Tim Cook Says Apple Can't Read Users' Emails, That iCloud Wasn't Hacked

← Back to Stories (view on slashdot.org)

Tim Cook Says Apple Can't Read Users' Emails, That iCloud Wasn't Hacked

Posted by timothy on Tuesday September 16, 2014 @04:20AM from the our-cooperation-was-strictly-reluctant dept.

Apple CEO Tim Cook insists that Apple doesn't read -- in fact, says Cook, cannot read -- user's emails, and that the company's iCloud service wasn't hacked. ZDNet presents highlights from Cook's lengthy, two-part interview with Charlie Rose. One selection of particular interest: Apple previously said that even it can't access iMessage and FaceTime communications, stating that such messages and calls are not held in an "identifiable form." [Cook] claimed if the government "laid a subpoena," then Apple "can't provide it." He said, bluntly: "We don't have a key... the door is closed." He reiterated previous comments, whereby Apple has said it is not in the business of collecting people's data. He said: "When we design a new service, we try not to collect data. We're not reading your email." Cook went on to talk about PRISM in more detail, following the lead from every other technology company implicated by those now-infamous PowerPoint slides.

127 of 191 comments (clear)

Min score:

Reason:

Sort:

Is this technically impossible - no. by queazocotal · 2014-09-16 04:23 · Score: 4, Interesting

Is it legally possible... Not everywhere certainly.
http://www.cnet.com/uk/news/in...
Is he required to lie about this?
1. Re:Is this technically impossible - no. by Pieroxy · 2014-09-16 04:32 · Score: 5, Insightful
  
  He makes a fair point. The data stored at Apple does not generate revenue for Apple, at the contrary of Google - where your emails are scanned for content to target ads at your eyeballs.
  Now, jumping from that to "We cannot do it even if we wanted to" is quite a leap forward. I'm not sure I trust that part of the statement.
  
  --
  Write boring code, not shiny code!
2. Re:Is this technically impossible - no. by fustakrakich · 2014-09-16 04:33 · Score: 5, Insightful
  
  Is he required to lie about this?
  Very likely, if I can read my mail, so can he. It's only logical.
  
  --
  “He’s not deformed, he’s just drunk!”
3. Re:Is this technically impossible - no. by Garfong · 2014-09-16 04:46 · Score: 1
  
  I can read my mail, so can he. It's only logical.
  Not true. They could be encrypting your emails with a public key as soon as the email hits their server, and have the private key encrypted based on your password. Then you could only access at most the email of users who were currently logged in.
  But I think it's more likely that they don't have any tools to read user's emails, but they're still stored on the server essentially in the clear.
4. Re:Is this technically impossible - no. by Anonymous Coward · 2014-09-16 04:52 · Score: 5, Insightful
  
  Wrong! They have the ability to reset your password without losing your data so they would need to have either have access to the password itself or the keys to decrypt stored data.
5. Re:Is this technically impossible - no. by mean+pun · 2014-09-16 05:06 · Score: 4, Informative
  
  For these people, with their resources, your "encryption", unless it's a one time pad, is no better than ROT13.
  From the Snowdon leaks it looks like even the NSA cannot crack properly used strong encryption. That's why they try to harvest or weaken keys, try to get in before or after encryption, or use traffic (metadata) analysis.
6. Re:Is this technically impossible - no. by Anubis+IV · 2014-09-16 05:09 · Score: 5, Informative
  
  Very likely, if I can read my mail, so can he. It's only logical.
  The fact that an organization acts as a conduit for delivering messages does not necessitate that they have the ability to read the contents of those messages. The one does not follow from the other. It may be likely that the two go hand-in-hand, but by no means is it logical that they would do so.
  The various white papers and other security documents Apple has released over the last year or two make it clear that they claim they do not hold the private keys necessary to decrypt their users' data. Those private keys reside on the devices of the users, with unique keys being generated for each device and unique copies of the data being maintained separately for each device. For instance, in the case of iMessages, here's how Apple claims they work:
  1) I type up an iMessage to send to another Apple user and press Send.
  2) My device queries Apple's servers for the public key(s) of the recipient, which could be numerous if they've configured iMessages to arrive on multiple devices.
  3) My device creates and encrypts one copy of the message for each device, using the public key that is specific to each device for the copy going to it.
  4) My device signs the copies using its private key.
  5) The iMessage is sent to Apple, who then forwards it and immediately deletes it, unless they can't deliver it, in which case it'll stay queued for up to 7 days.
  6) The recipient's device verifies the signature against my public key and then decrypts the message using its own private key.
  Assuming the system works as described, Apple shouldn't have access to the content of the messages. Whether or not you believe that it works as described is a matter of how much faith you put in corporations and/or the governments that might be compelling them to insert backdoors. For instance, there are trivial ways that they can circumvent their own systems to gain access to messages, without having to compromise the private keys at all. The easiest way I can imagine would be to simply provide the public key of a wiretapping device in addition to the other keys in step #2 above. Unless you're sniffing your own traffic to ensure that you're sending EXACTLY what you're expecting to send, you'd never notice that you've sent out an extra copy of the message, and would be entirely unaware that it had landed on a government agent's device as well.
  But again, it isn't logical that they would have that sort of access. "Likely", given the state of things? Sure. But logical? By no means. Again, the one does not follow from the other. Particularly so in the case of Apple, since their money comes from hardware sales, not from monetizing the user's information, so it's in their best interests to make those devices as secure to use as possible.
7. Re:Is this technically impossible - no. by unrtst · 2014-09-16 05:18 · Score: 3, Interesting
  
  Assuming the messages are encrypted on Apples servers at all, they would likely be encrypted with a random key, and a copy of that key would then get encrypted with your password, and another copy encrypted with something support can use (ie. apple owned), so that changing your primary password does not change the underlying key, but just changes the encryption on the copy. There may be multiple layers in there, and public key/private key stuff, etc, but that's one simple description of how, for example, you can send an S/MIME encrypted email to multiple recipients (primary message is encrypted once; its key is encrypted by the public key of each recipient and attached to the email; their private key can decrypt the key and read the message).
  That said, my gut doubts there's much encryption going on. This quote:
  
  such messages and calls are not held in an "identifiable form."
  ... I've heard similar from many C-line (ceo/cto/etc) calls and RFC's (ex. discussing PCI-DSS or SSN security). It generally means there's just an extra hop between foreign keys. I mean, it's obvious that the messages are identifiable from some perspective (your phone), so the breadcrumbs are there somewhere. Things that get downloaded or are real time (SMS and calls)... maybe they remove the lookup and leave the original data? There's still some ID on them.
8. Re:Is this technically impossible - no. by knightghost · 2014-09-16 05:23 · Score: 2, Insightful
  
  That is the best proof I've seen in this discussion.
  Summary for the unwashed masses: Tim Cook is a big fat liar!
9. Re:Is this technically impossible - no. by gl4ss · 2014-09-16 05:30 · Score: 1, Flamebait
  
  ...but they can change the password for you.
  so they can read the mail.
  http://support.apple.com/kb/HT...
  so how is it not total bullshit that is is spewing from his filthy mouth?
  
  --
  world was created 5 seconds before this post as it is.
10. Re:Is this technically impossible - no. by NatasRevol · 2014-09-16 05:47 · Score: 1
  
  I'm not sure whether to follow your logic, or the guy who said Tim Cook is a big fat liar.
  
  --
  There are two types of people in the world: Those who crave closure
11. Re:Is this technically impossible - no. by fustakrakich · 2014-09-16 06:05 · Score: 1
  
  Yeah, I can see you point. Apple doesn't need to read them directly, they farm the job out by sending the raw data to a third party. And faith in corp/gov't? Not me... History precludes that. And the future doesn't look too bright either.
  
  --
  “He’s not deformed, he’s just drunk!”
12. Re:Is this technically impossible - no. by Trailer+Trash · 2014-09-16 06:06 · Score: 5, Insightful
  
  People are conflating the "iMessage & Facetime" part of the quote with the "email" part. He says that they cannot (that is to say "do not have the ability") to read iMessage & Facetime. He then states that they do not read your email. People are pulling the "cannot" along with them when they read that sentence, but it doesn't say that they cannot read email, only that they choose to not read your email.
  Your description of the iMessage encryption is good, but what the original poster said was true given a few constraints. So let me restate it in a logically consistent manner: if I can read my icloud email on any browser then apple also has the ability to read it.
  But, but, maybe they encrypt it using your password on their server! If they did, "change password" would always require the old password and if you forgot your password your email would be lost forever. So, no, they're not doing that.
  The bottom line is that if they can show me my email in any browser (which they can) then they can also read it trivially.
  This isn't inconsistent with Cook's statement - he merely says that they choose to not do that.
  
  --
  Do you have ESP?
13. Re:Is this technically impossible - no. by Noah+Haders · 2014-09-16 06:37 · Score: 2
  
  i don't know if the NSA compels them to lie or just forbids them from telling the truth. my understanding is that as long as you keep your trap shut, they don't expect you to actually perjure yourself or cause all sorts of SEC trouble.
14. Re:Is this technically impossible - no. by Tuidjy · 2014-09-16 06:38 · Score: 4, Interesting
  
  I personally don't believe that the NSA can't crack strong encryption.
  I'm not quite sure what you are saying. It sounds to me as if you think that there is no encryption strong enough that the NSA cannot crack it. This is completely false.
  A simple example is using one time pad encryption. Without the pad, you you cannot even theoretically crack it. Try every possible pad, and you will get every possible message of the proper length - some of them will make perfect sense, so you will not be able to find the right one.
  Taking it a bit further, there are encryptions that would take too long to crack, if they are properly executed, and the NSA does not have a backdoor. And by too long, I mean that there is not enough time before the heat death of the Universe.
  Hell, I am perfectly sure that I could establish communication with some of my friends from college that could not be cracked, even theoretically. I would have to exchange some information with them in a secure manner before hand, of course. But I would never take the risk of doing something like this. It would attract the wrong kind of attention.
  
  --
  No good deed goes unpunished...
15. Re:Is this technically impossible - no. by koan · 2014-09-16 07:07 · Score: 1
  
  But you don't know and Apple has a terrible track record.
  
  --
  "If any question why we died, Tell them because our fathers lied."
16. Re:Is this technically impossible - no. by koan · 2014-09-16 07:07 · Score: 1
  
  I use ROT26
  
  --
  "If any question why we died, Tell them because our fathers lied."
17. Re:Is this technically impossible - no. by Dcnjoe60 · 2014-09-16 07:12 · Score: 1
  
  That is the best proof I've seen in this discussion.
  Summary for the unwashed masses: Tim Cook is a big fat liar!
  The first statement is valid. However, it is possible that Tim Cook isn't lying and instead just relaying what he believes to be the truth based on what he was told. Ignorance is not the same as lying, which requires intent to deceive.
18. Re:Is this technically impossible - no. by Garfong · 2014-09-16 07:46 · Score: 1
  
  Fair enough. As I said, I suspected this was not actually what Apple was doing.
  I was responding to GGP claim that services like Lavabit were logically impossible, which clearly isn't true: Lavabit existed. But as you say, Apple is obviously not doing the same level of encryption.
19. Re:Is this technically impossible - no. by Dins · 2014-09-16 08:05 · Score: 1
  
  Thank you - that's what I meant.
20. Re:Is this technically impossible - no. by TWX · 2014-09-16 08:06 · Score: 1
  
  Except that you can transmit a whole host of keys in advance, and use them one at a time until you run out of keys.
  
  Obviously this is only going to work for very, very important and infrequent messages, as one could run out of keys quickly or have to worry about too many keys being found by the opposition and compromised, but for those applications it works just fine.
  
  --
  Do not look into laser with remaining eye.
21. Re:Is this technically impossible - no. by Tokolosh · 2014-09-16 08:10 · Score: 1
  
  Is he required to lie about this?
  Yes, a National Security Letter may do so. We have no way of knowing, so have to assume the worst.
  This will continue until there is independent oversight of the security apparatus. And by apparatus I mean all three branches of government.
  
  --
  Prove anything by multiplying Huge Number times Tiny Number
22. Re:Is this technically impossible - no. by Tuidjy · 2014-09-16 08:13 · Score: 1
  
  Anyone with a solid Computer Science background, extensive programming experience, and access to google can make something that is secure enough that it cannot be cracked in resonable time. It may be sluggish, it may be extremely inefficient, it will require a secure exchange of data at some point (before it is secure itself) and will draw a lot of attention when used. But it is perfectly possible. I certainly could do it.
  Oh, of course, I would be infringing on a bunch of patents, but I bet it would be the last of my problems, once my encrypted communications attract the attention of 'the proper authorities'.
  
  --
  No good deed goes unpunished...
23. Re:Is this technically impossible - no. by ObiWanKenblowme · 2014-09-16 08:24 · Score: 2
  
  If you think marking a U2 album as "purchased" across all users' accounts is comparable to cracking strong encryption or secretly stealing private keys from remote devices, you really have no business commenting on this.
  
  --
  Obvious exits are NORTH, SOUTH, and DENNIS.
24. Re:Is this technically impossible - no. by Tuidjy · 2014-09-16 08:43 · Score: 3, Interesting
  
  One time pads are not worthless in practice, at all.
  Whether you are a criminal, or a government agent, at some point you will be in a secure location, and you will be able to exchange the pads. The USB stick in my pocket can hold more data than I expect to exchange with any of my friends in the course my lifetime. How long to you think encrypted messages need to be?
  But even that is less secure than what you could do.
  Hell, if I was writing a novel about smart criminals, and wanted them to be capable of secure communication, this is what I have them do:
  They would meet in the big boss's hacienda, and they would agree to use one of the 50000 books available on project Gutenberg. The page to use as an one time pad would be selected via a function of the day the message is sent. The function would be simple enough to memorize.
  When one of the party wants to send a message, they would take a picture they have a plausible reason to send, and would use a hex editor, on a PC physically disconnected from the Internet, to manually change a subset of low-significance color bits. Again, the subset will be determined by a rule that is easily memorized.
  Yes, the process is laborious, and I would have them do it twice, and then compare the two resulting pictures. If they do not match, they will have to do it again. Once the pictures match, wipe (properly) the originals (from everywhere: camera, usb, secure computer) and send the modified picture, accompanied with an innocuous and appropriate message.
  Obviously, the encrypted messages would need to be short, but this process will not attract any attention, and will rely on memorized rules, publicly available data, and programs that would not draw anyone's attention.
  What is the NSA doing to do? Suspect anyone sending pictures to his friends? Try, as a one time pad, every page on every book available on Gutenberg, or the myriads of pirated book libraries in China, Russia, Ukraine, etc?
  I cannot think of any weakness of this system. Can you? And even if it is completely stupid, I bet you two things: there are plenty of people who can come up with a better one, and plenty of people who are getting away with using a worse one.
  
  --
  No good deed goes unpunished...
25. Re:Is this technically impossible - no. by maccodemonkey · 2014-09-16 08:58 · Score: 2
  
  This works because iMessages are stored on your device, and not the server. So when you change your password, and update your devices password's the iMessages will re-transmit their history to other devices. So no, not wrong.
  If you pull all of your devices offline and reset them, and then take them back online, the history won't be available to sync so all your messages will be gone. Apple does manage delivery, but the initial handshake is done by a peer to peer key exchange, so while Apple is caching and flinging data, they don't sit in the middle of the key exchange, so they can't read messages.
  Email is another matter. The nature of how email works means they probably have some sort of access.
  All the complaints about how buggy iMessages is make sense when you look at all the mechanics that they go through to keep messages secure.
26. Re:Is this technically impossible - no. by mean+pun · 2014-09-16 09:22 · Score: 1
  
  Let's put it more simply. Aside from the one time pad, there is no publicly available encryption the NSA can't crack.
  Although that might be the safest assumption to make, it is not at all clear that that is true. The standard algorithms and key sizes that are currently considered safe are certainly far too strong for brute-force attacks, even using massive and dedicated hardware, and they will remain so in the foreseeable future. It is always possible that there is a weakness in an algorithm, but there are no indications that there are, despite a lot of public scrutiny.
  More directly: Edward Snowdon says that he trusts these algorithms.
27. Re:Is this technically impossible - no. by david_thornley · 2014-09-16 10:06 · Score: 1
  
  A National Security Letter means the recipient must hand over information without notifying anybody else about it. It can probably force somebody to lie if they're using a "canary" approach (such as a message on accessing mail that it's definitely not going to the authorities). I don't see that it can force lying under any other circumstances.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
28. Re:Is this technically impossible - no. by ceoyoyo · 2014-09-16 10:49 · Score: 1
  
  One time pads have been, and probably are, used extensively. You send a bunch of random data to someone via some secure method, which is usually very slow (like hopping on an airplane with a DVD full of random numbers on your person). You can then exchange messages securely using a convenient and fast channel, such as e-mail. See the utility there?
29. Re:Is this technically impossible - no. by ceoyoyo · 2014-09-16 10:53 · Score: 2
  
  You didn't say so, but I'm assuming you're encrypting your message using the book page as a one time pad, then obscuring it using steganography. If someone sufficiently motivated were after your criminals, they could break that. Steganography isn't much protection when someone knows there might be hidden messages. And your one time pad, while one time, isn't random. Book pages have quite a bit of structure.
  Any structure in a one time pad makes it vulnerable. To the point where people have gone to great lengths to construct them using the best random numbers obtainable, from devices ranging from antennae monitoring the ionosphere to quantum devices.
30. Re:Is this technically impossible - no. by ewibble · 2014-09-16 11:06 · Score: 1
  
  The questions are this:
  1. If you get a new phone can you access your emails with that phone?
  2. Can you reset your password?
  If 1 is true clearly there is nothing on your phone that is needed access your emails.
  If 2 is true and they use your password to encrypt your data:
  They clearly can decrypt it without you providing the old password, and re-encrypt it.
  else they decrypt it with some key stored on their sever so they can clearly decrypt it.
  else don't encrypt it at all.
  So either Tim Cook's technical knowledge is lacking or he is lying.
  Disclaimer:
  I don't have an iphone or use icloud, so I don't know for sure but I assume the answer to both questions is yes
31. Re:Is this technically impossible - no. by ewibble · 2014-09-16 11:18 · Score: 2
  
  He also may be using weasel words, he may be stating there is no application that currently exists that allows a staff member read your emails. Not that one cannot be written, rather simply.
  This maybe true, but the intent of the statement is still to deceive.
32. Re:Is this technically impossible - no. by ewibble · 2014-09-16 11:31 · Score: 1
  
  So if you loose your phone, or it getsbroken you loose all your iMessages? I am not sure you might be right but doesn't that kind of defeat the purpose of the cloud.
  Tim Cook Says:
  
  Apple previously said that even it can't access iMessage and FaceTime communications, stating that such messages and calls are not held in an "identifiable form."
  saying they are not held in "identifiable form." means they are held. therefore they are idenfiable since the apple user can identify them, since apple has the knowledge to identify them.
33. Re:Is this technically impossible - no. by Tuidjy · 2014-09-16 11:40 · Score: 1
  
  You didn't say so, but I'm assuming you're encrypting your message using the book page as a one time pad,
  Yes, I missed describing part of the mechanism. You use the page to generate the one time pad, once again via simple rules that you only keep in your head. You certainly do not use the ASCII code of each letter/space/punctuation sign as one byte in the pad. This will not make it anywhere close to random - it will be way worse than counting decay particles, but I think that it will be good enough. I am not trying to improve on something that we know works, here. I am trying to avoid incriminating keys that the characters have to keep secure, and that can be seized to compromise the communications.
  Steganography isn't much protection when someone knows there might be hidden messages.
  Once again, I am going for good enough. Sure, the attacker may know that a few bites in the picture 'may' have been changed. (The characters won't be dumb enough to exchange pictures only when they want to exchange a message.) If the message is short enough, and the picture large enough, it will be very hard to tell there's something amiss, and much much harder to prove it in a court of law... Not that it really matters.
  Remember, by picking other bites, and picking a different one-time pad, you would get different messages, just as meaningful.
  
  --
  No good deed goes unpunished...
34. Re:Is this technically impossible - no. by penguinoid · 2014-09-16 12:14 · Score: 1
  
  Your system has too many vulnerabilities. The worst is its reliance on criminals to be loyal and diligent, any one of whom could compromise your entire organization's communication. Almost as bad is using a 2 byte encryption key (the index to a book). And then you want them doing steganography, and by hand? They'll be raising every red flag there is.
  On the other hand, you could simply use private/public keys. Each person has their own set of keys, and the key itself is encrypted with a decent password.
  
  --
  Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
35. Re:Is this technically impossible - no. by ceoyoyo · 2014-09-16 12:23 · Score: 1
  
  What you're describing is a random number generator with a key to initialize it. Some of the good ones might be good enough (or might not). Anything you can keep in your head is going to be crap and fairly easily breakable. Either way, you're still better off to just exchange regular secret keys at your meeting, which can be concealed in a variety of ways. Even real one time pads can be fairly easily concealed - a "blank" USB key, for example.
36. Re:Is this technically impossible - no. by Tuidjy · 2014-09-16 13:08 · Score: 1
  
  What you're describing is a random number generator with a key to initialize it. Some of the good ones might be good enough (or might not). Anything you can keep in your head is going to be crap and fairly easily breakable.
  Hell no. Using a not-all-that random-book page, and obfuscating its structure by applying a simple algorithm on will still give you an one time pad that is suboptimal, but nowhere all that breakable, especially if you do not know the simple algorithm, and that it is being applied on book pages.
  Lets assume that you have somehow completely broken through some of the steps (In the real world, you could not break through the whole thing step by step)
  1) So, through some magic you have managed to extract the exact bits from the picture that have been modified. (Which is far from easy, if you have ran out of magic)
  2) Lets even assume that you somehow know that the one time pad is generated from book pages, through some keep-it-in-your-head method. (Through the same magic as before)
  So now you have the encrypted message. What do you do? How do you use your knowledge of the weakness of the one time pad?
  All you will get is the ability, once you have come up with every possible message, to assign a probability of the sort "This message is more likely to have been the original, if the one time pad was crappy in the way we assume it was".
  
  --
  No good deed goes unpunished...
37. Re:Is this technically impossible - no. by Tuidjy · 2014-09-16 13:19 · Score: 1
  
  the worst is its reliance on criminals to be loyal and diligent, any one of whom could compromise your entire organization's communication.
  No argument there.
  And then you want them doing steganography, and by hand? They'll be raising every red flag there is
  How exactly is the e-mail with a picture going to raise any red flags? Sure, it they are already tailed everywhere they go, and someone is monitoring how long they spend composing their e-mails, they will be in trouble. But just from the sent e-mail, when neither the sender or the receiver are monitored? Unlikely.
  Each person has their own set of keys, and the key itself is encrypted with a decent password.
  Sure. And their e-mails contain obviously encrypted content, which makes them a person of interest, and they own the key for the next e-mail, and the program to decrypt it, so that it can be taken from them, and used by the adversary. Are you sure your way is better?
  
  --
  No good deed goes unpunished...
38. Re:Is this technically impossible - no. by fustakrakich · 2014-09-16 19:07 · Score: 1
  
  Unfortunately the mods don't want to hear that. The simple things are often the most painful to some. Marrone! Waddami gonna do?
  
  --
  “He’s not deformed, he’s just drunk!”
39. Re:Is this technically impossible - no. by fustakrakich · 2014-09-16 19:20 · Score: 1
  
  Oh please! We don't even know who "Edward Snowdon" is. And the "clarity" of truthfulness is unimportant when dealing with authority. It is always most prudent to assume the worst. That way you will never be disappointed.
  
  --
  “He’s not deformed, he’s just drunk!”
40. Re:Is this technically impossible - no. by AmiMoJo · 2014-09-16 20:43 · Score: 1
  
  Data stored by Apple certainly does generate revenue them. It's a service that requires or at least strongly encourages you to buy expensive Apple hardware. They don't provide it out of generosity.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
41. Re:Is this technically impossible - no. by AmiMoJo · 2014-09-16 20:49 · Score: 1
  
  Apple say that the data is encrypted with a key derived from your password. Okay, that says they could be telling the truth, in so far as they don't store the key.
  However, in practice it's meaningless. They could easily make the client send the password to them in plaintext for target accounts (weren't Hushmail suspected of doing that years ago?) For most users they could just brute force the password. We have to take their word for it that the password storage is properly secured, e.g. hashed with a unique salt value.
  When the FBI comes knocking with a National Security Letter all bets are off.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
42. Re:Is this technically impossible - no. by rioki · 2014-09-16 20:54 · Score: 2
  
  Semantics, but... the data "itself" does not generate revenue; it is an auxiliary to the expensive device. Contrast that to Google, the data is the central bit about the targeted adverting. That is the distinction done here.
43. Re:Is this technically impossible - no. by gnasher719 · 2014-09-16 21:08 · Score: 1
  
  Yes, a National Security Letter may do so. We have no way of knowing, so have to assume the worst.
  You are wrong. There is no way to legally force Tim Cook to lie. There are ways to legally force him to be quiet about a subject, and not to give us information, but there is nothing that can force him to lie.
44. Re:Is this technically impossible - no. by rioki · 2014-09-16 21:14 · Score: 1
  
  I think Bruce Schneier put it quite blunt "trust the math". There is a relative high degree of certainty that the math is solid. You may need to use different "magic numbers" then the specs, but apart from that the math should be solid.
  The problem actually comes in the implementation and security protocol. Implementation of the crypto may be faulty. The key may could be intercepted when you are sharing it with the other party. The system the key is stored on is vulnerable to attack. Systems processing the data need to decrypt at least bits of the data to process it and the clear text leaks. The implementation is vulnerable to side channel attacks.
  As Tuidjy puts it, everybody with a solid CS background can implement a crypto scheme. That person (having a solid CS background) should also know that it is technically impossible to build a 100% save scheme. You only shift the goal posts by using crypto. The best you can get is to the point where they need to install a camera that reads your screen.
45. Re:Is this technically impossible - no. by Alarash · 2014-09-16 21:24 · Score: 2
  
  There is a way that you can read the email but Apple can't : encrypting using a private key generated on your user account (much like what the TextSecure Android and iOS application does). If Apple does this, that would be an interesting undocumented feature. (spoiler: they don't do this).
46. Re:Is this technically impossible - no. by HermMunster · 2014-09-17 04:42 · Score: 1
  
  Of course they can read it. They may not make a habit of it, but they do have the capability. If they didn't they would be worthless.
  
  --
  You can lead a man with reason but you can't make him think.
47. Re:Is this technically impossible - no. by unrtst · 2014-09-17 10:06 · Score: 1
  
  I agree with you, and I thought i was saying the same thing :-)
If true thats great by FrozenToothbrush · 2014-09-16 04:26 · Score: 1

Not sure I believe it.
1. Re:If true thats great by binarylarry · 2014-09-16 04:42 · Score: 4, Funny
  
  Yeah I can't wait until he starts saying:
  "Bono and the Edge totally pulled a fast one on us. Apple has no way of automatically installing horrible music on your devices with your permission."
  
  --
  Mod me down, my New Earth Global Warmingist friends!
2. Re:If true thats great by Anonymous Coward · 2014-09-16 05:11 · Score: 1
  
  Apple has no way of automatically installing music on your devices with your permission.
  That is a 100% correct statement. If you haven't turned on automatically download music purchases (i.e. permission), nothing installed on anyone device.
3. Re:If true thats great by Shadowmist · 2014-09-16 05:42 · Score: 1
  
  Apple has no way of automatically installing music on your devices with your permission.
  That is a 100% correct statement. If you haven't turned on automatically download music purchases (i.e. permission), nothing installed on anyone device.
  Apparently there were a vocal group of folks having a hissy fit at suddenly finding a U2 album on their iPods after the last keynote.
4. Re:If true thats great by NatasRevol · 2014-09-16 05:48 · Score: 1
  
  Free music is the worst thing EVAR!
  
  --
  There are two types of people in the world: Those who crave closure
5. Re:If true thats great by ahaweb · 2014-09-16 05:56 · Score: 4, Funny
  
  That's like calling spam "free advice".
6. Re:If true thats great by NotDrWho · 2014-09-16 06:18 · Score: 2, Insightful
  
  If it were true, the U.S. government would have already come after them full force. No one tells the U.S. government "No" without serious consequences. Just ask Yahoo.
  
  --
  SJW's don't eliminate discrimination. They just expropriate it for themselves.
7. Re:If true thats great by binarylarry · 2014-09-16 07:23 · Score: 1
  
  Sure of it, believe I am.
  
  --
  Mod me down, my New Earth Global Warmingist friends!
8. Re:If true thats great by Tokolosh · 2014-09-16 08:14 · Score: 1
  
  If Apple, Microsoft, Google, Yahoo, Facebook, Twitter, Cisco, Intel and AT&T stood together and told the US government to fuck off (as they are obliged to to), I think the shoe would be on the other foot.
  
  --
  Prove anything by multiplying Huge Number times Tiny Number
9. Re:If true thats great by Bing+Tsher+E · 2014-09-16 10:30 · Score: 1
  
  "I still haven't found what I'm looking for" but I prefer Negativland.
10. Re:If true thats great by FrozenToothbrush · 2014-09-17 03:21 · Score: 1
  
  Maybe, I think they're heavily involved in these companies so these things happen more 'naturally' and therefore more acceptable. For example, if a person with close ties to the government is on the board and wants something done then it's normally done. This is how companies work. The other workers can voice dissenting opinions all they want.
11. Re:If true thats great by NotDrWho · 2014-09-18 00:52 · Score: 1
  
  Maybe. But they didn't do it when Yahoo was fighting the government alone. So I wouldn't hold my breath.
  
  --
  SJW's don't eliminate discrimination. They just expropriate it for themselves.
Lie. by jddj · 2014-09-16 04:26 · Score: 2, Insightful

Since when is anyone's SMTP email secure in transit, when is anyone running a mailserver unable to read the mail?
Since when is any company immune from subpoena or contempt of court?
1. Re:Lie. by Sockatume · 2014-09-16 04:33 · Score: 4, Informative
  
  ...because that's not what he actually said. He has previously stated that iMessage and Facetime, by design, can't be intercepted (it's all encrypted client-side); in this new interview he stated that they don't read your email, and that as a general principle they try to design systems so that they can't capture data, or at the very least aren't capturing anything they don't need to do what they're supposed to be doing.
  
  --
  No kidding!!! What do you say at this point?
2. Re:Lie. by jddj · 2014-09-16 04:58 · Score: 3, Insightful
  
  Look, where would ./ be if posters read TFA?
  Looks to me like the ./ summary is claiming something that the ZDNet article does not. So yeah, not a lie on Cook's part, or not one the ZDNet article demonstrates anyway.
  I still wouldn't trust any company not to hand over my information to the government. Lavabit was one hell of an exception, and one geeks the world over should be proud of.
  Neither would I trust that email content I didn't personally encrypt with my own keys couldn't be seen by others.
  Apple doesn't have to be relaying email for others in order for Apple to be able to see the contents of all SMTP traffic that transits or terminates at their mail servers. SSL for SMTP means nothing if the mail server is pwned or intentionally logging stuff due to a business mandate or government subpoena or pressure.
  So Tim Cook didn't tell that particular lie. Good. But "We don't read your email" is an assertion, and one generally impossible to prove true (though more easily possible to prove false, given a certain amount of evidence).
3. Re:Lie. by bberens · 2014-09-16 05:00 · Score: 4, Informative
  
  This can't be true. Or at least if it is true they have the encryption key. If your password was required to access the e-mail data, then if you lost your password you'd lose access to all of your historical data during a password reset.
  
  --
  Check out my lame java blog at www.javachopshop.com
4. Re:Lie. by ColdWetDog · 2014-09-16 05:13 · Score: 1
  
  It is this. EMAIL IS NOT SECURE. No matter who starts it or finishes it.
  If you are using email to do anything but send words of affection to your legally bound, opposite sex, partner (or recipes to anyone), you're doing it wrong.
  Remember the bit about email being a postcard?
  
  --
  Faster! Faster! Faster would be better!
5. Re:Lie. by gripfin · 2014-09-16 05:23 · Score: 1
  
  Apple could I suppose choose to encrypt at rest. But it would be a pretty inefficient mail server. A subpoena after you had stopped using the service and fled to Hong Kong might not turn up anything. I think it's a disingenuously narrow definition of "hacked" being used here. If my cloud ecosystem uses trivial "secret questions" or is brute forcable or has a 2FA system so awful noone uses it, then is an intruder using these weaknesses who comes in through the front door brandishing a real (socially hacked) password not actually regarded as a hacker ? This is all a war of words for mainstream media consumption, remember. Recently I heard that "gmail had been hacked", whereas the actual story was that a rogue (non play store) android app was able to sniff shared memory while the gmail app was logging in. The headline maybe should have been "apps on android can read each other's memory". The target hack could have been headlined "applications in XP can read each other's shared memory, and your whole system is only as strong as the security disciplines applied by your heating subcontractors if you give them access". But the general public can't get their heads round this stuff. I'm also pretty sick of hearing how this is somehow a sign of Apple's specific weakness ("note how it wasn't android") rather the opposite interpretation ("famous people are more likely to be using an iPhone than a Samsung Galaxy S"). Any system made easy to use for the masses is at the mercy of the poor security behaviour of the users. Most of all though, I'm quite surprised to hear frpom all of this that I'm apparently in a minority for NOT using my phone to take / send naked pics. Everyone's doing it, I hear. Who knew ?
6. Re:Lie. by gripfin · 2014-09-16 05:32 · Score: 1
  
  (by "the target hack" I meant "the Target hack")
7. Re:Lie. by gl4ss · 2014-09-16 05:39 · Score: 1
  
  better than that the system allows for password reset by using email(among other methods). so with the data they posses, they can generate access to all the data. that means that any encryption or access blocks or whatever there are, are meaningless from the logical point of "can they read it?"
  so they can reset the password without having anything from you - that means they can read everything is in there and can be coerced to do so by legal means.
  on some other site it might be worth mentioning that they don't really need to change the password so you wouldn't really notice it either.. they can do whatever they want with the data - nothing required from the account owner.
  
  --
  world was created 5 seconds before this post as it is.
8. Re:Lie. by swb · 2014-09-16 05:40 · Score: 1
  
  You can secure SMTP with TLS, can't you?
9. Re:Lie. by Anonymous Coward · 2014-09-16 05:40 · Score: 1
  
  Not if multiple keys work, such as the answer to security questions. A paper a little while back showed how it is possible to encrypt information in such a way, if One has 2 out of 3 decryption keys, the information can be retrieved.
10. Re:Lie. by gnasher719 · 2014-09-16 05:50 · Score: 2, Insightful
  
  I still wouldn't trust any company not to hand over my information to the government. Lavabit was one hell of an exception, and one geeks the world over should be proud of.
  But then Lavabit made the big mistake of being _capable_ of decrypting your data. Once they were _capable_ of decrypting it, that was it, and they started a fight with the government that they couldn't win.
  
  With Apple's iMessage system, they _can't_ read your data. And since they _can't_ read your data, Tim Cook can refuse to give them your data (actually, he can't give them your data anyway because he just can't) without fear of having to go to jail for this refusal. So no heroics needed for Apple. Much better solution than Lavabit.
11. Re:Lie. by WuphonsReach · 2014-09-16 05:50 · Score: 1
  
  You can, and I'd guesstimate that about 50% of legit SMTP connections to our server are encrypted with TLS. But that number could also be as low as 10-20% (the 90% of all connections being spam zombies makes it harder to estimate).
  
  I have not tracked the value over time to see if it is going up/down. And our site is not particularly large, so we don't have a good sample to pull from.
  
  --
  Wolde you bothe eate your cake, and have your cake?
12. Re:Lie. by gnasher719 · 2014-09-16 05:55 · Score: 1
  
  It is this. EMAIL IS NOT SECURE. No matter who starts it or finishes it.
  Well, exactly. If you send me an unencrypted email, and it is stored on Apple's servers somehow, and my computer asks Apple's email server for the mail, then Apple has to send the unencrypted email to my computer. In other words, Apple _must_ be able to produce the unencrypted email.
  
  (Hmmh. I wonder if this is right. I wonder if there would be a way with https to store an encrypted mail, which would be decrypted when my computer decrypts the https? But then the NSA could just request my email through https and they could read it? )
13. Re:Lie. by Noah+Haders · 2014-09-16 06:40 · Score: 1
  
  he can give NSA all the data he has, but it may be difficult to read. not his fault.
14. Re:Lie. by Qzukk · 2014-09-16 07:19 · Score: 1
  
  I wonder if there would be a way with https to store an encrypted mail
  Short answer: No.
  Long answer: SSL makes use of a temporary session key that is calculated between the client and the server at the time of the connection. Once the connection is over that key is (ideally) destroyed. If the email was encrypted with my session key when I sent it to the server (and somehow not decrypted by the server at this point) your session key that you create when you connect to the server won't do the job.
  This is what S/MIME is for. The email body (and optionally some headers) is encrypted with a session key which is encrypted with your public key (rather than the server's key). Then it is sent through regular email channels. You receive the email and decrypt the session key with your private key, and use it to decrypt the message.
  
  --
  If I have been able to see further than others, it is because I bought a pair of binoculars.
15. Re:Lie. by gnasher719 · 2014-09-16 21:15 · Score: 1
  
  Not saying it would be simple. https means: Data is encrypted with a key K and decrypted with the key K', and somehow both sides agree about the key. First, Apple could store your email encrypted with a key A so it can be decrypted with key A'. If they combine A' and K, it could be possible to send the https message to you without ever producing the decrypted message at Apple. Now if Apple didn't store the key A', but some means to combine A' with a (yet unknown) key K, then they couldn't decrypt your message.
16. Re:Lie. by AmiMoJo · 2014-09-16 21:32 · Score: 2
  
  If Apple can reset your password and your imessages can still be recovered, they can read them.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Whoops by Anonymous Coward · 2014-09-16 04:26 · Score: 2, Insightful

The partial quote distorts what he said. The "Apple cannot read" part is specifically about iMessage, not email.
Not Hacked? by rainwater · 2014-09-16 04:28 · Score: 2, Informative

Technically it wasn't hacked but Apple's poor security practices for password resets is what led to user's accounts to be compromised.
1. Re:Not Hacked? by Sockatume · 2014-09-16 04:35 · Score: 2
  
  Right, it's not iCloud that was hacked, it was individual user accounts. It's the distinction between "the rotary club has been murdered" and "the members of the rotary club have been murdered".
  
  --
  No kidding!!! What do you say at this point?
2. Re:Not Hacked? by jratcliffe · 2014-09-16 04:48 · Score: 5, Insightful
  
  Actually, it's more the distinction between "they broke into the bank vault and went through your safety deposit box" and "they pickpocketed you, and used your key and a fake ID to get into your safety deposit box."
3. Re:Not Hacked? by fustakrakich · 2014-09-16 05:01 · Score: 3, Insightful
  
  It's why you can't sentence a corporation to death...
  Ah, but you can. Its charter can be revoked, should we ever vote for people who would do such a thing, but that's not very likely.
  
  --
  “He’s not deformed, he’s just drunk!”
4. Re:Not Hacked? by mean+pun · 2014-09-16 05:14 · Score: 1
  
  Right, it's not iCloud that was hacked, it was individual user accounts. It's the distinction between "the rotary club has been murdered" and "the members of the rotary club have been murdered".
  No, some members of the rotary club have been murdered. (And also some members of the local droid knitting club.)
  There is no indication that every iCloud account was hacked, or even that a disproportional number of iCloud accounts were hacked.
5. Re:Not Hacked? by mlts · 2014-09-16 06:17 · Score: 1
  
  In reality, the next step up on Internet services is moving to 2FA everywhere. Passwords are easily gotten, but 2FA, though doable, raises the barrier immensely. It means that someone would have to know the user's password and have control of one of their devices. This is far harder than just sifting through a pile of passwords found on a bittorrent dump and trying them on various accounts, or guessing a user's grandma's last name.
  I'm sure that if the users that had the pictured compromised had their phones secure and had 2FA on, we wouldn't be inundated about these stories.
  Of course, 2FA isn't a perfect solution. Lose access to one's phone number that is used for texting codes, and lose access to the recovery key... and one is hosed big time, be it if they are on Google, Dropbox, Apple, even Yahoo. The ideal would be a vendor neutral keyfob that can be used with everyone's 2FA systems, either as the main means of authentication, or as a tool for recovery, where the keyfob can be stashed somewhere physically secure if there is no other way into an account.
Poor Apple by obarthelemy · 2014-09-16 04:33 · Score: 4, Interesting

It seems they've picked "privacy" as a fighting point vs Google. They don't seem to realize that people either
1- don't care anyway
or
2- care, and know Apple is bullshitting.

--
The Cloud - because you don't care if your apps and data are up in the air.
1. Re:Poor Apple by Anonymous Coward · 2014-09-16 05:57 · Score: 1
  
  oh, this is an interesting game. You alone get to choose what evidence is admissible in proving apple is bullshitting. I assume if we provide anything that's somewhat concrete then you'll deem that evidence is inadmissible as well?
2. Re:Poor Apple by elsuperjefe · 2014-09-16 06:09 · Score: 1, Troll
  
  i know right? i totally don't care that Google uses every "key word" of every gmail message i send to enable advertisers to better market their crap to me. i further couldn't care less that Google stores each message forever even after i tell them to delete it. There's no way that could possibly come back to haunt me. They do no evil, so I trust them! just like i trust every big company whose business model depends on the content my personal emails and searches.
3. Re:Poor Apple by Cloud+K · 2014-09-16 09:23 · Score: 1
  
  Call me gullible if you wish (given the PRISM leak it'd be fair) but I do actually relatively trust them, and believe that they were probably just as horrified to discover that the NSA had manipulated whoever they managed to manipulate (some engineers most likely) and tightened things up accordingly.
  There's always this idea that the more successful a company is, the more Pure Evil they are and basically out to be as scummy as they possibly can. But short of the PRISM thing (which again I personally suspect was probably more a case of the NSA bullying some engineers than them colluding with C-levels) I've not seen much to suggest that Apple are actually evil and out to eat your children. I really can't help wondering if these levels of cynicism are all that good for your mental health - it sucks assuming that everyone is out to get you.
  I don't outright 100% trust them of course because that would be silly, which is why I said "relatively". But the relativity between Apple and Google in terms of respecting privacy is a chasm of epic proportions, IMO. Google's C-levels say things like "privacy is dead" and "if you have something to hide you shouldn't be doing it".
  There's a huge difference, and it actually IS a very good advantage for them to market - I've been deciding whether to switch back to iOS for my next tablet, and this statement has been enough to seal it.
4. Re:Poor Apple by Bing+Tsher+E · 2014-09-16 10:42 · Score: 2
  
  The part that gets me is that Apple thinks that it's a Google or Apple choice. That by tearing down Google they can raise themselves up.
  I choose neither.
  But Apple has historically promoted the idea of a competitor to their fandom. They utilize an 'Immanual Goldstein is the enemy' model, with regular five minute hate sessions.
  I don't think they can maintain their marketing culture without something out there for their fans to feel superior to.
  But we can stop caring. We don't have to pick a flag to wave in the air, or at least we don't need to pick one of the corporate logos on our flags.
5. Re:Poor Apple by Bing+Tsher+E · 2014-09-16 10:47 · Score: 1
  
  I've been deciding whether to switch back to iOS for my next tablet, and this statement has been enough to seal it.
  Oh, come off it. Now you sound like the guy on the radio who says 'I have siding on my house installed by our Sponsor, Adolph's Siding Company.'
  Google nor Apple are worthy of our trust. Don't use their email services. Don't use their cloud services.
  Don't pretend we all need to choose sides.
6. Re:Poor Apple by CowardlyAnomalous · 2014-09-16 13:57 · Score: 1
  
  At least in Apple's case I'm the customer, for Google I'm the product. I buy the products that Apple makes. Google sell to others, their access to me.
7. Re:Poor Apple by Cloud+K · 2014-09-16 21:55 · Score: 1
  
  I'll use what I want to, thank you.
  Similarly, whether you choose sides (or choose a tinfoil hat and avoid cloud services altogether) is up to you. That's how the world works you see, people make personal decisions, they don't usually take orders off people on the internet.
  3 years ago I liked what Google were doing and disliked what Apple were doing so I switched to Google
  Now, vice versa.
  There's no brand loyalty here, but these happen to be the two biggest mobile OS manufacturers (sorry but Blackberry and Microsoft are irrelevant by comparison IMO) and in direct competition, so damn right I'll pick a side when one is doing something I like and the other is doing something I don't.
8. Re:Poor Apple by IamTheRealMike · 2014-09-16 22:07 · Score: 1
  
  Google's C-levels say things like "privacy is dead" and "if you have something to hide you shouldn't be doing it".
  Sigh. This has to go down as one of the most commonly manipulated misquotes in history.
  Schmidt was saying something along the lines of "privacy is dead" in response to a question about the PATRIOT Act. He was telling it like it is, giving as much of a warning of what was going on as he could without actually doing a Snowden. He wasn't expressing happyness about that state of affairs, just pointing out that US laws give the US government enormous powers over people's personal information. And his last comment (actually "maybe" you shouldn't be doing it) was an observation of the fact that these things are not black and white: there's a small contingent of people who genuinely need nobody at all to know what they're doing for noble political reasons. And then there are all the people who aren't Snowden and are just trying to hack someone else's nude photos.
tanslation for the masses: by nimbius · 2014-09-16 04:40 · Score: 4, Interesting

Tim cook, talking head who has only ever held managerial roles in various fortune 100 companies, expels platitudes about the sanctity of the iGalaxy for users who slept through FISA and NSA backdoors and only recently began giving a shit when selfies and nudes were leaked from the magical cloud by notorious hacker 4chan.

--
Good people go to bed earlier.
1. Re:tanslation for the masses: by bmo · 2014-09-16 05:51 · Score: 2
  
  The fact You refer to "4chan" as a "notorious hacker" shows Your interpretation should be presumed erroneous.
  And your reading of his message is erroneous, because it was reported in the media that the notorious hacker was indeed "4chan."
  --
  BMO
What a liar by Anonymous Coward · 2014-09-16 04:43 · Score: 1, Funny

Everyone knows iCloud was hacked.
They released the fix for the iCloud hack right after the fappening.
1. Re:What a liar by Bing+Tsher+E · 2014-09-16 10:49 · Score: 1
  
  "We have always been at war with Eastasia."
I do not believe him. by QuietLagoon · 2014-09-16 04:45 · Score: 1, Troll

I do not believe him when he says Apple cannot access iMessage and FaceTime communications.
iAD http://advertising.apple.com/ since iOS4 by tuppe666 · 2014-09-16 04:49 · Score: 4, Informative

"With iAD you can get your message out to millions of people worldwide who use Apple products every day. Connect with users as they listen to music on iTunes Radio or while they use their favourite App Network. Find your audience using targeted tools built upon a foundation of registration and media consumption datahttp://www.youtube.com/watch?v... start at 44 Min The idea is you spy on people in Apps not in search, because people spens 97% of their time in apps
Re: Not really a lie by wues · 2014-09-16 04:52 · Score: 1

You don't know anyone with @me.com or @icloud.com address?
It's the goal. by Anonymous Coward · 2014-09-16 04:57 · Score: 1

Anonymous here because I know stuff.
The position of the big techy corps is that they are royally pissed with the government pestering them with secret requests for data that they can't refuse.
They want technology that lets them say to the government "No we can't give you the keys or the data because we can't access it ourselves".
This is a problem cryptographically, particularly in complex communication and storage systems. The key management is a bitch. But it can be done if you have competent cryptographers and crypto implementers on board.
It is no surprise that Apple claim what they claim because it is what they want.
1. Re:It's the goal. by Cloud+K · 2014-09-16 09:34 · Score: 1
  
  Whilst you do sound like a channer (no offence - Anonymous is what they call themselves, and your writing style reminds me of one I know, but they do sometimes pretend to "know things") I wish I could mod you up as this is exactly what I'm suspecting as well. I really don't think the corporations are necessarily all Evil Devils out to collude with the NSA and do all sorts of nasty things with the data of individuals.
  They're successful financially but surely this doesn't automatically mean they have no conscience.
Re:Not really a lie by Rick+Zeman · 2014-09-16 04:57 · Score: 2

Apple doesn't run public email servers. At least, I don't think so. Nothing like gmail, anyway. So they aren't transporting your email. Unless they back up your mailbox to iCloud
Yeah, they do run public email servers if you've opted in. Was user@mac.com, then user@me.com, and now user@icloud.com. Just using a device, no, your mail doesn't go to an Apple server unless it's one of their accounts.
I realize Tim Cook is now the face of Apple by 93+Escort+Wagon · 2014-09-16 04:59 · Score: 1

And Charlie Rose isn't a techie. But if you want to really convince the Slashdot audience, it'd be better to have a high-level engineer answering these questions than a guy who's skill is managing the inventory supply chain.

--
#DeleteChrome
1. Re:I realize Tim Cook is now the face of Apple by alvinrod · 2014-09-16 05:23 · Score: 1
  
  If you wouldn't believe Tim Cook, why would you believe anyone else from Apple? They might be able to provide a better technical description of precisely why Apple can't access your information, but does that really matter as to whether or not what they're claiming is true?
2. Re:I realize Tim Cook is now the face of Apple by Bing+Tsher+E · 2014-09-16 10:51 · Score: 1
  
  The guy at the top is always a lying sack of shit. There are people tucked away in a lab somewhere that the PR Department would NEVER allow to step in front of a microphone.
  You don't know much about corporations, do you?
The old Jackie Mason routine by superwiz · 2014-09-16 05:00 · Score: 3, Insightful

Reagan was happy, he was always smiling
They asked him, "what about the defiicit?"
He said, "there is no deficit!"
They told him, "but there is!"
So he said, "so there is."
...
30 years later
There is is no emal theft! But there is!.... waaaait for it.

--
Any guest worker system is indistinguishable from indentured servitude.
Re:Not really a lie by dkman · 2014-09-16 05:03 · Score: 1

I was wondering about that, because it's nearly impossible to run a mail host and not be able to read the mail. I believe it is impossible when the mail isn't encrypted end-to-end.
It would also be impossible to offer any kind of spam, junk, antivirus service if you couldn't read the mail.

Since Apple isn't providing mail service, and doesn't proxy everything through it, your iDevice is configured to talk to your mail host. So if Apple could read your email they'd have to be doing something very wrong indeed. So he's essentially saying the same thing as if Google said they couldn't read your work email. Well no s#!t Sherlock, you don't have access to it.

I'm not saying that to Tim Cook, but the way it was reported was stupid.

--
I refuse to sign
Re:What infamous PPT? by Anubis+IV · 2014-09-16 05:11 · Score: 3, Informative

The PRISM PowerPoint slides leaked by Snowden.
Re:Not really a lie by H0p313ss · 2014-09-16 05:24 · Score: 3, Informative

iCloud.com addresses are required for most of iCloud's services. Without iCloud loses a lot of functionality.
Guess what I don't have
Not true, you can register with iCloud with another email address, however it will then automatically allocate an iCloud.com address for you, but you don't have to use it nor does it limit the functionality. (This is what I do...)

--
XML is a known as a key material required to create SMD: Software of Mass Destruction
Apple Angels by ThatsNotPudding · 2014-09-16 05:28 · Score: 1

A thousand angels, parsing the fuck out of every word on the head of a pin.
Poor Apple by Anonymous Coward · 2014-09-16 05:34 · Score: 1

Prove Apple is "bullshitting". No, You may not use the incorrect description of "The Fappening" (i.e., "iCloud was hacked") as an example.
False Headline by Bob9113 · 2014-09-16 05:59 · Score: 4, Insightful

Tim Cook Says Apple Can't Read Users' Emails,
No he didn't.
Apple previously said that even it can't access iMessage and FaceTime communications, stating that such messages and calls are not held in an "identifiable form." [Cook] claimed if the government "laid a subpoena," then Apple "can't provide it." He said, bluntly: "We don't have a key... the door is closed." He reiterated previous comments, whereby Apple has said it is not in the business of collecting people's data. He said: "When we design a new service, we try not to collect data. We're not reading your email."
He said they cannot read iMessage and FaceTime, and they are not reading your email. That is a very important distinction. It might be one he was hoping you would miss, and you did miss it, but he did not say they can't access your email.
And I'm not blowing sunshine up his skirt. I came here intending to kick him in the balls (metaphorically, of course) for lying, but he didn't.
Pro-tip: If any system includes a password recovery mechanism that allows you to get back messages, then the administrator of the password recovery system can read your back messages.

--
Stop-Prism.org: Opt Out of Surveillance
1. Re:False Headline by tlhIngan · 2014-09-16 08:01 · Score: 2
  
  He said they cannot read iMessage and FaceTime, and they are not reading your email. That is a very important distinction. It might be one he was hoping you would miss, and you did miss it, but he did not say they can't access your email.
  It makes sense really because he'd be lying if he said he can't access your email.
  Because using me.com or icloud.com email? Well damn, that's standard email and I'm fairly certain even if Apple uses SSL, it's standard IMAP or POP protocols, and it's delivered to Apple in plaintext unless you externally encrypt.
  Because if Apple could come up with a way to handle email that comes in plaintext and somehow fail to be able to read it, then it's a technology Apple could make money on selling to privacy advocates.
  iMessage/FaceTime are Apple-designed and encrypted with user keys and other stuff. It's possible to design a protocol where Apple couldn't recover it even under threat of contempt because at no time is it in plaintext at Apple.
  But email? Anyone who sais they can't read it is lying, not just Apple. Short of applying encryption on your message, as far as Apple is concerned, SMTP delivers messages in the clear, optionally wrapped in encryption just for transport. But forwarding it on to the right mailbox etc., it's plain text.
2. Re:False Headline by praxis · 2014-09-16 08:11 · Score: 2
  
  iMessage and FaceTime are technologies Apple designed and implemented, and they chose to do it in a different way than e-mail. E-mail uses a plain text protocol and is stored in plain text. While the transport can be encrypted, if one were to encrypt the data on the server it was stored on, one would use a symmetric key, and one would have access to that key. iMessage and FaceTime can be implemented using asymmetric keys and one would not need access to those keys. It makes sense if you as a company want to minimize how much data you hand over to a government: you let devices generate keys that your servers never see.
Subject & summary disagree by Aaden42 · 2014-09-16 06:15 · Score: 3, Interesting

Article subject says, “email,” but TFS says, “iMessages.” Those are different things, and the security of them is handled very differently because the mechanism of access is very different.
Apple being unable to access emails is impossible since they must deliver them in plain text to plain-old IMAP clients that don’t support decryption or key storage.
Apple being unable to access iMessage contents is plausible. My understanding of the protocol is something like this:
Alice starts texting Bob’s phone number. Alice’s iDevice contacts Apple’s servers to see if Bob’s phone number is registered with iMessage. If not, Alice’s device sends a plain-old SMS. If it is, Alice’s device receives a list of public keys for each of Bob’s registered iDevices. Alice’s iDevice encrypts the message with a session key, then encrypts that session key to each of Bob’s public keys. Her device transmits the encrypted message to Apple’s servers which then transmit it to each of Bob’s devices as they become accessible. Each of Bob’s registered devices can use its private key to decrypt one of the encrypted session key blocks, then use that to decrypt the message.
The private key to decrypt session keys never leaves Bob’s device. The session key never travels in the clear outside Alice’s or Bob’s devices. Apple can retrieve sender/recipient info (ye olde metadata), but no message contents.
The one gotcha to all of that is that since Apple controls all SSL certs involved in the process, they could MitM attack the process if they so-choose (or were so-ordered). There’s no certificate pinning or checking implemented, so Alice’s iDevice has no way of knowing if the public keys it retrieved for Bob’s iDevices might also include an extra key held by Apple or LEO.
Assuming Apple is compelled to intercept messages from Alice starting at a particular date, messages sent before that date at rest on their server should remain secure (unless they’re lying and are currently MitM or escrowing keys). New messages sent while the MitM was active could be decrypted and provided to LEO. Whether or not they’re performing an MitM at present should be detectable by analyzing the traffic during new device registration or sending messages — IE if Alice checks the keys received and confirms them all with Bob manually (jailbreak most likely required). If they don’t match or there’s an extra key, something’s wrong.
There’s an in-depth protocol analysis of iMessage here: http://blog.quarkslab.com/imes...
Scroll to the bottom for the tl;dr on that analysis. That post also includes proof of concept software to check for an active MitM attack, at least on iMessage for Mac.
tl;dr: Apple is in a trusted position where they could intercept message on a per-user basis if compelled to do so, but the general case of iMessage working as intended leaves messages encrypted on their server with keys they don’t have. I’m not aware of any way that Apple could perform that attack in an undetectable fashion, though performing that detection is well beyond the ability of most users.
1. Re:Subject & summary disagree by Aaden42 · 2014-09-17 04:39 · Score: 1
  
  You’re thinking Web of Trust type public key architecture like PGP/GPG tend to use. That’s a good model among people who know each other well and trust each other (as well as trust each other’s ability to verify keys properly), but it doesn’t scale all that well. It also requires users to do much more work to distribute and verify keys.
  iMessage uses a certificate authority model. You delegate all trust to the third party authority (Apple in this case) who you trust to do the work of verifying that keys belong to whom they claim to. Instead of restricting your keys to a list of trusted friends you’ve manually verified, you trust that any key which Apple has signed and provided to you (and hasn’t revoked) was originally provided to Apple by someone who had the user’s iCloud password. It’s a big step up in terms of usability since you don’t need to do the key exchange dance with every person you want to iMessage, but there are significant trade-offs in terms of security.
  On the whole (and LEO meddling notwithstanding), Apple’s system does a reasonable job in its role as a CA. You need a user’s iCloud password to provide new keys to the system. As an unfortunate number of famous people recently discovered, relying on password authentication has some limitations, but it’s the best option widely available right now. In any case, the security is reasonably in the user’s hands (again, ignoring LEO for the moment) — you can choose to use long, complex passwords, and Apple will do the RightThing(tm) with them.
  The vulnerability in relying on a certificate authority is that they are much more susceptible to coercion by other parties (IE law enforcement). In a Web of Trust model, someone would need to directly compel someone you trust to either turn over their private keys or furnish you with compromised keys that they claim to be safe to use. That must be done on a per-user basis, so requires much more work for LEO to surveil any large number of users. On the other hand, Web of Trust is more susceptible to non-LEO blackmail scenarios. To coin a movie plot, “Here’s a photo of your daughter’s school. Provide this key to all of your trusted confidantes if you want her to get home safe.”
  With a certificate authority system, the CA likely has less skin in the game in terms of the security *your* particular messages, and also has significant legal exposure in terms of assets and criminal sanctions. There’s also no possible claim of 5th Amendment protection. The CA can be compelled to produce vulnerable certificates that will appear to come from the surveillance target. They can (technically) do this for a single user or provide the root signing keys allowing LEO to directly produce such certificates without additional involvement from Apple. They can also be legally gagged to prevent them from disclosing this has happened.
  The strength in the iMessage implementation is that each iMessage client should be furnished with a complete list of the recipient’s keys and that Apple can’t decrypt messages with the key material it should normally have. That falls apart when Apple is compelled to generate MitM keys for LEO, but there are technical avenues available for detecting that in most cases (unanticipated key change). Those checks essentially degrade back to a Web of Trust model where users must manually authenticate keys with the owner. Most users aren’t savvy enough to perform these checks, and the iMessage infrastructure on iOS devices makes it impossible to do this in-situ without jailbreaking the device. It should be possible to write something that would impersonate an iMessage client and perform the check, but of course if Apple detected the impersonated client, they could provide a different set of certs to that client, defeating the ability to check them.
  All told, iMessage is much better than other options available. By design,
Possible to store encrypted email? by gnasher719 · 2014-09-16 06:20 · Score: 1

Hi everyone, maybe someone more clever than me can figure this out: Could it be possible for Apple (or any other company) to store emails in an encrypted form so they can be delivered to me, but cannot be read by the company?

Let's say my email address is gnasher@icloud.com and my password is "Password" You are sending me an unencrypted email (no S/MIME) and it is received by Apple's email server. No matter how encrypted Apple stores the data, when I request my email, Apple has to send me the unencrypted email.

Now let's say Apple creates a public/private key pair for my email address and hashes the private key with my password; that happens the very first time that I ever read any email from their server. From then on, every email intended for me gets encrypted with the public key. Now if someone tries to read my email (for example I myself), they need to send the email address and the password to Apple's email server. Apple uses the password to try to unhash the private key, decrypts the email, and sends it to me.

If Apple never stores my password, they can't read my emails. Of course whenever they decided at time X they want to read my mails, they could read any emails received after time X, or as soon as I tried to download emails again with my password.

Questions;

1. Would that work, technically?
2. Would that work, legally? If Apple got a subpoena, they wouldn't be able at that point to give anyone my emails. Could they be forced to deliver all emails they receive on my behalf after receiving the subpoena, or all emails that I download after receiving the subpoena, or all stored emails once I requested delivery of emails?
1. Re:Possible to store encrypted email? by praxis · 2014-09-16 08:18 · Score: 1
  
  Even better would be a system such as:
  You generate a key pair, give Apple the public key. You manage your own private key.
  Then, for each email:
  Apple receives the email as plain text from another server (likely via SSL), encrypts it with your public key and stores it on their servers. When you connect to retrieve your mail they send you the encrypted blob that you decrypt via your private key.
  Problems are this: first, Apple has a plain text copy of each email you receive and could be asked (nicely or forcefully) to record this somewhere before proceeding with encryption and storage. Second, replies are not encrypted.
  Much better for users to manage their own keys and use S/MIME. That's what I do with my friends and Google (my email provider) never sees unencrypted messages from me to any of my friends and vice versa.
2. Re:Possible to store encrypted email? by gnasher719 · 2014-09-16 09:37 · Score: 1
  
  Your suggestion is a protocol change, so that cannot be implemented without a change in the email client. But if we make such a change, then email senders could also implement the same change:
  
  The sender could ask Apple for your public key. If Apple has your public key, it gives the public key to the sender, the sender encrypts the message with your public key, sends it to Apple who cannot read it, which sends it to you. Oh well, that's called S/Mime :-(
3. Re:Possible to store encrypted email? by praxis · 2014-09-16 11:53 · Score: 1
  
  Yes, but it's between your MUA and your server. S/MIME, as far as I know, does not do server-to-sender public key exchange. If I send a signed message to you, then you have my public key and can encrypt messages to me, yes, but you can't get my public key from the server.
  Frankly, S/MIME is really the best solution available today. It works with gmail (not web-mail but using a MUA). Most MUAs support it. It's easy to get a free personal S/MIME keypair from a CA. Google, Apple or whoever you use for mail never sees your private key and can't read your messages.
4. Re:Possible to store encrypted email? by Aaden42 · 2014-09-17 04:44 · Score: 1
  
  This is essentially what Lavabit implemented. The NSA’s response was to compel Lavabit to hand over their SSL private keys so that all traffic to & from their web server could be intercepted. The key material that protects the private key must at some point pass over the wire, and if you can decrypt all traffic in & out, you can compromise the system.
  Lavabit chose to go out of business rather than comply.
  Land of the Free indeed...
Laugh... by koan · 2014-09-16 07:04 · Score: 2

http://www.wired.com/2014/09/e...

--
"If any question why we died, Tell them because our fathers lied."
Hogwash by Anonymous Coward · 2014-09-16 07:49 · Score: 1

If someone forget their password, the messages are not lost for eternity. If they were truly stored in an unretrievable form (that required the user's password to unencrypt them), then a "password reset" would not work at all. The password protection is just used to authenticate the owner of the mail account. As long as you can get authenticated one way or another, the mail can be hacked. Since Apple has a password reset function, it would be trivial for apple on their own or on behalf of law enforcement to get access to emails. Maybe not accessible for apples customer service reps, but certainly their IT guys.
Re:Inaccurate by praxis · 2014-09-16 08:13 · Score: 1

Tim Cook says they "don't" read your email and "can't" read your iMessages. So presumably, they CAN read emails but choose not to do so.
Which makes sense as most email clients out in the wild don't encrypt messages, so even if Apple were to encrypt messages stored on the server, they'd be doing it with *their* key, not the users (unless the user used S/MIME or PGP or GPG or what have you). If they want to interoperate with other email providers, they need access to the emails as that's how email works.
What's not said... by DriveDog · 2014-09-16 08:28 · Score: 1

What did Cook not say? Did he bluntly say "we cannot read your mail"? Or did he just say "we don't have a key"? A general statement like "There is no way for us to read your mail or provide your mail to anyone else" would have more meaning. Reporters could ignore such statements, or at least every time they print one, point out how it could be misleading.
Oh boy by iamacat · 2014-09-17 16:17 · Score: 1

Think just for a second about how web email works, especially web e-mail that provides fast full content search. Or SMTP from outside systems. Can't read user's e-mail. Riiiight! Maybe with all open source client stack using public keys exchanged out of band.