No dog in this race really, I'm pretty much against all of big tech on privacy grounds.
That said, I have to say that from my perspective, it seems pretty clear that Apple is light years ahead of Google where privacy and security are concerned.
I try never to even touch Google properties or products, because it's tantamount to making whatever information you provide to that service public. That's kind of how I think about it. Everything I put into google maps, google apps, gmail, whatever, will be open for the entire world to see at some point. Either a leak by google, or google shares with someone who gets hacked, or maybe through a court case where stuff from 10 years ago pops up in court records or whatever. I mean, if that doesn't happen, great. If it does though, no biggie, I behaved as if it would happen from day one.
Of all the dangerous big tech companies out there, Google and Facebook are, to my mind, unquestionably the most dangerous. And by far the biggest threats to the privacy and security of the average person.
> Apple is light years ahead of Google where privacy and security are concerned.
Privacy I'd agree, but security? Apple's security track record is straight up hot garbage. Their cloud security is a complete joke (iCloud has been hacked how many times now?). Google's cloud security meanwhile has a stellar record. Outside of cloud yeah Apple has lots of security buzzwords, but they still are repeatedly hacked. We are, after all, talking about a post where 5 different 0-days were actively exploited on iOS. And just about every release of iOS has had critical escalation vulnerabilities (aka, jailbreaks) - such as the CoreTrust bypass exploit in iOS 12 ( https://gist.github.com/pwn20wndstuff/a57b213a6f8c75cb3b9a8c... )
Android has an update problem, but between all the hardening that's been done there (such as extensive selinux policies) it's pretty fucking solid, and is backing that up with results.
The platform itself has not been hacked, so I'm not sure what you're trying to say here. All the "hacks" against iCloud have been social engineering and/or user exploits. I don't see how users re-using passwords across sites or using weak passwords makes iCloud security a joke. Some of the impetus has to fall on users to be responsible for their own data.
Back when Chrome was based on WebKit, IIRC Chrome team found and fixed oodles and oodles of bugs in WebKit, because WebKit wasn't even using fuzzing, or not enough fuzzing. Even as late as 2017, fuzzing was still finding significantly more security issues in Safari than other browsers: https://www.securityweek.com/fuzzing-reveals-over-30-web-bro...
Also, when discussing iCloud, you need to distinguish between the backend service, and the frontend service. There have been significant CVEs found in the front-end client. Apple doesn't run many front end Web services, so there's less to exploit. They also don't allow you to host executable code like AWS, Azure, and GCP, so the attack surface is much more confined.
That Google has exposed their infrastructure to the unforgiving nature of the Web for 2 decades, with exploits few and far between, is a testament to the quality of the security engineers.
The most secure device on the planet, isn't iOS, it's Chromebooks. Look at the defense-in-depth used on Chromebooks to isolate execution: https://www.youtube.com/watch?v=pRlh8LX4kQI
> All the "hacks" against iCloud have been social engineering
Which would be a strike against Apple...
> I don't see how users re-using passwords across sites or using weak passwords makes iCloud security a joke.
Logins from new locations is the type of thing other cloud services (like Google or Facebook) protect against by requiring a challenge to proceed even if 2-factor is not enabled.
iCloud only working when the user holds it properly is a very Apple-esque thing, but also still bad. Particularly their 2FA is pretty bad and can be easily bypassed. Because, you know, that good UX flow is preferred to actual security.
Oh come on man. Are we really saying that Android has no security issues?
I'm gonna do you a favor and just not talk about how naive and fanboy-like that statement was man.
And google cloud's security, I assume you mean the AWS competitor, is being compared to iCloud social engineering hacks? Uh, yeah, I mean, since iCloud is consumer level, no surprises there. As far as consumer level offerings, hey, Google already has the location or whatever other data, so they can already use it to try to sell you cheap plastic Oklahoma City Thunder dart boards or whatever. Your privacy and security are violated every time it happens.
Maybe I'm just being too fundamentalist in my view? But that's just how I see it. Every time an entity uses my data for something I did not intend, it is a security and privacy violation. Google's entire business model is literally built on violating both, which is why I avoid their products like the Plague.
That said, I have to say that from my perspective, it seems pretty clear that Apple is light years ahead of Google where privacy and security are concerned.
I try never to even touch Google properties or products, because it's tantamount to making whatever information you provide to that service public. That's kind of how I think about it. Everything I put into google maps, google apps, gmail, whatever, will be open for the entire world to see at some point. Either a leak by google, or google shares with someone who gets hacked, or maybe through a court case where stuff from 10 years ago pops up in court records or whatever. I mean, if that doesn't happen, great. If it does though, no biggie, I behaved as if it would happen from day one.
Of all the dangerous big tech companies out there, Google and Facebook are, to my mind, unquestionably the most dangerous. And by far the biggest threats to the privacy and security of the average person.