In case you want to help me raise awareness about institutional corruption on birdsite (repost, updated link):

A big thank you to Google and Facebook for protecting our data & democracy & sponsoring @CPDPconferences (Data Protection & Democracy) alongside other similar organisations like @apple, @bitsoffreedom, @EPICprivacy, @mozilla, @privacy_salon & @accessnow.

@aral I suspect the lack of tone of voice would cause the sarcasm be lost on anyone who doesn't notice the source. :)

@ricardojmendez Good. Let’s see how those organisations feel about how they are lending legitimacy to surveillance capitalists (some know of course, some do it on purpose… would be interesting to see which, if any, object and which, if any, take it up with the conference or drop their “moral” sponsorship).

@aral Not sure I explained myself. I'm not sure that if I merely re-tweet your bits, people will get the sarcasm intended. At least not without knowing both you and the conference.

@ricardojmendez Right and that’s the problem. But I just saw on your bio that you do privacy at Samsung so that’s really no different. Samsung is also a surveillance capitalist. I see that your team is throwing money at legitimate projects right now to associate yourselves but I also saw the sewer of surveillance that my S9+ was with its stock OS.

I don’t know you so I don’t know whether you really care about privacy or if this is just a job but Samsung is no different to Google, etc.

I really don't want to get into this "bashing company A", "defending company B", etc game. But recently I saw a blog from you where you defended Apple of being better then Google because they are mainly selling "real products" and not our data. Shouldn't be Samsung in the same category then? Or do I miss something?

Cc @ricardojmendez

@bjoern @ricardojmendez Yep, you’re missing the fact that you can sell products and engage in surveillance at the same time, which is what Samsung does and what Microsoft does. Samsung _could_ do what Apple does but it doesn’t. Also, it’s a very different type of company. Afaik, Apple was never making killing machines.

Little test:

* Buy an iPhone
* Buy a Samsung phone

Use both.

See the difference.

@aral @bjoern @ricardojmendez

it is true Samsung has chosen to move closer to Google and surveillance tech, but they did sell off the military division in 2014, whereas Apple has joined a partnership with the Pentagon since 2015!

AFAIK none of the tech companies will turn down a lucrative military contract, although they might not shout too loud that they have got it

(mobile phones themselves are a development from 1980s battlefield radios)

@vfrmedia @bjoern @ricardojmendez Right. So a friend comes up to and says I am going to either buy an iPhone or a Samsung phone and I need you to tell me which I should get if I care about protecting my privacy. What do you say?

A. Buy either, they’re basically the same
B. iPhone
C. Samsung

I say B.

@aral @bjoern @ricardojmendez

I would probably suggest a refurbished iphone as that gets away from the price premiums of the new ones, but even then I wouldn't trust the thing 100%.

OTOH Samsung is likely no worse or no better than any other Android hardware manufacturer.

I've noticed a consistent pattern of devices (phones, computers etc) with more privacy friendly OS being €100-€200 more expensive than others.

I guess this is the market price of a persons data..

@aral I'm still not convinced that this justifies calling Samsung a "surveillance capitalist". I think you over simplify it here. First they have way more products then their smartphones and second it is quite likely that they didn't chose Android because they want to spy on users for Google or for themselves. Anyway...

Cc @ricardojmendez

@bjoern @ricardojmendez Get a Samsung phone. Use it. It’s not just Google. From the moment you turn it on it doesn’t stop prompting you join its own centralised services that capture your data.

I’m very confused how you’re on the board of FSFE and a co-founder of @nextcloud and you’re defending Samsung.

I just can’t understand it.

But yes, let’s leave it be. I must have been mistaken about certain things. (Happens all too often.)

@aral @bjoern @ricardojmendez @nextcloud

"From the moment you turn it on it doesn’t stop prompting you join its own centralised services that capture your data"

Sounds familiar

- iCloud
- iChat
- iMail
- iCalendar
- iContacts
- iPictures

You get my drift 😉

@aral @bjoern @ricardojmendez I'm sorry but if you're going to have this discussion: Apple is no better than Samsung or even Google. The argument that "Apple sells products, not data" is old. To follow-up on your test: At least the Samsung phone gives you the choice of app store & firmware (theoretically) - Apple does not.

@franz @bjoern @ricardojmendez Great man, sure. Please buy your whole family Samsung/Google phones and get them to use all of Google’s services. It’s clear you have a far better understanding of these things than I do. Please don’t ever buy an iPhone or a Mac ever.

@aral @bjoern @ricardojmendez that's a rather odd response. I'm not promoting Google's services (I don't use any of them), I'm just clarifying that you won't find any better, on a Mac/iPhone (I'm a Mac user).

Always an Android mobile. Option to flash #LineageOS and be safe with #Fdroid.

iOS is iron grip and it nothing near to freedom isn't ?

@franz @aral

@noorul @aral you're right but unfortunately that doesn't help the remaining 99% of the population. Those that don't know how to flash their phone - even worse, those that don't know (or don't care), that their whole life is public.

I understand that.

I am helping as many as possible to port to #floss OS , #Fdroid & #foss apps.

But iOS is a nightmare to me!

I even want to move Gnu/Linux mobile OS after learning LineageOS still depend on #Google for Android development

Are you suggesting iOS is better privacy platform?


@noorul a proprietary platform that seamlessly forces you to use in-house services? No. Half of iOS functionality depends on Apple's Cloud.

@noorul @franz Yes. I give up. Yes. Please tell people to buy Android phones to protect their privacy. Good job. 👏👏

@aral @noorul you either failed to read/understand my comments or are blinded by Apple's marketing. So, if it's up to you, we'll all go out to buy $1200 iPhone's and $3000 iMac's and instead, store all our data on iCloud. Fantastic. Have you ever bothered to check, what your MacOS is doing in the background? I guess not.

@aral @noorul now it's definitely time to get an iPhone:

"Sheikh Tamim, senior Turkish official and activists among hundreds whose iPhones were hacked, Reuters reports."

Maybe we should have another look at Nokia phones?

I was fan Apple computers, and Steve jobs is my role model for entrepreneurship.

Just stating for record.

1) I am minimalist and wish not for expensive item like iPhone 😄

Come on, we not arguing here. I understand you might feel overwhelm considering this long thread.

I can't say how iOS privacy policy as I've not used it. The way iOS sandbox installed apps and restrict access to personal data is some what highly secure and private.

I just can't give up on my freedom to it'


@aral @franz

@noorul @aral Apple used to make fantastic hardware and I've been using (and recommending) Macs as long as I can remember. However, at the same time, I make no secret of the significant shortcomings and issues with Apple-made products.

Security & Privacy is definitely not something, I'd recommend an Apple for.

@aral @noorul @franz
OOTB, Android is extremely insecure by design, and Apple wins hands-down. But LineageOS is a version of Android that's been modified heavily to solve that problem. It's Android without spyware and bloatware. OOTB, it doesn't even come with any Google apps or services. Then there's Micro-G, an open-source and privacy-respecting version of a good chunk of that stuff. With LineageOS and Micro-G, you can have a pretty complete replacement for Android.

@ASIC that iOS is more secure than Android is an illusion. Ask all those young people and journalists, that are now sitting in jail, or have been tortured because their iPhone 'betrayed' them. The danger is, that people / journalists actually believe that iOS is more secure. Your phone, any phone, is an open book.

@aral @noorul

@franz @ASIC @noorul What’s dangerous is perpetuating a false equivalency between two very different systems without reference to any sort of threat model. There is no such thing as secure or insecure. There is secure according to your threat model. And different products, made by different teams, with different business goals and corporate cultures have different privacy and security characteristics.

Perhaps the most dangerous privacy/security myth is “they’re all the same.”

They’re not.

@aral @franz @ASIC @noorul Business goals drive behaviours when played out over a long time period.

@chidgey @aral @noorul @franz
Unfortunately, most folks don't give a damn about their privacy anymore.They generally fall into one of two camps: A) They believe the lie that "there's no privacy anymore" - so they figure it's just a waste of time and effort to try to avoid what they view as inevitable, or B) Think it's too much work to maintain any kind of privacy.

@chidgey @aral @noorul @franz
Just look at what you have to go through with LineageOS. For starters, you have to scour the wiki for hours to find out which phones are the most recent and then choose from them. And if that wasn't enough, you have to go through what to most people seems like a lot of technical work to get it installed by yourself - not at the carrier's store by someone there.Most folks want to be able to just go down to the carrier's store, pick a phone and be done with it.

@chidgey @aral @noorul @franz
I'm not saying they're making the right choice or having the right attitude. I'm just saying that the average person doesn't care as much about privacy as they should, and even if they do care, they don't think it's worth the time and effort it takes to protect it.

@chidgey @aral @noorul @franz
And when they look at the selection of phones available for Replicant, they're really not going to be interested, since Replicant mostly just supports phones that are around 10 years old. Fortunately, LineageOS supports phones as recent as last year - sure, not super-recent, but better than Replicant. Sure, LineageOS uses proprietary drivers, but I think it's worth it to have a more recent phone.

@ASIC @chidgey @aral @noorul @franz It is a fact that Apple toys are super expensive, and then there is the expensive accessoires, and the right "to not repair" by choice. Apple is hiding behind a huge paywall. Can we safely promote such expensive products from a USA base tech giant just for the reason of supposedly being more secure and privacy friendly ? Where are the people from under-developed countries in this discussion ? They are not here because we collectively just widen the gap between rich and poor. We live on a luxury island, using toys made of sources coming from those under-developed countries which are the heritage of colonial times. Now, Fairphone can run LineageOS and Ubuntu Touch. That is for sure more privacy friendly than plain Android. #fairphone
@noorul Prices are on their website, also for lots of parts that you can buy #fairphone (Note : I am not affiliated with them, but I respect their project very much. They are opening a view to the mobile phone world that has been shut for ages).

@albert @franz @ASIC @noorul @chidgey Oh, that’s awesome, had never heard of Fairphone before. Can you please send me a link to where I can order the phone with LineageOS or Ubuntu Touch + privacy-respected services pre-installed?


(And yay, I hadn’t realised the problem had been solved. Woohoo! We can all retire now.)

CC @todd

@aral @albert @franz @noorul @chidgey @todd
Yeah, I’m hoping they’ll release Fairphone 3 in the US soon, since they released Fairphone 2 exclusively in Europe in 2015. CDMA support might be kinda nice too.

@aral @albert @franz @ASIC @noorul @chidgey @todd To my knowledge there is nobody offering an FP2 with LineageOS or Ubuntu Touch preinstalled. If you want one of those, you need to install it yourself at the moment.


He is teasing ASIC. He wants to end this on going discussion by saying that.

@WeAreFairphone @chidgey @ASIC @franz @albert @aral

Sensing some sarcasm there...but going to ignore it for the time being. I am using Android (LineageOS ATM) for a few reasons. A big one is that it doesn't force me to use either Windows or buy an MacOS device. I can use Debian and sync all my stuff (mainly music) easily. Although I assume Android does have multiple phone-home "features" included, I am using it without GApps, I assume a minimum on data is captured by Google - 1/4

@aral @albert @franz @ASIC @noorul @chidgey @todd Another reason is I like to tinker (and break it at some point, I am sure) - 2/4

Show more

@albert @franz @ASIC @noorul @aral @chidgey

a few years ago in USA Apple had independent repairers in USA busted by ICE officers because of "intellectual property violations", they have also worked with the predecessor of ICE in the 1980s to stop Apple II clones reaching the market..

@vfrmedia @albert @franz @noorul @aral @chidgey That’s interesting. I didn’t release copyright was within their purview - I thought they were the Immigration and Customs Enforcement agency.. I’d have expected it to be the FBI’s job to enforce intellectual property law.

@vfrmedia @albert @ASIC @noorul @aral @chidgey it's called Monopoly. We've all played it, when we were young - It's especially popular among politicians and wealthy people.

@ASIC @chidgey @aral @noorul you're right; most couldn't be bothered. Even those shocked at first, usually soon forget - dismiss. This is, until it has affected them personally, in a significant way.

@aral @ASIC @noorul thread model, marshmallow butter. The west really loves buzzwords. We're all at risk - you don't have to be a journalist, activist or politician, to become a target. Whatever you say today, could be reason for your tomorrow's execution.

So if your "thread model" is a 5 year old, trying to "hack" your iPhone - you're safe. Maybe.

@franz @ASIC @noorul There’s no use having a discussion about security if you’re going to poo poo the core tenet of good security (threat modeling). Yes, we’re all targets. But we’re not targeted by the same adversaries. And yes, some of those adversaries have overlapping interests. But that doesn’t make them identical.

We use a threat model precisely because it tells us what a system doesn’t protect you against as much as what it does.

@franz @ASIC @noorul Or we can throw our hands up in the air and proclaim “it’s all fucked”. Don’t think I don’t feel like doing that sometimes. But that’s not going to help us improve anything other than perhaps the bottom line of your local off-license.

@franz @aral @noorul I think I see where I made my mistake. I meant to say that Android collects more user data than iOS and then sells it to other companies; Apple makes its money off hardware sales, while Google makes its money by selling user data.

@ASIC @aral @noorul In any dictatorship, if a debate is not desired, or opposes the dictators views, it's simply shut-off. I'm sad to find, that even Mastodon, creeps with people, that simply aren't ready to have a debate. Cheers Aral

Sign in to participate in the conversation
Aral’s Mastodon

This is my personal Mastodon.