iOS, The Future Of macOS, Freedom, Security And Privacy In An Increasingly
Hostile Global Environment
This post by a security researcher who prefers to remain anonymous will
elucidate concerns about certain problematic decisions Apple has made and
caution about future decisions made in the name of “security” while potentially
hiding questionable motives. The content of this article represents only the
opinion of the researcher. The researcher apologises if any content is seen to
be inaccurate, and is open to comments or questions through PGP-encrypted mail.
• iOS subliminally and constantly collects sensitive data, links it to
hardware identifiers almost guaranteed to link to a real identity
• iOS forces users to “activate” devices (including non-cellular) which
sets up a remote UUID-linked (also collecting registration IP) database for a
given device with Apple for APNS/iMessage/FaceTime/Siri, and then Apple ID,
iCloud etc. Apple ought be open to users about “activation” and allow users to
• Apple Activation servers are accessed via Akamai, which means
sensitive data may be cached by Akamai and its’ peering partners' which
includes many global ISPs and IXPs
• Risk that macOS could be iOS-ified in the near future in the name of
“security” while ignoring significant flaws in iOS’ design wrt privacy, forcing
users to unnecessarily trust Apple with potentially sensitive data in order to
even simply use devices.
• Controversial, draconian surveillance laws being implemented
worldwide which could take advantage of Apple’s data collection and OS design
choices, notably in, but not limited to, China, one of Apple's largest markets.
• If iOS is to really be considered a secure OS, and if vanilla macOS
is to become more secure, independent end-user control must be considered.
Increased low-level design security at the cost of control, and the ability to
prevent leaking data, cannot be considered a real improvement in security.
< - >
Infowarrior mailing list