Comment by InsomniacL
1 day ago
malicious compliance.
Providing access when ordered by a court is not as secure so we're removing all encryption?
1 day ago
malicious compliance.
Providing access when ordered by a court is not as secure so we're removing all encryption?
"If we can't provide this product legally, we're not going to provide it at all" ends up being the only reasonable position in situations like this.
At least this way doesn't compromise users in other countries.
>Providing access when ordered by a court is not as secure so we're removing all encryption?
Providing a back door for one government reduces the security and privacy of the service worldwide.
This decision keeps the security and privacy for the rest of the world. Sucks for the UK that your politicians decided to go this route.
End-to-end-encryption-except-when-the-UK-government-is-interested doesn't have the same ring to it, liable to damage the brand ....
FWIW people always put too much trust in E2EE where they didn't control either end. This was a loooong time coming.
It’s not really end to end in that sense. They don’t get the key, they just store opaque data for you.
The only way apple could get your data is to push code to your device to steal the key.
1 reply →
People aren't going to use your self-hosted E2E tools on a wide scale. We've been down that road. Best to secure the systems people already use.
the whole point of ADP is that they cannot provide access
Yes, the parent commenter missed the part where Apple cannot see the encrypted content when ADP is used.
But Apple could say, you have 45 days to remove it or we will delete it, then you have to resync your data.
4 replies →
I'm not suggesting Apple should be able to see the content, I'm saying the Police should be able to, when they have a valid court order issued in accordance with the legislation.
For example, A 'Personal Recovery Key' could be recorded in a police database. To gain access to 'encrypted' data from Apple, a court order is needed, once they have the encrypted data, they can unencrypt it using the key only they hold.
There's lots of ways to skin a cat.
4 replies →