Apple caved under pressure from China. The explanation Cook gave is not just an embarrassment, it calls into question the veracity of all of his other statements.
Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?
And why should the US government be satisfied with a fully encrypted iMessage given that Apple will cave to demands given enough pressure?
> Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?
At least in China, you can probably assume iMessage is back-doored given that iCloud content in mainland China is operated by a Chinese internet company. Apple quietly posted this last week on their support page:
"iCloud services in China mainland are now operated by Chinese internet services company Guizhou on the Cloud Big Data Industrial Development Co., Ltd., (GCBD). This allows us to continue to improve iCloud services in China mainland and comply with Chinese regulations."
It goes on to say:
"iCloud services and all the data you store with iCloud, including photos, videos, documents, and backups, will be subject to the new terms and conditions of iCloud operated by GCBD."
>Get a physically isolated instance of Azure for your cloud computing services—operated by 21Vianet, a company based in China.
Besides censorship and spying on users, China probably doesn't want it's company's data hosted in a place the US's 3 letter agencies can access it via an NSL.
I would be asking AWS about the future of AWS Hong Kong which has historically has had special freedoms from China. See current events for more on that.
For now, like you say. If China decides to make one country one system, it's curtains for all the Western infrastructure and instances located there. Depending on how it goes down, it could be a big security/confidentiality issue for the data located or flowing through there.
I'm hopeful China would have a lot to lose by pulling the plug, since Hong Kong is a valuable interface to the West, but it might happen sooner or later with how unstable geopolitics is becoming.
The inspection team has complete access to the network system. Inspection can cover both the technical aspects of the network system and the data/information maintained on the servers. See Article 10. The inspectors can fully access the system and they are permitted to copy any data they find. See Article 15. The only restriction on the inspectors copying the data in your company’s system is that the inspectors must provide you with a receipt. Though Article 10 “restricts” access to matters involving national security, the definition of national security in China is so broad that there is no real limitation on what can be accessed, copied and removed.
Aren't foreign companies not allowed to operate in China without partnering with local companies? I think most (if not all) companies that sell services and digital products (online games, etc) operate this way.
That's not the only possible model. You can also have wholly foreign owned Chinese subsidiaries in the free trade zone if you get the appropriate licenses granted. Forgot the details though, sorry. That setup is apparently relatively "easy" for trade with physical goods, our lawyers told us some years ago, but wanting to do e-commerce without selling physical items meant all sorts of additional licenses had to be sought, and since nobody had done that before, it was unclear whether it would go through.
I remember a hilarious 24h trip to Shanghai because the Chinese law firm had found somebody who was well connected and willing to talk to us. It was somebody's cousin. In the day long meeting, the lawyers were entirely tight lipped and refused to give any legal opinion, merely reading the letter of the law back to us (which is not useful at all in China). The only person who was willing to give any guidance (and preciously little at that) was the cousin.
It was simultaneously very serious, with lots of money at stake, hilarious, exhausting, exhilarating, difficult, full of (cultural, not legal) learnings, and very, very frustrating.
> That setup is apparently relatively "easy" for trade with physical goods, our lawyers told us some years ago, [...]
As someone who is going through this process currently (WFOE), the easiness of the thing was probably exaggerated by your lawyers ;). The most annoying thing is that it is quite hard to get a definitive answer of the kind of licenses one needs, who grants them, and especially the criteria to meet.
No, it is based on the account itself. There is no sync between the two sets of servers so that wouldn't work for them to base it on the physical location of the device.
Apple has been kind of marginal quality wise for awhile, mostly being better than the alternative because the alternative is garbage. But their handling of this makes much of what they say suspect.
I would believe them based on technical reasons. Given that there's a special system, hosted on another company's servers, just for China, syncing non-Chinese iPhones into the Chinese iCloud system would be more work, and for what gain?
it could also be argued that the current system of partnering with a chinese government backed partner company is more work. in these systems efficiency is only one consideration, abiding by the laws and regulations of the host country is another. however in this case from what i've read your icloud data is tied to the account's country.
Does that mean that a Chinese citizen can register their account in the US or buy a US account and avoid having their data handed to the Chinese government?
I personally think it's a bit more complicated than that.
Yes, a Chinese citizen can register an US or any other country’s account to avoid using GCBD data center. In fact, before Apple transferred all Chinese iCloud account data to GCBD, it sent out emails to warn related users, and instructed them to change regions if they don’t want to store personal data in China.
Although register an account is easy, maintain such account is a pain. First, not all Chinese citizen can get an international credit card that support US dollars, so no way to purchase apps; second, for those who can get one, App Store may not allow to use it because it’s not a valid US card; third, even they can use that card for purchasing apps, US App Store, iTunes Store may not have those Chinese specific apps or music; last not to mention that the behavior of an US account using non US card outside US for a really lone time may trigger anti fraud protection.
> "iCloud services and all the data you store with iCloud, including photos, videos, documents, and backups, will be subject to the new terms and conditions of iCloud operated by GCBD."
How do I know if my data is on the Chinese iCloud? I've been to China once and connected to iCloud.
From the other comments, it's more likely to be the region of one's Apple ID, which is decoupled from the region of one's phone.
As one can log in and out of multiple Apple IDs (from different countries) in the App Store without breaking anything synced with one's primary iCloud account, it's very likely that Apple encourages this as a best practice.
>Apple has already publicly said in court filings, and under threat of perjury, that they don't make any exceptions for China.
From Apple's filing [1]:
>Finally, the government attempts to disclaim the obvious international implications of its demand, asserting that any pressure to hand over the same software to foreign agents “flows from [Apple’s] decision to do business in foreign countries . . . .” Opp. 26. Contrary to the government’s misleading statistics (Opp. 26), which had to do with lawful process and did not compel the creation of software that undermines the security of its users, Apple has never built a back door of any kind into iOS, or otherwise made data stored on the iPhone or in iCloud more technically accessible to any country’s government. See Dkt. 16-28 [Apple Inc., Privacy, Gov’t Info. Requests]; Federighi Decl. ¶¶ 6–7. The government is wrong in asserting that Apple made “special accommodations” for China (Opp. 26), as Apple uses the same security protocols everywhere in the world and follows the same standards for responding to law enforcement requests. See Federighi Decl. ¶ 5.
and a declaration from Craig Federighi personally [2]:
>Apple uses the same security protocols everywhere in the world.
>Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government. We believe any such access is too dangerous to allow. Apple has also not provided any government with its proprietary iOS source code. While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device.
>It is my understanding that Apple has never worked with any government agency from any country to create a "backdoor" in any of our products and services.
>I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct.
When China wants something from iCloud they do it the same way that law enforcement does it everywhere in the world, which is through Apple.
If you look at "E. Access to Your Account and Content" section in the Chinese iCloud T&C [1], it seems like there is an extra clause there not present in the same section in the US T&C [2].
"...You understand and agree that Apple and GCBD will have access to all data that you store on this service, including the right to share, exchange and disclose all user data, including Content, to and between each other under applicable law."
Apple has said in statements to the press, as well as Tim Cook's interview with Vice, that they retain the keys and that they haven't been made available to GCBD.
>Originally, iCloud data was stored on Apple-controlled servers, with the Cupertino company holding the encryption keys. Apple announced a year ago that this would change to comply with new laws in China, and that data for Chinese iCloud accounts would be moved to a server run by Guizhou-Cloud Big Data (GCBD), a company owned by the provincial government.
>However, I have spoken to Apple today, who confirmed that it still holds the encryption keys, and states categorically that they have not been made available to either GCBD or China Telecom.
Because in the vice interview you keep citing he specifically dances around answering that question.
The servers were nationalized and the TOS agreement was changed since that 9-to-5 article came out.
Maybe Apple isn't giving access, but forcing the users to move to data centers which are later nationalized, and Then forcing users to agree to give access to that same state-owned company doesn't sound like they are restricting access anymore.
Apple itself states that it cannot access data in China without permission from the contracting company. Why would the Chinese government ask apple for data it can't provide, but a Chinese company could?
Also note your documents are from 2016, these events mostly started in 2017.
The boilerplate ToS doesn't contradict anything they've said in the court filings I linked to or the press statements and Tim Cook's interview (linked to in the original thread) about how iPhone/iCloud security works in China.
Please don't copy-paste the same comments on Hacker News. It lowers the signal-noise ratio. Threads are supposed to be conversations. In good conversation, people don't recite boilerplate at each other.
Your comment has made a really really deep impression on me. For the past several years, I’ve been a hardcore Apple loyalist only for their stance on privacy and security.
It’s time to stop being deluded. I’m going to stop paying premium for apple and assume all my devices are hostile by default.
Before you made such judgement you need to think why you have freedom of speech and privacy here, because they all protected by US laws. The companies here can do things against government for protecting users privacy and security is because laws protected them.
Also, the privacy people talked about these days is more focusing on how these data got stored and used by companies and advertisement agencies. They shouldn’t use your data for profit without appropriate consent.
All the companies here in US will follow court orders and hand over personal data when they required. In this case, no company can again the court and refuse to provide data.
Back to this case. You can assume your dats is safe here in the US, because it’s protected by the laws.
> You can assume your dats is safe here in the US, because it’s protected by the laws.
I honestly don't think that you can assume your data is safe in the US. The laws are lax and not well-enforced (and are mostly civil in nature anyway). The US may be better than China on this score, but it's worse than a lot of other modern nations.
I agree that Apple's stated rationale for removing the HKmap.live app is embarrassing and the removal is a capitulation to China's government.
The reasons China's government has decried the app are bogus, but those false reports and allegations do not originate with Apple.
However, Apple appears to be accepting those reasons at face value and probably because Apple is kowtowing.
Regarding whether iMessage is free from backdoors, Apple has given no reason for anyone to believe they are outright lying about the technical features of their software and hardware or their position regarding privacy.
In other words, Apple appears to be caving into pressure from the Chinese government and Apple are openly admitting this surrender.
However, Apple has not to date lied about what they are doing and we do not yet have a reason to doubt their representations about the security of their encryption.
> However, Apple has not to date lied about what they are doing and we do not yet have a reason to doubt their representations about the security of their encryption.
Did you read the original link, or the memo it linked to?
"the app was being used maliciously to target individual officers for violence and to victimize individuals and property where no police are present."
This was written by Tim Cook, speaking for Apple. That is Apple lying about what they are doing.
That is a ludicrous interpretation of that statement, in my opinion. Apple is being told by the government of a nation they're operating under that the law has been broken and that those things happened. What is Apple supposed to do in this case? Tell China "we don't believe you" and then what? You think China is going to change its tune? Or do you think Apple can get away with saying "Ok, fine! We're not going to do business here!" with zero repercussions?
This is not Apple lying. This is Apple making public what they were told by the Chinese government. Apple is not the bad guy here. China is.
Once again, Apple is in complete control of their App Store. They are the ones who decided to remove the app because of financials. This is the price of doing business in China.
You can lie by omission. iMessage depends on IDS Directory Servers for two phones to exchange public keys. If China can spoof or run their own IDS Directory Server, they can potentially execute a man-in-the-middle attack.
> Regarding whether iMessage is free from backdoors, Apple has given no reason for anyone to believe they are outright lying about the technical features of their software and hardware or their position regarding privacy.
Except if you live in China and have backups/storage on iCloud used by the various things you do with your iPhone.
So you are saying that an organization that supports false accusations by others, but is not known to originate them, should be given the benefit of the doubt about assertions they originate.
Here is another model: an organization that supports falsehoods to placate someone powerful in a small matter, like hosting an app, can be trusted to placate the powerful in a more important matter.
> However, Apple has not to date lied about what they are doing and we do not yet have a reason to doubt their representations about the security of their encryption.
Today, they showed that they are willing to lie under sufficient influence.
This sole data point is sufficient to tarnish what was assumed to be a perfect record.
There is no such thing as 99.999% integrity. Apple either has 100% integrity or is inviting you to play russian roulette with it’s products and services.
We might have already rolled the dice enough times - 1.4e9 active devices trusting apple about 10 times a day for 282 days this year = 3.948 trillion rolls of the dice. A 0.001% chance of betrayal by Apple is 39.4 million betrayals this year (approximately the population of Canada)
>Apple caved under pressure from China. The explanation Cook gave is not just an embarrassment, it calls into question the veracity of all of his other statements.
What veracity? He is a businessman in a trillion dollar company. He says what pleases the market -- the domestic and the foreign one, not his personal beliefs...
The first priority is always profits or growth.
If one sincerely cared for the environment for example, would stop tons things that Apple is doing, not just one. The CEO of a multinational churning consumer gadgets by the shit-loads only cares for the environment to the degree that said caring doesn't impact the bottom line.
>Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?
Well, that's an easier thing to answer, because there would be leaks from Apple employees (NSA had leaks, for Apple it would be many times easier) if that was the case. Tons of engineers would know.
>And why should the US government be satisfied with a fully encrypted iMessage given that Apple will cave to demands given enough pressure?
Because Apple will also cave to their demands.
Besides it's another thing to please some foreign customer by caving in to remove an app (especially if said foreign customer is a sovereign state and the app is anti-policy -- companies are not in some obligation from the US or otherwise to side with protesters), and another thing to e.g. cave in to China and give them a backdoor to iMessage as you seem to imply as a potentiality. In fact the latter would be treason (or close) for a US-based company and have much more serious repercussions...
Part of Apple's image that earned it loyal customers is that they care more about their customers than most other companies. Apple doesn't sell your data, it protects your privacy, will fight government agencies asking for user's data, etc.
>Part of Apple's image that earned it loyal customers is that they care more about their customers than most other companies.
>Apple doesn't sell your data, it protects your privacy, will fight government agencies asking for user's data, etc.*
That's a quite recent thing, say starting around 2015 or so, as a differentiating branding to Google, Amazon, and Facebook. They might mention it here and there, but they didn't tout it all the time before, and almost none before 2012 with Jobs. And Apple had already had its huge rise by that point. It's not like the "privacy conscious" are a large enough market to make for the later growth. In fact, if anything, the privacy conscious would have moved to Apple first.
Plus, Apple is not "pro privacy" because it's some political champion of privacy, but simply because it's business model (hardware, software, services tied to them) doesn't need selling ads and user data. Whereas Facebook's and Google's whole business model revolves around turning user info to targeted ads...
Apple's image was "the computer for the rest of us", "empowering people", etc. Even the 1984 ad was about corporate sameness and drudgery of then computing, not about some anti-government rebellion.
Apple was never in politics or taking some stance to world affairs (besides "Against AIDs" etc), and before Cook came out (and the cultural/marketing climate was friendly to jumping on the bandwagon), they'd never cared for the LGBT movement either.
A lot of that was for PR, especially against rivals like Google and Microsoft. Apple definitely made some improvements but there were better approaches for just about everything they did that would've helped users and industry alike.
Who thought most of these things? Every Apple customer knows that Apple overcharges for everything but the alternative is not acceptable to them (Android, Windows, etc) l.
Apple doesn’t sell your data because it’s not their business model.
Most people don’t care about privacy, if they did, they wouldn’t use Facebook or Google.
I wonder how much this "Apple is fighting for your privacy" image isn't even intentional PR, but just an accident. Watching HN threads over the years, as Google kept doubling down on surveillance capitalism, the usual "Apple vs. Google" / "Android vs. iPhone" threads started to point out that Apple is not doing what Google is doing. I have a feeling the opinion of Apple being pro-privacy has spiraled out from this.
When Apple split with Google, they did so over access to customer data. At the time wall street was salivating over the huge profits to be gained from mining customer data, and Google was dangling billions of dollars in front of Steve Jobs' face to get him to fold. He didn't, and also turned down lucrative deals offered by Facebook.
That was all at a time when user privacy was widely seen as a marginal issue, and long before big privacy breaches regularly got into the mainstream press. Apple could have made huge amounts of money, but instead they turned those deals down and instead spent billions of dollars building their own maps and engineering iMessage with end-to-end encryption. No other tech company has come even close to Apple's record on user privacy and security. I can't even think of another one that's even tried.
That's what's so upsetting for me over this HK Maps issue. I know they have a lot at stake, including the livelihoods and safety and security of thousands of employees in China, but I still think they made the wrong call on this.
iMessage is pretty secure, but there are practical limits to how secure it can be, while also enabling cloud backups and data recovery options. Here's a somewhat sensationalised take, which does go into the practical reasons for the limitations. What it doesn't point out is that if you don't enable iCloud backup (maybe just backing up to iTunes), your secure keys never go to the iCloud servers so there is actually a way to stay secure even in China.
Apple could never out-Google Google, and they knew it. Accepting Google's suit without their own alternatives by default would have relegated their platform to be just another Google app launcher for key functionalities.
They instead opted to pursue a business model that played to their own strengths.
You seem to believe that Apple's iMessage service is somehow exempt from Lawful Intercept requirements. Let me quote from those in the EU (China's requirements could be more lenient, but I somehow doubt that):
"3.3 If network operators/service providers initiate encoding, compression or encryption of telecommunications traffic, law enforcement agencies require the network operators/service providers to provide intercepted communications en clair."
On iPhones running google services, either Apple is in it just for the money or they aren't. Apple maps cost them a fortune and makes them no money, that's just a fact. They could also have easily played Google, facebook and twitter against each other, instead they said no to them all.
Lawful Intercept has a fatal flaw. It doesn't require the service provider to have encryption keys for the traffic, and they can't provide what they don't have.
Tim Cook previously said "not on our platform" before and people warned about censorship and centralized control that would eventually harm to the most dependent users. This is the direct outcome of such a policy where a few have ultimate power over the masses. It's a sad development for Apple.
> Why should users believe that (closed source) iMessage encryption is free from backdoors
That's an easy one: the encryption happens client side and thus any backdoor has to sit on the clients and, if it exists, would be available to security researchers. There is no guarantee of it happening, but I believe some of those researchers reverse engineer whatever binary apple published and then check it for backdoors.
Of course there are still tricks that apple could pull, like adding backdoors only to targeted phones, changing the filesystem to present one version of the binary to the OS command that executes it and another to anyone else (like security researchers), extracting the unencrypted message contents using chips that sit on the memory bus (e.g. baseband), etc. But these tricks are harder to pull off and are still detectable as they happen on end-user devices.
They definitely won't say "yeah there is a backdoor". Ultimately, you need to trust them.
Doctored binaries (that leak private keys) can be sent to only select devices of a people under surveillance. So reverse-engineering generally available app will show nothing.
Apple REALLY must be coerced into allowing app sideloading (and accept push notifications not only through APNS)
I wish they could take some middle ground here for example requiring that users read out loud a 1000 word statement describing the risks involved and limiting access to capabilities like background refresh, notifications, etc. if the user hasn't interacted with that app in a week.
Or they could just beef up progressive web apps...
The OS comes from apple, too. How does sideloading help when the OS is backdoored? How does installing your own OS help when there is a backdoor in the hardware?
Sideloading helps to install the apps you want (or need), not the apps Apple allows you to use. Thing is, you buy a very expensive piece of hardware, and you don't even truly own it. Of course, Apple frames it as 'care to protect you from malware', but in reality, it's just a digital handcuff.
> Apple caved under pressure from China. The explanation Cook gave is not just an embarrassment, it calls into question the veracity of all of his other statements.
I was thinking about the complexity of the world the other day, and how so many people hold diametrically opposed beliefs, but often based on solid reasoning and genuine facts. How could this be?
If you think about it, the modern world is so complex, with so many facts (some of which are actual facts, some of which are popular opinions now considered to be fact), with all of the inter-connected, Nth order cause and effect going on, how is a person who wants to be as objective as possible supposed to actually come up with a reasonable model of what's going on, even if they're willing to put in the work? People skilled in communications and the psychology of persuasion can pick and choose a subset of "facts" and put together plausible and completely contradictory descriptions of the very same story, and done correctly it's very difficult even for the vigilant to know you're being duped. So what's a person to do?
What I came up with is the idea that yes, one should indeed take "facts" into consideration, including some sort of notion of trustworthiness for each fact, but what's missing is the value of lies in coming up with one's model of reality. So, when trying to figure out what the real deal is on any given situation, don't first look for the facts, but rather the obvious lies - if you can find obvious lies or misrepresentations of reality coming from powerful (politicians or corporate leaders) or influential people (the media), this is probably a good trail to follow to lead you toward the most important parts of the truth. Of course, there's lots of complexity involved here as well, you have to consider the nature of the bias from the messenger, compare versions of the lie across different outlets, etc etc etc, but in many cases I suspect this is a highly productive approach for maximizing the correctness of one's models.
So in this case, as the article points out, "However, over the past several days we received credible information....that the app was being used maliciously to target individual officers for violence". Obviously a lie, although in this case, considering Tim Cook's no dummy I expect he knew everyone would know he's lying, so I wouldn't form any specific conclusions on this, other than money >>> honesty and principles for him, but why should we expect more from him than any other important person in Western society....this is just how we are. Despite the wonderful sounding platitudes we tell ourselves, this is our culture. And the Achilles heel that I believe China will be able to continue to exploit indefinitely, because I simply can't see it ever changing, it has become so normalized that hardly anyone can even recognize it anymore.
EDIT: Thinking more, with this being so obvious once you're aware of it, I can't imagine this is a unique theory I've come up with. Does anyone know a name for this style of thinking?
> …the modern world is so complex… […] …with all of the inter-connected, Nth order cause and effect going on, how is a person who wants to be as objective as possible supposed to actually come up with a reasonable model of what's going on, even if they're willing to put in the work?
If you don't already watch it, you may really enjoy "The Good Place". (Any additional elaboration would be a spoiler.)
Law enforcement, district attorneys, and judges have a lot of latitude about how the law is applied. Not to mention the latitude that regulatory agencies have.
The US isn't a closed market and can't effectively eject Apple from the market. While I disagree with the choice Apple made, it's a very rational one. Permanent removal from China would probably be worse for freedom in China over 20 years, and massively worse for Apple in the short term.
No company should be expected to back or foment a revolution somewhere, from my perspective they're looking out for their own beet interest and the best interest of their customers.
> Permanent removal from China would probably be worse for freedom in China over 20 years
If there is one myth that the past couple of weeks have conclusively debunked, it is the idealistic conceit that the presence of western businesses in the Chinese market will inevitably liberalize China.
Past couple of weeks? Developing China's economy and integrating it into world markets with the expectation that it would liberalize China has been a pipe dream for a good 30+ years now.
I honestly don't care when Apple complies with local law a la iCloud China. I think that is disappointing but completely reasonable, whether we agree with the law or not.
However, Hong Kong is a special administration region, and has historically enjoyed high level of judicial independence. When Apple takes the clue from a Chinese government newspaper - not even a legal request - and do the CCP's bidding proactively, it crosses a line. This is not compliance. This is self-censor.
You can argue that Hong Kong is part of China, and therefore Apple's operation in Hong Kong should comply with Chinese law. But what is next? China also claims sovereignty over Taiwan, will Apple self-censor Taiwanese App Store soon? Will Apple removes the Taiwanese flag from Taiwanese iOS users if China government demands so [1]?
It's also sad to see Apple pushes back on US government requests because they can, and kowtows to the Chinese governments without their having to even sending a take-down request! If one day Apple fires some employee because the Chinese government thinks he/she "hurt Chinese people's feeling" in a personal tweet [2], I will not be surprised!
Taiwan is an independent country, no matter Chinese gov admits it or not. It has their own government, laws, military etc.
Hong Kong is not, it’s only a special area belonging to China. When British handed it over to China years ago, China promised the situation will not change for 50 years. Although it’s a lie, it shows that China will have full control of HK eventually.
> Permanent removal from China would probably be worse for freedom in China over 20 years,
Huh?
> No company should be expected to back or foment a revolution somewhere, from my perspective they're looking out for their own beet interest and the best interest of their customers.
Profit is not an adequate moral compass. I deeply disagree that by forming a corporation, individuals who would otherwise have ethical obligations are somehow no longer obligated to behave ethically. You're literally claiming that it's okay to enable the violation of human rights for profit.
Removal of an app is not enabling the violation of human rights. Now if Apple turned over the name and address of every person who had the app, that'd be the enabling of violating human rights.
> Removal of an app is not enabling the violation of human rights. Now if Apple turned over the name and address of every person who had the app, that'd be the enabling of violating human rights.
This is the line you want to draw? "I didn't help them tear gas the protestors, I just made it harder for protestors to avoid being tear gassed?"
No, it's Apple. The Chinese government is crying, and Apple, being the spineless company that it is, buckled under the slightest bit of pressure. Apple removed the app from their app store. Apple is in complete control of what apps are in there.
Isn't that more of implementation detail? I've seen a few browser based game demos that work well on the iPhone and caching can also be done on mobile. While an app may be better for low end Android phones from an optimization standpoint, there are no "low end" iPhones that have been introduced since 2013 that wouldn't have a decent enough processor to handle a web based, optimized app.
I don't believe that more people -- especially on HN -- are focusing less on the web as a means to get around the "wall garden" than focusing on sideloading.
For one thing, pretty much every Android device made for the Chinese market has had its OS adulterated in some way, at OEM build time, at the behest of the Chinese government. Whereas, Chinese resellers can't really adulterate an iPhone's OS; there's just the one OS image (per model), signed and sealed by Apple, and if China wants to put a rootkit on it, they'd have to convince Apple to put it into that same base-image where any random security researcher (outside of China's reach to quash publication) might find it.
(And yes, either way the phone's baseband will be adulterated by Chinese ISPs at the government's behest, but modern smartphones isolate themselves from their baseband pretty well, so this only matters if you're using your phone as a phone [calling/texting], instead of as a tablet with a data modem.)
No point in debating the details of which tech is more secure or what is encrypted or adulterated or whatever. Apple has made it clear that they will make sure the Chinese gov't gets what it wants. Even in a supposedly "autonomous" Hong Kong, China complains and Apple submits--flags, apps, speech, whatever. No need to even go to court, and certainly no point.
So Apple has made it clear that if China wants something, the tech details won't matter. "Oh, I'm sorry, we don't have that information to give you." "Well, start keeping it from now on, but don't tell them, because telling them would offend us, and you don't want that...."
"So Apple has made it clear that if China wants something, the tech details won't matter."
This is an interesting statement and has important implications here in the United States as well: who's the bigger entity? The Multinational Megacorporation or the Country? Who dictates terms to whom? If a company wishes to do business in a country shouldn't they be expected to follow their laws? We need to be very careful in how we answer this question because we're at risk of losing our own democracy to a corporatacracy.
Apple's iCloud servers for Chinese users are located in China, run by a Chinese tech service provider and provides them with the keys - as stipulated by the Chinese government. Of course the government has access to the data.
"The iPhone maker’s latest Transparency Report reveals it received 32,342 demands from governments around the world to access 163,823 devices, with 80 per cent of the requests granted."
Come on, seriously? This is what they ADMIT to worldwide.
Again, what they admit to. And that's only on the second half of 2018. With all their regular anti-consumer practices on hardware, you're really going to imagine they're champions of individual freedoms and privacy?
However, there is nothing stopping Apple from making separate builds with extra "features" for the Chinese market, and installing them. Same keys, OS version chosen by region. Boom. Chinese version acceptable to Chinese government, rest of the world secure. Easy.
From my experience in this area, I would expect the Ministry of Industry and Information Technology to accept nothing less.
Right. But of course the Chinese government has asked Apple for a backdoor, and (to our knowledge) Apple has not provided that. So long as that's true, an iPhone really is one of the most secure option for Chinese residents.
Apple is open about the fact that their cloud services are operated by a Chinese company in China. No Chinese company has the option of refusing government demands for access to information. Therefore, at least the cloud services should be considered backdoored.
Agreed, not to hijack, but I fail to see the that $ORG not being at the table Vs. them constantly redefining morality for their actions to be at the table to be a less worse outcome.
Let’s call it what it is: bribery and corruption. It’s under the guise of market access, but it’s effectively still a payout by a government to do that you’re told. Apple wants to have it both ways, we are a moral authority in the US where we don’t have to worry about government interference but because we want access to the China market we’ll do whatever the government tells us to do. How much more dependent does China need to be before China can control other behavior it doesn’t like.
> they're looking out for their own beet [sic] interest and the best interest of their customers
I'm sure you think you just explained this, but it completely escaped me. How is yanking this app in the best interest of their customers?
Let's break "their customers" into 3 groups:
1. Protestors in HK. It clearly isn't in their best interest . So not those customers, right?
2. Non-protestors in China (including HK). You're argument is that this way they can still enjoy Apple products? Even though those products can no longer be trusted not to betray them to any whim of a hostile government?
3. Customers outside China. The argument here seems to be that Apple makes lots of money in China and that an Apple that makes tons of money in China and outside of China is better for non-Chinese customers than an Apple that makes tons of money outside of China but not inside of China.
This third group and justification is the most interesting to me. I stipulate that I have put words in your mouth. So let me take those words out of your mouth and just say this is the only way I can make sense of what you wrote.
When I follow this train of thought the only way I can see it being true is if Apple's very existence is threatened if some other company were able to fill the void in China, then leverage that to gain so much market power outside of China that they could squash Apple. And even that alone doesn't make things worse for (former) Apple customers. The only way that would be worse is if this hypothetical competitor's products were actually worse than Apple's and only able to dominate the market because of the market power they enjoy due to Apple's absence in the Chinese market.
That is such a stretch that I feel your argument should be dismissed. Can you fill in the holes of my understanding to help me see things your way?
I think this is an extremely important discussion because it seems to be the mindset held by a lot of decision makers. Is the NBA worried that they will stop making many $millions if they don't expand into China? That is, not only will they not double or triple their profits; they will actually stop making money outside of China? Is Disney worried about this? Are Microsoft and Amazon? Is it a fight for survival? Or is it pure naked greed?
Perhaps it could be argued that Apple is completely dependent on manufacturing facilities within China and losing that access would indeed be lethal. Some of Apple's biggest competitors outside China recognized that risk a long time ago and moved to minimize it. Why has Apple left themselves so vulnerable? Is it the only way they could produce inexpensively enough to stay competitive? Or is it, again, pure naked greed?
The argument as I understand it is that group 2 mostly does not care about being protected from their government or even agrees with the government's actions, and they get to benefit from continued access to Apple's superior products. I'm not endorsing this argument, but it's not prima facie crazy.
No, but the US can make it hard for certain companies by imposing tariffs that hurt certain industries and “investigating” companies that get on the wrong side. Do you think a Democratic administration would target companies run by the “liberal elite” or that a Republican administration would go after churches that are supporting political candidates?
Spyware is routinely found preinstalled on Chinese branded phones, and Chinese border guards will install spyware on tourists' Android phones. iPhone users are much better protected from this stuff.
If your phone is backed up to iCloud, and your phone (or iCloud account, it's not clear) has the region set to China, then your messages are most likely accessible by the Chinese government, because Apple's cloud services are operated by a Chinese company in China, and Chinese companies don't have the option of resisting information requests from the government.
I am not surprised by this. I always thought Tim Cook talks a good talk, but fails to walk the walk when the stakes at hand is real. He’s fine with standing up to the CIA/FBI because he knows it’s good PR for business and the US government cannot do anything without a lengthy court fight that is mostly fair. Same with other US domestic issues such as DACA, sane sex marriage, etc.
But when it comes to the PRC government, he caves immediately because the threat is real. He knows he CAN and probably WILL lose access the Chinese market and manufacturing capacity, and there’s no court system to appeal—-the system is rigged and controlled by the CCP. Therefore, principles bow down before revenue.
Personally I don’t care what Tim Cook and Apple does to get and keep access to Chinese market, but I am disgusted by hypocrite with the high rhetoric about privacy, human rights, etc., but compromising immediately when $$$ is at stake.
When did he stand up to the CIA? As far as standing up to the FBI, the impetus behind that was to cover up another lie. Apple had told customers "it's not technically feasible" for Apple to respond to data requests and got a mountain of free press for it. The FBI showed a method by which Apple could obtain the encrypted data on those devices. Soon after, that claim disappeared from Apple's "Privacy" marketing page. https://gizmodo.com/apple-wont-turn-over-your-phones-data-to...
Complying with the data request would have given users who had their data obtained standing to sue Apple, so Apple's willingness to litigate the issue went so far as the cost of the lawsuits it wanted to avoid. The FBI dropped the case not because it didn't think it could win but because it could access the data more quickly using another vendor's data extraction service.
>Complying with the data request would have given users who had their data obtained standing to sue Apple
This is wrong. Complying with a court order doesn't open you up to any liability; furthermore, the users the FBI was after in this case were already dead.
> Complying with a court order doesn't open you up to any liability
It does if you've told your customers that you can't.
> the users the FBI was after in this case were already dead.
The owner of the device you're talking about was the user's (singular, not plural) living employer, but I wasn't talking about that user in the sentence you quoted.
After implementing the data extraction procedure the FBI described, Apple would have been asked to extract data from many other devices. Most of the users of those devices are alive, and some might even be innocent of the crimes that were being investigated.
>It does if you've told your customers that you can't.
Not really. First of all, a suit is unlikely when the person who'd bring a lawsuit is someone that committed a crime with probable cause. Second, damages from having your illegal actions uncovered aren't recoverable when there's a valid warrant, it would be clearly against public policy.
They wouldn't be liable at all; if somehow there was a theory of liability it would be capped at the cost of the phone, which is negligible. It doesn't add up as a motivation for Apple.
> Second, damages from having your illegal actions uncovered aren't recoverable when there's a valid warrant, it would be clearly against public policy.
As I said, some of them are innocent and don't have any illegal actions to uncover.
> if somehow there was a theory of liability it would be capped at the cost of the phone, which is negligible.
They can sue for additional damages due to loss of privacy.
> It doesn't add up as a motivation for Apple.
The direct cost of the lawsuits includes not just the damages but the legal costs. On top of this, the press that Apple would get from the lawsuits would possibly do more than completely reverse the free press from its initial lie.
I'd think public policy prevents liability from complying with a valid court order in any event.
In the counterfactual world where Apple made the software, I doubt there'd be any suits against Apple for it, and it likely wouldn't even be public. Remember, the only times they would get a warrant is when they already have the phone in their possession, and there'd be no reason to let the suspect know they cracked the phone unless it actually goes to trial and they need to disclose where they got the evidence from.
Plus, if your theory of liability is correct, shouldn't Apple be equally as liabile for making phones that the police can crack, even if they don't use Apple to crack them? Which happened quite often, yet we've seen no lawsuits related to that.
> I'd think public policy prevents liability from complying with a valid court order in any event.
Which public policy?
> shouldn't Apple be equally as liabile for making phones that the police can crack, even if they don't use Apple to crack them?
An enterprising lawyer can certainly find clients and file this lawsuit.
Are there any alternative explanations? Why do you think Apple fought the case? The owners of the device wanted the data extracted, but Apple refused. The FBI told Apple that Apple could keep the build that allows brute-forcing the pin code and never give it to anyone else, so it would be secured just as much as the key used to sign the system image. Apple was about to get huge egg on its face, and it simply distracted everybody by refusing to comply with a completely reasonable request while quietly changing their Privacy page. A company that truly cared about privacy would admit their slip up and offer a way for their customers to get a device that actually gave them the security that Apple had told them the devices they bought had.
Courts can and do rule based on what they perceive is in the public interest in the absence of any particular statute saying so. Imposing liability for complying with a court order seems unlikely to be considered in the public interest.
>Are there any alternative explanations?
Apple correctly thought they'd get a lot of positive PR with little downside.
>A company that truly cared about privacy would admit their slip up and offer a way for their customers to get a device that actually gave them the security that Apple had told them the devices they bought had
They basically did this with Secure Enclave. There's no PR benefit to admitting they could technically do something that they've never done, so its not surprising they didn't announce that.
> Courts can and do rule based on what they perceive is in the public interest in the absence of any particular statute saying so.
This would be a civil case with a jury trial. Moreover, some of the victims could even be non-citizens of the countries that request Apple to extract the data, who would sue in their own countries.
> They basically did this with Secure Enclave. There's no PR benefit to admitting they could technically do something that they've never done, so its not surprising they didn't announce that.
There is a security benefit to warning users that what they were promised was not what they were delivered.
If the alternative were to lose manufacturing capacity, it wouldn’t be “...compromising immediately when $$$ is at stake.”. What’s at stake then is the future of the company — everyone’s jobs, industries that have come to rely on Macs, the consumers that have come to rely on iPhones. Just folding up and losing the $$$ isn’t the path of courage here.
And still Apple hasn't even begun to migrate off from Chinese manufacturers while Samsung has shut down most of its factories in China and heavily invested into Vietnam supply chains. The only meaningful explanation is that Apple still gains a significant chunk of its margin from the China market while Samsung has lost almost all of its market share there. I'm pretty sure that Apple had a clear understanding of this kind of political risks and was willing to take it in pursuit of profit maximization.
Apple does have new manufacturing capacity in the US (state of Texas). I am not sure how long it took it took put together their present supply chain but I bet it took longer than 4 years.
I would counter by saying that Apple put itself in this position by not 2nd and 3rd sourcing contract manufacturers. Tim understood the risks, but he chose to profit rather than de-risk.
Honestly - Apple could have doubled their prices and gained 90% of the US market if he stood up to China and told the CCP to stuff it. They would have had amazing PR for decades.
Most Americans don't care about Apple's relationship with China, and they're probably only losing a fraction of a percent of customers. If Apple doubled their prices, they would lose the majority of their customers.
My experience is that this China obsession is very much a HN thing. The vast majority of people couldn't care less as long as they carry on getting cheap technology.
Can I play devil's advocate for just a moment? Gruber asks for evidence. His only complaints seems to be the lack of evidence and a question of whether the app violates local (Hong Kong) law. Cook's memo directly addresses both of those issues:
> However, over the past several days we received credible information, from the Hong Kong Cybersecurity and Technology Crime Bureau, as well as from users in Hong Kong, that the app was being used maliciously to target individual officers for violence and to victimize individuals and property where no police are present. This use put the app in violation of Hong Kong law.
So then, is the complaint simply that Cook is not providing direct evidence of these claims? Is that a reasonable expectation? What evidence could Cook provide that would directly tie violence (we know that Hong Kong protesters have committed violence) to this particular app? It seems like everyone agrees that this app was useful for organizing Hong Kong protests, and that some Hong Kong protesters have committed violence and broken local laws.
Please don't take this as some statement of political support for any particular government, company, or group. I'm attempting to address the specifics of this memo and Gruber's complaints. I am not attempting to make any argument of the form "the Hong Kong protests are [good, bad] and therefore any tool that helps the protesters is [good, bad]." The overall merits of the Hong Kong protests are not, from what I can tell, relevant to Apple's decision to ban this app or Gruber's complaints about Apple's decision and memo.
Even if the alleged crimes allegedly abused the app (something certainly not endorsed by the app makers), the same can be said for a lot of other apps. Thieves use facebook to look for people who give details on when they are on vacation for example. Snapchat and Skype and kik and whatapp and every other social messaging and social media app and service is abused by pedo criminals grooming their victims. etc
But those alleged crimes could not have possibly helped by the app, as has been pointed out: you don't get to see individual officers' locations and it does not show areas with no police at all either, just police hotspots (and technically, most areas even in a dense city like Hong Kong are without immediate police presence most of the time, anyway).
But even if we played devil's advocate and took the allegations of criminal activity that abused the app at face value, and assumed Tim Cook is not free to share specifics as the information might be confidential, he could at least answer what local laws were allegedly violated by the app itself. Those laws certainly are not confidential information.
Dude, in HK the police raise are legally obliged to raise flags to warn the public of things such as firing tear gas, dispersing crowds, illegal assembly etc. They will also post on Twitter to notify the public where and when they will disperse the public. The HK police force wants the public to know where they are, so in the context of HK, banning this app is kind of ridiculous.
Considering the brutality of the HK police force in recent months, I would argue that this app is great at providing the public with information on how to avoid being tear gassed, beaten or arrested by avoiding the police. A lot of locals have been extremely pissed off with the police force. They have gone into very residential areas and fired tear gas unnecessarily among a whole host of other things.
The police are phsyically attacking the people, it's quite different. Yes, this app helps protestors, but it also helps the public avoid being treated extremely violently by the police.
A friend of mine is a police officer and regularly posts on Facebook about the events he's policing. By your logic, if someone used that information to track him down and attack him he's the one breaking the law?
Incidentally if he posted about a riot in our city (thankfully pretty much unheard of) he'd be carrying out exactly the same function as this app!
No, listing where the police are is not a crime. Attacking the police is a crime. Inciting to attack the police is probably a crime too in most jurisdictions around the world. Neither the app nor the app makers attacked police nor endorsed let alone incited attacking the police.
This is a fair point. Laws are different, so procedures can be different. Not to mention the city’s situation is critical - protests - violence from both side.
Following US procedures in HK does not make sense. Companies always obey local laws but not laws in another country.
That's why I said Tim Cook should actually spell out what local Hong Kong laws were violated, if any. There actually could be some, but so far I did not see anybody actually pointing out any such laws, neither the Hong Kong government, nor the myriad of journalists covering the story about the app, nor Apple which surely had their in-house counsel and maybe evn external counsel look into this matter.
After that, the next question is if Apple, which even kinda positions itself as the new "Don't be evil" company including fighting some governments e.g. when they get told to subvert their own security tech, should side with such draconian laws or with the app makers.
Every time there is a major protest or football (soccer) game in Germany, facebook and twitter and everything else is full of messages regarding major police presence. It's the protesters or fans warning each other, it's the local residents warning each other, oh, and the police itself is often an avid user of facebook and twitter itself warning people to avoid certain areas if there is violence to help regular citizens avoid getting caught up in it.
The vast majority of people do not post or read those messages to coordinate violence against the police, but merely to stay out of the way when police and black block protestors or football hooligans clash.
I live near a football stadium, and there are some violent clashes of drunk hooligans and police after many games, but thankfully usually only on a small scale involving maybe 10-30 people against the police. Nonetheless, I made it a habit to avoid certain area for a couple of hours after a home game.
By removing this app some amount of public opinion swings towards the notion that the HK Government (and police) are the victims here. Let's not forget the decision that led to the protests and the incidents of police brutality that have occurred since.
Perhaps avoiding police is the primary use case of the app.
This is exactly what authoritarian governments do. They muddy the truth and make official and important sounding institutions make official statements that paint a situation in exactly they need it to be to further their own goals. I don’t understand how anybody can trust any information that comes out of the Hong Kong Cybersecurity and Technology Crime Bureau when the whole issue is that the HK government is no longer independent.
And beyond the actions of the Chinese government, corporations like Apple have no integrity upon which to base trust for them anymore. They need to cough up real proof instead some canned response that basically tells us to trust them on blind faith alone.
This is exactly what authoritarian governments do. They muddy the truth and make official and important sounding institutions make official statements that paint a situation in exactly they need it to be to further their own goals.
And how is this different than the current American administration?
The difference is that there is media that is free enough to speak out about how the administration is lying. There are institutions that can resist, whoever little, and reveal the truth in some way. You have none of this in China. Companies, media, individuals, government institutions - all are beholden to the CCP in a way that prevents any kind of accountability, transparency and responsibility.
The US is currently a clusterfuck, yes. But if they were anything like China, the media would be in a blackout, thousands of political enemies would be sent to gulags and people across the board would be losing their jobs for speaking out.
To pretend that the US is in any way comparable is such an absurd distortion of reality, and really plays into China's narrative. Why criticize China if the US is just as bad ?
So, news in a non-authoritarian country are all truth? Non-authoritarian gov never “muddy the truth and make official and important sounding institutions make official statements that paint a situation in exactly they need it to be to further their own goals” ?
Would it not make more sense, in such a highly charged political environment, that Apple should tie their own hands and only remove the app at the mandate of a court order?
That would make it obvious that Apple is complying with law, and that they haven't "bowed to pressure" from either side.
If there is a claim that the app is violating law, then that should be validated by a judicial process, not by the operating nuances of a company.
If Apple are receiving reports from users that the law is being broken, they should be passing those on to law enforcement, and publicly complying with the response, not acting as their own arbitrator.
I think that could be a valid choice for Apple to make, and I think reasonable people could disagree about which choice Apple ended up making.
But it seems very plausible to me that Apple was presented with credible information that this app was being used to organize violent attacks and that Apple made a reasonable choice to ban the app according to Apple's policies about following local laws as well as Apple's internal policies about apps causing harm. I think that can be the case regardless of anyone at Apple's views about the merits of the Hong Kong protests as a whole.
Absolutely. The problem with Apple's, and many other companies, early response policies is it depends on the source of truth, such as the police, not being complicit.
If they always wait for a court order, PR disasters happen, and polticians dredge up 'think of the children' arguments.
If they don't wait for an order they can become part of the machinery of ill-intentioned polticial or commercial forces.
Damned if they do, damned if they don't.
However, I still think waiting for an order, especially in tense environments, is the right moral choice. I concede it probably isn't the right economic choice a lot of the time.
I totally agree. But there is a point you may not aware.
Government, law enforcement and court are not separated in China, they all belonging to the same central government. So if you really want a court order, they’ll issue one quickly.
That’s the tricky situation. Companies must obey local laws, but local laws are built on behalf of central government, and court exists for protecting central government.
No problem with that. I presume gp focused on a court order since that's the way it works in his local culture. The important part is Apple not acting as their own arbitrator.
If the order came from the HK gov, citizens know who is responsible for it and can act accordingly. And I'd expect this to be the reason Apple received pressure to remove it "by themselves".
Against individual officers though? That is what's absurd.
And what of Twitter and Telegram and Messenger and Gmail and Weechat and Outlook?
This is also the same organization whose spokesperson that called a protestor being brutalized by officers a "yellow object" and who have been routinely documented fabricating evidence. Taking their word at face value is patently absurd.
Apple was in a similar situation with the FBI asking to unlock suspected terrorist phones, and they pushed back.
Let's not give them a pass here, as it's quite obvious why they're accepting the Chinese statements at face value, because of how dependent they are on the Chinese market.
> Let's not give them a pass here, as it's quite obvious why they're accepting the Chinese statements at face value, because of how dependent they are on the Chinese market.
Let's not forget that in the United States, Apple has recourse to push back against government requests within the system of the law.
They (very quietly) created a special version of iCloud which is entirely run by a Chinese state-owned company. I don't see how that's any different to "a special version of the OS with a backdoor".
I'm not intimate enough with any of the parties involved in this situation, so my reply will also be comfortably generic:
Yes, it's a reasonable demand. If public opinion is asking something of Apple, and its CEO chooses to answer, every aspect of the answer is open to scrutiny. Gruber indeed lists the specific evidence he would expect:
> - When was HKmap.live “used maliciously to target individual officers for violence”?
> - When was it used to “victimize individuals and property where no police are present”?
> - What local laws in Hong Kong does it violate?
It's unlikely that a CEO would be so thorough. Apple is particularly obsessed with secrecy, and tech companies in general seem to not want to disclose details when they restrict access to a product or platform.
But it's still a reasonable demand from an individual standpoint.
I'm just not sure what that evidence could look like. Like I said, don't we have sufficient evidence that this app was used to organize protests in Hong Kong, and that some protesters in Hong Kong committed violence against officers and against individuals and property where no police were present?
As for Hong Kong law, I can agree that it might be nice to cite a specific law, but I also don't find it at all difficult to believe that any government would have a law that allows the government to prohibit a communication medium that is being used to organize anti-government protests that have been sometimes violent.
Apple should've given some kind of overview of how exactly the app was used to target police officers. Knowing that the app was aggregating info on police presence, I can see a dozen ways to maliciously use this info.
For example, it could have been used to identify locations where police is about to withdraw to target last remaining officers. Or to identify a good place for an ambush with good escape options and no video surveillance and then lure police into the ambush by reporting a minor accident. Information about location and movements of the adversary is invaluable for exactly this reason - it gives the other side advantage in planning.
If something like this really did happen and if Apple has any specifics, it should totally release it down to exact location and time of incidents and the aftermath. These are very serious allegations that need substantial proofs.
That is not what the application does though. it is not "being used to organize anti-government protests". that is not the reason it was removed. it was a map with icons. by that logic any and all communications apps ( telegram especially) would be outside the law because you can organize protests using them, way better than using icons on a map.
No, the complaint is not that Cook is not providing direct evidence, and it is a complete misrepresentation to suggest so. It makes your protestations of disinterest rather suspect, as those of supposed "devil's advocates" so often seem to be.
The complaint is that Cook's claims are extraordinary and seemingly impossible on their face because of the fundamental nature of the app in question. Its purpose is to show the aggregated position of large concentrations of police, so as to let users avoid confrontations with them. How can such an app be used to "target individual officers for violence", since it provides no information about individual officers?
When so extraordinary a claim is made, hearsay evidence isn't the issue. What is necessary is an explanation of how the seemingly impossible is possible. Cook does not provide this or even address the apparent problem. A neutral person, reading Cook's memo without the proper background, might be mislead into believing the app in question does provide tracking of individual police officers. I don't accept this is an accident on Cook's part. I think he is deliberately attempting to mislead his own employees regarding the nature of the app, and as a consequence his decision to ban it.
Cook's cited but unenumerated "credible" information received from a government body and users only compounds the situation. Cook could provide plenty of additional material to support his claim. He could provide more detailed information on exactly what information was received, in what volume, and in what form. He could explain the efforts the company undertook to perform independent corroboration of the evidence. He could provide a detailed account of why, in this case, he believes an autocratic government currently conducting a brutal repression of its own citizens can be trusted to communicate honestly about it, given neither it, nor any similar autocratic government, has ever spoken honestly about similar situations in the past.
Fundamentally, the problem isn't whatever evidence does or does not exist. It is that Cook's memo is a weak, politician's attempt to justify a misdeed by making absurd claims for which he provides no evidence at all. He is trying to make a problem go away, not engage with a difficult situation as a human being.
I don't understand why people would flag comments as 'suspect', have we reached McCarthyism or the hyper sensitive Chinese level yet? Why is it impossible for people to address the opinions and reasons within a comment specifically without resorting to 'suspecting the motives of the individual'? In other words, why does the motives of the individual matters to you if the opinion expressed within the comments can stand by themselves?
Maybe because the poster characterized the problem as: "So then, is the complaint simply that Cook is not providing direct evidence of these claims? Is that a reasonable expectation? What evidence could Cook provide that would directly tie violence (we know that Hong Kong protesters have committed violence) to this particular app?"
Whereas the article says: "The first allegation is that “the app was being used maliciously to target individual officers for violence”. This makes no sense at all. The app does not show the locations of individual officers at all. It shows general concentrations of police units, with a significant lag. As the developer and @charlesmok, a Hong Kong legislator, have pointed out, the app aggregates reports from Telegram, Facebook and other sources. It beggars belief that a campaign to target individual officers would use a world-readable crowdsourcing format like this."
It could be incompetence, but it seems much more like clear disingenuousness, which is a pretty common thing nowadays.
Not the same commenter, but it seems like the lengthy protestations of disinterest are a reaction to the prevailing online climate of exactly the kind of paranoid hysteria embodied in, for example, the assertion that anyone playing devil's advocate is probably on the devil's side so to speak. Being able to hold and consider multiple contrary or incompatible positions simultaneously is in fact a sign of a fairly sophisticated intellect in the process of doing a thorough inquiry.
Even the devil's advocate [ https://en.wikipedia.org/wiki/Devil%27s_advocate ] is supposed to cite facts and reason properly -- not claim a falsehood in support of the devil, which misrepresenting the article is.
You can't just precede anything with "just playing devil's advocate for a moment" and make it immune from scrutiny, that's the intellectual equivalent of "just a prank". From the WP article, emphasis mine:
> explore the thought further using a valid reasoning
I really did not intend to misrepresent Gruber's complaints. Gruber enumerates his complains quite clearly, and I believe I addressed them quite plainly and fairly.
I also don't think that Cook's claims are extraordinary or at all difficult to believe, so perhaps that's the more fundamental disagreement you and I have.
I think there may be a misrepresentation here. Apple is not a court of law for Hong Kong, so they did not gather evidence and make a call.
IMHO it is far more likely that a representative from the mentioned Hong Kong government agency reached out to ask the app to be removed for the reasons given, and Apple complied with their request. If I'm correct, Apple is taking the supplied information at face value and also as a formal (legal) request.
In that light, the reason for the (internal) statement here is due to the press this app already received and because many employees of Apple have a humanitarian interest in Hong Kong - or even have friends and family who live there.
> His only complaints seems to be the lack of evidence
That's seriously disingenuous. His complaints is about how what Tim wrote doesn't make any sense, not about evidence. He only ask for evidence because he is logical, he knows that he may have not thought of everything and could be potentially wrong.
> The first allegation is that “the app was being used maliciously to target individual officers for violence”. This makes no sense at all. The app does not show the locations of individual officers at all. It shows general concentrations of police units, with a significant lag.
How could you explains this? I don't even need evidence, just a way for that to be possible (without outside coordination, that would be just absurd, simply use the same channel to coordinate instead).
I thought I provided a reasonable interpretation of Cook's comments in my previous comment, when I said "It seems like everyone agrees that this app was useful for organizing Hong Kong protests, and that some Hong Kong protesters have committed violence and broken local laws."
Of course the app doesn't show individual officers, but I don't think it's reasonable to interpret Cook's memo as claiming that the app literally showed the location of individual officers. An app that shows hotspots of police activity can obviously be used to find and target individual officers for violence.
> Of course the app doesn't show individual officers, but I don't think it's reasonable to interpret Cook's memo as claiming that the app literally showed the location of individual officers.
I'm not certain how else to read the passage below other than Cook claiming protestors used it to target individual officers somehow.
"However, over the past several days we received credible information, from the Hong Kong Cybersecurity and Technology Crime Bureau, as well as from users in Hong Kong, that the app was being used maliciously to target individual officers for violence" -Tim Cook
My first question is whether the "Hong Kong Cybersecurity and Technology Crime Bureau" is a reliable source of information under the current circumstances. I haven't been reading all the news about the Hong Kong protests, but what I have been reading suggests that China is applying an enormous amount of pressure to halt the protests, or reduce the international visibility of what is happening in Hong Kong.
It doesn't seem to me to take much of a leap of faith to think that China is applying pressure on the Hong Kong Cybersecurity and Technology Crime Bureau to get this app removed.
Cook's memo says that the reports, from the bureau as well as from the app's users, are "credible." That at least implies that Apple evaluated the credibility of the claims. I do understand that some people (like Gruber) might want Apple to provide material evidence, but is that really Apple's responsibility or usual behavior? It would seem extremely odd (and not at all comforting) to me if Apple, for example, released video evidence of a violent attack along with some record of this app being used by the attacker. That seems like something a government should do in a legal case, of course, but it would be seem strange to me for Apple to do that. And even if they did, I suspect it wouldn't convince people who are convinced that China is doctoring or inventing evidence to vilify the Hong Kong protesters.
This is the part of Cook's email that is harder to swallow. I doubt that reports from actual users (rather than Chinese cutouts) even exist.
The Hong Kong police force is not a credible source of information, given that it is the chief antagonist in the Hong Kong protests, and that a core demand of the millions demonstrating is an independent investigation of its conduct.
What is the generally accepted criteria for "credible information"? How could Apple have communicated better about how they reviewed or corroborated the claims given by the Hong Kong Cybersecurity and Technology Crime Bureau?
> [O]ver the past several days we received credible information [...] that the app was being used maliciously to [...] victimize individuals and property where no police are present.
Okay, but even if true, I've got very credible evidence that Twitter and Facebook (not to mention Safari!) have been used maliciously to victimize individuals and property. Will these apps be banned? If not, why not?
> So then, is the complaint simply that Cook is not providing direct evidence of these claims?
The complaint, I believe, is that nobody (including Cook) believes any of this. I'm sure he did get a message from the Hong Kong authorities (aka, the Chinese government) and at least one user in Hong Kong (aka, also the Chinese government) claiming the things he says they claimed. And he doesn't really believe they are true, but feels compelled to pretend he does, so he sent out the email, and now everyone else is being asked to pretend they're true too.
And Gruber is pointing out that they can't really be true, given the nature of the app. Which is quite right, but of course, it's beside the point. Cook isn't going to read Gruber's blog post, slap his forehead, and go "I've been hoodwinked!" and rescind the decision. He knows what he's doing.
> Is that a reasonable expectation? What evidence could Cook provide that would directly tie violence (we know that Hong Kong protesters have committed violence) to this particular app?
The claim is not that the app facilitated very particular types of violence, which we do not know has occured. (Although again, even if true, that's not a good reason to ban the app.)
No one has pointed to the Hong Kong law this app is supposed to be violating, including the Hong Kong authorities, who when asked basically said "go ask Apple".
Couple that with the fact that no officers have been targeted individually in Hong Kong protests since they began, and you begin to see that the whole thing sounds fishy.
What is the law being broken that no one knows about, and the cases of violence no one has heard of?
>Couple that with the fact that no officers have been targeted individually in Hong Kong protests since they began... the cases of violence no one has heard of?
This is the part I don't understand. Sky News UK has footage of protesters targetting an undercover police officer they'd discovered and setting him alight with a Molotov cocktail before trying to take his gun. It aired here on Australia's ABC News as well. (The Molotov cocktail incident happens at 0:17 https://youtu.be/VNGJK1k2MbY )
I'm with you on the other points, and I'm confident this app wasn't involved with that incident. But claiming the protestors have never been violent or targetted individual officers doesn't seem to match with reality.
(Of course, it's also worth questioning why there were undercover police with guns in the crowds in the first place.)
> So then, is the complaint simply that Cook is not providing direct evidence of these claims?
The complaint is that the claims are not credible given what we know of the app's capabilities. How could an app that highlights areas of heavy police activity be used to single out and attack lone officers without backup? If his claims were plausible, it might be different, but extraordinary claims demand extraordinary evidence.
The point is that this app collates information from other sources. Popular, encrypted sources where you don’t know the source like Telegram.
Why would one use this public app to target individual cops (when it doesn’t even reveal individual cops, and by virtue of its aggregation of data is likely to reveal groups of cops more often) when they could use any of the primary sources instead?
Maybe the other part is true, where criminals are using the app to target areas where cops are not present. That would actually make sense. But the first reason doesn’t add up.
Makes me sad we have lost soo much respect for liberty that people feel compelled to play "devil's advocate" in favor of a totalitarian regime.
I think it is clear that any "evidence" that has come from " Hong Kong Cybersecurity and Technology Crime Bureau" should be rejected out right and not trusted at all
Further the fact that the app may have broken "local laws" should also have no impact at all on the discussion, we are talking about a Totalitarian regime with countless Human Rights violations, their local laws are objectively at odds with what anyone should consider just or proper
So it comes down "Does this app violate Apple Policies", given that apple like most companies write the rules so at any time anything can be a violation at their sole discretion then technically yes, but so could any app at any time.
At the end of the day allow me to Translate Apple's Statement SouthPark Style
"Like the NBA, Blizzard, and countless other companies, we welcome the Chinese censors into our homes and into our hearts. We too love money more than freedom. Long Live the communist party of China"
Gruber is taking Ceglowski and HKmap.live's comments at face value, but they aren't disinterested actors. They both have (admirable) agendas in the pro-democracy protests. Of course they're going to characterize the app in the best light possible (it's so you can avoid the protests and avoid inadvertently running into cops).
Apple most likely did get legitimate examples of the app being used for that, and that was all the pretext they needed to remove it. The real issue is that the CCP is also likely holding a gun to their head both in the state newspaper but also privately. And obviously Apple isn't going to light themselves on fire which is what people really want to see them do.
Then there's the bad faith critics that are using this as an opportunity to say they're hypocrites because they are politically active on various issues (like the encryption fight with the FBI), as if it isn't because they're protected by the rule of law in Western nations and they aren't in China.
Ultimately everyone understands this. The real original sin is the fact that the West normalized relations with China in the first place [1]. Corporations like Apple aren't going to liberate China, and they can't even if they wanted to. The US and other countries could decide tomorrow to sanction China and Apple and every other business would be unable to do business with them. They could treat China like North Korea or Iran. That's a political question for governments, not corporations.
As the academic Zeynep Tufekci (@zeynep) pointed out on Twitter, some of the things Tim Cook claims the app was used for aren’t even possible:
> HK map app can't be used to "individually" target police because it doesn't have any granular reporting and as anyone in Hong Kong can attest, the police travel in large groups. Repeat: the app has no granular function. More like police here, tear gas there, road block here.
(https://twitter.com/zeynep/status/1182384310873219077)
Also, if it does indeed violate a law, why can no-one tell us which law? Even the HK police deferred to Apple when asked about this.
Incidentally, I think that measures by Uber to identify riders who are cops and deny them rides should have gotten Uber the same treatment as any other organized crime syndicate.
Incidentally to China’s authoritarianism you think companies should have their rights to who uses their services or not relinquished? What if a mall prevented undercover officers from using their property to investigate them, requesting they use public channels with it’s law or regulatory enforcement?
I’ve read a few articles on it and since 2017 no charges have been laid. So clearly Uber didn’t break any laws by enforcing their terms of service.
I’d much rather have this sort of thing be written clearly into law so whether or not they can force you to let them secretly use your service or not without identification can be constrained, limited in scope so it’s not a fishing expedition, and subsequently challenged in court.
Is police reporting illegal in the countries in which Waze operates?
I don’t buy that HKMap did anything illegal, but asking for equivalence with an app which is doing something vaguely similar in a jurisdiction where any of those things are perfectly legal seems to be missing the point.
Ironically, Waze is owned by Google and not available in China because they did not capitulate to the Chinese government, so maybe that's a bad analogy.
The police and their unions have complained a lot in western countries about Waze. It’s a very controversial feature to them too. Which shows what type of government they’d build if we keep saying yes to them.
This app is excluded to HK as well, it’s not like they have to appease China by proxy considering their app stores are already different.
It is really going too far to say that police would build some kind of non-free government, just because they complain about an app that helps people avoid getting caught for speeding.
> Apple most likely did get legitimate examples of the app being used for that, and that was all the pretext they needed to remove it.
If they have examples, they should share them. It would have been easy for Tim to put the dates and locations of incidents in his email. There are plenty to go around on the protestor side: look up what happened at the Prince Edward MTR station on 8/31, for example.
People who disagree with my characterization of the app can still ask themselves why Tim Cook can't point to any Hong Kong law the app contravenes, even thought he claims it is illegal.
> The inspection team has complete access to the network system. Inspection can cover both the technical aspects of the network system and the data/information maintained on the servers. See Article 10. The inspectors can fully access the system and they are permitted to copy any data they find. See Article 15. The only restriction on the inspectors copying the data in your company’s system is that the inspectors must provide you with a receipt. Though Article 10 “restricts” access to matters involving national security, the definition of national security in China is so broad that there is no real limitation on what can be accessed, copied and removed.
This is honestly the most disappointing part of this entire saga. That Apple’s leadership realized that this is an issue, that the company’s employees do too, and that they think it’s appropriate to send out an email to placate the company but contains no real information and falls apart immediately if you look at it for longer than a couple seconds.
I doubt it. There are infinite ways to word this email, a different CEO may not have written anything.
Cook presumably had some goal while sending this internal email, I doubt he achieved it. Telling your employees lies as weak as this certainly isn’t going to improve morale.
It's already known that iCloud in China is operated by a state-owned telecom (GCBD) see https://news.ycombinator.com/item?id=21217920 so they could use the data to track the protestors.
So why the outcry about this? In the end, for-profit companies will do what gives them profit. You should not rely on them for anything that won't give them profits.
> You should not rely on them for anything that won't give them profits.
You’re absolutely right and for the vast majority of companies put in this position I wouldn’t be happy about their decision but I definitely wouldn’t hold it against them. That said, if ever there were a company in the history of the world whose users are rabidly loyal enough, whose economic contributions in China are substantial enough, and with the “Fuck You Money” necessary to do what’s right when it comes to China, it’s Apple.
And when you consider that Apple launched themselves into America’s living rooms with the “1984” commercial, I might even go so far as to say that Apple could have leaned in to whatever negative consequences they may have suffered as a result.
The single page app at https://hkmap.live/ opens on iOS with a note telling you how to add it to your Home Screen.
That gives you a custom app icon, which opens as a live full screen map app w/o browser chrome.
This open mechanism to “sideload” what a regular user can’t tell the difference from an App Store app was the original iPhone app distribution strategy for both live and offline HTML5 apps, provided to developers before the App Store existed.
It remains relatively trivial to distribute apps this way.
I'm assuming that the website still works, since it's probably the source of data for the app anyway.
At the end of the day, Apple taking down the app seems like an expected outcome, and HK is outside of the great firewall, so anyone can still access the site. What's the problem?
The cynic in me agrees, but by that logic we wouldn't be surprised to find Beige Corp selling heroin or guns to schoolchildren if it "gives them profit". What stops them? Regulation is part of it, but also having at least some interest in keeping their good name...
Sorry the parent post was referring to the latter part: "so they could use the data to track the protestors"; it is a known fact that iCloud in China is managed by a Chinese company starting in 2018/01 [0].
The silver lining here is that a lot of people are thinking hard for the first time about what it means to give up the right to install whatever software you want on your own hardware.
A devil's bargain always seems like a good deal until the bill comes due.
> In this case, we thoroughly reviewed [the facts], and we believe this decision best protects our users.
When I read Tim Cook's letter, this line at the end jumped out to me as super off. Even if everything else was completely true, how would this decision protect Apple users? Unless all the police have iPhones?
Positive Tinfoil hat on:
The police would have used / were starting to use presence of the app as evidence that users were participant in the protest and arrested them. Or the police would have been able compromise the users, the app or the data (but then why not keep it as a honeypot?)
Cook has said repeatedly that they can't buy the labor they have available n China ta any price anywhere in the world. It's not a problem they can throw money at unfortunately.
I hope I'm not promoting conspiracy theory so much as probability theory.
I don't think we can trust Apple not to have NSA backdoors anymore. We all know about Microsoft's reputation, but Apple may be the slimiest of them all. Everything is closed source and encrypted on the network level, so instead, we have to judge from Apple's corporate and PR behaviour.
Apple care about their branding and profits above all, and not one iota about their customers, truth, or transparency.
Thus, I wouldn't be surprised if Apple had surveillance backdoors in secret, making a complete mockery of the whole 'privacy play' they maintain as a branding differentiator against Google.
why not? Short of developing for iPhone, iPad, or macOS, I don't think they bring anything new to the table that minor inconveniences on a Windows or Linux platform wouldn't solve.
I guess you have to use Linux because Microsoft does the same thing. Azure China is isolated from the rest and hold by a Chinese company; Windows and Office 365 has Chinese specific version; Skype is not available etc.
Apple's supply chain is China-based. If Apple doesn't pull app, then China's leadership probably shuts down that supply chain. China's leadership doesn't give a damn about Apple or Foxcomm or even the NBA. It's probably a real blow to Tim Cook since he is famous for setting up such an amazing supply chain. He put Apple in such a dangerous position. He caved and made up an excuse.
China isn't going to shutdown Apple's supply chain, that's revenue to Chinese companies. The threat is that they would make it more difficult for Chinese buyers of the iPhone or put regulatory hurdles in front of Apple to make it difficult to sell iPhones in China. China is one of Apple's largest markets.
I honestly don't think Xi cares. He is playing the long game and would rather China buy a Chinese company's product. I bet Apple is replaceable in his eyes.
That’s a double edged lever. If apple can’t make iPhones in china it can’t employ Chinese citizens, and these jobs move out of the country. So does the investment in training. Though it might clear up the market for local brands.
China isn't like the US, where Apple can use their trillions and lawyer up. China will just shut you down and take your shit. Guess where hkmap.live and the Chinese App Store employees responsible for approving it end up when that happens. Similarly if the "moral" thing for these companies to do is to divest from China, then HK will only be served by Chinese companies, and good luck trying to provide a police tracking app there too.
This is totally different from the Rockets situation, where it really is just a matter of principle over money. If Morey and the NBA stick to their guns, the NBA can just leave China, and other than some hazy concepts of goodwill and cultural exchange, nothing is lost except money.
I'd rather have Apple and others in China than without. A Chinese company capitulates immediately to the government, a multinational at least can put up some semblance of resistance, with international relations as a bargaining chip.
No, because unlike Taiwan, Hong Kong is internationally recognized (as well as by its own government) as a part of China. The Qing government declared a war on drugs in the 1800s, and started seizing and destroying British opium shipments. The British retaliated by occupying HK and forced the Qing to cede it, resulting in a 99 year lease. So while the other concessions were returned to China after the modern era began, Hong Kong remained British until 1997.
Come 1997, the Brits tried to tie various conditions on the return, mostly around them maintaining control over the government despite the territory now being owned by China. These were made under the guise of protecting freedom, but arguments can be made that they were just trying to hold on to some power. Given relative weakness of China at the time, they eventually agreed to this One Country, Two Systems compromise you might've heard of.
All this is to say, it's complicated; China has actually adhered to most aspects of it to date - there's no Great Firewall, HKers have their own passports, various freedoms of speech and assembly you'd be familiar with in the West. But it has no sovereignty of its own, and is very vulnerable to China encroaching on its citizens.
I understand Apple’s reliance on Chinese manufacturers, but at the same time, aren’t they sitting on roughly a quarter-trillion dollars in cash [0]? If Apple can’t use such wealth to pivot production away from China, or at least feel confident in this option as a contingency plan, then who can?
It's entirely plausible that the Hong Kong police have assembled a documented narrative of incidents of crime and abuse. The call for evidence into what might be a handful of cases isn't interesting.
What is unconvincing is that an app's potential to be used with crime is sufficient for people to understand Mr. Cook's bright-line, process, or thinking around the matter.
This app was likely being used in ways which critically supported the mitigation of risk to life, a fact which Mr. Cook described only as "benign"; the failure to discuss the balance against the app's relation to public health, and the failure to frame the nature of Hong Kong police and law, makes any attempted weighing suggested by Mr. Cook to be of low credibility as a lens into his process.
Presumably Google Maps, Search, and other apps also facilitates crime at a magnitude well beyond the app in question, but how does the weighing work?
Apple has their hands tied because of all the factories churning out their products that would come to a standstill if the Chinese government decided it wanted to. It's sad and unfortunate, but what other business decision would a CEO make if 80-90% of their future revenue stream disappeared overnight? Can someone else help me play devil's advocate? In any case, if we're so innovative as a country why can't we make more stuff here, that's the only solution, not globalism. This scenario is an unintended consequence of globalism. Apple isn't intentionally being bad, they probably don't have a choice, right? They put too many eggs in one basket. You can say too bad, but when the banks were bailed out, I was saying they deserved to go under as well.
> Moreover, what are these incidents where protesters have targeted individual police for a premeditated attack? Can Mr. Cook point to a single example? Can anyone?
The message stated that they had credible sources. That really should be enough in that type of communication. He was not trying to make a court case providing evidence he was describing the company decision to employees.
Now if there actually haven’t been any such cases then it adds question to the sources not to Apples decision or communication.
And really you can’t expect a company like Apple to start employing foreign government spies to infiltrate government institutions in order to provide credibility checking of information provided. If the police are saying they have reports of misuse of the app and violent attacks Apple has to act on that.
The venue really doesn't matter considering that the source is effectively unimpeachable. Sure, it might be proper for Apple to err on the side of caution when violence is involved, but in this case, there is definitely violence on both sides, and one side (the state) definitely has the upper hand.
Plus, the idea that the app could be used for specific targeting of individual police has pretty clearly been debunked.
In the end its really just a question of whether you think Apple should be on the side of egalitarianism or unrestricted profit.
Like lots of people have pointed out the email makes no sense. Any app can be used to do the things the Hkmap.Live app was banned for. So, in order to force Apple's hand it seems like people should start trying to use Apple's own apps to coordinate HK related protests and information to the point that China asks Apple to ban it's own apps. That seems like the only thing that would get Apple to have to deal with this apparent contradiction.
I'm not familar enough to know what that would be. Can you make custom maps on Apple maps like you can on Google Maps? Maybe someone could gather info and make custom maps once an hour that shows locations. Or they could post a feed of HKmap.Live screenshots to some giant iMessages list. Etc...
Some ideas of what might happen if they can get China to make the request to ban Apple's own apps.
1) Apple bans their on apps in response to requests from China the apps are being used for bad things
2) Apple ignores China and risks China banning Apple from China
3) Apple hastly separates the app store from the phone so they can claim they don't control the apps (probably can't happen fast enough to be an actual response)
4) other?
Of course if China never asks for Apple to ban it's own apps then nothing would come of this but the idea is basically to force a stronger response so that one way or another something happens.
If I were Tim Cook, I'd have said: "Sure, we'll comply with your demands" and then I would have immediately mobilized a covert engineering task force to push out an urgent bug fix that rigs every Apple device in the entirety of China to turn into a Winnie the Pooh brick on Xi's birthday
"For a company that usually measures umpteen times before cutting anything, it’s both sad and startling."
Apple measured their risk of people getting upset over a BS excuse to ban an app and compared it to the risk of pissing of the Chinese government, and made the appropriate cut. It seems to me that Apple have been incredibly careful and precise here. What's happened though is that the author of the post made the all-too-common mistake of thinking that Apple is a friendly, caring company who are "different" when it comes to things like this - they're not, they're just a regular company.
Yep that's the sad arithmetic behind capitalism - Apple are no different from any other corporation in this respect. But the problem is that people often see them as friendly and caring, when they maybe should step back and realise that such corporations are not their friends, don't care about them and would sell them out in an instant if it benefit them.
Jeez... when Apple loses Gruber you know they’ve fucked up. But what can they do? Generations of greedy American CEOs handed over the reins to China and turned them into a superpower. And now we’re all fucked.
I said it on another thread: that is most likely a copy paste from a mail sent by the CCP. I am sure the iPhones have been used many more times AS PHONES to convey the location of officers and demonstrators. But that is harmless?
> that the app was being used maliciously to target individual officers for violence and to victimize individuals and property where no police are present
The email has to be fake. Lots of apps can be used in malicious ways.
$1B for me is a life changing amount of money. $1B for Apple is less than .4% of their revenue.
I imagine you're a software engineer earning 100k per year. Would you take away a tool a group of people are using to try and fight for their freedom for $400?
So, it is much easier to judge others (Apple and whoever) and avoid acknowledging that for sufficient amount of money most of the righteous commenters here would be willing to sheepishly sacrifice their beliefs.
This is what happens when you're the sole arbiter of your platform. Give us the ability to control our own hardware and maybe this kinda PR scandal wouldn't happen.
The mindset of people expecting Apple to do certain symbolic acts, but finding it perfectly fine to continue pushing billions into China is somewhat baffling.
Let's hope so, because probably it was/is being used as the backend for the mobile applications too! Otherwise there is probably mirrors, both the front- and back-end
hacker news admins should investigate the downvote patterns on articles critical of china ...there seems to be a very strong downward pressure on articles critical of china — so much that i suspect there may be a down vote ring..
Dang explained yesterday [1] that there is a "common news item" penalty to stories to avoid very hot topics from dominating the front page, but that they have removed this restrictions from some articles.
I don't have time to dig up specific links at the moment, but if you look through https://news.ycombinator.com/posts?id=dang, you'll see that I've written about this extensively in the last few days.
China-related stories are anything but suppressed here—it has been the most-discussed single theme of the last week, and one of the most of the last several months. See these #1 stories from the last few days:
Seeing how dang danced around user flags here, and outright doesn't see anything unusual about how stories are sunk, I doubt that is done: https://news.ycombinator.com/item?id=21195297
When was the last time you saw mods mention that flagging privileges of some users have been suspended? For me it was around the Snowden revelations, when there were a lot of articles about that, a lot of complaints about there being too many articles, and apparently abuse of the flagging feature.
And I’m sure that China could just block or otherwise disable this app or just go kill the protesters if they wanted. But that’s not what they wanted. They wanted Tim Cook to drink a cup of Xi’s diarrhea in public and Cook happily did it.
The single page app at https://hkmap.live/ opens on iOS with a note telling you how to add it to your Home Screen.
That gives you a custom app icon, which opens as a live full screen map app w/o browser chrome.
This open mechanism to “sideload” what a regular user can’t tell the difference from an App Store app was the original iPhone app distribution strategy for both live and offline HTML5 apps, provided to developers before the App Store existed.
It remains relatively trivial to distribute apps this way.
It's still not clear how complicit companies were in the Prism findings.
Specifically, did Apple/Google/etc actively cooperate with the NSA (outside of court ordered warrants), or did the NSA break in, or did the NSA have agents within the companies.
If anyone knows differently and has a source the community would be very interested to hear about this.
Do you mean, being a victim of prism? When tech companies found out about the NSA wiretapping unencrypted connections between their datacenters they pretty much flipped out and got serious about security against nation-state attacks.
I don't. PRISM doesn't work how you described it, as far as I know... It is basically a backdoor to Apple for the NSA (so whatever Apple can see, the NSA can also see).
PRISM doesn't work the way you've described it. It ingests data from the FBI's Data Intercept Technology Unit, which handles court ordered wiretaps on individual accounts from Internet communications services. You can see this in the slide Snowden leaked.
It works for me as a share-holder. Apple's iPhone 11 is again popular in China and there are even reports of Apple increasing the 11's production to meet the high demand. Apple should not be doing anything to mess with the Chinese consumers and the Chinese government as China is a very difficult growth market to crack into. I believe that Tim Cook has done a great job of appeasing China and at the same time has worked a very fine line with Trump to keep i Phones out of the Trump's tariffs .
Collaborating with a genocidal government to disarm protesters is not doing a great job. Too strong of a statement? Consider this tribunal's findings of genocide on the part of the PRC, harvesting organs from political prisoners and minorities.
Tim Cook is a crook and a moral coward. Single signature signing authorities for software will always be inevitably used for evil, and here it directly has been.
Apple does have a choice here. An easy one. It could remove the requirement that all iOS apps have to be signed to run on Apple devices. Simple. And at that point the Chinese government have no further way to blackmail them.
But Apple has decided it's future ability to behave in an anti-competitive fashion is more important than democracy for the people of Hong Kong.
Honestly, as a person who prizes Apple’s products and happily depends on them for work, personal life, etc. I think Tim Cook needs to either open up sideloading or be promptly fired and replaced by somebody who will. None of this sits well with me. It is a situation we do not need to be in. I agree that he is a moral coward, and in far too important and dangerous a position to be so.
The first duty of public companies is to the shareholders. Users fuzzy feelings figure very little in the incentive structure. Sideloading is probably too damaging to the short term profits of the company to be on the table. Or it might not even be a question worth considering for the board .
At this point I would think the Chinese government would take such an action as "defiance". If Apple is worried Chine might close its supply chains, opening up side loading would really piss them off.
Plus it's just not in the DNA of Apple to do side loading. Goes against the grain of everything.
However, since the data is crowd-sourced, it wouldn't be hard for an attacker to inject bogus data rendering the entire website and app useless.
Which could be extremely dangerous for innocent civilians if people simply make up stuff. Someone could write, "guy in red shirt, blue jeans and white baseball cap having coffee in McDonalds is an undercover officer and beat a protestor last night".
Given the mob justice and violence that we've seen, it might be better that everyone simply ignores the site.
In the last week, HK police vehicles have been singled out, ambushed, officers mobbed and attacked with molotov cocktails. Rioters are shot in self protection. Mainland owned stores are targeted when police are not near. All aided by this app that is facilitating extreme violence on the ground.
Of course this doesn't add up to western main stream media news readers who were presented with one-sided peaceful protest narrative that is further perpetuated by savvy HK social media users trying to push the same propaganda. Any news to the contrary have been heavily suppressed on western social media to the point of forming an impregnable filter bubble escalating to the bewildering responses seen here. The cognitive dissonance is strong.
The entire controversy is couched in ridiculous language like kotowed or caved or capitulated when the simple reality is US companies have to conform to local laws and realities. I can see how people are confused, they were sold the idea that US companies are there to export morality, and now expect US companies to behave like foreign policy tools wielded for US geopolitical interests, ironically a charge frequently levied at Huawei. If China had an app that allowed US alt-right or antifa to target PoC/whatever antifa equivalent owned stores and attack the police, it would be pulled in a heart beat.
>If China had an app that allowed US alt-right or antifa to target PoC/whatever antifa equivalent owned stores and attack the police, it would be pulled in a heart beat.
If you’re going to end with this sort of false equivalence, it kind of colors the rest of your argument and makes me wonder if you are being disingenuous here. I further note that you make a lot of assertions with no facts to substantiate them, and refer to news reports on Hong Kong as propaganda, so perhaps I don’t need to wonder anymore.
It's only false equivalence to those zero familiarly of HKer/Mainlander dynamic. Which is the majority of western readers, hence their extreme susceptibility to biased reporting.
>If you’re going to end with this sort of false equivalence, it kind of colors the rest of your argument and makes me wonder if you are being disingenuous here.
The closest analogy to HK protestors are alt-right, they match all the hallmarks: disenfranchised, social media savvy, economically anxious youth who see their culture being displaced and their privileged being eroded by immigrant mainlanders. Rich ones come in to buy all the property, poor ones use up all the social services. These are common complaints to the mainland locust narrative - when the mainland sends their people, they're not sending their best.
A row between Hongkongers and mainlanders is reaching boiling point after internet users raised more than HK$100,000 in less than a week to finance a full-page 'anti-locust' advertisement in a Chinese-language newspaper in the city.
...
Mainlanders have already crossed our bottom line,' said Yung Jhon, who refused to disclose his real name. 'Why are mainland mothers flooding in to take up resources in public hospitals, getting our benefits and social welfare? Why do mainlanders ... refuse to follow our rules and order? We can't accept that.
Sounds familiar?
30 years ago, common HKer could get a low-skill industry or service job and make a comfortable living based off mainland exploitation. Then China's manufacturing growth made HK Detroit. After handover, 1 million mainland immigrants entered HK on one-way permits under family reunification plan in the last 10 years. That's 15% of the city. This culture clash is the same script causing right wing nationalism everywhere in western liberal countries. But because it's HK, and the sufferage angle plays well to western MSM, people close their eyes, pretend HK is some woke utopia, and that all those Pepes memes are innocent, because English proficient HKers who use western internet are somehow just like us in the west but also that naive.
>I further note that you make a lot of assertions with no facts to substantiate them, and refer to news reports on Hong Kong as propaganda, so perhaps I don’t need to wonder anymore.
Propaganda via omission. How long did it take for western news media to finally acknowledge the frequent violence happening on the ground? The racially motivated on mainland citizens and mainland connected businesses. The doxxing of police families. Why don't you do some research yourself. The fact that people here, beneficiaries of a free 5th estate somehow reliably have their opinions shaped to reflect US foreign policy positions is... interesting. It's Manufacturing Consent, Iraq WMDs all over again.
You have an incredibly condescending, disrespectful and aggressive tone, one that seems to suggest that you believe that everybody you speak with here is utterly uninformed when it comes to China. It’s not a good look, and probably does more to damage your point than if you had just argued in good faith instead.
This is all completely normal for a revolution in a region that wants to be independent. It's about time everyone recognized that that's what it is all about. Or did you truly believe that Hong Kong and everyone in it were okay ceasing to have freedom in 2047?
I believe 0.005% of the population can't revolt against an emerging superpower. People in the west think it's 7 million protesters when the reality is 7/1400 million. It's a fringe movement rooted in (justifiable) structural dissatisfaction expressed through bigotry against the only people who can help them. Ever considered why no protesters had the idea of waving the Chinese flag and petitioning the Chinese for change? Why they target mainland people, businesses and institutions while waving imperialist flags and using imperial insults, like Chee-na? The belief in the bigotry is what makes the belief in revolution impossible. Further the combination of bigotry, instability with democracy will ruin prospects of democracy across mainland and peace across the straight. The ideal that westerners think independence is remotely in the cards and actively cheering it on because it's good popcorn is incredibly worrying. Separatism/reunification is the #1 Chinese issue since founding of CPC and a clearly articulated redline with anyone remotely familiar with the issue. The longer HK drama draws out, the greater the chance of a hot war in Taiwan in 20-30 years.
Of course they can revolt, and the Emperor/King/Chairman can drown them in blood.
HK would a be a bitch to pacify, densely populated city with a ton of diaspora all over the world that can support insurgency with money, weapons etc. port that makes it easy to smuggle stuff in.
See Irish troubles for an example of how these things play out. Nobody is going quietely into the dark night. You gone have to come and take them.
Hey mate, meta comment, sorry to not be responding directly to the content of your comment. I noticed that your post history is almost entirely pro-China posts on the more political submissions here. It could be seen like you’re participating on HN for a political or ideological reason, which really isn’t what this site is about. I’m not trying to call you a shill or anything, just wanted to point out that there might be other forums better designed for political discussion.
I've gotten meta-shill accusations before. My answer as before, my interest in Chinese geopolitics, architecture, lifting and podcasts. I comment on those things when they (rarely) come up and have something novel to add. Sino-US topics are just all the rage recently and I think I have useful takes on the topic compared to the default tier of "I read Bloomberg and watch Serpentza".
A meta-comment from me. I enjoy reading what you are writing.
And it is a sad tale that one have to scroll down in the bottom of hn to see it as your comments are obviously more informed (ignoring the politics) than most other here. It just goes to show than hn is not really designed to discuss things which are very divisive.
And that is too bad. Because the rise of China and the comparable decline of the US is the single biggest change of our time. And it has big implictions for all things including technology.
Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?
And why should the US government be satisfied with a fully encrypted iMessage given that Apple will cave to demands given enough pressure?