[simondotau]

> We've really done one over on ourselves by adopting the mental model that only a vertically integrated corp can deliver privacy and security to users.

Who is saying that? Certainly nobody anywhere in this HN thread. It is, however, fair to say that the only guarantor of privacy and security is a network of trust. There are plenty of examples where trust is partially decentralised, the most notable being the system of certificates used for establishing trust in HTTP over TLS.

[zucker42]

> Who is saying that?

There is a quote in the top level comment of this thread that says that.

> It’s untenable that there’s unsanctioned client software for a messaging platform for which privacy and security are a primary feature.

[simondotau]

That is not even remotely similar to the claim you made. Nowhere in that sentence is the claim that privacy and security cannot exist without a vertically integrated corporation.

All they're saying is that the existence of third party software compromises Apple's ability to make blanket statements about the security and privacy of this one specific platform. An unofficial third party client breaks an established network of trust — which is an objective fact. If you doubt this, then you really should use this Chromium fork I just developed. Use it to log into your internet banking. Don't be scared. There's nothing to worry about. See, there's a lock symbol in the address bar and everything.

[cdata]

Sure, but also recognize: web browsers constitute a mature, multi-polar ecosystem; we do not clutch pearls when a user chooses Firefox, or Safari, or Chrome (or myriad others) to transact on the web.

Can a bad actor slap a green lock on an insecure browser clone and harm users? Certainly. And yet, in a survey of the systemic threats to security and privacy on the open web, such attacks are relegated to the margins.

Apple encourages a popular narrative that centralization and control beget trust, and from there may enable privacy and security. Look no further than the comments on this HN post to see the narrative echoed!

It's fair to point out that it's not literally what Gruber wrote, but readers will fill in the negative space around his uncritically apologetic commentary. To state the implied message: trust in Apple's way, and remember that third parties (who are not accountable to Apple) will ultimately deprive you of privacy and security!

[simondotau]

Having a system where trust is embodied in a single entity is one valid solution. It's also not the only solution and I haven't heard anyone claim that it is.

[cdata]

That is technically a remark I agree with, but you're skipping past the actual point of my comment: it may be a valid strategy on its face but it is fragile and makes users vulnerable to systemic exploitation.

The web browser ecosystem has its own (different) problems, but iMessage lacks requisite variety to back up its particular claims to privacy and security (see that Reuters article for a preview).

[simondotau]

> you're skipping past the actual point

I skipped past that because that wasn't what I had expressed disagreement about. Though now you elucidate further I'll say I fundamentally disagree with your "actual point" as expressed. While I agree that systems of distributed trust are fundamentally healthier, they are an order of magnitude harder, and rely upon educating users. And some percentage of users will always be impervious to education — see the continued prevalence of phishing scams for example.

A system which relies upon trusting fewer entities is inherently less fragile and less vulnerable to exploitation. It's true that systems can be designed which rely on users trusting a large number of entities, and can sometimes result in a more educated user base, but they're much harder to implement and much, much, much, much rarer in the real world.

[photonerd]

Plenty of people clutched pearls (rightly) about IE tho. And https by default. And much more.

That it’s not currently a problem is due to 25 years of strongly pushing for privacy & security.

We’re still not there (see Google & adblockers in chrome)

[stjohnswarts]

I don't remember anyone "clutching pearls" over https by default? Do you have any suggested references where I can find those? I do recall people really complaining that anything at all was allowed to be http, even sites that most people would consider "unimportant".

[phantom784]

There were a lot of complaints that websites which never had to bother with certificates before now had to set one up (and pay for one). Though that's now largely solved by Lets Encrypt.

[oarsinsync]

> All they're saying is that the existence of third party software compromises Apple's ability to make blanket statements about the security and privacy of this one specific platform.

We’ve also got examples of Apple making misleading statements about the security and privacy of their platform, as a result of government gag orders.

That recent disclosure makes me suspect that every vector that they do not disclose explicitly as being private, is very much not private. To that end, the platform is clearly neither private nor secure if you value privacy from the government.

…so I’m not particularly concerned about third party software being a cause for concern anymore.

[catlifeonmars]

> An unofficial third party client breaks an established network of trust

I think this is key. The problem is the security of iMessage as a protocol is dependent on trust between client (implementations). Which is actually not that great from a security perspective.

I don’t mean that there are necessarily vulnerabilities in the protocol (there very well may be), but that the protocol is not something that Apple is willing to depend upon to uphold their desired security guarantees.