The following was posted on Macrumors. Definitely not a perfect user-first response from Apple, but didn't seem terrible either. Particularly because Apple wasn't the source of the issue, the issue was people downloading an unofficial XCode tool not made or hosted by Apple. Apple discovered it (just like many researchers did) and made various (non-perfect) efforts to mitigate it. And according to Macrumors, the attack did not really lead to any serious consequences. Not sure if that's true but I haven't seen any evidence to the contrary either.
> Apple did ultimately inform users that downloaded XcodeGhost apps, and also published a list of the top 25 most popular apps that were compromised. Apple removed all of the infected apps from the App Store , and provided information to developers to help them validate Xcode going forward.
> XcodeGhost was a widespread attack, but it was not effective or dangerous. At the time, Apple said that it had no information to suggest that the malware was ever used for any malicious purpose nor that sensitive personal data was stolen, but it did collect app bundle identifiers, network details, and device names and types.
Not according to the article: “For developers to have run the counterfeit version, they would have had to click through a warning delivered by Gatekeeper, the macOS security feature that requires apps to be digitally signed by a known developer.”
Worked just fine. Developers circumvented it. Should’ve been the red flag.
I remember there are some laws about disclosing breaches. Did this happened before those laws or the letter of the law does not apply in this specific case.
For the anti-regulation guys, please explain how free market helps in this or similar cases and why a law to demand transparency for this cases is also evil. (I am still waiting on other threads an explanation that regulation that only forces transparency and what is tracked and shared is bad and free market solves it better)
I'm not sure the law applies to Apple in this case. It wasn't Apple that was hacked. Another way of looking at it is if Facebook was hacked, and the hacker put malicious code into the Facebook iOS app and Apple notices, it's Facebook that is the liable party; Apple just noticed.
I'm not sure any particular law like that applies to Apple, but I would actually be somewhat surprised if they didn't. You bought an Apple device, used it to access Apple's servers, which pointed you at software hosted on Apple's servers, which you proceeded to download from Apple's servers, if it was non-free software you paid Apple for it, and Apple has final approval over any software that is actually distributed to consumers.
Edit: And if you were infected via way of an update, the update mechanism is Apple's software asked Apple's servers if there was any updates, and when Apple's servers said yes they downloaded software from Apple's servers and deployed it on your phone.
So if a criminal sneaks into a Campbells soup factory and poisons a batch of tomato soup, the proper response should be to blame Walmart for selling it. Impeccable logic.
"Blame", no. Require that Walmart issues a recall, alerts the purchasers of the defective soup, and issues refunds, yes, that is how the law works.
Walmart in turn can go after Campbell for the cost of the refunds, but the end purchasers aren't a party to that suit. Campbell (and maybe Walmart directly) can also go after the criminal for damages, again not the consumers problem.
>Apple did all the things you described in the first paragraph.
Wow, you are arguing here without even reading the article or understanding the reality!
Short resume for the lazy : Apple guys were working on creating the emails to inform the victims (stuff like send the emails in the correct language) but in the end they never sent the emails. So from your example, some guys knew they sold some food that had poison in it(somehow the bad guys were clever to sneak pass their guards and put poison in the cans), the guys were concerned and were ready to go and announce the victims that they might need to do some health checks. But then Timmy said "the poison is not that strong, let's wait and see , if nobody notices we do nothing , we don't want the people to know that our walls and guards are not as great as our PR and fanboys claim to be. That would mean that out best PR line `think about grandma` was a lye all along"
On the contrary, the complaint is that they did not. They specifically chose not to alert those affected.
But also... you do understand that we're talking about analogous but not identical laws here right? The context of this entire thread is laws that specifically require notifying people of data breaches, and not laws that require recalling bad food.
Apple/Google restrict what apps are in the Store , they and their fans will say that the locked store is for security.
When Apple/Google review fails (it will never be a perfect review process), reasonable people would say that Apple/Google would not only remove the malware from the store but they would also at least notify the victims.
Apple controls and approve Appstore apps. If it were in the app Apple is clearly also a party since they are paid to approve it. It's only s matter of time before the EU will smack Apple down.
Apple insists on having editorial and technical control over apps, but also they take no responsibility for their decisions and their technology that allowed bad apps.
It's their platform, their APIs, their sandbox, their store, their verification, their rules, but when something goes wrong, it's someone else's fault. That doesn't seem fair (even though it's legal currently).
>It's their platform, their APIs, their sandbox, their store, their verification, their rules, but when something goes wrong, it's someone else's fault.
Does this also mean Microsoft is at fault when someone writes malware that exploits Chrome on Windows? After all it’s the Windows platform and API. Should I also blame RMS when someone writes malware in C? After all they might have used the libc.
>Does this also mean Microsoft is at fault when someone writes malware that exploits Chrome on Windows? After all it’s the Windows platform and API. Should I also blame RMS when someone writes malware in C? After all they might have used the libc.
Say someone put malware on Ubuntu or Debian official repos, the developers find it and silently cleanup the mess but keep it quiet because of PR. Who should notify the victims> the package maintainer, the individuals responsible for the malware, the distribution as a whole?
If the Microsoft Store or Steam distributed malware, even if they I expect from them to aknowledge what happened, plans to improve the situation and the victims should recieve an email or notification in the store with what happened,and what should they do.
I am not asking for Apple to get the blame for the malware , just to acknowledge that the Store is not 100% safe and this can happen (bad for PR) and let the victims know.
In a situation with less top-down regulation, security-focused users are more likely to rely on guarantees and audits, perhaps causing them to select different vendors.
If you don't have regulations then you can have a company putting false labels like "Approved by the National Agency for Food/Software/Equipment safety", then each user needs to individually try to research if this agency actual exists, if the label is correct etc.
Remember the class action lawsuit that forced Apple and other companies to admit that the products have a defect and provide compensation. Without a law and regulation those people would not have got their fair justice.
Also I do not see how free markets could prevent some company selling you bad products, and when the PR is bad enough just re-branding and start over. Or how free markets can help with imported products that could be unsafe, you need basic regulation that impose transparency (who made the product, what it contains and other related information).
If so few users care about security, why should the government regulate for that outcome?
I think theoretically the argument above makes sense, but in reality it doesn't. The market that exists doesn't provide a solution because the barrier to entry is basically infinite. Even Microsoft couldn't offer an alternative to iOS and Android because Microsoft couldn't do it alone. It's a natural monopoly problem, which means normal market arguments don't work.
Isn't this the case already (to the extent that each security-focused user finds it practical)? Would decreasing top-down regulation somehow make it easier for those users to select vendors based on their security practices? Or perhaps, would it increase the number of security-focused users?
Top-down regulations often give people a false sense of security, so they don't bother doing their own research and 'watching their backs'. Regulations are also generally 'sticky', so many originators focus on bare minimum compliance, and there is a dearth of variety.
Another related problem is that regulations often inentivize ignorance; the originator is usually better off not learning about breaches, so they are not as vigilant as many users think they should be.
So how did the missing regulation helped in this case?
You also "forgot" to explain what is wrong with regulation about transparency(tell me what you pt in the food, tell me if you are tracking me, tell me if you are aware that my device has a defect)
But you are not helping anyone understand. You say, "if A, then B". But we look at reality, and we see that A is in fact the case, but B is nowhere to be seen.
The only thing that elucidates is that libertarian ideology is largely a fantasy.
As for why anyone would download this "counterfeit" copy of Xcode (quoting from TFA):
> XcodeGhost billed itself as faster to download in China, compared with Xcode available from Apple. For developers to have run the counterfeit version, they would have had to click through a warning delivered by Gatekeeper, the macOS security feature that requires apps to be digitally signed by a known developer.
Have you tried downloading large non-GFW files from China? You want to spend 6 hours updating xcode each time with a 1 in 3 chance of errors and failures?
Ir happens often when downloading electron from github while in Japan. Quite often I'll 'npm install' and then it's a 2hour download for what should be 20 seconds. All other western sites are working fine, just github's large binary files. Verified from multiple machines on multiple different networks around the city. Have reported the issue multiple times to github and they always claim "nothing we can do, not our problem"
The idea is to tear down the walls of the garden. In this case Apple advertises security and quality control as features of the fees for their required app store. If the garden is not actually more secure and the quality not actually controlled in reality than any other garden, then there will be an argument to allow anyone to start a garden on iOS.
Would an oligopoly (at worst) need to be strictly as bad as a monopoly though? I don't really care that the fight is mainly the one of greedy billionaires, as long as it reduces the prices for consumers.
Plus Epic does not really proposes the same kind of walls as Apple do. The worst they can do are exclusive titles on some typically somehow open platforms (and yep I guess they would take a deal to have an authorized store on a closed one, but for now I'm not sure such beasts exist anyway -- and again, why would it be worse than a monopoly?), they don't even sell only that, and the people they get exclusivity from had the choice to do something else anyway (without renouncing to whole platforms)
I mean, if you're against the monopoly it makes little sense to be for an oligopoly. Either you have tunnels that lead between different walled gardens, not really changing much except which company receives your money, or you tear down the walls of all walled gardens and users might just get attacked as they try to make their way over to the other walled gardens (that being 'free fortnite vbucks' scams).
Just like many comments on HN keeps arguing that Apple is better than Google because of privacy then Epic is the good guy in this because more walled gardens are better than only one even if it is still not open.
fine by me. If there's an EGS on IOS/Android, I can continue to ignore its existence and use the app/play store, while people who opt into that garden do what they need to do.
I don't care about which billionaire benefits the most, I care about options. IOS has zero options (that don't void your phone) if your app isn't approved by Apple.
Especially when one of Apple's main points is that the app store ensures a secure environment for their users to download apps. If they ended up verifying this many unsecure apps, then what's the point?
The developers, e.g. for WeChat, downloaded a copy of Xcode, not from Apple, but from a random third party, and when they ran it had to click through warnings about it being unsigned. Then TenCent uploaded their now hacked WeChat, compiled with the hacked Xcode, signed by them, to the AppStore. This is not Apple’s fault. This is on TenCent and the other developers who did this. The list of hacked Apps was published by Apple and linked to in the article.
This is a lot to unpack. Let me narrow it down here:
- Developers submit app to AppStore
- Apple scans it, manually reviews it, certifies it meets security, privacy, and quality guidelines
- Apple allows users to download the app from the AppStore
- Users assume apps on the AppStore are secure because Apple loudly proclaims this
- Users are infected with malware
And this isn't Apple's fault? Of course this isn’t a tenable position for Apple. There’s no way to catch everything. But they market this, and use it as justification for their walled garden.
> There’s no way to catch everything. But they market this, and use it as justification for their walled garden.
This is a valid point, and also the reason this particular attack is so interesting. Apple's system relies on holding people/companies accountable for submitting malware. Apple has the power to knock a company out of the App Store, so the company is incentivized to not push the limits. This hack is an attack directly on this relationship-based system. It's an attack on Apple's ability to punish. This doesn't make Apple's system worthless, just worth less.
Speaking of PR guys at Apple, I really miss the day when Apple PR were run by Katie Cotton. The genius in PR and marketing.
>Well, this Epic lawsuit...
And this is the issue that no one seems to be getting. Epic will lose. As a gaming company they never really have a case, I do admire them to have the courage to go against the largest cooperation in modern history. But it provide enough materials for their end goal for other parties, whether that is EU or US regulators.
I guess that depends on your definition of "modern history". Yes, Apple has a lot of cash, but is their current top corp based on value mean they are bigger in influence/effect on people's lives than others in history. I'm thinking AT&T pre-breakup, Standard Oil, rail roads, etc. I understand what the point the GP was making. It just sent me down a tangential bit of thinking. Ugh, and on a Saturday!
Interesting thoughts. I think a lot of this comparing Apple to the companies you listed is the wrong way to think about them.
First, it's not just Apple. The App Store/ecosystem concept is a newish concept, and probably needs completely new types of regulation outside of anti-trust. Apple, Google, MS, Sony, Nintendo, etc... are for the most part monopolies in their respective worlds, but fail at the traditional monopoly definition. Waiting for a company to achieve an AT&T or Standard Oil level level of power is an outdated way of thinking. Apple also doesn't have anywhere near that level of power.
>As a gaming company they never really have a case
given that individuals have brought up cases that ultimately landmarked as Surpreme court rulings, I have to say this is the oddest take on the lawsuit I've seen yet.
Their only end goal was to get a better outcome for themselves. It came out in the trial that if they had gotten the special deal they were seeking, you probably wouldn’t have heard a peep from them.
Somehow that seemed obvious to me without the direct evidence. I have no doubt that if the shoe was on the other foot, Epic would be super happy to be the gatekeeper taking in 30%>
No they wouldn’t. They already run their own store where they take 12%. Tim Sweeney has been a vocal supporter of open platforms/markets for many years. This action is costing Epic TONS of money. In no way does it make financial sense whatsoever. If you read the internal Epic documents from this case, it becomes quite clear that this is Tim Sweeney’s personal crusade against Apple.
The only reason they do that is because they are trying to break into Steam's near monopoly market position. They are not above anti-consumer practices like exclusives. I have no doubt that if they could, they would take that 30% cut.
Why would they choose 12% and not 25% or 20% then? Either of those would be better than Steam.
Calling exclusives “anti-consumer” is basically nonsense. Exclusives have been a mainstay of the gaming world for ages. The actual harm they cause to the consumer is minimal, no different than first party titles do (like Valve’s own Half-Life, etc).
- Epic marketplace has a few exclusive video game titles for their marketplace.
- Their games can be installed on multiple platforms.
- Also, there are dozens of competing video game marketplaces, each with their own exclusives. You can't play Zelda on PC.
Vs.
- There are only two brands of smartphones. Everyone is forced into this duopoly.
- iPhone is a device that doesn't let users repair it
- iPhone is a device that doesn't let users install their own software
- iOS forces all commerce through Apple's tax rails
- iOS prevents forming a relationship with customers as it gives businesses a disposable fake contact. These are "Apple's customers", not yours.
Businesses have two choices: fuck off and die of irrelevancy, or put on the Apple gimp suit and get fucked. There's no way this was ever legal. We've all just been gaslighted by Apple's mind-bending PR. They've constructed the biggest monopoly of all time.
Because I'm not trying to run my dating app on the Epic platform. And if gamer dating was my thing, I'd have twenty or so different market places to target.
Apple is the only game in town, and they bully everyone. Their rise to this position and stranglehold over all commerce was an illegal move that will be corrected by the DOJ.
Imagine if AOL controlled the Internet and all websites had to pay 30% to AOL. That's the world we live in with Apple.
Do you think Tinder would have caught on as a website? Apple trained people to use apps.
Furthermore, what about real time video transcoding? Apple kept their web browser purposely hobbled to force people into their dungeon. You can't use a multitude of modern, advanced capabilities with safari. How can I do advanced workloads in parallel, at high performance, in the background? I can't because Apple.
Tender interactions very much could work on the web.
You can’t do advanced workloads in the background with native apps on iOS. Apple strictly limits what an app can do in the background to conserve battery life. Safari doesn’t stop running in the background.
I don’t know about performance, but if someone could write a performant JS/web assembly transcoder that could run on the web, since iOS devices routinely trounce all Android devices with respect to browser performance, I’m sure it could be done.
>Tender interactions very much could work on the web.
it's not about what "could work", a 15fps game "could work".
it's "what is successful". And for a mobile audience, UI/UX engineers have spend decades determining that after a certain amount of lag, that experience is lost.be it for technical or political reasons, Safari and by extension, much of HTML 5 cannot meet this UX criteria. So an application has an massive advantage.
>but if someone could write a performant JS/web assembly transcoder that could run on the web
They've come far but are far from perfect. It's also moot in this case, since certain optimizations would need to rely on understanding Safari's infrastructure. Which is closed source. They can optimize it for webkit, but any web dev can tell you that interplatform quirks are the 2nd 90% of the battle.
If they could get a special deal, do you really think they would take the case to trial, spend the money and have as much of their dirty laundry become part of the record?
If they could get a special deal, they probably wouldn't have standing to take the case to trial, so they literally couldn't take it to trial.
I suspect they would still want to. My personal suspicion about the motivation behind this case is that it's not really about Epic Game's profit, but Tencent's. Tencent owns 40% of Epic Games, and owns a lot of companies who stand to make a lot more money if Apple's forced to open up the app store.
If I remembered correctly, this incident was actually widely reported in China when it broke out. It was cause by many iOS developers in China chose to download a counterfeit version of Xcode because the network connection from China to any foreign servers are so bad.
Though, it is true that Apple never disclosed the full list of compromised Apps or how many users are affected. Also, I am not sure that sending Emails to affected users would be effective. Most of affected users come from China, and a significant portion of them use phone number instead of Email to register App Store account.
> The infections were the result of legitimate developers writing apps using a counterfeit copy of Xcode, Apple’s iOS and OS X app development tool. The repackaged tool dubbed XcodeGhost surreptitiously inserted malicious code alongside normal app functions.
This was shown by Ken Thompson is 1984 I thought [1]
Besides it maybe not being Apple’s fault (except for not telling anyone) - it is maybe Apple’s fault because they explicitly state they are reviewing apps, and did not catch this issue. So they obviously have a huge blind spot and their customers were impacted because of it. Considering the scope and scale of the App Store and the massive revenues from it, it is also pretty hard to believe some better scanning or analysis software wouldn’t have caught this pre-emptively?
Since I remember the ‘Apple was not doing true binary level review’ coming up when I talked to an iOS developer literally a decade ago about the App Store (back in Android 1.1 SDK days) - he even mentioned this type of attack as a possibility - and they obviously haven’t changed that, there are probably a ton more like this out there that have slipped under the radar due to smaller scope, or less clear impact.
Short of Apple proxying and reviewing every byte sent out by an app, I just don’t see how this level of review is possible. It is like detecting virus or malware. Whether apple should have boasted about their review process or not is another matter.
There is no technology we have today, whether it is mobile, server side, Linux kernel or whatever that accepts random code from strangers (that is what you doing with pirated s/w) and detects intentionally written malicious code.
Why was there a counterfeit Xcode in the first place? Reminds me of how hard it is to download Xcode with the crappy App Store when not having the connection Apple engineers enjoy ...
> The infections were the result of legitimate developers writing apps using a counterfeit copy of Xcode, Apple’s iOS and OS X app development tool. The repackaged tool dubbed XcodeGhost surreptitiously inserted malicious code alongside normal app functions.
> XcodeGhost billed itself as faster to download in China, compared with Xcode available from Apple. For developers to have run the counterfeit version, they would have had to click through a warning delivered by Gatekeeper, the macOS security feature that requires apps to be digitally signed by a known developer.
Seems like a real world version of the Trusting Trust attack where the compiler is inserting malicious code.
The full Trusting Trust attack would be if you'd use XcodeGhost to compile Xcode and it actually makes another XcodeGhost that just looks like Xcode, right? Preferably you do this to the developer responsible for uploading the compiled Xcode to central download servers. After a while no one has the real Xcode anymore, it's been lost to time, but no one knows this.
Not accidentally. A malicious third party version of XCode injected the malware into the apps and Apple's vetting system failed to detect it. Apple eventually discovered it and decided not to warn its customers.
I mean accidental in the sense that the developer was not acting in bad faith. I don’t mean to defend Apple, it just annoys me that this is advertised as an iPhone hack.
Apple is claiming that their App Store is secure and rigorous. If developers (maliciously or not) were able to add code like this to their apps then doesn't that mean someone was able to hack the App Store verification process? And if they were, is it not Apple's responsibility to inform their users that their devices might have malicious apps?
What was added to the App code wasn't outside the bounds of acceptable code in apps, as far as I can tell. But maybe I missed something?
It just took some data from allowed phone APIs and sent it to a server, which is allowed. And maybe opened some other apps through deeplinking, which is also allowed.
How is a reviewer to know that the code in the app wasn't put there intentionally by the developer?
Maybe force everything through DNS and include a list of domains in the app submission. You might be surprised at how many people can connect when you include an IP in the app that couldn't connect via DNS though; if your user base is big enough, it adds up.
Does Apple give app developers an avenue to communicate security incidents to people downloading free apps if the app doesn’t require signing up with an email address?
Does that line of communication remain open after the app is deleted on the device?
If a comparable number of Xboxes were compromised through a game on Microsoft's own Xbox store then I would say that's an Xbox hack. It'd mean that the malware evaded the Xbox's security mechanisms (which are implemented at Microsoft's end when publishing onto the store).
For non-walled-garden platforms, like most desktop operating systems, a program being available for download isn't yet a bypass of any security feature. It'd have to do something forbidden like privilege escalation for me to count it as a OSX/Windows/Linux hack.
If Microsoft in numerous court cases had said the reason for the walked garden is because it is safe, then yes. But only Apple says that. This is not comparable to downloading for Windows but more like downloading malware from the Xbox or PlayStation store. Apple approved those apps.
So a few weeks ago I started an overnight copy of some files to my APFS encrypted backup disk. I came down in the morning to fine the filesystem corrupted.
iBooks won't sync ePub files I add manually.
<A bunch of other niggles, too many to list>
Now we find out Apple cares more about its image, than quality.
I've been wanting to move away from Apple for a while, but this finalises it. I'll be doing one final upgrade to the ARM chips, then putting effort into moving away. Including funding projects if needed.
This is a really bad look for Apple. It's clear they're not worthy of my trust.
Funny thing it was. I consider the current apple to have started with Jobs at NeXT. From Nextstep through to snow leopard they were fantastic and getting better every release.
Not so much now, they've found a cash cow and seem to be entranced by it.
Apple was the gold standard for software for most of the first 35 years (excepting a few years after 1995) of its existence. Apple used to hold a reputation for building the best software in the industry.
On a side note, sometimes getting older feels like being in a Twilight Zone episode. Like I woke up and, for some reason everyone is calling records and 45s 'vinyls'.
Or I mention 'Cary Grant' and people just stare at me blankly because his memory has been erased from existence.
This Apple comment is one of those moments: it feels like yesterday Apple's talent for software was common knowledge, and suddenly today I'm in a parallel universe where Apple has always created buggy garbage.
I am not saying that Apple has always built bad software.
I am saying that design is their forte and that their engineering culture is mostly focused around it, software is built to impress.
Their products are meant to be the final form, not a tool to build something else.
And this has implications for the quality of the code, fortunately they also inherited a lot from the Unix culture, but overall I've rarely been impressed by the quality of their software, and I've sometimes been appalled by it.
Itunes, Quicktime or the first iterations of OSX...
If we're talking about reliability post-2010 I fully agree with you. Let's just leave it there. I'm pretty sure I have two threads in my HN comment history (probably several years old) in which I argued against the view that iTunes and QTP started out bad. It's just not a topic I have energy to drone on about more than once a decade.
The 128M number seems to be new, but XCodeGhost was widely reported at the time (e.g. in the New York Times, BBC News, Wired, InfoWorld, Mac sites like 9to5Mac, and of course Ars Technica itself.)
I see only one other mention of it in the article (aside from the title) with zero additional context, and surprised to see zero occurrences of it here.
A Google search of “Apple brass” turns up nothing, as well, besides other references to this article.
Am I the only one that has never heard this term, and also curious by its reference in the article’s headline?
Anyone that has been in the industry long enough and has worked with Apple in any capacity knows that Apple is hostile to their users and their partners. Apple always does what is in the best interest of Apple. Everything else is just marketing.
> Apple always does what is in the best interest of Apple. Everything else is just marketing.
I don’t truly believe Apple is interested in user privacy as a core value but it is a hell of a differentiator compared to Google. On this topic, my interests and theirs happen to align for the time being.
Apple does a lot to actively destroy the privacy of iOS users, though. They assume you desire privacy from everyone but Apple. You can’t even get free iOS apps without giving them your phone number.
You can't get an Apple ID without giving a phone number.
Opening the App Store app transmits your hardware serial number to Apple, like a permanent supercookie, linking it to your email address and phone number and city-level location via client IP.
I'd much rather have multiple services, each of them isolated to the data that is relevant to providing their specific service than one service having it all.
I have no knowledge in general of this stuff, but my assumption is that your average company is horrible with security, but huge corporations dump tons of money into security (being a big target with the most users) making it more effective.
Not saying breaches never happen with apple or google of course, it's just less often than your trusty todo list app being pwned and your clear text passwords being dumped online.
You raise a very good point though. You can't judge the security of a company by any metric except their record. It would be interesting to have a registry that logs breaches, how severe they are, and give an overall rating to them.
Phone number is a valid point, but in many other ways Apple actively avoids collecting its customer data. Location data, Messages, Apple Card transactions, health and home, Siri are examples.
If Messages E2E crypto were backdoored, then why would the FBI take an interest in iCloud backups?
I too wish iCloud backups were E2E encrypted, but that is a very different claim from "Apple assumes you desire privacy from everyone but Apple." Apple knows you want privacy from Apple; their privacy policy is quite explicit about what data Apple cannot see.
iCloud Backup backs up the messages, or the message sync key in the case of Messages in iCloud being enabled.
iCloud Backup is not e2e encrypted, which means Apple either gets the full iMessage and SMS history (in the case of Messages in iCloud being disabled), or gets the e2e encryption key to decrypt the synced Messages in iCloud (which they already have, due to running iCloud).
Yes we agree that Apple has the technical capability of decrypting Messages that have been backed up by users who have enabled iCloud Backup, even if those messages were previously E2E encrypted. I think Apple should fix that.
Your link describes in detail what Apple can and cannot read. They seem to want their customers to know. So how did you conclude "Apple assumes you desire privacy from everyone but Apple?"
I belive that most users, after reading 202303 and Apple's public communications around privacy, would incorrectly conclude that Apple cannot read their iMessages.
Your link doesn’t say anything like that. It talks about how Apple was planning to add e2ee encrypted backups of iMessages to iCloud but instead opted not to offer them as e2ee backups.
If you don’t enable backups for iMessages, they stay on your device.
Nowhere does it describe a back door that the FBI has access to.
> If you don’t enable backups for iMessages, they stay on your device.
The backups are enabled by default, on your device, as well as the devices of everyone else you iMessage with.
For iMessage to be end to end secured, you need to turn off iCloud Backup on each and every device you have, and everyone you iMessage with needs to turn off iCloud Backup on each and every device they have. If either you or your conversation partner misses a single device, Apple will get either the message text itself in the backup (if Messages in iCloud is disabled) or the message sync encryption key (if Messages in iCloud is enabled).
In practice, this never happens. Non-e2e iCloud Backup is an iMessage cryptographic backdoor.
Key escrow for the FBI was a cryptographic backdoor during the crypto wars in the 90s, and it is still the same today.
Defaults matter.
Apple had a plan to secure it, and (I understand) a partial implementation. It was killed specifically to aid surveillance capabilities. If that isn't a backdoor, I don't know what is.
Your location data is sent to Apple with your IP 24/7 if you have Location Services enabled, as the device sends the visible wifi AP mac addresses to Apple continuously. It's not just passive GPS reception.
> With tight creative control of ads, an insistence on taking a 30% cut of all ad revenues, and a prickly attitude to sharing customer data, the platform won few fans in the media industry.
But iAd launched before their "protection of user privacy' stance. Not after it.
= They couldn't monetize it, so only after that they attack it and "protect user privacy".
> But iAd launched before their "protection of user privacy' stance. Not after it.
That's a disingenuous claim. While iAd did predate Apple pushing privacy as a mainstream marketing angle, it certainly did not predate Apple taking a strong position on consumer privacy. This had been a theme in Apple's corporate decisions for at least the past fifteen years, likely longer.
Furthermore your own quoted paragraph belies your own assertion. iAd failed in part because of Apple's "prickly attitude to sharing customer data".
Quotes from a contemporary article:
But advertisers became increasingly perturbed that Apple refused to give them access to the wealth of data iAd had on its consumers from Apple’s hundreds of millions of iTunes accounts.
Stefan Bardega, media agency ZenithOptimedia’s chief digital officer, told us: “iAd has long been a story of unfulfilled potential. Apple has unique customer level data that is hugely interesting to advertisers but has struggled to access that data in a way that doesn’t conflict with the core business.”
Another media agency ... said: “For me, they never understood that they needed to behave like a media owner, rather they could go it alone charging what they wanted, not sharing data, no third-party tracking...”
I didn't eliminate that from my quote?! Apple made their direction a buying argument after iAd, it doesn't mean they didn't had a stance before it.
If you believe Apple's marketing, how do you explain Google not bowing to China and therefore not bowing to China's influence, while Apple seems to be doing just that.
I didn't say that you did, in fact I explicitly said the opposite. I don't even know where that quote came from. I just pointed out that YOUR choice of quote contradicted your argument.
> If you believe Apple's marketing
I don't believe their marketing. I believe the profit motive, and I believe their actions they've taken in the face of Government and corporate demands for data access.
> Caring about user privacy shouldn't have exceptions, no?
You are falling into a weird self-defined trap of binary thinking. It seems you're asserting that in order to have concern for customer privacy requires privacy to veto literally all other concerns. I never said—no sane person has ever said—that Apple's concern for consumer privacy is their number one motivating directive. Everything is a matter of degrees; a matter of competing priorities.
Personally I don't pick Apple products to protect my data from my Government. I pick them because I want that pile of data to be siloed away from the likes of Google, Facebook, and the countless number of unethical data aggregators that I've never heard of. Apple's selfish commercial motivation to keep my data away from their competitors suits me just fine.
Put simply, Apple's functional concern for my privacy—regardless of the purity of their motives—works for me.
Isn't that the case for every company ?
Why would a company do something in the interest of the consumer if it was not in their interest ?
Competition is what's supposed to take care of this
In what sense? We're comparing proportions - I think that's fair. Unless you're also saying that a higher proportion of Apple users are more gullible (in which case you agree with me), I still don't understand your point?
Why would a company do something in the interest
of the consumer if it was not in their interest
There are many reasons, but if for no other: so that emails like this don't leak and cause you bad PR! There's a whole school of thought around being 'customer focused' that boils down to the Golden Rule (but in MBA-speak). I don't know how many 'customer focused' businesses really walk the walk; probably not that many in situations where doing so requires real guts.
Unfortunately it's possible for competition to not resolve things to the benefit of the consumer, that's where regulation typically steps in. I'm not necessarily implying that that's required in this case, just that things aren't as simple as competition == consumer wins.
Yep this. It's also standard operating procedure among Bay Area tech. They're great at feel good marketing but when it comes down to actions it's all about numero uno.
Things have most definitely massively changed in the last few years. They used to have to pretend to be the good guys. They are going to make gobs of money no matter what now and much less pretending is required.
This is the exact definition of a bullshit statement. Never pretend to speak for a loosely defined group of people that you DEFINITELY don't represent.
Huh? This wasn't an apple hack. This was developers using counterfeit xcode I believe, and those developers apps were then hacked using non-genuine development tools.
The lesson here is that it's probably important to do things like the non-apple battery warnings etc because the scammers and hackers will not stop attacking the platform.
Apple knew about a huge compromise of their users devices. Despite all of their marketing material talking about how much they value customer security and privacy, they made a business decision to not notify the affected users.
The lesson here is that you cannot rely on Apple to act in your interest if they think doing so will hurt them. Note that they aren't special here, any other company will probably act similarly, the difference is that Apple apologists would have you believe they, ahem, think differently.
> Apple knew about a huge compromise of their users devices. Despite all of their marketing material talking about how much they value customer security and privacy, they made a business decision to not notify the affected users.
Important thing to keep in mind is that the emails in the article were from 2015, not 2021. Apple was not marketing privacy as heavily back then as they do now. Not trying to justify their action back then at all, as I firmly believe they should’ve notified users, but context matters imho.
“I believe people are smart and some people
want to share more data than other people do.
Ask them. Ask them every time. Make them
tell you to stop asking them if they get tired
of your asking them. Let them know precisely
what you’re going to do with their data.”
I read what you said, I just think you're quite wrong. This (2012) was when they were first having to do damage control for Siri being so awful, and they had the whole series of ads on prime time TV talking about how it was private.
Apple has had privacy and security as a core part of their marketing since forever. They also had a whole set of ads and comments in keynotes about how secure and privacy focused OSX was, taking shots at Windows.
> Apple has had privacy and security as a core part of their marketing since forever. They also had a whole set of ads and comments in keynotes about how secure and privacy focused OSX was
I went back and skimmed through the past decade of Apple commercials, keynotes, and interviews by execs. After doing so I stand behind my point that privacy was not marketed the same pre 2017ish as it was after that. Yes, you’d see mentions here and they, but not until around 2017 did it become center stage and the apparent lens through how everything is viewed.
This is a very subjective thing though, so how about we disagree and commit?
Do android handset makers do these notifications? I mean - it's very likely that a LOT of chinese apps in particular (which these were) may have security holes, including ones that are there for govt purposes.
Did the directly affected companies do the notifications?
I thought Apple had sort of a separate setup in china (data center etc) to mitigate some of the issues there impacting the rest of their user base.
How? This is a simple case of "code execution results in code execution". iOS is already sandboxed, so the impact was limited. I'm not sure what you'd expect apple to do, other than have some sort of system that can detect arbitrary malicious code.
Check the liner notes of your monthly OS updates for sandbox escape and RCE fixes and you’ll understand the prevalence of the problem I’m trying to describe. Couple that with the fact that mobile OS software configurations are relatively highly standardized and very sensitive and valuable personal information is usually stored on mobile devices.
> Schiller and the other people receiving the email wanted to figure out how to shore up its protections in light of their discovery that the static analyzer Apple used wasn’t effective against the newly discovered method.
Yes, I totally believe that Apple did not know about NSInvocation and the half a dozen other ways to dynamically call methods.
The email is linked there and you can read it. Just because one team at Apple is aware of potential vulnerabilities doesn't mean that everyone at the company is equally aware.
Top management isn't there to act as some infinite well of knowledge, they're there to speak about issues that have been distilled down to them on a higher level with other relevant teams
What you're effectively saying is that Apple's "VP of Software" or something not knowing every line of source code in IOS is "not a valid defense"
> Apple did ultimately inform users that downloaded XcodeGhost apps, and also published a list of the top 25 most popular apps that were compromised. Apple removed all of the infected apps from the App Store , and provided information to developers to help them validate Xcode going forward.
> XcodeGhost was a widespread attack, but it was not effective or dangerous. At the time, Apple said that it had no information to suggest that the malware was ever used for any malicious purpose nor that sensitive personal data was stolen, but it did collect app bundle identifiers, network details, and device names and types.