I'm sure if such a relationship became public,most Americans will forget about it in few weeks time and half will be surprised what the big deal is. But apple will lose out on Asia and Europe where it has solid competition. Their hardware is their bread-and-butter.
It is more plausible for the US government to have planted or extorted an asset working as a developer at apple than apple itself making such a monumentally foolish decision.
Google and Microsoft on the other hand, that I am fairly certain of.
But... i digress a bit, only because Tim Cook was kissing the proverbial king's ring a lot lately. donations are one thing, giving gold gifts in person and on national tv is another.
I don't think I'd read more into it than that.
Which, whilst morally repugnant, does make business sense - if Apple got hit by tariffs or other penalties, you can be sure the Carl Icahn style leeches would be popping out of the woodwork complaining that Tim Cook was ruining Apple / the share price / etc. and trying to orchestrate shareholder and/or board revolts.
(And Good Lord, imagine the threads on here if Apple's value dropped just because Tim Cook didn't give a hideous piece of tat to Trump.)
From Wikipedia: "Bribery is the corrupt solicitation, payment, or acceptance of a private favor (a bribe) in exchange for official action."
But let’s not motte bailey that into proof that Apple intentionally ships backdoors.
Everyone is somewhat aware that their phone are not impermeable to government agencies and it doesn't matter, that's the case for Americans of course because they are well used to it, but also for Europeans.
If they were to purposely make 'mistake' to allow Israeli spying companies to compromise their phone, it most likely wouldn't change anything.
This is indeed how I read the comment you replied to.
How is none of this public knowledge
- Are you saying that you believe apple is picking someone who is a real wizz with css, but because of the country’s laws they had to serve with the IDF?
- Are you saying the formality of having to be a former of your previous employer, as part of taking on new employment is to be unexpected in any way?
Firstly, the exploits in play would not be introduced by a “css whiz kid” first of all. Creating holes for rootkits like Pegasus requires deep low level expertise.
Secondly, AFAIK all the teams that would be involved on working on that are located in Cupertino - so these people had to relocate to the US.
But yes, I think finding anyone who was a child in Israel and didn’t serve in the IDF is very difficult. This is doubly-so for the tech sector since the IDF is often where they obtain their initial technical education and are serving between 18 and 21.
Unless you’re blanket just going to disallow recruiting from Israel or hiring people who moved from Israel to the US and might even be US citizens. But then you’re also going to have to explain why you’re applying this policy to Israelis and not Koreans, Singaporeans, Taiwanese, Norwegians, who have similar mandatory service requirements (plenty of countries do).
I’m not saying that Mossad don’t try to get their own secret agents working long term undercover in these places. But that’s also true of other secret services of enemies and allies alike and I would think they’re less likely to generate exploits intentionally and more likely to gather information and look for exploits by having access to source, documentation, and able to get information from peers. But Israelis having previously worked in the IDF doesn’t really provide any signal to me on the motivations or beliefs of that person.
You know what, you’re absolutely right. But you’d be wrong if it turns out it’s not the general IDF we’re talking about, and specifically not one all Israelis have to serve. And that Google has all the good stuff.
But anyway I’m going to let you believe what you believe about a corporation that makes “donations” to a military, and I’m going to believe what I believe.
Like https://www.amazon.com/app-controlled-vibrator/s?k=app+contr... ?
Is there a "Rule 34" type proclamation where if it exists someone will add an app to it whether it needs it or not.
/s
Do you really think that with all of the years of iPhone device and account takeovers, from a text message requiring no reading or interaction, Apple with their maximum controlled walled garden aren't facilitating? Apple spent billions moving factories because the US government told them to. They are the keymaker.
Apple could do a lot of things, such as preventing the black market for stolen phones from existing. A single city, London, had 80,000 phones stolen in 2024.
"...Onwurah argued that "robust technical measures" such as blocking stolen phones taken overseas from accessing cloud services could make devices "far less valuable".
"She also pointed to comments by Mobile UK, the trade association of the UK's mobile network operators, who said blocking IMEI in other countries was a "necessary step to dismantle the business model of organised crime".
"However, she said when giving evidence, Apple, Google and Samsung had avoided saying why they would not implement the technology." <--**
Doesn't iCloud lock basically already makes a stolen iPhone unusable? What more do you want?
TL;DR if the device is stolen from you by a stranger, this is possible. If the device is stolen from you by someone you permitted to use the device, this is not possible
I suspect these kinds of thefts are a small fraction of the "80,000 phones stolen in 2024" that OP was talking about. Moreover the only plausible case I can think of this happening is for corporate devices, which can be MDN enrolled and locked to a particular organization.
Fail is an overstatement. Apple is part of PRISM and the functionality is working as intended. When a hole becomes public, it is quickly patched.
As someone who actually worked there a decade ago, that doesn’t reflect the attitudes and positions of people I worked with then. And many people generally tend to stay working at Apple for long periods of time.
I can’t speak if that’s changed or other things happening, but this could easily be just a late-introduced bug as it wasn’t present in earlier betas as someone noticed - my expectation would be such a change would be present quite early. I would be very very surprised something this insignificant was a late introduced change at the request of the government - Apple historically just doesn’t act that way (see the San Bernardino row over unlocking the iPhone for the FBI).
Every company works with whoever gets elected. This isn’t new. It isn’t indicative of political support. It’s just how business is done.
First, I never claimed Cook "supports" Trump - as I said, I suspect he personally loathes him. The point is that corporations are making unprecedented concessions to avoid Trump's wrath.
Second, companies push back on government constantly when it serves their interests. Apple previously fought the FBI, but more typically companies push back or evade the law. When penalties are low enough they accept them as the cost of doing business, e.g. Meta's consistent, willful FTC consent decree violations.
Third, openly bribing a sitting president with a 24-karat gold gift is not normal corporate behavior. The Trump administration has used state power to control private enterprise in a completely unprecedented way: tariff threats as extortion, DOJ investigations targeting companies over DEI programs, prosecution of high-profile figures who resist - mostly political enemies so far but Zuckerberg faced threats of "life in prison" before he showed sufficient fealty.
I'm waiting for the whataboutism replies here, and executive overreach was a thing in the past, but Trump has fundamentally changed the character of the US system of government. The enabling environment is unprecedented: a Congress with zero interest in oversight and a Supreme Court granting immunity for official acts. When you combine unlimited executive power with no checks, corporate capitulation isn't "just business" - it's rational fear of an authoritarian using every lever of government to punish dissent.
Wouldn't that make it easier for people to find vulnerabilities and more importantly (for Apple)? Which would allow people to find vulnerabilities for rooting the phone, something Apple really seems hellbent on preventing.
Why would somedy want to disturb in memory exploits ? /s
> Consider holding off on updating to iOS 26 until Apple addresses this issue, ideally by releasing a bug fix that prevents the overwriting of the shutdown.log on boot.
That said, if we take Apple’s stance on privacy seriously, users should also have deep inspection capabilities on their own devices. After all, they’re supposed to own them.
apple always trying to hide things and lock people more out of how the device works. they use privacy as an excuse and even sue and jail ppl who try to look at things properly.
Just because you own a device, that doesn't mean the manufacturer is obligated to add features you want.
Since there is no sideload and the criptographic keys belong to Apple, then the device belongs effectively to Apple and you just rent it for a fixed fee.
You can't both own it and not own it depending on the situation, thus exposing Apple's hypocrisy as a well-intended parentified gatekeeper just protecting the users/childified adult users.
Another way to think of this is imagine if Apple burned the OS into a ROM chip. That doesn't make them the owner of the device because the user can't write to the ROM chip. By that logic no one would own the device because no one can update it, but that can't really be true.
This is unique to modern technology, and the fact that they sell you the house keeping sole ownership of the keys to certain rooms is indeed worth examining I think.
Except that they are not actually given that freedom.
The entire notion of free software is that users should be free to modify the software stacks of their devices.
Very few consumer devices are free in that sense. You can't run a custom OS on an iPhone.
Not everyone cares about the bits. It’s true that the vast majority of consumers prefer having a single supplier to having freedom to run their own bits.
That’s really reductive thinking. I guess the idea is to blur all the different connotations of “own” into one thing and assert they are all the same?
I “own” a car, but am not allowed to drive it in some situations (if I’m drunk, on the wrong side of the freeway, …). Does that mean the state actually owns it?
Disregarding context in favor of reductive binaries is the #1 sign of zealotry. You see it everywhere: either a movie is original or it’s not, so Avatar is / isn’t (pick one) because it follows familiar tropes / innovated in visual arts (pick one).
The world is actually contextual. The moment you throw that out, no meaningful statement can be made.
No, it means that the state owns the freeway.
> If you care about your iOS device security.. reboot every day.. writes a list of running processes to this shutdown.log file.. If you have processes that shouldn't be running, they will get written to this shutdown.log file.. allows you to go back in time and check for IOCs.
So the log has no value
> Researchers have noted instances where devices known to be active had their shutdown.log cleared, alongside other IOCs for Pegasus infections. This led to the conclusion that a cleared shutdown.log could serve as a good heuristic for identifying suspicious devices.
Which is why the article is pointing out that a cleared `shutdown.log` is no longer an indicator of Pegasus infections (because it now happens every boot.)
Pegasus and Predator were VERY widely publicised exploits in iOS, I find it shortsighted for Apple not to have control over how these get identified in the first place.
It's also frustrating that the entire "your iPhone is safe and private" assumption is a black box and we only have Fruitcorp's assurances that they're doing the right thing. So imagine, people finding all kinds of bugs on iOS26 ... how is one to believe these bugs and glitches don't extend into security features as well?
sevg•10h ago
(They actually do use the expanded form in the article, just without some parentheses afterwards on the first usage of the phrase.)
Maybe everyone but me knows the abbreviation, but in case it helps _someone_ out there!
dry_soup•8h ago
bnastic•7h ago
CaptainOfCoit•5h ago
misnome•2h ago
KernalSanders•6h ago
Abbreviations and acronyms are highly inefficient if not defined clearly and up front. It also creates a division between those who know and those who don't.
I absolutely detested seeing "ISO" suddenly everywhere on Facebook and Nextdoor in place of "in search of". If you didn't know that before, you know it now, but you may also be annoyed by it not being about the international organization for standardization, which also goes by ISO, but not for any reason people would magically guess, without a background in Greek. (ISO explains that, since the acronym would differ in every language, ISO is actually derived from isos, which means "equal". Happy coincidence that it almost matches the name of the organization, but could also become obscure with time and lost history.)
For our company, I've been very clear that we don't make up acronyms unless a layperson could reasonably guess what it stands for, and also not confuse it for something else.
integralid•4h ago
CaptainOfCoit•4h ago
Yeah, it's called "expertise" and it isn't as bad as you seem to think. Blogs for security professionals will use jargon and technical words aimed at other security professionals, and that's OK, not everything on the web is for everyone.
Just like how in my game development blog I don't explain what a "loop" is because I'm assuming the audience knows basic programming already, otherwise every article would be balloon out of scope easily.
akerl_•3h ago
CaptainOfCoit•3h ago
Considering they have stuff like "Located within the Sysdiagnoses in the Unified Logs section (specifically, Sysdiagnose Folder -> system_logs.logarchive -> Extra -> shutdown.log)" in the article, my guess is that they're aiming for people who at least have a basic understanding of security, not general users, as those wouldn't understand an iota of that.
akerl_•2h ago
Any example where somebody says an article doesn’t do a great job defining its terms just becomes proof that the authors only wanted readers who already understand the terms.
CaptainOfCoit•2h ago
pcthrowaway•2h ago
eviks•1h ago
CaptainOfCoit•1h ago
eviks•1h ago
> because you'd say that sentence to the typical computer user and most of them wouldn't understand most of it.
Yeah, do try that, just not your cut version focusing on the irrelevance of a specific path and the meaning of >, but the whole paragraph. Do see how many people fail to understand that there was some file at some folder. You could even ask extra SAT questions "what do you thing a "shutdown log" is, does it record activities during device shutdown?")
riehwvfbk•2h ago
eviks•1h ago
jcgrillo•1h ago
Polizeiposaune•1h ago
https://samm.dsca.mil/glossary/initial-operational-capabilit...