IllustratorsLeak
The Hated One
The Hated One

patreon


[Script] How Android is more private than the iPhone

Intro

In any modern-day protest, technology defines the battleground. For the citizens in the streets, it's a key tactical tool that can organize masses quickly and capture moments outside of the view of TV camera lenses. But the very same technology can be leveraged to suppress public unrest with surgical precision.

Whoever is in control of the technology gets to determine the outcomes.

As a case study, take Hong Kong protesters and the iPhone. As a weapon of choice, the iPhone provided the citizens with a plethora of tools for encrypted communication, monitoring police presence or mobilizing crowds. With Airdrop, Apple users could swiftly and anonymously share images and files that would otherwise be censored on other platforms in China.

Unfortunately, it didn't take long for Apple to start submitting to government requests to censor apps enabling or supporting the protests. Slowly but surely, Hongkongers were losing access  to encrypted messengers, VPN apps, and a police monitoring app HKmap.live. Since Apple gave Beijing total control over all iCloud data of Chinese users, the once hailed privacy-respecting iPhone was retrofitted into the most inimical surveillance machine.

The main takeaway from the Hong Kong story is that iPhone users were never in control of their devices. Apple took that control away from them and gave it to the government in order to stay in business. When Hongkongers lost their privacy, it was easy for the government to crack down on them one by one.

Privacy is about control

Privacy is ultimately about taking control over what happens to your data. The less control you have,  the more exposed you are. This is in defiance with the trend in almost all consumer electronics today.

Most companies, much like Apple, are trying to lock users into their ecosystems. And in doing so they are stripping users away from more and more controls over their own devices. It's as simple as restricting where users can download apps from to an only place controlled by the platform. Or not allowing users to change default apps for messaging or browsing. Or not giving users an option to fully utilize their devices without self-identification to the company. All of these restrictions are legally protected by licenses that pay no regard to end-user rights.

This is why Android, despite all of the flaws of Google that develops it, is today a fundamentally better choice for your privacy. If Hong Kong protesters leveraged the full capability of the open source operating system, they still would have been able to install and run apps even if Google deleted them from Play Store. It is perhaps this realization that can explain why over the course of the Hong Kong Protests, the iPhone has been dethroned from its dominant market share in the city.

Android is not perfect. But for most any person today, from the most vulnerable dissidents to any regular Internet user, Android is more private than the iPhone. And here's how.

Licenses make or break user controls

For most users, this is the everyday Android experience. In many ways, it is a perfect emulation of the iPhone experience. You have your Play Store where you download apps from, you have your email app, the Chrome browser, Google Drive, your search assistant, and perhaps some other pre-installed apps. But this is not what Android actually is.

In its main form, Android is just a blank operating system. It is fully functional. Capable  of connecting to the Internet, browsing the web, downloading apps, making calls and sending messages. But there is no Google. No Play Store, no Google Search, nothing proprietary. Android is licensed under the Apache License version 2.0. It is an open source license that allows anyone to take Android's code for free, make modifications to it and redistribute it. It is why there are so many different "skins" made by different manufacturers.

But what it means for privacy-conscious users is that they can fully use Android without being signed into a Google account or even having any Google apps and services installed.

They would still be able to download apps from third party sources, just not from Google Play Store. They could still do cloud backups, change the default messaging app, or do anything else they just wouldn't do it through Google's products. If Google decided to restrict some essential privacy apps from the Play Store, users could still get them directly from the developers.

This simply isn't possible on the iPhone. The only way to install apps on any iOS device is through the App Store, which Apple solely controls and collects tremendous amounts of data from. Users have to be signed in with their Apple ID which is tied to their real life identity, which means any download or purchase through the App Store is surveilled by Apple and tied to specific individuals.

Latest security research found that Apple does this detailed data collection even if users opt out of sharing analytics. For many regular users in a non-threatening situation, downloading apps from an official app repository is going to be the most secure option. But when the threat level changes, such as during a protest or for vulnerable individuals, other options should be open. On the iPhone, it isn't the case. Users cannot make that choice.

The only way to restrict Apple from collecting your data is to remove your Apple ID from the iPhone. And you have the option to do that. But you can no longer do anything on that phone. You won't be able to download apps, send messages or use cloud backups.

On Android, you do need a Google account to use Google apps. But if you don't want to do that, you can find an alternative for any Google service out there and use it without any major issues on your Android phone.

Both Google and Apple are ecosystems. Google's ecosystem is their services. Apple's ecosystem is their services, their devices, their apps and their operating systems. Apple controls everything on the iPhone. On Android, users are allowed to take  that control back from Google.

LINDDUN - or it's not just about security

The biggest advantage of the iPhone are security updates. Their phones have had the longest support for security patches and Android phones are only now slowly catching up. This is a major issue and while Google does match Apple's update practice with Android and Google's own hardware, most Android vendors are falling behind quite drastically. Security, is an important privacy prerequisite. However, it isn't the only one, nor the major one.

Most people's immediate privacy exposure is linkability and identifiability. Getting hacked is on the list, but probably not at the top for most people.

Linkability is connecting any two data pieces together based on relevant categories. It can be as minor as connecting the dots between people sharing common interests, or it can be as excessive as identifying individuals by different data points.

Likewise, most online services require that users out themselves to the providers, surrendering any trust to the companies behind them. No system that doesn't give users the freedom to use it without identifying themselves should be considered a private system. Both Apple and Google engage in very similar levels of data collection in their respective services. Google does have a search engine and YouTube which Apple doesn't have, and overall, Google has access to more categories of data. But one to one, Google Services and Apple equivalents should be both avoided with the same level of precaution.

Here is a practical example that brings this issue home for everyone. Geofence warrants are a frequent policing tool whereby a local law enforcement can go to Google and Apple and request information on all devices or accounts that were present in a specific place and time. It isn't uncommon for hundreds or even thousands of devices to be swept up under one such request.

But these requests easily lead to abuse, profiling and unjust police overreach. Innocent people are often accused of crimes they never committed simply because they ended up in these dragnet surveillance requests. The only way to avoid this on the iPhone is to have the phone in airplane mode and have location services disabled. You can also do that on Android and it would be sufficient. But at that point your phone would just be a very expensive brick in your pocket. On Android though, you have more options.

One way is to remove Google account from your phone and use privacy-respecting alternatives in its place. A more certain method would be to entirely delete pre-installed Google and other bloatware apps from your Android phone and then use privacy-preserving alternatives. The third option is to use a privacy-focused offshoot of Android such as GrapheneOS. This is in fact, the most private and secure option. But it is only available to Pixel devices. None of these options are too difficult even for the most non-technical user. You might have to learn a thing or two, but at least you have options.

The point is, both Apple and Google data collection should be equally avoided. But only Android is open enough to allow for the user to decouple their phone from the company that made it.

Privacy is fluid

Which brings me to another point. Privacy is fluid. You are never gonna find two people with the exact same threat model. You are not even gonna find one person with the same threat model in all different situations. Your privacy threat level is gonna vastly differ from when you are with your family versus when you are at your workplace. Even at your workplace, your privacy risk will likely change if you decide to join a union. Privacy is situational and contextual. For some situations, it might be reasonable to use an Apple device. But it is by no means a private experience and you have to operate under that realization.

On Android, you have the option to adjust your privacy level in any direction and at any point. You can do this by deleting Google from your phone, removing pre-installed apps or changing your defaults. Or you can install a custom version of Android like GrapheneOS or something else according to your needs.

On the iPhone, you are pretty much stuck to one threat model dictated by Apple's enforced defaults. Recently, Apple came up with the Lockdown mode, which is a very convenient feature that significantly enhances your security. It's useful for targets of advanced persistent threats like nation state hacking groups. None of the Lockdown security features do anything about the data collection conducted by Apple. You are still forced into Apple's default services, all usage data is still being collected.

Lockdown makes your iPhone more secure. But if you need to have a phone with that level of security, you are much better of with GrapheneOS. I have talked about GrapheneOS in the past many times so I won't repeat myself here but GrapheneOS trumps iPhone in all security features and unlike the iPhone, GrapheneOS is also anonymous.

Privacy features

App tracking transparency

Apple has been really great at marketing themselves as a privacy company. And much of that is just a ruse, but that's for another time. With respect to the iPhone though, Apple has marketed the living hell out of the two best selling privacy features they have - the app tracking transparency and privacy nutrition labels. But none of these are actually achieving anything what they claim to be.

The App Tracking Transparency is the popup prompt with the "Ask app not to track you". This is a powerful statement because how can you ask someone not to track you? The way the iPhone does it is actually very simple. Too simple in fact. All it does is it removes the ability for the app to use your advertiser ID, which Apple built into everyone of its devices by default. Saying that this limits tracking is incredibly deceitful in the common understanding of the word.

Tracking is whenever someone collects information about your activities, behavior, or usage over a period of time. Tracking can be done solely within a service or even outside and across multiple third parties. But this is not how Apple defines tracking. In their terms, tracking is only when a developer links the data they collect from you with the data they obtain from data brokers. That's such a specific case that it wouldn't apply to the vast majority of tracking that's occurring to most people. But this definition does immunize a lot of what Apple is doing. Because Apple is 100% tracking everything you do on their services. They just don't use the standard definition of tracking.

On Android, you can also limit this kind of "ad tracking" by simply disabling your advertiser ID in the settings. And it would do exactly the same - developers will still collect the same amount of data about you, they just won't be able to use your ad ID. That's all.

What's most important to say about this ad tracking on both Android and the iPhone, it's that none of that applies to Google's and Apple's own advertising networks. For that, you have to go to the settings in your Google account and Apple ID. It is very misleading from both of these companies to exclude themselves from the rules they apply to third parties. But that's what it is -  a market consolidation sold to you as a privacy feature.

Nutrition labels

Apple has been celebrated into high heavens for its "nutrition labels". And it's great and all except Apple will never actually tell you what any of the apps you install have technical access to. On Android, you can see this technical info in the permission manifest, as it is mandatory for all developers to declare what permissions they require before a user installs their app. It is a far more precise method of telling you what the app will be able to collect than letting developers arbitrarily explain those parameters in "nutrition labels". Google has jumped on the trend and started doing the labels too. But if you actually want to know what the app does, you want to look for the permission list. You can only do this on Android, not the iPhone.

iCloud encryption

Recently, Apple expanded end-to-end encryption in iCloud backups to finally include messages, notes and photos. This isn't enabled by default, and it doesn't include all sensitive data. Contacts and calendar data still remain open. But it's at least better than what it was before. It is in fact better than Google Drive. However, iCloud is still hardly a privacy solution, because Apple doesn't encrypt any metadata and requires user authentication with identifiable credentials - which is the Apple ID. While encryption makes the content of the data secure, the metadata surveillance still leaves the user exposed to indetifiability, linkability, non-repudiation and detectability threats. These threats expose hoards of usage data for Apple to monetize, analyze and profile. All of which Apple does with the data they collect and they already laid out plans to expand this practice even further in the future.

The best course of action to take is to disable any proprietary cloud integration on your device and opt for a privacy-preserving cloud service that also protects or at least doesn't process your metadata. Only then can you have full control.

Privacy forks

Android's biggest strength is that it's not just one operating system. It's a platform on top of which anyone can build their spin-off. Android has many so-called "custom ROMs", which are simply different iterations of the operating system focused on different goals. Naturally, this spawned privacy-focused Androids that offer a private-out-of-the-box experience.

GrapheneOS has for the longest time been the one carrying the crown and it seems like it will remain so far-off into the future. The OS comes with significantly enhanced privacy and security features with a clear goal of making a perfectly anonymous device with security parameters able to withstand 0-day exploits.These options are nonexistent on the closed-source iPhone. Your iPhone will never be anonymous because Apple will always collect your hardware identifiers and tie them to your Apple ID. On Android, you can permanently remove Google from accessing those identifiers with GrapheneOS.

It is important to mention that both Google and Apple have built two of some of the most secure consumer-grade operating systems one can get. They are both far beyond their desktop competition in terms of security.

There have been trends in the recent years to keep more and more data processing on the device. Apple and Google are both leveraging AI learning tools such as federated learning or differential privacy to protect some user data. Google Pixel phones and iPhones are shipped with security chips that make it impossible for anyone in the world to unlock a phone without user authentication. Google and Apple have essentially made impenetrable devices. Your stock Android and iOS experience is becoming more secure year by year.

But little of that matters for your privacy the moment you go online. Apple and Google are both are in the business of monetizing the customer's use of their devices. And that's where both platforms tend to abuse their position to dictate what apps and services Android and iPhone users default to. But only one platform allows for divergence from that model.

Privacy apps

This is the reason why only Android has NewPipe, an app that allows you to watch YouTube videos without ads and tracking. Or multiple repositories of free and open source apps and many privacy tools that would be banned from the App Store and Google Play store for violating their policies. This is why only Android has the option to install apps without the platform knowing about your identity and usage.

This is a level of control that simply cannot be replicated on the iPhone. Apple has been in a hot water recently as dinosaur regulators are finally realizing iPhone users are the only ones not allowed to install apps from sources other than the App Store. So maybe in Europe, Apple could be forced to open up the iPhone a little bit. And that would be great. But they will fight tooth and nail to make sure that doesn't happen.

Outro

Control does not guarantee privacy. But it is an absolute imperative. Privacy cannot be given. It can only be taken. It's a sad lesson to learn from the real world. Whether it's Hong Kong, China, or anywhere else in the world - history is written by those in control.

Comments

"Privacy cannot be given. It can only be taken." such a great line, and your delivery was perfect.


More Creators