I would like to make a broader comment: perhaps as users we should ask what AI features even make sense to use? Starting last year I experimented heavily with Google Gemini interacting with Google WorkPlace apps. The technology was cool, and is even much better now, but I came to the conclusion I don't really need it.
For an iPhone local AI, I wrote an app for myself (although I think there are maybe 10 other people who use it) that chats with Apple's local model (that is fairly good) and switches to a Secure Enclave model on their servers and from the documentation it looks like using the cloud model is private and secure.
Even better now, I signed up for ProtonMail's optional Luma LLM Chat system with integrated private web search tools. It is surprisingly good, and I trust Proton that it is private.
Almost the only thing I frequently use commercial LLMs for now is a few times a week using gemini-cli for coding, and NotebookLM a few times a month, plus occasional Gemini use, but I pay for Luma (powered by Mistral models) so I routinely use it for AI search use cases.
Just because technology is incredibly cool, this doesn't mean that we have to use it if real productivity gains are slim or non-existent.
ezfe 1 hours ago [-]
The concerns here are valid but the fact the authors label this being about Apple Intelligence and Private Cloud Compute really devalues their credibility in general.
Siri doesn’t have any of the new AI features, the prompts they’re using have been around for years, and private cloud compute has always been about Apple Intelligence generative features.
Citizen8396 42 minutes ago [-]
They are arguing in bad faith. They clearly know how to disable the relevant subset of these features. They don't do this upfront because they would have nothing to write about otherwise.
As a user, you can configure these settings in the UI. You can use the defaults command. They can be configured using a configuration profile/MDM. You could block the domains based on their associated feature, which are publicly documented by Apple. [1]
It's like complaining about Windows telemetry without bothering to configure the registry (or even open the settings menu).
Smartphone OS manufactures like Apple and Google do not allow strong secure features to black domain or IP addresses. There are attempts at cheep hacks to use VN or accessibility work a rounds but they can be overwritten by the OS and they prevent use a firewall and VPN at the same time.
Citizen8396 20 minutes ago [-]
I have used encrypted DNS profiles on iOS to block them at the resolver level. However, the correct thing to do is to disable the feature in a configuration profile. You can also block them on macOS using Little Snitch or similar.
No, you sometimes can't use two apps on iOS that attempt to configure DNS and a "VPN" for local filtering purposes at the same time (the latter is often a glorified hosts list).
You absolutely can use encrypted DNS and/or a VPN (or Private Relay). None of these have bearing on using an application firewall or pf on macOS.
nerdjon 50 minutes ago [-]
They also end it with trying to sell their service around AI which further devalues it, and even trying to give it a name like "AppleStorm".
I think some of the points are valid, but I think the over emphasis on Siri vs Private Cloud is massively overblown. That to me is just the nature of a transition like this and eventually more if Siri will likely fall under "Apple Intelligence" since it makes sense that they would have a single platform on the backend.
Then there is this header:
> "End-to-End Encryption? I’m Not Sure"
Well.. it is still end to end encrypted. Nothing about using Siri to dictate it changes that since you know... your on one of the ends. It is like saying that me taking a screenshot of the conversation somehow broke E2E.
That isn't to say that the concern here is not valid, but there are so many examples of things being twisted and manipulated to get you to use their product that I have a hard time really understanding what is an issue and what isn't.
Like ok you made an app using SiriKit using Apple's recommended settings (which may be recommended for a reason). But do you have the ability to have them not go to apple's servers if you configure it a certain way... it seems the author just ended with "Well it happens when I made this app" and never looked further.
isodev 13 minutes ago [-]
I think people are unaware of the difference between Apple Intelligence and Siri - they even have the same colour glow now. Also, can you always tell if it's Siri or Apple Intelligence handling a request?
The only privacy screen on macOS and iOS is during oob or after OS updates, and it does not make a distinction. As the OP post highlights, there is no way to avoid said telemetry from being sent or configure it in Settings. So all this is not only shady but quite illegal.
dwaite 47 minutes ago [-]
I'm somewhat disappointed that the authors did not realize that apple-relay.cloudflare.com is not PCC, but is publicly known to be part of iCloud Private Relay.
That made me immediately think that there were other parts of the article which were not properly investigated, and likely a fair bit of sensationalization.
breppp 2 hours ago [-]
Frida looks like such a cool tool
I wish I had some time to play with it
Citizen8396 1 hours ago [-]
doesn't disable Siri
"Siri is collecting all your data!"
insert company advertisement
inquirerGeneral 44 minutes ago [-]
[dead]
bastard_op 1 hours ago [-]
Apple already slurps everything you do with their "privacy proxy" services, so what more risk do you want? Apple defaults for forwarding all dns and web pages via their proxies, they just can't seem to figure out what to do with it.
Citizen8396 30 minutes ago [-]
It's unclear what you're referring to. Their DNS (outside of Safari private browsing) and Private Relay aren't enabled by default. The latter is set up using blind signatures and oblivious DNS, so they can't figure out what it is (much less what to do with it). You're free to disable both and let your ISP do whatever they want with your browsing habits.
gruez 50 minutes ago [-]
If you're talking about apple private relay, they're only proxying your packets, not intercepting any TLS connections. Therefore it's a bit misleading to characterize that as "Apple already slurps everything you do".
xp84 45 minutes ago [-]
> they just can't seem to figure out what to do with it.
That's the funny thing about Siri. It has since Day 1 insisted on being exclusively online-only, processing on the server - even for commands that the pre-Siri Voice Control could do fully locally on an iPhone 3Gs such as "Call Steve" or "Turn Wi-Fi on"
That decision always surprised me, and it's surprising that Siri's never improved given that unlike Apple Intelligence it is not limited to on-device nor to PCC.
For all the scorn directed lately at the "Apple Intelligence" team for not shipping anything they promised, I have to hand it to JG's team for at least building a local processing capability plus having PCC instead of just one server-side thing and a "Trust Me Bro" like Siri.
If we're lucky, they'll build new Siri stuff from scratch using local + PCC, and finally push the old Siri stuff into the scrapyard where it belongs.
MarioMan 18 minutes ago [-]
Siri has supported an offline subset of commands since iOS 15 came out in 2021.
I just tested this with Wi-Fi and cellular data disabled. Calling someone works perfectly and asking to turn Wi-Fi on presents the relevant toggle.
staplers 48 minutes ago [-]
If apple can figure out how to carve out a privacy/individual-focused ai model that avoids the classic centralized data-harvest/training they could runaway with a large portion of the market.
So many people understand the benefits ai can bring to our lives with automations, search, etc but so many are also aware of the dangers lurking beneath the surface and causes anti-ai sentiment (for good reason).
They can be mutually exclusive but aren't generally.
For an iPhone local AI, I wrote an app for myself (although I think there are maybe 10 other people who use it) that chats with Apple's local model (that is fairly good) and switches to a Secure Enclave model on their servers and from the documentation it looks like using the cloud model is private and secure.
Even better now, I signed up for ProtonMail's optional Luma LLM Chat system with integrated private web search tools. It is surprisingly good, and I trust Proton that it is private.
Almost the only thing I frequently use commercial LLMs for now is a few times a week using gemini-cli for coding, and NotebookLM a few times a month, plus occasional Gemini use, but I pay for Luma (powered by Mistral models) so I routinely use it for AI search use cases.
Just because technology is incredibly cool, this doesn't mean that we have to use it if real productivity gains are slim or non-existent.
Siri doesn’t have any of the new AI features, the prompts they’re using have been around for years, and private cloud compute has always been about Apple Intelligence generative features.
As a user, you can configure these settings in the UI. You can use the defaults command. They can be configured using a configuration profile/MDM. You could block the domains based on their associated feature, which are publicly documented by Apple. [1]
It's like complaining about Windows telemetry without bothering to configure the registry (or even open the settings menu).
[1] https://support.apple.com/en-us/101555
No, you sometimes can't use two apps on iOS that attempt to configure DNS and a "VPN" for local filtering purposes at the same time (the latter is often a glorified hosts list).
You absolutely can use encrypted DNS and/or a VPN (or Private Relay). None of these have bearing on using an application firewall or pf on macOS.
I think some of the points are valid, but I think the over emphasis on Siri vs Private Cloud is massively overblown. That to me is just the nature of a transition like this and eventually more if Siri will likely fall under "Apple Intelligence" since it makes sense that they would have a single platform on the backend.
Then there is this header:
> "End-to-End Encryption? I’m Not Sure"
Well.. it is still end to end encrypted. Nothing about using Siri to dictate it changes that since you know... your on one of the ends. It is like saying that me taking a screenshot of the conversation somehow broke E2E.
That isn't to say that the concern here is not valid, but there are so many examples of things being twisted and manipulated to get you to use their product that I have a hard time really understanding what is an issue and what isn't.
Like ok you made an app using SiriKit using Apple's recommended settings (which may be recommended for a reason). But do you have the ability to have them not go to apple's servers if you configure it a certain way... it seems the author just ended with "Well it happens when I made this app" and never looked further.
The only privacy screen on macOS and iOS is during oob or after OS updates, and it does not make a distinction. As the OP post highlights, there is no way to avoid said telemetry from being sent or configure it in Settings. So all this is not only shady but quite illegal.
That made me immediately think that there were other parts of the article which were not properly investigated, and likely a fair bit of sensationalization.
I wish I had some time to play with it
"Siri is collecting all your data!"
insert company advertisement
That's the funny thing about Siri. It has since Day 1 insisted on being exclusively online-only, processing on the server - even for commands that the pre-Siri Voice Control could do fully locally on an iPhone 3Gs such as "Call Steve" or "Turn Wi-Fi on"
That decision always surprised me, and it's surprising that Siri's never improved given that unlike Apple Intelligence it is not limited to on-device nor to PCC.
For all the scorn directed lately at the "Apple Intelligence" team for not shipping anything they promised, I have to hand it to JG's team for at least building a local processing capability plus having PCC instead of just one server-side thing and a "Trust Me Bro" like Siri.
If we're lucky, they'll build new Siri stuff from scratch using local + PCC, and finally push the old Siri stuff into the scrapyard where it belongs.
I just tested this with Wi-Fi and cellular data disabled. Calling someone works perfectly and asking to turn Wi-Fi on presents the relevant toggle.
So many people understand the benefits ai can bring to our lives with automations, search, etc but so many are also aware of the dangers lurking beneath the surface and causes anti-ai sentiment (for good reason).
They can be mutually exclusive but aren't generally.