Slashdot Mirror
Tim Cook: Privacy Is Worth Protecting (washingtonpost.com)
An anonymous reader writes from InformationWeek: In a wide-ranging interview with The Washington Post, Apple's CEO Tim Cook talks iPhones, AI, privacy, civil rights, missteps, China, taxes, and Steve Jobs -- all without addressing rumors about the company's Project Titan electric car. One of the biggest concerns Tim Cook has is with user privacy. Earlier this year, Apple was in the news for refusing a request from the U.S. Department of Justice to unlock a suspected terrorist's iPhone because Apple argued it would affect millions of other iPhones, it was unconstitutional, and that it would weaken security for everyone. Cook told the Washington Post: "The lightbulb went off, and it became clear what was right: Could we create a tool to unlock the phone? After a few days, we had determined yes, we could. Then the question was, ethically, should we? We thought, you know, that depends on whether we could contain it or not. Other people were involved in this, too -- deep security experts and so forth, and it was apparent from those discussions that we couldn't be assured. The risk of what happens if it got out, could be incredibly terrible for public safety." Cook suggest that customers rely on companies like Apple to set up privacy and security protections for them. "In this case, it was unbelievably uncomfortable and not something that we wished for, wanted -- we didn't even think it was right. Honestly? I was shocked that [the FBI] would even ask for this," explained Cook. "That was the thing that was so disappointing that I think everybody lost. There are 200-plus other countries in the world. Zero of them had ever asked [Apple to do] this." Privacy is a right to be protected, believes Cook: "In my point of view, [privacy] is a civil liberty that our Founding Fathers thought of a long time ago and concluded it was an essential part of what it was to be an American. Sort of on the level, if you will, with freedom of speech, freedom of the press."
Unfortunately, the fact that privacy is worth a lot is why so many people are trying to sell our privacy to the highest bidders.
I agree with our Founding Fathers, but they also didn't know what a germ was. Anyways... Without Privacy there is no Security. I rarely agree with Mr. Cook but I do agree with him on this, Realistically any Entity would be unable to contain a tool that exists of this caliber. I reckon that within days, maybe hours of Apple releasing a tool to assist the Feds, the tool would end up being publicly distributed and Apple would have to make a new one...and another one...ad infinum (My latin is kinda bad, I think I got that right)
To be fair, the iPhone in question lacked the secure enclave. The techniques to crack into it would not work with newer hardware. It is still an open question whether other techniques could compromise current hardware—though to be fair, that is always the case with new technology up until the point when somebody comes up with a way to break it, so I guess that isn't really saying anything. :-)
Check out my sci-fi/humor trilogy at PatriotsBooks.
I don't care for Cook personally, or Apple, or the entire Apple-sphere.
But this is one thing he and I have a meeting of the minds on.
My privacy is valuable. Which is why I'm so parsimonious doling out pieces of it. Why the hell should I have to submit five forms of identification, provide blood, sperm and stool samples, open up my financial data back to the date of my birth, get a hundred and thirteen character witnesses, etc, etc just to participate online?
Fuck that noise. I'd rather shiver in a cave in the woods.
On top of that, my privacy also protects me from theft of my identity and, theoretically, also provides protection against illegal behavior by bad actors with government credentials. Hence, it guards my freedom.
And don't tell me it never happens. It does.
If you have zero use for your freedoms, rights and liberties, by all means. Go ahead and shotgun all your data to the Internet.
But the second you (or anyone (and I mean ANYONE) else) demands that I do the same, you're going to be met with a giant "fuck you" and a fist in the face.
Chas - The one, the only.
THANK GOD!!!
We don't protect ourselves by destroying Freedom. The FBI Knew there was nothing on that Phone. They wanted to set the Precident so they could unlock everyone's Phone. These invasive privacy efforts do nothing to protect private citizens from terrorist attacks. They exist to create an atmosphere of fear and social control and paranoia in our own society.
If we really wanted to stop Sunni terrorist organizations we would be relentlessly trying to level places where they are Headquartered like Raqqa.
The Founding Fathers would be appalled to see how the use and abuse of personal information is completely subverting their Bill of Rights. You have no protection of anything if all of your personal information is already outside of your control. If Cook was sincere, then he would at least offer a business model that would profit by protecting privacy (even if it were optional). For example:
Create a privacy protecting intermediary (PPI) that would be motivated to gather and protect ALL of your personal information in accord with YOUR wishes, not just profit maximization by selling your personal data ad infinitum while also using it to ram unneeded products down your throat.
From a time-centric perspective, here is one possible implementation: You would specify how much of your time you want to spend shopping and what you want to buy, and the PPI would anonymize your personal information and preferences and merge your data into groups of similar shoppers. That shopping time would then be auctioned off to companies that want to reach those highly qualified customers. The companies would not bother you directly, but only via the PPI. Another important parameter would be how many options you want to consider. (Personally, I would always want to see at least 3 offers for any major purchase). The PPI would split the proceeds of the auction with you, but the PPI would be strongly motivated to protect your privacy to protect its own position as the middleman.
One more thing: Competition between PPIs. You should always be free to take your data to a different PPI. Yes, that means you would have the right to demand the first PPI forget that you ever existed. Different PPIs would compete based on such parameters as percentage splits of the auctions and supplementary services like REAL filtering for ALL spam. (Personally, I would be shopping for the PPI that would maximize my time efficiency, but I suspect most people would focus on the most money.)
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Me: No it's not
The fact you are posting AC rebuts your claim far better than I could.
HA! I just wasted some of your bandwidth with a frivolous sig!
If it's altruism, it's very selective altruism. Apple has a long and sorted history of distorting things to suit their bottom line. Generally speaking if someone is dishonest most of the time it isn't unreasonable to believe they're probably being dishonest when there is some doubt.
BeauHD. Worst editor since kdawson.
No matter what you do, there will always be outliers on one side, the other, or both—situations you couldn't predict that result in something being uncrackable when it should be crackable or vice versa. What I think most users want is the ability to choose one way or the other without having seemingly minor decisions come back to bite them in the backside (e.g. turning on two-factor only to find out that doing so unexpectedly prevents certain types of password resets).
What this means is that every behavior that has recoverability impact needs to be explained clearly to the user, and where possible, there should be no interdependencies between these settings. This also means that there should be a mechanism for people to add third-party trust into the system. For example, a kid should be allowed to add trust to his/her parents' account, allowing anyone with access to their account to gain the ability to request a device-present password reset in some way. This should be enabled by default on phones owned by kids, and parental controls should prevent it from being removed until the kid turns 18.
The problem is, those sorts of features don't sell devices. They aren't glamorous features that everybody wants to work on. They're additional effort that, unless mandated by law, probably won't ever happen. And if we start allowing lawmakers to meddle in crypto, there's a nonzero risk that they'll want to be implicitly added to that trust in some nefarious way unless the design deliberately makes it impossible for that to happen. This, in turn, means that adding those features is particularly challenging, making them even less likely to be implemented.
Check out my sci-fi/humor trilogy at PatriotsBooks.
Apple certainly has no shortage of issues to criticize them on. But on the issue of privacy and making the iPhone backdoor-able, at least they were smart enough to know what they could not know and could not control, and to want no part of it.
And what they were smart enough to know is that no government authority, no matter how secure and authoritative it claims to be, can control all of its own people and the hundreds of places that a backdoor capability might leak or be used improperly. The FBI cannot even control leaks and incompetence within their own ranks -- what's the likelihood that a capability so valuable would remain unleaked and well-protected in their hands, even with many checks?
So I applaud Apple for at least knowing that it should not develop such a capability and instead leave it in the hands of users to choose when to make things private, out of even Apple's reach.
There have always been secrets, and people trying to foil the methods of hiding them. Time for the government to do a bit more legwork for the next move.
You fools. Apple's security and privacy are to protect the walled garden. They keep "your data" private to prevent their competition from monetizing you. They keep "your phone" secure to protect the walled garden. There is not an ounce of concern about your dignity or rights; this is 100% about greedily protecting their revenue stream.
People just don't want unbreakable security. They like the idea that if they forget the passcode or if they pass away, someone will be able to break in. They want things to be just secure enough to deter "criminals" but no further. (Sure, such a line is impossible to draw. It doesn't mean users don't want it both ways: impossible for the "bad guys" to break, possible for the "good guys" to break when necessary.)
This is true. People want "unbreakable phone security" as much as they want "unbreakable home locks" -- "unbreakable" sounds great until they accidentally get locked out and need to call a locksmith.
Same goes for phones. A small minority want unbreakable encryption. The rest of people have some small number of edge cases where they really would want to be able to call up someone and get the phone unlocked.
You have it half right. Apple is corporation, which are sociopathic entities that essentially 'feed' on money. You give them more money, they grow. You cut their money, they die. People within them can influence their behavior, but only in the short term, since a company often has much going on than one person can ever track and influence, and can easily outlive a single person.
Tim Cook could 'be your friend' and it sounds like he is at least a somewhat ethical person. But even he doesn't have complete control over Apple's behavior. If he makes just one bad call, the board will kick him to the curb, so everything he does is certainly influenced how the board and stockholders feel. But similarly, even if he wanted to make Apple products non-repairable and filled with the blood of orphans and nuns, he doesn't have complete power to do so. So ascribing the things you mentioned to him, probably isn't completely accurate.
HA! I just wasted some of your bandwidth with a frivolous sig!
In a free society, people must be able to experiment with ideas and thoughts. Some of these thoughts and ideas will by the very nature of the process be, to put it mildly, problematic. Other will threaten holders of power. Hence, in order to no have to self-censor, people must have privacy in the spaces they use to evolve their ideas and opinions and that is what a free society is all about. Today, these spaces are more often than reflected in the computing equipment people own.
Sure, many people do not use these freedoms or only use them rarely. That does not matter one bit. If they are missing, freedom goes out the window and tyranny sets in. And tyranny is far, far worse than any other threat could ever be.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
As soon as you make a decision who can have privacy and who cannot, you have already lost the moral argument completely. Next steps: "abc" did not deserve free speech. Then "abc" did not deserve any freedom at all. And finally "abc" did not deserve to live. Look up "genocide" for the next step after that and for the overall approach "evil".
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
If we really wanted to stop Sunni terrorist organizations we would be relentlessly trying to level places where they are Headquartered like Raqqa.
To what end? Every bomb we drop that happens to harm an innocent person is egg on our face in other countries eyes. It's a deadly game of whack-a-mole that really doesn't have an end.
Hate breeds more hate. The Sunni and Shiites will never be peaceful to one another, and neither will truly accept Western civilizations (e.g. US and UK) as long as we keep going in and ham-handedly killing women and children in the name of peace. Ever wonder what sparked terrorism and revenge on the West? Do you think maybe some of the Cold War proxy conflicts in Afghanistan and Pakistan may have something to do with it? Maybe the two gulf wars tarnished our image?
It's funny that these terrorist organizations are so hard to track because they use "ancient" technology. Bin Laden used hand-written messages and couriers to plan and coordinate. They hid in caves, not in the backs or basements of bars. They stayed away from cell phones and other devices that could be tracked and monitored. Yet we are led to believe that these "lone wolves" were only able to chat via cell phone?
Same goes for phones. A small minority want unbreakable encryption. The rest of people have some small number of edge cases where they really would want to be able to call up someone and get the phone unlocked.
True, but they don't necessarily want the manufacturer of the phone to be the one holding the spare key.
Also, unbreakable encryption doesn't mean that your expensive phone becomes completely and permanently useless if you forget the password. You generally just have to wipe it back to the factory defaults and start over. It's not the end of the world, especially if you store copies of the more important information somewhere other than on the phone. This is a good idea in any case, since, on the whole, forgetting your password is probably a less likely risk than simply losing the device or suffering physical damage sufficient to render the data unrecoverable.
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat