Apple Warns of Privacy Risks in EU's DMA Interoperability Requirements

[surferfb]

Ah yes. Of course it's completely plausible that Microsoft, or any other large corporation, will assume that.

So they shouldn’t assume the EU knows and understands the potential implications of what they’re demanding?

I mean, based on everything I’ve seen from the DMA I agree that’s probably a good idea to assume the EU’s regulators don’t know what they’re doing, but find it kind of strange that people who think the EU is qualified to design iOS also think the EU needs to be told that giving people kernel access might be a security issue.

If that’s the case then I’d suggest they should just leave designing OSes to the professionals then. But what do I know.

 

[davide_eu]

What search engine does siri use? - GB Times

What Search Engine Does Siri Use? Siri, the virtual assistant developed by Apple, has been integrated into various Apple devices […]

gbtimes.com

Source from a$$le?

 

[davide_eu]

It’s funny you bring up cars… auto manufacturers of course leading the charge on explicitly refusing to open up telemetry data to Apple and Google. Sure, they say it’s to protect the data, to prevent their secrets from being stolen… that also may be true, even if cynical… but that sure isn’t stopping them from taking that data themselves. Oh well. That’s the benefit of controlling your own product.

Mmm it seems I have already heard this... it was from... mmm... a$$le?


Ah but this behavior from a$$le is good, from somebody else is bas, isn't it?

 

[BuffaloTF]

Mmm it seems I have already heard this... it was from... mmm... a$$le?


Ah but this behavior from a$$le is good, from somebody else is bas, isn't it?

I’m not sure what this has to do with what I wrote. I both gave a positive account for why, and a cynical one for why. You’re free to choose the good or the bad… or even both.

 

[Unregistered 4U]

The agreement never mandated kernel access. Just the same access that Microsoft tools use.

Apple has endpoint security APIs, Linux has it, there is no reason why Microsoft could not have them by now.

The agreement mandated “the same access that Microsoft tools use”. Microsoft tools used “kernel” access. So, the EU was mandating “kernel” access. I’m pretty sure the discussions leading to the agreement included pleas to the regulators trying to get them to understand what “kernel” access meant, and those pleas were likely met with “Either follow our demands and we’ll get off your back or don’t and we’ll do even worse!”

Which is why the EU needs to find some tech talent to help them understand what things like “kernel access” means. And, why they should never ever mandate anything like that in the future, no matter how “tough” they want to appear.

 

[Unregistered 4U]

Could Microsoft had worked harder to prevent the EU’s insane idea from causing a massive outage? Sure. But again it literally would not have happened without the EU demanding something insane.

The EU COULD have said, “Hey, we understand what this whole kernel access thing means, now. And, we know that it could potentially lead to catastrophic results if a third party, obviously without your years of intimate knowledge of the system, were to make improper changes. So, we’ll exempt that for now, because we want to see the rest of this implemented. BUT, after this agreement is complete, we’ll begin working with you immediately to ensure that a system, similar to the ones we’ve learned of being used in other OS vendor’s products, is put in place to resolve this exemption.”

The fact that they still seem gung ho on pushing changes that they don’t understand the impact of, shows they haven’t learned from CrowdStrike. And, that puts them on a path of impacting EU companies by even more millions/billions in the future.

 

[jido]

Microsoft makes the OS. They deserve whatever access for their security products they want BECAUSE THEY MAKE THE OS. Crowdstrike/MacAfee/Kapersky don’t make the OS, so their products shouldn’t get the same access.

If the EU hadn’t demanded it, it wouldn’t have happened. Full stop. It’s not a debatable point.

It's not just any OS though. It is the OS installed on the majority of PCs worldwide.

If you think it is more secure to leave security to a single vendor (Microsoft), all the power to you. That is not what most security experts think.