[cchance]

WTF are you talking about, the guy literally said that to connect to Apple Intelligence servers the client side verifies a publically registered audit trail for the server. He then followed up saying no data on chatgpt will keep session information regarding who the data came from.

Apples big thing is privacy, i doubt they'd randomly lie about that

[cromka]

This still runs on external hardware which can be spoofed at the demand of authorities. It may be private as in they themselves won’t monetize it but your data certainly won’t be safe

[cchance]

Ahhh cool encryption doesn't exist, MTLS doesn't exist i forgot

[verandaguy]

I can't speak towards Apple's or $your_government's trustworthiness, but MTLS wouldn't protect against an attack where Apple collaborates with a data requester.

There are people and orgs out there who (justifiably or not) are paranoid enough that they factor this into their threat model.

This is a bit academic right now, but it's also worth mentioning that in the coming years, as quantum computing becomes more and more practical, snapshots of data encrypted using quantum-unsafe cryptography, or with symmetric keys protected by quantum-unsafe crypto (like most Diffie-Hellman schemes) will be decryptable much more easily. Whether a motivated bad actor has access to the quantum infrastructure needed to do this at scale is another question, though.

[cromka]

How about you Google DMA Memory Attacks, VM Escape attacks, Memory scraping and sniffing, Memory Bus Snooping and so on.

As long as the data is processed externally, no software solutions make it safe, unless you yourself are in control of the premises.