Are we to believe that LEO and NSA do not cooperate on certain fronts.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple to Launch a Global Law Enforcement Web Portal to Streamline Data Requests by End of 2018 [Updated]
- Thread starter MacRumors
- Start date
- Sort by reaction score
Are we to believe that LEO and NSA do not cooperate on certain fronts.
As for "I've done nothing wrong" and "nothing to hide", you don't get to decide what is wrong.
And of course, there is no such thing as misconduct by law enforcement agencies.
Last edited:
Does a certain portion of Apples revenue depend on services (maybe not the past however going forward), if the answer is even a slight yes then you are the product. Remember Apples services portfolio was not mature in th past and the future is focused on growth and that means the importance placed on a user being the product is also going to increase.
People usually believe that advertisements is the main source to consider that you are a product, guess what it is not. If Apple or Netflix is recommend you any future content, you are the product as it can sell you more content, services or hardware.
If you purchased a calculator that does not connect to the internet from Apple, guess what you may still be a product as you purchased that item from Apple and their know if there is a demand for non-connected calculators and the type of customer who is interested in such a device. If you like it or not you are a product to all these companies. Your definition is skewed or biased as you are choosing to view Apple in a positive light vice other companies such as Google.
Ah yes, the classic if you don't have anything to hide, then you shouldn't care. Surprised you didn't throw in something about protecting children.
2012 for one:
https://mashable.com/2012/08/05/hacker-icloud/#VUlEbgBTLuqd
Obviously it is more difficult with 2FA etc now, but the principle is the same. With enough time and effort eventually social engineering can work.
Well, that was barely a social engineering attack on Apple at all, though there was certainly a weak security practice there. By the time they got to talking to Apple they had his name, physical address, iCloud account email and last 4 digits of his credit card. Most of this came from failing to anonymize ownership of his website, not using 2FA at Gmail and some equally questionable practice at Amazon
https://www.macobserver.com/tmo/article/how_to_avoid_a_mat_honan_style_mac_icloud_hack
Why not just give them an API? They can integrate it with some warrant server which will set the token for an automatically issued warrant and then instantly get at whatever they want to on your phone.
As a fellow traveller, your comments and experiences are quite true. It seems that in the effort to control people/citizens of a given country, the government has resorted to propaganda to strike fear in the hearts of the uninformed and convince the masses to hand over data for their protection against the evil doers. What people do not realize is that their are enslaved by the governments their elect who are controlled by corporate interests. It is an illusion of freedom of choice.
It started well before the 1st gulf war, and has slowly evolved to strike more fear and paranoia for the masses as the technology evolved alongside. This is not a mistake at all, the news loves to project that other nations are uneducated war mongers and those nations are not safe along with their citizens. Government agencies love to meddle in other nations affairs and using methods of sanctions to adhere to corporate interests.
When will people unravel the veil of ignorance is beyond me.
[doublepost=1536271897][/doublepost]
The narrative has been evolving, however we have all been part of it for over two decades if not longer.
The analogy one could use is as such, I am afraid that a burglar/theif/murderer will break into my house and do harm to my family/me and steal my safe. Solution give the local law enforcement a key and code to my private safe in the event their locate it to confirm if it belongs to me and considering the thieves did not break into it by brute force.
Days later the local law enforcement question why I have a private safe in my house and not to store my valuables in a bank. Starts raising more questions, next law enforcement open my private safe with the key and code I provided to confirm that nothing suspecious is occurring.
Days later local law enforcement individual who has the key and code mentions to a friend/family/relative that I have some items of interest and this is the key and code. Would be criminal breaks into private safe without any problems.
Moral of the story if it is personal and valuable to you keep it private and only share it with the people you trust (family/spouse/nobody). It is human nature to obtain an advantage may it be fair or unfair, add the 7 vices and it is a recipe for harm.
Last edited:
Apple only provides law enforcement with the most narrowest forms of data when a valid warrant is issued - not just when a law enforcement agency "asks." In addition, Apple can't provide information that they don't have access to, nor will they make an attempt to gain access to that information (i.e. install a backdoor on an iPhone).
Also, as far as I understand, if you have two factor authentication enabled, the info Apple can decrypt from your iCloud account is extremely limited.
The FUD being spread on this forum is really amusing - as it shows how little most people understand how law enforcement and search warrants actually work.
What about... you need a warrant, signed by a judge. And it is the kind of portal where any hacker would know that it is very, very unwise to attack it because it will seriously piss off people that you don't want to piss off.
[doublepost=1536274240][/doublepost]
Nonsense. The NSA cannot break 256 bit encryption. Nobody can break 256 bit encryption. They are rumoured to have broken one 128 bit key at a cost of about $100,000,000 (it was an important key, used by about 11% of all servers for https connections). 256 bit is physically impossible.
[doublepost=1536274483][/doublepost]
Where did you read that Apple has any keys for iMessages, and where did you read that the government has any keys?
[doublepost=1536275227][/doublepost]
You are setting up a straw man. Safe encryption is overall a benefit to society. As a rational person, I know that. Actually, the NSA has repeatedly supported that view - even though they would love to be able to crack the encryption of the bad guys, they know that if they can, then the bad guys can also crack the encryption of lawful citizens, not so lawful citizens, law enforcement, industry, army, government and so on, and overall it is bad. The FBI has very limited interests; they want to solve cases and don't care about the disadvantages, so their selfish view should be ignored.
You are talking about a situation where I would be under fear and not able to act rationally. It's quite possible that I would ask for things that are not beneficial for the society as a whole in such a situation. But I would do so because I'm acting irrationally. I want my rational voice to be heard. I don't want you to listen to anything I say when I'm acting irrationally.
BTW. The situation you describe is highly unlikely. As you describe it, the police has the perpetrator and his phone under their control. Having the perpetrator should be enough to get my loved ones out of danger.
And now tell me how many politicians there are who have nothing to hide. Few years ago, there was a scandal in the UK where lots and lots of MPs had been cheating on their expenses (including the husband of the Home Secretary putting the cost of his porn on her expenses). Guess what: Their expenses are now secret. I have things to hide, as any normal person has, and for the rest: They are none of your f***ing business.
This is chilling to see it in print ... "customer service records, and iCloud content such as emails, stored photos, documents, contacts, calendars, bookmarks, Safari browsing history, Apple Maps search history, iMessages backups, and iOS device backups".
Smartphones are essentially user-friendly tracking devices.
Smartphones are essentially user-friendly tracking devices.
Disagree. I can buy apple services, such as Apple music and still not be the "product".
Apple still doesn't deliver miscellaneous ads to you that have nothing to do with the apple ecosystem, and you can opt out of all of that, like I did. Apple never sent me an ad to buy additional icloud storage, yet I did. Therefore I am not the product.
This doesn't track. Your definition of being the product is skewed as you are choosing to view apple in a negative light. They still don't send miscellaneous ads to me that have nothing to do with apple. Therefore I disagree about your premise.
[doublepost=1536278167][/doublepost]
Even with Intel, I am not the product. But this still has nothing to do with the premise of the thread, that apple is under obligation to provide information to law enforcement and that has nothing to do with this particular conversation.
Security people are more concerned about whether there's a "door" at all. Apple claims certain things like iMessage and Keychain are encrypted end-to-end with no way for them to get in. Other iCloud features are known to not be secured this way, meaning you should assume someone will access it if given a reason.
I've always suspected there's some way they can obtain the e2e keys because of the fact that Apple ID passwords can be reset by some combo of entering security questions and contacting support, but there could be some complex thing they have in place involving hardware that makes them still not have a key, and IDK. Someone should check that out, accessing a locked Apple account starting with nothing.
[doublepost=1536282588][/doublepost]
I'm not afraid of the US government misusing this, but not everyone lives in the US. I'd be afraid if I lived in China or somewhere like that. Heck, even the UK and most of EU don't have free speech, so certain edgy but not wrongdoing people should be concerned.
[doublepost=1536282974][/doublepost]
They do encrypt the data at rest, but it's decrypted during use, meaning they have access to it, except for their end-to-end encrypted services. End-to-end encryption is very difficult or impossible for many services; even iMessage has tons of flaws and bugs due to it.
[doublepost=1536283108][/doublepost]
Lol, I saw this and had to cmd+f the article. So iMessage is supposedly encrypted end-to-end, but the backup of your messages is not, and they can access that. Wow. At least you can avoid this by not storing your backups on iCloud, which I don't anyway just cause it's glitchy af.
[doublepost=1536283581][/doublepost]
I'm sorry, but this is misinformation. You're saying this like 512-bit encryption is just twice as strong as 256-bit when it's actually 2^256 times as strong. Nobody makes hardware advances like that. Also, I'm pretty sure 256-bit is already considered impossible to crack by brute force but don't remember off the top of my head.
There are sometimes ways to crack encryption not by brute force. Maybe a flaw in the algorithm, or the algo not being designed to be still difficult for quantum computers (like RSA). For the RSA-cracking quantum algo the number of bits of the privkey matters a lot for the type of machine they'd have to build, but it's irrelevant because they're nowhere close yet.
Last edited:
Lol, never say never the same thought process was used for 128 bit encryption and yet here we are. NSA does not publically disclose present and future (research) capabilities. It is well understood in certain communities that once the industry moves to 512 bit encryption NSA will report publically that it has cracked 256 bit encryption, the reason for this is understandable to stay ahead of the curve. You don’t honestly believe those multi-leveled basements are for storing boxes and hiding away interns.
[doublepost=1536286000][/doublepost]
Are you receiving “suggestions” for other music tracks or artists, if so then your habits are being tracked by Apple and you are the product.
I remember Apple “iAds” that was a failed attempt to copy AdSense, now the ads are just pop-ups or fullscreen in the apps, not sure if this is Apple’s doing however I usually pay for my apps so it is not a big distraction. Most ads are for other games or app available on the AppStore so yes you are being redirected from ads within apps back to the AppStore, so you are the product.
Fair enough, I also don’t receive ads from other companies such as Google unless I am using a 3rd party app from the PlayStore, similar to Apple’s AppStore. Not viewing anything in a positive or negative light, I call it as I see it. I am not taking sides, I understand the dynamics of the market space.
All companies use subtle methods of advertising and the user is the product, some go overboard like FaceBook, while others like Apple go about it in other ways. Make no mistake if a corporation is selling anything you are a buyer and thus a product to market to.
When I used to visit the local video rental store when those were around, the employees I knew understood what movie selection I liked. The company on the other hand tracked my rental history, however did not actively engage me in anyway (limited marketing strategy). Now if I use a service such as Netflix or the iTunes Music Store, I get recommendations on my prior viewing/listening history what artists or tracks may appeal to me to make a future purchase. This my friend is marketing and you are the product to sell you a service or product. I can only turn this off from me viewing it, however in the background it is still logging my usage and the moment I turn it back on, it is like I never turned it off to begin with. There is not blank space for the duration it is off.
[doublepost=1536286146][/doublepost]
Apologies you do not have the required clearance to know this information.
No, I am not receiving any suggestions or emails. Therefore I am not the product.
The user becomes the product when the company is making it's revenue from your digital life, not your hardware purchases.I remember Apple “iAds” that was a failed attempt to copy AdSense, now the ads are just pop-ups or fullscreen in the apps, not sure if this is Apple’s doing however I usually pay for my apps so it is not a big distraction. Most ads are for other games or app available on the AppStore so yes you are being redirected from ads within apps back to the AppStore, so you are the product.
Fair enough, I also don’t receive ads from other companies such as Google unless I am using a 3rd party app from the PlayStore, similar to Apple’s AppStore. Not viewing anything in a positive or negative light, I call it as I see it. I am not taking sides, I understand the dynamics of the market space.
All companies use subtle methods of advertising and the user is the product, some go overboard like FaceBook, while others like Apple go about it in other ways. Make no mistake if a corporation is selling anything you are a buyer and thus a product to market to.
When I used to visit the local video rental store when those were around, the employees I knew understood what movie selection I liked. The company on the other hand tracked my rental history, however did not actively engage me in anyway (limited marketing strategy). Now if I use a service such as Netflix or the iTunes Music Store, I get recommendations on my prior viewing/listening history what artists or tracks may appeal to me to make a future purchase. This my friend is marketing and you are the product to sell you a service or product. I can only turn this off from me viewing it, however in the background it is still logging my usage and the moment I turn it back on, it is like I never turned it off to begin with. There is not blank space for the duration it is off.
[doublepost=1536286146][/doublepost]
Apologies you do not have the required clearance to know this information.
So when you are using Apple Music you get no recommendations for artist or tracks you do not own, or did you turn this function off. I have not used Apple Music in awhile and have deleted it from my iPad, thus I am curious. To be fair if you are going to compare other companies such as Google, I don’t receive advertisements from them either similar to my Apple devices. I am not sure how you can say that with Apple you are not a product and with Google you are. I was never pressured to purchase an Android phone or signup for any Google services, I went through the same process with iOS.
FYI, I use Google maps on both iOS and AndroidOS as it is a superior product compared to Apple Maps, then there are certain Apple apps that are better than Google. At the end of the day what is available on the PlayStore is also available on the AppStore (with Apples restrictive guidelines), however the same cannot be said of the reverse. Even the Files app in iOS is rubbish.
Can you access Apples eco system of services on another platform other than iTunes (limited), if the answer is no then Apple makes money from the user to purchase the hardware (no problem) and then provide integration of services. Granted you have limited flexibility with iOS, however compared to MacOS, WindowsOS, AndroidOS it is very restrictive. For example if I like the UX/UI of iOS why am I not allowed to even download a PDF file in Safari or install apps that do not conform to the AppStore restrictive guidelines. I have no problem paying the annual developer fee, and following the UX/UI design, however thre are other restrictive measures in place. I say this because a company that I beta test for informed me that Apple has removed the option to do XYZ and thus their had to remove it from their app (very unfortunate).
Good point, except you can't deny--not according to the Patriot Act--
ultimately Tim must comply or he will go to jail.
Microsoft does not require an account to use the Windows Operating System.
Nevertheless, I agree with your overall point. Many services, even outside of the technology industry require some identifying information to consume a service.
The example of apple music you are citing is no different than buying a Honda Accord and then getting postcards for discounts on oil changes. Would you go to a Honda dealer for a repair if you had a Camry?
Google makes it's money from your digital life. What did you have to buy to get gmail, or google voice or even use google search? If you do a search in google, do you notice sponsored results? They are making money serving up advertising from your digital life. Where exactly is Apple making money from you, if you don't buy an iphone or Mac?
As far as google maps vs apple maps, don't use google maps. I find the apple maps interface and POI search better for my needs. Your discussion about "restrictive measures" also has nothing to do with the who is the product of what ecosystem. As far as the walled Apple garden, you pick your poison, but that is an ecosystem decision, not a "who is the product" discussion.
Why would you think that Apple, the most profitaby company operating under US law, wouldn't take those requests seriously?
It's not the same thought process. 128 bits was uncrackable with the hardware of the time and is usually considered "good enough" today still, so it's been used instead of 256 cause it's much faster. 256 bits is well beyond what any kind of electronic computer can crack.
Last edited:
Just humour me;
If "APPLE doesn't, AFAICT, have any ICLOUD data "on me" to "hand over""
then how can Apple perform a backup completely and uterly that's your own? that they know is yours?
I use Apple Maps for nav, but the PoI search is definitely worse everywhere I've tried it. It's missing everything that's not a major business or something.
Not true regarding the Apple Music comparison to Car manufacturers sending you service promotions, a better comparison would be iOS or MacOS sending you a notification that an update is available. Where one already purchased the hardware with the OS and is getting a notification for an update. With my vehicle I do not get any promotion material to purchase accessories, I do however receive recall notices that is mandated by law. The other marketing material you can opt out of it when you purchase a new vehicle, if you purchased a used vehicles you receive nothing other than recall notices. Not quite the same thing. Had XM or Sirius sat radio was recommending me other channels and actively monitoring my listening habits that may come close to the Apple Music comparison, however it is not intrusive as such.
You purchase hardware to run iOS or AndroidOS this is the same for any manufacturer may it be a phone or a computer. I can use gmail without having to purchase an AndroidOS device, I can even signup for it on an iOS device plus I do not receive ads (have you heard of ad blockers, problem solved). I don’t use Google Voice or Siri, though the competition is better at it (privacy concerns aside), plus when I did try out both services I never received any ads, I am sure both services are harvesting some data from its users (lets not be naive). I do not use Googles search engine and if Apple had one I would not use it either (personal choice) and the ads on Google search are clearly labeled, their are not hiding it from their users. Maps also no ads.
You are entitled to your preference for map app choice, however the world over will concur that Google maps is far superior, what if the data driving Apple maps was from Google vice TomTom, would you still feel the same about Google (curious).
Please do not misunderstand that I am taking side, I am neutral in this. My point is that all corporations are harvesting data from users as their see them as products, whether you are aware of it or not and if you are, your choices are limited. You are under the illusion that Apple is a white knight, when in actuality it is a grey knight similar to other tech companies, some are just a darker shade of grey like FaceBook.
[doublepost=1536296683][/doublepost]
You are under the assumption that some agencies do not already have the hardware to crack present day encryption. USA has at least 6 machines that I am aware of and China has 4. There may be more, its hard to say my knowledge of those numbers were from a year or so ago. It is expensive equipment, however in cyberspace having even a slight advantage is priceless. You are aware of what is available in the public space, there are private and government space projects that you are not aware of.
When the USAF publicly released news of their stealth bomber, do you honestly believe that it was not developed and used years prior to the press release. By the time that was made public the next project, lets say version 2 was already being used and 3 was in development stages. That is the equivalent of showing your hands before placing a wager in poker.
[doublepost=1536297380][/doublepost]
This is what happens when you have people who make laws don’t understand the technology and use their limited understanding to the ever evolving digital space. We have had encryption technology for years now and the number of cases involving questionable character are so few and limited in degree compared to the needless violence and death caused by the easily available guns and rifles.
This is where priorities lie, rather than have stronger laws for weapons the law makers are focused on a minority group of questionable characters where the comparison of life compare to the other forms of violence is negligible compared to the security vulnerabilities that effects the masses who do no harm.
Yes, yes lets get a handle on that encryption issue I am sure these questionable characters will not figure another method to communicate.
[doublepost=1536297454][/doublepost]
It’s worse.
[doublepost=1536297795][/doublepost]
The question is, does Apple charge LEO for carrying out these requests or the customer for opening up this new service to comply with the laws recommendations. If LEO is not going to pay, there is the possibility for abuse as the customer is stuck paying the bill. This seems like a government tactic to cause as much financial and human resource pressure on corporation where these law makers do not understand technology or are stubborn to risk everyone’s fundamental rights for monetary gains. Pathetic.
Last edited: