The problem with all the anti-google outcry in the tech media is it only pushes people to switch to Apple products... which are even worse (or do you believe it when Apple speak about respecting users privacy?)

We have to strongly suggest free software as a privacy-respecting alternative, not just condemn Google.

@bugaevc Apple has made its position clear; it provides a more (not less) auditable platform, and fights the government where Google gives up and surrenders.

Actions speak louder than words, at least to those who are watching.

Could there be a better solution? Sure. If only someone stepped up and made one.

@SuperFloppies how's Apple solutions more auditable? Are their systems open source? Does their EULA at least allow reverse engineering them? I don't think so. And people who try to audit what iOS actually does discover shit like this: (*no wonder* they won't open source iOS!)

@SuperFloppies What do you mean — if only? Aren't there enough of actually free, open, privacy-respecting operating systems, browsers, cloud services, messaging platforms, etc. already? If only more people used them! Which is my point, we should encourage them to.

@SuperFloppies why omit phones and tablets? There is an amazing free mobile OS, Android (and you absolutely do not need to run proprietary Google services to use Android the OS). There are free app stores for it, such as @fdroidorg. There are tons of free apps — office suites, browsers, social network clients (in particular, I'm typing this in), maps, ...

@bugaevc @fdroidorg AOSP is such a complex platform that even with source code in hand, it is not auditable. But, I already mentioned this.

Android OEMs provide solutions inferior to AOSP in terms of secure operation, on purpose.

And to an end-user, Android is just as opaque as iOS is.

At least on iOS you don't have to worry about three levels of abstraction between the source code and the resulting binary. This has long been a source of bugs and vulnerabilities on Android.

NVM the app store problem.


@bugaevc I'd highly recommend spending some time in the AOSP source tree—it is quite eye opening.

We already know a priori that a simpler system is easier to verify than a more complicated system.

A mobile OS that used Linux and didn't reinvent the wheel at every possible turn would be far more secure than AOSP, just by virtue of being independently auditable.

Linux+MUSL+Wayland+native toolkit would be more provably secure than AOSP, by *far*, and would be on par with the design of iOS, ObjC aside.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either! We adhere to an adapted version of the TootCat Code of Conduct and follow the Toot Café list of blocked instances. Ash is the admin and is supported by Fuzzface, Brian!, and Daniel Glus as moderators. Hosting costs are largely covered by our generous supporters on Patreon – thanks for all the help!