[cdata]

We've really done one over on ourselves by adopting the mental model that only a vertically integrated corp can deliver privacy and security to users. This rigid tendency towards homogeneity is bound to suffer a tragic systemic failure before too long.

It would be healthier to assume multi-polarity and lean into it.

[zxt_tzx]

> We've really done one over on ourselves by adopting the mental model that only a vertically integrated corp can deliver privacy and security to users. This rigid tendency towards homogeneity is bound to suffer a tragic systemic failure before too long.

Look no further than the other news that came out this week re: government spying via push notifications. (https://www.reuters.com/technology/cybersecurity/governments...) Consumers rationally trust the few big companies which are incentive-aligned to protect their data and government then goes after those few big companies. I thought this was particularly galling:

> In a statement, Apple said that Wyden's letter gave them the opening they needed to share more details with the public about how governments monitored push notifications.

> "In this case, the federal government prohibited us from sharing any information," the company said in a statement. "Now that this method has become public we are updating our transparency reporting to detail these kinds of requests."

[ChrisMarshallNY]

I suspect there's more where that came from. The only reason we learned of this, is because the cat was let out of the bag, and Apple was able to talk about it (gag order).

People might want to think about how AirTags and Find My Phone work...

[paulmd]

> People might want to think about how AirTags and Find My Phone work...

rotating BTLE identifiers controlled by a pseudorandom sequence derived from a key, and tunneled over end to end encryption?

[oarsinsync]

With locations over time tied to personal identifiers stored in a database with no public audit controls

[chfalck]

Isn’t that already what every standardly configured smartphone does?

[simondotau]

> We've really done one over on ourselves by adopting the mental model that only a vertically integrated corp can deliver privacy and security to users.

Who is saying that? Certainly nobody anywhere in this HN thread. It is, however, fair to say that the only guarantor of privacy and security is a network of trust. There are plenty of examples where trust is partially decentralised, the most notable being the system of certificates used for establishing trust in HTTP over TLS.

[zucker42]

> Who is saying that?

There is a quote in the top level comment of this thread that says that.

> It’s untenable that there’s unsanctioned client software for a messaging platform for which privacy and security are a primary feature.

[simondotau]

That is not even remotely similar to the claim you made. Nowhere in that sentence is the claim that privacy and security cannot exist without a vertically integrated corporation.

All they're saying is that the existence of third party software compromises Apple's ability to make blanket statements about the security and privacy of this one specific platform. An unofficial third party client breaks an established network of trust — which is an objective fact. If you doubt this, then you really should use this Chromium fork I just developed. Use it to log into your internet banking. Don't be scared. There's nothing to worry about. See, there's a lock symbol in the address bar and everything.

[cdata]

Sure, but also recognize: web browsers constitute a mature, multi-polar ecosystem; we do not clutch pearls when a user chooses Firefox, or Safari, or Chrome (or myriad others) to transact on the web.

Can a bad actor slap a green lock on an insecure browser clone and harm users? Certainly. And yet, in a survey of the systemic threats to security and privacy on the open web, such attacks are relegated to the margins.

Apple encourages a popular narrative that centralization and control beget trust, and from there may enable privacy and security. Look no further than the comments on this HN post to see the narrative echoed!

It's fair to point out that it's not literally what Gruber wrote, but readers will fill in the negative space around his uncritically apologetic commentary. To state the implied message: trust in Apple's way, and remember that third parties (who are not accountable to Apple) will ultimately deprive you of privacy and security!

[simondotau]

Having a system where trust is embodied in a single entity is one valid solution. It's also not the only solution and I haven't heard anyone claim that it is.

[cdata]

That is technically a remark I agree with, but you're skipping past the actual point of my comment: it may be a valid strategy on its face but it is fragile and makes users vulnerable to systemic exploitation.

The web browser ecosystem has its own (different) problems, but iMessage lacks requisite variety to back up its particular claims to privacy and security (see that Reuters article for a preview).

[photonerd]

Plenty of people clutched pearls (rightly) about IE tho. And https by default. And much more.

That it’s not currently a problem is due to 25 years of strongly pushing for privacy & security.

We’re still not there (see Google & adblockers in chrome)

[stjohnswarts]

I don't remember anyone "clutching pearls" over https by default? Do you have any suggested references where I can find those? I do recall people really complaining that anything at all was allowed to be http, even sites that most people would consider "unimportant".

[oarsinsync]

> All they're saying is that the existence of third party software compromises Apple's ability to make blanket statements about the security and privacy of this one specific platform.

We’ve also got examples of Apple making misleading statements about the security and privacy of their platform, as a result of government gag orders.

That recent disclosure makes me suspect that every vector that they do not disclose explicitly as being private, is very much not private. To that end, the platform is clearly neither private nor secure if you value privacy from the government.

…so I’m not particularly concerned about third party software being a cause for concern anymore.

[catlifeonmars]

> An unofficial third party client breaks an established network of trust

I think this is key. The problem is the security of iMessage as a protocol is dependent on trust between client (implementations). Which is actually not that great from a security perspective.

I don’t mean that there are necessarily vulnerabilities in the protocol (there very well may be), but that the protocol is not something that Apple is willing to depend upon to uphold their desired security guarantees.