1. 76
    If Zoom Is Wrong, So Is Apple privacy security sneak.berlin
  1.  

  2. 18

    I applaud Apple’s approach to privacy, http://www.apple.com/privacy I was shocked to learn that coming from one of the largest corporations in the world, they are pushing the correct approach to privacy. Control of the private key.

    Zoom has been caught lying the past and has very fishy claims and ostensible practices. https://www.schneier.com/blog/archives/2020/04/security_and_pr_1.html So this is not a fair comparison in my opinion, but I do agree with the author’s principals and reasoning.

    1. 10

      The exact problem is that in this case Apple does not give ‘control of the private key’ to the consumer.

      (It’s not clear in this article, but I believe this is specifically limited to iCloud backups of iOS devices, and that it can be resolved by turning that feature off. This is an important issue to me and I’d appreciate more info if anyone has some.)

      1. 5

        I understand, iOS does not give control of the private key to the user, even more, the software used for messaging is highly proprietary and locked down. thanks for the correction, I was jaded by their slick marketing webpage.

        Does apple have the ability to decrypt user’s imessages? Up until now, I was going on the assumption that imessages were encrypted similar to signal.

        1. 7

          Apple has the ability to remotely install any software on your phone that they want, and therefore exfiltrate any data that they want.

          1. 2

            I don’t think that quite follows… Apple has the ability to install a new OS, and it has the ability to install apps, but both have limitations. I’ll deal with each.

            1. OS. If Apple is willing to build a custom version of the new OS and serve that to you when it serves a new OS to other people, then your custom OS can do exfiltrate anything. That’s a high bar though.

            2. Apps. Apple can install apps on your device at any time and perhaps silently, but those apps are subject to the security regime enforced by the OS version your phone already runs, which is one that countless researchers have checked as carefully as they can. The installled app won’t have the ability to exfiltrate any and all data belonging to the system or other apps.

            The past is immutable. Apple can write any code, but noone, not even Apple, can travel into the past.

            1. 2

              OS. If Apple is willing to build a custom version of the new OS and serve that to you when it serves a new OS to other people, then your custom OS can do exfiltrate anything. That’s a high bar though.

              Why would it have to be a custom version, and why would it have to be timed with the release of some other version?

              Apps. Apple can install apps on your device at any time and perhaps silently, but those apps are subject to the security regime enforced by the OS version your phone already runs, which is one that countless researchers have checked as carefully as they can.

              Which is not carefully at all because they can’t audit the code.

              1. 2

                Apps. Apple can install apps on your device at any time and perhaps silently, but those apps are subject to the security regime enforced by the OS version your phone already runs.

                Security engine works with rules, and those rules on apps are set by Apple. Safari is the only app that has JIT permissions, there is no reason why they couldn’t do that for a rogue app.

                1. 1

                  Are you saying that iOS has a permission that permits apps to read other apps’ data? Or rather that some future version of the OS could hypothetically add such a permission that would, further in the future, enable silently installed apps to read other apps’ data?

                  If the latter, then it’s a special form of the statement “product X is bad, because it could in the future be modified to do bad things”.

                  1. 1

                    Cursory search says that it does exist. Though I’m not a iOS developer by any means.

                    1. 1

                      I’m not either. A friend who is says that capability doesn’t really exist any more. It once did and still has a name, but since deprecation the name is all it has.

                  2. 1

                    And they have done this before. For example, the “Clips” app which is distributed through the AppStore has immediate camera access without prompting the user, I believe, because the app ships with a code sign entitlement that grants unprompted camera access. A regular iOS developer would never get Apple to sign such an entitlement, but as the Uber screen capture entitlement scandal proved, some developers are more equal than others.

              2. 1

                From Apple’s own iCloud security overview page:

                If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages.

                Apple has the key to your backups, so they can access the iMessage key, rendering the so-called E2EE useless. If you disable iCloud backups, your messages can still end up in other people’s backups.

              3. 4

                You’re correct. iCloud backups can be retrieved by Apple. Using iTunes for backups is still safe. iCloud Photo Library is not end-to-end encrypted either, but that provides major usability benefits (like being able to see your photos from iCloud.com just like the competitor, Google Photos).

                This is the one major flaw with Apple’s privacy strategy for “average Joe” users. I think that having iCloud Backup on by default is great (losing your phone isn’t such an issue anymore), but it would be great if there were at least an option to encrypt it. Is the idea that people who lost their phone and forgot their password (because they never use their password after setting up their phone) would want access to the backups? That’s my only guess.

                1. 3

                  Why would they? An average customer does not understand what a private key is. If you give out private keys to end-users and they lose them you are going to end up with massive data loss. Apple does the right thing. This is not perfect but it works for most cases. The other end (no unauthorized access to private keys) of this should be guaranteed by the law like in the EU. It is unfortunate that the US has the Patriot Act but it does not mean that you could have a chance against the US gov agencies even in the case of privately stored private keys.

                2. 5

                  I was shocked to learn that coming from one of the largest corporations in the world, they are pushing the correct approach to privacy. Control of the private key.

                  I’m shocked that you trust one of the largest corporations in the world to live up to their promises on this - or any other - issue. That implies you ascribe morals to the corporation, an organisation without morality. In the end it implies you assume Apple corp. would rather go down in flames (i.e. be forced to pay fines even they could not shoulder, being forced to split the company, etc.) than allow a bunch of TLA’s to do some harvesting.

                  It isn’t that single out Apple here, I don’t think you can trust any of these entities and should act accordingly with data you don’t want to get in the wrong hands. For most people this won’t matter but if, say, you’re a dissident writer in Hong Kong or you happen to have proof of what really happened to Epstein it would be foolish to simply trust those data to an iDevice in the assumption that they’re safe for any adversary.

                  1. 3

                    I was shocked to learn that coming from one of the largest corporations in the world, they are pushing the correct approach to privacy. Control of the private key.

                    The reason gigacorps don’t care about privacy is because most of them rely on siphoning your information for profit. Apple don’t, since they sell premium hardware and fashion accessories. That’s why Apple can give users more privacy.

                    1. 1

                      They are still trying to maximize their profits, and data is “the new oil,” so giving users privacy is not a viable path even for Apple. Marketing the idea of privacy on the other hand is a viable strategy.

                      Am I missing some substantive difference between Apple’s privacy policy and that of other tech companies?

                    2. 4

                      This makes so little sense to me, I think I might be parsing it wrong.

                      1. 2

                        Who has control over the private key? Steve has always been a pioneer in taking control away from users. Even if they claim the key resides on the device, this is far from the user controlling the key. The actual correct approach to privacy would have to give real control to users, and Steve could not be farther from this.

                      2. 10

                        And? Why do we need to discuss iCloud in reference to zoom?

                        1. 24

                          I think the author’s idea is, “why do we hold other companies blatantly accountable (like Zoom), and not Apple?”

                          1. 26

                            I guess I don’t see the need to equivocate both. They’re different threat models and different situations.

                            If the goal is to attack icloud, just note its flaws. Just like people did when they originally were known. Zoom is in the line of fire due to their current issues. If we’re going to start “yes and”ing every security failure I’m ditching both of these tags in lobsters. It is as bad as the constant arguments about countries doing bad things and hearing people bring up every other countries other problems as reasons why we shouldn’t care. We can legitimately care about both without constantly comparing between companies or countries.

                            The constant comparison really rubs me the wrong way like propoganda at derailing conversation away from the actual problems on their own merits.

                            1. 12

                              The one-word-ism for this is “whataboutism” and I too would like to see lots less of it all over the internet, but especially here!

                              1. 4

                                this type of argument is a critique of media and our collective ethical standards, rather than a critique of the situation as such. there’s nothing wrong with this type of critique, and i just as often see people dismissing such valid forms of critique as “whataboutism,” thus derailing the conversation away from examining media and ethical standards.

                                this goes for /u/haldean’s comment as well

                              2. 12

                                we’re holding zoom accountable? huh?

                                1. 1

                                  “accountable”

                              3. 4

                                Zoom and Apple are both companies that claim to be end-to-end encrypted, yet this person is claiming that they are not.

                                1. 19

                                  Apple does not claim to be end-to-end encrypted for backups or notes or photos or videos. Apple’s own weasely KB article on the topic is linked from TFA.

                                  They also fail to mention that backups include your complete conversation history with everyone you’ve ever texted or iMessaged with on your device.

                                  This is me, shining a flashlight on that.

                              4. 5

                                A lot of these conversations overestimate how many people want to be the single holder of their private keys. Take an example of a technology that gets this “right”, bitcoin. Many people lose their wallets and therefore their money. That’s not an okay UX for a mainstream platform. Fancy telling your friend or family that all their photos and documents are gone forever because something happened to that USB key you said was important? In a worst case scenario I want to be able to bootstrap from an email login and maybe an SMS 2FA (yes really). I realise that my threat model is not your threat model, but the crypto enthusiast’s isn’t the same as most of Apple’s customers either.

                                And after all, if you don’t trust your software provider (the same company in the case of Apple), how will you ever input and use your super secret key material?

                                1. 2

                                  This matters because it affects how organizations that create software make product decisions. If 5% of the users of some software system are principled cypherpunks/people actually doing something illegal or socially punished, and 95% are people who don’t really get encryption but would be upset if all their family photos were lost with no way to recover them, then the people making that software system will make more customers happy if they retain copies of the customers’ private keys than if they don’t. And it’s hard to say that the people who are more concerned about losing their phone than about the Apple corporation possibly decrypting their personal data for the cops if subpoena’d are wrong, even if that’s not the tradeoff I would make.

                                2. 4

                                  I agree that the privacy ramifications of using iCloud Backup should be better documented. It would be absolutely great if those backups were encrypted by default. However, unlike with Zoom, you can use your own Mac as a backup machine at home with iTunes Wi-Fi Sync or a Lightning cable and sidestep the issue entirely.

                                  E2E encrypted device backups should be the default, but I’m fine with iCloud Photos not being encrypted because I find iCloud.com very useful. My phone uploads every photo I take to iCloud and I can download ones I want from my computer without having to plug in my phone and do a libimobiledevice transfer.

                                  Also, if you’re going to be taking and sharing nudes or other very sensitive photos, the default iOS Photos app and iMessage probably aren’t the way to do it. There’s only one hidden album and iMessage has no media hiding or disappearing message functionality. Use something like Snapchat that is isolated from your device photos and is designed for disappearing media sharing. Snaps (but not text chats) are already end-to-end encrypted unless another recipient uses the report button.

                                  1. 9

                                    Use something like Snapchat that is isolated from your device photos and is designed for disappearing media sharing.

                                    .. and why should one believe that they really disappear? don’t share things you don’t want to get leaked is the only thing which really works.

                                    1. 6

                                      Of course. You have to trust Snap’s privacy policy since the client software is not under your control. And the best solution is just not to take sensitive photos, but people already do.

                                      Here’s the thing with nudes in particular: most people’s threat model doesn’t involve the NSA. For most realistic purposes, having some federal law enforcement or intelligence agency see some sensitive photo of yours is not consequential to your real life. Most people’s threat model is against people they know in real life—people who could publish or share that photo and cause serious harm.

                                      1. 3

                                        Most people’s threat model is against people they know in real life—people who could publish or share that photo and cause serious harm.

                                        and nothing prevents them from taking screenshots. it’s like with DRM for movies which got circumvented by camrips ;)

                                        1. 7

                                          Sure. I’m assuming that you trust the person you’re sharing with. Snapchat just eliminates the evidence for when you’re scrolling through your iMessage history in front of someone else and something sensitive comes up by accident or another situation in which having the photo accessible on your phone is a problem.

                                          It’s definitely not perfect, but it’s much better than iMessage and the stock camera app.

                                          1. 1

                                            and nothing prevents them from taking screenshots. it’s like with DRM for movies which got circumvented by camrip

                                            so I tried taking a screenshot of a scene in Hulu on my iPad and every time, I only got a black bitmap saved. That indicates there is a way to prevent screenshots in iOS and at least Hulu (probably others) have access to it.

                                            1. 1

                                              like i’ve written, then it’s done with another camera :)

                                      2. 8

                                        I agree that the privacy ramifications of using iCloud Backup should be better documented.

                                        That would work if it were only your own messages you were leaking when having it enabled, but you’re not: you’re leaking your conversation history with everyone you’ve ever talked to. I, as a message sender, have no way of knowing that when I iMessage you my address (theoretically end to end encrypted, right?) that your phone is going to upload it encrypted to Apple/FBI that night when you plug it in and go to sleep. It’s a public hazard.

                                        Also, if you’re going to be taking and sharing nudes or other very sensitive photos, the default iOS Photos app and iMessage probably aren’t the way to do it.

                                        That ship, for millions of people, sailed a long, long time ago.

                                        This isn’t a helpful or useful statement, and it comes across as being out of touch with the way that most people use phones and computers. This is like saying “people shouldn’t have sensitive conversations on Zoom”. No, Zoom (and Apple) should fix their dangerous cryptosystem.

                                        Imagine if we took this approach with vehicles: “Also, if you’re the kind of frail person who can’t handle a skull fracture, riding in $CAR_BRAND_X isn’t the way to get from A to B”.

                                        That’s called a defective car.

                                        1. 5

                                          That would work if it were only your own messages you were leaking when having it enabled, but you’re not: you’re leaking your conversation history with everyone you’ve ever talked to.

                                          Agreed. I think you’re right that this is an issue.

                                          That ship, for millions of people, sailed a long, long time ago.

                                          This isn’t a helpful or useful statement, and it comes across as being out of touch with the way that most people use phones and computers. This is like saying “people shouldn’t have sensitive conversations on Zoom”. No, Zoom (and Apple) should fix their dangerous cryptosystem.

                                          So maybe we have a different understanding of “the way that most people use phones and computers”, but I do think that most people I know already use Snapchat for sensitive photos instead of iMessage. The issue with iMessage isn’t that it isn’t secure against the government and Apple (most people don’t really care about that), it’s that it isn’t secure against a family member or someone who takes your unlocked phone and looks around.

                                          Again, I don’t disagree with you on principle, but I do think that the issue is not relevant to “most people’s” threat models.

                                      3. 6

                                        End-to-End doesn’t make sense in this case, because the other ‘end’ is a future version of yourself.

                                        A faithful equivelant to ‘end-to-end’ in context of a backup is “Is it encrypted at rest with keys only I have access to”. And the answer to “Are Apple iCloud backups encrypted at rest with keys I control” is: “Yes, but..”

                                        Yes Apple iCloud backups of photos/contacts are encrypted on apples servers, by keys that are yours, it works similarly to iMessage’s in that theres a keyring of unlock keys. But there is nothing stopping apple from intercepting decryption events and keeping a copy for themselves, or lying to people about having encryption features at all.

                                        This is how the 2FA works, it requests that another machine that has a key is granted a token to unlock the ‘vault’ of contents in iCloud, then you can basically used the unsealed version of the data for the session. When you open a new session you either have an unlock token or you don’t.

                                        So, for apple to add their own key to a keychain everytime they unseal a vault is relatively trivial, it’s impossible for you to know what unsealing keys are on your keyring. you can see what apple shows you (devices attached to your account, sessions active on the web etc;) but there’s nothing preventing them from adding themselves and not telling you.

                                        Ultimately when you don’t control the software or the platform, you only have trust left.

                                        1. 13

                                          Ultimately when you don’t control the software or the platform, you only have trust left.

                                          Picking out that last sentence because it highlights something that’s bothered me for a while. How many of us (software developers) have the ability to effectively audit the cryptographic tools we use on a day-to-day basis? Because it’s not enough to know C, or to have a rough understanding of RSA. Cryptography seems like a very intricate and fast-moving field, and even if you are competent, you need a lot of time to do a good audit.

                                          If I use open source software that I ‘control’, but I have to trust that people more competent than I have done their job well and made things secure, how does my position differ from that of an Apple user?

                                          1. 6

                                            End-to-end means that you have the key, you transport an encrypted blob so that anyone in the middle can’t see contents, then the receiver has a specific key to decrypt it.

                                            Whether the receiver is you in the future, your best friend on Tuesday, or an extraterrestrial in the past does not change this.

                                            1. 4

                                              Yes Apple iCloud backups of photos/contacts are encrypted on apples servers, by keys that are yours, it works similarly to iMessage’s in that theres a keyring of unlock keys.

                                              That is inaccurate. Backups are a special case where they get retrieved by a new device that has no keys whatsoever. The only authentication that is used is an account password, and sometimes a 2FA code.

                                              1. 10

                                                End-to-End doesn’t make sense in this case, because the other ‘end’ is a future version of yourself.

                                                Let’s implement some quick end-to-future-end encryption with GPG:

                                                gpg --encrypt --sign --armor nora@nora.codes file.txt > file.asc
                                                
                                            2. 3

                                              My first impression of this was “this guy has a lot at stake with nudes.”

                                              I agree with the idea that we should hold companies to the same standard and stop excusing big companies that we happen to like the product of (as a whole, not necessarily on the individual level). I don’t personally use icloud for anything other than text documents, but I can see how it would be an issue for sensitive information.

                                              1. 6

                                                In the category of data that people hold onto in their iCloud backups, nudes are probably the most sensitive and well-understood variety. I think it totally makes sense to invoke that as a way to remind people of the sensitivity of the data they’re handing over to other companies.

                                                1. 3

                                                  I don’t know if it’s a generational thing or if I’m just an odd guy, but I don’t have any nudes of myself or others. I would be more worried about any sort of tax forms, bills, recovery codes, etc that I was storing in text on iCloud.

                                                2. 6

                                                  My first impression of this was “this guy has a lot at stake with nudes.”

                                                  Indeed.