[theshrike79]

Apple is again going where Google (the world's largest ad company) cannot follow: 100% user privacy.

They really hammered in the fact that every bit is going to be either fully local or publicly auditable to be private.

There's no way Google can follow, they need the data for their ad modeling. Even if they anonymise it, they still want it.

[WheatMillington]

They literally announced their partnership with OpenAI today, and I've seen no sign of this data being "publicly auditable" - can you share this with me?

[kalleboo]

The OpenAI integration is a side-feature.

All the stuff that works on your private data is Apple models that are either on-device or in Apple's private cloud (and they are making that private cloud auditable).

The OpenAI stuff is firewalled off into a separate "ask ChatGPT to write me this thing" kind of feature.

[dialup_sounds]

https://security.apple.com/blog/private-cloud-compute/

[labcomputer]

> I've seen no sign of this data being "publicly auditable" - can you share this with me?

They announced it in the same keynote where they announced the partnership with OpenAI (and stated that sharing your data with OpenAI would be opt-in, not opt-out).

[cchance]

WTF are you talking about, the guy literally said that to connect to Apple Intelligence servers the client side verifies a publically registered audit trail for the server. He then followed up saying no data on chatgpt will keep session information regarding who the data came from.

Apples big thing is privacy, i doubt they'd randomly lie about that

[cromka]

This still runs on external hardware which can be spoofed at the demand of authorities. It may be private as in they themselves won’t monetize it but your data certainly won’t be safe

[cchance]

Ahhh cool encryption doesn't exist, MTLS doesn't exist i forgot

[verandaguy]

I can't speak towards Apple's or $your_government's trustworthiness, but MTLS wouldn't protect against an attack where Apple collaborates with a data requester.

There are people and orgs out there who (justifiably or not) are paranoid enough that they factor this into their threat model.

This is a bit academic right now, but it's also worth mentioning that in the coming years, as quantum computing becomes more and more practical, snapshots of data encrypted using quantum-unsafe cryptography, or with symmetric keys protected by quantum-unsafe crypto (like most Diffie-Hellman schemes) will be decryptable much more easily. Whether a motivated bad actor has access to the quantum infrastructure needed to do this at scale is another question, though.

[cromka]

How about you Google DMA Memory Attacks, VM Escape attacks, Memory scraping and sniffing, Memory Bus Snooping and so on.

As long as the data is processed externally, no software solutions make it safe, unless you yourself are in control of the premises.

[Spod_Gaju]

"100% user privacy."

That is a huge stretch and a signal as to how good Apple is with their marketing.

If they are still letting apps like GasBuddy to sell your location to insurance companies then they are no where near "100% privacy".

[its_ethan]

GasBuddy is an optional app, right? Apple is very up front about what apps are going to get access to things like location, with user prompts to allow/deny. Meaning you are opting in to a lack of privacy, which is very expected behavior?

The default Apple apps (maps, messaging, safari) are solid from a privacy perspective, and I don't think you can say the same about the default apps on competitors phones.

[Spod_Gaju]

I am sorry I used GasBuddy as an example since I agree it is a stretch, but still not one I disagree with.

But let's get back to Apple...if it was functioning at "100% user privacy" would it be able to give access to your data to law enforcement? As an example, I consider MullvadVPN to be 99% user privacy.

[its_ethan]

Does this answer your question?

https://en.wikipedia.org/wiki/Apple–FBI_encryption_dispute#A...

[Spod_Gaju]

No.

That was concerning unlocking the phone. I’m talking about the data that they store on iCloud.

[krrrh]

I already linked to this article on Advanced Data Protection for iCloud (e2ee for most things) in a different comment, but it feels like a lot of people don’t know about this feature. It literally has zero effect on the user experience (except janky access to iCloud via the web, but shrug). Apple’s competitors don’t have anything close and their business models mean they probably never will.

https://support.apple.com/en-ca/102651

[jachee]

The data stored on iCloud is locked with the key from the devices’ Secure Enclave. They’d have to unlock your device to get access to decrypt the iCloud data.

[Daneel_]

Based on Apple's previous track record, the answer is very likely "no".

[Spod_Gaju]

You sure?

https://www.forbes.com/sites/kateoflahertyuk/2024/04/10/new-...

[cyberpunk]

Why should apple be in control of what individual apps do with your location data? You explicitly grant the app access to your data, and agreed to the terms.

The difference between that and this is extremely clear is it not?

[Spod_Gaju]

If I want a device that’s giving me apps on a locked in platform why shouldn’t they care about what the apps do with my information?

Imagine if we had a smart phone maker that Cared about this so we didn’t have to worry about it all the time?

[themadturk]

Gas Buddy, like all 3rd party apps, has their privacy practices detailed on their App Store page. It's true that not all vendors are completely truthful with this information, but Gas Buddy (for one) appears to be pretty up-front: everything in the app is shared with the developers or others except (they say) diagnostic information. Apple set up a privacy-disclosure rule, Gas Buddy seems to be following it, and it's the user's choice whether to install Gas Buddy.

Apple has done its privacy work here; now it's up to the end user to make the final choice.