Most active commenters

    ←back to thread

    Private Cloud Compute Security Guide

    (security.apple.com)
    295 points djoldman | 12 comments | 06 Nov 24 13:48 UTC | HN request time: 1.314s | source | bottom
    Show context
    solarkraft ◴[06 Nov 24 15:40 UTC] No.42063965[source]
    Sibling comments point out (and I believe, corrections are welcome) that all that theater is still no protection against Apple themselves, should they want to subvert the system in an organized way. They’re still fully in control. There is, for example, as far as I understand it, still plenty of attack surface for them to run different software than they say they do.

    What they are doing by this is of course to make any kind of subversion a hell of a lot harder and I welcome that. It serves as a strong signal that they want to protect my data and I welcome that. To me this definitely makes them the most trusted AI vendor at the moment by far.

    replies(10): >>42064235 #>>42064286 #>>42064293 #>>42064535 #>>42064716 #>>42066343 #>>42066619 #>>42067410 #>>42068246 #>>42069486 #
    1. patmorgan23 ◴[06 Nov 24 15:56 UTC] No.42064235[source]
    Yep. If you don't trust apple with your data, don't buy a device that runs apples operating system
    replies(4): >>42064785 #>>42066409 #>>42066447 #>>42070247 #
    2. yndoendo ◴[06 Nov 24 16:32 UTC] No.42064785[source]
    That is good in theory. Reality, anyone you engage with that uses an Apple device has leaked your content / information to Apple. High confidence that Apple could easily build profiles on people that do not use their devices via this indirect action of having to communicate with Apple devices owners.

    That statement above also applies to Google. There is now way not prevent indirect data sharing with Apple or Google.

    replies(3): >>42065011 #>>42065466 #>>42065965 #
    3. hnaccount_rng ◴[06 Nov 24 16:44 UTC] No.42065011[source]
    Yes, if your thread model includes the provider of your operating system, then you cannot win. It's really that simple. You fundamentally need to trust your operating system because it can just lie to you
    replies(2): >>42067159 #>>42067843 #
    4. dialup_sounds ◴[06 Nov 24 17:09 UTC] No.42065466[source]
    Define "content / information".
    5. afh1 ◴[06 Nov 24 17:37 UTC] No.42065965[source]
    Depending on your social circle such exposure is not so hard to avoid. Maybe you cannot avoid it entirely but it may be low enough that it doesn't matter. I have older relatives with basically zero online presence.
    6. isodev ◴[06 Nov 24 18:00 UTC] No.42066409[source]
    That really is not a valid argument, since Apple have grown to be "the phone".

    Also, many are unaware or unable to make the determination who or what will own their data before purchasing a device. One only accepts the privacy policy after one taps sign in... and is it really practical to expect people to do this by themselves when buying a phone? That's why regulation needs to step-in and enforce the right decisions are present by default.

    7. mossTechnician ◴[06 Nov 24 18:02 UTC] No.42066447[source]
    But if you don't trust Google with your data, you can buy a device that runs Google's operating system, from Google, and flash somebody else's operating system onto it.

    Or, if you prefer, you can just look at Google's code and verify that the operating system you put on your phone is made with the code you looked at.

    8. fsflover ◴[06 Nov 24 18:42 UTC] No.42067159{3}[source]
    This is false. With FLOSS and reproducible builds, you can rely on the community for verification.
    replies(1): >>42070042 #
    9. hulitu ◴[06 Nov 24 19:25 UTC] No.42067843{3}[source]
    > You fundamentally need to trust your operating system because it can just lie to you

    Trust us, we are liars. /s

    10. philjohn ◴[06 Nov 24 21:51 UTC] No.42070042{4}[source]
    Not unless your entire stack down to the bare silicon is also FLOSS, and the community is able to verify.

    There is a lot of navel gazing in these comments about "the perfect solution", but we all know (or should know) that perfect is the enemy of good enough.

    replies(1): >>42070272 #
    11. threeseed ◴[06 Nov 24 22:09 UTC] No.42070247[source]
    And if you don't trust Apple with your data you shouldn't use a phone or internet at all.

    Because as someone who has worked at a few telcos I can assure you that your phone and triangulated location data is stored, analysed and provided to intelligence agencies. And likewise this would be applying to ISPs.

    12. threeseed ◴[06 Nov 24 22:10 UTC] No.42070272{5}[source]
    We've seen countless examples of relatively minor libraries being exploited which then cause havoc because of a spider web of transitive dependencies.