Apple has staked their reputation on the line and said "send us an NSL if you like, we have nothing we can give you". And the cryptographic principles, if executed properly, are sound.
Maybe they're lying. Maybe Snowden 2.0 will come out next year and tell us the truth and instantly destroy their credibility. That's a gamble I wouldn't take with my company, but it's plausible.
See I figure, if you're a threat to National Security, the NSA still has options. They just don't include monitoring over the wire or asking Apple or Google for it.
edit: The Intercept article [4] you mention above suggests to me more that they aren't yet finished implementing it properly and less that they are lying. I would take it as a work in progress.
What makes you think it's such a big gamble? People just don't care about privacy as much as the news would have you believe.
Don't believe me? Quick, think of one of the largest and most consistently flagrant private entities who violates the privacy of its users on a regular basis, and is well known for it.
Did you say Google? Facebook? Now quickly think of two of the largest companies on the Internet, both in revenue, and traffic volume.
Apple isn't taking nearly the risk you're suggesting, because people just don't care.
" Quick, think of one of the largest and most consistently flagrant private entities who violates the privacy of its users on a regular basis, and is well known for it."
And then you go on to claim Facebook and Google as examples of your "violation of privacy". That's like saying my email provider violates my privacy because my email goes through their servers. Or the post-office violates my privacy because my snail mail goes through them. Quite a bit of a stretch, if you ask me.
What people do care about is targeted invasion of privacy, for lack of a better phrase. It's one thing having anonymized data "abused" for targeted advertising and selling as aggregated statistics. But it's completely different if you have an entity that can read your emails at will, and decide to throw you in a cage if you say the wrong thing to the wrong person.
Until Apple promised it so explicitly, I'd have said you might be right. True, Google and Facebook make zillions off of monitoring people for advertisers. That will make it harder for them to follow suit, there will be far more weasel words and such when they try.
I think those of us that are willing to pay the premium for something that promises more have higher expectations. If they are lying, I believe we'll know within the next year or two and we'll get to find out if you're right.
Out of interest do you have an example of Google's weasel wording this issue? They're getting criticised by all the same people and seem to be doing the same thing - is there actually an advantage either way here?
Just to clarify, I'm skeptical on both sides - both companies were in the prism leaks after all. But I haven't seen weasel wording and I'm curious if I missed it.
Actually, no, that was just a prediction. I am making an assumption - and maybe not a fair one - that because Google mines user data on the web that they also mine user data on the phone.
Skepticism seems warranted. With Apple, I try to be skeptical, but with Google, I always assume that I am the product until they demonstrate otherwise.
Since Apple's software isn't open source, it's possible they're lying. However, if they are, at some point the government is going to try to present evidence they gleaned through this lie, and that fact will leak out.
I think it would be an enormous risk for Apple to blatantly lie about something they put in black and white on their website. So I tend to think they're telling the truth.
Maybe one day, we'll get a real, bonafide, non-niche open source based phone where these things can be audited.
But this isn't just about the FBI. It's about all of law enforcement. Sure, the FBI may be practiced enough to hide the facts of discovery, but will every law enforcement agency in the US be as adept. If Apple is lying, or law enforcement finds a way to circumvent the encryption, it will most likely leak at some point, an leaks are becoming more and more common, especially with highly visible targets like Apple and Google (both blackhats and white hats are itching to show up the tech giants).
Granted, both are under the Attorney General (formerly Eric Holder)... but Holder's recent MO has been to improve race relations between the Police Agencies and the general public. (See his exceptional handling of Ferguson... but his less-than-exceptional handling of "Fast and Furious")
I appreciate the criticism actually. But lets look at this rationally.
When the FBI sent in 40 agents to a town with only 52 cops, to investigate a single murder... Eric Holder was sending a very strong message to the Ferguson community.
Remember, Ferguson Police and the St. Louis Police were the bad guys in Ferguson. The FBI came in with their Black leader (at the time: Eric Holder) and reassured the community that the African American President (and African American-led FBI) got their back.
Eric Holder then announced that the 40 Agents were going to hold an independent investigation and conduct a 3rd independent autopsy.
With the FBI's arrival, the riots immediately stopped and trust was restored.
Now true, the Ferguson Police and St. Louis Police were _absolutely_ terrible. But the Federal response (specifically FBI's under direct order of Eric Holder) was extremely effective and exemplary IMO.
Remember, we have a federal system in the US. Cities are independent of the county, counties are independent of the state, and states are independent of the nation. Eric Holder holds no responsibility for the poor behavior of Ferguson City cops or St. Louis County Cops. But... he was able to use the FBI's influence to pressure the local cops to do the right thing.
Remember too: Eric Holder does not have the authority to prosecute Darren Wilson on murder or assault. The best the FBI can do is prosecute him (and the police department) on racism charges. Murder / Assault is a charge that can only be delivered from the local government in this case. For the most part, the Feds don't have much legal authority over the situation.
I intend to. But my initial position is that it's far more likely that Apple will fail to be perfect than that they are intentionally orchestrating a coverup.
That said, I think all this syncing and cloud stuff - in its early days, at least - is way overcomplicated and more error-prone both in its features and its security than it needs to be. I expect mistakes from all implementations for quite some time to come.
> It's extremely difficult to implement cryptography correctly
The smartest CS undergrad at any vaguely reputable school could probably do this correctly. It shouldn't be a problem at all for one of the biggest companies in America if they actually care.
> then cryptography != security != privacy
Which is a more interesting point and assuming the left side was taken care of we could rapidly approach the right side by doing things like providing more granular permissions to applications.
> The smartest CS undergrad at any vaguely reputable school could probably do this correctly. It shouldn't be a problem at all for one of the biggest companies in America if they actually care.
You are very wrong about this.
> assuming the left side was taken care of we could rapidly approach the right side by doing things like providing more granular permissions to applications
It's actually an unsolved problem. Granular permissions have been tried before.
If some Gov Agency wants clone your phone's data, isn't the process as simple as get an NSL to own your email/phone number for a few hours, go thru the password reset sequence and own your iCould account and "backup" the data to a new phone they have access to?
An easier methods maybe to get someone from Apple Store to do password reset on a phone #. Any local police can probably do this - kind of scary now I think of it.
Considering one of Apple's core axioms is "no comment", entirely sensible & expected that they close that venue for anyone, however influential, to compel Apple to say anything they don't specifically intend to.
It's not really a gamble when you're forced to do something. You simply have no choice but to do what the government tells you to or lose your business.
Then they better have perfect security so there are no leaks proving that, or they're gonna lose their business anyway. I don't buy it, they'd fight that and they'd leak that they're fighting it.
That definitely could imply they have received an NSL.
But as a user, when I say "they would leak that they're fighting it", I would consider that completely insufficient. If they are pulling the kind of crap you say they are, then it will come out. Guaranteed. And then nobody, including me, will ever trust them again.
editing my comment since I can't reply to hellbanner:
Percentage doesn't matter, it only takes one. One person to destroy a hundred billion dollar company overnight. I am not saying "Tim Cook can not possibly be lying." I am saying "If Tim Cook lied, he just made a hundred billion dollar bet that he can keep a secret." Personally, I doubt he's that dumb.
(Clarifying I'm understanding your position): You're assuming that there are enough % of Apple employees who would refuse secrecy bribes || fear individual NSLs to leak something in public in a situation where they don't fear for their safety?
Maybe they're lying. Maybe Snowden 2.0 will come out next year and tell us the truth and instantly destroy their credibility. That's a gamble I wouldn't take with my company, but it's plausible.
See I figure, if you're a threat to National Security, the NSA still has options. They just don't include monitoring over the wire or asking Apple or Google for it.
edit: The Intercept article [4] you mention above suggests to me more that they aren't yet finished implementing it properly and less that they are lying. I would take it as a work in progress.