.de> wrote:
> Am 14.01.19 um 20:50 schrieb nospam:
>
>> google makes money by collecting and selling data. apple does not. thus
>> the privacy benefits.
>
> Google uses the collected data for optimizing their services and for
> targeted advertising (which is their main source of income). If you
> believe their privacy policy, they are NOT selling the data itself.
>
> Exactly the same for apple. You have to *believe* that they do what they
> say they are doing.
>
>> it's also a helluva lot harder to break into an iphone than an android
>> phone. thus, the security benefits.
>
> If one iphone has been exploited, all other iphones of the same model
> line are basically open like a barn door, because all of them are using
> exactly the same software with exactly the same bugs.

That is true. Although, it's very easy to patch all of them. Nearly all iOS
devices are patched to the newest version.

> There is much more diversity in the Android world, which makes it much
> harder for an attacker to gain control over more than a small subset of
> devices.

Actually, it's the opposite. The diversity increases the attack surface so
attackers have multiple opportunities to compromise a device. It may take a
while to work through them, but they are by and large all crackable.

A minority of Android devices are fully patched.

[sms]

True. I have some apps that have been discontinued, yet I can still side
load them using the APK. But side-loading is a security risk, which is
one reason that iOS prohibits side-loading (of course there are other
reasons, related to revenue, as well).

[nospam]

In article <q1lauu$h60$3...@dont-email.me>, sms

<scharf...@geemail.com> wrote:

> > Another thing I use this "insecure" Android
> > capability for is to load old archived apps
> > I've saved over the years onto a new device.
> > They're apps that haven't yet been spoiled
> > by garbage updates, ads, etc. A very handy
> > feature IMO...
>
> True. I have some apps that have been discontinued, yet I can still side
> load them using the APK. But side-loading is a security risk, which is
> one reason that iOS prohibits side-loading (of course there are other
> reasons, related to revenue, as well).

ios does *not* in any way prohibit installing older versions of apps.
in fact, it's quite easy and without any need to side-load, something
which is also possible on ios, it just requires an extra step rather
than a toggle in settings.

just about everything you say about ios is *wrong*.

[arlen holder]

On Tue, 15 Jan 2019 01:36:17 -0800, sms wrote:

> OMG, how many Android users root their devices and flash custom ROMs?
> 0.00001% (1 in 100,000) is probably a high number.

Hi sms,
The facts are what matter.

The question is about privacy.
Mostly about privacy from the data aggregators, most conspicuously Google.

I've already shown that on iOS, you can't get the kind of privacy you can
get on Android. You just can't.
o On iOS... You don't get the YouTube privacy
o On iOS... You don't get the sanctioned Tor privacy (anonymity)
o On iOS... You don't get the AddressToGps privacy
o On iOS... You don't get the sideloading privacy
o On iOS... You don't get the ID privacy
o On iOS... You don't get the ADVERTISER ID privacy
o On iOS... You don't get the IDE privacy
o You don't get the IMSI catcher, camera catcher, fakeAP catcher, etc. privacy
o etc.

You just don't get the kind of privacy on iOS that you get on Android.
Those are facts.

The only ones disputing those facts are the fact-free Apologist ignorati.
Their dispute is ideological. It's not factual. It never was. It never will be.

Let's have the _rest_ of us, act like adults, and discuss FACTS.

Clearly, it's easily proved that there are far more "app" related tools on
Android to maintain your privacy than on iOS.

Nobody who is an adult can dispute that fact based on what has been
presented to date in this thread.

I _welcome_ an adult fact - but the iOS Apologist ignorati don't use facts.
Facts don't exist in the Apologists' ideologically religious belief system.

But, just as clearly, there are privacy leaks on BOTH platforms.
For example, the carriers are SELLING our location data in the US!
(God knows what the carriers are doing in the rest of the world.)
o Carriers are selling (sans warrant) your cellphone location data (see reports)
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/OMANiVqUod8>

In summary, it's abundantly clear that
o Apple Apologist ignorati have no basis in fact for their belief system
o So it's left to the adult intelligentsia to come up with the answer

As far as I can tell, while iOS certainly has less privacy than does
Android, the BIG HOLES are the same for BOTH platforms.

Hence, as far as I can tell, even with iOS having less privacy, the end
result is that they're "about the same".

I'd love to someone (ANYONE) to find a _single_ instance where Apple iOS
has _more_ privacy than does Android - but nobody - to date - has shown a
single fact that points in that direction.

HINT: Privacy & security are not necessarily the same thing.

[arlen holder]

On Tue, 15 Jan 2019 09:47:19 -0500, nospam wrote:

> that removes google from the equation, however, anyone with physical
> access can still pwn the android device relatively easily.

Why do you prove, nospam, time and again, you have no idea that
privacy is not the same as security?

[arlen holder]

On Tue, 15 Jan 2019 12:55:13 -0500, nospam wrote:

>> Another thing I use this "insecure" Android
>> capability for is to load old archived apps
>> I've saved over the years onto a new device.
>> They're apps that haven't yet been spoiled
>> by garbage updates, ads, etc. A very handy
>> feature IMO...
>
> easily done on ios.

And yet, you _still_ can't come up with a method that actually works!

All you can do, are your 7 basic habits in response to facts, nospam.
===========================================================================
Seven Basic Habits of the Apple Apologists in response to FACTS:

. They brazenly & repeatedly fabricate wholly imaginary app functionality
. They then exclaim that it's been told to us many times how to do it!
...
. They almost never back up statements with actual referenced facts
. They incessantly play childish semantic games when faced with those facts
...
. They consistently fabricate quoted content that never happened
. They then wittily respond to that imaginary quoted content as if it did!
...
. They're never purposefully helpful by helping the OP answer the question
. They post worthless retorts, all of which lack any added technical value
...
. They consistently blame Android for most of Apple's app & hardware faults
. They consistently find the absolute worst price:performance comparisons
...
. They actually believe that a well-documented process is too complex!
. They literally believe elapsed time is proof of actual resolution time.
...
. They deny facts a priori - without even reading the referenced facts!
. And then they complain about quote snipping of their silly semantic games
===========================================================================

[arlen holder]

On Tue, 15 Jan 2019 10:43:37 -0700 (MST), 123456789 wrote:

> Another thing I use this "insecure" Android
> capability for is to load old archived apps
> I've saved over the years onto a new device.
> They're apps that haven't yet been spoiled
> by garbage updates, ads, etc. A very handy
> feature IMO...

What's amazing is how you Apologist ignorati hold such strong convictions,
and yet, you prove, time and again, to be complety ignorant of basic fact.

We learned long ago that you Apple Apologists don't know the difference
between a "decibel" and a "megabit", e.g., this hilarious thread where
_none_ of the Apple Apologists even know to look at the Y-Axis of an app
that they "claim" can do what Android does:
o It's a fact iOS devices can't even graph Wi-Fi signal strength over time
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/PZuec56EWB0/rX-L9xbYAQAJ>

Even more recently, we found nospam and others claiming that facts were
trolls simply because _they_ were completely ignorant that Apple added
throttling software to the iPhone 7 and iPhone X:
o Is there a single expensive flawed iPhone from last year that is NOT currently being throttled as of iOS 12.1?
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/wbCbVX48E5M>

In the case of cellular towers, the Apple ignorati claimed wholly fictional
functionality, because they didn't know the difference between an actual
Cell Tower ID and a database on the Internet of extrapolated locations.
o It's a fact current iOS devices can't even report the correct cell tower ID
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/2F_24NrIU3Q/t7_jS4zyAgAJ>

What's amazing is that you, 123456789, yet again proved that all you Apple
Apologist ignorati suffer from the same childish flaws
o You hold strong religious convictions in the Apple MARKETING dogma
o And yet, to disprove you takes all of about ten seconds each time
o Where, when confronted with facts, all you prove to be is _ignorant_.

It's shocking how unfathomably _ignorant_ you, 123456789, appear to be.
You don't even know the difference between
o Privacy, and,
o Security

*You Apple Apologist ignorati are really _that_ stupid, 123456789.*

[arlen holder]

On Tue, 15 Jan 2019 18:20:13 -0000 (UTC), Chris wrote:

> That is true. Although, it's very easy to patch all of them. Nearly all iOS
> devices are patched to the newest version.

I've been studying you Apple Apologists - where you hold religious beliefs.
Those religious beliefs are FED to you by Apple MARKETING.

*You Apologists LOVE the _FREQUENCY_ of the iOS diarrhea from Apple!*
The fact that Apple releases untested bug after bug after bug isn't your
issue.

All you want is FREQUENCYU of the diarrhea that is the iOS release!
The FREQUENCY of that diarrhea - is what makes you FEEL safe, Chris.

*You feel safe - only from the FREQUENCY - not the quality.*
(Clearly Apple doesn't sufficiently test iOS - of that there is no doubt.)

Hence ...
I completely understand you, Chris, since you are a religious zealot.
You _believe_ every dogmatic word that Apple MARKETING spews out.

Your weakness, Chris, is actual facts.

Even Craig Federighi has complained that he has to release product without
testing because MARKETING hands him the schedule - not ENGINEERING!

Do you know why?
I bet you don't ... but I do.

HINT: Apple KNOWS their customer wants the diarrhea that is frequent iOS
updates. The diarrhea of frequent iOS updates makes the customer FEEL safe
(even as they contain bug after bug after bug after bug after bug).

o It is yet another shoddy example of Apple rushing to fix a critical issue but never taking the time to test it properly
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/J3kKDVQeryE/Oe-mzsysAQAJ>

o Apple forgot to test the iPhone X in the real world (i.e., cold weather)
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/IeKl9hEZzAE/tl_ZMLJACQAJ>

o What is it about the sheer frequency of iOS releases that makes Apple users feel safe?
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/uxj50hk6nxI/BAYk_7CDBwAJ>

o Yet another massive security hole has been found in iOS 11
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/xGV0X_Qfqc4/VqqWWwMXBAAJ>

o Yet again, Apple forgot to test iOS 11.2.6 in the real world (serious problems reported)
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/AlkmHCTSUXg/K5GdwrzdCQAJ>

o 9to5 Mac reports iPhone XS & iPhone XS Max has serious battery problems, already...
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/oWW0imXI4zE/ZJS8_0SRAgAJ>

o Drop test confirms Apple totally lied about the glass back on the iPhone 8
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/bXTc6FrZJOA/-2kN7zkhBgAJ>

o Apple openly admit they forgot to test iOS in the real world!
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/K8uOvBjJ2rY/2htXivAfAwAJ>

o Apple doesn't test any of their products in the real world!
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/7pKV3Dok4fg/Xaqh5Pf1BgAJ>

o Report says Apple 'Powerd' code secretly slows your iOS device down to trick you into buying a new device
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/GdEtzzrc9F0/hrWoK-1wAwAJ>

> A minority of Android devices are fully patched.

I completely understand you, Chris, since you are a religious zealot.
You _believe_ every dogmatic word that Apple MARKETING spews out.

Your weakness, Chris, is actual facts.
*It takes less than 10 seconds to disprove your entire belief system, Chris.*

Ten seconds.

For example...
o Lockscreen exploit easilfy found only hours after iOS 12.1 released (yet again, Apple never tests anything in the real world)
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/N-hQKPDI4a0/4tfgLojLAAAJ>

o Is Apple seriously suggesting that millions of unsuspecting customers - now become - beta testers - just so that their phones will work!
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/xrovVjnWUo4/mWmtp7EYAwAJ>

o Every time iOS updates, Apple causes new problems in the REAL world...
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/Z6xD4HaiyjE/Jr5yYrBUCAAJ>

o Even genuine Apple displays no longer work in the real world (after iOS 11.1, 11.2, & 11.3)
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/YIhdXZL07DQ/eT_ZsIydAwAJ>

It's obvious even to Craig Federhigi that iOS is an untested diarrhea.

*You feel safe - only from the _FREQUENCY_ - not the quality.*
(Clearly Apple doesn't sufficiently test iOS - of that there is no doubt.)

[arlen holder]

On Tue, 15 Jan 2019 04:09:34 -0500, xJumper wrote:

> As for the whole Android vs Apple when it comes to privacy. Depends what
> kind of "Android" you are talking about...

Wow! THANKS xJumper!

You bring in an ADULT perspective which we haven't discussed.
THANK YOU for adding to our combined tribal knowledge!

I think you bring up an excellent factual point, xJumper
about the type of user, where, in expanding on that point, I'll separate
them into three loose categories:
o The "average" user (who basically accepts the defaults)
o The "intelligent" user (who thinks about each setting)
o The "power" user (who changes the ROM to his/her liking)

Where... with respect to privacy...
o There are "average" Android users who stick to defaults
o There are "intelligent" Android users, who change the defaults
o There are "power" Android users, who change the entire ROM

On iOS, unfortunately, even the intelligent user can't do anything.
So on iOS, unfortunately, there are only, I think, two categories:
o There are "average" iOS users who stick to defaults
o The "intelligent" iOS user is stuck with very very very few switches
o There are "power" iOS users, who change the entire ROM

In short:
o The "average" user has no privacy, but has more privacy on iOS
o The "intelligent" user, only on Android, gains privacy (not on iOS)
o The "power" user gains privacy on both iOS & Android

> If you are a power user, so running a custom ROM, rooted with a proper
> root manager, xposed running modules like xprivacy, root apps like
> AFWall which give you a proper OS level firewall (Linux iptables) and
> not some VPN hack, modified hosts system level ad blocking, microG to
> spoof Google services while still being able to use them, Lineage OS
> privacy guard, etc...
>
> ...Then it's not really a comparison, custom/modded Android blows Apple
> iOS out of the water for privacy and performance/features.

You bring up a great point, which I will summarize as:
o The "average" user sticks to defaults - that gives iOS an edge on privacy
o The "intelligent" user changes things - that gives Android users privacy
o The "power" user changes everything - that gives both privacy

While I personally have jailbroken an iOS device and I've rooted an Android
device, the technology changes so much that I won't argue with your
argument that the power user on Android has far more power available to
him/her for privacy than does the iOS user.

I'll let those with facts in that area discuss the merits of that.

> Stock vs Stock, Apple wins hands down. Stock Android from the OEM's is
> basically Google spyware.

It's hard to disagree with you since you make intelligent adult arguments.
So I will first agree openly that, "defaults" are such that Android spies.

However, I must point out the FACT that iOS users also use Google apps.
Those apps spy as much, or perhaps "almost as much" on iOS as on Android.

Do they not?

> Bryan Lunduke (very renowned in the Linux community) quotes a few
> reputable sources in this video about Android privacy and how much it
> spies on it's users.
>
> Android vs iOS: Which spies on you more?
> https://www.youtube.com/watch?v=8n6ubzCzZ5I

Thank you for being one of the few adults here who provide references
which back up the statements you make of your belief system!
o Android vs iOS: Which spies on you more?
<https://www.youtube.com/watch?v=8n6ubzCzZ5I>

Which is based on:
o Your Apps Know Where You Were Last Night, and Theye Not Keeping It Secret
<https://www.nytimes.com/interactive/2018/12/10/business/location-data-privacy-apps.html>

Here are some tidbits from the YouTube summary:
o 75 companies receive location data from users (news, weather, etc.)
o 200Million mobile devices are claimed to be tracked by those businesses
o Some are updated 14,000 times a day
o The companies sell this data to retail outlets, hedge funds, etc.
o IBM purchased the weather channel app to get into this business
o The article demonstrates multiple visuals of the collected data
o They mapped a person wandering around a school yard
o This is not new information - but it's important information
Given what the guy said (I haven't read the article yet), what he speaks
about is common to BOTH platforms, iOS & Android (e.g., weather channel).

Then at time point 289 seconds, he covered Android versus iOS:
<https://youtu.be/8n6ubzCzZ5I?t=289>
o Without disabling, Android tracks a user's location, by default
o Without disabling, Android tracks nearby WiFI APs, by default
o Android & iOS were tested for _passive_ privacy leaks via Chrome
o Google collected 40 to 1 per hour "amounts" of data (most over https)
o 30% of the data goes to location services
o 3% of the data goes to ad services

Essentially, a _passive_ phone, configured to defaults,
o Reported to the mother ship on Android every 4 minutes (via Chrome)
o Reported location information to Apple only once per day

This bolsters what our belief system seems to hold, which is that a dumb
user is spied on more with Android than with iOS, however, a smart user is
spied on far less on Android than on iOS (IMHO) simply because "more tools"
are available to Android users for privacy than are provided on iOS.

Interestingly, when I tried to delete Chrome on Android, I found that it's
a native app, so I'll need to root (which isn't hard) to delete it.

Then at time point 960 seconds, Bryan Lunduke explained what happens when
someone uses a phone without using any Google apps other than Chrome.
<https://youtu.be/8n6ubzCzZ5I?t=960>
o They tested for 24 hours during a typical day of one person
o 450 instances were made of Android making "calls" to Google servers
o Android requests per hour collected by Google = 90
o iOS requests per hour collected by Google = 50
o iOS requests (per hour?) to Apple servers = 20

Personally, even with Android being about "double", that looks like "about
the same", when you take into account that these phones are all set to the
defaults - which clearly means that the Android phone calls can be
drastically cut - while the iOS defaults might not be easily modified.

At time point 1182, Bryan Lunduke starts talking about Pokemon Go,
which is kind of where I simply glazed over since I don't play games:
<https://youtu.be/8n6ubzCzZ5I?t=1182>

Luckily the game garbage was short, so at time point 1250
we get the summary from Bryan Lunduke:
<https://youtu.be/8n6ubzCzZ5I?t=1250>
o He says the _only_ reason to use an iPhone is for the privacy
o He decries Apple iOS open-source code
o But he also decries the default Android privacy spying
o He says he loves the free software available on Android over iOS
o But he says that being spied on 50 times more is a heavy price

In the end ...
o He repeats, privacy may be the _only_ thing an iPhone has over Android

Personally, I don't disagree with what he says OTHER than to mention that
an *intelligent* user on Android is NOT what he was talking about.
o The "average" user sticks to defaults - that gives iOS an edge on privacy
o The "intelligent" user changes things - that gives Android users privacy
o The "power" user changes everything - that gives both privacy

[nospam]

In article <q1legh$rq3$3...@news.mixmin.net>, arlen holder

<ar...@arlen.com> wrote:

>
> >> Another thing I use this "insecure" Android
> >> capability for is to load old archived apps
> >> I've saved over the years onto a new device.
> >> They're apps that haven't yet been spoiled
> >> by garbage updates, ads, etc. A very handy
> >> feature IMO...
> >
> > easily done on ios.
>
> And yet, you _still_ can't come up with a method that actually works!

the methods have been explained to you many, many times.

[arlen holder]

On Tue, 15 Jan 2019 15:19:30 -0500, nospam wrote:

> the methods have been explained to you many, many times.

Tell us again, nospam, how on earth iOS is going to re-create the IPA
like Android can re-create the APK, from an _existing_ old
no-longer-supported app that is on ONE of your phones, but not currently on
the phone you want it to be on.

We've been down this path before, nospam, where all you do is "cherry pick"
the _easiest_ possible IPA-archival scenario, which is the person who
fastidiously archives EVERY DAMN THING and who ONLY wants to put it back on
his very phone with the very same Apple ID.

The _only_ scenario you can explain, nospam, is the childs-play scenario.
It's fitting, actually, that you claim that you can do what is child's play.

The facts are that you cannot possibly do what Android does, which is that
Android will take almost ANY installed free app on almost any phone and it
will allow the user to put that VERY SAME APP on almost any other phone.

It won't work 100% of the time simply because I'm talking any phone on the
planet, so there are many variables - but those of us who have done it have
seen 99% of our apps come over perfectly from a five-year old phone that we
can get at any thrift shop, and 99% of the apps from that five-year old
phone which we never installed anything on ourselves - work just find when
the APK is copied to our new phones.

If you say iOS can even do anything CLOSE to that, then I challenge you.
I challenge you, and all you Apple Apologist ignorati, to come up with
facts.

All you Apple Apologist ignorati _can_ do, is the stuff that's child's play.

[nospam]

In article <q1lfn8$t92$1...@news.mixmin.net>, arlen holder

[arlen holder]

On Tue, 15 Jan 2019 15:32:22 -0500, nospam wrote:

>>
>>> the methods have been explained to you many, many times.
>>
>> Tell us again,
>
> no

Hehhehheh... proof nospam that you fabricate imaginary iOS functionality.

We both know you can't possibly do with IPAs what Android does with APKs.

It's a fact.
The entirely religious belief system of Apologist ignorati contains 0 facts.

Meanwhile, I back up my facts.

What's amazing, nospam, is you're so easily proven wrong.
It takes less than ten seconds to prove your belief system wrong.

You know why, nospam?
I know why.

I know your weakness.
There's a _reason_ I refute your Apologist ignorant dogma with facts.

HINT: Facts are your major weakness, nospam.
Facts.

Yup.
Nothing you say can ever stand up to facts.

Simple facts.
That's all it takes to show you're an Apple Apologist ignorati, nospam.

Facts.

[badgolferman]

nospam <nos...@nospam.invalid> wrote:
> In article <q1l64a$gom$1...@dont-email.me>, 123456789 <12345@12345.

>> Another thing I use this "insecure" Android
>> capability for is to load old archived apps
>> I've saved over the years onto a new device.
>> They're apps that haven't yet been spoiled
>> by garbage updates, ads, etc. A very handy
>> feature IMO...
>
> easily done on ios.
>

Please explain. iTunes has removed app management capability. I used to be
able to do that with iTunes but no more.

[nospam]

In article <q1lj84$9kb$1...@dont-email.me>, badgolferman

<REMOVETHISb...@gmail.com> wrote:

> >> Another thing I use this "insecure" Android
> >> capability for is to load old archived apps
> >> I've saved over the years onto a new device.
> >> They're apps that haven't yet been spoiled
> >> by garbage updates, ads, etc. A very handy
> >> feature IMO...
> >
> > easily done on ios.
> >
>
> Please explain. iTunes has removed app management capability. I used to be
> able to do that with iTunes but no more.

there's a separate fork of itunes that retains that ability, or use
configurator or xcode.

the two trolls repeatedly claim it's not possible, which like the rest
of their bogus claims, is completely wrong.

[123456789]

On 1/15/2019 1:06 PM, arlen holder wrote:
> On Tue, 15 Jan 2019 10:43:37 -0700 (MST), 123456789 wrote:

>> Another thing I use this "insecure" Android capability for is to
>> load old archived apps I've saved over the years onto a new
>> device. They're apps that haven't yet been spoiled by garbage
>> updates, ads, etc. A very handy feature IMO...

> What's amazing is how you Apologist ignorati hold such strong
> convictions, and yet, you prove, time and again, to be complety
> ignorant of basic fact.

On the sauce again Arlen? Not only is my post FACT but I said that I
LIKED and used this ANDROID FEATURE often. Nothing about iOS there.

However I see that I again induced you to write another 1000 word
rant/flame without even trying. You're just too easy of a
mark Arlen... ;)

-------------------------------

[sms]

Up until iOS 8 you could transfer apps from one iOS device to another.
Beginning with iOS 9 this was no longer possible. If an app is no longer
available on the App Store you cannot install it on a new device. I
think the reason for this change is that some Apps are obsolete and
won't look right on newer devices.

[badgolferman]

Where does one find this separate fork of iTunes? And are the other two
programs you mentioned available for Windows or are they software developer
tools? I am an average user and have no programming skills.

[sms]

LOL, nospam expects you to first become a iOS app developer.

However there is the Apple Configurator 2 program for the Mac that
allows you to install apps from a Mac folder (provided you backed up
those apps prior to when it no longer became possible to do so). If you
have an app on an old iOS device that you didn't back up prior to the
ability to back up apps was removed, then you're out of luck.

[nospam]

In article <q1lqoi$o31$1...@dont-email.me>, sms

<scharf...@geemail.com> wrote:

>
> Up until iOS 8 you could transfer apps from one iOS device to another.
> Beginning with iOS 9 this was no longer possible.

false, due to piracy concerns.

> If an app is no longer
> available on the App Store you cannot install it on a new device.

false.

the easiest (but not the only) way is restore from a backup. done.

> I think the reason for this change is that some Apps are obsolete and
> won't look right on newer devices.

also wrong.

older apps normally work fine, but if a user doesn't like the way it
looks or runs, then they can buy a competing product that does.

[nospam]

In article <q1ls96$vok$1...@dont-email.me>, badgolferman

<REMOVETHISb...@gmail.com> wrote:

> >>
> >> Please explain. iTunes has removed app management capability. I used to be
> >> able to do that with iTunes but no more.
> >
> > there's a separate fork of itunes that retains that ability, or use
> > configurator or xcode.
> >
> > the two trolls repeatedly claim it's not possible, which like the rest
> > of their bogus claims, is completely wrong.
>
> Where does one find this separate fork of iTunes?

<https://support.apple.com/en-us/HT208079>
If you've already installed a newer version of iTunes, you
can download this version of iTunes for your Mac, PC (32-bit), or
PC (64-bit) and run the installer. After installation is complete,
you can continue to deploy apps with iTunes.

> And are the other two
> programs you mentioned available for Windows or are they software developer
> tools? I am an average user and have no programming skills.

xcode is a developer tool, but you don't need to know anything about
software development to push apps to a device. it's a bit overkill for
just that purpose, but it will work. configurator is a user tool. both
are free and both are mac only. on the other hand, itunes is both mac
and windows (also free).

[nospam]

In article <q1lt19$3q1$1...@dont-email.me>, sms

<scharf...@geemail.com> wrote:

> >>>
> >>> Please explain. iTunes has removed app management capability. I used to be
> >>> able to do that with iTunes but no more.
> >>
> >> there's a separate fork of itunes that retains that ability, or use
> >> configurator or xcode.
> >>
> >> the two trolls repeatedly claim it's not possible, which like the rest
> >> of their bogus claims, is completely wrong.
> >>
> >
> > Where does one find this separate fork of iTunes? And are the other two
> > programs you mentioned available for Windows or are they software developer
> > tools? I am an average user and have no programming skills.
>
> LOL, nospam expects you to first become a iOS app developer.

nope.

[nospam]

In article <ga7cdt...@mid.individual.net>, Jolly Roger

<jolly...@pobox.com> wrote:

> >>>> Please explain. iTunes has removed app management capability. I used to
> >>>> be
> >>>> able to do that with iTunes but no more.
> >>>
> >>> there's a separate fork of itunes that retains that ability, or use
> >>> configurator or xcode.
> >>>
> >>> the two trolls repeatedly claim it's not possible, which like the rest
> >>> of their bogus claims, is completely wrong.
> >>>
> >>
> >> Where does one find this separate fork of iTunes? And are the other two
> >> programs you mentioned available for Windows or are they software developer
> >> tools? I am an average user and have no programming skills.
> >
> > LOL, nospam expects you to first become a iOS app developer.
>

> LOL, that's not required.

yep. anyone can download it and use it, and installing apps doesn't
require any knowledge about writing ios apps, although it's certainly
overkill for just that task.

> > However there is the Apple Configurator 2 program for the Mac that
> > allows you to install apps from a Mac folder (provided you backed up
> > those apps prior to when it no longer became possible to do so). If you
> > have an app on an old iOS device that you didn't back up prior to the
> > ability to back up apps was removed, then you're out of luck.
>

> You don't need that either.

need, no. the point is that it and xcode are additional options.

the original claim was it can't be done. it clearly can and very
easily, and via more than one method.

[nospam]

In article <ga7cb8...@mid.individual.net>, Jolly Roger

<jolly...@pobox.com> wrote:

> >>
> >> easily done on ios.
> >
> > Please explain. iTunes has removed app management capability. I used
> > to be able to do that with iTunes but no more.
>

> Yes you can. You just need this version:
>
> <https://support.apple.com/en-us/HT208079>
>
> I keep this version installed in a VM, where it dutifully downloads a
> copy of every version of every app I have installed on any of my iOS
> devices to my system, where I can automatically archive the IPA files to
> a folder on my file server for safe keeping. I can install any older
> version of any app I've purchased onto any of my iOS devices this way -
> even long after the app developer has removed them from the App Store.

yep. it's very easy.

i use an old mac, with time machine automating archiving multiple
versions.

[arlen holder]

On Tue, 15 Jan 2019 19:52:53 -0500, nospam wrote:

> yep. anyone can download it and use it, and installing apps doesn't
> require any knowledge about writing ios apps, although it's certainly
> overkill for just that task.

Here they go again ... Let the Apologists' wild goose chase begin!

Over the years, there have been umpteen times that the two premier Apologist
ignorati, nospam & Jolly Roger, have led decent people on fabricated wild
goose chases that one has to wonder if they do this just for their own fun.

For example, they sent this iOS user, Ant, on a wild goose chase:
o How do I redownload and reinstall an older version of iOS app into my iPhone 4S?
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/56nEgAZIjGk/QoMXl4TFBAAJ>

And, they repeatedly sent this iOS user, Wade Garrett on a wild goose chase
o Copy App from iPad to iPad Mini (by Wade Garrett)
<https://groups.google.com/d/msg/comp.mobile.ipad/Tufx3qIBZBw/TDZQfsILCAAJ>

*Both Ant and Wade Garrett failed (they never had a chance).*

Both nospam and Jolly Roger are leading badgolferman on a wild goose chase.
<https://groups.google.com/d/msg/comp.mobile.ipad/Tufx3qIBZBw/nf7UfnIbCAAJ>

This is just about the umpteenth time they sent people on wild-goose chases.
o Need to get an older app from one iOS device to another
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/hGyPrciqZ14/xSkTh-pNAAAJ>

o Is it possible to copy an app from one iOS device to another?
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/IeOlsAV4VCU/_4A9ZOCJsKcJ>

Neither nospam nor Jolly Roger cares that they just make everything up.
o Copy App from iPad to iPad Mini
<https://groups.google.com/d/msg/comp.mobile.ipad/Tufx3qIBZBw/TDZQfsILCAAJ>

Even David Empson proves both nospam & Jolly Roger just make it all up:
<https://groups.google.com/d/msg/comp.mobile.ipad/Tufx3qIBZBw/z3kVVoc-CAAJ>

It's amazing how these religious zealots don't care one bit for facts.
o How do you install hundreds of free apps on your iOS device from all your friend's and other people's iOS devices?
<https://groups.google.com/forum/#!topic/comp.mobile.ipad/z_vztaAbOfM>

Poor badgolferman - the sooner he realizes the Apple Apologists just made it
up (again), the better for him. Get your popcorn out... The Apple Apologists
are back claiming iOS can do something as simple as load an older IPA.

[Rod Speed]

xJumper <sugarman@mailinator

> As for the whole Android vs Apple when it comes to privacy.
> Depends what kind of "Android" you are talking about...

> If you are a power user, so running a custom ROM, rooted with a
> proper root manager, xposed running modules like xprivacy, root
> apps like AFWall which give you a proper OS level firewall (Linux
> iptables) and not some VPN hack, modified hosts system level
> ad blocking, microG to spoof Google services while still being
> able to use them, Lineage OS privacy guard, etc...

But you don’t have to do all that with iOS.

> ...Then it's not really a comparison, custom/modded
> Android blows Apple iOS out of the water for privacy

That’s a lie.

> and performance/features.

That isnt what is being discussed.

> Stock vs Stock, Apple wins hands down. Stock Android
> from the OEM's is basically Google spyware.

And a malicious app can do anything it likes with your data.

> Bryan Lunduke (very renowned in the Linux community)
> quotes a few reputable sources in this video about
> Android privacy and how much it spies on it's users.

> Android vs iOS: Which spies on you more?

> https://www.youtube.com/watch?v=8n6ubzCzZ5I

Shit that fucker is by far the most irritating to listen to
that I have ever come across, tho what he says is valid.

And I don’t really care what knows where my phone physically is.

[arlen holder]

On Wed, 16 Jan 2019 13:26:47 +1100, Rod Speed wrote:

>> ...Then it's not really a comparison, custom/modded
>> Android blows Apple iOS out of the water for privacy
>

> That┬ a lie.

The funny thing about you Apple Apologists, Rod Speed, is that
you flatly claim the truth is a lie - without supplying a _single_ fact.

You act no differently than a religious zealot, Rod Speed.

[arlen holder]

On Tue, 15 Jan 2019 15:08:27 -0700, 123456789 wrote:

> However I see that I again induced you to write another 1000 word
> rant/flame without even trying. You're just too easy of a
> mark Arlen... ;)

What's sad, is you prove what childish drivel you revel in, 123456789.

[123456789]

I'm proud of you Arlen m'boy. Once again by exercising my exceptionally
outstanding psychological expertise I've induced your oversized but
underdeveloped wetware to compose yet another magnificent and
breathtaking one line rant. You've made stupendous progress. Keep up the
good work. See you in my office same time again next week...

[John McWilliams]

[Rod Speed]

"arlen holder" <ar...@arlen.com> wrote in message
news:q1m5it$rai$1...@news.mixmin.net...

> On Wed, 16 Jan 2019 13:26:47 +1100, Rod Speed wrote:
>
>>> ...Then it's not really a comparison, custom/modded
>>> Android blows Apple iOS out of the water for privacy
>>

>> That¢s a lie.

>
> Rod Speed, is that you flatly claim the truth
> is a lie - without supplying a _single_ fact.

The facts are in the link xJumper posted, you pathetic excuse for a troll.

[arlen holder]

On Tue, 15 Jan 2019 19:52:54 -0500, nospam wrote:

> yep. it's very easy.

Hi badgolferman,

Both nospam & Jolly Roger suffer from the left-side DK effect:
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/MwtyT7BdxF4>

Hence, nospam & JR actually _believe_ their assessment is correct.
No amount of actual fact will, apparently, change their mind.

The fact that even David Empson has flatly refuted their claims,
and that both Ant and Wade Garrett (no friend of mine) have been
spectacularly unsuccessful, is no matter to Jolly Roger & nospam.

Their mind is EXACTLY how the mind of a left-side DK person works.

No amount of fact (even the _simplest_ of easily validated fact)
will get through to them - simply because they appear to
lack the basic cognitive ability to process even basic facts.

The poster child was the bank robber with lemon juice.
To this day, that would-be bank robber still thinks it worked.

That's them, in a nutshell.

Both have "self assessed" the process (which happens to be impossible) to
be "simple", just as the would-be bank robber self-assessed that the lemon
juice trick worked.

[arlen holder]

On Tue, 15 Jan 2019 19:18:52 -0500, nospam wrote:

> the easiest (but not the only) way is restore from a backup. done.

Hi sms,
I only recently realized nospam suffers from the left-side DK effect.
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/MwtyT7BdxF4>

Hence, nospam actually _believes_ his assessment is correct.
No amount of actual fact will, apparently, change his mind.

The mind of nospam is how the mind of a left-side DK person works.

No amount of fact (even the _simplest_ of easily validated fact) will get

through to nospam - simply because he lacks the cognitive ability to
process those facts.

The poster child was the bank robber with lemon juice.
To this day, that would-be bank robber still thinks it worked.

That's nospam, in a nutshell.

[arlen holder]

On Wed, 16 Jan 2019 17:39:22 +1100, Rod Speed wrote:

> The facts are in the link xJumper posted, you pathetic excuse for a troll.

Hi Rod Speed,
I'm going to respond to you differently than I have in the past, since
I used to think that your lack of comprehension was either due to
o that you are incomprehensibly stupid, or,
o that you are constantly just pulling out leg for your amusement.

But it's not either of those, I fear.
It's far worse, unfortunately.

I only belatedly realized you lack the basic cognitive skills to process facts.
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/MwtyT7BdxF4>

Given that the existing facts are already lost on you, I will only state
the simple easily validated and quite easily verified facts for _others_,
who don't lack cognitive skills.

For those who possess adult cognitive skills, these are the facts
that xJumper kindly referred us to (which I've analyzed in detail):
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/MiZixhidmOs/MiPYrYG9FQAJ>

[arlen holder]

[xJumper]

On 1/15/19 4:36 AM, sms wrote:>
> OMG, how many Android users root their devices and flash custom ROMs?
> 0.00001% (1 in 100,000) is probably a high number.


I think the stats on the popularity of CyanogenMod at it's height was a
50 million users, maybe more now with Lineage OS or maybe less since
it's been getting harder to do... But yea I guess with what something
like 7 billion people on earth now that probably works out to 1%.


Source for 50 million user claim...

https://www.forbes.com/sites/miguelhelft/2015/03/23/meet-cyanogen-the-startup-that-wants-to-steal-android-from-google-2/

On 1/15/19 9:47 AM, nospam wrote:> that removes google from the
equation, however, anyone with physical
> access can still pwn the android device relatively easily.
>
> and the number of people who go to that extent is almost zero.


My point is that both platforms suck for privacy but at least on Android
if you have the will you can lock it down very well from a privacy
standpoint, something that's outright impossible on an Apple iOS device;
at least not nearly close to the same extent.

While it may not be popular it's not exactly that hard to do either,
there's plenty of guides and GUI tools created to do just that. I mean I
figured it out and I'm nothing special, I don't have a degree in
computer science/sysadmining or anything.

Security is not really being debated here. I do feel that Apple does win
in this realm however most security experts would say that debating
security on the premises that your attacker has physical access to your
hardware is basically a mental jerk off exercise. Even in the
server/desktop world, physical access means you're pwned, the threat
landscape/attack vectors open up to a billion things.

Android has sound encryption, it just ends up getting pwned more in
physical access hacks because most people use crappy passwords that can
easily be brute forced. Nobody wants a 20 random character password on
their lockscreen. Apple iOS gets around this with some clever features
like allowing short passwords for a few attempts and then locking the
device down so that it only works with a long master password. So in the
real world they end up withstanding more physical/brute force attacks
into the device.


On 1/15/19 3:07 PM, arlen holder wrote:> It's hard to disagree with you
since you make intelligent adult arguments.
> So I will first agree openly that, "defaults" are such that Android spies.
>
> However, I must point out the FACT that iOS users also use Google apps.
> Those apps spy as much, or perhaps "almost as much" on iOS as on Android.
>
> Do they not?
>

On native Android devices most of the apps that spy do it via Google
Play/Framework services and the backend for a bunch of apps rely on
this. On Apple devices, Apple uses their own backend framework, like
their own substitute for Google Cloud Messaging which is what many real
time updating apps rely on. It's been said that the Apple version spies
on people less.


On 1/15/19 9:26 PM, Rod Speed wrote:>
> That’s a lie.

I don't understand how you can claim that's a lie. On a modded Android
device I have access down to the kernel, I can essentially wall off the
phone completely from the outside world if I want so ZERO leakage from
anything on the OS. On Apple iOS that is not possible, so even with
their much better privacy defaults there's plenty of evidence that iOS
devices still do leak information. So with modded Android you would be
comparing something that could have ZERO leakage vs something with still
some leakage. It makes no sense to call that a lie.

> On 1/15/19 9:26 PM, Rod Speed wrote:>
>> And a malicious app can do anything it likes with your data.

How so or how so anymore than anything else really? Apps in Android are
walled in/separated through the Selliinux permissions system, it's
fairly proven and works well. If you use a proper root manager than the
risk of root access are mitigated, it would be no different than any
other desktop operating system really, you have root access on
Windows/Linux. If anything you're probably safer than 90% of people who
claim Android with root is a liability yet they are running Windows 10
in admin mode without a password.


I downloaded a malicious pirated app once, as soon as I installed it it
tried to execute SU, my root manager was set to default deny, it did not
gain root access. My iptables firewall default deny blocked the app from
outside access, logged it and the domain it was trying to connect to,
had it connected anyway my modded hosts files would have blocked the
malware domain.

Show me that level of control/privacy on iOS...

> On 1/16/19 1:39 AM, Rod Speed wrote:> The facts are in the link xJumper posted, you pathetic excuse for a troll.
>>

That was just a general overview/comparsion of stock Android vs stock
iOS. It made no mention of modded Android which is a completely
different world.


It get more complicated... While the sideloading (downloading a random
.apk off the internet and installing it)/alternative app market of
Android (not at all possible/allowed on iOS) usually gets the average
user in trouble by having them download adware/spyware loaded apps it
also does benefit power users.


I run almost exclusively off of F-DROID which only lists completely open
source/reproducible build apps without any spyware/adds/bullcrap in them.

If you do the same that puts you ahead of Apple iOS users, even with the
strict standards of Apple (better/more strict than Google Play) to get
on their app store they still allow plenty of apps that do track/have
some kind of add/spyware vector on them.

[nospam]

In article <JLN%D.86753$n85....@fx38.iad>, xJumper

<suga...@mailinator.com> wrote:

> My point is that both platforms suck for privacy but at least on Android
> if you have the will you can lock it down very well from a privacy
> standpoint, something that's outright impossible on an Apple iOS device;
> at least not nearly close to the same extent.

not true.

>
> Security is not really being debated here. I do feel that Apple does win
> in this realm however most security experts would say that debating
> security on the premises that your attacker has physical access to your
> hardware is basically a mental jerk off exercise. Even in the
> server/desktop world, physical access means you're pwned, the threat
> landscape/attack vectors open up to a billion things.

that's because most servers/desktops are not encrypted. remove the
drive and have at it.

ios devices are encrypted by default and are essentially impossible to
pwn (nothing is truly impossible).

on the other hand, it's relatively easy to pwn an android device.

> Android has sound encryption,

no it doesn't.

> it just ends up getting pwned more in
> physical access hacks because most people use crappy passwords that can
> easily be brute forced. Nobody wants a 20 random character password on
> their lockscreen.

those who are concerned about security do, although it can be shorter.

> Apple iOS gets around this with some clever features
> like allowing short passwords for a few attempts and then locking the
> device down so that it only works with a long master password.

apple doesn't do that. where did you get that idea?

what apple does do is offer fingerprint or face unlock, which if
enabled, will still require the passcode after a reboot, 48 hours of
not unlocking it at all or 5 failed fingerprint/face attempts.

since the passcode does not need to be entered every single time, it
can be longer with minimal impact on day to day use.

> So in the
> real world they end up withstanding more physical/brute force attacks
> into the device.

because it's more secure.

[arlen holder]

On Wed, 16 Jan 2019 16:55:53 -0500, xJumper wrote:

> I think the stats on the popularity of CyanogenMod at it's height

Hi xJumper,

I, for one, was very happy that jailbreaking tools existed when I converted
a used AT&T iPhone to T-Mobile so that the kid I gave it to would have the
iPhone she always pined for (she currently has an iPhone 7).

On Android, I'm happy just to enable "Developer Options" to sideload:
o Do you enable "developer options"?
<https://groups.google.com/d/msg/comp.mobile.android/5VKHlHQ8Myg/wyckp5ffCAAJ>

> My point is that both platforms suck for privacy but at least on Android
> if you have the will you can lock it down very well from a privacy
> standpoint, something that's outright impossible on an Apple iOS device;
> at least not nearly close to the same extent.

You and I agree xJumper - although we have to take pains to keep this
conversation about PRIVACY and not about SECURITY (which is different).

You'll likely get nowhere with nospam since he's like a broken record.
Nospam doesn't actually comprehend that privacy & security are different:
o Privacy from Google/analytics/tracking with Lineage OS + microG
<https://groups.google.com/d/msg/comp.mobile.android/E_ULJzPy2T8/x8LpkypRCwAJ>

I only recently realized nospam is likely a left-side Dunning-Kruger
personality, which, if true, means he only trusts his own assessments
(which, we've proven, historically are wrong far more often than right).

> Security is not really being debated here.

Exactly. It's a COMPLETLY different topic.
We can barely stay on topic with "privacy", let alone add security to that.

Besides, nospam is like a broken record on everything iOS where
nospam will _always_ claim that the security on iOS is better even when
it's not (and even when it is).

The point is that actual facts don't matter to nospam.

On Android, you have far better granularity on what you _can_ do
with respect to allowing or disallowing Google from spying, for example:
o Do you "Decline" or "Accept" Google regularly checking on your apps?
<https://groups.google.com/d/msg/comp.mobile.android/wN7uto_TxMY/zMUBUZOfEQAJ>

> I do feel that Apple does win
> in this realm however most security experts would say that debating
> security on the premises that your attacker has physical access to your
> hardware is basically a mental jerk off exercise.

What I love about discussing things with intelligent rational adults is
that it's hard to disagree with you.

Again, this thread isn't about security - where we can simply agree that
Apple does it differently than does Android - at the cost of a CPU.

> Even in the
> server/desktop world, physical access means you're pwned, the threat
> landscape/attack vectors open up to a billion things.

It's easy to agree with you since you think logically & rationally.
If bad guys have your phone in their hands, you've got bigger problems.
o Android vs iOS physical security for power users
<https://groups.google.com/d/msg/comp.mobile.android/2UkdnNbK800/EdmfBH-yBAAJ>

Besides, this thread is about PRIVACY - not security.

For example, if folks have privacy advice, this is a good thread:
o What are the common settings to change from default for privacy?
<https://groups.google.com/d/msg/comp.mobile.android/b9Ck9JSyKXY/It7Yavl5AgAJ>

> Android has sound encryption

Agreed. Encryption is encryption.
However this thread is about privacy - not security.

The start of privacy is installing well-chosen apps, for example:
o What are the first things you do to set up a new phone?
<https://groups.google.com/d/msg/comp.mobile.android/w0ze6GZoOOc/mGIDxrvsAAAJ>

> On native Android devices most of the apps that spy do it via Google
> Play/Framework services and the backend for a bunch of apps rely on
> this. On Apple devices, Apple uses their own backend framework, like
> their own substitute for Google Cloud Messaging which is what many real
> time updating apps rely on. It's been said that the Apple version spies
> on people less.

While most of the Apple users can only parrot what Apple MARKETING
tells them, I did read the article & listen to the YouTube you referenced.

In short, here's my assessment on PRIVACY implications:
o By default, Android spies a LOT back to the mother ship
o In an intelligent users' hands, Android spies far _less_ than iOS
o By default, iOS spies far less - but - there are far fewer tweaks

As just some well-known privacy-related examples,
o On iOS... You don't get the YouTube privacy of Android
o On iOS... You don't get the sanctioned Tor privacy (anonymity) of Android
o On iOS... You don't get the AddressToGps privacy of Android
o On iOS... You don't get the sideloading privacy of Android
o On iOS... You don't get the ID privacy of Android
o On iOS... You don't get the ADVERTISER ID privacy of Android
o On iOS... You don't get the IDE privacy of Android
o You don't get the IMSI catcher, camera catcher, fakeAP catcher, etc.
o etc.

In the end, how much a phone spies, sort of depends on the user:
o Naive Android users lose big - naive iOS users lose - but not as big
o Intelligent Android users break even - intelligent iOS users can't
o Smart Android users win big - but smart iOS users can do OK

> I don't understand how you can claim that's a lie.

Be careful.
There are a few of the Apple Apologists who claim *everything* is a lie.
I used to thing they're either
o just pulling our leg for their own childish amusement, or,
o that they're incredibly (unfathomably) stupid.
But there's a third, far more sinister option - where it's worse:
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/MwtyT7BdxF4>

Be careful with Rod Speed - he has infinite energy to refute whatever it is
that you claim - he (like nospam & Jolly Roger) simply refute everything.

> On a modded Android
> device I have access down to the kernel, I can essentially wall off the
> phone completely from the outside world if I want so ZERO leakage from
> anything on the OS. On Apple iOS that is not possible, so even with
> their much better privacy defaults there's plenty of evidence that iOS
> devices still do leak information.

It's clear that the *weak* links of iOS are not what MARKETING has fed
people like Rod Speed and nospam and Jolly Roger and Alan Baker.

All they can talk about is the stuff that Apple MARKETING fed them.
So they won't comprehend what you just wrote about walling off the OS.

> So with modded Android you would be
> comparing something that could have ZERO leakage vs something with still
> some leakage. It makes no sense to call that a lie.

Rod Speed, nospam, Jolly Roger, Alan Baker, Lewis, BK at OnRamp,
"joe", Chris, Haemactylus, Alan Browne, Tim Streater, et. al, are
all of the same mold.

They call every fact that they don't like, a "lie".
(Their imaginary belief system is fed to them by Apple MARKETING.)

>>> And a malicious app can do anything it likes with your data.
>
> How so or how so anymore than anything else really? Apps in Android are
> walled in/separated through the Selliinux permissions system, it's
> fairly proven and works well. If you use a proper root manager than the
> risk of root access are mitigated, it would be no different than any
> other desktop operating system really, you have root access on
> Windows/Linux.

This is NOT what the Apple Apologists were taught by Apple MARKETING.

Hence, to them, anything Apple didn't tell them ... "is a lie".

> Show me that level of control/privacy on iOS...

They can't.
o You just don't get that kind of power with anything on iOS.

In fact, we've proven time and again, iOS is funcdtionally limited.
It's not the hardware so much as what Apple prevents the apps from doing.

To an iOS user, using a steak knife e to chop down a tree "feels" safer
than what we do on Android, which is use a chainsaw to chop down a tree.

Just wait when they tell you that the sheer "frequency of release" of iOS
makes them *feel* infinitely safe - even though we've proven Apple
typically ships iOS with holes in it so big you can drive a bus through.

The diarrhea that is the iOS release schedule makes them *feel* safe,
simply by the frequency (and not at all by the actual content).

> That was just a general overview/comparsion of stock Android vs stock
> iOS. It made no mention of modded Android which is a completely
> different world.

Hehhehheh ... xJumper... I immediately comprehended that when I saw watched
the video and read the article - but these people you're responding to are
either
a. Playing games with us (pretending to be stupid), or,
b. They're actually so stupid as to not realize what you just said, or,
c. Far worse - it could be that they actually _believe_ what they say.
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/MwtyT7BdxF4>

To you and to me, it's unfathomable that they don't comprehend that the
article and video were talking about a default setup at all times.

But, the sad thing is ... they don't comprehend facts even _that_ simple.

(It's difficult to communicate with people like Rod Speed & nospam who
appear to be _that_ uncomprehending of the simplest of obvious facts).

Just today, nospam refuted a chart showing that YouTube revenue on Apple is
the number 4 in the App Store - where - it's not even in the top 10 on
Android, where it's clear that these are *paying* customers (i.e., their
privacy is gone).

Guess why nospam flatly refuted the numbers?
HINT: He didn't like the title of the article (Yes, can you believe that?).

It's really difficult to deal with people who appear to be _that_ stupid.

> I run almost exclusively off of F-DROID which only lists completely open
> source/reproducible build apps without any spyware/adds/bullcrap in them.

I agree with you that a Google Play account isn't needed.
o How to use Windows to populate your Android phone with hundreds of apps without ever enabling Google Play (or F-Droid)
<https://groups.google.com/d/msg/comp.mobile.android/IUNBsY5F_Ho/KxjX1DL-AAAJ>

That means privacy in and of itself, in that there is...
o No Google ID
o No Advertiser ID
o No id in free apps
etc.
(none of which privacy is even remotely possible on iOS)

Not only are F-Droid apps free & open source, but most (all?)
have no advertisements whatsoever (I've never seen any with ads, yet).

o Best free Android apps of 2019 (plus a best-free-apps list of our own making)
<https://groups.google.com/d/msg/comp.mobile.android/IzpTZff2S4o/Ab6lJr8fBgAJ>

*From memory, my favorite F-Droid apps are, in no particular order:*
o NewPipe <https://f-droid.org/packages/org.schabi.newpipe/>
o FTP Server (free) <https://f-droid.org/packages/be.ppareit.swiftp_free/>
o OSMAnd~ <https://f-droid.org/en/packages/net.osmand.plus/>
o Simple Calendar Pro <https://f-droid.org/en/packages/com.simplemobiletools.calendar.pro/>
o Orbot/Orfox <https://guardianproject.info/apps/orbot/>
o Call Recorder <https://f-droid.org/en/packages/com.github.axet.callrecorder/>
o Open Camera <https://f-droid.org/en/packages/net.sourceforge.opencamera/>
o QKSMS <https://f-droid.org/packages/com.moez.QKSMS/>
o SMS Scheduler <https://f-droid.org/en/packages/com.github.yeriomin.smsscheduler/>
o Contacts <https://f-droid.org/en/packages/com.simplemobiletools.contacts.pro/>
o OSM Tracker <https://f-droid.org/packages/me.guillaumin.android.osmtracker/>
o K-9Mail <https://f-droid.org/en/packages/com.fsck.k9/>
etc. (there are others - this was just from memory)

BTW, most of the "Simple" tools are great, where folks get them en masse:
<https://search.f-droid.org/?q=simplemobile>

> If you do the same that puts you ahead of Apple iOS users, even with the
> strict standards of Apple (better/more strict than Google Play) to get
> on their app store they still allow plenty of apps that do track/have
> some kind of add/spyware vector on them.

I agree with you on almost everything you've said, if not everything.
It's not hard for logical sentient adults to agree on facts.
Facts are funny that way.

BTW, you know a lot more than most people about both iOS & Android.
Certainly you know a lot more than I do (which I appreciate).

If you can add value to any of the threads referenced below,
for the prior F-Droid section, that would be wonderful.

o NewPipe YouTube Red Clone
o Have you been able to get NewPipe freeware running yet on Windows?
<https://groups.google.com/d/msg/comp.mobile.android/rfyVKidB8X8/slOeDAEQAQAJ>

o FTP Server (free)
oTutorial to run any Windows command directly on Android over either USB or Wi-Fi
<https://groups.google.com/d/msg/comp.mobile.android/JrWLPRYO-TU/2gn6KqccBwAJ>

o OSMAnd~
o How to perform a free (super) accurate world address lookup & then seamlessly integrate into any offline free map routing app on iOS or Android
<https://groups.google.com/d/msg/comp.mobile.android/-MvKdMBMCpk/KvSUkTjXEAAJ>

o Simple Calendar
o Has anyone here ever set up a CalDAV server on Windows for use with Android CalDAV clients?
<https://groups.google.com/d/msg/comp.mobile.android/52iSsFUQinE/AflgVrHVEAAJ>

o Orbot/Orfox
o What is the free Tor Browser Bundle app functionality that is closest to the real thing?
<https://groups.google.com/d/msg/comp.mobile.android/idL4qo4W_Vk/VyGPKBgRAQAJ>

o Call Recorder
o Automatic call recorder freeware (best)
<https://groups.google.com/d/msg/comp.mobile.android/Tb8wf4fJu_A/wwENOd1NBQAJ>

o Open Camera
o What is a good TIMER photo app for Android?
<https://groups.google.com/d/msg/comp.mobile.android/9GPU430iHUg/QvBBYk9FCAAJ>

o QKSMS & SMS Scheduler
o Recommend a good texting app
<https://groups.google.com/d/msg/comp.mobile.android/6P-3Gk9R3w4/lhrBeWE5AAAJ>

o Contacts
o What free 0-advertisement phone/sms-mms/contact integrated app do you use?
<https://groups.google.com/d/msg/comp.mobile.android/lNSdkpyAxEQ/eivyFEpFAwAJ>

o OSM Tracker
o Tutorial for saving & viewing tracks on USGS topographic maps in real time on mobile devices
<https://groups.google.com/d/msg/comp.mobile.android/zNKD3jyeye4/njtP-yzoAgAJ>

I'm always looking for better F-Droid apps!

For example...
o Is there an free app that will change settings for /Pictures/Screenshots to the external SD Card?
<https://groups.google.com/d/msg/comp.mobile.android/pe4pB3oAZ0E/feou8QI_BwAJ>

[arlen holder]

By eliminating Google default apps, one by one, on Android at least,
one can perhaps increase privacy (if we eliminate the main Google apps).

For example, notice what this says about the Simple Mobile Tools "Contacts"
<https://www.wilderssecurity.com/threads/simple-mobile-tools.403110/>

"*The contacts app is interesting from a privacy point of view.*

There is a subtle but important difference between using it
and using the regular built in contacts. When you consider how many
apps require the contacts permission meaning any of them could
upload your entire contact list to anywhere.

*The Simple Contacts app stores the contact information in*
*protected phone storage which is only accessible by that Contacts App.*

So for example, if you open the phone dialer and click contacts,
it shows zero contacts because it can't see them.

So if you want to call someone you open the Simple Contacts app and
click on the contact you want to call. The Simple Contacts app sends
only the phone number to the dialer and no other information not even
the contact name.

Likewise an SMS messenger app cannot see the contact list
but if you click a contact to send a message it opens the default
messaging app with that Contacts phone number only."

The Simple Mobile Tools are open source on F-Droid.
o GitHub: <https://github.com/SimpleMobileTools>
o GitHub: <https://simplemobiletools.github.io/>
o F-Droid: <https://search.f-droid.org/?q=simplemobiletools>
o GooglePlay: <https://play.google.com/store/apps/dev?id=9070296388022589266>

[arlen holder]

On Thu, 17 Jan 2019 04:14:24 -0000 (UTC), arlen holder wrote:

> *The Simple Contacts app stores the contact information in*
> *protected phone storage which is only accessible by that Contacts App.*

See also this new privacy-related thread entailing Google's new policy:
o Changes to the SMS and Call Log access permissions
<https://groups.google.com/forum/#!topic/comp.mobile.android/Jcfl4MrBQ_A>

*Use of SMS or Call Log permission groups*

"If your app does not require access to Call Log or SMS permissions,
you must remove these permissions from your app's manifest.":

"You should only access Call Log or SMS permissions when your app falls
within permitted uses, and only to enable your app┬ core functionality. "

*I wonder how much of those new rules apply to Google apps on iOS?*
"Core functionality is defined as the main purpose of the app."

[arlen holder]

Wrap Up Question:
Does this summary appear to be balanced, basic, factual, & logical to you?
Q: *What is the factual truth about PRIVACY differences or similarities?*

Answer:
o *All consumer grade phones lack privacy* (e.g., from carrier leaks)
o *iOS, out of the box, is more private* than Android (default settings)
o *Android, when set up has far more privacy controls* (intelligent user)

In terms of Venn Diagram differences:
o iOS is more private than Android, *but only under default conditions*
o Android is more private than iOS, *but only in the hands of knowledge*

With respect to a Venn Diagram overlap:
o *Both iOS & Android lack privacy in different ways* (e.g., app setup)
o *Both iOS & Android lack privacy in similar ways* (e.g., carrier leaks)

Does that summary appear to be balanced, basic, factual, & logical to you?

[arlen holder]

FACTS:
While the privacy of iOS vs Android, in the end, is "about the same"...

In some cases...
*It's amazing how _not private_ iOS turns out to be, compared to Android.*
o What free unlimited bandwidth proxy-based browsers exist for Android & iOS?
<https://groups.google.com/d/msg/comp.mobile.android/Lf6xDJEiT_4/imaxRmVOAgAJ>

Facts.
The one biggest weakness of the Apple Apologists ... is fact.
o The Apple Apologists only know what MARKETING propaganda tells them.
o Apple Propaganda doesn't say this: <https://www.cyberscoop.com/tor-browser-android/>

Facts.
This, APPLE MARKETING PROPAGANDA, does _not_ tell the Apple Apologists!
o Tor Project releases first alpha of Android mobile browser
<https://www.zdnet.com/article/tor-project-releases-first-alpha-of-android-mobile-browser/>

It's supposed to be on both F-droid and Google Play but I couldn't find it
on F-Droid from my PC even though my Android phone had no problems
installing it:
<https://www.torproject.org/projects/torbrowser.html.en>
<https://play.google.com/store/apps/details?id=org.torproject.torbrowser_alpha>

Facts.
The Apple MARKETING machine never discusses such real-world privacy issues.
o Neither is more private in many ways (e.g., carrier leaks, google apps)
o iOS is decidedly more private than Android in the hands of nobs (change defaults)
o Android is far more private than iOS in intelligent hands (apps & settings)

In the end, the privacy is hard to compare, where the simplest answer is:
o The privacy of all consumer mobile devices is ... about the same.

And yet, time and again I can come up with ways iOS is _less_ private.

For example ... yet another of the many situations where iOS is _less_
private than Android is the real-world dilemma which is being discussed at
this very moment over here:
o Have You Been Pwned? Do you have a working cross-platform PASSWD database for Windows, Linux, Mac, iOS, & Android on your home LAN?
<https://groups.google.com/d/msg/alt.os.linux/YEfw5NblnRs/W_a_VKgVEQAJ>
o Tor Project releases first alpha of Android mobile browser
<https://groups.google.com/d/msg/comp.mobile.android/Tou3tArxzoE/y6XWtjS7BQAJ>

Here is the problem set:
1. You want to know if you've been pwned
2. This web site will test 773M instances <https://haveibeenpwned.com>
3. Yet, you don't want to give that web site more than one piece of data

If you use any other platform, other than iOS, you have a choice of
*sanctioned* (i.e., officially approved) open-source privacy-based
browsers, the most common of which is the Tor Browser Bundle.

*Android:*

o What is the free Tor Browser Bundle app functionality that is closest to the real thing?
<https://groups.google.com/d/msg/comp.mobile.android/idL4qo4W_Vk/VyGPKBgRAQAJ>

*iOS:*
o Anyone know why there isn't a Guardian-supported version of Tor for iOS yet?
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/_jPdomnPT0c/9Wob9YwKAwAJ>

Facts.
Neither iOS nor Android is "more private" since each is more private in
different ways, and, both are less private in the same ways.

[arlen holder]

Facts:

Apple has, yet again, *opened* privacy holes in iOS releases!

It's simply yet another indication that the privacy on both platforms is
"about the same", despite the Apple Propaganda which only left side of
mount stupid Dunning Kruger poster children actually believe.
<https://scanfoam.org/wp-content/uploads/2016/06/adpativeDKblog3.jpg>

The fact is that, yet again (for the umpteenth time), Apple has recently
shipped another untested diarrhea of iOS that opens up privacy wide open.
o facetime privacy bug
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/NFW7nz6FELw>

*How many times in just the past two years has this happened!*
o Apple users love to _feel_ safe from the sheer frequency of iOS releases
o But the proof of myriad privacy holes is utterly astounding
o Because, clearly, Apple doesn't sufficiently _test_ iOS releases

*Only the sheer _frequency_ of iOS matters to the consumer!*
o The consumer wants to _feel_ safe (not actually _be_ safe)
o So Apple gives them what they want, which is a diarrhea of iOS releases

It's _clear_ that Apple has _never_ sufficiently tested iOS releases
o Even the head of software engineering, Craig Federighi said so
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/rVACwh2fE5Y/CReSXKtYEwAJ>

Here is a post from the Apple newsgroups just moments ago
showing, yet again, Apple doesn't sufficiently test for privacy bugs in the
diarrhea that is iOS release schedules:

Update1: Apple has taken Group FaceTime offline in an attempt to address
the issue in the interim).
Update2: There is a second part to this which can expose video too!
"9to5Mac has reproduced the FaceTime bug with an iPhone X
calling an iPhone XR, but it is believed to affect any pair of iOS
devices running iOS 12.1 or later."
<https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/>

o Apple FaceTime bug lets you listen in on people you call,
o even if they haven't picked up their iPhone
<https://www.cnbc.com/2019/01/28/apple-facetime-bug-lets-you-listen-even-if-someone-doesnt-answer.html>
"A bug in FaceTime lets you listen in to the audio if you try to call
someone even if they don't pick up. You first video call someone
then try to add yourself to the group call."

o Major iPhone FaceTime bug lets you hear the audio of the person
o you are calling _before_ they pick up
<https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/>
"The bug lets you call anyone with FaceTime, and immediately hear
the audio coming from their phone before the person on the other end
has accepted or rejected the incoming call."

o Here's how to do the iPhone FaceTime bug:
o Start a FaceTime Video call with an iPhone contact.
o Whilst the call is dialing, swipe up from the bottom of the screen
o and tap Add Person.
o Add your own phone number in the Add Person screen.
o You will then start a group FaceTime call including yourself
o and the audio of the person you originally called,
o even if they haven't accepted the call yet.

o It will look like in the UI like the other person
o has joined the group chat,
o but on their actual device
o it will still be ringing on the lockscreen.
<https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/>

Without delving into Apologist Politics, it's just one more indication that
o Apple ships _untested_ releases where the sheer frequency is a "diarrhea"
o Privacy on all common consumer mobile platforms is "about the same"

It's understood that Apple Marketing Propaganda says otherwise,
but only Apple Apologists actually _believe_ in Apple make-believe.

*For actual facts on privacy, please see:*
o What is the factual truth about PRIVACY differences or similarities
between the Android & iOS mobile phone ecosystems?
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/MiZixhidmOs>

*And, for actual facts on what I call "a diarrhea of iOS releases", please see:*
o Lockscreen exploit easilfy found only hours after iOS 12.1 released (yet
again, Apple never tests anything in the real world)
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/N-hQKPDI4a0/4tfgLojLAAAJ>

*And, for facts about why Apologist Politics is what it is, please see:*
o Apple Apologist suffer from left-side dunning-kruger cognitive bias
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/MwtyT7BdxF4>

Facts.

[arlen holder]

FACTUAL UPDATE:

The problem is simple with respect to this yet again privacy flaw:
o Apple, yet again, proves they do not test releases in the real world
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/Z6xD4HaiyjE/Jr5yYrBUCAAJ>

Facts:
*Apple was decidedly & unambiguously informed on the 20th of January.*
o Apple, inexplicably, _sat on it for a week_ (according to the NY Times)!

A 14-year old found it on 19th January using Facetime in the real world.
o Apple Was Slow to Act on FaceTime Bug That Allows Spying on iPhones
<https://www.nytimes.com/2019/01/29/technology/facetime-glitch-apple.html>

*As usual, Apple PROPAGANDA is the antithesis of the actual facts.*
"The bug, and Apple's slow response to patching it, have renewed
concerns about the company's commitment to security,
even though it regularly ... boasts about the safety of its products."

The problem isn't, as Jolly Roger & nospam think, just "this" but.
o The problem is that if this bug slipped through, what else did?

"If these kinds of bugs are slipping through," said Patrick Wardle,
the co-founder of Digital Security, which focuses on Apple-related
security, "you have to wonder if there are other problematic bugs
that other hackers are exploiting that should have been caught."

Despite nospam & Jolly Roger intimating it's "no big deal", it is:

"The FacePalm bug is a particularly egregious case, researchers say,
not just because it was discovered by a teenager simply trying to use
his phone, but because it allowed full microphone and video access."

If a 14-year old kid found it, Apple Q&A _should+_ have tested for it
o Clearly, yet again, for the umpteenth time, proving Apple doesn't test

"This is a bug that Apple's Q&A should have caught," Mr. Wardle said.
"And where there's smoke, there's almost always fire."

The problem is simple, where _privacy_ is badly affected:
o Apple, yet again, proves they do not test releases in the real world
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/Z6xD4HaiyjE/Jr5yYrBUCAAJ>

[arlen holder]

On Tue, 15 Jan 2019 12:05:40 +1100, Rod Speed wrote:

> I didn't because they didn't even bother to spell out just
> what vulnerabilitys they were actually talking about.

Hi Rod Speed,

*The real problem is that Apple software isn't sufficiently tested*
o That problem _still_ exists - which makes privacy flaws inevitable

o Apple, yet again, proves they do not test releases in the real world
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/Z6xD4HaiyjE/Jr5yYrBUCAAJ>

If a 14 year old kid can find this bug, and since Apple sat on it for a
week after they were wholly unambiguously informed, what makes
you think that Apple has "solved" the problem of lack of testing?

As you're aware, I've often said the privacy & security flaws in _all_
consumer grade mobile phones is "about the same".

What's interesting is that APPLE PROPAGANDA says otherwise
o And yet, as always, the facts belie Apple's PROPGANDA

The only ones who _believe_ the Apple PROPGANDA, are the Apologists.

To wit, from The Atlantic:
<https://www.theatlantic.com/technology/archive/2019/01/apple-facetime-bug-you-cant-escape/581554/>

"It's also notable because the exposure, which is real, substantiates
...fears about the inherent untrustworthiness of computer hardware"

As we _proved_ in this thread below ...
o The privacy of Android or iOS is, in the end, "about the same".

Specifically:
o The defaults are better in iOS - but Apple never tests their releases
o A power user on Android has far more privacy than anyone on iOS
o Yet, bugs like this illustrate that mobile phones are inherently insecure

Like Joerg Lorenz, the Apologists _believe_ they have privacy
o But the facts are that they just don't

Nobody has it.
o Not on Android
o Not on iOS

Apple PROPAGANDA says otherwise - but the FACTS tell the truth.
o The diarrhea that is the Apple update process - relentlessly increases!

"And with every software update - arriving with increasing frequency
old problems vanish, but new ones also appear"

[arlen holder]

Yet another non-root password-stealing bug on Apple (Apple _never_ tests
products sufficiently - and doesn't even KNOW what this bug is yet!)

FACT:
*Yet again, Apple doesn't even do the _bare minimum_ of product testing!*

In yet another of extremely many and consistently repetitive examples that
Apple doesn't sufficiently test software for security & privacy
vulnerabilities, today this is reported by the The Register & by the BBC:

*Apple doesn't even _know_ this zero-day bug exists*!
o Where you basically own the Mac without even being root!

"The bloke who found a password-spaffing bug in macOS says
he won't divulge details on the flaw to Apple until the tech titan
agrees to properly compensate vulnerability researchers."

"Germany-based freelance bug-hunter Linus Henze says the
security weakness can be exploited by malware and other
dodgy apps running on a Mac to harvest passwords, private
keys, and tokens from the victim's keychain. Ideally, programs
shouldn't be able to snatch your Facebook or GitHub login
details, for example. Here's a video demonstrating the flaw
on the most recent version of macOS:"
<https://youtu.be/nYTBZ9iPqsU>

"In this video, I'll show you a zero-day exploit that allows me to
extract all your (local) keychain passwords on macOS Mojave, and
lower versions," Henze wrote in the vid description. "Without root or
administrator privileges, and without password prompts, of course."

"While the vulnerability has been checked and verified by noted
Mac security guru Patrick Wardle, after he obtained a copy of Henze's
exploit, details of the shortcoming are not publicly known ĄV not
even
to Apple."

Since the Apple Apologists deny all facts out of hand they don't like, see:
<https://www.theregister.co.uk/2019/02/07/mac_0day_disclosure/>
<https://www.bbc.com/news/technology-47169462>
etc.

This is oddly reminiscent of this bug of about a year or so ago,. which yet
again, time and again, proves Apple doesn't even do the most minimal of
testing for security or privacy since what matters to Apple isn't the
product but the IMAGE of the product (so, who needs testing until the shit
hits the fan?).

o Anyone can hack into MacOS High Sierra simply by typing "root"!
<https://www.wired.com/story/macos-high-sierra-hack-root/>

FACT:
*Yet again, Apple doesn't even do the _bare minimum_ of product testing!*

[arlen holder]

To open-minded adult comprehensive adults on this ng...

I'm going to try to follow badgolferman's astute advice in not responding
to the close-minded people and only appeal to open-minded adults
(if possible).

I will simply add adult FACTS & adult LOGIC to these threads, as needed.
o FACT + LOGIC <===> the open-minded comprehend both

FACT:
o It's abundantly clear that apps have been recording the users every
button press within the app unbeknownst to Apple.

LOGIC:
o Why didn't Apple know of this before approving the apps?

"Apple confirmed to the publication that its App Store Review
Guidelines prohibit this kind of activity without first gaining
proper consent from a user."
<https://www.theverge.com/2019/2/7/18216143/apple-iphone-ios-session-replay-screen-recording-crackdown>

FACT:
o Glassbox was used to monitor, record, and save user actions.

LOGIC:
o Why wasn't Apple able to confirm what TechCrunch clearly confirmed?

"The practice, known as session replaying, involves using a
third-party company, in this case analytics firm Glassbox,
to embed code in a mobile app that records user activity"

FACT:
o This is a security & privacy vulnerability

LOGIC:
o Why is Apple (yet again) clueless about protecting users' privacy?

"In one case, Air Canada┬ mobile app was even failing to mask
sensitive user data, and mobile expert App Analyst was able to
intercept that data using a pretty standard man-in-the-middle attack"

The honest open-minded question is very simple.

FACTS + LOGIC

FACTS:
o The fact is that Apple was wholly unaware of this spyware they approved.
o And yet, Apple screams on building walls they take privacy seriously.

LOGIC:
o Why does this huge privacy hole even exist?
o (Why doesn't Apple simply _test_ for such spyware before approval?)

[arlen holder]

This response below shows two things, from factual & logical posistions:

FACT:
1. Apple advertises PRIVACY like you can't imagine, and yet
2. Apple doesn't actually bother to TEST for privacy (this is a fact).

LOGIC:
1. It's more important that Apple APPEAR to be about privacy,
2. Than it is for Apple customers to actually achieve that advertised
privacy.

FACT:
It's similar to CPU numbers which get throttled where
1. It's more important for the CPU to be a certain speed on day 1
2. Where, only a year later, it's OK for it to be halved in speed.

LOGIC:
All that matters, to the consumer, is that it LOOKs good.
o Not that it actually IS good.


On Sat, 9 Feb 2019 20:03:08 +0000 (UTC), badgolferman wrote:

> I▌ not entirely sure Apple _can_ test every single bit of apps on their
> App Store. It would be prohibitive to the user in most cases.

Hi badgolferman,

<WARNING: Adult open-minded logical & factual discussion is below.>

First, I thank you for your advice about ignoring the closed-minded
individuals in favor of spending energy with open-minded ones.

I hope to use your advice moving forward.

In doing so, I will stick, as always to adult "facts" & "logic", where
facts are rarely in dispute with open-minded adult people, and where logic
is where the depth of an adult conversation lies, since people differ on
their interpretation of the future, and the past, based on any set of
facts.

(e.g., How many MacOS root flaws in a year is "too many")

An example of that is this case where Apple has a rule, but certain apps
purposefully flaunted that rule.

FACT:
o The facts are that the rule exists, and that the apps broke the rule, as
reported to Apple by TechCrunch.

o The logic is the harder part, which is the "why" they broke the rules,
and why Apple didn't _catch_ the break in the rules.

To your point that Apple can't catch _all_ the apps, while that may be
true, what does Techcrunch have by way of resources that Apple doesn't
have?

The logic tells me that Apple has way more vested interest, way more tools,
way more people, way more expertise, etc., than TechCrunch can _ever_ have.

Hence, while the facts are crystal clear, the logic is "up for grabs" by
adults who "can" easily differ.

If you ask me, the logic is crystal clear since I've studied Apple's
behavior for quite some time - but I do recognize the logic may be
different for other open-minded individuals - who either have different
data than I do - or who think differently.

In my point of view, I'd argue:
FACTS:
o The fact exists that Apple did NOT catch these privacy holes
o The fact appears to be that these privacy holes are _easy_ to catch

LOGIC:
o The logic is that TechCrunch had a vested interest in catching this
o The logic is that Apple did not attempt to catch these holes

Notice that I recognize that TechCrunch has a vested interest in making
news; but also notice that I assert the only way Apple didn't find these
security holes (just like with all the rest) is that Apple isn't even
LOOKING for them.

If we assume that to be a fact, we have a very troubling picture:
FACT: The security holes exist
LOGIC: They appear to be easily found
FACT: Apple didn't find them
LOGIC: That likely means Apple isn't even looking
FACT: TechCrunch, who can't possibly have Apple's resources, found them
LOGIC: If true, then that means Apple doesn't care to even LOOK for them

But wait...there's more (which is the troubling part):
FACT: Apple advertises like crazy that they care about protecting privacy
LOGIC: ....... ...... .... this is the problem ..... ,..... ....

Do you see the problem?
o It's a really big problem.

What Apple _says_ is not even close to what Apple _does_ is the only
possible logic that I can see.

Sure it can be a simple "mistake" but this isn't the first, second, third,
fourth, fifth, sixth, etc., time this has happend in just a couple of
years, so, it's a "pattern" and not an isolated mistake.

I think that an open-minded person only has two options:
LOGIC: Apple cares - but Apple sucks at testing for privacy, or,
LOGIC: Apple doesn't care - until it goes viral - and then Apple cares.

Either way, I can't think of any other option.
o Can you?

> I think they take it more seriously than other big name software companies
> such as Google and Facebook. They don┤ purposely install trackers or
> locators in their own software and when they discover one from an app
> provider they take care of it.

Hi badgolferman,

You bring up a good point containing facts & logic.
Being an open-minded adult, I completely comprehend your fact & logic.

I don't disagree in the least that Google spys and Apple doesn't.
Likewise with Facebook - who spies (but I don't use Facebook).

So if you had to _list_ them in order of who is worse for privacy,
clearly, any open-minded adult would rank them as follows:
1. Google is the worst for privacy
2. Facebook is likely a close second
3. Where Apple would be a very distant third.

We agree, I'm sure, since
o It's factual
o It's logical

We agree because we're open-minded adults.
o Open minded adults are funny that way.

HOWEVER ... I'm against "duplicity".
o The facts and logic of all my posts _prove_ that.

I can't stand duplicity
o You know I accuse the apologists of that all the time, right?

Let me repeat:
o I hate duplicitious entities.

You also know I care very much about my credibility, right?
o It's the OPPOSITE of duplicity.

Having said that, if I were to rank those same outfits for what they
ADVERTISE with respect to privacy, the order would be different.

1. Apple would come out, by far, as number 1, MARKETING PRIVACY.

This! Is where I fault Apple.
o Apple is all talk.

Just like Tim Cook said the trade in was "primarily" for the environment...
o Apple is all bullshit.
(Pardon my French.)

I'm against bullshit which is why you see me come down hard on people like
nospam, Alan Baker, Joerg Lorenz, Tim Streater, Alan Browne, et al.

They bullshit every second of every day of their lives.
o I've always wondered how they survive with all that bullshit

Me?
o I never bullshit.

So what I come down HARD on Apple for is their privacy bullshit.

FACT:
o It's clear that Apple ADVERTISES their privacy aspect

LOGIC:
o It's just as clear that Apple doesn't implement even the simplest of
tests for privacy leaks (check out the multiple mac root password flaws, as
just a set of common examples).

>
>> LOGIC:
>> o Why does this huge privacy hole even exist?
>

> Because some companies sneak it in their own software.

No no no...

The question is why doesn't Apple _test_ for this common trick?

FACT:
o The holes clearly exist & clearly Apple didn't find them.

LOGIC:
o Apple clearly doesn't test sufficiently for privacy.

FACT:
o Apple ADVERTISES LIKE CRAZY that they care about privacy.
LOGIC:
o Then why do all these privacy holes constantly exist?

>> o (Why doesn't Apple simply _test_ for such spyware before approval?)
>>
>

> My guess is that it┬ cost prohibitive, time prohibitive, and they have
> agreements in place with the app developers to not do such things.

Hi badgolferman,

Since you're an open-minded adult, I don't directly disagree that
FACT: These privacy holes exist & Apple doesn't catch them
LOGIC: It costs money for Apple to catch them (same as time)
LOGIC: It takes time for Apple to catch them (same as money)
LOGIC: They "trust" their app developers

However, there are _more_ logical arguments:
FACT: Apple advertises they CARE about PRIVACY like you can't believe
LOGIC: Apple spends LOTS OF MONEY advertising about privacy
LOGIC: Apple spends LOTS OF TIME advertising about privacy
LOGIC: Apple kicks out apps all the time that do things they don't want
them to do (like we proved long ago when they kicked out screen recording
apps before they had that native in the OS)

My argument is that I agree with you that privacy costs money.
(Time & money being essentially the same thing for this purpose.)

But do you acknowledge that my argument is that Apple ADVERTISES
privacy which, in and of itself, hands them a RESPONSIBILITY to actually
spend some of that money on testing for privacy flaws (instead of _only_ on
advertising)?

In short, do you have any agreement on my argument that:
o If Apple is going to ADVERTISE privacy, then...
o That means Apple has to at least attempt to DELIVER on privacy?

NOTE: This argument I make is both factual & logical, but it
will only resonate with open-minded individuals.

[arlen holder]

FACT + LOGIC:

Unfortunately, yet another of very many iOS privacy flaws was reported in
the Apple ngs this week:
o saved wifi networks, by badgolferman
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/OvnXLW8_1aA>

FACT:
Clearly Android does _not_ have this iOS Wi-Fi privacy flaw as shown here:
<https://groups.google.com/d/msg/misc.phone.mobile.iphone/OvnXLW8_1aA/oYv3Za8MBQAJ>

LOGIC:
What's interesting is that iOS users, with their huge number of privacy
flaws, are brainwashed by very effective Apple Marketing Propaganda,
to _think_ that the iOS ecosystem is, somehow (magically?) "more private".
o What is the most brilliant marketing move Apple ever made?
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/wW-fu0jsvAU>

FACT + LOGIC:
In the end, since the privacy flaws are different, and since many of the
privacy holes affect both platforms (e.g., carrier privacy flaws), the
privacy between the two mobile platforms is clearly, "about the same".

[nospam]

In article <q4p4h7$5ou$1...@news.mixmin.net>, arlen holder

<ar...@arlen.com> wrote:

> Unfortunately, yet another of very many iOS privacy flaws was reported in
> the Apple ngs this week:
> o saved wifi networks, by badgolferman
> <https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/OvnXLW8_1aA>

that is not a privacy flaw.

> FACT:
> Clearly Android does _not_ have this iOS Wi-Fi privacy flaw as shown here:
>
> <https://groups.google.com/d/msg/misc.phone.mobile.iphone/OvnXLW8_1aA/oYv3Za8M
> BQAJ>

it's not a privacy flaw and android works the same way as every wifi
device does.

[arlen holder]

On Fri, 22 Feb 2019 10:35:08 -0500, nospam wrote:

> it's not a privacy flaw and android works the same way as every wifi
> device does.

The Apple security flaws just get bigger & bigger the more we look at fact.
o Apple should spend some of that wonderful marketing - on actual security!

While nospam _loves_ to claim security is only about the strongest link,
o True security (not imaginary security) is all about the weakest link

To wit, actual facts...
o Yes. We know. Apologists like nospam _hate_ actual facts.

o Hackers are cracking the iPhone using stolen Apple prototypes
o "There's a gray market for ´dev-fused¡ iPhones"
<https://www.theverge.com/2019/3/7/18255509/apple-iphone-dev-fused-stolen-prototype-switchboard-hack-vulnerability>

"A cheap dev-fused iPhone X costs as little as $1,800 - which has already
been used to help develop the handheld Cellebrite machines used by law
enforcement agencies to break into iPhones"

"These stolen phones were the way security researchers were able to study
Apple's special Secure Enclave security coprocessor in 2017, potentially
exposing vulnerabilities in the chip explicitly designed to keep iPhones
secure"

As always, security is about the _weak_ links; not the strong links!
o *For only $1,800, you get complete & full access to the secure enclave!*

[arlen holder]

Another never-ending source of privacy holes are, of course,
any zero-day bugs, where a quick look today at the latest Apple
release notes for the latest iOS release showed that one guy
alone at Google Project Zero found as many bugs as did the
entire Apple company.

One guy alone, Samuel Gross, found 4 out of the 51 security holes
in the iOS 12 release where Apple only found 5 out of the 51 bugs,
*(i.e., Apple finds only about 1 out of 10 security holes in iOS!)*
which is a clear indication that Apple doesn't sufficiently test
iOS releases.

o 51 iOS 12.2 security vulnerabilities
<https://support.apple.com/kb/HT209599>

o CVE-2019-6201: Found by dwfault working with ADLab of Venustech
o CVE-2019-6204: Found by Ryan Pickren (ryanpickren.com)
o CVE-2019-6207: Found by Weibo Wang of Qihoo 360 Nirvan Team
o CVE-2019-6222: Found by Denis Markov of Resonance Software
o CVE-2019-6237: Found by an anonymous researcher
o CVE-2019-7284: Found by Damian Poddebniak of Munster University
o CVE-2019-7285: Found by dwfault working at ADLab of Venustech
o CVE-2019-7292: Found by Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team
o CVE-2019-7293: Found by Ned Williamson of Google
o CVE-2019-8502: Found by Luke Deshotels, et al., of NCSU
o CVE-2019-8503: Found by Linus Sarud of Detectify
o CVE-2019-8504: Found by an anonymous researcher
o CVE-2019-8505: Found by Ryan Pickren (ryanpickren.com)
o CVE-2019-8506: Found by Samuel Gross of Google Project Zero
o CVE-2019-8510: Found by Stefan Esser of Antid0te UG
o CVE-2019-8511: Found by an anonymous researcher
o CVE-2019-8512: Found by an anonymous researcher
o CVE-2019-8514: Found by Samuel Gross of Google Project Zero
o CVE-2019-8515: Found by James Lee (@Windowsrcer)
o CVE-2019-8516: Found by SWIPS Team of Frifee Inc.
o CVE-2019-8517: Found by Trend Micro Zero Day Initiative
o CVE-2019-8518: Found by Samuel Gross of Google Project Zero
o CVE-2019-8521: Found by CodeColorist of Ant-Financial LightYear Labs
o CVE-2019-8523: Found by *Apple*
o CVE-2019-8524: Found by Trend Micro Zero Day Initiative
o CVE-2019-8527: Found by Ned Williamson of Google and derrek (@derrekr6)
o CVE-2019-8529: Found by Juwei Lin (@panicaII) of Trend Micro
o CVE-2019-8530: Found by CodeColorist of Ant-Financial LightYear Labs
o CVE-2019-8535: Found by Zhiyang Zeng (@Wester) of Tencent Blade Team
o CVE-2019-8536: Found by *Apple*
o CVE-2019-8540: Found by Weibo Wang (@ma1fan) of Qihoo 360 Nirvan Team
o CVE-2019-8541: Found by Stan Zhang et al., University of Cambridge
o CVE-2019-8542: Found by an anonymous researcher
o CVE-2019-8542: Found by an anonymous researcher
o CVE-2019-8544: Found by an anonymous researcher
o CVE-2019-8545: Found by Adam Donenfeld of the Zimperium zLabs Team
o CVE-2019-8546: Found by ChiYuan Chang
o CVE-2019-8549: Found by Mohamed Ghannam SSD Secure Disclosure
o CVE-2019-8550: Found by Lauren Guzniczak of Keystone Academy
o CVE-2019-8551: Found by Ryan Pickren (ryanpickren.com)
o CVE-2019-8552: Found by Mohamed Ghannam (@_simo36)
o CVE-2019-8553: Found by an anonymous researcher
o CVE-2019-8554: Found by an anonymous researcher
o CVE-2019-8556: Found by *Apple*
o CVE-2019-8558: Found by Samuel Gross of Google Project Zero
o CVE-2019-8559: Found by *Apple*
o CVE-2019-8562: Found by Wen Xu of SSLab at Georgia Tech
o CVE-2019-8563: Found by *Apple*
o CVE-2019-8565: Found by CodeColorist of Ant-Financial LightYear Labs
o CVE-2019-8566: Found by an anonymous researcher
o CVE-2019-8567: Found by David Kreitschmann et al., Darmstadt

Here is a description from Apple of the impact of the above bugs.

Impact: A device may be passively tracked by its WiFi MAC address
Impact: A local user may be able to cause unexpected system termination or read kernel memory
Impact: A local user may be able to read kernel memory
Impact: A local user may be able to read kernel memory
Impact: A local user may be able to view sensitive user information
Impact: A malicious app may be able to track users between installs
Impact: A malicious application may be able to access the microphone without indication to the user
Impact: A malicious application may be able to determine kernel memory layout
Impact: A malicious application may be able to determine kernel memory layout
Impact: A malicious application may be able to elevate privileges
Impact: A malicious application may be able to elevate privileges
Impact: A malicious application may be able to elevate privileges
Impact: A malicious application may be able to elevate privileges
Impact: A malicious application may be able to execute arbitrary code with system privileges
Impact: A malicious application may be able to gain root privileges
Impact: A malicious application may be able to initiate a Dictation request without user authorization
Impact: A malicious application may be able to overwrite arbitrary files
Impact: A malicious application may be able to overwrite arbitrary files
Impact: A malicious website may be able to execute scripts in the context of another website
Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Impact: A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure
Impact: A user's video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing
Impact: A website may be able to access sensor information without user consent
Impact: A website may be able to access the microphone without the microphone use indicator being shown
Impact: An application may be able to execute arbitrary code with kernel privileges
Impact: An application may be able to gain elevated privileges
Impact: Clicking a malicious SMS link may lead to arbitrary code execution
Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting
Impact: Processing a maliciously crafted file might disclose user information
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Impact: Processing a maliciously crafted mail message may lead to S/MIME signature spoofing
Impact: Processing a maliciously crafted string may lead to a denial of service
Impact: Processing maliciously crafted web content may disclose sensitive user information
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Impact: Processing maliciously crafted web content may lead to universal cross site scripting
Impact: Processing maliciously crafted web content may result in the disclosure of process memory

[arlen holder]

Yet more proof today that neither platform has _any_ privacy, let alone the
Apple platform, whose microphones, messages, and facetime apps have so many
holes in them that you can drive a bus through iOS.

There is a lot of proof that Apple finds only 1 out of 10 security bugs in
their software in this thread today:
o iOS v12.2 is out now! (by Ant)
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/v3y5ih7ReCE>

Where just one guy (Samuel Gross) at Google Project Zero found almost as
many bugs (only 1 less) than did _all_ of Apple, which is a pretty damning
statement on Apple's supreme lack of any reasonable level of QA when one
guy outdoes the _entire_ company on finding bugs.

*The number of huge such holes in iOS is literally shocking!*

And that's not me using that word ... it's in this report published today!
"*Those are just a few of the most shocking [iOS] security flaws*"
<https://www.cnn.com/2019/03/26/tech/ios-12-2-security/index.html>

Specifically, what seems to have happened is that Apple, finally, for the
first time seemingly, has looked at Facetime, and found security hole after
security hole after security hole after security hole.

And it's not just Facetime, but even shocking flaws in the microphone!
"Perhaps the most notable fix: Apple patched a flaw that could allow
malicious applications to access the microphone on your iPhone
and record you and those around you. "

That article goes on to remind us that:
"But that's just one of the vulnerabilities..."

Where, there's more privacy & security holes Apple only found by putting
eyes on Facetime, seemingly for the first time, where Apple fixed
o a problem with the FaceTime app that prevented video chats from pausing
o a loophole that allowed users to access sensitive information in the
Messages app and websites visited
o see information from their phone's light and motion sensors
etc.

All perhaps simply because a mother went viral on the Internet
o Apple may not care about testing, but they care very much about IMAGE!

[arlen holder]

Yet another fact (of so many I can't count them) where Android is far more
private than iOS is described in this reference, interestingly, from nospam
himself, from earlier today.

o Why [Android is] open-source?
<https://www.androidpolice.com/2018/04/29/like-using-open-source-software-android/>
"Free and open source software (FOSS) has a number of advantages, but to
users, *the main benefit is privacy*. All the code is out in the open, so
anyone with programming knowledge can go through it and see exactly what an
app is doing. Proprietary apps can sometimes feel like black boxes, where
you don't really know what's going on behind the scenes. That's almost
never the case with FOSS."

Bear in mind, AFAIK, _all_ the apps on F-Droid, for example, are FOSS, and
more importantly, the basic Android operating system is FOSS.

Yet another of many ways where Android is far more private than iOS.

NOTE: In the end, the privacy is about the same, but the point is that
privacy is a lot of things, some which favor Android, others favor iOS, and
some don't favor either.

Those with imaginary belief systems (hint: Many iOS users), _think_ that
iOS is somehow (magically?) more private, simply because they believe Apple
Marketing Propaganda.

The Apple iOS imaginary belief system on privacy is like thinking Fords
instantly attained quality simply because Ford all of a sudden started
advertising "Quality is Job One".

[arlen holder]

Below is yet another, of so many I can't count them, facts showing that iOS
is _less_ private than many people _think_ it is.

IMHO, those who actually _believe_ iOS is somehow (magically?) more private
than Android, will need to come up with facts that overcome this clear
indication that, yet again, some Android apps have plenty of privacy
advantages over _all_ similar iOS apps,.

o Woo hoo! As of March 27th 2019,the mobile version of the Opera browser finally has VPN support
<https://groups.google.com/forum/#!topic/comp.mobile.android/xjmuehWXOjs>

Here is that post, in its entirety.

UPDATE:
Woo hoo! As of March 27th 2019,the mobile version of the Opera browser
finally has VPN support!

This doubles_ the number of free IP-privacy browsers available to
Android users (where Opera VPN was already available on Windows & Linux).

This thread is about freeware IP-anonymity based privacy browsers.
o All browsers below were tested on the platforms that I personally own

Where my summary for free privacy-based proxy/vpn browsers is...
o Windows is has ~3-1/2 solutions
o Linux has ~3 good solutions
o Android has ~2 good solutions
o iOS has ~1/2 of a solution

If you think this summary, which is based on my tests, is in error,
simply explain what your tests showed on those four platforms
with the four IP-privacy (anonymity based) browsers below.

I've been using IP-privacy based browsers on Linux, Windows, & Android for
years, where what's new is that Opera VPN is now available on Android!

This is new as of March 27th 2019 (for IP privacy & anonymity browsing):
o The Android mobile version of the freeware Opera browser
o Finally has (what Opera calls) VPN support
NOTE to VPN-keyword-trolls: It's Opera who uses that TLA, not me.

*This adds even more free web-based IP & anonymity privacy*
o To the great IP & anonymity privacy browsing already existing!

On all platforms, I suggest you *set only a "privacy" browser as the "default"*
o That way all browsing never trace back to your real IP address

What _default_ browser never traces back to your IP address?

*The 1st platform for privacy browsers seems to be Windows*, which has:
o Tor Browser Bundle (official strong TOR implementation)
o Opera VPN-enabled browser (automatic proxy/vpn-based browsing)
o Epic privacy browser (automatic proxy/vpn-based browsing)
o Brave Tor-enabled Privacy Browser (weak TOR implementation?)

*The 2nd platform for privacy browsers seems to be Linux*, which has:
o Tor Browser Bundle (official strong TOR implementation)
o Opera VPN-enabled browser (automatically uses a VPN service)
o No Epic proxy based implementation
o Brave Tor-enabled Privacy Browser (weak TOR implementation?)

*The 3rd platform for privacy browsers always seems to be Android*, which has:
o Tor Browser for Android (official strong tor implementation - supercedes orfox/orbot)
o Opera VPN-enabled browser (automatically uses a VPN service)
o No Epic proxy based implementation
o No Brave tor-based implementation

*The worst platform for privacy is iOS (which sorely lacks IP privacy browsing)*
o The best is Onion Browser by Mike Tigas (1-man weak TOR implementation?)
o No Opera vpn-based implementation
o No Epic proxy based implementation
o No Brave tor-based implementation
NOTE: iOS does NOT have an official tor browser implementation.
[Most of the apps that "say" TOR, are literally hokey 'toys', IMHO]
If it's not the official TOR browser, it's extremely unlikely to be secure, IMHO.

Note: This thread is only about freeware anonymity based privacy browsers.
o On the platforms that I own and tested using all the browsers above.

NOTE: I own all the platforms above and tested all the browsers above on
those platforms; Mac users can comment on what IP-privacy based freeware
browsers exist on the Mac.

[arlen holder]

On Sat, 30 Mar 2019 04:29:05 -0000 (UTC), arlen holder wrote:

> IMHO, those who actually _believe_ iOS is somehow (magically?) more private
> than Android, will need to come up with facts that overcome this clear
> indication that, yet again, some Android apps have plenty of privacy
> advantages over _all_ similar iOS apps,.

FACTS:
o This is a summary of those FACTS on yet another lack of privacy, on iOS:

*Android*:

o Tor Browser for Android (official strong tor implementation - supercedes orfox/orbot)

<https://play.google.com/store/apps/details?id=org.torproject.torbrowser_alpha>

o Opera VPN-enabled browser (automatically uses a VPN service)

<https://play.google.com/store/apps/details?id=com.opera.browser>
o _No Epic proxy based implementation_
o _No Brave tor-based implementation_

*iOS*
o _No official Tor-based implementation_
o _No Opera vpn-based implementation_
o _No Epic proxy based implementation_
o _No Brave tor-based implementation_

NOTE: iOS does NOT have an official tor browser implementation.

o The best is Onion Browser by Mike Tigas (1-man weak TOR implementation?)

<https://itunes.apple.com/us/app/onion-browser/id519296448>

[arlen holder]

While I'm not saying either Android or iOS is actually private, what I am
saying is that both have huge privacy holes that you can drive a bus
through, where the only difference is that those privacy holes are in
different places on each platform.

For example, on an unrooted Android phone, you can plug it into a USB port
of any desktop to run the free "adb" (android debugger) utility to access
(apparently)_all_ the system files, where I've personally used it to access
the "hosts" file so I know that it works on my LG Stylo 3 Plus, Nougat 7.0.
<https://www.modmy.com/how-modify-hosts-file-your-android-device>

Similarly, it's even easier to access the entire system-protected syslog of
the iOS device by simply plugging it into Ubuntu and running a couple of
commands.

The point is it's easy to find _many_ privacy holes in _both_ platforms.
o Those who think one or the other is actually private...
o Are those who own and maintain completely imaginary belief systems

HINT: It's marketing's job to create & foster imaginary belief systems
o Where susceptible individuals who can't think for themselves eat it up

While Android is not private, neither is iOS.

[nospam]

In article <q7oq7h$fsv$1...@news.mixmin.net>, arlen holder

<ar...@arlen.com> wrote:

> For example, on an unrooted Android phone, you can plug it into a USB port
> of any desktop to run the free "adb" (android debugger) utility to access
> (apparently)_all_ the system files,

something which is *impossible* on an ios device unless it's unlocked.

[arlen holder]

On Sat, 30 Mar 2019 18:56:44 -0400, nospam wrote:

>> For example, on an unrooted Android phone, you can plug it into a USB port
>> of any desktop to run the free "adb" (android debugger) utility to access
>> (apparently)_all_ the system files,
>
> something which is *impossible* on an ios device unless it's unlocked.

Hi nospam,

FACT & LOGIC

The fact is that both privacy & security are a thousand things
o Where you _love_ to cherry pick but where I look at the overall picture

The big picture:
o Privacy on both platforms is about the same

*What's different is that Apple MARKETING markets _imaginary_ privacy!*

You're going to see this marketing of imaginary privacy in spades
o Just watch - Apple is spending MILLIONS on advertising imaginary functionality
o (just like Ford did on "Quality")

Witness this response, just moments ago, to a thread from badgolferman:
o iphone privacy
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/e-Cpw0r72U8>

On Mon, 1 Apr 2019 00:39:06 -0000 (UTC), badgolferman wrote:

> Today I saw a commercial on TV that equated iPhone with privacy.
> Some of you have probably seen it.
>
> This evening I left the house around 7:10pm to
> go somewhere I usually go to on Sunday nights. When I started my car a Siri
> notification appeared on my phone telling me how long and how far my
> destination would be. The thing is Iĸve never put this in my Calendar or
> have any emails about it, but it seems my Apple iPhone has been watching
> where I go on Sundays and suddenly īhelpedĄ me by telling me where to go. I
> donĸt even use Maps but somehow it knew.
>
> Frankly I was alarmed and didnĸt appreciate it.

Hi badgolferman,

<THIS IS AN ADULT TOPIC - WHICH MEANS IT CONTAINS LOGIC BASED ON FACT>)

On just the topic of that commercial...

Since we're adults, I can discuss the future with you (which can't be done
with apologists who spend all their time disputing well-known facts).

The fact is Apple is _clearly_ spending MILLIONS of dollars on hyping this
imaginary "privacy", and that you're just beginning to see what will be
coming out of Apple during the entire time that the very real 5G is being
hyped by Android manufacturers.

As an adult, I'm associating the two topics (since I believe Apple is too)
o Android will by hyping the actual 5G performance over iPhones
o Apple will be hyping the imaginary privacy of the iPhone

Why?
o Why privacy?
o Why now?

What I _think_ is happening, using a logical thought process, is that Apple
Marketing (admittedly, one of the best in the world), _knows_ that the
iPhone isn't any more private than any other phone - but - they also just
as well know that their customer does NOT know that.

*Most mobile phone users don't realize the privacy is the same on both.*
o The average customer is, IMHO, so stupid they don't comprehend facts

What Apple MARKETING is doing, IMHO, is heading off Android at the pass
o Apple is, I believe, combating the very real performance against their
hyped up imaginary privacy

Since the privacy claims by Apple will be purely imaginary, their customer
will eat it up, because the customer desperately wants to _feel_ safe.

What most customers (and, apparently apologists) don't even realize
o Is that privacy is a thousand things
o Some of which iOS does far better than Android, but,
o Some of which Android does far (far) better than iOS, and,
o Some of which _both_ suck at.

Notice how this is a MARKETING DREAM!
o You have a customer is a perfect fit for absorbing propaganda
o You have clearly some things which are more private
o The many things that are not, nobody needs to know about in the ads!

So you will see _accurate_ ads about some of the thousand things that
affect privacy, that iOS is better at.

But what you won't see in the Apple ads
o Is that the privacy between Android & Apple is no different overall

Why now?
o I believe Apple knows 5G will be a killer in terms of egg on their face

So what Apple is doing is making the (dumb) customer say to himself:
o Hmmm... Android has better performance ... but at least I have privacy.

HINT: Just mark my words and watch what happens moving forward.

[arlen holder]

Yet again, iOS fails in basic privacy that Android (and all other operating
systems have, for free).

FACTS are all that matter
o Apple touts _imaginary_ privacy

But when you _try_ to obtain privacy
o Calendar privacy is on _all_ other platforms, _except_ iOS!

On iOS, the privacy that Apple touts is whimsically imaginary
o See facts below showing yet again, where Android is more private than iOS

NOTE: I only speak facts
o In some cases, iOS is far more private than Android
o Yet, in _many_ cases, Android is far (far) more private than iOS
o And in plenty of cases, neither is private

Hence, the privacy can only logically be said to be "about the same".

What MARKETING does, is cherry pick where they're private
o Where Marketing IGNORES where they are not private

And the user base _eats_ that imaginary privacy stuff up
o The user base _desperately_ wants to _feel_ safe

That's _all_ they seem to care about
o They pay through the nose for the _illusion_ of privacy.

See facts below.

On Tue, 2 Apr 2019 10:15:01 -0600, Neil Turkenkopf wrote:

> Hi folks!
> I've been following this thread with interest because I've also been
> searching for a program like this for quite a while. I already use
> "Rainlendar" and it faithfully played an hourly chime for me - until a
> Windows Update UNinstalled my Realtek sound program without warning.
> (Strangely enough, I can still hear this sound play, but *only* when using
> Bluetooth headphones!) Anyway, a BIG public "Thank You!" to Arlen Holder for
> this great tip - it works great and I have my sound again!! :-D
>
> Neil ━D

Hi Neil Turkenkopf,

Regarding...
o Does a clock app exist that has ClocX functionality, but digital output?
<https://groups.google.com/forum/#!topic/alt.comp.freeware/hb7rIwIL6SI>

Thanks to GlowingBlueMist, we have good solutions for an external clock:
o DSclock (digital) <https://www.dualitysoft.com/dsclock/index.html>
o ClocX (analog) <http://www.clocx.net/>
where some people also use a clock that replaces the system tray clock
o T-clock (system) <https://github.com/White-Tiger/T-Clock/releases>

It's strange you mention Rainlendar, because the _only_ problem I have is
that Rainlendar uses the _system_ clock, and not its own time-zoned clock.

That's too bad because my scripts randomly run tzutil.exe to rotate the
system time zone, which affects nothing adversely, EXCEPT Rainlendar.

It would be nice if Rainlendar used its own TimeZone just like ClocX and
DSClock do.

The main reason I'm using Rainlendar is that I have a privacy-based local
calendar solution that doesn't require the Internet.
o I view & modify the desktop calendar using Rainlendar lite freeware
o I view & modify the Android calendar using SimpleMobileTools
o On iOS, unfortunately, this basic functionality doesn't appear to exist

What's beautiful about this method is...
o There is zero need to put your calendar on "the cloud"
o You simply import/export text "ics" icalendar format files
o The Windows/Linux/Android calendar programs easily "merge'
o So you can edit the iCal file on _any_ platform (but iOS)

*Linux* non-cloud privacy-based local LAN calendar solution:
o <https://www.rainlendar.net/cms/index.php?option=com_rny_download>

*Windows* non-cloud privacy-based local LAN calendar solution:
o <https://www.rainlendar.net/cms/index.php?option=com_rny_download>

*MacOS* non-cloud privacy-based local LAN calendar solution:
o <https://www.rainlendar.net/cms/index.php?option=com_rny_download>

*Android* non-cloud privacy-based local LAN calendar solution:
o <https://play.google.com/store/apps/details?id=com.simplemobiletools.calendar.pro>

*iOS* non-cloud privacy-based local LAN calendar solution:
o iOS appears to completely lack this basic privacy-based functionality

[Arlen G. Holder]

On Mon, 14 Jan 2019 03:29:37 -0000 (UTC), arlen holder wrote:

> o What is the factual truth about PRIVACY differences or similarities
> between the Android & iOS mobile phone ecosystems?

Bear in mind that you can't get privacy using YouTube on iOS.
o Worse, there are zero private YouTube replacement clients

Luckily, on Android, you _can_ (easily) get privacy.
o Google _breaks_ it periodically - but they keep fixing it.

Here's a thread, just now, on how to get privacy on Android
<https://groups.google.com/forum/#!topic/alt.comp.freeware/uQqjNUSpsY8>

*This type of privacy & functionality is impossible on iOS*

Yet again proving, privacy is a zillion things
o Where Apple cherry picks only what they can do

But where _both_ platforms don't have acceptable privacy.
o Apple users simple believe in wholly imaginary privacy

Because Apple marketing resonates with them.
O They want to _feel_ safe - without actually being safe.

Here is a snippet of the privacy & functionality NOT available on iOS:

o NewPipe provide a private history that YouTube Red doesn't have:
<http://www.bild.me/bild.php?file=7029818newpipe01.jpg>

o NewPipe plays any YouTube video without ever seeing a single advertisement:
<http://www.bild.me/bild.php?file=6402065newpipe02.jpg>

o NewPipe has _more_ functionality than YouTube - but with privacy & no ads:
<http://www.bild.me/bild.php?file=7343245newpipe03.jpg>

o Everyone who cares about privacy should use NewPipe, not YouTube (IMHO):
<https://i.postimg.cc/fyxb5CpQ/newpipe04.jpg>

Periodically, Google changes their public API such that NewPipe breaks
temporarily, until NewPipe developers modify the open source code (which
Google is obviously extremely well aware of as it's all legal & public
despite nospam's claims, essentially, that the only reasons iOS can't
provide privacy is because Google won't let iOS users have privacy).

o Testing, I was able to watch, download, strip audio, etc., on YouTube again:
<https://i.postimg.cc/kXpHfCN9/newpipe09.jpg>

In short, privacy is a zillion things:
o Android is _far_ (far) more private than iOS in many ways
o While iOS is more private than Android in some ways also.

And yet, anyone who actually believes Apple MARKETING bullshit on privacy
o Is, IMHO, a fool.

Or, an apologists
o Same thing.

I speak facts and then make rational deductions based on those facts.

[Arlen G. Holder]

This post from an average iOS user today, shows exactly how the
strange brain of people owning completely imaginary belief systems,
actually works.
o Flashlight app
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/JtdaBVZblww>

And Jolly Roger wasn't the only one who posted his imaginary beliefs as such.

The terrifying fact is that these average iOS users actually _believe_ what they write.
o Here's my response below regarding massive privacy leaks on iOS.

On 10 May 2019 15:14:29 GMT, Jolly Roger wrote:

> You're thinking of Android. Apple doesn't play that shit.

Hi Jolly Roger,

It's terrifying to realize you actually _believe_ what you write.
o However terrifying it is - it's likely how the average iOS user thinks

Hence, the reason I love when you post, Jolly Roger, is that you clearly
own the mind of the average iOS user, where your imaginary belief system is
likely the same as the imaginary belief system of most average iOS users.

As such, what you say helps the rest of us understand how the average iOS
user actually thinks, and therefore I _read_ everything you post, in order
to gain information about how the strange mind of the average iOS user
actually works.

You won't believe facts, but the fact is that iOS has had malware too.
o *Apple App Store Security Bypassed By Government iOS Surveillance Malware*
<https://www.forbes.com/sites/daveywinder/2019/04/09/apple-app-store-security-bypassed-by-government-ios-surveillance-malware-what-you-need-to-know/>

o iOS malware, XcodeGhost, infects millions of Apple Store customers
<https://us.norton.com/internetsecurity-emerging-threats-ios-malware-xcodeghost-infects-millions-of-apple-store-customers.html>

o 'EXODUS' SPYWARE POSED AS A LEGIT IOS APP
<https://www.wired.com/story/exodus-spyware-ios/>

o This illicit iPhone app store has been hiding in plain sight
<https://www.theverge.com/2019/2/20/18232140/apple-tutuapp-piracy-ios-apps-developer-enterprise-program-misuse>

o 14 iPhone apps found communicating with malware server
<https://www.cultofmac.com/599080/14-iphone-apps-found-communicating-with-malware-server/>

o A powerful spyware app now targets iPhone owners
<https://techcrunch.com/2019/04/08/iphone-spyware-certificate/>
etc.

And it's not just iOS, it's the Mac also:
o More malicious apps found in Mac App Store that are stealing user data
<https://appleinsider.com/articles/18/09/07/more-malicious-apps-found-in-mac-app-store-that-are-stealing-user-data>

Given that these are facts, the fact you can't process those facts
correctly, is terrifying, given we consider the workings of your strange
brain to be the epitome of how the average iOS user's brain works.

[Arlen G. Holder]

On Mon, 13 May 2019 17:07:32 -0700, Savageduck wrote:

> Yup! downloaded, installed, & used.

Hi Savageduck,

*Too bad you have _no privacy_ on iOS when using YouTube*
o Plus, you are forced to constantly see in-line advertisements

On Android, you'd have privacy that isn't available on iOS
o And, you'd _never_ even once see any inline advertisements whatsoever!

It's a fact that you just can't get this kind of privacy on iOS:
o https://newpipe.schabi.org/

The fact is, anyone who actually believes that iOS has privacy
o Likely also believes in Santa Claus, the Easter Bunny, & the Tooth Fairy.

Apple advertises _imaginary privacy_ on iOS
o Where the facts shows that the privacy is "about the same" with Android

Some things, are _much_ more private on Android than on iOS
o Such as Google Maps or Google Youtube or Google Play app downloads

While other things are much more private on iOS

In the end, anyone who says that either one is more private
o Clearly owns an imaginary belief system

It's one more reason why I say that the typical apologist
o Just wants to _feel_ safe - without actually being safe.

And Apple is very happy to MARKETING that _feeling_ of safety
o Without actually providing it, in fact.

[Arlen G. Holder]

As always, privacy on either iOS or Android phones, is a mere illusion.

"A vulnerability in Facebook's WhatsApp messaging app enabled attackers to
spread surveillance software to iPhones and Android smartphones with just a
phone call"

"The malicious software was developed by NSO Group, according to the
Financial Times, a controversial security firm that develops a product
called Pegasus that can activate a device's camera and microphone and scrub
through emails. The company markets its product toward governments and
intelligence agencies."
<https://www.businessinsider.com/whatsapp-spyware-hack-what-to-do-if-you-think-your-phone-was-affected-2019-5>

"The hack is reportedly as simple as receiving a WhatsApp phone call, even
if you don't pick up the call. A record of the call can even be remotely
erased, the report says."

"The spy software enables remote access to your phone's most private
information, from text messages to call logs to location data."

"Pegasus can infect a targeted phone in two ways, through SMS text
messaging. Its "zero-click" vector allows an attacker to send a special SMS
message to a target that causes the phone to automatically load a malicious
link, while its "one-click" vector requires a user to click a link to
infect their device, which happens in the background without a user ever
knowing.

Once the device is infected, spies can actively record with its microphone
or video camera, grab personal data like calendars, contacts, and
passwords, or download all the data on the device, to include emails,
photos, and browsing history.

"We're a complete ghost," Lavie told Defense News in 2013. "We're totally
transparent to the target, and we leave no traces."

<https://www.businessinsider.com/whatsapp-hack-who-is-nso-group-spy-firm-behind-attack-2019-5>

[Arlen G. Holder]

On Tue, 14 May 2019 18:00:20 -0500, B...@Onramp.net wrote:

> Which is pretty hard to do. Best to go to their site and stop as much
> spying as possible. Google is without a doubt THE most useful app I
> have.

Google Maps is clearly a best-in-class app, where, on Android, you can
anonymously look up addresses - but not on iOS.
o *iOS just doesn't have that kind of privacy from Google that Android has*

The Google App store is clearly on par with the Apple App store, where you
can anonymously download any app you want off the Google App store without
ever even having a Google login.
o *iOS just doesn't have that kind of privacy from Google that Android has*

Almost every Android app can be "zipped up", after the fact, even system
apps, where you can provide that app (if it's a free app) to anyone you
want any way you want anywhere in the world - where Google doesn't know
_where_ you got the app from or who you are when you're using that app.
o *iOS just doesn't have that kind of privacy from Google that Android has*

The YouTube app is clearly a best-in-class app where, on Android, you can
do _everything_ that the YouTube app does, including subscribing to
channels, history, downloading videos, stripping videos, (all sans any
inline advertisements mind you), etc., all without ever even having a
Google account so Google has no idea of what you're watching & subscribing
to.
o *iOS just doesn't have that kind of privacy from Google that Android has*

On iOS, not only are you _forced_ to have an "Advertiser ID", but you're
also forced to have an iCloud account, and, in addition, you're forced to
have that account associated with all your apps, even free ones. On
Android, none of those privacy leaking situations are forced upon you.
o *iOS just doesn't have that kind of privacy from Google that Android has*

[Arlen G. Holder]

I didn't spend a lot of time clarifying this, but it appears, at least on
first sight, to be yet another of umpteen reputed case of iPhone users
lacking privacy that is apparently on all other platforms is described here
today:
o Google keeps a log of all your electronic parts, brakes, tools, and automotive tires digital receipts emailed to your GMail account.
<https://groups.google.com/forum/#!topic/alt.home.repair/V3kuohx1vf8>

Specifically this post:
<https://groups.google.com/d/msg/alt.home.repair/V3kuohx1vf8/A5p5nuQjAQAJ>

Here's the reference:
o DECEMBER 9, 2013 What You Need To Know About Image Caching In Gmail
<https://litmus.com/blog/gmail-adds-image-caching-what-you-need-to-know>

Here's the quote related to iOS users:
"Google's image caching only affects users accessing their email through
the web interface and the mobile Gmail app. People that use desktop and
non-Gmail mobile apps to access their Gmail accounts will still download
images from the original server, not Google's proxy servers. The same goes
for image blocking: Gmail users reading mail on an iPhone or iPad likely
didn't have images disabled to begin with, although folks logging into
gmail.com will now see images automatically unless they take action to
re-enable image blocking."

If you know more about this apparent lack of privacy, let us know.

[Arlen G. Holder]

I was answering a question about GPS mapping in this thread on the home
repair newsgroup today when I realized YET ANOTHER privacy difference
between iOS and Android is the ability to fake the GPS location on Android.
<https://i.postimg.cc/PJPZCWps/map01.jpg>

Here's the thread with a link to my post about GPS apps.

o Google keeps a log of all your electronic parts, brakes, tools, and automotive tires digital receipts emailed to your GMail account.

<https://groups.google.com/d/msg/alt.home.repair/V3kuohx1vf8/SvpxXCVVBQAJ>

The "fake GPS" wasn't a critical part of that thread, where I include it
here simply because it's yet another proof that while Apple cherry picks
what it claims to be iOS' privacy advantage, when you add everything up,
neither is more private than the other unless you own an imaginary belief
system where the only things that matter are Apple's cherry-picked
marketing spiels.

=========== post cut and paste of the relevant section =======
I used to use the hand-held stuff, but now I just use a phone.
Here's a screenshot of just some of the apps I have on my phone.
<https://i.postimg.cc/PJPZCWps/map01.jpg>

You'll note that I organize the map folder by best app first for each
functionality, so it's organized, as shown below...

Offline Road maps:
o Navigator
o Google Maps
o OSMAnd~
o CoPilot
o Sygic
o Navmii USA

Roadmap trackers:
o A-GPS Tracker

USGS Track and Route
o US Topo Maps
o Locus Map

USGS track only
o BackCountry Navigator
MyTrails
Avenza

USGS locate
o Topo Maps

OSM track & route
o Gaia GPS

OSM track
o TrackBook

Track only
o OSMTracker
o GPSLogger
o TinyTravel

World topo
o World Topo

Coordinate position
o Here GPS
o My Location

Compass only
o Solar Compass (useful to check your compass)
o Just a Damn Compass
o Compass

Map editor
o Polaris

Sky map
o Sky Map
o Start Walk 2
o Star Chart

GPS status
o Fake GPS
o FakeGPS
o FakeGPS
o GPS Status
o GPS Status
o GPS Status

[Arlen G. Holder]

Facts.

The apologists _hate_ facts because they own imaginary belief systems...
o But the fact apologists hate facts doesn't change that they're facts.

Facts...

Dated today...
o Washington Post: Apple promises privacy, but 5,400 hidden iPhone apps secretly share your data with trackers, ad companies, and research firms
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/J_YuCzdGTGI>

Washington Post: Do you know whom your phone is talking to in the middle of the night?
o Apple promises privacy, but 5400 hidden iPhone apps secretly share your
data with trackers, ad companies, and research firms

<https://www.washingtonpost.com/technology/2019/05/28/its-middle-night-do-you-know-who-your-iphone-is-talking/>
"Apple says, "What happens on your iPhone stays on your iPhone". Our
privacy experiment showed 5,400 hidden app trackers guzzled our data in a
single week."

"On a recent Monday night, a dozen marketing companies, research firms
and other personal data guzzlers got reports from my iPhone. At 11:43 p.m.,
a company called Amplitude learned my phone number, email and exact
location. At 3:58 a.m., another called Appboy got a digital fingerprint of
my phone. At 6:25 a.m., a tracker called Demdex received a way to identify
my phone and sent back a list of other trackers to pair up with.

And all night long, there was some startling behavior by a household name:
Yelp. It was receiving a message that included my IP address - once every
five minutes."

"IPhone apps I discovered tracking me by passing information to third
parties just while I was asleep — include Microsoft OneDrive, Intuit’s
Mint, Nike, Spotify, The Washington Post and IBM's the Weather Channel. One
app, the crime-alert service Citizen, shared personally identifiable
information in violation of its published privacy policy.

And your iPhone doesn't only feed data trackers while you sleep. In a
single week, I encountered over 5,400 trackers, mostly in apps, not
including the incessant Yelp traffic. According to privacy firm Disconnect,
which helped test my iPhone, those unwanted trackers would have spewed out
1.5 gigabytes of data over the span of a month. That's half of an entire
basic wireless service plan from AT&T."

"What disappoints me is that the data free-for-all I discovered is
happening on an iPhone. Isn't Apple supposed to be better at privacy?"

[Arlen G. Holder]

The lack of privacy on iPhones never seems to run out of holes!!!!

"any person or entity could rent a list with the names and addresses of all
unmarried, college-educated women over the age of 70 with a household
income of over $80,000 who purchased country music from Apple via its
iTunes Store mobile application," the customers said. "Such a list is
available for sale for approximately $136 per thousand customers listed."

o Apple Accused of Selling ITunes Customers' Listening Data
<https://www.bloomberg.com/news/articles/2019-05-24/apple-sued-for-selling-customers-itunes-information>

[Arlen G. Holder]

Another example of the privacy being "about the same" is that the system
files of both Android & iOS can be easily viewed by anyone with a USB
cable, even when the Android device isn't rooted nor the iOS device
jailbroken.

Here's a thread on the Android situation where you use ADB to view all the
system files, which has a note about iOS also allowing access to system log
files via Linux connections over USB.
o what is "android debug bridge"?
<https://groups.google.com/forum/#!topic/comp.mobile.android/K4UNdlVrrvs>

In this case, you can see EVERYTHING in the system directory for Android,
while on iOS, you can clearly see system "stuff" but not nearly as much.

The point is that any MARKETING org that advertises "privacy" (or
security), always cherry picks where they excel, but never do they cover
where they suck.

And in the end, _both_ platforms suck.

The only people who don't think so, are those who ONLY know what the
MARKETING organizations have fed them - which is why they own completely
imaginary belief systems which you can't shake.

It's like religious zealots, who only know what they're fed.
o They're immune to facts.

Children are immune to facts
o But ADULTS are supposed to be able to form beliefs _based_ on facts.