Apple Caved
-
The UK government's obsession with being a Big Brother is so damn frustrating. A preview of what other governments will try and become in the near future, unfortunately.
-
Apple has three realistic options:
- Submit to the UK's demands and grant them a backdoor to encrypted backups.
- Disable encrypted backups in the UK.
- Leave the UK market entirely.
They went with #2, which is probably the least user-hostile option available.
From 1500GMT on Friday, any Apple user in the UK attempting to turn it on has been met with an error message.
Existing users' access will be disabled at a later date.
I am very interested in seeing what the UX around this will be. Ideally, they should give users direct notice well in advance, so they have time to plan a migration or mitigation. Of course, Apple makes it basically impossible to perform a full backup through any mechanism except iCloud, so......one more example of how vendor lock-in is inherently a security and privacy risk.
-
That’s not caving. That’s standing up and saying fuck you, your people don’t matter as much as the rest of the world because you’re lunatics.
-
Apple Caved. I'm no apple fan but what exactly would not caving have been here?
Make the backdoor?
Pull out of the UK ?
Fund an expensive legal battle against the laws of a democratically elected government? -
Curious what happens if you were someone would had opted in to ADP. If your data is fully encrypted, do you just get to keep using it that way? Does this only impact new users? Or, is Apple going to somehow capture users encryption keys and revert ADP?
-
The BBC article clarifies (not sure if NYT does as well, I can't read it)
Users will have a grace period to opt out of encryption before their data is deleted. Apple states they do not have the ability to automatically unencrypt the data.
-
I've got an android
-
I also have an Android and iPhone. It seems like I’ll have to switch from iCloud to self-hosting.
-
Apple did not cave
End to end encryption is MEANINGLESS if someone else also has a key
They removed a feature in the region to avoid setting a precedent that they would backdoor their feature on the whims of a shitty government
Now Apple gets to tell the UK that they would love to give fully encrypted backups but the UK government does not like encryption and security
-
America can't legally spy on its own people
The UK can
And the UK is in an intelligence cooperation with America
-
yeah I admit 'apple caved' was kinda just a gut reaction 'apple bad - encrypted backup good'.
If they fully caved we likely wouldn't have known about it, they'd have just put in a backdoor and given themselves and/or the uk encryption keys.
Denying encrypted backups because of this is probably best.You could argue apple does have the resources for a a legal battle, but you also can't really expect them to do that. They're not liberty or big brother watch.
I doubt that would go well in domestic courts anyway. After that, the ECHR could be sympathetic on proportionallity & art.8 grounds but its a lot of effort.maybe I should edit the title?
-
yea, its a blow to uk user's privacy & security but not caving. Caving would be implimenting a backdoor.
Title was a bit of an annoyed initial reaction, sorry there...
maybe best to improve it, i'm not sure? -
I would leave the title. It's important that people be critical but willing to adjust opinion.
Apple has fought these in the past (San Bernardino shooting / Phone unlock). It is honestly best for them to never take a case on this issue that they could lose.
-
Here in the UK, many typical phone users already assume that their data is shared anyway. Every person that i spoke to about this today asked why I think it's a problem as they have nothing to hide. A worrying position.
-
Exactly why we must shift from privacy to control, power.
-
Copy of my comment in c/apple:
Honestly I think this is the right move.
Pull the feature and tell the public that the government won't permit the public to secure their own data.
"I have security and privacy features for you, but your government won't let you use them"
Set the public against this overreach.
-
I agree that I was confused at first, until I remembered that any of the coalition countries (7 eyes?) has access to anything secret, they share with others that don't.
-
Saying “fuck you” would be more like “we’re no longer selling devices in uk and iCloud won’t work anymore”
-
@Strawberry Governments and corporations are powerless to E2EE employed by the users themselves, such as GPG/GnuPG/PGP. What could/will UK gov do against GPG and similar tools, especially those which are open-source and freely available?
I'm rooting for British people to defy their government and create their own pair of public and private keys using GPG/PGP or similar suite (preferably open-source, because they can be easily forked, adapted to easier UX/UI to any end-user, etc), sharing their public keys with each other so they can send enciphered messages, rendering useless such anti-E2EE British law.
-
Here's my response to this line of thinking:
"Would you be okay if I fucked your spouse/partner/etc? No? Why not? You're already having sex with them. What's the difference?"
Consent. That's the difference.
