Cryptographers who design these systems do consider the threat of a malicious future iteration of the company and thus try to reduce the trust in a centralized authority.
Apple did fight in court to not have to crack the San Bernardino shooter’s phone, which probably didn’t garner much sympathy with the general public, specifically against government power to compel them to make changes to subvert security.
They also publish a Transparency Report about government requests they’ve received and how many they’ve responded to.
It didn't garner sympathy with the public because they had previously lied to the public that they were technically incapable of complying with those data requests. After the government explained how Apple could comply, Apple shamefully removed the erroneous claim from its website without informing its customers who had believed that claim.
All the big tech companies that have user data publish government data request transparency reports.
The government attempted to force them to write a new operating system for them that would allow them to get the data on the phone. This was never about the San Bernardino phone, everyone knew there was nothing of any use on it and everyone involved was dead. It was about getting precedent on record that they could force a company to backdoor their OS on a court order.
They eventually dropped their request when it became obvious Apple wasn't going to roll over for them.
Your post reeks of some personal vendetta against Apple, and has no factual basis.
If the statement isn't true, then why did Apple stop making that claim? It's because my statement is true. Apple was capable of getting the data.
It is possible for Apple to build a device that Apple wouldn't have been able to access the data on, as they claimed. That isn't what they provided to their customers.
You're using bad faith arguments to defend a multi-trillion dollar company that pushes a restrictive model of computing on its customers for its own benefit for what purpose?
Apple can't access the data on the devices. They've spent absolute fucktons of money building their infrastructure that way, and they give up hundreds of millions of dollars that Meta and Google gladly suck up by not monetizing their customers' data.
Apple provides me with the devices I want that do the things I want them to do. "restrictive model of computing" is a concept that doesn't really mean anything. I can do anything I want on my Mac. My iPhone is way more locked down, and it doesn't bother me a bit. My guess is that like most Apple haters, you don't use Apple devices and have taken up a cause against them based on things that don't have any effect on you.
> The government attempted to force them to write a new operating system
Which they are absolutely capable of, but refused to that time. People in this thread keep talking about provable trust when the software is fully under Apple’s control, which is just puzzling. It’s still a “trust me bro”. Whether you trust them due to past track record is something else. In fact, that you even need to bring up their refusal as evidence means you don’t believe they’re technically incapable of complying.
The government wanted Apple to backdoor iOS at their command.
Apple told the government to go fuck themselves.
None of that addresses whether it was technically possible or not. You've made up a theory in your head about how it was possible based on what some dumbfuck government lawyer made up to file with a court, but that doesn't make any of it true.
And again, none of this had anything to do with that phone. The government wanted to establish precedent that they could order Apple to create a backdoored iOS for them, so that they could use that to spy on people. They gave up when it became obvious Apple wasn't going to roll over for them and rewrite iOS so they could use it the way they wanted to.
Your beliefs about some theory about Apple claiming something about "provable trust" or whatever are really probably unfounded and don't even make any sense.
> Your beliefs about some theory about Apple claiming something about "provable trust" or whatever are really probably unfounded and don't even make any sense.
> Cryptographers who design these systems do consider the threat of a malicious future iteration of the company and thus try to reduce the trust in a centralized authority.
It’s no use. All the opaqueness to Apple relies on
> This private key pair and the secret are never sent to Apple and are synced only among the user’s other devices in an end-to-end encrypted manner using iCloud Keychain.
Which is trivial to compromise from Apple. They do their best to minimize trackability from third parties though.
Provable how? iOS software is closed source and unverifiable. New code can be added to send any data anywhere at any point. Explain to me how you prove closed source software won’t send data under its control ever.
And we don’t even need to go as far as key exchanges, and forget about Find My. Maybe those are better protected and it’s harder for them to pull a sneaky without someone noticing. The location data of your phone isn’t in Secure Enclave and the OS can do whatever the hell it likes with it, good luck verifying a huge closed source OS which phones home all the time isn’t sending your location home. At the end of the day you’re trusting them (or just don’t care because you probably aren’t pissing off TLA, which is certainly true in my case), provable security is extremely limited.
iCloud Keychain escrow data is encrypted by HSM clusters that have administrator keys destroyed; if Apple tried to compromise a keychain by installing malicious HSMs users would first get notified that their data had been lost due to failed/destroyed HSMs.
Trusted computing is a technical concept. People use Bitcoin because it’s provably secure against clearly outlined threats, not because they trust some vendor. Apple and a certain group of fans want to present iOS as a trusted computing platform for certain use cases, but it’s not.
Anyway, I see you’re just trolling here, so there’s no point talking to you.
Apple did fight in court to not have to crack the San Bernardino shooter’s phone, which probably didn’t garner much sympathy with the general public, specifically against government power to compel them to make changes to subvert security.
They also publish a Transparency Report about government requests they’ve received and how many they’ve responded to.