Private Cloud Compute Security Guide

(security.apple.com)

295 points djoldman | 2 comments | 06 Nov 24 13:48 UTC | HN request time: 0.001s | source

Show context

solarkraft ◴[06 Nov 24 15:40 UTC] No.42063965[source]▶

>>42062230 (OP) #

Sibling comments point out (and I believe, corrections are welcome) that all that theater is still no protection against Apple themselves, should they want to subvert the system in an organized way. They’re still fully in control. There is, for example, as far as I understand it, still plenty of attack surface for them to run different software than they say they do.

What they are doing by this is of course to make any kind of subversion a hell of a lot harder and I welcome that. It serves as a strong signal that they want to protect my data and I welcome that. To me this definitely makes them the most trusted AI vendor at the moment by far.

replies(10): >>42064235 #>>42064286 #>>42064293 #>>42064535 #>>42064716 #>>42066343 #>>42066619 #>>42067410 #>>42068246 #>>42069486 #

patmorgan23 ◴[06 Nov 24 15:56 UTC] No.42064235[source]▶

>>42063965 #

Yep. If you don't trust apple with your data, don't buy a device that runs apples operating system

replies(4): >>42064785 #>>42066409 #>>42066447 #>>42070247 #

yndoendo ◴[06 Nov 24 16:32 UTC] No.42064785[source]▶

>>42064235 #

That is good in theory. Reality, anyone you engage with that uses an Apple device has leaked your content / information to Apple. High confidence that Apple could easily build profiles on people that do not use their devices via this indirect action of having to communicate with Apple devices owners.

That statement above also applies to Google. There is now way not prevent indirect data sharing with Apple or Google.

replies(3): >>42065011 #>>42065466 #>>42065965 #

hnaccount_rng ◴[06 Nov 24 16:44 UTC] No.42065011[source]▶

>>42064785 #

Yes, if your thread model includes the provider of your operating system, then you cannot win. It's really that simple. You fundamentally need to trust your operating system because it can just lie to you

replies(2): >>42067159 #>>42067843 #

fsflover ◴[06 Nov 24 18:42 UTC] No.42067159{3}[source]▶

>>42065011 #

This is false. With FLOSS and reproducible builds, you can rely on the community for verification.

replies(1): >>42070042 #

1. philjohn ◴[06 Nov 24 21:51 UTC] No.42070042{4}[source]▶

>>42067159 #

Not unless your entire stack down to the bare silicon is also FLOSS, and the community is able to verify.

There is a lot of navel gazing in these comments about "the perfect solution", but we all know (or should know) that perfect is the enemy of good enough.

replies(1): >>42070272 #

2. threeseed ◴[06 Nov 24 22:10 UTC] No.42070272[source]▶

>>42070042 (TP) #

We've seen countless examples of relatively minor libraries being exploited which then cause havoc because of a spider web of transitive dependencies.

↑