
Apple to Start Putting Sensitive Encryption Keys in China - tonyztan
https://www.wsj.com/articles/apple-to-start-putting-sensitive-encryption-keys-in-china-1519497574
======
chapill
Not surprised by this. Apple is part of the PRISM program after all.

I'm reminded of when the FBI demanded to crack the iPhone [1] Apple publicly
refused, then released an update to the secure element/fingerprint reader [2]
bricking phones, followed by a 'fix' [3] and then wow, FBI can crack the
shooters iPhone [4]. Gotta hand it to them. They put on a great show. Fools
most of the people all of the time.

[1]
[https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_d...](https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_dispute)
[2]
[https://www.theguardian.com/money/2016/feb/05/error-53-apple...](https://www.theguardian.com/money/2016/feb/05/error-53-apple-
iphone-software-update-handset-worthless-third-party-repair) [3]
[https://techcrunch.com/2016/02/18/apple-apologizes-and-
updat...](https://techcrunch.com/2016/02/18/apple-apologizes-and-updates-ios-
to-restore-iphones-disabled-by-error-53/) [4]
[http://money.cnn.com/2016/03/28/news/companies/fbi-apple-
iph...](http://money.cnn.com/2016/03/28/news/companies/fbi-apple-iphone-case-
cracked/index.html)

~~~
eridius
I hate to burst your bubble, but the phone the FBI was trying to break into
didn't _have_ a secure element. And the approach they used to finally break in
was supplied by Cellebrite, not Apple, and only worked _because_ it didn't
have a secure element.

Also, this has nothing to do with PRISM, it's just a consequence of a recent
Chinese law. Apple has two options. The first is to hand control of the data
over to a Chinese company (which is what they're doing). The second is to pull
out of China entirely (or at least, completely disable iCloud in China), which
would suck for Chinese iPhone users and wouldn't make them any more secure.

~~~
chapill
>the phone the FBI was trying to break into didn't have a secure element

That's unimportant. The important aspect is the update timing as well as the
changes obviously happening in the security architecture of iOS. That they
tangentially bricked phones with 3rd party repairs is just an indicator of
spaghetti code.

------
na85
Can we finally dispense with the "Apple is the defender of user privacy"
propaganda now?

As has _always_ been the case, Apple positions themselves as defenders of
privacy only when they don't have to stick their necks out too far, and when
it's convenient.

~~~
natch
You may have a valid concern (I say "may," because we still don't know all the
details of this arrangement in China).

But there is still a sharp contrast to be made between Apple and companies for
whom collecting as much private and personal data as reasonably possible is
fundamental to the business model.

Companies for whom you are the product.

~~~
izacus
Those companies rather skipped billions of dollars in profit than to help
Chinese regime. Apple decided to use their lockdown to assist in clamping down
on VPNs and other freedom of speech to make money. Putting these two on equal
footing is evil.

~~~
natch
You give Google too much credit. They were never going to make those billions
in profit in China; that game was over before it started, and they knew it.
They saw that the government would ensure that the local service companies
would get the vast majority of the pie.

So, Google and Apple aren't really on equal footing.

