Hacker News new | ask | show | jobs
by theshrike79 732 days ago
The best protection against "secret orders" is to use mathematics.

Build your system so that it can't be decrypted, don't log anything etc. Mullvad has been doing this with VPNs and law enforcement has tested it - there's nothing for them to get.

Same has been proven with Apple not allowing FBI to open an iPhone, because it'd set a precedent. Future iPhone versions were made so that it's literally impossible for even Apple to open a locked iPhone.

There's no reason why they wouldn't go to same lengths on their private cloud compute. It's the one thing they can do that Google can't.
3 comments
Xelynega 731 days ago
> Same has been proven with Apple not allowing FBI to open an iPhone, because it'd set a precedent.

I thought the outcome of that case was that no precedent was set, since the iPhone was unlocked before the FBI could test their argument in court.

> Future iPhone versions were made so that it's literally impossible for even Apple to open a locked iPhone.

Firmware signed by apple is what runs to verify your biometrics and decide whether or not to unlock the device. At any point apple could sign firmware with a backdoor for this processor which lets them unlock any phone. How did they prevent this in future iPhone versions?

> theshrike79 18 hours ago | parent | context | flag | on: Private Cloud Compute: A new frontier for AI priva...

The best protection against "secret orders" is to use mathematics.

Build your system so that it can't be decrypted, don't log anything etc. Mullvad has been doing this with VPNs and law enforcement has tested it - there's nothing for them to get.

Same has been proven with Apple not allowing FBI to open an iPhone, because it'd set a precedent. Future iPhone versions were made so that it's literally impossible for even Apple to open a locked iPhone.

> There's no reason why they wouldn't go to same lengths on their private cloud compute. It's the one thing they can do that Google can't.

They did go to the same length, they have the ability to see your data whenever they choose to since they own the signing keys.

link
KaiserPro 732 days ago
> Build your system so that it can't be decrypted

Now you can't debug anything.

> Mullvad has been doing this with VPNs

Mullvad do not need to store any data at all. Infact any data that they store is a risk. Minimising the data stored minimises their risk. The only thing they need to store is keys.

Look, if you want to ask an AI service if this photo has a dog in, thats simple and requires no state other than the photo. If you want to ask it does it have my dog in, thats a whole 'nother kettle of fish. How do you communicate the descriptors that describe your dog? how do you generate them? on device? that'll drain your battery in a very short order.

> Apple not allowing FBI to open an iPhone, because it'd set a precedent

Because they didn't follow process.

> Future iPhone versions were made so that it's literally impossible for even Apple to open a locked iPhone.

They don't need to, just hack the icloud backup. plus its not impossible, its just difficult. If you own the key authority then its less hard.

link
verisimi 732 days ago
> Same has been proven with Apple not allowing FBI to open an iPhone, because it'd set a precedent. Future iPhone versions were made so that it's literally impossible for even Apple to open a locked iPhone.

Right, but I have no reason to think that this isn't a marketing ploy either, just another story. There is simply no way that Apple is as big as it is, without providing whatever data the government requires. Corporations and governments are not your friend.

link
theshrike79 732 days ago
Apple will obey government orders to give data they have and can access.

No government order short of targeting a specific backdoored update to a specific person will allow them to give data they can't access.

And if you're doing something that can make a TLA force Apple to create a targeted iOS update just for you, it's not something regular people can or should worry about.

Apple keeps normal people safe from mass surveillance, being protected from CIA/NSA required going Full Snowden and it's not a technological problem, you need to change the way you live.

link
hexage1814 731 days ago
> No government order short of targeting a specific backdoored update to a specific person

I'm failing to see the what would be the challenge here. Apple can technically do that. The government can force them to do that.

link
verisimi 732 days ago
Do you not remember Edward Snowden? Eg this sort of info:

> The scandal broke in early June 2013, external when the Guardian newspaper reported that the US National Security Agency (NSA) was collecting the telephone records of tens of millions of Americans.

> The paper published the secret court order directing telecommunications company Verizon to hand over all its telephone data to the NSA on an "ongoing daily basis".

https://www.bbc.com/news/world-us-canada-23123964

You seem to think that 10 years, under cover of secret orders, that this is NOT going on now. Not Apple!

People's lovely trusting natures in corporations and government never ceases to amaze me.

link
theshrike79 732 days ago
"telephone data" != "contents of every phone call"
link
digging 731 days ago
Contents of communications aren't as important as you may think; metadata is extremely dangerous.
link
verisimi 732 days ago
You and I have no idea.
link