I guess I’ll take the contra here on messages integration — moving a message over BLE to untrusted hardware and worse accepting them back into iMessage is a massive, massive change in the security boundary and therefore security architecture and therefore security promises that apple makes on iMessage.
I do not believe average smartwatch users understand what they’d be doing if they got this. I do not believe vendors integrating with such a thing can do it safely, or even that all vendors integrating are good actors.
One reason iMessage is less of a total cesspit than SMS is that the ecosystem is closed, and makes automation difficult. It used to be impossible nearly, and in that era we had almost no iMessage spam. Now it’s difficult, and we have moderate iMessage spam. But adding hooks to make this automation easy, and worse, leave the trust environment as a feature is just wrong.
This is cap. I worked on heads up glasses, and one of our issues was the lack of integration with Apple's iMessage ecosystem. Device makers are willing to go through several security measures, like deploying the MFi chips and certification. However, at best this gives you access to the notification system, not iMessage itself. You are able to respond to messages via the notification framework, but not integrate directly with iMessage even after taking all security and certification efforts. This isn't a security play. This is a walled garden play.
Yes, I don't want apps accessing my messages surreptitiously. Points there.
However, what's wrong with allowing another app to post messages to my messages?
If I don't want it, let me turn them off. Maybe, as a UI expert company, it's easy "block app from sending me messages" when I get a message. Seems like something that should be fairly transparent to the (potentially misbehaving) app.
I use a Garmin, and Android, and I use it for messages all the time, it's great. I can't imagine not taking them. It's easy for me to block stuff I don't want, could it be easier, maybe...
But my point is this isn't something unreasonable for a user to want.
As a general aside, it seems when I hear about Apple products anymore, they are locked down, unintuitive, and generally just unpleasant. I even tried an Apple device again recently...eugh.
Apple is only "nice" for a certain, narrow segment of the population.
I don't get this argument that Apple making it difficult for their paying customers to send and receive messages is somehow a good thing. It's also not like Apple is helpless, they managed to shut down Beeper.
Why did you choose to ignore the very next statement in their post, that ensures it cannot be spammed? Doesn't seem like you are arguing in good faith here.
I don't think this is a reasonable take (and also doesn't make sense). If you read the other comments here its extremely clear to everyone that no one here is seriously concerned about your watch sending spam.
If you 'opt-out' then it does not fix the problem of spammers having easier access to imessage.
I'll say that again: If you personally, either a) opt out, or b) dont have a watch at all, it makes no difference to spammers. They are not sending spam using your watch.
People are concerned about the result of allowing anyone to send messages in general.
...
The real argument to be made here is, as other people have pointed out, this isn't technically impossible; I mean, apple watch can do it right?
So there is a solution; but Apple isn't allowing other people to use it.
THAT is the issue here.
Pretending there is 'no issue' is flat out wrong. If that what you think, you're wrong and you haven't understood the problem.
The issue is why only Apple is, according to Apple, technically capable of implementing the controls required to do it in a secure manner.
That's a fair question to ask, and there really isn't a strong answer for it.
Certainly, making it easy for anyone to send messages would not be a solution. That would be stupid. That's why they haven't done that.
...but, you have to ask, is there really no certification process that would do the job? Really? None? Only Apple engineers are smart enough and diligent enough to do it without screwing it up? Hmmmmmmmmmm...
Have you considered the fact it could be because Apple Watch itself is closed, walled garden and Apple has full control over its security (and therefore trust in it)?
Imagine a world where they allow Pebble to go through certification process for it to get jailbroken half a year down the road opening the gateway to iMessage for all the spammers in the world. What then? Should Apple now play whac-a-moll with the spammers forever, or block the access to all Pebble watches creating another scandal? And what if this happens to next 10 different watch makers down the road?
They own Apple Watch and if it gets jailbroken its their mess to deal with, but if they open it to the world then they have zero control over it.
If they block access to all Pebble watched AFTER it has been shown to be opening a dangerous gateway to spammers despite valiant attempts by all to engineer it to be safe, then that would be a lot less of a scandal.
If they further block it by default but allow Pebble users to bypass the block with some very scary warning message then My God there wouldn't be a scandal at all. People who know and accept the risks can use the thing they paid money for as they please then.
I don't see this at all. No one is talking about anyone being able to access to iMessage. No one has a problem for example if you simply require an apple account. No one expect to just be able to do post(number, message).
> However, what's wrong with allowing another app to post messages to my messages?
> If I don't want it, let me turn them off.
Can you it off for anyone sending you messages too?
That's the issue; you not wanting to use it does not mean that spammers won't use it.
That's the problem. You can't have nice things if some people can use it to abuse the system; and there are a lot of people who will.
> But my point is this isn't something unreasonable for a user to want.
This ignores the reality which is that doing it in a way that gives a nice user experience without an enormously painful security issue is really non trivial.
Maybe it's OK to have the choice?
...
If you love your android phone, don't care about iOS, don't like iphones.... why do you care? I mean, why does it upset android users when they see this sort of thing for people using iphones?
It mystifies me. If you love you phone, and you think it's better, then use it.
Automating imessages has been an official thing in macos since ages that i know of, but it is done on a computer rather than a phone. The argument that opening up automation for imessage will increase spam does not hold, just because automation is already opened up, thus whatever spam this allows or not is already here.
EDIT: example script to run from a mac terminal:
osascript -e 'tell application "Messages" to send "$message" to buddy "+12345678" of (1st service whose service type = iMessage)'
You can thank Apple for the Lightning connector and App Store too, for all the good it does everyone in the EU. If a company uses their power to prevent competition with their own products or services, the market's jurisdiction reserves the right to restore competition to their market and prevent the harms inherent to monopoly abuse.
I probably dont get your sarcasm. But I never had a problem with Lightning. In the long run, I like the switch to USB-C... But when I got my first iPhone, USB-C wasn't invented yet, so... Also, I like the AppStore for its reviews, and would actually NEVER activate an alternative appstore. No need to weaken my security on purpose. I know, its apparently an unpopular opinion here, but that is mostly because many people only comment with their dev hats on and are apparently unable to see things from user perspectives...
To add: when apple switched to lightning they made a deal with hardware makers that they would support this for 10 years in order not to make all their hardware obsolete again.
They did eventually change it after exactly 10 years.
Not because their software would inherently break by switching to a different USB connector, or even by using a converter dongle. Apple signed this agreement because Lightning had a hardcoded DRM protocol baked into it to force third-parties to pay licensing fees. Of course they demanded a 10 year support window, it was a licensing ruse to make manufacturers pay a price premium to use the USB featureset.
The 3rd parties are not getting anything out of it. You literally pay for access to a tech stack that has nothing better than you would be able to do with USB.
I mean the other side of connection was USB so it was a necessity anyway.
If at least they upgraded the speed over the years, but nope stuck at USB 2.
For a hardware project I looked briefly at the MFi terms and they just don't make any sense. This is why any good lightning cable was always more expensive (at least before you get some from China with contraband auth chips)
Lightning is a major cash crab from Apple and revealed their actual playbook. Microsoft passed as a very bad players in the 90's but Apple is even worse.
The only people not accepting that are deranged fans.
USB-C is a car crash of an implementation landscape, just because the interface is a single design, doesn't mean that you can rely on it. It is better than it was, but we've had several instances of issues with the USB-C, including my own personal favourite of my Nintendo Switch charging socket burning out because I used a non-Nintendo charger - an Apple one, completely compliant and as good as they get - to charge the Switch. A £50 repair.
Some USB-C cables aren't data compliant. They just send power. There's all kinds of foibles with USB-C that have taken years to work on and this just isn't clear to tech folks, let alone non-tech consumers.
The Lightning port has never done this to me, the device just charges and that's it. It transfers files and that's it.
Don't get me wrong, I don't think USB C is perfect nor that it would have been my choice. In fact, from a mechanical standpoint, I prefer Lightning.
What I'm saying is that Apple didn't have to take a cut from every item sold by 3rd parties who wanted to use their specs.
They could even have sold the spec at a fair price but instead they went on a full rent-seeking strategy.
This is why, when there is chatter about Qualcomm/Apple feud on licensing, I laugh my ass off because this is exactly the same behavior they impose on their partners. Can dish it out but can't take it. My complaint is mostly about the hypocrisy of Apple's behavior.
But the real motivator was making as much money as possible, the fact that their specifications had some desirable qualities is nice but not very relevant (since you don't get a choice if you wanted to make an iThing accessory anyway). Their previous port (30-pin) had the same problem and it was rather terrible.
I had the first iPod with FW400 and they could have very well gone with mini-USB when they switched to their 30-pin to make it compatible with most PC who mostly had USB 2 and rarely FireWire. I used mini-USB for plenty of things from external hard-drive to digital cameras passing by digital mini-disc players and it was a fine port.
Yet they chose to make their completely proprietary 30-pin port, to rent-seek as much as possible on the accessory market. When they switched to Lightning, the goal was exactly the same, trying to pretend it's because it was better is disingenuous and very ignorant of Apple's history and behavior.
Plenty of corporations do things like that but the difference is that with Apple there is an army of zealots eating the bullcrap and justifying their behavior in a fanatical way.
They would have the same profit (in fact more) if they didn't have to pay a percentage of their sales to Apple.
The 3rd party manufacturers didn't make profit because of Apple but because of their customers choosing their products.
The way you try to reverse the situation and try to pretend Apple is entitled to a percentage of revenue from other companies making things to work with their products is pure insanity.
Do you think the brand of your car should get a cut of every compatible thing you buy to use with it? Should they get a cut on brake pad, tires, cables to their entertainment system, carpet of the right size for the particular car, etc. The list can be almost infinite.
Do you realize how absurd what you are trying to defend is?
Best interpretation of that is rent-seeking. Not strictly illegal, but prone to regulation at the very least.
Another way to put it is racketeering.
I guess that Apple has been toying with the line for so long that people don't even understand where their interests lies...
Sure, FireWire is an example of Apple using innovation to actually innovate. Lightning is an example of Apple using DRM to paywall an ordinary and freely availible USB 2.0 featureset.
Firewire was a speed/feature innovation.
Lighting was a port innovation.
Pay to play in either case.
Other options available to Apple instead of Lightning:
* stick with the iPod connector for longer
* switch to micro-USB
* never invent the iPod connector in favor of staying with Firewire or going to mini-USB and then switch to micro-USB or something else later anyway
None of these are better. I'm EXTREMELY glad they didn't switch to micro-USB. I had no shortage of mini-USB and then micro-USB devices and the micro-USB ports/cables are pretty much the worst I've ever dealt with.
Yeah. Also as I understand it, Apple is part of the USB committee and they were actively involved in the development of USB-C. Their experience developing the lightning connector actively led to usb-c being reversible.
If not for the lightning connector, we wouldn't have usb-c as we know it today.
Its also a stretch to claim apple doesn't like usb-c given how hard they've been pushing it on their laptops. In 2016, they started shipping laptops that only had usb-c ports - which worked around the chicken-and-egg problem we would have had otherwise. Dongle-gate was a real thing that annoyed a lot of people. But my desk is covered in usb-c peripherals - and that might not have happened if not for apple's "brave" choice.
The same thing happened with the original USB. Windows machines, even laptops, shipped with serial and even parallel ports for years after the first iMacs went all in on it. That gave the market for USB devices an enormous boost.
People have really bad memories of Mini- and Micro-USB, or aren't old enough to have experienced that era. Those things were fragile. At that point in time, it made all the technical and business sense in the world to replace their existing proprietary connector with a new, improved proprietary connector. The MFi program was a thing before Lightning, it's still a thing today, and has nothing to do with the specific connector.
The open alternative to 30-pin when Lightning was introduced was micro-USB and micro-USB is ass, but not switching away from 30-pin wasn’t an option for the phone they wanted to build at the time, that being the iPhone 5.
All in all, Lightning was a net benefit that overstayed its welcome by a few years. Even once USB-C was introduced a few years later, it took a few more years than that to become as pervasive as it did.
Overstaying its welcome was intentional to avoid burning peripheral developers who had been promised 10 years of compatibility after Lightning replaced the 30-pin dock connector, which was used from 2003-2012.
As noted in other comments, Apple was part of the USB working group, contributed to USB-C, and introduced USB-C/Thunderbolt-only laptops in 2016. There was backlash against this so they have since backtracked and reintroduced MagSafe and HDMI ports. Personally I would have preferred more USB-C/Thunderbolt ports.
No I get that and I know the history too; but that doesn’t mean it didn’t overstay its welcome as far as users are concerned. Speaking as someone that personally was never got hung up over the shape of the charge cable and certainly not for the flimsy e-waste arguments that were put forth: just in terms of transfer rate (at least on the higher end models) and device compatibility, USB-C has been an upgrade that users could have been enjoying 3 to 5 years earlier when USB-C was a bit more widespread.
I haven't paid for all that many lightning cables period, since they tended to be included with most devices that needed them, and aside from some strain reliefs that I've added myself in the form of heat shrink, they've been largely reliable too.
This was usually due to lint clogging up the port on the device. You could easily remove it with a toothpick and then everything was back in working order. Took just a few seconds at most.
I don't need an ad-blocker. I have YouTube Premium. And I really don't need Safari that often, actually. Besides, if we're really talking JS==insecure, 99% of users on desktop and mobile are insecure. I am sort of on your side, because I spend most of my web-time in Lynx in a tmux. But if I were to argue against JS, people would call me a weirdo. That war is over. I fought it until 2010.
I already said I dont use Safari that much. If you hadn't shortened the quote your reply would be moot. Maybe I need to rephrase, to make you happy: I don't use the web so much on my iPhone. The primary ad-offender in my world is YouTube, which I fixed by paying for Premium.
You know there aren't really ads on websites anymore, right?
There are ads in algorithm apps like YouTube, tiktok, Instagram, mobile games, streaming service "poor" subscriptions, etc. And there are paywalls. But the vast majority of interesting websites don't have ads anymore.
I am not an American. I just have a different opinion on some things then you. Ever tried some empathy?
Pragmatically speaking, I prefer YouTube Premium because I hate their inability to filter out scammy ads, and I still feel like supporting creators at least a bit. As a customer, its not always my call how much of my money goes to creators. Thats why I refuse to use Apple Music and/or Spotify. I spend my money on BandCamp, which I consider an appropriate compensation for other "sins" I might commit on the net.
How does people having the ability to activate alternative app stores on their phones affect you? Or have a Pebble with similar functionality to an Apple Watch? Just don’t activate the App Store or purchase a Pebble and stay in your walled garden.
We’re lucky our computers aren’t walled gardens because if Apple knew it would work this well with iOS, MacOS would be the same.
Yup, Apple made Lightning because USB-C wasn't a thing yet and MicroUSB is awful. Lightning is a whole lot better than MicroUSB, and they've been using it since 2012. MiniUSB B was pretty OK, Micro was just way too thin to be stable and would snap off frequently, in addition to being not very secure and hard to orient. Mini was thicker though, so while it worked fine for the HTC Apache and other Windows Mobile phones of the era, it wasn't going to be small enough to work on an iPhone.
So many people complaining about a really robust connector that solved real problems and has proven to be pretty reliable for 13 years. I'm no huge Apple fanboi, and I'm happy to have all their stuff use USB-C now, but the hate for Lightning is way inflated IMO.
I have no issue with Apple inventing a new, superior connector; I applaud them for it. My issue is with them making it a closed proprietary standard with authentication chips to lock out unapproved third-party vendors. They could have just invented Lightning and made it an open standard. We might not have even needed USB-C then; the industry could have just iterated upon Lightning.
As I understand it, the USB standard is licensed, and you have to pay for it to use the USB logo and to get a vendor ID if you are not already a paying member of the USB Association. Licensing requires passing a compliance test, which is a very good idea.
Apple was also part of the working group that developed USB-C.
USB-C pushed whatever it was doing too far; it's now necessary to know what kind of USB-C cable you have. There's one kind for data transfer and a different kind for rapid power draw. And they look exactly the same.
That has nothing to do with USB-C, but with the USB 3+ standard, AFAIK Apple uses Thunderbolt protocol that is compatible with USB but it has less optional features than USB protocol.
MicroUSB is fine, and Apple should've just used that (like every other phone manufacturer did, with great success). But Apple also has the world's biggest NIH complex, so they decided to invent a proprietary standard rather than go with something interoperable.
MicroUSB is a terrible connector. Every time I have to use one, it's impossible to get into the slot; it's finicky, breakable and has a one way orientation. Lightning is delightful to use.
Micro-USB connector has been consistently rated as one of the worst connectors ever invented[0], [2]. You can find more on the search engine of your choice.
Also relevant: 19 engineers from Apple worked on the USB-C connector and cable specification[1].
«None of the chargers fit snuggly into socket. The connectors are flimsy and get damaged easily. Just rolling up the charger and putting it in my pocket can cause the tip to break off»[0]
«While on the whole, I am satisfied with the switch to USB Micro, my only major gripe is the less obvious keying. Inserting the plug with good lighting is no problem (if you can see), but trying to plug in your cell phone after you've crawled into bed with the lights off can be a trial. As somebody who works with people with disabilities and medical conditions, I have heard from clients with compromised motor control, those with low vision, and those with distal neuropathies that they do experience a harder time plugging in their devices nowadays»[0]
Why didn't they they work with the other actors to create a common standard 13 years ago? You know why, because they don't care about their users! And they even tried to stop the move to a standard many years later when the lightning connectors were outdated, making it even more clear.
Proprietary, and for the first half of its run, they were insanely expensive. Thin flimsy, always breaking. Short by default. They got nasty and stained quickly.
Over the years, third party cheap ones were risky. May damage port or device.
Has a stupid chip in the connector so people can't easily replicate it like a USB cable.
It was the purest example of proprietary capture in an age where the "The correct universal port" has been around for decades. The massive irony is not missed on me as they used USB mouses and keyboards to engineer a step backwards.
There's things I like about Apple, but I could never bring myself to defend the lightning cable.
> ... security firm gets a chip on their shoulder, they can install a persistent backdoor on your phone...
But a random developer can't exfiltrate my data, which is the WAY WAY more common scenario that the previous poster was worried about.
I agree with them. The Apple App Store prevents a lot more malware than the ability to install ANY software. I like the Mac App Store as well, its a large library of software that is virtually guaranteed to be safe from infecting your computer with a virus.
Now, I know how to sideload onto my iPhone, I have homebrew on my MBP, but my brother/sister doesn't, my aunt can't, my uncle assumed his phone was facebook, and they are safer (from viruses) for it. Make installing viruses harder!
I spent decades as the de facto IT person in my family, and when iPhone and Android came around, family members started buying MacBooks, my load got lightened a LOT.
Well, Apple will have to redesign their security model, then. If the iPhone relies on Apple's white-glove curation to stay secure, then European users are enough of a reason to overhaul their security model.
It's great that you know how to sideload, I'm not saying everyone has to know how. I'm arguing that the option should exist regardless of if you pay for a $99/year subscription fee. It should be a part of owning the hardware you paid for and purchasing the right to control it as the user.
We are not buddies. And I am not confused enough to believe NSO Group would be interested in me. This is plain paranoia you are using to try to win an argument. Calm down. Besides, where is the competitive harm if you are so happy with your Android? Look, I am happy with Apple doing some basic things to make the device relatively safe. I know nothing is absolutely safe. And again, I am not high profile, and I am also not paranoid.
> Your security is nonexistent unless you disable iMessage and JS in Safari, even then Uncle Sam has Five Eyes watching your every move for any traces of "terrorist" support.
Your security is non-existed until you've established a realistic threat model. And if it includes targeted surveillance by nation-state actors, you've got bigger OPSEC problems than just your phone.
You never needed speeds in excess of usb 2.0? LOL, this is such old hat, guys in IBM t-shirts telling me how nobody ever needed more than 64K, and why go third party with your treasured computation when you can get the best, the infallible, the International Business Machine?
In the 15 years that I use iPhones now, I never needed the USB port for any data transfer except for one time when I used an external sound card to record things. Maybe I am a simpleton when it comes to mobile. I guess I deserve being LOLed at.
Apple didn't continue to iterate on Lightning because of the obvious future migration to USB-C connectors.
I will die on the hill that the Lightning plug is superior to the USB-C plug. Lightning could some day have supported USB-3.2+ speeds, if they'd chosen to work further on it.
Still, I have never once transferred data to my iPhone over a USB cable. I have used an iPhone since the first generation. For me, it has only ever been a means to charge the phone and to connect it to CarPlay. With wireless CarPlay and MagSafe charging, they could remove the port and I wouldn't miss it all that much (except for fast charging).
Agreed. I really miss lightning after getting a usb-c iPhone.
The best part of lightning port was how easy it is to clean. You can get lint and sawdust out of the clogged port with a toothpick. With usb-c, I can’t find a rigid non-metallic pick small enough to clean dust out of a usb-c port.
Apple was already well under way on their USB-C transition. They literally shipped the first all-USB-C laptop in 2015. Not the first Apple laptop. The first laptop full stop. The iPad Pro switched to USB-C from Lightning in 2018. Every year since, fewer and fewer devices released with Lightning and more and more with USB-C.
If you need more evidence, literally just consider that Apple never bothered to invest further in Lightning. There were no further speed bumps. No updates in the USB protocol version supported. Even charging, USB-A to Lightning has been capped at a pitiful 12W. Does this seem like the behavior of a company that wants to stay on Lightning?
The iPhone would undoubtably have been USB-C in a generation or two even without the EU’s involvement.
I've had tremendous trouble trying to get my iPhone SE to show up as a USB device. Never did figure it out, but the macOS app iMazing has served me well as a workaround.
Apple is choosing to limit USB C to USB 2 speeds to encourage people pay for a more expensive model. The iPhone 16 pro max has USB 3 speeds after all...
For iPhones "Max" is basically irrelevant when it comes to SoC specs; the phones are differentiated by whether they are "Pro" or not. The Pro (and Pro Max) support faster speeds, and the regular iPhones do not.
Op specifically called out “Max”. Most people would find that technically incorrect. But go ahead and draw lines in the sand wherever you wish if it makes you feel like you’re winning an argument.
I gave the max as an example. I did not say it was the only model that could get USB 3 speeds so you are "technically incorrect" and just want to win the argument.
The two models combined account for half of all iPhone sales. And nobody refers to them as anything but iPhones.
It is not just technically wrong to say “the iPhone doesn’t support a thing” when it the statement only applies to a fraction of the product line and actual user experience.
Thanks Apple, for switching connectors on your mobile devices once in 25 years and enforcing standards on 3p peripheral and cable manufacturers, until a government forced you to change making me throw all my cables away.
I specifically liked the lightning cable and the App Store. I had no problem getting lightning cables for a fair price, and I have no problem finding all the applications I need on my iOS devices. Compared with the sewer that is the Play Store, the App Store is a breath of fresh air.
Walled gardens are not inherently bad. I DO thank Apple for the App Store. It’s half the reason I have an iPhone. I WANT to be able to download any stupid thing in there without a care in the world re: viruses or other damaging experiences.
This is not to say every aspect of their walled garden is good, but I’m more than happy to accept those problems in light of the benefits I personally value.
This is all to say: it’s not much of an argument to point out that one of their selling points is an aspect of their ecosystem! I don’t think you’ll get through to anyone who doesn’t already agree with you.
I never understand this viewpoint — I understand what you're saying but there's no advantage to this over the Play Store model on Android.
You can have the walled garden, and also not restrict people's freedom — on Android I'm sure the number of people that use any other store than the play store or even side load apps are vanishingly small.
To even be able to do it you have to enable it deep in the settings. And even then, if a new app tries to install an apk you have to manually approve that app's ability to do that before reinitiating the entire process.
That's to say, the default experience is very wall gardened, and I do feel somewhat more protected when downloading something from the play store than not, and the vast majority of people will never leave the Google walled garden. But there exists a way to go around that walled garden when you need to, and that doesn't subtract from that walled garden mode in any way IMO.
For myself, the point is that I don't have to download another app store ever. If fortnite wants to get me (and roughly 50% of US mobile users) to play their game, they _have_ to follow the rules of the app store we have decided suits us best. If, however, other app stores are allowed, then there are no rules. No gatekeeper.
> I WANT to be able to download any stupid thing in there without a care in the world re: viruses or other damaging experiences.
The Apple ios app store is positively chock full of spyware. You can’t download apps without a care in the world. This is why Apple put a privacy label on the apps (which is still woefully inadequate; it is self-reported).
The permissions alerts don’t come from the App Store, they come from sandboxing and the permission model. This is a property of the OS, and everyone agrees that this is better than the anarchy of desktop OSs. But they were created decades earlier, sandboxing was obvious in hindsight only.
> surely any "spyware" on the app store is going to include a ton of permissions alerts when it does anything?
Not really. Push notifications is enough. I can send you a push notification and get loads of details from your phone, including cross-app fingerprinting. Iirc Apple allows ~3 silent push notifications per hour so they can be completely hidden.
But really, your search is as good as mine. The entire digital economy is based on personal data collected from your devices, and yes, that includes the iPhone. How is this news? What’s your definition of spyware?
> You can thank Apple for the Lightning connector and App Store too
The App Store was an absolute revolution for mobile app developers. It is hard to overstate how much of an improvement it was over the status quo. People are complaining about Apple taking a 30% cut; it used to be that the operators took a 70% cut. Not for hosting an app store, no, just for sending the reverse-billing SMS message with the install link. You had to host it yourself, there was no store so you had to advertise your app to make it discoverable. You had to arrange (and pay for) a shortcode and SMS provider for every single country you wanted to sell in. You had to write and host code to handle the incoming message on the shortcode and respond with a RB-SMS.
Next to that, the SDK’s were absolute dogshit, phone manufacturers didn’t give a shit about apps and the phones themselves were riddled with bugs (with the notable exception of SonyEricsson, their J2ME environment was excellent). Symbian was a PITA to develop for, BlackBerry was actively developer-hostile (unless you happened to be a Fortune-500 company). Samsung phones were an absolute disaster, every single phone model had a unique set of bugs you had to find workarounds for.
So in comes Apple, they charge only 30% and for that you get a nice SDK, an App Store that distributes your app, makes it discoverable and handles payments worldwide with zero extra effort. We were thrilled when they announced it, and rightfully so.
Google then followed suit with the Play Store, effectively matching what Apple was doing.
So yeah, Apple deserves some thanks for what they did with the App Store.
You’re not required to sell software through the App Store on macOS either. The App Store complaints are only relevant on mobile, which has always been a completely different market.
They did move to USB-C, but the lightning connector was actually a great product, far superior in usability to the Micro-USB, Mini-USB, and whatever other nonsense standards that existed. When Apple wanted to move to USB-C people complained about them "changing standards all the time". There really isn't a move that pleases everyone and even when they do the "right" thing people still complain lol.
> App Store too, for all the good it does everyone in the EU
The Apple App Store is pretty great. There's a large, vocal minority of folks that want changes there, but they also aren't the ones that have to deal with grandma and grandpa doing crazy stuff. If you want another App Store just by an Android phone since that's a feature they offer. Kind of like if I wanted a phone with a larger megapixel camera or something I'd buy something else.
>Apple charging cables, such as the Lightning to USB Cable, are easily prone to fraying. Most commonly, this fraying occurs from device usage while charging.
This has nothing to do with the plug though, its just the material they make their cables out of. Nothing is inherently different about USB-C that will stop this
But the licensing fees effectively introduced a price floor onto lightning cables. Apple's implementation having issues is a problem because other manufacturers could produce a very cheap alternative, but they would be unable to sell it a low cost due to having to pay the licensing fees.
I have a grandma and grandpa and I deal with their devices directly. I’m want an iPhone that lets me do more and I can set up (with their consent, of course) a more limited experience for them. Their phones currently have purchases turned off, for example, because they have a set of apps they need and there’s no reason for new apps, because even with the App Store not all of them are actually good enough to have on their phones.
I've heard it all before, both of these are simple to refute. Apple designed the USB-C connector, they knew it was an option. But as is Apple tradition, they created a new licensed serial and power connector specifically for their phones to promote MFi, their arbitrary USB DRM. Apple could have switched to USB-C at any time; they had no issue shipping millions of peripherals and Macs with them onboard. But they didn't, because then they couldn't foist a proprietary standard onto their most lucrative submarket.
> If you want another App Store just by an Android phone since that's a feature they offer.
Sorry, this is bullshit. Alternative sources for installing software will always exist, even current iPhone users have to accept Cydia as an option. You don't ever have to leave the Apple App Store, but your preference has no right to enforce an artificial limitation onto other users. The Mac as a product would not exist without third-party software distribution, the iPhone is undeniably stifled by Apple's stance on the matter.
Lightning development started in 2008 as I was there!
USB-C development started in 2012 (I was not there!), but from wiki, the ever helpful source of truth: "The design for the USB-C connector was initially developed in 2012 by Intel, HP Inc., Microsoft, and the USB Implementers Forum. The Type-C Specification 1.0 was published by the USB Implementers Forum (USB-IF) on August 11, 2014.[1] In July 2016, it was adopted by the IEC as "IEC 62680-1-3".[3]"
I not sure of the logic here, but Lightning solved a problem way before USB-C existed and I'm sure, led to support of USB-C standards such as reversible connectors etc...
> You don't ever have to leave the Apple App Store, but your preference has no right to enforce an artificial limitation onto other users.
So... just buy an Android? This is not an artificial limitation, it's an express preference that the vast majority of iOS users have voted for.
> The Mac as a product would not exist without third-party software distribution
The Mac is a completely different product servicing a completely different set of needs. Nobody is asking for the iPhone to be able to run Node or Vim so they can do their work, they want to scroll Instagram and reply to their iMessage
I'm sure if it was really that much of an unmet need, Apple would be jumping out of their skin to go and build it and thus rake in the billions of unrealised revenue that must be out there
But they're not, so I'm continue to assume they know what they're doing. Again, go buy an Android if that's what you want
The EU was created to integrate and unify social security, pension systems, welfare states, and, ultimately, politics and policy—both foreign and domestic.
I couldn’t care less about Apple’s case, but the fact that this is being touted as the EU’s biggest achievement in decades says a lot about why Europeans don’t like the EU.
As a user you should be fine with the ability to restrict access to iMessage. Not locked out of it with hardware you own and interoperability dictated by the vendor who also wants you to buy their watch.
Exactly. It's amazing how often the nuance between may and must is missed by Apple fans.
Apple should be able to lock down their ecosystem as a default -- plenty of people will be happy to use that default experience.
But Apple should absolutely be prohibited from not allowing users the choice of unlocking their own device, for additional functionality, if they choose.
It's also glaringly obvious that many of the "freedoms" Apple affords its users (freedom from iMessage spam!) help drive its revenue...
> It's also glaringly obvious that many of the "freedoms" Apple affords its users (freedom from iMessage spam!) help drive its revenue...
Yea I mean this isnt really hard to understand. 99.9% of users would rather have no iMessage spam and also not be able to publish messages from their 3rd party watch. This works in Apple's favor revenue wise because people value having clean and familiar experiences, and dont feel like they are leaving anything behind
Not sure you understand the argument. If you allow people the ability to access iMessage however they want, how do you prevent iMessage spam? You may not care about this, but a lot of people do.
How does connecting to a smartwatch enable spam? None of the comments here explain in detail how that would happen. The messages still get sent through an iPhone and through Apple servers. It's not like Apple is giving up any control over those.
It isn't easy to do with just AppleScript on a Mac. I run a sports team and I wanted to send out a message to people for special situations. Some of the challenges are that you cannot script sending a new message if there isn't already a thread -and- it seems like you must use the same contact info (email or phone number). There isn't much feedback when it goes wrong. Some of these do make sense for preventing spam. I suspect I could have used the accessibility APIs to drive the UI. I eventually gave up.
Not really, but that really wasn't what I was trying to say. I was trying to counter what I thought was a faulty equivalence argument; AppleScript allows unrestricted use of iMessage today, so giving watches an API won't make it worse.
I do think that the state of AppleScript automation is the result of trying to break the mechanisms that were being used to generate SPAM. Could you agree that automation capable interfaces do increase the chances of bad actors taking advantage? Right now, with a lack of information, I don't know how I could make an iMessage automation interface "safe by design".
I do see a direct path from the mandated AT&I breakup and interoperability rules to SIP / VOIP services and the resulting levels of Phone spam and caller-id fraud. This has cost a lot of people, life changing amounts of money and much wasted effort and time.
Un-nuanced tech laws or mandates have a terrible track record for having bad side effects. Those effects often never get addressed, which makes me wonder a bit about the original motivation of why the laws came to be in the first place.
I also see a narrative that company X will automatically refuse to work with company Y or community Z and are de-facto always acting in bad faith. Even if company X was never approached or asked - yeah, companies do tend to isolate themselves making direct communication very, very difficult. I cannot deny that there are some company X's that do seem to behave very poorly. A counter example, in my opinion, is the recent Bambu labs API issue. As a tinkerer, a few minutes of looking at how people had built interactions with their printers strongly suggested to me that Bambu introducing an actual API endpoint was a really, really sane thing for them to do. (I did comment this way). Only time will tell if Bambu was actually trying to improve things or was acting in bad faith.
I don't self identify as a hacker despite being an active member of this community. Im not sure it's a fair assumption to make that everyone here identifies as a so called hacker despite the name. I don't generally like the apple ecosystem but I think the choice to lock things down isn't always problematic. users that care for other choices can choose android.
It's tricky. As a long time Apple user, I appreciate that they are privacy focused, but I also get a lot of spam text messages, calls, and notifications. It's become more and more annoying to deal with these on my Garmin watch and on my phone. I wish I had some sort of AI filter. For example, I want to get a notification if my Uber is running late, but I don't want one if Uber is offering me 20% off if I subscribe to whatever their monthly service is.
"Apple knows best for us" is something I've gotten very tired of over the years.
This example might be apples-and-oranges when it comes to the protecting Apple protecting iMessage, but they often rob the user of the choice that other manufacturers offer.
For example: Hotspot. Android hotspot can be perma-on. iPhone hotspot cannot. It will always switch itself off after some time of non-use. When I asked an Apple employee about this (This was not his dept), his understanding was that it was for not-clogging up Wifi at-scale, and for users who forget to turn it off. But what about the users who want it on always, who pay their cell provider for the biggest pacakge? My computer goes to sleep, and the hotspot turns off and I have to go manually switching it back on because "Apple knows better". I want those choices.
I’m with you on this one. I’d be fine with Apple opening up their ecosystem in a safe and careful way to other companies but only if the security stays, at least, at the same level - and if I’m able to turn off these options in the settings.
This perspective is infuriating. It's literally Stockholm syndrome. Your device is being held prisoner in a cell that they refuse to give you the key to unlock no matter how much you beg, and you are actually thanking them for it.
Different people evaluate cost/benefit trade offs differently than you do, and don't speak of the matter with metaphorically charged terminology like "abuse", "prison", "Stockholm syndrome", etc.
Normally I'd agree; people overuse the term "Stockholm syndrome", but in this case it's a perfect analogy. Apple has you trapped. You can't use a competing smart watch even if you wanted to, because Apple is blocking critical functionality and there's nothing you can do about it short of ending the abusive relationship entirely and completely leaving the Apple ecosystem. But you don't want to do that, you love Apple too much, so instead you choose to thank your captor for holding you captive. It's your fault they have to do this after all; you can't be trusted to make a decision about which smartwatch you want to use. After all, if you chose a competitor that might be a bad decision that would hurt your security. So Apple is totally justified in preventing you from leaving. Thank you Apple for saving us from ourselves!
It would be one thing to acknowledge Apple's doing something bad here but still decide to use their products because you like their hardware. That would be a cost/benefit trade-off. But actually thanking them for the abuse itself? There's really, legitimately no better way that I can think of to characterize the situation than as Stockholm syndrome.
Other users want a secure design without the ability to shoot oneself in the foot, such is the reason for a market where you have the alternative choice in Android.
Just like totalitarian regimes, Apple considers its users too stupid to be allowed to make choices for themselves. They must be herded like sheep towards the right path.
I do not want 3rd party hardware/software vendors to have unrestricted access to the messaging app on my phone that is the only option my bank and PayPal and a bunch of other critical services use for 2FA.
Especially not when the software they want to run is JavaScript, with all it's well known npm dependancy nightmares, _and_ from a founder and team that openly admit iPhones are a second class citizen in their development planning and resources.
And especially especially not when the founders have previously shown their colors when they rugpulled all their customers and effectively bricked all the devices they'd sold.
Even with the limited iMessage/SMS access they have now, I wonder how long it'll be before we see a supply chain attack against Pebble exploiting some 11th level deep npm dependancy on something dumb like leftpad.js, that exfiltrates SMS 2FA codes and first anybody knows about it will be when a bunch of CryptoBros start complaining about their exchange accounts being emptied...
> And especially especially not when the founders have previously shown their colors when they rugpulled all their customers and effectively bricked all the devices they'd sold.
As a Pebble user for a long time, I'm not exactly sure what you're talking about here. If you're talking about Fitbit halting services, I can't exactly blame the founder of Pebble for that. Can I blame him for the poor business decisions that led to needing to sell to Fitbit? I guess, but I'm not a business person nor a CEO and have no idea what transpired to lead up to that. But I'm reasonably sure it wasn't malice as you seem to imply.
Then don't grant them the access! This isn't all or nothing! It's a matter of being given a choice (to which you can say "no!") or being given no choice at all.
Preach. My team's building an OS for smart glasses and some of our most common feature requests are iOS notifications & being able to reply to them.
We're going to have to do insane things to get them working. Due to how ANCS works, we're considering developing an ANCS "doohicky" (either a BLE pop-socket, smart-ring, or mag-safe wallet) which gets notifications via BLE & relays them back to the iPhone, to then send to the glasses. That would just get us the raw notifications, though, and wouldn't solve the issue of replying. The other option is a Beeper-like system in the cloud to bypass iOS entirely, but that also has downsides.
It's a total mess, especially compared to Android where you can just easily listen for notifications & send them to the glasses without much pushback from the system.
You could say the same about software and app stores. If safety were the top priority, then the safest option is to say no apps, but that isn't competitive or lucrative. Apple's approach is to create safe frameworks and a review process that allows the App Store to exist.
I just want to add that over the last few years Apple has also been teaching its users to ignore security warnings as they make it difficult to verify software and thus lots of stuff never does. Its why there's few free things in the App Store because Apple charges. You install things from GitHub and well you're gonna get that security warning.
I assume you're talking about the Mac App Store since one can't easily install iOS software via github.
It's a tricky situation. Windows Vista tried to improve security and then was criticized for having too many UAC pop-ups, and for breaking legacy drivers.
I don't like Apple's syspolicyd, but it is also an attempt at improving security.
I'm talking about MacBooks. Sure, this is about iPhones but it's also about a closed garden and other devices in that closed garden which are very likely to also be owned are teaching people a very specific lesson
Poor security implementations harm security, because they train users to click through them. It’s certainly an “attempt” but I wouldn’t say it improves security.
You could argue for only allowing communication through selected carriers, or connections to selected brand computers, and connecting to selected manufacturer Wi-Fi hotspots too
Yeah, but while Apple might consider the hardware to be "untrusted", at some point I trust the hardware I bought. Apple telling me I cannot decide what devices are trusted or not is annoying.
You do realize this is a very infantilizing attitude? Why can't the end user choose its own level of security vs usability? Letting a corporation decide this for all users is just creating a nanny state in different clothing.
I tend to agree with this, but if you look at the PC ecosystem, you'll see that 'leave users to figure out their own security' is a shit show.
Phones, for better or worse, contain much more private and personal information about users than their computer I would bet on average.
So I understand the urge to make phones more secure by default and to help users avoid foot guns, even if it means restricting their choices.
You are likely not the average user, and I think it's a bit selfish to demand total freedom, that you can manage safely, when for most users they would be worse off.
In a perfect world we wouldn't need this but we certainly don't have one of those.
> I understand the urge to make phones more secure by default and to help users avoid foot guns
There's secure by default, and then there's stuff users can't override even with great effort. Android restricts some dangerous operations by default and makes users jump through a couple hoops to acknowledge the risk. iOS usually forbids them entirely.
> I tend to agree with this, but if you look at the PC ecosystem, you'll see that 'leave users to figure out their own security' is a shit show.
I do not in fact see that. PCs work pretty damn well, security-wise, even with clueless users. I'll grant you it isn't as secure as phones, but it's by no means horrible.
Were you around for the first 10-15 years of the widespread consumer Internet?
I actually disagree with you that things are good, security-wise, today.. They are still pretty bad.
Back then was extremely bad.. Back then, Windows was never designed to be a networked operating system and was just full of security problems like you wouldn't believe.
The problem is that we're in a duopoly on the most important metaphorical ecosystem on the planet. If the market were competitive and efficient, I'd agree, but it isn't.
The upshot of this is that Apple can unfairly compete in all sorts of verticals just by owning that platform. A lot of companies could make a good Airpod competitor, but without access to the same functions as Apple's they're hamstrung. Watches have this problem even worse.
Say what you want about Microsoft at their zenith, you COULD compete with their browser, in fact, people did. You just can't with iOS. That's more important than some users having poor security. (And really, how are we going to worry about phone security when there's a system as stupid as passwordless social security numbers being the key to your financial life?)
The natural duopoly needs to be regulated such that it doesn't spill over into every tangential market.
Without that "shit show" you would never end up with devices like iPhones and useful software that drove last decades of innovation and progress.
The ability to build better things is the reason why you can now sit here, using technologies built on that "shit show" machine, and bloviate how new generations aren't allowed to build new things anymore because a megacorp needs to feed its greed.
It doesn’t follow that the past had to be a shit show for the future to not be a shit show.
In any case we are largely still learning when it comes to security and I don’t really want to make things less secure for the many just to satisfy the few.
While I agree with you (I daily a rooted Android phone), anyone who cleaned up a few Windows machines for non-technical people 20 years ago probably at least understands where Apple is coming from. The average person is really bad at system administration, and it doesn't take many bad actors creating malware and scams to have a big impact.
It's not really about system administration.
The average person is a low effort moron who will do whatever he pleases without thinking about the consequences.
The difference with computing is that since it's "new" and sometimes it has bugs, they will blame the hardware/OS any chance they get.
Have you done a lot of tech support for people?
If not, you really don't know the extent of it. It's not insulting, it's just how people are.
You should meet the guy who had a lot of issues on his MacBook Pro, related to low storage left (barely a few gigs) that was entirely due to his extremely large porn collection.
When asked about it, he doesn't have too many files. What do you do in that case? Isn't he a moron both for storing so much porn and at the same time (somehow) believing a tech support person wouldn't find the root of the problem. It was in a "hidden" folder, so not only he is a moron for the first offense, but doubly so for thinking a competent person wouldn't find something so obvious.
So, I reiterate, most people are morons, and technology just reveals their ineptitude in plain sight, it's simple as that.
You are free to believe in your idealized version of the world, but it doesn't match my experience at all.
Yes, I do. In fact I had someone visit my house literally today because she needed to fix her SMS setup for her phone and I have been her tech support for years (as I am for most of my family and their friends). The people I help are quite smart but they have better things to do than figure out exactly how technology works. I explain what they need to understand and they know they can always ask me when they are confused.
I actually think your example illustrates this: people use their computers for porn. There's nothing wrong with that. If it's so large that he has no space left, I mean that's a pretty actionable thing to tell him. He's not an idiot for not figuring it out himself. That he "hid" the folder from you–I mean, people hide things from professionals all the time. Nobody volunteers to their doctor that they wipe in the wrong direction and thus have chronic UTIs. It's your job to work around the reasonable things people do that make your work harder and bring them to "oh, that makes sense, thanks" perspective.
So you are telling me that someone who doesn't make the connection between low storage on their computers and their large porn collection which is the reason of this low storage causing issues is not an idiot.
They could have deleted their stach (or at least part of it) anytime to see if things would improve, which is how not moronic people work (you know, the try and see feedback loop of proper learning).
You are just of bad faith, pretending to be outraged about what I said even though it only describes the reality of the world. Your newfound religion is so bad that you find offensive something that doesn't even have any moral implication to it and is factual proven by so many statistics that it is not even worth arguing about.
If you what you mean is "not every computer user is a moron" you need to work on reading comprehension because that's not what I said. I stand by my original statement and you are somewhat proving me right.
That's unfair. Modern computers are extremely complicated to the point that even the most knowledgeable person has only a partial understanding, and nearly everyone is required to use them to function in western societies.
There's probably something important and complicated in the world you have to interact with regularly that you don't understand very well. Based on this comment, I think it might be people.
Modern computers are complicated to build and to use for complicated stuff but they have been extremely easy to use for regular stuff since the late 90s.
Pretending otherwise is nonsensical, since the richest economies in the world depend on it and surely not everyone is at a genius level.
There are some things important and complicated that I don't understand very well but they are not about basic operation of relatively simple things. It's like saying operating a washing machine or using a knife is something special.
And I do understand people very well; in fact, much more than I wish, by necessity. Your average person is frustratingly basic to the point of being extremely annoying on top of boring. I just choose to not pretend and "be nice" anymore, because it just hides reality and doesn't help anyone.
The fact that we have some people designing complex computers or sending people to the moon while others are barely able to cook a meal is largely a testament to that.
You might want to get rid of your ideologies if you believe what I said is controversial or wrong. Most people, by statistical definition, are idiots. Technology just reveals that fact very clearly, it's as simple as that.
Word. When my kids were pre-teens and teens I moved their computers onto Red Hat because I was tired of cleaning spyware off of it when it was a Wintel box. I moved my wife onto a Macbook Pro for the same reason, and she used to do user support for a community college back in the day.
Because with iMessage, it's not about your own security, it's about the security of everybody that you're allowed to message from a given device.
I suspect Apple can significantly cut down on abuse prevention measures just by making it harder to automatically send iMessage spam.
If any random Bluetooth smartwatch was allowed to send those, there's no telling how that capability could be abused, we all know how IoT vendors are with device security.
The adverse consequences are not limited to the end user that made that choice, and few people will subsequently admit culpability for the external consequences of poor choices. Which is to say, people are hypocrites. How surprising. Thus is the boundary of rational individualism identified.
Not all corporations make better choices, however, which motivates a regulatory role. Thus is civilisation identified.
Because the end user aren't computer scientists. End users should have NO capability in determining their own security, since they could LITERALLY BE infants playing with the iPad.
It is the responsibility of the systems designer to make sure the system is secure, not the end user.
And if you require instructions on how to secure your system, then you have already failed. A properly designed system is secure with zero knowledge.
Remember, it takes work to learn anything, and the goal of a tool is to reduce work, not to increase it.
Throw away customization. Throw away configuration. Both of those are bad design principles.
At some point you need to accept that there are sufficient hoops necessary to jump through to disable security that no one would accidentally do it. If you really think that security is so paramount that no level of compromise is acceptable, then
you should be outraged that devs can test their apps on their iPhones.
You should be up in arms at the existence of the App Store that lets you install software written by third parties.
You should be petitioning Apple to remove safari as what could be more insecure that downloading and running arbitrary code from a completely unknown website?
And you should be happy paying $1500 for a function-less, featureless, slab of Titanium with an Apple logo etched on the back, secure in the knowledge that it has no security vulnerabilities whatsoever.
You do understand that “make it work by default” and “customization” are not exclusive, right? you can definitively pick defaults and allow customization for those who want it.
You're right. This is a good reason to restrict this class of drugs. There is a finite usefulness, oh which each person who uses them consumes a tiny little bit.
You can't be serious, right? I don't even want to imagine how many people would accidentally kill themselves or at least seriously damage their health if that was the status quo.
Is that my job to prevent? If someone wants to do the most damaging things possible, to intentionally kill themselves, should I feel entitled to stop it?
People should be free to do stupid things, so long as they don't hurt others (the antibiotics example that another poster gave us a much stronger argument)
This sounds like a libertarian take, in the sense of "libertarians are like housecats - convinced of their own fierce independence but totally dependent on systems they neither control nor understand".
There are prescription drugs with side effects that cause real second-order societal problems (OxyCodone and related opioids are one the come to mind immediately). Amphetamines can cause psychotic behavior (see https://en.wikipedia.org/wiki/Stimulant_psychosis for an accessible read). If the person using and abusing those drugs were isolated from others and couldn't harm them it would be one thing but they usually aren't.
What are the limitations of integrating via notifications? That seems like the user-respecting method. For example, I don't use iMessage or SMS, but WhatsApp.
The attack vector is a 3pt app being compromised - maliciously or otherwise - that logs/collects the messages - i.e, the apps themselves can be a threat vector. To be blunt and honest, I’m not sure I disagree. The notification framework seems like an okay compromise to me. I have used it with my Garmin bike computer and I’m more than happy with the level of integration.
Might be a little bit of both but nothing you said there contradicts the original point--opening up iMessage integration to arbitrary bluetooth connections is a bad idea. It blows open access to all your messages...who knows, maybe even the e2ee keys. Law enforcement would have a brand new frictionless way into all your messages
I don’t think Apple would ever expose the encryption keys to your messages. Nobody would want it anyway: why reimplement the protocol when you actually just want to send and receive messages? And I fail to see why it would be frictionless for law enforcement, as they’d need to have access to your device.
And what happens when the MFi chip is cracked, as it has been before, and Apple has to choose between permanently compromising their ecosystem or disabling support for a bunch of 3rd party peripherals?
A lot of slang comes from street language, so that thought may still be right. :)
It's a decades old word that used to mean trying to one up someone with tough talk, exaggerating, topping someone. That talk would be so high above the others, it would be the cap on top.
Now to have a good story, to have that cap, people could be... flexible with the truth, so eventually, over the years, to cap started to mean that you were telling a tall tale, a lie.
Etymology: like others said, the old version of cap was short for a bullet. And that term most likely comes from “cap guns” which are/were you guys for kids that had a tiny tiny amount of gunpowder/similar so they made a small noise when fired.
So a bit of speculation, but it’s possible that the word cap has inverted twice over the years, from a toy/fake bullet, to a real bullet, and now back to being a synonym for fake, which it originally was.
May I suggest using proper English? I believe part of the reason you are getting downvoted is due to the hat language you are using. Several people, understandably, will not comprehend.
I don't think anybody buys their product for the specific reason that they can not do certain things. Nobody likes the restrictions. People buy a product because there are features (things they can do) that they want, including intangible features like usability (it's easier to make a full system backup on iOS than on Android, for example)
Edit: or maybe I'm wrong. I do know one person who bought a phone because it sucked, because they didn't want to spend as much time glued to the device. It was an Android with a tiny tiny screen, though, because iOS would not be allowed to run on hardware of your choosing due to Apple's restrictions... Either way, I guess there is a market of people who do want to inflict pain upon themselves, but this really does seem like exceedingly niche argument to me. Saying that the restrictions are the reason why their demographic buys their device is just buying into Apple's lies that fund their bottom line
I have recommended devices in the past to family specifically because of the bad/annoying things those devices don't do, so I, as family IT support, don't have to clean up the fallout.
As someone who has found a lot of holes both in design and implementation, which have been reviewed and vetted by excellent people and companies, which have all the appropriate certifications - no thank you.
I understand the benefit of an open ecosystem. Use your web browser, or a third-party app. The tech adopted by the masses needs guard rails and secure defaults.
I hated Apple’s ecosystem growing up, now I think it’s necessary. We can’t trust developers, or companies, that have competing interests to do the right thing.
> I hated Apple’s ecosystem growing up, now I think it’s necessary.
Funny, because the overwhelming majority of people and systems exist outside of it and are doing just fine. This sounds like the sentiment of a crab in a bucket who's feeling quite safe from the sides since it was caught.
> moving a message over BLE to untrusted hardware and worse accepting them back into iMessage is a massive, massive change in the security boundary
Is it? My iPhone replicates messages to my mac from where a process can extract that data, it can capture the screen etc. I can use a mac today to set up a relay that would then send those messages to a smart watch if one would do that.
Yes? Imagine a bug where iMessages are leaked over Bluetooth when a user has installed an application that integrates with some watch brand. Bring this to an airport and you can steal hundreds/thousands of messages from a wide range of people. That’s widely different attack vector than targeting macOS.
That said, I don’t see why Apple can’t provide toolkit/certification that will make it safe to communicate over Bluetooth. They already have it in-place for Apple Watch.
Imagine a bug where the Apple Passwords app leaks over HTTP. Bring this to an airport and you can steal hundreds/thousands of Passwords from a wide range of people.
>The lack of encryption meant an attacker on the same Wi-Fi network as you, like at an airport or coffee shop, could redirect your browser to a look-a-like phishing site to steal your login credentials.
Should be, but BT stacks are super crap and it's hard to truly guarantee that. Pretty sure they do not currently require the highest (actually proper) security level from everyone.
Well they could require a security level for starters and require only secure pairing (the fact that we even have something besides secure pairing should make a few bells ring), but that still leaves a bunch of avenues for an external vendor to fuck up their side of the implementation.
It's a whole another system outside of Apple's control and some mutually agreed upon Bluetooth LE elliptic key does nothing to protect it in its entirety. It still leaves cryptographic mistakes, side-channels and all other vulnerabilities.
Like, what does https:// or transport encryption in general really say about the website's security to you? Not much besides transport, does it?
Now we want to expose more than notification contents over Bluetooth (LE)? Are we sure? It has to be carefully designed.
You have to trust 3rd parties at some point. Apple can make it reasonably secure and let the user decide if 3rd party accessories are worth the potential risk but that option is never exposed.
Really Apple allows HTTPS connections but the same implementation concerns apply there. The web server could publish it's private and session keys to a "status" page and leak enough to make decryption trivial
I think it'd be more honest if they say "we don't want to give users options" (for better or worse) instead of claiming it's security
This whole thread is chockful of thought-terminating cliches, and I say that as someone who grew from a waiter to a developer thanks to Apple and made a lot of these arguments.
I also worked on Android Wear's iOS app for working with iPhones.
The major problem I see now with these excuses, that I'd like to claim wasn't an issue when I was making them circa 2015-2017, is they're cargo cult (a la Apple likes making things that just work) or boogeymen (if they did anything different, a bluetooth connection would be used, unencrypted, sending all your data into the ether).
The watch has been out for 10 years.
Software is software. Where there's a will, there's a way.
It's very, very, very, hard to believe there's 0 way for Apple to ensure an encrypted connection.
Put another way, avoiding the global observations: If it's impossible, why allow watches to be paired at all?
extreme handwaving hand-me-down 6 year old iBook(?) circa 2005 => wow software can be beautiful => hacking on AppleScript => hacking on iPhone OS 1.1.4 decompiled SDK => iPhone 2 with the App Store(tm) => shit, I can make money off this? => dropout => startup => sold it => saw what an acquisition looks like => by the grace of god herself, somehow made it through Google interviews.
(happy to detail more, like everyone, I love talking about myself :P but figured I'd start with the TL;DR, i.e. the App Store + subsequent boom happened at such a time that made it seems reasonable, years later, to dropout, and having 0 responsibility outside restaurant shifts gave me a fulcrum)
> that I'd like to claim wasn't an issue when I was making them circa 2015-2017,
Well, I wouldn't say that the standards for (software) security were anywhere near as high as they are now. It makes sense that our requirements for things change.
> It's very, very, very, hard to believe there's 0 way for Apple to ensure an encrypted connection.
Sure there are ways, but without regulation I struggle to see why should/would Apple ever bother. Nor do I think that a forced way would be held to the same standards as the rest.
> Put another way, avoiding the global observations: If it's impossible, why allow watches to be paired at all?
Yes, but they can actually know it fulfils some security criteria of theirs. Doesn't have fundamentally broken cryptography hidden somewhere, doesn't leak its keys, all that bare minimum is really difficult to guarantee with external unknown implementations.
Might be, but I meant the wearables' stacks. Fundamentally Apple can't ensure much more than a vaguely transport encrypted connection to such a peripheral.
Apple can't (trivially) detect if there's a fatal flaw in the way the other side derives their secrets for example. They can't know if the device doesn't have a backdoor characteristic/API that gives access to the key material. They can't know if that proprietary stack can't be exploited in n+1 ways because it has been written by an underpaid intern.
But if Apple gave access to everything over BLE they would be expected to. At least by most Apple users. Be it a good or a bad thing. It's a rather enormous access vector, if they'd provide feature parity(-ish) with Watch.
Much more sensible would be to make such features available to apps (and by proxy, wearables) with entitlements. But even then it can be just as insecure, just by proxy.
No, the vendor's BT stack would be responsible for broadcasting any responses back to the device -- like, in the article, "send text messages, or perform actions on notifications (like dismissing, muting, replying)"
Do you actually have anything conducive to say, anything specific you'd like to argue against?
Encryption is optional, there are four security levels for BLE, multiple pairing methods, privacy extensions, there are so many ways to mess things up.
I agree with you, but your iPhone forwards SMS messages, but not iMessages, and there's a trust relationship between the devices through Keychain. Still, doing it blindly over BLE is a scary proposition.
Step 1: Have the iPhone pop up saying "do you want <Pebble watch> to be able to send messages?" and let the user decide which devices can send their phone messages.
Step 2: Have the iPhone pop up saying "do you want <Apple watch> to be able to send messages?" and don't just assume "yes"
Both steps would improve security, even if they harm Apple's profits.
Ah, but you see, they need to go to the Apple store and buy an Apple product, then with no clicking at all the app will work.
If they go to a different store, and buy a non-Apple product, that's insecure. What they need to do is return it and go to the Apple store and buy an Apple product. That's secure. Give the money to Apple.
You're being sarcastic, but isn't this all just... correct?
Yes, I do trust the company that developed Secure Enclave more than I trust random BLE firmware in a $49 Alibaba watch.
More importantly -- my great-uncle can trust the same thing, because Apple has spent decades building that trust. Consumers generally should not trust random hardware. Apple is not random hardware.
Google, Samsung, Pebble, Amazon, Microsoft, Sony, etc. have also spent decades building trust and don't build random hardware. But that doesn't matter because Apple locks them all out and insists you remain within their walled garden where it alone profits from you.
If you don't want a future where you have to buy Apple milk to put in your Apple fridge (because the fridge stops refrigerating if you try putting any other brand of milk in it, citing "security issues") -- or worse, you can't get your Amazon fridge in your Apple house because it cites nebulous reasons and refuses to open the door - get out of the reality distortion field and accept that it is in people's interests for one item to work correctly with another, and to call venal vendors on their "oh but it wouldn't work or it wouldn't be secure" bullshit.
That’s not the point, though. Any method by which apple exposes APIs to Samsung, Google, etc:
- requires immense development effort and expansion of security surface area
- STILL offloads trust to Samsung, Google, etc
The hyperbole here is a little hysterical. Apple doesn’t totally lock out third parties. In the smartwatch example, it is a very specific set of features which involved passing data (which users expect to be e2e encrypted!) back to Apple. That’s an extremely hostile security environment! Product tradeoffs would absolutely have to be made in order to support arbitrary third parties! I don’t think it’s fair to just demand that Apple make their product worse without at least exploring the balance.
Anywhere Apple trusts itself is a place where they can trust a third party.
Anywhere Apple wouldn't trust a third party is a place it should not trust itself either.
It doesn't even have to be arbitrary third parties, it can be Apple's chosen third parties. But they'll choose nobody, because they love lock-in too much, and they'll tell the rubes that it can't be done or it's too hard. That's just bullshit, and they know it. They do it to lock out competitors, so they alone can juice their existing users.
The only thing that can open up Apple is regulation -- and as we've seen in with Apple's spiteful attempts at compliance with EU DMA rulings, it makes up arbitrary criteria calculated to maximally lock out and frustrate business rivals. It's like it's trying to come up with a compliance solution that the EU might accept but would result in as few competitors as possible able to actually use it, ideally zero.
> Anywhere Apple trusts itself is a place where they can trust a third party.
This quite literally could not be further from the truth, and to suggest that it is true reflects such a comprehensive misunderstanding of both the fundamental nature of computer security and the practical realities of the world in which we live that it's not really possible to continue the conversation productively
Android handles a couple permissions it doesn't want people turning on accidentally by requiring that the user open the settings app and manually pick which apps to allow from a list. I wonder if that reduces the rate of people enabling things unwisely.
>We have decades of experience that users will blindly click whatever prompts they need to make the app work.
Really, how is Apple protecting you from clicking Allow on a webbrowser if it asks permissions for WebCam and Microphone? I am asking since I do not have a Mac and really want to know how well are Apple users protected compared to Linxu users from web and microphone on browsers.
That's exactly how it works. Apple does the same thing everyone else does. But when Apple does it, it's "secure", and when everyone else does it, it's "insecure". Hope that helps.
Where do you draw the line between allowing functioning adults to make their own choices (even if they are mistakes) and tech paternalism?
Currently we seem stuck in a positive feedback loop where tech becomes more and more paternalistic which creates more and more tech illiterate users which is used to justify even more tech paternalism.
It is convenient that this tech paternalism also happens to align with the profit incentive: Easy to trap people in closed ecosystems this way.
You're getting dumped on here but you're absolutely right. Anyone who has been in software for any amount of time knows this, too. HN is full of software developers--downvoters should know better.
You can put a button in your app that says "Tapping this will drain your bank account and give you cancer" but if it also enables functionality that the user wants, they will tap it.
Sounds like a "make better warning messages" issue.
Most users are not able to root their device due to the number of steps needed and will give up on an app that needs root access. Make it so that you have to do something other than just clicking a warning message to enable using your Pebble then.
Warning messages can be made idiot proof with some thought.
If Apple had their way, they would LOVE to sell you a $2000 aluminum brick with no screen, speakers, microphone, etc., that still required a proprietary cable to charge.
A set of four castors. Like the bottom of a shopping trolley. Yours for $699
Tell your friends! "Each castor costs one hundred and seventy five dollars. It costs four hundred thousand dollars to run this computer... for twelve seconds. Ah ha ha ha ha ha ha!" (https://youtu.be/jHgZh4GV9G0?t=19)
Don't forget that the founder used to work for Apple and used that fact to demonstrate their expertise. Are we sure Humane Pin wasn't Apple testing if this was possible? (I'm joking. Apple already knows the answer)
I absolutely hate these sorts of nagging popups and I’m happy that a vendor I already have to trust doesn’t pop them up when I acquire a new product and sign it into my Apple account.
Imo, if this were to happen, it should happen by allowing devices like the pebble watch to sign into an Apple account and acquire permissions through that process rather than nagging on my phone on pairing.
I think I was pretty clear. You setup your pebble watch via openid connect/oauth like any other API client. No nag popups, manual Bluetooth pairing, etc.
Only if you consider connecting to a single phone. The advantage of what I’m proposing is the watch would automatically work with whichever other Apple devices are on your account.
> moving a message over BLE to untrusted hardware and worse accepting them back into iMessage is a massive, massive change in the security boundary
Anyone can already screenshot iMessages and move them out of the "security boundary"... which btw doesn't exist much, as if you have any Mac connected to your iCloud account then those messages are being synced to an SQLite DB any process running under your user can access.
There are easily hundreds of cases involving some alleged or actual liability that various groups claim Apple to have in relation to this or that feature/product/service/etc.
The point is that Apple has never been successfully sued because someone clicked through a warning. I don't care if someone files a frivolous lawsuit that fails.
I just want to learn about a single such lawsuit, anywhere, that's actually succeeded. I can't find any.
This doesn’t even make sense in relation to my prior comments… as unsuccessful cases also cost Apple, and various other parties, real money. So it seems entirely irrelevant to the point.
But remember, the whole premise of this discussion is that fools can be duped into clicking yes to anything, so scammers can talk your grandmother into granting an application that permission. In one case iPhones must not permit it because Apple cares very much, but in another MacOS permits it because it doesn't matter or something? Either way, Apple can do no wrong!
I don’t think you understand what the security boundary of iMessage is.
People’s phones got compromised by NSO sending images to them via whatsapp that used an exploit in one of the image libraries to run a malware payload. The security boundary isn’t about whether you can see your own messages, it’s whether bad people can root your phone by getting untrusted code to run. That’s a very different proposition if iMessage is a single codebase that they fully own end to end versus it has a plugin ecosystem. Having such a plugin system widens the security boundary by adding a much larger codebase that would require trust.
It doesn't need to be a plugin ecosystem - no third party code needs to run within the iMessage processes/sandboxes/containers. In fact, no third-party code needs to run at all on the phone - all that's needed is to expose an API over BLE that allows previously authorized external devices to query/send messages.
In defense of the "it's security!" position (which is not mine): I think they mean a similar vulnerability could exist on the client side of the API. As in someone sends manipulated media that targets a vulnerability on the third party device, the media gets forwarded through the API, now that compromised third party device does bad things over the API.
Personally, I think that it's really just a convenient third party lockout excuse, but the argument isn't quite as bad as it may seem at first glance.
> People’s phones got compromised by NSO sending images to them via whatsapp
Has this happened on iOS via WhatsApp?
I know Apple's had a view problems with this happening with iMessage, but always been unsure whether third party app sandbox does a good job of containing this?
No, that’s not true. NSO Group already has the means to send people spicy JPEGs all they want. Adding this would not significantly change their capabilities.
> "One reason iMessage is less of a total cesspit than SMS is that the ecosystem is closed"
I don't think that's the main reason. iMessage is available on macOS, so by definition isn't that tightly locked down. Anyone can automate/script the desktop app to try and fire off as many messages as you like.
But of course that won't really work because Apple has security algorithms in the network that detect unusual behaviour. Did that user/device suddenly start to fire off 1000 messages to users they've never contacted before? Activity flagged, user blocked.
There are also functions in the iMessage app itself to block and report unwanted/inappropriate/spam messages. So even low-volume spammers will not get away with it for long.
Besides, in the UK, SMS spam is almost non-existent in my experience. Unlike in some other countries I've visited where it's a huge problem. That's not because the ecosystem is any different - it's because there's strict rules that are actively enforced (see TPS: www.tpsonline.org.uk).
> Besides, in the UK, SMS spam is almost non-existent in my experience.
This is not my experience. Perhaps 3-5 years ago was the peak of SMS spam, but I still regularly (1/week minimum) get one of the various "package delivery" | "tax refund" | "diesel emissions" scam/spam texts.
If your value prop to customers is seamless and secure default behavior, then of course blocking insecure peripherals aligns with your financial interests. This doesn't seem nefarious at all to me.
The post you're replying to meant that it boosts Apple Watch sales because they hobble the functionality of competitors. I think your statement is simply saying that any competitor is insecure. I'd be surprised if that were a widely held view.
Hobbling is a weird way to say that they aren't privileging unknown hardware. Yes, they make their own peripherals work better together. This seems like the only way to do some of what they do, airpods are so good because they use a proprietary standard that is better than bluetooth, using the open standard would be worse.
My point is that it is good that they focus on making their own products work well together, it provides better value than being wide open and trying to work super well with everything. Windows tries to work well with any peripheral, and its a bad experience.
That's not good enough. If you're Apple, and you're worth 3 trillion dollars, you can both do security and behave in a way that isn't anti-competitive. They could interoperate securely. Is it easier to just lock out your competition and use proprietary everything? Yes, duh. It's also blatantly anti-competitive, which is a thing that societally and (arguably) morally is not acceptable.
I hope to read this blog post in an antitrust case from the DOJ one day.
It isn't anti-competitive to not open up your hardware and software security stack to any other OEMs who wander by. You can simply just buy a competitor's product, for less money even.
I recommend reading the Telecommunications Act of 1996, which required all incumbent telephone companies to allow any other company to install equipment in their central offices and buy rights to already laid phone lines at a fixed rate, where all the expense of actually building and laying everything laid entirely with the owner of the central office.
Turns out that (fairly applied) antitrust doesn't care how much it money it costs an incumbent company to begin allowing competitors
This is a goofy argument. Telephone lines are a natural monopoly, cell phones are not. I have no interest in a poorly secured grab bag of bullshit blue-tooth add-ons, and there's no government interest in enabling that.
Whether or not something is anti-competitive has nothing to do with how convenient it is for the incumbent. It may indeed by quite onerous for the incumbent. The bar for anti-competitive behavior is:
- Is this stifling competition?
- Is that harming consumers?
Per the contents of the blog post, yes this is absolutely stifling competition given that Pebble won't be able to provide the same features/experience as the Apple watch. This directly hurts Pebble which prevents them from competing.
As for how much that hurts consumers, the answer is not a clear "yes". The iOS market share is ~60% in the US and I don't think the majority of those folks wear or are interested in wearing any kind of watch, smart or not.
However, if Apple keeps this up they're absolutely going to go the way of Ma Bell https://en.wikipedia.org/wiki/United_States_v._AT%26T_(1982) and the eventual Telecommunication Act of 1996 which forced incumbent providers to interconnect with folks who would ostensibly be their competition.
This is incredibly vaguely defined here. Saying that apple stifles smart watch competition by not actively working to make iphone more interoperable with non apple smart watches is ridiculous. You'd never say that a car company is stiffing competition by making it hard to install a new engine, or mount after market add-ons.
People have such a confusing hate-boner for apple. Just buy an android phone.
The EU tech space is a barren landscape of technological dross pumped out by Siemens and some other big consultancies, so I’m not sure I’d want to apply their terrible laws here.
I mean the results of the lawsuits are it kinda is. You don't have to open it up technologically in the sense that just anyone ole' device can just pair but you should have to give any OEM access that wants to be part of the secure hardware club— they get to use the proprietary bits for interoperability.
Any smart watch vendor should be able to call up Apple and make their own watch which is equally privileged to Apple's. And the requirements to the vendor to do so needs to be not so onerous as to be an effective ban.
If you’re Apple and worth 3 trillion dollars then you can also ship a voice assistant that’s competitive with the 5 year old state of the art. It should be simple. Money can be turned into engineering results with absolutely no trade offs.
As a customer I would like to be able to make that decision. I don't need apple to hold my hand. They could inform me in the app store or when I install the app. Here apple is making that decision for me.
Apple is obviously the vendor for people who like to have their hands held. If you don't like that, make your decision earlier, just don't buy Apple. Worked for me the last decade.
I'm happy for them to hold my hand on commodity electronics. I don't ever want to have to think about how my phone and headphones work. I like to fiddle with computers, but not the stuff I need to run my day to day life.
> As a customer I would like to be able to make that decision.
You can. There are dozens (hundreds?) of phones you can buy that aren’t an iPhone. It’s been well known for nearly 20 years at this point that iPhones are more closed than the competition (of which, again, there is a lot). They are successful because of this, not in spite of it, contrary to internet belief.
I'm not sure I follow? Every company does what is in their own financial interest. Even b-corps and non-profits have to keep an eye on their balance sheets.
The point is that Apple does not actually care about you on the basis of principles. It only cares about you to the extent that it serves its own financial interests.
This is important because Apple could one day decide that caring about you no longer serves its interests. This has already happened with user experience, where even the Settings app now has built-in ads pushing Apple's services. It has also happened with security, where Apple uses its robust security infrastructure to prioritize media company DRM over users' interests.
> Do people expect a computer company to love them individually?
I expect corporations to be honest and sincere, and present the full argument for why they're doing what they're doing. I don't know if "people" in general expect this, but if they don't, then their expectations are too low.
I am quite sure there is no US law which says Apple must build out support for media company DRM. Linux doesn't support it and hasn't been declared illegal.
This is (I guess) not what OP meant. Apple obviously also gains financially from blokcing everything outside of there ecosystem, mainly because the majority of Apple users will only buy Apple hardware.
Obviously, yeah, keeping the hardware a bit more safe also helps, but the main financial gain is definitely not coming from this.
Note that I said seamless AND secure. Having preferential treatment for a limited set of well known hardware makes the experience seamless. I like the secure and easy hand-off between apple devices. I wouldn't want to give up the security to make it work.
Something I learned a while ago is that there's a particular brand of very vocal person online who has a bone to pick with Apple. Sometimes it's for a good reason, sometimes less so, but the point is that they come to discussions of any Apple topic with a conclusion ready in hand and then work backwards from that. In this case the conclusion is, "Apple is wicked, perfidious, and monopolistic."
Truthfully there isn't much you can say to people in that mindset.
Case in point. If the topic was that, then I'd welcome the discussion, but when you simply bring that to every discussion about Apple... it gets old. After all your statement only really needs to be said once for people to understand it, which makes the repetition over the years very grating. "Single issue posters" are generally the least engaging on the internet.
Apple is a poster child for why there should be limits on the power of wealth
Closing your mind to the possibility that Apple is throughly rotton is probably soothing, but the possibility remains that we are right, you are wrong, and each time the conclusion is the same, and correct
Big Tech monopolies sniffle innovation and hord resources
Apple and the like are only worth as much as they are because of intellectual property laws. Without that, you'd have a million iPhone clones (perfect copies, minus the dumb stuff) on the market a few days later and Apple would soon be worthless.
Intellectual property laws is not some natural law of the universe. It only exists because the people (i.e. the general public) want it to exist. They could do away with it on a whim, but choose not to. Which isn't irrational as it may first seem. Their own careers probably rely on the status quo, and their retirement savings no doubt rest on companies like Apple being worth a fortune, so there is a lot of incentive to not rock the boat.
IP laws are not all or nothing. It is possible to have property law that allows the good things (personal property, rewards for innovation) without the bad (market domination, monopoly and oligopoly)
We have not tried, and it is not due to "we the people" it is due to "them our overlords"
Funny enough, the state of intellectual property tends to be much more relaxed where overlords are actually found (e.g. China). It's easy when one guy can make things so. Far less easy when you have millions upon millions of people afraid that any change will impact them personally.
Interesting conclusion given that pro-Apple comments with provably incorrect claims routinely end up at the top of the HN's comment section, this thread included. Information directly refuting those claims often gets downvoted and suppressed. Why is that?
Apple makes a mockery of their own "security promises" for iMessage by not end-to-end encrypting iMessages in iCloud by default. Ridiculous to use that as a justification to prevent users from choosing to send their messages to watches that happen to be made by someone other than Apple.
If the sender or recipient has iCloud backup enabled then by default (i.e. without ADP) Apple can read the entire iMessage conversation. And they routinely do, at the request of law enforcement. Since Apple does not allow default-secure alternative cloud backup solutions to exist, it is almost certain that a large majority of iMessage conversations are compromised in this way (with no notification to sender or recipient).
> Messages in iCloud is end-to-end encrypted when iCloud Backup is disabled. When iCloud Backup is enabled, your backup includes a copy of the Messages in iCloud encryption key to help you recover your data. If you turn off iCloud Backup, a new key is generated on your device to protect future Messages in iCloud. This key is end-to-end encrypted between your devices and isnʼt stored by Apple
And is the backup end-to-end encrypted? No, not by default, as disclosed on the same page. It is encrypted "In transit & on server" with keys stored by Apple, which means Apple can decrypt it. And they do, as mentioned earlier, for purposes other than "to help you recover your data". The non-default Advanced Data Protection feature is required to get end-to-end encryption of the backup.
Note that Google's equivalent Android backup feature has been end-to-end encrypted by default for many, many years. Plus, alternative backup solutions are allowed to exist on Android.
Only letting Apple Watch have this functionality is what is wrong. It's clearly anti-competitive, in my opinion their hand-waving about security is just that.
They could implement something that works for other smartwatch vendors, they haven't because they don't want to.
my Chinese smartwatch can get imessages. It can't send messages, but it can use the AI voice (SIRI) to send messages. It can't delete messages either.
PebbleOS is asking for the ability to respond to messages with reply or user interactions. This is not a security breach. And it won't leak from encryption anymore than it is leaking now.
Counterpoint: SMS is not a spam cesspit in Romania. My phone number is public (company information is public). And I get 1 completely unsolicited messages per month and 1 per week from companies that I bought something from. That's not even enough to get me to try to get rid of those messages.
Just don't make the mistake and give your phone number to any American companies. I did so when starting my current job since I didn't yet have a company phone number, and I suddenly started receiving multiple spam messages daily, which has been going on for years now.
To add: it's not about targeting rich markets, either. I have a number from the Netherlands and Germany and neither gets more than one spam SMS per, eh, year maybe on average? Some years none, some years three or so perhaps? When COVID was new, I also got a few spam calls (as did my family around the same time, so I guess it was briefly a thing), but that seems to have stopped again. I've had the Dutch number for 20 years and it's in public records, so it's not brand new and unknown either
If you don't think that a walled garden locked into an ecosystem of hardware isn't already a cess pool - then I don't know what is.
Hardware should be able to be interoperable. Apple chooses not to, it's in their best interest because they claim "security" and "privacy" for it's users. Security theater for the masses.
I truly don’t understand how these types of comments keep appearing under any discussion of apple’s blatantly anti-competitive behavior with messages. This doesn’t even make sense on technical grounds; it would be trivial to require such message passing to be encrypted/signed securely if that’s your real concern. After all, the Apple Watch does exist and does have these capabilities, so it’s clearly possible to do it and maintain the “security boundaries” you’re so concerned with.
Then every single one of these comments inevitably turn towards spam messages which no longer even makes sense since iMessage has been filled with spam lately. I really don’t see how allowing smartwatch manufacturers to also interface with iMessage (in the same way Apple Watches do) will inevitably increase spam on the platform which can’t be detected/mitigated in other ways.
I’d love to see some technically rigorous explanation for why apple can’t support any third-party anything instead of hand wringing about “security” with no real explanation but I have a feeling I’ll be waiting a long time.
It’s not just the transmission over Bluetooth. It’s the entirety of what happens with the message. Apple fully controls and trusts the code that’s running on the apple watch. But they have no control over what third parties do with all the data they can collect in notifications.
Bluetooth devices on iOS that display notifications already are getting more information than normal by simply even reading all notifications. Normal apps on iOS can’t do that, they have no reason to. This api was added because smart watches kinda need that functionality to be useful. I think it’s still locked behind a “this device will see all your stuff” permissions box.
I do think they should add in more iMessage/sms/replying capabilities to smart watches though. I think they are extremely hesitant to make it even easier to automate iMessages. iMessage spam is definitely increasing, but it’s NOT as prevalent as normal sms spam for instance. The barriers are much higher, and Apple can basically blacklist devices/appleIDs that send out too much spam, partly because they’ve kept iMessage so locked down.
Again there is no technical rigor behind these notions. Video providers didn’t like the idea of untrusted HDMI devices scraping video from DRM protected content so they came up with HDCP, which allows anyone to develop and certify solutions as trusted software/hardware. There’s no reason apple can’t do something similar, it doesn’t have to be completely open vs. completely closed. There are always alternative solutions to the problems that people think apple’s walled garden approach is solving; which makes it clear what the real purpose is.
True. But why? Why should Apple spend a bunch of money hardware certifying, and adding liability? There was a compelling reason to add HDCP -- content makers required it, and had criminal penalties as threats to go after infringement.
Apple doesn't need outside ecosystem builders here; what is the business reason for them to add process expense, risk, and possibly incorporate timelines from other vendors into their supply chain?
As the many comments in this thread indicate, lots of people seem to feel Apple "owes it" to the world to open up. Happily, there is a (more) open ecosystem available with Android for people who value that. I don't think the tradeoffs Apple makes are perfect for me as a consumer, but I prefer them to the Android tradeoffs, and I can always switch when I like.
I actually agree with that completely. I just want it to be clear that this is a conscious business decision that apple is making and not the result of technical challenges. I think the distinction is important because I don’t love the tradeoffs apple chose to make, but I continue to buy an iPhone because at the end of the day my phone is mostly about being social and it’s a frustrating experience trying to communicate with friends and family who all have iPhones which make interoperability with other messaging ecosystems frustrating. If iPhone RCS support worked as well as native messaging I’d switch to an android in a heartbeat.
I get the security concerns, and you're right - opening up iMessage integration to third-party devices would require a serious rethink of Apple's security model. But at what point does -security- become a convenient excuse for anti-competitive behavior?
And I'll be the contra to your take: the iMessage ecosystem is so closed that everyone without iphones can barely even interact via sms with iphone users. This is overall such a huge problem that it makes the closed ecosystem security solution not a practical solution
Nope, SMS works. Just fine. Apple rightly warns you that you are in a lower security environment by adding a bit of visual friction. This is true EVEN IF you are using RCS, because European laws require termination and inspection when RCS messages “interoperate” and are sent to other providers.
I want to say thank you for writing this. 100% same opinion. I've stuck with Apple - despite their downsides - specifically for their zeal in areas like this.
My phone works, I'm glad it blocks others from integrating because I need it to always just work. That's why I still have an iPhone over all the often paper superior alternatives.
I wouldn't trust most hardware vendors with my wifi password, let alone access to my phone's messages. Hardware vendors have shown time and time again that they don't care about privacy or security. All they care about is shipping their widget and getting you to buy it, and to do that, they will cut corners, ship defective firmware, use easily guessed default passwords, and turn a blind eye to abuse.
As a hardware vendor, you'd achieve "trusted" status by having a decades-long track record of not doing these things.
The idea that device pairing can and must only be secured at hardware level is a fallacy whose goal is to ensure that only apple products work well with apple products.
For the spam example, nothing prevents apple from offering a ble api with auth that ensures that only devices manually paired by the user access it.
As for automating spam... when we’re discussing ble, we’re talking about a device a few meters away from your phone. What are spammers going to do, send a jogger right behind you that spams you after somehow hacking apple’s auth system?!
I don't know much about ios. But in macos there are ways to access imessage chat logs or send imessages programmatically. You can create an applescript and do all sorts of stuff. So while I do get that giving this sort of access to an app on your iphone should at least be done through explicit intentful consent from the user, I do not see the impossibility in it. And the fact that there is all this crapp around should not make it impossible for us to have good things, either.
>I do not believe vendors integrating with such a thing can do it safely, or even that all vendors integrating are good actors.
Well, Apple will sure make sure the hard task is impossible. That's where the fault lies. It can be a bit tiring hearing security used as a smokescreen to maintain a monopolistic structure over uhh... green bubbles?
Do you have a problem with SMS spam? I can't remember the last time I got a spam SMS message, and I had my phone number on public on my personal website for a number of years.
So sick of this strawman dialectic from the apple-brained, where the alternative to the walled garden is the worst possible implementation of an open standard.
Firefox is also frequently criticized for not implementing certain APIs because of security concerns. There was a post on this site just the other day about their lack of support for WebUSB for exactly this reason
It's not unique to Apple. And we should take security seriously. To people who are technically literate and think they can navigate security risks it's not a big deal but people's entire lives are frequently turned upside down by scams and security loopholes
The main difference is that with Firefox no one can use the API. Apple seems to be happy to implement APIs... but only their own products can use them.
Like with headphones. Only AirPods and Beats (owned by Apple) headphones can use their proprietary extensions on top of Bluetooth for improved pairing or better headset-mode quality. Then they removed the jack to wipe out the rest.
It doesn't have to be the worst possible implementation to be less desirable than the walled garden for me. I get so much spam in whatsapp, groupMe, telegram, and from sms. Some of it is even from legitimate contacts but then they signed up for something or did something and it sends one of those stupid "join me on {thing}" messages. The only place I don't get spam is imessage
I get spam on iMessage, and you can continue to live in the walled garden, nobody wants to force you to buy a third party watch, they just want third party devices to have the same API access as the first party device.
It's not a straw man argument, it is the argument.
An average user can't dive into the bluetooth driver code and figure out where in the 4000 page spec something deviates and is now a security issue. So we have to assume the worst.
Having an open standard doesn't mean every implementer will do so in good faith and using best practices, the consumer still ultimately has to make a choice about which product they use, and can continue to use apple's solution if they trust in apple to securely implement the spec. The insane strawman you're proposing is that the choice is between a single blessed solution from Apple that's infallible, and a wild west where the only way for a consumer to be safe is to personally audit their device against a 4000 page specification document. Absurd! We use devices and software every day that implement open standards and while issues do arise in particular implementations, they do with no more frequency than issues are discovered in proprietary solutions and standards.
Go look at the CVE's for iMessage, plurality of RCE's on apple devices in the last decade is Apple's iMessage implementation, and it's their own protocol! And almost all of the rest are apple's implementation of the open web standards!
There are maybe three tech companies in the US that have large security groups dealing with persistent threat actors. Apple is one of them. Google is another.
Even with that (large) Apple security group, iMessage is difficult to lock down properly, as you note. However, I think that the cost of 0 day subscriptions for iOS vs Android tell a pretty good story: iOS zero day subscriptions sold to intelligence agencies/governments cost roughly $1mm / seat (phone compromised). Android -- $10k.
There are many many decisions along the way that end up with that raw 100x additional cost for iOS security breaches -- value Apple delivers to its customers when they purchase iOS products.
You cannot pick and choose from the outside and know which of your preferred opening-up implementations would impact that cost. My argument is that opening this up is one of likely hundreds of possible decisions that would contribute to lowering that cost of exploit.
You are just wrong about 0-day values, e.g. exploit vendor crowdfense's publicly offered rewards for mobile 0-days:
SMS/MMS Full Chain Zero Click: from 7 to 9 M USD
Android Zero Click Full Chain: 5 M USD
iOS Zero Click Full Chain: from 5 to 7 M USD
iOS (RCE + SBX): 3,5 M USD
Chrome (RCE + LPE): from 2 to 3 M USDD
Safari (RCE + LPE): from 2,5 to 3,5 M USD
And "large" tech companies despite having "large" security teams (and "large" scope!) are far from the only ones competent at securing devices/software against PTA. Node.js, linux, bsd's, bitcoin, RoR, firefox, curl, etc. etc. There are dozens of open source projects with 0-day values in excess of 7 figures, (and plenty of private enterprises too!) and apple and google are not in any way specially equipped (or better than others) at dealing with the most dangerous PTA's in the world just because they have the largest armies of overpaid EE/CS grads.
I’m past the edit window unfortunately: you’re completely right as far as I can tell.
NSO leaked pricing has not historically differentiated Android or iPhone. I’m not sure where I heard those numbers, but thanks for the correction.
Tiny tiny nit - paying the same for an exploit doesn’t mean you’ll charge the same, but in this case it looks like the value and price structures are what you describe. Sorry!
Slightly less small nit - securing hardware, os and cloud inside some security perimeter model is a lot harder than securing, say, the bitcoin client. So point taken - and, it’s hard at scale, not easy.
Apple is fine with any customer retention benefits from security and I don’t agree (with the article author) that they are merely pretending their strategy is primarily focused on security
Yet another example of security without consideration for user experience and freedom. Information security is a careful balance between not using technology at all and getting things done using technology. Sometimes you have to wonder if heavy-handed solutions like this actually helps maintain this balance for users, or just serves to ensure a company's bottom line.
This is the line of reasoning that has resulted in me being unable to sign up with a shocking amount of house rental companies, thanks to Play Integrity on the android side of the coin. Does it improve security for me? I would argue it doesn't, as it would force me to use unpatched versions of Android. If it's not serving the user, who is it for?
Nonsense, you can set up your phone such that it shares messages with other devices. If users don't know what that means for security, then tell them. But don't act like it's in their interest to never use devices from other brands.
Some anecdata. I get a few dozen spam SMSs in any given month, as well as some spam phone calls (varies a lot by month - sometimes only 1-2, sometimes 20+). I have received a total of 2 spam iMessages (I remember them because they’re notable to exist), and 0 spam FaceTime audio calls, and I’ve had this phone number associated with iMessage since it was first released.
Regardless of the reason, there is substantially (many orders of magnitude) less spam on Apple’s networks, at least for me, when compared to SMS/RCS/telephony.
I'm not debating the amount of spam but rather GP's claim that iMessage is hard to automate.
I showed that iMessage is trivial to automate and since you both claim that the amount of spam on the platform is very low, we can conclude that ease of automation isn't an important factor when it comes to iMessage spam.
Unless someone decides to move the goalposts we should therefore be in full agreement that Pebble being allowed to integrate with iMessage wouldn't have any appreciable effect on the amount of spam in the network.
It is definitely harder to automate than SMS. Very large companies exist only to provide API-backed support for automated SMS.
In contrast you need to hook into Apple APIs / scripting / sqlite databases on trusted apple hardware in order to automate iMessage.
You imagine "Pebble" as one company and say "how hard can it be to turn this on?" As I said in the original comment, it's not that it's hard, it's that it can only be turned on for everyone and that will create a security issue that WILL have a substantial impact on the ecosystem. I didn't say, but believe it to be true that the alternative -- a vendor security assessment program covering software, hardware, architecture and cloud security is not worth Apple's time or money to do. I don't think they have any business reason to do so.
Can you stop moving the goalposts? There's a ready-to-go open source solution for MacOS [1] that exposes a REST API [2] for interacting with iMessage which allows automation and the sky hasn't fallen like you predicted it would. Professional spammers would no doubt be way ahead in capabilities.
Relying on clients to stop spam would break just about every security design principle so that could never be the primary spam filtering mechanism. Indeed, if you search Github, you'll find evidence of this [3].
Allowing a third party gadget to talk to an iPhone to send messages isn't going to open the floodgates to spam any more than they already are, for what I think are pretty obvious reasons. Anyone who could exploit those integrations can already exploit current APIs with exactly the same limitations.
> In contrast you need to hook into Apple APIs / scripting / sqlite databases on trusted apple hardware in order to automate iMessage.
And that wouldn't change, you would still need to pair a real iPhone to your fake "spammer edition" Pebble, and then your Apple ID and iPhone would quickly get banned. Presumably just like it does now if you abuse [1][2], otherwise that's just bad design.
It's frankly ridiculous that this is even being suggested on a "hacker" forum with nothing but wishy-washy qualifiers about how easy or "hard" it would be.
Bluebubbles requires running Mac hardware, or a Mac virtual machine, which if run on non-Apple hardware violates Apples ToS. You may not care about that but enterprises certainly do.
This is worlds away from twilio which will provide you with orders of magnitude more throughout and deliver it with SLAs.
And unless you imagine Apple will hardware certify pebbles, how does Apple determine the BLE endpoint is actually a Pebble? If you have a way to ensure that without a key registry and TEE controlled by Apple, congratulations — Turing award is incoming.
Upshot: You’re a hacker on a hacker forum - cool. Sending one to ten programmatic iMessages in a hack is easy for you. But you may not have all the experience necessary to opine on how that compares to accessing an enterprise grade hyperscale sms messaging solution: building those is challenging, the companies that do a good job are worth billions of dollars and they exist solely to allow bulk SMS. To think blue bubbles somehow dunks on the idea that these economies of scale don’t matter isn’t correct in my opinion.
We're not discussing whether spamming SMS is easier - of course it is and I don't know why you keep returning to this relative comparison.
We're discussing whether authorizing third party smart watches to send messages via your iPhone would make it easy for spammers to send iMessage spam. Not just easy, but easier than it is right now using Bluebubbles' approach. Both require physical hardware, an Apple ID, and both are subject to the same server-side spam protection.
That's a very specific claim which you made and you haven't provided any supporting evidence for it, nor a coherent explanation.
> Sending one to ten programmatic iMessages in a hack is easy for you. But you may not have all the experience necessary to opine on how that compares to accessing an enterprise grade hyperscale sms messaging solution
I think if you dig deeper into this train of thought you'll get to the point that I'm making. Having relatively restricted API access to send a handful of iMessages from a 3rd party watch via your own physical iPhone will not enable mass-spam like you claimed it would.
Scaling an iMessage spam operation would be hard not because the client side is completely locked down (which it can never be, see the concept of "analog hole" [1]), but because server-side rate limits and user spam reports are the primary mechanism that keeps spam under control.
[1] This could be an ESP32 pretending to be a keyboard/mouse device that automatically navigates through iMessage UI on an iPhone to send messages just like a user would.
Many comments deep now but I think my original point was that this would change the security boundary, which I still believe, and that changing the security boundary is net negative for Apple users which I also still believe.
You’re saying there a logical gap between opening up a radio based endpoint on an iPhone and allowing more spam in the system, or at least there’s no reason to think that it would be a different order of magnitude than blue bubbles.
I want badly to agree with you, at least enough to stop bike shedding about it. So let me try: Some possible implementations of opening up sms probably don’t add easier volume and programmatic sms options for developers. If you’re happy with that then we’re in agreement.
I think the main ‘easiest path’ implementation would increase spam though - turning on an iOS app’s ability to directly programmatically interact with messages on device and send and receive them over a radio would allow for simpler automates message parsing, creation and distribution; Apple is clearly not interested in this being a feature available to App Store developers. And Apple would then be in the position of having to do some sort of bound to fail static analysis to prove the messages aren’t being sent out to an IP endpoint at some point, or including requests from some endpoint. And this is both because of the extension of the hardware security circle and because of the necessary feature of having a human out of the loop in iMessage actions.
I propose that this would increase spam on iMessage in that case. It would allow an app maker to use sms without human in the loop, essentially, extending notification to sms without humans opting in.
Either way I think that’s probably what I need as imagining, admittedly a bit vaguely in my initial reference. Appreciate the back and forth.
> One reason iMessage is less of a total cesspit than SMS is that the ecosystem is closed, and makes automation difficult.
Is this really true? I receive a lot of iMessage (not SMS) spam on iOS devices too. In fact for me I see more spam purely on iMessage than SMS. It wasn’t like that in the past, but my point is even closed systems can be abused.
I think you just don't understand the point. I don't care for choosing between 15 different brands making differently colored RAM either when it's all the same standardized thing, but you bet we're in a lot of trouble when it's only one brand at all. Competition isn't always "technically pure" and "elegant" or meaningful.
I have a very capable smartwatch and it's ridiculously bad how hobbled it is on iOS. I'm glad to see this article specifically highlight the issues, and how it's 100% Apple's intention to make non-Apple wearables on iOS terrible.
I too have a very capable smartwatch (fitness watch - Garmin Fenix) and it's remarkable how different my experience with messages and actions are relative to the experience of Garmin users with Apple phones.
Garmin Connect always runs in the background on my Android phone, watching for notifications, pulling data from and pushing data to Garmin servers on my behalf even when I'm not using the app. It's third-party, but it's reasonably well-written and doesn't nuke my phone battery or data plan - Android doesn't need to protect me or their reputation from Garmin. I can always check the weather or look at my daily workouts or whatever on my watch and trust that it's recently been upodated by the phone app phone. Garmin users with Apple phones complain that "Garmin doesn't work" after every iOS update that further hobbles the Garmin background service.
I get text notifications on my watch for any Android apps that provide notifications, and relevant ones (like text messages, whether SMS or RCS) provide an option to reply from the watch. I tap the top right button on the watch and scroll to "OK" or "Thanks" or "Can't talk right now" or whatever one of a half dozen canned responses covers 90% of my needs in this mode, and don't have to dig my phone out of my backpack or otherwise interact. Emails, calendar appointments, clock stuff, music controls, etc. all work over the watch. It's just as privileged as the phone, I'm not concerned about my Garmin intruding on my privacy as protected by Android, I wear the watch 24/7 and it has more data on me than the phone!
> watching for notifications, pulling data from and pushing data to Garmin servers on my behalf even when I'm not using the app. It's third-party, but it's reasonably well-written and doesn't nuke my phone battery or data plan
> get text notifications on my watch for any [...] apps that provide notifications, and relevant ones (like text messages, whether SMS or RCS [or iMessage])
I get this behaviour on iOS+Garmin, and can both see notification text (even when phone is locked and notification content hidden on lock screen) + can dismiss notifications just fine with "Clear" action (both points noted in the article as not being possible)
Fair enough though, I just can't reply or take a specific action in actionable notifications.
Media play pause next prev work as well, and calendars are all viewable too.
Widgets that use the phone+app as proxy for network access also just work (e.g weather refreshes, or I have a Home Assistant widget which hits my self-hosted instance just fine)
Apart from replying I don't have a hobbled experience at all.
The Garmin experience on iOS is noticeably inferior for me.
On android, you can turn off forwarding notifications to the watch on a per-app basis, so for example I can have youtube put notifications into the android notification center, but not the watch.
On iOS, you can't configure which apps forward notifications to a garmin watch. You only get all or nothing. Apple watch can do this just fine.
Is that not an issue for you? Do you not feel hobbled by that?
I can understand someone would want that level of granularity.
Personally if I don't want it on my watch I also don't want it on my phone, so I simply disable all notifications at the app level.
That said, I seem to remember the trick on iOS is to remove one of the notification alert types (can't recall if it's "lock screen" or "notification centre" or "banner") and then it shows up on the phone but not the watch.
Don't forget the classic "Oh, that 3rd party app/feature is so popular, I bet we could build a identical/slightly less useful thing ourselves so people don't have to use other things than Apple software ever"
Conveniently, Apple's App Store Review Guidelines also include several rules that restrict apps from duplicating features that the OS already provides.
So if they detect a trend early enough, they implement it as first-party feature, dry out the existing competitors while restricting new competitors to enter based on the App Store Review...
I’m pretty sure this rule is only there to stop the hundreds of “flashlight” apps that used to exist. (Although, they appear to still exist) There isn’t tons of innovation or competition in “flashlight app” other than adding advertisements. There used to be a bunch of them that would only get popular out of necessity. The ones I’m seeing now in the App Store do seem to have non-default behaviors like “strobe light” at least, so they aren’t true clones of native functionality.
Apple isn’t using that rule to take down alternate weather apps, despite them having their own native weather app. There’s still plenty of QR code scanning apps, despite that being built into default camera app.
Flashlight apps were a 3rd party innovation. Apple didn't originally realize that the camera's light could be used that way. I wonder how many other useful features don't exist today because of Apple/Google's greed prevent a truly free smartphone market.
So what? Why not let there be flashlight apps if users find them useful? Apple doesn't have to recommend them in the app store and can sort them to the bottom of search results page. But why can't the exist. If people don't want them they will choose not to install them.
I'm fairly sure "Only high quality apps should be available to users" was said more than once when the Apple AppStore first launched (together with the second or third iPhone I think?). Apple isn't really into the whole "users can choose what's best" thing, which once you understand this, a lot of their choices become understandable (albeit shitty none the less).
And yet Apple has shown many times a willingness to use vague language of their rules to block apps they don't want. Past behavior can't predict future behavior.
"Apps that copy basic iPhone or iPad functionality (including but not limited to its UI, gestures, core features) will be rejected unless the app provides a clearly different purpose or adds unique functionality."
Note the "basic" line. And there are plenty of Photos, Notes, Streaming etc apps so not seeing where this is being used to exclude competitors.
Do you think Apple will describe how they’re using this to prevent competition in their guidelines? You’ll need to read third party developers’ accounts for that.
I've never understood this Apple criticism (scherlocking). Someone built a search for your files, so it's not right for Apple to build a pretty key feature into the OS?
There's a lot of fair criticisms of Apple, but they don't have to be absolutely first at everything or never enter the market.
The key criticism is the final step. They don't only duplicate the functionality. They then ban the original implementation from their stores because it can create "customer confusion".
Not explicitly (because that might be too openly anti-competitive even for Apple) but Apple refused to allow f.lux into the App Store, and it had to be sideloaded - and Apple leaned on them to stop offering that.
When Apple did offer Night Shift in iOS 9.3 it made the APIs to do this Apple-only, for ... reasons. As of today, no non-Apple app can modify color temperature of the display.
> Sure, it uses private APIs, but thousands of popular projects on Github (like game simulators) or that Apple TV web browser project all use private APIs and they are just fine.
> The issue is F.lux for iOS is not a true source-available download. It includes a full app bundle with pre-compiled binary (which in a nutshell, is an extracted .IPA file) packed within Xcode to utilize Apple's new free signing policy.
> And to making things worse, the same F.lux Xcode project does not only allow side loading F.lux itself, but also any unsigned IPA file. The only thing a user needs is to extract an unsigned IPA and drag all resources into the project. This allows pirates to install any stolen app, without the need to buy a developer certificate. I have tested and believe this is the true reason for F.lux project being pulled.
Not allowing third party apps to adjust screen colors seems like a reasonable security boundary to me. For the most part when you close an app on iOS, it gets closed. It doesnt get to keep changing system settings in the background. Would be awful if in addition to notifications, apps also got to adjust your colors.
Screen tinting like that is exactly the kind of thing that should be an OS-feature, not an app feature.
They are similarly quite restrictive on MacOS, with some system-impacting features being locked behind “accessibility” permissions. So that arbitrary apps can’t interact with other apps unless they are actually doing something that needs it like “being a screen reader”.
iOS doesn’t have the same sort of permissions. Apps can’t take over interactions with other apps, or change display settings, etc. This is a security boundary. And changing that specifically for “changing screen colors” seems unnecessary to me.
For context, as a software developer and Mac OS user who also happens to daily drive a screen reader, I seriously doubt whether you could implement a third-party SR on that platform.
It seems that third-party software, even software with accessibility permissions, doesn't work on password screens (and probably in a few other similarly-secure places), and you need those to be accessible. Not to mention weird places like system recovery, which (for very obvious and understandable reasons) does not allow 3rd-party software at all.
I guess you could use a third-party SR for most of your system and then toggle VoiceOver on when accessing the secure parts, but that would get very annoying very quickly.
There's also no 3rd-party access to some speech-related features, like the higher-quality neural Siri voices. You'd also need APIs for things like automatically being informed of incoming system notifications to read them as they come in (which the first-party VoiceOver does), and those don't seem to be available at all.
In Apple nomenclature, a private API is an API that your app is technically allowed to call, but that is subject to change at any moment and has 0 documentation and no backwards compatibility guarantees. If Apps were allowed to rely on those, they could just stop working across minor version upgrades or on new devices.
Those APIs are only there because they're needed by some higher-level system library that your app is actually allowed to use.
Sure, you could have all libraries be simple shims, all calls be interprocess, and all security be guaranteed by process boundaries, but that would kill performance.
If you only accept signed code and have W^X protections that apps aren't allowed to disable, this way is simpler, faster and just as secure.
No, all security-sensitive API surface requires being on the other side of a process boundary (and checks on who is allowed to talk to it). “Signed code” is not a thing given that you can just ship an app that can do anything and have its behavior change at runtime (that’s what an interpreter is!)
While this is true, many, many apps use private APIs. Even apps that don’t need them. One common use case is prevent an app from being debugged or run on certain devices - you can achieve that through private APIs.
Even innocuous apps like a calculator can, and do, use them for that purpose.
Almost every major third party app is using some private API or the other. There is even an internal list that Apple keeps of apps that are allowed to do. It’s quite trivial to bypass the App Store checks (which are quite bad and sometimes even flag legitimate use of system APIs).
The issue is that they don’t compete on equal footing, because they integrate whatever functionality they adapt with OS features and/or first-party apps in a way that third-party apps can’t. That’s anti-competitive and increases their moat.
It’s not exactly a new thing, either. Even back in the 80s and 90s, many times Apple either implemented obvious-in-retrospect functionality from popular freeware/shareware themselves or bought up the shareware and rolled it in.
This is also one of the things that makes a big difference between Windows and macOS when getting a new install/machine set up to basic usability. With the former, before I can get anything done there’s a whole laundry list of things that need to be installed and removed (which admittedly is now easier now that winget comes preinstalled), while that list is much shorter on a Mac. For me personally getting through that phase takes at least 3-4x longer under Windows.
If necessary, you can even retroactively ban the competitor's app from the App Store that you control.
As pretext, you can say the competitor's app is doing something now considered insecure or not privacy-respecting, or is not compliant with some new user experience or quality curation that you do.
I mean it’s also a lot more work to add all the features Pebble would need so it could simply be they don’t think it’s worth it (and it probably isn’t, given all the other broken stuff they need to fix).
it's pretty frustrating how "apple people" just don't care that it's apples fault. i routinely hear my wife mutter "i hate google so much!" when a google maps integration is being intentionally hobbled to keep her using apple maps. or when she has trouble managing rcs conversations because somebody in our social world has the gall to be on an android phone.
I am aware that apple blocks certain functionality to maintain a cohesive and secure experience. It is THE reason I buy their products, I want the curation. Otherwise I'd buy an android device.
> I am aware that apple blocks certain functionality to maintain a cohesive and secure experience.
The argument is that they don't do it to maintain a secure experience but to stop competitors having feature parity with their products.
Personally, I find it annoying that my Garmin watch cannot reply to text messages on my iPhone.
I also find it annoying that my iPhone nags me to cut access to my watch to stop it getting weather updates. It doesn't even nag me the once but repeatedly.
It would be one thing if Apple even competed on features with Garmin but they don't.
That's their justification. I never had security problems on Android, and I actually find Android to be more cohesive. Just a few things where iOS is uncohesive to me: You can customize the keyboard, but it will not work everywhere the same. Apps will send you randomly through hoops to click some permissions things in settings. App settings are sometimes centralized, sometimes in the app. There is no single way to "back" to the previous screen.
I actually switched to an iPhone some time ago and was expecting it to be like you said. But I was shocked that iOS is actually less coherent and a mess in some places, and the App store could be curated better. To be honest the reason I still use it is because the hardware is really good and because it is pretty.
That's all well and good. Opting into that knowingly is a reasonable decision. Hopefully knowing you've opted into that you aren't then cursing Google when they don't support some functionality blocked by Apple, or when RCS is poorly supported, but instead recognizing this as a trade-off you made opting into the Apple closed garden.
The reason Apple Maps even exists is because Google intentionally crippled their Maps app on iPhone in order to benefit their own OS.
The reason Google loves RCS is because they spectacularly failed 4 or 5 times at introducing their own iMessage competitors.
Competing companies often act in their best interests. And both Google and Apple offer OS’s which have very different value systems. I think that’s good for consumers. If I want open (and all the pros and cons that come with that) I can buy an Android phone. If I want closed (and the pros and cons that come with that) I can buy Apple. If they Apple starts to open up a bit and Google locks things down a bit we get the worst of both worlds and no true options.
The "closed" approach is way better when it involves guardrails rather than handcuffs. Pixels offer guardrails; they're just as secure as iPhones but offer a lot more freedom to power users. Android is a lot more than just Pixels though and some of the other OEMs don't provide security updates quite as timely, creating a bad reputation
I’m not sure I agree. I’ve seen tech illiterate family members screw up Pixels and Samsung devices in the same way they screwed up Windows systems in the past. Even the most tech illiterate family members have done nothing bad to their iPhones. In fact I know one that was still using an iPhone 7 until last year and it was very functional. Two year old top of the line Samsung phones are crawling after two years. All anecdotal of course.
It does work. As I said, I had to go through it with a family member a few months ago. It's hardly Apple's problem if a user forgets their password AND email address.
I don't expect Apple to get someone back into an account they've forgotten everything about, but you shouldn't need to do that just to download a free app. Grandma already knows her passcode, that should be enough.
There are like 10 grandmas in my extended family (in-laws etc), none of them know their Apple ID passwords, none have recovery contacts. They probably forgot because it never asks for that password except when they want to download a free app, cause for some reason that's a highly sensitive thing.
i had the same problem with this behavior from google as i do from apple. i would be just as critical of google zealots blaming apple for google shortcomings as i am for apple zealots blaming google for apple shortcomings.
this is definitely an apple culture thing though. it's such a clear product choice to get apple users to pressure their friends into buying apple products.
RCS on iPhone just sucks though. All I have is anecdotal evidence, but it feels like I only get late or out-of-order delivery from iPhones.
Plus iMessage doesn't allow you to send RCS messages from your laptop, whereas it's easy to do that with Google messages. That makes people with iPhones think RCS is worse than it really is. It's just iMessage that's intentionally hobbled. Not to mention the hostile UI decisions made by Apple, which seems to be the main knock against anything non-blue.
Arguably, that's more to do with the standard and Google's proprietary extensions. The colors thing has been discussed ad nauseum. SMS messages have been green from day one - see https://youtu.be/G8d7E26WLsY?t=1723. If colors were reversed, there'd be the same complaints. If the difference between iMessage and SMS were highlighted any other way, there'd be complaints too.
The standards issue is only relevant to E2EE. It has no bearing on the usability issues here. The E2EE issues should be fixed soon according to Apple. I'd bet a good amount of money the usability issues will remain.
The white-on-acid-green color combination would not make it through any accessibility review. It's literally impossible for a lot of color-impaired people to see, and objectively unpleasant otherwise.
Apple gets plenty of complaints about it. Just look at the Apple forums. Their literal advice to fix it is "make your friends buy an iPhone".
> It's literally impossible for a lot of color-impaired people to see
What form of color blindness doesn't let people differentiate between levels of brightness? I checked a couple color blindness simulators and it appears legible.
Heck, white on light green appears to be used in articles about good design for color blind accessibility without any indication that it there's anything wrong with it.
As someone with strong deuteranopia (I struggle to differentiate shades of green and darker bluey-reds), I am extremely sceptical about that claim too. For what it's worth, I've never had a problem reading the white-on-green bubbles in Messages. I do agree that a contrast closer to WCAG's recommendation would be better (currently 2:1, recommendation is ~4.5:1), but this is a diversion. The point I was making is that no matter what Apple does here, there is visible differentiation, and people will complain about it.
Google provides a client and infrastructure, which they sell to carriers and which has a number of proprietary extensions, including E2EE if the message is Google to Google. If a carrier does not provide Universal Profile, Google provides it. If you send a message using Google Messages, it may default to Google's profile, which is not open and only available to Google Messages users, which is arguably no different to iMessage. Apple provides an RCS client which relies on carrier infrastructure. If there is no compatible profile AIUI, it falls back to MMS or fails.
My personal stance on this is that while I’m open to making iOS, etc more flexible, it needs to be done in a way that cleanly avoids the whole “grandma accidentally installed a pile of browser toolbars yet again” problem. I’m confident I can manage added flexibility myself but there’s a very real need for a truly foolproof, social-engineering-resistant option to point friends and family without such aptitudes toward.
perhaps i'm out of date! this may have resolved with the recent increased support of rcs and i maybe haven't heard this complaint lately, it's worth checking into again.
I don't like that iMessage = lock-in, but everyone else needs to make a better standard first. We got cross-platform encrypted covid chat before we got this. RCS has an FBI "do not use" warning on it because there's no E2EE. And the reason people don't want green bubbles is cause they always screw up the group chat.
The ONLY answer is antitrust action from every major government.
The trillion dollar companies are so massive that they are impinging upon every category of business that touches them. And they're so massive that their sinnew and tendrils touch everything under the sun.
Mobile computing is de-facto owned by two companies. It's owned, tightly controlled like an authoritarian government, and heavily taxed. Compared with the (formerly?) open web and desktop of the 90's - 10's, we've wound up in a computing universe where we're all serfs.
We're in a stagnant world where platforms don't evolve because that's where the moats lie.
Google, Apple, Amazon, and Meta desperately need to be broken up into multiple subsidiary companies. It'll oxygenate the entire tech sector and unlock pent up, unrealized value for the shareholders of these equities.
The reason we seldom see centicorn startups or blockbuster tech IPOs is because FAANG (or whatever we call it nowadays) has a dragnet where they can snuff out the markets of new upstarts or M&A on the cheap.
It costs nothing for Amazon to become Hollywood, buy James Bond and Lord of the Rings, become a primary care doctor, become a grocery store, and cross-sell all of these highly unrelated products on prime advertising real estate. It's essentially free for them to put ads at the top of the Amazon store and emblazen it on their delivery trucks and boxes. The old media, which were once healthy competitors, have to spend hundreds of millions to reach the same eyeballs.
We've wound up with Standard Oil 2.0 and it's deeply damaging our market. The innovators and innovation capital are no longer being rewarded. The calcified institutions are snuffing out everything that moves in search of remaining growth.
We must break up these companies. That is the only healthy way forward.
100% agree that decisive anti-trust action is needed. In addition, many of us can (and do) choose to just not participate (to the best of our abilities) in the nonsense from these companies.
Many of us are not required to use Apple devices (and we choose not to). Additionally, many of us are able to choose privacy-respecting Android variants (like GrapheneOS). It sometimes is less "convenient", but IMHO it is better then surrendering to the duopoly...
Interoperability is a commons; the market won't protect it on its own, because each individual consumer's best action is to just get an iPhone and an Apple Watch.
But the market (and society at large) is ultimately worse off when Pebble and FitBit and Garmin can't compete on a level playing field with Apple Watch— particularly when Pebble is targeting a completely different feature set, price point, and battery profile from what Apple Watch does.
I don't, and I won't, but that doesn't really address the points in that post. There is nothing any individual can do about massive corporate cartels controlling entire industries and strangling all potential competition in the cradle, like they said anti-trust enforcement is the only way. But apparently it'll be difficult to garner support for that when people perceive it as an attack on their 'consumer preferences'
Apple and iPhone are a gravitational singularity distorting every single market in the world.
Software companies bend the knee to Apple.
Global payments companies bend the knee to Apple.
Entertainment companies bend the knee to Apple.
On and on and on...
You cannot find a corner of the world that iPhone does not distort, tax, shape, or control in some shape or fashion. Some companies and industries to such an extreme that Apple becomes not just their landlord, but their master.
Desktop computing could never do this. Microsoft never had such draconian rules.
The automotive market doesn't resemble this. Dozens of countries have five or six major automakers. There's something for every budget and niche.
Gaming could never do this. There are three major consoles, six major PC distribution channels, mobile gaming, indie gaming, web gaming, tabletop/physical gaming - that market is huge. Honestly, this is what mobile computing should look like.
Only mobile computing and the web have become so perverted and encumbered. These markets are beyond Standard Oil levels of distortion. And the worst part is how massive, important, and all-encompassing these markets are. Everything in life is touched by these markets.
Why? Can't you just not take advantage of it is it's there? Why demand it to not be here? What ill consequences do you suffer from having the option for additional interoperability?
IMO it makes sense to nationalize things that lend themselves to natural monopolies, or sectors where innovation has mostly dried up on account of maturity, where continued progress is largely driven by tax-funded research grants already. I'm not convinced that "computing" is such an industry, innovation seems dead there because of monopoly. In that case, they should be broken up to drive competition-fueled innovation, with careful supervision to monitor for and punish anti-consumer behavior, abuse of negative externalities, etc.
If it turns out that even then, 10-20 years from now the market is still making mostly glass/metal rectangles with the same feature set of today, then we can consider consolidating that productive capacity for the sake of efficiency.
i think this pov buys too tightly into the idea that national projects arent innovative they are often more innovative than the private sector but it requires buy in and focus from their managers and funding from politicians
The Soviet Union had everything nationalized and it always accountable only to the Politburo. This idea that governments are “accountable” is cute. Government shouldn’t be running businesses.
Building and maintaining a functional marketplace (e.g. through common-sense anti-trust enforcement) is about more than just optimizing for a specific outcome...
Microsoft of that era is a tiny bug compared to the trillion dollar giants of today.
You could install whatever you wanted on Windows. Any software, any browser. Microsoft was incredibly open with both software and hardware compatibility.
You didn't have to use IIS or C# or Microsoft technology to develop software. You could develop and deploy PHP, Apache, Perl, C, anything. And about that time, Linux servers and distribution were massively growing in popularity. There were so many options.
It was even easy to pirate Windows and other software if you really wanted to. Basically, it was a complete Wild West with lots of latitude and room to navigate for everyone. Microsoft really only pursued enterprise contracts.
And the market back then was incredibly small. The number of desktop broadband and dialup users pales in comparison to the total number of smartphone users we have today.
The situation today is wholly different on every level. Two companies own how society stays connected, how it conducts commerce, and how it shares information. It's gross how much power they have. And how they choose to enforce it and tax it.
I don't think we need any major government intervention.
What we need is a law that requires companies like Apple to allow their customers to install and run the software they wish, and provide external developers with the same OS features their internal teams have access to.
Europe and Brazil already have such laws, though they could go farther.
> What we need is a law that requires companies like Apple to allow their customers to install and run the software they wish, and provide external developers with the same OS features their internal teams have access to.
Trouble is that most major governments are democratic, meaning that the governmental powers that be are the very same people (the population at large) who are already not willing to do anything about it. The majority will clearly isn't there at this time (that can change in the future, of course).
Government is a useful tool to clean up the dissenters who wish to act against the will of the people, but under a democracy you cannot believe that the majority are the dissenters. That defies the entire premise.
Apple Silicon could not have existed without the vast amount of capital that a trillion dollar company like Apple could've mustered, TSMC might even be one or two generations behind where it is right now if Apple couldn't afford bankroll the latest generation and temporarily monopolize it, and for that reason alone I'm fine with the state of affairs
It's also great that Apple is able to negotiate with countries as an equal wrt. user privacy, iMessage is the only e2e encrypted messenger allowed in China, and is currently able to mobilize a significant political movement against mandatory backdoors in the UK
Because everyone here commenting knows the reason?! This is all speculation by outsiders. Apple isn’t commenting and if they did, outsiders wouldn’t know if it’s the real reason. It could be that Apple lacks the patents, for some of these key features and they are making the best out of a bad situation. It is what it is and we can’t be sure why.
I honestly don't think Apple products are a smart choice for tech savvy people anymore if they ever were. You are paying a premium for easy to use, convenient servicing, and the aesthetic.
There are many anti competitive practices that Apple and Microsoft engage in. And a lot of it is not even “preventing” something but just bogging it down so it takes a lot of time and money and starves out anyone who could challenge them.
But we should also talk about the inverse thing where they give themselves an advantage in positive ways. Like for example, iOS devices will regularly advertise Apple’s own Siri intelligence or their own games subscription or news subscription or iCloud or whatever. These get special treatment and show up in unexpected ways - notifications that you cannot prevent ahead of time or in your system menu with an annoying badge you cannot dismiss until you click the thing. These are things Apple only does does THEIR OWN products and services. It gives them an anti competitive advantage against others, but it does so not by crippling others but by boosting themselves.
All of this should be illegal. I dislike regulations sometimes, for example when EU regulation gets into censorship. But they seem to be doing a lot more to help customers and support competition than the US. While Trump talked a lot about breaking up big tech, I am skeptical as to whether he’ll do anything to actually support competition and actual free markets. It will require regulation, not posturing.
I think people forget that Apple is not making devices for the Hackernews community. They are making devices for people that just want something that works pretty well and has reasonable security - even to the extent of protecting them from themselves. They have other things to do with their time than learn about security vulnerabilities and how to avoid them. They want to just click 'yes' on every popup and expect things to keep working. Because they know that they are not qualified to answer that yes/no popup question. And those people do not care much about lock-in and walled gardens. They are not interested in jailbreaking and sideloading apps. They've never heard of Pebble or have any interest in it.
This is 90% of humanity, including people we all know and love.
Couldn't you make that argument for literally any anticompetitive practice? Like in the 1990s: "Microsoft isn't making an OS for people that want to try different browsers"
Yes, you could. It's indeed troubling to see this mindset on HN. We have an overflow of professional "explainers" these days, we need more doers and fighters.
You can both use macs and criticize Apple to be and do better. Why would they change for no reason? I've heard this myth about companies listening to customers :)
I have never had an issue with WiFi drivers as an Arch and EndeavourOS user for 6 years now. And for the last 3 years my Framework Laptop does just work as my daily driver.
I think it is unjust to share strong opinions about previous issues that Linux distributions had without recent evidence.
Congrats? I've personally experienced driver issues on my laptop and desktop, both from the hardware being too new for the kernel (or at least the version being used by that distro), within the past two years. And this is LMDE, not some fringe one-man fork.
If we want to pile anecdotes, it just works for me as well. The most recent driver problem I had was Windows, needed to preload something during the installer to get it to recognise hard drives in proxmox working if I remember correctly, and that's not even speaking of printer problems on Windows compared to the seamless integration they now seem to have on Debian (or is my desktop environment responsible for that? Not sure, I'm not super deep into Linux stuff)
Yeah, I'm running PopOS woth minimal issues and have been doing so for 5 years. The only issues I have is that they built it on a jank stack of Gnome, but they're fixing that at this moment.
It sounds like a lot of the "I used to use Linux, but nothing worked" crowd are either previous Arch-users (no shit you had to do everything manually) or older folks.
Emphasizing voting with your wallet means those with the most money dictate how things work. Google and Apple vote with their wallet all the time. When they’re buying competitors, buying preferential treatment for each other, and buying law makers and regulators.
We aren’t going to out bid them on any of these things. We have to make it illegal, and vote in people who will enforce the laws.
It depends on how you define success; the EU has certainly managed to achieve a great deal of standardization and compliance, at the cost of rate of progress and business model innovation. You might think this is a worthwhile trade off, but people differ in their priorities.
The OpenAI grift, the Facebook & Google stalking advertising, the Uber “independent contractors”, and the Amazon two-for of workers pissing in bottles and squeezing your suppliers so prices rise everywhere.
SAP, NXP, ASML, Hexagon, Infineon... These are all companies guaranteed to be touching hardware or software, they you use today, and will use tomorrow.
You jest, but milk production in Europe is far more sophisticated than in the US. Innovation has occurred there [0]. There's no stagnation, despite being a heavily regulated industry. There are new products coming to market, the market is growing at a predictable and fairly decent rate.
And if you need market cap to understand these areas, both Nestle (France) and Lactalis (Switzerland), outpace the entirety of the US industry.
The average person probably thinks that their phone, or websites, show no innovation, despite the rapidly changing underlying technologies.
He is conflating progress and business model innovation with profits. That since the US allows its corporations to get repugnantly large and wealthy, enough to rival many developed nations' GDPs, the US necessarily has more progress and business model innovation. It's just American exceptionalism.
We’re in agreement that it is a viewpoint. I think it’s bad for productive conversation to state viewpoints as absolute facts that everyone else holds.
If you want an alternative, android exists. I actively want a tightly integrated system that I know works well together. I don’t want to worry “does this device really work with this other device, even if it says it’s compatible” which was a constant source of issues I had on Android.
Your desire for Apple to become an open system removes my choice to opt into a closed ecosystem, when you already have an open ecosystem to play in.
>I actively want a tightly integrated system that I know works well together. I don’t want to worry “does this device really work with this other device, even if it says it’s compatible” which was a constant source of issues I had on Android.
Yeah, I mean Linux is an abject failure, nothing ever works or runs on it. Nobody needs open data formats or open protocols for interoperability. Binary blobs for the win! /s
>Your desire for Apple to become an open system removes my choice to opt into a closed ecosystem, when you already have an open ecosystem to play in.
Don't worry, it's easy to lock down any open system and we can give you that should you desire it.
I don’t think this comment is in good faith. I gave you a reasonable viewpoint and you just dunked on me with snark.
>, I mean Linux is an abject failure, nothing ever works or runs on it. Nobody needs open data formats or open protocols for interoperability. Binary blobs for the win! /s
I didn’t say anything of the sort. I said I actively choose a “more closed” ecosystem. Linux has similar problems IMO - “I want to buy a GPU” shouldn’t come with trying to figure out whether the device drivers will actually work, to me. If you want that, you have that choice.
> Don't worry, it's easy to lock down any open system and we can give you that should you desire it.
Only within the constraints of what you want which is that everything should adhere to a standard and be interoperable. Which, again, as I said you can have on android. Go buy a pixel phone, and a samsung watch and see how good the experience is.
I’ll say this again - there are open ecosystem alternatives for you out there, in android. Some people, even technical people, are ok with a smaller ecosystem knowing that there is lock in. If you don’t want that, don’t use it. But if you push your choices on me, you restrict my options and remove my preferred platform to have one more platform you want
You have your own viewpoint, and are assuming its "resonable" and so by definition I'm "unreasonable" is GOOD FAITH? No thanks, no interest in engaging with you.
No I think you’re being unreasonable by making strawman arguments against me and using those strawmen to attack my character, which you’ve done again here.
> Courts do not require a literal monopoly before applying rules for single firm conduct; that term is used as shorthand for a firm with significant and durable market power — that is, the long term ability to raise price or exclude competitors.
The DoJ can sue over whatever they want. They also lose suits all the time. So now it's up to a court decision to make the determination, and it may very well be that Apple is not, contrary to the DoJ's assertion.
> At which point does a monopoly becomes a monopoly?
It's generally in the 70-90% range. Right now, it's much easier to argue that Android has a global monopoly.
> There is no need to have a "clear" monopoly like Windows in 1990's to abuse your power and presence in the market.
Well it depends what you mean by "abuse". I mean, even small companies can "abuse" their customers by not building the interoperability their customers want. But we generally prioritize individual freedom, that private businesses ought to have free choice in what they work with or don't. That's important.
That only becomes a problem when consumers aren't able to switch to a competitor. I.e. when there is a monopoly provider. I.e. which controls 70-90%+ of the market.
> it's much easier to argue that Android has a global monopoly.
Sorta. My understanding is that Google Play has the global monopoly. If it were plain Androids that users bought to own, to do with as they wanted, I'd be much less sombre about where mobile ecosystems are headed (namely, that governments, banks, public transport companies, and many other organisations will require a DRM-locked device if you want to live a normal life, buying bus tickets while passing the algorithmic fraud checks instead of needing to travel to a remaining ticket counter for example). It's barely even the future anymore, bank and transit company apps already mostly only run if you have a Google account and are on a locked-down ("Google Safetynet") device or go to great lengths to hide that you've got full access to your own data on your bought-to-own device
The median in the first chart is 53%. So not really. Apple is just seasonally high in Q4 presumably because iPhones make good Christmas presents. And still below 70%.
If it's not a duopoly, then why there's no competition between the play store and the app store to get developers or users from each other?
The only tariff change ever made on the appstore was as a reaction to an antitrust lawsuit and copied straight to Google. Just that is enough of a proof.
Well, no, at least not honestly, because in the 1990s Microsoft was sitting on a true monopoly. Apple is one of several (3, at least) players in desktop computing, and one of two in mobile. Nobody has the kind of power Redmond wielded now.
I honestly don't care about Microsoft bundling a browser. The real problem was that they intentionally broke web standards to push websites to "work best on Internet Explorer," so even those who chose not to use Windows were caught up in it. Whereas, Android users aren't affected by what Apple does here.
They still bundle Edge, and keep setting it to default. But idc, it's just one of 1000 reasons I don't use Windows.
> The real problem was that they intentionally broke web standards to push websites to "work best on Internet Explorer," so even those who chose not to use Windows were caught up in it.
Microsoft tried to build their own extensions to the internet standards, like activex and proprietary DOM/JScript extensions, explicitly designed to lock devs into IE’s ecosystem. It's quite impressive that they managed to miss this opportunity to Adobe. And how Adobe then just... squandered it. I would expect that "being the necessary proprietary piece in significant chunk of internet" would have some deep strategic advantage, but both tech giants couldn't be bothered to do a good job.
Apple do this too with their products - but in more subtle ways.
For instance, try to play a video game on MacOS. While Vulkan is available on every playform, it's not available on MacOS or iOS despite the fact that it would take an engineer at Apple a weekend to implement (figuritively speaking). Apple are also killing off OpenGL support for MacOS.
Generally, Apple deliberately build a "dependence ecosystem" for their consumers on the product side while also actively preventing engineers from using portable technologies on their platforms.
The fact that MacOS is as open as it currently is is a miracle and I am sure executives hate that.
They create the fastest and most ergonomic mobile hardware on Earth but, outside of web browsing, video editing and some engineering workloads, there's very little you can actually do on it.
Oh yeah, Mac video games sorta don't exist. The dev can jump through all those hoops and still have random OS updates break it constantly. Almost as bad just for regular apps.
Re executives being mad: The thing is, they make money off Mac hardware, and even then its profits are dwarfed by iPhone and iPhone accessories. Which are of course locked down.
Unlike Microsoft of the 90s, there are alternative mobile operating systems that are actually competing with iOS and Apple, so the argument isn't the same. In fact, people point out that iOS doesn't have majority share when you look at global usage, and only has a small majority when you look at the US. Microsoft's next nearest OS competitor didn't make a browser, and a lot more than half of computer users were using Windows.
Making your own products interoperate better than competitors' products is pretty typical and I don't think it rises to the level of "anticompetitive practice."
If you don't like it (and I can totally understand why), there are numerous other smartphone makers out there with products that allow better integration with these watches and you're free to buy one.
MS didn't get into trouble because they went after competing browsers, they got into trouble for doing that while also having a monopoly on PC OSes. Apple doesn't have anything like a monopoly in this market (their US market share is about 50%, worldwide is around 28%).
Microsoft absolutely got in trouble for purposefully making other Office suites not work correctly on Windows, for using private Windows APIs in Office that other companies didn't have access to, etc.
If Apple makes a watch that can receive and send iMessages then there is no reason any other device shouldn't be able to use the same APIs that Apple uses.
It absolutely creates a system where competitors literally cannot compete with the same features.
They got in trouble for doing that stuff while having a monopoly on PC OSes. Using private stuff to give your own products an advantage is (legally) fine if you're not leveraging a monopoly to do it.
We’re rapidly approaching the point where having a smartphone is becoming a necessity for being a functional part of the society. You could argue that is some countries we’re already past that point. A device of this social importance that’s also locked into one of the two American megacorps absolutely needs as much scrutiny as possible, since the interests of those megacorps are not aligned with the interests of the society.
To give one example, Apple has removed an option for Airdrop file sharing between iPhones that are not on one another’s contact lists after the pressure from the Chinese government to stop it from being used for protests coordination. And yet this change was silently rolled out globally as a part of an iOS update.
So, no, “Good enough for most people” is not actually good enough.
> having a smartphone is becoming a necessity for being a functional part of the society
This is correct, as in some countries, you use your phone to authenticate access to banking applications and payments (e.g., https://en.wikipedia.org/wiki/Smart-ID). However, I find it a bit of a stretch to claim that having iMessage access on a smartwatch is essential for being a functional member of society.
Corporations will always take steps to ensure their profitability. Apple, for example, is incentivized to keep its systems locked down to maintain its ecosystem. There are likely other justifiable considerations behind these decisions. While laws exist to regulate what corporations can and cannot do, there should be a reasonable balance. That said, I don’t think this is a battle worth fighting - people can simply switch to an Android phone, which offers better support for a wider range of smartwatches.
Giving all your data to Google (an adtech company) is not an acceptable solution. Not to mention that it's incredibly difficult to leave the Apple ecosystem, by design.
I would say that custom Android-based ROMs like GrapheneOS are the solution, but Google is actively sabotaging those with the Play Integrity API so I don't know if they will be usable by the average person in the long-term (unless Google is legally compelled to stop this).
So honestly I think that legislation such as what's happening in the EU is the only solution. This includes investigating Google as well as Apple. I'm not a huge fan of legislation in general but the current state of mobile computing is depressingly bad right now.
> However, I find it a bit of a stretch to claim that having iMessage access on a smartwatch is essential for being a functional member of society.
Btw I agree here. Perhaps the EU is being a little too overbearing in some aspects, but most of it is good. I think in this case Pebble is trying to take advantage of the existing interoperability provisions, which are a general framework allowing devs to request access to certain functions. However the EU has said that they want to target smartwatches in particular which sounds like misplaced priority to me...
What I had in mind wasn’t iMessage, but the fact that banking and digital ID systems such as Danish MitID are increasingly being built with the assumption that everyone owns a smartphone.
There is also a code reader version available: https://www.mitid.dk/en-gb/get-started-with-mitid/mitid-auth.... In Lithuania, similar systems for banking have existed for a long time—especially code generators—as a method of authentication. In recent years, they have been widely adopted across various platforms, particularly government services, as a login method. Essentially, it functions as a digital ID.
What I originally meant was that I don’t see Apple’s reluctance to open up the iMessage ecosystem as an indication that they wouldn’t support a banking or government authentication system. I just don't understand the concern here.
This is somewhat false. It wasn't removed, it just takes intent now, and it has a timeout. I've been spammed by strangers with airdrop before, and have accidentally airdropped things to strangers. I enjoy the increased intent.
But, gone are the fun days people spam airdropping funny "This is the captain" pictures to everyone while waiting for takeoff in an airplane.
It took a 100 years from first phone public networks in the 1880s to the basic expectation that you would have a phone number in 1980s. Public internet came this way in ~20 years (early 90s-early 10s). Smartphones did it in 15?
The post has a section regarding these concepts and why the author disagrees, why not respond to that directly instead?
I tend to side somewhat with what the author is saying: they can be both relatively true statements and a way to abuse market power at the same time so identifying it as fitting the mold of one or the other is only the start of the conversation. People against the practices tend to care more about the latter and I think that's why we've seen the EU, Japan, and now Brazil regulate the behavior based on that rather than asking "what's Apple's target usage type".
> Apple claims their restrictions on competitors are only about security, privacy, crafting a better experience etc etc. At least that’s what they tell you as they tuck you into bed.
Ah, yes, the author is clearly interested in an in-depth discussion of the tradeoffs in allowing 3rd-party users access to data that you tell your customers is 100% always encrypted.
The HN comments are for our discussion. If you choose to latch on to portions of initial posts or comments like the latter for swipes than that's the kind of discussion we get to have. If you choose to focus most of the discussion on other lines like:
> I personally don’t agree - they’re clearly using their market power to lock consumers into their walled ecosystem. This causes there to be less competition, which increases prices and reduces innovation. DOJ seems to agree.
instead then the quality of discussion here will match.
Okay, I was being a little snarky. But that quoted portion doesn't really contradict my point; that is in no way an exploration of good reasons why Apple might want to make these choices.
> They have other things to do with their time than learn about security vulnerabilities and how to avoid them.
You're making that statement as if iPhones don't have security issues and people using Android definitely have to learn about those things.
> They want to just click 'yes' on every popup and expect things to keep working. Because they know that they are not qualified to answer that yes/no popup question. And those people do not care much about lock-in and walled gardens.
What exactly is it that Apple does that makes it not matter whether you click 'yes' or 'no' on these popups?
To add: if the goal is to make a system where the yes/no answer is irrelevant, then it's a system when very horrible UX: the pop-up shouldn't be there in the first place!
This also doesn't address the obvious solution: safe and easy defaults, and an option for manual overrides in advanced "I know what I'm doing" settings.
> They want to just click 'yes' on every popup and expect things to keep working
This is an extremely dangerous mindset, even if you never leave Apple's garden. As a reminder, Facebook and TikTok are on the App Store. We cannot encourage this zombie-like behavior and simultaneously have a healthy, free society.
> Because they know that they are not qualified to answer that yes/no popup question
Apple put thought into their permission system and made it easy to understand even among non-HN users, so that regular people can make meaningful choices about what information they want to share with apps and the companies who make them. There might as well be no permission system and no sandboxing at all if users are just going to spam the "yes" button all the time.
I kind of agree - while I personally don't like to be treated like a dummy because I do feel like I know what I'm doing with tech, I wouldn't trust e.g. my parents with that power.
If Apple wants to be the brand for the tech illiterate that's fine—the real problem is that their hardware (and to a lesser extent some of their software) is actually a lot better than the competition, especially every since the M1 CPU came out.
So people like me and other HN denizens are left to hope that either some competitor actually becomes competitive; or Apple positions itself in such a way that they can simultaneously provide the "dummy mode" for dummies, and the "power mode" for people like me.
For the latter option, they clearly don't want to do it, probably not because they don't trust power users to do power user things; but because leaning on the dummies for cover helps them protect their walled garden.
Or also just have a corporation with enough technical knowledge themselves to work out security.... I suppose they figure it's not in their business interests though.
What point are you making here? That Apple should be able to leverage their market position to crush their competition for a particular device just because it doesn't affect you in particular? You don't care for smart watches so the smart watch market should be exempt from regulation?
Third-party controllers have been widely available for every popular video game console including the GameCube. Nothing was stopping anyone - Microsoft included - from creating an Xbox controller which would also work on the GameCube. Nintendo certainly didn't stop anyone.
This example completely misrepresents the issue. Nobody is asking Apple to add support for Pebble watches to their devices. They're asking Apple to stop preventing Pebble (and other smart watch manufacturers) from being able to support Apple devices.
Ok, then Microsoft put a famously large amount of effort into stopping people from installing other software on each version of Xbox. And Nintendo at least made it difficult to create unlicensed GameCube games.
Game consoles are not general purpose computing devices. People do not buy Xboxes with the expectation of running Photoshop. But people buy smartphones with the expectation of being able to use smartphone peripherals.
Really? Did you have to pair your Apple watch? Did Apple sign the software on the watch? Did Apple build special APIs and tools into iOS to support certain features of the Apple Watch?
Apple is demonstrating here that they can control every aspect of what you can do with your phone, including not allowing Pebble to work.
Apple doesn't even allow you to replace broken parts in your phone unless it has an Apple approved signature that can be validated.
Yeah, and I have a microwave. Despite being vegetarian myself I don't complain that it has a button for "chicken" on it. I don't even really know what it does. I don't really care.
iPhones are the Starbucks of phones. They were sort of novel and better than competition for a few years after launch maybe, became a status symbol, and then all the people who bought in stuck around while it became a bit old hat and uninteresting while paying the price that it was when it was still cool. If I want a capable rectangle, there are plenty of options now that are better and cheaper and more reliable. iOS and iPhones and just fine if you don't care, just like Starbucks is fine if you don't drink black coffee or have no options
They care about privacy and freedom, so they have different opinions besides Apple. But they don’t care that much, so not everyone is trying to figure out if their phones have a hackable toggle.
Apple are making devices for people who want things that look pretty. Functionality is generally not the major concern. Think about it.
They are late with most new tech as they will just wait until it becomes cheaper, why? Because they already know it's not a deal breaker.
They removed a bunch of fundamental and heavily used ports from the Macbook for years. Because they knew people would just work around it and buy dongles.
They put the charging port for their wireless mouse on the bottom of the mouse so it wasn't possible to charge and use the mouse at the same time. Because they knew people would put up with it because it was pretty.
For a lot of people, it's not that it works well or anything. It's about the brand and the design. It's about the marketing. And when it's about that and not the actual product you can do whatever you want to your product and it doesn't really matter. And compatibility with other brands doesn't matter because they've already bought into Apple's brand over everything else including basic functionality.
It all depends on what you're doing. For many on here, Macs are technically worse because they use docker and that means instead of just running docker and using the container functionality in the Linux kernel they have to virtualise a Linux VM to run docker in. If you're gaming it's not as good as Windows. Macs are ok, they do the job and in some areas they are better. But really, for most it doesn't matter, it's all about brand.
Docker is fine on Mac but still a small sliver of user base, and nobody is buying a Mac to play games. For all those other general uses, they're better, that's why they buy them. Battery lasts long, fan doesn't spin up, you don't get harassed by Windows, you don't deal with Linux Bluetooth drivers. Not for style.
Apple Watch for style, sure. It's a watch after all. Not that it actually looks good.
Docker is slow on Macs. That’s why there are multiple packages to try and solve it. And still it’s slow. And that is a massive amount of people.
Plenty of people play games on
Macs. It may not be the purpose they bought it does they bought it for general use and that’s part of the general use for many.
For general uses they aren’t better. They cost more. You’re unable to upgrade them. They have less ports and require dongles. The list goes on.
I’ve not had any issues with Linux Bluetooth drivers is so long I can’t even remember when.
You may buy macs now because you’re used to them and you think they’re better. But really you got into macs because of the brand. Because there are very few areas where it is truly better than the others.
> They are making devices for people that just want something that works pretty well and has reasonable security
This statement doesn't make sense except if you are implying that Android doesn't have reasonable security despite not being a walled garden like iOS, and allowing e.g. interactions with smartwatches.
There's extremely few reasons why a modern Android phone from Google or Samsung is less secure than an iPhone, against any attack vector that 99.sevennines% of people [1] would ever experience. The worst way I've ever seen the most tech-illiterate person ever mess up an Android phone is by installing some QR Code reader that took over as a home screen launcher so it could (nonmaliciously, but questionably) put its QR code reader as a home screen left of the app icons. It should be way harder for Play Store apps to do that, because this guy needed professional help (me) to figure out where his home screen layout went.
But that was it. That's the worst I've ever seen. Android's security is very good.
While not a security concern, I've had multiple iPhone users ask "what the heck is this screen to the right of my app icons" (referring to the App Library introduced ~2 years ago). One person thought they'd been hacked. Kind of a similar inconvenience vector as that QR code app.
[1] The 100-99.sevenines% of people who might actually find themselves the target of an attack vector that Apple's unique security can help mitigate are, for example, journalists or dissidents who find value in Advanced Data Protection and Apple's generally very good and healthy stance on cloud security and end-to-end encryption. This level of security should be available to everyone, on every cloud provider, even if it only directly advantages a small number of people, but Apple is the only one really doing this right now.
This happened to people I know. Some innocent sounding app replaced their launcher and added a fake Gmail widget to their home screen. It prompted them to login and, well, you know the rest.
This would never happen on iOS because you can't change the launcher.
Agreed. Its my opinion that you should be able to replace the launcher on Android devices, but the Play Store should refuse to distribute apps that do this.
I thought this community is security over convenience? 12 years ago my iMessage got hacked. Someone was sending messages from my name to my relative. My password was secured and there were no ways I thought it would get hacked but there it is.
It's crazy that so many don't realize this. I am not an Apple user, likely never will be, but I recommend their tech frequently. They meet that market's needs with aplomb and I respect that.
> And those people do not care much about lock-in and walled gardens. They are not interested in jailbreaking and sideloading apps. They've never heard of Pebble or have any interest in it.
Customers are interested in new products and services that are good. This is how all currently popular products began, obviously. By preventing competitors from being good, as Apple and Microsoft and Amazon and other mega corporations regularly do, there’s no chance for competition to get to the point of attracting customers in the first place. Those people that you think are not interested in one thing or the other COULD want those things if they were allowed and easy to do without all these anti competitive practices.
I think, we fundamentally lack a mechanism to enforce secure / privacy aware APIs without resorting to trusted inner-circle type of things. I am already not comfortable with Apple picking winners (such as giving Zoom special entitlement but not the VOIP apps you want to distribute by your own). Apple trusting their own apps more than other apps is another symptom of this and it is not helping their anti-trust situation even if it is with good-will.
And "giving people choice" won't work neither because people will just tap whatever checkbox you give them (the internet should never forget that Facebook SDK just forces to accept "The App is Tracking You" notification and most users tapped yes).
Quicktime Player.app gets an entitlement called `com.apple.private.tcc.allow`, giving it unprompted access to the Camera, Microphone, and Screen Capture.
An MDM administrator, managing a computer or device owned by an organization, cannot grant those permissions to anything without user consent. For good reason!
So why the *fuck* does Apple think they're entitled to?
> So why the *fuck* does Apple think they're entitled to?
Because they manufactured the device, and you bought it?
And honestly, I support them. Because starting QuickTime is a user action, and it only records when I want it to. QuickTime is an app I trust.
I don't trust an organization admin not to record me without my consent. As we've heard the horror stories of schools spying on students with school laptops while they're in their own homes, their own bedrooms.
I trust Apple a whole lot more than I trust an org admin.
If you followed the Apple Security scene for a bit, you'll notice that a lot of exploits make use of special permissions granted to Apples own apps and services. If you find a way to run your code in Quicktime Player, or to control Quicktime Player, you can circumvent the privacy dialog.
Do you trust Quicktime Player to be free of exploitable bugs or behaviors?
> Do you trust Quicktime Player to be free of exploitable bugs or behaviors?
I trust they aren't there intentionally, and that they'll be patched in a security update as soon as Apple discovers them. In this regard, QuickTime is just part of the entire OS. No software is perfect. Bugs might be anywhere. But the permission dialogs are meant to protect the OS from third-party threats, not to protect the OS from Apple software.
Remember when people realized that Apple apps were bypassing application-level firewalls like LittleSnitch?
First it was denied, then it was a bug, then it was a "temporary workaround" while ... something ... was updated.
And that was just ... accepted as an answer. I could never fathom why TextEdit might need a kernel extension in the first place, let alone unfettered/unmonitored network access. I don't even think it was necessarily nefarious, just "we know best, shut up and buy".
Replace MDM administrator with ‘malware author’ or ‘spy software’ to get your answer. There is functionally no difference between a regular company doing MDM wanting to bypass camera permission prompts and a hacker who has tricked/forced the user into enrolling into MDM.
Now, replace ‘Apple’ with ‘malware author’. What’s the difference? Well, for one, a hacker has nothing to lose and everything to gain from snooping on your webcam. Meanwhile, if Apple mishandles this permission or used it to beam video data to HQ, there’s a high likelihood hundreds of millions of dollars of iPhone or Mac customers are lost, resulting in billions of dollars in stock value loss.
It's not very trivial to manage an Apple device and Apple would shut down those ABM tenants real quick. Not to mention, supervision requires enrollment pre-setup, which is really difficult.
So "just replace x with y" does not really work in this context, MDM is vastly more effort than you think and OP-s point still stands.
MDM is not easy but you can enroll devices after the fact, pre-enrollment isn’t the only option. But yes, it’s a PITA to deal with even at the best of times.
Ahh, maybe I’m mistaken or maybe iOS works differently. I believe you can enroll it in MDM and then you have 30 or 60 days to kick it out at any time and then it becomes fully locked in. Or perhaps I have my terminology wrong. I only scratch the surface of MDM at my company.
This is more to do with ABM - you can add a device to ABM that wasn’t put there by a reseller/vendor/Apple. This also enrols the device, and removing the enrolment in the first 30 days also removes it from ABM again.
After the 30-day period, the enrolment profile cannot be removed on the device-side. This workflow applies for both iOS and macOS.
On macOS the enrolment is supervised either way. You can also get a supervised enrolment on an iOS device that isn’t in any ABM instance - there is more than one path to supervision.
Think about why they ask for access in the first place - it's because camera access or screen access might be unexpected for the app you've just started. Or maybe you don't trust the app with your camera (looking at you, Instagram).
QuickTime Player is already on your Mac and you already know what it does when you launch it.
There are millions of ways you implicitly trust Apple software to not violate your trust when you use their products. The whole point is Apple can gauge whether it is appropriately stewarding that trust in first party code much better than it can with third party code.
I guess that's fair, because the name says Player. But still, the way to not use those features is to not use those features. Unlike a third party app you don't need to worry about it trying to read your screen if you haven't explicitly started a screen recording. If you can't trust Apple to do that then you can't trust Apple to block third party apps from recording, either.
Security boundaries are for more than intentionally bad apps, but things like bugs causing code execution or other ways of abusing their privileged position.
An app decoding complex untrusted media files from the internet? It should have the absolute minimum permissions.
That's not the problem Apple was trying to solve here.
I suppose I could see a system where every camera/screen recording access by QuickTime Player forces a popup, because you can't say whether it happened intentionally or due to opening a malicious video file, but that would have to be opt-in for sure.
I mean the reason is because Apple, the people who made the security boundary, and Apple the people who made Quicktime are the same people.
I'm not saying it's not anti-competitive but it's fine from a security context. Apple knows exactly how Quicktime behaves, that it doesn't act maliciously, and can't be updated to do so.
> Apple knows exactly how Quicktime behaves, that it doesn't act maliciously, and can't be updated to do so.
Yes, it's physically impossible for an Apple developer to accidentally or maliciously introduce an exploit into QT and for it to elude security or code review...
I've never heard a security posture that is "well, we know what your tool does, so it doesn't need any security controls".
I'm sure that could happen, but it's not really any different than exploiting some other part of the system. You make a fine case that the nature of this code means it will likely be under less security scrutiny than such an entitlement warrants but that's Apple's problem now.
> well, we know what your tool does, so it doesn't need any security controls
This really isn't that weird. The camera app doesn't need to ask for permission to use the camera/mic. And the why is because the thing you're worried about is some random 3rd party app capturing audio/video without the user's knowledge or intent. You know the built-in camera app doesn't do that because you wrote it, so it's fine to give it an entitlement to bypass the usual prompts. It can also access your photos without prompts because the threat model is malicious exfiltration and again, you know it doesn't do that.
Because to activate apple's device (not yours), you had to read 1000+ pages of terms and conditions (did you?) and they told you this somewhere in there.
There's nothing new here. From AirDrop to AirPods, Apple's MO is to lock you into their ecosystem and be as belligerent as possible toward any non-Apple gizmo. Couple that with social and network effects, and you have a perfect formula for monopolizing a market without continuously improving the tech.
> and you have a perfect formula for monopolizing a market without continuously improving the tech.
...but the Apple ecosystem has the best tech. M chips, AirPods Pro, Apple Watch, iPad, Pencil, I mean the tech is great.
Apple isn't monopolizing anything. They're competing like hell and winning because their tech is best. The real question is why the Android and Microsoft ecosystems don't do better at improving their tech. Where's the Windows equivalent of an M4 MacBook Air in terms of performance and battery life?
Microsoft couldn't compete themselves out of a wet paper bag (it may be a slightly different script, but they're anti-competitivists just like Apple).
Apple technology is "great" as long as you you're rich enough to afford it, and buy into the whole ecosystem. And, most crucially: contort yourself yourself enough. (="If it's not working for you, you're not holding it right.")
> Apple technology is "great" as long as you you're rich enough to afford it
I don’t know what point you’re trying to make with this sentence. It comes across as missing the fact that high quality goods… cost more than low quality ones?
Not to mention they have plenty of affordable tech. Their phones have always been roughly the same cost when adjusted for inflation - something pretty commendable. The iPods back in the day came in a huge range of affordable shapes and sizes for the quality.
>Apple technology is "great" as long as you you're rich enough to afford it, and buy into the whole ecosystem. And, most crucially: contort yourself yourself enough. (="If it's not working for you, you're not holding it right.")
1) Apple's lack of success in various categories over the years shows that their success isn't "magical" marketing.
2) So if we're ruling out mindless drones of hypnotised people handing over their hard earned cash hand-over-fist, then we might look to more realistic reasons why some of their products sell very well. When we do we see a much more rational picture, closely tied to the basic economics of product and price.
3) At this point one needs to concede that consumers are majority highly rational buyers, hand waving away others as sheep-like with too much money is a risible position to take.
4) In the markets Apple sell well: phones, laptops, wearables: There's plenty of products that cost more than the Apple equivalent and don't work nearly as well.
5) While you may categorise a person with a $700 phone as rich, consider that the lifestyle improvements gained over the typical 4 year ownership lifecycle works out to be ~48c a day. Depending where you are, that's the equivalent of buying one basic starbucks coffee a week. Sure there's more expensive iPhones, there's more expensive coffees too.
6) When it comes to price discussions there's also a lot of bad faith comparisons. Bad faith = where the author of the comment should, or clearly does know that the comparison they're making is excluding pertinent details, but doesn't include them intentionally to deceive, usually because they value "winning" an internet discussion rather than the value of exchanging ideas.
7) Consumers are rational: If such price comparisons held water then certain the Apple products wouldn't be doing so well. We can already see the ones that don't do well with the mass markets because they're priced to very specific audiences (MacPro, VisionPro, etc.)
>"If it's not working for you, you're not holding it right."
1) I'm not sure about the merit of misquoting a dead guy, talking about a product that hasn't been sold in over a decade. I think if you're trying to convey that Apple has a certain arrogant attitude towards their customers then you should revisit the points above.
2) If you're going to quote this, then you should take the time to read what Jobs actually wrote, since the tone doesn't meet the level of arrogance in your portrayal. The email is here: https://wccftech.com/images/news/iPhone4G/jobs.jpg
3) Despite the mixed views on whether the problem even existed in a meaningful way, Apple gave away free cases, no questions asked, to people who felt they experienced this problem. As a barometer to the actual problem: Not even the land of the lawsuit was able to muster a case, and they did appeal widely for injured parties.
You aren't in any position to make that call, since you have no opportunity to try competing products due to being locked in to an anticompetitive ecosystem. European iOS users will soon be able to decide if Apple really does have the best tech or not.
What are you talking about? I can try all the competing products compatible with Android and Windows. I'm not locked into anything Apple because they're not a monopoly. I am very much in a position to "make that call".
You said that Apple makes the best tech, but you wouldn't know, because you cannot pair third party accessories with your Apple devices and have them work properly, so you cannot determine if third parties are capable of making accessories better than Apple or not.
Whether or not a third party is capable of making a better "ecosystem" of interconnected devices is a separate concern; I'm talking about accessories here, which is the topic at hand.
Kind of amazing you're so confident I don't use the Android ecosystem for a whole bunch of stuff. You know a lot of people use one ecosystem for personal stuff, and another for work? Also that people do stuff like... read reviews? Compare features? Compare specs?
He is specifically talking about accessories, in this case the watches. including apple watches and 3rd party. if apple watches integrate natively, but 3rd party watches don't have the same level of integration then there is no way in the apple ecosystem to make a comparative decision on which watch you want to use as you're automatically funneled into apple watches by design. Now on android, most watches integrate pretty much the same. maybe a different on phone app, but, most APIs are pretty accessible between all devices. (I might be wrong about this)
Sometimes I get the feeling that a lot of people are upset that Apple is deciding what's best for their customers, and customers are happy with that, instead of everyone asking their nerdy cousin or whatever. The condescension towards satisfied Apple users is really shocking.
I just wish that they didn't feel the need to block out competitors to compete on an even playing field - I agree that their hardware is great, but if it's so great it should be able to dominate the market without hobbling competitors on iOS.
Best individual hardware components perhaps, but their software is shit enough that I don't consider their tech to be best. macOS and its weird limitations are enough for me to accept Windows 11 before I'll buy an Apple laptop.
Apple is monopolizing lots of things. You aren't allowed to make software for the iPhone without distributing exclusively thru the App Store. This whole post is about how they restrict third party watches.
If you like it, use it. Why not let other people augment the ecosystem? If Apple allowed Pebble to get full permissions and it all turned out to be the extremely unsafe, buggy disaster that everyone here chooses to portray it as, then you can still buy an Apple Watch. In what way does shutting out the competition benefit you?
How many users do you think call Apple everyday to complain about issues with their third party, knockoff AirPods lookalikes? Could you imagine why Apple could be protective of the user experience of their hardware and sensitive to that user experience being compromised by poorly implemented or nonfunctional peripherals? For every Pebble user, how many people might buy ripoff Apple Watches?
Allowing support for a rich ecosystem of mediocre smart watches does not move the needle on making it better for me personally. And Apple probably has done the market research to confirm most of their customers are like me and not like Pebble users.
> And Apple probably has done the market research to confirm most of their customers are like me and not like Pebble users.
I'm sure. The customers they do not have are like Pebble users, and they don't want customers like Pebble users. They want customers like Apple Watch users.
It is a bit 'masque of the red death' to defend anti-competitive practices, is all I'm saying.
How is it anti-competitive for Apple to pick its own customers? A decade ago, Android used to argue that open was better. Now, people seem to argue that closed should be illegal.
What if you like their computers but absolutely can't stand their mobile devices though?
I got fed up with the walled gardens enough that I made a macOS app to transfer files to and from Android devices using Google's Quick Share protocol (that I had to reverse engineer first).
And no, don't suggest me to try desktop Linux. I want to use my system, not maintain it.
Some 6 years ago I bought new bluetooth headphones.
Every time I'd put them on, my macbook would open apple music (I didn't even know it was installed). Every time. No way to disable it, I really tried. Stopped shy of doing some kernel stuff.
Sold that laptop, and have never touched anything apple since. Probably never will. The hardware's good, everything else is an embarrassing mess.
It's because your headphones were sending a Bluetooth "Play" command on connect (my Honda Odyssey does this as well). For anyone else with this problem, you can override this silly default in macOS using Privacy & Security > Bluetooth, adding Music, then turning off Bluetooth access for Music.
That is maybe questionable behaviour from the headphones. But the worse problem is that there is no way to change what media player is used. I don't use Apple Music, have no songs in it and no subscription. But it opens that rather than the player I do use.
I'm pretty sure I have also launched Apple Music accidentally with some keyboard button or touchbar action. For a "premium" device having to close Apple Music (effectively an ad) a few times a week is not acceptable.
Not only every time they connect, but every time they are paused or stopped too. My car has this problem. It was not possible to pause the music, it would always immediately restart play.
> "Apple’s “Watch Policy” annoys me, but not enough to switch to Android. I hope Apple will be forced to improve their compatibility with other watches."
The conundrum of "[xyz] annoys me, but not enough to [do anything about it], yet I hope [Company] will be forced to improve [xyz]"
So where is that 'force' expected to come from...?
If there are effectively two choices and both of them do things you don’t like, “it’s your fault for not switching to the other one” isn’t a very useful argument
The issue is, suppose you want a phone with A, B, C, D and E.
In a competitive market, there are a hundred phone OEMs providing every combination of those things for various prices with various trade offs etc.
In a duopoly, there is one company providing A, another providing B and C, and nobody providing D or E. If you chose the company providing B and C, but you still want A, D and E, what are you supposed to do? Reward the company providing even less of what you want?
Almost funny to observe how this comment floats between 1 and 0 points every few hours.
Really, I'm in the telco industry for 18 years now. The smartphone market is in a way too unhealthy state, especially to properly compete with Apple.
As of today, there is no player in that space who has even remotely the amount of secured income to come up with a similarly specced and volume-scaled device as Apple, and there is little incentive for anyone new to enter this space.
A new entrant would be unable to secure the investment, because even if he would produce the exact same piece of hardware with the same quality, the carrier distribution channels, the brand-image and (walled garden) ecosystem of Apple will prevent users to even notice and adopt the product, and the press would jump onto it and rip it to pieces for not being universally better.
How would this normally work?
--> You disrupt the market by doing something particularly good, while being average in other areas, succeed, then iterate.
But this doesn't work in the Smartphone space as:
1.) iOS users are unlikely to leave their ecosystem because they can't take _anything_ with them
2.) the Google ecosystem leaves little room to disrupt and secure return-of-investment, and
3.) for Android (without Google) you need to (re)build your own ecosystem to _match_ Google/Apple from the start.
That's why it's not a competitive market anymore, it needs external forces to restore an even competition field for Hardware, Applications and Services.
"Regulation" is a dirty word because most regulations are written by captured regulators. The last thing you want is new rules that permanently entrench the incumbent duopoly while pretending that you can tame Godzilla to keep as a pet if only the right chains are used.
You need rules that restore actual competition. Accept no substitute.
Rules that restore competition are a specific subset of regulations. Undifferentiated "more regulations" not only don't inherently restore competition, they generally do the opposite by increasing barriers to entry and compliance costs for smaller entities, so asking for regulations without specifying which ones is like saying we should solve a problem by using weapons. It's not saying something specific enough to know whether you should agree with it in a given case and in the absence of more details the heuristic for how to answer that question is no.
You can switch to a Linux phone running Mobian today. You can barely use it as your daily driver, but that’s what I do. Be the change you want to see in the world.
> what are you supposed to do? Reward the company providing even less of what you want?
Assuming it isn't regulation (e.g. patents) getting in the way, you pull up your pants and produce [A, D, and E].
If that's too rich for your blood, I suppose rewarding the company that got you something close enough at a tiny fraction of the cost is reasonable. It is hard to deny the value in that.
> What you need is more competition.
Okay, but if you aren't willing to build [A, D, and E], why would anyone else? These things aren't delivered by angels from heaven.
The question is, why is it so infeasible to enter the market?
In theory it should be possible for someone to do this. Phones are made of modular parts. Some companies make chips, some make screens, some make operating systems, some make app stores, so you go acquire each of the parts, make your modifications and start selling your phone.
First problem, the best phone chips are made by Apple and they won't sell them to you for use in a competing phone. Also, they won't sell you their OS or let you use their app store. So it's already not possible to satisfy some of the requirements, e.g. using a chip of that quality or compatibility with existing third party iOS apps.
This is hypothetically more possible with Android, but it still isn't. Qualcomm will sell you a chip; it isn't as good, so you can't satisfy "use the best chip", but they'll sell it to you. You can get Android for free. Well, AOSP anyway. But that won't pass Google's Play Integrity system, so you've already lost compatibility with the existing bank apps. Other Android apps have more dependencies on Google APIs that aren't part of AOSP, so you've once again lost widespread compatibility with the only other market for third party apps, unless you ship with Google Play services. At which point you're not satisfying the "doesn't hoover up your data and send it to Google" requirement.
So anti-competitive behavior on the part of the incumbent duopolists is why there isn't more competition, and antitrust enforcement would address it. For example, break up Apple into its constituent parts. Then Apple Silicon is a separate company like AMD or Qualcomm and you could buy their chips to use in your own phones, the existing App Store becomes a separate entity with no monopoly on distributing apps to iOS users, etc.
At which point someone can feasibly produce a phone that does everything you want, and then someone would.
> The question is, why is it so infeasible to enter the market?
It is capital intensive, so that is a hurdle, but capital isn't that hard to come by if you are doing something compelling. It was downright easy in the 2010s.
Regulation is the biggest problem. It is straight up against the law to become a direct competitor in computing. Even with all the necessary resources, just try to build an iPhone clone, but with the addition of Y, and see how long you can go before lawyers start breathing down your neck. If you make the first day, I'll be impressed.
You can try to compete indirectly with something kind of the same but different enough to skirt the laws, but that's rarely what the market wants, making it difficult to justify the effort and capital utilization. You need something truly game changing to consider venturing down that road.
> It is capital intensive, so that is a hurdle, but capital isn't that hard to come by if you are doing something compelling. It was downright easy a few years ago.
Part of the issue is that it isn't just capital intensive, it's capital intensive across a vertically integrated market. If all you had to do was make a phone chip competitive with Apple's, or reimplement the proprietary Google APIs, or convince other phone OEMs and third party developers to use your competing app store, you might be able to pull it off. But when you have to do all of those things and more? At some point the hill is just a sheer cliff.
> Regulation is the biggest problem. It is straight up illegal to become a direct competitor in the computing space.
Oh, that's definitely a major issue. In theory DMCA 1201 has an interoperability exception, but the exception is narrower than it ought to be and then you would have to be willing to stand up for it in court against a megacorp with unlimited lawyers. There is no sensible argument for not fixing things like that.
You can’t enter the cutting edge phone market easily for the same reason you can’t enter the cutting edge fighter jet market easily. Regulations, sure. Capital, sure. Materials, sure. But holy shit you’ve gotta develop everything from the airframe to the turbines to the cockpit and landing gear simultaneously.
> But holy shit you’ve gotta develop everything from the airframe to the turbines to the cockpit and landing gear simultaneously.
To make matters worse, you cannot just develop it, but you have to develop it in an entirely new way that has never been conceived before, else you will be in violation of endless patent and copyright claims.
But the reality is that the development is already done. No need to reinvent the wheel. It was a huge undertaking, but we've already done it. It is now only regulation that locks it up in a monopoly. Capital, materials, even effort are definite hurdles – but regulation is the reason why duplicating it for the sake of a competitive marketplace is impossible.
> But when you have to do all of those things and more?
It would be completely insurmountable for one person, but distributing the load is what an economy is for. If all you had to do was make a competitive chip, and all I had to do was reimplement APIs, and all Joe Blow had to do was <X>... soon we'll have all the pieces.
> Oh, that's definitely a major issue.
It might even be the only issue. China could no doubt start dumping iPhone competitors on the US market tomorrow if the regulatory environment allowed it.
> I don't think you can escape iPhone Android duopoly in the short term.
You wouldn't need to, if regulations were removed, as you would just straight up copy the iPhone/Android devices. You'd become a true competitor, not be left trying to establish an entirely new parallel market.
But currently, true competition is illegal in this space. Police will be knocking down your doors if you so much as even consider thinking about competing – actually competing – with the iPhone. All you can do is kind create something that is sort of similar, but not really, and that's not going to fly in the marketplace. The market wants iPhones, not something that might passingly look like an iPhone if you squint hard enough, but is entirely different in almost every other way.
Eric did exactly what you suggest, and found out he can't really build it without permission from the manufacturer. So no, you can't just pull up the pants.
You'd only need permission if regulation required it, and we already excepted where regulation is what is getting in the way. So, no, you can pull up your pants just fine.
Unless regulation is the problem[1], you need the will of the people[2] to see regulation come into force. But if the people had the will, they could just see it through already. No need for regulation.
[1] Which it is in the case of computing. Intellectual property law makes direct competition against the law.
The idea that if the people had the will they would see it through assumes efficient markets with negligible startup costs and informed and rational consumers, which is not the way the real world works.
Microsoft - a multi-trillion dollar company, number 2 in the world by market cap, second to AAPL and several positions above Google - tried really hard for several years to wedge their way into the mobile phone OS game with Windows Phone, adding a third entrant to the market. They had name recognition, an easy win for integration with user PCs, several compelling features, partnerships with huge, vertically integrated hardware manufacturers, and an enormous base of IP for programming. But, in the end, they failed.
Just because people have a desire for a thing to exist does not make that thing exist.
I'd love it if there were another company - call it Pear or something - that was just like Apple but allowed my Garmin watch to reply to encrypted messages, integrated smoothly with my Windows and Linux PCs, allowed sideloading apps, alternative browsers, adblock, and which gave me a whole lot more customization options. I've got the will. Now where's my phone?
> The idea that if the people had the will they would see it through assumes efficient markets with negligible startup costs and informed and rational consumers, which is not the way the real world works.
The idea is that if the will of the people is there, they can threaten companies like Apple (or whatever business) to shape up to their expectations or see sales come to an end. Which is also all the government is going to do. After all, (democratic) government and the people are the exact same thing. There is no magic. But if the will isn't there...
> tried really hard for several years to wedge their way into the mobile phone OS game with Windows Phone
They never tried building an iPhone clone, which should have had no trouble finding a market fit. They couldn't do that because regulation doesn't allow it, but without that regulation there is no go reason why they wouldn't have been able to become a viable competitor.
Microsoft's attempt at a phone, and even Android devices for that matter, only compete with the iPhone in the same way Soylent Green competes with hamburgers. It kind of ticks the same boxes if you look at it through a narrow enough lens, but that is not true competition.
There are a lot of contexts floating around, but you are meaning something like how would the people attain a state where they can buy something almost exactly like the iPhone, but with less restrictions or perhaps some different features, without regulation?
Well, how would they do that with regulation? Have the government (i.e. the people) tell Apple remove restrictions/add features else they can no longer sell the iPhone/operate a business at all, praying that they comply – and if they don't you no longer can buy an iPhone? –– Which is exactly the same as the people (i.e. government) telling Apple to remove restrictions/add features else they will no longer buy iPhones/Apple products, praying that they comply – and if they don't you no longer can buy an iPhone. That can be done right now without regulation, if the will is there.
But the will isn't there. Nobody outside of tech communities ever thinks about this, and the comparatively small number of tech enthusiasts who do, do not form a democracy. If they people don't have the will, they won't do anything.
But who should drive such regulation then, elected representatives which represent constituents who can't be bothered to push for it..?
THAT'S the conundrum.
The market urgently requires regulation, but it also became so convenient so fast and affects end-users only indirectly, so there is no sufficient momentum to drive this change...
> So where is that 'force' expected to come from...?
On the margin, it probably does annoy some people enough to do something about it. And even though Apple's policy on this isn't enough to move me, if you combine it with my other annoyances about Apple products, eventually the sum will be enough.
And we vocalize stuff like this because switching does have a cost that I'd rather not pay, so hopefully people who can make a change at Apple will see the discontent and fix it so that I don't have to pay the switching cost.
There's very little an individual can sensibly do. You can't pick and choose every feature you want; you're given bundles of features and you have to pick which bundle you like best. This sort of bundling is deliberate anti-competitive behaviour, which the EU and other countries have recently taken steps to crack down on. So there is hope that apple will be reigned in here.
Because everyone is on a spectrum. [xyz] wasn't the straw to break this user's back, but it will be the tipping point for some number of users. [xyz] is also moving this user closer to the edge, so when Apple does [abc] the sum of both is now enough to move this user.
You can't expect that everyone who is bothered by an issue switch away from a platform. The switching cost is significant (and Apple works hard to make it as high as possible). Not to mention that the platforms (really one notable competitor) that they are considering switching to also have [def] and [ghi] that the user doesn't like which is also counterbalancing the decision.
Anti-trust authorities. Non US based government authorities (e.g. in the EU). Etc. The current trade wars might impact Apple the other large Silicon Valley companies pretty soon. Think stricter rules, bigger fines, more restrictions outside the US.
When it comes to Apple, there probably is quite a bit of low hanging fruit:
- Allowing 3rd party interpreters, browsers engines, etc. on IOS. The OS has sandboxing, there should be no security argument here. Android can manage this, so why not Apple?
- Arbitrary app store restrictions and predatory fees on transactions. Apple is getting rich by essentially using mafia style schemes here. Nice App you have there. It would be a shame it got banned. Better implement X, drop feature Y, or else ... Oh and by the way, you need to pay us 30% on every transaction in your app and you are not allowed to link to payment options outside your app.
- Repairability issues. Apple products continue to score low here. And Apple makes quite a bit of money charging 3-4x component cost for parts and upgrades.
I think the problem is that nobody makes a smart watch as good as the Apple Watch, so people already in the ecosystem have no real reason to care that it's their only option. There's a reason Linus Sebastian has been wearing Apple Watches for years despite being a self-proclaimed Android fanboy.
This is only getting attention now because these new Pebble devices are offering an Apple Watch alternative people actually want.
I'm saying that even without those restrictions, the existing stable of Android Wear devices would still be less appealing than an Apple Watch. There's a reason they aren't even all that popular with actual Android users where those restrictions don't exist.
With Spotify app, some issues seem to be due to Spotify themselves. For example, even when you explicitly download music to your watch, the app needs network connection to start playing. This seems to be explicit design decision on Spotify's part.
The (unfortunate!) hack here is to disable the BT connection on your phone, works 90% of the time.
Also when downloading songs, its better to disable BT on the phone, otherwise the songs download through BT instead of through the much faster Wifi connection. This is clearly an Apple impendiment here, crippling a feature that should work without these sort of hacks.
Pennywise pound foolish and harming UX at the same time. They could just require that Spotify logs the plays and uploads them on the next connection. Resulting in more plays and more money. But instead they block it for the 0.1% of the time that the watch is lost, destroyed or reinstalled before that sync happens.
> Pennywise pound foolish and harming UX at the same time. They could just require that Spotify logs the plays and uploads them on the next connection. Resulting in more plays and more money. But instead they block it for the 0.1% of the time that the watch is lost, destroyed or reinstalled before that sync happens.
Why are you just blindly accepting their vapid evidenceless postulation lol
If there's a case to make on Apple hindering a competitive landscape, then it would possibly be a case of violation of the European Union's DMA (Digital Markets Act), as Apple is not allowed to favor their own services over those of competitors in visibility, functionality, or integration within iOS.
But the EU is a blunt instrument that needs to be sharpened sufficiently with explicit facts. And then still, possibly a very slow instrument...
As for the US justice system.....not sure whether there is any interest to pursue such a case these days...
Apple has also shown its not shy about geofencing the remedies to only help people physically located in the EU's jurisdiction, with a billing address to match.
I used an apple watch since the first one, updated twice, but stopped using it a few months ago. Siri got slower an more unreliable. Automatic sport detection became annoying. And still having to charge it every single day became pretty old. I miss being able to pay with my watch without having to unlock my phone. But thats about it. Anything else about that product just became annoying.
I'm 100% certain that if 3rd party watches could integrate like apple watch could, that apple watch could be way better. But the lack of alternatives conceals how mediocre of a product it became. I wish apple wasn't such a control freak.
The ultra only needs to be charged for like 45 mins every couple days. It’s nice for the “find my phone” button and for getting alerts when my phone is in my pocket.
I know people love Apple products, as do I, but at a certain point it must get exhausting arguing that the wealthiest company with the largest market share is also, somehow, the one that should be exempt from anti-trust action and/or exempt from developing simple 3rd party integrations.
> It’s very difficult to enable other iOS apps to work with Pebble. Basically iOS does not have the concept of ‘interprocess communication’(IPC) like on Android.
Actually, let me make this worse. iOS has plenty of IPC, you're just not allowed to define your own IPC protocols. IPC is solely for your app to talk to Apple's code, not for apps to talk to each other.
The best decision I made was to switch to Linux Mint and Samsung Z Fold 6. I can't believe I was ever a fan of apple products. Hobbled walled garden products. If you're in tech you should not use apple products. Unless you're building an iphone app.
I got on the apple train on Mojave. Before that I was enticed by iOS 6. It was a good platform. But now it just have too much restrictions and other weirdness like not being able to delete apple’s apps, writing files on network shares, not able to adjust system fonts (like the menu bar).
While I still keep the Mac for professional purpose, I move over to fedora.
I've had iPhones since the 3GS and not once have I seen a convincing argument for why I should switch. I need my phone to make calls, send text messages, and to be a 2FA device. The secure "hobbled walled garden" you're talking about is a selling point.
Remembering the uproar when Apple said 3rd party apps would have to be web apps, but didn't ship the features needed to write good web apps on the first iPhone? The term PWA wasn't coined until 8 years later, and Apple has long been accused of hobbling its web stack to incite people to ship on the App Store and pay their 30% tithing.
The term PWA may not have been coined until 2015, but you could definitely save a webpage to your home screen on i(Pad)OS at least as early as 2010. Granted, it was pretty limited, but you could put an icon on your screen, have it open a web view that was somewhat separate from Safari, store data with localstorage, and generally look and feel kinda mostly like a native app.
I guess this is why their market share grows and grows, because the product is terrible and the competition is amazing.
Or maybe reality is the opposite. That android phones that are supported by their vendor for maybe a year or two, have terrible battery life, allow any and all spyware, and generally suck aren't really comparable to the iPhone which effectively does the exact opposite? Or do you love being the product at Google?
It's honestly amazing how Apple managed to dodge anti-trust in the United States.
The fact you cannot build a competing watch is unacceptable and the idea that "well go build one for Android" is refusing to acknowledge that Apple is its own market in and of itself.
Throw in the fact that even getting an app that isn't a game into the App store is not trivial, especially if it dares include some form of payment processing outside of the Apple-verse.
The Floatplane Saga, where Linus Tech Tips didn't want to use Apple payment processor because they would have to charge 30% more is another example. It took months and dozens of app resubmissions, only to have to use their massive YouTuber influence to get into contact with someone at Apple should be proof enough that the App Store has gone too far.
Obviously this is going to be up for debate, but in your comment you acknowledge that "go build one for Android" is an option. This is an indication that your complaint is not in Apple's behavior, but your regret that the competition sucks and it's not Apple's fault. Apple is not a market on their own from the perspective of smart phones and watches, every person making a purchasing decision has options (This is different from an app developer's perspective. See the last line for the explanation of why that's different).
It's not like Apple started off letting third party watches work well and then suddenly locked them out (but you could argue from the article that they started off with minor handicaps and have increased the level of handicap over the years). Most people choose to buy iPhones knowing that only certain watch options work. It's not like anyone is suing Ford or Dodge for only making accessories that work on their own cars and trucks. It's not like anyone can legitimately complain that Ford is anticompetitive because they aren't making themselves compatible with Dodge oil filters.
If Apple did something anticompetitive to keep Android options from being good, then you probably have a winnable legal case. But it seems like Google, Samsung, and the other Android players are losing on their own merits.
Apple is its own market from the perspective of app developers. The app developers can only get to iPhone users through the Apple App Store, so restricting access and charging high fees is anti-trust.
> your complaint is not in Apple's behavior, but your regret that the competition sucks and it's not Apple's fault
Apple uses their dominant position in the smartphone market to exert leverage over the smartwatch market and block other companies' access to a huge chunk of potential smartwatch buyers. Reduced addressable market->reduced potential returns->reduced investment->worse products for everyone.
This same pattern hurts Apple users as well because Apple can reduce their investment, increase prices, or both, without worrying about being beaten on quality or price.
> Most people choose to buy iPhones knowing that only certain watch options work.
This statement would be true if iPhone had 0.1% or 99.9% marketshare and is on its own irrelevant to whether or not it should be regulated. The whole point of regulating companies with dominant market positions is that they have tools to force customers into sub-optimal outcomes regardless of whether or not the customer recognizes it beforehand.
> If Apple did something anticompetitive to keep Android options from being good, then you probably have a winnable legal case. But it seems like Google, Samsung, and the other Android players are losing on their own merits.
This ignores the dozens of Smartwatch companies that don't have a smartphone business to integrate with. In your view, what should Garmin have done if the major Android players blocked 3rd party feature parity from the beginning along with Apple? Would Garmin need to make their own smartphone and OS to compete for watch sales, or would their product just not exist? Would that be good or bad for the industry?
> Apple uses their dominant position in the smartphone market to exert leverage over the smartwatch market and block other companies' access to a huge chunk of potential smartwatch buyers.
They also don't make the Apple Watch compatible with Android, so they are also giving up their own access to a huge chunk of potential buyers (70% of worldwide smartphone users are on Android). So maybe we're missing something.
> In your view, what should Garmin have done if the major Android players blocked 3rd party feature parity from the beginning along with Apple?
In your view, what would happen if only one smart phone manufacturer ever offered any watch integration API? Would that make all of the others (who don't offer an API) anti-competitive? Or would they just have a worse value proposition for their products?
I can't believe this is the hill I'm going to die on- I'm not really an Apple fanboy, and I don't like some of the things they do (like 30% App Store fees or core technology fees in Europe). But I really don't see how Apple not opening up access to their phone constitutes anti-competitive practice. Companies are not obligated to deliver privileged access to their products. It's not a right you have to build a product off of someone else's product. The fact that they have opened up access in some categories does not make it anti-competitive that they didn't open up access in all categories. So many products are closed off in so many categories, why are we complaining about this time?
> They also don't make the Apple Watch compatible with Android, so they are also giving up their own access to a huge chunk of potential buyers (70% of worldwide smartphone users are on Android). So maybe we're missing something.
If smartwatches were an essential part of everyday life for the majority of people on the planet (or in <insert legal jurisdiction here>) as smartphones are then I would want regulation mandating interoperability there as well. As it is they are a relatively niche product so if Apple wants to limit the watch to their phones then I'm fine with that as I don't see it being a very powerful market distortion in the other direction.
> In your view, what would happen if only one smart phone manufacturer ever offered any watch integration API? Would that make all of the others (who don't offer an API) anti-competitive?
Only if those others have significant market penetration such that their closed API has the effect of harming consumer choice considerably in the smartwatch market.
> Companies are not obligated to deliver privileged access to their products. It's not a right you have to build a product off of someone else's product.
If you mean in principle, then IMO a sane legal system should absolutely confer some limited right to, for instance, build and sell software and hardware that runs on or interfaces with Windows. If you mean in practice, then it is absolutely a subject of debate in both the EU under DMA and the US under antitrust law:
> Connected devices are a varied, large and commercially important group of products, including smartwatches, headphones and virtual reality headsets. Companies offering these products depend on effective interoperability with smartphones and their operating systems, such as iOS. The Commission intends to specify how Apple will provide effective interoperability with functionalities such as notifications, device pairing and connectivity.
> Apple is not a market on their own from the perspective of smart phones and watches.
Apple actually acts as a gatekeeper to the smart watch market when used with their devices, because they provide core platform services as a gateway for these products to operate and communicate with end-users, but define rules and restrictions which don't apply for Apple smart watches themselves.
> Apple is its own market from the perspective of app developers.
Exactly. They create a market while giving themselves preferential treatment. They do the same with smart watches, therefore not ensuring a level playing field in that market.
> If Apple did something anticompetitive to keep Android options from being good, then you probably have a winnable legal case.
But isn't that's the case Pebble is making here?
There is actually a Wear OS iOS App from Google to connect Android Wear devices with iPhones, and beside the fact that it's not possible to connect any non-Apple Watch to the iPhone without manually installing a separate App, Google is not able to provide the same functionality as Apple Watch does even when incorporating such a companion app.
> But isn't that's the case Pebble is making here?
No, the case they are making is that Apple is making things worse for Apple users. They haven't done anything to effect the Android watch experience.
> They create a market
They didn't create a market in this case. They created a product, which is the Apple Watch.
> Apple actually acts as a gatekeeper to the smart watch market when used with their devices
Wrong- they act as a gatekeeper to developers, not to users. If the new Pebble's core product was their app, then all of this would indeed be anticompetitive behavior (see recent European court cases against Apple). But Pebble's product is their watch, and there is nothing saying that Pebble has the right to integrate into another company's product. Apple could choose to do this, but they don't, and that's okay. Consumers can consider these facts when they are buying a phone.
> They didn't create a market in this case. They created a product, which is the Apple Watch.
I think this is the biggest disagreement point between you and the other poster. Whether it constitutes a new market is up for debate, but one can definitely argue that hardware and software that interfaces with iOS devices can be considered a market in and of itself, considering that there are literal billions of iOS devices worldwide.
It would be one thing if iOS was a limited-scope, standalone product. But it's not - a large portion of its value comes from working in conjunction with other, non-Apple software (and to a certain extent, hardware).
Now, in this segment, it's undeniable that Apple has constructed a web of their own solutions over iOS, and consistently gives themselves preferential treatment to ensure that other products have limited, if any, functionality.
This is certainly legal right now, at least in the US. But I don't think it's right or that it serves the consumers' interests. It's very similar to manufacturers of all sorts of physical devices freaking out about third-party repairs, parts, modifications and so on. It even has all the same marketing points about how anything without the explicit megacorp blessing is automatically tainted and unsafe, regardless of what it is.
> But isn't that's the case Pebble is making here?
>> No, the case they are making is that Apple is making things worse for Apple users. They haven't done anything to effect the Android watch experience.
What? Pebble is making the case that Apple is making things worse for Pebble users on iOS devices than for Apple users on iOS devices.
That's the case.
Android Wear is in the same boat as Pebble here.
> They create a market
>> They didn't create a market in this case. They created a product, which is the Apple Watch.
They created a product to sell in the market they already created, because an iOS user is free to buy any competing watch he wants, but Apple sets the rules for those competitors while setting other rules for itself.
> Apple actually acts as a gatekeeper to the smart watch market when used with their devices
>> Wrong- they act as a gatekeeper to developers, not to users.
What's wrong? What users? Thanks for confirming what I wrote.
You agree that Apple acts as a gatekeeper to developers, which means that they control access to the market these developers are trying to reach.
> If the new Pebble's core product was their app, then all of this would indeed be anticompetitive behavior
For a Smart watch, Apple requires that the core product of competitors must involve an App, and Apple is the gatekeeper for that App and thus also the gatekeeper of the competing watch-product.
Their own product requires no dedicated App and can offer features of iOS not accessible to competitors
> It's not like anyone is suing Ford or Dodge for only making accessories that work on their own cars and trucks. It's not like anyone can legitimately complain that Ford is anticompetitive because they aren't making themselves compatible with Dodge oil filters.
You're conflating two different things here.
One is, are their oil filters compatible? That isn't a problem; they can be incompatible. They're often incompatible even with other vehicles from the same manufacturer. Larger engines need larger oil filters etc.
The other is, does the company prohibit compatibility? If a new company wants to make engines but not oil filters, so they make a car engine compatible with existing Ford oil filters, or someone wants to make oil filters for Fords even though they're not Ford, does Ford do anything to inhibit this? In general they do not, and if they did, that very much should be an antitrust violation.
No I'm not conflating things- Ford and Dodge filter incompatibility is almost directly comparable to a software company making API changes to be incompatible or to choose not to offer something they could easily include. And it's not just Ford and Dodge; practically every car maker chooses to make some parts that are proprietary. Oil filters are a particular easy one to compare to software practices.
Ford and Dodge have ranges of similar size engines with similar flow rates in their cars and trucks (treat Ram as if it were Dodge). They both specify the use of filters that follow industry standards like SAE/USCAR-36 and ISO 4548-12. The ONLY reason that you can't swap Ford/Dodge filters between engines with similar filtration requirements is because each company uses a different thread size and filter interface dimensions. Any company could adopt a common standard and simplify the choices at the auto parts store but none of them do, because they all want to exercise some amount of control. The funny part is, they all participate in creating industry standards and they make very little money off the sale of filters. They also make their specifications available to aftermarket filter manufacturers like Wix and Fram. There is no patent protection on a particular thread size or the diameter of a rubber gasket. There is NOTHING stopping Ford and Dodge from unifying the filtration interfaces in their similar sized V-8 truck engines. Why is this part brand specific? You can buy a range of tires that work with either brand as long as you get the right size and durability ratings. You can buy batteries that work with either brand. You can find a whole slew of parts that are standard and interchangeable across brands, but some parts aren't.
This is equivalent to saying, "these two watches both have Bluetooth, a microprocessor, and touch screen, the only reason one watch works with Apple and the other works with Google is because of the software." Apple could open up their software to allow both watches to work with iPhone. But they don't do it. Apple does allow Bluetooth headphones to work fine with iPhones even though they offer the Apple AirPods. So even in the phone market you have analogs to "certain parts can work interchangeably across brands, but these don't." In the automotive world nobody is complaining about anti-trust, so maybe we need to think about whether Apple's actions regarding their watches is actually anti-trust.
> The ONLY reason that you can't swap Ford/Dodge filters between engines with similar filtration requirements is because each company uses a different thread size and filter interface dimensions.
Which is maybe dumb, but it isn't a problem, because of this:
> They also make their specifications available to aftermarket filter manufacturers like Wix and Fram.
Which is the thing Apple isn't doing, and furthermore is doing the opposite and preventing full compatibility with third party watches even if they would reverse engineer the protocol used between the Apple Watch and iPhones. Which is what makes it an antitrust problem in that case but not the other.
Moreover, the argument you're making is that the automakers purposely cause their filters to be incompatible to limit competition. You're essentially arguing that it should be an antitrust violation in that case. Which is a weaker claim because competition in that space isn't being as clearly inhibited -- nobody is claiming that the incompatibility is impacting the quality of third party oil filters -- but if you made the case that it was then you would be condemning Ford rather than vindicating Apple.
> preventing full compatibility with third party watches
What law in any country requires this? Apple is not a public utility and people don't have rights to access.
> the argument you're making is that the automakers purposely cause their filters to be incompatible to limit competition
No I'm not making that argument. I am arguing that incompatibility is there, could be resolved if the companies chose to. The incompatibility persists and is not illegal. It has nothing to do with anticompetitive behavior. Apple being incompatible with third party watches should be the same- the incompatibility could be changed, but it is not illegal. Just because some people wish things were different doesn't make it illegal or immoral.
Any sane antitrust laws require this. Not that they have to provide compatibility, but they cannot inhibit compatibility. But that's what they do.
> Apple is not a public utility and people don't have rights to access.
Your iPhone doesn't belong to Apple and Apple trying to retain ownership control over it after they've sold it is the evil to be prevented.
> I am arguing that incompatibility is there, could be resolved if the companies chose to.
There are two different kinds of incompatibility.
One is, each model of car has its own type of oil filter, which is an inconvenience but then the third party suppliers just produce all the different kinds, and filters with different specs legitimately should have different interfaces and then you're going to have 100 different filter interfaces regardless and it doesn't matter much if you then need 100 SKUs or 250.
The other is, they purposely thwart compatibility by actively inhibiting third party interoperability, even when the third party is willing to support the vendor-specific interface. There is every reason to prohibit the vendor from doing this because there is no legitimate reason to do it, but a strong illegitimate motive for them to do it in order to inhibit competition.
A strong heuristic for telling the difference between these things is, what percent of the ancillary market is controlled by the seller in the primary market? Third parties being excluded in practice strongly implies malfeasance.
> This is an indication that your complaint is not in Apple's behavior, but your regret that the competition sucks and it's not Apple's fault.
No it's not; GP didn't even address this. Competition sucks, and that is Apple's (and Google's) fault.
> Most people choose to buy iPhones knowing that only certain watch options work.
I'm sure that's not true. Most people choose to buy an iPhone because it's an iPhone. No one is going to buy an iPhone because Apple Watch works and Garmin watches don't work (as well).
Certainly some people buy an iPhone because they also want to buy an Apple Watch (which I assume doesn't really work well or at all with Android), but I think that's a minority of purchasers. They by an iPhone because of the iPhone itself.
> It's not like Apple started off letting third party watches work well and then suddenly locked them out (but you could argue from the article that they started off with minor handicaps and have increased the level of handicap over the years).
I feel like your parenthetical refutes any point you were trying to make in the prior sentence. The first part of your sentence is irrelevant. While it does take work to standardize public APIs, it also takes work to lock things down and choose what subset of functions third parties are allowed to access. The fact of crippling third-party smartwatch access is anti-competitive behavior.
This is the same shit we went through in the 90s with Microsoft, but many people here are too young to remember what that was like. MS gave their own apps (Office, IE, etc.) access to private, undocumented Windows APIs that let them provide a better experience than similar third-party apps could provide. The US government and courts decided that was illegal. It should be illegal for Apple to do so as well. (And before you start quoting relative market share numbers between MS in the 90s and Apple now, I don't think that's relevant. You shouldn't need a monopoly in order to be restricted from anti-competitive behavior.)
> But it seems like Google, Samsung, and the other Android players are losing on their own merits.
That's a naive explanation for complex social phenomena. Android doesn't suck. It's fine. Very good even. But it's not enough to be good, or even excellent in today's markets. You need incumbency, lock-in, social capital, and, yes... anti-competitive behavior.
And to be clear, Android manufacturers are not losing. In most places outside the US, Android is the dominant operating system.
But! This isn't about Android winning or losing. It's not about Android at all. It's about companies like Pebble and Garmin being hobbled in the iOS smartwatch market because of Apple's anti-competitive practices. Android is irrelevant to this.
Yes they did, when they said they were amazed that Apple dodged anti-trust lawsuits. I said that from the rest of their post it seemed like they acknowledged that competition existed, they just didn't want to use Android options. The legitimate anti-trust example they gave (LTT/Floatplane) is from an app developer perspective (not a smart phone and watch buyer), which is why I talked about that.
> I'm sure that's not true. Most people choose to buy an iPhone because it's an iPhone. No one is going to buy an iPhone because Apple Watch works and Garmin watches don't work (as well).
I didn't say that people buy iPhones because other watch brands don't work well, I said that they buy iPhones knowing that the other watch brands didn't work, and it still doesn't deter them. But they had the information available when they made their choice.
> I feel like your parenthetical refutes any point you were trying to make in the prior sentence.
No, I said it's not like they totally changed course from being welcoming to other brands to locking them out. They were always hostile to other smartwatch makers, but I acknowledged that the article mentions that they may have gotten more hostile in recent years. Acknowledging that their hostility may exist on a spectrum doesn't refute the point that they've always been hostile to other smartwatch brands. I love that in your next paragraph you include a parenthetical that could refute your own argument though- market share is absolutely relevant. Nobody is going to bother suing a small fry over anti-competitive behavior with 0.01% market share in a healthy competitive market- the market takes care of that issue on its own.
> Android doesn't suck. It's fine. Very good even. ... It's not about Android at all
This article is partly about Android since "Apple is being restrictive" is in comparison to features that the Android API offers. They are saying that they are going to make an Apple app for the Pebble but it is not going to be as good as the Android experience.
As someone who has a garmin watch and switched from android to iOS I can tell you it's exactly as crippled as the article spells out.
So if anything garmin has a healthy smartwatch business in spite of apple trying their hardest to choke competition.
Long time Garmin watch user here and Garmins are also HORRIBLY crippled on iOS. Can I respond to a text message? No. I can clear the notification, but that is it. Apple Watch has far greater abilities than any other smart watch. That is the issue.
My wife (iPhone user) has a Garmin watch that a friend of ours (Android user) recommended. The friend's experience is much much better, with many more features that work. Apple is definitely intentionally crippling the third-party smartwatch experience.
MS had a much larger market share than Apple does in any product category. They were something like 95% or more of the PC OS market. Apple has, in the US, around 50% of the smartphone market and around 15% of the PC market.
MS also did a lot to curtail competition that Apple hasn't even come close to. Like how they crippled BeOS by threatening OEMs with higher Windows licensing costs (as a low-margin business this would have pushed any OEM prices too high to remain competitive).
You don't see how you can be a monopoly with nearly 2/3 market share and 2.5x market size of your next-largest competitor? You must not be very imaginative
Apple has less than 100% market share for phones. Apps and phone accessories are not phones, they're separate products made by separate entities.
If Apple phones and Android phones were compatible then the apps would be addressing the same market. For example, phones from Samsung and phones from Xiaomi both run the same apps, so they're in the same market. However, phones from Apple and phones from Samsung do not run the same apps. They're different markets. And Apple has a monopoly on the former.
With as much functionality as there is on an Apple Watch I can see how that would be huge endeavor to accomplish while maintaining the tight security and privacy model.
I think the devil is in the details of how iOS and watchOS interact. Instead of sending and receiving texts from iOS, watchOS is running messages and only sharing data. I imagine this pattern works a large amount of the time in Apple's benefit. They make a notification API available for anyone to use, they just choose not to do it. They also make it so the watch can use the phone's data, and this they do use, but also it can use WiFi or Cellular on its own.
100% agree with those statements. It would be nice to have a more robust API and this more options but unless forced to I don’t see Apple doing that and honestly rightly so.
So maybe we should look at our definition of computer in this context. As almost everything contains software programmable controllers these days, that cannot be the definition.
It's equally disingenuous to compare them to "general purpose computers" too, in that case. A primary computing device doesn't have to be a "general purpose computer".
This profile is compatible with iPhone 5s and later.
Message Access Profile allows devices to exchange messages. It's used to receive incoming message notifications on connected vehicles. iOS and iPadOS support these MAP functions on connected vehicles:
- Receive incoming message notifications
- Reply to incoming messages
- Compose new messages
- Browse message inbox
- Mark messages as read"
The documentation talks about "connected vehicles", but can totally be implemented by any Bluetooth accessory.
If you can produce a working proof of concept for sending sms or iMessages from a third party Bluetooth device with MAP on current iOS, I’ll follow you anywhere captain.
Feels like we’re getting all the downsides of Jobs’ Apple without the upsides.
They aren’t innovating inside the walled garden anymore.
Privacy is a real issue and Tim Cook deserves credit for his stance, but if apple gave devs good apis security and privacy could actually be enhanced throughout the ecosystem.
Some of the things mentioned in the post seem to work just fine with Garmin watches. Maybe because Garmin is just bigger they have the resources to implement some of the things (like third party devs publishing various watch apps and faces that are in the Garmin store). Same with notifications, yes, you can't do actions from notifications, but I have notifications "hidden" or whatever that feature is if the phone is locked and they show up just fine on my Forerunner.
Replying to text messages on Garmin watches doesn't work with iPhones. It works fine with Android. But Apple has restricted that messaging functionality to only their own watch in a monopolistic and consumer hostile move.
The notification feature that I miss most from Android+Garmin on iOS+Garmin is the ability filter what apps notifications can go to my watch. Its apparently possible, as Coros seems to have done it.
But after hearing repebble's complaints about not being able to do things that Garmin can do, I almost wonder if different vendors may be given different private api exceptions or something (just guessing, not an ios dev).
The whole iOS extension mechanism should be illegal. It's such a clear advantage to apple's own apps, i don't understand how nobody has every sued Apple about it.
I read Darwin recently and he talks about how weak insects will use deception methods to compensate for their lack of strength and it reminded me of Apple.
They arent the best, they are never 1st, they are 2nd or third or beyond.
Instead they found niches in marketing. Read the word "Security" or "Privacy" in white and black text in their commercials, no actual claims on either. Just the words. They have stylish products with their celebrities, dancing people, and blue bubbles. None add to the strength to the product. In the LLM world, they've tricked people into thinking 'unified RAM' and integrated video cards are equivalent to an Nvidia GPU.
Specifically on topic, iPhones seemed to always under perform in features. This is yet another example.
Their track record makes it obvious, but most consumers won't notice. That is why the deception works. I used to be an Android Zealot who preached the immorality of Apple, but I genuinely stopped caring that other people were making mistakes and Apple was exploiting them. If anything, I take notes personally how to be more like Apple, save my strength and get positive outcomes.
I degoogled my life out of principle—that one was about privacy. I feel strongly about this one too (in fact I just migrated from kindle to kobo for similar reasons), but where else is there to go? Some rooted android phone with Google play services disabled, where lots of apps aren't available and it's a struggle to get everything to work? (Genuine question!)
I ran rooted android phones for a long time, but have for the past few years been on GrapheneOS, which doesn't require Google Play, but allows you to use it while sandboxing it (so, harm reduction), and it's much less of a struggle now than it used to be.
The catch is that, at least currently, GrapheneOS only works on (Google) Pixel phones.
[On Kobos:— I agree on Kobo vs Kindle, and like Kobos a lot: but partially because I don't actually have to use Kobo's software if I don't want to. (See KOReader[0] and NickelMenu[1].)
My Kindle Paperwhite 5th gen is rooted and runs KOReader.
It's not a great solution - you still have very little freedom, Amazon frequently patches root methods - and you might be waiting months for someone to find a working root method, and if you accidentally update - bye bye, root/KOReader.
Yeah, I think KOReader started out for Kindle first, and then added Kobo (and then other things - works on Android for one, and KOReader is typically what I use if I'm reading on my phone too). I just went with Kobos from the start because it seemed like there were fewer problems with Kobos w.r.t. getting locked in/out of things than with Kindles, though Kobos are harder to get hold of (outside of Canada, I suppose) than Kindles.
I'm still recommending Apple to family members (less support needed from me, and I can always say I have Android and can't use apple so I can't help). But you have to go all in. If you want non apple stuff, just use something else. And if you can use Linux etc., why are you using Apple? Other then being lazy, which is totally ok.
I am saying folks who use Linux do not know how to utilize their time well. It’s tongue in cheek at the commentary to the GP but hope that makes more sense to you.
People say this about Linux but it’s not been my experience. Granted I’m 10 years deep now, but everything just works always and is exactly how I like it. Even basic things like menus changing doesn’t happen on Debian. I’m good to go.
Windows? Provided it doesn’t shit the bed, which it often does, things change randomly for no reason and beyond your control. One day you boot up and boom - the UI for x, y, z is different. And there goes 10 hours spread over the next month while you relearn.
It happens that lots of people who use Linux like to mess around with things, and, from a certain perspective, that's a waste of time. (But can be enjoyable.)
But it's perfectly possible to just use Linux and not muck around. Or, at least, to spend less time unwillingly mucking around than one would elsewhere.
(E.g., EndeavourOS, which is, perhaps unexpectedly/ironically, more or less just Arch with a nice installer and a welcome screen, is one of the easiest OSes to deal with. [Maybe not completely unexpectedly, SteamOS is also a customised Arch.] It's not the exciting distro, or the one I'm most likely to talk a lot about; but see the first point.)
Stop taking things so seriously and understand my comment was playful as I already indicated. It was more of a jab at usage of lazy but not in critical way.
Don’t be so critical over a tongue in cheek comment and don’t be so defensive over your choice of inferior products.
It's not OK. This collective laziness and convenience is our number one enemy. People don't want to be responsible, they want some corporation to manage everything so they don't have to think about stuff.
We need more people to take responsibility and use Linux and free software and hardware. Owning the computing system means being responsible for it, and we need to get people to accept that responsibility. The less of us there are, the more business and financial sense it makes for them to just straight up ignore us as some irrelevant vocal minority.
We should all own our computers, and there should be so many of us that they have to suck it up because not doing so means they take a big hit to their profits.
What are you seeing in the world that would led you to think the average Joe can use Linux without someone like us supporting them? Maybe not day to day but they are absolutely going to run into pain points like “Netflix is low quality” or “I need to install this windows app for this new gizmo I bought”.
It’s a fantasy world that Linux desktop is good enough for most people, it just is. I love Linux and use it on all my servers but come on.
It doesn't matter if it's "good enough". These are our systems, they're the only things that are truly ours. The alternative is to become serfs in a trillion dollar corporation's digital fiefdom.
My sincere wish is for "average Joes" to stop being so average. I want them to start taking responsibility for their systems so that we can all enjoy the freedom that brings. Freedom to own the computers and do whatever we want with them, not just what the corporations allow us to do.
If they keep choosing the convenient fiefdom, it's going to destroy everything the word "hacker" ever stood for.
What people aren't generally used to doing is installing OSes. Any OS. Using OSes... Windows 11 is far more complicated, finicky than plenty of Linux installs. (People get caught up in the "you're not holding it right" for Windows/Mac issues.)
> Maybe not day to day but they are absolutely going to run into pain points like “Netflix is low quality” or “I need to install this windows app for this new gizmo I bought”.
The average Joe also faces pain points on Windows.
It’s not a fantasy, we were there at some point and we deliberately moved from it.
When Unix was the norm, everyday employees knew how to navigate a shell. In highschool I had a friend working at the bank. You know what she did all day? Ran SQL queries to make reports. No degree. She wasn’t a programmer. She was a financial analyst.
Now we have people constructing database systems in an excel workbook on a share drive somewhere, but even that’s fading. Now we have people creating systems in Discord and spending 20 hours a week moving data from point A to point B. Tasks that someone 20 years ago could trivially automate. They don’t know how anymore.
We have lawyers paying 20 paralegals to maintain and consolidate a document shared between 10 parties with 50 revisions floating around. We’ve had version control for decades. They refuse to learn. They would rather spend the enormous amounts of man hours doing what is essentially manual labor.
It’s clear that computers are a huge part of our lives. You can learn to use them or you can burn hours - but you can’t opt out.
I mean, Jesus Christ kids these days don’t know what a directory is. We had a short window of computer literate everyday people and then poof! Gone! But the need for computers is still here. And we can’t quite talk to them and tell them what to do yet.
One of the many reasons I have been exiting out of the Apple ecosystem.
They are so damn hostile to any third party integration, reserve apis for first party usage, and give middle finger to developers with their abusive fee structure (Apple takes a 30% cut …).
Only thing left is for my devices to age out (I am in deep with phone, watch, mbp, mba, and even Mac Studio M1 “ultra”)
My current iPhone 12 mini was my first iPhone. Before they it was a OnePlus3, before that a Lumia 800. I tasted it all. I think it’s back to Android after this, specifically a GrapheneOS Pixel. It’s the sweet spot for the modern hacker. And I’m gonna have a great Pebble experience or some other cool watch via GadgetBridge.
Not too long ago it was revealed that Apple's supposedly secure protocol for their Airpods entirely relied on plaintext keys locked to the hardware. Based on the quality of their software products, I am not surprised.
The Apple razor: "Never attribute to security that which can be adequately be explained by incompetence."
I feel like Eric's full-time mission has become fighting Apple's propriety bend. His last company, Beeper, was basically also built on reverse engineering Apple's system very much against its will.
The technical illiteracy of comments defending apple here with remarks about spam is staggering for hn.
Ble is a type of network communication that is only used for short distances, in order to save energy. We’re talking about a few meters, here.
The goal of the feature would be for people to pair their device with their iphone, something which users can do explicitly, ensuring that only their device works with their iphone.
Pairing an iphone with a third party device is already something that apple does, for instance in the case of personal hotspot.
As a side note: Phone Link on Windows does allow replying to texts/iMessages on a connected iPhone. However, group messages are not handled properly, and message history from before the connection started isn't available. I believe it's available on an API that is only available on an older version of Bluetooth that is not low-energy. It can also sync contacts and do phone calls.
Over BLE, it is possible to receive and delete notifications, as well as view and control media playback/volume/metadata.
I like Apple. But this is exactly why regulation is needed. I often meet people (including knowledgeable engineers etc) who think companies will do the best thing. Just like Flint did the best thing by poisoning their own people. Apple is a for profit company, and it will debilitate any 3rd party device. That is because by killing its market, profit is to be made by buying it for cheap. It's that simple folks. The end user can go and screw themselves, as far as they are concerned.
iOS wearable integrations are bad, but somehow Meta Ray-Bans are very good. Voice assist to start a call, send a text, read a notification, etc. Did Meta get special access to do this?
Often this is via special entitlements [0]. Published APIs, which you're only allowed to use if Apple approve your request.
Apple typically don't publish the criteria for when they approve entitlements, so it's almost impossible to get approved. You need to be a big company with contacts inside Apple.
Meta, Google etc. will all have negotiated a bunch of these entitlements for their own apps. But smaller companies are totally shut out.
We have seen competitors (big, well-known apps) do things on iOS that most definitely are not possible with public APIs. Either Apple willingfully provides access to these APIs to a select few companies, or they don't care that they reverse-engineer private APIs and then use them. If it's the latter, the competitor app was probably too big to be banned from the app store for this.
Apple was unwilling to comment on the situation when we asked them.
For voice integration, you can just provide a bluetooth microphone on you device and have it access Siri. Garmin have tried the same strategy on some of their watches.
What you can't do is reply to a text without using voice, which is what I'd like.
>For voice integration, you can just provide a bluetooth microphone on you device and have it access Siri. Garmin have tried the same strategy on some of their watches.
If your watch does not support Bluetooth Classic with the headset profile then you can't pretend to be a mic. So watches with Bluetooth LE only can not utilize Siri.
I've still had some settings thrashing with my raybans - sometimes they will refuse to read messages and ask me over and over to enable a setting, which is already enabled. Seems more likely to be an Apple issue than Meta given it has roughly coincided with iOS upgrades.
> It’s impossible for a 3rd party smartwatch to send text messages, or perform actions on notifications (like dismissing, muting, replying) and many, many other things.
Unless I'm crazy, I think I've used my Meta Ray-Bans to do all of these things at some point. So is this a watch only limitation that Meta was able to avoid?
It might be because Meta iOS app is handling some of that handoff and its not possible to do these action purely via the BT api? It seems like in the end they recognize if that had an iOS app they could accomplish some of their wishlist items. However, there are other valid critiques here.
Seems to be correct, according to [0] the user needs to link the Meta View app with WhatsApp, not sure if the link is then made on the cloud or on the local device...:
"Use the Meta View app to connect Ray-Ban Stories and Ray-Ban Meta smart glasses to WhatsApp on your phone."
That sounds like FB Messenger and WhatsApp. I'm guessing they do some server side workaround that wouldn't work for regular text messages or Apple-y messages.
Good to point out the anti-competitive practices by Apple, but some of the complaints are a bit far-fetched and do not really help the point the author is making, and/or they do not seem to match my experience with wearables.
For instance, I understand Pebble is targeted to hackers, but how is lack of sideloading such a big pain point? How come my Fitbit (that I absolutely long to exchange for a new Pebble when its time comes) _can_ display my Whatsapp notifications even without full lockscreen previews?
Also:
> As an aside, back at Pebble, we went to crazy lengths to find a way to let Pebble users to send text messages from Pebble.
Why would you... Do that? No 3rd party can do that: you are on a level playing field. A kludge like the one described is not going to give you an edge over the competition. And it is exactly the kind of kludge that may rub App Store reviewers the wrong way. Much pain, no gain. Just invest your limited resources on making Pebble the best 3rd-party watch on the market, and pray/lobby for Apple to open up its APIs.
This is pretty much the hallmark of antitrust/monopolistic behavior - apple watch (and airpods) are a significant contribution to Apple's bottom line - by restricting these functions under the guise of security or optimization, and offering them only via privileged abi, and by controlling a sizeable share of the smartphone market, they can effectively kill and stifle competition - even to devices that aren't under Apple's control which is a key case to understanding why this behavior is harmful. If Pebble can't make a functional product work for 40% of their addressable market, it may make their business model impossible.
It's impossible to argue that this isn't intentional and to make the case that this isn't impacting competition, innovation and consumer choice here.
Hopefully someone takes Apple to task over this. If it can be done on Android without jeopardizing the security or optimizations of the phone - it can be done on iOS.
"side loading" in the EU still requires you to have your app reviewed and notarized by apple, which means you can't call private APIs.
You also still need to pay $100/year developer fee for your app to continue to be side-loadable (otherwise they revoke the notarization), and need to pay the €0.50 "core technology fee" per side-load to apple after a free allowance of side-loads.
I doubt it's going to help pebble since they'll have to pay more for users to side-load the app than to install it from the app store.
I feel sorry for Apple users who advocate for a more open ecosystem as they are always met with outright hostility and told they should stop using Apple. As if you don't deserve to use Apple hardware if you don't agree with everything that Apple does.
Ironically, I’ve read through many of the top comments and although there are many different opinions, I hadn’t seen any that came across as hostile until I read your comment.
Apple: “It seems letting other watch devices have access to all the capabilities the Apple Watch has will commodize it. But it will make them happy. Let’s do it anyways, our shareholder shouldn’t mind us allowing our watch to get cannabalized”.
Security arguments aside (apple has infinite money, they can solve any problem that they want to and they regularly solve harder technical problems than this when it's financially prudent for them to do so), this is hugely anti-competitive.
My wife loves her Garmin as it's just a better sports watch than an Apple Watch, no matter what Apple say, but the integration with the iPhone is poor.
It's about time Apple opened up integration with 3rd party watches. They could still vet it with human-reviewed capabilities, the same as they do with Tap to Pay with iPhone and Family Sharing APIs, but they choose not to.
I can't help but feel echoes of the 2015-era Pebble trying to compete with the Apple Watch, and the lessons learned from that. I have an Apple Watch, I've been wearing one for ten years at this point. All I use it for is notifications, time, weather, and music control. I'm more than happy to buy a tinker-friendly smartwatch that does just that, and I don't think I'm alone. I hope these guys don't kill themselves trying to feature-match, and just lean into the inherent advantages of their platform.
Adding a comment in support. This seems like a really cool product and it sucks that Apple is gatekeeping features they use in their own crappy watch that needs to be charged all the time...
Apple is simply continuing to do what Apple does best - building strong products and protecting their ecosystem.
Does that mean some vendors will be treated unfairly? Of course.
Does it mean Apple users will remain happy? Absolutely.
If there is one OS that is anti-tinkering by design it is iOS, and yet people keep criticizing this intentional design decision that forms a large part of Apple’s moat.
Clearly not ALL users are happy because users of non-Apple watches are unhappy that their watch can do things with Android it's not allowed to do on iOS.
It's not reasonable to make a blanket absolutist statement like that.
I wonder how much of this is policy, and how much is actually a technical limitation.
For example, could you build an app that would not pass app store review, that would be able to send SMS or manipulate notifications? If so you could just "install" it yourself with Xcode.
They don't even offer the same support with BT headphones as their AirPods. Why on earth would they support something that could be a threat to their watches?
What type of company do you people think Apple is, one that pleases hackers at the expense of their competition?
My Garmin Fenix 6 refused to stay connected to my iPhone without deleting the bluetooth device and re-adding it, until I enabled location services for Garmin Connect to Always Allow. This contradicts documentation but is the only way I could get it to work.
Yet Apple is fine letting users browse Safari with an unfiltered internet. If their APIs can't facilitate safe permissions for user data, maybe they need to re-configure their security model to look more like the Mac. UNIX solved this decades ago.
Apple supports content-blockers for Safari. They have since 2015.
Would it have been better if they did it sooner? Sure! But the iPhone has currently had officially supported content-blocking for longer than it lacked it.
I wasn't aware safari allowed unfettered access to my phone and provided that to completely untrustworthy web apps and javascript. You have a source for this information? Would love to read more.
I wasn't aware that Apple could design a privacy model that doesn't depend on their direct curation. If Safari, iMessage and YouTube are acceptable services, why is an alternative App Store not?
Bluetooth does not inspire trust, but neither does Apple closed source software; iMessage has failed pretty badly for me, in that it I can’t send a SMS to a previously registered with iMessage phone number.
I guess I don't see why Pebble, or any smart watch, should need a phone at all. The watch should be able to connect to wifi and/or cellular by itself. We should be able to run full apps on the watch itself.
Battery life. Radios are energy-intensive, and the processing required to run "full apps" is also often pretty steep. In the meantime, while battery chemistries are getting better space is very much at a premium on one's wrist.
From the other recently-posted article, the new Pebble watches are targeting 30-day battery lives between charges. That would be unthinkable for a watch that manages its own wifi/cellular connections.
I had a pebble and the limitations of the device drove me insane. I don't care if my smart watch has 30 days of battery, I care about what it does and that I can do the things I want to do on it. The Apple watch has wifi and celluar and I can do tons of things on it without my phone around. Many of the apps I use have essentially full apps on device which allows me a lot more freedom from my phone and flexibility with my watch.
One, adding hardware to connect to WiFi and cellular increases size and power requirements. Notably, the new Pebble 's battery is projected to last 30 days.
Two, people use phones. They want their watch to work with their phone instead of around it.
WiFi and Cellular are avialble on the smallest of apple watches. I don't care if my smartwatch can go 30 days between a charge, none of that matters if it can't do what I want it to do. I had a pebble back in the day and I thought it was useless as it was such a limited device and it sounds like they want to replicate that experience. I'm happy the people that want such a device are getting it, but I don't get the appeal and want a device that can do thing.
I wish Apple just made a dumb watch with really good battery life (a week+) and health tracking. I don't really use any "smart" functions in my watch anyway, and I find notifications annoying.
Apple's approach to 3rd-party smartwatches feels like watching someone build a beautiful bridge and then pulling up the drawbridge so no one else can cross
I empathize with both Pebble and Apple here. We all understand the issue from Pebble's point of view. For Apple though, security will be lost by allowing one bad actor. To allow an external watch they need to set up a full org for interoperability. Every app/service on the phone or for that matter anywhere in their ecosystem must be designed and potentially reimplemented to allow for outside interaction. That puts a whole new spin on security and privacy requirements. Yeah regulation is one way to force them to prioritize, but outside of that I cannot see them supporting these.
The author of this article was also the CEO of Beeper. They did just that and released an iMessage client for Android in December 2023. Apple proceeded to ban users of that client, launched a smear campaign against the company and implemented countermeasures until Beeper gave up on the whole endeavour.
Apple has lots of options at their disposal to frustrate any attempts to reverse engineer their APIs, and have shown they're willing to go above and beyond in defending their walled garden. If all else fails, every Apple device newer than 2018 has a secure enclave and verified boot, so they could just enforce an encrypted channel between the enclave - which will be able to attest that the device is running latest iOS or macOS with all DRM measures enabled - and iMessage servers. The only reason they don't do that already is the number of users on older devices, but that number gets lower and lower each year.
This sounds noncompetitive, and bad, but can I just say I don't see the appeal of these watches? I much prefer a simple casio.
I got around Europe with a CA-53W. I did currency conversion, and had an alarm so I didn't have to leave my phone unattended in a 10 bed hostel.
I find my mind is clearer not using these things, not constantly bombarded with pings, and instead mindfully checking the phone occasionally to see if I missed any texts.
Can anybody explain to me in simple terms the argument about opening the floodgates for spam on iMessage if Apple would lower their restrictions? I just don't get it. If true, wouldn't this mean that every other messenger app with fewer restrictions or even alternative clients would have a massive spam problem? Anecdotally, I can't really confirm that.
Start with the conclusion that Apple's actions are necessary and morally good, find a reasonable-sounding but ultimately weak technical explanation and confidently present it as the only solution, then fearmonger less technical users into accepting the preconceived solution with all of its drawbacks using anecdotes and hyperbole.
Lastly, ignore or dismiss any evidence that invalidates your preconceived conclusions, like the fact that these "floodgates" have always been open [1] and yet people credit non-existent floodgates for solving the spam problem.
Anecdotally, the amount of spam I receive across Signal and Telegram is zero, and SMS is very close to 0, maybe one SMS every few weeks.
I completely get the point, and it's a shame. Apple is bad because it doesn't clearly announce this kind of limitation for third-party hardware and software before selling their phones. And I don't think Pebble or Garmin will either. Why not just limit your market to a platform that fits well? That would be the fairest solution for a customer.
This makes sense for large-scale deployments where cost control is paramount, but I wonder how it holds up in environments with unpredictable traffic patterns. Have you found any practical workarounds for the lag introduced by dynamic scaling? In my experience, the trade-off between cost efficiency and real-time performance isn’t always worth it.
it’s funny that i actually want a pebble with fewer features than the apple watch. i got an oura and haven’t been wearing one in forever… and i actually just miss the watch part. 30 day battery life is amazing.
between the restrictions, apple dropping the ball on AI, and Gemini slowly improving, the idea of Google significantly leapfrogging Apple in end-user experience is not that unfathomable any more.
Edit: wait, is this this imessage thing about coloring messages by transport method? I never used/saw it so didn't immediately recognise what you meant, if this is what you meant
I genuinely don't see a reason to use apple products, particularly professionally, other than developing slop for Apple consumers
Their absolute lockdown nature simply makes them inferior devices, and sorry but, any excuse for non-free general purpose computers and (esp.)phones is seriously asinine.
Hopefully, AI generation will get to a point where people can very easily generate a strong (secure) open-source competitor to iOS with equally good UX and ease of use.
I don't think this is true. Apple could drop smart watch support entirely and I still wouldn't use an Android phone. I personally find the user experience infinitely better on iOS than on Android, and Apple would have to drop the ball very bad to get me to switch.
(Note: This isn't because Apple is without faults. iOS and macOS are both a mess right now, and iPadOS is even worse. I just think that Android is worse than that, and I know many, many Apple users are in the same boat)
Same. I actually like that Apple locks down everything to their own devices, in general, because I believe (from my limited knowledge; I am no insider) it's more secure. Perhaps not, but I trust Apple to release products that are fairly secure, and update them for several years. Whereas with Android, I'd have to trust the phone manufacturer, Google (ewww), and all of the companies that have bloatware installed by default. I do wish there were more 3rd party integrations for those who want them (without sacrificing security), but as for me I am perfectly happy giving Apple my money to get good hardware and decent software that works together well (way better integration than anything in the Android/Linux/Windows world).
Similarly if Apple opened up every API and allowed every smart watch to do whatever it wanted, I'd still prefer an Apple Watch. I tried using a Garmin and "not being able to send an sms" isn't even on the list of things I disliked about it. Ugly clunky interface, pogo pin charging, a companion app that at times wouldn't look out of place on a Windows CE smartphone circa 2006, etc.
I don't like that it's made by an advertising company, like the other commenter said. But more than that it's that it's wildly unpolished and inconsistent.
OEMs and carriers shove in their own apps (Samsung is especially bad about this: I don't want two apps for photos, and files, and messages, and calling, and browsing, etc etc). You can (sometimes) disable or uninstall them, but they can pop up again after updates, and I don't want to have to clean up my device just to use it.
And visually, apps look and feel radically different, all over the place. There are apps that still look like they're running on Jelly Bean, apps that use modern material designs, apps that roll their own UI, and web apps in wrappers. Every new app I have to learn how to use it. This is an occasional problem on iOS, but it's very rare compared to my experience with it on Android.
GGP mentions "user experience" being "infinitely better". I don't think Android being made by an advertising company has much if anything to do with it.
I also don't see iOS and Android having much of a usability gap. At this point, they have very similar feature sets, and the UX is fairly well-polished, even on Android -- where yes, it took them a lot longer to get there. For the most part, if you think that either platform has bad UX, it's probably just because you've used the other one for so long, and you're used to it. (I don't think iPhone usability is bad, but on the rare occasion I do something on my wife's iPhone, I find it frustrating because it just works differently than my Android phone.)
At this point I think most (US; can't speak for other countries) iPhone users are there mainly because they've always been there, and there's fairly strong lock-in and switching costs. And iPhones are still something of a status symbol, not to mention unnecessary Apple-created problems like the "blue bubble envy" nonsense.
shocker huh? After owning a few iPhones since 2007, I used and developed for Android for years after release in 2010. I despise it. I switched BACK to iPhone and fully embraced the ecosystem years ago (macOS, iOS, ipadOS) and haven't regretted one second of it. I AM an apple fan boy. Why? because i love using my devices and working within this ecosystem a hundred times more than any other options available. The anti-Apple cult is obnoxious. Just don't use them if you don't like them.
I am of course, but at least they have revenues not tied to spying. I'm not a corporate fanboy so all of this stuff disappoints me, just not going to make the perfect the enemy of the good
No, because it's much lower friction to "just" give up and buy an Apple Watch (or just do without), even if you don't like it and think that the features or design a third-party watch are better for you. Or at least could be better, if not for Apple's anti-competitive practices.
The problem is that people don't really have choice. Both iOS and Android have positives and negatives, and often those positives and negatives are not the same. Choosing one or the other is going to have you missing some positives you want, and taking on some negatives that bug you.
If this was just the nature of how things have to be, I'd be more sympathetic. But the real reason it's this way is due to anti-competitive behavior on the part of Apple. There are no technical limitations; it's just their business model to restrict what people can do with the device they've bought. There are certainly some valid security reasons for doing this in some cases, but most of it is just to protect their revenue streams.
You couldn't pay me to go back to Android, having used Android from 2009-2020. Apple Watch is fantastic, I'm a little sad that they don't provide better integration capabilities to external devices. I can only assume that's another anti-competitive lawsuit brewing.
Sure it is. Both Apple and Google, through various tactics, have ensured that it's virtually impossible for a third smartphone OS to be successful to anywhere near the level they have been.
Android is fine. It has some downsides vs. iOS, and some advantages. But that isn't the point. The point is that to make a new smartphone OS (or even one that's based on Android, but is independent of the Google ecosystem) that can do everything Android and iOS can do is an undertaking that few would even bother to take on. That's not due to technical challenges, it's due to market barriers that Apple and Google have erected. (IMO, the sorts of things that we as citizens in a healthy society should not allow corporations to do.)
And those that (sorta?) do try to make a competing OS, like LineageOS, GrapheneOS, CalyxOS, etc., end up with far less-capable phones than a Google-blessed Android phone. (And when most/all of those capabilities are present, it's through brittle hacks and compromises that basically turn the phone into an imitation of the Google-blessed phone, with many of the downsides intact.)
Put another way, it's not Apple's or Google's responsibility to make things more competitive, but it is their responsibility to not make things anti competitive, and it is their fault when alternatives don't exist because of their anti-competitive behavior.
Isn't this ignoring the lock-in factor? Leaving Apple is probably more than just switching a single piece of hardware for many users. The entire Apple ecosystem encourages "buying in".
As a few examples
* (almost all) bought apps don't transfer
* bought media (music, etc) and how that integrates into the software
* icloud and other account services
* replacing your phone + laptop + watch + IOT devices which may all be in the apple ecosystem.
So one can easily see how folks who have bought in are willing to put up with user-hostile actions.
Of course, Apple is not the only company that uses integration as a way to retain customers. However, from personal experience, I feel Android is a bit more open (at the cost of a more fractured experience). I can definitely understand the pros of not having to deal with carrier installed garbage when purchasing a device.
And this is exactly the problem. Apple presents many of their users with bad choices: either buy an Apple Watch and suffer from its downsides, or switch to Android, and suffer in other ways. Or stick with the iPhone, buy a third-party smartwatch, and suffer from and unnecessarily-crippled user experience.
There's no technical reason it needs to be this way. Apple just prefers to be anti-competitive and increase their profits, than to give their users the as-close-to-ideal experience they want.
Generally speaking I agree and accept everything here, except the idea that 40% of the respondents "still" use an iPhone: I switched to one, because Android is absolutely atrocious for privacy and security, and running a hacked up custom OS is no longer something I have spoons for.
I long for a better alternative, but until then, yeah, here I am accepting my current PineTime is... a little bit worse, until Tim Sweeney manages to bust up Tim Cook's little garden.
> we have to publish the app on the iPhone appstore. Every update comes with the risk that a random app reviewer could make up some BS excuse and block the update.
uhhh and if there wasn't any reviewing, every update would come with a risk of malware to the users.
App Store reviews does not reduce malware - things slip through Apple's review process all the time. The iOS security features such as the sandbox is what makes iOS safe to run third party apps.
Yes, but that opposing argument could be made, and it's better to have some gate than none, even if it allows everything by default. For example, apps that are found to be malicious could be revoked later.
“ You can’t easily side load apps onto an iPhone. That means we have to publish the app on the iPhone appstore. This is a gigantic pain because Apple. Every update comes with the risk that a random app reviewer could make up some BS excuse and block the update”
Another company that would like Apple to not expose functionality to their first-party ecosystem and refuse to expose it to third parties even with user consent.
If the functionality isn't available to anyone, fine, so be it. If the functionality exists on the Apple Watch, it should be done through an API.
Surprised there are professional developers who seem to be clueless about the vast difference in the cost of developing 3p API versus internal only functions. The basic difference between public and private has been captured in language design for decades now.
I'm well aware of the cost difference, but the cost of internal-only functions is potentially measured in antitrust actions.
Microsoft, post-antitrust action, made a very careful point of ensuring new functionality in first-party products like Office only used things that had public APIs.
Yeah it does seem like antitrust is the wedge employed by 3rd parties who would like Apple to do free R&D for them, most ironically by Spotify which holds are arguable monopoly on music streaming.
I’m glad that antitrust enabled a rich ecosystem of Microsoft Office alternatives and competitors.
Apple certainly doesn't have to do free R&D for third parties. They could, instead, not ship features that work exclusively with other Apple products. Or, hey, there's also the other valid option of "don't be the exclusive gatekeeper of the platform", they're welcome to take that one too.
When Apple goes up against governments over encryption, I'll cheer them on with everyone else. When Apple is engaging in https://en.wikipedia.org/wiki/Tying_(commerce) , I have zero sympathy for them.
You are at least an honest critic here in that you admit you'd rather Apple not build great features for its own customers if that means some hypothetical future company isn't allowed to hypothetically build its own version if Apple made some or all of its proprietary R&D available for free to this hypothetical competitor.
Most people pretend that all that effort is free and trivial to expose as API.
It’s not API. That’s the whole complaint of the post. Just because it’s implemented internally does not mean it’s ready for framework support. Have you ever built an API before?
Now we're just playing semantic games. There's a big difference between the level of effort that goes into internal API and public API, and clearly the ask here is Apple undertake that effort now and forevermore to support a public API for Pebble to use for free. You can map that distinction pretty easily onto my earlier comments without changing my argument at all.
> he’s going to opine about how Apple is “anti-competitive,” and “evil,”
Complete with obligatory Trump mention.
I haven't owned a Pebble but have long heard how nice they are. That said, this is wrong:
>It’s impossible for a 3rd party smartwatch to send text messages, or perform actions on notifications (like dismissing, muting, replying) and many, many other things.
My Amazfit Balance lets me dismiss iOS notifications. I don't know how Amazfit's Zepp app enables this functionality; all I know is that it works.
Its integration with iOS is not ideal or complete; for example, although I can take and make phone calls with its mic and speaker, I can't talk to Siri through it despite my ancient $20 running headset being able to do so. But Balance's other advantages are more than enough for me to go with it over an Apple Watch.
> Starting with iOS 8.0, the NP can inform the NC of potential
> actions that are associated with iOS notifications. On the
> user’s behalf, the NC can then request the NP to perform an
> action associated with a specific iOS notification.
These API have exited for over a decade and plenty of other wearables use them. Yes there are some limits, but many fewer than the original article implies to create outrage
OP said “ cannot do A or B”. I demonstrated how to do B, proving the original statement to be a lie. The fact that you still cannot do A irrelevant. Hyperbole has no place in technical discourse.
>The NC must neither assume nor try to guess in advance the exact action performed on an iOS Notification, because these actions are based upon information unavailable to it, as well as other factors such as the ANCS version implemented by the NP. The NP guarantees that positive and negative actions are associated with results that do not surprise the user.
So pebble app can’t explicitly say dismiss or mute but has to hope that the phone does that action on a given notification.
Imagine the app says dismiss but the phone‘s real action is just a snooze.
Press X to maybe dismiss doesn’t sound like a great functionality, does it.
> I don’t want to see any tweets or blog posts or complaints or whatever later on about this. I’m publishing this now so you can make an informed decision about whether to buy a new watch or not. If you’re worried about this, the easiest solution is to buy an Android phone.
Agree or disagree with what he's saying, he sounds like a petulant child
It’s likely a priority issue. They have limited software resources but have so many products to support and develop, they will like any company weight what fits their future roadmap and strategy. Saying they purposely hobble watch devs isn’t really true
There's something about the title that irks me the wrong way.
X restricts Y from being awesome.
Apple also restricts me from being awesome because they didn't give me a million dollar.
I get what the message is and I think I agree with Pebble on the iPhone being more closed off, but putting the blame on some outside thing for yourself not being awesome just feels immature.
It's just as easy to turn it around: by developing the iPhone in the first place and getting it in the hands of a lot of people, Apple makes it possible for Pebble to be at least close to awesome.
Sometimes I wonder whether people are willfully ignorant, or just simply trying to pick a fight.
Please read what you wrote yourself, and put yourself in the shoes of someone who might actually be affected. If you cant think of any failure cases ("edge cases", in programming parlance), please read on -
You've essentially reduced every monopolistic tendancies companies exhibit into a positive thing.
- Amazon restricting smaller third-party vendors - according to you, not a problem
- Microsoft ensuring their favored browser (IE) is successful unfairly - according to you, not a problem.
Those are just 2 examples I could think of at the top of my head.
> Apple also restricts me from being awesome because they didn't give me a million dollar.
This is a disingenuous argument. The two are nothing alike. One is about how they artificially limit their platform for their own dominance, and the other is literally just giving away money. One hurts consumers and competitors, the other is a nonsense expectation that no reasonable person has.
That disingenuous argument is an example, of course. I already put that inside my argument. It's the chosen words that irk me. Apple does things, yes. But it not only restricts Pebble, as they make it seem, it restricts everybody.
Whenever I go to this one restaurant, they insist on feeding me the bread that they make. I bring my own dough, but they won't let me into the kitchen to use their equipment. It's a hobbled experience and they are doing it entirely in the name of increased profits. The bread could be awesome! The problem is, I want to eat at this restaurant. They are ruining my bread experience.
This is more like shopping for bread, selecting the bread you want, taking it home, slicing off a piece and being told you can't eat it since it didn't come from the right store.
It's all just software. You can download IPA files onto your iPhone, just not install them without an arbitrary feature-flag enabled.
I've bought a Mac for the first time in my life after 15 or more years on Linux because the hardware is superior than pcs. Software sucks, not sure how people can live with that, especially tech people. I suffer every day poor and weird design decisions. Phone side, I'm an Android user and I've been living with iphone users in the last 10 years, and I must say the software in iphones is getting comparatively worse and worse. I believe avg app (probably developers) quality is a bit higher, but they usually fall behind functionality wise, and you pay well for that small quality gap. Friends who switched to iphone recently are now switching back. I'm not an average user, but I can see how software quality in apple is going down and affecting real users. Even iphone aficionados are starting to notice, which says a lot.
> Software sucks, not sure how people can live with that, especially tech people.
Like, what in particular? I use Macs for both personal and work activities (software eng) and MacOS has been vastly superior to both Ubuntu and Windows I used before.
0 blue screen type of issues, zero hardware incompatibility, zero issues after system updates (looking at you Ubuntu!).
> Some features will appear first on our Android app, and then eventually we’ll add them to the iOS app. This is because the majority of our development team uses Android phones, and generally we’re building things for ourselves, so naturally Android comes first.
Up to that paragraph I sympathized. Sometimes it does feel like Apple doesn’t care one bit about me, an iOS developer. But, as a user, I really don’t care what phones the devs use. I use an iPhone and now I feel like I‘d be a second class citizen because of this paragraph. Not because Apple’s restrictions are unnecessarily bad, but because the devs just care less. I guess I‘d go for an Apple Watch instead.
The US Department of Justice is currently suing Apple for this exact reason [1].
They claim that Apple imposes restrictions on every non-Apple watch. Users then prefer the Apple Watch not because Apple made it better but because Apple made all other watches worse.
If you are frustrated that Pebble takes longer to develop around artificial restrictions, I would direct those frustrations at the company creating the restrictions not at Pebble.
I do not believe average smartwatch users understand what they’d be doing if they got this. I do not believe vendors integrating with such a thing can do it safely, or even that all vendors integrating are good actors.
One reason iMessage is less of a total cesspit than SMS is that the ecosystem is closed, and makes automation difficult. It used to be impossible nearly, and in that era we had almost no iMessage spam. Now it’s difficult, and we have moderate iMessage spam. But adding hooks to make this automation easy, and worse, leave the trust environment as a feature is just wrong.