Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This doesn't have anything to do with privacy.

The DMA mandates that Apple allows for competition, which (if you believe in capitalism) is good for the market overall. It's essential to stop big tech from abusing their market dominance. However Apple would prefer to not allow competition for their digital products on any of their hardware.



But that does have to do with privacy.

Apple wants to implement features that access data locally. It doesn’t want to allow competition for offering those features, but if it did, competitors may use that access to local data to exfiltrate.

So it is about both competition and, as a result of creating competition, privacy.


Thats what Apple wants you to think. In reality it has nothing to do with privacy. Apple could let 3rd parties tap into these APIs but only after the user clicks away a big scary message telling the user they are leaving the comfort of the apple curated garden.

This allows competition, but also allows privacy for those who want it. See? Simple really, but Apple being Apple dont want to let 3rd parties use its AI APIs and so we have this standoff.


Big scary warnings aren’t a solution either. I watch the way my son interacts with consent screens and warnings, and it’s barely believable- the average person is very well trained to click through the warnings.

Someone might believe that people who ignore the warnings deserve everything they get, but I respectfully disagree. I remember helping my grandma uninstall and remove all the hostile browser extensions that had tricked her into installing them. If Apple is protecting vulnerable populations by taking the choice out of the users hands, even if it’s only profit motivated, I’m okay with that until someone presents an alternative that actually addresses those needs.


Apple is very good at “big scary warnings” that are also quite difficult to click through without knowing the correct steps to take. See also the EU alternative app stores, or running an unsigned app on macOS, or installing a device profile…


This is mostly wrong. The DMA has a process to determine if a service provider acts a gatekeeper to the market, and let's be honest if Apple is not one, then I don't know who else besides Google.. So there is no privacy argument in there except Apple didn't want to design a interface that complies and is safe.


Apple is using Cloud compute as well to enable Siri AI.

If you want to you could still use Apple or another provider you decide to trust - or even one that does everything locally. The competition would still have to follow GDPR after all.


Apple PCC has been independently audited to be ultra secure.

Will the EU enforce the same for 3rd party integrations?


If Apple had e.g. required competitors to undergo similar independent audits that would probably be allowed as it is quite similar to how Apple solved the third party app store issue.


Are we sure the EU would allow that? Or would it be seen as a way to stifle competition?


I mean, Apple's PCC audits require them to individually vet each auditor before they're allowed to see the PCC nodes.

If Apple extended that philosophy to other vendors then yeah, it would be deliberately unfair and anticompetitive.


It sounds like they are whitelisting the hashes of all the Google software and OSes and stuff to ensure nothing is changed out from under them without them knowing.

Even if you could make all the other possible vendors run private cloud compute style stuff that would be a lot to manage.

And I can’t imagine the EU would like, and as a user I would certainly hate, the “OK you can use Grok but you lose all privacy too bad“ dialogue box they could make.


I don't even think it offers a meaningful degree of security. It's a form of theater, you have to be hand-selected to perform the audit that Apple promised.

Most sysadmins know that hash matching only mitigates a small subset of rare upstream attacks. Apple could still be MITMing the whole thing (SSL added and removed here :)) and no auditor would get the chance to check. The offered audit is so weak that I would not trust any FAANG business to administrate it.

Apple is once again demanding arbitrary centralization to give them an undeserved veto power. None of this is for security.


If they're not "hand-selected", what would be the way to select the auditors?

Just have an open house for anyone interested to come poke the hardware and software?


Have a set of clearly-defined requirements that doesn't randomly reject valid candidates? Nobody wants another opaque system like the App Store review process.

By the sound of it, Apple's offered audit doesn't include insight into the most dangerous parts of a system like this. This could easily lead to a situation where real security experts are denied access to promote influencer-adjacent Yes Men who rubberstamp the hashes matching without any question.

Hence my concern for "SSL added and removed here" - none of Google's famously backdoored infrastructure will be audited. For privacy purposes, Apple's promise is woefully incomplete.


That's a very bad faith reading on what Apple said.

How I understood it that they want _actual_ security researchers, not some random dude who once installed Kali Linux and ran nmap.

It's state of the art private compute according to actual experts and everyone will be wasting their time if the "researchers" need to be coached through the process and explained the basics of the system's operation.


At this point the EU doesn’t trust Apple’s fair rules. Which is very much earned.

So if they did that here, I doubt the EU would accept it. And even if they did as soon as a competitor of any side/credibility cried foul I’m sure the EU would make life very hard for Apple to prove they’re not being unfair in even the tiniest way.


Siri AI has the capability to read your screen and access a lot of personal stuff. I don't blame Apple for not wanting to open this up to allow any model to access it. It seems Apple proposed a number of solutions which were denied.

While I can appreciate the reason for the DMA, people don't have to buy Apple devices, they can buy any type of phone they want and just use the ecosystems provided by these phones.


We already have choice - people can buy many different types of phones. Nothing about this is about choice or the free market. They want special treatment.

Apple is free to do what they want. The EU can go and try and build their own iPhone (good luck with that).


> We already have choice - people can buy many different types of phones.

Do you really? The only two types of operating systems for phones that you could reasonably use are iOS and Android. So it's either Apple or Google.

Imagine a world, in which you could only consume Apple or Google services on those phones. No more Netflix or Disney+ on iPhones - only Apple TV Plus because the streaming video API is not available to third party apps. I think there are plenty of other examples to demonstrate the point.

A free market doesn't work if you have a duopoly. A free market requires the freedom to choose between different services, which Apple is trying to limit by only allowing Siri AI to access specific OS interfaces.

Not sure why some people on hackernews support more locked down operating system.


There are phones running alternative versions of Android with no google dependency, and there are phones running linux.

Furthermore, if we lived in a world where the two main OS's were locked down to an insane degree, we would also have plenty of alternative operating systems. The reason we don't today is because we don't really have a need for it, in the same way linux has a monopoly on servers and nobody really cares.


> There are phones running alternative versions of Android with no google dependency, and there are phones running linux.

Those make up 0% of the market [1], which classifies Apple and Google as gatekeepers.

[1] https://gs.statcounter.com/os-market-share/mobile/europe/


[flagged]


Them making the only phones anyone uses makes them the gatekeepers on what people do on their phones -> Apple and Google are gatekeepers under the DMA.

It doesn't matter how they became gatekeepers.


[flagged]


The law says they’re gatekeepers. That makes them gatekeepers. There’s no point in trying to “well actually” this. The law is clear.


There are hundreds of phone models. A smartphone is a just one type.

Apple came out of nowhere and invented the smartphone because the existing system was controlled by the telcos and horrible phone technology. The same thing can easily happen again.

It makes no sense to limit Netflix on phones and people would probably stop buying iPhones.

If the EU wants an "open" phone ecosystem, they should foster real innovation in their space and build it themselves.


The EU is going to be China minus the technology.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: