> I’m so unused to seeing a corporation act in the interests of their customers explicitly counter to the wishes of law enforcement and the intelligence community that I’m racking my brain trying to think of ulterior motives that explain why Apple might have this.
Apple started to assist chinese government and used their walled garden to ban all their users from using secure communications and VPNs. As soon as actual dollars are on the line Apple just like other corporations chooses dollars. I'd be vary of trusting them too much.
But dollars are always on the line, and that’s why they’re protecting customers outside of China and complying with the authoritarian Chinese gov in China. Most countries don’t have draconian measures like China does to make sure that companies comply with their every demand.
Other "evil" companies like Google instead refused to do business with such regime. Apple actively helps the regime by banning VPN apps and preventing Chinese people from installing them from 3rd party sources.
I am not quite sure the cases are analogous: Google is a website, Apple sells physical objects. When Google "refused to do business" with China, they doubtless knew that users would instead use a VPN and access some other national version of Google. Meanwhile, if Apple doesn't do business in China, it's not like people in China getting genuine smuggled iPhones that work normally. They're either going to use other platforms or use untrustworthy knock-off iPhones, and all of those probably comply with government regulations too.
Still, your point above stands: a company as large as Apple or Google has too many individuals with their own personal interests for "trustworthy" to really be a meaningful term. I trust Apple mobile phones much more than Google mobile phones, but, for instance, I trust Google laptops much more than I trust Apple laptops. I am sure there are good people working on all four products, but for some reason Apple's mobile phone division and Google's laptop division have consistently put out better products.
When Google "refused to do business" with China, they doubtless knew that users would instead use a VPN and access some other national version of Google.
From the same vein that "we're not Google's customers", neither are those Chinese users using a VPN. By leaving China, they're cut off from Chinese businesses who could pay to advertise.
Chromebooks have the same sort of solid design principles that iOS devices do - hardware-based boot attestation and isolated cryptographic coprocessor, an entire OS design that lends itself towards sandboxing, a team that clearly cares about pushing the state-of-the-art in sandboxing forwards, security support for many years, etc. And both products have consistently evidenced solid security design for several years.
Apple laptops and Android phones are much weaker on all of these fronts.
I don't have a good explanation for why this is so. I think there may not be a good one, other than that complex engineering organizations are very random systems with tons of inputs and changing engineering culture is very hard, and people early in both the Chromebook and iOS projects were able to set and maintain the right culture, and people in the Android and Mac projects (despite being skilled people who care about security!) weren't able to pull it off, essentially by random chance.
Apple started to assist chinese government and used their walled garden to ban all their users from using secure communications and VPNs. As soon as actual dollars are on the line Apple just like other corporations chooses dollars. I'd be vary of trusting them too much.