Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>If it's that easy, how long do we really expect Advanced Data Protection to be free from government backdooring?

Taking down an app is hardly unprecedented. Forcing companies to add backdoors in secret is, so it's a stretch to think that ADP is compromised.



> Forcing companies to add backdoors in secret is

We have precedent: https://arstechnica.com/tech-policy/2023/12/apple-admits-to-...

  Apple has since confirmed in a statement provided to Ars that the US federal government “prohibited” the company “from sharing any information,”


To be fair, most apps are guarding against this now by having the push notifications contain just a wake-up signal, the app then wakes up and retrieves the real content.


"secretly sharing notification data" (ie. asking for records kept in the usual course of business[1]) is not the same as "forcing companies to add backdoors in secret"

[1] https://www.law.cornell.edu/uscode/text/28/1732


I think it's safe to assume that there's a Room 641A (https://en.wikipedia.org/wiki/Room_641A) at every major US company that deals in communications. That said, there's no reason to think that ICE or local law enforcement get access to the data being collected. iCloud may be completely backdoored either way, but there's a big difference between the NSA and ICE in terms of what they care about going after and what capabilities they want publicly confirmed.


Thinking something is "unprecedented" is not an argument against it happening. Apple has surprised us before, I see no reason to expect ADP is any different.


>Apple has surprised us before

It really isn't. The reason I used the specific wording for "records kept in the usual course of business" is that's the legal standard for subpoenable information. It shouldn't be surprising to any legal expert that it was fair game for the government to request. The only thing surprising is that we didn't know it specifically happened before, so it's only as "surprising" as chatgpt logs being subpoenaed. Yes, it's "surprising" for the people using chatgpt as their therapist and think it should have been protected, but ask any lawyer and they'll all agree it's fair game. On the other hand forcing apple to specifically insert a backdoor runs into all sorts of constitution/due process issues.


Forcing companies to add backdoors in secret has been precedented for nearly a decade now.

https://www.schneier.com/blog/archives/2024/09/australia-thr...

> Technical Capability Notices (TCNs): TCNs are orders that require a company to build new capabilities that assist law enforcement agencies in accessing encrypted data. The Attorney-General must approve a TCN by confirming it is reasonable, proportionate, practical, and technically feasible.


https://en.wikipedia.org/wiki/Room_641A

Literal back door, in secret. I doubt things have gotten better since this.

https://en.wikipedia.org/wiki/National_security_letter

The company couldn't say, even if they wanted to.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: