https://tinyurl.com/rossmatrixLet's get Right to Repair passed! https://gofund.me/1cba2545👉 https://sneak.berlin/20201112/your-computer-isnt-yours/👉 This v...
A throwback to remind ourselves that apple is terrible for privacy
We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.
To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.
In addition, over the the next year we will introduce several changes to our security checks:
A new encrypted protocol for Developer ID certificate revocation checks
Strong protections against server failure
A new preference for users to opt out of these security protections
The fact that existed for years is the problem. the fact that execs signed off on this at all means apple is terrible for privacy
I read the article and the only pedantic detail that was wrong in the initial report was that gatekeeper didnt send the “appication hash” it sent the “applications certificate id” which is a worthless distinction and changes nothing. you’re acting like that somehow exonerates apple, and then just blindly believing what their PR person says. youd have to be a complete idiot or working for them to believe that crap.
So they did one thing wrong and it means they’re terrible for privacy? Welp, guess I can’t have a phone because the alternative (Google) has a business model that depends on being terrible for privacy, and my work apps disallow custom ROMs.
oh I guess none of us can have security because this guys work wont let us.
no, they did a bunch of things wrong. they all do, so instead of burying my head in the sand, Im going to call it out and work to build a better future.
Not everyone even knows how to use custom ROMs, tech workers may have a huge presence online but we’re a tiny minority irl.
Anyway, good, go build it. Saying one small mistake makes a company terrible privacy isn’t doing a whole lot for your credibility though, so I recommend you spend more time building than talking about it.
I’m sorry but did you read the article l linked to or the TL;DR I lifted from the article?
They do not send the app you open to Apple, and there is no evidence they send it to third parties as the app information is not sent at all!
Nevertheless, they do send information about the developer certificate for notarization and gatekeeper checks.
https://support.apple.com/en-us/HT202491#view:~:text=Privacy protections
Quote:
We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.
To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.
In addition, over the the next year we will introduce several changes to our security checks: A new encrypted protocol for Developer ID certificate revocation checks Strong protections against server failure A new preference for users to opt out of these security protections
The fact that existed for years is the problem. the fact that execs signed off on this at all means apple is terrible for privacy
I read the article and the only pedantic detail that was wrong in the initial report was that gatekeeper didnt send the “appication hash” it sent the “applications certificate id” which is a worthless distinction and changes nothing. you’re acting like that somehow exonerates apple, and then just blindly believing what their PR person says. youd have to be a complete idiot or working for them to believe that crap.
So they did one thing wrong and it means they’re terrible for privacy? Welp, guess I can’t have a phone because the alternative (Google) has a business model that depends on being terrible for privacy, and my work apps disallow custom ROMs.
oh I guess none of us can have security because this guys work wont let us.
no, they did a bunch of things wrong. they all do, so instead of burying my head in the sand, Im going to call it out and work to build a better future.
Not everyone even knows how to use custom ROMs, tech workers may have a huge presence online but we’re a tiny minority irl.
Anyway, good, go build it. Saying one small mistake makes a company terrible privacy isn’t doing a whole lot for your credibility though, so I recommend you spend more time building than talking about it.
ok this is not “one small mistake” this is a systemic failure
They designed a security feature without considering security
They kept this feature without encryption for years
It is either a bafflingly huge mistake or they intentionally made spyware,
Ill remind you of hanlons razor and let you make your own decision: