Pressure grows to hold secret Apple data privacy hearing in public
38 comments
·March 14, 2025chaz6
Perhaps there is an app that makes using one-time pads simple. It is really the only way to be reasonably certain that your communication is protected. With storage so abundant it is feasible to share a 100MiB pad for each contact which should be enough for a lifetime of messages.
null
irenmroma
[dead]
null
amelius
[flagged]
Angostura
Except, in this case you have a US company that I honestly believe takes privacy seriously, fighting to prevent that stance being undermined by the UK government
redserk
The problem is if you want to back up the content of your device securely. Without ADP, you’re stuck sending it into iCloud in a way that allows a government to access the data.
If you wanted to avoid potential prying eyes, you can’t backup the device over the internet to a storage location you own. You can sort of do this with photos, but it’s absolutely a kludge.
Apple is only one US law away from completely shutting down Advanced Data Protection for everyone.
jacksnipe
Encrypted backups are an intractable technical problem. The key is on the device you’ve lost, so another copy of the key must be saved somewhere.
There has to be an element of trust, or else the actual use case that 99.9% of users have — I lost my device and want to restore my <whatever> - can’t be met.
It’s not like there’s some great alternative solution they’re intentionally neglecting.
gruez
>If you wanted to avoid potential prying eyes, you can’t backup the device over the internet to a storage location you own. You can sort of do this with photos, but it’s absolutely a kludge.
Use iTunes backup and then upload the files from your PC to an online storage provider of your choice?
danaris
> Apple is only one US law away from completely shutting down Advanced Data Protection for everyone.
The problem with this is that it's universally applicable.
Any cloud service that has end-to-end encryption today can be forced to break it if the jurisdiction in which they're based passes a law requiring it.
"So use a self-hosted open-source cloud backup system with a VPS?" Not a scalable solution. I genuinely do not believe there is a scalable solution to this problem.
All we can do is either pick the service we trust will remain safe the longest, or DIY it for ourselves and maybe those closest to us. And fight at the ballot box to end the era of ever-expanding government surveillance of everyone's digital data.
oneplane
There is no silicon for useful laptops that isn't US-controlled or China-controlled. On top of that, there is no ISA or reference CPU that isn't US-based.
In the future, we might have RISC-V, but right now, we don't. You can get laptops with Intel, AMD, ARM or IBM, and that's about it. All of the chips that are fast enough to be useful are US-based (in design and manufacturing instructions, but Asia-based in physical construction).
Say you'd be more interested in something that looks/feels like it's not from the US, you are pretty much restricted to stuff that's from ODMs in Asia. But it's the same hardware from the same production facilities, running the same firmware and operating systems.
Havoc
>On top of that, there is no ISA or reference CPU that isn't US-based.
ARM HQ is in Cambridge & owned by Japan (Softbank group)
oneplane
I suppose that's true. My mind was already on the likes of Qualcomm, Apple, Ampere and Broadcom but the base ISA and some of the reference designs used in public are indeed pure ARM (the company).
Ideally there'd be a player like Fujitsu (also an ARM licensee), they can do an entire laptop where only the manufacturing and software is not in-house (they don't have the capacity to do that AFAIK). If you then slap some coreboot (or U-Boot) and linux on it, you'd be pretty close to a much less US-attached laptop.
traceroute66
> laptop of a non-US origin soon
Maybe NitroPad[1] from Nitrokey (Germany) ?
I don't think Fujitsu Siemens make PCs/Laptops any more, only servers. But that would have been an option as their factory is in Germany.
itscrush
Certainly not the UK, they're spearheading much of the privacy problem.
rightbyte
Your own government is usually the biggest threat to your privacy. And namedropping the UK as some gov you would prefer from a privacy point of view is silly.
whynotmaybe
I don't have any gov app installed on my phone, though it came with the whole Google suite, Facebook and Instagram installed. And I can't remove it unless I root it.
If you're in a country where the gov is a threat to your privacy, you're in a dictatorship.
A democratic gov does not really care a lot about personal data, it only wants tax money.
A private company cares a lot about personal data because each bit of personal information is sellable to anyone interested.
vladvasiliu
Didn't the UK have an issue with Apple the other day, trying to get some "backdoor" to icloud? Which prompted Apple to say they'd remove E2E encryption for those users?
How's that tax related and not caring about personal data? Does that make the UK a dictatorship?
rightbyte
> If you're in a country where the gov is a threat to your privacy, you're in a dictatorship.
Really? Nothing to hide?
Any practical democracy does strange stuff.
FreebasingLLMs
[dead]
londons_explore
> Your own government is usually the biggest threat to your privacy.
Few people think of this. More should.
vvchvb
[dead]
ohgr
The government or other parties will come and take your data wherever you are without a moment's notice. There is no defence against that.
The objective should be to make that as hard as possible by not putting it somewhere you make it easy for them to do so without your knowledge or without legal due process.
And that is NOT in some cloud.
Man, this is really the worst case we've been fearing in Germany as well, i.e. an overzealous government that wants access to the master decryption keys of any app using end-to-end encryption so they can backdoor them anytime they like. I really hope they have enough common sense left to reverse their course, and I have to say kudos to Apple for taking this fight.