Apple shared all their iCloud user data (messages, pics, docs, etc.) and keys with the Chinese government last year. [1] Apple even updated their TOS forcing Chinese users to agree to it or drop service. [2]
Google got flak for just considering it with Dragonfly, but Apple actually did it.
> Apple shared all their iCloud user data (messages, pics, docs, etc.) and keys with the Chinese government last year. [1]
They shared all their Chinese users' iCloud data. It's a huge distinction and I feel like you paraphrased it deliberately to try to make Apple appear to have sold out all of their users worldwide. While what they did in China is terrifying in general, it doesn't compromise security for any Apple user outside of China as you very strongly implied it did.
Here's the very first sentence from the link you posted (emphasis mine):
> A state-owned telecommunications company in China now stores the iCloud data for Apple’s China-based users.
You are using one instance - sharing Chinese users' data with the Chinese government - as the sole metric for judging a company's privacy policies. That's just as dishonest as the GP paraphrasing the link they cited to make it appear Apple did something they did not.
I'm not defending Apple WRT their data privacy practices in China; as I said it's terrifying and hopefully not a stepping stone. I was simply calling GP out for deliberately misrepresenting their own citation to make a false equivalence.
Sharing millions of users' personal data with a surveillance state notorious for civil rights violations is not a trivial matter, especially in any discussion involving privacy reputation.
If you think there are privacy issues that are more important than that then list them.
And again you are being dishonest. I never said it was a trivial matter, I said it was terrifying. I was calling out a deliberate attempt to falsely claim Apple was doing to all of its customers what they did to its customers in one country but you are trying to twist it into something completely different by putting words in my mouth. Shame on you.
And now that you've brought this discussion into ad hominem territory, it has lost any relevance to the actual topic at hand. Peace.
This allows Apple to continue selling their hardware and software to people living in China (of which there are a lot). This is not a problem with Apple, but a problem with China.
This is constantly being misreported. No. They. Do. Not. Apple's data is kept on the device and so are the keys. If you enable that data to be put on the cloud (it's an opt-in) then they will also store the key, but otherwise they do not.
iMeasage, the one be thing that really matters in this case, encrypts it's chats "end to end" but using keys managed centrally by Apple, regardless of your iCloud sync situation, and manages them in a way that can't inspected by users. If a decrypted copy of all your encrypted chats is being sent to a government sink, there is no way for you to know or prevent it.
China cares about being able to intercept and decrypt your communication, they want to be able to identify and punish political threats. That's a service that Apple CAN provide to the Chinese government for all iPhone customers.
I'm always curious how can people get so confident about Apple's security practices, given that none of the parts are open source?
Is the trust solely reputation-based?
Boycotting of countries or not is one thing. Once in a country and following the law, Apple's business model is simply more conducive to privacy. Unlike Google, they are not reliant on the collection and analysis of data. On the contrary, like DDG, they use privacy as a differentiator and advantage. The only thing you can trust about companies is their business models.
If you just cherry pick actions and ignore things such as sharing millions of their users' data with a surveillance state, then sure, they seem privacy focused.
Source? iMessage is E2E encrypted so no, Apple did not share that part (or other encrypted data like keychain). They’ve actually gone pretty far in protecting their E2E encryption from adversarial clouds.
Added sources. Apple moved the keys for accessing the data at rest to Chinese servers, which were nationalized by the Chinese government. The Chinese government has access to the users' data at rest and the keys to decrypt it.
I think you are misunderstanding. Apple moved Chinese iClouds to Chinese firms. So yes, Chinese iCloud users in China will be under the full surveillance of the government. Which they always have been. But that has no impact on anyone outside of China.
Dragonfly is a censored search engine, not a user data base.
The Chinese firms were nationalized by the government in July, giving full access. This isn't generic surveillance but complete ownership. First source listed in my original comment.
Dragonfly was complying with China's firewall, because clicking broken links in search results sucks, but it was also linking every search query to the users phone number and sharing with the Chinese government, which is what Google employees revolted over.
But since key management is out of your control or visibility, Apple can just add another key to your account on behalf of the government. They don't have to disclose the existing keys on your device. This gets them the messages going forward but not the ones from the past. So they'd have to do this for all Chinese customers ahead of time, rather than as a response to an inquiry.
Anything's possible if the vendor secretly collaborates with a government to insert vulnerabilities and lies about it. But what we're talking about here is, given the way Apple has publicly declared how the system works[1], what can a government do with full server access.
Apple states "All of the user’s registered devices display an alert message when a new device, phone number, or email address is added." So no, it's not correct to say key management is out of your visibility.
Yes but they are now E2E encrypted. Apple rolled out "Messages in iCloud" recently which preserves E2E encryption and excludes messages from regular (not E2E encrypted) iCloud backups.
Because Tim Cook, as a homosexual, has teared up when speaking about human rights abuses of homosexual under repressive regimes, and how as the CEO of apple, he will do anything within his power to ensure your data stays safe on apple infra / hw because he personally thinks about it. Can't remember the interview, but it was quite touching actually.
He's very clear in shareholder calls / letters and in their privacy policy. So much so that he even calls out the competition[1] for doing it as Apple does not. From an economics standpoint, Apple doesn't make money on your data. They sell you overpriced but quite sophisticated hardware and became one of the most valuable companies in the world doing this. That and he advocates for a US equivalent of the GPDR[2] which absolutely and directly would impact the bottom line of companies like Google and Facebook.
Then there is Apple's official privacy policy, where they are very explicit that they don't gather personal information to sell to advertisers. In much of the non-US world, saying that and not following that is blatantly illegal.
> Because Tim Cook, as a homosexual, has teared up when speaking about human rights abuses of homosexual under repressive regimes
...but is also more than happy to meet and shake hands with the leaders of those repressive regimes? Like the UAE, which criminalizes sodomy and deports those who identify as LGBT?
There's another way to look at it - Tim Cook has managed to get these leaders of repressive regimes to shake hands and do business with an openly gay man who is widely admired.
Homosexuals don't have some special monopoly on honesty, nor are they immune to using emotional string pulling when they try to get you to believe what they are saying.
The reply would have been better without the first paragraph.
Regardless, Apple do collect lot of personal data. And even if they don't sell it or use it for marketing now, they could still potentially lose control of it, or change their policies down the road.
The safest approach from a privacy perspective is not to collect the data in the first place.
> Homosexuals don't have some special monopoly on honesty, nor are they immune to using emotional string pulling when they try to get you to believe what they are saying.
The reply would have been better without the first paragraph.
I believe the point was that he was advocating for a cause which doesn't benefit him or directly affect him. I think it's a valid point: it's easy to fight for things that benefit you. It's like you'd be less skeptical if a rich person fights for higher taxes on the rich than when a poor person does.
I'm an attorney and have worked with several financial institutions drafting policies/statements/investor disclosures about privacy and user data. For most financial institutions user privacy is good for the bottom line but expensive so they tend to do the bare minimum. The bare minimum is not a lot but it's quite a bit more than nothing, which is what most non-medical/non-financial institutions have to do. I've never worked with a tech company on privacy matters but I would expect any company that depends on collecting and monetizing user data to be much more aggressive than the typical financial institution. That said, comparing Apple's privacy policies to those of a financial institution they are truly above and beyond any minimum regulatory standard.
I know most people don't pay them any attention but I'm really not sure you could find a more customer-focused privacy policy. I've yet to find one and I would guess I've read at least 10x as many privacy policies as the average person. Everything from what their disclosures say to how they've structured them to be easily read, easily understood, and (dare I say) engaging is indicative of just how much they prioritize user-privacy.
This is the same Tim Cook that praised a conference to promote China's "cyber-sovereignty" vision as "developing a a digital economy for openness".
Don't forget that Apple is very good at marketing, and will change their message to fit the market.
"Homosexual" is not strictly offensive, but does mark you as potentially holding regressive views. It's easy enough to see from context that you're probably okay, but you can't always count on context.
we're getting super off topic here, but my understanding is that 'black' is actually becoming more PC and acceptable largely because many black people are neither African nor American
To those of us who are, it sounds excessively clinical, most of us dont like thinking of our sexuality in a clinical way. Also the poster is not wrong, talking about homosexuality, is cool and okay, calling someone a homosexual is often a language flag that they may be less than open minded.
This might all be true, but is there ever going to be a point where we assume positive intent? We shouldn’t be inferring deep-seeded psychological attributes in every day communication. It’s super likely that nothing at all was meant by using the clinical term.
I didnt see a lack of good faith in the discussion, it was more of a "hey, you might wanna know, that using that particular word associates you with this group you might not want association with" - which if anything is an assertion that requires good faith to make.
I can't reply to your other one because of HN max-thread rules, but yeah. My wife has a masters in social work, or as we like to joke, is a professional social justice warrior. Keep fighting the good fight.
Speaking on behalf of all gays?
Even if you’re gay, I’d be pretty sure you’re mostly just capable of speaking for yourself.
Either way it’s a bummer you were offended.
Afaik Apple went above and beyond to make sure their original iPhone fingerprint sensor never leaked the fingerprint to any app or even the OS itself. Android always just did whatever with the print.
If that's the same philosophy now, Apple is definitely better than Google in terms of privacy.
Full disclosure: I own an Android device and no Apple product except an iPod from 2009 or so.
Is it really private though if it's all being collected, encryption and all, to be decrypted at a future date when the technology is available? All data on the net is captured by the NSA and stored at multiple data centers. One's in Utah. No company can really claim privacy if their product touches the internet since all of the pipes are tapped. It's all semantics. Maybe saying "we don't directly..." or "we don't make it easy..." would be more accurate. There is no privacy on the net, period. It's temporary privacy in the immediate present at best. 5 years from now? They might be able to decrypt everything from the last 10 years that they already have stored. It's guaranteed at some point. 6 years ago Snowden also revealed Apple was on board with the data collection. They are lying, and people don't care and go along with the show. https://appleinsider.com/articles/15/01/21/nsa-leaker-edward...
My larger point was about all of the data, not biometrics specifically. Great, your fingerprint never left the device. Everything else does, which is probably way more personal data than just a fingerprint. Your fingerprint really does me no good unless I want to try to frame you for a crime, or want to get into your specific device or other thing that requires biometrics (maybe your work). Your data, I can make use of a lot of if I were criminally inclined. Your credit card numbers, your ssn, your investment accounts, your pics for making false ID's, passwords, or any other data that has ever flowed from your device. You'd have to be pretty sophisticated to be able to make use of someones fingerprints, while basically anyone could use your credit card number. Which is more valuable and larger vector for exploit?
None of the data you describe ever leaves the device unless you opt in to syncing it to iCloud (which is not on by default). The FaceID/Fingerprint never leaves the device and if you don't enable iCloud syncing of the other data off the device the data is unreachable with keys kept on the device.
Its reasonable to think things encrypted today with good methodologies are likely to remain secure forever.
NSA can't change the fundamental laws of the universe. While cryptology and mathematics is constantly advancing, there hasn't been a fundamental breakage of a block cipher in ages, nor has any evidence emerged to suggest the fundamentals of RSA will be broken.
Computing power alone isn't enough to break todays strong cryptography, and its certainly possible that the underlying math is a constant of the universe.
Edit: Not to mention the snowden leaks suggests that the NSA spends most of their effort subverting implementations rather than the fundamental mathematics.
Apple are primarily a hardware company. They make money on the sale of devices. They also make some money as a marketplace for apps and media. They have no significant revenue from data harvesting or advertising sales.
Google are an advertising company. The overwhelming majority of their revenue is from targeted advertising. Their ability to harvest user data is the primary factor affecting their bottom line.
For Apple, privacy is a no-brainer. It doesn't harm either of their primary revenue streams and it gives them a substantial point of differentiation against their main competitor. Apple have an ongoing commercial imperative to improve the privacy of their products and services; Google have an ongoing commercial imperative to the contrary.
They also make a lot of money in China where betraying their users privacy was required to enter. And that was almost the same week then their CEO, Tim Cook, told on camera that privacy is "fundamental human right". I guess he doesn't consider Chinese people human.
I'm currently on my first iPhone. They spell out what they do with data in just about every app and setting. There's an almost annoying number of modals related to privacy and general control of data.
Maybe it's all for show, but they seem to take privacy seriously.
It's a fair question. For starters, comparing the business models, and how iOS implements privacy relevant aspects vs. how Android does so, might lead to reasonable assumptions.
Apple's business model is not selling your data for advertisements. They make their money the old-fashioned way - charging customers for their product (hardware).
If Apple could see a way to make money out of your data they would do it without blinking. The only reason they went with the privacy angle was that they failed when they tried to build their own ad network.
They failed with their ad network in part because they weren’t willing to share user data with advertisers. You’re conflating correlation and causation.
Privacy aside, Apple maps, in my experience, are definitely worse than Google in terms of actually corresponding to reality. Apple Maps navigation also takes me on convoluted routes far more often than Google does.
My own experience ( North east US) has been somewhat different recently.
Yes routes from Apple maps, may appear longer or more convoluted at first glance. However after using it ( due to CarPlay) for a while on routes I had previously regularly done using google maps, I inferred a reasoning for that.
On the ~90 minute journey to my in-laws, the predicted journey time, is generally advertised as being quicker on google, but in practice the time difference is marginal.
What was different in my experience anyway, is that Apple maps seems to try to minimize left turns where appropriate.
The benefit being a noticeably less stressful journey.
I can’t speak to left turns, but someone attempted a careful evaluation of the turn-by-turn options and Apple’s estimates were generally more conservative, leading to the conclusion that you point out, that Apple looked slower but wasn’t.
Is it though? A few months ago Apple Maps gave me wrong directions going from Custer State Park to Mt. Rushmore (two major tourist locations relatively near one another).
At least here in western Norway, Mapbox’s directions are incredibly buggy, to the point where they’ll send you on a 150-kilometre scenic drive (including two ferries) to avoid a tunnel instead of going 15 kilometres straight through the mountain. This is apparently because they’re rolling their own telemetrics-based data on top of the OSM road network.
Then again, Apple Maps (on DuckDuckGo) seems to think I that want my maps labelled in Indonesian, so you may still have a point.
Or a deal. Perhaps DDG will help Apple out as provider of search data of some kind (like WolframAlpha, or Yelp). Not sure what this could be that Apple can't do themselves though.
If Apple wants to focus more on services it makes sense to onboard people into using their APIs and challenging Google on this developer front too.
