iOS vs Android. Privacy and security difference in real world?

[RecentlyConverted]

Hello,

This is a genuine question. What are the security/privacy advantages of using iOS over Android in a real world scenario?

I am sure the stock iPhone / iPad with its installed apps is probably more secure than Android (as Apple infer), but for many users the iPhone / iPad is nothing special without adding useful apps from the App Store.

This is when the problem starts. Even if you avoid Google search, Gmail, Google Maps, Google Docs etc and download other developers apps, many use Google Analytics etc and even if they don’t, they suck up a large amount of data that they dont need and shouldn’t have.

On the basis of using many third party apps, is there any real world advantage from a security and privacy point in staying with iOS?

Thanks

 

[drinkingtea]

This is my biggest concern as well. Reading threads like this makes me want to stay far away from Android: https://www.reddit.com/r/Android/comments/8pko5a/what_do_people_here_think_about_android_and/

Despite what Android users here say, Google *does not* care about its user's privacy. Apple isn't perfect, but I trust Apple with my data. I don't trust Google with it.

 

[timeconsumer]

Hello,

This is a genuine question. What are the security/privacy advantages of using iOS over Android in a real world scenario?

I am sure the stock iPhone / iPad with its installed apps is probably more secure than Android (as Apple infer), but for many users the iPhone / iPad is nothing special without adding useful apps from the App Store.

This is when the problem starts. Even if you avoid Google search, Gmail, Google Maps, Google Docs etc and download other developers apps, many use Google Analytics etc and even if they don’t, they suck up a large amount of data that they dont need and shouldn’t have.

On the basis of using many third party apps, is there any real world advantage from a security and privacy point in staying with iOS?

Thanks

With third party apps I don’t think it really matters much. The Apple App Store probably does a better job filtering out malicious apps though.

I also feel like Apple gives better controls over permissions. For example for sharing your location, Apple offers the options of: while using the app, always, or never. I think Android only offers always or never.

But even with location disabled apps still have ways to determine location, such as your IP address.

If we’re just talking third party apps only, it’s probably similar enough to the point where it doesn't matter which platform you’re on.
[doublepost=1545676516][/doublepost]

This is my biggest concern as well. Reading threads like this makes me want to stay far away from Android: https://www.reddit.com/r/Android/comments/8pko5a/what_do_people_here_think_about_android_and/

Despite what Android users here say, Google *does not* care about its user's privacy. Apple isn't perfect, but I trust Apple with my data. I don't trust Google with it.

I’m not convinced Apple cares either. All we have for Apple is their word as their system is closed with no external audits done to confirm.

But like you, I would trust Apple more so than Google, that could also make me a fool for doing so. But at the end of the day I don’t want to stress about micro-managing my data so I pick the platform I deem as the lesser of the evils.

The thing about Google is that it’s Google’s best interest to keep my data secure, because they sell adspace.

Apple on the other hand, it’s not necessarily in their best interest to keep my data secure because they make their money from hardware sales and services like iCloud.

 

[RecentlyConverted]

This is my biggest concern as well. Reading threads like this makes me want to stay far away from Android: https://www.reddit.com/r/Android/comments/8pko5a/what_do_people_here_think_about_android_and/

Despite what Android users here say, Google *does not* care about its user's privacy. Apple isn't perfect, but I trust Apple with my data. I don't trust Google with it.

I hear what you say, but doesnt Google and other third party app developers hoover up as much data from an iPhone running these third party apps as an Android Phone? Dont forget Apple is happy to take a massive Google cheque to keep Google as iPhones default search engine.

 

[sracer]

Hello,

This is a genuine question. What are the security/privacy advantages of using iOS over Android in a real world scenario?

I am sure the stock iPhone / iPad with its installed apps is probably more secure than Android (as Apple infer), but for many users the iPhone / iPad is nothing special without adding useful apps from the App Store.

This is when the problem starts. Even if you avoid Google search, Gmail, Google Maps, Google Docs etc and download other developers apps, many use Google Analytics etc and even if they don’t, they suck up a large amount of data that they dont need and shouldn’t have.

On the basis of using many third party apps, is there any real world advantage from a security and privacy point in staying with iOS?

Thanks

It depends upon what you mean by "security and privacy". There are different levels of S&P and different things that are considered part of S&P. There's a lot of misinformation regarding the topic, some originating from Apple, which isn't surprising because it is a marketing point for them in selling the image that iOS devices are more secure.

The fact that one is using a smartphone throws S&P (security and privacy) out the window. Your cell service provider is tracking your every movement.

The web browser you use is only one element in the S&P chain. Even IF Safari isn't tracking you, the websites that you visit with that browser most certainly are.

People think that if they don't sign up for Facebook and have never signed up for Facebook that Facebook doesn't have any data on them. They are mistaken. Facebook's heuristic algorithms assemble profiles on everyone and anyone they can. Even if you have never been on Facebook, if people you know are on Facebook, then they piece together information about you from them... and they'll take what little info they can synthesize internal to Facebook and cross-reference that with external databases. People would be surprised to learn just how much personal information Facebook as on them even if they have never signed up or in to Facebook.

As for staying with iOS for the purposes of S&P... everyone must make their own decisions. I've done my research and analysis, and using basic common sense with regard to safe practices, I've concluded that there is no benefit to me in using iOS over Android (from and S&P perspective). Others may draw a different conclusion for themselves.

 

[Ulenspiegel]

This study (August 2018) by Douglas C. Schmidt, Professor of Computer Science at Vanderbilt University deals with Google Data Collection practices through Android and iOS.

 

[RecentlyConverted]

It depends upon what you mean by "security and privacy". There are different levels of S&P and different things that are considered part of S&P. There's a lot of misinformation regarding the topic, some originating from Apple, which isn't surprising because it is a marketing point for them in selling the image that iOS devices are more secure.

The fact that one is using a smartphone throws S&P (security and privacy) out the window. Your cell service provider is tracking your every movement.

The web browser you use is only one element in the S&P chain. Even IF Safari isn't tracking you, the websites that you visit with that browser most certainly are.

People think that if they don't sign up for Facebook and have never signed up for Facebook that Facebook doesn't have any data on them. They are mistaken. Facebook's heuristic algorithms assemble profiles on everyone and anyone they can. Even if you have never been on Facebook, if people you know are on Facebook, then they piece together information about you from them... and they'll take what little info they can synthesize internal to Facebook and cross-reference that with external databases. People would be surprised to learn just how much personal information Facebook as on them even if they have never signed up or in to Facebook.

As for staying with iOS for the purposes of S&P... everyone must make their own decisions. I've done my research and analysis, and using basic common sense with regard to safe practices, I've concluded that there is no benefit to me in using iOS over Android (from and S&P perspective). Others may draw a different conclusion for themselves.

It does seem a mine field. I want security for myself, as I do many financial transactions on my devices (and have already been the target of a clever ID fraud), and from a security and privacy side, I hold pertinent Client information on my business phone, which I have a duty of care to protect. If I cant see a benefit from remaining in iOS, I would like to try Android for the flexibility. I am getting tired of having to fight with my devices to get them to be as productive as they should be.
[doublepost=1545685926][/doublepost]

This study (August 2018) by Douglas C. Schmidt, Professor of Computer Science at Vanderbilt University deals with Google Data Collection practices through Android and iOS.

That looks like a interesting read. I will give that a go over the holiday. Thank you for the link.

 

[torana355]

In the real world Android is not nearly as dangerous as people on this forum would have you believe.

 

[sracer]

It does seem a mine field. I want security for myself, as I do many financial transactions on my devices (and have already been the target of a clever ID fraud), and from a security and privacy side, I hold pertinent Client information on my business phone, which I have a duty of care to protect. If I cant see a benefit from remaining in iOS, I would like to try Android for the flexibility. I am getting tired of having to fight with my devices to get them to be as productive as they should be.

I've owned Android phones since the very first (HTC Dream) and a few iPhones along the way. I have seen no difference in security between the two platforms. I've done a very large volume of financial transactions online over the years, not only personal, but business-related as well. I've never had a problem with ID theft, fraud or anything on my end.

However, during that time I've been notified by some online stores, like Target, that THEIR databases were breached. And a few credit card fraudulent charges because someone at some sketchy gas station on our trip from AZ to CA snagged our card number... but never online fraud.

It's good that you're doing your due diligence and researching the issue. Something to consider... Apple and their fans would have you believe that Android is the wide highway for miscreants to steal all of your data and your money. If that was anywhere near being true, you'd hear stories on the national news every night about these breaches.

 

[LIVEFRMNYC]

Anyone who is that concerned(or paranoid) ... Android does have firewall apps. I've tried some just for fun and they work pretty good. NoRoot seemed like the best one.

 

[SteveJUAE]

Anyone who is that concerned(or paranoid) ... Android does have firewall apps. I've tried some just for fun and they work pretty good. NoRoot seemed like the best one.

There is also a completely segregated area on Android with additional measures for privacy etc. Many Company accounts insist on this area being used as email etc etc can be segregated

Many confuse Apple privacy policy for there servers with their devices, it's not the same hence the common miss belief iPhones are inherently safe

Whilst it may be true that IPhones leak some information slower as indicated in the referenced paper noted above, the bottom line is your leaking regardless

There is no evidence to support one OS over the other in being less secure for personal data relating to accounts or card info etc. Both OS stores have apps by less scrupulous developers as we have seen in recent MR front page posts. You may like to think Apple do more checks than Google but even up till June Apple only requested developers to only request data that they really need.

Even Apple request contact info access for their music app on Android

Many possible settings and actions to avoid further leaking are simply ignored or outside an average users knowledge or care

Use what you prefer but your are seriously clutching at straws if you think one is superior over another

 

[LIVEFRMNYC]

There is also a completely segregated area on Android with additional measures for privacy etc. Many Company accounts insist on this area being used as email etc etc can be segregated

Many confuse Apple privacy policy for there servers with their devices, it's not the same hence the common miss belief iPhones are inherently safe

Whilst it may be true that IPhones leak some information slower as indicated in the referenced paper noted above, the bottom line is your leaking regardless

There is no evidence to support one OS over the other in being less secure for personal data relating to accounts or card info etc. Both OS stores have apps by less scrupulous developers as we have seen in recent MR front page posts. You may like to think Apple do more checks than Google but even up till June Apple only requested developers to only request data that they really need.

Even Apple request contact info access for their music app on Android

Many possible settings and actions to avoid further leaking are simply ignored or outside an average users knowledge or care

Use what you prefer but your are seriously clutching at straws if you think one is superior over another

I agree, but I think you quoted the wrong person.

 

[SteveJUAE]

I agree, but I think you quoted the wrong person.

My appols just a continuation of your points

 

[Oohara]

Honestly it's probably naive to assume we have any real data security at all, regardless of os, platform, or what any company or study says. I mean, how would we know?

The entities that provide us with all these services operate so far above our heads that any real insight or influence we'd have on them imo is simply fantasy.

 

[RecentlyConverted]

Though iOS sandboxing must add a degree of security? My data in my financial apps won’t be shared with other installed apps. So from that point P&S is then down to installing apps you hope are trustworthy. No Root on Android looks interesting. It’s a shame iOS doesn’t have that feature. it would be nice if iOS asked before data was transferred to an app developer in the same way it asks about camera and microphone etc.

 

[burgman]

This is my biggest concern as well. Reading threads like this makes me want to stay far away from Android: https://www.reddit.com/r/Android/comments/8pko5a/what_do_people_here_think_about_android_and/

Despite what Android users here say, Google *does not* care about its user's privacy. Apple isn't perfect, but I trust Apple with my data. I don't trust Google with it.

Opinions and reddit rants are not facts, I read most of that thread and your *does not care* with no facts , data, proof fits right in, as if any company cares in some parental way about privacy, other than marketing.Take a day collect from every company, app, and service you use the terms and conditions, privacy statements. Then decide whom you should be really concerned about.
[doublepost=1545781123][/doublepost]

It depends upon what you mean by "security and privacy". There are different levels of S&P and different things that are considered part of S&P. There's a lot of misinformation regarding the topic, some originating from Apple, which isn't surprising because it is a marketing point for them in selling the image that iOS devices are more secure.

The fact that one is using a smartphone throws S&P (security and privacy) out the window. Your cell service provider is tracking your every movement.

The web browser you use is only one element in the S&P chain. Even IF Safari isn't tracking you, the websites that you visit with that browser most certainly are.

People think that if they don't sign up for Facebook and have never signed up for Facebook that Facebook doesn't have any data on them. They are mistaken. Facebook's heuristic algorithms assemble profiles on everyone and anyone they can. Even if you have never been on Facebook, if people you know are on Facebook, then they piece together information about you from them... and they'll take what little info they can synthesize internal to Facebook and cross-reference that with external databases. People would be surprised to learn just how much personal information Facebook as on them even if they have never signed up or in to Facebook.

As for staying with iOS for the purposes of S&P... everyone must make their own decisions. I've done my research and analysis, and using basic common sense with regard to safe practices, I've concluded that there is no benefit to me in using iOS over Android (from and S&P perspective). Others may draw a different conclusion for themselves.

If I want real-time traffic via maps or a waze type app Apple doesn’t offer anything close. I like IOS devices for other reasons like handoff and other ease of use experiences. I use google apps if Apple offering is substandard or nonexistent. Just YouTube has saved me so much money in everything from car repairs, home projects, product reviews and more than any Company, app, service, put together. With that usage of course Google and Apple have collected much data on me. That’s the business transaction we agreed to with full disclosure, to me I get the far better deal because I always have a choice and never click on online ads. Oh and never use FB,

Here is an interesting article that gives insight into Apple’s take on security in MacOS
https://arstechnica.com/information...e-went-undetected-by-av-providers/?comments=1

 

[SteveJUAE]

Though iOS sandboxing must add a degree of security? My data in my financial apps won’t be shared with other installed apps. So from that point P&S is then down to installing apps you hope are trustworthy. No Root on Android looks interesting. It’s a shame iOS doesn’t have that feature. it would be nice if iOS asked before data was transferred to an app developer in the same way it asks about camera and microphone etc.

You would like to thing that sandbox adds more P&S and it's only 3rd party you need to be more aware of, but as others have already noted the default search provider is Google. One can only guess how many users out of 100'sM change this or even if you look more closely with app find my iPhone. Apple even tell you your data is sent to a 3rd party and you need to read their T&C's etc. Not that it implies these 3rd parties are not trustworthy.

You really need to consider what Apple do not tell you in their clever marketing slogans etc, the blanks allow for gross assumes and presumes

But I agree generally native apps are/should be better but Apple are probably no different to say Samsung who's native apps are modified open source code.

Financial data transactions re Tap and Pay a non issue in terms of OS P&S both are equal as far as practicable.

The more you use your phone with data services etc the more you will leak regardless of OS

 

[eltoslightfoot]

All I know is that my job requires the most secure off the shelf phones out there, and they yanked back thousands of android phones and replaced them all with iPhones. Blackberries were the most secure. Personally one has to simply remember that if you pay nothing for the product, you are the product.
[doublepost=1545784212][/doublepost]

You would like to thing that sandbox adds more P&S and it's only 3rd party you need to be more aware of, but as others have already noted the default search provider is Google. One can only guess how many users out of 100'sM change this or even if you look more closely with app find my iPhone. Apple even tell you your data is sent to a 3rd party and you need to read their T&C's etc. Not that it implies these 3rd parties are not trustworthy.

You really need to consider what Apple do not tell you in their clever marketing slogans etc, the blanks allow for gross assumes and presumes

But I agree generally native apps are/should be better but Apple are probably no different to say Samsung who's native apps are modified open source code.

Financial data transactions re Tap and Pay a non issue in terms of OS P&S both are equal as far as practicable.

The more you use your phone with data services etc the more you will leak regardless of OS

Actually this isn't true. Only iOS devices have been shown to only rarely and mostly never (and without consent) leak data outside the app even if you explicitly deny the app in question access outside it being actively used.
[doublepost=1545784249][/doublepost]

All I know is that my job requires the most secure off the shelf phones out there, and they yanked back thousands of android phones and replaced them all with iPhones. Blackberries were the most secure. Personally one has to simply remember that if you pay nothing for the product, you are the product.
[doublepost=1545784212][/doublepost]
Actually this isn't true. Only iOS devices have been shown to only rarely (and without consent) leak data outside the app even if you explicitly deny the app in question access outside it being actively used.

And it isn't like it is hard to set it to Duck Duck Go. I do it on everything.

 

[SteveJUAE]

All I know is that my job requires the most secure off the shelf phones out there, and they yanked back thousands of android phones and replaced them all with iPhones. Blackberries were the most secure. Personally one has to simply remember that if you pay nothing for the product, you are the product.
[doublepost=1545784212][/doublepost]
Actually this isn't true. Only iOS devices have been shown to only rarely (and without consent) leak data outside the app even if you explicitly deny the app in question access outside it being actively used.
[doublepost=1545784249][/doublepost]
And it isn't like it is hard to set it to Duck Duck Go. I do it on everything.

I do not think I mentioned that aspect but you do raise an interesting point on how good is app denial toggles and if these options are fool proof, you seem to imply they are not on IOS, I can't say I have read anything on IOS or Android specifically on this subject.

In my limited experience with company phones I tend to find US companies prefer IOS where European and Asian opt for Android. On what basis I would only be guessing and that includes when I worked in the US for a Japanese company.

 

[eltoslightfoot]

I do not think I mentioned that aspect but you do raise an interesting point on how good is app denial toggles and if these options are fool proof, you seem to imply they are not on IOS, I can't say I have read anything on IOS or Android specifically on this subject.

In my limited experience with company phones I tend to find US companies prefer IOS where European and Asian opt for Android. On what basis I would only be guessing and that includes when I worked in the US for a Japanese company.

Right, in this case it was because of security risks, which is huge where I work.

I edited for clarity. iOS does not leak data. android does...

 

[SteveJUAE]

Right, in this case it was because of security risks, which is huge where I work.

I think most companies take it very seriously, we have quarterly compulsory training on Cyber/HSE/Ethics

One company I worked for use to send out spoof emails and if you replied or clicked links you got a training module to do for your troubles

 

[eltoslightfoot]

I think most companies take it very seriously, we have quarterly compulsory training on Cyber/HSE/Ethics

One company I worked for use to send out spoof emails and if you replied or clicked links you got a training module to do for your troubles

That is awesome! HAHAHAHA!

 

[jeremiah256]

Without the restrictions built around using iOS, you have to take the same precautions with your Android phone as you would a PC, since with Android you can easily side-load apps and their store is not as curated as the iOS app store is. If you're careful, and stick to known/professional apps, you'll be fine. If you're a side-loader or install apps without careful review, you are increasing the risk of being compromised.

 

[sunking101]

They're much of a muchness. You'd be surprised how many iPhone owners use Google services. It's tough to avoid Google products unless you consider them the anti-christ and avoid them like the plague.

 

[eltoslightfoot]

They're much of a muchness. You'd be surprised how many iPhone owners use Google services. It's tough to avoid Google products unless you consider them the anti-christ and avoid them like the plague.

It actually isn’t that hard. I use duck duck go, icloud and my own domain for email, contacts through icloud, notes I don’t use keep—I use notes. Apple Maps instead of Google Maps. Anything left? Now facebook and twitter is a bit more difficult for me.