Apple caved under pressure from China. The explanation Cook gave is not just an embarrassment, it calls into question the veracity of all of his other statements.
Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?
And why should the US government be satisfied with a fully encrypted iMessage given that Apple will cave to demands given enough pressure?
> Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?
At least in China, you can probably assume iMessage is back-doored given that iCloud content in mainland China is operated by a Chinese internet company. Apple quietly posted this last week on their support page:
"iCloud services in China mainland are now operated by Chinese internet services company Guizhou on the Cloud Big Data Industrial Development Co., Ltd., (GCBD). This allows us to continue to improve iCloud services in China mainland and comply with Chinese regulations."
It goes on to say:
"iCloud services and all the data you store with iCloud, including photos, videos, documents, and backups, will be subject to the new terms and conditions of iCloud operated by GCBD."
>Get a physically isolated instance of Azure for your cloud computing services—operated by 21Vianet, a company based in China.
Besides censorship and spying on users, China probably doesn't want it's company's data hosted in a place the US's 3 letter agencies can access it via an NSL.
I would be asking AWS about the future of AWS Hong Kong which has historically has had special freedoms from China. See current events for more on that.
For now, like you say. If China decides to make one country one system, it's curtains for all the Western infrastructure and instances located there. Depending on how it goes down, it could be a big security/confidentiality issue for the data located or flowing through there.
I'm hopeful China would have a lot to lose by pulling the plug, since Hong Kong is a valuable interface to the West, but it might happen sooner or later with how unstable geopolitics is becoming.
The inspection team has complete access to the network system. Inspection can cover both the technical aspects of the network system and the data/information maintained on the servers. See Article 10. The inspectors can fully access the system and they are permitted to copy any data they find. See Article 15. The only restriction on the inspectors copying the data in your company’s system is that the inspectors must provide you with a receipt. Though Article 10 “restricts” access to matters involving national security, the definition of national security in China is so broad that there is no real limitation on what can be accessed, copied and removed.
Aren't foreign companies not allowed to operate in China without partnering with local companies? I think most (if not all) companies that sell services and digital products (online games, etc) operate this way.
That's not the only possible model. You can also have wholly foreign owned Chinese subsidiaries in the free trade zone if you get the appropriate licenses granted. Forgot the details though, sorry. That setup is apparently relatively "easy" for trade with physical goods, our lawyers told us some years ago, but wanting to do e-commerce without selling physical items meant all sorts of additional licenses had to be sought, and since nobody had done that before, it was unclear whether it would go through.
I remember a hilarious 24h trip to Shanghai because the Chinese law firm had found somebody who was well connected and willing to talk to us. It was somebody's cousin. In the day long meeting, the lawyers were entirely tight lipped and refused to give any legal opinion, merely reading the letter of the law back to us (which is not useful at all in China). The only person who was willing to give any guidance (and preciously little at that) was the cousin.
It was simultaneously very serious, with lots of money at stake, hilarious, exhausting, exhilarating, difficult, full of (cultural, not legal) learnings, and very, very frustrating.
> That setup is apparently relatively "easy" for trade with physical goods, our lawyers told us some years ago, [...]
As someone who is going through this process currently (WFOE), the easiness of the thing was probably exaggerated by your lawyers ;). The most annoying thing is that it is quite hard to get a definitive answer of the kind of licenses one needs, who grants them, and especially the criteria to meet.
No, it is based on the account itself. There is no sync between the two sets of servers so that wouldn't work for them to base it on the physical location of the device.
Apple has been kind of marginal quality wise for awhile, mostly being better than the alternative because the alternative is garbage. But their handling of this makes much of what they say suspect.
I would believe them based on technical reasons. Given that there's a special system, hosted on another company's servers, just for China, syncing non-Chinese iPhones into the Chinese iCloud system would be more work, and for what gain?
it could also be argued that the current system of partnering with a chinese government backed partner company is more work. in these systems efficiency is only one consideration, abiding by the laws and regulations of the host country is another. however in this case from what i've read your icloud data is tied to the account's country.
Does that mean that a Chinese citizen can register their account in the US or buy a US account and avoid having their data handed to the Chinese government?
I personally think it's a bit more complicated than that.
Yes, a Chinese citizen can register an US or any other country’s account to avoid using GCBD data center. In fact, before Apple transferred all Chinese iCloud account data to GCBD, it sent out emails to warn related users, and instructed them to change regions if they don’t want to store personal data in China.
Although register an account is easy, maintain such account is a pain. First, not all Chinese citizen can get an international credit card that support US dollars, so no way to purchase apps; second, for those who can get one, App Store may not allow to use it because it’s not a valid US card; third, even they can use that card for purchasing apps, US App Store, iTunes Store may not have those Chinese specific apps or music; last not to mention that the behavior of an US account using non US card outside US for a really lone time may trigger anti fraud protection.
> "iCloud services and all the data you store with iCloud, including photos, videos, documents, and backups, will be subject to the new terms and conditions of iCloud operated by GCBD."
How do I know if my data is on the Chinese iCloud? I've been to China once and connected to iCloud.
From the other comments, it's more likely to be the region of one's Apple ID, which is decoupled from the region of one's phone.
As one can log in and out of multiple Apple IDs (from different countries) in the App Store without breaking anything synced with one's primary iCloud account, it's very likely that Apple encourages this as a best practice.
>Apple has already publicly said in court filings, and under threat of perjury, that they don't make any exceptions for China.
From Apple's filing [1]:
>Finally, the government attempts to disclaim the obvious international implications of its demand, asserting that any pressure to hand over the same software to foreign agents “flows from [Apple’s] decision to do business in foreign countries . . . .” Opp. 26. Contrary to the government’s misleading statistics (Opp. 26), which had to do with lawful process and did not compel the creation of software that undermines the security of its users, Apple has never built a back door of any kind into iOS, or otherwise made data stored on the iPhone or in iCloud more technically accessible to any country’s government. See Dkt. 16-28 [Apple Inc., Privacy, Gov’t Info. Requests]; Federighi Decl. ¶¶ 6–7. The government is wrong in asserting that Apple made “special accommodations” for China (Opp. 26), as Apple uses the same security protocols everywhere in the world and follows the same standards for responding to law enforcement requests. See Federighi Decl. ¶ 5.
and a declaration from Craig Federighi personally [2]:
>Apple uses the same security protocols everywhere in the world.
>Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government. We believe any such access is too dangerous to allow. Apple has also not provided any government with its proprietary iOS source code. While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device.
>It is my understanding that Apple has never worked with any government agency from any country to create a "backdoor" in any of our products and services.
>I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct.
When China wants something from iCloud they do it the same way that law enforcement does it everywhere in the world, which is through Apple.
If you look at "E. Access to Your Account and Content" section in the Chinese iCloud T&C [1], it seems like there is an extra clause there not present in the same section in the US T&C [2].
"...You understand and agree that Apple and GCBD will have access to all data that you store on this service, including the right to share, exchange and disclose all user data, including Content, to and between each other under applicable law."
Apple has said in statements to the press, as well as Tim Cook's interview with Vice, that they retain the keys and that they haven't been made available to GCBD.
>Originally, iCloud data was stored on Apple-controlled servers, with the Cupertino company holding the encryption keys. Apple announced a year ago that this would change to comply with new laws in China, and that data for Chinese iCloud accounts would be moved to a server run by Guizhou-Cloud Big Data (GCBD), a company owned by the provincial government.
>However, I have spoken to Apple today, who confirmed that it still holds the encryption keys, and states categorically that they have not been made available to either GCBD or China Telecom.
Because in the vice interview you keep citing he specifically dances around answering that question.
The servers were nationalized and the TOS agreement was changed since that 9-to-5 article came out.
Maybe Apple isn't giving access, but forcing the users to move to data centers which are later nationalized, and Then forcing users to agree to give access to that same state-owned company doesn't sound like they are restricting access anymore.
Apple itself states that it cannot access data in China without permission from the contracting company. Why would the Chinese government ask apple for data it can't provide, but a Chinese company could?
Also note your documents are from 2016, these events mostly started in 2017.
The boilerplate ToS doesn't contradict anything they've said in the court filings I linked to or the press statements and Tim Cook's interview (linked to in the original thread) about how iPhone/iCloud security works in China.
Please don't copy-paste the same comments on Hacker News. It lowers the signal-noise ratio. Threads are supposed to be conversations. In good conversation, people don't recite boilerplate at each other.
Your comment has made a really really deep impression on me. For the past several years, I’ve been a hardcore Apple loyalist only for their stance on privacy and security.
It’s time to stop being deluded. I’m going to stop paying premium for apple and assume all my devices are hostile by default.
Before you made such judgement you need to think why you have freedom of speech and privacy here, because they all protected by US laws. The companies here can do things against government for protecting users privacy and security is because laws protected them.
Also, the privacy people talked about these days is more focusing on how these data got stored and used by companies and advertisement agencies. They shouldn’t use your data for profit without appropriate consent.
All the companies here in US will follow court orders and hand over personal data when they required. In this case, no company can again the court and refuse to provide data.
Back to this case. You can assume your dats is safe here in the US, because it’s protected by the laws.
> You can assume your dats is safe here in the US, because it’s protected by the laws.
I honestly don't think that you can assume your data is safe in the US. The laws are lax and not well-enforced (and are mostly civil in nature anyway). The US may be better than China on this score, but it's worse than a lot of other modern nations.
I agree that Apple's stated rationale for removing the HKmap.live app is embarrassing and the removal is a capitulation to China's government.
The reasons China's government has decried the app are bogus, but those false reports and allegations do not originate with Apple.
However, Apple appears to be accepting those reasons at face value and probably because Apple is kowtowing.
Regarding whether iMessage is free from backdoors, Apple has given no reason for anyone to believe they are outright lying about the technical features of their software and hardware or their position regarding privacy.
In other words, Apple appears to be caving into pressure from the Chinese government and Apple are openly admitting this surrender.
However, Apple has not to date lied about what they are doing and we do not yet have a reason to doubt their representations about the security of their encryption.
> However, Apple has not to date lied about what they are doing and we do not yet have a reason to doubt their representations about the security of their encryption.
Did you read the original link, or the memo it linked to?
"the app was being used maliciously to target individual officers for violence and to victimize individuals and property where no police are present."
This was written by Tim Cook, speaking for Apple. That is Apple lying about what they are doing.
That is a ludicrous interpretation of that statement, in my opinion. Apple is being told by the government of a nation they're operating under that the law has been broken and that those things happened. What is Apple supposed to do in this case? Tell China "we don't believe you" and then what? You think China is going to change its tune? Or do you think Apple can get away with saying "Ok, fine! We're not going to do business here!" with zero repercussions?
This is not Apple lying. This is Apple making public what they were told by the Chinese government. Apple is not the bad guy here. China is.
Once again, Apple is in complete control of their App Store. They are the ones who decided to remove the app because of financials. This is the price of doing business in China.
You can lie by omission. iMessage depends on IDS Directory Servers for two phones to exchange public keys. If China can spoof or run their own IDS Directory Server, they can potentially execute a man-in-the-middle attack.
> Regarding whether iMessage is free from backdoors, Apple has given no reason for anyone to believe they are outright lying about the technical features of their software and hardware or their position regarding privacy.
Except if you live in China and have backups/storage on iCloud used by the various things you do with your iPhone.
So you are saying that an organization that supports false accusations by others, but is not known to originate them, should be given the benefit of the doubt about assertions they originate.
Here is another model: an organization that supports falsehoods to placate someone powerful in a small matter, like hosting an app, can be trusted to placate the powerful in a more important matter.
> However, Apple has not to date lied about what they are doing and we do not yet have a reason to doubt their representations about the security of their encryption.
Today, they showed that they are willing to lie under sufficient influence.
This sole data point is sufficient to tarnish what was assumed to be a perfect record.
There is no such thing as 99.999% integrity. Apple either has 100% integrity or is inviting you to play russian roulette with it’s products and services.
We might have already rolled the dice enough times - 1.4e9 active devices trusting apple about 10 times a day for 282 days this year = 3.948 trillion rolls of the dice. A 0.001% chance of betrayal by Apple is 39.4 million betrayals this year (approximately the population of Canada)
>Apple caved under pressure from China. The explanation Cook gave is not just an embarrassment, it calls into question the veracity of all of his other statements.
What veracity? He is a businessman in a trillion dollar company. He says what pleases the market -- the domestic and the foreign one, not his personal beliefs...
The first priority is always profits or growth.
If one sincerely cared for the environment for example, would stop tons things that Apple is doing, not just one. The CEO of a multinational churning consumer gadgets by the shit-loads only cares for the environment to the degree that said caring doesn't impact the bottom line.
>Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?
Well, that's an easier thing to answer, because there would be leaks from Apple employees (NSA had leaks, for Apple it would be many times easier) if that was the case. Tons of engineers would know.
>And why should the US government be satisfied with a fully encrypted iMessage given that Apple will cave to demands given enough pressure?
Because Apple will also cave to their demands.
Besides it's another thing to please some foreign customer by caving in to remove an app (especially if said foreign customer is a sovereign state and the app is anti-policy -- companies are not in some obligation from the US or otherwise to side with protesters), and another thing to e.g. cave in to China and give them a backdoor to iMessage as you seem to imply as a potentiality. In fact the latter would be treason (or close) for a US-based company and have much more serious repercussions...
Part of Apple's image that earned it loyal customers is that they care more about their customers than most other companies. Apple doesn't sell your data, it protects your privacy, will fight government agencies asking for user's data, etc.
>Part of Apple's image that earned it loyal customers is that they care more about their customers than most other companies.
>Apple doesn't sell your data, it protects your privacy, will fight government agencies asking for user's data, etc.*
That's a quite recent thing, say starting around 2015 or so, as a differentiating branding to Google, Amazon, and Facebook. They might mention it here and there, but they didn't tout it all the time before, and almost none before 2012 with Jobs. And Apple had already had its huge rise by that point. It's not like the "privacy conscious" are a large enough market to make for the later growth. In fact, if anything, the privacy conscious would have moved to Apple first.
Plus, Apple is not "pro privacy" because it's some political champion of privacy, but simply because it's business model (hardware, software, services tied to them) doesn't need selling ads and user data. Whereas Facebook's and Google's whole business model revolves around turning user info to targeted ads...
Apple's image was "the computer for the rest of us", "empowering people", etc. Even the 1984 ad was about corporate sameness and drudgery of then computing, not about some anti-government rebellion.
Apple was never in politics or taking some stance to world affairs (besides "Against AIDs" etc), and before Cook came out (and the cultural/marketing climate was friendly to jumping on the bandwagon), they'd never cared for the LGBT movement either.
A lot of that was for PR, especially against rivals like Google and Microsoft. Apple definitely made some improvements but there were better approaches for just about everything they did that would've helped users and industry alike.
Who thought most of these things? Every Apple customer knows that Apple overcharges for everything but the alternative is not acceptable to them (Android, Windows, etc) l.
Apple doesn’t sell your data because it’s not their business model.
Most people don’t care about privacy, if they did, they wouldn’t use Facebook or Google.
I wonder how much this "Apple is fighting for your privacy" image isn't even intentional PR, but just an accident. Watching HN threads over the years, as Google kept doubling down on surveillance capitalism, the usual "Apple vs. Google" / "Android vs. iPhone" threads started to point out that Apple is not doing what Google is doing. I have a feeling the opinion of Apple being pro-privacy has spiraled out from this.
When Apple split with Google, they did so over access to customer data. At the time wall street was salivating over the huge profits to be gained from mining customer data, and Google was dangling billions of dollars in front of Steve Jobs' face to get him to fold. He didn't, and also turned down lucrative deals offered by Facebook.
That was all at a time when user privacy was widely seen as a marginal issue, and long before big privacy breaches regularly got into the mainstream press. Apple could have made huge amounts of money, but instead they turned those deals down and instead spent billions of dollars building their own maps and engineering iMessage with end-to-end encryption. No other tech company has come even close to Apple's record on user privacy and security. I can't even think of another one that's even tried.
That's what's so upsetting for me over this HK Maps issue. I know they have a lot at stake, including the livelihoods and safety and security of thousands of employees in China, but I still think they made the wrong call on this.
iMessage is pretty secure, but there are practical limits to how secure it can be, while also enabling cloud backups and data recovery options. Here's a somewhat sensationalised take, which does go into the practical reasons for the limitations. What it doesn't point out is that if you don't enable iCloud backup (maybe just backing up to iTunes), your secure keys never go to the iCloud servers so there is actually a way to stay secure even in China.
Apple could never out-Google Google, and they knew it. Accepting Google's suit without their own alternatives by default would have relegated their platform to be just another Google app launcher for key functionalities.
They instead opted to pursue a business model that played to their own strengths.
You seem to believe that Apple's iMessage service is somehow exempt from Lawful Intercept requirements. Let me quote from those in the EU (China's requirements could be more lenient, but I somehow doubt that):
"3.3 If network operators/service providers initiate encoding, compression or encryption of telecommunications traffic, law enforcement agencies require the network operators/service providers to provide intercepted communications en clair."
On iPhones running google services, either Apple is in it just for the money or they aren't. Apple maps cost them a fortune and makes them no money, that's just a fact. They could also have easily played Google, facebook and twitter against each other, instead they said no to them all.
Lawful Intercept has a fatal flaw. It doesn't require the service provider to have encryption keys for the traffic, and they can't provide what they don't have.
Tim Cook previously said "not on our platform" before and people warned about censorship and centralized control that would eventually harm to the most dependent users. This is the direct outcome of such a policy where a few have ultimate power over the masses. It's a sad development for Apple.
> Why should users believe that (closed source) iMessage encryption is free from backdoors
That's an easy one: the encryption happens client side and thus any backdoor has to sit on the clients and, if it exists, would be available to security researchers. There is no guarantee of it happening, but I believe some of those researchers reverse engineer whatever binary apple published and then check it for backdoors.
Of course there are still tricks that apple could pull, like adding backdoors only to targeted phones, changing the filesystem to present one version of the binary to the OS command that executes it and another to anyone else (like security researchers), extracting the unencrypted message contents using chips that sit on the memory bus (e.g. baseband), etc. But these tricks are harder to pull off and are still detectable as they happen on end-user devices.
They definitely won't say "yeah there is a backdoor". Ultimately, you need to trust them.
Doctored binaries (that leak private keys) can be sent to only select devices of a people under surveillance. So reverse-engineering generally available app will show nothing.
Apple REALLY must be coerced into allowing app sideloading (and accept push notifications not only through APNS)
I wish they could take some middle ground here for example requiring that users read out loud a 1000 word statement describing the risks involved and limiting access to capabilities like background refresh, notifications, etc. if the user hasn't interacted with that app in a week.
Or they could just beef up progressive web apps...
The OS comes from apple, too. How does sideloading help when the OS is backdoored? How does installing your own OS help when there is a backdoor in the hardware?
Sideloading helps to install the apps you want (or need), not the apps Apple allows you to use. Thing is, you buy a very expensive piece of hardware, and you don't even truly own it. Of course, Apple frames it as 'care to protect you from malware', but in reality, it's just a digital handcuff.
> Apple caved under pressure from China. The explanation Cook gave is not just an embarrassment, it calls into question the veracity of all of his other statements.
I was thinking about the complexity of the world the other day, and how so many people hold diametrically opposed beliefs, but often based on solid reasoning and genuine facts. How could this be?
If you think about it, the modern world is so complex, with so many facts (some of which are actual facts, some of which are popular opinions now considered to be fact), with all of the inter-connected, Nth order cause and effect going on, how is a person who wants to be as objective as possible supposed to actually come up with a reasonable model of what's going on, even if they're willing to put in the work? People skilled in communications and the psychology of persuasion can pick and choose a subset of "facts" and put together plausible and completely contradictory descriptions of the very same story, and done correctly it's very difficult even for the vigilant to know you're being duped. So what's a person to do?
What I came up with is the idea that yes, one should indeed take "facts" into consideration, including some sort of notion of trustworthiness for each fact, but what's missing is the value of lies in coming up with one's model of reality. So, when trying to figure out what the real deal is on any given situation, don't first look for the facts, but rather the obvious lies - if you can find obvious lies or misrepresentations of reality coming from powerful (politicians or corporate leaders) or influential people (the media), this is probably a good trail to follow to lead you toward the most important parts of the truth. Of course, there's lots of complexity involved here as well, you have to consider the nature of the bias from the messenger, compare versions of the lie across different outlets, etc etc etc, but in many cases I suspect this is a highly productive approach for maximizing the correctness of one's models.
So in this case, as the article points out, "However, over the past several days we received credible information....that the app was being used maliciously to target individual officers for violence". Obviously a lie, although in this case, considering Tim Cook's no dummy I expect he knew everyone would know he's lying, so I wouldn't form any specific conclusions on this, other than money >>> honesty and principles for him, but why should we expect more from him than any other important person in Western society....this is just how we are. Despite the wonderful sounding platitudes we tell ourselves, this is our culture. And the Achilles heel that I believe China will be able to continue to exploit indefinitely, because I simply can't see it ever changing, it has become so normalized that hardly anyone can even recognize it anymore.
EDIT: Thinking more, with this being so obvious once you're aware of it, I can't imagine this is a unique theory I've come up with. Does anyone know a name for this style of thinking?
> …the modern world is so complex… […] …with all of the inter-connected, Nth order cause and effect going on, how is a person who wants to be as objective as possible supposed to actually come up with a reasonable model of what's going on, even if they're willing to put in the work?
If you don't already watch it, you may really enjoy "The Good Place". (Any additional elaboration would be a spoiler.)
Law enforcement, district attorneys, and judges have a lot of latitude about how the law is applied. Not to mention the latitude that regulatory agencies have.
The US isn't a closed market and can't effectively eject Apple from the market. While I disagree with the choice Apple made, it's a very rational one. Permanent removal from China would probably be worse for freedom in China over 20 years, and massively worse for Apple in the short term.
No company should be expected to back or foment a revolution somewhere, from my perspective they're looking out for their own beet interest and the best interest of their customers.
> Permanent removal from China would probably be worse for freedom in China over 20 years
If there is one myth that the past couple of weeks have conclusively debunked, it is the idealistic conceit that the presence of western businesses in the Chinese market will inevitably liberalize China.
Past couple of weeks? Developing China's economy and integrating it into world markets with the expectation that it would liberalize China has been a pipe dream for a good 30+ years now.
I honestly don't care when Apple complies with local law a la iCloud China. I think that is disappointing but completely reasonable, whether we agree with the law or not.
However, Hong Kong is a special administration region, and has historically enjoyed high level of judicial independence. When Apple takes the clue from a Chinese government newspaper - not even a legal request - and do the CCP's bidding proactively, it crosses a line. This is not compliance. This is self-censor.
You can argue that Hong Kong is part of China, and therefore Apple's operation in Hong Kong should comply with Chinese law. But what is next? China also claims sovereignty over Taiwan, will Apple self-censor Taiwanese App Store soon? Will Apple removes the Taiwanese flag from Taiwanese iOS users if China government demands so [1]?
It's also sad to see Apple pushes back on US government requests because they can, and kowtows to the Chinese governments without their having to even sending a take-down request! If one day Apple fires some employee because the Chinese government thinks he/she "hurt Chinese people's feeling" in a personal tweet [2], I will not be surprised!
Taiwan is an independent country, no matter Chinese gov admits it or not. It has their own government, laws, military etc.
Hong Kong is not, it’s only a special area belonging to China. When British handed it over to China years ago, China promised the situation will not change for 50 years. Although it’s a lie, it shows that China will have full control of HK eventually.
> Permanent removal from China would probably be worse for freedom in China over 20 years,
Huh?
> No company should be expected to back or foment a revolution somewhere, from my perspective they're looking out for their own beet interest and the best interest of their customers.
Profit is not an adequate moral compass. I deeply disagree that by forming a corporation, individuals who would otherwise have ethical obligations are somehow no longer obligated to behave ethically. You're literally claiming that it's okay to enable the violation of human rights for profit.
Removal of an app is not enabling the violation of human rights. Now if Apple turned over the name and address of every person who had the app, that'd be the enabling of violating human rights.
> Removal of an app is not enabling the violation of human rights. Now if Apple turned over the name and address of every person who had the app, that'd be the enabling of violating human rights.
This is the line you want to draw? "I didn't help them tear gas the protestors, I just made it harder for protestors to avoid being tear gassed?"
No, it's Apple. The Chinese government is crying, and Apple, being the spineless company that it is, buckled under the slightest bit of pressure. Apple removed the app from their app store. Apple is in complete control of what apps are in there.
Isn't that more of implementation detail? I've seen a few browser based game demos that work well on the iPhone and caching can also be done on mobile. While an app may be better for low end Android phones from an optimization standpoint, there are no "low end" iPhones that have been introduced since 2013 that wouldn't have a decent enough processor to handle a web based, optimized app.
I don't believe that more people -- especially on HN -- are focusing less on the web as a means to get around the "wall garden" than focusing on sideloading.
For one thing, pretty much every Android device made for the Chinese market has had its OS adulterated in some way, at OEM build time, at the behest of the Chinese government. Whereas, Chinese resellers can't really adulterate an iPhone's OS; there's just the one OS image (per model), signed and sealed by Apple, and if China wants to put a rootkit on it, they'd have to convince Apple to put it into that same base-image where any random security researcher (outside of China's reach to quash publication) might find it.
(And yes, either way the phone's baseband will be adulterated by Chinese ISPs at the government's behest, but modern smartphones isolate themselves from their baseband pretty well, so this only matters if you're using your phone as a phone [calling/texting], instead of as a tablet with a data modem.)
No point in debating the details of which tech is more secure or what is encrypted or adulterated or whatever. Apple has made it clear that they will make sure the Chinese gov't gets what it wants. Even in a supposedly "autonomous" Hong Kong, China complains and Apple submits--flags, apps, speech, whatever. No need to even go to court, and certainly no point.
So Apple has made it clear that if China wants something, the tech details won't matter. "Oh, I'm sorry, we don't have that information to give you." "Well, start keeping it from now on, but don't tell them, because telling them would offend us, and you don't want that...."
"So Apple has made it clear that if China wants something, the tech details won't matter."
This is an interesting statement and has important implications here in the United States as well: who's the bigger entity? The Multinational Megacorporation or the Country? Who dictates terms to whom? If a company wishes to do business in a country shouldn't they be expected to follow their laws? We need to be very careful in how we answer this question because we're at risk of losing our own democracy to a corporatacracy.
Apple's iCloud servers for Chinese users are located in China, run by a Chinese tech service provider and provides them with the keys - as stipulated by the Chinese government. Of course the government has access to the data.
"The iPhone maker’s latest Transparency Report reveals it received 32,342 demands from governments around the world to access 163,823 devices, with 80 per cent of the requests granted."
Come on, seriously? This is what they ADMIT to worldwide.
Again, what they admit to. And that's only on the second half of 2018. With all their regular anti-consumer practices on hardware, you're really going to imagine they're champions of individual freedoms and privacy?
However, there is nothing stopping Apple from making separate builds with extra "features" for the Chinese market, and installing them. Same keys, OS version chosen by region. Boom. Chinese version acceptable to Chinese government, rest of the world secure. Easy.
From my experience in this area, I would expect the Ministry of Industry and Information Technology to accept nothing less.
Right. But of course the Chinese government has asked Apple for a backdoor, and (to our knowledge) Apple has not provided that. So long as that's true, an iPhone really is one of the most secure option for Chinese residents.
Apple is open about the fact that their cloud services are operated by a Chinese company in China. No Chinese company has the option of refusing government demands for access to information. Therefore, at least the cloud services should be considered backdoored.
Agreed, not to hijack, but I fail to see the that $ORG not being at the table Vs. them constantly redefining morality for their actions to be at the table to be a less worse outcome.
Let’s call it what it is: bribery and corruption. It’s under the guise of market access, but it’s effectively still a payout by a government to do that you’re told. Apple wants to have it both ways, we are a moral authority in the US where we don’t have to worry about government interference but because we want access to the China market we’ll do whatever the government tells us to do. How much more dependent does China need to be before China can control other behavior it doesn’t like.
> they're looking out for their own beet [sic] interest and the best interest of their customers
I'm sure you think you just explained this, but it completely escaped me. How is yanking this app in the best interest of their customers?
Let's break "their customers" into 3 groups:
1. Protestors in HK. It clearly isn't in their best interest . So not those customers, right?
2. Non-protestors in China (including HK). You're argument is that this way they can still enjoy Apple products? Even though those products can no longer be trusted not to betray them to any whim of a hostile government?
3. Customers outside China. The argument here seems to be that Apple makes lots of money in China and that an Apple that makes tons of money in China and outside of China is better for non-Chinese customers than an Apple that makes tons of money outside of China but not inside of China.
This third group and justification is the most interesting to me. I stipulate that I have put words in your mouth. So let me take those words out of your mouth and just say this is the only way I can make sense of what you wrote.
When I follow this train of thought the only way I can see it being true is if Apple's very existence is threatened if some other company were able to fill the void in China, then leverage that to gain so much market power outside of China that they could squash Apple. And even that alone doesn't make things worse for (former) Apple customers. The only way that would be worse is if this hypothetical competitor's products were actually worse than Apple's and only able to dominate the market because of the market power they enjoy due to Apple's absence in the Chinese market.
That is such a stretch that I feel your argument should be dismissed. Can you fill in the holes of my understanding to help me see things your way?
I think this is an extremely important discussion because it seems to be the mindset held by a lot of decision makers. Is the NBA worried that they will stop making many $millions if they don't expand into China? That is, not only will they not double or triple their profits; they will actually stop making money outside of China? Is Disney worried about this? Are Microsoft and Amazon? Is it a fight for survival? Or is it pure naked greed?
Perhaps it could be argued that Apple is completely dependent on manufacturing facilities within China and losing that access would indeed be lethal. Some of Apple's biggest competitors outside China recognized that risk a long time ago and moved to minimize it. Why has Apple left themselves so vulnerable? Is it the only way they could produce inexpensively enough to stay competitive? Or is it, again, pure naked greed?
The argument as I understand it is that group 2 mostly does not care about being protected from their government or even agrees with the government's actions, and they get to benefit from continued access to Apple's superior products. I'm not endorsing this argument, but it's not prima facie crazy.
No, but the US can make it hard for certain companies by imposing tariffs that hurt certain industries and “investigating” companies that get on the wrong side. Do you think a Democratic administration would target companies run by the “liberal elite” or that a Republican administration would go after churches that are supporting political candidates?
Spyware is routinely found preinstalled on Chinese branded phones, and Chinese border guards will install spyware on tourists' Android phones. iPhone users are much better protected from this stuff.
If your phone is backed up to iCloud, and your phone (or iCloud account, it's not clear) has the region set to China, then your messages are most likely accessible by the Chinese government, because Apple's cloud services are operated by a Chinese company in China, and Chinese companies don't have the option of resisting information requests from the government.
Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?
And why should the US government be satisfied with a fully encrypted iMessage given that Apple will cave to demands given enough pressure?