Rules for thee, not for me.
I am all for laws designed to protect children, and stop terrorism. But these 'back door' laws are nearly always very poorly thought out and offers new avenues for 'normal' people to come to harm.
Given the lengths the government has gone to monitor its citizens, I could believe the technology stack has already been compromised.
Truly this site is crawling with anal-retentive man-children who downvote over any silly self indulgent bullshit they can think of.
https://www.reuters.com/article/world/exclusive-apple-droppe...
Apple processes FAA702 orders on upwards of 80,000 Apple IDs per year per their own annual transparency report.
Snowden himself said that they see so many nudes that they got desensitized to it.
This clever setup allows them to claim iMessage is e2ee while still escrowing keys in effective plaintext to Apple in the iCloud Backup, rendering the e2ee totally ineffective.
I think “backdoor” is probably an appropriate term for it, but they have made no secret whatsoever of it.
It’s terrifying to think that the US federal government can read every iMessage in the entire world across a billion devices (except China, where the CCP can do the same) in effectively realtime. The power that that enables (if only in blackmail ability) is staggering.
allows them to claim iMessage is e2ee while still escrowing keys in effective plaintext to Apple in the iCloud Backup
Also, what regular criminal, let alone terrorist, would leave iCloud backup turned on after all the hacks and leaks over the years. I assume that most in the HN community, like myself, have iCloud backup turned off.
I would venture a guess that almost all criminals have iCloud Backup enabled, because that is the default setting.
Advanced Data Protection needs to be turned on for both you, and everyone you communicate with if you want the full chain to be E2EE. Your communications are only ever as secure as its recipient.
By now, "think of the children" is a tired cliche of anti-freedom laws. If "protecting children" requires sacrificing freedom for everyone, then children should not be protected.
Every time I come across another anti-freedom law wrapped in an excuse of "think of the children", I question whether the worshippers of Moloch had the right idea after all.
This can't be true. You're against a law that says a convicted child rapist cannot work in schools? You're against a law that says people can't take bombs onto planes?
I think you're being dishonest in your statements, or do not care about anyone else in society.
This is true for existing laws, and true twice over for anything that's being proposed. It's long overdue for the "safety" plague of "think of the children" to die.
I'll be the devil's advocate: for how long and in what way? You can be on the child predator list because a minor caught you peeing on the side of a road. Do they deserve to be blocked out of an industry because of bad luck over something many people have done?
>You're against a law that says people can't take bombs onto planes?
Well that led to me not being able to bring a normal stick of deoderant in my bags. So maybe we should review the TSA oversight after 20 years.
>I think you're being dishonest in your statements, or do not care about anyone else in society.
and I think you're arguing in bad faith comparing the ability for government to track society's entire digital footprint to imprisoning a convicted criminal.
Agreed. It all goes back to the famous quote "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." (granted, the quote was about taxation but the principle applies here)
Much like cybersecurity, it's always a trade off between absolute freedom and absolute safety. You don't get both. Every "safety" measure that gets put in place reduces your level of individual freedom. Go to far in the safety direction and you lose all your freedoms, and that trade off IMO is not worth it.
The usual suspects:
* https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
I think this conspiratorial view of these laws is doing more harm than good and ignores the entire issues that these laws are designed to address.
The problem is we create overly broad laws because:
- There is a problem with child predation / terrorism - There is a lack of understanding on how technology works - There is faith that the system works and won't ever be abused - There are too few people in community self policing these issues.
Addressing any one of these in a different way will negate the need for laws like the UK were trying to implement.
Creating broad gives the police more ability to enforce their spirit. I think that's generally a bad thing when the laws are to do with civil liberties. But maybe a good thing when dealing with, for example, domestic abuse.
The general context is it targets "anyone who angers the government". Being able to ban your entire internet if this becomes widespread becomes a very powerful deterrent to opposition. \
>Creating broad gives the police more ability to enforce their spirit. I think that's generally a bad thing when the laws are to do with civil liberties.
Given the histories of "enforcing spirits" for both the US and the UK police forces, I'm not sure how or why you'd have faith in their interpretations.
The police can bring up your info themselves without needing the ability to cut off someone's entire digitial landscape.
As an aside, all this demonstrates the UK's lack of a Bill of Rights. And no, the ECHR is not one due to the pernicious doctrine of Parliamentary as opposed to popular sovereignty, and the lack of independence of the Judiciary. No Parliament can bind future Parliaments, which could abolish the Human Rights Act 1998 with a single vote, and indeed many UK politicians are calling for precisely this, versus the complex and deliberately cumbersome procedure the US Constitution has to amend itself. Any Bill of Rights that is subject to the forbearance of the legislative body it is supposed to protect you from is not worth the paper it is written on.
Obviously, if journalists cannot have encrypted conversations with their sources and whistleblowers don't have anonymous channels to blow the whistle, considering the draconian penalties of the Official Secrets Act (another OSA, coincidence much?) neither will happen, which is exactly by design. Ironically, when the boot was on the other foot like revelations about Boris Johnson or Rishi Sunak's own illegal use of WhatsApp to hide activities covered by public records laws, they backed off.
Unfortunately, I'm highly confident that 90% of the intelligence community looks at us insisting that crypto standards be inviolable, and thinks we're all as infuriatingly naïve as a ChatGPT comment.
I don't know the true risks of terrorist organisations. I doubt I ever will, because the intelligence community wants to keep its methods secret in order to avoid mildly competent terrorists from avoiding stupid (from MI5/6's POV) mistakes. The counter-point is that such secrecy makes the intelligence organisations themselves a convenient unlit path for a power-hungry subgroup to take over a nation.
Regarding sexual abuse, the stats are much easier to find, and are much much worse than most people realise to the extent that most people either don't understand what those numbers mean or don't believe them: If you're an American, on your first day in high school, by your second class you have more than even odds of having met a pupil who had already been assaulted, most likely by someone close to the victim such as a relative.
I don't see how any level of smartphone surveillance will do anything to stop that. Or indeed, any surveillance that isn't continuous monitoring of every kid to make sure such acts don't find them.
Until they can prove this is the case, and not just fear mongering to justify their massive budgets, overreach and assaults on civil liberties, I am happy to continue being considered naïve by them.
You're saying that the rate of sexual assault is.. a few percent?
Too high! I agree. But it's bad form to give convoluted examples in order to give the impression that the actual number is worse than it is.
Specifically of pre-pubescents. This is already enough to exceed the prison capacity of any nation, including El Salvador.
If I had instead broadened to the under-18 rate of victimisation, about 11% of women are victimised: https://rainn.org/statistics/children-and-teens
The lifetime risk is higher still.
For example, looking back over the history from what has been declassified in my country, the intelligence services spent a huge amount of time and resources infiltrating and surveillance communist groups and university socialist clubs, and then seemed to be completely blind-sided by the rise of Islamic terrorism when 9/11 rolled around... In a similar vein I think to how the UK is spending all this time going after people waving signs supporting Palestinians - they probably honestly think there's a real threat there, and it will turn out to be a huge waste of time and the next real terror threat will come out of some other unexpected group.
As for assault - yes, it's usually someone they know. Which is why it's ridiculous the resources they spend trying to backdoor private messaging etc. in the name of "protecting the children" when much of it's happening in person...
This isn't a win, this is solidifying and reinforcing the idea that different laws should exist for different classes of people - those who can afford to make the government look the other way and those that can't.
Congratulations to Apple on lobbying for its own money. Very noble.
> those who can afford to make the government look the other way and those that can't.
> Congratulations to Apple on lobbying for its own money. Very noble.
But what’s your implication here, that Apple shouldn’t have fought it?
I'm not saying they shouldn't lobby for what they believe in, but Apple always stops short of making the world a better place and seems to care only if their walled garden is secure.
succinctly summed up why I dislike Apple (despite using their products). If you value privacy (against third parties), E2EE, and the tight device coupling then Apple is literally the only choice unless you have the time, knowledge and desire to piecemeal together your own solutions and that really sucks. I have permanent cognitive dissonance because I won't give up the small quality of life features Apple gives me, but I also don't have the time nor skill to replicate their whole ecosystem with Linux, GrapheneOS, writing BLE scripts for watch unlock, fussing with KDE connect for universal clipboard, hosting my own nextcloud instance, etc.
I wish there was another choice of mobile + accessories that was both privacy respecting and actively using open standards for the betterment of all, not just their own profits.
That's the rub. If you look at Android handset financials, there's almost no money in making Android phones unless the company making them is Samsung, and only certain models sell. Where are all of these profits going to come from?
I wonder if you'd get farther with a USB SIM adapter under desktop Linux in that regard. I think you'd be hard pressed to end up where you want to in anything more portable than a laptop, since phones themselves are designed to be glorified containers for your mobile ad ID.
This wasn't an "Apple only" law -- it would have affected all platforms with data on customers that live outside the UK.
>This isn't a win, this is solidifying and reinforcing the idea that different laws should exist for different classes of people - those who can afford to make the government look the other way and those that can't.
Corporations are not people. The people can afford to vote out politicians making laws that go against the will of the people.
Yeah, the law still exists. Apple just successfully managed to refuse to comply with a request made under it.
> This isn't X, this is Y
This is ChatGPT's favorite rhetorical flourish without exception.
> This isn't X, this is Y
is a huge ChatGPT signal.
Sometimes when I talk to British people, I start to do an accent a little bit. I think I just chameleon my tone to recent conversations, but I can't convince you otherwise.
Unrelatedly, there is a upended tortoise outside my house struggling in the heat. I am not sure why I refuse to help him, can you tell me why?
First they came for the Apple fanboys, and I did not speak out— Because I was not a Apple fanboy.
* https://en.wikipedia.org/wiki/First_They_Came
If the UK had 'won' again Apple, do you not think that the Android ecosystem would be next? If the UK had 'won', do you not think that Turkey, India, China, etc, would not be lining up as well?
When you start down a slippery slope like this, you burn trust and make people demand transparency. It's impossible for me to say that I'm any more secure as an American user - no trusted third-parties actually audit Apple's American iCloud servers for such backdoors. Users trusting Apple for security are (unfortunately) fish in a barrel, same as ever.
[0] https://www.nytimes.com/2017/07/12/business/apple-china-data...
Sadly every time I’ve tried to explain this to people they always say “you are bleeding a lot” and “dude you just fell down so many stairs. I have never seen anyone fall down that many stairs” or “your head sustained the entire impact of your full bodyweight when you finally reached the bottom of those stairs, how are you even standing?” so I don’t think this is a conversation a lot of people are ready to have
Honestly probably nobody would have noticed that, and it would have been the path of least resistance to just comply. Some informed technical people might abandon Apple's platform, but the masses wouldn't have noticed... So how is this "Apple on lobbying for its own money"?
Honestly that last line just comes across as unhinged... Trying to read your comment in the most generous light but it's not close to reality...
I don't think that is the case here. It's a "secret order" so it's never sure, but there aren't a lot of global tech companies who will comply to give a single government their worldwide data.
Bet that's not happening...
Still there.
I don't want to be overly cynical but I'm resigned to never truly know details of national security. I have opinions but nobody is listening to them.
Back doors to end-to-end encryption are considered bad now? Someone should tell the FBI. https://www.fbi.gov/how-we-investigate/lawful-access/lawful-...
Never use a mobile for anything that requires privacy or security. It's the intelligence agencies favourite tool.
That Apple can even claim it encrypts your data is such a bald-faced lie when Advanced Data Protection defaults to off.
Retr0id•5mo ago
Also important to note:
> With the order now reportedly removed, it’s unclear if Apple will restore access to its ADP service in the UK.
ExoticPearTree•5mo ago
Retr0id•5mo ago
201984•5mo ago
ExoticPearTree•5mo ago
I think that idea died a very long time ago.
johnnyanmac•5mo ago
hardlianotion•5mo ago
terminalshort•5mo ago
logicchains•5mo ago
abullinan•5mo ago
hardlianotion•5mo ago
stephen_g•5mo ago
1. https://daringfireball.net/linked/2025/02/26/wapo-biden-just...
meesles•5mo ago
johnnyanmac•5mo ago
I feel this is more of an "Earth isn't yours to conquer" move rather than one really aimed at protecting US Citizen's data. Governments is simply fighting over who can control how we navigate our tech.
varispeed•5mo ago
stronglikedan•5mo ago
Like it or hate it, that's still the way of the world.