[thih9]

I'm surprised to see protection against state sponsored attacks implemented by a company as big as Apple. Is any other 'mainstream' company offering a similar feature?

Warrant canary [0] comes to mind, but that is usually a message to all users, as opposed to notifying an individual user.

[0]: https://en.wikipedia.org/wiki/Warrant_canary

[jonas21]

> Is any other 'mainstream' company offering a similar feature?

You mean apart from basically every other mainstream tech company? [1] [2] [3]

[1] https://www.washingtonpost.com/business/economy/google-to-al...

[2] https://www.wired.com/2015/10/facebook-now-warns-users-of-st...

[3] https://threatpost.com/twitter-warns-some-users-of-nation-st...

[suprfsat]

Gmail does it https://blog.google/threat-analysis-group/updates-about-gove...

[RL_Quine]

Yeah, I loved having my work gmail account peppered with a giant red banner warmomg "THIS ACCOUNT IS THE TARGET OF STATE SPONSORED HACKERS". That was fun. We didn't really know how to respond or attempt to mitigate such a warning so, left it ignored.

[ridaj]

Respond by using 2fa if you weren't already, not signing into the account from untrusted devices, checking OAuth grants for apps you don't recognize, not using same pw elsewhere

[RL_Quine]

Yeah, we were doing that, so the response was to just shrug. Without a lot more context it's hard to know what your reaction should be to something like that.

[ridaj]

I can only guess, but I suppose the context in which they would trigger something like this would be that some of their accounts get hijacked to send things to a bunch of email addresses, which later turn out to be links to zero-day exploits attribuable to state-sponsored attackers, so they warn the recipients of those emails. But it's got to be a relatively scattershot warning - Google doesn't really know how vigilant you are. A friend of mine working for an NGO got the Gmail warning back in 2012 and upgraded a few overdue things.

[WarOnPrivacy]

A lack of context is kind of the problem here. What we need are specific method details, including origination addresses. There may be times when only most of that info is helpful, but withholding is always the opposite of helpful.

[seoaeu]

Except for future users targeted by those same attackers, for whom it is immensely helpful that they aren't being tipped off

[concinds]

Google's approach (and possibly Apple's) is commendable, but very poor UX-wise. Google specifically seems to include "phishing attempts" in their government-attack detection, and the direct reason seems to be that phishing was used in compromising the DNC in 2016. But there's a huge difference between a hacker-for-hire group that may have tenuous government links sending a mediocre phishing email (as in https://blog.google/threat-analysis-group/updates-about-gove...), and advanced zero-click zero-day use on all personal devices by a direct government body. Lumping them together makes zero sense.

[varispeed]

> by a company as big as Apple

Would smaller company stand a chance against very much any state? If men in suits taken a CEO of a big company for "a talk" in the forest there would be a lot of fuss in the media, whereas small company would probably be scared to bits and never said a word.

[melony]

A talk in the forest is for poor countries like Belarus. Rich countries just call their local SEC and IRS.