Too right, it was far more problematic than they ever made out.
> The UK government's demand came through a "technical capability notice" under the Investigatory Powers Act (IPA), requiring Apple to create a backdoor that would allow British security officials to access encrypted user data globally. The order would have compromised Apple's Advanced Data Protection feature, which provides end-to-end encryption for iCloud data including Photos, Notes, Messages backups, and device backups.
One scenario would be somebody in an airport and security officials are searching your device under the Counter Terrorism Act (where you don't even have the right to legal advice, or the right to remain silent). You maybe a British person, but you could also be a foreign person moving through the airport. There's no time limit on when you may be searched, so all people who ever travelled through British territory could be searched by officials.
Let that sink in for a moment. We're talking about the largest back door I've ever heard of.
What concerns me more is that Apple is the only company audibly making a stand. I have an Android device beside me that regularly asks me to back my device up to the cloud (and make it difficult to opt out), you think Google didn't already sign up to this? You think Microsoft didn't?
Then think for a moment that most 2FA directly goes via a large tech company or to your mobile. We're just outright handing over the keys to all of our accounts. Your accounts have never been less protected. The battle is being lost for privacy and security.
> you think Google didn't already sign up to this?
My understanding is that Android's Google Drive backup has had an E2E encryption option for many years (they blogged about it at https://security.googleblog.com/2018/10/google-and-android-h...), and that the key is only stored locally in the Titan Security Module.
If they are complying with the IPA, wouldn't that mean that they must build a mechanism into Android to exfiltrate the key? And wouldn't this breach be discoverable by security research, which tends to be much simpler on Android than it is on iOS?
> My assumption is that Google has keys to everything in its kingdom
If that were true, then their claims to support E2E encrypted backups are simply false, and they would have been subject to warrants to unlock backups, just like Apple had been until they implemented their "Advanced Data Protection" in 2022.
Wouldn't there have been be some evidence of that in the past 7 years, either through security research, or through convictions that hinged on information that was gotten from a supposedly E2E-protected backup?
It is possible to set up end to end encryption where two different keys unlock your data. Your key, and a government key. I assume google does this.
1. encrypt data with special key
2. encrypt special key with users key, and
3. encrypt special key with government key
Anyone with the special key can read the data.the user key or the government key can be used to get special key.
This two step process can be done for good or bad purposes. A user can have their key on their device, and a second backup key could be in a usb stick locked in a safe, so if you loose your phone you can get your data back using the second key.
E2EE means only your intended recipients can access the plaintext. Unless you intend to give the government access to your plaintext, what you described isn’t E2EE.
Is that google's definition or your definition? not being rude, but its pretty easy to get tricky about this.
Since you are sending the data to google, isn't google an intended recipient? Google has to comply with a variety of laws, and it is likely that they are doing the best they can under the legal constraints. The law just doesn't allow systems like this.
history already proved you wrong. companies offering backdoor to abusive law enforcement are never sued.
they also employ things like exempt cases. for example, Whatsapp advertise E2E... but connect for the first time with a business account to see all the caveats that in plain text just means "meta will sign your messages from this point on with a dozen keys"
You are extremely naive if you think a company the size of Google or Microsoft or Apple will face any serious consequence from lying about E2EE actually being open to various governments.
They have lawyers aplenty, governments would file amicus briefs "explaining" E2EE and so on. Worse case they'll settle for a pittance.
> E2EE means only your intended recipients can access the plaintext.
No, it does not. It means that only endpoints - not intermediaries - handle plaintext. It says nothing about who those endpoints are or who the software is working for.
No, it is not. This is precisely why we have the term E2EE. An escrow agent having your keys but pinky promising not to touch them is indistinguishable from the escrow agent simply having your plaintext.
Unless you’re fine with the escrow agent and anybody they’re willing to share the keys with being a member of your group chat, in which case my original point still stands.
Edit: I think you might be confusing your personal intention (ie I wanted this to be private but didn't realize the service provider retained a copy of the keys) with the intention of the protocol (ie what the system is designed to send where). Key escrow is "by design" whereas E2EE protects against both system intrusions (very much not by design) as well as things like bugs in server software or human error when handling data.
> is indistinguishable
Technically correct (with respect to the escrow agent specifically) but rather misleading. With E2EE intermediary nodes serving or routing a request do not have access to it. This protects you against compromise of those systems. That's the point of E2EE - only authorized endpoints have access.
The entire point of key escrow is that the escrow agent is authorized. So, yes, the escrow agent has access to your stuff. That doesn't somehow make it "not E2EE". The point of E2EE is that you don't have to trust the infra. You do of course have to trust anyone who has the keys, which includes any escrow agents.
If we used the definition "only your intended recipients can access the plaintext" ... well let's be clear here, an escrow agent is very much an "intended recipient", so there's no issue.
But lets extrapolate that definition. That would make E2EE a property of the session rather than the implementation. For example if my device is compromised and my (E2EE) chat history leaks suddenly that history would no longer be considered E2EE ... even though the software and protocol haven't changed. It's utterly nonsensical.
Well, WhatsApp backups claim they are E2E encrypted, but there’s a flow that uses their HSM for the encryption key, which still feels like some escrow system.
Manufacturers have lied about E2EE since the beginning. Some claim that having the key doesn't change that it's e2ee. Others claim that using https = e2ee, because it's encrypted from one end to the other, you see? (A recent example is Anker Eufy)
The point is that the dictionary definition of E2EE really doesn't matter. Being pedantic about it doesn't help. The only thing that matters is that the vendor describes what they call E2EE.
To call it lying is just arguing about the meanings of words. This is literally what lawyers are paid to do. The data payload can be called end to end encrypted. You can easily say to the user that "your emails are encrypted from end to end, they are encrypted before it leaves your computer and decrypted on the receivers computer" without talking about how your key server works.
Systems that incorporate a method to allow unlocking using multiple keys don't usually advertise the fact that this is happening. People may even be legally obligated to not tell you.
“End-to-end encryption (E2EE) is a method of implementing a secure communication system where only communicating users can participate. No one else, including the system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to read or send messages.”
So if you send another set of keys to someone else, it’s obviously not E2E.
Is the source code for every binary blob present on an Android device available for inspection, and is the code running on every Android device verifiable as having been built from that source?
> or through convictions
If they wanted to use this evidence for a normal criminal case, they would just do parallel construction.
Would it be possible that they feel that the revelation of this backdoor would be too big of a loss so that any of these theoretical cases of the past 7 years have used parallel construction to avoid revealing the encrypted data was viewed?
> Wouldn't there have been be some evidence of that in the past 7 years, either through security research, or through convictions that hinged on information that was gotten from a supposedly E2E-protected backup?
I wouldn't count on it. The main way we'd know about it would be a whistleblower at Google, and whistleblowers are extremely rare. Evidence and court records that might expose a secret backdoor or that the government was getting data from Google that was supposed to be private could easily be kept hidden from the public by sealing it all away for "national security reasons" or by obscuring it though parallel construction.
I don't know the particulars, but in general, silence around a massive tech company on warrants does not mean "they said no and the feds decided to leave them alone"
A trivial method for circumventing code review is to simply push a targeted update of the firmware to devices subject to a government search order.
There are no practical end-user protections against this vector.
PS: I strongly suspect that at least a few public package distribution services are run by security agencies to enable this kind of attack. They can distribute clean packages 99.999% of the time, except for a handful of targeted servers in countries being spied upon. A good example is Chocolatey, which popped up out of nowhere, had no visible source of funding, no mention of their ownership structure anywhere, and was incorporated along with hundreds of other companies in a small building in the middle of nowhere. It just screams of being a CIA front, but obviously that's hard to prove.
The end user protection is to sign updates and publish the fingerprints. It should not be possible for one device to get a different binary than everyone else.
Chocolatey assuredly did not "pop up out of nowhere" - it was a labour of love from Rob Reynolds to make Windows even barely usable. It likely existed for years before you ever heard of it.
> had no visible source of funding
Rob was employed by Puppet Labs to develop it until he started the commercial entity which now backs it.
> a small building in the middle of nowhere.
As I recall, Rob lives in Topeka, Kansas. It follows that his business would be incorporated there, no?
Google didn't announce that they could no longer process geofence warrants because they no longer stored a copy of user location data on their servers until last October.
How much good does an encrypted device backup do when harvesting user data and storing it on your servers (to make ad sales more profitable) is your entire business model?
This would mean no independent security researcher has ever taken a look at Google Drive's E2EE on Android. Or those that did missed the part where the key is uploaded.
It's possible to decrypt this network traffic and see if the key is sent. It may be obfuscated though.
> What concerns me more is that Apple is the only company audibly making a stand.
But still Apple operates in China and Google does not. This is weird to me. Google left China when the government wanted all keys to the citizens data. Apple is making a stand when it's visible and does not threaten their business too much.
Apple is not really in the business of protecting your data, they are just good at marketing and keeping their image.
> Google left China when the government wanted all keys to the citizens data.
Google left China after China started hacking into Google's servers.
> In January, Google said it would no longer cooperate with government censors after hackers based in China stole some of the company’s source code and even broke into the Gmail accounts of Chinese human rights advocates.
They were working to reenter the China market on China's terms many years later, when Google employees leaked the effort to the press. Google eventually backed down.
China feels like an important difference here though. Google leaving China doesn't protect Chinese citizen's data any more than Apple turning off ADP in the UK does. As far as I know, Apple isn't pretending that the data of Chinese users is encrypted from their government, and the way they're complying with the Chinese laws shouldn't impact the security of users outside of China.
Apple pulling ADP from UK users is similar - the UK has passed an ill-considered law that Apple doesn't think it can win a court case over, so they're complying in a way that minimally effects the security of people outside the UK. If, as someone outside the UK, I travel to the UK with ADP turned on, my understanding is it won't disable itself.
Would you have been more satisfied if Apple just pulled out of the UK entirely? Bricked every iPhone ever purchased there? Google doesn't seem to have made any stand for security ever - them pulling out of China feels more to do with it meaning they wouldn't have had access to Chinese users' data, which is what they really want.
It’s different. Apple follows Chinese law to operate their services in China, just like Microsoft.
With Google, their services are way broader. Operating a hunk of their search business with a third party Chinese firm just isn’t viable for their services, which are way more complex.
Perhaps Apple has a greater leverage in China due to its outsized manufacturing presence. And it's likely they already dont offer ADP to Chinese citizens.
> Perhaps Apple has a greater leverage in China due to its outsized manufacturing presence.
Perhaps china has greater leverage over apple in this case...
China had been an important area of growth for many companies during the 2010s. Apple bent over backwards to cater to that market. It was discussed in every financial release, and they obviously made tons of concessions for iCloud.
The UK just comparatively isn't that much revenue, and not worth the fallout.
Eh Google had pretty good reasons to not operate in China (not seeing them in this thread, don't recall the details precisely enough to relate here)
Apple is deeply embedded in China (manufacturing) and benefits from a decent (but shrinking) userbase in the country. China isn't asking for the keys to all iphone user data, just data stored in China.
> Doesn't the US have access to all the data of non US citizens whose data is stored in the US without any oversight?
Totally agree. Having this discussion so US centred just makes us miss the forest for the trees. Apart from data owned by US citizens, my impression is that data stored in the US is fair game for three letter agencies, and I really doubt most companies would spend more than five minutes agreeing with law enforcement if asked for full access to their database on non-US nationals.
Also, remember that WhatsApp is the go-to app for communication in most of the world outside the US. And although it's end-to-end encrypted, it's always nudging you to back up your data to Google or Apple storage. I can't think of a better target for US intelligence to get a glimpse of conversations about their targets in real time, without needing to hack each individual phone. If WhatsApp were a Chinese app, this conversation about E2E and backup restrictions would have happened a long time ago. It's the same on how TikTok algorithm suddenly had a strong influence on steering public opinion and instead of fixing the game we banned the player.
International users that have Advanced Protection enabled would in theory be safe from all of the 3-letter agencies (like safe from those agencies getting the data from Apple...not safe generally).
Realistically we are talking about FISA here, so in theory if the FBI gets a FISA court order to gather "All of the Apple account data" for a non-us person, Apple would either hand over the encrypted data OR just omit that....
Based on the stance Apple is taking here, its reasonable to assume they would do the same in the US (disable the feature if USG asked for a backdoor or attempted to compel them to decrypt)
It's worth pointing out that just because the FBI didn't have the access they wanted, it doesn't mean that other agencies don't, or that the FBI couldn't get the data they wanted by other means (which was exactly what they ended up doing in that specific case). It just means that they wanted Apple to make it easier for them to get the data.
It's good that Apple refused them, but I wouldn't count that as evidence that the data is secure from the US government.
It's also worth noting that the US courts have long held that computer code is speech.
Apple's legal argument that the government's demand that they insert a backdoor into iOS was tantamount to compelled speech (in violation of the first amendment) was going over a little too well in court.
The Feds will often find an excuse to drop cases that would set a precedent they want to avoid.
Would your answer be the same if this encrypted data was stored in China instead of US?
I don't think messages should ever leave the device, if you want to migrate to a different device this could be covered by that user flow directly. Maybe you want to sync media like photos or videos shared on a group chat and I'm fine with that compromise but I see more risks than benefits on backing up messages on the cloud, no matter if it's encrypted or not.
I think the average human will disagree with you. They want to preserve their data and aren't technically competent and organized enough to maintain their own backups with locally hosted hardware. Even the technically literate encourage _offsite_ backups of your data.
Know your threat model and what actions your trying to defend against.
Typical humans need trusted vendors that put in actual effort to make themselves blind to your personal data.
Agree in principle, though WhatsApp backups are encrypted with a user provided password, so ostensibly inaccessible to Google or whoever you use as backup
What makes you think WhatsApp backups don’t have a secondary way to unlock the encryption key? Wouldn’t it be more logical to assume the encryption key for whatsapp backups can also be unlocked by an alternate “password”
If the US is willing to build an entire data center in Outback Australia to allow warrantless access to US citizen data, why wouldn’t they be forcing WhatsApp backups to be unlockable?
> Totally agree. Having this discussion so US centred just makes us miss the forest for the trees. Apart from data owned by US citizens, my impression is that data stored in the US is fair game for three letter agencies, and I really doubt most companies would spend more than five minutes agreeing with law enforcement if asked for full access to their database on ̶n̶o̶n̶-̶U̶S̶ ̶n̶a̶t̶i̶o̶n̶a̶l̶s̶ anyone.
Android data isn't encrypted at rest (or at least not in a way Google doesn't have the key). If the uk gov has a warrant, they can ask Google to provide your Google Drive content. The whole point of this issue is Apple specifically designed ADP so they couldn't do that.
So not hugely secure for most people if they use 4-6 decimal digits, but possible to make secure if you set a longer passphrase.
I don't know what Google's going to do about this UK business.
edit: Ah it looks like they have a Titan HSM involved as well. Have to take Google's word for it, but an HSM would let you do rate limits and lockouts. If that's in place, it seems all right to me.
I wonder how hard it would be for the US government to force Google to just get the lockscreen pin off of your device or for them to just infect your device with something to capture it themselves.
Wrong. Google Android user cloud backups are E2EE by default.There is no option to opt out. Use Google's backup service and your data is encrypted at rest, in transit, and on device. aka end-to-end.
It's not just Google saying it. Google Cloud encryption is independently verified
> Doesn't the US have access to all the data of non US citizens whose data is stored in the US without any oversight?
Er, no...? I'm not sure where you get that idea. Access requires a warrant, and companies are not compelled to build systems which enable them to decrypt all data covered by the warrant.
See, for example, the Las Vegas shooter case, where Apple refused to create an iOS build that would bypass iCloud security.
I asked if your Android backup is encrypted. Implies I'm talking about unencrypted data.
> See, for example, the Las Vegas shooter case
I am not in Las Vegas or anywhere else in the US. So as far as i know all the data about me that is stored in the US is easily accessible without a warrant unless it's encrypted with a key that's not available with the storage.
> companies are not compelled to build systems which enable them to decrypt all data covered by the warrant
Again, not what I was talking about.
I'm merely pointing out that your data is not necessarily encrypted, and that the "rest of the world" was already unprotected vs at least one state. The UK joining in would just add another.
This is why Apple, and more recently Google, create systems where they don't have access to your unencrypted data on their servers.
> Google Maps is changing the way it handles your location data. Instead of backing up your data to the cloud, Google will soon store it locally on your device.
Google had "created a system where they don't have access to your data on their servers" a couple of years BEFORE Apple. Android 10 introduced it in 2019.
Google didn't announce plans to stop storing a copy of user location data on their servers until the middle of last year.
See the story linked above.
They didn't announce that they could no longer access user location data on their servers to respond to geofence warrants until the last quarter of 2024.
Which is why Apple takes the stance that the users device shouldn't be sending data to the mothership at all, if it isn't absolutely necessary.
Compare Apple Maps and Google Maps.
Google initially hoovered up all your location data and kept it forever. They learned from Waze that one use case for location data was keeping your map data updated.
Apple figured out how to accomplish the goal of keeping map data updated without storing private user data that could be subject to a subpoena.
> “We specifically don’t collect data, even from point A to point B,” notes Cue. “We collect data — when we do it — in an anonymous fashion, in subsections of the whole, so we couldn’t even say that there is a person that went from point A to point B.
The segments that he is referring to are sliced out of any given person’s navigation session. Neither the beginning or the end of any trip is ever transmitted to Apple. Rotating identifiers, not personal information, are assigned to any data sent to Apple... Apple is working very hard here to not know anything about its users.
Google or Apple could be forced by authorities to perform correlation on the map tiles being requested by users under investigation. Not as accurate as GPS coordinates but probably useful nonetheless.
One more reason to prefer offline maps for those who value privacy.
Given that you can browse map data for any location, not just where you happen to be, I'm betting that triangulation data from your carrier would be more accurate.
Sure, triangulation of carrier signals could lead to more accurate position estimates, but if the carrier isn't based in the US they are under no obligation to make this data available to US authorities.
Apple and Google are based in the US so are bound by the CLOUD Act to provide any and all data they have upon request, no matter where in the world it is being collected or stored.
> all the data about me that is stored in the US is easily accessible without a warrant
No, law enforcement needs a warrant to legally access any data. This is why Prism was illegal, and why companies like Google are pushing back against overly broad geofence search warrants.
i think people focus on whether backups are encrypted too much. it really doesn't matter when the government has remote access equivalent to your live phone when it's in an unencrypted state, which they almost certainly do.
Also, I wondered if by complying with British law that they may somehow be breaking laws of another country?
Hypothetically, if Apple just provide a back door to the data they have on US Senators for instance, then providing that information may be considered treason by the US.
That's a totally made up example, and I have no idea, but it seems like it's possibly an issue.
Which is all about the issues around data sovereignty I suppose!
Treason is a very heavy charge and as far as I know it applies more to individuals. Can a company be prosecuted for treason? I guess it depends on the country and I don't know US law well (never even visited there)
But I'm sure local laws conflict heavily between countries yes. I'm often wondering how multinationals manage to navigate this maze. This is why we have such a big legal department I guess :) And the company I work for is a pretty honest one, I've never seen any skullduggery going on with eg privacy or media manipulation. In fact employees are urged to report such things and I have to do a course on responsible behaviour yearly. Probably a result of being purely B2B. But anyway I digress, just wanted to say that getting away with stuff does not seem to be the reason for us having a big legal dept.
But just look at the laws of e.g. the EU and Iran. Pretty diametrically opposed on many topics. There's no way to satisfy them both.
I think what helps to make this happen is that most countries don't try to push their laws outside of their jurisdiction. Which the UK is trying to do here.
> Treason is the only crime defined in the constitution, and it is quite a high bar.
Well, it's defined, or bounded above, in the constitution. It's not exactly a high bar:
> Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort.
So, if you happened to know Nicolas Maduro, thought he was looking stressed, and bought him some food, that would qualify as treason. There's no requirement that you act against the interests of the United States. The constitution will stop you from being prosecuted for treason for sleeping with Melania Trump. It won't stop you from being prosecuted for treason for completely spurious reasons.
> One scenario would be somebody in an airport and security officials are searching your device
No Heathrow connection necessary. “The law has extraterritorial powers, meaning UK law enforcement would have been able to access the encrypted iCloud data of Apple customers anywhere in the world, including in the US” [1].
Spot on, 727 comments, most probably by Americans, and only 2 (including yours) bringing up the CLOUD Act, the much worse US equivalent. Incredible ignorance.
Providing encrypted data and not providing encryption are two different things. The CLOUD act requires you to hand over data. It could be encrypted. The UK government is asking to hand over data that is also not encrypted. The two are not the same. Note : Not American.
With almost everyones backups stored in plain-text, making it all a little silly.
Think about it for a second: you can re-establish your WA account on a new device using only the SIM card from your old device. SIM cards don't have a storage area for random applications' encryption keys, and even if they did, a SIM card cannot count as "end-to-end" anymore. Same goes for whatever mobile cloud platform those backups might be stored on. And you'd hope Apple or Google aren't happily sending off your cloud decryption keys to any app that wants them. Though maybe they are?
Reestablishing your WhatsApp account on a new device doesn't give access to your old chat messages, you need to restore a WhatsApp backup for that. The backup doesn't need to be stored in the cloud, you can choose to create a local file and manually transfer that to your new device.
In any case, as soon as you start using WhatsApp on a new device, users in the chats you participate in will receive a message informing them that your encryption keys have changed.
You have no laws when traveling through immigration. Thats true in US too. There was an article (trying to look for it could be arstechnica verge I dont remember where) once where a US citizen journalist was detained at the border for hours while traveling into the US and questioned. You can be in the immigration for hours or even decades until you give out what they demand which can involve your unlocked phone and password. There are no laws protecting you.
I don't really understand your comment to be honest. Section 3 of the Regulation of Regulatory Powers Act 2000 allows for compelled key disclosure (disclosure of the information sought instead of the key is also possible). Schedule 7 of the Counter-Terrorism Act allows 9 hour detention, questioning and device search at the border. With these powers it isn't necessary to get access to iCloud backups, as you can get the device and/or the data.
I don't think the e2e icloud backup is problematic under existing legislation / before the TCN. While you can't disclose the key because it lives in the secure enclave, you can disclose the information that is requested because you can log into your apple account and retrieve it. IANAL, but I believe this to be sufficient (and refusing would mean jail).
The Investigatory Powers Act allows for technical capability notices, and the TCN in this case says (as far as we know) "allow us a method to be able to get the contents of any iCloud backup that is protected by E2EE for any user worldwide". This means that there is no need to ask the target to disclose information and if implemented as asked, also means that any user worldwide could be a target of the order, even if they'd never been to the UK.
I imagine they want the ability to look at someone's iCloud backups without notifying the owner that they are doing so or they want to do it when the owner is unwilling or unable to provide keys.
For the latter, there are a lot of cases where jail isn't much a threat (e.g. the person is dead or not in the country).
Also given automatic iPhone backup it might contain information they want as part of an investigation that they'd otherwise have to demand key disclosure for (if cloud backup didn't exist)... Absolutely.
The jail time for failure to comply with key disclosure is 2 years unless it is national security, then it is 5. But if you're organised crime and facing who knows what for being a snitch it might be better simply to do the time.
I can see why they want it. I just don't understand why the person I'm replying to said the feature (I think) was problematic. Not really a criticism, I'm just struggling to identify the tone and why 'too right' and 'more problematic than they let on'.
> Apple is the only company audibly making a stand
Apples stand is false, they take with one hand and give with the other. There have been many times that Apple have been caught giving user data to governments at their request, lied about it, then later on admitted it once it had leaked from another source.
This whole 'we will never make a backdoor' is a complete whitewash marketing stunt, why do they need to make a backdoor when they are providing any and all metadata to any government on request.
> There have been many times that Apple have been caught giving user data to governments at their request, lied about it, then later on admitted it once it had leaked from another source.
In other words, Apple complies with legal government orders, as they are required to. The government can compel them with a warrant to hand over data that they have, and can prohibit them from talking about it. That's the whole reason for the push towards end-to-end encryption and for not collecting any data Apple doesn't need to operate the products. This also ties into things like photo landmark identification, where Apple designed it such that they don't get any information about the requests and so they don't have any information that they could be compelled to hand to the government.
Irrespective of political leanings, a lot of British people are saying this. They stand for it because they have to. It's a government that was voted in by a large margin only six months ago. Disquiet, if that's the word, is pretty much universal and I am not sure we've been quite in this position before. Keir Starmer's decline in approval ratings 'marks the most substantial post-election fall for any British prime minister in recent history'.
"technical capability notice" under the Investigatory Powers Act (IPA)
Sounds a lot like the godawful "assistance and access" laws that were rushed through in Australia a couple of years ago, right down to the name of the secret instrument sent to the entity who gets forced into to building the intercept capability.
Now that Apple has caved once, I expect to see other providers strongarmed in the same way, as well as the same move tried in other countries.
> There's no time limit on when you may be searched, so all people who ever travelled through British territory could be searched by officials.
> Let that sink in for a moment. We're talking about the largest back door I've ever heard of.
Codename 'Krasnov' is the largest backdoor I have ever heard of. And, we only need to look at his behavior.
These E2EE from USA can be tainted in so many ways, and FAMAG sits on so much data, that codename 'Krasnov' can abuse such to target whoever he wants in West. Because everyone you know is or has been in ecosystem of Apple, Google, or Microsoft.
Whataboutism! Fair. From my PoV, as European, the UK government is (still) one of the good guys who will protect Europe from adversaries such as those who pwn codename 'Krasnov'. Such protection may come with a huge price.
It's amusing to think of Apple as a "monopoly" (if anything they have a monopsony on TSMC production) but let's just replace that with "giant" for purposes of discussion.
Tech giants typically devolve local operations to small companies to avoid liability - think petroleum suppliers not owning gas stations (because those typically end up as superfund sites). Not sure if this analogy this works for Google Android and all the manufacturers that deploy it for their smartphones too.
So corporations have been doing this forever, trying to find legal loopholes where they can have their cake and eat it too.
Not exactly. It generates the keys for you and stores them on device in the Secure Enclave. You cannot "bring your own" encryption key, but the primary benefit of doing so--that Apple does not have access to it--is intentionally accomplished anyway by the implementation.
I’m not sure I appreciate the value of literally bringing your own keys. My device generating them on my behalf as part of a setup process seems sufficient. You’d use openssl or something and defer to software to actually do keygen no matter what.
I agree it seems sort of academic at first blush, but I'm going to venture a guess it's the idea that you own them, instead of Apple.
So you can eg. keep a backup on your own (secure) infrastructure. Transfer them when switching devices or even mirror on two different ones*. Extract your own secret enclave contents. Improve confidence they were generated securely. And depending on implementation, perhaps reduce the ease with which Apple might "accidentally" vacuum the keys up as a result of an update / order.
*Not sure how much these two make sense in the iOS ecosystem. I know on the Android side I'd absolutely love to maintain a "hot standby" phone that is an exact duplicate of my daily driver, so if I drop it in the ocean I can be up and running again in a heartbeat with zero friction (without need to restore backups, reliance on nerfed backup API's outside the ones Google uses, having to re-setup 2FA, etc. and without ever touching Google's creepy-feeling cloud).
You would need to have a completely trusted software and hardware stack to actually own the keys. And that is already hard enough to get on a PC where ownership still means something, it is not going to happen on most mobile devices. To whatever extent you trust any of the stack already, the Secure Enclave is a better bet than BYOK. The real risk, as you imply, is if Apple is able to compromise the security coprocessor with an OTA firmware update, but they can definitely already push a regular OS update that exfiltrates any key you type in.
Just make an airgapped Linux device on a DYI FPGA CPU. This part is not that difficult comparing to persuading commercial vendors let you use your own cloud and your own encryption/backup mechanisms.
Yeah... unfortunately it ought to be the other way around. They should have a hard time pursuading us to trust them enough to use theirs.
If your phone company asked you to give them the key to your house, in perpetuity, how would you feel about that? (Particularly if they insisted you sign a 15 page Terms of Use first that disclaims all their liability if anything goes missing).
It depends what kind of backdoor the UK is asking for but "encryption backdoor" sounds like cryptographic compromise. I don't know if that's what it means but either way the only way to be sure your keys are secure is to generate them yourself.
BYOK does not provide any additional security over the Secure Enclave (and similar security coprocessors). In fact, unless the Secure Enclave were to directly accept your input and bypass the OS, BYOK is worse because the software can just upload your key to a server as soon as you type it in. Whereas, a key generated on the Secure Enclave stays there, because there exists no operation to export it.
But if you don't trust Apple, how to you get the key into the Secure Enclave to begin with? Doesn't Apple control the software on your device that provides the interface into the Secure Enclave from outside of it?
It's always hilarious to see how far people here are ready to go to twist some bad Apple news into something which might be considered good.
I mean seriously. Apple making a stand? What stand? They are ripping security out of their customers hands. Customers which are already dependent on the company's decision in their locked in environment.
There is absolutely nothing good about it, and you dragging Android into it and making it look like it's even worse is suspicious. You can have full control over your Android device. Something impossible on an Apple phone. You can make your Android device safer than your iPhone.
The government forced them to pull the feature. Would you rather they left a toggle-switch that doesn't actually do anything? Or are you thinking they should just pull out of the EU altogether?
No, this tells the customer that backups to iCloud are not secure from the government. Adding the back door would make people think that there was more security than there was. Transparency is always better than deception.
Dropping the feature that the UK was targeting allows their customers to use all the other ways that Apple does things. Leaving the UK altogether is the nuclear option denying their customers of everything. “Apple should just leave the UK/China” never takes into consideration the millions of customers that bought or might want to buy in the future. Nobody would better off if Apple withdraws from a country.
vs. taking their phone away??? Idk if you're trolling or what but I would be incredibly pissed at Apple if they deprecated my phone over something like this.
Making a stand would be displaying a full-screen notification about why they cannot provide protection for British users' data and which party voted for this.
> What concerns me more is that Apple is the only company audibly making a stand.
They are not making a stand. They roll over without a peep. And this is concerning users' privacy which they say is the core of the company.
Compare it to fighting every government tooth and nail over every single little thing concerning the "we don't know if it's profitable and we don't keep meeting records" AppStore
What are you talking about? This is literally them doing the opposite, and there are multiple other public instances of them making a stand, not to mention in the design of their systems.
They had two paths to comply with the law. Silently backdoor the worldwide cloud serving every Apple device, or loudly tell people in the UK they don't get to have security because their government prohibits them. Between these two options, this is clearly "making a stand".
It's not as much "making a stand" as telling a major government that you have substantial seizable assets under their jurisdiction who is a major market you want to be in, that you're not going to do the thing that their laws say you are required to do, but it's hardly simple compliance either, instead of doing what the government wants them to do, they are making sure there is blowback.
Whether to try to fight it in court likely depends on details of case law and the wording of the laws they'd be contesting, I imagine much of the delay in their response to the demand was asking their lawyers how well they think they would fare in court.
This doesn't affect only people in the UK. It allows access to all Apple users' data globally:
> No Heathrow connection necessary. “The law has extraterritorial powers, meaning UK law enforcement would have been able to access the encrypted iCloud data of Apple customers anywhere in the world, including in the US” [1].
The real prescient threat in that movie was the predictive AI algorithm that tracked individual behaviors and identified potential threats to the regime. In the movie they had a big airship with guns that would kill them on sight, but a more realistic threat is the AI deciding to feed them individualized propaganda to curtail their behavior. This is the villain's plot in Metal Gear Solid 2, which is another great story.
> Your persona, experiences, triumphs, and defeats are nothing but byproducts. The real objective was ensuring that we could generate and manipulate them.
It's really brilliant to use a video game to deliver the message of the effectiveness of propaganda. 'Game design' as a concept is just about manipulation and hijacking dopamine responses. I don't think another medium can as effectively demonstrate how systems can manipulate people's behavior.
Life is imitating too many dystopian books, movies, etc these days. I think we need to put an end to all creative works before the timeline becomes irrecoverably destroyed.
Fundamentally, I think the issue is more about technical literacy amongst the political establishment who consistently rely on the fallacy that having nothing to hide means you have nothing to fear. Especially in the UK which operates as a paternalistic state and enjoys authoritarian support across all parties.
On the authoritarianism: these laws are always worded in such a way that they can be applied or targeted vaguely, basically to work around other legislation. They will stop thinking of the children as soon as the law is put into play, and it's hardly likely that pedo rings or rape gangs will be top of the list of priorities.
On the technical literacy: the government has the mistaken belief that their back door will know the difference between the good guys (presumably them) and the bad guys, and the bad guys will be locked out. However, the only real protection is security by obscurity: it's illegal to reveal that this backdoor exists or was even requested. Any bad guy can make a reasonable assumption that a multinational tech company offering cloud services has been compromised, so this just paints another target on their backs.
I've said it before, but I guarantee that the monkey's paw has been infinitely curling with this, and it's a dream come true for any black or grey hat hacker who wants to try and compromise the government through a backdoor like this.
It's not literacy. They don't care. They need control, and if establishing control means increased risks for you, it's not something they see as a negative factor. It's your problem, not theirs.
The government put in restrictions against using certain powers in the Investigatory Powers Act to spy on members of parliament (unless the Prime Minister says so, section 26), so I think they're just oblivious to the risk model of "when hackers are involved, the computer isn't capable of knowing the order wasn't legal".
No, it shows they're thinking of computers like they think of police officers.
Computer literacy 101: to err is human, to really foul up requires a computer.
They don't understand that by requiring the capability for going after domestic criminals, they've given a huge gift to their international adversaries' intelligence agencies. (And given this is about a computer vulnerability, "international adversaries" includes terrorists, and possibly disgruntled teenagers, not just governments).
They don't even need control. They want control. Why? Either they're idiots who think they need control or they are tyrants who know they'll need control later on when they start doing seriously tyrannical things.
It's natural for the government to want control. It's literally what it is optimized for - control. More control is always better than less control. More data about subjects always better than less data. What if they do something that we don't want them doing and we don't know? It's scary. We need more control.
> they'll need control later on when they start doing seriously tyrannical things.
You mean like when they start jailing people for social media posts? Or when they are going to ban kitchen knives? Or when they're going to hide a massive gang rape scandal because it makes them look bad? Or when they would convict 900+ people on false charges of fraud because they couldn't admit their computer system was broken? Come on, we all know this is not possible.
Well it’s important that the argument is correct. They view ending end-to-end encryption as a way to restore the effectiveness of traditional warrants. It isn’t necessarily about mass surveillance and the implementation could prevent mass surveillance but allow warrants.
I oppose that because end to end encryption is still possible by anyone with something to hide, it is trivial to implement. I think governments should just take the L in the interest of freedom.
> They view ending end-to-end encryption as a way to restore the effectiveness of traditional warrants.
Traditional warrants couldn't retroactively capture historical realtime communications because that stuff wasn't traditionally recorded to begin with.
> It isn’t necessarily about mass surveillance and the implementation could prevent mass surveillance but allow warrants.
The implementation that allows this is the one where executing a warrant has a high inherent cost, e.g. because they have to physically plant a bug on the device. If you can tap any device from the server then you can tap every device from the server (and so can anyone who can compromise the server).
They shouldn’t be able to tap any device from a server. I’m guessing they would have to apply for a warrant and serve the warrant to Apple who review the warrant and provide the data.
Putting the panopticon server in a building that says Apple or Microsoft at the entrance hasn't solved anything. Corporations are hardly more trustworthy than the government, can be coerced into doing the mass surveillance under gag orders, could be doing it for themselves without telling anyone, and would still be maintaining servers with access to everything that could be compromised by organized crime or foreign governments.
Which is why the clients have to be doing the encryption themselves in a documented way that establishes the server can't be doing that.
I used to think it was illiteracy, but when you hear politicians talk about this you realise more often than not they're not completely naive and can speak to the concerns people have, but fundamentally their calculation here is that privacy doesn't really matter that much and when your argument for not breaking encryption based around the right to privacy you're not going to convince them to care.
You see a similar thing in the UK (and Europe generally) with freedom of speech. Politicians here understand why freedom of speech is important and why people some oppose blasphemy laws, but that doesn't mean you can just burn a bible in the UK without being arrested for a hate crime because fundamentally our politicians (and most people in the UK) believe freedom from offence is more important than freedom of speech.
When values are misaligned (safety > privacy) you can't win arguments by simply appealing to the importance of privacy or freedom of speech. UK values are very authoritarian these days.
"Especially in the UK which operates as a paternalistic state and enjoys authoritarian support across all parties."
What is a "paternalistic state". I studied Latin so obviously I understand pater == father but what is a father-like state?
What on earth is: "authoritarian support across all parties".
The UK has one Parliament, four Executives (England, Northern Ireland, Scotland, Wales) and a Monarch (he's actually quite a few Monarchs).
Anyway, I do agree with you that destroying routine encryption is a bloody daft idea. It's a bit sad that Apple sold it as an extra add on. It does not cost much to run openssl - its proper open source.
Paternalism, unless I'm mistaken, is a belief among those in power that they what's best for you, better than you do, and will exercise power on your behalf in that manner. Just like your parents do when you're a child.
In medicine, a paternalistic attitude towards the patient from a point of authority (like a father)
The doctor acts as if he knows more and knows what is better. The patient has his own preferences and priorities, but they don't necessarily match with what the doctor does.
I suppose a paternalistic state functions to satisfy the needs of the people, and to define those needs. The people get what the state says is best for them.
What the politicians want is partial security: something they can crack but criminals can't. That is achievable in physical security, but not in cybersecurity.
I have a feeling the politicians already know partial cybersecurity isn't an option, and don't care. Certainly, the intelligence community advising them absolutely does know. We don't even have to be conspiratorial about it: their jobs are easier in the world where secrets are illegal than in the world where hackers actually get stopped.
With physical security the state apparatus can provide physical security in the form of police and what not, as well as deterrence and punishment.
In the world of cryptography it's... a bit harder to do something similar. In the best case they can come up with a key escrow system that doesn't suck too much, force you to use it, and hopefully they don't ever get the master keys hacked and stolen or leaked. But they're not asking for key escrow. They're asking for providers to be the escrow agents or whatever worse thing they come up with.
"it's hardly likely that pedo rings or rape gangs will be top of the list of priorities".... is this not one of the most disturbing, disgusting, psychologically troubling and damning ideas ever to be put to words/brought to awareness? . Right up there "let's meticulously plan out this horrific, atrocious, dehumanizing act and meditate upon the consequences, and then choose the most brutal and villainous option". Dear Lord....
People are extremely opposed to pedos, so they're a primary rationalization for oppressive technology. But then you have two problems.
First, pedos know everybody hates them, so they take measures normal people wouldn't in order to avoid detection, and then backdooring the tech used by everybody else doesn't work against them because they'll use something else. But it does impair the security of normal people.
Second, there aren't actually that many pedos and the easy to catch ones get caught regardless and the hard to catch ones get away with it regardless, which leaves the intersection of "easy enough to catch but wouldn't have been caught without this" as a set plausibly containing zero suspects. Not that they won't use it against the ones who would have been caught anyway and then declare victory, but it's the sort of thing that's pretty useless against the ones it's claimed to exist in order to catch, and therefore not something it can be used effectively in order to do.
Whereas industrial espionage or LOVEINT or draining grandma's retirement account or manipulating ordinary people who don't realize they should be taking countermeasures -- the abuses of the system -- those are the things it's effective at bringing about, because ordinary people don't expect themselves to be targets.
> is this not one of the most disturbing, disgusting, psychologically troubling and damning ideas ever to be put to words/brought to awareness? .
Hmm? Hell has depths. Your yard might be a little too short to measure them? In that case, just think about this: rape is probably most common in prisons, where you will send innocents the moment this dragnet thing glitches.
> that having nothing to hide means you have nothing to fear
hopefully the US turning from leader of the free world to Russia's tool will give them the kick they need to realise that just because you trust the government now doesn't mean you trust the next government or the one after it.
You probably don't want to look up which US President tried to force Apple to insert an encryption back door into iPhones back in 2015.
However, Google did only start moving to protect location data from subpoenas after people started to worry that location data could be used as a legal weapon against women who went to an abortion clinic, so your larger point stands.
Points about Russia or partisan politics aside, there are now at least 10M people living in the US who have a very strong incentive to hide all their data from the executive branch. That's to say nothing of the countless millions who might want to help them.
The demand for encryption just exploded, in a legal gray area (city, state, and federal laws seem to be in conflict here) it's just a question of whether governments allows the supply to follow.
That would be none, as it was the FBI, operating independently (as it's supposed to), which tried to force the issue. They even tried to go to Congress but found little support for their stunt. I'm not even sure Obama ever spoke in support of the backdoor, much less used any political power to make it a reality.
Haven't we already learned that gaslighting the public is counterproductive?
President Obama sold himself as a Constitutional scholar who would set right the civil liberties overreach of his predecessor.
You aren't going to convince sane people that his executive branch agencies sought to gut the fourth amendment without his being aware of it, despite months of extensive press coverage.
"the other side is just as bad" isn't the justification that a lot of people seem to think it is. if you don't like what the other side has done, don't just copy them. do better.
It's simpler. If you claim that a particular action would be bad if the other political team were to perform it, don't suddenly make excuses for that very same action if it turns out that your favored political team has previously performed it.
He demands $500bn of rare earth minerals, insists that Ukraine started the war by getting invaded and wants Zelensky to be replaced by a Russian puppet. It's amazing how the US went from the defender of the free world to just another thug.
Just to be clear: Wallace is not a head of state, or even an MP any more. At one point, he was Secretary of State for Defence, a Cabinet position, however he resigned this in 2023.
This doesn’t justify his position (it’s stupid) but he doesn’t speak for the current government.
Technically we did abolish the monarchy back in the 17th century, but the replacement was so bad we brought them back about 10 years later, which I think makes us a minority of one and even more weird.
Anyway, back on topic: this is a ridiculous law that is forcing services to erode their security while smart criminals can just use some nice free open-source software somewhere else for E2E communication. And a lot of this is definitely down to lawmakers not understanding technology.
You’re correct, however I gave GP the benefit of the doubt and assumed they meant Secretary of State ;-)
And, to be fair, while I’m generally a small r republican, I’m seeing benefits of having a non politically aligned head of state after J6. While the monarch has limited power, booting out a PM that can’t command the confidence of Parliament is one of them. The question of whether Johnson would accept being dethroned a la Trump was always silly given his consent was never needed.
The UK monarch's power is largely based on convention more than active decision making. For example, a government is formed at the invitation of the monarch, but that's long reflected the results of an election. Getting rid of a PM generally happens when they run out of luck. That sometimes coincides with the ruling party/coalition imploding. The next PM is then shortlisted by MPs and selected by a minority of the electorate.
I guess the US equivalent is the leader of the house being unable to hold their majority together. In some ways the presidential election feels more democratic if a relative outsider (like Trump was) can win. But a 2 year lead up is crazy.
And that's why it is so important to nip this "pedo" / "think of the children" crap right in the bud.
Obviously pedos on the interwebs are bad, but hey as long as it's just anime they're whacking off to I don't care too much. But the real abuse, that's done by - especially in the UK - rich and famous people like Jimmy Savile. And you're not gonna catch these pedos with banning encryption, that's a fucking smokescreen if I ever saw one, you're gonna catch them with police legwork and by actually teaching young children about their bodies!
> But the real abuse, that's done by - especially in the UK - rich and famous people like Jimmy Savile
Jimmy Savile was a vile predator. He was protected by the inane customs of the British ruling class.
He was not alone among the toffs of England.
But do not be mistaken. It is not just the rich and powerful where you find sexual predators. They exist at all levels of society, all genders, most ages (I will except infants and the aged infirm....)
Jimmy Savile was a symptom of something much darker, much worse and widespread.
Honestly if the UK wants to reduce sexual crimes against children and adults one of the easiest ways to achieve that would be to reform UK liable law.
In the UK if you're raped by someone famous you'd be an utter idiot to say anything unless you're loaded or have a massive amount of hard evidence. You couldn't have a me to movement in the UK because everyone who came forward would be sued into bankruptcy. This is why so many people knew about Savile but no one said anything.
Yeah but if you sell the populace on the idea that pedos are only something that's a threat on the interwebs the populace won't care about all the other pedos, and if there is a pedo scandal like the next Savile the government can just go and shrug and say "we did all we could". And that is the point behind all that pedo scare.
> technical literacy amongst the political establishment who consistently rely on the fallacy that having nothing to hide means you have nothing to fear.
That's an awfully generous assessment on your part. Kindly explain just what "technical literacy" has to do with the formulation you note. From here it reads like you are misdirecting and clouding the -intent- by the powerful here.
Also does ERIC SCHMIDT an accomplished geek (who is an official member of MIC since (during?) his departure from Sun Microsystems) suffers from "technical literacy" issues:
I feel like the comment was clear, technical illiteracy leads politicians to believe that they'll be the only ones with access to this backdoor, which isn't true.
The comment's clarity was not questioned. You are passing around the same tired line that because politicians do not understand technology and how it can be used against anyone. Sure computers are new but communication technology is not. All a politician needs to understand is "capability". That is it. "We can read their communications", no degree in CS required. Also, they have power geeks advising them left and right. They know "capabilities" can be misused. They know this.
Yeah. Not buying it. They know, or someone smart enough told them that backdoors can be accessed by anyone with enough skill. They just don't care because the people that are asking for this are criminals already and wanting profit off of other people's data.
Let me offer a possible example that might be more in line with the HN commenting guideline about interpreting people's comments as charitably as reasonably possible:
My password manager vault isn't exactly something to hide in the political sense, but it's definitely something I would fear is exposed to heightened risk of compromise if there were a backdoor, even one for government surveillance purposes. And it's a reasonable concern that I think a lot of people aren't taking seriously enough due, in part, to a lack of technical literacy. Both in terms of not realizing how it materially impacts everyday people regardless of whether they're up to no good, and in terms of not realizing just how juicy a target this would be for agents up to and including state-level adversaries.
As for Eric Schmidt, he's something of a peculiar case. I don't doubt his technical literacy, but the dude is still the head of one of the world's largest surveillance capitalist enterprises, and, as the saying goes, "It is difficult to get a man to understand something when his salary depends on his not understanding it."
The AP News was just kicked out of press conferences for not using the government-preferred term for the Gulf of Mexico. The new director of the FBI is pledging to go after members of the press that he doesn't like. The US is jumping headfirst in the "bad speech isn't free" direction in the past month.
Of course they are. Violent threats and admitting illegal activity on social media can lead to arrests in the US. By being so unspecific your comment does not really foster good discussion on the topic. You should describe what kind of posts they are being arrested for and which laws/protections in the UK you are specifically criticizing.
Hardly. There are limits to speech in most jurisdictions. That hardly crosses the threshold for "authoritarian". The high profile cases in the UK have been around incitement to violence and contempt of court.
No, they get arrested for conduct that would be criminal no matter where they did it. Facebook (2x) and Twitter (2x) were the (virtual) venues where the crimes were committed, but the crimes were attempting to organize a mob to burn down a courthouse, inciting and threatening to murder police, conspiracy to suppress votes and threatening to kill the President. The crimes would be just as criminal had they been done in person at a local bar (or any other physical location).
There are limits to speech in every country, including the US. What I always find baffling is the sheer arrogance of Americans, that the only way to be a free and democratic country is their way, to the extent that they send their elected representatives to Germany of all places to implicitly argue for the legalisation of the Hitler salute.
Meanwhile their country has slid into fascism. Sad and tragic.
If you see a red car driving down the street do you not call it red because there are many other red cars? They're adding color (pun intended) to their description of the general bias of the UK government. What you're doing is called Whataboutism - the argument that others are doing something similar or as bad in different contexts. It doesn't make what the UK is doing any less bad for citizens (and non-citizens) privacy or data sovereignty.
Many people might not be aware of it, but Apple publishes a breakdown of the number of government requests for data that it receives, broken down by country.
Much of this is likely related to the implementation and automation of the US-UK data access agreement pursuant to the CLOUD Act, which has streamlined this type of request by UK law enforcement and national security agencies.
The problem is AFAIK this act is a lot different and Apple or any party that gets this order is completely forbidden to talk about it. So these kind of requests would not show up in this transparency requests. It is IMHO fair to assume Apple will UK this backdoor given they chose to disable Advanced Data Encryption and public would have no insight to amount and reasons to the backdoor usage. It is really troubling.
Sad to see the home of the magna carta slowly spiraling down into fascism and 1984. The government should be required to have a specific warrant to get at your personal data.
I don't share your findings, EVERY six-month period between January 2014 - June 2017 shows bigger requests than any six-month period in the last 5 years.
>Online privacy expert Caro Robson said she believed it was "unprecedented" for a company "simply to withdraw a product rather than cooperate with a government.
That is such a self serving comment. If Apple provides UK a backdoor, it weakens all users globally. With this they are following the local law and the country deserves what the rulers of the country want. These experts are a bit much. In the next paragraph they say something ominous.
>"It would be a very, very worrying precedent if other communications operators felt they simply could withdraw products and not be held accountable by governments," she told the BBC.
I wonder what the impact of Apple withdrawing from China will be. I know we are talking about UK, but this made me think.
Not only their sales will reduce, but hey Chinese manufacturing cuts down. By how much? Will it be impactful? I would think so but wonder if it is quantifiable.
>"It would be a very, very worrying precedent if other communications operators felt they simply could withdraw products and not be held accountable by governments,"
This would actually be a very very very very VERY GOOD precedent if you ask me.
Facebook pulled something similar when Canada passed the Online News Act and instead of extorting facebook to pay the media companies for providing a service to them (completely backasswards way to do things), they just pulled news out of Canada. I despise Meta as a company, but I had to give them credit for not just letting the government shake them down.
Good riddance. Governments need to be reminded from time to time that they are, in fact, not Gods. We can and should, just take our ball and go play in a different park or just go home rather than obey insane unjust laws.
Note that this doesn’t satisfy the government’s original request, which was for worldwide backdoor access into E2E-encrypted cloud accounts.
But I have a more pertinent question: how can you “pull” E2E encryption without data loss? What happens to those that had this enabled?
Edit:
Part of my concern is that you have to keep in mind Apple's defense against backdooring E2E is the (US) doctrine that work cannot be compelled. Any solution Apple develops that enables "disable E2E for this account" makes it harder for them to claim that implementing that would be compelling work (or speech, if you prefer) if that capability already exists.
That’s exactly the plan. Anyone with this enabled in the UK will need to manually disable it or they’ll get locked out of their iCloud account after a deadline.
The hardware will not allow this, at least not without modifications. The encryption keys are not exportable from the Secure Enclave, not even to Apple's own servers.
The Apple security paper describe how to disable ADP through a key rotation sequence.
This will be a "forced rotation", they just need to decide how to communicate to users and work out what happens to those who don't comply. Lockout until key rotation look like an option as someone said.
Behind the scenes, it'd probably decrypt it locally piece-by-piece with the key in the Secure Enclave, and then reencrypt it with a new key that Apple has a copy of when you disable ADP.
Assuming the enclave can receive OTA firmware updates and those updates can completely compromise it, which are not actually proven facts, there's no way to target this to the UK alone without either exempting tourists and creating a black market for loophole phones or else turning all of Britain into a "set foot here and ruin your iPhone forever" zone.
> how can you “pull” E2E encryption without data loss
You can’t. The article says if you don’t disable it (which you have to do yourself, they can’t do it for you, because it’s E2E), your iCloud account will be canceled.
How would an alt service help this situation? You’d just end up with backdoored services advertising E2EE, no? Apple’s move here is definitely the right one, introduce as much friction as possible to hopefully get the user pissed off at their government for writing such stupid laws.
> introduce as much friction as possible to hopefully get the user pissed off at their government for writing such stupid laws.
I'm actually surprised that they didn't add more direct text in that screen. "We are unable to provide this service... BECAUSE OF YOUR GOVERNMENT 1984 STYLE REQUESTS. Contact your MPs here and here and oh, here's their unlocked icloud data, might want to add some choice pictures to their stash..." would have been a tad more on the nose...
We are told the encryption keys reside only on your device. But Apple control “your” device so they can just issue an update that causes your device to decrypt data and upload it.
Apple has already fought US government demands that they push an update that would allow the US governmrnt to break encryption on a user's device.
> In 2015 and 2016, Apple Inc. received and objected to or challenged at least 11 orders issued by United States district courts under the All Writs Act of 1789. Most of these seek to compel Apple "to use its existing capabilities to extract data like contacts, photos and calls from locked iPhones running on operating systems iOS 7 and older" in order to assist in criminal investigations and prosecutions. A few requests, however, involve phones with more extensive security protections, which Apple has no current ability to break. These orders would compel Apple to write new software that would let the government bypass these devices' security and unlock the phones.
From the Advanced Data Protection whitepaper [0], it appears the keys are stored in the iCloud Keychain domain, so not the Secure Enclave:
> Conceptually, Advanced Data Protection is simple: All CloudKit Service keys that were generated on device and later uploaded to the available-after-authentication iCloud Hardware Security Modules (HSMs) in Apple data centers are deleted from those HSMs and instead kept entirely within the account’s iCloud Keychain protection domain. They are handled like the existing end-to-end encrypted service keys, which means Apple can no longer read or access these keys.
Apple can push firmware updates to the HSM just like the device. So if they really wanted they could add an operation that extracted the keys (likely by encrypting them to a key that lives in Apple's cloud).
An HSM bypass (extracting keys, performing unauthenticated crypto ops) on any recent iOS device is worth 10s of millions, easily. Especially if combined with a one-click/no click. In that sense, it’s auditable, because it’s one of the biggest targets for any colour hat, and the people smart enough to find a bug/backdoor would only be slightly aided by a spec/firmware source, and a bit more by the verilog.
This is true for pretty much every “real” hsm on the planet btw. No one is sharing cutting edge enclave details, Apple isn’t unique in this regard.
If someone has a reliable and workable secure enclave hack they can become a multi-millionaire for selling to state actors or become one of the most famous hackers in the world overnight (and possibly get a life changing amount of bounty from Apple)
Basically it's not a hack someone just throws on the internet for everyone to use, it's WAY too valuable to burn like that.
> Any solution Apple develops that enables "disable E2E for this account" makes it harder for them to claim that implementing that would be compelling work (or speech, if you prefer)
I think it’s really speech [0], which is why it’s important to user privacy and security that Apple widely advertises their entire product line and business as valuing privacy. That way, it’s a higher bar for a court to cross, on balance, when weighing whether to compel speech/code (& signing) to break E2EE.
After all, if the CEO says privacy is unimportant [1], maybe compelling a code update to break E2EE is no big deal? (“The court is just asking you, Google, to say/code what you already believe”).
Whereas if the company says they value privacy, then does the opposite without so much as a fight and then the stock price drops, maybe that’d be securities fraud? [2]. And so maybe that’d be harder to compel.
Apple is in a really tough position. I don't know if there's any way they could fulfil the original request without it effectively becoming a backdoor. Disabling E2E for the UK market is just kicking the can down the road.
Even simply developing a tool to coerce users out of E2E without their explicit consent to comply with local laws could be abused in the future to obtain E2E messages with a warrant on different countries.
But customers. People keep saying they should just not be in that country. It is far better to have the choice of using an iPhone even if particular features are no longer available.
>> Apple's defense against backdooring E2E is the (US) doctrine that [government can’t] be compelling work (or speech, if you prefer)
It’s really not "work” but speech. That’s why telecoms can be compelled to wiretap. But code is speech [2], signing that code is also speech, and speech is constitutionally protected (US).
The tension is between the All Writs Act (requiring “third parties’ assistance to execute a prior order of the court”) and the First Amendment. [1]
So Apple may be compelled to produce the iCloud drives the data is stored on. But they can’t be made to write and sign code to run locally in your iPhone to decrypt that E2EE data (even though obviously they technologically could).
It's weird bending of law. Code, especially closed-source code, is not a speech; it's a mechanism and the government may mandate what features a mechanism must have (for example, a safety belt in a car).
> how can you “pull” E2E encryption without data loss? What happens to those that had this enabled?
They'll keep your data hostage and disable your iCloud account. Clever, huh? So they are not deleting it, just disabling your account. "If you don't like it, make your own hardware and cloud storage company" kind of a thing.
> "If you don't like it, talk to your local politicians",
Indeed people only noticed this because Apple tried to do the right thing and now it's somehow also Apple's fault. No good deed goes unpunished, I guess.
I think there is a feeling the government power is so overwhelming that they are hoping maybe some trillion dollar corporation would help them out somehow.
Think about it.. You don't even have to be an Apple user to be affected by this issue. If someone backs up their conversations with you to apple cloud, your exchange is now fair game. You get no say in it either.
Setting a retention time out is playing with fire. If the police get ahold of the other party's device, and present an exhibit which they say contains the true conversation, you could be worse off than if you retained the conversation. The fact that you have since deleted it could be incriminating.
In some jurisdiction, yes, legally, such evidence might not be probative, but you might still convicted because of it.
This isn't Amazon getting in trouble for implementation of a routine records retention policy. It's Amazon getting in trouble for violating a document retention mandate related to an ongoing lawsuit.
I don't think so. Corporate communication is bound by different laws and you have way higher burden of evidence in case of legal requests. I don't think this creates a precedent for personal communications.
Yes, but if I’m reading it right, Amazon staff were already inder instruxtion to retain and share data relevant to an ongoing investigation. They were aware of the process and, if the article is to be believed, worked against the instructions.
That’s quite different from turning disappearing messages on when you’re not explicitly under insteuctions to keep records.
Many people want control over whether they back up conversations with others, and think it would be crazy for sender to control the retention policy instead of receiver.
I think sender should just be able to send a recommended preference hint on retention and you could have an option to respect it or not.
Very similar to sites like LinkedIn, which ask you to share your personal info & contact list.
I don't want to share my contact details, but the second someone I know decides to opt in, I lose all rights to my own data as they've shared it on my behalf.
Maybe they have other info, such as birthday, home address, other emails or phone #s, etc. stored for me, which is all fair game, as well.
Security hinges on trust. The only real privacy tool is PGP which uses a web of trust model. But it only works if people own their own computers and storage devices. What they've done is got everyone to rent their computers and storage instead. There's no security model that works for the users here.
So many questions around this that need answering, such as:
1. What happens if I have ADP enabled and then visit the UK? Will photos I take there still be E2E encrypted? If not, will I be notified? I realize that at the moment the answer is yes, that for now, they are only disabling ADP enrollment. But they are planning to turn it off for everyone in the UK in the future. So what happens then?
2. If they make an exception for visitors, such as by checking the account region, then obviously anyone in the UK who cares about security will just change their account region - a small inconvenience. Maybe this will be a small enough group that the UK government doesn’t really care, but it could catch on.
3. Is this going to be retroactive? It’s one thing to disallow E2E encryption for new content going forward, where people can at least start making different decisions about what they store in the cloud. It’s an entirely different thing for them to remove the protection from existing content that was previously promised to be E2E encrypted. When they turn off ADP for people who were already enrolled, how is their existing data going to be handled?
Free speech already under threat and now y'all are giving up the right of private communication too? For anyone cheering this on, do you honestly think this will only affect the "bad people", and you'll never have your own neck under the government's boot? Even if you trust the government today, what happens when your neighbors elect a government you disagree with ideologically?
How do we actually beat this narrative? I've been proposing a E2EE-based chat application to my friend, and they asked me a similar question: won't it just be rife with pedophiles? How can you make a platform that will be used to that means?
I have strong views about privacy as a fundamental human right, but I don't know how to answer that question. I certainly don't want to make the world worse, but this feels like a lesser of two evils type of deal: either make it even harder to catch bad actors, such as child abusers, or make it plausible that your government take away your freedom forever.
Instead of the word cheering we could use letting.
Bad people flourish over the inaction of good people.
(but yes, there are always several who protect and argue for things risking their own and everyone's livelihood, exposing themselves to shady elements, along singled out and elevated thin aspects, cannot understood why)
I have a naive question, and it's genuine curiosity, not a defence of what's happening here.
This ADP feature has only existed for a couple of years, right? I understand people are mad that it's now gone, but why weren't people mad _before_ it existed? For like, a decade? Why do people treat iCloud as immediately dangerous now, if they didn't before?
Did they think it was fully encrypted when it wasn't? Did people not care about E2E encryption and now they do? Is it that E2E wasn't possible before? If it's such a huge deal to people now, why would they have ever used iCloud or anything like it, and now feel betrayed?
I guess I'm one of the people who was upset that it didn't exist before, and I didn't enable iCloud Backup as a result. I didn't use iCloud Photos. I had everything stored on a NAS (which was in-fact encrypted properly) and used a rube goldberg-esque setup to move data to it periodically. I used iMazing and local encrypted backups on a schedule.
Lots of people called for E2EE on this stuff, but let's be real about one thing: encryption as a feature being more accessible means more people can be exposed to it. Not everyone can afford a rube goldberg machine to backup their data to a NAS and not make it easily lost if that NAS dies or loses power. It takes immense time, skill, and energy to do that.
And my fear isn't the government, either, mind you. I simply don't trust any cloud service provider to not be hacked or compromised (e.g., due to software vulnerability, like log4j) on a relatively long timescale. It's a pain to think about software security in that context.
For me, ADP solves this and enables a lot of people who wouldn't otherwise be protected from cloud-based attacks to be protected. Sure, protection against crazy stuff like government requests is a bonus, but we've seen with Salt Typhoon that any backdoor can be found and exploited. We've seen major exploits in embedded software (log4j) that turn out to break massive providers.
So, there were people upset, their concerns were definitely voiced on independent blogs and random publications, and now, we're back in the limelight because of the removal of the feature for people in the UK.
But, speaking as a user of ADP outside of the UK, I am happy that ADP is standing up for it, and thankful that it exists.
(To be clear: government backdoors, and government requests also scare me, but they aren't a direct threat to myself as much as a vulnerability that enables all user data to be viewed or downloaded by a random third-party).
Many of us were very upset about Apple's slow-rolling this feature. There were many claims that they delayed the rollout due to government pressure [1] (note: that story is by the same reporter who broke today's news a couple of weeks ago.)
Rolling out encryption takes time, so the best I can say is "finally it arrived," and then it was immediately attacked by the U.K. government and has now been disabled over there. I imagine that Apple is also now intimidated to further advertise the feature even here in the U.S. To me this indicates we (technical folks) should be making a much bigger deal about this feature to our non-technical friends.
At one point in time, the entirety of web communication was completely unencrypted.
Why were people not mad then? Do you think people would be angrier now, if HTTPS were suddenly outlawed?
Among other valid answers, removing rights and privileges generally makes people angrier than not having those rights or privileges in the first place.
Oh, we were. I am in the crowd who had been asking for generally used encryption since 1995. After all, we were already using SSH for our shell connections.
The first introduction to SSL outside of internet banking and Amazon was for many online services to use encryption only for their login (and user preferences) page. The session token was then happily sent in the clear for all subsequent page loads.
It took a while for always-on encryption to take hold, and many of the online services complained that enabling SSL for all their page loads was too expensive. Both computationally and in required hardware resources. When I wrote for an ICT magazine, I once did some easy benchmarking around the impact of public key size for connection handshakes. Back then a single 1024-bit RSA key encryption operation took 2ms. Doubling it to 2048 bits bumped that up to 8ms. (GMP operations have O(n^2) complexity in terms of keysize.)
"We" is an special group. I am technical but never thought much about it back then. There is a boiling frog. The 90s internet was used for searching and silly emails. Now it has you life in the cloud. But that didn't happen in a day.
Counterpoint: when web communication was unencrypted it was before we did our banking, tax filing, sent medical records, and sent all other kinds of sensitive information over the internet. The risks today are not remotely the same as they once were.
always used my own encryption and cyphered any sensitive data/communications, but the problem is that most people won't and you're often compromised by them
simple solutions like Whatsapp, Signal and ADP brought this to the masses - which some governments have issues about - and this makes a massive difference to everybody including those who wouldn't be caught dead using an iphone anyway
if we could go back to the early 1990s when only professionals, Uni students, techies and enthusiasts used the internet I'd go in a heartbeat but that's not the world we're living in
You've always been able to perform encrypted backups to your own local PC or Mac out of the box, so people who do care about privacy have always had that option.
One thing I've found concerning is that Apple had encrypted cloud backups ready to roll out years ago, but delayed releasing the feature when the US government objected.
> After years of delay under government pressure, Apple said Wednesday that it will offer fully encrypted backups of photos, chat histories and most other sensitive user data in its cloud storage system worldwide, putting them out of reach of most hackers, spies and law enforcement.
Yes, I was mad before it existed and didn't use icloud backups. With the E2E and ADP I turned it on. If it gets nuked in the US I'll go back to encrypted local backups only.
People learn stuff over time. If you are not living like RMS you probably are allowing something to spy on you. If that spying gets removed you become aware. You don't want it back.
It is like anything that gets better. Fight for the better. It is like aviation safety: who cares about a few crashes this year when people didn't complain in the 70s.
- e2e encryption is not ubiquitous yet, but awareness is ascending.
- distrust for government also is on the uptrend.
- more organized dissent to preserve privacy.
No people didn't assume data was encrypted.
Yes E2E has been possible for many decades, but businesses don't have privacy as a priority, sometimes even counter incentives to protect it. Personal data sells well.
Things have changed because more people are getting to understand why it matters, forcing the hand of companies having to choice but at least feign to secure privacy.
Apple has been advertising security and privacy as a top feature for years now. It would make sense for people to get upset if those features were removed.
iCloud and iPhones have traditionally resisted US governmental overreach, only giving data to iCloud in cases of actual criminal prosecution against specific individuals. As well, iPhone backups in iCloud is relatively new, as are many other arbitrary storage features — it used to just be your songs and your photos! Now it’s data from all of your apps and a full phone backup. Hence the resistance: the stories of police being unable to recover data from a locked iPhone may now be over
iCloud did a lot less, in the past. Disabling it now gives you access to more data than it did a few years ago. And I also suspect it has far more users today than it did a few years ago.
People were mad. Remember the Snowden leaks and PRISM program from NSA? [1]
In fact, Apple began to adopt “privacy” first marketing due to this fallout. Apple even doubled down on this by not assisting FBI with unlocking a terrorist suspects Apple device in 2016. [2]
It was around that time I actually had _some_ respect for Apple. I was even a “Apple fanboy” for some time. But that respect and fanboi-ism was lost between 2019 and now.
Between the deterioration of the Apple ecosystem (shitty macOS updates), pushing scanning of photos and uploading to central server (CSAM scanning scandal?), the god awful “Apple wall”, very poor interoperability, and very anti-repair stance of devices.
The situation was not something existed since the beginning of time, it evolved gradually. Long ago not that much and not that many critically private data was circulating the net, it increased and got essential living online by time, in some instances forced in an increasing portion of situations. Worry then had no grounds yet. As exposure of the population grew, so did the benefit for adverse elements breaking online data stores, growing in numbers fast, not all made properly in the headless chase of success. Damage and hence awareness grew gradually.
But basically yes, people are stupid and gave no shit but believed all f nonsense, the marketing frauds made them eating up their crap happy if it had pretty words and pictures, promising something halfway to Paradise. Like the Cloud mirage. Those of careful personality were cautious since the first time Apple and alike pushed on people giving up control over their own data for tiny comfort (or no comfort eventually due to all hostile patterns in the full picture) not putting all and every precious or slightly valuable stuff to some unknown server on the internet protected only by hundreds of years old method: password (so not protected at all essentially). Memories, contacts, schedules, communications, documents, clone of their devices in full, putting all into 'cloud' (much before secure online storage became a thing)? Many times to the very same one? Who are that much idiots, really?!
The problem here is not with iCloud but with the U.K. government. People like to tell themselves the government isn’t actually trampling their rights but events like this make it impossible to ignore.
The nightmare continues.
For now I am using 3rd party backup services that are (currently) promising me that my backups are encrypted by a key they do not have access to, or control over.
But can this even be believed in an age where these secret notices are being served to any number of companies?
I suppose the next step would be to ensure that files don't ever arrive in the cloud unencrypted, but I have yet to see a service that allows me to do this with the same level of convenience as, say, my current backup solution, which seamlessly backs up all my phones, my family members' phones, my laptops, their laptops etc.
I depend on having an offsite backup of my data. Which inevitably includes my clients' data also. Which I am supposedly keeping secret from outside access. So how does that work once everything becomes backdoored?
In the case of the U.K., they can throw you in jail for not handing over your encryption key, so it’s a moot point. They’ve been slowly expanding this power for twenty years now.
Not for content in the cloud, as far as I understand. Someone will correct me, but you can be arrested and threatened with terror charges if you dont unlock your device, but this does not give them permission to access other computers via the internet.
ive been through all this with the law. no one ever got jailed for not handing over encryption keys unless they were a definitive criminal and theres strong evidence there is criminal data on the device.
they tried this with me (NCA) but the judge wouldnt sign off as they had nothning on me or my device. this did however REALLY want to access it! fuck them. pricks
Ah yes, the “we have all the power but pinky promise to only use it on the bad guys” playbook. I have complete confidence and trust in that promise. /s
Convenience usually comes at a cost. You shouldn't have to trust anyone. Just use a generic storage service and only upload encrypted files to it. Syncthing + Rclone will probably get you a similar setup that you control.
IMO the only thing you can have a high level of trust in is your own *nix server. Backup those devices to it then encrypt there before being sent to the cloud.
Handling the encryption yourself is the way to go, but for maximum security, don't send that encrypted data to the cloud. Keep it all on your own server(s).
That doesn't help people who aren't technically capable, of course. But at least those who are can protect themselves.
I'm sympathetic to the J.D. Vance angle, which is that European governments are increasingly scared of their own people. This is not doing a lot to change my mind.
Governments should be scared of their people, though not in the way that I expect Vance means.
It's certainly better than the opposite, where citizens and residents are scared of their government, which wields the power to deprive them of their freedom, possessions, and life.
>Governments should be scared of their people, though not in the way that I expect Vance means.
A guillotine once in a while for some politicians/bureaucrats will do some good. There is a rich history of the French doing it. I'm not even trying to be funny.
To give you a counterpoint: from this side of the pond it is extremely surprising to see how effective Vance's speech has been in distracting a good proportion of the American public. Which, I have to suspect, was the real point.
They are not scared of people, but of working, doing their job, especially when it is difficult (catching criminals). They expect the job to be done for them by others, on the expense of everyone, while they collecting all the praise.
On sympathetic to Vance I did not really found a presentable reaction, would not find on any other accidentally agreeable sentence leaving his mouth (very low chance btw.). Talking a lot about all kind of things sooner or later will hit something acceptable, which will not yield an unacceptable and destructive to society figure sympathetic.
You also should be aware of practices and conducts the various US security services practice (and probably all governemnts out there), if not from news or law but at least from the movies. When we come to the topic of who is afraid of their own.
Exactly, it's the same thing with the Chat Control law in the EU and it reminds me of the scene in the movie Office Space where the consultants are trying to figure out who is doing what in the company.
Basically instead of doing their jobs, the cops expect Apple, Meta et al to intercept all the data, then feed it into some kind of AI black box (not done by them but contracted out to someone else at the taxpayer's expense) that will then decide if you get arrested within the next 48H (I am exaggerating but only slightly)
What are the cops doing instead of doing their jobs? That's my question. Aren't they paid to go out and catch the criminals or do they simply expect to get the identity of people each day that need to be investigated?
Well put. It's pretty much impossible to sympathize with Vance saying this when the administration he is a part of is scaremongering about "the enemy within".
As a citizen, I don’t understand what the UK government thinks they are getting here - other than the possibility of leaks of the nation’s most sensitive data.
Also is it not possible to set up my Apple account outside of the UK while living here?
> other than the possibility of leaks of the nation’s most sensitive data
Amusing when you consider the National Cyber Security Centre (NCSC, a part of GCHQ), along with the Information Commissioners Office, both publish guidance recommending, and describing how to use, encryption to protect personal and sensitive data.
Our government is almost schizophrenic in its attitude to encryption.
And yet if I steal your money and refuse to give it back, or let you steal it back, you'll call that hypocritical. What does the size of an entity have to do with whether this is idiotic or not?
You're making the argument that the UK government will stop using encryption itself once the information about this becoming illegal makes it through the government.
It won't. The courts will refuse to force them to stop, and even if the courts attempt to force it, some government departments just won't listen, and be protected from the consequences.
This is another case of "the law applies to you, but not to me".
The law is that encrypted comms must be provided to the security services on request. This is not a problem for government agencies. It is not illegal per se.
>> Of course: it's not a monolithic entity. It's a composite of different parts that have different goals an interests.
> And yet if I steal your money and refuse to give it back, or let you steal it back, you'll call that hypocritical.
That's a bad analogy.
> What does the size of an entity have to do with whether this is idiotic or not?
Because it's not about the size, and I said nothing about the size. It's about it being composed of different minds, organized into different organizations, focused on different goals.
It's just not going to behave like one mind (without a lot of inefficiency, because you'd need literal central planning), because that's not the kind of thing that it is.
I suppose they don't believe certain facts engineers are telling them. With Brexit it was coined "Project Fear". Now they're being told that adding backdoors to an encrypted service almost completely erodes trust in the encryption and, as in the case with Apple here, in the vendor. However, I suppose it is very hard to find objective facts to back this. I'd guess this is why Apple chose to both completely disable encryption and inform users about the cause.
Now we're probably just waiting for a law mandating encryption of cloud data. Let's see whether Apple will actually leave the UK market altogether or introduce a backdoor.
In the US, the NSA has always had both missions (protect our country’s data and expose every other country’s data). Since everyone uses the same technology nowadays, that’s a rather hard set of missions to reconcile, and sometimes it looks a little ridiculous. As of fairly recently, they have a special committee that decides how to resolve that conflict for discovered exploits.
I mean, this is no different than one part of the government suggesting running laundry at night to reduce the environmental impact of energy use, while another suggests only running it while awake to reduce fire hazard. Governments and corporations rarely have complete internal alignment.
Correct me if I'm wrong here, and maybe this is too charged for HN, but looking over at you guys from the US:
The US has problems (don't get me wrong, look at our politics, enough said); but the UK seems to be speedrunning a collapse. The NHS having patients dying in hallways; Rotherham back in the popular mind; a bad economy even by EU standards; a massive talent exodus (as documented even on HN regarding hardware engineers); a military in the news for being too run down to even help Ukraine; and most relevant to this story - the government increasingly acting in every way like it is extremely paranoid of the citizens.
There's a lethargy, but it's hardly speedrunning. Things will be the same or slightly worse in a decade. I'm not sure I can say the same for the US, it seems different this time.
> The NHS having patients dying in hallways
Sadly routine in winter. Nobody wants to spend the money to fix this. Well, the public want the money spent, but they do not want it raised in taxes.
> Rotherham back in the popular mind
The original events were between 1997 and 2013. The reason they're back in the mind is the newspapers want to keep them there to maintain islamophobia. Other incidents (more recently Glasgow grooming gangs) aren't used for that purpose.
> a bad economy even by EU standards
Average by EU standards. But stagnant, yes.
> the government increasingly acting in every way like it is extremely paranoid of the citizens.
They've been like this my entire life. Arguably it was a bit worse until the IRA ceasefire. Certainly the security services have been pushing anti-encryption for at least three decades.
Yes - that is my impression as well as someone currently living in London.
Literally ever single system that I have to interact with seems to be somewhere on the spectrum between barely functioning and complete disfunctionality, with almost very few exceptions that come to mind.
By system in this context I mean every institution, service provider, company, business... everything.
Couple that with low salaries across the board - including the "high paying tech jobs in London" with price increases that are out of control with no reason to believe this is ever going to stop you end up with a standard of living significantly lower than let's say for example the EU countries of Eastern Europe.
Currently trying to figure out where to go next
Well Albanians apparently want to live in Norwich, leading to a bizarre anti-propaganda campaign with bleak black-and-white photography to convince them it's horrible.
It isn't? Huh, you're right, a lot of the Balkans aren't, I did not know that.
I don't think anywhere in the EU really describes itself as Eastern Europe, though. That's Ukraine, Belarus, Moldova. So really just Romania, sometimes.
Literally quite a significant number of EU countries describe themselves as Eastern European, what you said is factually wrong.
At this point I am considering your replies as either trolling or interacting in bad faith.
I'm an immigrant to the UK. I have lived here permanently for 21 successive years, though I was actually in and out of the UK for years before that. My current anecdotal feeling about the UK is at a pretty low point.
If it was an option, I would seriously look to emigrate again, but I honestly don't know where. The most appealing option for me is Australia, but my age works against me. I know everywhere has its issues, but I'm just so worn down by the horrible adversarial political system and gutter press in the UK right now. We seem unable to do anything of note recently. A train line connecting not very much of the UK has cost so much money, and in the end it hasn't even joined up the important part.
I don't know, life is good at a local level. I am privileged and live in a fantastically beautiful town, and life here is safe and friendly. If I ignored everything else for a while it would probably do me good.
Australian law explicitly prohibits requests that have someone "implement or build a systemic weaknesses, or a systemic vulnerability, into a form of electronic protection" - including any request to "implement or build a new decryption capability", anything which would "render systematic methods of authentication or encryption less effective", anything aimed at one person but could "jeopardise the security or any information held by another person", anything which "creates a material risk that otherwise secure information can be accessed by an unauthorised third party".
This UK request as reported would not be legal in Australia.
btw, anyone know if this cancels Apple+ Support too? I’ve been resisting switching countries because I don’t want to lose that subscription since you can only subscribe within 60 days of device purchase.
I don't know, they've definitely been cracking down on journalists over the past year. Could be an attempt to crack down harder / create a chilling effect
> Also is it not possible to set up my Apple account outside of the UK while living here?
The ability to turn on Advanced Data Protection does seem to be tied to your iCloud region (as of now I can still turn it on, and I’m in the UK but have an account from overseas).
full control on everyone they deem as an opponent. in UK being dimmed and oponent is about posting the wrong meme or even standing in the wrong street at the wrong moment.
> Online privacy expert Caro Robson said she believed it was "unprecedented" for a company "simply to withdraw a product rather than cooperate with a government".
> "It would be a very, very worrying precedent if other communications operators felt they simply could withdraw products and not be held accountable by governments," she told the BBC.
Attributing this shockingly pro-UK-spy-agencies quote to an "online privacy expert" without pointing out she consults for the UN, EU and international military agencies is typical BBC pro-government spin. In fact, Caro, it would be "very, very worrying" if communications operators didn't withdraw a product rather than be forced to make it deceptive and defective by design.
The more I live I’m less concerned about what are often described as “bad actors”. The bad actors are often the state, and this kind of information is collected without thought to the risk of future politicians who don’t follow the rules or who don’t have any respect for the laws.
Through all history state security has been a thing. The Stasi and KGB are transparently state security forces to the West, but the CIA and MI5/6 are... what exactly?
The primary purpose of these agencies, despite what has been written down on paper, is NOT to protect the citizens of the countries that fund them. It is to protect the system that taxes those citizens.
States are not inherently good, they are just large organisations with a monopoly on certain social functions. All large organisations have the capacity to inflict terrible harm.
The current EU-UK adequacy decision[1] is up for review this 27 June [2] .
Aspects of the UK investigatory powers act is close enough to US FISA [2] that I think this might have some influence, if brought up. IPA 2016 was known at the time of the original adequacy decision, but IPA was amended in 2024 . While some things might be improvements, the changes to Technical Capability Notices warrant new scrutiny.
Especially seeing this example where IPA leads to reduced security is of some concern, I should think. The fact that security can be subverted in secret might make it a bit tricky for the EU to monitor at all.
This can set a dangerous precedent. Now why wouldn’t any country demand the same, basically eliminating Advanced Data Protection everywhere, making user data easily accessible to Apple (and therefore governments)?
Why do pro-privacy tech folks on here act like Apple is some charity? Apple is a business. It won't fight a citizen's fight on your behalf. It is on citizens to use their democratic power to ensure their representatives act as the voting base wants. Apple's goal is to make money. The government is a representation of your will.
> Apple is a business. It won't fight a citizen's fight on your behalf.
Being a business does not remove ethical considerations. And I’m an environment where corporations are considered people, it seems reasonable to expect some degree of alignment with normal citizens.
> Apple's goal is to make money. The government is a representation of your will.
The government is increasingly not a representation of the collective will, and is instead captured by those corporations.
I can’t help but feel the “but they exist to make money” line too often ignores the many ways this is not a sufficiently complex explanation of the situation.
Corporations are people in the legal sense not in any other philosophical way. Just like non-humans proposed for personhood, they are not entities expected to behave ethically. Like a dog, you set rules and apply punishments when they breach it. You don't argue ethics with a dog because they are not relevant to them
People always get this wrong. Corporations are not people. They just have certain rights like owning property. Corporate personhood != full personhood.
lol. It literally does. This is a great example. You believe this is an ethical issue. Other shareholders (you are a shareholder, right?) could disagree and now there is a lawsuit. “Complying with national law” seems like an easy win for them.
Because while a business goal is to make money, it is not necessarily, unlike what you have 80% of the people here believe, to make the most money possible. Ethics can exist in businesses too.
This, plus privacy is in Apple's brand. Without this and other Apple-esque things (lack of bloatware etc.) you may as well get a Samsung for 2/3 price.
I mean they could have tried not complying, and fighting a lawsuit at the ECHR (right of every person to a private life). Takes money and time but more attractive than the other options.
They could pull out of the UK, and to hell with the consequences, but then if the EU decide to do the same thing, or the US, or China says "hold my beer", then the problem becomes much larger.
Losing the UK market wouldn't impact Apple that much - it'd be a hit to the stock, of course, but as a fraction of worldwide business, it isn't that huge. Larger markets would be a bigger issue.
When UK demanded a backdoor to e2ee in iMessage, Apple told them they’d rather get out of UK. Why not do the same here? You’re posing a false dichotomy.
To my knowledge, Apple has always said that their response would be to withdraw affected services rather than break encryption.
> Apple has said planned changes to British surveillance laws could affect iPhone users’ privacy by forcing it to withdraw security features, which could ultimately lead to the closure of services such as FaceTime and iMessage in the UK.
What would that change, effectively, other than have Apple lose money?
The UK would still lose ADP (and then also just Apple products in general). A precedent would still be set.
Your posing a strictly worse third option. Sure, it's an option, I guess. Apple could also just close down globally, as a fourth option. Or sell off to Google as a fifth. But I was trying to present the least-bad option (turn off ADP), rather than an exhaustive list.
Depends on if the US emperor and his cronies have the UK's backs on this issue. If they don't, calling the bluff would work, there's zero chance the UK gov would ban Apple products without US approval. The backlash among the public would be far worse than the TikTok ban. Imagine all companies using Macs. The order of power here is US > Apple > UK.
It isn't really a precedent. Companies, even high-rolling American tech companies, have to abide by the laws and regulations of the countries that they operate in. I guess there is a question of whether this is a legal demand that they truly had to follow, or just a request, and whether they could fight it in court, but Apple seems to be hoping to adjudicate it in the court of public opinion (apparently the initial backdoor request was secret and it got leaked).
That was Apple's interpretation : That to comply with what the UK requested they would have to have the same thing everywhere.
But of course that is nonsense, and Apple could theoretically have a nation-specific backdoor (e.g. for accounts in a given country a separate sequestered decryption key is created and kept in escrow for court order).
I mean, Apple "complied" by disabling ADP just in the UK. They undermined their own "worldwide" claim, as ADP still works everywhere else, and the UK has no access.
The keys are stored only in the Secure Enclave. Encryption and decryption are handled outside the standard CPU and OS. This is hardware-level protection, not just some flag on a cloud account to be flipped. The only way for Apple to break this system is to break it for everyone, since anything else would risk bleed over or insufficient compliance.
I think that's right, and I think the UK will tell them so, and the issue will escalate.
Perhaps, if the UK continues to push, Apple will indeed pull out of the UK, but it'll make it as public as possible and tell the world who it was that forced its hand and what the consequences are - and I don't think the UK government is going to like that result.
they're non-complient but they made it a lot harder for the UK to fight. by showing that the "backdoor" is disabling the feature, for the UK to pursue this further, the need a judge to rule that the UK has the authority to prevent an American company from providing a feature in America.
IANAL but that's not for any of us to decide. Depending on their initial motivations, the UK might consider this to be enough to rescind the demand for a backdoor. If it's not then Apple will face going to court and in that case they could choose more extreme actions like ceasing business in the UK.
> They undermined their own "worldwide" claim, as ADP still works everywhere else, and the UK has no access.
Disagree. There is a difference between ADP being unavailable in one country and it working differently in that country. Implementing a backdoor would mean changing the way ADP works.
What are you actually supposed to do in the UK if you oppose this sort of thing to stop laws like this coming in? It feels like the government has been incredibly out of touch for the last number of years.
Probably the best on the civil liberties front are the Liberal Democrats (they were pretty good at quashing mandatory national ID cards back in the day, at least).
That being said, they still have a lot of folk angry at them for allowing university fees to be introduced 15 years ago when they were in coalition government (a Tory policy!).
> UK's other notoriously effective regulations like... checks clipboard ...TV licenses and the alcohol ban on public transport
I'm not quite sure what you are getting at with this, but I'd like to add some context for others.
There is no blanket restriction on alcohol consumption on public transport in the UK. Individual transport operators are allowed to prohibit drinking as a contractual requirement (very common for bus companies); alternatively, local councils can establish a bylaw to restrict it more generally. However, people can and do drink on the majority of British trains; some even sell alcoholic drinks on-board.
Presumably not, politicians have a way of excepting themselves in these types of laws. It's almost as if they understand the need for privacy, they just fail to apply that understanding to any scenarios beyond their own.
I meant that Apple's decision to withdraw ADP applies to them, not the Investigatory Powers Act. Or are you saying that Apple will give them a free exemption?
In the case of Linux Mint, I can check the commit history, build the software myself and even validate it against public checksums. It is expressly defended against these types of attacks, making it an odd choice to single out.
This is Apple condeeding. Apple lost. UK Government got (almost) what they wanted - a backdoor into iCloud accounts.
Apple's only consolation prize is that its limited to UK users for now. But it seems inevitable that ADP will gradually be made illegal all around the world.
Given that they’ve only prevented new signups it looks to me more like Apple is trying to apply pressure to the U.K. government to get them to back down. The law that permits this was passed in 2016 so the situation was default lost already.
They have said all existing ADP enabled accounts will be disabled or deleted in time. They need to give people time to migrate their data out before they nuke it.
There was a lot of campaigning against the Investigatory Powers bill when it was introduced. It didn't help much given the people in power want more power regardless of where they sit on the political spectrum.
I can't imagine many here (UK) will really care, we've had multiple breeches of privacy imposed on us by the powers that be. - Removed incorrect assumption of this not being reported.
And I guarantee that the reaction from most people will be "good, I have nothing to hide so I have nothing to worry about". The apathy around this stuff in the UK is unbelivable - I've been trying to point out that hey, for years now something like 17 government agencies(including DEFRA - department of agriculture lol) can access your internet browsing history WITHOUT A WARRANT and that's absolutely fine. ISPs are required to keep your browsing history for a year too. Again, nothing to hide, why would I worry about it.
The same is happening Europe-wide too. Everybody always points to the GPDR legislation. You know what is a feature of the GPDR too?
Every European government (even some non-EU ones) can grant any exception to anyone to the GPDR for any reason. And, of course, every last one has granted an exception to the police, to courts, to the secret service, their equivalent of the IRS, and to government health care (which imho is a big problem when we're talking mental health care), and when I say government health care, note that this includes private providers of health care, in other words insurances.
Note: these GPDR exclusions includes denying patients access to their own medical records. So if a hospital lies about "providing you" with mental health treatment (which they are incentivized to do, they get money for that), it can helpfully immediately be used in your divorce. For you yourself, however, it is conveniently impossible to verify if they've done this. Nor can you ask (despite GPDR explicitly granting you this right) to have your medical records just erased.
In other words. GPDR was explicitly created to give people control over their own medical records, and to deny insurance providers and the IRS access. It does the exact opposite.
Exactly the sort of information I would like to hide, exactly the people I would find it critical to hide it from. In other words: GPDR applies pretty much only to US FANG companies ... and no-one else.
So: if you don't pay tax and use that money to pay for a cancer treatment, don't think for a second the GPDR will protect you. If you have cancer and would like to get insured, the insurance companies will know. Etc.
Even though its making the media headlines today, 99% of UK citizens will forget this tomorrow and it will fade into the mists of time. Just like evey other security infringement that any government has imposed on its citizens.
The Mulford Act (https://en.wikipedia.org/wiki/Mulford_Act), a California gun control act that prohibits open carry, was originally passed back in the 60s to disarm the Black Panthers.
How? the Black Panthers were infiltrated and undermined by COINTELPRO and effectively destroyed from within, meanwhile the white supremacist capitalist system they fought against persists.
Their biggest success as far as I know is starting free school lunches in the US, but that wasn't at gunpoint.
> In the UK, there's no right to bear arms, so people are pretty helpless against their oppressing government.
When people want to revolt it doesn’t seem like the right to bear arms has much to do with it. Not having the right to bear arms certainly hasn’t stopped countless rebellions and revolutions across the world. It’s not like the French of the Russians had a right to bear arms before their successful revolutions.
Even in the UK, the lack of a right to bear arms didn’t stop Cromwell using firearms to defeat Charles II at the Battle of Worcester.
The UK seems to be actively covering up the mass rape of little girls and throwing dissidents in prison. They've sustained mass immigration for decades against their own peoples' will. The US just shook off, at least in part, the same mass immigration and the same clamping down of free speech in the US. It's not the only bar, but I would definitely consider it a resounding success. I can't help but think the 1st and 2nd amendment play a part because the 1st is obviously implicated and the 2nd is required to maintain the 1st.
> The UK seems to be actively covering up the mass rape of little girls
They're doing the worst cover up ever given grooming gangs and where they operate have been headlines in the UK for decades.
What they're not very good at is keeping the UK citizens at large well informed with a realistic sense of proportion given the scale of child sexual abuse far exceeds the activities of grooming gangs.
Technically I guess you're right, but one hopes that the foundations of British democracy provide its citizens with the tools to fight against an oppressive government. The only rub is getting them to stand up and do that.
Like what? Britain is a constitutional monarchy. Its foundations anticipated an oppressive king, not an oppressive parliament. Britain never had a revolution, it never had free speech to begin with. It seems to me that what made Britain successful in the past is maladaptive to its current situation.
Small arms are no match for drones and a fully armed military, a successful rebellion by any populace against a first world military is impossible unless the military lays their arms down voluntarily, full stop.
Every time this argument comes up, I just feel like rolling eyes, it is so overplayed.
Yes, in a direct confrontation and an all out war, the populace stands no chance against the US military (assuming the military will unwaveringly side against the populace), no argument there.
But an all out war is not an option, the government wouldn’t be trying to pulverize an entire nation and leave a rubble in place. If you completely destroy your populace and your cities in an all-out direct war, you got no country and people left to govern. It is all about subjugation and populace control. You can’t achieve this with air strikes that level whole towns.
Similarly, if the US wanted to “win” in Afganistan by just glassing the whole region and capturing it, that would be rather quick and easy (from a technical perspective, not from the perspective of political consequences that would follow). Turns out, populace control and compliance are way more tricky to achieve than just capturing land. And while having overwhelming firepower and technological advantage helps with that, it isn’t enough.
I roll my eyes when I see this blissfully naive LARP/mallninja imagined scenario, but I do have to remind myself that the US was founded on the basis of forming a milita etc. and I would probably say the same thing if I had that upbringing. You forget that the vast majority of people are stupid and easily scared (this is not a solvable problem)
Help me out - how can policing possibly work if no one is legally required to be policed? You just end up with murderers, rapists etc. expressing their right to "resist" with arms like in spaghetti westerns. It is totally symbolic, and would crumble at the first instance of serious government interest of arresting 'troublemakers', which would of course start with a well crafted PR campaign to get the rest of the public on their side. I think it's naive.
This feels like a strawman because you’re only hypothesizing a situation in which it wouldn’t work well.
Imagine a dark future with a sudden military coup by a small faction of extreme radicals that 85% of the population opposes. could enough citizens rise up and stop them? Could the calculus of being that coup leader be changed by the likelihood that they will be assassinated in short order, by one of millions of potential assassins? Quite possibly. These are not everyday concerns, of course, but the concerns of dark and dangerous times. It’s a bit like buying life insurance: hopefully I never need it.
A first world military that has remotely piloted drones with IR cameras and other surveillance tools will have no problem crushing any form of resistance. They don’t even need to field any troops, they can remotely kill the rebels. How on earth do you wage a rebellion against such a force?
American police will shoot people dead in the streets with impunity, the military industrial complex engages in constant wars regardless of popular sentiment and the American government is currently being carved up by neo-nazis and oligarchs but you can legally be racist on the internet. I guess it truly is the land of the free.
You're currently delusional in a very particular way and that's fine. I'm looking forward to you finding your way and things turning out much better than you expect (at least in the US) in six months.
NO, it's the wrong choice. Most people do not understand this stuff enough to truly care about, and they just want their devices to work. This is an awful decision by Apple. There's really nothing consumers can do to pressure the British government.
Exactly. There is a technological disconnect for a lot of people. They accept actions like this because they don't fully appreciate, IMHO, the ramifications. We do, and we must do more to educate people.
Right but then you are jailed at Heathrow for not unlocking your phone.
The UK has made it clear that Counter Terrorism legislation has no limits in UK law even if that means compromising all systems and leaving them vulnerable to state actor attacks.
MPs will continue to use encrypted messaging systems that disappear messages during any inquiries of course.
But it would be up to him, wouldn't it? I think that's the main deal here: cart blanche access to your data, or giving into someone's bullshit fishing attempt because it's inconvenient.
I'm in a similar position. Strongly considering replacing my iPhone with a Pixel. But I realize I'm vulnerable via cloud services. GrapheneOS won't save me from someone poking through my Dropbox. I'll have to find another option for that too.
As far as I know you can still opt to backup your entire iPhone to a local computer instead of iCloud.
You can also manually transfer photos to the computer. Or you can enable a different app (Google Photos or Dropbox for example) to store copies of every picture you take, and then turn off iCloud Photos.
Note that neither Google nor Dropbox are E2E encrypted either though.
Doing it locally doesn't really help. The RIP bill can force you to disclose your own encryption keys to the UK government, and if you "forgot them" you can be put in jail as if you were convicted of whatever they're accusing you of.
That's why cloud backup was useful.
[edit: actually I mis-remembered this, it's "only" 2 years (or 5 if it's national-security-related) that they'll jail you for. "Only" carrying a lot of water there...]
For this you can use truecrypt nested containers, so it will reveal data depending on your given password and there is no way to prove there is something else in the container.
The simplest arrangement for me was to have the device back up to my Mac, and then said Mac has Time Machine set up to back up to the NAS. iOS and Mac local backups can be encrypted by the OS itself.
The reason is that Apple was never required by UK law to offer any alternative. I think the DSA intended to challenge that, but it would do nothing for UK residents.
The best time to turn on ADP was before this happened. For folks not in the U.K., the second best time is right now. The more people who use it, the more disruptive it will be to turn off.
Keep in mind there are some risks with any E2EE service! You’ll need to store a backup key or nominate a backup contact, and there’s a risk you could lose data. Some web-based iCloud services don’t work (there is a mode to reactivate them, with obvious security consequences.) for what it’s worth, I’ve been using it for well over a year (including one dead phone and recovery) and from my perspective it's invisible and works perfectly.
Open the Settings app.
Tap your name, then tap iCloud.
Scroll down, tap Advanced Data Protection, then tap Turn on Advanced Data Protection.
Follow the onscreen instructions to review your recovery methods and enable Advanced Data Protection.
On Mac
Choose Apple menu > System Settings.
Click your name, then click iCloud.
Click Advanced Data Protection, then click Turn On.
Follow the onscreen instructions to review your recovery methods and enable Advanced Data Protection.
I'm guessing this is because they haven't figured out a way to do it yet. I'm not very well versed in how these systems work but surely this type of encryption can't be disabled by Apple remotely (or they would have that backdoor they don't want)?
The Bloomberg article has a little more detail about this:
> Customers already using Advanced Data Protection, or ADP, will need to manually disable it during an unspecified grace period to keep their iCloud accounts. The company said it will issue additional guidance in the future to affected users and that it does not have the ability to automatically disable it on their behalf.
Wow, thanks for sharing! I thought that might be the case but "disable it or we'll have to nuke your data" seems so extreme I thought there must be a better way.
They will either just automatically turn it off in a future device software update, or they'll just post a deadline after which they will delete user data and prevent sync if it isn't disabled by the user.
If you care, then it's time to ditch iPhone and Android phones altogether. It's not like anything they offer will be safe. You need to invest instead in a FairPhone with e/OS or a PinePhone or some similar alternative. Something where you have complete control of the software and ideally the hardware.
"Existing users' access will be disabled at a later date."
Hmmm how? How can they decrypt your already end-to-end encrypted and uploaded data without you entering the passphrase to do so? I can understand them removing the data from iCloud completely, or asking you to send the keys to Apple, but I don't understand how they can disable the feature for already uploaded data.
I am going to say something a bit controversial around here, but all of this E2E and security stuff is just lip service for marketing to consumers.
These companies have to comply with so many laws and want cozy relationships with governments, so they play both sides. It likely does things differently, but if the keys are not secure, then its not secured
>> Lowering the data protection of it's citizens in comparison to the rest of the world. I was under the impression governments were supposed to protect their citizens.
This depends on whether you see "citizens" as individuals or as a group.
In other words it's possible that to improve the security (and thus protect) the majority, the rights of individual citizens need to be eroded.
For example, to protect vulnerable citizens from crime (the cliche of child porn is useful here, but it extends to most-all crime) it's useful for prosecutors to be able to collect evidence against guilty parties. This means that the erosion of some privacy of those parties.
Thus the govt balances "group security" with "individual privacy". It has always been so. So to return to your original hypothesis;
>> Lowering the data protection of it's citizens in comparison to the rest of the world.
... and also, making it easier to detect and prosecute criminals, and thus protect the citizens from physical harm.
Now, of course, whenever it comes to balancing one thing against another, there's no easy way to make everyone happy. We all want perfect privacy, coupled with perfect security. Some will say that they'll take more privacy, less security - others will take more security and less privacy. Where you stand on this issue of course depends on which side you lean.
More fundamentally though there's a trust issue. Citizens (currently) do not trust governments. They assume that these tools can be used to harm more than just criminals. (They're not wrong.) If you don't trust the govt to act in good faith then naturally you choose privacy over security.
The smartphone is a terrible platform. Something like this could never happen on the PC, where you can install any encryption and backup software that you want.
While Apple did the right thing by refusing to give the UK government a backdoor, they are responsible for getting users in this situation in the first place.
I'm not familiar with the iPhone and maybe there is already an alternative to iCloud ADP, although that would make this whole situation completely nonsensical.
If we are saying "secure", we should talk about what we are securing and against whom.
A smartphone may be secure against malicious individual actors but its certainly not the most secure when it comes to your private data. Modern day smartphone is designed to maximize capturing your private information like location, communication patterns, activity and (sometimes) health information and pass it on to as many private players(a.k.a apps) as possible, even to governments without your knowledge. You don't have much control over it.
In that aspect it is less secure than your typical PC. A PC doesn't have that level of private information in the first place and whatever information it has will leak only if you opt-in or get infected by malware.(recent Windows versions without necessary tweaks may be considered a malware by some).
Plenty of people access their health records, etc. on a PC via files downloaded to random places on their computer. Are you trying to just say smartphones have a lot of sensors and are carried around in intimate places?
But along with that also comes a massive pressure point for rogue states to take advantage of. With a diversity of services this would not be nearly as possible.
I haven’t checked lately but since it launched the iPhone has allowed the owner to choose whether to back up to Apple’s servers (which would be affected by the UK order) or back up to their local computer.
It's not an either-or, actually, even though the setting is worded like it is. But even if you have cloud backups enabled, you can still manually trigger a local backup.
Actually I think you can backup and restore your iPhone on Linux using libimobiledevice. They reverse engineered the protocols for the backup and restore service running on your iPhone.
While Apple especially under Tim Cook has done a lot questionable acquiescences under Cook for political expediences, they really didn’t have a choice here. It was the law.
Now going back on Twitter to get in the good graces of President Musk and bringing TikTok back to the AppStore even though it is clearly against the law is different.
They did have a choice. They could have said they will just get out of UK. That would have resulted in enough political turmoil in UK that their government would roll back this stupid law. Apple chickened out.
> Now going back on Twitter to get in the good graces of President Musk and bringing TikTok back to the AppStore even though it is clearly against the law is different.
If you don't want to be sued by activist investors, you need a good reason for that, and to be able to tell those investors what else you tried first before escalating that far if you eventually do pull out of a market.
Abandoning the UK market would hurt Apple more than it would hurt the UK. They are not a nation-state, Apple cannot wage diplomacy by threatening the government, they can only shoot their own foot off and say it was for the good of everyone.
It would also partially validate the EU's regulation if they abandoned the UK but stayed in Europe. Apple very much doesn't want to feed either side a line.
Then instead of mandating a backdoor to cloud data, the UK would just mandate backdoor access to the devices themselves, again forcing Apple's hand to either comply or GTFO, if they want it bad enough.
We're losing the fight, and people are as apathetic as ever around privacy and security issues.
Besides, never trust E2EE where you don't control both ends, but everyone here should have already known that.
They heavily compete on "privacy" and "security", so I wouldn't expect them to. Additionally, once you start rolling with one government, every one wants you to do something for them while offering you no additional money for the work and weakening of your project.
But Apple is not giving the UK Government anything they didn't already have. Now iCloud encryption will function in the UK just as it has for years (decades?) before the inception of ADP.
Devil's Advocate (meaning I don't agree with this, in fact I disagree with it, but I don't see this argument being made anywhere and think it would be interesting. If you're one of the people who are offended by this practice of people steel-manning "the other side" and only want to read comments that affirm your position, please don't read this comment).
Question: Wouldn't it be better for Apple to build a UK-only encryption that is backdoored but is at least better than nothing? If Apple really cared about people's privacy, why just abandon them?
My position: No because this is a war, not a battle. Creating a backdoored encryption would immediately trigger every government on the planet passing laws banning use of non-back-doored encryption, which would ultimately lead us to a much, much worse world. Refusing to do it is the right thing IMHO.
The UK's law here is specifically targetting encrypted data globally.
> The UK government's demand came through a "technical capability notice" under the Investigatory Powers Act (IPA), requiring Apple to create a backdoor that would allow British security officials to access encrypted user data globally.
Without Advanced Data Protection, your data is still encrypted at rest, it's just that Apple safeguards the encryption key. The purpose of ADP is to remove control of this key from Apple, so that it's impossible for Apple to leak your data to any third party, even if they are compelled to.
So to me, backdoor encryption seems like it defeats the whole point of ADP, no? But if not - even if there is some tiny marginal benefit - cryptography is extremely expensive to get right. It's doubtful that it makes financial sense to Apple to develop a new encryption workflow for a single country for very slight security benefits.
And it still wouldn't be complying with the UK's demands anyways. The UK demanded access to accounts worldwide. If Apple is going to be non-compliant, then they might as well be non-compliant the easy way.
Apple could have disabled iCloud completely for UK users. This would protect both UK users and other users who’s data would also been captured in an iCloud backup.
They would lose some money on services, but would have been the better choice to stand up to the UK government and protect the UK users.
It's fine to continue providing the service as long as people know it's not encrypted. I am not worried about my photos being subpoenaed; I am worried about losing them. I'd rather have the service.
They are not the first country to do this. Apples advanced security features are rolled out non-uniformly across global markets. You get different capabilities, depending on where you are and where your account is resident, it would be great if there was a website that listed the countries and the security protections Apple provides in those countries.
If you have ADP, Leave it on and have them automatically delete it at some point? Otherwise yes.
“Customers who are already using Advanced Data Protection, or ADP, will need to manually disable it during an unspecified grace period to keep their iCloud accounts, according to the report. Apple said it will issue additional guidance in the future to affected users and that it "does not have the ability to automatically disable it on their behalf."
It's just a shame that Apple didn't include the contact details for the Home Office officials responsible as the place for inquires regarding the matter.
Current days' UK is mostly a bunch of draconian laws, the political elite disrespecting "their" people (common European scenario) and third-world economic immigrants fucking up the country even further.
I'm confused. I thought iCloud was end-to-end encrypted anyway, and I've never heard of ADP before. Is ADP encryption at rest, whereas normal iCloud storage is only encrypted from the device to the server?
This provides an incentive for Apple computer users to do the right thing: Stop storing sensitive data on Apple servers. Unfortunately, due to Apple's pre-installed proprietary operating systems that phone home incessantly, that may be more challenging than it should be.
Not relevant to the Apple story but as a general comment on UK surveillance/search/detainment laws: Five Eyes means the US just needs to get their citizen into the UK for their partner to gain access that the US doesn't have to their citizen. The reciprocity possibilities are endless.
Wonder what the cost/benefit looks like from Apple's perspective.
If this requirement increases the proportion of data on Apple's servers that is now unencrypted (or encrypted but which can be trivially unencrypted), that could be a huge plus to Apple; more data to use for ad targeting (or to sell to third parties), and more data to train AI models on.
Could moves like this by other repressive regimes finally open the door to consumer-owned, consumer-controlled, decentralized cloud storage systems that are fully encrypted and inaccessible by any agency or individual except by the owner?
Would be a beautiful thing to see. Not sure how storage would work though since you cannot take payment (that would make it centralized), and storage would have to be distributed, but by who?
iTunes backup is perfectly reasonable alternative to iCloud that retains e2ee, I don't know why they were dissing it. It can back up everything that iCloud can and it's automatic, you just plug your phone in, no lock in tactics.
Interacting with any device running iOS requires Apple software (or reverse engineered hacks) for many features.
However, in this case, the point is that you can use Apple software to make a local backup (and you can enforce the "local" part by doing so offline), and then use whatever you want to encrypt and stash away the resulting files.
Could this be the catalyst for the rise of third party encryption companies that operate in UK?
Or perhaps, rise to third party self host E2E cloud solution?
Can someone explain what's changed in the UK that they would consider requesting unfettered access to all Apple customer data (including outside their own borders)? I get that the NSA is infamous for warrant-less surveillance, but this seems a step further.
This isn't warrant-less, it's with a warrant. This isn't really a change the UK, it's the UK trying to adapt to the proliferation of E2E encryption - ten years ago, law enforcement could always access your messages, now the default if you're on whatsapp/iMessage is they can't because E2E is on by default. UK lawmakers aren't happy with a default position of the state being totally incapable of reading messages, no matter what the law says.
It might not be cryptographically sensible, but it is responding to a real change in the strength of the state.
Labour Party was elected six months ago. It is doubling down on existing government surveillance policy as a cure-all weapon to investigate and chill opposition, and to humble foreign tech companies.
It is "just" the domestic intelligence agency ordering Apple to backdoor their own system be able to supply data for lawful interception. As I read the article, it's not a UK backdoor in the sense they can roam around in every users data. The domestic agencies still need to follow the rules of lawful interception, namely they need a warrant, and it is targeted at UK nationals only. At least that is how I read the article.
This is part and parcel of the collapse of western capitalism (aka American empire). You get two main choices when capitalism fails - fascism or communism/socialism. It's clear that the UK has chosen fascism (either liberals like Labor or extreme right like Reform).
That choice exists only in cases in which the people can effect a revolution. The UK elite is too strongly in control of the country through its establishment, so, it will be a loud tumble down the hillside towards fascism...
So instead of building a back door they're just completely removing the option to use E2E encryption altogether, thus making everything freely available to government by default?
How is that not worse or at least equivalent to a back door?
>How is that not worse or at least equivalent to a back door?
It's bad for the citizens of the UK and better for everyone else on the planet with an iPhone. UK citizens should be angry with their government, not Apple.
It _is_ equivalent to a back door, that's the point. The UK demand can be accessed more rapidly and properly by disabling the feature than by implementing a backdoor, since it is the same thing.
I think the iCloud services is based on the region of your Apple Account. So you could theoretically use a US region Apple Account and enjoy iCloud services. But that means you won't get UK region apps, except in the app store you can switch to different Apple Accounts as you please, so you can have multiple accounts for different regions (which is what I do).
Ugh. Is this by App Store country? Anyone know what happens if I already have it configured? I’m actually in US App Store region and sometimes switch to UK… I wonder if that would disable it.
concessions afer concessions we gave away our freedom. the axis of good is mostly responsible for this but the opposition also wanted to remove anonymity and freedom from the web.
no one fought when the democrats called snowden or assange russian spys for revealing clinton corruption. they just blindly sided with their own corrupt political party and gave away freedom. just like previous govs censored trump, banned political opponents they created a precedent and opened the door to the end of freedom. its now beyond politics, we should fight for the last moments of freedom we have before its too late.
ok so while being AI safety concerned.. uk politicians go ahead and remove humanity's single logical control tool that they have to keep AI in check.. encryption maths.
Eu isnt 'planning' anything like that. Some Euparl MPs backed by people like Ashton Kutcher tried to push a law to spy on all chat apps. Then when the dirty web of American-style regulatory manipulation was exposed, they backed off. It was a proposal for a law by some MPs. Not something 'Eu' did.
They backed off "for now". They are trying this for ages, did you forget about ACTA and Von der Leyen's past censorship attempts in Germany? Have you read the DSA? Of course the EU is planning to go full authoritian in the name of "protecting democracy".
What EU is planning with chat control is much worse. The UK still requires a warrant to access your iCloud data. EU wants to force companies to install spyware on your devices that will monitor whatever you send or receive in real time without any probable cause or suspicion.
Not really? We've had horrors like the 2000 RIP[0] well before Brexit. The Blair government made a huge dent in civil liberties and the Tories carried it on.
This is why Scotland needs independence. It was once and with it chained by the UK, they're squeezing everything they can. Look at Wales, just pets for the UK. Scotland is an actually pretty awesome country but like Canada is kept pet by a leader. The only thing that could save this shitshow is Scotland getting independence. Lets be honest here. You thought Boris Johnson was bad ripping holes left right and center. Trump makes Boris look like a pet rat. And that's an insult to real rats.
Your comment history reeks of differentiated, sensible arguments...
Overall quite ironic as in plain sight to anyone reading the news in the last two years, almost all of Western Europe sees rising right wing and extreme right wing parties.
Nothing is happening to it. Governmental overreach, and then if people really want encryption they will vote in privacy-friendly officials. Here in Oregon, USA, we have Ron Wyden, who knows more about netsec than most IT graduates.
As long as you can vote there is still civil liberty, just vote for the right people who care about this stuff.
It means Apple has the encryption keys to your backed-up data. So they can, in theory, access it, if the UK Gov demands that they do. That might never happen to you, but with ADP it would have been impossible, because even Apple can't access it.
Potentially. It really just means your data is stored unencrypted, so anybody that has access to Apple's servers can access your data. I don't believe any government has open access to Apple's servers, but they can get a warrant.
They always could. With advanced data protection they could not. The law mandated to add a backdoor to allow the government to also see encrypted data (which made the encryption insecure by definition). Apple refused to comply so you don’t even have the option to encrypt your backups now.
This is a good reminder that the one who cares about privacy and security cannot rely on closed-source products from commercial companies; don't be deceived by marketing slogans.
“Apple said it will issue additional guidance in the future to affected users and that it "does not have the ability to automatically disable it on their behalf."”
They control the software running on your device, and said software ultimately has access to the encryption keys stored there (subject to the usual hoops; e.g. it might need you to do a FaceID unlock first, but it's not like you aren't already doing that many times every day).
I really wish they would sit down and negotiate this more openly. The silence from the other players is what really makes me uncomfortable. The fact that only Apple is making a stand against this ask is really scary.
The problem with that is that if the user loses their key, their account is no longer recoverable. As things are with ADP, enabling it comes with a bunch of warnings about that, and IIRC it also forces you to print out the recovery key for safe storage.
Honestly I'm surprised that rather than trying to build stupid backdoors and such, tyrannical governments don't just try to make a encryption key database. They hold ALL the keys and can get into anything they want, anytime they want. If you get caught with keys or encrypted data they can't access, punishment ensues.
Like if you're gonna try to eliminate privacy and freedom, just be honest and open about your intentions.
This was done under the Investigatory Powers Act which was brought in in 2016. Saying that Labour weren't exactly against it at the time. Point being snooping isn't left or right - they all love it.
The Blairite wing of that party has always been extremely bad with this kind of thing (see Tony Blair's obsession with ID cards over the decades) so it's unsurprising they'd push something like this.
Yes, countries lacking in proportional representation and having obscure procedures like proroguing parliament are the best at listening to important but fairly obscure issues from their voters. </s>
Does this mean I should treat travel to the UK the same way as China and only bring a burner device with no information on it or on cloud backup accounts?
Border control agents in all countries -- including the US -- have fairly extensive powers to search your devices or deny you entry. I'm not sure this decision should change your calculus on that point.
If you own an iPhone then nothing can come close to the feature set of iCloud. Apple just have it on lockdown and dont expose the functionality that would be needed for a competitor to take advantage of this.
A great time for all people to jump to android IMO and experience the freedom of choice it gives you.
You do realise that the UK government is, and always has been, notorious for surveillance. They haven't changed since before WW2 and probably never will, even if Apple suddenly decides to play hardball with them.
And to be very, very honest, if you look across the Five Eyes nations, I don't think this is much different from what other countries deal with when it comes to access to data. You had PRISM, the trick of asking other countries for access to their own citizens data to avoid scrutiny, and Apple delaying the implementation of E2E in the US after federal agencies got pissed about it. The list goes on for a long time. At least in the UK, the government is so detached from commoners hurt feelings that they ask for what they want explicitly, with no fear of political consequences.
He was stuck in an airport when his passport got cancelled. It's not really a free choice if you can't go anywhere else, and planes suspected of carrying you get forced to land, even if by virtue of being denied airspace access until they run out of fuel.
freedom to _what_? Corruption is high, media is pretty restricted under Orban, and it doesn't look all that great for freely expressing your identity either. Whether Poland will follow their direction or manage to turn around is still up in the air.
You're only more "free" there if you have the money to bribe officials.
Snowden didn’t go to Russia because of the government there “valuing personal freedoms,” he went there bevause it is one of the very few major countries that absolutely will not cooperate with any extradition requests from western countries.
If you are thinking of going to east europe (and especially Russia) in search of personal freedoms, I got a bridge to sell you (for context, I grew up in Russia). The only “freedom” some of those countries might provide is the freedom from the long reach of the hands of western governments (and even that is a “maybe”, as Andrew Tate has been discovering recently).
Kremlin has full access to every service operating in Russia. If a service is banned in Russia, that's a service you should use. If it's not banned, it already has a backdoor.
The United States has the strongest laws for freedom of speech. You can't get arrested and face years of criminal legal trials, ending in an £800 fine for making a joke with your dog in America. Police won't show up at your house for Facebook posts like they do in Aussiestan. American courts probably won't take your infant away from you and force a medical procedure on it like in Kiwistan just because you wanted to use your own blood donors for the operation.
It's been degrading in the US too. Xitter is not at all a free speech platform and that technocrat says whatever he has to for popularity until he can chip your brain. Cutting a few million in wasteful government spending doesn't make up for how he loves China and deeply desires their level of autocracy.
America's laws have somehow held in-spite of presidents that seek to crush it (yes, both of them, both sides. They're the same. Stop believing the headlines and read the damn articles). Although defamation law has been weaponized to neuter some forms of speech and reporting.
There is an internal push by the CIA in America to further destabilize it and cause radical elements in the fake-left and fake-right to call for more authoritarianism. It's not a great nation, but sadly it is the last bastion of true liberty .. and it's eroding every day from every side.
In 20 years there might not be anywhere to flee to. Fight for your country. They can't put every British person in prison if everyone decided to tell the truth.
> American courts probably won't take your infant away from you and force a medical procedure on it like in Kiwistan just because you wanted to use your own blood donors for the operation.
Whenever someone writes "just" in a case like this I can tell there's a complicated, ugly legal case that's being grossly misrepresented, and quite possibly one where no responsible journalist is reporting because of child privacy issues/laws.
The problem with both British and American surveillance state authoritarianism is it's hugely popular with the public when used against the ""wrong"" people. You might have "free speech" (subject to qualifications such as Comstock and their modern day equivalents) but you're much, much less likely to be shot and killed by the police - or a random stranger - in the UK.
Dubai, even as an international hub where you may be able to get by with English — لا تضيع وقتك باستخدام دولينجو لتعلم اللغة العربية، لقد حاولت خلال الوباء وما زلت لا أعرف الأبجدية — is much more authoritarian than the UK. Similar for Singapore.
If you're monolingual, and privacy is your concern, then the US is an improvement over Australia.
But also consider Canada and Ireland.
Ireland isn't in Five Eyes, Canada is, but also Canada is slightly further away from the madness of Trump etc. than any company still inside the USA.
I'm not even sure what's going to happen with the US federal government given that DOGE cannot meet its stated goals even by deleting all discretionary-budget federal agencies like the NSA, CIA, FBI, all branches of the armed forces, etc. but on the other hand the private sector is busy doing a huge volume of spying anyway in the name of selling adverts… chaos is impossible to predict, and you should want to predict things at least a few years out if you're going to the trouble of relocating.
That's true, and I suspect Ireland does not do as much surveillance as many other countries, but if I recall correctly, it does have a passphrase-or-prison law like the UK. I also get the sense that in a number of cases, it tends to view its laws as suggestions, for example, with the autism dossiers scandal [1], and in some sense, gets away with it in the way that a small country can. To me, it feels like a country where you don't need to worry about organized, systemic surveillance abuses, but do need to worry about departments or even individual employees who decide that they just don't like you.
No, EU is NOT "all for privacy". I don't know where this myth comes from but I see it repeated here often.
1. EU is pushing for mandatory on-device scanning of all your messages (chat control). The current proposal includes scanning of all videos and images all the time for all citizens. The proposal started with analyzing all text too. The discussions are happening behind close doors. EU Ombudsman has accused EU commission of "maladministration", no response.
2. EU is allowing US companies to scan your emails and messages (ePrivacy Derogation). Extended for 2025.
3. EU is pushing for expansion of data retention and to undermine encryption security (EU GoingDark).
"The plan includes the reintroduction and expansion of the retention of citizens’ communications data as well as specific proposals to undermine the secure encryption of data on all connected devices, ranging from cars to smartphones, as well as data processed by service providers and data in transit." https://www.patrick-breyer.de/en/eugoingdark-surveillance-pl...
4. EU is pushing for mandatory age verification to use email, messengers and web applications. Citizens will be required to use EU approved verification providers. All accounts will be linked back to your real identity.
5. "Anonymity is not a fundamental right": experts disagree with Europol chief's request for encryption back door (January 22, 2025)
Do you still believe EU is all for privacy? EU's privacy is deteriorating faster than in any other developed country / bloc. Some of these proposals have been blocked by Germany for now but that is expected to change after the upcoming elections.
< EU is pushing for mandatory on-device scanning of all your messages (chat control)
Again and again, 'Eu' is not pushing anything like that. A few Euparl MPs backed by those like Ashton Kutcher did.
> Eu isnt 'planning' anything like that. Some Euparl MPs backed by people like Ashton Kutcher tried to push a law to spy on all chat apps. Then when the dirty web of American-style regulatory manipulation was exposed, they backed off. It was a proposal for a law by some MPs. Not something 'Eu' did.
The EU has been pushing to pass the Chat Control law for the last 3 years which is even worse because at least in the UK the government would still need to get a warrant for the data they want whereas the EU wants to analyze your chat messages, emails and pictures in real time without cause or need to justify themselves.
The fact of the matter is that if the EU was, as it's been said, for privacy this proposal would not have been on the table in the first place. It should have been stopped 3 years ago but here we are again fighting for our rights and our privacy.
And it doesn't matter how many times it gets shot down by some of the countries in the EU, the commission changes a few words and starts the process all over again because they know that sooner or later they will get it through.
You can't have it both ways. You either are for privacy or you are not. If you are then this proposal should never have seen the light of the day and the people pushing for it should have been given a warning that this was off-limits.
Instead they are biding their time so that when the time is right they can come back with a slightly altered but still incredibly damaging proposal hoping that it will pass.
The EU pro-privacy stance is joke. They want access to the same data as the US except they don't have the courage to come out and say it so they wrap it in a nice little gift bag with the words "protect the children" on it.
This is hypocrisy in it's purest form. Then some governments in the EU have the gall to call out authoritarians regimes around the world when they crack down on dissent and free speech? Give me a break!
See my comment above, it doesn't matter that it was voted down. The point is that it was allowed to go to a vote in the first place.
How do you square being pro privacy but at the same time demanding to have unlimited access to all chat messages, emails, pictures and so on of all your citizens without the need for a warrant, without justification and without the citizens having any say on the matter?
The answer is that you can't. You either are for privacy or you are not.
As for not applying to the UK, that is a moot point because as soon as the EU gets it's wish then the UK will demand the same kind of access. Why would the UK government turn down such an opportunity?
Not a surprise from TwoTierKier, who like most socialist government, has a natural tendency to lock dissidents, suppress their fundamentals rights, send the police to to people who posted this or that online...
Why would they say to all new users, that they cannot have Advanced Data Protection, whereas older customers can?
Now you have a certain percentage of users with encrypted data, and a certain percentage of users that do not. The UK government will not like that. And now Apple has shown that it will not take a stand for privacy it might have to do it to comply.
I'm not suggesting Apple should be able to see the content, I'm saying the Police should be able to, when they have a valid court order issued in accordance with the legislation.
For example, A 'Personal Recovery Key' could be recorded in a police database.
To gain access to 'encrypted' data from Apple, a court order is needed, once they have the encrypted data, they can unencrypt it using the key only they hold.
> A 'Personal Recovery Key' could be recorded in a police database.
That's about as secure as not having ADP at all, or worse. If that police database gets compromised, not only my data is accessible to the attackers, but I will be none the wiser about it.
An attacker would have to both compromise the police database AND Apple to retrieve the data.
The Key could even be split, say 3 ways. Apple holds 1 piece, the police hold another, and the Courts hold the third, all three would be needed to decrypt the data.
This is too far in to the weeds though.
It is not beyond humanities ability to have a system as secure as ADP while still providing a mechanism to access terrorists phones for example.
Leaving aside the fact that RIPA was drafted by deranged lunatics and deserves zero compliance from anyone, who the hell would you trust to run this database?
Wow - how sad. To think the 2nd highest scoring post ever on hacker news is Apple's 2016 A Message to Our Customers. A display of intelligence, morality and courage under great pressure: https://hn.algolia.com
How things have changed.
> In a statement Apple said it was "gravely disappointed"
I would much rather they were transparent, so that people can move services, rather than build a backdoor in secret, to appease the far-left Labour government.
Workers in tech jobs over the past few decades are the ones who are primarily to blame for the total degradation of the very notion of privacy, and our societies are, I think, reaping the consequences of this now in many ways.
This story didn't spring up out of nowhere, like a monster from under the bed. It's been a gradual decline since, let's say, the 90s or so.
I don't want to be vulgar, but the people who understood the best what was happening were mostly too busy taking large paychecks to get too upset about the whole thing. It got explained away, rationalised, joked about, and here we are.
Easier to push away the blame for a foot soldier, claiming to do things on orders or claiming to be absolutely f clueless where it leads, one is worse than the other. Thousands had to make this work and function as it is.
Still, this is a different topic than the government use of law enforcement for preserving the shity situation that was built by the industry and its actors just when the trend becomes of fixing what was made to be crap, just when people want to correct the f up of the ignorant collaborants.
Too right, it was far more problematic than they ever made out.
> The UK government's demand came through a "technical capability notice" under the Investigatory Powers Act (IPA), requiring Apple to create a backdoor that would allow British security officials to access encrypted user data globally. The order would have compromised Apple's Advanced Data Protection feature, which provides end-to-end encryption for iCloud data including Photos, Notes, Messages backups, and device backups.
One scenario would be somebody in an airport and security officials are searching your device under the Counter Terrorism Act (where you don't even have the right to legal advice, or the right to remain silent). You maybe a British person, but you could also be a foreign person moving through the airport. There's no time limit on when you may be searched, so all people who ever travelled through British territory could be searched by officials.
Let that sink in for a moment. We're talking about the largest back door I've ever heard of.
What concerns me more is that Apple is the only company audibly making a stand. I have an Android device beside me that regularly asks me to back my device up to the cloud (and make it difficult to opt out), you think Google didn't already sign up to this? You think Microsoft didn't?
Then think for a moment that most 2FA directly goes via a large tech company or to your mobile. We're just outright handing over the keys to all of our accounts. Your accounts have never been less protected. The battle is being lost for privacy and security.
> you think Google didn't already sign up to this?
My understanding is that Android's Google Drive backup has had an E2E encryption option for many years (they blogged about it at https://security.googleblog.com/2018/10/google-and-android-h...), and that the key is only stored locally in the Titan Security Module.
If they are complying with the IPA, wouldn't that mean that they must build a mechanism into Android to exfiltrate the key? And wouldn't this breach be discoverable by security research, which tends to be much simpler on Android than it is on iOS?
My assumption is that Google has keys to everything in its kingdom [1].
[1] https://qz.com/1145669/googles-true-origin-partly-lies-in-ci...
> My assumption is that Google has keys to everything in its kingdom
If that were true, then their claims to support E2E encrypted backups are simply false, and they would have been subject to warrants to unlock backups, just like Apple had been until they implemented their "Advanced Data Protection" in 2022.
Wouldn't there have been be some evidence of that in the past 7 years, either through security research, or through convictions that hinged on information that was gotten from a supposedly E2E-protected backup?
It is possible to set up end to end encryption where two different keys unlock your data. Your key, and a government key. I assume google does this.
1. encrypt data with special key 2. encrypt special key with users key, and 3. encrypt special key with government key
Anyone with the special key can read the data.the user key or the government key can be used to get special key.
This two step process can be done for good or bad purposes. A user can have their key on their device, and a second backup key could be in a usb stick locked in a safe, so if you loose your phone you can get your data back using the second key.
E2EE means only your intended recipients can access the plaintext. Unless you intend to give the government access to your plaintext, what you described isn’t E2EE.
Is that google's definition or your definition? not being rude, but its pretty easy to get tricky about this.
Since you are sending the data to google, isn't google an intended recipient? Google has to comply with a variety of laws, and it is likely that they are doing the best they can under the legal constraints. The law just doesn't allow systems like this.
If Google is employing this “one simple trick”, they will get sued into the ground for securities fraud and false advertising.
history already proved you wrong. companies offering backdoor to abusive law enforcement are never sued.
they also employ things like exempt cases. for example, Whatsapp advertise E2E... but connect for the first time with a business account to see all the caveats that in plain text just means "meta will sign your messages from this point on with a dozen keys"
It’s the lying that gets companies in trouble.
The claim is that Google has implemented a security weakness and lied about it in claims to customers and investors.
Show me another company that did this, was exposed, and was not sued.
You are extremely naive if you think a company the size of Google or Microsoft or Apple will face any serious consequence from lying about E2EE actually being open to various governments.
They have lawyers aplenty, governments would file amicus briefs "explaining" E2EE and so on. Worse case they'll settle for a pittance.
What's the intended recipient of your message? It's not Google, right?
You're discussing encryption in transit vs encryption at rest in this thread.
I agree with you, but these abstract technical systems have enough wiggle room for lawyers and marketers to bend the rules to get what they want
> E2EE means only your intended recipients can access the plaintext.
No, it does not. It means that only endpoints - not intermediaries - handle plaintext. It says nothing about who those endpoints are or who the software is working for.
Key escrow and E2EE are fully compatible.
No, it is not. This is precisely why we have the term E2EE. An escrow agent having your keys but pinky promising not to touch them is indistinguishable from the escrow agent simply having your plaintext.
Unless you’re fine with the escrow agent and anybody they’re willing to share the keys with being a member of your group chat, in which case my original point still stands.
Edit: I think you might be confusing your personal intention (ie I wanted this to be private but didn't realize the service provider retained a copy of the keys) with the intention of the protocol (ie what the system is designed to send where). Key escrow is "by design" whereas E2EE protects against both system intrusions (very much not by design) as well as things like bugs in server software or human error when handling data.
> is indistinguishable
Technically correct (with respect to the escrow agent specifically) but rather misleading. With E2EE intermediary nodes serving or routing a request do not have access to it. This protects you against compromise of those systems. That's the point of E2EE - only authorized endpoints have access.
The entire point of key escrow is that the escrow agent is authorized. So, yes, the escrow agent has access to your stuff. That doesn't somehow make it "not E2EE". The point of E2EE is that you don't have to trust the infra. You do of course have to trust anyone who has the keys, which includes any escrow agents.
If we used the definition "only your intended recipients can access the plaintext" ... well let's be clear here, an escrow agent is very much an "intended recipient", so there's no issue.
But lets extrapolate that definition. That would make E2EE a property of the session rather than the implementation. For example if my device is compromised and my (E2EE) chat history leaks suddenly that history would no longer be considered E2EE ... even though the software and protocol haven't changed. It's utterly nonsensical.
Well, WhatsApp backups claim they are E2E encrypted, but there’s a flow that uses their HSM for the encryption key, which still feels like some escrow system.
https://engineering.fb.com/2021/09/10/security/whatsapp-e2ee...
> Key escrow and E2EE are fully compatible.
Wild to see someone on HN even entertain this idea.
It's literally the point of key escrow. My views on a given practice are entirely irrelevant to the definition of the relevant terminology.
Manufacturers have lied about E2EE since the beginning. Some claim that having the key doesn't change that it's e2ee. Others claim that using https = e2ee, because it's encrypted from one end to the other, you see? (A recent example is Anker Eufy)
The point is that the dictionary definition of E2EE really doesn't matter. Being pedantic about it doesn't help. The only thing that matters is that the vendor describes what they call E2EE.
Google intends you and the government as recipients of data here.
Would that still count as E2E-encrypted if another party has access? That would still count as lying to me.
To call it lying is just arguing about the meanings of words. This is literally what lawyers are paid to do. The data payload can be called end to end encrypted. You can easily say to the user that "your emails are encrypted from end to end, they are encrypted before it leaves your computer and decrypted on the receivers computer" without talking about how your key server works.
Systems that incorporate a method to allow unlocking using multiple keys don't usually advertise the fact that this is happening. People may even be legally obligated to not tell you.
Well Wikipedia says this about E2E:
“End-to-end encryption (E2EE) is a method of implementing a secure communication system where only communicating users can participate. No one else, including the system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to read or send messages.”
So if you send another set of keys to someone else, it’s obviously not E2E.
> To call it lying is just arguing about the meanings of words.
Or, as us lowly laypeople call it, lying.
TIL man in the middle = e2e encryption.
E2E encryption is not the same as MITM. You’re not adding anything useful to the conversation.
E2E encryption is not vulnerable to MITM. E2E encryption is vulnerable only to how many keys there are and who has access to them.
If someone except the communicating parties has access to the keys, it’s not E2E encrypted anymore though. At least according to this definition:
https://en.wikipedia.org/wiki/End-to-end_encryption
SO if google still has access in an E2E system, but you didnt know, is it still E2E?
What if google told you they also have a key? Does that change the above answer to the question?
That depends on the definition of "end".
To say nothing of the definition of "definition", or at least a common understanding.
https://m.youtube.com/watch?v=gRelVFm7iJE
It depends on what the meaning of the word 'is' is
Is the source code for every binary blob present on an Android device available for inspection, and is the code running on every Android device verifiable as having been built from that source?
> or through convictions
If they wanted to use this evidence for a normal criminal case, they would just do parallel construction.
Would it be possible that they feel that the revelation of this backdoor would be too big of a loss so that any of these theoretical cases of the past 7 years have used parallel construction to avoid revealing the encrypted data was viewed?
That’s a big and brittle conspiracy. You have to have little to no defectors. It’s not a stable equilibrium
> Wouldn't there have been be some evidence of that in the past 7 years, either through security research, or through convictions that hinged on information that was gotten from a supposedly E2E-protected backup?
I wouldn't count on it. The main way we'd know about it would be a whistleblower at Google, and whistleblowers are extremely rare. Evidence and court records that might expose a secret backdoor or that the government was getting data from Google that was supposed to be private could easily be kept hidden from the public by sealing it all away for "national security reasons" or by obscuring it though parallel construction.
People are incredibly bad at keeping secrets. And there are a LOT of people at Google. I don’t buy it.
That’s why Rule #1 of Security, is limit access; regardless of clearance.
That’s why there’s all these security levels above “Top Secret,” which is really just a baseline.
I don't know the particulars, but in general, silence around a massive tech company on warrants does not mean "they said no and the feds decided to leave them alone"
A trivial method for circumventing code review is to simply push a targeted update of the firmware to devices subject to a government search order.
There are no practical end-user protections against this vector.
PS: I strongly suspect that at least a few public package distribution services are run by security agencies to enable this kind of attack. They can distribute clean packages 99.999% of the time, except for a handful of targeted servers in countries being spied upon. A good example is Chocolatey, which popped up out of nowhere, had no visible source of funding, no mention of their ownership structure anywhere, and was incorporated along with hundreds of other companies in a small building in the middle of nowhere. It just screams of being a CIA front, but obviously that's hard to prove.
The end user protection is to sign updates and publish the fingerprints. It should not be possible for one device to get a different binary than everyone else.
> Chocolatey, which popped up out of nowhere
Chocolatey assuredly did not "pop up out of nowhere" - it was a labour of love from Rob Reynolds to make Windows even barely usable. It likely existed for years before you ever heard of it.
> had no visible source of funding
Rob was employed by Puppet Labs to develop it until he started the commercial entity which now backs it.
> a small building in the middle of nowhere.
As I recall, Rob lives in Topeka, Kansas. It follows that his business would be incorporated there, no?
[dead]
Google didn't announce that they could no longer process geofence warrants because they no longer stored a copy of user location data on their servers until last October.
How much good does an encrypted device backup do when harvesting user data and storing it on your servers (to make ad sales more profitable) is your entire business model?
This would mean no independent security researcher has ever taken a look at Google Drive's E2EE on Android. Or those that did missed the part where the key is uploaded.
It's possible to decrypt this network traffic and see if the key is sent. It may be obfuscated though.
That's a bit silly seeing as e.g., https://www.npr.org/sections/thetwo-way/2014/03/20/291959446...
My assumption is that the NSA does too.
Could that be true and at the same time a 'vulnerability' exists that megacorp is party to?
> What concerns me more is that Apple is the only company audibly making a stand.
But still Apple operates in China and Google does not. This is weird to me. Google left China when the government wanted all keys to the citizens data. Apple is making a stand when it's visible and does not threaten their business too much.
Apple is not really in the business of protecting your data, they are just good at marketing and keeping their image.
> Google left China when the government wanted all keys to the citizens data.
Google left China after China started hacking into Google's servers.
> In January, Google said it would no longer cooperate with government censors after hackers based in China stole some of the company’s source code and even broke into the Gmail accounts of Chinese human rights advocates.
https://www.nytimes.com/2010/03/23/technology/23google.html
They were working to reenter the China market on China's terms many years later, when Google employees leaked the effort to the press. Google eventually backed down.
I'd imagine there were multiple factors that went into that business decision. Even if this was portrayed as the final straw.
China feels like an important difference here though. Google leaving China doesn't protect Chinese citizen's data any more than Apple turning off ADP in the UK does. As far as I know, Apple isn't pretending that the data of Chinese users is encrypted from their government, and the way they're complying with the Chinese laws shouldn't impact the security of users outside of China.
Apple pulling ADP from UK users is similar - the UK has passed an ill-considered law that Apple doesn't think it can win a court case over, so they're complying in a way that minimally effects the security of people outside the UK. If, as someone outside the UK, I travel to the UK with ADP turned on, my understanding is it won't disable itself.
Would you have been more satisfied if Apple just pulled out of the UK entirely? Bricked every iPhone ever purchased there? Google doesn't seem to have made any stand for security ever - them pulling out of China feels more to do with it meaning they wouldn't have had access to Chinese users' data, which is what they really want.
iCloud in China is operated by a local subsidiary. There is a dedicated screen explaining this when you set up an iCloud account in this region.
They adapt to the local rules of each region, much like they’re doing here in the UK.
It’s different. Apple follows Chinese law to operate their services in China, just like Microsoft.
With Google, their services are way broader. Operating a hunk of their search business with a third party Chinese firm just isn’t viable for their services, which are way more complex.
Perhaps Apple has a greater leverage in China due to its outsized manufacturing presence. And it's likely they already dont offer ADP to Chinese citizens.
> Perhaps Apple has a greater leverage in China due to its outsized manufacturing presence.
Perhaps china has greater leverage over apple in this case...
China had been an important area of growth for many companies during the 2010s. Apple bent over backwards to cater to that market. It was discussed in every financial release, and they obviously made tons of concessions for iCloud.
The UK just comparatively isn't that much revenue, and not worth the fallout.
> China had been an important area of growth for many companies during the 2010s. Apple bent over backwards to cater to that market
and it is the same with european car companies (like volkswagon). Look at where they are now.
I don't believe for a second, that china will not oust apple the moment there's a good reason to.
> And it's likely they already dont offer ADP to Chinese citizens.
AFAIK before UK only region with ADP was China.
lol you think Apple has more leverage than China? What world are you living in?
A world where HN commentators can read English.
Eh Google had pretty good reasons to not operate in China (not seeing them in this thread, don't recall the details precisely enough to relate here)
Apple is deeply embedded in China (manufacturing) and benefits from a decent (but shrinking) userbase in the country. China isn't asking for the keys to all iphone user data, just data stored in China.
> have an Android device beside me that regularly asks me to back my device up to the cloud
But is that backup encrypted? If it's not, all they need is <whatever piece of paper a british security official needs, if any> to access your data.
This is about having access to backups that are theoretically encrypted with a key Apple doesn't have?
> We're talking about the largest back door I've ever heard of.
Doesn't the US have access to all the data of non US citizens whose data is stored in the US without any oversight?
> Doesn't the US have access to all the data of non US citizens whose data is stored in the US without any oversight?
Totally agree. Having this discussion so US centred just makes us miss the forest for the trees. Apart from data owned by US citizens, my impression is that data stored in the US is fair game for three letter agencies, and I really doubt most companies would spend more than five minutes agreeing with law enforcement if asked for full access to their database on non-US nationals.
Also, remember that WhatsApp is the go-to app for communication in most of the world outside the US. And although it's end-to-end encrypted, it's always nudging you to back up your data to Google or Apple storage. I can't think of a better target for US intelligence to get a glimpse of conversations about their targets in real time, without needing to hack each individual phone. If WhatsApp were a Chinese app, this conversation about E2E and backup restrictions would have happened a long time ago. It's the same on how TikTok algorithm suddenly had a strong influence on steering public opinion and instead of fixing the game we banned the player.
International users that have Advanced Protection enabled would in theory be safe from all of the 3-letter agencies (like safe from those agencies getting the data from Apple...not safe generally).
Realistically we are talking about FISA here, so in theory if the FBI gets a FISA court order to gather "All of the Apple account data" for a non-us person, Apple would either hand over the encrypted data OR just omit that....
Based on the stance Apple is taking here, its reasonable to assume they would do the same in the US (disable the feature if USG asked for a backdoor or attempted to compel them to decrypt)
> its reasonable to assume they would do the same in the US (disable the feature if USG asked for a backdoor or attempted to compel them to decrypt)
I think it's more likely that Apple would challenge it in US courts and prevail. Certainly a legal battle worth waging, unlike in the UK.
This has already happened, and Apple did fight it in the US courts.
Eventually the US government withdrew their demand.
https://en.m.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption...
It's worth pointing out that just because the FBI didn't have the access they wanted, it doesn't mean that other agencies don't, or that the FBI couldn't get the data they wanted by other means (which was exactly what they ended up doing in that specific case). It just means that they wanted Apple to make it easier for them to get the data.
It's good that Apple refused them, but I wouldn't count that as evidence that the data is secure from the US government.
It's also worth noting that the US courts have long held that computer code is speech.
Apple's legal argument that the government's demand that they insert a backdoor into iOS was tantamount to compelled speech (in violation of the first amendment) was going over a little too well in court.
The Feds will often find an excuse to drop cases that would set a precedent they want to avoid.
Exactly.
https://en.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption_d...
Would your answer be the same if this encrypted data was stored in China instead of US?
I don't think messages should ever leave the device, if you want to migrate to a different device this could be covered by that user flow directly. Maybe you want to sync media like photos or videos shared on a group chat and I'm fine with that compromise but I see more risks than benefits on backing up messages on the cloud, no matter if it's encrypted or not.
I think the average human will disagree with you. They want to preserve their data and aren't technically competent and organized enough to maintain their own backups with locally hosted hardware. Even the technically literate encourage _offsite_ backups of your data.
Know your threat model and what actions your trying to defend against.
Typical humans need trusted vendors that put in actual effort to make themselves blind to your personal data.
Agree in principle, though WhatsApp backups are encrypted with a user provided password, so ostensibly inaccessible to Google or whoever you use as backup
What makes you think WhatsApp backups don’t have a secondary way to unlock the encryption key? Wouldn’t it be more logical to assume the encryption key for whatsapp backups can also be unlocked by an alternate “password”
If the US is willing to build an entire data center in Outback Australia to allow warrantless access to US citizen data, why wouldn’t they be forcing WhatsApp backups to be unlockable?
> Totally agree. Having this discussion so US centred just makes us miss the forest for the trees. Apart from data owned by US citizens, my impression is that data stored in the US is fair game for three letter agencies, and I really doubt most companies would spend more than five minutes agreeing with law enforcement if asked for full access to their database on ̶n̶o̶n̶-̶U̶S̶ ̶n̶a̶t̶i̶o̶n̶a̶l̶s̶ anyone.
> non US citizens whose data is stored in the US
They don't even care where it's stored...
See: CLOUD Act [1]
[1] https://en.wikipedia.org/wiki/CLOUD_Act
I honestly doubt they even limit themselves to the data of non-US citizens. They have no respect at all for the fourth amendment.
Android data isn't encrypted at rest (or at least not in a way Google doesn't have the key). If the uk gov has a warrant, they can ask Google to provide your Google Drive content. The whole point of this issue is Apple specifically designed ADP so they couldn't do that.
Android backups are encrypted at rest using the lockscreen PIN or passphrase: https://developer.android.com/privacy-and-security/risks/bac...
So not hugely secure for most people if they use 4-6 decimal digits, but possible to make secure if you set a longer passphrase.
I don't know what Google's going to do about this UK business.
edit: Ah it looks like they have a Titan HSM involved as well. Have to take Google's word for it, but an HSM would let you do rate limits and lockouts. If that's in place, it seems all right to me.
I wonder how hard it would be for the US government to force Google to just get the lockscreen pin off of your device or for them to just infect your device with something to capture it themselves.
Wrong. Google Android user cloud backups are E2EE by default.There is no option to opt out. Use Google's backup service and your data is encrypted at rest, in transit, and on device. aka end-to-end.
It's not just Google saying it. Google Cloud encryption is independently verified
> But is that backup encrypted? If it's not, all they need is <whatever piece of paper a british security official needs, if any> to access your data.
Based on them mentioning the difficulty of opting out, I presume OOP does not use Google's cloud backup.
> Doesn't the US have access to all the data of non US citizens whose data is stored in the US without any oversight?
Er, no...? I'm not sure where you get that idea. Access requires a warrant, and companies are not compelled to build systems which enable them to decrypt all data covered by the warrant.
See, for example, the Las Vegas shooter case, where Apple refused to create an iOS build that would bypass iCloud security.
I asked if your Android backup is encrypted. Implies I'm talking about unencrypted data.
> See, for example, the Las Vegas shooter case
I am not in Las Vegas or anywhere else in the US. So as far as i know all the data about me that is stored in the US is easily accessible without a warrant unless it's encrypted with a key that's not available with the storage.
> companies are not compelled to build systems which enable them to decrypt all data covered by the warrant
Again, not what I was talking about.
I'm merely pointing out that your data is not necessarily encrypted, and that the "rest of the world" was already unprotected vs at least one state. The UK joining in would just add another.
This is why Apple, and more recently Google, create systems where they don't have access to your unencrypted data on their servers.
> Google Maps is changing the way it handles your location data. Instead of backing up your data to the cloud, Google will soon store it locally on your device.
https://www.theverge.com/2024/6/5/24172204/google-maps-delet...
You can't be forced to hand over data on your servers that you don't have access to, warrant or no.
The UK wants to make this workaround illegal on an international basis.
Small correction.
Google had "created a system where they don't have access to your data on their servers" a couple of years BEFORE Apple. Android 10 introduced it in 2019.
Google didn't announce plans to stop storing a copy of user location data on their servers until the middle of last year.
See the story linked above.
They didn't announce that they could no longer access user location data on their servers to respond to geofence warrants until the last quarter of 2024.
> You can't be forced to hand over data on your servers that you don't have access to, warrant or no.
But you can be forced to record and store that data even if you don't want to.
Which is why Apple takes the stance that the users device shouldn't be sending data to the mothership at all, if it isn't absolutely necessary.
Compare Apple Maps and Google Maps.
Google initially hoovered up all your location data and kept it forever. They learned from Waze that one use case for location data was keeping your map data updated.
Apple figured out how to accomplish the goal of keeping map data updated without storing private user data that could be subject to a subpoena.
> “We specifically don’t collect data, even from point A to point B,” notes Cue. “We collect data — when we do it — in an anonymous fashion, in subsections of the whole, so we couldn’t even say that there is a person that went from point A to point B.
The segments that he is referring to are sliced out of any given person’s navigation session. Neither the beginning or the end of any trip is ever transmitted to Apple. Rotating identifiers, not personal information, are assigned to any data sent to Apple... Apple is working very hard here to not know anything about its users.
https://techcrunch.com/2018/06/29/apple-is-rebuilding-maps-f...
Google or Apple could be forced by authorities to perform correlation on the map tiles being requested by users under investigation. Not as accurate as GPS coordinates but probably useful nonetheless.
One more reason to prefer offline maps for those who value privacy.
Given that you can browse map data for any location, not just where you happen to be, I'm betting that triangulation data from your carrier would be more accurate.
Sure, triangulation of carrier signals could lead to more accurate position estimates, but if the carrier isn't based in the US they are under no obligation to make this data available to US authorities.
Apple and Google are based in the US so are bound by the CLOUD Act to provide any and all data they have upon request, no matter where in the world it is being collected or stored.
> all the data about me that is stored in the US is easily accessible without a warrant
No, law enforcement needs a warrant to legally access any data. This is why Prism was illegal, and why companies like Google are pushing back against overly broad geofence search warrants.
> This is why Prism was illegal
Yet it still existed, and was used for surveillance by 3 letter agencies. Why do you think this is any different?
No idea why the two of you are using past tense. PRISM is still very much alive and well.
All Encrochat evidence was illegal in at least three different ways. UK Law enforcement didn't care. They just lied.
No it wasn't.
The Dutch cracked and wiretapped it. It has been held not to be intercept evidence per RIPA so capable of being used in evidence.
Most went guilty because they caught red-handed in the most egregious criminality you've seen.
Encro was designed to enable and protect criminal communications. It had no redeeming public value.
People always overestimate how much companies will defy their government for you, legally or otherwise.
i think people focus on whether backups are encrypted too much. it really doesn't matter when the government has remote access equivalent to your live phone when it's in an unencrypted state, which they almost certainly do.
Also, I wondered if by complying with British law that they may somehow be breaking laws of another country?
Hypothetically, if Apple just provide a back door to the data they have on US Senators for instance, then providing that information may be considered treason by the US.
That's a totally made up example, and I have no idea, but it seems like it's possibly an issue.
Which is all about the issues around data sovereignty I suppose!
Treason is a very heavy charge and as far as I know it applies more to individuals. Can a company be prosecuted for treason? I guess it depends on the country and I don't know US law well (never even visited there)
But I'm sure local laws conflict heavily between countries yes. I'm often wondering how multinationals manage to navigate this maze. This is why we have such a big legal department I guess :) And the company I work for is a pretty honest one, I've never seen any skullduggery going on with eg privacy or media manipulation. In fact employees are urged to report such things and I have to do a course on responsible behaviour yearly. Probably a result of being purely B2B. But anyway I digress, just wanted to say that getting away with stuff does not seem to be the reason for us having a big legal dept.
But just look at the laws of e.g. the EU and Iran. Pretty diametrically opposed on many topics. There's no way to satisfy them both.
I think what helps to make this happen is that most countries don't try to push their laws outside of their jurisdiction. Which the UK is trying to do here.
That would not be treason, by a long shot.
Treason is the only crime defined in the constitution, and it is quite a high bar.
The king is a strict constitutionalist, who may disagree with you/ Pray he doesn’t.
> Treason is the only crime defined in the constitution, and it is quite a high bar.
Well, it's defined, or bounded above, in the constitution. It's not exactly a high bar:
> Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort.
So, if you happened to know Nicolas Maduro, thought he was looking stressed, and bought him some food, that would qualify as treason. There's no requirement that you act against the interests of the United States. The constitution will stop you from being prosecuted for treason for sleeping with Melania Trump. It won't stop you from being prosecuted for treason for completely spurious reasons.
> (where you don't even have the right to legal advice, or the right to remain silent)
A lot is posted about LEO's lying in the US, this seems worse.
> One scenario would be somebody in an airport and security officials are searching your device
No Heathrow connection necessary. “The law has extraterritorial powers, meaning UK law enforcement would have been able to access the encrypted iCloud data of Apple customers anywhere in the world, including in the US” [1].
[1] https://www.ft.com/content/bc20274f-f352-457c-8f86-32c6d4df8...
The US claims the same
https://en.wikipedia.org/wiki/CLOUD_Act
Lots of Americans in this thread seem to be talking down to other countries laws while being completely unaware of their own
Spot on, 727 comments, most probably by Americans, and only 2 (including yours) bringing up the CLOUD Act, the much worse US equivalent. Incredible ignorance.
Providing encrypted data and not providing encryption are two different things. The CLOUD act requires you to hand over data. It could be encrypted. The UK government is asking to hand over data that is also not encrypted. The two are not the same. Note : Not American.
> What concerns me more is that Apple is the only company audibly making a stand.
Meta also said they would make a stand if a similar request comes for WhatsApp. I'm not going to hold my breath though.
They wouldn't even be able to.
WA is end-to-end encrypted.
WhatsApp is closed source. They could backdoor it if they wanted to (or were forced to).
And so in Apple and iOS. What is your point?
His point was that it is technically possible for WhatsApp to add a backdoor. Apple could too.
With almost everyones backups stored in plain-text, making it all a little silly.
Think about it for a second: you can re-establish your WA account on a new device using only the SIM card from your old device. SIM cards don't have a storage area for random applications' encryption keys, and even if they did, a SIM card cannot count as "end-to-end" anymore. Same goes for whatever mobile cloud platform those backups might be stored on. And you'd hope Apple or Google aren't happily sending off your cloud decryption keys to any app that wants them. Though maybe they are?
Reestablishing your WhatsApp account on a new device doesn't give access to your old chat messages, you need to restore a WhatsApp backup for that. The backup doesn't need to be stored in the cloud, you can choose to create a local file and manually transfer that to your new device.
In any case, as soon as you start using WhatsApp on a new device, users in the chats you participate in will receive a message informing them that your encryption keys have changed.
You have no laws when traveling through immigration. Thats true in US too. There was an article (trying to look for it could be arstechnica verge I dont remember where) once where a US citizen journalist was detained at the border for hours while traveling into the US and questioned. You can be in the immigration for hours or even decades until you give out what they demand which can involve your unlocked phone and password. There are no laws protecting you.
I don't really understand your comment to be honest. Section 3 of the Regulation of Regulatory Powers Act 2000 allows for compelled key disclosure (disclosure of the information sought instead of the key is also possible). Schedule 7 of the Counter-Terrorism Act allows 9 hour detention, questioning and device search at the border. With these powers it isn't necessary to get access to iCloud backups, as you can get the device and/or the data.
I don't think the e2e icloud backup is problematic under existing legislation / before the TCN. While you can't disclose the key because it lives in the secure enclave, you can disclose the information that is requested because you can log into your apple account and retrieve it. IANAL, but I believe this to be sufficient (and refusing would mean jail).
The Investigatory Powers Act allows for technical capability notices, and the TCN in this case says (as far as we know) "allow us a method to be able to get the contents of any iCloud backup that is protected by E2EE for any user worldwide". This means that there is no need to ask the target to disclose information and if implemented as asked, also means that any user worldwide could be a target of the order, even if they'd never been to the UK.
Relevant info:
- https://wiki.openrightsgroup.org/wiki/Regulation_of_Investig...
I imagine they want the ability to look at someone's iCloud backups without notifying the owner that they are doing so or they want to do it when the owner is unwilling or unable to provide keys.
For the latter, there are a lot of cases where jail isn't much a threat (e.g. the person is dead or not in the country).
Also given automatic iPhone backup it might contain information they want as part of an investigation that they'd otherwise have to demand key disclosure for (if cloud backup didn't exist)... Absolutely.
The jail time for failure to comply with key disclosure is 2 years unless it is national security, then it is 5. But if you're organised crime and facing who knows what for being a snitch it might be better simply to do the time.
I can see why they want it. I just don't understand why the person I'm replying to said the feature (I think) was problematic. Not really a criticism, I'm just struggling to identify the tone and why 'too right' and 'more problematic than they let on'.
> Apple is the only company audibly making a stand
Apples stand is false, they take with one hand and give with the other. There have been many times that Apple have been caught giving user data to governments at their request, lied about it, then later on admitted it once it had leaked from another source.
This whole 'we will never make a backdoor' is a complete whitewash marketing stunt, why do they need to make a backdoor when they are providing any and all metadata to any government on request.
https://www.macrumors.com/2023/12/06/apple-governments-surve...
> There have been many times that Apple have been caught giving user data to governments at their request, lied about it, then later on admitted it once it had leaked from another source.
In other words, Apple complies with legal government orders, as they are required to. The government can compel them with a warrant to hand over data that they have, and can prohibit them from talking about it. That's the whole reason for the push towards end-to-end encryption and for not collecting any data Apple doesn't need to operate the products. This also ties into things like photo landmark identification, where Apple designed it such that they don't get any information about the requests and so they don't have any information that they could be compelled to hand to the government.
I think that’s the whole point of their push to E2E encrypt as much as possible. Saying they can’t unencrypted something worked for a while.
Your Android and Microsoft backup aren't encrypted. They are already fair game for a warrant.
Remember that the last fiasco was related to 2FA stores being stored unencrypted on google's backup cloud, namely google authenticator.
And yes, it's still pwnable this way, and happens regularly.
Everything in the cloud is not yours anymore, and you should always treat it like that.
What is going on in the UK? How do they stand for this?
Irrespective of political leanings, a lot of British people are saying this. They stand for it because they have to. It's a government that was voted in by a large margin only six months ago. Disquiet, if that's the word, is pretty much universal and I am not sure we've been quite in this position before. Keir Starmer's decline in approval ratings 'marks the most substantial post-election fall for any British prime minister in recent history'.
https://politicalpulse.net/uk-polls/keir-starmer-approval-ra...
This is a law enacted by the previous government.
When “misinformation” or “hate speech” are illegal, and the government decides what those are, you cannot risk complaining
"technical capability notice" under the Investigatory Powers Act (IPA)
Sounds a lot like the godawful "assistance and access" laws that were rushed through in Australia a couple of years ago, right down to the name of the secret instrument sent to the entity who gets forced into to building the intercept capability.
Now that Apple has caved once, I expect to see other providers strongarmed in the same way, as well as the same move tried in other countries.
Even more shocking that Germany - my country - leads the leaderboard with over ten times as much requests as the second place.
> the largest back door I've ever heard of.
Do you know of the clipper chip? https://en.wikipedia.org/wiki/Clipper_chip
From what I recall, we were only spared from it by someone hacking it before it was deployed.
> There's no time limit on when you may be searched, so all people who ever travelled through British territory could be searched by officials.
> Let that sink in for a moment. We're talking about the largest back door I've ever heard of.
Codename 'Krasnov' is the largest backdoor I have ever heard of. And, we only need to look at his behavior.
These E2EE from USA can be tainted in so many ways, and FAMAG sits on so much data, that codename 'Krasnov' can abuse such to target whoever he wants in West. Because everyone you know is or has been in ecosystem of Apple, Google, or Microsoft.
Whataboutism! Fair. From my PoV, as European, the UK government is (still) one of the good guys who will protect Europe from adversaries such as those who pwn codename 'Krasnov'. Such protection may come with a huge price.
how much distance between
1) tech monopoly strong enough to stand up to G7 nation state demands
2) tech monopoly strong enough to remove itself from G7 nation state jurisdiction?
edit: s/monopoly/empire, apologies
It's amusing to think of Apple as a "monopoly" (if anything they have a monopsony on TSMC production) but let's just replace that with "giant" for purposes of discussion.
Tech giants typically devolve local operations to small companies to avoid liability - think petroleum suppliers not owning gas stations (because those typically end up as superfund sites). Not sure if this analogy this works for Google Android and all the manufacturers that deploy it for their smartphones too.
So corporations have been doing this forever, trying to find legal loopholes where they can have their cake and eat it too.
[flagged]
Apple is not a monopoly.
And now imagine for a second that the only thing the UK is doing here is getting the same direct access that the US (NSA) has already had for decades.
This is why, while I applaud what Apple is doing here, they need to allow us to supply our own E2E encryption keys.
That’s literally what the feature they’re removing did.
Not exactly. It generates the keys for you and stores them on device in the Secure Enclave. You cannot "bring your own" encryption key, but the primary benefit of doing so--that Apple does not have access to it--is intentionally accomplished anyway by the implementation.
I’m not sure I appreciate the value of literally bringing your own keys. My device generating them on my behalf as part of a setup process seems sufficient. You’d use openssl or something and defer to software to actually do keygen no matter what.
I agree it seems sort of academic at first blush, but I'm going to venture a guess it's the idea that you own them, instead of Apple.
So you can eg. keep a backup on your own (secure) infrastructure. Transfer them when switching devices or even mirror on two different ones*. Extract your own secret enclave contents. Improve confidence they were generated securely. And depending on implementation, perhaps reduce the ease with which Apple might "accidentally" vacuum the keys up as a result of an update / order.
*Not sure how much these two make sense in the iOS ecosystem. I know on the Android side I'd absolutely love to maintain a "hot standby" phone that is an exact duplicate of my daily driver, so if I drop it in the ocean I can be up and running again in a heartbeat with zero friction (without need to restore backups, reliance on nerfed backup API's outside the ones Google uses, having to re-setup 2FA, etc. and without ever touching Google's creepy-feeling cloud).
You would need to have a completely trusted software and hardware stack to actually own the keys. And that is already hard enough to get on a PC where ownership still means something, it is not going to happen on most mobile devices. To whatever extent you trust any of the stack already, the Secure Enclave is a better bet than BYOK. The real risk, as you imply, is if Apple is able to compromise the security coprocessor with an OTA firmware update, but they can definitely already push a regular OS update that exfiltrates any key you type in.
Just make an airgapped Linux device on a DYI FPGA CPU. This part is not that difficult comparing to persuading commercial vendors let you use your own cloud and your own encryption/backup mechanisms.
Yeah... unfortunately it ought to be the other way around. They should have a hard time pursuading us to trust them enough to use theirs.
If your phone company asked you to give them the key to your house, in perpetuity, how would you feel about that? (Particularly if they insisted you sign a 15 page Terms of Use first that disclaims all their liability if anything goes missing).
It depends what kind of backdoor the UK is asking for but "encryption backdoor" sounds like cryptographic compromise. I don't know if that's what it means but either way the only way to be sure your keys are secure is to generate them yourself.
BYOK does not provide any additional security over the Secure Enclave (and similar security coprocessors). In fact, unless the Secure Enclave were to directly accept your input and bypass the OS, BYOK is worse because the software can just upload your key to a server as soon as you type it in. Whereas, a key generated on the Secure Enclave stays there, because there exists no operation to export it.
But if you don't trust Apple, how to you get the key into the Secure Enclave to begin with? Doesn't Apple control the software on your device that provides the interface into the Secure Enclave from outside of it?
> We're talking about the largest back door I've ever heard of.
Meh, I don't know. I can still decide to not go the UK and be fine. I think the CLOUD Act is much worse because it's independent from where I am.
It's always hilarious to see how far people here are ready to go to twist some bad Apple news into something which might be considered good.
I mean seriously. Apple making a stand? What stand? They are ripping security out of their customers hands. Customers which are already dependent on the company's decision in their locked in environment.
There is absolutely nothing good about it, and you dragging Android into it and making it look like it's even worse is suspicious. You can have full control over your Android device. Something impossible on an Apple phone. You can make your Android device safer than your iPhone.
There is an upside (if you trust them) -- they're pulling a feature rather than adding a back door to it. Supposedly, anyway.
Well, sure it could be worse.
Doesn't make that one good, though.
The government forced them to pull the feature. Would you rather they left a toggle-switch that doesn't actually do anything? Or are you thinking they should just pull out of the EU altogether?
Making a stand would be leaving UK (UK is not in the EU) altogether.
This is almost as bad as building a backdoor. This is leaving your customer in the rain.
Fortunately for Apple, most of them won't even know or realize it.
No, this tells the customer that backups to iCloud are not secure from the government. Adding the back door would make people think that there was more security than there was. Transparency is always better than deception.
Dropping the feature that the UK was targeting allows their customers to use all the other ways that Apple does things. Leaving the UK altogether is the nuclear option denying their customers of everything. “Apple should just leave the UK/China” never takes into consideration the millions of customers that bought or might want to buy in the future. Nobody would better off if Apple withdraws from a country.
> This is leaving your customer in the rain.
vs. taking their phone away??? Idk if you're trolling or what but I would be incredibly pissed at Apple if they deprecated my phone over something like this.
Making a stand would be displaying a full-screen notification about why they cannot provide protection for British users' data and which party voted for this.
> What concerns me more is that Apple is the only company audibly making a stand.
They are not making a stand. They roll over without a peep. And this is concerning users' privacy which they say is the core of the company.
Compare it to fighting every government tooth and nail over every single little thing concerning the "we don't know if it's profitable and we don't keep meeting records" AppStore
“ They roll over without a peep.”
What are you talking about? This is literally them doing the opposite, and there are multiple other public instances of them making a stand, not to mention in the design of their systems.
Truly curious how you see this that way.
"Literally doing the opposite" would be keeping encryption on.
Removing encryption for everyone is literally doing the opposite of making a stand
They had two paths to comply with the law. Silently backdoor the worldwide cloud serving every Apple device, or loudly tell people in the UK they don't get to have security because their government prohibits them. Between these two options, this is clearly "making a stand".
It's not as much "making a stand" as telling a major government that you have substantial seizable assets under their jurisdiction who is a major market you want to be in, that you're not going to do the thing that their laws say you are required to do, but it's hardly simple compliance either, instead of doing what the government wants them to do, they are making sure there is blowback.
Whether to try to fight it in court likely depends on details of case law and the wording of the laws they'd be contesting, I imagine much of the delay in their response to the demand was asking their lawyers how well they think they would fare in court.
> tell people in the UK
This doesn't affect only people in the UK. It allows access to all Apple users' data globally:
> No Heathrow connection necessary. “The law has extraterritorial powers, meaning UK law enforcement would have been able to access the encrypted iCloud data of Apple customers anywhere in the world, including in the US” [1].
> https://www.ft.com/content/bc20274f-f352-457c-8f86-32c6d4df8...
https://news.ycombinator.com/item?id=43132160
So they can spy on you regardless of where you live even in violation of your own country's privacy laws.
Feels like marvel was onto something with captain america and winter soldier.
The real prescient threat in that movie was the predictive AI algorithm that tracked individual behaviors and identified potential threats to the regime. In the movie they had a big airship with guns that would kill them on sight, but a more realistic threat is the AI deciding to feed them individualized propaganda to curtail their behavior. This is the villain's plot in Metal Gear Solid 2, which is another great story.
This got me thinking about MGS2 again and rewatching the colonel's dialogue at the end of the game: https://www.youtube.com/watch?v=eKl6WjfDqYA
> Your persona, experiences, triumphs, and defeats are nothing but byproducts. The real objective was ensuring that we could generate and manipulate them.
It's really brilliant to use a video game to deliver the message of the effectiveness of propaganda. 'Game design' as a concept is just about manipulation and hijacking dopamine responses. I don't think another medium can as effectively demonstrate how systems can manipulate people's behavior.
Life is imitating too many dystopian books, movies, etc these days. I think we need to put an end to all creative works before the timeline becomes irrecoverably destroyed.
I suspect you’re being flippant, but destruction of and restrictions on creative works as an _antidote_ to dystopia is a take I haven’t seen before.
Yes, I am being very flippant. Sometimes we need to jest in order to digest reality.
The /s is strong with this one.
Banning art?
Fundamentally, I think the issue is more about technical literacy amongst the political establishment who consistently rely on the fallacy that having nothing to hide means you have nothing to fear. Especially in the UK which operates as a paternalistic state and enjoys authoritarian support across all parties.
On the authoritarianism: these laws are always worded in such a way that they can be applied or targeted vaguely, basically to work around other legislation. They will stop thinking of the children as soon as the law is put into play, and it's hardly likely that pedo rings or rape gangs will be top of the list of priorities.
On the technical literacy: the government has the mistaken belief that their back door will know the difference between the good guys (presumably them) and the bad guys, and the bad guys will be locked out. However, the only real protection is security by obscurity: it's illegal to reveal that this backdoor exists or was even requested. Any bad guy can make a reasonable assumption that a multinational tech company offering cloud services has been compromised, so this just paints another target on their backs.
I've said it before, but I guarantee that the monkey's paw has been infinitely curling with this, and it's a dream come true for any black or grey hat hacker who wants to try and compromise the government through a backdoor like this.
It's not literacy. They don't care. They need control, and if establishing control means increased risks for you, it's not something they see as a negative factor. It's your problem, not theirs.
The government put in restrictions against using certain powers in the Investigatory Powers Act to spy on members of parliament (unless the Prime Minister says so, section 26), so I think they're just oblivious to the risk model of "when hackers are involved, the computer isn't capable of knowing the order wasn't legal".
https://www.legislation.gov.uk/ukpga/2016/25/section/26
That actually shows they understand and care because they don't want the law to apply to them. They don't care about its effects on other people.
No, it shows they're thinking of computers like they think of police officers.
Computer literacy 101: to err is human, to really foul up requires a computer.
They don't understand that by requiring the capability for going after domestic criminals, they've given a huge gift to their international adversaries' intelligence agencies. (And given this is about a computer vulnerability, "international adversaries" includes terrorists, and possibly disgruntled teenagers, not just governments).
I think it could be for both reasons
They don't even need control. They want control. Why? Either they're idiots who think they need control or they are tyrants who know they'll need control later on when they start doing seriously tyrannical things.
> Why? Either they're idiots who think they need control or they are tyrants
Many politicians are individuals without any talent who desire power and control, politics is the only avenue open to people like that.
It's natural for the government to want control. It's literally what it is optimized for - control. More control is always better than less control. More data about subjects always better than less data. What if they do something that we don't want them doing and we don't know? It's scary. We need more control.
> they'll need control later on when they start doing seriously tyrannical things.
You mean like when they start jailing people for social media posts? Or when they are going to ban kitchen knives? Or when they're going to hide a massive gang rape scandal because it makes them look bad? Or when they would convict 900+ people on false charges of fraud because they couldn't admit their computer system was broken? Come on, we all know this is not possible.
It's the latter.
Of course it is.
opinion: any government that "needs" such control, is an enemy of the people and must be abolished, and anyone can morally and ethically do so
Well it’s important that the argument is correct. They view ending end-to-end encryption as a way to restore the effectiveness of traditional warrants. It isn’t necessarily about mass surveillance and the implementation could prevent mass surveillance but allow warrants.
I oppose that because end to end encryption is still possible by anyone with something to hide, it is trivial to implement. I think governments should just take the L in the interest of freedom.
> They view ending end-to-end encryption as a way to restore the effectiveness of traditional warrants.
Traditional warrants couldn't retroactively capture historical realtime communications because that stuff wasn't traditionally recorded to begin with.
> It isn’t necessarily about mass surveillance and the implementation could prevent mass surveillance but allow warrants.
The implementation that allows this is the one where executing a warrant has a high inherent cost, e.g. because they have to physically plant a bug on the device. If you can tap any device from the server then you can tap every device from the server (and so can anyone who can compromise the server).
They shouldn’t be able to tap any device from a server. I’m guessing they would have to apply for a warrant and serve the warrant to Apple who review the warrant and provide the data.
Putting the panopticon server in a building that says Apple or Microsoft at the entrance hasn't solved anything. Corporations are hardly more trustworthy than the government, can be coerced into doing the mass surveillance under gag orders, could be doing it for themselves without telling anyone, and would still be maintaining servers with access to everything that could be compromised by organized crime or foreign governments.
Which is why the clients have to be doing the encryption themselves in a documented way that establishes the server can't be doing that.
Agreed.
I used to think it was illiteracy, but when you hear politicians talk about this you realise more often than not they're not completely naive and can speak to the concerns people have, but fundamentally their calculation here is that privacy doesn't really matter that much and when your argument for not breaking encryption based around the right to privacy you're not going to convince them to care.
You see a similar thing in the UK (and Europe generally) with freedom of speech. Politicians here understand why freedom of speech is important and why people some oppose blasphemy laws, but that doesn't mean you can just burn a bible in the UK without being arrested for a hate crime because fundamentally our politicians (and most people in the UK) believe freedom from offence is more important than freedom of speech.
When values are misaligned (safety > privacy) you can't win arguments by simply appealing to the importance of privacy or freedom of speech. UK values are very authoritarian these days.
"Especially in the UK which operates as a paternalistic state and enjoys authoritarian support across all parties."
What is a "paternalistic state". I studied Latin so obviously I understand pater == father but what is a father-like state?
What on earth is: "authoritarian support across all parties".
The UK has one Parliament, four Executives (England, Northern Ireland, Scotland, Wales) and a Monarch (he's actually quite a few Monarchs).
Anyway, I do agree with you that destroying routine encryption is a bloody daft idea. It's a bit sad that Apple sold it as an extra add on. It does not cost much to run openssl - its proper open source.
Paternalism, unless I'm mistaken, is a belief among those in power that they what's best for you, better than you do, and will exercise power on your behalf in that manner. Just like your parents do when you're a child.
In medicine, a paternalistic attitude towards the patient from a point of authority (like a father) The doctor acts as if he knows more and knows what is better. The patient has his own preferences and priorities, but they don't necessarily match with what the doctor does.
I suppose a paternalistic state functions to satisfy the needs of the people, and to define those needs. The people get what the state says is best for them.
What the politicians want is partial security: something they can crack but criminals can't. That is achievable in physical security, but not in cybersecurity.
I have a feeling the politicians already know partial cybersecurity isn't an option, and don't care. Certainly, the intelligence community advising them absolutely does know. We don't even have to be conspiratorial about it: their jobs are easier in the world where secrets are illegal than in the world where hackers actually get stopped.
> That is achievable in physical security, but not in cybersecurity.
Not with physical security either, I'm afraid.
With physical security the state apparatus can provide physical security in the form of police and what not, as well as deterrence and punishment.
In the world of cryptography it's... a bit harder to do something similar. In the best case they can come up with a key escrow system that doesn't suck too much, force you to use it, and hopefully they don't ever get the master keys hacked and stolen or leaked. But they're not asking for key escrow. They're asking for providers to be the escrow agents or whatever worse thing they come up with.
"it's hardly likely that pedo rings or rape gangs will be top of the list of priorities".... is this not one of the most disturbing, disgusting, psychologically troubling and damning ideas ever to be put to words/brought to awareness? . Right up there "let's meticulously plan out this horrific, atrocious, dehumanizing act and meditate upon the consequences, and then choose the most brutal and villainous option". Dear Lord....
People are extremely opposed to pedos, so they're a primary rationalization for oppressive technology. But then you have two problems.
First, pedos know everybody hates them, so they take measures normal people wouldn't in order to avoid detection, and then backdooring the tech used by everybody else doesn't work against them because they'll use something else. But it does impair the security of normal people.
Second, there aren't actually that many pedos and the easy to catch ones get caught regardless and the hard to catch ones get away with it regardless, which leaves the intersection of "easy enough to catch but wouldn't have been caught without this" as a set plausibly containing zero suspects. Not that they won't use it against the ones who would have been caught anyway and then declare victory, but it's the sort of thing that's pretty useless against the ones it's claimed to exist in order to catch, and therefore not something it can be used effectively in order to do.
Whereas industrial espionage or LOVEINT or draining grandma's retirement account or manipulating ordinary people who don't realize they should be taking countermeasures -- the abuses of the system -- those are the things it's effective at bringing about, because ordinary people don't expect themselves to be targets.
> is this not one of the most disturbing, disgusting, psychologically troubling and damning ideas ever to be put to words/brought to awareness? .
Hmm? Hell has depths. Your yard might be a little too short to measure them? In that case, just think about this: rape is probably most common in prisons, where you will send innocents the moment this dragnet thing glitches.
> that having nothing to hide means you have nothing to fear
hopefully the US turning from leader of the free world to Russia's tool will give them the kick they need to realise that just because you trust the government now doesn't mean you trust the next government or the one after it.
You probably don't want to look up which US President tried to force Apple to insert an encryption back door into iPhones back in 2015.
However, Google did only start moving to protect location data from subpoenas after people started to worry that location data could be used as a legal weapon against women who went to an abortion clinic, so your larger point stands.
Points about Russia or partisan politics aside, there are now at least 10M people living in the US who have a very strong incentive to hide all their data from the executive branch. That's to say nothing of the countless millions who might want to help them.
The demand for encryption just exploded, in a legal gray area (city, state, and federal laws seem to be in conflict here) it's just a question of whether governments allows the supply to follow.
That would be none, as it was the FBI, operating independently (as it's supposed to), which tried to force the issue. They even tried to go to Congress but found little support for their stunt. I'm not even sure Obama ever spoke in support of the backdoor, much less used any political power to make it a reality.
Sorry, but the FBI is part of the executive branch.
This is exactly like saying that President Trump has nothing to do with the actions of the executive branch agencies today.
it's true that the honour system only works when there's honour in the people in charge.
when a clown moves into a palace, the clown doesn't become the king - the palace becomes a circus.
Haven't we already learned that gaslighting the public is counterproductive?
President Obama sold himself as a Constitutional scholar who would set right the civil liberties overreach of his predecessor.
You aren't going to convince sane people that his executive branch agencies sought to gut the fourth amendment without his being aware of it, despite months of extensive press coverage.
"the other side is just as bad" isn't the justification that a lot of people seem to think it is. if you don't like what the other side has done, don't just copy them. do better.
It's simpler. If you claim that a particular action would be bad if the other political team were to perform it, don't suddenly make excuses for that very same action if it turns out that your favored political team has previously performed it.
> hopefully the US turning from leader of the free world to Russia's tool
So much humour in one short phrase.
Do you really believe your propaganda or is it just absentmindedly parroting pro permanent war talking points?
What would you call the ridiculous claim that Ukraine started the war? Who else does that serve but Russia?
He demands $500bn of rare earth minerals, insists that Ukraine started the war by getting invaded and wants Zelensky to be replaced by a Russian puppet. It's amazing how the US went from the defender of the free world to just another thug.
Furthermore, one UK head of state call everyone supporting encryption pedophiles
https://x.com/BenWallace70/status/1892972120818299199
Just to be clear: Wallace is not a head of state, or even an MP any more. At one point, he was Secretary of State for Defence, a Cabinet position, however he resigned this in 2023.
This doesn’t justify his position (it’s stupid) but he doesn’t speak for the current government.
To clarify a bit further, the UK head of state is King Charles III, as he is for a bunch of other countries in the Commonwealth.
Head of state in the UK is a bit weird compared to countries that abolished or never had a monarchy.
Technically we did abolish the monarchy back in the 17th century, but the replacement was so bad we brought them back about 10 years later, which I think makes us a minority of one and even more weird.
Anyway, back on topic: this is a ridiculous law that is forcing services to erode their security while smart criminals can just use some nice free open-source software somewhere else for E2E communication. And a lot of this is definitely down to lawmakers not understanding technology.
You’re correct, however I gave GP the benefit of the doubt and assumed they meant Secretary of State ;-)
And, to be fair, while I’m generally a small r republican, I’m seeing benefits of having a non politically aligned head of state after J6. While the monarch has limited power, booting out a PM that can’t command the confidence of Parliament is one of them. The question of whether Johnson would accept being dethroned a la Trump was always silly given his consent was never needed.
The UK monarch's power is largely based on convention more than active decision making. For example, a government is formed at the invitation of the monarch, but that's long reflected the results of an election. Getting rid of a PM generally happens when they run out of luck. That sometimes coincides with the ruling party/coalition imploding. The next PM is then shortlisted by MPs and selected by a minority of the electorate.
I guess the US equivalent is the leader of the house being unable to hold their majority together. In some ways the presidential election feels more democratic if a relative outsider (like Trump was) can win. But a 2 year lead up is crazy.
> And, to be fair, while I’m generally a small r republican, I’m seeing benefits of having a non politically aligned head of state
One of the benefits of a constitutional monarchy is the head of state did not campaign for the position.
The vast majority of democracies separated the roles of head of state and head of government.
> one UK head of state
What on earth are you talking about?
Charles III is head of state, and before that, Liz II. The monarch absolutely does not get involved in politics.
Ironic.
And that's why it is so important to nip this "pedo" / "think of the children" crap right in the bud.
Obviously pedos on the interwebs are bad, but hey as long as it's just anime they're whacking off to I don't care too much. But the real abuse, that's done by - especially in the UK - rich and famous people like Jimmy Savile. And you're not gonna catch these pedos with banning encryption, that's a fucking smokescreen if I ever saw one, you're gonna catch them with police legwork and by actually teaching young children about their bodies!
> But the real abuse, that's done by - especially in the UK - rich and famous people like Jimmy Savile
Jimmy Savile was a vile predator. He was protected by the inane customs of the British ruling class.
He was not alone among the toffs of England.
But do not be mistaken. It is not just the rich and powerful where you find sexual predators. They exist at all levels of society, all genders, most ages (I will except infants and the aged infirm....)
Jimmy Savile was a symptom of something much darker, much worse and widespread.
Jimmy Saville was many things, but I don’t think he was a toff. His ability to abuse was about power, and perhaps gender, but not class.
Honestly if the UK wants to reduce sexual crimes against children and adults one of the easiest ways to achieve that would be to reform UK liable law.
In the UK if you're raped by someone famous you'd be an utter idiot to say anything unless you're loaded or have a massive amount of hard evidence. You couldn't have a me to movement in the UK because everyone who came forward would be sued into bankruptcy. This is why so many people knew about Savile but no one said anything.
The rules of evidence in court are important too.
It is the victim on trial, many times.
Yeah but if you sell the populace on the idea that pedos are only something that's a threat on the interwebs the populace won't care about all the other pedos, and if there is a pedo scandal like the next Savile the government can just go and shrug and say "we did all we could". And that is the point behind all that pedo scare.
https://xcancel.com/BenWallace70/status/1892972120818299199
Thank you.
[dead]
> technical literacy amongst the political establishment who consistently rely on the fallacy that having nothing to hide means you have nothing to fear.
That's an awfully generous assessment on your part. Kindly explain just what "technical literacy" has to do with the formulation you note. From here it reads like you are misdirecting and clouding the -intent- by the powerful here.
Also does ERIC SCHMIDT an accomplished geek (who is an official member of MIC since (during?) his departure from Sun Microsystems) suffers from "technical literacy" issues:
https://news.ycombinator.com/item?id=983717
Thank you in advance for clarifying your thought process here. Tech illiteracy -> what you got to hide there buddy?
I feel like the comment was clear, technical illiteracy leads politicians to believe that they'll be the only ones with access to this backdoor, which isn't true.
The comment's clarity was not questioned. You are passing around the same tired line that because politicians do not understand technology and how it can be used against anyone. Sure computers are new but communication technology is not. All a politician needs to understand is "capability". That is it. "We can read their communications", no degree in CS required. Also, they have power geeks advising them left and right. They know "capabilities" can be misused. They know this.
Is this clear?
>> Kindly explain just what "technical literacy" has to do with the formulation you note.
>> Thank you in advance for clarifying your thought process here.
> The comment's clarity was not questioned.
It isn't necessarily the case that they all care if criminals can get in to the average person's data so long as the authorities also can.
Yeah. Not buying it. They know, or someone smart enough told them that backdoors can be accessed by anyone with enough skill. They just don't care because the people that are asking for this are criminals already and wanting profit off of other people's data.
Let me offer a possible example that might be more in line with the HN commenting guideline about interpreting people's comments as charitably as reasonably possible:
My password manager vault isn't exactly something to hide in the political sense, but it's definitely something I would fear is exposed to heightened risk of compromise if there were a backdoor, even one for government surveillance purposes. And it's a reasonable concern that I think a lot of people aren't taking seriously enough due, in part, to a lack of technical literacy. Both in terms of not realizing how it materially impacts everyday people regardless of whether they're up to no good, and in terms of not realizing just how juicy a target this would be for agents up to and including state-level adversaries.
As for Eric Schmidt, he's something of a peculiar case. I don't doubt his technical literacy, but the dude is still the head of one of the world's largest surveillance capitalist enterprises, and, as the saying goes, "It is difficult to get a man to understand something when his salary depends on his not understanding it."
> Especially in the UK which operates as a paternalistic state and enjoys authoritarian support across all parties.
This seemed strange to point out. It’s not really any more or less “paternalistic” than most western nations including the US.
Folks in the United States aren't routinely arrested for Facebook posts.
The AP News was just kicked out of press conferences for not using the government-preferred term for the Gulf of Mexico. The new director of the FBI is pledging to go after members of the press that he doesn't like. The US is jumping headfirst in the "bad speech isn't free" direction in the past month.
Of course they are. Violent threats and admitting illegal activity on social media can lead to arrests in the US. By being so unspecific your comment does not really foster good discussion on the topic. You should describe what kind of posts they are being arrested for and which laws/protections in the UK you are specifically criticizing.
They're not arrested for posting on Facebook. They're arrested for _what_ they're posting on Facebook.
Just like any other authoritarian state
Hardly. There are limits to speech in most jurisdictions. That hardly crosses the threshold for "authoritarian". The high profile cases in the UK have been around incitement to violence and contempt of court.
Yes, people in the US don't get arrested for that.
Yes, they do.
https://www.justice.gov/usao-az/pr/page-man-charged-threaten...
https://edition.cnn.com/2015/04/30/us/georgia-woman-facebook...
https://www.cnbc.com/amp/2023/10/19/influencer-gets-months-i...
https://www.justice.gov/usao-ndal/pr/birmingham-man-sentence...
No, they get arrested for conduct that would be criminal no matter where they did it. Facebook (2x) and Twitter (2x) were the (virtual) venues where the crimes were committed, but the crimes were attempting to organize a mob to burn down a courthouse, inciting and threatening to murder police, conspiracy to suppress votes and threatening to kill the President. The crimes would be just as criminal had they been done in person at a local bar (or any other physical location).
Which is exactly the same as in the UK.
> The crimes would be just as criminal had they been done in person at a local bar (or any other physical location).
I agree. Where the US differs is that because of the US's 1st amendment it's _not_ a crime to say those things even in a bar.
Anyway, all of that to say that americans are arrested for posting things on the internet, despite what people claim.
Stop it. We don't deal in "facts" any more.
There are limits to speech in every country, including the US. What I always find baffling is the sheer arrogance of Americans, that the only way to be a free and democratic country is their way, to the extent that they send their elected representatives to Germany of all places to implicitly argue for the legalisation of the Hitler salute.
Meanwhile their country has slid into fascism. Sad and tragic.
If you see a red car driving down the street do you not call it red because there are many other red cars? They're adding color (pun intended) to their description of the general bias of the UK government. What you're doing is called Whataboutism - the argument that others are doing something similar or as bad in different contexts. It doesn't make what the UK is doing any less bad for citizens (and non-citizens) privacy or data sovereignty.
Many people might not be aware of it, but Apple publishes a breakdown of the number of government requests for data that it receives, broken down by country.
The number of UK requests has ballooned in recent years: https://www.apple.com/legal/transparency/gb.html#:~:text=77%...
Much of this is likely related to the implementation and automation of the US-UK data access agreement pursuant to the CLOUD Act, which has streamlined this type of request by UK law enforcement and national security agencies.
The problem is AFAIK this act is a lot different and Apple or any party that gets this order is completely forbidden to talk about it. So these kind of requests would not show up in this transparency requests. It is IMHO fair to assume Apple will UK this backdoor given they chose to disable Advanced Data Encryption and public would have no insight to amount and reasons to the backdoor usage. It is really troubling.
Looking at the ones for Germany, those seem like rookie numbers
https://www.apple.com/legal/transparency/de.html#:~:text=77%...
It's also comparatively worse than the raw numbers suggest because the customer base of Apple phones in Germany is much smaller than in the UK.
I see numbers for USA and China very low as well.
Maybe they don't have/need to request? ;-) Just saying.
Sad to see the home of the magna carta slowly spiraling down into fascism and 1984. The government should be required to have a specific warrant to get at your personal data.
I don't share your findings, EVERY six-month period between January 2014 - June 2017 shows bigger requests than any six-month period in the last 5 years.
It's also just false. Google pulled out of China many years ago because they didn't want to bow to the Chinese government's demands.
And they didn't just withdraw a product, they withdraw their entire business.
I wonder what the impact of Apple withdrawing from China will be. I know we are talking about UK, but this made me think.
Not only their sales will reduce, but hey Chinese manufacturing cuts down. By how much? Will it be impactful? I would think so but wonder if it is quantifiable.
Almost all iPhones are made in China. They cannot pull out without shutting down.
They make on average 60,000 ios devices there every hour, 24 hours a day, 365 days a year.
Your math adds up to 525,600,000 iOS devices per year. That can't possibly be right
> In 2023, Apple shipped 234.6 million iPhones, capturing 20.1% market share and growing 3.7% year over year, according to IDC data. [0]
So, probably not 525.6 million iOS devices a year, but safe to assume it's going to be 300+ million for 2025.
35k devices an hour, give or take.
[0]: https://www.forbes.com/sites/johnkoetsier/2024/01/16/apple-1...
Fake privacy experts like Caro Robson need to be held accountable.
>"It would be a very, very worrying precedent if other communications operators felt they simply could withdraw products and not be held accountable by governments,"
This would actually be a very very very very VERY GOOD precedent if you ask me.
Facebook pulled something similar when Canada passed the Online News Act and instead of extorting facebook to pay the media companies for providing a service to them (completely backasswards way to do things), they just pulled news out of Canada. I despise Meta as a company, but I had to give them credit for not just letting the government shake them down.
Good riddance. Governments need to be reminded from time to time that they are, in fact, not Gods. We can and should, just take our ball and go play in a different park or just go home rather than obey insane unjust laws.
I love their products: whatsapp and facebook
Governments forcing companies from other countries to do business in their country seems like the worrying precedent to me.
"a product" and "cooperate" are doing so much work in that statement that they collapsed and look like ________ and ________
They re-emerged as "security feature" "add vulns to security features to make it an insecurity feature"
>Online privacy expert Caro Robson
Ironic to refer to her as a "privacy expert" given her open hostility to privacy.
Note that this doesn’t satisfy the government’s original request, which was for worldwide backdoor access into E2E-encrypted cloud accounts.
But I have a more pertinent question: how can you “pull” E2E encryption without data loss? What happens to those that had this enabled?
Edit:
Part of my concern is that you have to keep in mind Apple's defense against backdooring E2E is the (US) doctrine that work cannot be compelled. Any solution Apple develops that enables "disable E2E for this account" makes it harder for them to claim that implementing that would be compelling work (or speech, if you prefer) if that capability already exists.
When you disable ADP, your local encryption keys are uploaded to Apple's servers to be read by them.
Apple could just lock you out of iCloud until you do this.
That’s exactly the plan. Anyone with this enabled in the UK will need to manually disable it or they’ll get locked out of their iCloud account after a deadline.
And I guess Apple gets fined for not allowing government approved alternatives to these services not long after.
The hardware will not allow this, at least not without modifications. The encryption keys are not exportable from the Secure Enclave, not even to Apple's own servers.
The Apple security paper describe how to disable ADP through a key rotation sequence.
This will be a "forced rotation", they just need to decide how to communicate to users and work out what happens to those who don't comply. Lockout until key rotation look like an option as someone said.
Behind the scenes, it'd probably decrypt it locally piece-by-piece with the key in the Secure Enclave, and then reencrypt it with a new key that Apple has a copy of when you disable ADP.
Are you gonna unlock that phone anytime soon?
Thanks for opening the enclave, don't mind if I ship these keys back home.
No notification needed, Apple has root access.
Unless I am making a mistake here, you still can't extract keys of an opened enclave. You can just run operations against those keys.
Assuming the enclave can receive OTA firmware updates and those updates can completely compromise it, which are not actually proven facts, there's no way to target this to the UK alone without either exempting tourists and creating a black market for loophole phones or else turning all of Britain into a "set foot here and ruin your iPhone forever" zone.
> how can you “pull” E2E encryption without data loss
You can’t. The article says if you don’t disable it (which you have to do yourself, they can’t do it for you, because it’s E2E), your iCloud account will be canceled.
At this point, the right thing to do is allow for an alt-service.
How would an alt service help this situation? You’d just end up with backdoored services advertising E2EE, no? Apple’s move here is definitely the right one, introduce as much friction as possible to hopefully get the user pissed off at their government for writing such stupid laws.
> introduce as much friction as possible to hopefully get the user pissed off at their government for writing such stupid laws.
I'm actually surprised that they didn't add more direct text in that screen. "We are unable to provide this service... BECAUSE OF YOUR GOVERNMENT 1984 STYLE REQUESTS. Contact your MPs here and here and oh, here's their unlocked icloud data, might want to add some choice pictures to their stash..." would have been a tad more on the nose...
Apple has an organization-wide mandate for services revenue.
Every product must make money on an ongoing basis, every month. That's why you get constantly spammed to subscribe to things on iOS.
Apple will never drop this anticompetitive practice of favoring their services until they are legally compelled to.
> you get constantly spammed to subscribe to things on iOS.
Ad companies are the worst
We are told the encryption keys reside only on your device. But Apple control “your” device so they can just issue an update that causes your device to decrypt data and upload it.
Apple has already fought US government demands that they push an update that would allow the US governmrnt to break encryption on a user's device.
> In 2015 and 2016, Apple Inc. received and objected to or challenged at least 11 orders issued by United States district courts under the All Writs Act of 1789. Most of these seek to compel Apple "to use its existing capabilities to extract data like contacts, photos and calls from locked iPhones running on operating systems iOS 7 and older" in order to assist in criminal investigations and prosecutions. A few requests, however, involve phones with more extensive security protections, which Apple has no current ability to break. These orders would compel Apple to write new software that would let the government bypass these devices' security and unlock the phones.
https://www.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption_...
Would just upload the keys
Presumably these keys live in a hardware security module on your phone called “secure enclave” and cannot be extracted
From the Advanced Data Protection whitepaper [0], it appears the keys are stored in the iCloud Keychain domain, so not the Secure Enclave:
> Conceptually, Advanced Data Protection is simple: All CloudKit Service keys that were generated on device and later uploaded to the available-after-authentication iCloud Hardware Security Modules (HSMs) in Apple data centers are deleted from those HSMs and instead kept entirely within the account’s iCloud Keychain protection domain. They are handled like the existing end-to-end encrypted service keys, which means Apple can no longer read or access these keys.
[0]: https://support.apple.com/guide/security/advanced-data-prote...
wrapped by a key hierarchy ultimately rooted by a key stored in the secure enclave.
Well yes, the entire storage is. I was trying to explain how it's extractable.
fair!
Apple can push firmware updates to the HSM just like the device. So if they really wanted they could add an operation that extracted the keys (likely by encrypting them to a key that lives in Apple's cloud).
Is this module auditable though, or is "just trust us", like everything in the Apple world?
An HSM bypass (extracting keys, performing unauthenticated crypto ops) on any recent iOS device is worth 10s of millions, easily. Especially if combined with a one-click/no click. In that sense, it’s auditable, because it’s one of the biggest targets for any colour hat, and the people smart enough to find a bug/backdoor would only be slightly aided by a spec/firmware source, and a bit more by the verilog.
This is true for pretty much every “real” hsm on the planet btw. No one is sharing cutting edge enclave details, Apple isn’t unique in this regard.
It’s auditable in the sense that there is a very high potential for reward (both reputationally and financially) for security researchers to break it.
If someone has a reliable and workable secure enclave hack they can become a multi-millionaire for selling to state actors or become one of the most famous hackers in the world overnight (and possibly get a life changing amount of bounty from Apple)
Basically it's not a hack someone just throws on the internet for everyone to use, it's WAY too valuable to burn like that.
Ah yes, good point.
Apple do not remotely control devices, and automatic updates are not mandatory.
I think Prof Woodward's quote in the article will likely hold true for Apple's response to the original UK government request:
"It was naïve of the UK government to think they could tell a US technology company what to do globally"
> Any solution Apple develops that enables "disable E2E for this account" makes it harder for them to claim that implementing that would be compelling work (or speech, if you prefer)
I think it’s really speech [0], which is why it’s important to user privacy and security that Apple widely advertises their entire product line and business as valuing privacy. That way, it’s a higher bar for a court to cross, on balance, when weighing whether to compel speech/code (& signing) to break E2EE.
After all, if the CEO says privacy is unimportant [1], maybe compelling a code update to break E2EE is no big deal? (“The court is just asking you, Google, to say/code what you already believe”).
Whereas if the company says they value privacy, then does the opposite without so much as a fight and then the stock price drops, maybe that’d be securities fraud? [2]. And so maybe that’d be harder to compel.
[0]: https://news.ycombinator.com/item?id=43134235
[1]: https://www.eff.org/deeplinks/2009/12/google-ceo-eric-schmid...
[2]: https://www.bloomberg.com/opinion/articles/2019-06-26/everyt...
Apple is in a really tough position. I don't know if there's any way they could fulfil the original request without it effectively becoming a backdoor. Disabling E2E for the UK market is just kicking the can down the road.
Even simply developing a tool to coerce users out of E2E without their explicit consent to comply with local laws could be abused in the future to obtain E2E messages with a warrant on different countries.
A very difficult position to be in.
> Apple is in a really tough position.
You mean Apple is in a unique position to make a statement. No more Apple products in the UK. Mic drop. Exit stage left.
But… money
But customers. People keep saying they should just not be in that country. It is far better to have the choice of using an iPhone even if particular features are no longer available.
Or, this is how they save face with their customers having complied with the request rather than stop trading with the UK.
The iOS screenshot displays a message saying it's no longer available for new users.
> the (US) doctrine that work cannot be compelled
Is this actually a thing? Telecoms in the US are compelled to provide wiretap facilities to the US and state and local governments.
>> Apple's defense against backdooring E2E is the (US) doctrine that [government can’t] be compelling work (or speech, if you prefer)
It’s really not "work” but speech. That’s why telecoms can be compelled to wiretap. But code is speech [2], signing that code is also speech, and speech is constitutionally protected (US).
The tension is between the All Writs Act (requiring “third parties’ assistance to execute a prior order of the court”) and the First Amendment. [1]
So Apple may be compelled to produce the iCloud drives the data is stored on. But they can’t be made to write and sign code to run locally in your iPhone to decrypt that E2EE data (even though obviously they technologically could).
[1]: https://www.eff.org/deeplinks/2015/10/judge-doj-not-all-writ...
[2]: https://www.eff.org/deeplinks/2015/04/remembering-case-estab...
It's weird bending of law. Code, especially closed-source code, is not a speech; it's a mechanism and the government may mandate what features a mechanism must have (for example, a safety belt in a car).
> how can you “pull” E2E encryption without data loss? What happens to those that had this enabled?
They'll keep your data hostage and disable your iCloud account. Clever, huh? So they are not deleting it, just disabling your account. "If you don't like it, make your own hardware and cloud storage company" kind of a thing.
More like "If you don't like it, talk to your local politicians", which is, IMO, a totally valid approach.
> "If you don't like it, talk to your local politicians",
Indeed people only noticed this because Apple tried to do the right thing and now it's somehow also Apple's fault. No good deed goes unpunished, I guess.
I think there is a feeling the government power is so overwhelming that they are hoping maybe some trillion dollar corporation would help them out somehow.
> But I have a more pertinent question: how can you “pull” E2E encryption without data loss? What happens to those that had this enabled?
Well exactly. The UK just showed the whole thing is a joke and that Apple can do this worldwide.
Think about it.. You don't even have to be an Apple user to be affected by this issue. If someone backs up their conversations with you to apple cloud, your exchange is now fair game. You get no say in it either.
We all lose.
That's why it's important to use apps like Signal where you can set the retention of your messages. I've got everybody I know using it now!
Setting a retention time out is playing with fire. If the police get ahold of the other party's device, and present an exhibit which they say contains the true conversation, you could be worse off than if you retained the conversation. The fact that you have since deleted it could be incriminating.
In some jurisdiction, yes, legally, such evidence might not be probative, but you might still convicted because of it.
message retention has literally NEVER been used as incrimination in a court of law. So you are wrong.
Umm, isn’t this related? https://www.theverge.com/2024/4/26/24141801/ftc-amazon-antit...
This isn't Amazon getting in trouble for implementation of a routine records retention policy. It's Amazon getting in trouble for violating a document retention mandate related to an ongoing lawsuit.
I don't think so. Corporate communication is bound by different laws and you have way higher burden of evidence in case of legal requests. I don't think this creates a precedent for personal communications.
Yes, but if I’m reading it right, Amazon staff were already inder instruxtion to retain and share data relevant to an ongoing investigation. They were aware of the process and, if the article is to be believed, worked against the instructions.
That’s quite different from turning disappearing messages on when you’re not explicitly under insteuctions to keep records.
No. That's a civil discovery matter.
The retention time can be set by individual conversation not just the whole app.
Ephemeral messaging is not a crime.
Given historical backups are the norm here, retention only does so much.
Really, apps should encrypt their own storage with keys that aren't stored in the backups. That's how you get security/privacy back.
> That's how you get security/privacy back.
Nothing an app does on a device guarantees you security or privacy if you don't trust or fully control the device.
Many people want control over whether they back up conversations with others, and think it would be crazy for sender to control the retention policy instead of receiver.
I think sender should just be able to send a recommended preference hint on retention and you could have an option to respect it or not.
In a world where they cancel encryption they can't access... doesn't Signal and its CIA funded origins concern you?
Nope. I actually think that would bring more scrutiny and so I feel safer knowing it's not be cracked.
interesting and illogical reply
No more illogical than trusting Apple's security because it is ... Apple.
I use a patched Signal client that disables retention deletion and remote delete messages.
and that's awfully rude of you, but if you were concerned about message retention you wouldn't do that. so what's your point?
Very similar to sites like LinkedIn, which ask you to share your personal info & contact list.
I don't want to share my contact details, but the second someone I know decides to opt in, I lose all rights to my own data as they've shared it on my behalf.
Maybe they have other info, such as birthday, home address, other emails or phone #s, etc. stored for me, which is all fair game, as well.
If you are in EU, request your data be redacted.
Security hinges on trust. The only real privacy tool is PGP which uses a web of trust model. But it only works if people own their own computers and storage devices. What they've done is got everyone to rent their computers and storage instead. There's no security model that works for the users here.
Scary - I try to use signal as much as possible now for this reason.
Signal can't evade this law either.
Why not? Signal was willing to run all kinds crazy setups to evade foreign laws, like domain fronting.
https://signal.org/blog/doodles-stickers-censorship/
If Signal can do it, then why doesn't Apple make a stand?
If signal doesn’t make a stand, the entire value prop of signal collapses and they cease to be a thing.
For Apple, privacy is one value prop. But seemingly smaller one than the UK market.
So many questions around this that need answering, such as:
1. What happens if I have ADP enabled and then visit the UK? Will photos I take there still be E2E encrypted? If not, will I be notified? I realize that at the moment the answer is yes, that for now, they are only disabling ADP enrollment. But they are planning to turn it off for everyone in the UK in the future. So what happens then?
2. If they make an exception for visitors, such as by checking the account region, then obviously anyone in the UK who cares about security will just change their account region - a small inconvenience. Maybe this will be a small enough group that the UK government doesn’t really care, but it could catch on.
3. Is this going to be retroactive? It’s one thing to disallow E2E encryption for new content going forward, where people can at least start making different decisions about what they store in the cloud. It’s an entirely different thing for them to remove the protection from existing content that was previously promised to be E2E encrypted. When they turn off ADP for people who were already enrolled, how is their existing data going to be handled?
This is bad news and it is going to be messy.
Free speech already under threat and now y'all are giving up the right of private communication too? For anyone cheering this on, do you honestly think this will only affect the "bad people", and you'll never have your own neck under the government's boot? Even if you trust the government today, what happens when your neighbors elect a government you disagree with ideologically?
I don’t think anyone is cheering this on.
Many people do, unfortunately, so long as it's framed as "only terrorists and pedophiles need encryption that cops can't break".
How do we actually beat this narrative? I've been proposing a E2EE-based chat application to my friend, and they asked me a similar question: won't it just be rife with pedophiles? How can you make a platform that will be used to that means?
I have strong views about privacy as a fundamental human right, but I don't know how to answer that question. I certainly don't want to make the world worse, but this feels like a lesser of two evils type of deal: either make it even harder to catch bad actors, such as child abusers, or make it plausible that your government take away your freedom forever.
Most politicians are.
Instead of the word cheering we could use letting.
Bad people flourish over the inaction of good people.
(but yes, there are always several who protect and argue for things risking their own and everyone's livelihood, exposing themselves to shady elements, along singled out and elevated thin aspects, cannot understood why)
[dead]
I have a naive question, and it's genuine curiosity, not a defence of what's happening here.
This ADP feature has only existed for a couple of years, right? I understand people are mad that it's now gone, but why weren't people mad _before_ it existed? For like, a decade? Why do people treat iCloud as immediately dangerous now, if they didn't before?
Did they think it was fully encrypted when it wasn't? Did people not care about E2E encryption and now they do? Is it that E2E wasn't possible before? If it's such a huge deal to people now, why would they have ever used iCloud or anything like it, and now feel betrayed?
I guess I'm one of the people who was upset that it didn't exist before, and I didn't enable iCloud Backup as a result. I didn't use iCloud Photos. I had everything stored on a NAS (which was in-fact encrypted properly) and used a rube goldberg-esque setup to move data to it periodically. I used iMazing and local encrypted backups on a schedule.
Lots of people called for E2EE on this stuff, but let's be real about one thing: encryption as a feature being more accessible means more people can be exposed to it. Not everyone can afford a rube goldberg machine to backup their data to a NAS and not make it easily lost if that NAS dies or loses power. It takes immense time, skill, and energy to do that.
And my fear isn't the government, either, mind you. I simply don't trust any cloud service provider to not be hacked or compromised (e.g., due to software vulnerability, like log4j) on a relatively long timescale. It's a pain to think about software security in that context.
For me, ADP solves this and enables a lot of people who wouldn't otherwise be protected from cloud-based attacks to be protected. Sure, protection against crazy stuff like government requests is a bonus, but we've seen with Salt Typhoon that any backdoor can be found and exploited. We've seen major exploits in embedded software (log4j) that turn out to break massive providers.
So, there were people upset, their concerns were definitely voiced on independent blogs and random publications, and now, we're back in the limelight because of the removal of the feature for people in the UK.
But, speaking as a user of ADP outside of the UK, I am happy that ADP is standing up for it, and thankful that it exists.
(To be clear: government backdoors, and government requests also scare me, but they aren't a direct threat to myself as much as a vulnerability that enables all user data to be viewed or downloaded by a random third-party).
Many of us were very upset about Apple's slow-rolling this feature. There were many claims that they delayed the rollout due to government pressure [1] (note: that story is by the same reporter who broke today's news a couple of weeks ago.)
Rolling out encryption takes time, so the best I can say is "finally it arrived," and then it was immediately attacked by the U.K. government and has now been disabled over there. I imagine that Apple is also now intimidated to further advertise the feature even here in the U.S. To me this indicates we (technical folks) should be making a much bigger deal about this feature to our non-technical friends.
[1] https://www.reuters.com/article/world/exclusive-apple-droppe...
At one point in time, the entirety of web communication was completely unencrypted.
Why were people not mad then? Do you think people would be angrier now, if HTTPS were suddenly outlawed?
Among other valid answers, removing rights and privileges generally makes people angrier than not having those rights or privileges in the first place.
> Why were people not mad then?
Oh, we were. I am in the crowd who had been asking for generally used encryption since 1995. After all, we were already using SSH for our shell connections.
The first introduction to SSL outside of internet banking and Amazon was for many online services to use encryption only for their login (and user preferences) page. The session token was then happily sent in the clear for all subsequent page loads.
It took a while for always-on encryption to take hold, and many of the online services complained that enabling SSL for all their page loads was too expensive. Both computationally and in required hardware resources. When I wrote for an ICT magazine, I once did some easy benchmarking around the impact of public key size for connection handshakes. Back then a single 1024-bit RSA key encryption operation took 2ms. Doubling it to 2048 bits bumped that up to 8ms. (GMP operations have O(n^2) complexity in terms of keysize.)
"We" is an special group. I am technical but never thought much about it back then. There is a boiling frog. The 90s internet was used for searching and silly emails. Now it has you life in the cloud. But that didn't happen in a day.
Counterpoint: when web communication was unencrypted it was before we did our banking, tax filing, sent medical records, and sent all other kinds of sensitive information over the internet. The risks today are not remotely the same as they once were.
always used my own encryption and cyphered any sensitive data/communications, but the problem is that most people won't and you're often compromised by them
simple solutions like Whatsapp, Signal and ADP brought this to the masses - which some governments have issues about - and this makes a massive difference to everybody including those who wouldn't be caught dead using an iphone anyway
if we could go back to the early 1990s when only professionals, Uni students, techies and enthusiasts used the internet I'd go in a heartbeat but that's not the world we're living in
You've always been able to perform encrypted backups to your own local PC or Mac out of the box, so people who do care about privacy have always had that option.
One thing I've found concerning is that Apple had encrypted cloud backups ready to roll out years ago, but delayed releasing the feature when the US government objected.
> After years of delay under government pressure, Apple said Wednesday that it will offer fully encrypted backups of photos, chat histories and most other sensitive user data in its cloud storage system worldwide, putting them out of reach of most hackers, spies and law enforcement.
https://www.washingtonpost.com/technology/2022/12/07/icloud-...
So the UK government isn't the only government that has objected to users having real privacy protections.
Yes, I was mad before it existed and didn't use icloud backups. With the E2E and ADP I turned it on. If it gets nuked in the US I'll go back to encrypted local backups only.
People learn stuff over time. If you are not living like RMS you probably are allowing something to spy on you. If that spying gets removed you become aware. You don't want it back.
It is like anything that gets better. Fight for the better. It is like aviation safety: who cares about a few crashes this year when people didn't complain in the 70s.
A few factors
- e2e encryption is not ubiquitous yet, but awareness is ascending.
- distrust for government also is on the uptrend.
- more organized dissent to preserve privacy.
No people didn't assume data was encrypted.
Yes E2E has been possible for many decades, but businesses don't have privacy as a priority, sometimes even counter incentives to protect it. Personal data sells well.
Things have changed because more people are getting to understand why it matters, forcing the hand of companies having to choice but at least feign to secure privacy.
An E2E encrypted thing that later gets a special backdoor added is obviously much worse than a not E2E encrypted thing.
It's like when google suddenly decided that their on-device-only 2FA app Google Authenticator should get an opt-out unencrypted cloud backup.
It means people who don't pay a lot of attention can suddenly have much less protection than they were originally sold on.
Think most people had no idea how it worked, it was magic to them.
iCloud hacks (like in 2014) have raised awareness for the need for E2EE.
I was mad for years that ADP didn't exist / was being witheld due to Apple+FBI negotiations for years.
I 100% treated iCloud as dangerous until they released it, and I cheered in the streets when they finally did.
I think it is more about going backwards. It is often difficult to remove laws than to add them. This is a similar situation.
In this situation, I agree that it is bad day for personal privacy/security
Apple has been advertising security and privacy as a top feature for years now. It would make sense for people to get upset if those features were removed.
iCloud and iPhones have traditionally resisted US governmental overreach, only giving data to iCloud in cases of actual criminal prosecution against specific individuals. As well, iPhone backups in iCloud is relatively new, as are many other arbitrary storage features — it used to just be your songs and your photos! Now it’s data from all of your apps and a full phone backup. Hence the resistance: the stories of police being unable to recover data from a locked iPhone may now be over
I think it makes sense for the services we rely on to get more secure as the world gets more dangerous. It's an arms race. You don't want to go back.
Apple and the FBI were squabbling over this for a few years, and then Apple decided to end the conversation one day and implement ADP
Hacker News is a small subsection of the internet. I think the majority of people, probably 90% or more, simply do not care that much.
iCloud did a lot less, in the past. Disabling it now gives you access to more data than it did a few years ago. And I also suspect it has far more users today than it did a few years ago.
i mainly use apple devices, but never put anything on icloud before adp came out.
People were mad. Remember the Snowden leaks and PRISM program from NSA? [1]
In fact, Apple began to adopt “privacy” first marketing due to this fallout. Apple even doubled down on this by not assisting FBI with unlocking a terrorist suspects Apple device in 2016. [2]
It was around that time I actually had _some_ respect for Apple. I was even a “Apple fanboy” for some time. But that respect and fanboi-ism was lost between 2019 and now.
Between the deterioration of the Apple ecosystem (shitty macOS updates), pushing scanning of photos and uploading to central server (CSAM scanning scandal?), the god awful “Apple wall”, very poor interoperability, and very anti-repair stance of devices.
[1] https://www.theguardian.com/world/2013/jun/06/us-tech-giants...
[2] https://money.cnn.com/2016/03/28/news/companies/fbi-apple-ip...
The situation was not something existed since the beginning of time, it evolved gradually. Long ago not that much and not that many critically private data was circulating the net, it increased and got essential living online by time, in some instances forced in an increasing portion of situations. Worry then had no grounds yet. As exposure of the population grew, so did the benefit for adverse elements breaking online data stores, growing in numbers fast, not all made properly in the headless chase of success. Damage and hence awareness grew gradually.
But basically yes, people are stupid and gave no shit but believed all f nonsense, the marketing frauds made them eating up their crap happy if it had pretty words and pictures, promising something halfway to Paradise. Like the Cloud mirage. Those of careful personality were cautious since the first time Apple and alike pushed on people giving up control over their own data for tiny comfort (or no comfort eventually due to all hostile patterns in the full picture) not putting all and every precious or slightly valuable stuff to some unknown server on the internet protected only by hundreds of years old method: password (so not protected at all essentially). Memories, contacts, schedules, communications, documents, clone of their devices in full, putting all into 'cloud' (much before secure online storage became a thing)? Many times to the very same one? Who are that much idiots, really?!
The problem here is not with iCloud but with the U.K. government. People like to tell themselves the government isn’t actually trampling their rights but events like this make it impossible to ignore.
The nightmare continues. For now I am using 3rd party backup services that are (currently) promising me that my backups are encrypted by a key they do not have access to, or control over. But can this even be believed in an age where these secret notices are being served to any number of companies? I suppose the next step would be to ensure that files don't ever arrive in the cloud unencrypted, but I have yet to see a service that allows me to do this with the same level of convenience as, say, my current backup solution, which seamlessly backs up all my phones, my family members' phones, my laptops, their laptops etc. I depend on having an offsite backup of my data. Which inevitably includes my clients' data also. Which I am supposedly keeping secret from outside access. So how does that work once everything becomes backdoored?
In the case of the U.K., they can throw you in jail for not handing over your encryption key, so it’s a moot point. They’ve been slowly expanding this power for twenty years now.
Not for content in the cloud, as far as I understand. Someone will correct me, but you can be arrested and threatened with terror charges if you dont unlock your device, but this does not give them permission to access other computers via the internet.
Tommy Robinson trial for refusing to provide his unlock credentials when ingressing UK is happening in March this year.
ive been through all this with the law. no one ever got jailed for not handing over encryption keys unless they were a definitive criminal and theres strong evidence there is criminal data on the device.
they tried this with me (NCA) but the judge wouldnt sign off as they had nothning on me or my device. this did however REALLY want to access it! fuck them. pricks
https://www.telegraph.co.uk/news/2024/10/25/tommy-robinson-c...
Ah yes, the “we have all the power but pinky promise to only use it on the bad guys” playbook. I have complete confidence and trust in that promise. /s
security and convenience are ever at war.
Convenience usually comes at a cost. You shouldn't have to trust anyone. Just use a generic storage service and only upload encrypted files to it. Syncthing + Rclone will probably get you a similar setup that you control.
IMO the only thing you can have a high level of trust in is your own *nix server. Backup those devices to it then encrypt there before being sent to the cloud.
Handling the encryption yourself is the way to go, but for maximum security, don't send that encrypted data to the cloud. Keep it all on your own server(s).
That doesn't help people who aren't technically capable, of course. But at least those who are can protect themselves.
Depends what kind of security. Local doesn't help if your house burns down or is robbed.
> your own *nix server
Just be sure it's pre-Intel Management Engine / pre-AMD Platform Security Processor!
[dead]
I'm sympathetic to the J.D. Vance angle, which is that European governments are increasingly scared of their own people. This is not doing a lot to change my mind.
Governments should be scared of their people, though not in the way that I expect Vance means.
It's certainly better than the opposite, where citizens and residents are scared of their government, which wields the power to deprive them of their freedom, possessions, and life.
>Governments should be scared of their people, though not in the way that I expect Vance means.
A guillotine once in a while for some politicians/bureaucrats will do some good. There is a rich history of the French doing it. I'm not even trying to be funny.
I think the US government has made these kinds of requests too, similar tactics such as mass data collection without a warrant and so on.
I don't think it is "scared" as much as just the usual human desire to do whatever the task is ... without thinking of the consequences.
I am unsympathetic to those that lecture others on not doing the very thing they are doing.
The unspoken part of that is Vance likely thinks that the people should fear their government.
This sounds more like what you want to be true than anything. Your comment reveals nothing of JD Vance, and a lot about your own biases.
Unlike your comment, obviously.
He likened Trump to Hitler and then ran with him. That reveals everything about Vance.
True.
It's a very unwise position Vance takes.
The world would clearly be better run if all governments feared their people, than it would if all people fear their governments.
The UK can pull this kind of stuff precisely because they do not fear any consequences from their people.
[dead]
Then Vance should do something about the 5 eyes which is likely the source of this sort of thing.
[dead]
On our continent, the obvious solution to every problem under the sun is "more state".
You might be unaware of FATCA, then.
To give you a counterpoint: from this side of the pond it is extremely surprising to see how effective Vance's speech has been in distracting a good proportion of the American public. Which, I have to suspect, was the real point.
[dead]
Very wrong conclusions.
They are not scared of people, but of working, doing their job, especially when it is difficult (catching criminals). They expect the job to be done for them by others, on the expense of everyone, while they collecting all the praise.
On sympathetic to Vance I did not really found a presentable reaction, would not find on any other accidentally agreeable sentence leaving his mouth (very low chance btw.). Talking a lot about all kind of things sooner or later will hit something acceptable, which will not yield an unacceptable and destructive to society figure sympathetic.
You also should be aware of practices and conducts the various US security services practice (and probably all governemnts out there), if not from news or law but at least from the movies. When we come to the topic of who is afraid of their own.
Exactly, it's the same thing with the Chat Control law in the EU and it reminds me of the scene in the movie Office Space where the consultants are trying to figure out who is doing what in the company.
Basically instead of doing their jobs, the cops expect Apple, Meta et al to intercept all the data, then feed it into some kind of AI black box (not done by them but contracted out to someone else at the taxpayer's expense) that will then decide if you get arrested within the next 48H (I am exaggerating but only slightly)
What are the cops doing instead of doing their jobs? That's my question. Aren't they paid to go out and catch the criminals or do they simply expect to get the identity of people each day that need to be investigated?
Well put. It's pretty much impossible to sympathize with Vance saying this when the administration he is a part of is scaremongering about "the enemy within".
J.D. Vance's problem with Europe is that we have too many brown people.
As a very privacy-oriented European I don't need American alt-right populists to concern troll about surveillance and privacy in Europe.
lol. ask JD Vance what he thinks about Assange or Snowden.
What the fuck? They should be. They absolutely aren't right now and that's a major problem.
[flagged]
[flagged]
Absolutely baffled why this has been downvoted. If you disagree at least say why. This site really confuses me nowadays.
[flagged]
[flagged]
This unexpected news really cemented that point for him.
As a citizen, I don’t understand what the UK government thinks they are getting here - other than the possibility of leaks of the nation’s most sensitive data.
Also is it not possible to set up my Apple account outside of the UK while living here?
> other than the possibility of leaks of the nation’s most sensitive data
Amusing when you consider the National Cyber Security Centre (NCSC, a part of GCHQ), along with the Information Commissioners Office, both publish guidance recommending, and describing how to use, encryption to protect personal and sensitive data.
Our government is almost schizophrenic in its attitude to encryption.
> Our government is almost schizophrenic in its attitude to encryption.
Of course: it's not a monolithic entity. It's a composite of different parts that have different goals an interests.
And yet if I steal your money and refuse to give it back, or let you steal it back, you'll call that hypocritical. What does the size of an entity have to do with whether this is idiotic or not?
You're not an entity, you're a person. Scale really does make a difference.
You're making the argument that the UK government will stop using encryption itself once the information about this becoming illegal makes it through the government.
It won't. The courts will refuse to force them to stop, and even if the courts attempt to force it, some government departments just won't listen, and be protected from the consequences.
This is another case of "the law applies to you, but not to me".
The law is that encrypted comms must be provided to the security services on request. This is not a problem for government agencies. It is not illegal per se.
>> Of course: it's not a monolithic entity. It's a composite of different parts that have different goals an interests.
> And yet if I steal your money and refuse to give it back, or let you steal it back, you'll call that hypocritical.
That's a bad analogy.
> What does the size of an entity have to do with whether this is idiotic or not?
Because it's not about the size, and I said nothing about the size. It's about it being composed of different minds, organized into different organizations, focused on different goals.
It's just not going to behave like one mind (without a lot of inefficiency, because you'd need literal central planning), because that's not the kind of thing that it is.
I suppose they don't believe certain facts engineers are telling them. With Brexit it was coined "Project Fear". Now they're being told that adding backdoors to an encrypted service almost completely erodes trust in the encryption and, as in the case with Apple here, in the vendor. However, I suppose it is very hard to find objective facts to back this. I'd guess this is why Apple chose to both completely disable encryption and inform users about the cause.
Now we're probably just waiting for a law mandating encryption of cloud data. Let's see whether Apple will actually leave the UK market altogether or introduce a backdoor.
In the US, the NSA has always had both missions (protect our country’s data and expose every other country’s data). Since everyone uses the same technology nowadays, that’s a rather hard set of missions to reconcile, and sometimes it looks a little ridiculous. As of fairly recently, they have a special committee that decides how to resolve that conflict for discovered exploits.
I mean, this is no different than one part of the government suggesting running laundry at night to reduce the environmental impact of energy use, while another suggests only running it while awake to reduce fire hazard. Governments and corporations rarely have complete internal alignment.
That's because GCHQ knows they can kill if you refuse to decrypt so they have no problem suggesting it to you.
Correct me if I'm wrong here, and maybe this is too charged for HN, but looking over at you guys from the US:
The US has problems (don't get me wrong, look at our politics, enough said); but the UK seems to be speedrunning a collapse. The NHS having patients dying in hallways; Rotherham back in the popular mind; a bad economy even by EU standards; a massive talent exodus (as documented even on HN regarding hardware engineers); a military in the news for being too run down to even help Ukraine; and most relevant to this story - the government increasingly acting in every way like it is extremely paranoid of the citizens.
Any personal thoughts?
There's a lethargy, but it's hardly speedrunning. Things will be the same or slightly worse in a decade. I'm not sure I can say the same for the US, it seems different this time.
> The NHS having patients dying in hallways
Sadly routine in winter. Nobody wants to spend the money to fix this. Well, the public want the money spent, but they do not want it raised in taxes.
> Rotherham back in the popular mind
The original events were between 1997 and 2013. The reason they're back in the mind is the newspapers want to keep them there to maintain islamophobia. Other incidents (more recently Glasgow grooming gangs) aren't used for that purpose.
> a bad economy even by EU standards
Average by EU standards. But stagnant, yes.
> the government increasingly acting in every way like it is extremely paranoid of the citizens.
They've been like this my entire life. Arguably it was a bit worse until the IRA ceasefire. Certainly the security services have been pushing anti-encryption for at least three decades.
Yes - that is my impression as well as someone currently living in London. Literally ever single system that I have to interact with seems to be somewhere on the spectrum between barely functioning and complete disfunctionality, with almost very few exceptions that come to mind. By system in this context I mean every institution, service provider, company, business... everything. Couple that with low salaries across the board - including the "high paying tech jobs in London" with price increases that are out of control with no reason to believe this is ever going to stop you end up with a standard of living significantly lower than let's say for example the EU countries of Eastern Europe. Currently trying to figure out where to go next
Well Albanians apparently want to live in Norwich, leading to a bizarre anti-propaganda campaign with bleak black-and-white photography to convince them it's horrible.
https://www.bbc.com/news/articles/c99n0x4r17mo
Probably your money would go futher in Albania, and they've got a cool flag, but the devil's in the details.
I was referring to EU [European Union] countries. Albania is not in the EU so I am not sure what the point of your comment was besides trolling
It isn't? Huh, you're right, a lot of the Balkans aren't, I did not know that.
I don't think anywhere in the EU really describes itself as Eastern Europe, though. That's Ukraine, Belarus, Moldova. So really just Romania, sometimes.
Literally quite a significant number of EU countries describe themselves as Eastern European, what you said is factually wrong. At this point I am considering your replies as either trolling or interacting in bad faith.
Can't I just be incorrect?
For my education, which countries?
I'm an immigrant to the UK. I have lived here permanently for 21 successive years, though I was actually in and out of the UK for years before that. My current anecdotal feeling about the UK is at a pretty low point.
If it was an option, I would seriously look to emigrate again, but I honestly don't know where. The most appealing option for me is Australia, but my age works against me. I know everywhere has its issues, but I'm just so worn down by the horrible adversarial political system and gutter press in the UK right now. We seem unable to do anything of note recently. A train line connecting not very much of the UK has cost so much money, and in the end it hasn't even joined up the important part.
I don't know, life is good at a local level. I am privileged and live in a fantastically beautiful town, and life here is safe and friendly. If I ignored everything else for a while it would probably do me good.
Australia is hardly any better. E.g. it forces software engineers to try to sneak backdoors into the software they're working on.
Imagine hiring someone you didn't know had an Australian dual citizenship and two years later all your customers' data is leaked onto the net.
Australian law explicitly prohibits requests that have someone "implement or build a systemic weaknesses, or a systemic vulnerability, into a form of electronic protection" - including any request to "implement or build a new decryption capability", anything which would "render systematic methods of authentication or encryption less effective", anything aimed at one person but could "jeopardise the security or any information held by another person", anything which "creates a material risk that otherwise secure information can be accessed by an unauthorised third party".
This UK request as reported would not be legal in Australia.
Like most immigrants you were sold a lie. Enjoy.
Sorry? The UK has been an amazing place for me. It still is, when I focus locally, instead of being swept up by everything else.
Are you also an immigrant to the UK? I suggest you embrace it.
Seems like the US is trying to catch up, especially with the whole talent exodus thing and defunding of vital research funding.
Many people think like you. Western Europe in general has been destroyed by a certain ideology, and whoever can emigrate does emigrate.
[dead]
You need a valid payment method from that country and then cancel all current subscriptions and change to that new country/region.
You’ll probably want a method of downloading apps tied to the UK app store though - particularly banking apps.
btw, anyone know if this cancels Apple+ Support too? I’ve been resisting switching countries because I don’t want to lose that subscription since you can only subscribe within 60 days of device purchase.
I don't know, they've definitely been cracking down on journalists over the past year. Could be an attempt to crack down harder / create a chilling effect
They've been sending people to prison for posting memes....
Memes with illegal content. It’s not hard to imagine creating a meme that would have the FBI knocking on your door.
> Also is it not possible to set up my Apple account outside of the UK while living here?
The ability to turn on Advanced Data Protection does seem to be tied to your iCloud region (as of now I can still turn it on, and I’m in the UK but have an account from overseas).
full control on everyone they deem as an opponent. in UK being dimmed and oponent is about posting the wrong meme or even standing in the wrong street at the wrong moment.
You need a non-UK card to use on your Apple Account to change its region.
Would a Wise card work?
No, because it still has a British billing address.
You need proof of address.
It's for Labour "data analysts" to go through people photos and search for nudes.
[dead]
The UK is arresting people for posting memes. They want full control and that's it.
> Online privacy expert Caro Robson said she believed it was "unprecedented" for a company "simply to withdraw a product rather than cooperate with a government".
> "It would be a very, very worrying precedent if other communications operators felt they simply could withdraw products and not be held accountable by governments," she told the BBC.
Attributing this shockingly pro-UK-spy-agencies quote to an "online privacy expert" without pointing out she consults for the UN, EU and international military agencies is typical BBC pro-government spin. In fact, Caro, it would be "very, very worrying" if communications operators didn't withdraw a product rather than be forced to make it deceptive and defective by design.
The more I live I’m less concerned about what are often described as “bad actors”. The bad actors are often the state, and this kind of information is collected without thought to the risk of future politicians who don’t follow the rules or who don’t have any respect for the laws.
Through all history state security has been a thing. The Stasi and KGB are transparently state security forces to the West, but the CIA and MI5/6 are... what exactly?
The primary purpose of these agencies, despite what has been written down on paper, is NOT to protect the citizens of the countries that fund them. It is to protect the system that taxes those citizens.
States are not inherently good, they are just large organisations with a monopoly on certain social functions. All large organisations have the capacity to inflict terrible harm.
The current EU-UK adequacy decision[1] is up for review this 27 June [2] .
Aspects of the UK investigatory powers act is close enough to US FISA [2] that I think this might have some influence, if brought up. IPA 2016 was known at the time of the original adequacy decision, but IPA was amended in 2024 . While some things might be improvements, the changes to Technical Capability Notices warrant new scrutiny.
Especially seeing this example where IPA leads to reduced security is of some concern, I should think. The fact that security can be subverted in secret might make it a bit tricky for the EU to monitor at all.
[1] https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...
[2] ibid. Article 4
[3] FISA section 702 https://www.govinfo.gov/content/pkg/BILLS-110hr6304pcs/html/...
This can set a dangerous precedent. Now why wouldn’t any country demand the same, basically eliminating Advanced Data Protection everywhere, making user data easily accessible to Apple (and therefore governments)?
The choice was either eliminate it now (globally, via introduction of a backdoor) or eliminate it in the UK (but keep it globally).
So, perhaps this is a bit of a dangerous precedent, but it was the least-bad option.
That’s a false dichotomy.
Another choice, however unpalatable to all parties, would have been for Apple to stop doing business in the UK.
Why do pro-privacy tech folks on here act like Apple is some charity? Apple is a business. It won't fight a citizen's fight on your behalf. It is on citizens to use their democratic power to ensure their representatives act as the voting base wants. Apple's goal is to make money. The government is a representation of your will.
> Apple is a business. It won't fight a citizen's fight on your behalf.
Being a business does not remove ethical considerations. And I’m an environment where corporations are considered people, it seems reasonable to expect some degree of alignment with normal citizens.
> Apple's goal is to make money. The government is a representation of your will.
The government is increasingly not a representation of the collective will, and is instead captured by those corporations.
I can’t help but feel the “but they exist to make money” line too often ignores the many ways this is not a sufficiently complex explanation of the situation.
Corporations are people in the legal sense not in any other philosophical way. Just like non-humans proposed for personhood, they are not entities expected to behave ethically. Like a dog, you set rules and apply punishments when they breach it. You don't argue ethics with a dog because they are not relevant to them
> where corporations are considered people,
People always get this wrong. Corporations are not people. They just have certain rights like owning property. Corporate personhood != full personhood.
lol. It literally does. This is a great example. You believe this is an ethical issue. Other shareholders (you are a shareholder, right?) could disagree and now there is a lawsuit. “Complying with national law” seems like an easy win for them.
Because while a business goal is to make money, it is not necessarily, unlike what you have 80% of the people here believe, to make the most money possible. Ethics can exist in businesses too.
This, plus privacy is in Apple's brand. Without this and other Apple-esque things (lack of bloatware etc.) you may as well get a Samsung for 2/3 price.
I’m full in on Apple and hoped they nuked iCloud in the UK for this rather than compromise the product.
This is still better than a back door but it sets an awful precedent.
See my other reply.
They could also sell the entire business to Google. Why bother with listing options even worse for everyone involved?
I mean they could have tried not complying, and fighting a lawsuit at the ECHR (right of every person to a private life). Takes money and time but more attractive than the other options.
It's less attractive, riskier, and more costly of a decision for Apple. Apple is a corporation, not an altruist.
This play by Apple applies pressure to the UK government indirectly via its citizens, for free, rather than taking the risk and expenses of a lawsuit.
> would have been for Apple to stop doing business in the UK
Apple employes thousands of people in the UK. I really don't see any practical way they could have done that.
They could
They could pull out of the UK, and to hell with the consequences, but then if the EU decide to do the same thing, or the US, or China says "hold my beer", then the problem becomes much larger.
Losing the UK market wouldn't impact Apple that much - it'd be a hit to the stock, of course, but as a fraction of worldwide business, it isn't that huge. Larger markets would be a bigger issue.
When UK demanded a backdoor to e2ee in iMessage, Apple told them they’d rather get out of UK. Why not do the same here? You’re posing a false dichotomy.
> Apple told them they’d rather get out of UK
To my knowledge, Apple has always said that their response would be to withdraw affected services rather than break encryption.
> Apple has said planned changes to British surveillance laws could affect iPhone users’ privacy by forcing it to withdraw security features, which could ultimately lead to the closure of services such as FaceTime and iMessage in the UK.
https://www.theguardian.com/technology/2023/jul/20/uk-survei...
True! Thanks for the correction.
IMO they could’ve categorized the whole iCloud service as “affected” and disable all of it.
My guess is that the order they received would have only effected encrypted device backups, at least so far.
Users in the UK do still have the option to perform an encrypted backup to their local PC or Mac.
What would that change, effectively, other than have Apple lose money?
The UK would still lose ADP (and then also just Apple products in general). A precedent would still be set.
Your posing a strictly worse third option. Sure, it's an option, I guess. Apple could also just close down globally, as a fourth option. Or sell off to Google as a fifth. But I was trying to present the least-bad option (turn off ADP), rather than an exhaustive list.
I totally get your point, but calling the UK's bluff could work. Are they really willing to ban Apple products in the UK? Maybe, maybe not
Depends on if the US emperor and his cronies have the UK's backs on this issue. If they don't, calling the bluff would work, there's zero chance the UK gov would ban Apple products without US approval. The backlash among the public would be far worse than the TikTok ban. Imagine all companies using Macs. The order of power here is US > Apple > UK.
It isn't really a precedent. Companies, even high-rolling American tech companies, have to abide by the laws and regulations of the countries that they operate in. I guess there is a question of whether this is a legal demand that they truly had to follow, or just a request, and whether they could fight it in court, but Apple seems to be hoping to adjudicate it in the court of public opinion (apparently the initial backdoor request was secret and it got leaked).
> abide by the laws and regulations of the countries that they operate in.
In this case, the UK is seeking to use local law to change what is allowable on an international basis.
That's a bit different than a nation controlling the law on their own soil.
That was Apple's interpretation : That to comply with what the UK requested they would have to have the same thing everywhere.
But of course that is nonsense, and Apple could theoretically have a nation-specific backdoor (e.g. for accounts in a given country a separate sequestered decryption key is created and kept in escrow for court order).
I mean, Apple "complied" by disabling ADP just in the UK. They undermined their own "worldwide" claim, as ADP still works everywhere else, and the UK has no access.
The keys are stored only in the Secure Enclave. Encryption and decryption are handled outside the standard CPU and OS. This is hardware-level protection, not just some flag on a cloud account to be flipped. The only way for Apple to break this system is to break it for everyone, since anything else would risk bleed over or insufficient compliance.
> of course that is nonsense
Organizations like the EFF do not agree.
> most concerning, the U.K. is apparently seeking a backdoor into users’ data regardless of where they are or what citizenship they have.
https://www.eff.org/deeplinks/2025/02/uks-demands-apple-brea...
So Apple is non-compliant, given that all they did is disable ADP in the UK.
Right?
I think that's right, and I think the UK will tell them so, and the issue will escalate.
Perhaps, if the UK continues to push, Apple will indeed pull out of the UK, but it'll make it as public as possible and tell the world who it was that forced its hand and what the consequences are - and I don't think the UK government is going to like that result.
they're non-complient but they made it a lot harder for the UK to fight. by showing that the "backdoor" is disabling the feature, for the UK to pursue this further, the need a judge to rule that the UK has the authority to prevent an American company from providing a feature in America.
IANAL but that's not for any of us to decide. Depending on their initial motivations, the UK might consider this to be enough to rescind the demand for a backdoor. If it's not then Apple will face going to court and in that case they could choose more extreme actions like ceasing business in the UK.
> They undermined their own "worldwide" claim, as ADP still works everywhere else, and the UK has no access.
Disagree. There is a difference between ADP being unavailable in one country and it working differently in that country. Implementing a backdoor would mean changing the way ADP works.
Wait, are you saying the U.S. might demand the same? In the current political environment?
UK is much smaller than US and they didn’t even fight this ¯\_(ツ)_/¯
what do you mean? other countries have demanded the same, e.g. China.
China only requires it for their citizens. The UK asked access to any person's data in the world.
What are you actually supposed to do in the UK if you oppose this sort of thing to stop laws like this coming in? It feels like the government has been incredibly out of touch for the last number of years.
You get the hell out and emigrate. I did so last year. It's not going to get better chap
Where did you go?
> It feels like the government has been incredibly out of touch for the last number of years.
Did you vote for any single one of them?
If you did, then what you're supposed to do is stop voting for Tory-lite governments (such as the current one).
If you didn't vote for any of these governments (including this one), everything else that you could do would be dangerous nowadays.
Join the ORG for starters. Contact your MP. But yes, the number of people who care is small and so things will not change until it is large.
I would guess you'd vote a libertarian party.
Probably the best on the civil liberties front are the Liberal Democrats (they were pretty good at quashing mandatory national ID cards back in the day, at least).
That being said, they still have a lot of folk angry at them for allowing university fees to be introduced 15 years ago when they were in coalition government (a Tory policy!).
[flagged]
That doesn't help. Next they'll come for the privacy phones.
[flagged]
New Law: "Usage of an unsanctioned phone by a manufacturer not certified as meeting the UK privacy standards is illegal to operate.".
You fight the less draconian draconian law to avoid needing to fight the worse one.
[flagged]
> UK's other notoriously effective regulations like... checks clipboard ...TV licenses and the alcohol ban on public transport
I'm not quite sure what you are getting at with this, but I'd like to add some context for others.
There is no blanket restriction on alcohol consumption on public transport in the UK. Individual transport operators are allowed to prohibit drinking as a contractual requirement (very common for bus companies); alternatively, local councils can establish a bylaw to restrict it more generally. However, people can and do drink on the majority of British trains; some even sell alcoholic drinks on-board.
As for TV licences, the majority of households with residents who watch TV do indeed pay it. The evasion rate is estimated at around 10%: https://commonslibrary.parliament.uk/research-briefings/cbp-...
Most people comply including those you interact with.
Presumably this applies to the iPhones owned by UK government ministers, civil servants, personal devices of military personnel, UK businesses, etc.
As a brit, I find that my government's stupidity is almost its only reliable attribute.
Presumably not, politicians have a way of excepting themselves in these types of laws. It's almost as if they understand the need for privacy, they just fail to apply that understanding to any scenarios beyond their own.
I meant that Apple's decision to withdraw ADP applies to them, not the Investigatory Powers Act. Or are you saying that Apple will give them a free exemption?
"Presumably not"
Rubbish. Give me one example? They will have to abide as well.
Not a UK example, but Chat Control (2.0) explicitly exempts various politicians and government officials from being spied on.
This law raises serious concerns about being a non UK resident using British software, like Linux Mint.
[flagged]
How can you definitively know?
In the case of Linux Mint, I can check the commit history, build the software myself and even validate it against public checksums. It is expressly defended against these types of attacks, making it an odd choice to single out.
Isn't it already a law violation using it in certain scenarios? Or will be soon?
It's the right choice: don't bow to government pressure, let the people pressure the government.
This is Apple condeeding. Apple lost. UK Government got (almost) what they wanted - a backdoor into iCloud accounts.
Apple's only consolation prize is that its limited to UK users for now. But it seems inevitable that ADP will gradually be made illegal all around the world.
Given that they’ve only prevented new signups it looks to me more like Apple is trying to apply pressure to the U.K. government to get them to back down. The law that permits this was passed in 2016 so the situation was default lost already.
They have said all existing ADP enabled accounts will be disabled or deleted in time. They need to give people time to migrate their data out before they nuke it.
> let the people pressure the government.
Hopefully they will.
There was a lot of campaigning against the Investigatory Powers bill when it was introduced. It didn't help much given the people in power want more power regardless of where they sit on the political spectrum.
I can't imagine many here (UK) will really care, we've had multiple breeches of privacy imposed on us by the powers that be. - Removed incorrect assumption of this not being reported.
It's literally the number one story on https://www.bbc.co.uk/news/ as I type this comment.
And I guarantee that the reaction from most people will be "good, I have nothing to hide so I have nothing to worry about". The apathy around this stuff in the UK is unbelivable - I've been trying to point out that hey, for years now something like 17 government agencies(including DEFRA - department of agriculture lol) can access your internet browsing history WITHOUT A WARRANT and that's absolutely fine. ISPs are required to keep your browsing history for a year too. Again, nothing to hide, why would I worry about it.
The same is happening Europe-wide too. Everybody always points to the GPDR legislation. You know what is a feature of the GPDR too?
Every European government (even some non-EU ones) can grant any exception to anyone to the GPDR for any reason. And, of course, every last one has granted an exception to the police, to courts, to the secret service, their equivalent of the IRS, and to government health care (which imho is a big problem when we're talking mental health care), and when I say government health care, note that this includes private providers of health care, in other words insurances.
Note: these GPDR exclusions includes denying patients access to their own medical records. So if a hospital lies about "providing you" with mental health treatment (which they are incentivized to do, they get money for that), it can helpfully immediately be used in your divorce. For you yourself, however, it is conveniently impossible to verify if they've done this. Nor can you ask (despite GPDR explicitly granting you this right) to have your medical records just erased.
In other words. GPDR was explicitly created to give people control over their own medical records, and to deny insurance providers and the IRS access. It does the exact opposite.
Exactly the sort of information I would like to hide, exactly the people I would find it critical to hide it from. In other words: GPDR applies pretty much only to US FANG companies ... and no-one else.
So: if you don't pay tax and use that money to pay for a cancer treatment, don't think for a second the GPDR will protect you. If you have cancer and would like to get insured, the insurance companies will know. Etc.
Does and of the doh or other DNS stuff help with this at all? Is the only solution to VPN out of Europe?
Only DNSCrypt provides any privacy. If you setup your relays properly.
Yeah my bad.
I agree, have an upvote.
Even though its making the media headlines today, 99% of UK citizens will forget this tomorrow and it will fade into the mists of time. Just like evey other security infringement that any government has imposed on its citizens.
How?
In the UK, there's no right to bear arms, so people are pretty helpless against their oppressing government.
We could try the American way, bear our arms and shoot up a school, but I don't see how that will help.
>> In the UK, there's no right to bear arms, so people are pretty helpless against their oppressing government.
There's a right to bear arms in the US and it doesn't seem to be helping them with their oppressive government.
Look into the Black Panthers. It actually does work quite effectively.
The Mulford Act (https://en.wikipedia.org/wiki/Mulford_Act), a California gun control act that prohibits open carry, was originally passed back in the 60s to disarm the Black Panthers.
The fact that I can’t tell if this is a joke speaks volumes.
You people cannot seriously be this poorly educated
How? the Black Panthers were infiltrated and undermined by COINTELPRO and effectively destroyed from within, meanwhile the white supremacist capitalist system they fought against persists.
Their biggest success as far as I know is starting free school lunches in the US, but that wasn't at gunpoint.
Ahh yes the murders of Alex Rackley and Betty Van Patter, truly brave and revolutionary acts!
It only works when the gun nuts aren’t on the side of the oppressors.
I feel like it's working pretty great
> In the UK, there's no right to bear arms, so people are pretty helpless against their oppressing government.
When people want to revolt it doesn’t seem like the right to bear arms has much to do with it. Not having the right to bear arms certainly hasn’t stopped countless rebellions and revolutions across the world. It’s not like the French of the Russians had a right to bear arms before their successful revolutions.
Even in the UK, the lack of a right to bear arms didn’t stop Cromwell using firearms to defeat Charles II at the Battle of Worcester.
I'm sure shooting at the government would have solved this privacy issue.
Surprisingly, the people in the government don't much like being shot. See the reaction to the UHC CEO for an example.
It solved the taxation issue
As a green-card holder, it really didn't.
As far as I know Americans are still required to pay taxes, so no.
We're working on it.
I just dont interact with the government or British society at all. I have turned my back on it.
If they ever come to my door I'll either go postal or leave the country.
Its so bad here now.
Because that’s working so well for the US
it's working really well, we don't get arrested for social media posts as far as I can tell
https://www.justice.gov/usao-edny/pr/social-media-influencer...
https://www.bbc.co.uk/news/articles/c86l4p583y6o
https://www.aljazeera.com/news/2021/1/19/holdindigenous-man-...
Yes you do
That’s not the same thing. You know what he means.
If that’s the bar then I guess yes it’s a resounding success for freedom.
The UK seems to be actively covering up the mass rape of little girls and throwing dissidents in prison. They've sustained mass immigration for decades against their own peoples' will. The US just shook off, at least in part, the same mass immigration and the same clamping down of free speech in the US. It's not the only bar, but I would definitely consider it a resounding success. I can't help but think the 1st and 2nd amendment play a part because the 1st is obviously implicated and the 2nd is required to maintain the 1st.
> The UK seems to be actively covering up the mass rape of little girls
They're doing the worst cover up ever given grooming gangs and where they operate have been headlines in the UK for decades.
What they're not very good at is keeping the UK citizens at large well informed with a realistic sense of proportion given the scale of child sexual abuse far exceeds the activities of grooming gangs.
Technically I guess you're right, but one hopes that the foundations of British democracy provide its citizens with the tools to fight against an oppressive government. The only rub is getting them to stand up and do that.
Like what? Britain is a constitutional monarchy. Its foundations anticipated an oppressive king, not an oppressive parliament. Britain never had a revolution, it never had free speech to begin with. It seems to me that what made Britain successful in the past is maladaptive to its current situation.
Guns are an inefficient/stupid way to kill people anyway.
Just ask Russia and Ukraine.
Look around, human beings are quite clever.
Small arms are no match for drones and a fully armed military, a successful rebellion by any populace against a first world military is impossible unless the military lays their arms down voluntarily, full stop.
Rebels are able to use techniques that a government never could or would. I think you underestimate the usefulness of small arms in guerilla warfare.
You underestimate the nasty things goverments have done.
I think you underestimate the lethality of remotely piloted drones with missiles and IR cameras and the futility of fighting against them.
The Taliban would argue otherwise.
Every time this argument comes up, I just feel like rolling eyes, it is so overplayed.
Yes, in a direct confrontation and an all out war, the populace stands no chance against the US military (assuming the military will unwaveringly side against the populace), no argument there.
But an all out war is not an option, the government wouldn’t be trying to pulverize an entire nation and leave a rubble in place. If you completely destroy your populace and your cities in an all-out direct war, you got no country and people left to govern. It is all about subjugation and populace control. You can’t achieve this with air strikes that level whole towns.
Similarly, if the US wanted to “win” in Afganistan by just glassing the whole region and capturing it, that would be rather quick and easy (from a technical perspective, not from the perspective of political consequences that would follow). Turns out, populace control and compliance are way more tricky to achieve than just capturing land. And while having overwhelming firepower and technological advantage helps with that, it isn’t enough.
I roll my eyes when I see this blissfully naive LARP/mallninja imagined scenario, but I do have to remind myself that the US was founded on the basis of forming a milita etc. and I would probably say the same thing if I had that upbringing. You forget that the vast majority of people are stupid and easily scared (this is not a solvable problem)
Help me out - how can policing possibly work if no one is legally required to be policed? You just end up with murderers, rapists etc. expressing their right to "resist" with arms like in spaghetti westerns. It is totally symbolic, and would crumble at the first instance of serious government interest of arresting 'troublemakers', which would of course start with a well crafted PR campaign to get the rest of the public on their side. I think it's naive.
This feels like a strawman because you’re only hypothesizing a situation in which it wouldn’t work well.
Imagine a dark future with a sudden military coup by a small faction of extreme radicals that 85% of the population opposes. could enough citizens rise up and stop them? Could the calculus of being that coup leader be changed by the likelihood that they will be assassinated in short order, by one of millions of potential assassins? Quite possibly. These are not everyday concerns, of course, but the concerns of dark and dangerous times. It’s a bit like buying life insurance: hopefully I never need it.
A first world military that has remotely piloted drones with IR cameras and other surveillance tools will have no problem crushing any form of resistance. They don’t even need to field any troops, they can remotely kill the rebels. How on earth do you wage a rebellion against such a force?
Weird. In the US there is a right to bear arms, yet people are also pretty helpless against their oppressing government.
Who do you know that's been arrested for posting on social media? I don't know of anyone.
True.
American police will shoot people dead in the streets with impunity, the military industrial complex engages in constant wars regardless of popular sentiment and the American government is currently being carved up by neo-nazis and oligarchs but you can legally be racist on the internet. I guess it truly is the land of the free.
Also... wait six months.
You're currently delusional in a very particular way and that's fine. I'm looking forward to you finding your way and things turning out much better than you expect (at least in the US) in six months.
NO, it's the wrong choice. Most people do not understand this stuff enough to truly care about, and they just want their devices to work. This is an awful decision by Apple. There's really nothing consumers can do to pressure the British government.
Consumers being unable to pressure government, even if true, does not imply this is a bad decision.
It's a terrible decision that will have grave ramifications. I see no positive to this action.
Those people aren’t enabling ADP to begin with.
Exactly. There is a technological disconnect for a lot of people. They accept actions like this because they don't fully appreciate, IMHO, the ramifications. We do, and we must do more to educate people.
[flagged]
I'm sure the condescending attitude and negative stereotyping will sway readers.
I live between France and the UK. How do I move my iCloud account out of Britain?
I’m at the point where I’m ready to get a pixel and install graphene
Right but then you are jailed at Heathrow for not unlocking your phone.
The UK has made it clear that Counter Terrorism legislation has no limits in UK law even if that means compromising all systems and leaving them vulnerable to state actor attacks.
MPs will continue to use encrypted messaging systems that disappear messages during any inquiries of course.
Schiphol was already the superior airport for connections anyway, not being arrested just sweetens the deal.
You can provide a self destroy PIN with GrapheneOS.
And that certainly wouldn't raise their suspicion. Surely, they'd immediately let you go after that stunt.
Of course they could throw a tantrum, but it wouldn't be nothing but that, and they will have to release you once they cool down.
What are they going to say? That they won't release you until you magically unerase the phone? There's nothing to wait for.
But it would be up to him, wouldn't it? I think that's the main deal here: cart blanche access to your data, or giving into someone's bullshit fishing attempt because it's inconvenient.
Take a dumb phone (or none)?
Except no one has ever been jailed for simply refusing to unlock a phone unless there was heavy evidence there was something on the phone.
Stop spreading incorrect FUD
No one that we have heard of yet.
You're an ignorant fool: https://www.theregister.com/Print/2009/11/24/ripa_jfl/
I'm in a similar position. Strongly considering replacing my iPhone with a Pixel. But I realize I'm vulnerable via cloud services. GrapheneOS won't save me from someone poking through my Dropbox. I'll have to find another option for that too.
Until it will be illegal to do so.
Why is there only one "iCloud" to backup your iPhone and store photos? Lots of ADP users would use a corporate or self-hosted solution instead.
As far as I know you can still opt to backup your entire iPhone to a local computer instead of iCloud.
You can also manually transfer photos to the computer. Or you can enable a different app (Google Photos or Dropbox for example) to store copies of every picture you take, and then turn off iCloud Photos.
Note that neither Google nor Dropbox are E2E encrypted either though.
What would you recommend as a DIY method?
I have a NAS that is accessible through VPN. But I don't trust its encryption, thought it is in my controlled location.
Doing it locally doesn't really help. The RIP bill can force you to disclose your own encryption keys to the UK government, and if you "forgot them" you can be put in jail as if you were convicted of whatever they're accusing you of.
That's why cloud backup was useful.
[edit: actually I mis-remembered this, it's "only" 2 years (or 5 if it's national-security-related) that they'll jail you for. "Only" carrying a lot of water there...]
For this you can use truecrypt nested containers, so it will reveal data depending on your given password and there is no way to prove there is something else in the container.
To be fair this should be standard.
The simplest arrangement for me was to have the device back up to my Mac, and then said Mac has Time Machine set up to back up to the NAS. iOS and Mac local backups can be encrypted by the OS itself.
The reason is that Apple was never required by UK law to offer any alternative. I think the DSA intended to challenge that, but it would do nothing for UK residents.
I regret immensely not having turned ADP before... Now I'm feeling really angry at this whole thing.
The best time to turn on ADP was before this happened. For folks not in the U.K., the second best time is right now. The more people who use it, the more disruptive it will be to turn off.
Keep in mind there are some risks with any E2EE service! You’ll need to store a backup key or nominate a backup contact, and there’s a risk you could lose data. Some web-based iCloud services don’t work (there is a mode to reactivate them, with obvious security consequences.) for what it’s worth, I’ve been using it for well over a year (including one dead phone and recovery) and from my perspective it's invisible and works perfectly.
Here's how:
On iPhone or iPad
On MacUnfortunately, the title says
> Apple pulls data protection tool after UK government security row
Only in the UK, everyone else should still do it. Not on by default
Apple should start prompting users to enable it.
probably avoiding the support issues of users losing access to encryption key recovery
Can confirm.
"Apple can no longer deliver ADP in the United Kingdom to new users" with the enable button disabled.
The article reports that it will be disabled for existing users at a later date.
I'm guessing this is because they haven't figured out a way to do it yet. I'm not very well versed in how these systems work but surely this type of encryption can't be disabled by Apple remotely (or they would have that backdoor they don't want)?
The Bloomberg article has a little more detail about this:
> Customers already using Advanced Data Protection, or ADP, will need to manually disable it during an unspecified grace period to keep their iCloud accounts. The company said it will issue additional guidance in the future to affected users and that it does not have the ability to automatically disable it on their behalf.
Wow, thanks for sharing! I thought that might be the case but "disable it or we'll have to nuke your data" seems so extreme I thought there must be a better way.
Anything else would be indicative of ADP encryption not working the way they said it does.
I'm thinking that by losing their iCloud account is just means it will be blocked from syncing anything with Apple's servers.
The “grace period” will also function nicely as a period of time for UK citizens to shout at their government representatives about this.
They will either just automatically turn it off in a future device software update, or they'll just post a deadline after which they will delete user data and prevent sync if it isn't disabled by the user.
If you care, then it's time to ditch iPhone and Android phones altogether. It's not like anything they offer will be safe. You need to invest instead in a FairPhone with e/OS or a PinePhone or some similar alternative. Something where you have complete control of the software and ideally the hardware.
If you're in the UK, please consider signing the below petition. Thanks.
https://you.38degrees.org.uk/petitions/keep-our-apple-data-e...
"Existing users' access will be disabled at a later date."
Hmmm how? How can they decrypt your already end-to-end encrypted and uploaded data without you entering the passphrase to do so? I can understand them removing the data from iCloud completely, or asking you to send the keys to Apple, but I don't understand how they can disable the feature for already uploaded data.
They will lock UK users out of iCloud until they manually disable ADP.
When a user turns off ADP in settings, their device uploads the encryption keys to Apple servers.
I am going to say something a bit controversial around here, but all of this E2E and security stuff is just lip service for marketing to consumers.
These companies have to comply with so many laws and want cozy relationships with governments, so they play both sides. It likely does things differently, but if the keys are not secure, then its not secured
I'm going to start purging anything I store on the cloud. I'm not doing anything illegal, but why does the government want to treat me like I am.
Indeed. Time to leave the panopticon!
What the UK government achieved:
Lowering the data protection of it's citizens in comparison to the rest of the world.
I was under the impression governments were supposed to protect their citizens.
>> Lowering the data protection of it's citizens in comparison to the rest of the world. I was under the impression governments were supposed to protect their citizens.
This depends on whether you see "citizens" as individuals or as a group. In other words it's possible that to improve the security (and thus protect) the majority, the rights of individual citizens need to be eroded.
For example, to protect vulnerable citizens from crime (the cliche of child porn is useful here, but it extends to most-all crime) it's useful for prosecutors to be able to collect evidence against guilty parties. This means that the erosion of some privacy of those parties.
Thus the govt balances "group security" with "individual privacy". It has always been so. So to return to your original hypothesis;
>> Lowering the data protection of it's citizens in comparison to the rest of the world. ... and also, making it easier to detect and prosecute criminals, and thus protect the citizens from physical harm.
Now, of course, whenever it comes to balancing one thing against another, there's no easy way to make everyone happy. We all want perfect privacy, coupled with perfect security. Some will say that they'll take more privacy, less security - others will take more security and less privacy. Where you stand on this issue of course depends on which side you lean.
More fundamentally though there's a trust issue. Citizens (currently) do not trust governments. They assume that these tools can be used to harm more than just criminals. (They're not wrong.) If you don't trust the govt to act in good faith then naturally you choose privacy over security.
The cloud is just someone else’s computer. If you really, really care about privacy, self host.
I don't like Apple, nor do I use any of their products, but as someone from the UK, I do respect them for doing this.
Now if only the other companies who said they'd leave would grow a backbone...
The smartphone is a terrible platform. Something like this could never happen on the PC, where you can install any encryption and backup software that you want.
While Apple did the right thing by refusing to give the UK government a backdoor, they are responsible for getting users in this situation in the first place.
I'm not familiar with the iPhone and maybe there is already an alternative to iCloud ADP, although that would make this whole situation completely nonsensical.
The smartphone platform is the most secure by default personal computer most people own, largely because of the control enforced by Apple.
If we are saying "secure", we should talk about what we are securing and against whom.
A smartphone may be secure against malicious individual actors but its certainly not the most secure when it comes to your private data. Modern day smartphone is designed to maximize capturing your private information like location, communication patterns, activity and (sometimes) health information and pass it on to as many private players(a.k.a apps) as possible, even to governments without your knowledge. You don't have much control over it.
In that aspect it is less secure than your typical PC. A PC doesn't have that level of private information in the first place and whatever information it has will leak only if you opt-in or get infected by malware.(recent Windows versions without necessary tweaks may be considered a malware by some).
Plenty of people access their health records, etc. on a PC via files downloaded to random places on their computer. Are you trying to just say smartphones have a lot of sensors and are carried around in intimate places?
Secure for Apple, not for the users.
But along with that also comes a massive pressure point for rogue states to take advantage of. With a diversity of services this would not be nearly as possible.
> Something like this could never happen on the PC, where you can install any encryption and backup software that you want.
Microsoft wants to have a word with you regarding their Windows operating system that's installed on their device that you're renting.
I haven’t checked lately but since it launched the iPhone has allowed the owner to choose whether to back up to Apple’s servers (which would be affected by the UK order) or back up to their local computer.
It's not an either-or, actually, even though the setting is worded like it is. But even if you have cloud backups enabled, you can still manually trigger a local backup.
> or back up to their local computer.
You mean back up to their Apple computer, yes?
I certainly can't back up an iPhone to my Linux computer.
Actually I think you can backup and restore your iPhone on Linux using libimobiledevice. They reverse engineered the protocols for the backup and restore service running on your iPhone.
https://libimobiledevice.org/
Given that the most popular software of this kind is Dropbox I’m quite confident that nothing you’ve said is true.
Not gonna lie, I expected Apple to just kind of roll over and take the blow on this one. Interesting.
If any of the tech firms would resist, it would be Apple.
I wasn't sure which way they'd go.
While Apple especially under Tim Cook has done a lot questionable acquiescences under Cook for political expediences, they really didn’t have a choice here. It was the law.
Now going back on Twitter to get in the good graces of President Musk and bringing TikTok back to the AppStore even though it is clearly against the law is different.
> they really didn’t have a choice here
They did have a choice. They could have said they will just get out of UK. That would have resulted in enough political turmoil in UK that their government would roll back this stupid law. Apple chickened out.
If the UK wants the law to change, that’s up to the citizens of the UK. These are the people they elected.
Don’t expect Apple to rescue the UK citizens to from their own choices.
So, Apple will just give in to whoever is in power? They were not this soft in the San Bernardino case when FBI asked them to unlock a phone.
> So, Apple will just give in to whoever is in power?
This is definitionally why a country is sovereign and a company isn't.
> They were not this soft in the San Bernardino case when FBI asked them to unlock a phone.
FBI has to follow the laws of the USA.
The UK writes the laws of the UK, which Apple (if they want to operate in the UK) has to follow.
The FBI doesn’t create laws. If Congress had passed a law then you would have a good analogy.
Yes Apple follows the laws of every country it operates in just like any other company.
Apple absolutely does not follow the laws of every country it operates in, else TikTok wouldn't be back on the App Store.
If only I had thought about that, I might have mentioned it.
Oh wait
https://news.ycombinator.com/item?id=43128684
> Now going back on Twitter to get in the good graces of President Musk and bringing TikTok back to the AppStore even though it is clearly against the law is different.
Then why subsequently say that they follow the laws of every country they operate in? They don't, so whether the FBI makes the laws is not relevant.
There is an easy way to avoid having to follow laws of a country. Don't operate in that country.
If you don't want to be sued by activist investors, you need a good reason for that, and to be able to tell those investors what else you tried first before escalating that far if you eventually do pull out of a market.
[flagged]
Abandoning the UK market would hurt Apple more than it would hurt the UK. They are not a nation-state, Apple cannot wage diplomacy by threatening the government, they can only shoot their own foot off and say it was for the good of everyone.
It would also partially validate the EU's regulation if they abandoned the UK but stayed in Europe. Apple very much doesn't want to feed either side a line.
They could have started with not offering iCloud at all in UK. See how the blowback gets UK government to play ball and rollback the law.
It may have hurt Apple in the short term but helped in the long term.
Then instead of mandating a backdoor to cloud data, the UK would just mandate backdoor access to the devices themselves, again forcing Apple's hand to either comply or GTFO, if they want it bad enough.
We're losing the fight, and people are as apathetic as ever around privacy and security issues.
Besides, never trust E2EE where you don't control both ends, but everyone here should have already known that.
They heavily compete on "privacy" and "security", so I wouldn't expect them to. Additionally, once you start rolling with one government, every one wants you to do something for them while offering you no additional money for the work and weakening of your project.
They did. They've giving the UK Government a backdoor to all UK users.
Apple lost here.
But Apple is not giving the UK Government anything they didn't already have. Now iCloud encryption will function in the UK just as it has for years (decades?) before the inception of ADP.
Technically, they are leaving the front door open to all interested parties
Devil's Advocate (meaning I don't agree with this, in fact I disagree with it, but I don't see this argument being made anywhere and think it would be interesting. If you're one of the people who are offended by this practice of people steel-manning "the other side" and only want to read comments that affirm your position, please don't read this comment).
Question: Wouldn't it be better for Apple to build a UK-only encryption that is backdoored but is at least better than nothing? If Apple really cared about people's privacy, why just abandon them?
My position: No because this is a war, not a battle. Creating a backdoored encryption would immediately trigger every government on the planet passing laws banning use of non-back-doored encryption, which would ultimately lead us to a much, much worse world. Refusing to do it is the right thing IMHO.
The UK's law here is specifically targetting encrypted data globally.
> The UK government's demand came through a "technical capability notice" under the Investigatory Powers Act (IPA), requiring Apple to create a backdoor that would allow British security officials to access encrypted user data globally.
Without Advanced Data Protection, your data is still encrypted at rest, it's just that Apple safeguards the encryption key. The purpose of ADP is to remove control of this key from Apple, so that it's impossible for Apple to leak your data to any third party, even if they are compelled to.
So to me, backdoor encryption seems like it defeats the whole point of ADP, no? But if not - even if there is some tiny marginal benefit - cryptography is extremely expensive to get right. It's doubtful that it makes financial sense to Apple to develop a new encryption workflow for a single country for very slight security benefits.
And it still wouldn't be complying with the UK's demands anyways. The UK demanded access to accounts worldwide. If Apple is going to be non-compliant, then they might as well be non-compliant the easy way.
Related discussion:
U.K. orders Apple to let it spy on users’ encrypted accounts (washingtonpost.com) 762 points by Despegar 14 days ago | 1070 comments https://news.ycombinator.com/item?id=42970412
Apple could have disabled iCloud completely for UK users. This would protect both UK users and other users who’s data would also been captured in an iCloud backup.
They would lose some money on services, but would have been the better choice to stand up to the UK government and protect the UK users.
It's fine to continue providing the service as long as people know it's not encrypted. I am not worried about my photos being subpoenaed; I am worried about losing them. I'd rather have the service.
They are not the first country to do this. Apples advanced security features are rolled out non-uniformly across global markets. You get different capabilities, depending on where you are and where your account is resident, it would be great if there was a website that listed the countries and the security protections Apple provides in those countries.
It's a drag that we're seeing this crap happen, but authoritarians will be authoritarians. What's the general opinion of tools like Cryptomator? [^1]
[^1]: https://cryptomator.org
What exactly can UK users do now? Turn off "backup iPhone to iCloud" and stop syncing notes?
If you have ADP, Leave it on and have them automatically delete it at some point? Otherwise yes.
“Customers who are already using Advanced Data Protection, or ADP, will need to manually disable it during an unspecified grace period to keep their iCloud accounts, according to the report. Apple said it will issue additional guidance in the future to affected users and that it "does not have the ability to automatically disable it on their behalf."
UK users can still perform an encrypted backup to their local PC or Mac.
It's just a shame that Apple didn't include the contact details for the Home Office officials responsible as the place for inquires regarding the matter.
Current days' UK is mostly a bunch of draconian laws, the political elite disrespecting "their" people (common European scenario) and third-world economic immigrants fucking up the country even further.
It's so sad...
I'm confused. I thought iCloud was end-to-end encrypted anyway, and I've never heard of ADP before. Is ADP encryption at rest, whereas normal iCloud storage is only encrypted from the device to the server?
The only difference is Apple doesn't hold the encryption keys when you use ADP.
In both cases it's encrypted in transit and at rest.
TIL that Apple holds the keys to my iCloud encrypted data!
For most of it, yes. There are exceptions, e.g., Health and Keychain, for which Apple does not have the keys even without ADP enabled.
Yes, otherwise, how would the web interface (iCloud.com) work?
See the "Data categories and encryption" section:
"The table below provides more detail on how iCloud protects your data when using standard data protection or Advanced Data Protection."
https://support.apple.com/en-us/102651
This provides an incentive for Apple computer users to do the right thing: Stop storing sensitive data on Apple servers. Unfortunately, due to Apple's pre-installed proprietary operating systems that phone home incessantly, that may be more challenging than it should be.
Not relevant to the Apple story but as a general comment on UK surveillance/search/detainment laws: Five Eyes means the US just needs to get their citizen into the UK for their partner to gain access that the US doesn't have to their citizen. The reciprocity possibilities are endless.
Are anyone of you lot getting the realisation onto why they are pushing Passkeys so hard?
They know they access 8 out of 10 phones they seize.
DONT USE PASSKEYS
Wonder what the cost/benefit looks like from Apple's perspective.
If this requirement increases the proportion of data on Apple's servers that is now unencrypted (or encrypted but which can be trivially unencrypted), that could be a huge plus to Apple; more data to use for ad targeting (or to sell to third parties), and more data to train AI models on.
Could moves like this by other repressive regimes finally open the door to consumer-owned, consumer-controlled, decentralized cloud storage systems that are fully encrypted and inaccessible by any agency or individual except by the owner?
Would be a beautiful thing to see. Not sure how storage would work though since you cannot take payment (that would make it centralized), and storage would have to be distributed, but by who?
> inaccessible by any agency or individual except by the owner?
I believe the UK already has "you must unlock anything we ask" as part of the RIP/2000[0].
[0] https://en.wikipedia.org/wiki/Regulation_of_Investigatory_Po...
I wonder, what are the alternatives now?
Tresorit? Self-hosted Nextcloud?
There is no alternative really as only iCloud can back-up your settings, saved networks, and apps data.
Other apps like Nextcloud, can only backup documents (those not in apps) and pictures, because there's an API for this.
iTunes backup is an option, but it's not automatic and convenient.
Is that true? Only iCloud can back up an iPhone? They dont provide any way to even extract an encrypted archive so you can keep it safe for yourself?
I get more and more amazed at Apples lock in tactics. This is why I own nothing Apple, and have complete control over everything in my digital world.
iTunes backup is perfectly reasonable alternative to iCloud that retains e2ee, I don't know why they were dissing it. It can back up everything that iCloud can and it's automatic, you just plug your phone in, no lock in tactics.
No, you can use iTunes to make a local backup too. It was a thing long before iCloud.
Fair enough, however iTunes is also Apple software no?
So your choice is use Apple software to make your backups, or....?
Interacting with any device running iOS requires Apple software (or reverse engineered hacks) for many features.
However, in this case, the point is that you can use Apple software to make a local backup (and you can enforce the "local" part by doing so offline), and then use whatever you want to encrypt and stash away the resulting files.
well, yeah, iphones could be bit more open, and I wish they were. But there's no real way for UK to force Apple into adding backdoors into that.
It encrypts your entire phone backups as well
It’s really not that complicated and none of those options can serve as an adequate backup for iOS devices including app data and meta data.
Just back up your phone to your computer via iTunes (Windows) or the built in facility on Macs
Could this be the catalyst for the rise of third party encryption companies that operate in UK? Or perhaps, rise to third party self host E2E cloud solution?
Only time will tell.
I've already invested in USB storage :)
Can someone explain what's changed in the UK that they would consider requesting unfettered access to all Apple customer data (including outside their own borders)? I get that the NSA is infamous for warrant-less surveillance, but this seems a step further.
This isn't warrant-less, it's with a warrant. This isn't really a change the UK, it's the UK trying to adapt to the proliferation of E2E encryption - ten years ago, law enforcement could always access your messages, now the default if you're on whatsapp/iMessage is they can't because E2E is on by default. UK lawmakers aren't happy with a default position of the state being totally incapable of reading messages, no matter what the law says.
It might not be cryptographically sensible, but it is responding to a real change in the strength of the state.
Labour Party was elected six months ago. It is doubling down on existing government surveillance policy as a cure-all weapon to investigate and chill opposition, and to humble foreign tech companies.
It is "just" the domestic intelligence agency ordering Apple to backdoor their own system be able to supply data for lawful interception. As I read the article, it's not a UK backdoor in the sense they can roam around in every users data. The domestic agencies still need to follow the rules of lawful interception, namely they need a warrant, and it is targeted at UK nationals only. At least that is how I read the article.
Nothing's changed, they just want the same access to people's data they've always had. They loved completely unencrypted text messages.
The rise of first-party end-to-end encryption has made life difficult for the security services so they just want to get rid of it.
Also historically the US government loved the UK doing all this spying because the US wasn't allowed to do a lot of it on their own citizens.
This is part and parcel of the collapse of western capitalism (aka American empire). You get two main choices when capitalism fails - fascism or communism/socialism. It's clear that the UK has chosen fascism (either liberals like Labor or extreme right like Reform).
That choice exists only in cases in which the people can effect a revolution. The UK elite is too strongly in control of the country through its establishment, so, it will be a loud tumble down the hillside towards fascism...
Uncontrolled immigration and terrorist threat, but also probably they want to look at people's nudes. Jolly lot.
Are there non-icloud backup options? There used to be local encrypted backups through itunes, but I can't tell if that feature is still around.
ITunes but it is a PITA. Do a test backup restore too. It may not restore if the phone was nearly full (maybe 80%) when backed up.
If anyone’s looking for open-source, self-hostable, E2EE storage then checkout Peergos (disclaimer: lead here):
https://peergos.org
So instead of building a back door they're just completely removing the option to use E2E encryption altogether, thus making everything freely available to government by default?
How is that not worse or at least equivalent to a back door?
>How is that not worse or at least equivalent to a back door?
It's bad for the citizens of the UK and better for everyone else on the planet with an iPhone. UK citizens should be angry with their government, not Apple.
They’re just pulling the feature in the UK. If they put in a back door, they’re pulling the feature for everyone.
Much better than a false sense of security. Customers know what they get, and can choose other products instead of being confused or cheated.
It _is_ equivalent to a back door, that's the point. The UK demand can be accessed more rapidly and properly by disabling the feature than by implementing a backdoor, since it is the same thing.
No illusion of privacy.
Many departments use iphones. I wonder how it will affect government security or government employees will be exempt?
The UK requested the backdoor for all users, not just UK citizens.
What happens if a British citizen/resident buys an iPhone in the USA?
Btw, as a European citizen, I always buy my devices in the USA. We can complain about the US as much as we want, but Europe is on another level.
I think the iCloud services is based on the region of your Apple Account. So you could theoretically use a US region Apple Account and enjoy iCloud services. But that means you won't get UK region apps, except in the app store you can switch to different Apple Accounts as you please, so you can have multiple accounts for different regions (which is what I do).
As an EU citizen, the US* (govts) can stay way from my stuff. I won't even vpn through the
*or any other gubments.
Of course, when the rubber truncheon comes out, I'd be happy to show my encrypted stuff. But until then, or without a warrant, I'd prefer not to.
Does Apple offer this type of encryption in China?
Ugh. Is this by App Store country? Anyone know what happens if I already have it configured? I’m actually in US App Store region and sometimes switch to UK… I wonder if that would disable it.
concessions afer concessions we gave away our freedom. the axis of good is mostly responsible for this but the opposition also wanted to remove anonymity and freedom from the web.
no one fought when the democrats called snowden or assange russian spys for revealing clinton corruption. they just blindly sided with their own corrupt political party and gave away freedom. just like previous govs censored trump, banned political opponents they created a precedent and opened the door to the end of freedom. its now beyond politics, we should fight for the last moments of freedom we have before its too late.
Absolutely mental the kind of people that have power. Dealing with this like immature children.
“We don’t get what we want? We ruin it for everyone.”
Trying to backdoor a privacy feature for no real reason, just for the sake of having a backdoor. Pathetic
ok so while being AI safety concerned.. uk politicians go ahead and remove humanity's single logical control tool that they have to keep AI in check.. encryption maths.
gg
I don't get what's happening to civil liberty in Europe.
The empire is collapsing, so the chairs are being moved aside, the curtain behind the stage is being drawn and the ugly brick wall is being exposed...
We can drink alcohol in outdoor public places, can Americans?
The problem is the decline. We had more liberties 10 years ago than we do today.
Whether Americans are free or unfree shouldn’t distract us from this.
This is specific to each municipality/state. The United States federally has no laws regarding the outdoor consumption of alcohol.
Yes.
Pot, meet kettle!
Frankly, our democracies are currently in a rather precarious state.
At least we don't get to pee in the cup at work
This was Brexits doing. As we are no longer EU, we have our own cool rules such as the upcoming PM allowed to watch me take a piss law.
The EU is currently planning exactly the same thing with Chat Control.
Eu isnt 'planning' anything like that. Some Euparl MPs backed by people like Ashton Kutcher tried to push a law to spy on all chat apps. Then when the dirty web of American-style regulatory manipulation was exposed, they backed off. It was a proposal for a law by some MPs. Not something 'Eu' did.
They backed off "for now". They are trying this for ages, did you forget about ACTA and Von der Leyen's past censorship attempts in Germany? Have you read the DSA? Of course the EU is planning to go full authoritian in the name of "protecting democracy".
What EU is planning with chat control is much worse. The UK still requires a warrant to access your iCloud data. EU wants to force companies to install spyware on your devices that will monitor whatever you send or receive in real time without any probable cause or suspicion.
> This was Brexits doing.
Not really? We've had horrors like the 2000 RIP[0] well before Brexit. The Blair government made a huge dent in civil liberties and the Tories carried it on.
[0] https://en.wikipedia.org/wiki/Regulation_of_Investigatory_Po...
This is one of the reasons why I will never vote Labour.
The UK has always hated not allowing people to self-incriminate, though...
> This is one of the reasons why I will never vote Labour.
The Tories are generally worse. But I agree it's currently a case of "lesser of two evils".
I wouldn't vote for Tory either.
I usually vote for Lib Dem. Though they do things from time to time I don't like...
This is why Scotland needs independence. It was once and with it chained by the UK, they're squeezing everything they can. Look at Wales, just pets for the UK. Scotland is an actually pretty awesome country but like Canada is kept pet by a leader. The only thing that could save this shitshow is Scotland getting independence. Lets be honest here. You thought Boris Johnson was bad ripping holes left right and center. Trump makes Boris look like a pet rat. And that's an insult to real rats.
I may be wrong here, but my impression of Scottish politics is that it's just as paternalistic and nanny-state if not more so.
[flagged]
Troll much?
Your comment history reeks of differentiated, sensible arguments...
Overall quite ironic as in plain sight to anyone reading the news in the last two years, almost all of Western Europe sees rising right wing and extreme right wing parties.
[flagged]
Nothing is happening to it. Governmental overreach, and then if people really want encryption they will vote in privacy-friendly officials. Here in Oregon, USA, we have Ron Wyden, who knows more about netsec than most IT graduates.
As long as you can vote there is still civil liberty, just vote for the right people who care about this stuff.
None of what you just said translates to any European country.
None.
Executive power is very representative, not direct, with the sole exception imo being Switzerland?
Ok, I am not very technical. Can someone help me understand this. I don't have Advanced data Protection on. Does that mean UK Gov can see my data now?
It means Apple has the encryption keys to your backed-up data. So they can, in theory, access it, if the UK Gov demands that they do. That might never happen to you, but with ADP it would have been impossible, because even Apple can't access it.
See https://support.apple.com/en-us/102651
Potentially. It really just means your data is stored unencrypted, so anybody that has access to Apple's servers can access your data. I don't believe any government has open access to Apple's servers, but they can get a warrant.
I just realized ADP is not same as Lockdown mode. which Apple mentioned that only people that are likely to be targets need to turn on.
Now I don't see any reason why I shouldn't turn ADP on. Turning on now.
They always could. With advanced data protection they could not. The law mandated to add a backdoor to allow the government to also see encrypted data (which made the encryption insecure by definition). Apple refused to comply so you don’t even have the option to encrypt your backups now.
The UK backdoor means US and other FVEY states are able to freely request any person’s private data from GCHQ.
How will they enforce this?
They will have to send out messages 'You have 32465 hours before you account is deleted unless you decrypt'
This is NOT a good look.
This is a good reminder that the one who cares about privacy and security cannot rely on closed-source products from commercial companies; don't be deceived by marketing slogans.
What happens if you're an international traveller?
This will likely depend on your primary account region. Apple can't just turn off E2EE on existing account nilly willy.
<< Apple can't just turn off E2EE on existing account nilly willy.
If they are able to, then then can be compelled. Do you mean won't/wouldn't?
“Apple said it will issue additional guidance in the future to affected users and that it "does not have the ability to automatically disable it on their behalf."”
From https://www.macrumors.com/2025/02/21/apple-pulls-encrypted-i...
They can break a sync on server-side for your account.
They can't disable it on device though.
They control the software running on your device, and said software ultimately has access to the encryption keys stored there (subject to the usual hoops; e.g. it might need you to do a FaceID unlock first, but it's not like you aren't already doing that many times every day).
The UK wanted access to anyone's data. Not just UK citizens and then additionally added regulations forbidding apple to disclose this.
UK is ~3-4% of apples income. While I appreciate Apples actions here, I wish they would make a real stand here and pull completely out of the UK.
I really wish they would sit down and negotiate this more openly. The silence from the other players is what really makes me uncomfortable. The fact that only Apple is making a stand against this ask is really scary.
Agreed, the UK is speed running 1984 right in front of us.
Only three (well, now four) mentions of 1984 in the comments tells you all you need to know
[dead]
Is there a way for a UK iPhone to circumvent the warning and enable ADP? Like connecting through a VPN?
its a shame
Deep betrayal by Apple.
"privacy is a fundamental human right" - Tim Cook.
How many UK people who haven't heard of ADP will now enable it?
They should of forced ADP on by default and this would of never happened.
The problem with that is that if the user loses their key, their account is no longer recoverable. As things are with ADP, enabling it comes with a bunch of warnings about that, and IIRC it also forces you to print out the recovery key for safe storage.
That would alienate users due to key management complexity. Apple is about having a smooth user experience.
Notice all the undemocratic dictatorships that did not require this of apple. The UK is in decline completely.
Yikes... looks like Apple sun is setting. This cannot be allowed to happen.
It's not just an Apple thing. It's not even just a UK thing.
How does this affect me if I travel to the UK with an E2E encrypted IThing?
not at all
Being locked into an ecosystem seems really nice.
The problem is that you don't really know your future jailer.
Honestly I'm surprised that rather than trying to build stupid backdoors and such, tyrannical governments don't just try to make a encryption key database. They hold ALL the keys and can get into anything they want, anytime they want. If you get caught with keys or encrypted data they can't access, punishment ensues.
Like if you're gonna try to eliminate privacy and freedom, just be honest and open about your intentions.
Let's vote Labor and Liberal to keep the UK from going fascist on our data.
Oh wait....shit.
This was done under the Investigatory Powers Act which was brought in in 2016. Saying that Labour weren't exactly against it at the time. Point being snooping isn't left or right - they all love it.
Labour are not anti authoritarian. Often quite pro
The Blairite wing of that party has always been extremely bad with this kind of thing (see Tony Blair's obsession with ID cards over the decades) so it's unsurprising they'd push something like this.
The party most likely to cut this stuff out is Reform, although they'd probably be closer to ambivalent about it.
UKIP/Brexit/Reform as a vehicle to hold large influence over politics from outside Westminster might.
I would imagine the party's attitudes on a myriad of things would shift if they were in power though.
I’m pretty sure Reform would scrap this stuff, given the belief their part of politics has been a victim of these laws.
Also worth considering Lib Dem if you’re not into right wing politics- they did vote against the relevant investigatory powers act back in 2016.
They got what they voted for and now that those voters are surprised?
It's really hilarious to try to blame previous governments for such unpopular moves like this one.
If Labour was any better, then they would never have used the Investigatory Powers Act to force Apple to take actions such as this.
For those who thought Labour would never do this, should just admit that this move was done under Labour and they are no better than the Tories.
Lol so much for the privacy-first Apple BS everyone keeps touting
If they had any balls whatsoever they would've rejected this and pulled out of the UK, but of course money comes before anything else.
Well this is double plus ungood...
It's the right decision. Don't bow to the government, let the people demand it from their leaders, and vote in new ones.
Yes, countries lacking in proportional representation and having obscure procedures like proroguing parliament are the best at listening to important but fairly obscure issues from their voters. </s>
Very disappointed with this, but I think will be finding alternatives.
Family sharing especially of Reminders is a hard one - we use lists for grocery shopping and it is extremely convenient.
Has anyone tried out Ente https://ente.io/ for photos?
At some point, we need to stop being surprised at authoritarian countries doing authoritarian things.
Here's hoping the inevitable regime change will be a peaceful one.
If Apple was a real American Company they would solve this issue by withdrawing their devices from the UK.
Is Palantir a Real American Company?
Does this mean I should treat travel to the UK the same way as China and only bring a burner device with no information on it or on cloud backup accounts?
Border control agents in all countries -- including the US -- have fairly extensive powers to search your devices or deny you entry. I'm not sure this decision should change your calculus on that point.
See also https://medium.com/@thegrugq/stop-fabricating-travel-securit...
Company trade secrets probably shouldn't be on the device? Edit - or the device's cloud backups?
Really disappointed that our government decided to take such a stance.
What are people using when self-hosting services in the scope of iCloud nowadays? Nextcloud seems the closest comparable service.
If you own an iPhone then nothing can come close to the feature set of iCloud. Apple just have it on lockdown and dont expose the functionality that would be needed for a competitor to take advantage of this.
A great time for all people to jump to android IMO and experience the freedom of choice it gives you.
This is almost the status quo in the USA, given that nobody turns on the optional e2ee anyway.
As someone currently a citizen of the UK, what are my best emigration opportunities?
You do realise that the UK government is, and always has been, notorious for surveillance. They haven't changed since before WW2 and probably never will, even if Apple suddenly decides to play hardball with them.
And to be very, very honest, if you look across the Five Eyes nations, I don't think this is much different from what other countries deal with when it comes to access to data. You had PRISM, the trick of asking other countries for access to their own citizens data to avoid scrutiny, and Apple delaying the implementation of E2E in the US after federal agencies got pissed about it. The list goes on for a long time. At least in the UK, the government is so detached from commoners hurt feelings that they ask for what they want explicitly, with no fear of political consequences.
The fact that it's always sucked is precisely why I want to leave.
Ireland might be easy option.
UK citizens do not need a visa or residency permit to live and work in Ireland due to the Common Travel Area (CTA) agreement
If you value personal freedoms, you should go to East Europe. The more to the east, the better. Snowden went to Russia.
> Snowden went to Russia.
He was stuck in an airport when his passport got cancelled. It's not really a free choice if you can't go anywhere else, and planes suspected of carrying you get forced to land, even if by virtue of being denied airspace access until they run out of fuel.
https://en.wikipedia.org/wiki/Evo_Morales_grounding_incident
https://en.wikipedia.org/wiki/SORM
https://en.wikipedia.org/wiki/Roskomnadzor
freedom to _what_? Corruption is high, media is pretty restricted under Orban, and it doesn't look all that great for freely expressing your identity either. Whether Poland will follow their direction or manage to turn around is still up in the air.
You're only more "free" there if you have the money to bribe officials.
Snowden didn’t go to Russia because of the government there “valuing personal freedoms,” he went there bevause it is one of the very few major countries that absolutely will not cooperate with any extradition requests from western countries.
If you are thinking of going to east europe (and especially Russia) in search of personal freedoms, I got a bridge to sell you (for context, I grew up in Russia). The only “freedom” some of those countries might provide is the freedom from the long reach of the hands of western governments (and even that is a “maybe”, as Andrew Tate has been discovering recently).
Kremlin has full access to every service operating in Russia. If a service is banned in Russia, that's a service you should use. If it's not banned, it already has a backdoor.
Dublin?
Depends on what you’re after * Australia * United States * Singapore * Dubai * Europe (Belgium/Switzerland/Netherlands)
If you're after freedom, you absolutely do not want Singapore or Dubai.
The United States has the strongest laws for freedom of speech. You can't get arrested and face years of criminal legal trials, ending in an £800 fine for making a joke with your dog in America. Police won't show up at your house for Facebook posts like they do in Aussiestan. American courts probably won't take your infant away from you and force a medical procedure on it like in Kiwistan just because you wanted to use your own blood donors for the operation.
It's been degrading in the US too. Xitter is not at all a free speech platform and that technocrat says whatever he has to for popularity until he can chip your brain. Cutting a few million in wasteful government spending doesn't make up for how he loves China and deeply desires their level of autocracy.
America's laws have somehow held in-spite of presidents that seek to crush it (yes, both of them, both sides. They're the same. Stop believing the headlines and read the damn articles). Although defamation law has been weaponized to neuter some forms of speech and reporting.
There is an internal push by the CIA in America to further destabilize it and cause radical elements in the fake-left and fake-right to call for more authoritarianism. It's not a great nation, but sadly it is the last bastion of true liberty .. and it's eroding every day from every side.
In 20 years there might not be anywhere to flee to. Fight for your country. They can't put every British person in prison if everyone decided to tell the truth.
> American courts probably won't take your infant away from you and force a medical procedure on it like in Kiwistan just because you wanted to use your own blood donors for the operation.
Whenever someone writes "just" in a case like this I can tell there's a complicated, ugly legal case that's being grossly misrepresented, and quite possibly one where no responsible journalist is reporting because of child privacy issues/laws.
The problem with both British and American surveillance state authoritarianism is it's hugely popular with the public when used against the ""wrong"" people. You might have "free speech" (subject to qualifications such as Comstock and their modern day equivalents) but you're much, much less likely to be shot and killed by the police - or a random stranger - in the UK.
this is not a free speech issue, it's about key escrow
and the US invented technical crypto backdoors
https://en.wikipedia.org/wiki/Clipper_chip
That said, American leadership is still fine with dragnet surveillance and coercing corporations to lie to their audience: https://arstechnica.com/tech-policy/2023/12/apple-admits-to-...
Being American has it's perks, but privacy isn't one of them.
Australia is the worst of all
Of the whole list, if the Investigatory Powers Act is what you didn't like, I'd pick Switzerland first, then Belgium/Netherlands.
Of course, that assumes you're fluent in the local languages. Hoe goed spreekt u Nederlands?
I made a jump to Germany in 2018, and, thanks to learning a new language, have had a front-row seat to how flat the real Dunning Kruger effect really is: https://en.wikipedia.org/wiki/File:Dunning–Kruger_Effect2.sv...
Dubai, even as an international hub where you may be able to get by with English — لا تضيع وقتك باستخدام دولينجو لتعلم اللغة العربية، لقد حاولت خلال الوباء وما زلت لا أعرف الأبجدية — is much more authoritarian than the UK. Similar for Singapore.
If you're monolingual, and privacy is your concern, then the US is an improvement over Australia.
But also consider Canada and Ireland.
Ireland isn't in Five Eyes, Canada is, but also Canada is slightly further away from the madness of Trump etc. than any company still inside the USA.
I'm not even sure what's going to happen with the US federal government given that DOGE cannot meet its stated goals even by deleting all discretionary-budget federal agencies like the NSA, CIA, FBI, all branches of the armed forces, etc. but on the other hand the private sector is busy doing a huge volume of spying anyway in the name of selling adverts… chaos is impossible to predict, and you should want to predict things at least a few years out if you're going to the trouble of relocating.
>Ireland isn't in Five Eyes,
That's true, and I suspect Ireland does not do as much surveillance as many other countries, but if I recall correctly, it does have a passphrase-or-prison law like the UK. I also get the sense that in a number of cases, it tends to view its laws as suggestions, for example, with the autism dossiers scandal [1], and in some sense, gets away with it in the way that a small country can. To me, it feels like a country where you don't need to worry about organized, systemic surveillance abuses, but do need to worry about departments or even individual employees who decide that they just don't like you.
[1]: https://en.m.wikipedia.org/wiki/Department_of_Health_autism_...
Australia is even more everyone-is-a-cop than the UK, and is doing this exact same shit for the exact same reason.
If you abhor surveillance, don't pick a Five-Eyes nation.
Don't forget the 14-Eyes, which includes most of Western Europe.
Wasn't this in line with JD Vance's European Eulogy last week, that we shouldn't be using 1984 as a playbook?
1984 could only ever have been written by an Englishman
Why can't governments simply compel every software developer to create a backdoor, or go to jail?
If even one government does it, then the backdoors exist globally. Here is an overview of the global situation: https://community.qbix.com/t/the-global-war-on-end-to-end-en...
How do you like your "liberal democracy", UK-ians? Is that democratic enough for you yet? Do you feel in control?
disables apple cloud sync
Could this have been a reason UK pushed to separation from the EU?
EU is all for privacy while UK is slowly drifting towards becoming a Stasi state.
No, EU is NOT "all for privacy". I don't know where this myth comes from but I see it repeated here often.
1. EU is pushing for mandatory on-device scanning of all your messages (chat control). The current proposal includes scanning of all videos and images all the time for all citizens. The proposal started with analyzing all text too. The discussions are happening behind close doors. EU Ombudsman has accused EU commission of "maladministration", no response.
2. EU is allowing US companies to scan your emails and messages (ePrivacy Derogation). Extended for 2025.
3. EU is pushing for expansion of data retention and to undermine encryption security (EU GoingDark).
"The plan includes the reintroduction and expansion of the retention of citizens’ communications data as well as specific proposals to undermine the secure encryption of data on all connected devices, ranging from cars to smartphones, as well as data processed by service providers and data in transit." https://www.patrick-breyer.de/en/eugoingdark-surveillance-pl...
4. EU is pushing for mandatory age verification to use email, messengers and web applications. Citizens will be required to use EU approved verification providers. All accounts will be linked back to your real identity.
5. "Anonymity is not a fundamental right": experts disagree with Europol chief's request for encryption back door (January 22, 2025)
https://www.techradar.com/computing/cyber-security/anonymity...
-----
Do you still believe EU is all for privacy? EU's privacy is deteriorating faster than in any other developed country / bloc. Some of these proposals have been blocked by Germany for now but that is expected to change after the upcoming elections.
< EU is pushing for mandatory on-device scanning of all your messages (chat control)
Again and again, 'Eu' is not pushing anything like that. A few Euparl MPs backed by those like Ashton Kutcher did.
> Eu isnt 'planning' anything like that. Some Euparl MPs backed by people like Ashton Kutcher tried to push a law to spy on all chat apps. Then when the dirty web of American-style regulatory manipulation was exposed, they backed off. It was a proposal for a law by some MPs. Not something 'Eu' did.
This is blatantly false.
The EU has been pushing to pass the Chat Control law for the last 3 years which is even worse because at least in the UK the government would still need to get a warrant for the data they want whereas the EU wants to analyze your chat messages, emails and pictures in real time without cause or need to justify themselves.
> Again and again, 'Eu' is not pushing anything like that. A few Euparl MPs backed by those like Ashton Kutcher did.
The EU is pushing for this. The EU "Going Dark" group is pushing for this as well as per https://edri.org/our-work/high-level-group-going-dark-outcom...
The fact of the matter is that if the EU was, as it's been said, for privacy this proposal would not have been on the table in the first place. It should have been stopped 3 years ago but here we are again fighting for our rights and our privacy.
And it doesn't matter how many times it gets shot down by some of the countries in the EU, the commission changes a few words and starts the process all over again because they know that sooner or later they will get it through.
You can't have it both ways. You either are for privacy or you are not. If you are then this proposal should never have seen the light of the day and the people pushing for it should have been given a warning that this was off-limits.
Instead they are biding their time so that when the time is right they can come back with a slightly altered but still incredibly damaging proposal hoping that it will pass.
The EU pro-privacy stance is joke. They want access to the same data as the US except they don't have the courage to come out and say it so they wrap it in a nice little gift bag with the words "protect the children" on it.
This is hypocrisy in it's purest form. Then some governments in the EU have the gall to call out authoritarians regimes around the world when they crack down on dissent and free speech? Give me a break!
The Chat Control law was voted down and it would not apply for UK if they'd still be in EU.
See my comment above, it doesn't matter that it was voted down. The point is that it was allowed to go to a vote in the first place.
How do you square being pro privacy but at the same time demanding to have unlimited access to all chat messages, emails, pictures and so on of all your citizens without the need for a warrant, without justification and without the citizens having any say on the matter?
The answer is that you can't. You either are for privacy or you are not.
As for not applying to the UK, that is a moot point because as soon as the EU gets it's wish then the UK will demand the same kind of access. Why would the UK government turn down such an opportunity?
If you care about privacy and security of your data, you aren’t using public services from Apple or Google, or “big tech” anyways.
I always thought of “cloud” services to be a sham. I only trust them with transient data or junk data anyways (glorified temp storage, at best).
The beginning of the end. A sad day for Brits
Removed all my stuff from iCloud about a month ago in preparation for this.
This was predictable vs creating a backdoor
Could any hackers on here now please hack the fuck out of UK government ministers please?
I doubt it would play out like you think.
yikes
[dead]
[dead]
[flagged]
Not a surprise from TwoTierKier, who like most socialist government, has a natural tendency to lock dissidents, suppress their fundamentals rights, send the police to to people who posted this or that online...
malicious compliance.
Providing access when ordered by a court is not as secure so we're removing all encryption?
"If we can't provide this product legally, we're not going to provide it at all" ends up being the only reasonable position in situations like this.
At least this way doesn't compromise users in other countries.
>Providing access when ordered by a court is not as secure so we're removing all encryption?
Providing a back door for one government reduces the security and privacy of the service worldwide.
This decision keeps the security and privacy for the rest of the world. Sucks for the UK that your politicians decided to go this route.
End-to-end-encryption-except-when-the-UK-government-is-interested doesn't have the same ring to it, liable to damage the brand ....
FWIW people always put too much trust in E2EE where they didn't control either end. This was a loooong time coming.
It’s not really end to end in that sense. They don’t get the key, they just store opaque data for you.
The only way apple could get your data is to push code to your device to steal the key.
I think their point was that you don't control your device. If Apple did push code to your device to steal the key, how would you be able to tell?
People aren't going to use your self-hosted E2E tools on a wide scale. We've been down that road. Best to secure the systems people already use.
the whole point of ADP is that they cannot provide access
Yes, the parent commenter missed the part where Apple cannot see the encrypted content when ADP is used.
But Apple could say, you have 45 days to remove it or we will delete it, then you have to resync your data.
Why would they? What priorities are better served by that approach?
Why would they say to all new users, that they cannot have Advanced Data Protection, whereas older customers can?
Now you have a certain percentage of users with encrypted data, and a certain percentage of users that do not. The UK government will not like that. And now Apple has shown that it will not take a stand for privacy it might have to do it to comply.
Ah, you missed the part where Apple also said existing users will have to turn it off at an unspecified date.
No! That's not ... the comfy chair is it?
I'm not suggesting Apple should be able to see the content, I'm saying the Police should be able to, when they have a valid court order issued in accordance with the legislation.
For example, A 'Personal Recovery Key' could be recorded in a police database. To gain access to 'encrypted' data from Apple, a court order is needed, once they have the encrypted data, they can unencrypt it using the key only they hold.
There's lots of ways to skin a cat.
> A 'Personal Recovery Key' could be recorded in a police database.
That's about as secure as not having ADP at all, or worse. If that police database gets compromised, not only my data is accessible to the attackers, but I will be none the wiser about it.
An attacker would have to both compromise the police database AND Apple to retrieve the data.
The Key could even be split, say 3 ways. Apple holds 1 piece, the police hold another, and the Courts hold the third, all three would be needed to decrypt the data.
This is too far in to the weeds though.
It is not beyond humanities ability to have a system as secure as ADP while still providing a mechanism to access terrorists phones for example.
Leaving aside the fact that RIPA was drafted by deranged lunatics and deserves zero compliance from anyone, who the hell would you trust to run this database?
We have a 5th amendment. You shouldn't have to do all the police work for them.
Wow - how sad. To think the 2nd highest scoring post ever on hacker news is Apple's 2016 A Message to Our Customers. A display of intelligence, morality and courage under great pressure: https://hn.algolia.com
How things have changed.
> In a statement Apple said it was "gravely disappointed"
So are we, Apple. So are we.
Apple did the right thing.
I would much rather they were transparent, so that people can move services, rather than build a backdoor in secret, to appease the far-left Labour government.
Oh stop with "far left" nonsense, none of our main political parties are much further than slightly left or right of centrist.
Building a backdoor and telling us is better than building a backdoor and not telling us, but not building a backdoor at all is ideal.
Workers in tech jobs over the past few decades are the ones who are primarily to blame for the total degradation of the very notion of privacy, and our societies are, I think, reaping the consequences of this now in many ways.
This story didn't spring up out of nowhere, like a monster from under the bed. It's been a gradual decline since, let's say, the 90s or so.
I don't want to be vulgar, but the people who understood the best what was happening were mostly too busy taking large paychecks to get too upset about the whole thing. It got explained away, rationalised, joked about, and here we are.
Easier to push away the blame for a foot soldier, claiming to do things on orders or claiming to be absolutely f clueless where it leads, one is worse than the other. Thousands had to make this work and function as it is.
Still, this is a different topic than the government use of law enforcement for preserving the shity situation that was built by the industry and its actors just when the trend becomes of fixing what was made to be crap, just when people want to correct the f up of the ignorant collaborants.