Comment by brookst
1 month ago
Notice is always good and Apple should implement notice.
However, "my data is being sent off my device" is incorrect, as GP explained. Metadata, derived from your data, with noise added to make it irreversible, is being sent off your device. It's the equivalent of sending an MD5 of your password somewhere; you may still object, but it is not factually correct to say your password was transmitted.
> It's the equivalent of sending an MD5 of your password somewhere; you may still object, but it is not factually correct to say your password was transmitted.
Hackers love to have MD5 checksums of passwords. They make it way easier to find the passwords in a brute force attack.
https://en.wikipedia.org/wiki/Rainbow_table
>> It's the equivalent of […]
> Hackers love to have MD5 checksums of passwords.
Hackers love not understanding analogies. :)
Hackers love to make defective analogies (especially redundant recursive ones) and invite sarcastic corrections to them.
Nobody responding seriously to this because you seem to have missed the part where GP said "with noise added to make it irreversible" and the third sentence in that wikipedia article.
Hackers don’t know about salts yet?
Bath salts yes, security salts, not so much.
> However, "my data is being sent off my device" is incorrect, as GP explained. Metadata, derived from your data, with noise added to make it irreversible, is being sent off your device.
Sounds like my data is being sent off my device.
> It's the equivalent of sending an MD5 of your password somewhere
Sounds even worse lol
It does not sound like that at all.
There is plenty of data on your device that isn’t “your data” simply due to existing on your device.
[flagged]
If the information being sent from my advice cannot be derived from anything other than my own data then it is my data. I don't care what pretty dress you put on it.
> It's the equivalent of sending an MD5 of your password somewhere
a) MD5 is reversible, it just cost GPU time to brute force
b) It is unproven that their implementation is irreversible
BFV has been proven to be irreversible, and Apple open sourced their Swift library implementing it, so it's not totally unproven.
https://github.com/apple/swift-homomorphic-encryption
Well that's what you're told is happening. As it's all proprietary closed source software that you can't inspect or look at or verify in any manner, you have absolutely zero evidence whether that's what's actually happening or not.
If you can't inspect it that just means you don't know how to use Ghidra/Hopper. ObjC is incredibly easy to decompile and Swift isn't much harder.