This may be controversial but I’m a big fan of Apple’s devices. I like the way they feel, how they’re designed, how they run, how the OS functions etc.
I was wondering, if I have all privacy settings at their max, how do apple devices stack up against other systems built for privacy?
For example;
Location off everywhere
Usage data and analytics off
iCloud off and unused (even though E2EE)
Blutooth off
Siri off
Lockdown mode on
Apple passwords not used
webcam, mic, disabled for all apps
calendar not in use
notes not in use
Brave as default browser
Tutanota as email (no mail app in use)
Tutanota as calendar
Bitdefender as password manager
2fa on everything always
VPN always
What is apple actually still collecting at this stage? What are the actual metrics between this and a linux operating system for example?
For one thing, on iOS you need an account to do something as basic as install apps… So you’re already off to a disadvantage there, IMO. On Linux or Android, you don’t.
While they are not as bad as Google, Apple devices and software have very little privacy. Your Apple ID is connected to everything, you can’t download apps without it, can’t watch Apple tv without it, etc. They do not have hardware kill switches for the camera, network adapter, etc. like Purism devices do. Apple still has analytics and daemons running in the background collecting data on you.
They will gather a lot of telemetry: what apps you use, what sites you visit, your location, devices around you. Maybe soon they will scan the files on your laptop for things they don’t like.
But Windows and ChromeOS are the same. Linux is better for privacy but it’s not as secure. It really depends what you want to protect against.
Is Apple really evil? Will they abuse your data? You don’t know. I do have to say Apple devices are very sturdy, they last a long time. From an environmental perspective they are not too bad, hence.
Depends on what you’re trying to protect. If your priority is really privacy from Apple in particular over privacy from tracking overall, this doesn’t help you much because iOS services don’t go through your VPN. (That is also true on typical Android.)
No one really knows because it’s closed source. All of this depends on your risk model and your place on the privacy vs convenience scale. Personally I don’t see any point in using Apple products if you’re going to turn off all of the convenience features that stand it apart from the less convenient options.
Advanced Data Protection for iCloud means that you can enjoy the convenience of iCloud whilst supposedly maintaining control of your encryption keys.
Personally I find that with ADP for iCloud and being sensible with app permissions / Siri etc I find Apple products meet my needs. But of course everyone has a different appetite for privacy and there probably are more private options out there.
Remember that Apple mobile devices have Lockdown Mode, which ratchets up the security via a simple toggle.
However, as with anything, there are trade-offs involved. Many sites and services won’t work as you expect. So you may want to experiment with this and see if the trade-off is worth the extra bother.
And, as always, always do a threat model on yourself first: what are you protecting, from whom, and how much effort are you willing to spend doing this?
If Rob Braxman is anything to go by, Apple is also involved in WiFi scanning, i.e. the constant abuse of your device to map out WiFi networks and the devices moving between them - including yours, allowing location tracking even though your location services may be off.
(Just throwing this in to add to the other good answers already present here.)
Bitdefender has some iOS apps that use third party servers. Have you checked if their pw manager does?
Bitwarden on a self hosted instance, or something local without telemetry might be better.
I’m in a similar position as you. Personally I liked my iPhone SE, just because it’s small and and very simple. I’m the type of person who likes to use their smartphone as little as possible. I deleted all browsers and even have screen time setup to block me from using Safari. I only do Web browsing on my really secured computer. I of course keep zero social media apps on my phone as well. Yes I am using an Apple product, but I’m not really putting in data like my web history nor accessing social media.
If you are a digital minimalist like myself and really aren’t putting data in your phone to begin with, I don’t think it’s the worst. If you are using your phone a lot, like lots of apps, and putting in information (web browsing), then I would recommend switching to Graphene OS.