Still a major stumper for me that Apple has not thrown a *hit pot of money at someone to secure a copy of the "malware" for them to tear apart
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Not Trying Hard Enough to Protect Users Against Surveillance, Researchers Say
- Thread starter MacRumors
- Start date
- Sort by reaction score
Dream on. They are not using real courts meant to protect citizens agains constitutional abuses, just national security letters (bypasses courts) and FISA courts (which are packed by political do-gooders). If they were doing what you suggest, then why not report it? They don't simply because the system is being abused. We know that from Snoden and others.
I don’t see the word relative in the initial post. What paragraph is it?
This is open to discussion of course but it seems to me that the title of the article and the contents are at odds with each other somewhat.
Claiming “Apple could do more” is certainly valid but I don’t think it equates to “Apple isn’t doing enough”
From my outsider perspective it appears Apple is making great strides in a developing effort which can be improved, I don’t think it’s correct to claim the company is not when things are still very much in progress
Claiming “Apple could do more” is certainly valid but I don’t think it equates to “Apple isn’t doing enough”
From my outsider perspective it appears Apple is making great strides in a developing effort which can be improved, I don’t think it’s correct to claim the company is not when things are still very much in progress
You are definitely confusing Security with allegedly abusing policies conditioning the value of third party properties, including from Apple customers.
Not once researchers mentioned App Store policies or Right to Repair as the means to achieve better security.
This is your own and Apple derivative.
And I should say an intellectually disonhest argument to drive some kind support security researchers support to an issue completely unrelated.
Arguments such as this is why …
Last edited:
You are completely misunderstanding, what they are saying. The don't want any backdoor or anything else, which could harm you or you phone. But security is extremely difficult and it is easy to make mistakes, just as this example shows us. It is better to have independent experts analyze things and point at weaknesses before the bad guys use them.
A bit of a non sequitur. If burglaries were common in homes built just like yours, would you want to know why? Ignoring vulnerabilities is just sticking your head in the sand.
Post couldn’t be more off base. The thread title mentions “surveillance “, and allegedly that’s what the government does or wants to do. There is a connection between the two.
"A greater level of access to the operating system itself would, they claim, help to catch attacks and vulnerabilities more easily."
Following the news of widespread commercial hacking spyware on targeted iPhones, a large number of security researchers are now saying that Apple could do more to protect its users (via Wired).
Earlier this week, it was reported that journalists, lawyers, and human rights activists around the world had been targeted by governments using phone malware made by the surveillance firm NSO Group known as "Pegasus."
Now, security researchers are stating that Apple could and should do more to protect its users against advanced surveillance tools like Pegasus. Independent security researcher Cedric Owens told Wired:The security community has frequently criticized Apple for its limits on the ability to conduct forensic investigations into the security of iOS and the use of monitoring tools. A greater level of access to the operating system itself would, they claim, help to catch attacks and vulnerabilities more easily. For example, combating spyware like Pegasus would need access to read a device's filesystem, the ability to examine which processes are running, access to system logs, and more.
Android also places limits on "observability," but the locked-down nature of iOS, in particular, has drawn the ire of security researchers because Apple has heavily leaned into its focus on privacy and strong security protections, especially compared to other platforms. SentinelOne threat researcher Juan Andres Guerrero-Saade commented:
Johns Hopkins University cryptographer Matthew Green similarly said: "Apple is trying, but the problem is they aren't trying as hard as their reputation would imply." iOS security researcher Will Strafach suggested that there are many options open for Apple to allow observation and imaging of iOS devices to catch bad actors in a safe environment.
On the other hand, there is a level of concern in the security community that more openness and an increased number of system indicators could inadvertently give attackers more leverage. For example, there are already suspicious applications on macOS that antivirus tools cannot fully remove since the system gives them a heightened level of trust, potentially by mistake. It is likely that any new system privileges in iOS would likewise be used by rogue analysis tools.
Nevertheless, the discovery of Pegasus and its severity is prompting discourse around device security and calls for Apple to do more to prevent surveillance, as well as discussion around the potential need for a government-supported global ban on private spyware.
Article Link: Apple Not Trying Hard Enough to Protect Users Against Surveillance, Researchers Say
Almost too easy to think who some of 'they' might be....too , too, easy. As Willy Sutton once said: 'A greater level of access to the [Vault] itself would....'.....
There has always been anti-government speeches … mostly speared by social aspects. But has of lately, say the last 10 years, such speeches have been speared by the top 10% with a totally different drive … check history. Which is historically hasn’t been really for the benefit of democracy.
Judicial systems always had the power to persue for evidence with minimal technical boundaries. The banking system, entering peoples properties to look for criminal evidence … so on and so forth. There is a system in place, multiple check points for abuse. Separation of power between judicial system and the Government for instance, search only with warrant, democratic elections … Don’t you know that a judge can ask banks to open up ones banking statements, safe deposit boxes … and banks are forced comply … is it really that insecure … is it … for whom? … why not your phone?
Mass surveillance can now possible be done by all sorts of private entities, there is even a name, Capitalism Surveillance. What are their checkpoints for abuse apart from their good hearts? None. That is the fundamental problem. Collected or derived information can be trade and sold to highest bidder for whatever reason … founded in EULAS that gives the supplier total power over the required users properties.
Considering the above, in the latest FBI vs Apple case for me just came out bad, really bad … for Apple. Only simple minds thought the company stance as of defending somehow their security and rights …
The issue of security is both technical … the theme of the researchers post … and political … which is basically your theme.
Care to elaborate your apart from a slapstick sophistic observation?
For me Privacy and Security is something that should be speared by governments in a democracy. Not by some private company whose constitutional values fluctuate as $$$.
Last edited:
hello, Did you read the article?
“The truth is that we are holding Apple to a higher standard precisely because they're doing so much better. Android is a free-for-all. I don't think anyone expects the security of Android to improve to a point where all we have to worry about are targeted attacks with zero-day exploits.”
Not at all but great try with the ‘they all do it, it doesn’t matter’’. Because Apple is in fact doing so. Could they do better, undoubtedly they could and will need to continue so year after year. Don’t want to face facts, I’m sure, buy look at how Google makes its money, now look how Apple makes theirs.That answers the question definitively.
But Even better, request the recordings of your private data from both Google and Apple. It’s free. I’ve done it.I’ve seen it for myself the MASSIVE difference.
And btw, in all your zeal you didn’t read this about your fav Android from the article:
“The truth is that we are holding Apple to a higher standard precisely because they're doing so much better. Android is a free-for-all. I don't think anyone expects the security of Android to improve to a point where all we have to worry about are targeted attacks with zero-day exploits.”
Making an OS "more open" is indirectly building backdoors all around it. Apple probably employees some of the brightest software engineers in the world in order to ensure that its OS is secure. Apple is also subcontracting many security firms to undertake forensic analysis of the OS to ensure that there is no way for a hacker to install anything without you knowledge. Apple also has (for many years) security bounty program for independent researchers and hackers to try to hack its OS, in exchange for a lot of money. There is multi-level control and verification procedures that each OS version must pass before being published and Apple is spending a fortune in order to make sure that it is the most secure it can be. Hackers will always hack. Mistakes always happen. But suggesting that making iOS more open, could improve security because it will be easier to detect malwares, is absolutely non-sense.
No. Making an OS a fortress from within, is the best security measure that you can implement.
More open OS leads to more vulnerabilities, which leads to more hacking and malware being made, which in general leads to more work for implementing security measures, some of which make your OS more restrictive. At the end of the day, you should look for a balance between openness and strong security. Apple prefers to sacrifice some freedoms within the iOS (e.g. installing apps from outside the AppStore), in order to achieve a significantly greater good, which is ensure that a user is unable to install a malware unintentionally and compromise all its personal information.
Icloud is still not end to end encrypted.
icloud backup is still not end to end encrypted.
The apple has some nasty worms in it.
icloud backup is still not end to end encrypted.
The apple has some nasty worms in it.
