[btown]

Per that link: I think there's an interesting question about whether a nefarious actor who's infiltrated a cloud provider with physical access to machines that are running signed operating systems, with signed binaries, with TDX remote attestation, and with hardware supply chain verification, has the ability to break the privacy guarantees of a tenant with Apple's sophistication.

Certainly, one could tamper with the hardware, but could one do it in a way that wouldn't get that machine immediately flagged, removed from the routing pool, and told to wipe its memory immediately, by a watchtower (perhaps even the routing layer itself) that runs in a separate secure Apple datacenter?

[Caracas288]

Those datacentres would be in the same position of trust as a VPN provider in that the data must be unencrypted at points in the process.

They could be making it very safe, and the things apple says they are doing would make it as safe as possible, but as a user there is no way of verifying the claims.

[freedomben]

> as a user there is no way of verifying the claims

I think this sums up what it's like to be an Apple user pretty well. With their heavy proprietary and closed approach, all users can do is "trust" them.

[brookst]

Have you read the PCC whitepapers? Are you saying the user-facing verification methods in them are insufficient, or vulnerable, or just false?

[Caracas288]

The previous argument was wrong and imprecise, as it could be used against any modern technology, none of which can be fully understood by a user, in the sense that any vulnerability would be completely invisible.

It’s clear they have made a very intelligent approach to this system.

[rasz]

>nefarious actor who's infiltrated a cloud provider

Google is buying that compute from xAI aka Musk

[RobMurray]

Apple could simply be ordered to include a hardware backdoor, and legally be prevented from talking about it. Everything else in the architecture could work exactly the way they claim in the PCC paper.

[zelon88]

Spoiler alert; Google is the nefarious actor.

[impulser_]

I think the last thing Google wants to do is get on the bad side of their largest partners.

[mrighele]

their largest partner is probably the US government.

[TeMPOraL]

Which is...

Wrong answer. Or at least, obvious and not particularly useful.

Truth is, none of those parties are "nefarious" - they're all just not on your side. And "security" is never an unqualified good thing to have (it's not an unqualified bad thing either). It's just a framework of coercion.

The most important questions to answer about any security system is, what is being protected, for who, and from who. People don't ask that much, not even in the industry - it's an implicit assumption that everyone themselves is a "good person" and is on the protected side of security systems. And then they're confused because it turns out end-users are more often seen as threat actors. All the players mention, but perhaps especially Apple, in its own special way, is protecting the computer from the user just as much as they're protecting the user/user's data from third parties.

[saagarjha]

It's not.

[SoftTalker]

Why bother with all that cloak and dagger stuff when they can just buy the data? You believe Apple and/or Google isn't selling it? I have some land in Florida I'd like to talk about.

[appplication]

Having worked at Apple, I will say I firmly believe they do not sell data. I worked in data science and we had the shittiest inference because we had essentially no access, even internally, to longitudinal or cross-app user data. Best we had was 15 minute rotating sessions for a single app. There are internal teams dedicated to deanonymizing data to try to narrow down users - if they can successfully do so, and relevant fields that lead to deanonymization get permanently purged from internal logging.

I can’t speak to the current architecture but Apple has shown a consistent willingness to sacrifice access to user data in the name of selling privacy instead at a premium price (you could argue precisely because no one of their competition have any meaningful posture on this). I do believe they are quite serious in their commitment to that, as they have found this strategy to be more valuable than the data itself.

[tjoff]

But sending sensitive private audio recordings to the lowest bidder is par for the course?

https://www.bbc.com/news/technology-49502292

[silvandeboer]

This comment makes it sound like they sold private recordings to whomever was willing to pay for them, but they paid third parties to evaluate Siri recordings.

[tjoff]

Don't really agree with that, that would have been highest bidder if anything.

And it wouldn't have been much worse compared to be as careless as they have been.

[wartywhoa23]

> Having worked at Apple, I will say I firmly believe they do not sell data.

Selling data is so shabby! Why sell when you can just give it away to letter-soup friends?

[fragmede]

Because that's not legal, so they sell it to third party data brokers and it gets resold to someone the TLAs can buy it legally from.

[yencabulator]

US wiretapping operations are not bound by publicly-visible laws.

https://en.wikipedia.org/wiki/United_States_Foreign_Intellig...

https://en.wikipedia.org/wiki/Foreign_Intelligence_Surveilla...

https://en.wikipedia.org/wiki/NSA_warrantless_surveillance_(...

https://en.wikipedia.org/wiki/Room_641A

[wartywhoa23]

Illegal to share data with entities that are themselves law enforcement, and which they are known to be demanding, not just asking to share out of good will?

[boringg]

Apple's incentives don't align to sell private data as their whole thing is privacy. They do that they tank their business. If you have proof that they are doing it -- I'd love to see it. (*3rd party actors from an app re-selling data doesn't count)

Google is 100% doing that because thats their entire incentive for the business. They sell low cost software / subsidized hardware on the grounds that you pay with your sharing data. That's the implied cost.

Show me the incentives - I will show you the outcomes.

[cheriot]

Apple/Google make less money if they sell the data because their ad product would no longer have an advantage. So no, I don't think they do that.