Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Refutes Report On iPhone Threat To China's National Security

Posted by samzenpus on from the it-was-other-kids dept.

An anonymous reader writes "Apple has never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers," the company said Sunday in a bilingual statement on its China website. Users have to make the choice to enable the iPhones to calculate their locations, while "Apple does not track users' locations — Apple has never done so and has no plans to ever do so," the company said. The statement was in response to allegations by China's top state broadcaster that iOS7 software and its "Frequent Location" service posed a security risk. The data can be accessed easily, although labelled as "encrypted," and may lead to the disclosure of "state secrets," CCTV said.

134 comments

  1. This is very old news by DogShoes · · Score: 0

    to anyone that wan't in a coma over the weekend

  2. Any cell phone is a security risk. by Anonymous Coward · · Score: 1

    The reason China is "suddenly" afraid of the new iphone has nothing to do with security.

    1. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      It's as if people don't know that cell phones will give up their information on you to anyone who bothers to query it!

    2. Re:Any cell phone is a security risk. by LordLimecat · · Score: 1

      Apparently you are unaware of the fact that they tap all cellphones.

    3. Re:Any cell phone is a security risk. by Noah+Haders · · Score: 4, Interesting

      maybe iPhone is a risk because apple makes it hard for China to tap it.

    4. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 2, Insightful

      It's all about product protection for their home-grown models. iPhone is a big seller - China gets pennies on the profit dollar for mfg them.

      Huawei models will no doubt get the Beijing security nod, nomatter what.

    5. Re:Any cell phone is a security risk. by ArcadeMan · · Score: 4, Insightful

      I think that's exactly their viewpoint. It's a national risk because they can't spy on their own people with it.

      --
      Get free satoshi (Bitcoin) and Dogecoins
    6. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      Yet another post from a "expert on China"? If that was the case, why not just mark them "for export only" as they do with much of the stuff they make?

      Oh, you thought all the stuff they manufacture is also available for sale there?

    7. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      Yet another post from a "Shill from China"?
      yes because the typical chineese that buys an iphone cares if its export banned and only available via black market

    8. Re:Any cell phone is a security risk. by LordLimecat · · Score: 1

      maybe iPhone is a risk because apple makes it hard for China to tap it.

      They tap at the carriers. If you use SMS or voice, they have a record regardless of what phone or OS you're using.

    9. Re:Any cell phone is a security risk. by Austerity+Empowers · · Score: 5, Interesting

      Protectionism isn't something the G8 generally likes and has come under fire lately. Based on some things i've seen lately, I believe China (and perhaps india) have been spanked for their usual nonsense.

      So maybe those people are now trying a different approach, rather than the normal protectionism that chinese companies engage in (using only their own suppliers, designing out foreign chips, bringing all mfg and design work to them so that they can control the supply chain), they're trying to hide behind FUD.

    10. Re:Any cell phone is a security risk. by AmiMoJo · · Score: 4, Insightful

      The Chinese security services are not as bad as the NSA. They freely admit that they monitor everything happening on their networks as they have no reason to hide it. In fact they are proud as it shows they are protecting their people.

      There is a genuine security concern with any American products now, thanks to the NSA. Don't try to divert people by saying everyone else is as bad or making excuses. The NSA is harming US companies and US citizens through its actions, and other countries are right to treat it as a major security threat.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    11. Re:Any cell phone is a security risk. by ArcadeMan · · Score: 1

      I'm Canadian, I already view U.S.A.-made products and services as being insecure because of all the NSA meddling.

      --
      Get free satoshi (Bitcoin) and Dogecoins
    12. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      That's all well and good, but seriously - Americans spend little to no time thinking about Canada. You're our nice neighbor to the north. I'm not sure why Canadians spend so much time thinking about America. Seems like a waste of time to me. But I'm sure you can lecture us at great length about the true history of the war of 1812.

    13. Re:Any cell phone is a security risk. by DigiShaman · · Score: 1

      Here in the US, my wife gave up on using Skype because the quality was extremely unreliable. At one point, the call kept getting dropped every 5 second. She would try again, and like clockwork, get dropped again. So she had her parents use FaceTime on the iPad. Flawless connectivity with relative low latency (going over fiber in the Pacific no doubt) when communicating to Shanghai. If I had to guess, blocking FaceTime would also be blocking other Apple services for iOS devices. Secondly, Skype packets were probably forged as a means of denial of service.

      --
      Life is not for the lazy.
    14. Re:Any cell phone is a security risk. by Noah+Haders · · Score: 1

      Yeah but without OS and hardware access they can't turn on the cam and mic to listen in wherever

    15. Re:Any cell phone is a security risk. by retchdog · · Score: 1

      how is that "not as bad"? it's just differently bad. they want to intimidate (though not quite as overtly as the USSR did), while the US wants to secretly disappear people. it's not a diversion. it's reality, and neither 'side' is that great, even though i'd much, much rather be in the US.

      anyway, China has always clamped down on unlicensed cartography, and it is theoretically possible to use data mining to squeeze some location information out of the iPhone data. this really seems like a non-story to me, or anyone else who's been paying attention.

      --
      "They were pure niggers." – Noam Chomsky
    16. Re:Any cell phone is a security risk. by AmiMoJo · · Score: 1

      In China there is no law against what they are doing. In the US it violates the constitution.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    17. Re:Any cell phone is a security risk. by Noah+Haders · · Score: 1

      I wish I could move to Canada. Actually, New Zealand would be cool too.

    18. Re:Any cell phone is a security risk. by retchdog · · Score: 1

      i agree that the NSA's activities are unconstitutional, but what's the point in this context?

      and, going on your ridiculous tangent, would you be perfectly fine with what the NSA were doing if the constitution were amended to allow it?

      --
      "They were pure niggers." – Noam Chomsky
    19. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      Right, because with all the things going on in their life the choice of cell phone manufactures rates pretty high?

      Hmm.. So many posts about how "draconian" China is with its rules but yet the "average" Chinese care about cell phones this much?

      "yes because the typical chineese"...You lost me here
      Not because if your type-o "Chinese".
      Not because "export banned" would mean it is only available in China (Banned for Export?)
      No, you lost me because the "typical" Chinese simply CANT AFFORD one and doesnt have an opinion one way or the other.

      Lets look at Guanxi province (Average annual salary 34,178 yuan, population ~47 million) vs the cost of an iPhone (20,645 yuan).

      Hmm.. wonder how that works out? A lot of people willing to drop 60% of their annual income on a phone?

    20. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      Opps.. replying to my own post.

      Iphone is 4,938 for the 5s or 14% of their annual income. Not sure where the 20K came from.

    21. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 1

      G8 nations still engage in protectionism.

      just look at the "buy american" provisions published by the DOT.

      The Department of Transportation is committed to maximizing the economic benefits of the Obama Administration’s historic infrastructure investments through Buy America provisions that keep American companies healthy and families working.

      http://www.dot.gov/highlights/buyamerica

    22. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      Americans spend a great deal of time thinking about Canada because the US covets Canadian resources. So nice try, but hey, come back and play again real soon.

    23. Re:Any cell phone is a security risk. by PIBM · · Score: 1

      I'm not sure why you would bring the war of 1812 to the table ? Care to enlighten me ?

    24. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      Yeah, its freezing in NZ at the moment

    25. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      It's about getting major concessions from Apple. Personally I think that Apple should refuse to play ball, but it's hard to imagine a corporation taking a principled stand when such a big market is at stake.

    26. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      Apparently they believe invaded Canada during the War of 1812.

      Of course that's not possible since the country of Canada did not exist until July 1, 1867.

    27. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      No, I assure you, no one gives a shit about Canada. The only time that irrelevant places crosses anyone's mind is when the Albertan tourist point at them and whisper to themselves.

    28. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      So the smallest (population wise) poorest province can buy the latest for 10% (your numbers are bullshit btw) of all the richer places can easily afford one.
      Not that expensive when you're living with your parents, have no car, everything else is so cheap. They don't buy them as much though because the screens are too tiny, and the other popular phones are similarly priced. This will make no differenct for most people.

    29. Re:Any cell phone is a security risk. by Anonymous Coward · · Score: 0

      Two things.

      1) randomly selected the province, don't think it is the "poorest" but it is far from the richest.
      2) "My numbers" are bullshit? Please contact Bloomberg and have them fix their news announcement which they got from a press release done in Beijing on the new pricing model from China telecom, clearly you are more authoritative.

      Per Bloomberg( a trusted news source, unlike yourself).
      "
      For subscribers to a service plan that costs 189 yuan a month, the new China Telecom promotion cuts the cost of the iPhone by 400 yuan, to 4,888 yuan.
      "

      Others list prices right around my number.

  3. When the great depression really hits by MikeRT · · Score: 4, Insightful

    The NSA's actions will be regarded as the modern Smoot-Hawley which set forth the collapse in sales in one of America's last major export industries that set it into motion.

    Though in fairness to the NSA, the American people are to blame for their "want my cake and eat it too" mentality on intelligence gathering. When it was discovered that the CIA did a lot of Really Bad Things because, shocker, that's par for the course in normal boots on the ground intelligence work we switched to electronics surveillance and created this mess.

  4. Of course not by qbast · · Score: 2

    Only No Such Agency gets the data so it is like no tracking at all.

    1. Re:Of course not by fizzer06 · · Score: 4, Interesting
      "We have also never allowed access to our servers,"

      Apple lies.

    2. Re:Of course not by jbmartin6 · · Score: 2

      Doubtless Apple's statement is true. Of course, accepting SQL queries over a TCP socket isn't 'allowed access to our servers' is it?

      --
      This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    3. Re:Of course not by Agripa · · Score: 1

      Never would hosting or sending data to NSA's server.

  5. Never allowed access... by Anonymous Coward · · Score: 3, Funny

    Right, right... If you believe that, I have some government transparency to sell you.

  6. Why Apple Doesn't Track by Galaga88 · · Score: 3, Insightful

    As much as I love Apple's hardware and services their online services have always been pretty poor. Do we really think the company behind .Mac, or rather, MobileMe, er, iCloud would be competent enough to log and manage the amount of data this would require?

    1. Re:Why Apple Doesn't Track by Noah+Haders · · Score: 1

      I've had a mac.com address for 10 years

    2. Re:Why Apple Doesn't Track by Anonymous Coward · · Score: 2, Interesting

      Interesting point. They have a store called iTunes and it's not even on the web yet. (Amazon had web sales working in, what, 1995?) Every time I go to the iTunes site it wants me to download some special software, and they still can't make a sale without it.

      FFS, web browsers aren't exactly obscure anymore.

    3. Re:Why Apple Doesn't Track by synapse7 · · Score: 1

      What if somebody else were logging this information?

    4. Re:Why Apple Doesn't Track by Anonymous Coward · · Score: 0

      Seriously? I'm still using my iTools account from 2000. Did I miss out on something?

  7. noone trusts their cya legalese by Cardoor · · Score: 5, Insightful

    "As we have stated before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services."
    could just as easily mean, 'we havent worked WITH govt agencies.. but when they told us to step aside and let their devs in to commandeer a subroutine, we turned a blind/black-box eye'
    We have also never allowed access to our servers. And we never will. It’s something we feel very strongly about.
    oh, they 'feel strongly' about it? how comforting. and how do they define 'allow'? notice they dont say govt/others never HAD or HAVE access, just that it's not 'allowed'.. mmmkay..

    1. Re:noone trusts their cya legalese by Noah+Haders · · Score: 2, Insightful

      I'm not sure if this is a moving goalposts or no real scotsman issue. How can apple issue a denial that would satisfy people like you? Surely anything would be picked apart.

    2. Re:noone trusts their cya legalese by ArhcAngel · · Score: 2

      Or...the security holes in iOS are big enough to drive a Mac truck through so no request was ever needed.

      --
      "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    3. Re:noone trusts their cya legalese by Cardoor · · Score: 4, Interesting

      people like me is funny. you're right. they probably can't, because as Charliemopps says in 'um...' below, and CeasedCaring says in 'Dear Apple', they lie, and are forced to lie. my point is to illustrate how easily their carefully crafted words can be obfuscating, so that perhaps some people who would otherwise be comforted by nice sounding denials don't take a simple statement at face value and instead, decide intelligently if the fact pattern supports their statements. if you are of the mind to believe and remain unawares, then godspeed.

    4. Re:noone trusts their cya legalese by AtariDatacenter · · Score: 4, Insightful

      Based on published information, we know that the NSA gets customer information by compelling companies to produce the records, or it taps the connections between their datacenters and it gets the data in transit). Apple didn't deny either -- neither one of those involve installing a backdoor or giving SERVER access.

      I think you're on the right track. There really is nothing that Apple can say to convince foreign users that their data is safe.

    5. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      Or...the security holes in iOS are big enough to drive a Mac truck through so no request was ever needed.

      Or...the security holes in iOS are big enough to throw a Mac Pro through so no request was ever needed.

      Fixed that for you.

    6. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      They will have to cover their bases then. have the EULA writers write the statement - they seem to cover everything.

    7. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 1

      That, or they are under a national security letter that tells them to lie about all this shit.

    8. Re:noone trusts their cya legalese by gnasher719 · · Score: 1

      You are claiming that Apple is making statements that while literally true, are misleading people to make them belief something that isn't true.

      I would assume that Apple doesn't aim statements like this at paranoids. Fact is: Apple either acts in a way that a normal, non-paranoid person would expect from a statement like this and are speaking the truth, or they are not and they are lying, but it would be utterly pointless for Apple to make carefully crafted statements that are literally true but misleading.

    9. Re:noone trusts their cya legalese by Cardoor · · Score: 1

      pointless to do so? have you ever worked at a large public corporation with a legal dept? im guessing no.. this release went through many iterations internally to ensure technical veracity, but that could nonetheless appear to demonstrate transparency.
      otherwise, why not just use plain-speak without gaping holes? im sure many people here could very easily craft a release that would suffice, but that would require them to say things that they cannot without lying.
      p.s. find it fascinating that with the magnitude of lying, spying, and obfuscation already in the public domain, you would call anyone that questions 'official press releases' for equivocation 'paranoids'. i wonder what would need to be released for you to move the onus upon those releasing the info. and using that logic, unless the chinese now rollver, they are also 'paranoids'.

    10. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      You are an idiot if you think any company statement (in sensitive areas like this) should be accepted at face value. These sorts of statements are meticulously thought out and prepared in such a way that they can appear like thorough denial, yet conveniently side-step the actual issues as Cardoor pointed out. With all the revelations regarding the Snowden leaks, you'd have to be stuck in a bubble to accept any of this type of PR at face value.

    11. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      You are an idiot if you think any company statement (in sensitive areas like this) should be accepted at face value.

      I will trust an American companies statement lightyears ahead of a news report from Chinese government controlled media.

    12. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 1

      how about, "we haven't worked with govt agencies, and no govt agency created code or hardware exists in our devices or servers. the govt has never had, or will ever have, access to our servers."

      they can't say that, because they know it is false.

    13. Re:noone trusts their cya legalese by bagofbeans · · Score: 1

      Just curious, but have you ever actually read a 'chinese news media report'? I certainly haven't. I suspect your comment is merely your nationalistic prejudice rearing up defensively.

      IMHO, it's western governments that publish spin (i.e. lie, or mislead, or obfuscate). The (ex-)communist countries simply don't allow anything to be published about politically controversial issues.

    14. Re:noone trusts their cya legalese by Lumpy · · Score: 0

      You lie and are forced to lie as well. Prove there is not an NSA agent there right now with a gun to your head.

      Your credibility is as suspect as theirs.

      --
      Do not look at laser with remaining good eye.
    15. Re:noone trusts their cya legalese by Cardoor · · Score: 1

      nice try bub.
      i am advocating for using critical thought and not taking public statements at face value - regardless of the source. ..especially in situations where the source has demonstrated a propensity to mislead. by all mean, don't believe anything i'm saying - investigate for yourself. however, as i do not fit that category, your statements are more ad hominem attack than a thoughtful response.

    16. Re:noone trusts their cya legalese by AmiMoJo · · Score: 2

      it taps the connections between their datacenters and it gets the data in transit

      ...

      There really is nothing that Apple can say to convince foreign users that their data is safe.

      How can it be safe when the NSA is intercepting it? Some companies have said they are now encrypting data as it flows between datacentres, but we don't know how competent they are at doing it or if the NSA has some work-around. The bottom line is that any data stored in the USA has to be assumed to be compromised.

      It's not just Apple, all US companies have this problem. It's hard to see how they can ever recover now.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    17. Re:noone trusts their cya legalese by ljw1004 · · Score: 1

      I'm not sure if this is a moving goalposts or no real scotsman issue. How can apple issue a denial that would satisfy people like you? Surely anything would be picked apart.

      "Whenever you access an online service, that online service will know your approximate geographical location to city level, and also the intervening network infrastructure (cellphone towers &c.) will know. This is common to ALL mobile devices. Also, whenever your device is set to connect to networks (cellphone, wifi, bluetooth, ...) then those networks also know your approximate location. Again, this is common to all mobile devices.

      Beyond that, your iPhone internally knows your location through various means (GPS, cellular triangulation, wifi base station names). However, all location information from these sources (including information which might indirectly allow your approximation location to be deduced) is UNAVAILABLE to apps unless you specifically opt to allow them to have the information. Therefore, apps are unable to pass the information on to any third party.

      Other than apps, your iPhone also includes system software. If you chose the following settings [...] then the iPhone keeps no historical logs of location information or metadata. Additionally, the iPhone itself never allows any location data to leave the iPhone, except when you connect it to a computer via iTunes."

      I don't know about everyone else, but this would satisfy me!

    18. Re:noone trusts their cya legalese by maccodemonkey · · Score: 1

      could just as easily mean, 'we havent worked WITH govt agencies.. but when they told us to step aside and let their devs in to commandeer a subroutine, we turned a blind/black-box eye'

      Pretty sure giving them any access to any box or building would legally meet the definition of "working with."

      You have to give credit to Apple for making these statements, because if it comes out that they did help the government, these open letters could be used as ammo against them in a class action lawsuit. So either Apple is stupid for making these claims when a no comment would be a better option legally, or they're not actually working with the government.

      From everything I hear, it's the second option. Everyone I know at Apple is obsessed with security and privacy, to the point where I don't see Apple willingly giving anyone access. I know that's just my opinion, but even before this NSA thing happened, they were crazy about that.

      I think part of that is a lot of their employees have very... strong feelings... about the way Google does business. Apple doesn't even want the information available for them to data mine themselves. They're basically denying themselves the opportunity to inspect data so no one will ever sell user information and run ads. It seems like most these policy decisions were made before the NSA spying case, which makes me believe they were legitimate convictions. Either that, or the government was already bugging Apple, so Apple made these changes.

    19. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      "As we have stated before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services."

      Which means that they are already full of bugs that are easy to exploit. It's how jailbreaking is done.

      We have also never allowed access to our servers. And we never will. Itâ(TM)s something we feel very strongly about.

      Unless the government shows up with a court order or a National Security Letter, in which case we do anything they ask.

    20. Re:noone trusts their cya legalese by spikesahead · · Score: 1

      The gag orders have made speech entirely pointless. It is not legal for this company to tell us the truth without going to jail because their right of free speech has been suspended. That make every statement about the subject entirely meaningless, because anyone who knows the truth is prohibited by law from saying anything about it, or even insinuating the truth via omission.

      Free speech was fun, free speech is over. It's lost all meaning now.

      --
      bend like the reed
    21. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      > how do they define 'allow'?

      Look, President Clinton - not everyone has difficulty accepting the definition of common English words. Stop projecting.

    22. Re:noone trusts their cya legalese by gnasher719 · · Score: 1

      pointless to do so? have you ever worked at a large public corporation with a legal dept? im guessing no.. this release went through many iterations internally to ensure technical veracity, but that could nonetheless appear to demonstrate transparency.

      I am working at a large public corporation with a legal department.

      Every legal department will tell you that a statement that is technically correct but entirely misleading will give you not the slightest legal protection. More important for Apple, making a statement that is technically correct but entirely misleading would mean that the shit hits the fan even harder when things get out. And things get out.

    23. Re:noone trusts their cya legalese by gnasher719 · · Score: 1

      pointless to do so? have you ever worked at a large public corporation with a legal dept? im guessing no.. this release went through many iterations internally to ensure technical veracity, but that could nonetheless appear to demonstrate transparency.

      Just figured out... The first post that I replied to state that Apple _might_ be misleading the public. You are stating, without the slightest evidence, as a plain fact that they are indeed misleading the public. You also are stating, without the slightest evidence, that their lawyers are not clever enough to produce a sufficiently misleading statement on their first attempt, but that they needed many iterations to do so.

      In other words, without the slightest evidence you are claiming that Apple is lying and their lawyers are idiots. Or did I misinterpret what you said in any way?

    24. Re:noone trusts their cya legalese by Noah+Haders · · Score: 1

      also, for all anybody knows they are telling the truth, yet can't prove it. the gag orders have made speech entirely pointless.

    25. Re:noone trusts their cya legalese by Noah+Haders · · Score: 1

      so you basically want apple to make a flip phone.

    26. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 1

      He is right.... The GP's credibility is no better than apples.

    27. Re:noone trusts their cya legalese by bill_mcgonigle · · Score: 1

      "As we have stated before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services."

      We already know that Apple does key escrow of iMessage. Their security guidance documentation is very straightforward except it dances around the iMessage key escrow section like the cha-cha just came on the turntable, and then goes back to normal. Warrant canary much?

      Apple could have created that all on their own, perhaps for noble purposes (being the benign dictator of their realm while the peansants enjoy good encryption so long as the soverign remains benign) and then were ordered to hand over their master keys.

      I'm assuming Chinese news is as accurate as ours here in the US.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    28. Re:noone trusts their cya legalese by Noah+Haders · · Score: 1

      how has apple demonstrated a propensity to mislead? And I'm asking a very specific question here: let's say we assume apple is telling the truth. what could they say to make people believe them?

    29. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      It's how jailbreaking is done.

      The only problem is, jailbreaking usually takes months to find exploits for a particular OS. I mean, the iOS 7.1 jailbreak only just came out, after iOS 8 beta was already out, and the bugs exploited for the 7.1 jailbreak were already fixed in 8.

    30. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      LOL, you actually believe anything that comes out of APL's PR department?

      They've proved time and again that they straight up lie.

      They've sold US only LTE-band devices in the UK as "LTE capable" (yeah, only in the country you don't live in). They've put in advertisements the 3G phone loading a full busy-looking webpage in about 4 seconds without mentioning the speeds are simulated. You can apparently use voice assistants to learn how to play music, sing, and become an artist. I could go on, but you get the point.

      There's class action lawsuits were created for all of these.

      Remember, their lawyers / PR excuse for all of these is: Only an idiot would believe this. (paraphrasing)

      They OWN their own ad platform. You don't think they're harvesting your location? Wasn't there a website to opt out of location based tracking a while ago? I call absolute BS saying that they do not track at all.

    31. Re:noone trusts their cya legalese by jbmartin6 · · Score: 1

      It is not hard to issue denial that isn't overly specific. From the summary "Apple does not track users' locations — Apple has never done so and has no plans to ever do so," is much better. But, yes, that could be picked apart also. But for me, Apple's denials are, like so many others orgs recently, far too specific to be reassuring. For instance, they could say "we do not know of any backdoors in our products that are not actively being patched" instead of "we have not *created* any backdoors" See how much of a difference that makes? They could even throw in, "If we learned of a back door we would patch it as quickly as always regardless of which government or other agency might be using it"

      --
      This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    32. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      How can apple issue a denial that would satisfy people like you?

      The way the rest of the industry does it: by proving it. Release the code so that people can compile it and load it on their computer themselves, and then people will know what their computer is doing.

      That's the normal way of demonstrating the security a computer. Apple is acting suspiciously abnormal on this point. Why? We don't really know, but assuming the worst is a reasonable thing to do. Maybe the worst isn't true; maybe they have hostile things in the code that do nasty things to the users that they don't want the public to know about, but those things aren't as nasty as what China is accusing them of. Sure, it's possible. Even somewhat reasonably probable. But are you sure iOS' hostility is limited to somewhere below spying? Or do you just think it probably is?

      Without evidence, anyone can be wrong. Maybe it's you, maybe it's me. Seeing the code (and verifying that's what the computers are running) settles the debate, but Apple doesn't allow that; they are asking to be a special case that gets evaluated in a totally different way than how we evaluate all the rest of our software. So: the questions and perceived risks will remain, and default assumptions will tend to be fairly grim.

    33. Re:noone trusts their cya legalese by Cardoor · · Score: 1

      dude. you've misinterpreted mucho. it sounds like you're having another conversation in your head. i'm sorry you seem a bit bent out of shape over all this and are getting yourself worked up.
      i started to type a further reply, but i think what ive written so far is enough. if you dont grok, cest la vie. cheers

    34. Re:noone trusts their cya legalese by Cardoor · · Score: 1

      a fair question, and unfortunately, at this stage of the game, with the govt anti-privacy/spying machinations as far developed as they are, aside from transparency coming to THOSE organizations, it will likely continue tainting the likes of apple, at the very least by virtue of explicity and implicit gag orders. perhaps given their public position, they could agitate for such transparency to come. perhaps not. i dont know.

    35. Re:noone trusts their cya legalese by Cardoor · · Score: 1

      ah, that explains the perturbation. anyhoo, it's called kicking the can... not so much about legal protection as a creature operating via it's handbooks m.o. without regard for the bigger picture. and it happens.

    36. Re:noone trusts their cya legalese by Noah+Haders · · Score: 1

      it really sucks, huh.

    37. Re:noone trusts their cya legalese by Cardoor · · Score: 1

      yup. sucks big donkey balls.

    38. Re:noone trusts their cya legalese by Anonymous Coward · · Score: 0

      Open source IOS for auditing and release the compile tools so we can build our own firmware and compare it to whats actualy on the phones

    39. Re:noone trusts their cya legalese by gnasher719 · · Score: 1

      "we haven't worked with govt agencies, and no govt agency created code or hardware exists in our devices or servers. the govt has never had, or will ever have, access to our servers."

      Which would all be obviously false. For example, Apple will regularly work together with the FTC. The open source code that Apple uses comes from all kinds of places, you can bet there is some created by a government agency. And every government employee can get an Apple Id and get access to the App Store or iCloud servers.

    40. Re:noone trusts their cya legalese by AHuxley · · Score: 1

      After CALEA (1994) Communications Assistance for Law Enforcement Act, and Snowden? There is not much left on any telco connected phone that would be considered private.
      Add in self written NSL, findings and other cute legal options to work with cadres of willing private sector staff.

      --
      Domestic spying is now "Benign Information Gathering"
    41. Re:noone trusts their cya legalese by AHuxley · · Score: 1

      The bottom line is that any data stored in the USA has to be assumed to be compromised.
      Thats why Russia, China and other nations are now building their own cpu production lines, trying to build their own internal networks and removing data from any connected networks.
      They have also worked out what can be activated for law enforcement per user can also be used by other countries clandestine services.
      The consumer software is tame, the encryption junk and known to revert to plain text. The reach of updates and cloud offerings is a longterm connection.
      Dual use law enforcement layers with global reach. Thats not a back door, trap door - its a legal feature as shipped.
      Other nations are starting to think different about the telco devices they see their staff saving up for and 'enjoying'.

      --
      Domestic spying is now "Benign Information Gathering"
    42. Re:noone trusts their cya legalese by ljw1004 · · Score: 1

      so you basically want apple to make a flip phone.

      No not at all! Where did you get that from? (and actually, even back in 2002 I remember having WAP and IMAP on my phone, so they also divulged my location).

      What I want is (1) for Apple to continue to be truthful, (2) for the "don't let app/webpage feature use my location" to be trustworthy with respect to apps and to all the various ways that location can be deduced (bluetooth, wifi, cellular, GPS), and (3) for COMPLETE disclosure of the other times when the iOS system keeps a record of those location-related metadata things, and of all the times when the iOS system uploads or indirectly implies information from these.

    43. Re:noone trusts their cya legalese by Plumpaquatsch · · Score: 1

      Open source IOS for auditing and release the compile tools so we can build our own firmware and compare it to whats actualy on the phones

      Because the recent security SNAFUs in Open Source software shows that that is enough.

      --
      Of course news about a fake are Fake News.
    44. Re:noone trusts their cya legalese by ljw1004 · · Score: 1

      It looks like it's impossible for Apple to issue an honest denial, because...
      http://www.zdziarski.com/blog/...

      there are actually back-doors specifically built into iOS devices -- back doors not used by any Apple software on the device, not usable by genius-bar or any user-benefitting scenario, but still that make it possible for "someone" to get at a lot of the personal data.

      Quote: "Why do we need a packet-sniffer running on 600 million personal iOS devices?"

      Quote: "com.apple.mobile_file_relay - exposes much personal data - very intentionally placed and intended to dump data from the device by request"

      Quote: "Apple has worked hard to ensure that Apple can access data on behalf of law enforcement.

      I think the reason "anything can be picked apart" is because Apple DO create backdoors for the benefit of government, but for PR purposes they want to appear to deny it.

  8. Dear Apple, by CeasedCaring · · Score: 5, Insightful

    Saying it ain't so don't make it not so.

    1. Re:Dear Apple, by gtall · · Score: 2

      Yep. There is a difference between "refute" and "rebut". The former is frequently used when the latter is more accurate.

    2. Re:Dear Apple, by Anonymous Coward · · Score: 0

      Refudiate?

    3. Re:Dear Apple, by Anonymous Coward · · Score: 0

      > Saying it ain't so don't make it not so

      And pointing that out doesn't make it so, either. But thank you for your input, Captain Obvious.

    4. Re:Dear Apple, by Filter · · Score: 1

      Also, I would bet they are 'legally' required to deny these things.

      --

      "better ways of doing things eventually just replace the inferior things" - Linus Torvalds 09-08-07

  9. um... by Charliemopps · · Score: 5, Interesting

    Apple failed to mention the bit about, if a US government agency had contacted them and requested information or for a backdoor to be put into their device, they'd be required by federal law to lie about it or face charges of treason. In fact, given how unrestrained the NSA is at this time, this press release may have even been written at the request of a national security letter. It's terrifying that this is where we're at... but here we are none the less.

    Next up, the NSA releases a statement: "Edward Snowden is a traitor and a jerk! Look how he's hurting nice companies like Apple!"

    1. Re:um... by Anonymous Coward · · Score: 0

      Unless their statement spells out the obvious elephant(s) in the room, they are not being very open or honest imho. This is just beating around the bush, telling us nothing in a lot of words.

      Unfortunately they can promise anything and do whatever - it is not like they will be punished.

    2. Re:um... by sribe · · Score: 1

      Apple failed to mention the bit about, if a US government agency had contacted them and requested information or for a backdoor to be put into their device, they'd be required by federal law to lie about it or face charges of treason.

      That's not true. They could keep quiet; there is nothing in the current (unconstitutional) laws by which they can be required to make any statement at all.

    3. Re:um... by Anonymous Coward · · Score: 0

      As a publicly owned corporation, is there something that might compel them to give a press release regarding issues that can affect the stock? Perhaps "no comment" is insufficient for that purpose.

    4. Re:um... by Just+Some+Guy · · Score: 2

      You know, I think Apple, Google, and a few other companies could get away with calling their bluff. If Tim Cook or Larry Page had a press conference to announce that they'd received a hush order from the NSA, that they refused to honor it, and that it was against their company policy to spy on Americans (all while waving a flag and talking about apple-pie-eating eagles), I don't think much could be done about it. Can you imagine the firestorm if someone tried to have those guys arrested for "protecting average Americans like you and me against government oppression", which is what the front page of Google News would say for the next month?

      --
      Dewey, what part of this looks like authorities should be involved?
  10. Apple refutes China but stays mum on... by ArhcAngel · · Score: 1

    Apple has so far not responded to reports its devices are not hypo-allergenic.

    --
    "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    1. Re:Apple refutes China but stays mum on... by Anonymous Coward · · Score: 2, Interesting

      You mean that metal with nickel in it might cause people who are allergic to nickel to have a response?

      How shocking.

    2. Re:Apple refutes China but stays mum on... by ArhcAngel · · Score: 1

      You mean that metal with nickel in it might cause people who are allergic to nickel to have a response?

      How shocking.

      I don't think any shorts were reported so shocks were not responsible for the rashes.

      --
      "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    3. Re:Apple refutes China but stays mum on... by Kremmy · · Score: 1

      Nickel? Good luck finding a device that's hypo-allergenic.

    4. Re:Apple refutes China but stays mum on... by Anonymous Coward · · Score: 0

      Some other tablets are made of plastic and glass. Plastic is used in practically every childrens' toys tech or otherwise. Glass is in cars, doors and generally all over.

      So... uhm... yeah...

  11. & So, Other handset makers allow ... by BoRegardless · · Score: 2

    What? To who? When?

    And which OS is designed in a more secure way to protect users?

    As an example, what OS has the supermajority of banking malware?

    We need to answer all the questions. Consumers really SHOULD know.

  12. Someone is lying. by hackus · · Score: 1

    Snowden reveal something curious about Apple gear.

    Curious in that Apple iPhone was the only piece of gear that could be relied upon to be cracked. Any model.

    That strongly suggests cooperation with intelligence agencies in the west.

    If I was China I would ban western products.

    --
    Got Geometrodynamics? Awe, too hard to figure out? Too bad.
    1. Re:Someone is lying. by dunkindave · · Score: 1

      If I was China I would ban western products.

      That is China's goal. It is just their stated reasons that are suspect.

    2. Re:Someone is lying. by tlhIngan · · Score: 4, Insightful

      Curious in that Apple iPhone was the only piece of gear that could be relied upon to be cracked. Any model.

      If it was so easy, why does it take physical access to break into one, and why does Law Enforcement have a huge waiting list at Apple to break into them? (And only partial success, at that)?

      If they can be reliably cracked, then there is no need to send the phone back to Apple for extraction of data - they could just extract it right then and there, no Apple involvement at all. Because Apple makes it highly inconvenient to get at it, after all.

      Of course, if you're talking about jailbreaking, well, that's not utterly reliable, either (few existed for iOS6, and iOS7 has some by questionable Chinese places seeking to make money selling pirated apps). Of course, it also helps there is massive interest in cracking it - I mean, with so many devices out there, there is an army of people who will want to break into it.

      But all the jailbreaks tended to require actual access to the device - if it was locked in any way you couldn't do it - no longer can you just create a hacked IPSW and flash it in.

    3. Re:Someone is lying. by gnasher719 · · Score: 1

      Curious in that Apple iPhone was the only piece of gear that could be relied upon to be cracked. Any model.

      Emphasis on "was". Up to about iPhone 3G.

      There are two major changes nowadays. Change one is permanent full disk encryption. Change two is activation. You can only activate a wiped phone. When you buy a used phone, the seller could hand you their AppleId and password (which would be a stupid thing to do), so you wouldn't activate the phone yourself and would have whatever software is on the phone. But you would instead wipe the phone, activate it with your own AppleId and password, and whatever was on the phone (including whatever the NSA put on it) is gone. If you open a box that is supposed to contain a brand new iPhone and it doesn't require activation, then you know it's not new.

    4. Re:Someone is lying. by Anonymous Coward · · Score: 0

      You actually think full disk encryption with a 4 digit PIN actually protects your data?

      LOL, you really need to read up on Dummy's Guide to Tech Security.

    5. Re:Someone is lying. by amaurea · · Score: 1

      The parent didn't link to a direct source for his claim, but this was talked about during the 30th chaos communication congress (a really interesting conference, by the way. You can find other talks here).

    6. Re:Someone is lying. by AHuxley · · Score: 1

      Re: If it was so easy, why does it take physical access to break into one, and why does Law Enforcement have a huge waiting list at **some big trusted brand** to break into them? (And only partial success, at that)?
      Think back to other nations using junk encryption in the past?
      Engima, aspects of Japans war time codes, the Soviet Unions re use of one time pads in the 1940's early 1950's, the German efforts against US (M-209) and UK War Office Cypher (~4-figure codebooks) and so many other national systems.
      You sit back and watch people of interest use the devices with confidence.
      Soon details leak back to people of interest to law enforcement that some devices are hard to decrypt.
      Soon details leak back to low ranking law enforcement that some devices are hard to work with.
      Soon details leak back to low ranking gov workers that some devices are hard to work with or are not logged at all.
      Soon details leak back to low ranking mil that some devices are hard to work with.
      Chat away just like so many did in the past :) Your gov, law enforcement, mil and the larger internal affairs departments are having so many problems.

      --
      Domestic spying is now "Benign Information Gathering"
    7. Re:Someone is lying. by Plumpaquatsch · · Score: 1

      You actually think full disk encryption with a 4 digit PIN actually protects your data?

      LOL, you really need to read up on Dummy's Guide to Tech Security.

      Well, you can use a longer password on an iPhone - maybe not on whatever you use.

      --
      Of course news about a fake are Fake News.
  13. Yeah. That'll work. by Chas · · Score: 1

    Since when have things like factual information and exposure of lies ever made a difference to the Chinese? (or Apple for that matter?)

    --


    Chas - The one, the only.
    THANK GOD!!!
  14. ... State Secret? by Anonymous Coward · · Score: 0

    Seriously? From your location?
    Are they really that stupid?

    "This guy was a X Y Z coordinates yesterday... that has to be a secret nuclear base, and we somehow manage to get all the codes and what not from our location data, we're so great!" .. No... It doesn't work that way.

    1. Re:... State Secret? by Anonymous Coward · · Score: 0

      Security is never compromised directly like that. It's done in bits and pieces. Eg.
      (1) identify potential site for national security through satellite imagery
      (2) monitor phones for coordinates within that geo-fence
      (3) track all such phones
      (4) track all phones that were in proximity of those phones
      (5) build a map of how often and how long they stay in proximity
      (6) determine persons of interest (people with more connections equate to more power, think Google's PageRank)
      (7) track/monitor persons of interest to the fullest extent
      You don't get security codes but you get to see big picture/trends of who is cooperating with whom and what's coming next even before they themselves know. National security is less about breaching borders and more about protecting national interests now.

      captcha: fortify

    2. Re:... State Secret? by AHuxley · · Score: 1

      Yes, list all scientists and engineers via public means and then work out who is around them, track them all.
      Then find the sites some gather at that have cooling systems or use vast amounts of power.
      If the person has weaknesses eg gambling or some other interest that sets them apart you and they can travel, another nations security services can make them an offer.
      The tame imported consumer tech software layer is just for getting calls, web 2.0 insight and locations making the sorting of staff more easy.

      --
      Domestic spying is now "Benign Information Gathering"
  15. Sounds like an over-reaction. by timrod · · Score: 2

    I know that the NSA could easily be tapping iPhones and have backdoors into them (and probably do) but this seems like a colossal over-reaction by the Chinese media. CCTV is claiming that the "Frequent Locations" feature could somehow be used to leak state secrets, but that doesn't make sense for any number of reasons:

    1. According to the ZDNet article, the feature in question is entirely opt-in and disabled by default. They don't seem to have proof that the switch is merely for show (as in, it's transmitting the data regardless of whether or not you've opted in) which means there's a very easy fix for this - don't turn it on, or turn it off if it's on.

    2. Also from the ZDNet article, the feature apparently causes the phone to keep a local copy of location data in regards to frequently-visited areas for use in other applications. It's not clear whether this data is actually transmitted anywhere - Apple said the device only keeps a local copy, but with the NSA around it's entirely possible it transmits it somewhere. If what Apple is saying is true, obtaining a copy of the data requires physical access to the device. If you've had your phone stolen and didn't lock it, chances are that you have much bigger privacy concerns than someone obtaining your location data, especially if you're in the Chinese government.

    3. CCTV claims that the device can somehow be used to leak state secrets, but this seems like FUD. The only way I could see this happening (and being useful) is if someone who works on a submarine or other restricted area (nuclear sites, missile silos, etc) happened to have their phone stolen or was intentionally giving their phone to someone, but I'm fairly certain their military doesn't allow outside devices into restricted areas (the US military sure doesn't) and if someone's intentionally giving away the data that's another problem altogether.

    Couple this with the fact that China has smartphone manufacturers located in-country that only sell within China, and you have what looks like FUD designed to get people to stop switching to the iPhone and instead buy a phone made by a state-friendly manufacturer.

    1. Re:Sounds like an over-reaction. by Anonymous Coward · · Score: 0

      Couple this with the fact that China has smartphone manufacturers located in-country that only sell within China, and you have what looks like FUD designed to get people to stop switching to the iPhone and instead buy a phone made by a state-friendly manufacturer.

      That is exactly what it is. It will be far easier to control peoples speech when you know exactly where they are and exactly what they are saying.

  16. Jingoism by Anonymous Coward · · Score: 0

    More Chinese jingoism, just another attempt by China to prop up their economy

  17. For software developers by gnasher719 · · Score: 3, Insightful

    The actual claim that the Chinese make is that a new feature in iOS collects location data on the phone (which it does), and if the phone gets stolen or hacked, someone might see that data and that could have all kinds of consequences, worst case consequences for China's national security. So there was _no_ claim that Apple was involved or helping in any spying at all.

    To a software developer it should be obvious that if Apple wanted to spy on you, the presence or absence of this feature wouldn't make the slightest difference whatsoever. If Apple can secretly send data that were openly collected on your phone, they could equally easily secretly send data that was secretly collected on your phone.

    To a non-developer, it should be equally obvious that there are hundreds of features with the same national security implications, like word processors, spreadsheets, note-taking applications and so on and so on. Probably applications that are far more dangerous. I would expect a word processor to contain much juicier information than a location log.

    1. Re:For software developers by RobertLTux · · Score: 1

      there are a number of places that sell girls ballet costumes that could be used to distract somebody with security clearance therefore we must monitor/regulate access to these stores selling "terror supplies"!

      just about anything can be somehow used to "violate National Security" with minimal work and the correct context.

      --
      Any person using FTFY or editing my postings agrees to a US$50.00 charge
  18. many apple parts are made in china... by Anonymous Coward · · Score: 0

    obviously china knows something that apple doesn't.

    they probably also put lead in everything to give us all cancer like they do with all of the children's toys they produce.

  19. This is what our leaders don't understand by nehumanuscrede · · Score: 2

    The damage caused to the intelligence community is only a fraction of the damage US corporations will have to endure.

    The issue here is trust. Once you betray it, you never fully get it back. Ever.

    This is why US companies need to fight this tooth and nail. Because when the truth finally does come out ( and it always does eventually ) it's pretty much THEIR ass that is left hanging in the wind. Regardless if the company is innocent or not, if the trust is gone, so are you. The government picks up the tab for the intelligence community so a trust issue there isn't going to cause them to go bankrupt. Take this into consideration the next time the government knocks on your door and asks for " help " in tracking the bad guys.

    It's similar to how I see Law Enforcement anymore. They're not all bad people, but the few idiots they cover for or allow to wear the badge destroys the trust I have in them as a whole. To the point where I no longer trust any of them sadly.

  20. And how will we escape the next depression? by drinkypoo · · Score: 1

    Last time, we went to war. And let's face it, military payloads are America's largest export industry.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    1. Re:And how will we escape the next depression? by Anonymous Coward · · Score: 0

      Well there are still countries with oil that aren't in ruins, you can start with those.

  21. refute? by Anonymous Coward · · Score: 0

    They did not refute China's claim, they only denied it....

  22. No security through obscurity by fabrica64 · · Score: 1

    Software must be audited to be sure there's no backdoor... Only open source is secure (including open source silicon) If I were NSA I had built a backdoor in hardware, much more effective and software independent

    1. Re:No security through obscurity by Anonymous Coward · · Score: 0

      Provided you also build the open source products yourself and trust the compile/distribution chain.

  23. Denial is not refutation by HiThere · · Score: 2

    That is a denial of the accusation, not a refuation of it.

    Now I will grant that they probably CAN'T refute it, and that this does not mean that the accusation is true. That doesn't make a denial a refutation.

    --

    I think we've pushed this "anyone can grow up to be president" thing too far.
  24. A perfect lie by Anonymous Coward · · Score: 0

    Doh! A perfect lie from Apple and they should know better.
    NSA trolls as well as all serious US agencies have right to gag Apple from informing anyone of the data it has sold on to them.
    Isn't that what Snowden was all about?!

  25. Back it up Apple by misnohmer · · Score: 1

    Such a meaningless statement because it isn't backed up by any consequences. How about "Apple will pay 1 billion US dollars to any individual or organization that has any information collected by Apple provided to any government organization, direct or indirect". At least then anyone compromised by Apple will be able to afford a good legal defense.

  26. Weasel words by ayesnymous · · Score: 1

    "Apple has never worked with any government agency from any country to create a backdoor in any of our products or services."

    What about government contractors?

    "We have also never allowed access to our servers,"

    So does Apple lease servers?