[HN Gopher] Ask HN: Best privacy preserving alternatives to Appl...
___________________________________________________________________
Ask HN: Best privacy preserving alternatives to Apple products?
After latest apple content scanning privacy debarcle, I will likely
migrate away from apple. They have destroyed my trust such that I
can't tolerate the uncertainty they may change their minds later or
introduce a hash inspection function secretly. Which leaves the
question: where to go? What is the best alternative to apple
products?My current working suggestions, but would greatly
appreciate others weighing in. Phone: Pixel with graphene OS
Laptop: System 76 laptop or X1 carbon Watch: Garmin variety of some
description Cloud storage: probably nextcloud self hosted
Author : Engineering-MD
Score : 67 points
Date : 2021-08-06 13:54 UTC (9 hours ago)
| yhnikmmncff wrote:
| Nextcloud is so kludgey.
| kylehotchkiss wrote:
| I'll keep my Apple devices but will break up with iCloud -
| backups were already off, photos is turning off, and drive will
| be emptied. I've wanted to explore owning a Synology NAS for
| several years - probably its own can of worms and not bulletproof
| but at least I'll own the device, can set my own encryption keys,
| and am not outsourcing storage.
|
| I've been invested in using Protonmail and Tresorit, both tout
| E2EE storage and being domiciled in Switzerland is a nice plus.
|
| Maybe I'll even take my handheld Fujifilm camera out more. Having
| sharp photos taken with real optics and not muddled by tons of
| algorithms sounds refreshing.
|
| I really do enjoy the Apple ecosystem - hardware and software
| quality are nice, integration between products excellent, seems
| to last pretty long relative to other tech brands I've owned. I'm
| just taking an approach over owning where things go off my
| devices.
| webmobdev wrote:
| _Mobile OS_ :
|
| Sailfish OS - https://sailfishos.org/ is the most polished non-
| android and non-ios alternative currently available in the mobile
| OS space. You can buy a Sailfish OS license to install it on some
| specific devices - https://shop.jolla.com/ ... (note though that
| app support is lacking unless you wish to use Android apps, and
| that bugs in the OS are fixed slow. End-of-Life cycles are also
| not clear and specific (support lasts roughly 5-6 years, often
| highly dependent on the device supported).
|
| _Mobile Phone_ :
|
| - Sony Open Devices (quality hardware, with AOSP, unlocked
| bootloaders and flashing tools that allow you to install whatever
| supported mobile OS you want) -
| https://developer.sony.com/develop/open-devices/.
|
| - Pine Phone - https://www.pine64.org/pinephone/ .
|
| - FairPhone - https://www.fairphone.com/en/ .
|
| _Desktop OS_ :
|
| FreeBSD or Linux is good enough for most needs.
|
| _Desktop_ :
|
| Assemble your own with AMD tech.
|
| _Laptop_ : https://frame.work/ is increasingly attractive as a
| highly repairable and customizable device.
| f0e4c2f7 wrote:
| There are 2 phones that are pretty interesting.
|
| One is the Librem 5. I think it's $700 maybe?
|
| The other is the Pine phone. I believe it's closer to $250.
|
| Now from what I can tell these are both terrible phones. Really
| just terrible electronic devices. But they are devices that can
| connect to modern cell phone infrastructure and are fully open
| source.
|
| At least the Librem is. Not sure about the hardware on the
| pinephone. Librem is OSS down to the firmware. Wild.
|
| Not sure if I'm ready to make the jump just yet but a completely
| hackable phone is super appealing to me.
|
| Circling back to your original question, both companies seem to
| be shooting for the privacy angle with the phones.
|
| I've actually been seeing a lot of companies popping up lately in
| the privacy / open source space. It's pretty exciting.
| France_is_bacon wrote:
| I agree with randomhodler84. Get rid of your phone.
|
| However, there might be singular reasons to have one. For
| example, Stripe will _only_ allow you to be a client if you have
| a mobile phone, and I have run into this with other companies as
| well.
|
| If you absolutely need one, there is a very inexpensive way of
| doing this. Don't buy an expensive phone for "privacy" (who knows
| if they are actually hackproof?)
|
| For these unique cases, you get an inexpensive Android phone that
| you can remove the battery from, and you store the phone in a
| Faraday bag: (https://www.amazon.com/s?k=faraday+bags). Faraday
| bags completely block any connection with any electromagnetic
| signals: (https://en.wikipedia.org/wiki/Faraday_cage). Test the
| Faraday bag and see if it works by trying to call your mobile
| device while it is in the bag from another phone. And see if you
| can call another phone from your device while it is in the
| Faraday bag (call and then quickly put the bag into the back, or
| just dial the number and put it in the bag and hit where the send
| button should be).
|
| You only take out the mobile phone in rare instances where you
| need to absolutely have it, when required to get financial or
| banking services or whatever you need in those very rare
| instances.
|
| But other than that, you take out the battery, put it in the
| Faraday bag, and put it somewhere out of reach, just leave it in
| one spot, and when you have to use it, use it in the same spot,
| so that the big companies only see you in one place.
|
| By the way, I see the tracking of your every movement as WAY more
| egregious, because that does it every second of your life. And
| then selling your every movement too others. Searching your phone
| is nasty too. But for me, emails are way rarer than tracking my
| every move, every second of the day. So I don't have a mobile
| phone. I just use my VOIP, and if someone wants to reach me, they
| leave a SMS or voice mail, just like in the olden days. I am not
| on instant beck and call to no man or woman. You don't like it,
| you say? Fine, adios. Not my problem.
|
| You have a company and won't hire someone without a mobile phone?
| Just fine with me, guess I'm not working for you, then. I don't
| care if you give me a free phone - rejected.
| Engineering-MD wrote:
| Another cloud storage solution:
|
| https://icedrive.net
|
| Everything encrypted before upload, cheap and has dedicated linux
| client.
| YokoSix wrote:
| I thought about switching to Pop!_OS but how do you know System
| 76 is any more trustable than Apple? I mean it's also an US
| company and they could basically inject anything into their
| distro.
| Engineering-MD wrote:
| You can verify the code yourself as open source. Also this is
| more about what Apple is saying it is doing, which I object to,
| and I feel is higher risk. But ultimately your point stands.
| YokoSix wrote:
| The problem is I never could verify the code of every Pop!_OS
| release - that's why I'm a Mac user. I'd have to rely on
| other users to check if everything is okay. The good thing
| with Apple is that all eyes are put onto them and every minor
| step they're doing is well commented around the world. The
| smaller the companies and projects, the quieter the voices if
| something turns bad.
| ipaddr wrote:
| You don't get to see the code.
|
| That's like saying Microsoft in the 90s/2000 could do no
| wrong because all eyes were on them. Or enron...
| YokoSix wrote:
| But what would I do with the code? I can't read it, I
| can't verify it, I can't guarantee that it's harmless.
| What I, as a normal user can do, is to go to the
| Financial Times or maybe even The Verge where they tell
| me that Apple did something stupid.
| thrower123123 wrote:
| You could do the same thing you do when you want services
| which you cannot perform yourself: pay for the service.
|
| You could create a fund with like-minded people for the
| code to be reviewed. The benefit would be that for each
| subsequent release the cost would be much lower than for
| the initial one.
| 1_player wrote:
| Is this really subtle attempt at sarcasm?
|
| "I can't be bothered to verify Pop_OS so I'll trust macOS,
| which is IMPOSSIBLE for me to verify."
|
| How is code written behind closed doors by a closed, for-
| profit company more trustworthy than open source code?
|
| There is always the reasonable doubt, whether it's closed
| or open, but it's much easier to do nefarious or just
| _unspoken_ things when nobody except employees under NDAs
| have access to the source code.
|
| The reason you trust Apple more than Pop_OS is simply
| because you've decided to have pretty much blind faith in
| their marketing content and PR speak. That's not to say
| Apple acts in bad faith necessarily, but blind trust in a
| blackbox doesn't make for great opsec.
| YokoSix wrote:
| Even if I switch macOS for open source alternatives I
| still have to rely on closed source software for
| important parts. And let's be honest: It's almost
| impossible to recreate Apple's ecosystem with open source
| components. It's even harder with iOS. I could switch to
| Android or sone obscure alternative operating software
| where I don't even know if if's still there next year.
| arvinsim wrote:
| So you are essentially saying "I give up"?
|
| Tech really drilled in learned helplessness on the
| masses.
| YokoSix wrote:
| My problem is: Where do I put the line? When I install
| Linux, should I still use Spotify, Steam and Reddit? No,
| because none of them are open source? Can I still use
| Google services? YouTube, search, mail? No? DuckDuckGo?
| But how do I know they're not invading my privacy? Do I
| have to use an open source email provider? Is that even a
| thing? Should I install a VPN? Do I constantly have to
| use Tor? Do I need to live boot Tails from my USB stick
| so I my usage can't be tracked and buy a prepaid Nokia
| 3210 that I put into a metal bag when I don't use it? And
| even if I go all the way down the rabbit hole: How do I
| know that my hardware isn't compromised? And do I
| constantly have to revaluate my privacy choices because
| one component of them could be compromised? What kind of
| life would that be?
| resonator wrote:
| Personally, in order of preference I choose to go
| without, find a FOSS alternative or give in and install
| an app. That means I don't do too much with my phone. I
| run Lineage with microg, I don't use any google, apple or
| facebook services. I store my music on the device. I
| backup photos to pcloud. I will watch youtube in the
| browser. I have my banking app installed. I use SMS to
| message people, or matrix if I can.
|
| It's not perfect by any means, but it's the best
| comprimise I've been able to come up with.
| t0bia_s wrote:
| Yet your location is easily tracked because of GSM
| signal. Also banking app on phone is very questionable
| about privacy.
|
| But hey, beeing free from big tech is very liberating. No
| distraction or social engineering through algorithm in
| feeds. But unfortunately you'll find out how hard it is
| to find what is going on around in your city, country...
| If you stay at home.
| thrower123123 wrote:
| I think you should stay completely offline, it seems to
| cause you too much anguish.
| Engineering-MD wrote:
| While true, the benefit of open source is that the code is
| there and visible to all. Apple has closed source so cannot
| be easily inspected and so issues can go unnoticed despite
| so many eyes. With system76, as they have a business to
| defend (and real Bank accounts and identities tied to the
| businees), any intentional hole/spyware could have major
| legal ramifications.
|
| I think for more major open source companies, the code is
| inspected sufficiently. I would trust smaller ones much
| less. System 76 is fairly major, and most software comes
| from other major sources so should be inspected fairly
| well.
| gamblor956 wrote:
| Realistically?
|
| None. Apple was never actually the privacy protector it
| advertised itself to be, but it's still miles ahead of the
| Android ecosystem (and I say this as a dedicated Galaxy user for
| the past decade).
|
| Your choice is basically which company you trust more: Apple, or
| Google. They're both bad for privacy in different ways.
| Klonoar wrote:
| This has been repeated elsewhere but Hacker News seems to miss
| the point: Apple protects you fairly well from privacy in terms
| of advertising and corporate targeting.
|
| Apple cannot save you from a nation state actor. Arguably no
| company can.
| gigel82 wrote:
| I truly believe they're only doing that because they want to
| get into the ads business themselves, not out of the goodness
| of their hearts.
|
| It'll be at most 2-3 years before we get a big flashy
| announcement for "privacy respecting" ads from Apple. I'll
| eat my hat if that doesn't happen.
| citizenpaul wrote:
| I've been wrestling with this and I don't think it matters.
| Fascism is here. There is no escape.
|
| Eventually anything that connects to a network will be crippled
| to the point of uselessness unless you submit to constant
| monitoring. If you try to avoid it you will be guilty until
| proven innocent by default.
|
| By eventually I mean in 2-3 years.
| YokoSix wrote:
| I'm basically with you. Even if i switch to Linux I have to
| trust the company behind the distro to act in good faith, I
| have to trust Cryptomator to encrypt my files without
| backdoors, I have to trust Mozilla to securely save my
| passwords and so on. On the other hand I don't want Apple to
| scan my own files on my own machines. Like... wtf...
| ksec wrote:
| It will likely take a lot longer than that. Most in the public
| ( or even in Tech ) wont care much about this scanning. And
| Apple's performance will be so good they will write this off as
| a small beep in their history. It will then take another few
| years of "good intention" before anything really happen. So I
| say this is going to take a good 5 to 10 years.
| Engineering-MD wrote:
| I'm less pessimistic. I see a similar trend but think it will
| take longer and there will likely be push back, at least in the
| west. It will become a political issue and then will depend on
| how the argument plays out with the public. Start early to help
| set the agenda for pro privacy.
| citizenpaul wrote:
| Why? Today in only one day we get "law enforcement"
| installing pre-crime spyware on your apple device. In
| addition to congress enacting more crypto currency laws.
| Buttons840 wrote:
| What's the best option for running a totally offline computer?
| There's like a thousand Linux distros floating around and not
| one focused on allowing for maintaining and installing software
| on a 100% offline computer.
| unstatusthequo wrote:
| Don't plug it in or connect to wifi. That mitigates most
| threats, and probably some usefulness. But depends on your
| use case.
| Buttons840 wrote:
| I just mean, let's say I want to install some package, and
| there's like 200 dependancies and still more packages to
| update. How do I get that one package I really want
| installed?
| devchix wrote:
| Don't ditch your phone. Divide and compartment its functions. I
| went to Europe without a phone once. Things were fine but there
| was a layer of friction over everything. When does that
| restaurant/shop open, how to get reservation, buy tickets in
| advanced. The airline had a strike, I had to go through the
| concierge to find out if I needed rebooking for the flight home,
| it was up in the air the day I departed.
|
| I had with me a Garmin with a memstick of the local map. Sadly
| I'd given it away, I wish I had kept it. I also had with me a
| non-wifi little camera that could shoot videos. I used the Garmin
| for direction and map. When I got home I unpacked the camera
| memsticks. Things were mostly fine.
|
| What's the best alt to Apple product is the wrong question.
| Apple, or anyone else, has such leverage because it bundled so
| many functions important to you, convenience is the scaling
| factor. Maps and navigation on phone is great, iPhone camera is
| awesome, sharing grocery lists and docs is very handy. Put them
| all together and Apple becomes dangerous to privacy.
|
| I'm still muddling through, trying to think about this and how I
| will change my tech using habit.
| browningstreet wrote:
| My napkin plan:
|
| * Ditch Apple products. I was going to upgrade my iPad and
| MacBook, that's not going to happen.
|
| * Switch to an Android phone, install only minimal apps and
| minimal cloud services. I need MFA for work, banking, and a few
| apps for travel. Photos, of course, but I can manage manually
| offloading those. As few apps as possible.
|
| * Ditch my Apple Watch, get a cheap dedicated running watch for
| maps/GPS. I had one before, it was quite enough. The Apple
| Watch is lovely, but not essential.
|
| * Ditch Google Mail except for my one online purchasing
| account.
|
| * Switch to another mail providef, maybe Fastmail, to segregate
| and distribute my email paths. I'm a heavy calendar user..
|
| * Switch to NAS and a backup NAS for file storage.
|
| * Keep my Windows machine for photo and video editing, but stop
| using OneDrive and Google Drive. Migrate back to Linux (need to
| figure out a desktop machine that has some decent hardware
| power management support) for my personal ecosystem. Do more on
| the desktop, and do less on mobile.
|
| * I'll keep my FireTV for TV watching, and if I can't watch
| shows on a Linux laptop, so be it.
|
| * Minimize the use of integrated platforms (Apple iCloud,
| Google, cloud services). I've been out of the FB world for
| years, it'll take a bit more work to de-Apple and mini-G my
| life.
|
| I need some tech in my life to _create_ and to make a living.
| But the whole "online life" thing will be getting scaled back.
| Tech for consumption and delight will be very much less so.
|
| I don't know how else to resist (yet). I've been in the Linux,
| privacy and encryption thing for decades, and it feels like an
| anachronism in the current political and social climate. I'm at
| an age where I can upscale my analog life and not think too
| hard about how that complicates my future. My son, who'll enter
| college next year, has already sworn off a phone and social
| media. Not sure how long he can live without a phone, but for
| however long he wants to live without one and wrestle with the
| discomforts out society will create because of it, he can adapt
| without have to un-wind the tech that has already encroached in
| his life.
| t0bia_s wrote:
| You'll need custom OS on Android as well. LineageOS (many
| android phones) or GrapheneOS (only Pixel phones).
| cucumb3rrelish wrote:
| Android user here: 90 % of Android devices have all the stuff
| you think you avoided by switching preinstalled and running
| in the background. Either because it's in the Google contract
| to use Play Services or because the manufacturer uses
| proprietary solutions they want to push. And they certainly
| aren't always removable
| browningstreet wrote:
| I understand that. I don't think I can cut it off entirely,
| but I'm going to segregate my usage of the platforms as
| much as I can. My personal cloud archive won't be on my
| phone, that's one thing I can do.
|
| I may not be able to take down the beast, but I'll try not
| to feed it much more than crumbs.
| cucumb3rrelish wrote:
| I don't see why you switched to Android then in the first
| place, because only iCloud uploads will be scanned on
| iOS. Also I can't think of a single manufacturer with
| better privacy practices than Apple except for custom
| ROMs.
| nextos wrote:
| These days things are much better thanks to Treble. Device-
| independent ROMs are a reality. You can easily flash pure
| AOSP on any modern phone.
| c-cube wrote:
| For the pictures I recommand using syncthing. Works very
| well, and if configured to upload only on wifi it won't kill
| your data plan.
| randomhodler84 wrote:
| Throw your consumer device in the lake. It's time to ditch your
| phone. This turn in corporate policy means there will be no
| escape from the watchful eye from here on. The automated
| censorship will only grow deeper, and complex. Expect a global
| standard of "non-offense", all states are now forcing their
| sensibilities on your device. Go deep into foss, and remove as
| many closed components from your life. I wish pinephone was
| actually useful, but I have grave fears that there will never be
| decent open hardware in the phone space.
|
| 2020/2021 the year that never ends and our technology burns away
| the last traces of privacy.
___________________________________________________________________
(page generated 2021-08-06 23:02 UTC)