Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Apple: Does backflips to protect your data

Apple's competition: Steals your data outright

Most of this thread: How could Apple act this way



You're kidding yourself if you think apple is in the business of protecting your data beyond marketing itself as such. Just like all it's competition it's in the business of using your data like them.


> You're kidding yourself if you think apple is in the business of protecting your data beyond marketing itself as such.

It is entirely possible to create a business where others ignore user demands, like, say, privacy. Apple does not have a massive advertising incentive to process user data as others do. I am not a huge Apple fan (typing this from my Windows machine), but I am not ashamed to admit that some companies are good at some things, and others at other things (insane idea I know)

Apple does not have to homomorphically encrypt your data. They do so because they have "made privacy a feature," as they say in their marketing. You can also just read the research papers or code if you want, since they have published those, too. Have you read those?


No I've not read them, I don't see why I would as I'm not an apple customer. But I do wonder if apple are in charge/control the encryption keys to your encrypted data...


They are not, that is what makes it secure and why you should read the manual.


So no third party, including law enforcement can access data held by apple? Including apple? At any point?

I'm asking these questions because I'm definitely not going to read the manual, for the reason I've already said, you seem to have read the manual, and I find it hard to believe. I'm only aware that apple offers advanced protection on your uploaded data, which you have to opt into, which might be what you're talking about...?


Ultimately, here is a user-level guide to this feature:

(1) Do you trust iCloud? iMessage?

If so, then you already trust weaker technologies than the ones in use here. In my opinion, trusting iMessage is sensible, and it has been tested (see: FBI and San Bernardino shooter's phone).

(2) Do you trust TLS (i.e. HTTPS)?

If so, then you already trust weaker encryption architectures than the ones in use here. Your counterparty over TLS necessarily needs to _decrypt_ the data you send it. That is not the case here; homomorphic encryption means Apple processes the data in _encrypted form_.

(3) Do you consider opaque derived data as risky as plaintext metadata?

If so (i.e. if you feel an MD5 hash of your phone number is just as risky as your actual phone number), then you may take issue with this feature. If not (you are OK with hashes of your data because you understand how encryption works, and that it must be transmitted either way, so a salted hash is obviously a strictly better choice), then you already trust weaker protections than the ones in use here.

(4) Do you trust Face ID/Touch ID?

Hardware-secured keys are a necessary root of trust which underpins all these features. If you don't trust these, you won't like this feature, and, in fact, all bets are off.

Thus, the feature is secure enough to be defaulted to an active state.


> I'm only aware that apple offers advanced protection on your uploaded data, which you have to opt into, which might be what you're talking about...?

This is to store your data within iCloud. You can turn it off or on at your convenience, but end-to-end encryption prevents other features, which is why they leave the decision up to users.

In contrast, the article linked here does not involve your actual data leaving your device in any way. Even the metadata is encrypted and hashed and then compared in obfuscated form. Homomorphic encryption allows these computations to take place _on the encrypted form of the data_, _without_ revealing the results. Only you can make sense of the result.

Thus, data can be exchanged with a foreign computer while provably keeping your _actual_ data safe, since the computation was performed on an obfuscated form of it. Apple can't even track you down to gain your device's cooperation in decoding it, since you are hidden behind a proxy.


> So no third party, including law enforcement can access data held by apple? Including apple? At any point?

Correct. iMessage already delivered the features you are describing. The features described here are even stronger, since there is no centralized key escrow.


> Apple: Does backflips to protect your data

That's what their marketing says. I'm not sure how far you can actually trust that. They're an ad and media company as well.


I am merely comparing homomorphic encryption, client-side vectorization and ML, and so on, to not doing those things. Nothing to do with marketing. Read the manual


>>Apple: Does backflips to protect your data

Yet they enabled this feature by default. Disabled by default would be easier than a backflip?


The feature is not unsafe in the first place, so turning it on by default grants useful functionality without risk.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: