With the ruckus about on device scanning I’ve started thinking about what the alternatives are. Or even if there are any viable alternatives.
The usecase would be:
- replacing (i)cloud with a non-cloud system
- available on all devices
most important: user friendly for non-techie people
Initial thoughts on what I do have:
- I have a raspberry pi running wireguard, access via certificates, so getting in should be ok, even for non-techie people.
- I run my email through protonmail, with my own domain, I still feel that is a safe bet (until proven otherwise of course)
- My macs can be converted to Linux, so the hardware I could re-use.
- I already run Joplin on a local webdav so notes is sorted.
- I run DT locally as well, so also sorted
- Files can be run from the Synology (that I’m also stripping the cloud components from)
- I run a local Git server, so that should be fine
Since for arguments sake I’d not be able to rely on Apple devices anymore, since they would now be compromised, those would also need to be replaced:
- devices? Are there any good Linux phones that we know of?
- Photo management? What are good local solutions for a 100gb and more photo library? Family sharing and local syncing?
any other thoughts? Is it even feasible to go “no cloud”?
Forget it. I wasn’t aware of the start of invasion of our civil liberties (which I studied in depth in college).
Please read this before upending all your systems.
What does Grubers deluded hope (along the lines of ‘Apple will hopefully do the right thing’) add to this discussion, whether it is possible to uncouple from the (i)Cloud?
You are already doing a lot. The more apps that allow for local sync (like DT) or those that use true E2E-encryption the better (for now).
The problem is that a lot of apps use CloudKit and often without a way for you to even know that they do or offering an option to opt-out. CloudKit is unencrypted to be able to run queries server-soide. There are ways to use CloudKit to sync data strings that are E2EE, but it is rarely used, because you would essentially need to mirror the encrypted db entries, decrypt them and keep them temporarily in a local a decrypted db to run queries there. Most devs don’t want to go through that hassle, but I’d wish they would.
iCloud and using your AppleID is an integral part of iOS. Since you can’t side-load apps easily and can’t fully de-couple from Apple it’s not the OS for privacy concerned.
Especially after this there is no way around it anymore. Apple, a private company, punched a hole in the shield that was held by personal choice of where the separation between online and offline lays and what was once the presumption of innocence. This is undermined.
Preemptive scanning is done no matter what by the overall image indexing. Just the reporting is toggled by whether you use iCloud Photos or not. For now. Can’t wait for legislative pressure now that Apple gave an inch and as we all know they will take the whole yard, now that a private company has showcased to them that there is a viable way to circumvent E2E-encryption.
GrapheneOS is probably the most security concerned OS to run as of now if you carefully audit apps. It works well with Pixel phones that obviously need to be fully wiped and therefore de-googled.
Synology has okay-ish photo management. Especially with DSM 7. But yet it’s another attackable system until you keep it offline/separate.
What does Grubers deluded hope (along the lines of ‘Apple will hopefully do the right thing’) add to this discussion
Avoiding losing valuable time upending things that work and do instead productive stuff with it?
Gruber can hardly be called a fanboy. But go ahead, have fun, dismantle all your working cloud systems over something that has not yet been implemented, of which we have not seen any effect, which does not mean direct data access in any way. It’s your time, not mine.
umm Some of us do not even really have any external cloud systems in place and things are working just fine. My one original pain point, Scrivener, which uses Dropbox for sync, is being slowly replaced for the brainstorming I was doing in it with Obsidian, synced via my own version of a modern day sneaker net. I can do the same with my next NaNoWriMo novel which was my primary use case for dropbox. The only other use is for the moving of files to and from my iPad and my Zotero system for annotation and there are alternatives I just haven’t explored them yet. I also haven’t been doing any annotation on scientific papers for a while. When I am active any given paper is only in dropbox for a day or 2 before being moved back into Zotero.
I find no issues with calendar or contacts being relegated to updates when I sync. There is no need for a minute by minute sync of any of that stuff and as often mentioned I never do email on a portable device because it’s inefficient for me to work that way. Omnifocus and DEVONThink sync via my own WedDAV server. DT is slowly going away but I expect to continue to use OF for a long time.
The 2 biggest hassles with my current system, no progress bar on the iPad when I move my obsidian vault over and the fact that for some unknown reason periodically my mac loses the iPad or iPhone as locations I can connect to and I have to restart the mac.
Beyond that it’s easy to avoid the cloud.
Let’s all not waste our time to voice our concerns over some tech that’s potentially going to ruin all privacy?
Gruber’s optimistic that Apple would not bend over to authorities to expand the system in unintended ways. But given Apple’s track record, it’s really not optimistic at all. Apple is known for giving up physical control of iCloud servers without key management hardwares under pressure.
Gruber used to argue that giving up iCloud servers was the best Apple could do to avoid supply chain collapse and also the best possible privacy for those users.
But now Apple is going above and beyond. It’s exactly like the anecdote.
The post seems to be geared towards people who are now afraid of using cloud services, it’s not about people who don’t to begin with. Since you don’t, you’re fine and always have been.
Anyway. I’ll show myself out and let you hash the subject to your heart’s content. Wishing you all well.
I’m not sure there is no pressure. We’re probably not aware of it, but there’s bound to be pressure to build in backdoors. This might be their attempt to put the backdoor on the device instead of on the server.
but that’s not the point of this post…
I wanted to stay or get away from the discussion on the decision, and just find if there actually are viable alternatives to using the (i)Cloud
Using something like Cryptomator to encrypt data before uploading to cloud storage is probably the easiest option. It’s introducing Files app integration in beta now.
Doesn’t the whole process happen on your device though?
Self hosting. It’s a nice hobby too.
False assumption. Just like OogieM and JKoopmans, I mostly have my own infrastructure in place for over a decade. I avoid any private data that I personally consider sensitive to be put on any cloud or be accessible from outside of my own infrastructure. This used to be a deliberate choice.
People that have looked behind the curtains, can see through the marketing lull and assess the risk in its context. Everyone I know capable of this is equally upset about the trajectory of privacy invasion we all have been on over the last years.
Back to being on topic.
CloudKit you can’t get around at all. You can deactivate iCloud sync for apps individually, but you can’t just replace iCloud with another storage provider sadly.
It’s also questionable that Apple’s photos app essentially is the only location where camera apps can write to.
I’d wish it would be mandatory to make all sync to external servers truly optional. Maybe some countries with an intact separation of powers that still value privacy and constitutional rights might be able to achieve this. But given the worldwide privacy decline in the last years, I guess it will remain a wish.
I wonder how viable it would be to run the phone entirely without a primary internet connection? Maybe through a portable LTE/5G box with a WiFi AP? Maybe there are some with proper firewalls (offsprings of pfsense or alike). If all connections to Apple servers are blocked, the apps that use CloudKit would only store the data locally.
Yes there are alternatives, depending on what you need to accomplish and what apps and services you choose to use.
I’m been using Google for a long time and my primary email is a Google Workspace account. So my email, contacts, calendar, photos, and online files do not use any iCloud services. But I can still use Apple’s mail, contacts, and calendar apps on Mac and IOS if I choose, as can anyone using a standard email provider.
Services like Dropbox eliminate the need to store files on iCloud and you can choose to sync your photos with Google, Amazon, Microsoft, and other services.
But many apps rely on iCloud for syncing as does iMessage so there’s no substitute in those cases as long as you use Apple hardware. And in most cases straying from the Apple ecosystem can add to your workload.
I understand the desire to break away from Apple’s services, but the Mac Power Users forum is an unlikely place to get reliable answers.
An option is to not have those sync. Using a messenger only via the phone etc.
My devices have a main purpose. The cloud-sync urge is often just to satisfy that “just in case” feeling. If I really need to I can AirDrop (local ad-hoc wifi connection) from one device to the other.
As far as photos go, a worthy consideration is Mylio. It’s a paid subscription service if you have more than 5000 photos or 3 devices, but it’s a local-based solution. You have to have a system that can hold every photo you want stored (as your master vault) and then it syncs to all your other devices. I’m able to sync my vault on my desktop, and then another vault to my NAS, and then I have clients that connect and it works nearly as instantly as iCloud.
A few added benefits:
- My wife and I share a photo library and we’ve had to put up with using the same iCloud account on each of our devices. This is quite annoying in a LOT of circumstances. This eliminates that need.
- They allow you to sync a vault to a cloud service and you can encrypt it before it’s sent. So even though your photos are accessible via a cloud service they aren’t viewable by said service.
- You control how you sync. It’s more work to get setup, but every sync is transparent, so losing photos is highly less likely.
- You don’t get the machine learning that Apple has baked in to iCloud Photos with videos, or photo collages, that are created on your behalf.
- You control the sync. If you don’t have enough backups, then you could lose photos. If my desktop fails, or my NAS fails, then those photos could be lost. Where as with iCloud Photos they are likely backed up in a couple different locations on their systems (I would imagine).
First of all, there is nothing preventing parents from scanning their own photos and messages. They have the responsibility to be aware that children can be approached etc. It is their responsibility to care for their children and to keep them safe. Period.
Second of all, most pedophilia happens within the home or with a close relative or friend. The statistics are staggering and Stranger Danger is NOT what kids need to be aware of to the extent they are. I came right out and told the kids (my primary age students) and that they needed to report if they had a funny feeling to school teachers, counselors, police officers etcetera. They need to keep telling them until someone listens. They especially need to be told it is never EVER their fault.
Bottomline it, kids are basically being taught a bag of false information that can and DOES harm them.
Third of all, what is to prevent a judge from issuing a warrant? They need probable cause!!!
I was a primary teacher and had experience as a juvenile probation officer.
My photos are not downloaded to Apple. I don’t suppose that would matter as they are backed up?
Slippery slope will happen. The right to privacy is gone and it is up to us to protect what little vestiges we have left.
Apple still hasn’t learned how to share a photo library with multiple iCloud accounts? Around 5 years ago one of our executives wanted to share his wife’s photos (500 GB and growing). He was not happy when he learned the two of them would have to use the same iCloud account.
I was hopeful for the Purism Linux phone but they dropped the ball and are way to late. Also there is hardly any software available.
If you have to use a smartphone but don’t want all the tracking and snooping consider Graphene OS
Host your own data on your own server like you do with the Synology NAS. Frankly I would not even bother with certificates etc and only access locally or when remotely with your own VPN.
I use a Untangle SD Wan router and setup a Wireguard VPN from it.