I don't see personal banking being affected. The request is not to change the security of the communications between you and your bank. The banks will already turn over banking data to the government when a legal officer is made. Which makes sense because the bank needs to see your accounts and instructions to be a bank. But Apple does not need to see the content of your messages or your files.
In this case, even Apple admins cannot view your messages and data. They cannot give data to the government because they can't see it. This also means hackers cannot see your data, should they gain access to Apple central systems. (Though hackers who hack your phone can see your data, but they only get one person's data.)
Changing how the systems work to allow admins to see your data, and so be able to hand it over to governments, also means a single hack could expose everyone's data.
There are many good arguments against this. But personal banking is not one of them.
I was just going to ask this. Presumably iOS is already compromised in a similar way, right? If Apple has already made this concession, wouldn't they just extend it to other countries rather than adding additional backdoor?
Also I know why Apple have made this concession to a totalitarian dictatorship, but a petty part of me does think they should be asked about it whenever they claim they care about user privacy.
"We'll compromise the security of our OS but only for totalitarian dictatorships!" is actually maybe the worst possible stance.
Right now I imagine that a lot of Apple customers in the USA are going to be super keen on having Apple say no to US government requests for their data. General paranoia on the right, worries about prosecutions relating to abortion laws in some states and so on. And intensified by Musk having access to all the government data.
So right now the timing of Apple caving in to this demand seems even worse than the previous occasions. Can't see this attempt going better than previous ones.
(From a techie who has been following these debates since the 90s.)
"The problem is that you can’t selectively break encryption for only the good guys. Any backdoor built into iCloud wouldn’t just weaken encryption for the baddies – it would weaken it for everyone and leave literally tens of millions of people and billions of messages, photos and other digital documents more vulnerable to hackers, cyberattacks and other modern digital nasties. It would undermine a fundamental building block of how our modern world actually works."
Has Apple built a backdoor for China? If so, how does weakening of encryption for China not already apply to other countries - are there different versions of operating systems for different countries? And are individuals in China therefore more susceptible to the security weaknesses described?
My understanding is that Chinese accounts are stored on separate servers in China and are backed up unencrypted. Chinese users are indeed more vulnerable, as the CCP can access whatever they like!
Ah, interesting! Thanks. Presumably if you communicate with someone in China then those messages are effectively not secure, because although you generally have encryption, they're not encrypted at their end? I must admit, I don't understand how that works when crossing borders - be careful who you message I suppose.
Great piece. Spot on!
I agree with your arguments. In addition personal banking would not be safe.
My one worry, is that if the Chinese have a way in, what's to stop them using that advantage in espionage?
I don't see personal banking being affected. The request is not to change the security of the communications between you and your bank. The banks will already turn over banking data to the government when a legal officer is made. Which makes sense because the bank needs to see your accounts and instructions to be a bank. But Apple does not need to see the content of your messages or your files.
In this case, even Apple admins cannot view your messages and data. They cannot give data to the government because they can't see it. This also means hackers cannot see your data, should they gain access to Apple central systems. (Though hackers who hack your phone can see your data, but they only get one person's data.)
Changing how the systems work to allow admins to see your data, and so be able to hand it over to governments, also means a single hack could expose everyone's data.
There are many good arguments against this. But personal banking is not one of them.
I was just going to ask this. Presumably iOS is already compromised in a similar way, right? If Apple has already made this concession, wouldn't they just extend it to other countries rather than adding additional backdoor?
Also I know why Apple have made this concession to a totalitarian dictatorship, but a petty part of me does think they should be asked about it whenever they claim they care about user privacy.
"We'll compromise the security of our OS but only for totalitarian dictatorships!" is actually maybe the worst possible stance.
Right now I imagine that a lot of Apple customers in the USA are going to be super keen on having Apple say no to US government requests for their data. General paranoia on the right, worries about prosecutions relating to abortion laws in some states and so on. And intensified by Musk having access to all the government data.
So right now the timing of Apple caving in to this demand seems even worse than the previous occasions. Can't see this attempt going better than previous ones.
(From a techie who has been following these debates since the 90s.)
"The problem is that you can’t selectively break encryption for only the good guys. Any backdoor built into iCloud wouldn’t just weaken encryption for the baddies – it would weaken it for everyone and leave literally tens of millions of people and billions of messages, photos and other digital documents more vulnerable to hackers, cyberattacks and other modern digital nasties. It would undermine a fundamental building block of how our modern world actually works."
Has Apple built a backdoor for China? If so, how does weakening of encryption for China not already apply to other countries - are there different versions of operating systems for different countries? And are individuals in China therefore more susceptible to the security weaknesses described?
My understanding is that Chinese accounts are stored on separate servers in China and are backed up unencrypted. Chinese users are indeed more vulnerable, as the CCP can access whatever they like!
Ah, interesting! Thanks. Presumably if you communicate with someone in China then those messages are effectively not secure, because although you generally have encryption, they're not encrypted at their end? I must admit, I don't understand how that works when crossing borders - be careful who you message I suppose.