This is so crazy to see. Usually when Apple faces the public, everything is super curated to sound pro-consumer, even if its anti-consumer.

Sure this PDF doesnt venture far from it, they still paint Apple in the prettiest picture, but the terminology shows that Apple is basically doing the same thing as google but with slightly different methods to blur it. Heck, we don't actually know what is going on inside an iPhone, they could be combining accounts and sending data to Cambridge Analytica for all we know. At least with a degoogled Android, you know exactly where everything is going.

This is the classic gaslighting that I've come to expect.

In the Apple world, they basically carefully redefined privacy as "anyones else besides us getting access". They put themselves as a fully trusted party for everything.

How do you square that claim with E2EE and the way Find My works?

E2EE arrived very very late and is even off by default. Anybody you are messaging to is going to have E2EE off and their backup data sent to the US government for analysis (see PRISM revelations which Apple participated to). Since you can't get iMessage without iCloud (at least to my knowledge) it's one of the most problematic messaging platform out there because of that.

For Find My, since they can even locate switched off phones, that tells you all you need about how it works. I find the whole concept creepy.

I'll give you that E2EE arrived late and is off by default. But:

> For Find My, since they can even locate switched off phones

They can't. Find My is actually truly end-to-end encrypted, at least the version used for when a device is off (I'm not 100% sure how encrypted the self-reported version is for powered on iPhones with data).

Copy-pasting my summary about how Find My works from another comment in this post:

> The master private key used by the system is generated locally and never leaves your Apple devices in a state that anyone except your devices can read it.

> The master key is used to derive an AirTag specific private key which is provisioned to the AirTag and is in turn combined with an increasing counter which generates a third private key that's never stored anywhere. The ID broadcast is the public key of this third key. It changes every 30 minutes or 1 hour, I forget which.

> Other devices see this key, use it to encrypt their own location, and upload that encrypted blob along with the public key to Find My, and in order for Apple to even know which account the encrypted blob they can't decrypt belongs to I have to actually request the location of my AirTag by locally deriving the keypair it used for a certain point in time.

This has all been proven through [1] where they read the whitepaper (which I can't for the life of me find now but know exist because I've read it, or at least parts) and implemented OpenHaystack which proves Apple aren't lying about anything because if they did then OpenHaystack wouldn't work.

1: https://github.com/seemoo-lab/openhaystack