iOS, The Future Of macOS, Freedom, Security And Privacy In An Increasingly 
Hostile Global Environment

This post by a security researcher who prefers to remain anonymous will 
elucidate concerns about certain problematic decisions Apple has made and 
caution about future decisions made in the name of “security” while potentially 
hiding questionable motives. The content of this article represents only the 
opinion of the researcher. The researcher apologises if any content is seen to 
be inaccurate, and is open to comments or questions through PGP-encrypted mail.

TL;DR

        • iOS subliminally and constantly collects sensitive data, links it to 
hardware identifiers almost guaranteed to link to a real identity

        • iOS forces users to “activate” devices (including non-cellular) which 
sets up a remote UUID-linked (also collecting registration IP) database for a 
given device with Apple for APNS/iMessage/FaceTime/Siri, and then Apple ID, 
iCloud etc. Apple ought be open to users about “activation” and allow users to 
avoid it.

        • Apple Activation servers are accessed via Akamai, which means 
sensitive data may be cached by Akamai and its’ peering partners' which 
includes many global ISPs and IXPs

        • Risk that macOS could be iOS-ified in the near future in the name of 
“security” while ignoring significant flaws in iOS’ design wrt privacy, forcing 
users to unnecessarily trust Apple with potentially sensitive data in order to 
even simply use devices.

        • Controversial, draconian surveillance laws being implemented 
worldwide which could take advantage of Apple’s data collection and OS design 
choices, notably in, but not limited to, China, one of Apple's largest markets.

        • If iOS is to really be considered a secure OS, and if vanilla macOS 
is to become more secure, independent end-user control must be considered. 
Increased low-level design security at the cost of control, and the ability to 
prevent leaking data, cannot be considered a real improvement in security.

< - >

https://gist.github.com/desantis/5728d5536b6dfe37e781c0a4a0f32e54
_______________________________________________
Infowarrior mailing list
Infowarrior@attrition.org
https://attrition.org/mailman/listinfo/infowarrior

Reply via email to