Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
No, I don't think so. The Chinese government doesn't need or want a backdoor. They understand how dangerous and stupid that is. Instead, they just use the front door. Here's the key sentence from the BBC article: "... Apple had "strong data privacy and security protections in place, and no backdoors will be created into any of our systems." ..." The tenses in that are a little strange, jumping from past to future, but I don't think it's hard to understand. Data will still be encrypted, just as it is now, with no backdoors. Apple will still be doing everything it can to keep illegal actors away from your data. The change is in who has access to your data -- now there's a Chinese company with the same access (within China) that Apple has.
That said, it's possible this is a slippery slope and the Chinese government will want to be able to do more than just have the same access Apple currently has. I could be wrong, but I read that quote as a line in the sand -- they've stood up to the US government on this, and they will stand up to the Chinese government on it: "... no backdoors will be created into any of our systems ..." Period, full stop. They will discontinue iCloud in China before they allow that. Plus, I'm arguing that the Chinese government doesn't want a backdoor, and likely sees the folly in it -- no government in the world has a better understanding of cyber security, for better or for worse, and Russia's activities worldwide no doubt have them on alert -- they have other ways to monitor their citizens' activities. So long as Apple isn't actively preventing that surveillance, it's all good. Microsoft is in a worse situation, having allowed secret backdoors in the past -- Apple has always been consistent on this, and that likely makes Tim Cook's job much easier.
Personal data? I don’t really care, its everywhere, County records, State records, IRS records....it’s there even my medical records are all in the cloud now. Any hackers can have them all...ive got nothing to hide 🤣
More extortionate business practices by the PRC. Why haven’t these dirtbags been kicked out of the WTO yet, I ask to no one in particular?
To even things out a little, yesterday Huawei was due to announce a groundbreaking deal with AT&T, to have Huawei flagships sold in the US via the carrier for the first time.
It would have been an earthquake for the current flagship duopoly of Apple and Samsung.
The day before the announcement, the Wall Street Journal revealed that AT&T had backed out of the deal, literally at the last minute, thwarting the planned rollout.
Hours later other media signalled potential US government pressure had been applied to force AT&T to change their plans, supposedly on (national) security grounds.
However, the US government seemingly has no issue with Huawei shipping phones into the US via regular retailers (mostly on line).
From a security perspective this just doesn't make sense. Are the phones a threat or not (we are not talking about backbone infrastructure)? If they are, the US should put some evidence on the table (something it hasn't been able to do over the last five years) or just let the players compete commercially.
Operation Shotgiant of course has already put the US government in a politically embarrassing position.
Now, there is a lot to feed on in this situation and conspiracy theorists on both sides are going to have a field day with all this, but if we are going to bring the WTO into it I can't see any real reasons for thwarting Huawei from within Government (assuming the rumours are true) unless it is some kind of protectionism.
Are they saying 'you are free to sell in the US as long as you aren't a commercial threat?' Because if security was at issue I don't see why they just don't ban them outright and put the evidence on the table.
How does selling phones via AT&T differ (from a security perspective) from via Amazon and Best Buy?
Or did AT&T just have a change of heart?
You do not know how the smartphone works fundamentally.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
No, I don't think so. The Chinese government doesn't need or want a backdoor. They understand how dangerous and stupid that is. Instead, they just use the front door. Here's the key sentence from the BBC article: "... Apple had "strong data privacy and security protections in place, and no backdoors will be created into any of our systems." ..." The tenses in that are a little strange, jumping from past to future, but I don't think it's hard to understand. Data will still be encrypted, just as it is now, with no backdoors. Apple will still be doing everything it can to keep illegal actors away from your data. The change is in who has access to your data -- now there's a Chinese company with the same access that Apple has.
That said, it's possible this is a slippery slope and the Chinese government will want to be able to do more than just have the same access Apple currently has. I could be wrong, but I read that quote as a line in the sand -- they've stood up to the US government on this, and they will stand up to the Chinese government on it: "... no backdoors will be created into any of our systems ..." Period, full stop. They will discontinue iCloud in China before they allow that. Plus, I'm arguing that the Chinese government doesn't want a backdoor, and likely sees the folly in it -- no government in the world has a better understanding of cyber security, for better or for worse, and Russia's activities worldwide no doubt have them on alert -- they have other ways to monitor their citizens' activities. So long as Apple isn't actively preventing that surveillance, it's all good. Microsoft is in a worse situation, having allowed secret backdoors in the past -- Apple has always been consistent on this, and that likely makes Tim Cook's job much easier.
Under the mandate from China's State Cryptography Administration, which carries both financial and criminal penalties including jail-time for Apple executives for non-compliance, they are obligated to provide "decryption technology support" for any encryption they offer in China. That's fairly self-explanatory IMHO.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
I was asking for clarification, not a guess.
Futhermore, twenty per cent of the iOS user base does not mean that twenty per cent of the user base are active iCloud users. The vast majority of the Chinese use WeChat instead of Messages for example.
What Apple needs to clarify is how they're granting access to the government, and how can they guarantee that whatever method they’re using will not compromise their customers not living in China.
If you're waiting for Apple to tell you "how it's done" I'll place a wager that you'll be disappointed. This is not something Apple wishes to draw attention to and may even be illegal for them to discuss. China will have access to millions of iPhone users iCloud accounts and the contents thereof as of next month. That's a fact, and mandated by Chinese authorities. If Apple is going to market in China they will be required to compromise their vaunted user privacy to do so. No guess. Fact. The only "guess" I was making was concerning the method Apple has chosen to grant access to that "encrypted" data, not the fact it is done.
Under Article 20 of China's State Cryptography Administration Encryption Law now in effect Apple (like other providers of encryption services in China) is obligated to provide "decryption technology support" in order for Chinese authorities to access that encrypted data as needed for broadly defined and in essence open-ended "criminal investigations". Under Article 37 if Apple refuses to do so or fails to keep the "investigation" confidential they are subject to unspecified monetary fines and individual Apple employees can be jailed for upwards of 15 days. Article 33 also provides for fines if Apple maintains any encrypted services not accessible to authorities within China.
That does not mean Apple has no option. They do, just not a very profitable one down a path they are very unlikely to take.
Yeah, the bit you’re guessing is the bit I’m concerned about.
I’m not concerned with decryption, I’m concerned about a backdoor. Because if they’re using a backdoor then this will not remain in China. Now, Apple has said they’re not allowing a backdoor into their system, but if I’m going to believe that then I’m going to need more information on what they will be doing. Simple.
The US should implement the same laws, any company wishing to do business in the US has to store US customer data on servers owns and operated by a US company.
Everyone is focusing on the fact this allows the Chinese government control over the data, but this could have been achieved by simply telling Apple data mush be stored on servers in china which Apple owns and operates., This law also forces Apple to pay a Chinese company to operation and maintain the systems & data for Apple. It is China's ways of making sure Chinese companies make money of US companies. Out stupid Law makers in the country fail to see and understand this, yes globalization is good as long as everyone play by the same rules. This means People in the US just lost the chance to have a high paying job since Apple was forced to outsource its operations to another company in another country.
You do know Apple already has a number of their own servers already in the U.S. on both coasts. This is now you get faster speeds which is especially important for things like SIRI. Apple has tons of High Paying Jobs in the U.S. Apple's new UFO can hold 12,000 Apple Employee's alone.
As for China, it's going to make Apple services in China FASTER. Of course there's the Negative of China having a easier time spying on their own Citizens. Russia has demanded the same thing.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
BS. You are now laying on Apple the burden of flouting Chinese law to fight for Chinese citizens' civil rights. Okay, how about you go there and flout Chinese law to support Chinese civil rights? How about instead of singling out Apple, demand the same thing of every company that does business in China? In the end, the fight for Chinese civil rights is the responsibility of Chinese citizens and no one else's. And so far as anyone can tell most of them don't give that much of a hoot about it.
Of all the major tech companies, Apple is the staunchest advocate of privacy, but they have to operate within the law. To demand of them (and no one else) to break Chinese law in defense of the privacy of a people who don't value privacy enough to demand it themselves imposes a double standard.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
BS. You are now laying on Apple the burden of flouting Chinese law to fight for Chinese citizens' civil rights. Okay, how about you go there and flout Chinese law to support Chinese civil rights?
They don't have to break the law. You're imagining there's not another option and I believe there's companies that will choose that "other option" too. Even some big US techs have made that choice before.
But I'm certainly not blackmarking Apple for following the law. They should.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
No, I don't think so. The Chinese government doesn't need or want a backdoor. They understand how dangerous and stupid that is. Instead, they just use the front door. Here's the key sentence from the BBC article: "... Apple had "strong data privacy and security protections in place, and no backdoors will be created into any of our systems." ..." The tenses in that are a little strange, jumping from past to future, but I don't think it's hard to understand. Data will still be encrypted, just as it is now, with no backdoors. Apple will still be doing everything it can to keep illegal actors away from your data. The change is in who has access to your data -- now there's a Chinese company with the same access (within China) that Apple has.
That said, it's possible this is a slippery slope and the Chinese government will want to be able to do more than just have the same access Apple currently has. I could be wrong, but I read that quote as a line in the sand -- they've stood up to the US government on this, and they will stand up to the Chinese government on it: "... no backdoors will be created into any of our systems ..." Period, full stop. They will discontinue iCloud in China before they allow that. Plus, I'm arguing that the Chinese government doesn't want a backdoor, and likely sees the folly in it -- no government in the world has a better understanding of cyber security, for better or for worse, and Russia's activities worldwide no doubt have them on alert -- they have other ways to monitor their citizens' activities. So long as Apple isn't actively preventing that surveillance, it's all good. Microsoft is in a worse situation, having allowed secret backdoors in the past -- Apple has always been consistent on this, and that likely makes Tim Cook's job much easier.
I completely agree, but I can see the danger. The front door isn’t the problem. If they’re not up front about what they’re doing with the front door then folk will then say there’s a back door, and if that happens then they will say that the back door must be everywhere.
I suspect that the figure of 20% of active iCloud users being Chinese is incorrect. I reckon the majority of users in China only use the account for purchasing through the online Apple stores. I think Apple could close the communications services without much of a hit (most of the Chinese use the WeChat platform anyway). I think that they should consider this.
Apple has to obey the countries laws or get out. China is a large country with 1.4 billion people, something the US cannot even conceive of having to control. Worried about Chinese spying on users? Well the US gov departments in collusion with private companies is very effective on spying on everyone and all their communications. The US has the worlds largest and most comprehensive espionage apparatus, far greater than any nearest competitor, and is not afraid to use it, even for offence, as has been demonstrated in recent years.
Sure but was there a bleeding heart Tim-letter of admonition to Chinese customers obout their govenment's disreputable practices and how Apple finds them excessive and unjust, if Apple is going to have non financially beneficial moral stances it should at the very least be man enought to stand behind those principles resolutely, and not only when it conveniently serves financial interests and swiftly dropped when those interests are threatened.
Tim was praised for fighting the big mean FEDs demands and concessions, which have now been given to the Chinese FEDs, the fight with the FBI wasn't about a lack of equivalent laws in the US for the FBI to call upon but about the principle, a principle now abandoned in China since it threatens profits.
I am not saying that they shouldn't have fought the FEDs but if you are gonna have principles, stand behind them, not only when its easy and safe. Tim seems to have caught the fame bug and enjoys the spot light a little too much. Apple's brand has been catching shit over this battery issue one would have thought the CEO would come out guns blazing defending a very technically sound solution implemented by Apple, but all we gott was a lousy PR letter, when his excesive public aprearences were need the most by the company they were no where to be seen.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
No, I don't think so. The Chinese government doesn't need or want a backdoor. They understand how dangerous and stupid that is. Instead, they just use the front door. Here's the key sentence from the BBC article: "... Apple had "strong data privacy and security protections in place, and no backdoors will be created into any of our systems." ..." The tenses in that are a little strange, jumping from past to future, but I don't think it's hard to understand. Data will still be encrypted, just as it is now, with no backdoors. Apple will still be doing everything it can to keep illegal actors away from your data. The change is in who has access to your data -- now there's a Chinese company with the same access that Apple has.
That said, it's possible this is a slippery slope and the Chinese government will want to be able to do more than just have the same access Apple currently has. I could be wrong, but I read that quote as a line in the sand -- they've stood up to the US government on this, and they will stand up to the Chinese government on it: "... no backdoors will be created into any of our systems ..." Period, full stop. They will discontinue iCloud in China before they allow that. Plus, I'm arguing that the Chinese government doesn't want a backdoor, and likely sees the folly in it -- no government in the world has a better understanding of cyber security, for better or for worse, and Russia's activities worldwide no doubt have them on alert -- they have other ways to monitor their citizens' activities. So long as Apple isn't actively preventing that surveillance, it's all good. Microsoft is in a worse situation, having allowed secret backdoors in the past -- Apple has always been consistent on this, and that likely makes Tim Cook's job much easier.
Under the mandate from China's State Cryptography Administration, which carries both financial and criminal penalties including jail-time for Apple executives for non-compliance, they are obligated to provide "decryption technology support" for any encryption they offer in China. That's fairly self-explanatory IMHO.
I think you're conflating two things: iCloud data/server security and local encryption of iOS and macOS devices. This news says nothing about the latter.
I'll absolutely grant that under Xi Jinping China has been writing ominous, all-encompassing new laws on an unprecedented scale. However, how those laws are being applied and what they mean in practice is not at all clear. You simply can't make the assumption you are making about the law you are quoting on the basis of this news. You're saying that Apple must create a separate version of iOS and macOS for which Apple has encryption keys they can provide to the Chinese government. That can only be one of three things: [1] it's epic news that undermines the stance Apple has taken worldwide, especially in the United States, or [2] Apple is doing it secretly, just for China, which will eventually come to light and destroy the company, or [3] you are wrong about the implications of this move. Which do you think is most likely?
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
No, I don't think so. The Chinese government doesn't need or want a backdoor. They understand how dangerous and stupid that is. Instead, they just use the front door. Here's the key sentence from the BBC article: "... Apple had "strong data privacy and security protections in place, and no backdoors will be created into any of our systems." ..." The tenses in that are a little strange, jumping from past to future, but I don't think it's hard to understand. Data will still be encrypted, just as it is now, with no backdoors. Apple will still be doing everything it can to keep illegal actors away from your data. The change is in who has access to your data -- now there's a Chinese company with the same access (within China) that Apple has.
That said, it's possible this is a slippery slope and the Chinese government will want to be able to do more than just have the same access Apple currently has. I could be wrong, but I read that quote as a line in the sand -- they've stood up to the US government on this, and they will stand up to the Chinese government on it: "... no backdoors will be created into any of our systems ..." Period, full stop. They will discontinue iCloud in China before they allow that. Plus, I'm arguing that the Chinese government doesn't want a backdoor, and likely sees the folly in it -- no government in the world has a better understanding of cyber security, for better or for worse, and Russia's activities worldwide no doubt have them on alert -- they have other ways to monitor their citizens' activities. So long as Apple isn't actively preventing that surveillance, it's all good. Microsoft is in a worse situation, having allowed secret backdoors in the past -- Apple has always been consistent on this, and that likely makes Tim Cook's job much easier.
I suspect that the figure of 20% of active iCloud users being Chinese is incorrect.
That's not what I actually posted. Roughly 20% of all active iPhone users are in China, but whether all or any use even a part of iCloud or any other Apple encrypted services I dunno. I would think the majority would in some way, but @Rayz2016 that is a real guess on my part. I've not done a moment's research into it. .
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
No, I don't think so. The Chinese government doesn't need or want a backdoor. They understand how dangerous and stupid that is. Instead, they just use the front door. Here's the key sentence from the BBC article: "... Apple had "strong data privacy and security protections in place, and no backdoors will be created into any of our systems." ..." The tenses in that are a little strange, jumping from past to future, but I don't think it's hard to understand. Data will still be encrypted, just as it is now, with no backdoors. Apple will still be doing everything it can to keep illegal actors away from your data. The change is in who has access to your data -- now there's a Chinese company with the same access that Apple has.
That said, it's possible this is a slippery slope and the Chinese government will want to be able to do more than just have the same access Apple currently has. I could be wrong, but I read that quote as a line in the sand -- they've stood up to the US government on this, and they will stand up to the Chinese government on it: "... no backdoors will be created into any of our systems ..." Period, full stop. They will discontinue iCloud in China before they allow that. Plus, I'm arguing that the Chinese government doesn't want a backdoor, and likely sees the folly in it -- no government in the world has a better understanding of cyber security, for better or for worse, and Russia's activities worldwide no doubt have them on alert -- they have other ways to monitor their citizens' activities. So long as Apple isn't actively preventing that surveillance, it's all good. Microsoft is in a worse situation, having allowed secret backdoors in the past -- Apple has always been consistent on this, and that likely makes Tim Cook's job much easier.
Under the mandate from China's State Cryptography Administration, which carries both financial and criminal penalties including jail-time for Apple executives for non-compliance, they are obligated to provide "decryption technology support" for any encryption they offer in China. That's fairly self-explanatory IMHO.
You're saying that Apple must create a separate version of iOS and macOS for which Apple has encryption keys they can provide to the Chinese government (NOPE, and thus everything you wrote following that was built on a false premise)
I'm saying nothing of the sort. The law is pretty clear that Apple cannot offer encryption in China that keeps the data it protects inaccessible to the Chinese authorities. How Apple crafts their compliance is not specified, and highly unlikely to be discussed by any of the involved parties. That encrypted iCloud data falls under the Chinese mandate is pretty clear, as well as any other Apple-encrypted service, ie iMessage.
Apple is in the same boat as every other company maintaining customer data for and/or offering encryption services to Chinese citizens and who wishes to market in China.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
BS. You are now laying on Apple the burden of flouting Chinese law to fight for Chinese citizens' civil rights. Okay, how about you go there and flout Chinese law to support Chinese civil rights?
They don't have to break the law. You're imagining there's not another option and I believe there's companies that will choose that "other option" too. Even some big US techs have made that choice before.
But I'm certainly not blackmarking Apple for following the law. They should.
Your brain is limited by what other stupid companies did.
What Apple does is to offer Chinese consumers the option to not use their China iCloud accounts but stay as iOS users.
In addition, they can use local backups (iTunes backup). 3rd parties and open source can offer the strongest encryption available to them. Apple doesn’t need to be involved directly here.
But you know, they also have FileVault with hardware root of trust for places that allow them legally. The entire storage is encrypted.
[...] Tim was praised for fighting the big mean FEDs demands and concessions, which have now been given to the Chinese FEDs, the fight with the FBI wasn't about a lack of equivalent laws in the US for the FBI to call upon but about the principle, a principle now abandoned in China since it threatens profits.
I am not saying that they shouldn't have fought the FEDs but if you are gonna have principles, stand behind them, not only when its easy and safe. [...]
See my replies to others above. This news doesn't support those conclusions.
I'll say this: China is at a crossroads. Xi Jinping has turned away from the relatively open-ended globalism (think of the 2008 Olympics) of his immediate predecessors, but it's not clear what, exactly, he is turning toward. Take all the new laws being promulgated, for example. It's kind of a double-edged sword. There may be a sort of hubris in Xi Jinping's belief that they can control it indefinitely. Laws can be changed, but a system in which there is a fundamental respect for the rule of law is harder to undermine. China's history and nationalism in the 20th and 21st centuries is a complex animal. It's not a static thing, and it's a huge mistake to underestimate the Chinese people. There could be a silver lining here. An orderly transition to a meaningful legal system, followed by a gradual transformation of the law itself.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
BS. You are now laying on Apple the burden of flouting Chinese law to fight for Chinese citizens' civil rights. Okay, how about you go there and flout Chinese law to support Chinese civil rights?
They don't have to break the law. You're imagining there's not another option and I believe there's companies that will choose that "other option" too. Even some big US techs have made that choice before.
But I'm certainly not blackmarking Apple for following the law. They should.
Your brain is limited by what other stupid companies did.
What Apple does is to offer Chinese consumers the option to not use their China iCloud accounts but stay as iOS users.
In addition, they can use local backups (iTunes backup). 3rd parties and open source can offer the strongest encryption available to them. Apple doesn’t need to be involved directly here.
But you know, they also have FileVault with hardware root of trust for places that allow them legally. The entire storage is encrypted.
Any encryption software that has not been specifically inspected to verify compliance and gain approval under new Chinese encryption mandates (which means a method of decryption needed for "criminal investigation must be included) will be considered illegal and the users and/or purveyors of that encryption code are subject to both civil and criminal charges. They're not going to make it easy.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
BS. You are now laying on Apple the burden of flouting Chinese law to fight for Chinese citizens' civil rights. Okay, how about you go there and flout Chinese law to support Chinese civil rights?
They don't have to break the law. You're imagining there's not another option and I believe there's companies that will choose that "other option" too. Even some big US techs have made that choice before.
But I'm certainly not blackmarking Apple for following the law. They should.
Your brain is limited by what other stupid companies did.
What Apple does is to offer Chinese consumers the option to not use their China iCloud accounts but stay as iOS users.
In addition, they can use local backups (iTunes backup). 3rd parties and open source can offer the strongest encryption available to them. Apple doesn’t need to be involved directly here.
But you know, they also have FileVault with hardware root of trust for places that allow them legally. The entire storage is encrypted.
Any encryption software that has not been specifically inspected to verify compliance and gain approval under new Chinese encryption mandates (which means a method of decryption needed for "criminal investigation must be included) will be considered illegal and the users and/or purveyors of that encryption code are subject to both civil and criminal charges. They're not going to make it easy.
You are speculating based on the past failures of your favorite and dumb companies.
Apple doesn’t even need to be involved here.
The Chinese themselves can fight this war on their own terms. Consider AI, quantum computing, space travel, they have the tech prowess to create and use encryption tech from anywhere in the world.
The Chinese government won’t be able to block everything because even the party members need encryption themselves. They have their own local backups. They can use whatever they want to protect themselves.
Besides, to balance the global picture a bit, the US government also have export controls that forbid its own companies to sell great security and other tech to other countries. Well now to help further human rights, why don’t you get your favorite companies to leave US because of unfair export controls ?
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
No, I don't think so. The Chinese government doesn't need or want a backdoor. They understand how dangerous and stupid that is. Instead, they just use the front door. Here's the key sentence from the BBC article: "... Apple had "strong data privacy and security protections in place, and no backdoors will be created into any of our systems." ..." The tenses in that are a little strange, jumping from past to future, but I don't think it's hard to understand. Data will still be encrypted, just as it is now, with no backdoors. Apple will still be doing everything it can to keep illegal actors away from your data. The change is in who has access to your data -- now there's a Chinese company with the same access that Apple has.
That said, it's possible this is a slippery slope and the Chinese government will want to be able to do more than just have the same access Apple currently has. I could be wrong, but I read that quote as a line in the sand -- they've stood up to the US government on this, and they will stand up to the Chinese government on it: "... no backdoors will be created into any of our systems ..." Period, full stop. They will discontinue iCloud in China before they allow that. Plus, I'm arguing that the Chinese government doesn't want a backdoor, and likely sees the folly in it -- no government in the world has a better understanding of cyber security, for better or for worse, and Russia's activities worldwide no doubt have them on alert -- they have other ways to monitor their citizens' activities. So long as Apple isn't actively preventing that surveillance, it's all good. Microsoft is in a worse situation, having allowed secret backdoors in the past -- Apple has always been consistent on this, and that likely makes Tim Cook's job much easier.
Under the mandate from China's State Cryptography Administration, which carries both financial and criminal penalties including jail-time for Apple executives for non-compliance, they are obligated to provide "decryption technology support" for any encryption they offer in China. That's fairly self-explanatory IMHO.
You're saying that Apple must create a separate version of iOS and macOS for which Apple has encryption keys they can provide to the Chinese government (NOPE, and thus everything you wrote following that was built on a false premise)
I'm saying nothing of the sort. The law is pretty clear that Apple cannot offer encryption in China that keeps the data it protects inaccessible to the Chinese authorities. How Apple crafts their compliance is not specified, and highly unlikely to be discussed by any of the involved parties. That encrypted iCloud data falls under the Chinese mandate is pretty clear, as well as any other Apple-encrypted service, ie iMessage.
Apple is in the same boat as every other company maintaining customer data for and/or offering encryption services to Chinese citizens and who wishes to market in China.
I guess that means you don't dispute what I wrote. Why not say that, just to be, you know, friendly? You said Apple is "... obligated to provide "decryption technology support" for any encryption they offer in China ..." You didn't qualify that in any way. Excuse me for not reading all your earlier comments, which I'll admit are focused on speculating about iCloud services in China. Sorry. But there's still a tendency here to conflate the two things I mentioned, even if you were not.
To dispute what you have been saying, I don't really see much here to support your speculation that they plan to create separate encryption keys for iCloud data in China as opposed to elsewhere, or just not encrypt it at all. I'll admit it's ambiguous, as really all Apple is saying is that they will provide the Chinese company with the same access to the data that they themselves have. They don't describe that access. Will that access be different for the servers in China than elsewhere? I gather from your response that you think it does not have to mean changes to iOS and macOS itself, that it would all be server-side or whatever. Fine, but let's make that clear, shall we? Otherwise you get people reading things into what you're saying that you didn't intend.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
No, I don't think so. The Chinese government doesn't need or want a backdoor. They understand how dangerous and stupid that is. Instead, they just use the front door. Here's the key sentence from the BBC article: "... Apple had "strong data privacy and security protections in place, and no backdoors will be created into any of our systems." ..." The tenses in that are a little strange, jumping from past to future, but I don't think it's hard to understand. Data will still be encrypted, just as it is now, with no backdoors. Apple will still be doing everything it can to keep illegal actors away from your data. The change is in who has access to your data -- now there's a Chinese company with the same access that Apple has.
That said, it's possible this is a slippery slope and the Chinese government will want to be able to do more than just have the same access Apple currently has. I could be wrong, but I read that quote as a line in the sand -- they've stood up to the US government on this, and they will stand up to the Chinese government on it: "... no backdoors will be created into any of our systems ..." Period, full stop. They will discontinue iCloud in China before they allow that. Plus, I'm arguing that the Chinese government doesn't want a backdoor, and likely sees the folly in it -- no government in the world has a better understanding of cyber security, for better or for worse, and Russia's activities worldwide no doubt have them on alert -- they have other ways to monitor their citizens' activities. So long as Apple isn't actively preventing that surveillance, it's all good. Microsoft is in a worse situation, having allowed secret backdoors in the past -- Apple has always been consistent on this, and that likely makes Tim Cook's job much easier.
Under the mandate from China's State Cryptography Administration, which carries both financial and criminal penalties including jail-time for Apple executives for non-compliance, they are obligated to provide "decryption technology support" for any encryption they offer in China. That's fairly self-explanatory IMHO.
You're saying that Apple must create a separate version of iOS and macOS for which Apple has encryption keys they can provide to the Chinese government (NOPE, and thus everything you wrote following that was built on a false premise)
I'm saying nothing of the sort. The law is pretty clear that Apple cannot offer encryption in China that keeps the data it protects inaccessible to the Chinese authorities. How Apple crafts their compliance is not specified, and highly unlikely to be discussed by any of the involved parties. That encrypted iCloud data falls under the Chinese mandate is pretty clear, as well as any other Apple-encrypted service, ie iMessage.
Apple is in the same boat as every other company maintaining customer data for and/or offering encryption services to Chinese citizens and who wishes to market in China.
I guess that means you don't dispute what I wrote. Why not say that, just to be, you know, friendly? You said Apple is "... obligated to provide "decryption technology support" for any encryption they offer in China ..." You didn't qualify that in any way. Excuse me for not reading all your earlier comments, which I'll admit are focused on speculating about iCloud services in China. Sorry. But there's still a tendency here to conflate the two things I mentioned, even if you were not
Yeah sorry about that if my tone was a bit off-putting. No I don't dispute what you had to say and like you think it's very unlikely Apple has given the Chinese a "special" version of iOS that they can access on demand. I can't imagine them ever doing that.
Right, so if Apple and GCBD have access to the data then it is no longer encrypted, yes?
My guess, and it's based on what the Chinese are requiring, is that at minimum they provided the Chinese a decryption key and at worse it's not encrypted at all.
So as of February at least 20% of the entire iOS user base will no longer have their iCloud accounts safe from intrusion and inspection by "authorities". That's significant. It would seem that the pursuit of profits can trump user privacy even at Apple. If they were truly one of the staunchest protectors of privacy I believe we are all on that downward slope now, with the line that determines how firm that commitment is a bit better defined today.
Nice concern trolling. Are you up for a promotion at Google Astroturfers Inc?
Comments
That said, it's possible this is a slippery slope and the Chinese government will want to be able to do more than just have the same access Apple currently has. I could be wrong, but I read that quote as a line in the sand -- they've stood up to the US government on this, and they will stand up to the Chinese government on it: "... no backdoors will be created into any of our systems ..." Period, full stop. They will discontinue iCloud in China before they allow that. Plus, I'm arguing that the Chinese government doesn't want a backdoor, and likely sees the folly in it -- no government in the world has a better understanding of cyber security, for better or for worse, and Russia's activities worldwide no doubt have them on alert -- they have other ways to monitor their citizens' activities. So long as Apple isn't actively preventing that surveillance, it's all good. Microsoft is in a worse situation, having allowed secret backdoors in the past -- Apple has always been consistent on this, and that likely makes Tim Cook's job much easier.
I’m not concerned with decryption, I’m concerned about a backdoor. Because if they’re using a backdoor then this will not remain in China. Now, Apple has said they’re not allowing a backdoor into their system, but if I’m going to believe that then I’m going to need more information on what they will be doing. Simple.
So has the US, the UK…
Of all the major tech companies, Apple is the staunchest advocate of privacy, but they have to operate within the law. To demand of them (and no one else) to break Chinese law in defense of the privacy of a people who don't value privacy enough to demand it themselves imposes a double standard.
But I'm certainly not blackmarking Apple for following the law. They should.
I suspect that the figure of 20% of active iCloud users being Chinese is incorrect. I reckon the majority of users in China only use the account for purchasing through the online Apple stores. I think Apple could close the communications services without much of a hit (most of the Chinese use the WeChat platform anyway). I think that they should consider this.
Tim was praised for fighting the big mean FEDs demands and concessions, which have now been given to the Chinese FEDs, the fight with the FBI wasn't about a lack of equivalent laws in the US for the FBI to call upon but about the principle, a principle now abandoned in China since it threatens profits.
I am not saying that they shouldn't have fought the FEDs but if you are gonna have principles, stand behind them, not only when its easy and safe. Tim seems to have caught the fame bug and enjoys the spot light a little too much. Apple's brand has been catching shit over this battery issue one would have thought the CEO would come out guns blazing defending a very technically sound solution implemented by Apple, but all we gott was a lousy PR letter, when his excesive public aprearences were need the most by the company they were no where to be seen.
I'll absolutely grant that under Xi Jinping China has been writing ominous, all-encompassing new laws on an unprecedented scale. However, how those laws are being applied and what they mean in practice is not at all clear. You simply can't make the assumption you are making about the law you are quoting on the basis of this news. You're saying that Apple must create a separate version of iOS and macOS for which Apple has encryption keys they can provide to the Chinese government. That can only be one of three things: [1] it's epic news that undermines the stance Apple has taken worldwide, especially in the United States, or [2] Apple is doing it secretly, just for China, which will eventually come to light and destroy the company, or [3] you are wrong about the implications of this move. Which do you think is most likely?
Apple is in the same boat as every other company maintaining customer data for and/or offering encryption services to Chinese citizens and who wishes to market in China.
Your brain is limited by what other stupid companies did.
What Apple does is to offer Chinese consumers the option to not use their China iCloud accounts but stay as iOS users.
In addition, they can use local backups (iTunes backup). 3rd parties and open source can offer the strongest encryption available to them. Apple doesn’t need to be involved directly here.
But you know, they also have FileVault with hardware root of trust for places that allow them legally. The entire storage is encrypted.
I'll say this: China is at a crossroads. Xi Jinping has turned away from the relatively open-ended globalism (think of the 2008 Olympics) of his immediate predecessors, but it's not clear what, exactly, he is turning toward. Take all the new laws being promulgated, for example. It's kind of a double-edged sword. There may be a sort of hubris in Xi Jinping's belief that they can control it indefinitely. Laws can be changed, but a system in which there is a fundamental respect for the rule of law is harder to undermine. China's history and nationalism in the 20th and 21st centuries is a complex animal. It's not a static thing, and it's a huge mistake to underestimate the Chinese people. There could be a silver lining here. An orderly transition to a meaningful legal system, followed by a gradual transformation of the law itself.
Apple doesn’t even need to be involved here.
The Chinese themselves can fight this war on their own terms. Consider AI, quantum computing, space travel, they have the tech prowess to create and use encryption tech from anywhere in the world.
The Chinese government won’t be able to block everything because even the party members need encryption themselves. They have their own local backups. They can use whatever they want to protect themselves.
Besides, to balance the global picture a bit, the US government also have export controls that forbid its own companies to sell great security and other tech to other countries. Well now to help further human rights, why don’t you get your favorite companies to leave US because of unfair export controls ?
To dispute what you have been saying, I don't really see much here to support your speculation that they plan to create separate encryption keys for iCloud data in China as opposed to elsewhere, or just not encrypt it at all. I'll admit it's ambiguous, as really all Apple is saying is that they will provide the Chinese company with the same access to the data that they themselves have. They don't describe that access. Will that access be different for the servers in China than elsewhere? I gather from your response that you think it does not have to mean changes to iOS and macOS itself, that it would all be server-side or whatever. Fine, but let's make that clear, shall we? Otherwise you get people reading things into what you're saying that you didn't intend.