
Apple Letter on iPhone Security Draws Muted Tech Industry Response - samfb
http://www.nytimes.com/2016/02/19/technology/tech-reactions-on-apple-highlight-issues-with-government-requests.html
======
AngrySkillzz
Of course the industry response is muted; this is the chilling effect that we
were all worried about. Most Big Co's don't want to put themselves in
opposition to an organization as powerful and well-funded as the US
intelligence apparatus. I'm sure they are all on Apple's side, but are less
willing to speak out about it because they fear the consequences.

If you're cynical, you might think that this case is all about setting
precedent and trying to scare one of the FBI's biggest opponents on the topic
of data security (Cook). We know they have other options for cracking the
phone in question (decapping, side channels, etc.). They want legal precedent
for installing backdoors, and they want to scare Apple and other companies out
of providing security features. No wonder those companies are hesitant to
speak up.

~~~
asgfoi
Do you think they choose to ask Apple to do this in such a public way, because
they are very confident the phone will contain information that will help with
the investigation, which will make a positive precedent about this method for
future requests, and also provide 'lobbying power' when new laws will be
considered?

~~~
dmix
The iPhone in question was his (government) work phone and they already found
a bunch of their other 'burner' phones in a trash bin, which they got access
to. I find it unlikely he used his work phone for planning when they
purposefully ditched other devices. Additionally, I doubt he knew the iPhone
encryption would block investigators from accessing the data, so the fact they
can't access it is most likely just coincidental that the device's battery was
dead.

But this is just speculation...

I'm definitely in the camp that believes this is a legal stunt by the FBI to
set a precedent using a highly publicized terrorism case which the public will
support. A previous All Writs Act claim in 2014 by the FBI for a credit card
fraud case involving an encrypted iPhone didn't change Apple's position on the
matter, so they are trying again with a higher stakes case.

~~~
asgfoi
Yes I agree. I can't be a coincidence. They deliberately picked the best
weapon in this debate, biased public opinion.

------
gtrubetskoy
What sets Apple apart from Googles and Facebooks is that it's the only company
that stores the data in way that Apple itself cannot read it. This is why the
others have little to say on the subject - there is no issue of a "backdoor",
because there is no wall to begin with when it comes to Google or FB, their
business model depends on reading and analyzing your emails and posts.

~~~
ignoramous
This just made me realise that Apple is a true "do no evil" company and not
Google, for all its technology powress and fancy marketing. A sad realisation
as I have been using Google products for almost everything-- they pitch up
everything under the F/OSS banner and it's so tempting.

I think I should consider moving to iOS pretty seriously. I had been
dismissing it for being over-priced and not being OSS. But the true fact of
the matter is, the extra cost might be worth it, because frankly, Android
without Google Apps and the Google Play Services is absolutely useless.

~~~
mordocai
They may be "do no evil" on privacy, but apple heavily pushes vendor lock in
and basically does everything they can to keep you from being able to easily
switch to a different vendor.

Google seems easier to switch from, they seem less concerned with vendor lock
in (don't get me wrong though, they still have some vendor lock in. Just less
than apple IMO).

I think in this case it is "choose your evil" and for a lot of people, for
good reason, privacy is going to win.

~~~
eridius
Google makes more money from iOS than they do from Android. Of course Google
doesn't mind if you switch hardware vendors, just so long as you keep using
Google products.

Also, I disagree with the notion that Apple "heavily pushes vendor lock in".
They certainly don't go out of their way to make it easy to switch, but I
can't come up with any examples off the top of my head where they're
deliberately making it harder to switch without having a good reason for that
decision. After all, Apple doesn't really have to do anything at all to keep
people invested in its ecosystem, since platform-specific software, by its
very nature, already acts as a form of lock-in, and iOS has a _lot_ of
software that other platforms don't.

~~~
weinzierl

       > They certainly don't go out of their way to make it easy to switch, but I can't
       > come up with any examples off the top of my head where they're deliberately 
       > making it harder to switch without having a good reason for that decision. 
    

Just an example for those that are not familiar with Apple devices.

You can sync your calendar, reminders and contacts with iCloud. But you don't
have to.

iCloud calendar sync is basically a CalDAV server. You can setup your own
CalDAV and sync with that if you like. On the iDevice you have to set the
parameters for your server which makes it slightly harder to setup than
iCloud, but that's just the way it is and not Apple's fault. There are no
other stumbling blocks to make it more complicated than it needs to be.

Once set up it works like a charm. I can say "Hey Siri, remind me to buy
pasta" and a split second later I have a new VTODO on my CalDAV server.

~~~
roghummal
What do you use as a CalDAV server?

~~~
weinzierl
Simple Radicale[1] setup behind an NGINX proxy.

[1] [http://radicale.org/](http://radicale.org/)

------
mmaunder
We came out and vocally supported Apple on our blog yesterday. The response
from our customers, mostly consumers and small businesses, was overwhelming.
Many long comments and passionate views.

[https://www.wordfence.com/blog/2016/02/wordfence-supports-
st...](https://www.wordfence.com/blog/2016/02/wordfence-supports-strong-
encryption/)

I'd encourage every other tech company who has the ability to talk about this
(in other words you don't sell to the intelligence community), to also inform
your customers and take a viewpoint on this issue.

This is obviously nothing new, but we're finally at the point of inflection
we've all been anticipating. If Apple caves, it will set a precedent that the
government can use a law from the 1700's (and anything else they can dredge
up) to force surveillance and backdoors on tech companies in the name of
security. For startups alone, even if you ignore the chilling effects and
impact on privacy, to simply comply could be onerous enough to hurt
innovation.

~~~
danielsiders
We've done the same: [https://flynn.io/blog/against-forced-
updates](https://flynn.io/blog/against-forced-updates)

I also urge other founders and exec teams to join in. The best chance we have
of stopping this is a strong show of agreement across the community.

------
georgespencer
I'm not really surprised that other companies aren't coming out of the
woodwork to make themselves targets. It's clear that in the main they will
hold similarly strong views to Apple, but any PR worth their salt will not
want the CEO of a company not implicated in something as politically charged
as this to enter into the discussion.

For those who oppose this kind of behaviour by the US Government, it's a
relief that they picked on Apple: a company with strong opinions about this
topic, and the financial wherewithal and gumption to oppose it as robustly as
anyone.

~~~
vbezhenar
This doesn't sound as a freedom of speech but more as oppressive government.
Something wrong if people don't want to express their opinions because of
fear.

~~~
mcphage
> Something wrong if people don't want to express their opinions because of
> fear.

Not people—companies.

~~~
BEEdwards
They have the same free speech rights as people, so companies arguably do have
opinions.

~~~
mcphage
They do, but the implications of their fears are different.

------
musha68k
Even with all the recent "featuritis" on the software side the unchanged
simplicity of Apple's business model makes me totally fall in love with them
again.

 _Tim Cook is the only one doing the right thing here._

~~~
AndrewUnmuted
> Tim Cook is the only one doing the right thing here.

Because it was Tim Cook who was dragged into this mess. What if the shooter
had an Android phone, rather than an iPhone? I'm sure Lary Page would be
penning a similar letter, in that situation.

~~~
vinceguidry
Hah, that's a laugh. If it were an Android phone, the feds wouldn't have had
to call anyone. They'd have just broken the device's security and gotten what
they wanted.

Only Apple takes security _seriously_.

~~~
davidamarquis
This is a recent development. Apple only started to care about iOS security
around 2012 for example.

~~~
05
Oh really? iOS has page-based executable code hash/signing since at least iOS
2 (2008); Android still doesn't have any runtime code integrity protections.

~~~
jayd16
Of all the random security issues in the past 8 years you'd be hard pressed to
find one where this was relevant.

------
blinkingled
Gotta love how some are using this as a marketing tool for Apple! For quite
some time after Snowden we know well that Microsoft and Google at least
believe the same as Apple - you can wax judgmental over strong or weak, loud
or muted but fact of the matter is it is quite well known through their
actions that both MS and Google are in opposition to government back doors and
sweeping collection of information.

But yeah all that be damned - let us see how quickly we can paint the other
teams in gray. Let's also ignore that Google's CEO basically agreed with
Apple's and if someone brings it up let's dilute it - not strong enough words
and it's on Twitter!!

Oh and while we are at it let's jump to the "you're the product" bandwagon as
well especially when it isn't relevant to $subject at all. Clearly since
Google and MS sell your data (whatever that means) they don't care about your
privacy right? I guess Google forgot about violating your privacy if you are
using ChromeOS - [https://www.chromium.org/chromium-os/chromiumos-design-
docs/...](https://www.chromium.org/chromium-os/chromiumos-design-
docs/security-overview) ?

Microsoft also forgot to violate the privacy expectations of their Irish
customers I guess -
[https://en.wikipedia.org/wiki/Microsoft_Corporation_v._Unite...](https://en.wikipedia.org/wiki/Microsoft_Corporation_v._United_States_of_America)
?

And yes let's also imply that since Google and MS can read your email -
getting that to the government is no big deal for them! It's the same thing
right - government's just gotta sign up for Bing Ads and Google Ads?

~~~
draw_down
"This is an Apple marketing ploy" is the absolute dumbest take on this issue.
Please drop the tech horse-race bullshit for two minutes, sheesh

~~~
phasmantistes
That's actually not what blinkingled said. They said that some people here are
_using_ it as marketing for Apple, not that Tim Cook or others at Apple
intended for it to be taken that way.

------
mediocrejoker
Don't Twitter, Facebook, Amazon and Google all make most of their money by
having access to their customers data? Of course they're not as supportive of
privacy as Apple.

~~~
georgespencer
This isn't the same thing at all.

~~~
unethical_ban
Yes, it is. Apple's fight with the US is based on the fact they facilitate the
encryption of user data so that even Apple doesn't see content.

When the other titans don't have that feature, they have less of a stake in
the argument at hand.

~~~
blinkingled
Is Google or Microsoft's business model dependent on selling your info to
anyone other than themselves? Do you think if they did that they would stand
to lose business?

Their business model is to sell ads to 3rd parties based on the information
they have about you. Selling your _info_ itself would be detrimental to their
business.

~~~
unethical_ban
Gmail skims the contents of emails and uses them for targeted advertising.
Same with searches of all kinds, and any other data they get from you.

Google's targeting would be less effective if they gave everyone PGP keys and
locked themselves out of the conversations they host.

------
Outdoorsman
I think it's interesting to note that Apple has complied with requests from
law enforcement in the past...

Of the total number of requests, which Apple references here:
[http://www.apple.com/privacy/government-information-
requests...](http://www.apple.com/privacy/government-information-requests/)

> 94% were Device Requests--law enforcement seeking a stolen device

> 6% were Account Requests--law enforcement seeking personal information

> 27% of U.S. account requests received between 7/1/14 and 6/30/15 resulted in
> disclosed content.

> Less than 0.00673% of customers have been affected by government information
> requests

Interesting stats...

~~~
0xffff2
>I think it's interesting to note that Apple has complied with requests from
law enforcement in the past...

It's also very important to note that preview law enforcement requests are not
in the same scope as the FBI's request published yesterday. All of the
information disclosed above is data held _by Apple_. The new request is for
Apple to commit development resources to produce brand new software, not just
turn over data.

~~~
MCRed
Brand new software that-- and this seems to be missed in the wider
discussion-- may be impossible to produce. It may not be possibly for Apple to
comply. For instance, you can't install firmware on a locked phone.

~~~
5ilv3r
My interpretation was that it would affect future iphones, not current ones.
This is less to do with what was said, and more to do with what is practical.

It would be absolutely trivial to disable security features before selling to
the customer. Afterward is more difficult.

------
tlrobinson
Except on Hacker News where it received the most upvotes of all time by a
margin of nearly double...?

~~~
allsystemsgo
HN is just a forum. I think this article is referring to official PR
statements from major tech firms.

------
digi_owl
Wonder what the NYT's headline would be if it was Google that has gone out
strongly.

~~~
rm_-rf_slash
Google doesn't care. They're the "if you have nothing to hide you have nothing
to fear, and you better not fear advertisers, because we just told them all
about you" crowd.

Few years back Cornell University adopted Gmail for their staff and faculty
under the condition that the company wouldn't data-mine the emails. Google did
anyway. Now we use Outlook.

~~~
karlshea
Google does care in some cases, a couple of years ago they started encrypting
links between their datacenters because the NSA was snooping on internal Gmail
traffic.

~~~
CaptSpify
The difference is: Apple is putting their money where their mouth is. Google
only fixed that after they got caught with their pants down. Apple is pro-
actively trying to prevent it from happening.

------
orionblastar
It may have to do with this: [http://www.wsj.com/articles/senate-intel-
committee-chairman-...](http://www.wsj.com/articles/senate-intel-committee-
chairman-working-on-encryption-bill-1455832584)

An encryption bill that is being worked on by the Senate that would try and
make it a crime to not help the government decrypt messages from smart phone
or other device.

Suddenly these courts find they can't get evidence to convict people if their
phone is encrypted and so are the messages. So they want tools to decrypt the
messages to get the evidence.

------
1024core
This is NYT supporting the Establishment, by mocking Apple's position.

~~~
CaptSpify
While I agree with you, it is sad to hear how quiet most of the the other big
players are

------
joolze
[http://www.zerohedge.com/news/2016-02-18/it-all-just-
publici...](http://www.zerohedge.com/news/2016-02-18/it-all-just-publicity-
stunt-apple-unlocked-iphones-feds-70-times)

------
gerbilly
Analogy: One kid stood up to the bully, and the other kids are waiting to see
what the consequences are before they pick a side.

------
amyjess
John McAfee has posted his response: [http://www.businessinsider.com/john-
mcafee-ill-decrypt-san-b...](http://www.businessinsider.com/john-mcafee-ill-
decrypt-san-bernardino-phone-for-free-2016-2)

As usual for him, it's hyperbolic and over the top.

It starts with this...

> This is a black day and the beginning of the end of the US as a world power.

And snowballs into this:

> And why do the best hackers on the planet not work for the FBI? Because the
> FBI will not hire anyone with a 24-inch purple mohawk, 10-gauge ear
> piercings, and a tattooed face who demands to smoke weed while working and
> won't work for less than a half-million dollars a year. But you bet your ass
> that the Chinese and Russians are hiring similar people with similar demands
> and have been for many years. It's why we are decades behind in the cyber
> race.

Yes, McAfee just said that the Chinese and the Russians are hiring people who
insist on smoking weed at work.

~~~
rm_-rf_slash
Not too far off. Obviously nobody would smoke at work for the same reason they
probably wouldn't drink, illegality aside. But, what people do outside of work
is their own business. If my boss started seriously inquiring about my vices,
first thing I'd do that night is update my resume.

I've considered federal work before but every time I think hard about it, I
keep coming back to the scene in Snow Crash where the fed works at a place
where every little action - the time you arrive, the time you leave, whether
you take the stairs or use electricity by taking the elevator - is scrutinized
and judged. Yuck.

~~~
Jtsummers
> I've considered federal work before but every time I think hard about it, I
> keep coming back to the scene in Snow Crash where the fed works at a place
> where every little action - the time you arrive, the time you leave, whether
> you take the stairs or use electricity by taking the elevator - is
> scrutinized and judged. Yuck.

Wasn't that the corporate guy that did that to his employees? Intruding into
their homes, even?

I can't speak for all federal jobs, but I doubt any involve anything like that
level of busybody-ness unless a _very_ high level of security clearance and
access is involved.

~~~
rm_-rf_slash
I was being hyperbolic, but the point remains: I don't want to work in a place
where my behavior outside of work - as long as it has no effect on my
performance and/or publicly embarrasses my employer - is a part of the
evaluation regardless.

------
peter303
Who is stronger Corporations or Government?

The largest company by revenue would rank 28th in largest country in world by
GDP.

