Hacker Neue

Preferences
bigyabai parent
The US succeeded, according to American lawmakers: https://arstechnica.com/tech-policy/2023/12/apple-admits-to-...

  Apple has since confirmed in a statement provided to Ars that the US federal government "prohibited" the company "from sharing any information," but now that Wyden has outed the feds, Apple has updated its transparency reporting and will "detail these kinds of requests" in a separate section on push notifications in its next report.
Apple's hidden at least one warrantless backdoor in their systems for the purpose of federal surveillance. I have no reason to believe the exploitation stops there.
GeekyBear
Apple and Google had no choice but to comply with the National Security Letters demanding access to user's push notification data.

They also can't refuse to comply with warrants demanding any such unencrypted data that is stored on their servers.

That's not the same thing as adding a back door to allow access to encrypted user data that is stored on the user's device.

It's also different than storing encrypted user data on your server, when you have purposefully designed a system where you don't have access to the user's encryption key.

Encrypted user data backup is the feature that Apple disabled access to in the UK rather than comply with the order to insert a back door in the OS.

xorcist
To clarify: When you get an NSL, not only is it impossible to refuse and stay in business, it is also impossible to talk about it. That's the scary bit.
GeekyBear
Certainly. At least with a normal warrant you can publicly speak out and notify the user(s) involved.

I would also point out that it was Senator Wyden who initially informed the public of how much the government was already spying on their unencrypted communications.

His record on civil liberties is excellent.

bigyabai OP
You'd better hope you're right. Nobody is auditing Apple who can hold them accountable. The lack of transparency is how we ended up on this slippery slope in the first place.

Good security models typically don't hinge on being lucky.

GeekyBear
Nobody is auditing Google to prove that they aren't selling user data to third party data brokers.

Should we disbelieve them when they say they don't do so?

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal