Hacker News new | past | comments | ask | show | jobs | submit login

How would it be guessable if you're hashing it with a random string?

Public keys are essentially trackable metadata if they're shared. The proposed hash of time + public key would be guessable if you had access to a particular public key. Apple certainly could get the public key.

They wouldn't know specifically what data was in the encrypted message, but with enough attributes (IP, time, Apple ID, etc) they could obviously gather a high-confidence amount of tracking data still.

I said "time and pre-shared key". The public key doesn't enter into it.

Sure - that's a solution - Apple's iCloud Keychain might work there also.

I don't use it and have some reservations as Apple’s iCloud services still do not provide end-to-end encryption.

I'd be interested to see what Matt Green has seen.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact