Even better security would be to allow users into their own devices. This would mean that critical data just wouldn't leave the device via the network.
(letting users into their own devices means the ability to access the entire device, examine what their device is doing, and firewall it if wanted)
1. iMessage without internet would be tricky.
2. You don’t have to backup in iCloud. Just plug your phone on a Mac or Windows computer with iTunes installed and backup it locally.
That's still not access to the data. That's limited access to data that Apple allows. I remember when Tinder stored their messages in a local unencrypted SQLite database. I wanted to save the conversations between my GF and myself, but I had to get an Android phone and extract the db manually as I couldn't do that with my iPhone at the time.
One can argue the iOS approach was more secure, since someone getting hold of your iPhone wouldn’t be able to snoop on your Tinder messages.
On the other hand I appreciate the hackability, and it is your data. If you’re in the EU, maybe you could have made a GDPR request to get the messages in a database.
Ultimately I don’t disagree with this iOS choice because we’re the odd ones; I understand the decision to put the privacy of “regular users” above a niche developer method which could be exploited more than used in a legitimate way.
It feels to me the correct solution in this case is that Tinder’s database should be encrypted on both iOS and Android and they would provide a way to export chats.
> On the other hand I appreciate the hackability, and it is your data.
I really think this is the wrong attitude and the result of boiling frogs. Having access to data on our devices should be a given. To me it makes me think of the non-touch iPods of yesteryear. Music files were obfuscated on the device by shoving into human-unfriendly folders and filenames. The argument that this was to avoid music piracy is laughable since we originally had DRM'd music for downloads. The database was proprietary and undocumented which meant the only real way to get music on the device was through iTunes. It also meant that unless your ID3 tags were really good and you went through the process to copy all the tracks off and rename them, your music was locked to your device.
Even then, at least you _had_ a way of getting your music back. I'm not going to say E2EE isn't good or that the security protocols put into place for modern OS's isn't important, but imo it's eroding ownership of data and killing third party businesses. Everything has to be done through a web API now, which means your data has to exist in the cloud. This isn't good.
> I really think this is the wrong attitude (…). Having access to data on our devices should be a given.
I don’t get your post. You quote a part to disagree with but everything after that agrees with it. I did say you should have access to your data. I did not say you should have DRM, or that your data should exist in the cloud, or that you should have to access it through an API. I also said “feels to me the correct solution in this case is”. In this case where we are discussing personal, private, possibly sensitive conversations. That has nothing to do with downloaded music, purchased or pirated.
> the result of boiling frogs.
That’s a myth¹, but it wouldn’t apply anyway. I don’t agree with Apple’s decision in the case you presented, but I do agree with it in the other instance. It isn’t incongruent to believe you should have access to your data while also believing it should be reasonably protected from snooping bad actors.
¹ From https://en.wikipedia.org/wiki/Boiling_frog: “While some 19th-century experiments suggested that the underlying premise is true if the heating is sufficiently gradual, according to modern biologists the premise is false: changing location is a natural thermoregulation strategy for frogs and other ectotherms, and is necessary for survival in the wild. A frog that is gradually heated will jump out. Furthermore, a frog placed into already boiling water will die immediately, not jump out.”
It‘s ridiculous that I can only backup my (iOS) device to either a computer via USB (what is this, 2005?) or to the cloud.
Just let me use my local Time Machine backup server!
Sadly, I am convinced I'll never see that feature – it would basically remove the need for any iCloud subscription for me and thereby undermine Apple's "service" efforts too much.
Yes, to its local storage only, which makes it completely useless to me. (I have more data on my phone than on my computer, and I can't be the only one.)
> TM doesn’t make much sense without the Finder’s interface.
Why? I can even already connect to the same SMB mount that holds my Mac's backup via my iPhone's "Files" app. Just let me backup to that!
Yes, but I don't want that data on my Mac in the first place. It takes up almost all disk space there, completely needlessly.
(Actually it doesn't – I symlinked the backup directory to an external drive, and fortunately ~iTunes~ Finder follows that. But this is something completely unrealistic to ask of an average user, in my opinion.)
True. My situation is probably different: I've got a fairly large disk (1TB), and a tiny phone (16GB). I guess they prefer to sell iCloud subscriptions.
I think other commenters are missing your point: an iPhone should be able to back up to a "server" the same way a macbook does. I have a 24 TB NAS with Time Machine on it so the phone should be able to backup to it (over wifi, usb, whatever) the same way it does to a Mac. And this should be possible out of the box by-design (not by using Linux based tools to backup the iPhone in ways Macs do not let you do).
They do. Parent just wants to back up directly to a Time Machine backup, rather than backing up to computer, then backing that up to TM.
A reasonable desire, but clearly niche enough that it's unlikely to come to pass. (Particularly since, given what little I've seen of how Time Machine works, it would likely require some quite significant dev work on Apple's end to enable.)
this wouldn't backup the apps, and app private data
for example, if your phone was running myapp 1.0 and 1.1 was out, restoring might cause your phone to download myapp 1.1
Also, I think if you had 20 kindle books in the kindle app on your phone and backed it up, after restoring you would have no books. You would have to redownload them all.
(strangely, I wonder if you have icloud backups, do these kinds of thing count against your storage space?)
(letting users into their own devices means the ability to access the entire device, examine what their device is doing, and firewall it if wanted)