octalfudge @ octalfudge @lemmy.world

Posts

133

Comments

20

Joined

2 yr. ago

Winter typically means Jan-Mar for anime, this could suggest it comes early next year, but who knows.

I just tried on my Mac, and Option-Command-C worked. Unsure whether this is a reliable solution

John Gruber’s take on this: https://daringfireball.net/linked/2023/08/24/apple-california-right-to-repair

(Please don’t shoot the messenger)

Wow. It really ended. Was entertaining watching this update regularly.

I found this very insightful, thank you for sharing!

On iOS, Avelon is the best Lemmy client I have ever used (in my opinion even better than Apollo was), though some features are still missing. Smooth, fluid, beautiful, functional!

Join Lemmy!

I think this is good advice. Also, the non-pro models tend to be lighter (we’ll have to see if this is true for the 15 series as they are rumored to switch to Titanium, which is lighter).

Just tried it, works really well! Added most of its recommendations to my library

More info:

https://asahilinux.org/2023/08/fedora-asahi-remix/

https://social.treehouse.systems/@marcan/110825522690584932

Some key points:

• We aim to officially release the Fedora Asahi Remix by the end of August 2023.
• Very soon after Asahi Linux started (well before our Arch ARM-based release), Neal Gompa joined our IRC channels and we started talking about working towards integrating our work into Fedora... The Fedora Asahi project started in late 2021, and work began in 2022 alongside the Arch ARM release.
• Working directly with upstream means not only can we integrate more closely with the core distribution, but we can also get issues in other packages fixed quickly and smoothly. This is particularly important for platforms like desktop ARM64, where we still run into random app and package bugs quite often.

I think for some cases the app already in the App Store has ads and other monetisation (e.g. IAP). In these cases the app is modified to remove these and allow you to get the benefits that were behind a paywall in-game

Hi! It's called iCloud Private Relay and it's detailed here: https://threadreaderapp.com/thread/1402274867366477831.html

Apple's stated reason for not covering mail, contacts and calendar is "Because of the need to interoperate with the global email, contacts, and calendar systems, iCloud Mail, Contacts, and Calendar aren’t end-to-end encrypted". I think it's worth mentioning that critical bit of context. https://support.apple.com/en-sg/guide/security/sec973254c5f/web. Apple does have to balance usability and security, though this might not be as secure / private as you or I would like.

I think it's a little misleading to say they considered backdooring it. They intended to scan images for CSAM before uploading it to iCloud Photo Library. A lot of speculation was they wanted to E2EE photos but were worried about the reaction from the FBI and other bodies, given the FBI had pressured them on this before, and so settled on this compromise. If they had managed to do this, they wouldn't be able to access the photos after they had been uploaded, hence, they had to scan them prior to the uploading.

They attempted to do this with a very complex (and honestly still relatively privacy-preserving) way of comparing perceptual hashes, but perhaps they realised (from the feedback accompanying the backlash) this could easily be abused by authoritarian governments, so they abandoned this idea.

I would assume that a company like Apple is getting significant pressure behind back doors, and they cater to an audience that is unforgiving for any slight reduction in performance or ease-of-use, and wants security features that are almost fully transparent to them. Given these constraints, I'm not sure they can improve much faster than what they've demonstrated. Smaller, open-source projects probably don't have these constraints.

You’re absolutely right that it’s still an issue to transmit information about the developer certificate. Apple published a response to this, which admittedly is not ideal:

https://support.apple.com/en-us/HT202491#view:~:text=Privacy%20protections

We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.

These security checks have never included the user’s Apple ID or the identity of their device. To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.

In addition, over the the next year we will introduce several changes to our security checks:

A new encrypted protocol for Developer ID certificate revocation checks

Strong protections against server failure

A new preference for users to opt out of these security protections

I’m sorry but did you read the article l linked to or the TL;DR I lifted from the article?

They do not send the app you open to Apple, and there is no evidence they send it to third parties as the app information is not sent at all!

Nevertheless, they do send information about the developer certificate for notarization and gatekeeper checks.

https://support.apple.com/en-us/HT202491#view:~:text=Privacy%20protections

Quote:

We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.

To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.

In addition, over the the next year we will introduce several changes to our security checks: A new encrypted protocol for Developer ID certificate revocation checks Strong protections against server failure A new preference for users to opt out of these security protections

Unfortunately, this is highly misleading.

Thank you for sharing this, and I appreciate good, high quality information about privacy but please don’t spread misleading information about one of the few companies that provides easily accessible private tools for the not-so-tech-savvy, as well as the busy.

Apple applies E2E encryption for almost all iCloud data with Advanced Data Protection, applies something similar to Tor for web browsing, kills tracking pixels in your mail, uses differential privacy to avoid identifying you, and so much more.

Please see: https://blog.jacopo.io/en/post/apple-ocsp/

TL;DR

No, macOS does not send Apple a hash of your apps each time you run them.

You should be aware that macOS might transmit some opaque3 information about the developer certificate of the apps you run. This information is sent out in clear text on your network.

You shouldn’t probably block ocsp.apple.com with Little Snitch or in your hosts file.

You're absolutely right that closed source makes it much harder to verify that software does what it's supposed to do. I'm not sure in the absence of ability to view the source how we can be sure that Apple does what they say. (maybe network packet sniffing? Are there privacy audits? Must it be disclosed in GDPR requests?) I hope someone with the appropriate qualifications is able to chime in on this.

I'm sorry for my poor explanation, and unfortunately I do not specialise in differential privacy. My layman's understanding is that they add noise to the segments of your navigation before sending it to themselves. Once they receive the noisy data, if they average out many samples, the noise is "averaged out" in aggregate statistics. I hope an expert on differential privacy is able to chime in.

IIRC Apple does apply differential privacy - sending wrong information randomly about your trips to themselves, where they then average over all users to get rid of the noise they added so it becomes useful aggregate data.

And they never submit the start and end locations of the trips. Maybe the privacy is still terrible but it’s way way way better than Google’s IMO

Source: https://techcrunch.com/2018/06/29/apple-is-rebuilding-maps-from-the-ground-up/

“We specifically don’t collect data, even from point A to point B,” notes Cue. “We collect data — when we do it — in an anonymous fashion, in subsections of the whole, so we couldn’t even say that there is a person that went from point A to point B. We’re collecting the segments of it. As you can imagine, that’s always been a key part of doing this. Honestly, we don’t think it buys us anything [to collect more]. We’re not losing any features or capabilities by doing this.”

The segments that he is referring to are sliced out of any given person’s navigation session. Neither the beginning or the end of any trip is ever transmitted to Apple. Rotating identifiers, not personal information, are assigned to any data or requests sent to Apple and it augments the “ground truth” data provided by its own mapping vehicles with this “probe data” sent back from iPhones.

Because only random segments of any person’s drive is ever sent and that data is completely anonymized, there is never a way to tell if any trip was ever a single individual. The local system signs the IDs and only it knows to whom that ID refers. Apple is working very hard here to not know anything about its users. This kind of privacy can’t be added on at the end, it has to be woven in at the ground level.