- Siri data
And more like health, home & payments.
While it's unfortunate that Apple couldn't compel China to run their government requests for data through the U.S. court system, in my view it is pretty amazing that they are "getting away" with keeping the most sensitive data end-to-end encrypted.
I mean China shut down WhatsApp last year and iMessage is of a similar level of security. Then again nobody really uses iMessage in China. They do use keychain.
I'd say people may as well forget about Apple's "privacy stance". It's nothing but smokescreen at this point (yes, even in the U.S.).
Could you support this claim please?
Re: iCloud backups you're correct. So far. They're about to release iMessages-in-iCloud though, which might obviate the need to include them in iCloud backups.
Still, you are correct that a determined adversary, potentially one capable of purchasing a quantum computer with enough quibits could factor the device key. It would be nice to see Apple move to a large enough ECC key which would improve security against quantum computing attacks in particular.
Did something change?
I won’t underestimate the rate at which they are developed though, it takes 2x the key size as the number of quibits to run Shor’s algorithm - ~2600 is a lot smaller than 4096, and even then who knows how much time we have until that happens.
Anyone concerned about privacy, the first thing they should be ensuring is they are NOT using iCloud backup.
Is that how iDevices work ? You do data backup with your mp3 player ?
Is there really no Finder equivalent on an iphone ?
Genuinely curious ...
So yeah iTunes is still a core concern when it comes to managing iOS devices of certain types. When iPhone came out the primary selling points included it being an iPod, were you there? I was. There is no way in hell they were going to let go of the signature usability boon that people relied on and made them rich.
So yeah, iPhone was managed by iTunes and for a long time it was the only way to manage media, contacts, etc. on it or do that sort of thing. iPad was included in this, as well.
Over time, alternative options for managing your device data and such have been implemented. Today you can use iOS devices without ever once connecting to iTunes if you want. Sure. On the device there is a file browser though it's semi sandboxed as you can imagine. You can backup to the cloud if you want hence this discussion. It's all independent. If you want.
However, iTunes still provides some very useful abilities. Besides offering a vastly improved UI for managing your media, it offers things like full image restores, deep encrypted backups (requiring no internet access to restore) and recovery features. You can place data directly into individual app sandboxes, or copy videos/music/etc. directly to device.
Despite what another commenter mentioned, I very much doubt these features will be removed. Maybe they will move out of iTunes. A long time ago there used to be a tool called iSync that was dedicated to device sync/interactions on Mac OS X and I could see that kind of approach being revived. It's very nice to have an OS provided, reliable way to recover a bricked phone, or recover backups without blowing an entire weekend of downloading/installing not to mention data usage restrictions many people still endure.
Anyway, TL;DR: you can use iTunes but you don't have to because history.
My guess is they're waiting for more complete coverage in terms of iCloud functionality and maybe security. But Apple has been known to pull the plug on "pro" functionality like this and/or remove functionality before the replacement was quite ready yet.
On macOS (I also use it on Linux, haven't tried on Windows):
brew install libimobiledevice
## to disable iCloud backups
idevicebackup2 cloud off
## if you want encrypted backups (native encryption)
idevicebackup2 encryption on -i
## backup to a folder
idevicebackup2 backup backup-folder
## restore from a backup
idevicebackup2 restore backup-folder
There are more utilities included:
idevice_id idevicedebugserverproxy idevicenotificationproxy
idevicebackup idevicediagnostics idevicepair
idevicebackup2 ideviceenterrecovery ideviceprovision
idevicecrashreport ideviceimagemounter idevicescreenshot
idevicedate ideviceinfo idevicesyslog
idevicedebug idevicename iproxy
brew cask install osxfuse
brew install ifuse
## mount your iPhone
## unmount, or eject using Finder
It seems that China would just need to do a bit of work but they still can get every piece of data on the device.
Unfortunately does not apply to regular iCloud backups or most other data. But a major step forward.
AFAIK I never had to define an encryption password for an iCloud backup only for local backups with iTunes which means that the device only needs my Apple account credentials to retrieve and decrypt a backup from iCloud as such China and for that matter any entity which gains lawful or unlawful access to your Apple account gets to have the keys to the kingdom.
I can download a backup from iCloud and unpack it in any device or use a 3rd party application to view to content of the backup and the only thing I need is the Apple account password used for iCloud.
- Apple security architect, in the aforelinked video, which you still didn't watch
iPhone has lost quite some market shares to local brands like Huawei, Xiaomi in the past few years, and more people are feeling local brands knows what people needs better. Having a faster service might actually help bringing back some market share.
Does this mean anything? You also breathe polluted air like "most people", do you want new fresh air then?
The reason of "__INSERT ACTION HERE__ won't practically have any impact on 'privacy' or 'human rights concerns'" is because "most people" unaware the importance of their privacy, NOT because their privacy is not important.
So, their is a choice to make: To make people understand the importance of their privacy; OR, continue selling this unawareness (to make people ignorant). Which way you go?
It's not that we are "unaware" of anything, we just don't feel the same way about privacy (and many other western values as well). Not that they're bad, we just don't believe they're so important. Sure you think you "know the importance of privacy", but that's rather just an opinion, not a fact.
In fact, another apparent trend in China is that people who have been studying and living in US for some time tends to become more agreeable with Chinese government afterwards.
Or you'd feel real different if you were a Uighur who lived in Xinjiang.
Right now, thanks to a growing economy, no one cares about rocking the boat, or what the government does. That will all change when China experiences its first deep recession, and like the US, the government will have no choice but to stoke dangerous levels of nationalism to deflect anger away from it, while ratcheting up the amount of control it has.
The official "social credit" system that the government wants to build is still at a very early stage right now, and it'll be no where close to what the western media imagined (or rather, hoped)
The fairy tales about Chinese social credit system denying loans because of private messages are malicious wishes of western media or Chinese activists at most
In China, you have this combined with a President who seems bent on keeping power forever (removing term limits), a party which aggressively blocks and filters anything critical of the government, the installation of key-loggers, face recognition cams, firewalls, and a huge system of monitoring social media, that should raise alarms when there is talk about a universal social ranking, as it's pretty obvious how easy you could end up with a low ranking from off hand joke about the government on Weibo. (https://international.thenewslens.com/article/65955)
I assume you've been living abroad for a while, so you must know we that aggressively criticize our own governments because we don't trust them to do the right thing, and there is ample lessons from history that proves that out. While the Chinese government wants to credit a social credit system to keep the population "honest", there is no "good governance credit system" to keep the government "honest". In the West, we have independent court systems to try and achieve that, as well as democratic elections. It doesn't always work, and corruption still flourishes, (good lord, the fucking Trump administration) but at least there's some attempted check on government power and corruption.
All I'd say is, a glass heart when China is criticized is probably not the best way to react, but I guess it may be the only way to react, since criticism of the government isn't really permitted publicly internally, the only Chinese widespread public criticism is from the external diaspora. My own feeling is that Xi is taking the country in the wrong direction and there appears to be no internal forces to stop him.
Anyway, here's an example of the hell of disputing these kinds of lists.
"Lawyer Li Xiaolin was also not given advanced notice that he was blacklisted.
In 2014, Li was sued for defamation and lost. A judge ordered Li to make an apology, which he submitted in writing in April 2015. Ten months later, when he was away on a work trip, he was blocked from buying a return flight home to Beijing. That’s when he found out he was blacklisted.
It took him another three weeks before an official told him why.
“The court said my apology was not sincere. I asked officials how they determined what is sincere.” Li said.
Eventually Li wrote a second apology and the court removed him from the blacklist in 2016. Then last year, he tried to get a credit card.
“The bank denied my application. I figured out that the bank might still have my name blacklisted and I was right,” Li said.
The bank updated its records the next day, but by that point, he had spent almost a year to fully clear his name."
Do you think you have to be super careful if you are in China and not to call Xi "Steamed Bun"?
Do you seriously believe anyone in China would get blocked of loans because a credit system is in place that assigns low score to anyone talking ill of the government?
That's what western media wants you to think. The truth behind these stories are usually a lot more complicated, but it's not in the interest of the media to unravel all the truth.
In fact, tons of people calls Xi "Steamed Bun" in China, it's like his nickname, I also do that myself.
And yes, a government blacklist do exists in China. It's totally reasonable you'll at least be denied of applying for loans if you made your way to that list. I couldn't find the reason why those Xie is on that blacklist (the article certainly downplayed that part, at least), but the article also said "Hu said the central government has not assigned any social credit scores to its citizens yet, but eventually there will be a financial credit score".
Did you see what that mean? At least these cases in the report do not have much to do with credit system because it doesn't exist yet. How things would turned out eventually is a guess, at most.
I've lived in US for quite some time, and saw tons of shit show. Why do American news media split into "Left" and "Right"? If you read reports from both sides, you'll almost see two entirely different world. And yet most Americans do not do so, they chose one side and read only what they want to believe. Is either side lying? Maybe, but not necessarily. News reporters just need to selectively report the truth that can reinforce what they believe. Magnify problems of the other side, and downplay anything that they found hurtful. That's just human nature
I'm sure you're aware of this, but I'd like to point out that U.S. (and many of its allies) has all those things as well, apart from the aggressive filtering.
At least China is up front about it.
The US has no regulation that requires the installation of spyware or face a fine or jail. China does (https://www.deepdotweb.com/2017/08/12/chinese-government-req...).
The US has no laws requiring firewalls to block or censor content from foreign countries. The US doesn't block VPNs and there is no law against them.
Yes, they try to snoop on communications, but in US domestic citizens and companies can resist with encryption and in the courts, and in general, a warrant is required for legal access. Having the NSA snoop on your conversations or use 0-days to hack isn't the same as being told to put security backdoors by the government and go to jail if you don't.
And "aggressive filtering" is your euphemism for the Great Firewall? I'd call sending to to jail for selling a VPN a little more than "aggressive filtering"
I've lived in China and to call it "aggressive filtering" is a pretty nice way of putting it.
There are some aspects of China's proposal which are good in regards to giving scores to businesses in an effort to regulate them, similar to independent reputation systems in the West, but it is the promises of "holistic rating of character" they've made and the comments about introduction of big data deep learning techniques that have people concerned. Even if intentions were completely benign, you could end up with something very bad.
The idea of using surveillance capitalism in a multipolar system is one thing, especially if there is a very transparent dispute system, but using it at the state level should scare everyone. People complain about being ruined by small tweaks to Google's ranking algorithm, but having a single ranking instituted by a government monopoly would be inescapable.
So what you consider "Important" may not be as important to them when you consider they may already expect society knows these things.
only reason gov doesn't care about imessage is either because everybody use Wechat or they know already how to read your conversations even there
The truth is, Chinese government treats foreign companies much better than local ones. Foreign companies are much easier to get loans and tons of other resources. But it certainly defines rules that all players in the market needs to obey. Do Chinese people buy Apple products because Cook has been sleeping with Chinese gov? Did Baidu, Tencent, and Alibaba all succeed because they followed instructions of Chinese gov?
Each time our wise government protects us from something unnecessary or dangerous (like ban on European dairy products or LinkedIn storing data abroad) we're only winning from this, as almost no one needed that anyway, and that now our own positions are even stronger, etc.
I can't help myself but find very close resemblance here. ;)
Sales in China have been expanding, though it goes up and down with new iPhone releases:
Samsung has absolutely gotten killed in China recently, but I don't think Apple has.
Apple is not doing poorly in China by any economic measure, but ya they don't sell many $200 Xiaomi/Huawei phones. I'm sure that Apple wins consistently based on phone sales revenue, even if they trail in total units sold.
The fact it's moving servers to China is most likely going to have positive effect on their sales, not negative.
The effect of iCloud moving will be mostly neutral. As long as WeChat continues to work on iPhone, whatever iCloud does won’t be very significant. I doubt most iPhone users in china even know what iCloud is.
apple devices are a few times more expensive than say Xiaomi, they thus stay in people's pocket for much longer. for shipment data, Apple's figure is not that fancy any more, they count for only 8% of the shipment in Q2 2017.
Before start to waste your time, the 8% shipment in China figure was >14% just 24 months ago.
To give you some extra details - I live in downtown Shanghai, as of writing, several months after IPhone X's release, I have not even seen the IPhone X yet as not any single one of my families, friends or colleagues has switched to that.
You are not the only one with this observation as well. Most of my friends and colleagues in different area of China had the same observation as well. I wonder why.
And may be given a lot of these phones are likely being used to do App Store Reviews, ranks, Gaming levels, etc. May be that is why we see them less around us but sales figure tells a different story.
For E2E messaging, you can use Wire which works even on iPads or iPod touch that does not have a phone number. Create an email-only account from a desktop PC at http://app.wire.com, then use that to sign into mobile device.
Google noticed the China government trying to hack in to Gmail accounts and said enough is enough.
Versus Apple handed the keys to the China government.
Services hosted outside the US by companies with presence in the US fall under Patriot Act which means US can spy on them any time without warrant, but ianal.
Even if the company has no presence in the US, there are only a handful of countries that would not bend over to hand data to US. That's why US doesn't need to block access to anything while China has to.
In China, you have no guarantees and no recourse. Torture, forced confession and retaliation against your family are all on the table.
That's why no one worries about US activists the same way they do about Chinese ones.
Such as moving those criminals and activists to Guantánamo Bay? Oh, Obama trolled to shut it down almost a decade ago after acknowledging its wide spread human right violations, why it is still in operation in the same shape and form? You are free to troll whatever you like, that is not going to change the fact that Guantánamo Bay is still being used for violating basic human rights.
liberal democracies? think about Guantánamo Bay.
Please stop spread your highly misleading non-sense. Let's don't even go down the paths of those weekly mass shootings in the US, when the constitution is basically denying their rights to live and the far right elements are calling for teachers to be armed on campus, what you can expect?
It’s unclear whether they’re committing to unlocking the device. Judging by the prior case, I’m not confident that they are?
You won't care about privacy until you've been on the receiving end of government interference in your life.
Need to store photos? Baidu disk and tons of other services provide much larger space with no cost, and much more affordable paid version. Wallet? almost everyone in China uses Wechat pay or Alipay now. Even App Store supports Alipay for purchasing apps. Maybe they can steal my contacts? If so, they would have all my Wechat and QQ contacts already, maybe even all the messages. While I do like more privacy, but it's basically at the bottom of my list of concerns.
People mention "Chinese activists", well, almost all of them don't even live in China. Rest assured their lives are not impacted as well
Apple and other mobile OS all incorporated so called Mobile Device Management features into their cores. With one or a few payloads pushed to your device, it could do fairly lot from install an app remotely to wipe it out (like find-my-iPhone).
I wonder what would be the case if China gov't asks. It could just be a small step forward in the whole Salami tactics.
Of course, for now, it requires enrollment of the device to a legitimate MDM server, but what will happen tomorrow?
At best you can say that Chinese users will likely be no worse off using iCloud than they would using any other China-based service. Unfortunately that is no consolation for anyone who might have sensitive data.
You can say better than that. iCloud is more secure than your average service (especially in China). It end to end encrypts the most sensitive data (keychain) for example, and iMessage has managed to stay alive so far.
I should also add that locked notes in iOS are end-to-end encrypted. Those are pretty easy to use for folks who are not "technically sophisticated"; you just unlock them with your face/fingerprint.
When you add that to secure keychain storage, iMessage (broadest end-to-end encrypted messaging system permitted in China), secure Siri data (imagine what a government could monitor if they owned the Alexa cloud)... Apple offers a significantly more secure service that is still easy to use by the general public.
I'm completely pro-privacy, but I need to ask: why would ordinary people's ordinary data need better security? Even if iCloud might be decrypted by the government. If it's data like bills, government issued photos of ID cards, family photos, it will most likely won't matter at all and the security is good enough, just like anything available.
Once you do have a reason to encrypt something, learning GPG, LUKS, etc. is not that hard or that technical.
Exactly. It could be something as simple as guilt by association. Even though you might not have done anything illegal yourself, you may have the contact information of someone who is on a watchlist or has been convicted of a crime. For example, China is looking into developing a social credit rating system, any association an individual has to persons who the government consider less reputable could have real impacts on their credit rating.
GPG, however, has proven to be virtually impossible to properly use and almost no one does, even in the hacker crowd.
It would be nice if Apple gave all of its Chinese iPhone users a nice big prompt that told them their iCloud/iMessage backups can be accessed by the Chinese government from that point forward, and maybe even tell them how they can disable it in the settings if they want to. It's the least Apple could do.
1. get vpn
2. create US icloud account
You can use it for free (you get 5GB of iCloud space, IIRC), but to be able to pay for services I buy US iTunes gift cards from ebay (mark-up about 1%). I can pay all Apple services with this, including iCloud storage and apps and music and movies.
It's a hassle, but it's totally worth it for me.