Hacker News new | ask | show | jobs
by travisp 2440 days ago
The possibility that someone in the company is secretly (how!?) providing the Chinese government access to the encryption keys is a wildly different claim. There is no evidence that Apple has done it, and an important executive has testified that they have not, and they've publicly stated they haven't, even if you want to speculate that it has happened.
1 comments
bduerst 2440 days ago
It's not a secret. Apple even made a statement to reuters at the start of the migration process where they tried to get iCloud as an exception but failed - "“While we advocated against iCloud being subject to these laws, we were ultimately unsuccessful,”

In early 2018, Apple forced their users to opt-in to migrating iCloud encryption keys and data to Chinese data centers:

https://www.reuters.com/article/us-china-apple-icloud-insigh...

Chinese government nationalized the data centers six months later, gaining access to all the encryption keys and user iCloud data at rest. Apple complied:

https://mashable.com/article/china-government-apple-icloud-d...

link
travisp 2440 days ago
No, they still don't have access to the encryption keys, as reported after those articles you post:

"Encryption for us is the same in every country in the world...We worked with a Chinese company to provide iCloud, but the keys [...] are ours...I wouldn't get caught up in 'where's the location of it,' I mean we have servers located in many different countries in the world. They're not easier to get data from being in one country versus the next...The key question is how does the encryption process work, and who owns the keys — if anyone. In most cases for us, you and the receiver [of a message] own the keys." - Tim Cook

(https://www.businessinsider.com/tim-cook-apple-encrypts-data...)

Apple is specifically stating that they have retained control over the encryption keys.

link
bduerst 2440 days ago
Nothing in that quote backs up your statement.

Tim Cook is describing how encryption works - he is not saying that the Chinese government doesn't have access to the data at rest with the iCloud encryption keys. Amnesty International [1] sums it up:

>“By handing over its China iCloud service to a local company without sufficient safeguards, the Chinese authorities now have potentially unfettered access to all Apple’s Chinese customers’ iCloud data. Apple knows it, yet has not warned its customers in China of the risks.”

They raised this issue three full months before the Chinese government went ahead and nationalized all of the Apple user data and encryption keys.

[1] https://www.amnesty.org/en/latest/news/2018/03/apple-privacy...

link
travisp 2440 days ago
I agree there are reasons to be concerned overall, but Tim Cook is very clearly stating in this interview, which happened after the nationalization, that 1) China doesn’t have access to the encryption keys themselves and 2) for much of the data (like messages) not even Apple has the keys, 3) China is not able to access the data any more easily than any other country.

If you are targeted by the CCP, then yes, they can make a “legal” request for the data of an individual that Apple is able the decrypt (which isn’t all of it), but they aren’t able to apply mass surveillance to the iCloud data.

link
bduerst 2440 days ago
Where does Tim Cook specifically say that? What you quoted does not support that.

The encryption keys are for iCloud backups at rest, for which a copy of the keys are stored serverside. This can decrypt all iCloud data, including messages, pics, videos, documents, etc. Tim only described E2E message encryption between users, not encrypted iCloud backups.

Again, Tim isn't saying what you think he's saying. He's intentionally not answering that question or misdirecting - he's doing it all over again here:

https://news.ycombinator.com/item?id=21218529

link