I’m pretty concerned about what Apple is doing in China, but there’s no evidence at all that Apple is escrowing end-to-end encryption keys to the government. There’s also no evidence that the Chinese government is using Apple’s non-E2E keys (held in Apple hardware in a cage at a Chinese hosting provider) for mass surveillance. I’m not saying that it’s impossible: I’m saying if you could come up with that evidence, either through reverse-engineering or a verifiable leak from Apple, it would be the biggest story in tech. You would be famous and (if you knew the right hedge fund) probably very rich.
That Apple operates iCloud in every single country except China, where GCBD (AIPO Cloud (Guizhou) Technology Co. Ltd) operates iCloud, think I makes pretty clear what's going on.
That’s separate from iMessage, which is end to end.
Apple used to be able to access iMessages through iCloud backups. They changed their system worldwide, now they can’t. So presumably GCBD also lost access to iMessages in iCloud backups.
Apple can still read ~100% of all iMessages in real-time because iCloud Backup (non e2ee by default) serves as a key escrow backdoor in the e2ee of iMessage. It is thus legitimate to state that iMessage is not e2ee as in practice each iMessage is also encrypted to a key held by Apple (in addition to the endpoints).
Even if you turn it (e2ee iCloud Backup) on, it's ineffective, as both parties to a conversation must have turned it on for the conversation to be private.
The optional iCloud feature called "Advanced Data Protection" is currently an opt-in. It comes with a significant drawback for typical pop and mom users --> If you lost you password and recovery key it's game over you loose everything. So I guess it's sensible to keep this as an opt-in until users are better educated about this drawback.
What will be quite significant is wether or not this feature will be available for chinese users.
It make sense from a technical POV to block ADP feature in poorly democratic countries that might request it like China and maybe tomorrow the UK.
PS : Once a significant % of users activated ADP it could be a good UX improvement to display a warning to mixed ADP status conversation that the conversation is not fully e2e encrypted. However this might be premature right now otherwise early adopters of ADP would be flooded by such warning.
There’s some confusion here, iMessage is end to end encrypted by default. That in no way protects the information on each users device.
If iCloud is enabled, then by default it gets unencrypted copies of these messages from the device unless “advanced data protection” is also enabled which ensures iMessage is encrypted but means losing your password also loses access to these backups. However, disabling iCloud sidesteps this issue and honestly if you want that kind of privacy then disabling iCloud is probably a good idea.
So if one users uses ADP and the other user disables iCloud then the conversion is protected.
If you scrolled down in the link provided above, it mentions with BOTH Standard and Advanced data protection messages are end to end encrypted, it’s just with advanced data protection the encryption key also ends up being encrypted too, but I’m positive even this has changed recently. You can try looking at logs when you turn on messages in iCloud and see that your messages are encrypted.
So lots of confusion in this thread, my advice for Apple would be make it very very clear to users that your data is safe. I mean they are threatening to back out of UK, so it’s against their core principles and also probably very technically expensive to undo they end to end encrypted system.
Actually there is a third option, don't back-up your iMessage to iCloud in the first place. In this configuration you need to transfer your content from device to device using a local backup if you intend to keep your messages.
You the have the same level of privacy (if not higher) than with ADP. But with the same drawback, if your recipient does backup to iCloud without ADP then messages can be intercept by apple at rest on your recipient iCloud backup.
Incidentally ADP mainly target users that didn't trusted iCloud backup for the lack of e2e encryption at rest.
More prosaically it's probably because turning it on means it's easier to lose access to your data if you lose devices/keys. Apple can't help you if they don't have the keys. It's not a bad marketing position.
They don’t want their data leaving their country? Doesn't GermanyAlso have some privacy laws that require data on Germans to stay within Germany? Isn’t this just an extension of that in a way?
> You would be famous and (if you knew the right hedge fund) probably very rich.
Famous, sure.
Rich? Perhaps… but I suspect that annoying a superpower will mean that, like Snowden, one would be somewhat restricted in ability to make use of any such wealth or fame.
Regarding the financial impact, what's the trade if they find out China is different? Shorting Apple? I don't think that would be a consequence. Nobody cares that China intercepts everything, we just don't want to live there or in a regime like it.
There was a rumor about separate HSMs for device personalization in China, and this would be verifiable by determining whether the Chinese HSMs could verify cryptograms produced by derived keys from a US device,
against Apple's personalizaiton endpoints in china. I don't know the protocol off hand, but there is a short list of ways to do it. If Apple uses different root secrets in China from the rest of the world, what further evidence would you need?
Apple has claimed that they don’t allow China to intercept communications using these keys. They’ve said on the record to the WSJ that they don’t do any combination of these things, and they left very little wiggle room in their denials (Google Apple China encryption keys WSJ). If you could show that they were compromising security for the Chinese government but not making any allowances for the FBI, and that their executives were lying about it, it would be a massive political scandal. There would almost certainly be congressional hearings, simply because any one of {Apple, China, tech executives caught lying, tech executives secretly collaborating with foreign governments} is by itself an opportunity for Congresspeople to get their face on TV and this would cover all the bases. Following this there would be huge US government pressure for Apple to (at minimum) cease collaborating with China to surveil its people, or else to offer the same capability to the US government. Potentially Apple’s entire business in China could be jeopardized if it was predicated on secret collaboration, not to mention their whole supply chain would be even more at risk. In the long run Apple might maneuver out of the situation somehow, but in the short run it would certainly affect them very badly.
>Apple has claimed that they don’t allow China to intercept communications using these keys. They’ve said on the record to the WSJ that they don’t do any combination of these things, and they left very little wiggle room in their denials
There's wiggle room in what you wrote: "Apple doesn't allow China to intercept communications, China just does it on their own" for example is a way to parse that sentence.
That would be a bigger scandal. If Apple's communication protection protocols could be subverted in flight (i.e., not via endpoint compromises) without Apple's consent or active participation, that would imply that the protocols themselves were just for show.
Chinese national security law includes a gag order for such assistance requests.
Apple can say they don’t allow it, because their local partner company is the one actually doing it. And the local partner would say they don’t allow it, because Chinese law (and the Party) requires them to keep all national security assistance secret.
US executives can be compelled to testify truthfully under oath. There is no "Chinese law compels me to keep this secret" defense to perjury charges in the US. If credible evidence emerges, Apple executives will eventually be forced to admit whatever they know. The only viable strategy here is to have a broken system and plausible "not know" it's being exploited, but that's a very fragile approach (technically risky, vulnerable to whistleblowers) and it only works once.
> Following this there would be huge US government pressure for Apple to (at minimum) cease collaborating with China to surveil its people, or else to offer the same capability to the US government.
Congress knows this would only kneecap one of their largest companies (with no fallback option at present). There is no iPhone without China.
Apple can and does already provide surveillance of this type domestically to FBI/DHS/et al. Approximately all iMessages are readable by Apple and extension by the USG in real-time, with or without a warrant.
You can frame it the different way: Apple has given up improving the freedom of the Chinese people because that is infeasible. But it hasn’t given up hope on the West.
Yes, because China has double the population as the whole of Europe. Ceasing operations in the UK wouldn't hurt their revenue as much as doing so in China.
No, the population of China is not the issue. The problem for Apple is that so many of their products are still made in China that if they anger the Chinese government they risk having their factories closed, leaving them with no products to sell. To say this would be disastrous for sales would be an understatement.
The last thing China is going to do is close manufacturing plants.
Apple makes 10x more selling in the Chinese market than they do in the United Kingdom, even with all of the roadblocks and handicaps China erects. Further Apple realizes that as the UK is a Western, democratic nation it is easy to essentially bargain about policies. Apple's current threats are essentially negotiating. There would be no negotiating with China about stuff like this.
Beijing can’t even shut down the factories north of the city that dump particulates into the lungs of the leadership and their families. No way they can shut down some of the big iPhone factories.
Are you joking? Even a random middle class flat in Beijing would have at least one OK air filter appliance. Party elites likely have pretty good industrial grade ones everywhere. First thing is shield themselves from the fruits of their policies...
Nobody is talking about morals here. Its bad for business for Apple to capitulate to the UK. It's bad for business for them to not capitulate to China.
And iPhones ceasing to be sold in the UK would probably be all it takes for public backlash to neuter the law. I imagine that's not on the table in China.
> Its bad for business for Apple to capitulate to the UK. It's bad for business for them to not capitulate to China.
It's very difficult to square these two sentences together.
On one hand, if they break their privacy and security for the UK government, it's bad for business because they'll continue to sell iDevices and services?
On the other hand, if they break their privacy and security for the CCP, it's good for business because they'll continue to sell iDevices and services?
You're tacitly admitting my assertion - Apple's morals are for sale.
If the US threatened Apple, we can expect they'll sell out there too, no?
> You're tacitly admitting my assertion - Apple's morals are for sale.
Yes.
China is much further from the Western world than the UK. Capitulation there isn’t a step onto the slippery slope. Doing the same thing in the UK would lead very quickly to EU and US demands to do the same.
By exiting such a small market, Apple defends the much larger markets against creeping surveillance.
Remember how fierce the backlash was to their CSAM scanning proposal? They walked that back. Some people might think it was for moral reasons, but I’m pretty sure they realized it would harm their bottom line.
The way things work in China is not the same as the UK. They either play by CCP rules or they don’t play at all. Apple’s calculus here seems to be that not playing in the UK market is worth it, whereas missing out on the Chinese market is not worth it.
Nobody needs to operate in China. That's the thing that's being overlooked.
Apple made a choice to operate there - and would have still been the world's most valued company regardless.
So, Apple's choice was to sell-out their privacy and security credentials to make more money - counting on their other large markets (ie. the US) not paying close enough attention to see the blatant hypocrisy.
"Security and privacy are great - unless we can make more money selling off your security and privacy to oppressive government regimes!"
Somehow that just doesn't have a catchy marketing ring to it...
So now there's precedent that Apple will violate everything they stand for if a large enough market demands it. What happens when the US government decides to place Apple in the crosshairs for not "helping catch terrorists" or something? Will Apple sell out too? Why not?
While a good example, that was in 2015. There haven't been very many (or any?) public challenges since - which does make one wonder...
Apple could simultaneously backdoor their devices while also keep them secure from anyone but the government with a warrant. These things are not mutually exclusive.
The China precedent is troubling - to say the least.
You cannot backdoor a device in such a way that only 'certain' people can access it. Once that door is there, people will find an exploit it. The only way to be completely secure is never build the door in the first place.
It's not possible to make 25,000 iPhones per hour anywhere else on Earth right now. There are over a hundred thousand people who work on manufacturing the iPhone and you can't just clone them (and their skills and experience and knowledge) in a week, or a month, or even a year.
> Who forced Apple to manufacturer iPhones in China?
> Nobody
Ironically correct: the absence of alternatives — nobody else could do it — is what forced them in the first place.
The recent pressure from the US government to "bring it home" is because the US government finally started to realise that was both true and bad (doesn't matter if Huawei was really spying, Washington believed they were); similarly for equivalent EU pressure.
Are you asking if the west could make phones? Almost certainly. Have they chosen to do so? Not at all. Apple may be big enough today to possibly operate without china in 10-20 years, but no chance in 2007 or today.
It's the global debt-based fiat monetary system. It squeezes workers hard and turns every industry into a winner-takes-all industry since workers are so poor they can only afford the cheapest of the cheap. In the old days, a business could afford to continue to operate and thrive even if they weren't necessarily number one at everything... People had enough surplus income to not worry about spending a bit more for some local product even if it wasn't necessarily the best value for money. Also consumers were not so insanely well attuned to squeezing every penny as they are today (due to lower financial stress levels) and this created more room for new businesses to compete with incumbents.
It's the effect of the monetary system squeezing the masses hard which forces everyone to buy the cheapest things and it created a kind of technological shrinkflationary race to the bottom.
You’re correct of course. Even so it’s worth noting that you could also call it the global asset based monetary system. Credits and debits are just two sides of the ledger.
In my mind, and definitely informed by my attraction to medieval Catholic philosophy, the problem isn’t really debt but rather usury.
Kind of interesting that the definition of usury became about 'unreasonably high' interest rates as opposed to merely any interest. I think the harm of usury can happen at any interest rate level depending on the specific details of debt contracts.
I actually think that if it's one's own money, they should be allowed to loan it at any interest rate since they're taking the risk upon themselves. If they can find a willing borrower at such high rates, then good for them. If the borrower agrees to a bad deal, then it's the borrower's own fault.
What I most strongly oppose is the idea of public institutions loaning citizens' money through the issuance of new currency (which dilutes the value of previously issued money). It's especially harmful when the interest rate is low.
For example, if the interest rate is 0%, then it's unjust for a government institution to dilute citizen's currency and shift the risk of borrower default onto currency-holding citizens (savers) without offering any upside to those savers; in that case, the central banks turn regular citizens (savers) into suckers by loaning out their money for free for the benefit of reckless borrowers who borrow it for free.
>US and European political leadership who made manufacturing unaffordable domestically.
Manufacturing consumer goods in the west was never unaffordable, just that insane corporates profits weren't possible while keeping manufacturing in the west, as they were in China.
A lot of consumer electronics were made in the west before the mass exodus to China. Nokia phones was made in Finland and Germany, Siemens phones were made in Germany, Ericsson phones were made in Sweden, etc.
It was all possible and they also didn't cost an rm and a leg, but companies saw the allure of ultracheap labor and loose environmental regulations in China to jack up their profits.
Exactly. Tariffs on Chinese made goods would have prevented this but everyone saw only shareholder value increasing opportunities so it was decided to offshore all electronics manufacturing.
I think it's more that not capitulating to China would potentially result in destroying Apples supply chain. China could potentially kill Apple, the UK can kill a portion of Apples user base.
They have huge illiquid manufacturing in China. The government has a lot of leverage over them. Its impossible for them to gamble on this. It's not even comparable to the UK situation at all.
Even if they pulled all manufacturing from China, they could still potentially be kneecapped if China blacklisted them from purchasing things like gallium.
I don't think they had a choice not to operate in China in any practical sense.
They could have not been a large scale electronics manufacturer, but then they don't operate in China by making an entirely different kind of choice to be an entirely different kind of company. I don't think any electronics manufacturer (or meta-manufacturer/designer/whatever/globalization is weird) within an order of magnitude of Apple's scale can practically operate without benefit of China's manufacturing base.
It feels like you have to bend the intuitive notion of "deciding" to operate in China even means for this to make sense and you just want to pin something on Apple here because they're a giant corporation, and all giant corporations are morally gray at best. The global economy has "decided" that China has the manufacturing base for this kind of business.
This doesn't seem productive in the way that appeals to personal responsibility fall flat in dealing with societal issues, like, we shouldn't have public drug treatment programs because people shouldn't do drugs. People do drugs, and there are costs to not having public treatment programs, so if you want to pretend it's just a matter of personal responsibility, you are indeed pretending, because it is also a societal problem not negated by framing it as personal responsibility.
Here, we assign "personal responsibility" to Apple for operating in China, when we have the "societal issue" of large scale electronics manufacturing centralizing there so that they have the industrial base for it. The world, on the whole, has allowed China to link into the world economy in this manner regardless of their humans rights record and other issues.
So, while there's nothing to love about Apple here, I feel like it's really missing the forest for the trees to frame this as an "Apple" issue in any sense whatsoever, but should be framed as a China-human-rights, globalization, and world economy issue, and we don't do ourselves any favors with appeals to "corporate personal responsibility"
A company has no morals… Its policies depend on the people within it, who do have all sorts of moral principles that are always more or less at odds with each other. Trying to go beyond that is a fool’s errand: a company is not a person. Everything makes sense once you’ve understood that.
When it happens, a company acting purely on someone’s moral code (usually a dictator CEO, though) sounds fine and reassuring. But on the contrary, this is unstable as you never know when that person will be sidelined, forced out, or realign their principles. At this point the company you trust can very well become an enemy. Just look at Twitter or Reddit.
On the long term, you need the company’s financial interests to be aligned with your (various) interests. This is the only thing that remains stable. Well, as long as nobody comes and make it private; then anything goes. It sucks, but that’s capitalism for you.
For the moment, Apple is mostly safe because basic privacy is their brand, and dropping it would be costly. This gives them leverage against some governments, but not so much against others. You can also count yourself lucky not to be born in China, but then there’s nothing Apple can do about that.
It's also important to draw red lines right away before unwelcome precedents are set. We'll do this for China and maybe for India if that market grows big enough, and we would absolutely do this in the US if compelled to, but we will not do this for anyone else. Except maybe for the EU.
Apple has even threatened to withdraw their own systems from the UK rather than comply with this.
https://9to5mac.com/2023/07/20/apple-imessage-facetime-remov...