Samsung’s exciting new flagship launch is just a few weeks away, and promises an Android upgrade that’s the closest we’ve seen yet to iPhone, at least from a security and privacy perspective. Android 15 which hit Pixels late last year has already raised the bar, but Samsung will take this further when its One UI 7 is released alongside the S25.
While AI will inevitably steal most headlines, Android 15 brings a raft of protections but also more restrictions than we’ve seen before, with a ramp-up in the long-delayed crackdown on sideloading and new Play Protect updates that expand its reach and its remit. Samsung adds Safe Install and an expanded Knox Matrix ecosystem, both of which narrow the gap to iPhone in key areas where Apple’s locked-down ecosystem has long been the safer choice.
But it’s on AI that iPhone’s “groundbreaking” defense against Samsung’s new flagship can be found. Putting aside that Galaxy AI and Android’s Gemini offerings outdo what Apple Intelligence brings users today, there remains a clear dividing line between on- and off-device AI processing. And when it comes to $1000 to $2000 flagships, Apple’s hybrid AI architecture provides a more secure alternative to Galaxy. This may not weigh in on your buying decision today, but we’re at the very start of a journey where AI will level playing fields of the past, and this will become increasingly critical.
Samsung says the preliminary beta of One UI 7 shows “the long run of cellular AI. . . with resilient AI capabilities, simplified controls, and a glimpse into long-term scalable AI ecosystems. “Samsung also said it is “applying hybrid AI to implement the AI experience. “Hybrid AI is a generation that uses on-device AI and cloud AI in combination to deliver balanced speed and security. If you use on-device AI, which has the benefits of fast reaction speed and strong on-device privacy protection, and cloud AI, which provides applications based on vast knowledge and high-performance computing, you can deliver an optimal AI experience in environments and conditions. Typically, Galaxy AI, which is the world’s first to be deployed on mobile devices, is forced to use on-device AI and cloud AI environments separately or at the same time, depending on the technical needs for each function.
But Apple warns that “proprietary and secure AI processing in the cloud poses a formidable new challenge. Powerful AI hardware in the data center can respond to a user’s request with giant, complex device learning models, but requires unencrypted data for the user’s request and the accompanying private knowledge. This precludes the use of end-to-end encryption, so cloud AI programs have so far used classic approaches to cloud security.
Apple has highlighted two challenges in particular that appear to be directed at hybrid AI type ecosystems. First, that the kinds of “security and privacy guarantees” found in privacy policies and marketing literature “are difficult to verify and enforce… If a cloud AI service states that it does not log certain user data, there is generally no way for security researchers to verify this promise — and often no way for the service provider to durably enforce it.” And second, that in realtime “cloud AI services are opaque: providers do not typically specify details of the software stack they are using to run their services, and those details are often considered proprietary.” In other words, how sure can you really be?
Apple approached this challenge differently. Private Cloud Compute (PCC) is designed to ensure that “non-public knowledge of the user sent to PCC is not available to anyone other than the user, not even Apple. Apple says that “we, PCC, are the most complex security architecture ever deployed for cloud AI computing at scale. » None of this means that hybrid AI is rarely very secure, but it’s simply not the same as extending the secure enclave of a phone to a public cloud service. And Apple has made all of this verifiable through security researchers, to stress it.
When PCC was first promoted, I commented that “if it works as expected, it could redefine smartphone artificial intelligence and erect barriers for [Apple’s] rivals that may be about to cross. A closed ecosystem of devices and silicon in the cloud, with a near-end-to-end Encryption Philosophy implemented for all AI queries or insights leaving a user’s device, so that it is near-anonymized, landlocked, and highly secured in which an external researcher can provide it.
Apple also explains that PCC uses users’ non-public knowledge “solely for the purpose of fulfilling the user’s request. ” This knowledge will never be available to anyone other than the user, not even Apple staff, or even while it is being actively processed. And this knowledge will not be persisted, added via registry or for debugging, after the reaction is returned to the user. In other words, we need a strong form of stateless knowledge processing where non-public knowledge leaves no trace in the PCC system. »
While we wait for the new smartphone benchmarks we expect with the launch of the Galaxy S25, some of them will stand out more obviously. I don’t expect this to have an immediate impact. But I expect that when Android and iPhone AI settles into something more like the same pace as always, this end-to-end security will play a major role. Users don’t think much about it yet because peak AI usage instances are still fun and trivial. But that will change. When AI starts transacting and tracking on your behalf, when, as one Samsung executive predicts, “an AI secretary [will give me] today’s schedule [when I wake up] and take care of what I need with an herbal verbal exchange, as if speaking. to a person. is typical”, this will change.
Apple has built an empire by providing more secure, more locked down, and more limited versions of what can be found elsewhere. The question now is whether this maximum effective defense against attackers, privacy violations and data leaks is also the maximum effective defense against development beyond Samsung’s iPhone. And will that be enough to attract flagship buyers who tend to be among the most security- and privacy-conscious users to their iPhones?
A community. Many voices. Create a free account to share your thoughts.
Our network aims to connect others through open and thoughtful conversations. We need our readers to share their perspectives and exchange ideas and facts in one space.
To do so, please comply with the posting regulations in our site’s terms of use. Below we summarize some of those key regulations. In short, civilians.
Your message will be rejected if we notice that it appears to contain:
User accounts will be blocked if we become aware or if users are concerned about:
So, how can you be a user?
Thank you for reading our Community Guidelines. Please read the full list of posting regulations discovered in our site’s Terms of Use.