undefined | Better HN

0 pointstylerl7y ago0 comments

But since key management is out of your control or visibility, Apple can just add another key to your account on behalf of the government. They don't have to disclose the existing keys on your device. This gets them the messages going forward but not the ones from the past. So they'd have to do this for all Chinese customers ahead of time, rather than as a response to an inquiry.

0 comments

abalone7y ago

Anything's possible if the vendor secretly collaborates with a government to insert vulnerabilities and lies about it. But what we're talking about here is, given the way Apple has publicly declared how the system works[1], what can a government do with full server access.

Apple states "All of the user’s registered devices display an alert message when a new device, phone number, or email address is added." So no, it's not correct to say key management is out of your visibility.

[1] https://www.apple.com/business/site/docs/iOS_Security_Guide....

j / k navigate · click thread line to collapse

0 pointstylerl7y ago0 comments

0 comments

abalone7y ago

[1] https://www.apple.com/business/site/docs/iOS_Security_Guide....

j / k navigate · click thread line to collapse