alt Hacker NewsCould you elaborate a bit on why you've judged it as privacy theatre? I'm skeptical but uninformed, and I believe Mullvad are taking a similar approach.
Replies
They transitioned from “nobody can read your data, not even Apple” to “Apple cannot read your data.” Think about what that change means. And even that is not always true.
They also were deceptive about iCloud encryption where they claimed that nobody but you can read your iCloud data. But then it came out after all their fanfare that if you do iCloud backups Apple CAN read your data. But they aren’t in a hurry to retract the lie they promoted.
Also if someone in another country messages you, if that country’s laws require that Apple provide the name, email, phone number, and content of the local users, guess what. Since they messaged you, now not only their name and information, but also your name and private information and message content is shared with that country’s government as well. By Apple. Do they tell you? No. Even if your own country respects privacy. Does Apple have a help article explaining this? No.
Because Apple makes privacy claims all the time, but all their software is closed source and it is very hard or impossible to verify any of their claims. Even if messages sent between iPhones are E2EE encrypted for example, the client apps and the operating system may be backdoored (and likely are).
The gov’t can force them to reveal any user’s data and slap them with a gag order so no one will ever know this happened.
Mullvad is nothing like Apple. For apple devices: - need real email and real phone number to even boot the device - cannot disable telemetry - app store apps only, even though many key privacy preserving apps are not available - /etc/hosts are not your own, DNS control in general is extremely weak - VPN apps on idevices have artificial holes - can't change push notification provider - can only use webkit for browsers, which lacks many important privacy preserving capabilities - need to use an app you don't trust but want to sandbox it from your real information? Too bad, no way to do so. - the source code is closed so Apple can claim X but do Y, you have no proof that you are secure or private - without control of your OS you are subject to Apple complying with the government and pushing updates to serve them not you, which they are happy to do to make a buck
Mullvad requires nothing but an envelope with cash in it and a hash code and stores nothing. Apple owns you.