Apple says it will remove services such as FaceTime and iMessage from the UK rather than weaken security if new proposals are made law and acted upon.
The government is seeking to update the Investigatory Powers Act (IPA) 2016.
It wants messaging services to clear security features with the Home Office before releasing them to customers.
The act lets the Home Office demand security features are disabled, without telling the public. Under the update, this would have to be immediate.
I wonder if Apple would actually follow through with something like this, or if they’re only looking for a token concession so they can claim they’re still in the clear and do nothing. Interesting, though, that when the Chinese government comes calling, Tim Cook drops his “privacy is a fundamental human right” shtick real quick, but when the government of a western country comes calling, it’s a lot of rah-rah.
A spine is clearly not very expensive.
Hard to take a stand on this when Chinese trolls seem to be using Tik Tok to make potentially fatal stampedes trend in Western countries (and actually personally having experienced such an attempt). At the very least we need a complete ban on Russian/Chinese controlled social media and admit it’s actively being abused by state actors acting as enemy combatants.
They’re also doing it to S. Korea: https://www.opindia.com/2022/11/halloween-stampede-killed-158-people-game-south-korea-itaewon-crush-tiktok/
Sorry, but how is this chinas fault?
“The same game has been around for over a decade in South Korea under several names such as the Pass-out Challenge, Hamburger Game, and Sandwich Game.”
And to be honest, at some point you have to accept, that it’s just natural selection…
I am glad apple are fighting this. I believe that individual privacy is a right and we should not be denied the technology that enables it. Frankly we should be entitled to monitor what our democratic governments are doing rather than the other way around.
That said, many articles including this one leave consumers with a misleading impression of end to end encryption without understanding the subtle ways it can be compromised by service providers…
This goes out the window when the service provider controls the protocol that tells devices which encryption keys to use, which is/was the case for facetime and imessage. Are these end to end encrypted? Yes. Can apple instruct devices to use compromised keys in order to wiretap communications? Yes. If you really want to be protected from this, you need to verify the keys belong to who you think they belong to.
Jitsi is an example of a client that has the parties verify each other’s hashes in their own voices. So if you trust the voice, then you have authenticated the keys. But now with AI’s ability to impersonate voices this too is less secure than it used to be. Another way is to exchange keys in person, or at least through mutual acquaintances,. like GPG does. This is quite secure, but few people really want to mess around with GPG public keys. It would be nice if mobile platforms had standardized this technology so that it would be ubiquitous and we could take it for granted today. Alas, that’s not what happened and we have to trust that service providers are not wiretapping out conversations
If you are an activist and your life depends on it don’t trust any of this big companies that say they got you covered when it comes to privacy. Said that i feel it’s OK to support Apple in such effort when it comes to UK laws. If only the same could be said for China. There Apple is silent as they follow the laws that don’t allow privacy.
This is always am interesting dilemma. Who should decide on what is appropriate levels of privacy? And when it’s appropriate to rescind it. A democraticly elected government/judiciary or a foreign corporation?
Apple, like everyone else should adhere to the laws of the land. The UK government has decided It should be the arbitrator of when communications can be decrypted and not Apple (who do have the capability, as shown in China).
Feeding into this though is also a longer tail where Apple blocked the NHS digital’s original COVID app on the basis of their “security features” and forced the UK Government to use their proprietary solution for contact tracing. I wouldn’t be surprised if this also contained a caveat or two in case such a scenario arose again.