undefined | Better HN

0 pointsducadveritatem1y ago0 comments

What do you mean by the “record”? It seems like you think this means Apple somehow has access and stores all that information in their cloud and we just have to hope/trust that they don’t decide they want to poke around in it?

You should look more into their security architecture if you’re curious about stuff like this. The way Secure Enclave, E2EE (including the Advanced Data Protection feature for all iCloud data), etc. The reality is that they use a huge range of privacy enhancing approaches to minimize what data has to leave your device and how it can be used. For example the biometrics you mention are never outside the Secure Enclave in the chip on your phone and nobody except you can access them unless they have your passcode. Things like running facial recognition on your photos library is handled locally on your device with no information going up to the cloud. FindMy is also architected in a fully E2E encrypted way.

You can browse their hundreds of pages of security and privacy documentation via the table of contents here to look up any specific service or functionality you want to know more about: https://support.apple.com/guide/security/welcome/web

0 comments

KaiserPro1y ago

by record, I mean precisely that. Apple stores this data. As the Key bearer it has significant control.

Moreover, because apple has great PR, you don't hear about privacy breeches. Everyone seems to forget they made a super cheap and for a long time undetectable stalking service. Despite the warnings. (AirTag)

Had that been Facebook or Google, it would have been the end of the feature. They have improved the unauthorised tracking flow, but its really quite unreliable with ios, and really bad in android still.

> You should look more into their security architecture if you’re curious about stuff like this.

I have, and its a brilliant manifesto. I especially love the documentation on PCC.

but, its crammed full of implied actions that aren't the case For example: https://support.apple.com/en-gb/108756

> If you choose to enable Advanced Data Protection, the majority of your iCloud data – including iCloud Backup, Photos, Notes and more – is protected using end-to-end encryption.

Ok good, so its not much different to normal right?

> When you turn on Advanced Data Protection, access to your iCloud data on the web at iCloud.com is disabled

Which leads me to this:

> It seems like you think this means Apple somehow has access and stores all that information in their cloud and we just have to hope/trust that they don’t decide they want to poke around in it?

You're damn right I do. Its the same with Google, and Facebook. We have no real way of verifying that trust. People trust Apple, because they are great at PR. But are they actually good at privacy? We have no real way of finding out, because they also have really reactive lawyers.

and thats my point, we are basically here: https://www.reddit.com/r/comics/comments/11gxpcu/our_little_... but with apple.

j / k navigate · click thread line to collapse