>Super confused.
You aren't confused, you just have a preferred narrative. Hardcore Apple fans and Apple shareholders share a similar bias with different variations of 'It is difficult to get a man to understand something, when his salary depends on his not understanding it.'
>What do you mean its been working on Android just fine? Google just announced they are closing their ecosystem exactly for the reasons I stated.
It has been working just fine and Google's claim about their consolidation and its motivations are about as credible as a Rail Robber Baron claiming that his monopolization practices are actually about "security" and not profit, the response to such propaganda was the Sherman Antitrust Act of 1890 and today it is the DMA.
More elaborate articles regarding these bogus claims about "security" and its refutation:
https://makeuseof.com/androids-sideloading-limits-are-anti-c...
https://infrequently.org/2025/09/apples-antitrust-playbook
>Most of the fraud at my job comes from the android platform, because the security model on android is much worse than Apples.
Your personal anecdotes are not credible evidence, especially when they are coincidentally contrived to serve as anti-competitive business practice apologia.
Apple's "security model" is supposedly so much better, yet iPhone theft was absolutely rampant on iPhones due to an Apple "feature" that literally helped thieves steal a user's entire digital life. Androids were unaffected.
"A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life" - The Wall Street Journal, https://archive.is/oW0lD#selection-1872.0-1872.1
>Why is Google citing fraud as a reason to lock down android if "its been working on android just fine"?
For the same reason that Apple is using bogus claims about "security", because they can hardly be honest and say "We can't allow any competition, because it would threaten our taxation funnel"
As Cory Doctorow writes:
"In the meantime, Google’s story that this move is motivated by security it obviously bullshit. First of all, the argument that preventing users from installing software of their choosing is the only way to safeguard their privacy and security is bullshit when Apple uses it, and it’s bullshit when Google trots it out:
https://www.eff.org/document/letter-bruce-schneier-senate-ju...
But even if you stipulate that Google is doing this to keep you safe, the story falls apart. After all, Google isn’t certifying apps, they’re certifying developers. This implies that the company can somehow predict whether a developer will do something malicious in the future. This is obviously wrong." - https://doctorow.medium.com/https-pluralistic-net-2025-09-01...
>Apple is not a fast moving company, but they do have a great product and have addressed many of the big issues the community has raised.
There is no "community" - there is Apple, its profit motive and the consumers. Apple was relentlessly pressured to deal with their reckless "feature" that made a mockery of modern security practices, gravely endangered its users and it still took Apple way too long to introduce a basic fix. Apple is a trillion dollar company, so euphemisms like "Apple is not a fast moving company" won't cut it, especially when it comes to security - you know, the thing they pretend to value above everything else.
Your premise has the false dilemma: "If we can't perfectly block fraudsters from by-passing security checks, then we might as well have no security checks."
Another simple test is we can compare the amount of malware running on closed ecosystems with open systems. Which system hosts more malware: linux/windows or iOS?
I want to clarify that I'm not saying there are no financial benefits for Google/Apple. I am saying there ARE financial benefits to users and businesses on these platforms.
There is no false dilemma. You're just arguing for the sake of arguing at this point.
"In the meantime, Google’s story that this move is motivated by security it obviously bullshit. First of all, the argument that preventing users from installing software of their choosing is the only way to safeguard their privacy and security is bullshit when Apple uses it, and it’s bullshit when Google trots it out:
https://www.eff.org/document/letter-bruce-schneier-senate-ju...
But even if you stipulate that Google is doing this to keep you safe, the story falls apart. After all, Google isn’t certifying apps, they’re certifying developers. This implies that the company can somehow predict whether a developer will do something malicious in the future." - https://doctorow.medium.com/https-pluralistic-net-2025-09-01...
You realize in the very WSJ article you cited it said this?
> A similar vulnerability exists in Google’s Android mobile operating system. However, the higher resale value of iPhones makes them a far more common target, according to law-enforcement officials. “Our sign-in and account-recovery policies try to strike a balance between allowing legitimate users to retain access to their accounts in real-world scenarios and keeping the bad actors out,” a Google spokesman said.
I should have elaborated even further, because I already suspected that someone would nitpick that phrasing. So let me explain the difference:
"according to law-enforcement officials" - they are clearly not experts in tech and are unaware of the crucial difference between Apple and Android in this scenario.
The most significant difference is that Google explicitly stated their system includes "reasonable time-limited protections against hijackers changing passwords or recovery factors" - but only if users have properly configured recovery options beforehand.
According to Google's official statement: "Google Account Recovery flows also have reasonable time-limited protections against hijackers changing passwords or recovery factors set up by the legitimate users - provided users have set up a recovery phone and/or recovery email."
In contrast, the WSJ article describes how on iPhone:
- Thieves could immediately change the Apple ID password using just the device passcode
- there was no waiting period or time-limited protection mentioned
- Once changed, victims were instantly locked out with no grace period
- Apple's Recovery Key feature could be enabled by thieves to permanently lock victims out
Android users on the other hand could proactively:
- Set up recovery email and phone numbers that would be retained for 7 days after changes
- Enable Google's Advanced Protection Program, which specifically blocks PIN-based password resets entirely
- Configure multiple recovery options that created additional barriers
Apple users had limited options, the article mentions security keys could be added, but testing showed "security keys didn't prevent account changes using only the passcode, and the passcode could even be used to remove security keys from the account". This made Android's vulnerability more preventable and recoverable for users who had properly configured their security settings in advance, whereas Apple users were stuck and vulnerable to the pin-hijack until fixed, because iOS did not offer any similar protections such as time-based safeguards.
Well you realize it’s not a good look to post a citation and then immediately say the article is wrong only about the part you disagree with? See “Gell-Mann amnesia effect”.
But Apple implemented features to block that over a year ago.
https://support.apple.com/en-us/120340
> Well you realize it’s not a good look to post a citation and then immediately say the article is wrong
I did not say that the article is wrong, don't misquote me. You are also still failing to understand what the crucial difference is:
An iPhone was vulnerable to the pin-hijack, because of its limited security options - a security aware user was as vulnerable as an amateur.
An Android phone was only vulnerable if it was NOT properly secured.
So 100% of iPhone users were vulnerable, while Androids were only vulnerable if misconfigured.
So I was and I am still 100% correct, but you simply decided to nitpick that one sentence of mine that was prone to being nitpicked without bothering to understand what the significant difference between the systems were.
>But Apple implemented features to block that over a year ago.
Yes they did, after a lot of time and pressure. And if you read my comment again, you can see that I have already stated that they have implemented it. So what's the point of you telling me something that I have already mentioned several times?
If you’d just said all of this upfront, it would’ve come across as more honest / less confrontational.
>If you’d just said all of this upfront, it would’ve come across as more honest / less confrontational.
"I should have elaborated even further, because I already suspected that someone would nitpick that phrasing . So let me explain the difference:" https://news.ycombinator.com/item?id=45690226
After me clarifying what I've meant, the response wasn't "Oh I see now what you intended to say, thanks for elaborating", but misquoting me and making hostile and snide comments. That is someone who wants to be confrontational and lacks honesty in trying to understand what was meant in the first place.