Sunday, February 21, 2016

Does Apple trust China above the United States?

France 24: Apple was hailed as a champion of digital privacy this week after refusing to help the FBI hack into an iPhone belonging to a suspect in the San Bernardino shooting. But the firm hasn’t always been so scrupulous about user data, especially in China.

Apple’s new role as a champion of digital privacy must be making the Chinese government smile. According to an article by the US news website Quartz, Cook’s intransigence apparently depends on geography.

Citing reports by Chinese daily Beijing News and the state-run People's Daily, the article claimed that Cook agreed in January 2015 to allow authorities in China to carry out “security checks” on all iPhones sold in the country to make sure the US had not installed any spyware. But, Apple has never confirmed or responded to the allegations.

The article reported that analysts believe Apple likely handed over its operating system source code as part of the agreement. If true, this would mean that the Chinese government knows how Apple’s software works, including its security system.

7 comments:

chickelit said...

I don't know about Apple, but Marc Zuckerberg is who I don't trust when it comes to China. He's a sniveling sinophile who'd sell out the US for Facebook access.

rhhardin said...

The Chinese don't expect privacy, the Americans do. So it's not a markeet betrayal for the Chinese. It would be for the Americans.

bagoh20 said...

What rh said.

Example: If you owned a wiener company that sold to Iran and the U.S., you would not consider it a violation of your U.S. customers to remove the pork from the wieners sold to Iran, and I doubt that Iranians would care that Americans got pork in their wieners, so to speak.

bagoh20 said...

So if the Chinese have the code, then why can't the FBI get it from them. We gave them Snowden after all.

I'm no expert, but I wonder if having the code even gives you access to the encryption in a way that would allow it to be broken. It would be a small amount of code that handles the encryption calculations that could still be kept secret.

Come to think of it, how do they keep engineers at Apple from selling the code which is highly valued.

Giving the Chinese any trade secret is suicide.

rhhardin said...

The key is only 4 or 6 digits, and the security is that the phone erases itself after ten failed attempts.

The feds want the code that handles the erasing and delays between attempts disabled, which code resides in firmware and so can be overwritten provided an Apple certified certificate accompanies the code, and only Apple can provide the certificate. That latter is protected by genuine encryption, or actually a trapdoor function, same thing. You can verify it but not generate it.

Methadras said...

rhhardin said...

The key is only 4 or 6 digits, and the security is that the phone erases itself after ten failed attempts.


Those setting can be changed I believe. I personally use the 10 digit code and no biometrics.

Methadras said...

bagoh20 said...

Come to think of it, how do they keep engineers at Apple from selling the code which is highly valued.

Giving the Chinese any trade secret is suicide


You have to know how apple sets up their respective departments, chains of command, etc. There are secret engineering departments within apple that work on nothing but false products so that one team never knows what another team is doing and it's a way to weed out the rats.