Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
hardened_malloc
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
You can access the data in an encrypted backup, which you can request from an iPhone from Linux using the open source libimobiledevice: https://github.com/libimobiledevice/libimobiledevice
If anyone is interested in trying it out, here's a good overview of how to remove the various layers of encryption (starting from the backup password): https://stackoverflow.com/questions/1498342/how-to-decrypt-a...
Also some Go tools to inspect iOS encrypted backups https://github.com/dunhamsteve/ios
You can access the data in an encrypted backup, which you can request from an iPhone from Linux using the open source libimobiledevice: https://github.com/libimobiledevice/libimobiledevice
If anyone is interested in trying it out, here's a good overview of how to remove the various layers of encryption (starting from the backup password): https://stackoverflow.com/questions/1498342/how-to-decrypt-a...
Also some Go tools to inspect iOS encrypted backups https://github.com/dunhamsteve/ios
> Also can't even copy files off device easily.
See https://news.ycombinator.com/item?id=33898890.
> Can't put custom apps on devices easily.
You will, from May, thanks to the EU Digital Markets act.
> [...] simple tasks like....copying photos to a usb...browsing files on my phone on a pc.
You can do this with ifuse: https://github.com/libimobiledevice/ifuse
> If you want maximum security use an air gapped computer. But that won't let you send messages on the go.
You can, with some inconvenience, use optical diodes to transmit data from a trusted input device to an untrusted network device for transport over tor, and then push the received messages over a second diode to a display device that decrypts the messages, so that even if you receive an exploit/malware, there is no physical connection that allows unencrypted data to be exfiltrated.
https://github.com/maqp/tfc
"Unfortunately that ecosystem doesn't exist yet so we're stuck with the duopoly of evil-doers..."
That is no longer the case. There are projects starting to come out which are open source and building on top of AOSP like GrapheneOS, CalyxOS and a few others but those two are solid options at the moment.
I am not sure why GrapheneOS doesn't get mentioned here on HN but it's seriously a wonderful project that includes privacy features not available even on iOS. They are this far ahead of the game when it comes to privacy and security. Highly recommend checking them out.
https://grapheneos.org
> What exactly can’t you block with iOS ad blocker that you can block with just 1Blocker’s “give json to safari” blocker
https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-b...
> Did you personally vet the open source code? Did you compile it from scratch and install it on your phone or are you trusting it’s the same code?
I have read through parts of uBlock Origin's code, yes, but ultimately I'm trusting the broader Open Source community to say it doesn't have holes in it. And yes, I'm trusting Mozilla's vetting process for its "trusted extension" category. I think that's a reasonable thing for most people to do.
Of course, I could compile the extension myself, but I think to a certain degree that would be security theater.
----
Again, just really interesting to see an argument that boils down to "this Open Source application might potentially spy on me, and that's a greater danger than the websites that I know are actively spying on me right now." If Safari adblocking is good enough for you and your threat models, great. You don't need to justify that by pretending that uBlock Origin is insecure.
Related posts
- Apple's APFS Migration: A Feat of Engineering
- Class action lawsuit over Apple's 5GB iCloud limit and iOS backup restrictions
- X.org Server Clears Out Remnants for Supporting Old Compilers
- You don't need analytics on your blog
- [Tutorial] How to setup AltServer on Raspberry Pi/Linux Box and sync your device wirelessly (2023)