Mind you, though, there’s a huge difference between the threats most of us face and the kind of threats the sorts of people mentioned in the article face. These are the high profile individuals, the Edward Snowdens of the world, that have Advanced Persistent Threat actors pursuing them, the ones APTs are willing to burn a zero day to target. If the Apple walled garden is like a levy rated for a 100 year flood but the APT surveillance is like a 1000 year flood, that 1000 year flood is going to top the levy. While it would be nice if Apple could build a levy that would withstand the 1000 year flood, you can definitely make a case for building security that’s good enough for the masses even if it might not withstand an entity with four acres of Crays and 10 zero days to burn, maybe even an unexposed trap door in a cryptographic standard or malicious hardware implanted during the manufacturing process.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Not Trying Hard Enough to Protect Users Against Surveillance, Researchers Say
- Thread starter MacRumors
- Start date
- Sort by reaction score
No. Technical observations or solutions aren’t necessarely lead by or lead to a political position regarding the security of citizens. They can, but its not technically a necessary precondition or effect of a security solution. The later seamed to be the foundation of your observation.
Last edited:
My apologies for a delayed response. I don't check replies very often.
From the article: "Android also places limits on 'observability,' but the locked-down nature of iOS, in particular, has drawn the ire of security researchers because Apple has heavily leaned into its focus on privacy and strong security protections, especially compared to other platforms."
"Compared" in this context is the same as "relative".
Matthew Green had a great thread today. I'll post it below so as to not force folks to figure out compiling the twitter thread, etc
Everyone keeps writing these doomed takes about how “the US government is going to force tech companies to comply with surveillance, so they might as well just give in preemptively.” Like it’s inevitable and we should just hope for what scraps of privacy we can.
Even I was pessimistic last week. What I’ve seen in the past week has renewed my faith in my fellow countrymen — or at least made me realize how tired and fed up of invasive tech surveillance they really are.
People are really mad. They know that they used to be able to have private family photo albums and letters, and they could use computers without thinking about who else had their information. And they’re looking for someone to blame for the fact that this has changed.
People are telling me that Apple are “shocked” that they’re getting so much pushback from this proposal. They thought they could dump it last Friday and everyone would have accepted it by the end of the weekend.
I think that reflects Apple accepting the prevailing wisdom that everyone is just fine having tech companies scan their files, as long as it’s helping police. But that’s not the country we actually live in anymore.
Anyway, I don’t revel in the fact that Apple stuck their heads up and got them run over by a lawn mower. I like a lot of the people on Apple’s security team (I turned down a job there a few years ago.) But people need to update their priors.
At the end of the day, tech companies do care a lot about what their users want. Apple has heartburn about this *not* because Congress passed a law and they have to do it. They’re panicked because they did it to themselves, and they can’t blame Congress.
A few folks in Congress, for their part, have been trying for years to pass new laws that force providers to include mandatory backdoors like this new Apple one. They failed repeatedly. In part they failed because these systems aren’t popular.
And so the shell game has been to play one against the other. Congress can’t quite pass laws requiring backdoors because there’s no popular support. But providers somehow have to do it voluntarily because otherwise Congress will pass laws.
Everyone keeps writing these doomed takes about how “the US government is going to force tech companies to comply with surveillance, so they might as well just give in preemptively.” Like it’s inevitable and we should just hope for what scraps of privacy we can.
Even I was pessimistic last week. What I’ve seen in the past week has renewed my faith in my fellow countrymen — or at least made me realize how tired and fed up of invasive tech surveillance they really are.
People are really mad. They know that they used to be able to have private family photo albums and letters, and they could use computers without thinking about who else had their information. And they’re looking for someone to blame for the fact that this has changed.
People are telling me that Apple are “shocked” that they’re getting so much pushback from this proposal. They thought they could dump it last Friday and everyone would have accepted it by the end of the weekend.
I think that reflects Apple accepting the prevailing wisdom that everyone is just fine having tech companies scan their files, as long as it’s helping police. But that’s not the country we actually live in anymore.
Anyway, I don’t revel in the fact that Apple stuck their heads up and got them run over by a lawn mower. I like a lot of the people on Apple’s security team (I turned down a job there a few years ago.) But people need to update their priors.
At the end of the day, tech companies do care a lot about what their users want. Apple has heartburn about this *not* because Congress passed a law and they have to do it. They’re panicked because they did it to themselves, and they can’t blame Congress.
A few folks in Congress, for their part, have been trying for years to pass new laws that force providers to include mandatory backdoors like this new Apple one. They failed repeatedly. In part they failed because these systems aren’t popular.
And so the shell game has been to play one against the other. Congress can’t quite pass laws requiring backdoors because there’s no popular support. But providers somehow have to do it voluntarily because otherwise Congress will pass laws.
You made so many assumptions about me. So pathetic that it's not even worth the argument.