Slashdot Mirror

← Back to Stories (view on slashdot.org)

Should Edward Snowden Trust Apple To Do the Right Thing?

Posted by timothy on from the manifold-motives dept.

Nicola Hahn writes: As American lawmakers run a victory lap after passing the USA Freedom Act of 2015, Edward Snowden has published an op-ed piece which congratulates Washington on its "historic" reform. He also identifies Apple Inc. as a champion of user privacy. Snowden states: "Basic technical safeguards such as encryption — once considered esoteric and unnecessary — are now enabled by default in the products of pioneering companies like Apple, ensuring that even if your phone is stolen, your private life remains private." This sort of talking point encourages the perception that Apple has sided with users in the battle against mass surveillance. But there are those who question Snowden's public endorsement of high-tech monoliths. Given their behavior in the past is it wise to assume that corporate interests have turned over a new leaf and won't secretly collaborate with government spies?

15 of 196 comments (clear)

  1. The basic tenet of security by ColdWetDog · · Score: 5, Insightful

    Is that you don't trust nobody.

    I can't imagine actually 'trusting' Apple or any other corporation or government. Give them a pat on the back for making security easier - sure. Trusting them, not so much.

    --
    Faster! Faster! Faster would be better!
    1. Re:The basic tenet of security by praxis · · Score: 5, Insightful

      You must trust some things some times with some data, or you can get no meaningful work done. Balancing that trust (the risk) with that data (the value) is what security is about. I put this data, that I just wrote, on this website, because it is low value and low risk. I wouldn't post here my social-security number because that would be high risk. I wouldn't post my private key here either, but I do store my private key on a hard drive I did not build myself nor did I verify myself running an OS I did not build myself nor did I verify myself because while it's high value, it is low risk due to the many rounds of secure math protecting it.

      As to trusting Apple or any other corporation or government. You implicitly trust your hardware manufacturers, all of them, unless you build your own hardware from scratch. Same goes for software, even open source software.

    2. Re:The basic tenet of security by nine-times · · Score: 4, Insightful

      I trust nobody

      Bullshit. As praxis pointed out, you trust some people, sometimes, with some data. Otherwise you wouldn't post here. At a bare minimum, you've trusted Slashdot with your username and password, and you've trusted us, the Slashdot readership, with the contents of your post. What's more, whatever computer you're working on has at least hardware (with BIOS/firmware), an OS, and a web browser. You've trusted whoever made all of those things. Even if you are using FOSS, unless you've performed a thorough code review of the sort that you would perform on a suspected virus, you've trusted the community to review the code and remove security threats. Even if you encrypt your data, you're trusting whoever wrote the encryption software, along with the people who created the platform that the encryption software runs on, to be both honest and competent.

      What praxis was pointing out, which is entirely correct, is that security is not about being "absolutely secure". It's about balancing "making things accessible to those who I'd like to grant access" against "making things inaccessible to those who I would not like to have access." It inherently includes trusting authorized users, but also it pretty much always includes some level of trust (not necessarily absolute trust) of some 3rd parties. When you put money in the bank, you're putting some trust in the people who own the bank, in the bank's guards and tellers, in the police to protect the bank, and in the government to oversee the whole system and provide legal recourse if anyone else violates your trust. You don't have to trust any of those people absolutely, but that's because of the security practice of dispersing trust among multiple parties.

      So no, you're trusting someone, whether you admit to it or not.

  2. What reform? by CrimsonAvenger · · Score: 4, Insightful

    The only real change as a result of this law is that the telecoms have to pay to collect & store the information that the Feds used to do themselves.

    So now they'll have to get their secret court to rubberstamp a warrant for them instead of just emailing a request downstairs when they want some information on someone. Big whoop!

    --

    "I do not agree with what you say, but I will defend to the death your right to say it"
  3. Re:Behaviour in the past? by gstoddart · · Score: 4, Insightful

    None of the tech companies have been shown to be co-operating voluntarily

    Quite honestly, does it matter if this is voluntary?

    When you have secret laws which say "give us this or else", WTF difference does 'voluntary' matter?

    Even the transparency reports say "we can't actually tell you what we did because we're under a gag order".

    Unless the government no longer has secret laws, or tech companies stand up to them and implement tech which doesn't have built in security bypass ... voluntary don't mean a damned thing.

    --
    Lost at C:>. Found at C.
  4. I don't think that's what Snowden is saying by engineerErrant · · Score: 5, Interesting

    The poster's interpretation seems completely off-base to me; not only is Snowden not encouraging us to blindly trust Apple et al with our privacy, he explicitly warns of the very danger the OP brings up.

    As an iOS developer, my perception is certainly not that Apple is trying to grab our data instead of the government - in recent years, they have started a major cultural shift toward real protections of user data - simply not collecting it, encrypting it in transit, etc., etc., even if it's a burden on third-party developers to make the transition. This is a Good Thing, full stop. Props to Apple (as well as Google, who is also making its own efforts).

  5. Re:why is Eric snowden an expert on security by Anonymous Coward · · Score: 5, Insightful

    You seem to be upset that Snowden leaked information containing the horrible acts of our Government and it's military, yet you're not upset that the government and it's military were doing these horrible things. I think your priorities are askew.

  6. Right thing == PR ... by gstoddart · · Score: 4, Insightful

    I trust corporations to do the "right thing" inasmuch as PR dictates there is a public perception that this is important.

    But I do not trust corporations to ever do the "right thing" out of a corporate sense of morality.

    I expect corporations to act like vicious sociopaths trying not to be noticed and miming "the right thing" without actually giving a damn.

    Trusting the moral compass of a corporation is a pathetic joke and a lie.

    --
    Lost at C:>. Found at C.
  7. Re:why is Eric snowden an expert on security by prefec2 · · Score: 5, Interesting

    There is no proof that he handed secrets to the Russians or Chinese. The whole article on that was made up by its authors.

    BTW: People criticising the USA normally criticise the politics and actions of the USA. To call them America-haters is totally wrong. In two ways. First, there is a lot more America then only the USA. Use google maps if you do not believe me. Second, its the actions abroad that cause you low reputation. And three, your tourists often help to foster such reputation. Even though the last thing is hardly something that can be changed. We all have parts of our population which go on vacation and ruin our reputation. Ask the Germans and the British or even better ask the Italian and Spanish on the reputation of Germans and the British.

  8. Sure, Apple does the right thing... by GuB-42 · · Score: 4, Interesting

    Apple certainly makes sure that your private life remains private and don't collaborate with government spies...

  9. Re:why is Eric snowden an expert on security by fustakrakich · · Score: 5, Informative

    Kidnapping, torture and war... for starters.. The spying? Eh...

    --
    “He’s not deformed, he’s just drunk!”
  10. No reason to trust by endus · · Score: 5, Insightful

    I see no reason to trust Apple or any similar companies whatsoever. They have betrayed consumers' trust in the past, have cooperated with illegal surveillance programs, etc. If a given company has cleaned up its act, great, but independent verification, open standards, etc. are the only way to gain assurance. Trust is irrelevant.

  11. Re:why is Eric snowden an expert on security by MachineShedFred · · Score: 4, Informative

    Why is it that when the government does something that he doesn't like, it's "big government run amok" but when it's something that I don't like, I'm "an America hater"?

    What would the Founding Fathers, which most conservatives uphold to be the absolute pinnacle of what our government should strive to be, say about the NSA's data collection on it's own citizens? I personally think they made it perfectly clear in the 4th Amendment, but that's just me.

    --
    Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  12. Re:why is Eric snowden an expert on security by Curunir_wolf · · Score: 4, Informative

    A source "with detailed knowledge on the matter" told Reuters that hiring screeners for Booz Allen had found some details of Snowden's education that "did not check out precisely," but decided to hire him anyway

    Resume falsified, yup sounds like a typical "expert" to me.

    You have bought into the administration smear campaign and government propaganda. Booz Allen isn't necessarily lying, here, but this statement, along with the ridiculously picayune reasons for rejecting candidates based on some detail not being perfect, it's likely something as innocuous as listing the wrong day of the month for a graduation, or misspelling of an instructor's name.

    You might educate yourself by checking out the form Snowden was required to complete. I challenge anyone to be able to fill it out completely and include nothing that does not "check out precisely".

    --
    "Somebody has to do something. It's just incredibly pathetic it has to be us."
    --- Jerry Garcia
  13. Re:why is Eric snowden an expert on security by Copid · · Score: 5, Interesting

    One thing I tell everybody who fills out the SF86 is, KEEP A COPY OF YOUR SF86. You'll probably fill it out more than once in your career. Starting from scratch is a gigantic pain and errors creep in if you have to look up older stuff from primary sources.

    --
    An interesting anagram of "BANACH TARSKI" is "BANACH TARSKI BANACH TARSKI"