Hacker Neue

Preferences
rxyz parent
the whole point of ADP is that they cannot provide access
CharlesW
Yes, the parent commenter missed the part where Apple cannot see the encrypted content when ADP is used.
zikduruqe
But Apple could say, you have 45 days to remove it or we will delete it, then you have to resync your data.
brookst
Why would they? What priorities are better served by that approach?
zikduruqe
Why would they say to all new users, that they cannot have Advanced Data Protection, whereas older customers can?

Now you have a certain percentage of users with encrypted data, and a certain percentage of users that do not. The UK government will not like that. And now Apple has shown that it will not take a stand for privacy it might have to do it to comply.

brookst
Ah, you missed the part where Apple also said existing users will have to turn it off at an unspecified date.
JKCalhoun
No! That's not ... the comfy chair is it?
InsomniacL
I'm not suggesting Apple should be able to see the content, I'm saying the Police should be able to, when they have a valid court order issued in accordance with the legislation.

For example, A 'Personal Recovery Key' could be recorded in a police database. To gain access to 'encrypted' data from Apple, a court order is needed, once they have the encrypted data, they can unencrypt it using the key only they hold.

There's lots of ways to skin a cat.

cassianoleal
> A 'Personal Recovery Key' could be recorded in a police database.

That's about as secure as not having ADP at all, or worse. If that police database gets compromised, not only my data is accessible to the attackers, but I will be none the wiser about it.

InsomniacL
An attacker would have to both compromise the police database AND Apple to retrieve the data.

The Key could even be split, say 3 ways. Apple holds 1 piece, the police hold another, and the Courts hold the third, all three would be needed to decrypt the data.

This is too far in to the weeds though.

It is not beyond humanities ability to have a system as secure as ADP while still providing a mechanism to access terrorists phones for example.

ferbivore
Leaving aside the fact that RIPA was drafted by deranged lunatics and deserves zero compliance from anyone, who the hell would you trust to run this database?
svachalek
We have a 5th amendment. You shouldn't have to do all the police work for them.

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal