I am not a diehard android, but i'm replying to you from a LineageOS phone without the Gapps, using microg as an alternative to the google services, and firefox as a browser.

Privacy is achievable on Android. However, I do agree it os very involved.

The services provided by Gapps that send data to Google (push messaging, aGPS, crash reporting, app installs, safe browsing, etc.) also exist on iOS with exactly the same privacy policies. The only difference is that you can remove or disable them on Android devices if you are paranoid, while no such remedy exists on iPhones.

By your standards, privacy is achievable with difficulty on Android and not at all on iOS.

Safe Browsing and Crash Reporting can be turned off with no repercussions. You can turn off location altogether, though I'm not sure if you can turn off aGPS only.

That leaves app installs (Android allows side loading) and push messaging (I'm not sure about this one) as the ones that you can't disable on iOS.

But please think twice before turning off safe browsing! Contrary to what some seem to believe, it doesn't send your entire browsing history to Google. See https://news.ycombinator.com/item?id=9779990 for an explanation.

Good reminder.

There is another, more fundamental difference. With Apple, you are the customer. With Google, you are the product.

Yet this "fundamental difference" does not change the fact that both companies' devices provide exactly the same amount of privacy out of the box, while only the Google device is truly yours to put whatever software you want on it, down to the OS.

I trust the vendor whose primary revenue stream comes from me, rather than the one whose primary revenue stream is me (or my private data). I trust Google to abide by their T&C's about as much as I trust the NSA to abide by the laws governing the extent of their actions. Which is to say, precisely none.

You can argue until you're blue in the face but Apple have little to no incentive to exploit my private data while Google have every incentive to do so.

The Google device is NOT truly yours because you have to look for cracks if you want to root it or remove the Google stuff. The law may also be against you if you crack it. You are just a guest on your device...you are "licensed" to use it just like you get license to play music on spotify, watch movies on netflix etc...nothing is owned anymore and very few people care.

Many Android devices, including all the ones that Google make and sell themselves, Sony devices, Motorola devices, have an officially supported path to running any code you want on YOUR own device.

Usually that path is: boot the phone into bootloader mode, plug it into a computer, run `fastboot oem unlock`, accept the warning that this will void your warranty, then `fastboot flash <image file to flash>`. An officially documented and supported way to do exactly what you want with the device that you own.

Yes, it voids your warranty, but it's not forbidden or illegal in any way.

Sure. That's why Magisk exists, right? Because OEMs have nothing against you rooting your device. At all. They are perfectly okay with it.

Please. Actions speak louder than words, I am sure you would agree with that.

We were discussing Google devices and Apple devices. All Google phones have an unlockable bootloader.

Unlockable bootloader, yes. Officially supported ROM without Google Play Services, absolutely not.

I see you defending Google around here. That's fine but a grand-grand-grand...-parent of yours was saying that AOSP is unusable, and that point still stands and is true.

You've confused yourself. The whole point of a device being yours is that you can install not officially supported ROMs.

The officially supported experience with Google Play Services is no more privacy invasive than the officially supported iOS ROM, but in the case of Google devices, the device is yours, and you are not limited to officially supported ROMs.

By google devices, do you mean only the Pixel and Nexus phones? Or does that include all android devices? Because for example Sprint Galaxy s5's can't be unlocked.

I mean devices sold by Google, so Nexuses, Pixels, and a few Google experience phones sold from the Google Store.

This is not true on the actual Google devices (Nexus and Pixel lines) that have a supported path to flash your own rom, and root. Google so far has been supportive of the custom rom community. Some manufacturers (cough samsung cough) have not.

IOS = Closed Source, Therefore only their word there is no backdoor

This ignores essentially all reverse engineering techniques that are required to find actual backdoors & is not something security professionals largely believe.

So is every other phone on the market.

Yeah? The baseband and chip ROMs are open source? Really?

Or the proprietary kernel patches and binary blob drivers?

If your point is that there are partially closed source Android distros, I agree with you.

more that there are no open source Android phones. Just "partially open source" Android phones.

To answer your first question: a lot. Apple makes all your data locally encrypted by default, in Messages, Siri, iCloud, Maps, etc - they don't have the key to access it. See more at https://www.apple.com/lae/privacy/approach-to-privacy/

The difference is that Google owns the keys that encrypt your files. Services like GDrive, GMail, Google Photos, Assistant, all depend on processing your data in the cloud. Apple does all of that locally (because they can't access any of it otherwise), trading some scalability and sophistication for privacy.

We were discussing data stored on the device. Just like Apple, Google does not have the keys to decrypt the data on the device. And just like Google, Apple has the keys to decrypt the data in their equivalents to the GDrive, Gmail, and Google Photos cloud services for web access. The only difference is that Apple's services are significantly less useful.

> What data does Google collect that Apple doesn't collect?

I don't know what Google collects, but the simple answer to this is "virtually everything". Apple collects very little data from their users and does everything they possibly can on-device (and the stuff that requires the cloud is either encrypted or heavily anonymized). Nearly all data that Google collects, Apple doesn't.

Well hold on dude, are you arguing that it's not Apple's right to charge money for quality / service?

In the first part, you're setting up a premise that nobody here can or will answer publicly even if they have the knowledge of the exact information collected by either company. That gives you a free run at the second part without anything supporting it.

You must have looked at the privacy policies but not read them.