Yes, when Apple admitted that they had secretly crippled older phones through software updates to 'extend battery life' that's exactly the sort of thing I'm talking about.
I think you're attributing malice where there was none. The software changed the governor behavior if batteries showed signs of being weaker with age to prevent the device from suddenly shutting down when the battery voltage sagged. I can tell you that Android devices definitely don't do this - they'd just crash in the same situation, and I replaced an awful lot of batteries for people because of exactly that (the Sony cells on the Nexus 5 were rubbish, LG and Panasonic cells were fine).
The question is then a matter of opinion: What's the right behavior if you detect a weak battery? Keep the phone working, or let it crash? Apple picked the former.
Now, I certainly think doing this silently was the wrong option, but I'm not convinced that they were sitting in their labs, twirling their mustaches evilly, thinking about how to get people to buy new phones. I think it was far more likely a case of "Oh, hey, we've seen this in a few edge cases, we should cover it" - and the battery sagging was more widespread than realized. They really should have put the whole battery notification thing into the system in the first place, but I don't think it was a malicious act.
Though I was thinking more of Apple's long standing practice of designing OS updates that are not compatible with older hardware in order to cripple older devices. Then conveniently releasing these updates right around the time new hardware is available to buy.
Everyone does this. I can't install Windows 10 on a 486 with 8MB of RAM, even though Windows 98 ran on it.
The original iPhone had a 32-bit, ~400MHz core, 128MB of RAM, and 16GB of storage.
The iPhone Excess has two 64-bit, 2.5GHz cores, four 1.5GHz cores, 4GB of RAM, and 64GB of storage in the base model.
It's pretty hard to argue that they should be able to do the same things.
Or like when iOS 8 was released and people with older iPhones could no longer make phone calls or use their thumb scanner to unlock the phone after the 'upgrade'.
Presumably those weren't
intended features. Software is hard.
Or Apple's long standing fight against allowing users to repair their devices . . . (https://www.extremetech.com/computing/278261-apple-now-bricks-macbook-pros-to-prevent-third-party-repair)
I'll agree that they're making stuff harder to repair, but I don't think they're doing it simply to make things more difficult. The T2 chip is actually quite impressive, from a security perspective. I might even consider logging into one of my core accounts on someone else's modern Mac (in the guest account, after a fresh reboot and verifying that trusted boot was on), which is praise I've only formerly given to Chromebooks (they do trusted boot right, as far as I'm concerned).
I do think they've gone too far with the modern laptops in focus of Teh Almighty Thin, but that's partly based around the three years of "broken keyboards" they've released. I replaced an aging 2008 MacBook Pro with a mid-2015, simply because I didn't want to deal with the newer ones.
You won't get security updates, which is only problematic if you believe in the fantasy that you can do things securely on a mobile device (or really, any general purpose device). Get the 6, don't use it to access financial or medical data, take/store naughty photos ;) or other things that necessitate good security. The latter is true regardless of what phone/tablet or other mobile device you buy. Always assume your mobile device is compromised; use it accordingly. There is no system that is fully secure, but mobile systems are particularly bad due to design choices, frequent connection to insecure networks, and hardware limitations (yes, even Apple/iOS is swiss cheese security wise).
The world would be a far, far better place if people across the board didn't feel the need to point cameras at their bits and pieces...
While I generally agree with you about absolute security, please recall that the early iOS devices could be jailbroken
by a website. That was the process to jailbreak the early ones - go to a website. It'd pop the device, install Cydia (or whatever it was back then), and you could do what you wanted. I'm pretty sure the current ones can't be popped like that by a website. I hope. :/
In general, I trust Apple's mobile hardware (iPhones/iPads) more than I trust general purpose desktops. They do less, and they can (as a result of design decisions) isolate tasks more, and they have a reasonably controlled, trusted boot environment. Maintaining persistence on something like that is quite hard - not impossible, but you're looking at incredibly high value, rare exploits to do that. And not everyone is quite that targeted.
In rough order of "trustedness," by my current reasoning: Chromebooks, Apple mobile devices, modern Apple hardware with a T2 chip, Google-issue Android devices, {Windows 10, Linux} hardware. I trust
my Windows/Linux desktops, but I sure wouldn't log into anyone else's.
For me, the concern is my primary accounts (Google-based). I use physical 2FA tokens, but I also keep Google Authenticator on my phone, and it has access to my main Google accounts (for email). SMS 2FA is an awful idea, but something with suitable access to my device could extract both the auth tokens for my main accounts and the state from the Authenticator app, which grants full access to just about everything.
The only way you can have a reasonably secure device is to have a dedicated device/system that is rigorously maintained and used ONLY for that purpose. For example, a VM, system-on-a-stick, or laptop that is only turned on/attached to a network for maintenance and for accessing your bank (or whatever). No other websites, no other applications, etc.
VMs aren't secure. And the host running them isn't secure if the VM is compromised - if you can get ring 0 in a VM, you can almost certainly get access to the host.
While I agree with your paranoia here in general, do you really think an up-to-date iOS device is less secure than an up-to-date Windows 10 PC? All else being equal (you're not a dingus using the McDonald's Wifi (with either type of device) to check on your investments), I can't imagine them being much different from each other security-wise.
It depends on the Windows PC. If it's running open boot, enh... yech. If it's secure boot, it's probably OK, but I still wouldn't trust it that far.
I will say, iOS devices support always-on VPN connections, which are great. It does "the right thing" with hotspots, as near as I can tell - bypasses the VPN to auth to the network, but doesn't let anything else talk until the VPN tunnel is established.
Outline is my current VPN of choice for mobile devices.