If you have an easy way to make emails on the fly like Apple’s hide my email feature then it really isn’t an issue to setup accounts with unique email addresses. Some sites don’t allow throw away emails from some providers, but I’ve never had that issue with Apples version since a ban on icloud.com emails would eliminate too many customers.
Depending on the site, you can use one device to login to another without installing additional software. For instance, if you have an iPhone with a passkey for microsoft.com stored on it, you can login to Microsoft.com using the iPhone.
Here is a webpage that has some screenshots to show you what I mean. You can probably google some other examples.
I don’t even see a link. Though I guess I should look inside Microsoft Edge.
Edit: I cannot find anyway to get to it in either the desktop or Edge. I do not have a signed in Microsoft account on this machine, so that may be why I don’t see it. I’m not willing to sign in to see.
I wasn’t disputing your point—just throwing in a little extra info since I literally had that table open in a different tab (it’s April in America). I honestly doubt changing those rates would impact things much though. I think we need an asset tax (like the one that exists in most states for houses and that we call property tax) that impacts stocks. Probably a massive change in estate taxes too.
Federal Tax Rates 2024
Tax Rate | For Single Filers
10% $0 to $11,600
12% $11,600 to $47,150
22% $47,150 to $100,525
24% $100,525 to $191,950
32% $191,950 to $243,725
35% $243,725 to $609,350
37% $609,350 or more
Surprisingly, I thought the article was a reasonable summary of the actual paper. I think some people might think this was a poke at privacy on Apple, but it really focused on how hard it is to create accessible settings despite the enormous number of options.
I have found that navigating the menus in Apple iOS is quite a bit easier than on my Android devices. Mac seems more difficult as the settings tend to be inside the individual apps and don’t surface as well through the search.
The paper hammered home the point that Siri configurations were particularly hard, but they also mention that Siri data is end-to-end encrypted. I thought all those points were fair.
I do believe settings need to be improved, but I have little faith they will ever be useful for 99% of users who will simply never change anything from the default. At this point I believe any meaningful improvements for the majority of users will come from useful defaults that include E2E encryption on basically all user data. I feel Apple is coming close with iCloud Advanced Data Protection that was introduced last year, but that needs to become a default. Maybe it cannot though—too many users will lose all their data and then the trade off of security to convenience will not be worthwhile.
I don’t think a big business should have an advantage over a small business that cannot afford that technology while using public airwaves. A better solution imo would be to prioritize all very low-bandwidth traffic.
109 devices per capita? I just walked through the house looking at what my partner and I have that plugs in. We don’t have 109 together. And it isn’t like I we don’t have stuff. Mesh wifi routers, camping gear. Heck we even have a refrigerator. What do people collect?
I agree that decrypt/encrypt is bad—it is simply not E2EE. The solution would have to be a better method of public key distribution for ‘federated’ systems.
While I don’t know anything specific about facebook messenger, E2EE doesn’t necessarily preclude what you suggest. A messaging service could store the entire chat history encrypted without decryption keys. When you get a new client you could restore the entire history in encrypted form onto your device. You would then use a recovery key you would possess to decrypt the message history on your end. At no time would the messaging service have the keys to decrypt. I’m not saying that is what facebook does.
Why do you need to control both ends for E2EE? Both ends need a public and private key to encrypt and decrypt messages. You need a method of key exchange. I would prefer to have an offline method (phone call, in-person) of validating a key (like iMessage and Signal have). But I don’t see a reason to need to control both ends.
It could be they are collecting and hiding the data, but what they publicly disclose they have certainly varies. My de-google-fication really started when I used google takeout (like the OP here). Excluding things I wanted backed up (e.g. photos), Google still had more than a GB of textual data (this was 7 years ago or so—my memory may be wrong). I use Apple a lot so I went to their “takeout” page. They had a few MB of data pretty much all of which I considered innocuous. I don’t think they are equivalent.
I do agree Facebook probably collects as much data as Google, but I gave that up long ago.
It’s Google’s name for a service that lets you download all the data Google has on your account. If you google google takeout it should get you to the page.
Honestly, the retail shop and restaurant really went downhill shortly after that happened. My family used to eat there weekly. Breakfasts were excellent and nicely priced. Over the next couple years we just stopped.
Now I just miss that vegetarian sausage omelette with those cheesy grits.
I don’t know why those things seemed to coincide but the handover was in the local news a lot and shortly thereafter it just seemed to begin its decline.
If you enable advanced data protection apple cannot recover your account. You need your recovery keys or a designated recovery contact.
The apple doc implies (to me) that a SIM swap only works after you authenticate on an apple device (e.g. using your password) even without advanced data protection. I have never tested that.
You can use the long process (many days) to recover an account assuming you haven’t enabled advanced data protection. I’m okay with that as it is perfect for my grandparents (I had an older relative who got their account back through this method).
I get that you could SIM swap to recover other accounts (not Apple) if they have SMS as a recovery method. That sucks and it really sucks for people who don’t get that an email or SMS recovery can be a giant hole in security.
The document you linked says it requires a combination of your apple account password plus an SMS text sent to a pre-registered phone number? Seems like a pretty good setup for most people. Also has the alternative of recovery contacts and recovery keys.
It looks like turning on advanced protection would eliminate the SMS method but I am not 100% sure. Then you would need recovery keys or recovery contact.
My biggest worry in these cases is not that I get locked out, but rather that Apple mangles my keychain. I have a USB CSV of my passwords in my bank safety deposit box. With passkey I am not sure of how I would get a similar backup.
I’ve moved to WinPE for its immutability.