Wouldn’t that come down to “I don’t trust Apple on what they’re doing, but I trust this third party, which Apple chose and gave access to precisely what they wanted them to have access to, if they say that Apple’s telling the truth.”? If you’ve been inside any company as it’s being audited, you know that they don’t talk to EVERY individual in the company, they just communicate with a subset. Apple could make sure that they only communicate to the RIGHT subset.
EXACTLY the same for privacy. And guess what? The Supplier Transparency Report has the same faults. Let’s say, for example, that I really don’t believe what Apple says are the results of their transparency report. There’s no document or report that could convince me otherwise. Because the information, ultimately, is going to be coming from Apple or its suppliers and I’ve already stated that I don’t believe what they’ve come up with. And, I can readily not agree with anything anyone else would come up with because I know they’re not telling the truth, they’re just hiding it VERY well.
And, again, I’d go back to the security researcher that raised the alarm with their “could” laden report. That security researcher COULD be getting paid to report it. Or they “could” be stealing the private info of everyone that retweets their tweets. Or they “could” have had a bad break up with someone that worked at Apple. If it’s possible and “could” be happening, then it must be!
Yeah, agreed in that there's no such thing as certainty.
For example, I've never looked at the source code of Signal, but I have no reason to believe that they're not telling the truth. I trust also the reputations of people who do look at their code and state that they're telling the truth.
Does this mean that they're ultimately secure? No.
Does this scrutiny completely protect them from a bad actor inside the org? No.
I think it comes down in the end to trust.
I ask myself:
'Do I think that Apple might compromise on user privacy to sell advertising in its services and in iOS in order to help meet the figures expected of it by Wall Street?'
And my answer is:
'Yes, I really think that they might if they felt they could get away with it'.
So I guess in the end, I trusted Apple when they were more a company that focussed on selling premium hardware to users. Very simple.
But the Apple that is increasingly using Services as way to meet their quarterly figures - no, I'm not sure if I do trust this company.
There's nothing intrinsically wrong with services - selling Music, TV etc.for a monthly subscription is fairly straightforward.
I think that the big problem at Apple stems from their App Store commissions and ads (i.e. I'm being monetised simply by going on the App Store and of course, I have to to do get apps) and as the economy slows, I'm sure that they are coming under increasing investor pressure to monetise their massive user base, further.
Only the richer part of that base will pay for subscriptions. The rest will have to be monetised through ads. And as I saiid, I'm not sure that I trust Apple to do that in the right way (an ad-supported free or partially paid for Apple TV or Music with ads that are not especially granular and don't use user targeting information would be fine i.e. working the same as traditional TV or Radio advertising).
So in the end, trust is an intangible thing - it's a gut response (based on some empirical evidence of course).
And my gut is telling me that I'm finding Apple increasingly untrustworthy.
