How about Tim makes another video of himself talking about the importance of privacy with a tear in his eye?
Problem solved.
Problem solved.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Not Trying Hard Enough to Protect Users Against Surveillance, Researchers Say
- Thread starter MacRumors
- Start date
- Sort by reaction score
I swear to god, most of you don't even bother reading the articles that are linked to these posts.
Also this
That's a very valid observation. Apple claims that the system and app store is locked down for security, yet this happens. I'm not saying they need to be perfect, but just for a second take your fanboy hat off and read that. That's a valid criticism.
Also this
Again, valid. I mean Jesus are you guys incapable of reading and just having a discussion? Nobody is saying to hate on apple. You know what makes the things you love better? Criticism and feedback. You know what makes me a better graphic designer? Criticism. How am I supposed to get better if all people do is praise me? You can STILL LOVE your precious Apple products and criticize them at the same time.
icloud is an option for the user..we are talking about devices here and not about cloud...everything in the cloud..whatever is microsoft, google, apple etc...will never be secure enoughI’ve said it before and I’ll say it again: unless and until Apple provides full, end-to-end encryption for iCloud backups, their privacy/security words are merely “marketing-speak”.
Exclusive: Apple dropped plan for encrypting backups after FBI complained - sources
Apple Inc dropped plans to let iPhone users fully encrypt backups of their devices in the company's iCloud service after the FBI complained that the move would harm investigations, six sources familiar with the matter told Reuters.www.reuters.com
I’ve been in the legal biz for 20 years.
part issue is privacy. The other part is how much y’all share with the world. Humans have no boundaries when it comes to gossip. It’s too late. We already know too much about you.
part issue is privacy. The other part is how much y’all share with the world. Humans have no boundaries when it comes to gossip. It’s too late. We already know too much about you.
“Johns Hopkins University cryptographer Matthew Green similarly said: ‘Apple is trying, but the problem is they aren't trying as hard as their reputation would imply.’”
What a bunch of rubbish. This is a qualitative opinion, not scholarship or research.
If he wants to criticize Apple for poor security practices, then fine — list it’s shortcomings supported by quantitative data or specific flaws. Let me draw the conclusions on whether those flaws meet or don’t meet its reputation.
What a bunch of rubbish. This is a qualitative opinion, not scholarship or research.
If he wants to criticize Apple for poor security practices, then fine — list it’s shortcomings supported by quantitative data or specific flaws. Let me draw the conclusions on whether those flaws meet or don’t meet its reputation.
You do have to wonder though if these giant tech companies deliberately leave backdoors whilst espousing safeguarding customer privacy, which would explain why so many updates occur throughout tech industry to close security loopholes that are obviously exploited by Pegasus and no doubt law enforcement agencies etc., using the software. At least Apple respond with the free updates.
Did you even read the article ?
quote: "The truth is that we are holding Apple to a higher standard precisely because they're doing so much better. Android is a free-for-all. I don't think anyone expects the security of Android to improve to a point where all we have to worry about are targeted attacks with zero-day exploits."
Translation: "we're focussing on Apple because we've given up hope that Android will ever be secure."
You are right, it will be difficult. Complete end-to-end encryption of everything with on device keys would go quite a way to help though.
Obviously that wouldn't help with this specific case, but every bit is important.
Software has bugs, layering helps to isolate and minimize them.
Think about some of them which had huge consequences:
heartbleed
shellshock
Kaminsky DNS Bug
Meltdown etc
While the person who introduced the Heartbleed bug denied it was intentional, there was plenty of speculation that it might have been particularly given the NSA's comments and it was a very trivial error to catch. So no one knows if it was intentional.
Just like Meltdown and Spectre, were they intentional? Probably not, but systems are so complex that without lots of people reviewing designs and code, bugs will come through. And in the chaos, intentional ones could be inserted.
Last edited:
Hindsight is 20/20 as they say. These armchair quarterback should have spoken up before SHTF.
Real sporting them ain't it? They're like the soldiers who comes in an bayonets the wounded after the battle.
Real sporting them ain't it? They're like the soldiers who comes in an bayonets the wounded after the battle.
This is what's know as SWAG (Scientific Wild Ass Guess). In this case, it carries weight with me. Wish they would have spoken up sooner, you know, before people got compromised.
Last edited:
You’re not doing enough to protect us but we also demand you open up the App Store and allow side loading to make it easier for us
Yep i wouldn’t mind to install a decent firewall like e.g. little snitch and block many App traffics.
I’ve said it before and I’ll say it again: unless and until Apple provides full, end-to-end encryption for iCloud backups, their privacy/security words are merely “marketing-speak”.
Exclusive: Apple dropped plan for encrypting backups after FBI complained - sources
Apple Inc dropped plans to let iPhone users fully encrypt backups of their devices in the company's iCloud service after the FBI complained that the move would harm investigations, six sources familiar with the matter told Reuters.
The problem with that is, if an Apple user was to lose their laptop or iDevice, that data would not be recoverable. If the key is on the device and the device is not in your hands, you can't get the data. You could potentially keep the key on the server, but encrypt the key with a password. As the vast majority of people use rubbish passwords, this would not be very effective.
_________________
Regarding the Pegasus hack and others like it, the solution is simple. Give users the option to revert back to simple SMS service. First, read the message as a stream. When the buffer is full, stop reading. Secondly strip out all the unicode, JS and escape characters before you do any other processing. Give users the ability to filter out HTML. When everything is sanitized, then pass it on to the SMS software to display. This needs to be done at the lowest OS level.
"A greater level of access to the operating system itself would, they claim, help to catch attacks and vulnerabilities more easily."
How has that worked out for Android and Windows?
How has that worked out for Android and Windows?
Apple’s ecosystem is too closed!
Apple’s ecosystem is not closed enough!
It never ends…
Apple’s ecosystem is not closed enough!
It never ends…
If iOS was so private, why does Apple know how many of which iOS version all of their devices are on?
Buh? Apple works harder than any other company at trying to prevent this. They literally set the standard against which all other companies are measured.
Who is watching the watchers who watch the watchers?
Interesting rant and hyperbole. Maybe Apple and other large software companies could do better with software. But nothing that Apple says is neutered due to a software bug.
It's a secure Ecosystem, but many users leave the door open with passwords like: 1234, Imdabest, password, mydogsname, etc... So who's fault is it?
The problem is Apple is being attacked for every effort they make to improve security so the thread lightly. They will likely lean more heavy handed going forward.
No. After warnings about the risk of data loss when enabling the feature — there is no chance it’d be on by default — Apple would provide users with a (probably per-device) recovery key. It would instruct you to write down or print the key and put in a safe location to refer to in the event that you have no other working devices paired to your account later on.
This has been done before. In fact, Apple itself uses essentially this approach for iCloud Keychain on devices where the associated Apple ID doesn’t have 2FA set up.
They once allowed access to the root user on macOS with no password whatsoever. You can make some arguments on privacy — much of it is marketing bluster, but they have done some good work — but Apple’s record on security is…not sterling.
To quote yourself: "This is a qualitative opinion." Tehy actually did quite a bit of research on this so I'd say at the least it's an informed opinion.
You're right to say we need data, but you shouldn't expect to be spoon-fed the information before lashing out.
Have a good weekend!
The biggest difference is that The Party had to force people to use a telescreen. They didn’t realize that people would willingly buy them.