I stopped reading when he started talking about using a credit card instead of Apple Pay. Lost me on the benefits of not needing to charge his card and how nice it is to have the plastic in his hand. Not only would I rather have the protections Apple Pay offers but if you want to disconnect that badly just use cash. Heck, stop carrying a phone.
>Most people don’t know to care and many people who know don’t care
I know, and I'd rather not have a phone at all (I used to use it extensively to read ebooks, but have since moved to a dedicated e-ink reader), but it's hard to participate in modern society without one. RMS is in the position to do so because he has various assistants and means of dealing with his personal quirks - people are aware of this and work around him. But RMS is a celebrity - if I refused to own a mobile phone and something went wrong at work while I was on-call and away from my house I'd be in deep trouble.
Yup, I’ve tried doing all this myself, interesting technical exercise, but realistically I have other things to do.
Additionally to iCloud I have configured my Mac Mini to download all files and photos, which are then backed up using BackBlaze.
Yes (not OP, but I do the same). If you're worried about something munging that data, you can take a point in time snapshot of that folder to B2 using the Backblaze UI, and it'll dump a zip of the folder into B2 for you.
The one thing that worries me is that most places do not specify if you will get the same pictures back bit by bit that you stored there. My worst fear is that they will transcode them over time to save space. [This is not limited to Apple - have this concern about any online photo storage service]
> Contactless payments up to £1000 mean I can pay for basically everything without touching anything.
This feels like a good opportunity to reflect on the Apple Watch, and security around contactless payments.
Try taking off your apple watch, but keeping your fingers pressed against the back of the watch as you do. If you time it right (it's really not difficult to time it right), you can take off someone's watch and place it on your own wrist, without triggering the lock.
If you have a debit or credit card associated with your watch, you're now at risk of a supposedly authenticated card payment occurring.
(I removed all my cards from my Apple Watch S3 when I realised this vulnerability)
That sounds like it would be incredibly hard to do without the user noticing. Either way, if you're concerned about this could you not just use a strap that is harder to remove?
For a talented pick-pocket it’s not as hard as you think. Apollo Robins and David Blaine both remove watches from oblivious marks during their sleight of hand routines. Anecdotally, someone lifted my friend’s gold Rolex while he stood in line at a street market. And it was on a bracelet which is basically a handcuff!
Apple Watches are much lighter too, so it’s harder to notice when it goes away.
But the risk is no higher for an Apple Watch than a Rolex or a wallet full of credit cards no? Especially if you use a credit card where you have charge back protections.
> But the risk is no higher for an Apple Watch than ... a wallet full of credit cards no? Especially if you use a credit card where you have charge back protections.
That's yet to be determined. If someone takes my credit card, the most that they can do is 3x £45 transactions (unauthenticated contactless limit).
If they are able to perform PIN authenticated transactions with my credit card, I'm going to be facing an uphill battle, as the onus is on the consumer to protect their PIN.
Equally, contactless transactions via Apple Watch or iPhone are supposed to be authenticated transactions via PIN / biometrics, which is likely to result in the same uphill battle.
EDIT: I've ignored the comparison to Rolexes, as the topic is about the risk of credit card fraud, not about the risk of theft of physical belongings. If we're talking about the risk of theft of physical belongings, then yes, the risk is lower for an Apple Watch than a Rolex, because a Rolex is (by market value) generally worth more, and in some cases can command more on the secondary market than new, unlike an Apple Watch (so far)
I would imagine that Apple Pay transactions would be harder to dispute than say, a contactless transaction with a physical card, because the banks know that one has to authenticate before using it.
An Apple Watch transaction is similar to a completed chip+pin transaction - authentication by the card holder is required, and the card has to be present.
You can get your money back, but it's not particularly straight forward.
> wait untill more people use Apple Pay, they will be taking their infamous 30% fees. Either from you or the merchant.
We have regulations in the EU that will prevent that from occurring. I can't speak for other places, but payments is heavily regulated EU-wide, with caps on the fees that card processors can charge.
> So yeah, try feeling grounded with that. It's a miracle that it even works.
Just because something is too complicated for you to understand, doesn't mean it's no good. Is this guy going to decline machines/life support in hospital because he thinks he could build something simpler?
I self host some things, mainly websites, but trying to self host the amount of stuff in that article is a fools errand. You'll spend more time updating, patching, and failing to notice any gaping security holes. I'm quite happy to pay Apple about 79 pence a month to deal with all that for me.
Yeah, one could make a similar argument with self-hosting: How the data is transferred physically through undersea optical cables, how internet routing works and the complexity of it down to how the hardware underlying his Nextcloud installation works. It is really a miracle that it all works, though.
I've been self-hosting my e-mail, and I'm thinking of switching to Google Apps, Fastmail or Protonmail due to the fact that sometimes my emails just go directly to spam. There's also the worry that my server might get hacked, and the maintenance that you often have to do. My time is orders of magnitude more than the few dollars a month all this costs.
There are privacy conscious alternatives to the expensive providers such as proton. Mailbox.org is the one I went with, but there are others. Many provide inbox encryption through gpg. I could be very wrong, which I often am, but I believe that proton is also inbox encrypting like you would with gpg and their service is some sort of wrapper around that.
The downside to proton for me was price and having to use their client. There is an “imap-bridge” that you can run, but that feels hacky and in the end if I really wanted all that I could also opt into using the aforementioned providers with gpg inbox encryption.
Yeah the dismissal from the apple fanboys in the comments are really something. It's a really good thing he shared his experience, few do. Also his website seems to have no tracking (Ublock Origin has blocked zero on the page). Also see user sneak's comment below about iCloud backups.
How do you reason with the fact that the NSA (American govt) is plugged into all your data? Sometimes I really wonder when we as a society are going to start caring about this ‘surveillance capitalism‘ stage of capitalism
Garbage! I hope not. I think you misunderstood my intentions when I explained the complexity of Apple Pay. It wasn’t to discourage complex systems, but to highlight the immense and necessary complexity for these systems. I never meant to imply that complexity is a bad thing, and instead said that true complexity must lie somewhere. And to answer your question, if given a choice between a life support machine that connects to systems in-hospital, compared to one that requires a constant connection to China, I would choose the locally managed one.
Most data in iCloud, including device backups (that includes full message history) and Photos, is not end to end encrypted and can be accessed by Apple without a warrant.
They provide this data upon request automatically to the US military and federal government without a warrant.
https://support.apple.com/en-us/HT202303 Only the end to end section up is theoretically secure from disclosure to law enforcement. So Keychains, Health, Home, Maps, Safari history and tabs and Siri are secured. There is a note that messages in the cloud is secure, but that the key is stored in an insecure iCloud backup if enabled. Everything else... Email, Contacts, Bookmarks, Calendars, Files, Notes, Photos, Backups are fair game.
Apple participates in PRISM, revealed by Ed Snowden, which obtains data under the FISA Amendments Act (FAA) Section 702, which does not require a warrant.
Instead, they set up a secret, unaccountable court (the FISA court) which rubber stamps these activities, almost without exception. This allows them to say the accesses are “court supervised” or other such weasel words. It does have “court involvement” - a secret, kangaroo court designed for the purpose of satisfying people who like the phrase “court order”.
It’s not a warrant, scoped to a specific thing, issued only on probable cause.
The widespread use of 702 for domestic warrantless spying, including PRISM, has been cited by Ed Snowden as one of the things that caused him to become a whistleblower.
Interesting, didn't know "iCloud Backup" could be self-hosted. I'm self-hosting everything else except for that one item on the list, I might as well make the jump.
The downside of self-hosting "iCloud Backup" is having to plug one's phone into one's computer every time they want to do a backup. There's probably a way to do a daily wifi sync using iTunes, but that doesn't seem to be documented anywhere.
I personally like how iCloud automatically backs up my iPhone whenever it's charging and connected to wifi.
Itunes can also sync over Wifi[1] or You can use Nextcloud[2]. You can backup your photos to your PC/Mac and then upload them to a cloud service. I use duplicati[3], it automatically encrypts and compress your files and uploads them to the cloud service of your choosing. I use Backblaze B2 for the cloud service($0.005/GB)[4].
Using Apple Pay vs. not using iCloud is a false dichotomy in my opinion.
It's perfectly possible to disable all components of iCloud (most notably backup, but also email, contact sync etc.) and still stay logged in, which is the only thing required for Apple Pay to work.
To be precise, almost any relevant components: Most notably, calling history seems to be synced across devices through iCloud by default and without any explicit option to disable it. The same applies to some minor (from a data privacy/autonomy point of view) features like syncing AirPods pairing across devices.
an extremely good replacement for the iOS "Notes" app is Standard Notes. i cannot recommend this app enough. open source and yes you can host your own server.
You don't always have a choice, for eg - WhatsApp backups are unencrypted to iCloud. I don't think there is a way to get complete WA backups without using iCloud.
I too limit the amount of iCloud integration I use a bit.
After cancelling my iCloud 2TB plan, and turning iCloud off for photos I learned that being able to transfer photos off of my phone is not so easy.
Because basically Apple wants you to use iCloud for your photos or to sync between your computer and your phone. But I take a lot of photos as well as long videos and heaps and heaps of screenshots from articles that I read. The internal SSD on my MacBook Air is only 128GB, so I had to resort to an external drive. With huge amounts of images and photos in a Photos library macOS keeps wanting to scan through all of them and it spends forever to do so.
I began creating new Photos libraries but at that point Photos libraries begin to feel rather pointless. In order to find photos I’d have to sift through multiple libraries and each of them would want to scan the whole library again.
Aside from that the big annoyance with importing into Photos (instead of syncing) is that it does not transfer albums and favorites, it only transfers the media files.
So I was manually selecting photos and organizing stuff but that takes time so I put off transferring photos and videos and screenshots from my phone for a couple of months.
Very recently I finally found an application for macOS that uses the iPhone backup protocol in order to transfer whole albums and favorites. But it cost $60 so I was hesitant to buy it because I was very low on money so it was a significant amount. Instead I started doing a full backup of the device. About 30% through the process my phone goes in to a reboot loop.
I speak with an Apple store, I speak with Apple and I speak with a data recovery specialist company. The data recovery specialist company told me that from the description I was giving them about what had happened, it was highly probable that data had been corrupted and that this would make it impossible to recover anything. They could have a look at it for a fee of $150 they said, and recovery if possible would cost between $400 and $1000. Naturally this was way above what I could afford. So I went through with factory reset on my own instead, which means accepting that the data was gone.
I lost a couple of months worth of photos and videos and screenshots. Which sucks. At the same time though, nothing much exciting happened in these months anyway so it’s not a disaster either. But I would have preferred to not lose the data because there were a select few memories in there from that time that would have been nice to keep.
I am also growing worried about my data in general, as the drives I use are starting to age. I can’t afford new drives at the moment but began looking at renting storage from Hetzner.
Anyways, in terms of what’s on the phone I now have iCloud photos turned back on on the 5GB plan and try to transfer regularly using the macOS third-party application that I mentioned. After losing the data on my phone I shelled out those $60 for said application. It’s still a bit more cumbersome of a procedure compared to storing more in iCloud but at the same time I think this is pretty ok. This way, as long as I keep transferring to my computer when iCloud is full I always have the photos transferred or they are in iCloud. And then after I transfer them to the compute I delete them from the phone.
Ironically as I am typing this I ran out of storage again earlier today, but I am going to transfer the photos and videos that are currently on my phone as soon as I get home. And if my phone should misbehave again, or I lose the phone or whatever, well at least this time it’s a few hours worth of data that I am losing and not a couple of months worth.
If you have a Mac, then "Image Transfer" is what you are looking for. It allows to simply sync fotos and images as their raw files (original quality if so configured) to a directory.
From there you can do whatever you want with them (put them on multiple separate disks, upload them to galleries, strip jpg and distribute them etc.
You do miss out on face detection, but stuff like 'locations' can be easily done with the GPS data in the EXIF, just loop through your files and rip the details out of EXIF, store in DB and make a little interface for it et voila.
But yes, in the end, I would love to be able to say "store my shit at X" where X is my private colocated box, while still using apple's pretty cool photo management services.
Till then (which will never come ;) ) I just have the small 3CHF/month plan which gives 200GiB, which is good enough for 'the best photos of the last few months'.
PS: Indeed, one has to plug the phone into the computer and then do the copy/sync, but that also gives on the moment to run iTunes for a full backup, always a good idea just in case stuff breaks/goes-missing/etc.
> If you have a Mac, then "Image Transfer" is what you are looking for. It allows to simply sync fotos and images as their raw files (original quality if so configured) to a directory.
The Image Capture application (probably previously named Image Transfer) will not preserve Albums and Favorites as far as I can tell.
Anyways, as mentioned I bought the third-party backup protocol speaking application after this unfortunate event, the application which is able to transfer the data into folders based on the albums and favorites that I have on the phone. But I appreciate the comment nonetheless.
For cheap long-term storage, that you probably will never have to access, AWS S3 Glacier may be worth a look. Storage is really pretty cheap (100gb for a year starts at $4.80), retrieving data is somewhat more expensive (but if you can wait a bit, it's not a very expensive, and there's a 10gb/month free quota). It's been recommended to me several times as a great place to store encrypted personal backups, but I haven't got around to actually try it.
Best of luck to you! I hope everything works out well for you!
On an aside, does anyone know whether tools like Resilio Sync are still an option? I've used that to backup my photo library from my iPhone to a local server for years, is this still a viable option? Currently doing full-device backups, but retrieval is a hassle, and I routinely take work-related photos (whiteboards) that I can't upload to iCloud.
Could you please share the application you are talking about which "uses the iPhone backup protocol in order to transfer whole albums and favorites". That sounds useful
Sorry to hear about your financial struggles. I hope things work out.
Thanks for the inspiration. I have similar problems now. Gonna use icloud as buffer and start moving out and sort photos to own NAS (synology in this case).
I moved my photos to Synology 5 years ago and have never looked back. I did some very thorough research into a number of options including iCloud, Dropbox, Google Drive, etc. and they all had some really odd behavior which kept me from using them (i.e. getting select photos into iCloud Photos was impossible - it was every photo taken or nothing ... and don't get me started on iCloud Drive's incompatibility with iCloud Photos).
Right now I'm using DS File from Synology to transfer photos to my NAS and from there there's a script [1] that organizes it into a destination folder which is then synced to Dropbox and Google Photos simultaneously. So I get to use Google Photos as my primary photo viewer but it's just essentially a cached copy of my library (which I could trash and restore at any point).
Your Elodie script looks great! I have a question. Is it possible to use your script and bypass Google Photos completely? For example, would it be possible to directly put sync Photos from iPhone to NAS whenever you are within a WiFi network?
Yes. The default configuration does not include Google Photos at all.
The script doesn't make many assumptions so you can get it to do pretty much anything (i.e. I wrote a plugin to have it upload a copy of every photo to Google Photos).
Here's an example of how you could get it to do what you asked if you were using Synology.
1. Use DS File's Photo Backup option to automatically sync photos from your phone to your Synology.
2. Have a scheduled task on your Synology to process photos in the synced folder to your destination folder. (I have this run every minute - it's cheap, I'm impatient, it's worked for years)
3. (optional) Configure Cloud Sync to sync the destination folder to Dropbox/Google Drive/etc. (Now you've got 2 geographically distributed copies of your archive and each supports versioning)
I'm about to upgrade my home NAS from a 10yr old tower + samba/netatalk to something more NAS like, mainly for centralized photo storage and time machine backups. (2+ tb of photos, 1+ tb in backups)
I'm on the fence between something diy like freenas, or more packaged like a synology. It's got to work for people on macs with small ssds who aren't interested in command lines, writing apps, or other techie level stuff. They just want to be able to find photos in a 20 year archive.
I don't know if photos will work with a library mounted on the remote drive, time machine has always been a bit touchy on the old machine over wifi. On the other hand, I'm not sure I trust the synologys if I can't pull the drives and read them elsewhere when things go wrong.
I'm using a DIY Synology fork(?) called Xpenology. There's a small risk things stop booting between minor versions, but otherwise it works as well as a real box.
> I'm not sure I trust the synologys if I can't pull the drives and read them elsewhere when things go wrong.
Synology drives are easily mountable using mdadm + lvm.
I am using Google Photos and for the mac you can just add the Page as a Progressive Web App. It is very fast, unlimited photos in standard res and works with MacOS, Ubuntu, Windows, Web, iOS and Android out of the box.
Richard Stallman even talks about how cell phones are surveillance devices: https://stallman.org/rms-lifestyle.html
He’s not wrong.
Most people don’t know to care and many people who know don’t care. Welcome to 1984 in 2020.