[bduerst]

Nothing in that quote backs up your statement.

Tim Cook is describing how encryption works - he is not saying that the Chinese government doesn't have access to the data at rest with the iCloud encryption keys. Amnesty International [1] sums it up:

>“By handing over its China iCloud service to a local company without sufficient safeguards, the Chinese authorities now have potentially unfettered access to all Apple’s Chinese customers’ iCloud data. Apple knows it, yet has not warned its customers in China of the risks.”

They raised this issue three full months before the Chinese government went ahead and nationalized all of the Apple user data and encryption keys.

[1] https://www.amnesty.org/en/latest/news/2018/03/apple-privacy...

[travisp]

I agree there are reasons to be concerned overall, but Tim Cook is very clearly stating in this interview, which happened after the nationalization, that 1) China doesn’t have access to the encryption keys themselves and 2) for much of the data (like messages) not even Apple has the keys, 3) China is not able to access the data any more easily than any other country.

If you are targeted by the CCP, then yes, they can make a “legal” request for the data of an individual that Apple is able the decrypt (which isn’t all of it), but they aren’t able to apply mass surveillance to the iCloud data.

[bduerst]

Where does Tim Cook specifically say that? What you quoted does not support that.

The encryption keys are for iCloud backups at rest, for which a copy of the keys are stored serverside. This can decrypt all iCloud data, including messages, pics, videos, documents, etc. Tim only described E2E message encryption between users, not encrypted iCloud backups.

Again, Tim isn't saying what you think he's saying. He's intentionally not answering that question or misdirecting - he's doing it all over again here:

https://news.ycombinator.com/item?id=21218529