- Apple doesn't let you secure your OWN device. Apple does not give you permission to run a firewall or any other app to do your own security.
- Apple doesn't allow you to see what your phone is doing. You cannot see what apps are running, when they are running or what data is being sent where.
- Apple encumbers your data. It doesn't provide an alternative to icloud. Why not a personal icloud, self-hosted on macos. Why not even a time-machine backup of your phone? Apple could make it easy, but instead they try to upsell you on more icloud storage.
> Apple does not give you permission to run a firewall or any other app to do your own security.
Apple does allow security products on the Mac, and I have analyzed popular ones such as SecureMac's MacScan 2, and others that were on the Mac App Store's bestseller list, and there are tons of scams.
Users hear that it's good advice to install antivirus but don't know how to evaluate them. It is to Apple's discredit (and publishers like MacWorld that gave glowing reviews to MacScan) that these flourish on the Mac, but thankfully iOS users have not been duped to the same extent.
I don't know if it's really true that you're not allowed to run firewalls and such on iOS. They provide content blocking and VPN APIs. See the ability for Wireguard to introduce a completely new VPN protocol simply by installing an app. There is a lot of engineering effort that goes into supporting that.
> You cannot see what apps are running.
The model for when apps are executing is more complicated on iOS. I don't think it's as useful to think about an app's lifecycle as you do on a traditional desktop OS. Security that relies on you "catching" an app executing (if such monitoring is not always-on) is not good security.
> Why not even a time-machine backup of your phone?
You can easily back up an iPhone (encrypted, even) to a Mac or PC. This has existed longer than iCloud Backup. Apple does not release tools for inspecting an opaque backup blob, though there are some reverse engineered ones.
the flaw there is that it is opt-out not opt-in, and you can only block web activity, not apps.
> You cannot see what apps are running.
Yes, the model is more complicated, but it abstracts away important ways apps can run even if you don't realize it, such as notifcations, "voip".
> > Why not even a time-machine backup of your phone?
> You can easily back up an iPhone (encrypted, even) to a Mac or PC.
Kind of. You don't back up apps or app private data. In other words, restoring your phone is at the mercy of apple and the app folks. Will you get the same app? Will you get your audiobooks? no, you will have to download them again.
- Apple doesn't let you secure your OWN device. Apple does not give you permission to run a firewall or any other app to do your own security.
- Apple doesn't allow you to see what your phone is doing. You cannot see what apps are running, when they are running or what data is being sent where.
- Apple encumbers your data. It doesn't provide an alternative to icloud. Why not a personal icloud, self-hosted on macos. Why not even a time-machine backup of your phone? Apple could make it easy, but instead they try to upsell you on more icloud storage.