I guess I’ll take the contra here on messages integration — moving a message over BLE to untrusted hardware and worse accepting them back into iMessage is a massive, massive change in the security boundary and therefore security architecture and therefore security promises that apple makes on iMessage.
I do not believe average smartwatch users understand what they’d be doing if they got this. I do not believe vendors integrating with such a thing can do it safely, or even that all vendors integrating are good actors.
One reason iMessage is less of a total cesspit than SMS is that the ecosystem is closed, and makes automation difficult. It used to be impossible nearly, and in that era we had almost no iMessage spam. Now it’s difficult, and we have moderate iMessage spam. But adding hooks to make this automation easy, and worse, leave the trust environment as a feature is just wrong.
This is cap. I worked on heads up glasses, and one of our issues was the lack of integration with Apple's iMessage ecosystem. Device makers are willing to go through several security measures, like deploying the MFi chips and certification. However, at best this gives you access to the notification system, not iMessage itself. You are able to respond to messages via the notification framework, but not integrate directly with iMessage even after taking all security and certification efforts. This isn't a security play. This is a walled garden play.
Yes, I don't want apps accessing my messages surreptitiously. Points there.
However, what's wrong with allowing another app to post messages to my messages?
If I don't want it, let me turn them off. Maybe, as a UI expert company, it's easy "block app from sending me messages" when I get a message. Seems like something that should be fairly transparent to the (potentially misbehaving) app.
I use a Garmin, and Android, and I use it for messages all the time, it's great. I can't imagine not taking them. It's easy for me to block stuff I don't want, could it be easier, maybe...
But my point is this isn't something unreasonable for a user to want.
As a general aside, it seems when I hear about Apple products anymore, they are locked down, unintuitive, and generally just unpleasant. I even tried an Apple device again recently...eugh.
Apple is only "nice" for a certain, narrow segment of the population.
I don't get this argument that Apple making it difficult for their paying customers to send and receive messages is somehow a good thing. It's also not like Apple is helpless, they managed to shut down Beeper.
Why did you choose to ignore the very next statement in their post, that ensures it cannot be spammed? Doesn't seem like you are arguing in good faith here.
I don't think this is a reasonable take (and also doesn't make sense). If you read the other comments here its extremely clear to everyone that no one here is seriously concerned about your watch sending spam.
If you 'opt-out' then it does not fix the problem of spammers having easier access to imessage.
I'll say that again: If you personally, either a) opt out, or b) dont have a watch at all, it makes no difference to spammers. They are not sending spam using your watch.
People are concerned about the result of allowing anyone to send messages in general.
...
The real argument to be made here is, as other people have pointed out, this isn't technically impossible; I mean, apple watch can do it right?
So there is a solution; but Apple isn't allowing other people to use it.
THAT is the issue here.
Pretending there is 'no issue' is flat out wrong. If that what you think, you're wrong and you haven't understood the problem.
The issue is why only Apple is, according to Apple, technically capable of implementing the controls required to do it in a secure manner.
That's a fair question to ask, and there really isn't a strong answer for it.
Certainly, making it easy for anyone to send messages would not be a solution. That would be stupid. That's why they haven't done that.
...but, you have to ask, is there really no certification process that would do the job? Really? None? Only Apple engineers are smart enough and diligent enough to do it without screwing it up? Hmmmmmmmmmm...
Have you considered the fact it could be because Apple Watch itself is closed, walled garden and Apple has full control over its security (and therefore trust in it)?
Imagine a world where they allow Pebble to go through certification process for it to get jailbroken half a year down the road opening the gateway to iMessage for all the spammers in the world. What then? Should Apple now play whac-a-moll with the spammers forever, or block the access to all Pebble watches creating another scandal? And what if this happens to next 10 different watch makers down the road?
They own Apple Watch and if it gets jailbroken its their mess to deal with, but if they open it to the world then they have zero control over it.
If they block access to all Pebble watched AFTER it has been shown to be opening a dangerous gateway to spammers despite valiant attempts by all to engineer it to be safe, then that would be a lot less of a scandal.
If they further block it by default but allow Pebble users to bypass the block with some very scary warning message then My God there wouldn't be a scandal at all. People who know and accept the risks can use the thing they paid money for as they please then.
I don't see this at all. No one is talking about anyone being able to access to iMessage. No one has a problem for example if you simply require an apple account. No one expect to just be able to do post(number, message).
> However, what's wrong with allowing another app to post messages to my messages?
> If I don't want it, let me turn them off.
Can you it off for anyone sending you messages too?
That's the issue; you not wanting to use it does not mean that spammers won't use it.
That's the problem. You can't have nice things if some people can use it to abuse the system; and there are a lot of people who will.
> But my point is this isn't something unreasonable for a user to want.
This ignores the reality which is that doing it in a way that gives a nice user experience without an enormously painful security issue is really non trivial.
Maybe it's OK to have the choice?
...
If you love your android phone, don't care about iOS, don't like iphones.... why do you care? I mean, why does it upset android users when they see this sort of thing for people using iphones?
It mystifies me. If you love you phone, and you think it's better, then use it.
Automating imessages has been an official thing in macos since ages that i know of, but it is done on a computer rather than a phone. The argument that opening up automation for imessage will increase spam does not hold, just because automation is already opened up, thus whatever spam this allows or not is already here.
EDIT: example script to run from a mac terminal:
osascript -e 'tell application "Messages" to send "$message" to buddy "+12345678" of (1st service whose service type = iMessage)'
You can thank Apple for the Lightning connector and App Store too, for all the good it does everyone in the EU. If a company uses their power to prevent competition with their own products or services, the market's jurisdiction reserves the right to restore competition to their market and prevent the harms inherent to monopoly abuse.
I probably dont get your sarcasm. But I never had a problem with Lightning. In the long run, I like the switch to USB-C... But when I got my first iPhone, USB-C wasn't invented yet, so... Also, I like the AppStore for its reviews, and would actually NEVER activate an alternative appstore. No need to weaken my security on purpose. I know, its apparently an unpopular opinion here, but that is mostly because many people only comment with their dev hats on and are apparently unable to see things from user perspectives...
To add: when apple switched to lightning they made a deal with hardware makers that they would support this for 10 years in order not to make all their hardware obsolete again.
They did eventually change it after exactly 10 years.
Not because their software would inherently break by switching to a different USB connector, or even by using a converter dongle. Apple signed this agreement because Lightning had a hardcoded DRM protocol baked into it to force third-parties to pay licensing fees. Of course they demanded a 10 year support window, it was a licensing ruse to make manufacturers pay a price premium to use the USB featureset.
The 3rd parties are not getting anything out of it. You literally pay for access to a tech stack that has nothing better than you would be able to do with USB.
I mean the other side of connection was USB so it was a necessity anyway.
If at least they upgraded the speed over the years, but nope stuck at USB 2.
For a hardware project I looked briefly at the MFi terms and they just don't make any sense. This is why any good lightning cable was always more expensive (at least before you get some from China with contraband auth chips)
Lightning is a major cash crab from Apple and revealed their actual playbook. Microsoft passed as a very bad players in the 90's but Apple is even worse.
The only people not accepting that are deranged fans.
USB-C is a car crash of an implementation landscape, just because the interface is a single design, doesn't mean that you can rely on it. It is better than it was, but we've had several instances of issues with the USB-C, including my own personal favourite of my Nintendo Switch charging socket burning out because I used a non-Nintendo charger - an Apple one, completely compliant and as good as they get - to charge the Switch. A £50 repair.
Some USB-C cables aren't data compliant. They just send power. There's all kinds of foibles with USB-C that have taken years to work on and this just isn't clear to tech folks, let alone non-tech consumers.
The Lightning port has never done this to me, the device just charges and that's it. It transfers files and that's it.
Don't get me wrong, I don't think USB C is perfect nor that it would have been my choice. In fact, from a mechanical standpoint, I prefer Lightning.
What I'm saying is that Apple didn't have to take a cut from every item sold by 3rd parties who wanted to use their specs.
They could even have sold the spec at a fair price but instead they went on a full rent-seeking strategy.
This is why, when there is chatter about Qualcomm/Apple feud on licensing, I laugh my ass off because this is exactly the same behavior they impose on their partners. Can dish it out but can't take it. My complaint is mostly about the hypocrisy of Apple's behavior.
But the real motivator was making as much money as possible, the fact that their specifications had some desirable qualities is nice but not very relevant (since you don't get a choice if you wanted to make an iThing accessory anyway). Their previous port (30-pin) had the same problem and it was rather terrible.
I had the first iPod with FW400 and they could have very well gone with mini-USB when they switched to their 30-pin to make it compatible with most PC who mostly had USB 2 and rarely FireWire. I used mini-USB for plenty of things from external hard-drive to digital cameras passing by digital mini-disc players and it was a fine port.
Yet they chose to make their completely proprietary 30-pin port, to rent-seek as much as possible on the accessory market. When they switched to Lightning, the goal was exactly the same, trying to pretend it's because it was better is disingenuous and very ignorant of Apple's history and behavior.
Plenty of corporations do things like that but the difference is that with Apple there is an army of zealots eating the bullcrap and justifying their behavior in a fanatical way.
They would have the same profit (in fact more) if they didn't have to pay a percentage of their sales to Apple.
The 3rd party manufacturers didn't make profit because of Apple but because of their customers choosing their products.
The way you try to reverse the situation and try to pretend Apple is entitled to a percentage of revenue from other companies making things to work with their products is pure insanity.
Do you think the brand of your car should get a cut of every compatible thing you buy to use with it? Should they get a cut on brake pad, tires, cables to their entertainment system, carpet of the right size for the particular car, etc. The list can be almost infinite.
Do you realize how absurd what you are trying to defend is?
Best interpretation of that is rent-seeking. Not strictly illegal, but prone to regulation at the very least.
Another way to put it is racketeering.
I guess that Apple has been toying with the line for so long that people don't even understand where their interests lies...
Sure, FireWire is an example of Apple using innovation to actually innovate. Lightning is an example of Apple using DRM to paywall an ordinary and freely availible USB 2.0 featureset.
Firewire was a speed/feature innovation.
Lighting was a port innovation.
Pay to play in either case.
Other options available to Apple instead of Lightning:
* stick with the iPod connector for longer
* switch to micro-USB
* never invent the iPod connector in favor of staying with Firewire or going to mini-USB and then switch to micro-USB or something else later anyway
None of these are better. I'm EXTREMELY glad they didn't switch to micro-USB. I had no shortage of mini-USB and then micro-USB devices and the micro-USB ports/cables are pretty much the worst I've ever dealt with.
Yeah. Also as I understand it, Apple is part of the USB committee and they were actively involved in the development of USB-C. Their experience developing the lightning connector actively led to usb-c being reversible.
If not for the lightning connector, we wouldn't have usb-c as we know it today.
Its also a stretch to claim apple doesn't like usb-c given how hard they've been pushing it on their laptops. In 2016, they started shipping laptops that only had usb-c ports - which worked around the chicken-and-egg problem we would have had otherwise. Dongle-gate was a real thing that annoyed a lot of people. But my desk is covered in usb-c peripherals - and that might not have happened if not for apple's "brave" choice.
The same thing happened with the original USB. Windows machines, even laptops, shipped with serial and even parallel ports for years after the first iMacs went all in on it. That gave the market for USB devices an enormous boost.
People have really bad memories of Mini- and Micro-USB, or aren't old enough to have experienced that era. Those things were fragile. At that point in time, it made all the technical and business sense in the world to replace their existing proprietary connector with a new, improved proprietary connector. The MFi program was a thing before Lightning, it's still a thing today, and has nothing to do with the specific connector.
The open alternative to 30-pin when Lightning was introduced was micro-USB and micro-USB is ass, but not switching away from 30-pin wasn’t an option for the phone they wanted to build at the time, that being the iPhone 5.
All in all, Lightning was a net benefit that overstayed its welcome by a few years. Even once USB-C was introduced a few years later, it took a few more years than that to become as pervasive as it did.
Overstaying its welcome was intentional to avoid burning peripheral developers who had been promised 10 years of compatibility after Lightning replaced the 30-pin dock connector, which was used from 2003-2012.
As noted in other comments, Apple was part of the USB working group, contributed to USB-C, and introduced USB-C/Thunderbolt-only laptops in 2016. There was backlash against this so they have since backtracked and reintroduced MagSafe and HDMI ports. Personally I would have preferred more USB-C/Thunderbolt ports.
No I get that and I know the history too; but that doesn’t mean it didn’t overstay its welcome as far as users are concerned. Speaking as someone that personally was never got hung up over the shape of the charge cable and certainly not for the flimsy e-waste arguments that were put forth: just in terms of transfer rate (at least on the higher end models) and device compatibility, USB-C has been an upgrade that users could have been enjoying 3 to 5 years earlier when USB-C was a bit more widespread.
I haven't paid for all that many lightning cables period, since they tended to be included with most devices that needed them, and aside from some strain reliefs that I've added myself in the form of heat shrink, they've been largely reliable too.
This was usually due to lint clogging up the port on the device. You could easily remove it with a toothpick and then everything was back in working order. Took just a few seconds at most.
I don't need an ad-blocker. I have YouTube Premium. And I really don't need Safari that often, actually. Besides, if we're really talking JS==insecure, 99% of users on desktop and mobile are insecure. I am sort of on your side, because I spend most of my web-time in Lynx in a tmux. But if I were to argue against JS, people would call me a weirdo. That war is over. I fought it until 2010.
I already said I dont use Safari that much. If you hadn't shortened the quote your reply would be moot. Maybe I need to rephrase, to make you happy: I don't use the web so much on my iPhone. The primary ad-offender in my world is YouTube, which I fixed by paying for Premium.
You know there aren't really ads on websites anymore, right?
There are ads in algorithm apps like YouTube, tiktok, Instagram, mobile games, streaming service "poor" subscriptions, etc. And there are paywalls. But the vast majority of interesting websites don't have ads anymore.
I am not an American. I just have a different opinion on some things then you. Ever tried some empathy?
Pragmatically speaking, I prefer YouTube Premium because I hate their inability to filter out scammy ads, and I still feel like supporting creators at least a bit. As a customer, its not always my call how much of my money goes to creators. Thats why I refuse to use Apple Music and/or Spotify. I spend my money on BandCamp, which I consider an appropriate compensation for other "sins" I might commit on the net.
How does people having the ability to activate alternative app stores on their phones affect you? Or have a Pebble with similar functionality to an Apple Watch? Just don’t activate the App Store or purchase a Pebble and stay in your walled garden.
We’re lucky our computers aren’t walled gardens because if Apple knew it would work this well with iOS, MacOS would be the same.
Yup, Apple made Lightning because USB-C wasn't a thing yet and MicroUSB is awful. Lightning is a whole lot better than MicroUSB, and they've been using it since 2012. MiniUSB B was pretty OK, Micro was just way too thin to be stable and would snap off frequently, in addition to being not very secure and hard to orient. Mini was thicker though, so while it worked fine for the HTC Apache and other Windows Mobile phones of the era, it wasn't going to be small enough to work on an iPhone.
So many people complaining about a really robust connector that solved real problems and has proven to be pretty reliable for 13 years. I'm no huge Apple fanboi, and I'm happy to have all their stuff use USB-C now, but the hate for Lightning is way inflated IMO.
I have no issue with Apple inventing a new, superior connector; I applaud them for it. My issue is with them making it a closed proprietary standard with authentication chips to lock out unapproved third-party vendors. They could have just invented Lightning and made it an open standard. We might not have even needed USB-C then; the industry could have just iterated upon Lightning.
As I understand it, the USB standard is licensed, and you have to pay for it to use the USB logo and to get a vendor ID if you are not already a paying member of the USB Association. Licensing requires passing a compliance test, which is a very good idea.
Apple was also part of the working group that developed USB-C.
USB-C pushed whatever it was doing too far; it's now necessary to know what kind of USB-C cable you have. There's one kind for data transfer and a different kind for rapid power draw. And they look exactly the same.
That has nothing to do with USB-C, but with the USB 3+ standard, AFAIK Apple uses Thunderbolt protocol that is compatible with USB but it has less optional features than USB protocol.
MicroUSB is fine, and Apple should've just used that (like every other phone manufacturer did, with great success). But Apple also has the world's biggest NIH complex, so they decided to invent a proprietary standard rather than go with something interoperable.
MicroUSB is a terrible connector. Every time I have to use one, it's impossible to get into the slot; it's finicky, breakable and has a one way orientation. Lightning is delightful to use.
Micro-USB connector has been consistently rated as one of the worst connectors ever invented[0], [2]. You can find more on the search engine of your choice.
Also relevant: 19 engineers from Apple worked on the USB-C connector and cable specification[1].
«None of the chargers fit snuggly into socket. The connectors are flimsy and get damaged easily. Just rolling up the charger and putting it in my pocket can cause the tip to break off»[0]
«While on the whole, I am satisfied with the switch to USB Micro, my only major gripe is the less obvious keying. Inserting the plug with good lighting is no problem (if you can see), but trying to plug in your cell phone after you've crawled into bed with the lights off can be a trial. As somebody who works with people with disabilities and medical conditions, I have heard from clients with compromised motor control, those with low vision, and those with distal neuropathies that they do experience a harder time plugging in their devices nowadays»[0]
Why didn't they they work with the other actors to create a common standard 13 years ago? You know why, because they don't care about their users! And they even tried to stop the move to a standard many years later when the lightning connectors were outdated, making it even more clear.
Proprietary, and for the first half of its run, they were insanely expensive. Thin flimsy, always breaking. Short by default. They got nasty and stained quickly.
Over the years, third party cheap ones were risky. May damage port or device.
Has a stupid chip in the connector so people can't easily replicate it like a USB cable.
It was the purest example of proprietary capture in an age where the "The correct universal port" has been around for decades. The massive irony is not missed on me as they used USB mouses and keyboards to engineer a step backwards.
There's things I like about Apple, but I could never bring myself to defend the lightning cable.
> ... security firm gets a chip on their shoulder, they can install a persistent backdoor on your phone...
But a random developer can't exfiltrate my data, which is the WAY WAY more common scenario that the previous poster was worried about.
I agree with them. The Apple App Store prevents a lot more malware than the ability to install ANY software. I like the Mac App Store as well, its a large library of software that is virtually guaranteed to be safe from infecting your computer with a virus.
Now, I know how to sideload onto my iPhone, I have homebrew on my MBP, but my brother/sister doesn't, my aunt can't, my uncle assumed his phone was facebook, and they are safer (from viruses) for it. Make installing viruses harder!
I spent decades as the de facto IT person in my family, and when iPhone and Android came around, family members started buying MacBooks, my load got lightened a LOT.
Well, Apple will have to redesign their security model, then. If the iPhone relies on Apple's white-glove curation to stay secure, then European users are enough of a reason to overhaul their security model.
It's great that you know how to sideload, I'm not saying everyone has to know how. I'm arguing that the option should exist regardless of if you pay for a $99/year subscription fee. It should be a part of owning the hardware you paid for and purchasing the right to control it as the user.
We are not buddies. And I am not confused enough to believe NSO Group would be interested in me. This is plain paranoia you are using to try to win an argument. Calm down. Besides, where is the competitive harm if you are so happy with your Android? Look, I am happy with Apple doing some basic things to make the device relatively safe. I know nothing is absolutely safe. And again, I am not high profile, and I am also not paranoid.
> Your security is nonexistent unless you disable iMessage and JS in Safari, even then Uncle Sam has Five Eyes watching your every move for any traces of "terrorist" support.
Your security is non-existed until you've established a realistic threat model. And if it includes targeted surveillance by nation-state actors, you've got bigger OPSEC problems than just your phone.
You never needed speeds in excess of usb 2.0? LOL, this is such old hat, guys in IBM t-shirts telling me how nobody ever needed more than 64K, and why go third party with your treasured computation when you can get the best, the infallible, the International Business Machine?
In the 15 years that I use iPhones now, I never needed the USB port for any data transfer except for one time when I used an external sound card to record things. Maybe I am a simpleton when it comes to mobile. I guess I deserve being LOLed at.
Apple didn't continue to iterate on Lightning because of the obvious future migration to USB-C connectors.
I will die on the hill that the Lightning plug is superior to the USB-C plug. Lightning could some day have supported USB-3.2+ speeds, if they'd chosen to work further on it.
Still, I have never once transferred data to my iPhone over a USB cable. I have used an iPhone since the first generation. For me, it has only ever been a means to charge the phone and to connect it to CarPlay. With wireless CarPlay and MagSafe charging, they could remove the port and I wouldn't miss it all that much (except for fast charging).
Agreed. I really miss lightning after getting a usb-c iPhone.
The best part of lightning port was how easy it is to clean. You can get lint and sawdust out of the clogged port with a toothpick. With usb-c, I can’t find a rigid non-metallic pick small enough to clean dust out of a usb-c port.
Apple was already well under way on their USB-C transition. They literally shipped the first all-USB-C laptop in 2015. Not the first Apple laptop. The first laptop full stop. The iPad Pro switched to USB-C from Lightning in 2018. Every year since, fewer and fewer devices released with Lightning and more and more with USB-C.
If you need more evidence, literally just consider that Apple never bothered to invest further in Lightning. There were no further speed bumps. No updates in the USB protocol version supported. Even charging, USB-A to Lightning has been capped at a pitiful 12W. Does this seem like the behavior of a company that wants to stay on Lightning?
The iPhone would undoubtably have been USB-C in a generation or two even without the EU’s involvement.
I've had tremendous trouble trying to get my iPhone SE to show up as a USB device. Never did figure it out, but the macOS app iMazing has served me well as a workaround.
Apple is choosing to limit USB C to USB 2 speeds to encourage people pay for a more expensive model. The iPhone 16 pro max has USB 3 speeds after all...
For iPhones "Max" is basically irrelevant when it comes to SoC specs; the phones are differentiated by whether they are "Pro" or not. The Pro (and Pro Max) support faster speeds, and the regular iPhones do not.
Op specifically called out “Max”. Most people would find that technically incorrect. But go ahead and draw lines in the sand wherever you wish if it makes you feel like you’re winning an argument.
I gave the max as an example. I did not say it was the only model that could get USB 3 speeds so you are "technically incorrect" and just want to win the argument.
The two models combined account for half of all iPhone sales. And nobody refers to them as anything but iPhones.
It is not just technically wrong to say “the iPhone doesn’t support a thing” when it the statement only applies to a fraction of the product line and actual user experience.
Thanks Apple, for switching connectors on your mobile devices once in 25 years and enforcing standards on 3p peripheral and cable manufacturers, until a government forced you to change making me throw all my cables away.
I specifically liked the lightning cable and the App Store. I had no problem getting lightning cables for a fair price, and I have no problem finding all the applications I need on my iOS devices. Compared with the sewer that is the Play Store, the App Store is a breath of fresh air.
Walled gardens are not inherently bad. I DO thank Apple for the App Store. It’s half the reason I have an iPhone. I WANT to be able to download any stupid thing in there without a care in the world re: viruses or other damaging experiences.
This is not to say every aspect of their walled garden is good, but I’m more than happy to accept those problems in light of the benefits I personally value.
This is all to say: it’s not much of an argument to point out that one of their selling points is an aspect of their ecosystem! I don’t think you’ll get through to anyone who doesn’t already agree with you.
I never understand this viewpoint — I understand what you're saying but there's no advantage to this over the Play Store model on Android.
You can have the walled garden, and also not restrict people's freedom — on Android I'm sure the number of people that use any other store than the play store or even side load apps are vanishingly small.
To even be able to do it you have to enable it deep in the settings. And even then, if a new app tries to install an apk you have to manually approve that app's ability to do that before reinitiating the entire process.
That's to say, the default experience is very wall gardened, and I do feel somewhat more protected when downloading something from the play store than not, and the vast majority of people will never leave the Google walled garden. But there exists a way to go around that walled garden when you need to, and that doesn't subtract from that walled garden mode in any way IMO.
For myself, the point is that I don't have to download another app store ever. If fortnite wants to get me (and roughly 50% of US mobile users) to play their game, they _have_ to follow the rules of the app store we have decided suits us best. If, however, other app stores are allowed, then there are no rules. No gatekeeper.
> I WANT to be able to download any stupid thing in there without a care in the world re: viruses or other damaging experiences.
The Apple ios app store is positively chock full of spyware. You can’t download apps without a care in the world. This is why Apple put a privacy label on the apps (which is still woefully inadequate; it is self-reported).
The permissions alerts don’t come from the App Store, they come from sandboxing and the permission model. This is a property of the OS, and everyone agrees that this is better than the anarchy of desktop OSs. But they were created decades earlier, sandboxing was obvious in hindsight only.
> surely any "spyware" on the app store is going to include a ton of permissions alerts when it does anything?
Not really. Push notifications is enough. I can send you a push notification and get loads of details from your phone, including cross-app fingerprinting. Iirc Apple allows ~3 silent push notifications per hour so they can be completely hidden.
But really, your search is as good as mine. The entire digital economy is based on personal data collected from your devices, and yes, that includes the iPhone. How is this news? What’s your definition of spyware?
> You can thank Apple for the Lightning connector and App Store too
The App Store was an absolute revolution for mobile app developers. It is hard to overstate how much of an improvement it was over the status quo. People are complaining about Apple taking a 30% cut; it used to be that the operators took a 70% cut. Not for hosting an app store, no, just for sending the reverse-billing SMS message with the install link. You had to host it yourself, there was no store so you had to advertise your app to make it discoverable. You had to arrange (and pay for) a shortcode and SMS provider for every single country you wanted to sell in. You had to write and host code to handle the incoming message on the shortcode and respond with a RB-SMS.
Next to that, the SDK’s were absolute dogshit, phone manufacturers didn’t give a shit about apps and the phones themselves were riddled with bugs (with the notable exception of SonyEricsson, their J2ME environment was excellent). Symbian was a PITA to develop for, BlackBerry was actively developer-hostile (unless you happened to be a Fortune-500 company). Samsung phones were an absolute disaster, every single phone model had a unique set of bugs you had to find workarounds for.
So in comes Apple, they charge only 30% and for that you get a nice SDK, an App Store that distributes your app, makes it discoverable and handles payments worldwide with zero extra effort. We were thrilled when they announced it, and rightfully so.
Google then followed suit with the Play Store, effectively matching what Apple was doing.
So yeah, Apple deserves some thanks for what they did with the App Store.
You’re not required to sell software through the App Store on macOS either. The App Store complaints are only relevant on mobile, which has always been a completely different market.
They did move to USB-C, but the lightning connector was actually a great product, far superior in usability to the Micro-USB, Mini-USB, and whatever other nonsense standards that existed. When Apple wanted to move to USB-C people complained about them "changing standards all the time". There really isn't a move that pleases everyone and even when they do the "right" thing people still complain lol.
> App Store too, for all the good it does everyone in the EU
The Apple App Store is pretty great. There's a large, vocal minority of folks that want changes there, but they also aren't the ones that have to deal with grandma and grandpa doing crazy stuff. If you want another App Store just by an Android phone since that's a feature they offer. Kind of like if I wanted a phone with a larger megapixel camera or something I'd buy something else.
>Apple charging cables, such as the Lightning to USB Cable, are easily prone to fraying. Most commonly, this fraying occurs from device usage while charging.
This has nothing to do with the plug though, its just the material they make their cables out of. Nothing is inherently different about USB-C that will stop this
But the licensing fees effectively introduced a price floor onto lightning cables. Apple's implementation having issues is a problem because other manufacturers could produce a very cheap alternative, but they would be unable to sell it a low cost due to having to pay the licensing fees.
I have a grandma and grandpa and I deal with their devices directly. I’m want an iPhone that lets me do more and I can set up (with their consent, of course) a more limited experience for them. Their phones currently have purchases turned off, for example, because they have a set of apps they need and there’s no reason for new apps, because even with the App Store not all of them are actually good enough to have on their phones.
I've heard it all before, both of these are simple to refute. Apple designed the USB-C connector, they knew it was an option. But as is Apple tradition, they created a new licensed serial and power connector specifically for their phones to promote MFi, their arbitrary USB DRM. Apple could have switched to USB-C at any time; they had no issue shipping millions of peripherals and Macs with them onboard. But they didn't, because then they couldn't foist a proprietary standard onto their most lucrative submarket.
> If you want another App Store just by an Android phone since that's a feature they offer.
Sorry, this is bullshit. Alternative sources for installing software will always exist, even current iPhone users have to accept Cydia as an option. You don't ever have to leave the Apple App Store, but your preference has no right to enforce an artificial limitation onto other users. The Mac as a product would not exist without third-party software distribution, the iPhone is undeniably stifled by Apple's stance on the matter.
Lightning development started in 2008 as I was there!
USB-C development started in 2012 (I was not there!), but from wiki, the ever helpful source of truth: "The design for the USB-C connector was initially developed in 2012 by Intel, HP Inc., Microsoft, and the USB Implementers Forum. The Type-C Specification 1.0 was published by the USB Implementers Forum (USB-IF) on August 11, 2014.[1] In July 2016, it was adopted by the IEC as "IEC 62680-1-3".[3]"
I not sure of the logic here, but Lightning solved a problem way before USB-C existed and I'm sure, led to support of USB-C standards such as reversible connectors etc...
> You don't ever have to leave the Apple App Store, but your preference has no right to enforce an artificial limitation onto other users.
So... just buy an Android? This is not an artificial limitation, it's an express preference that the vast majority of iOS users have voted for.
> The Mac as a product would not exist without third-party software distribution
The Mac is a completely different product servicing a completely different set of needs. Nobody is asking for the iPhone to be able to run Node or Vim so they can do their work, they want to scroll Instagram and reply to their iMessage
I'm sure if it was really that much of an unmet need, Apple would be jumping out of their skin to go and build it and thus rake in the billions of unrealised revenue that must be out there
But they're not, so I'm continue to assume they know what they're doing. Again, go buy an Android if that's what you want
The EU was created to integrate and unify social security, pension systems, welfare states, and, ultimately, politics and policy—both foreign and domestic.
I couldn’t care less about Apple’s case, but the fact that this is being touted as the EU’s biggest achievement in decades says a lot about why Europeans don’t like the EU.
As a user you should be fine with the ability to restrict access to iMessage. Not locked out of it with hardware you own and interoperability dictated by the vendor who also wants you to buy their watch.
Exactly. It's amazing how often the nuance between may and must is missed by Apple fans.
Apple should be able to lock down their ecosystem as a default -- plenty of people will be happy to use that default experience.
But Apple should absolutely be prohibited from not allowing users the choice of unlocking their own device, for additional functionality, if they choose.
It's also glaringly obvious that many of the "freedoms" Apple affords its users (freedom from iMessage spam!) help drive its revenue...
> It's also glaringly obvious that many of the "freedoms" Apple affords its users (freedom from iMessage spam!) help drive its revenue...
Yea I mean this isnt really hard to understand. 99.9% of users would rather have no iMessage spam and also not be able to publish messages from their 3rd party watch. This works in Apple's favor revenue wise because people value having clean and familiar experiences, and dont feel like they are leaving anything behind
Not sure you understand the argument. If you allow people the ability to access iMessage however they want, how do you prevent iMessage spam? You may not care about this, but a lot of people do.
How does connecting to a smartwatch enable spam? None of the comments here explain in detail how that would happen. The messages still get sent through an iPhone and through Apple servers. It's not like Apple is giving up any control over those.
It isn't easy to do with just AppleScript on a Mac. I run a sports team and I wanted to send out a message to people for special situations. Some of the challenges are that you cannot script sending a new message if there isn't already a thread -and- it seems like you must use the same contact info (email or phone number). There isn't much feedback when it goes wrong. Some of these do make sense for preventing spam. I suspect I could have used the accessibility APIs to drive the UI. I eventually gave up.
Not really, but that really wasn't what I was trying to say. I was trying to counter what I thought was a faulty equivalence argument; AppleScript allows unrestricted use of iMessage today, so giving watches an API won't make it worse.
I do think that the state of AppleScript automation is the result of trying to break the mechanisms that were being used to generate SPAM. Could you agree that automation capable interfaces do increase the chances of bad actors taking advantage? Right now, with a lack of information, I don't know how I could make an iMessage automation interface "safe by design".
I do see a direct path from the mandated AT&I breakup and interoperability rules to SIP / VOIP services and the resulting levels of Phone spam and caller-id fraud. This has cost a lot of people, life changing amounts of money and much wasted effort and time.
Un-nuanced tech laws or mandates have a terrible track record for having bad side effects. Those effects often never get addressed, which makes me wonder a bit about the original motivation of why the laws came to be in the first place.
I also see a narrative that company X will automatically refuse to work with company Y or community Z and are de-facto always acting in bad faith. Even if company X was never approached or asked - yeah, companies do tend to isolate themselves making direct communication very, very difficult. I cannot deny that there are some company X's that do seem to behave very poorly. A counter example, in my opinion, is the recent Bambu labs API issue. As a tinkerer, a few minutes of looking at how people had built interactions with their printers strongly suggested to me that Bambu introducing an actual API endpoint was a really, really sane thing for them to do. (I did comment this way). Only time will tell if Bambu was actually trying to improve things or was acting in bad faith.
I don't self identify as a hacker despite being an active member of this community. Im not sure it's a fair assumption to make that everyone here identifies as a so called hacker despite the name. I don't generally like the apple ecosystem but I think the choice to lock things down isn't always problematic. users that care for other choices can choose android.
It's tricky. As a long time Apple user, I appreciate that they are privacy focused, but I also get a lot of spam text messages, calls, and notifications. It's become more and more annoying to deal with these on my Garmin watch and on my phone. I wish I had some sort of AI filter. For example, I want to get a notification if my Uber is running late, but I don't want one if Uber is offering me 20% off if I subscribe to whatever their monthly service is.
"Apple knows best for us" is something I've gotten very tired of over the years.
This example might be apples-and-oranges when it comes to the protecting Apple protecting iMessage, but they often rob the user of the choice that other manufacturers offer.
For example: Hotspot. Android hotspot can be perma-on. iPhone hotspot cannot. It will always switch itself off after some time of non-use. When I asked an Apple employee about this (This was not his dept), his understanding was that it was for not-clogging up Wifi at-scale, and for users who forget to turn it off. But what about the users who want it on always, who pay their cell provider for the biggest pacakge? My computer goes to sleep, and the hotspot turns off and I have to go manually switching it back on because "Apple knows better". I want those choices.
I’m with you on this one. I’d be fine with Apple opening up their ecosystem in a safe and careful way to other companies but only if the security stays, at least, at the same level - and if I’m able to turn off these options in the settings.
This perspective is infuriating. It's literally Stockholm syndrome. Your device is being held prisoner in a cell that they refuse to give you the key to unlock no matter how much you beg, and you are actually thanking them for it.
Different people evaluate cost/benefit trade offs differently than you do, and don't speak of the matter with metaphorically charged terminology like "abuse", "prison", "Stockholm syndrome", etc.
Normally I'd agree; people overuse the term "Stockholm syndrome", but in this case it's a perfect analogy. Apple has you trapped. You can't use a competing smart watch even if you wanted to, because Apple is blocking critical functionality and there's nothing you can do about it short of ending the abusive relationship entirely and completely leaving the Apple ecosystem. But you don't want to do that, you love Apple too much, so instead you choose to thank your captor for holding you captive. It's your fault they have to do this after all; you can't be trusted to make a decision about which smartwatch you want to use. After all, if you chose a competitor that might be a bad decision that would hurt your security. So Apple is totally justified in preventing you from leaving. Thank you Apple for saving us from ourselves!
It would be one thing to acknowledge Apple's doing something bad here but still decide to use their products because you like their hardware. That would be a cost/benefit trade-off. But actually thanking them for the abuse itself? There's really, legitimately no better way that I can think of to characterize the situation than as Stockholm syndrome.
Other users want a secure design without the ability to shoot oneself in the foot, such is the reason for a market where you have the alternative choice in Android.
Just like totalitarian regimes, Apple considers its users too stupid to be allowed to make choices for themselves. They must be herded like sheep towards the right path.
I do not want 3rd party hardware/software vendors to have unrestricted access to the messaging app on my phone that is the only option my bank and PayPal and a bunch of other critical services use for 2FA.
Especially not when the software they want to run is JavaScript, with all it's well known npm dependancy nightmares, _and_ from a founder and team that openly admit iPhones are a second class citizen in their development planning and resources.
And especially especially not when the founders have previously shown their colors when they rugpulled all their customers and effectively bricked all the devices they'd sold.
Even with the limited iMessage/SMS access they have now, I wonder how long it'll be before we see a supply chain attack against Pebble exploiting some 11th level deep npm dependancy on something dumb like leftpad.js, that exfiltrates SMS 2FA codes and first anybody knows about it will be when a bunch of CryptoBros start complaining about their exchange accounts being emptied...
> And especially especially not when the founders have previously shown their colors when they rugpulled all their customers and effectively bricked all the devices they'd sold.
As a Pebble user for a long time, I'm not exactly sure what you're talking about here. If you're talking about Fitbit halting services, I can't exactly blame the founder of Pebble for that. Can I blame him for the poor business decisions that led to needing to sell to Fitbit? I guess, but I'm not a business person nor a CEO and have no idea what transpired to lead up to that. But I'm reasonably sure it wasn't malice as you seem to imply.
Then don't grant them the access! This isn't all or nothing! It's a matter of being given a choice (to which you can say "no!") or being given no choice at all.
Preach. My team's building an OS for smart glasses and some of our most common feature requests are iOS notifications & being able to reply to them.
We're going to have to do insane things to get them working. Due to how ANCS works, we're considering developing an ANCS "doohicky" (either a BLE pop-socket, smart-ring, or mag-safe wallet) which gets notifications via BLE & relays them back to the iPhone, to then send to the glasses. That would just get us the raw notifications, though, and wouldn't solve the issue of replying. The other option is a Beeper-like system in the cloud to bypass iOS entirely, but that also has downsides.
It's a total mess, especially compared to Android where you can just easily listen for notifications & send them to the glasses without much pushback from the system.
You could say the same about software and app stores. If safety were the top priority, then the safest option is to say no apps, but that isn't competitive or lucrative. Apple's approach is to create safe frameworks and a review process that allows the App Store to exist.
I just want to add that over the last few years Apple has also been teaching its users to ignore security warnings as they make it difficult to verify software and thus lots of stuff never does. Its why there's few free things in the App Store because Apple charges. You install things from GitHub and well you're gonna get that security warning.
I assume you're talking about the Mac App Store since one can't easily install iOS software via github.
It's a tricky situation. Windows Vista tried to improve security and then was criticized for having too many UAC pop-ups, and for breaking legacy drivers.
I don't like Apple's syspolicyd, but it is also an attempt at improving security.
I'm talking about MacBooks. Sure, this is about iPhones but it's also about a closed garden and other devices in that closed garden which are very likely to also be owned are teaching people a very specific lesson
Poor security implementations harm security, because they train users to click through them. It’s certainly an “attempt” but I wouldn’t say it improves security.
You could argue for only allowing communication through selected carriers, or connections to selected brand computers, and connecting to selected manufacturer Wi-Fi hotspots too
Yeah, but while Apple might consider the hardware to be "untrusted", at some point I trust the hardware I bought. Apple telling me I cannot decide what devices are trusted or not is annoying.
You do realize this is a very infantilizing attitude? Why can't the end user choose its own level of security vs usability? Letting a corporation decide this for all users is just creating a nanny state in different clothing.
I tend to agree with this, but if you look at the PC ecosystem, you'll see that 'leave users to figure out their own security' is a shit show.
Phones, for better or worse, contain much more private and personal information about users than their computer I would bet on average.
So I understand the urge to make phones more secure by default and to help users avoid foot guns, even if it means restricting their choices.
You are likely not the average user, and I think it's a bit selfish to demand total freedom, that you can manage safely, when for most users they would be worse off.
In a perfect world we wouldn't need this but we certainly don't have one of those.
> I understand the urge to make phones more secure by default and to help users avoid foot guns
There's secure by default, and then there's stuff users can't override even with great effort. Android restricts some dangerous operations by default and makes users jump through a couple hoops to acknowledge the risk. iOS usually forbids them entirely.
> I tend to agree with this, but if you look at the PC ecosystem, you'll see that 'leave users to figure out their own security' is a shit show.
I do not in fact see that. PCs work pretty damn well, security-wise, even with clueless users. I'll grant you it isn't as secure as phones, but it's by no means horrible.
Were you around for the first 10-15 years of the widespread consumer Internet?
I actually disagree with you that things are good, security-wise, today.. They are still pretty bad.
Back then was extremely bad.. Back then, Windows was never designed to be a networked operating system and was just full of security problems like you wouldn't believe.
The problem is that we're in a duopoly on the most important metaphorical ecosystem on the planet. If the market were competitive and efficient, I'd agree, but it isn't.
The upshot of this is that Apple can unfairly compete in all sorts of verticals just by owning that platform. A lot of companies could make a good Airpod competitor, but without access to the same functions as Apple's they're hamstrung. Watches have this problem even worse.
Say what you want about Microsoft at their zenith, you COULD compete with their browser, in fact, people did. You just can't with iOS. That's more important than some users having poor security. (And really, how are we going to worry about phone security when there's a system as stupid as passwordless social security numbers being the key to your financial life?)
The natural duopoly needs to be regulated such that it doesn't spill over into every tangential market.
Without that "shit show" you would never end up with devices like iPhones and useful software that drove last decades of innovation and progress.
The ability to build better things is the reason why you can now sit here, using technologies built on that "shit show" machine, and bloviate how new generations aren't allowed to build new things anymore because a megacorp needs to feed its greed.
It doesn’t follow that the past had to be a shit show for the future to not be a shit show.
In any case we are largely still learning when it comes to security and I don’t really want to make things less secure for the many just to satisfy the few.
While I agree with you (I daily a rooted Android phone), anyone who cleaned up a few Windows machines for non-technical people 20 years ago probably at least understands where Apple is coming from. The average person is really bad at system administration, and it doesn't take many bad actors creating malware and scams to have a big impact.
It's not really about system administration.
The average person is a low effort moron who will do whatever he pleases without thinking about the consequences.
The difference with computing is that since it's "new" and sometimes it has bugs, they will blame the hardware/OS any chance they get.
Have you done a lot of tech support for people?
If not, you really don't know the extent of it. It's not insulting, it's just how people are.
You should meet the guy who had a lot of issues on his MacBook Pro, related to low storage left (barely a few gigs) that was entirely due to his extremely large porn collection.
When asked about it, he doesn't have too many files. What do you do in that case? Isn't he a moron both for storing so much porn and at the same time (somehow) believing a tech support person wouldn't find the root of the problem. It was in a "hidden" folder, so not only he is a moron for the first offense, but doubly so for thinking a competent person wouldn't find something so obvious.
So, I reiterate, most people are morons, and technology just reveals their ineptitude in plain sight, it's simple as that.
You are free to believe in your idealized version of the world, but it doesn't match my experience at all.
Yes, I do. In fact I had someone visit my house literally today because she needed to fix her SMS setup for her phone and I have been her tech support for years (as I am for most of my family and their friends). The people I help are quite smart but they have better things to do than figure out exactly how technology works. I explain what they need to understand and they know they can always ask me when they are confused.
I actually think your example illustrates this: people use their computers for porn. There's nothing wrong with that. If it's so large that he has no space left, I mean that's a pretty actionable thing to tell him. He's not an idiot for not figuring it out himself. That he "hid" the folder from you–I mean, people hide things from professionals all the time. Nobody volunteers to their doctor that they wipe in the wrong direction and thus have chronic UTIs. It's your job to work around the reasonable things people do that make your work harder and bring them to "oh, that makes sense, thanks" perspective.
So you are telling me that someone who doesn't make the connection between low storage on their computers and their large porn collection which is the reason of this low storage causing issues is not an idiot.
They could have deleted their stach (or at least part of it) anytime to see if things would improve, which is how not moronic people work (you know, the try and see feedback loop of proper learning).
You are just of bad faith, pretending to be outraged about what I said even though it only describes the reality of the world. Your newfound religion is so bad that you find offensive something that doesn't even have any moral implication to it and is factual proven by so many statistics that it is not even worth arguing about.
If you what you mean is "not every computer user is a moron" you need to work on reading comprehension because that's not what I said. I stand by my original statement and you are somewhat proving me right.
That's unfair. Modern computers are extremely complicated to the point that even the most knowledgeable person has only a partial understanding, and nearly everyone is required to use them to function in western societies.
There's probably something important and complicated in the world you have to interact with regularly that you don't understand very well. Based on this comment, I think it might be people.
Modern computers are complicated to build and to use for complicated stuff but they have been extremely easy to use for regular stuff since the late 90s.
Pretending otherwise is nonsensical, since the richest economies in the world depend on it and surely not everyone is at a genius level.
There are some things important and complicated that I don't understand very well but they are not about basic operation of relatively simple things. It's like saying operating a washing machine or using a knife is something special.
And I do understand people very well; in fact, much more than I wish, by necessity. Your average person is frustratingly basic to the point of being extremely annoying on top of boring. I just choose to not pretend and "be nice" anymore, because it just hides reality and doesn't help anyone.
The fact that we have some people designing complex computers or sending people to the moon while others are barely able to cook a meal is largely a testament to that.
You might want to get rid of your ideologies if you believe what I said is controversial or wrong. Most people, by statistical definition, are idiots. Technology just reveals that fact very clearly, it's as simple as that.
Word. When my kids were pre-teens and teens I moved their computers onto Red Hat because I was tired of cleaning spyware off of it when it was a Wintel box. I moved my wife onto a Macbook Pro for the same reason, and she used to do user support for a community college back in the day.
Because with iMessage, it's not about your own security, it's about the security of everybody that you're allowed to message from a given device.
I suspect Apple can significantly cut down on abuse prevention measures just by making it harder to automatically send iMessage spam.
If any random Bluetooth smartwatch was allowed to send those, there's no telling how that capability could be abused, we all know how IoT vendors are with device security.
The adverse consequences are not limited to the end user that made that choice, and few people will subsequently admit culpability for the external consequences of poor choices. Which is to say, people are hypocrites. How surprising. Thus is the boundary of rational individualism identified.
Not all corporations make better choices, however, which motivates a regulatory role. Thus is civilisation identified.
Because the end user aren't computer scientists. End users should have NO capability in determining their own security, since they could LITERALLY BE infants playing with the iPad.
It is the responsibility of the systems designer to make sure the system is secure, not the end user.
And if you require instructions on how to secure your system, then you have already failed. A properly designed system is secure with zero knowledge.
Remember, it takes work to learn anything, and the goal of a tool is to reduce work, not to increase it.
Throw away customization. Throw away configuration. Both of those are bad design principles.
At some point you need to accept that there are sufficient hoops necessary to jump through to disable security that no one would accidentally do it. If you really think that security is so paramount that no level of compromise is acceptable, then
you should be outraged that devs can test their apps on their iPhones.
You should be up in arms at the existence of the App Store that lets you install software written by third parties.
You should be petitioning Apple to remove safari as what could be more insecure that downloading and running arbitrary code from a completely unknown website?
And you should be happy paying $1500 for a function-less, featureless, slab of Titanium with an Apple logo etched on the back, secure in the knowledge that it has no security vulnerabilities whatsoever.
You do understand that “make it work by default” and “customization” are not exclusive, right? you can definitively pick defaults and allow customization for those who want it.
You're right. This is a good reason to restrict this class of drugs. There is a finite usefulness, oh which each person who uses them consumes a tiny little bit.
You can't be serious, right? I don't even want to imagine how many people would accidentally kill themselves or at least seriously damage their health if that was the status quo.
Is that my job to prevent? If someone wants to do the most damaging things possible, to intentionally kill themselves, should I feel entitled to stop it?
People should be free to do stupid things, so long as they don't hurt others (the antibiotics example that another poster gave us a much stronger argument)
This sounds like a libertarian take, in the sense of "libertarians are like housecats - convinced of their own fierce independence but totally dependent on systems they neither control nor understand".
There are prescription drugs with side effects that cause real second-order societal problems (OxyCodone and related opioids are one the come to mind immediately). Amphetamines can cause psychotic behavior (see https://en.wikipedia.org/wiki/Stimulant_psychosis for an accessible read). If the person using and abusing those drugs were isolated from others and couldn't harm them it would be one thing but they usually aren't.
What are the limitations of integrating via notifications? That seems like the user-respecting method. For example, I don't use iMessage or SMS, but WhatsApp.
The attack vector is a 3pt app being compromised - maliciously or otherwise - that logs/collects the messages - i.e, the apps themselves can be a threat vector. To be blunt and honest, I’m not sure I disagree. The notification framework seems like an okay compromise to me. I have used it with my Garmin bike computer and I’m more than happy with the level of integration.
Might be a little bit of both but nothing you said there contradicts the original point--opening up iMessage integration to arbitrary bluetooth connections is a bad idea. It blows open access to all your messages...who knows, maybe even the e2ee keys. Law enforcement would have a brand new frictionless way into all your messages
I don’t think Apple would ever expose the encryption keys to your messages. Nobody would want it anyway: why reimplement the protocol when you actually just want to send and receive messages? And I fail to see why it would be frictionless for law enforcement, as they’d need to have access to your device.
And what happens when the MFi chip is cracked, as it has been before, and Apple has to choose between permanently compromising their ecosystem or disabling support for a bunch of 3rd party peripherals?
A lot of slang comes from street language, so that thought may still be right. :)
It's a decades old word that used to mean trying to one up someone with tough talk, exaggerating, topping someone. That talk would be so high above the others, it would be the cap on top.
Now to have a good story, to have that cap, people could be... flexible with the truth, so eventually, over the years, to cap started to mean that you were telling a tall tale, a lie.
Etymology: like others said, the old version of cap was short for a bullet. And that term most likely comes from “cap guns” which are/were you guys for kids that had a tiny tiny amount of gunpowder/similar so they made a small noise when fired.
So a bit of speculation, but it’s possible that the word cap has inverted twice over the years, from a toy/fake bullet, to a real bullet, and now back to being a synonym for fake, which it originally was.
May I suggest using proper English? I believe part of the reason you are getting downvoted is due to the hat language you are using. Several people, understandably, will not comprehend.
I don't think anybody buys their product for the specific reason that they can not do certain things. Nobody likes the restrictions. People buy a product because there are features (things they can do) that they want, including intangible features like usability (it's easier to make a full system backup on iOS than on Android, for example)
Edit: or maybe I'm wrong. I do know one person who bought a phone because it sucked, because they didn't want to spend as much time glued to the device. It was an Android with a tiny tiny screen, though, because iOS would not be allowed to run on hardware of your choosing due to Apple's restrictions... Either way, I guess there is a market of people who do want to inflict pain upon themselves, but this really does seem like exceedingly niche argument to me. Saying that the restrictions are the reason why their demographic buys their device is just buying into Apple's lies that fund their bottom line
I have recommended devices in the past to family specifically because of the bad/annoying things those devices don't do, so I, as family IT support, don't have to clean up the fallout.
As someone who has found a lot of holes both in design and implementation, which have been reviewed and vetted by excellent people and companies, which have all the appropriate certifications - no thank you.
I understand the benefit of an open ecosystem. Use your web browser, or a third-party app. The tech adopted by the masses needs guard rails and secure defaults.
I hated Apple’s ecosystem growing up, now I think it’s necessary. We can’t trust developers, or companies, that have competing interests to do the right thing.
> I hated Apple’s ecosystem growing up, now I think it’s necessary.
Funny, because the overwhelming majority of people and systems exist outside of it and are doing just fine. This sounds like the sentiment of a crab in a bucket who's feeling quite safe from the sides since it was caught.
> moving a message over BLE to untrusted hardware and worse accepting them back into iMessage is a massive, massive change in the security boundary
Is it? My iPhone replicates messages to my mac from where a process can extract that data, it can capture the screen etc. I can use a mac today to set up a relay that would then send those messages to a smart watch if one would do that.
Yes? Imagine a bug where iMessages are leaked over Bluetooth when a user has installed an application that integrates with some watch brand. Bring this to an airport and you can steal hundreds/thousands of messages from a wide range of people. That’s widely different attack vector than targeting macOS.
That said, I don’t see why Apple can’t provide toolkit/certification that will make it safe to communicate over Bluetooth. They already have it in-place for Apple Watch.
Imagine a bug where the Apple Passwords app leaks over HTTP. Bring this to an airport and you can steal hundreds/thousands of Passwords from a wide range of people.
>The lack of encryption meant an attacker on the same Wi-Fi network as you, like at an airport or coffee shop, could redirect your browser to a look-a-like phishing site to steal your login credentials.
Should be, but BT stacks are super crap and it's hard to truly guarantee that. Pretty sure they do not currently require the highest (actually proper) security level from everyone.
Well they could require a security level for starters and require only secure pairing (the fact that we even have something besides secure pairing should make a few bells ring), but that still leaves a bunch of avenues for an external vendor to fuck up their side of the implementation.
It's a whole another system outside of Apple's control and some mutually agreed upon Bluetooth LE elliptic key does nothing to protect it in its entirety. It still leaves cryptographic mistakes, side-channels and all other vulnerabilities.
Like, what does https:// or transport encryption in general really say about the website's security to you? Not much besides transport, does it?
Now we want to expose more than notification contents over Bluetooth (LE)? Are we sure? It has to be carefully designed.
You have to trust 3rd parties at some point. Apple can make it reasonably secure and let the user decide if 3rd party accessories are worth the potential risk but that option is never exposed.
Really Apple allows HTTPS connections but the same implementation concerns apply there. The web server could publish it's private and session keys to a "status" page and leak enough to make decryption trivial
I think it'd be more honest if they say "we don't want to give users options" (for better or worse) instead of claiming it's security
This whole thread is chockful of thought-terminating cliches, and I say that as someone who grew from a waiter to a developer thanks to Apple and made a lot of these arguments.
I also worked on Android Wear's iOS app for working with iPhones.
The major problem I see now with these excuses, that I'd like to claim wasn't an issue when I was making them circa 2015-2017, is they're cargo cult (a la Apple likes making things that just work) or boogeymen (if they did anything different, a bluetooth connection would be used, unencrypted, sending all your data into the ether).
The watch has been out for 10 years.
Software is software. Where there's a will, there's a way.
It's very, very, very, hard to believe there's 0 way for Apple to ensure an encrypted connection.
Put another way, avoiding the global observations: If it's impossible, why allow watches to be paired at all?
extreme handwaving hand-me-down 6 year old iBook(?) circa 2005 => wow software can be beautiful => hacking on AppleScript => hacking on iPhone OS 1.1.4 decompiled SDK => iPhone 2 with the App Store(tm) => shit, I can make money off this? => dropout => startup => sold it => saw what an acquisition looks like => by the grace of god herself, somehow made it through Google interviews.
(happy to detail more, like everyone, I love talking about myself :P but figured I'd start with the TL;DR, i.e. the App Store + subsequent boom happened at such a time that made it seems reasonable, years later, to dropout, and having 0 responsibility outside restaurant shifts gave me a fulcrum)
> that I'd like to claim wasn't an issue when I was making them circa 2015-2017,
Well, I wouldn't say that the standards for (software) security were anywhere near as high as they are now. It makes sense that our requirements for things change.
> It's very, very, very, hard to believe there's 0 way for Apple to ensure an encrypted connection.
Sure there are ways, but without regulation I struggle to see why should/would Apple ever bother. Nor do I think that a forced way would be held to the same standards as the rest.
> Put another way, avoiding the global observations: If it's impossible, why allow watches to be paired at all?
Yes, but they can actually know it fulfils some security criteria of theirs. Doesn't have fundamentally broken cryptography hidden somewhere, doesn't leak its keys, all that bare minimum is really difficult to guarantee with external unknown implementations.
Might be, but I meant the wearables' stacks. Fundamentally Apple can't ensure much more than a vaguely transport encrypted connection to such a peripheral.
Apple can't (trivially) detect if there's a fatal flaw in the way the other side derives their secrets for example. They can't know if the device doesn't have a backdoor characteristic/API that gives access to the key material. They can't know if that proprietary stack can't be exploited in n+1 ways because it has been written by an underpaid intern.
But if Apple gave access to everything over BLE they would be expected to. At least by most Apple users. Be it a good or a bad thing. It's a rather enormous access vector, if they'd provide feature parity(-ish) with Watch.
Much more sensible would be to make such features available to apps (and by proxy, wearables) with entitlements. But even then it can be just as insecure, just by proxy.
No, the vendor's BT stack would be responsible for broadcasting any responses back to the device -- like, in the article, "send text messages, or perform actions on notifications (like dismissing, muting, replying)"
Do you actually have anything conducive to say, anything specific you'd like to argue against?
Encryption is optional, there are four security levels for BLE, multiple pairing methods, privacy extensions, there are so many ways to mess things up.
I agree with you, but your iPhone forwards SMS messages, but not iMessages, and there's a trust relationship between the devices through Keychain. Still, doing it blindly over BLE is a scary proposition.
Step 1: Have the iPhone pop up saying "do you want <Pebble watch> to be able to send messages?" and let the user decide which devices can send their phone messages.
Step 2: Have the iPhone pop up saying "do you want <Apple watch> to be able to send messages?" and don't just assume "yes"
Both steps would improve security, even if they harm Apple's profits.
Ah, but you see, they need to go to the Apple store and buy an Apple product, then with no clicking at all the app will work.
If they go to a different store, and buy a non-Apple product, that's insecure. What they need to do is return it and go to the Apple store and buy an Apple product. That's secure. Give the money to Apple.
You're being sarcastic, but isn't this all just... correct?
Yes, I do trust the company that developed Secure Enclave more than I trust random BLE firmware in a $49 Alibaba watch.
More importantly -- my great-uncle can trust the same thing, because Apple has spent decades building that trust. Consumers generally should not trust random hardware. Apple is not random hardware.
Google, Samsung, Pebble, Amazon, Microsoft, Sony, etc. have also spent decades building trust and don't build random hardware. But that doesn't matter because Apple locks them all out and insists you remain within their walled garden where it alone profits from you.
If you don't want a future where you have to buy Apple milk to put in your Apple fridge (because the fridge stops refrigerating if you try putting any other brand of milk in it, citing "security issues") -- or worse, you can't get your Amazon fridge in your Apple house because it cites nebulous reasons and refuses to open the door - get out of the reality distortion field and accept that it is in people's interests for one item to work correctly with another, and to call venal vendors on their "oh but it wouldn't work or it wouldn't be secure" bullshit.
That’s not the point, though. Any method by which apple exposes APIs to Samsung, Google, etc:
- requires immense development effort and expansion of security surface area
- STILL offloads trust to Samsung, Google, etc
The hyperbole here is a little hysterical. Apple doesn’t totally lock out third parties. In the smartwatch example, it is a very specific set of features which involved passing data (which users expect to be e2e encrypted!) back to Apple. That’s an extremely hostile security environment! Product tradeoffs would absolutely have to be made in order to support arbitrary third parties! I don’t think it’s fair to just demand that Apple make their product worse without at least exploring the balance.
Anywhere Apple trusts itself is a place where they can trust a third party.
Anywhere Apple wouldn't trust a third party is a place it should not trust itself either.
It doesn't even have to be arbitrary third parties, it can be Apple's chosen third parties. But they'll choose nobody, because they love lock-in too much, and they'll tell the rubes that it can't be done or it's too hard. That's just bullshit, and they know it. They do it to lock out competitors, so they alone can juice their existing users.
The only thing that can open up Apple is regulation -- and as we've seen in with Apple's spiteful attempts at compliance with EU DMA rulings, it makes up arbitrary criteria calculated to maximally lock out and frustrate business rivals. It's like it's trying to come up with a compliance solution that the EU might accept but would result in as few competitors as possible able to actually use it, ideally zero.
> Anywhere Apple trusts itself is a place where they can trust a third party.
This quite literally could not be further from the truth, and to suggest that it is true reflects such a comprehensive misunderstanding of both the fundamental nature of computer security and the practical realities of the world in which we live that it's not really possible to continue the conversation productively
Android handles a couple permissions it doesn't want people turning on accidentally by requiring that the user open the settings app and manually pick which apps to allow from a list. I wonder if that reduces the rate of people enabling things unwisely.
>We have decades of experience that users will blindly click whatever prompts they need to make the app work.
Really, how is Apple protecting you from clicking Allow on a webbrowser if it asks permissions for WebCam and Microphone? I am asking since I do not have a Mac and really want to know how well are Apple users protected compared to Linxu users from web and microphone on browsers.
That's exactly how it works. Apple does the same thing everyone else does. But when Apple does it, it's "secure", and when everyone else does it, it's "insecure". Hope that helps.
Where do you draw the line between allowing functioning adults to make their own choices (even if they are mistakes) and tech paternalism?
Currently we seem stuck in a positive feedback loop where tech becomes more and more paternalistic which creates more and more tech illiterate users which is used to justify even more tech paternalism.
It is convenient that this tech paternalism also happens to align with the profit incentive: Easy to trap people in closed ecosystems this way.
You're getting dumped on here but you're absolutely right. Anyone who has been in software for any amount of time knows this, too. HN is full of software developers--downvoters should know better.
You can put a button in your app that says "Tapping this will drain your bank account and give you cancer" but if it also enables functionality that the user wants, they will tap it.
Sounds like a "make better warning messages" issue.
Most users are not able to root their device due to the number of steps needed and will give up on an app that needs root access. Make it so that you have to do something other than just clicking a warning message to enable using your Pebble then.
Warning messages can be made idiot proof with some thought.
If Apple had their way, they would LOVE to sell you a $2000 aluminum brick with no screen, speakers, microphone, etc., that still required a proprietary cable to charge.
A set of four castors. Like the bottom of a shopping trolley. Yours for $699
Tell your friends! "Each castor costs one hundred and seventy five dollars. It costs four hundred thousand dollars to run this computer... for twelve seconds. Ah ha ha ha ha ha ha!" (https://youtu.be/jHgZh4GV9G0?t=19)
Don't forget that the founder used to work for Apple and used that fact to demonstrate their expertise. Are we sure Humane Pin wasn't Apple testing if this was possible? (I'm joking. Apple already knows the answer)
I absolutely hate these sorts of nagging popups and I’m happy that a vendor I already have to trust doesn’t pop them up when I acquire a new product and sign it into my Apple account.
Imo, if this were to happen, it should happen by allowing devices like the pebble watch to sign into an Apple account and acquire permissions through that process rather than nagging on my phone on pairing.
I think I was pretty clear. You setup your pebble watch via openid connect/oauth like any other API client. No nag popups, manual Bluetooth pairing, etc.
Only if you consider connecting to a single phone. The advantage of what I’m proposing is the watch would automatically work with whichever other Apple devices are on your account.
> moving a message over BLE to untrusted hardware and worse accepting them back into iMessage is a massive, massive change in the security boundary
Anyone can already screenshot iMessages and move them out of the "security boundary"... which btw doesn't exist much, as if you have any Mac connected to your iCloud account then those messages are being synced to an SQLite DB any process running under your user can access.
There are easily hundreds of cases involving some alleged or actual liability that various groups claim Apple to have in relation to this or that feature/product/service/etc.
The point is that Apple has never been successfully sued because someone clicked through a warning. I don't care if someone files a frivolous lawsuit that fails.
I just want to learn about a single such lawsuit, anywhere, that's actually succeeded. I can't find any.
This doesn’t even make sense in relation to my prior comments… as unsuccessful cases also cost Apple, and various other parties, real money. So it seems entirely irrelevant to the point.
But remember, the whole premise of this discussion is that fools can be duped into clicking yes to anything, so scammers can talk your grandmother into granting an application that permission. In one case iPhones must not permit it because Apple cares very much, but in another MacOS permits it because it doesn't matter or something? Either way, Apple can do no wrong!
I don’t think you understand what the security boundary of iMessage is.
People’s phones got compromised by NSO sending images to them via whatsapp that used an exploit in one of the image libraries to run a malware payload. The security boundary isn’t about whether you can see your own messages, it’s whether bad people can root your phone by getting untrusted code to run. That’s a very different proposition if iMessage is a single codebase that they fully own end to end versus it has a plugin ecosystem. Having such a plugin system widens the security boundary by adding a much larger codebase that would require trust.
It doesn't need to be a plugin ecosystem - no third party code needs to run within the iMessage processes/sandboxes/containers. In fact, no third-party code needs to run at all on the phone - all that's needed is to expose an API over BLE that allows previously authorized external devices to query/send messages.
In defense of the "it's security!" position (which is not mine): I think they mean a similar vulnerability could exist on the client side of the API. As in someone sends manipulated media that targets a vulnerability on the third party device, the media gets forwarded through the API, now that compromised third party device does bad things over the API.
Personally, I think that it's really just a convenient third party lockout excuse, but the argument isn't quite as bad as it may seem at first glance.
> People’s phones got compromised by NSO sending images to them via whatsapp
Has this happened on iOS via WhatsApp?
I know Apple's had a view problems with this happening with iMessage, but always been unsure whether third party app sandbox does a good job of containing this?
No, that’s not true. NSO Group already has the means to send people spicy JPEGs all they want. Adding this would not significantly change their capabilities.
> "One reason iMessage is less of a total cesspit than SMS is that the ecosystem is closed"
I don't think that's the main reason. iMessage is available on macOS, so by definition isn't that tightly locked down. Anyone can automate/script the desktop app to try and fire off as many messages as you like.
But of course that won't really work because Apple has security algorithms in the network that detect unusual behaviour. Did that user/device suddenly start to fire off 1000 messages to users they've never contacted before? Activity flagged, user blocked.
There are also functions in the iMessage app itself to block and report unwanted/inappropriate/spam messages. So even low-volume spammers will not get away with it for long.
Besides, in the UK, SMS spam is almost non-existent in my experience. Unlike in some other countries I've visited where it's a huge problem. That's not because the ecosystem is any different - it's because there's strict rules that are actively enforced (see TPS: www.tpsonline.org.uk).
> Besides, in the UK, SMS spam is almost non-existent in my experience.
This is not my experience. Perhaps 3-5 years ago was the peak of SMS spam, but I still regularly (1/week minimum) get one of the various "package delivery" | "tax refund" | "diesel emissions" scam/spam texts.
If your value prop to customers is seamless and secure default behavior, then of course blocking insecure peripherals aligns with your financial interests. This doesn't seem nefarious at all to me.
The post you're replying to meant that it boosts Apple Watch sales because they hobble the functionality of competitors. I think your statement is simply saying that any competitor is insecure. I'd be surprised if that were a widely held view.
Hobbling is a weird way to say that they aren't privileging unknown hardware. Yes, they make their own peripherals work better together. This seems like the only way to do some of what they do, airpods are so good because they use a proprietary standard that is better than bluetooth, using the open standard would be worse.
My point is that it is good that they focus on making their own products work well together, it provides better value than being wide open and trying to work super well with everything. Windows tries to work well with any peripheral, and its a bad experience.
That's not good enough. If you're Apple, and you're worth 3 trillion dollars, you can both do security and behave in a way that isn't anti-competitive. They could interoperate securely. Is it easier to just lock out your competition and use proprietary everything? Yes, duh. It's also blatantly anti-competitive, which is a thing that societally and (arguably) morally is not acceptable.
I hope to read this blog post in an antitrust case from the DOJ one day.
It isn't anti-competitive to not open up your hardware and software security stack to any other OEMs who wander by. You can simply just buy a competitor's product, for less money even.
I recommend reading the Telecommunications Act of 1996, which required all incumbent telephone companies to allow any other company to install equipment in their central offices and buy rights to already laid phone lines at a fixed rate, where all the expense of actually building and laying everything laid entirely with the owner of the central office.
Turns out that (fairly applied) antitrust doesn't care how much it money it costs an incumbent company to begin allowing competitors
This is a goofy argument. Telephone lines are a natural monopoly, cell phones are not. I have no interest in a poorly secured grab bag of bullshit blue-tooth add-ons, and there's no government interest in enabling that.
Whether or not something is anti-competitive has nothing to do with how convenient it is for the incumbent. It may indeed by quite onerous for the incumbent. The bar for anti-competitive behavior is:
- Is this stifling competition?
- Is that harming consumers?
Per the contents of the blog post, yes this is absolutely stifling competition given that Pebble won't be able to provide the same features/experience as the Apple watch. This directly hurts Pebble which prevents them from competing.
As for how much that hurts consumers, the answer is not a clear "yes". The iOS market share is ~60% in the US and I don't think the majority of those folks wear or are interested in wearing any kind of watch, smart or not.
However, if Apple keeps this up they're absolutely going to go the way of Ma Bell https://en.wikipedia.org/wiki/United_States_v._AT%26T_(1982) and the eventual Telecommunication Act of 1996 which forced incumbent providers to interconnect with folks who would ostensibly be their competition.
This is incredibly vaguely defined here. Saying that apple stifles smart watch competition by not actively working to make iphone more interoperable with non apple smart watches is ridiculous. You'd never say that a car company is stiffing competition by making it hard to install a new engine, or mount after market add-ons.
People have such a confusing hate-boner for apple. Just buy an android phone.
The EU tech space is a barren landscape of technological dross pumped out by Siemens and some other big consultancies, so I’m not sure I’d want to apply their terrible laws here.
I mean the results of the lawsuits are it kinda is. You don't have to open it up technologically in the sense that just anyone ole' device can just pair but you should have to give any OEM access that wants to be part of the secure hardware club— they get to use the proprietary bits for interoperability.
Any smart watch vendor should be able to call up Apple and make their own watch which is equally privileged to Apple's. And the requirements to the vendor to do so needs to be not so onerous as to be an effective ban.
If you’re Apple and worth 3 trillion dollars then you can also ship a voice assistant that’s competitive with the 5 year old state of the art. It should be simple. Money can be turned into engineering results with absolutely no trade offs.
As a customer I would like to be able to make that decision. I don't need apple to hold my hand. They could inform me in the app store or when I install the app. Here apple is making that decision for me.
Apple is obviously the vendor for people who like to have their hands held. If you don't like that, make your decision earlier, just don't buy Apple. Worked for me the last decade.
I'm happy for them to hold my hand on commodity electronics. I don't ever want to have to think about how my phone and headphones work. I like to fiddle with computers, but not the stuff I need to run my day to day life.
> As a customer I would like to be able to make that decision.
You can. There are dozens (hundreds?) of phones you can buy that aren’t an iPhone. It’s been well known for nearly 20 years at this point that iPhones are more closed than the competition (of which, again, there is a lot). They are successful because of this, not in spite of it, contrary to internet belief.
I'm not sure I follow? Every company does what is in their own financial interest. Even b-corps and non-profits have to keep an eye on their balance sheets.
The point is that Apple does not actually care about you on the basis of principles. It only cares about you to the extent that it serves its own financial interests.
This is important because Apple could one day decide that caring about you no longer serves its interests. This has already happened with user experience, where even the Settings app now has built-in ads pushing Apple's services. It has also happened with security, where Apple uses its robust security infrastructure to prioritize media company DRM over users' interests.
> Do people expect a computer company to love them individually?
I expect corporations to be honest and sincere, and present the full argument for why they're doing what they're doing. I don't know if "people" in general expect this, but if they don't, then their expectations are too low.
I am quite sure there is no US law which says Apple must build out support for media company DRM. Linux doesn't support it and hasn't been declared illegal.
This is (I guess) not what OP meant. Apple obviously also gains financially from blokcing everything outside of there ecosystem, mainly because the majority of Apple users will only buy Apple hardware.
Obviously, yeah, keeping the hardware a bit more safe also helps, but the main financial gain is definitely not coming from this.
Note that I said seamless AND secure. Having preferential treatment for a limited set of well known hardware makes the experience seamless. I like the secure and easy hand-off between apple devices. I wouldn't want to give up the security to make it work.
Something I learned a while ago is that there's a particular brand of very vocal person online who has a bone to pick with Apple. Sometimes it's for a good reason, sometimes less so, but the point is that they come to discussions of any Apple topic with a conclusion ready in hand and then work backwards from that. In this case the conclusion is, "Apple is wicked, perfidious, and monopolistic."
Truthfully there isn't much you can say to people in that mindset.
Case in point. If the topic was that, then I'd welcome the discussion, but when you simply bring that to every discussion about Apple... it gets old. After all your statement only really needs to be said once for people to understand it, which makes the repetition over the years very grating. "Single issue posters" are generally the least engaging on the internet.
Apple is a poster child for why there should be limits on the power of wealth
Closing your mind to the possibility that Apple is throughly rotton is probably soothing, but the possibility remains that we are right, you are wrong, and each time the conclusion is the same, and correct
Big Tech monopolies sniffle innovation and hord resources
Apple and the like are only worth as much as they are because of intellectual property laws. Without that, you'd have a million iPhone clones (perfect copies, minus the dumb stuff) on the market a few days later and Apple would soon be worthless.
Intellectual property laws is not some natural law of the universe. It only exists because the people (i.e. the general public) want it to exist. They could do away with it on a whim, but choose not to. Which isn't irrational as it may first seem. Their own careers probably rely on the status quo, and their retirement savings no doubt rest on companies like Apple being worth a fortune, so there is a lot of incentive to not rock the boat.
IP laws are not all or nothing. It is possible to have property law that allows the good things (personal property, rewards for innovation) without the bad (market domination, monopoly and oligopoly)
We have not tried, and it is not due to "we the people" it is due to "them our overlords"
Funny enough, the state of intellectual property tends to be much more relaxed where overlords are actually found (e.g. China). It's easy when one guy can make things so. Far less easy when you have millions upon millions of people afraid that any change will impact them personally.
Interesting conclusion given that pro-Apple comments with provably incorrect claims routinely end up at the top of the HN's comment section, this thread included. Information directly refuting those claims often gets downvoted and suppressed. Why is that?
Apple makes a mockery of their own "security promises" for iMessage by not end-to-end encrypting iMessages in iCloud by default. Ridiculous to use that as a justification to prevent users from choosing to send their messages to watches that happen to be made by someone other than Apple.
If the sender or recipient has iCloud backup enabled then by default (i.e. without ADP) Apple can read the entire iMessage conversation. And they routinely do, at the request of law enforcement. Since Apple does not allow default-secure alternative cloud backup solutions to exist, it is almost certain that a large majority of iMessage conversations are compromised in this way (with no notification to sender or recipient).
> Messages in iCloud is end-to-end encrypted when iCloud Backup is disabled. When iCloud Backup is enabled, your backup includes a copy of the Messages in iCloud encryption key to help you recover your data. If you turn off iCloud Backup, a new key is generated on your device to protect future Messages in iCloud. This key is end-to-end encrypted between your devices and isnʼt stored by Apple
And is the backup end-to-end encrypted? No, not by default, as disclosed on the same page. It is encrypted "In transit & on server" with keys stored by Apple, which means Apple can decrypt it. And they do, as mentioned earlier, for purposes other than "to help you recover your data". The non-default Advanced Data Protection feature is required to get end-to-end encryption of the backup.
Note that Google's equivalent Android backup feature has been end-to-end encrypted by default for many, many years. Plus, alternative backup solutions are allowed to exist on Android.
Only letting Apple Watch have this functionality is what is wrong. It's clearly anti-competitive, in my opinion their hand-waving about security is just that.
They could implement something that works for other smartwatch vendors, they haven't because they don't want to.
my Chinese smartwatch can get imessages. It can't send messages, but it can use the AI voice (SIRI) to send messages. It can't delete messages either.
PebbleOS is asking for the ability to respond to messages with reply or user interactions. This is not a security breach. And it won't leak from encryption anymore than it is leaking now.
Counterpoint: SMS is not a spam cesspit in Romania. My phone number is public (company information is public). And I get 1 completely unsolicited messages per month and 1 per week from companies that I bought something from. That's not even enough to get me to try to get rid of those messages.
Just don't make the mistake and give your phone number to any American companies. I did so when starting my current job since I didn't yet have a company phone number, and I suddenly started receiving multiple spam messages daily, which has been going on for years now.
To add: it's not about targeting rich markets, either. I have a number from the Netherlands and Germany and neither gets more than one spam SMS per, eh, year maybe on average? Some years none, some years three or so perhaps? When COVID was new, I also got a few spam calls (as did my family around the same time, so I guess it was briefly a thing), but that seems to have stopped again. I've had the Dutch number for 20 years and it's in public records, so it's not brand new and unknown either
If you don't think that a walled garden locked into an ecosystem of hardware isn't already a cess pool - then I don't know what is.
Hardware should be able to be interoperable. Apple chooses not to, it's in their best interest because they claim "security" and "privacy" for it's users. Security theater for the masses.
I truly don’t understand how these types of comments keep appearing under any discussion of apple’s blatantly anti-competitive behavior with messages. This doesn’t even make sense on technical grounds; it would be trivial to require such message passing to be encrypted/signed securely if that’s your real concern. After all, the Apple Watch does exist and does have these capabilities, so it’s clearly possible to do it and maintain the “security boundaries” you’re so concerned with.
Then every single one of these comments inevitably turn towards spam messages which no longer even makes sense since iMessage has been filled with spam lately. I really don’t see how allowing smartwatch manufacturers to also interface with iMessage (in the same way Apple Watches do) will inevitably increase spam on the platform which can’t be detected/mitigated in other ways.
I’d love to see some technically rigorous explanation for why apple can’t support any third-party anything instead of hand wringing about “security” with no real explanation but I have a feeling I’ll be waiting a long time.
It’s not just the transmission over Bluetooth. It’s the entirety of what happens with the message. Apple fully controls and trusts the code that’s running on the apple watch. But they have no control over what third parties do with all the data they can collect in notifications.
Bluetooth devices on iOS that display notifications already are getting more information than normal by simply even reading all notifications. Normal apps on iOS can’t do that, they have no reason to. This api was added because smart watches kinda need that functionality to be useful. I think it’s still locked behind a “this device will see all your stuff” permissions box.
I do think they should add in more iMessage/sms/replying capabilities to smart watches though. I think they are extremely hesitant to make it even easier to automate iMessages. iMessage spam is definitely increasing, but it’s NOT as prevalent as normal sms spam for instance. The barriers are much higher, and Apple can basically blacklist devices/appleIDs that send out too much spam, partly because they’ve kept iMessage so locked down.
Again there is no technical rigor behind these notions. Video providers didn’t like the idea of untrusted HDMI devices scraping video from DRM protected content so they came up with HDCP, which allows anyone to develop and certify solutions as trusted software/hardware. There’s no reason apple can’t do something similar, it doesn’t have to be completely open vs. completely closed. There are always alternative solutions to the problems that people think apple’s walled garden approach is solving; which makes it clear what the real purpose is.
True. But why? Why should Apple spend a bunch of money hardware certifying, and adding liability? There was a compelling reason to add HDCP -- content makers required it, and had criminal penalties as threats to go after infringement.
Apple doesn't need outside ecosystem builders here; what is the business reason for them to add process expense, risk, and possibly incorporate timelines from other vendors into their supply chain?
As the many comments in this thread indicate, lots of people seem to feel Apple "owes it" to the world to open up. Happily, there is a (more) open ecosystem available with Android for people who value that. I don't think the tradeoffs Apple makes are perfect for me as a consumer, but I prefer them to the Android tradeoffs, and I can always switch when I like.
I actually agree with that completely. I just want it to be clear that this is a conscious business decision that apple is making and not the result of technical challenges. I think the distinction is important because I don’t love the tradeoffs apple chose to make, but I continue to buy an iPhone because at the end of the day my phone is mostly about being social and it’s a frustrating experience trying to communicate with friends and family who all have iPhones which make interoperability with other messaging ecosystems frustrating. If iPhone RCS support worked as well as native messaging I’d switch to an android in a heartbeat.
I get the security concerns, and you're right - opening up iMessage integration to third-party devices would require a serious rethink of Apple's security model. But at what point does -security- become a convenient excuse for anti-competitive behavior?
And I'll be the contra to your take: the iMessage ecosystem is so closed that everyone without iphones can barely even interact via sms with iphone users. This is overall such a huge problem that it makes the closed ecosystem security solution not a practical solution
Nope, SMS works. Just fine. Apple rightly warns you that you are in a lower security environment by adding a bit of visual friction. This is true EVEN IF you are using RCS, because European laws require termination and inspection when RCS messages “interoperate” and are sent to other providers.
I want to say thank you for writing this. 100% same opinion. I've stuck with Apple - despite their downsides - specifically for their zeal in areas like this.
My phone works, I'm glad it blocks others from integrating because I need it to always just work. That's why I still have an iPhone over all the often paper superior alternatives.
I wouldn't trust most hardware vendors with my wifi password, let alone access to my phone's messages. Hardware vendors have shown time and time again that they don't care about privacy or security. All they care about is shipping their widget and getting you to buy it, and to do that, they will cut corners, ship defective firmware, use easily guessed default passwords, and turn a blind eye to abuse.
As a hardware vendor, you'd achieve "trusted" status by having a decades-long track record of not doing these things.
The idea that device pairing can and must only be secured at hardware level is a fallacy whose goal is to ensure that only apple products work well with apple products.
For the spam example, nothing prevents apple from offering a ble api with auth that ensures that only devices manually paired by the user access it.
As for automating spam... when we’re discussing ble, we’re talking about a device a few meters away from your phone. What are spammers going to do, send a jogger right behind you that spams you after somehow hacking apple’s auth system?!
I don't know much about ios. But in macos there are ways to access imessage chat logs or send imessages programmatically. You can create an applescript and do all sorts of stuff. So while I do get that giving this sort of access to an app on your iphone should at least be done through explicit intentful consent from the user, I do not see the impossibility in it. And the fact that there is all this crapp around should not make it impossible for us to have good things, either.
>I do not believe vendors integrating with such a thing can do it safely, or even that all vendors integrating are good actors.
Well, Apple will sure make sure the hard task is impossible. That's where the fault lies. It can be a bit tiring hearing security used as a smokescreen to maintain a monopolistic structure over uhh... green bubbles?
Do you have a problem with SMS spam? I can't remember the last time I got a spam SMS message, and I had my phone number on public on my personal website for a number of years.
So sick of this strawman dialectic from the apple-brained, where the alternative to the walled garden is the worst possible implementation of an open standard.
Firefox is also frequently criticized for not implementing certain APIs because of security concerns. There was a post on this site just the other day about their lack of support for WebUSB for exactly this reason
It's not unique to Apple. And we should take security seriously. To people who are technically literate and think they can navigate security risks it's not a big deal but people's entire lives are frequently turned upside down by scams and security loopholes
The main difference is that with Firefox no one can use the API. Apple seems to be happy to implement APIs... but only their own products can use them.
Like with headphones. Only AirPods and Beats (owned by Apple) headphones can use their proprietary extensions on top of Bluetooth for improved pairing or better headset-mode quality. Then they removed the jack to wipe out the rest.
It doesn't have to be the worst possible implementation to be less desirable than the walled garden for me. I get so much spam in whatsapp, groupMe, telegram, and from sms. Some of it is even from legitimate contacts but then they signed up for something or did something and it sends one of those stupid "join me on {thing}" messages. The only place I don't get spam is imessage
I get spam on iMessage, and you can continue to live in the walled garden, nobody wants to force you to buy a third party watch, they just want third party devices to have the same API access as the first party device.
It's not a straw man argument, it is the argument.
An average user can't dive into the bluetooth driver code and figure out where in the 4000 page spec something deviates and is now a security issue. So we have to assume the worst.
Having an open standard doesn't mean every implementer will do so in good faith and using best practices, the consumer still ultimately has to make a choice about which product they use, and can continue to use apple's solution if they trust in apple to securely implement the spec. The insane strawman you're proposing is that the choice is between a single blessed solution from Apple that's infallible, and a wild west where the only way for a consumer to be safe is to personally audit their device against a 4000 page specification document. Absurd! We use devices and software every day that implement open standards and while issues do arise in particular implementations, they do with no more frequency than issues are discovered in proprietary solutions and standards.
Go look at the CVE's for iMessage, plurality of RCE's on apple devices in the last decade is Apple's iMessage implementation, and it's their own protocol! And almost all of the rest are apple's implementation of the open web standards!
There are maybe three tech companies in the US that have large security groups dealing with persistent threat actors. Apple is one of them. Google is another.
Even with that (large) Apple security group, iMessage is difficult to lock down properly, as you note. However, I think that the cost of 0 day subscriptions for iOS vs Android tell a pretty good story: iOS zero day subscriptions sold to intelligence agencies/governments cost roughly $1mm / seat (phone compromised). Android -- $10k.
There are many many decisions along the way that end up with that raw 100x additional cost for iOS security breaches -- value Apple delivers to its customers when they purchase iOS products.
You cannot pick and choose from the outside and know which of your preferred opening-up implementations would impact that cost. My argument is that opening this up is one of likely hundreds of possible decisions that would contribute to lowering that cost of exploit.
You are just wrong about 0-day values, e.g. exploit vendor crowdfense's publicly offered rewards for mobile 0-days:
SMS/MMS Full Chain Zero Click: from 7 to 9 M USD
Android Zero Click Full Chain: 5 M USD
iOS Zero Click Full Chain: from 5 to 7 M USD
iOS (RCE + SBX): 3,5 M USD
Chrome (RCE + LPE): from 2 to 3 M USDD
Safari (RCE + LPE): from 2,5 to 3,5 M USD
And "large" tech companies despite having "large" security teams (and "large" scope!) are far from the only ones competent at securing devices/software against PTA. Node.js, linux, bsd's, bitcoin, RoR, firefox, curl, etc. etc. There are dozens of open source projects with 0-day values in excess of 7 figures, (and plenty of private enterprises too!) and apple and google are not in any way specially equipped (or better than others) at dealing with the most dangerous PTA's in the world just because they have the largest armies of overpaid EE/CS grads.
I’m past the edit window unfortunately: you’re completely right as far as I can tell.
NSO leaked pricing has not historically differentiated Android or iPhone. I’m not sure where I heard those numbers, but thanks for the correction.
Tiny tiny nit - paying the same for an exploit doesn’t mean you’ll charge the same, but in this case it looks like the value and price structures are what you describe. Sorry!
Slightly less small nit - securing hardware, os and cloud inside some security perimeter model is a lot harder than securing, say, the bitcoin client. So point taken - and, it’s hard at scale, not easy.
Apple is fine with any customer retention benefits from security and I don’t agree (with the article author) that they are merely pretending their strategy is primarily focused on security
Yet another example of security without consideration for user experience and freedom. Information security is a careful balance between not using technology at all and getting things done using technology. Sometimes you have to wonder if heavy-handed solutions like this actually helps maintain this balance for users, or just serves to ensure a company's bottom line.
This is the line of reasoning that has resulted in me being unable to sign up with a shocking amount of house rental companies, thanks to Play Integrity on the android side of the coin. Does it improve security for me? I would argue it doesn't, as it would force me to use unpatched versions of Android. If it's not serving the user, who is it for?
Nonsense, you can set up your phone such that it shares messages with other devices. If users don't know what that means for security, then tell them. But don't act like it's in their interest to never use devices from other brands.
Some anecdata. I get a few dozen spam SMSs in any given month, as well as some spam phone calls (varies a lot by month - sometimes only 1-2, sometimes 20+). I have received a total of 2 spam iMessages (I remember them because they’re notable to exist), and 0 spam FaceTime audio calls, and I’ve had this phone number associated with iMessage since it was first released.
Regardless of the reason, there is substantially (many orders of magnitude) less spam on Apple’s networks, at least for me, when compared to SMS/RCS/telephony.
I'm not debating the amount of spam but rather GP's claim that iMessage is hard to automate.
I showed that iMessage is trivial to automate and since you both claim that the amount of spam on the platform is very low, we can conclude that ease of automation isn't an important factor when it comes to iMessage spam.
Unless someone decides to move the goalposts we should therefore be in full agreement that Pebble being allowed to integrate with iMessage wouldn't have any appreciable effect on the amount of spam in the network.
It is definitely harder to automate than SMS. Very large companies exist only to provide API-backed support for automated SMS.
In contrast you need to hook into Apple APIs / scripting / sqlite databases on trusted apple hardware in order to automate iMessage.
You imagine "Pebble" as one company and say "how hard can it be to turn this on?" As I said in the original comment, it's not that it's hard, it's that it can only be turned on for everyone and that will create a security issue that WILL have a substantial impact on the ecosystem. I didn't say, but believe it to be true that the alternative -- a vendor security assessment program covering software, hardware, architecture and cloud security is not worth Apple's time or money to do. I don't think they have any business reason to do so.
Can you stop moving the goalposts? There's a ready-to-go open source solution for MacOS [1] that exposes a REST API [2] for interacting with iMessage which allows automation and the sky hasn't fallen like you predicted it would. Professional spammers would no doubt be way ahead in capabilities.
Relying on clients to stop spam would break just about every security design principle so that could never be the primary spam filtering mechanism. Indeed, if you search Github, you'll find evidence of this [3].
Allowing a third party gadget to talk to an iPhone to send messages isn't going to open the floodgates to spam any more than they already are, for what I think are pretty obvious reasons. Anyone who could exploit those integrations can already exploit current APIs with exactly the same limitations.
> In contrast you need to hook into Apple APIs / scripting / sqlite databases on trusted apple hardware in order to automate iMessage.
And that wouldn't change, you would still need to pair a real iPhone to your fake "spammer edition" Pebble, and then your Apple ID and iPhone would quickly get banned. Presumably just like it does now if you abuse [1][2], otherwise that's just bad design.
It's frankly ridiculous that this is even being suggested on a "hacker" forum with nothing but wishy-washy qualifiers about how easy or "hard" it would be.
Bluebubbles requires running Mac hardware, or a Mac virtual machine, which if run on non-Apple hardware violates Apples ToS. You may not care about that but enterprises certainly do.
This is worlds away from twilio which will provide you with orders of magnitude more throughout and deliver it with SLAs.
And unless you imagine Apple will hardware certify pebbles, how does Apple determine the BLE endpoint is actually a Pebble? If you have a way to ensure that without a key registry and TEE controlled by Apple, congratulations — Turing award is incoming.
Upshot: You’re a hacker on a hacker forum - cool. Sending one to ten programmatic iMessages in a hack is easy for you. But you may not have all the experience necessary to opine on how that compares to accessing an enterprise grade hyperscale sms messaging solution: building those is challenging, the companies that do a good job are worth billions of dollars and they exist solely to allow bulk SMS. To think blue bubbles somehow dunks on the idea that these economies of scale don’t matter isn’t correct in my opinion.
We're not discussing whether spamming SMS is easier - of course it is and I don't know why you keep returning to this relative comparison.
We're discussing whether authorizing third party smart watches to send messages via your iPhone would make it easy for spammers to send iMessage spam. Not just easy, but easier than it is right now using Bluebubbles' approach. Both require physical hardware, an Apple ID, and both are subject to the same server-side spam protection.
That's a very specific claim which you made and you haven't provided any supporting evidence for it, nor a coherent explanation.
> Sending one to ten programmatic iMessages in a hack is easy for you. But you may not have all the experience necessary to opine on how that compares to accessing an enterprise grade hyperscale sms messaging solution
I think if you dig deeper into this train of thought you'll get to the point that I'm making. Having relatively restricted API access to send a handful of iMessages from a 3rd party watch via your own physical iPhone will not enable mass-spam like you claimed it would.
Scaling an iMessage spam operation would be hard not because the client side is completely locked down (which it can never be, see the concept of "analog hole" [1]), but because server-side rate limits and user spam reports are the primary mechanism that keeps spam under control.
[1] This could be an ESP32 pretending to be a keyboard/mouse device that automatically navigates through iMessage UI on an iPhone to send messages just like a user would.
Many comments deep now but I think my original point was that this would change the security boundary, which I still believe, and that changing the security boundary is net negative for Apple users which I also still believe.
You’re saying there a logical gap between opening up a radio based endpoint on an iPhone and allowing more spam in the system, or at least there’s no reason to think that it would be a different order of magnitude than blue bubbles.
I want badly to agree with you, at least enough to stop bike shedding about it. So let me try: Some possible implementations of opening up sms probably don’t add easier volume and programmatic sms options for developers. If you’re happy with that then we’re in agreement.
I think the main ‘easiest path’ implementation would increase spam though - turning on an iOS app’s ability to directly programmatically interact with messages on device and send and receive them over a radio would allow for simpler automates message parsing, creation and distribution; Apple is clearly not interested in this being a feature available to App Store developers. And Apple would then be in the position of having to do some sort of bound to fail static analysis to prove the messages aren’t being sent out to an IP endpoint at some point, or including requests from some endpoint. And this is both because of the extension of the hardware security circle and because of the necessary feature of having a human out of the loop in iMessage actions.
I propose that this would increase spam on iMessage in that case. It would allow an app maker to use sms without human in the loop, essentially, extending notification to sms without humans opting in.
Either way I think that’s probably what I need as imagining, admittedly a bit vaguely in my initial reference. Appreciate the back and forth.
> One reason iMessage is less of a total cesspit than SMS is that the ecosystem is closed, and makes automation difficult.
Is this really true? I receive a lot of iMessage (not SMS) spam on iOS devices too. In fact for me I see more spam purely on iMessage than SMS. It wasn’t like that in the past, but my point is even closed systems can be abused.
I think you just don't understand the point. I don't care for choosing between 15 different brands making differently colored RAM either when it's all the same standardized thing, but you bet we're in a lot of trouble when it's only one brand at all. Competition isn't always "technically pure" and "elegant" or meaningful.
I do not believe average smartwatch users understand what they’d be doing if they got this. I do not believe vendors integrating with such a thing can do it safely, or even that all vendors integrating are good actors.
One reason iMessage is less of a total cesspit than SMS is that the ecosystem is closed, and makes automation difficult. It used to be impossible nearly, and in that era we had almost no iMessage spam. Now it’s difficult, and we have moderate iMessage spam. But adding hooks to make this automation easy, and worse, leave the trust environment as a feature is just wrong.