Apple's $1 Billion Gamble: Your Siri, Google's Brain | Jan 5-11

Apple leans on Google for AI, but keeps your data locked down (maybe)

On Our Radar 🎯

Apple's Billion-Dollar Gamble: Your Siri, Google's Brain

Apple and Google announced a multi-year partnership that sounds like a privacy nightmare at first glance: Google's Gemini AI will power the next generation of Siri and Apple Intelligence features. Before you panic and throw your iPhone in a lake, here's what's actually happening and why it's more complicated than the headlines suggest.

The deal is pretty straightforward: Apple admits it can't compete with Google's AI capabilities, so it's licensing Gemini models as the foundation for Apple's own AI systems. This will roll out later in 2026 with iOS 26, iPadOS 26, and macOS 26 Tahoe. This is part of the 'more personalized Siri' Apple originally promised for iOS 18 in 2024 but delayed—while continuing to advertise the feature that didn't exist.

Supposedly, Apple will pay Google about $1 billion per year for access to Gemini, and the models will run on Apple's Private Cloud Compute servers to keep user data "walled off from Google's infrastructure."

Users are rightfully skeptical. Apple has built its brand on privacy-first features, and now it's partnering with a company whose entire business model revolves around data collection and advertising. However, Apple has implemented genuinely novel privacy protections in Private Cloud Compute that no other major tech company offers.

Our optimistic take: Running Gemini on Apple's infrastructure with Private Cloud Compute protections could deliver better AI without Google's typical data collection practices.
Our pessimistic take: We're being asked to trust that two of the world's largest tech companies will suddenly prioritize user freedom over profit in their billion-dollar partnership. There's also a deeper issue: Apple's walled garden means you can't choose alternatives. There's no technical reason you shouldn't be able to replace Siri with an open-source AI assistant of your choice.

What you can do: Privacy-focused users should watch for independent security audits of how Apple's Private Cloud Compute actually handles this partnership and any reports of data leakage to Google's infrastructure. We'll cover developments as more information comes to light.

Bits & Bytes 🤖

~ One-Click IP Leak Hits Telegram Users

Security researchers discovered a serious vulnerability in Telegram's Android and iOS apps that exposes users' real IP addresses through disguised proxy links. Here's how it works: attackers can create malicious proxy links disguised to look like innocent usernames (like @durov) or harmless website URLs. When you click one of these links, Telegram automatically attempts to test the proxy connection before adding it to your settings. This test connection bypasses all your configured proxy settings, sending a direct request from your device that logs your real IP address on the attacker's server.

Our take: Telegram's response is infuriating. They told BleepingComputer that "any website or proxy owner can see the IP address of those who access it" (technically true but completely missing the point) and will add warnings to proxy links rather than fixing the underlying behavior. This is especially dangerous for activists and journalists using Telegram's MTProxy feature to bypass censorship—the very people this feature is supposed to protect. Until Telegram actually fixes this, use a device-level VPN (not Telegram's built-in proxy) and avoid clicking username links or t.me URLs from unknown sources. Add this story to the many that speak to Telegram's realistic privacy offered.

~ California Crushes Data Broker Selling Health Data

California's Privacy Protection Agency just permanently banned a Texas data broker from selling any Californians' personal information. Datamasters bought and resold lists of millions of people with Alzheimer's disease, drug addiction, bladder incontinence, and other medical conditions specifically for targeted advertising. They also trafficked "Senior Lists," "Hispanic Lists," and lists based on political views, grocery purchases, banking activity, and health-related purchases.

What makes this case infuriating is that Datamasters initially claimed they didn't do business in California or handle California residents' data, then reversed course when CalPrivacy confronted them with evidence (including a spreadsheet on their own website listing 200,000+ California students).

CalPrivacy ordered Datamasters to delete all previously purchased California data by the end of December 2025 and requires them to delete any future California data within 24 hours of receipt.

Our take: This is what real enforcement looks like. If you're in California, DROP is now live. It's the most powerful consumer data deletion tool in the country—use it if you're able! We hope to see more states follow in California's steps and hold one of the most exploitative global industries accountable.

~ Linux Smashes Records on Steam

Here's a quick win: Linux gaming just hit 3.58% market share, up from November's 3.2%. While that might still sound small compared to Windows, this represents a 0.38% jump in a single month and marks both a percentage and absolute user record for Linux on Steam.

Our take: Two very simple takeaways: First, every percentage point matters for digital rights. More Linux adoption means more users on open-source systems where you actually control your computing. Second, people are tired of Microsoft's Slopware and are desperate to escape.

This Week on Techlore 📺

This week, we released a brand new Techlore Talks interview with Lucas Lasota from the FSFE (Free Software Foundation of Europe) to discuss the DMA and why it's so important for global digital freedom:

This week's Surveillance Report covered another offline Windows 11 activation method getting killed off my Microsoft and countless other stories from the previous week:

We're also excited to announce that we've officially resumed Techlore Clips — where we post shorter segments from our long-form content. Check out our first video from our Fastmail Techlore Talks interview:

Action Items ✅

Check your Telegram settings. If you want to be safe, switch to a device-level VPN. We have many trusted open source ones on our VPN chart.
Keep following updates to Gemini/Apple privacy practices. We will keep a close eye.
Enjoy the rest of your weeks; don't forget to get outside, spend time with loved ones, and enjoy your first month of 2026!