The pattern is always the same. When an invasive technology or a precursor to an invasive technology is announced, someone on HN sagely points out that everyone should be reasonable and drop the conspiracy theories.
also, even if "privacy" is assured, once the tech is normalized either the private version can be cracked, or a similar but non-private tech is released everywhere else (with hooks for advertising/data-mining/govt access)
Less than 24 hours ago, the top story on HN was a tranche of iOS 0-days released by a whitehat who got frustrated by Apple's mismanagement of its bug bounty program. So it's open season on that afib data right now...
It does not follow that 0 days mean every piece of information in apple’s control will be stolen. Historically apple 0 days have been used to target high level targets, usually journalists, and not appropriate (or usable) for removing all data from all iPhones.
Something Apple should fix, sure. But not something that I’m going to delete all my Apple Health data for.
> It does not follow that 0 days mean every piece of information in apple’s control will be stolen
You're correct in general, but not in this specific instance. If you followed the said thread, you'd have encountered the disbelief that Apple stores health data unencrypted on the iPhone, despite FIPS certification for the watch. Every 0-day, as it stands today, can result in access to health data, until Apple adopts defense in depth.
How would you know if it was? It was more likely sold by whoever collected it. The very existence of this pool of data is a risk, and just because the sky didn't fall today, do you stop wearing a seatbelt?
Five years later the tech is on everyone's phone.