Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Shared User Data With Governments, Says WikiLeaks Email (dailydot.com)

Posted by EditorDavid on from the responding-to-warrants dept.

"Please know that Apple will continue its work with law enforcement," reads an email from Apple's vice president of Environment, Policy and Social Initiatives, who reports directly to CEO Tim Cook, according to new documents this week on WikiLeaks. An anonymous reader writes: In the email the Apple executive writes "we work closely with authorities to comply with legal requests for data that have helped solve complex crimes. Thousands of times every month, we give governments information about Apple customers and devices, in response to warrants and other forms of legal process. We have a team that responds to those requests 24 hours a day." The email was addressed to Clinton campaign chairman John Podesta.

But the context is missing, and could show a larger attempt to soften Hillary Clinton's position on encryption. While Jackson writes that at Apple, "We share law enforcement's concerns about the threat to citizens," she later writes "Strong encryption does not eliminate Apple's ability to give law enforcement meta-data or any of a number of other very useful categories of data."
The email also compliments Clinton for her "principled and nuanced stance" on encryption in a December debate against Bernie Sanders. Clinton had said "maybe the backdoor is the wrong door, and I understand what Apple and others are saying about that. But I also understand, when a law enforcement official charged with the responsibility of preventing attack...well, if we can't know what someone is planning, we are going to have to rely on the neighbor... I just think there's got to be a way, and I would hope that our tech companies would work with government to figure that out."

106 comments

  1. why am i not surpised by Anonymous Coward · · Score: 0, Informative

    fucking backstabbers

    1. Re:why am i not surpised by Anonymous Coward · · Score: 0

      He meant "business having no choice but to comply with NSLs in an environment with overreaching, power hungry, and ignorant politicians, but still wanting to appear to their customers as though they give a damn (and who knows, maybe cook actually does)"

      'nuanced' is usually used as a weasel word to imply complexity when it's really just sophistry. Just because your response is nuanced doesn't mean it's correct.

    2. Re:why am i not surpised by BLKMGK · · Score: 3, Informative

      Since when does metadata equal them giving up access to the device? Metadata is things like what IP it last checked an iTunes account with or how many IOS devices you have. Yes, you ARE an idiot.

      --
      Build it, Drive it, Improve it! Hybridz.org
    3. Re:why am i not surpised by Anonymous Coward · · Score: 0

      "We won't let them change our way of life". We'll just change our way of life.

    4. Re:why am i not surpised by AHuxley · · Score: 1

      AC US Constitutional protections are not a series of blocked tubes to work around to spy on people.
      Color of law does not get around the US Constitution.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:why am i not surpised by Anonymous Coward · · Score: 0, Insightful

      metadata AND "any of a number of other very useful categories of data"

      in other words.. apple can get at whatever they want to.. encrypted or not, locked device or not.

    6. Re:why am i not surpised by dprimary · · Score: 2

      Because Apple announced this last year. This is only news to the people that don't pay attention in the first place.

    7. Re:why am i not surpised by Anonymous Coward · · Score: 0

      Constitution restriction doesn't apply here as actions are done under authorized warrant for law enforcement. That is explicitly allowed.

    8. Re:why am i not surpised by Anonymous Coward · · Score: 2, Insightful

      "any of a number of other very useful categories of data"
      Phone number ?
      Customer who bought the phone , their name, and address ?
      Credit card used to buy the phone ?
      Balance on their iTunes account ?
      Last time it was accessed ?

      There is a heap of data Apple has which does NOT include any data that is on the phone, and when given a valid warrant, Apple and every other company in the world will comply and hand over that data.

      This is entirely consistent with Apples stance on protecting user privacy, by encrypting the end users data with keys they do not have they can not hand anything over, likewise with end to end encryption, Apple is not privy to any chat data and can therefore not hand anything over.

      So, you have any PROOF to say otherwise, please give it, paranoid delusion is not proof.

    9. Re: why am i not surpised by Anonymous Coward · · Score: 1

      No. Two-faced liars spewing a totally different hue of vomit in public than the shit they spray with Hillary in private.

      All evil motherfuckers. All criminals. All corrupt.

    10. Re:why am i not surpised by AK+Marc · · Score: 1

      Your desires of what should and shouldn't be done don't affect what is done.

      --
      Learn to love Alaska
    11. Re:why am i not surpised by BlueStrat · · Score: 2

      Constitution restriction doesn't apply here as actions are done under authorized warrant for law enforcement. That is explicitly allowed.

      *Individual*, very specific, and narrow warrants yes, but not general warrants, they are expressly forbidden.

      However, our current crop of politicians, bureaucrats, federal judges, and TLAs seem to be of the opinion that they can violate the US Constitution with impunity by waving a 'national security' flag around. Sorry, but national security, illegal drug traffickers, child porn, copyright infringement, etc etc...none of these trump the Constitution and civil rights.

      Government no longer honors the limitations to its' power and scope set out in its' founding document which are the only things which give it legitimacy.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
    12. Re:why am i not surpised by Anonymous Coward · · Score: 3, Insightful

      Metadata doesn't exist, all data is data.
      The government doesn't really care if you just asked for direction, if you are in contact with someone they don't like you are a criminal.

      They even kill people just based on "meta"-data.
      Ex-CIA director – We kill people based on metadata
      And here is a YouTube clip if you think that veteranstoday just made it up.
      Former NSA boss: "We kill people based on metadata"

    13. Re:why am i not surpised by Anonymous Coward · · Score: 1

      Since when does metadata equal them giving up access to the device? Metadata is things like what IP it last checked an iTunes account with or how many IOS devices you have. Yes, you ARE an idiot.

      You know what else is metadata?
      The key that data has been encrypted with.

      That is right, it's just data about the data, not the actual data itself.

    14. Re: why am i not surpised by Anonymous Coward · · Score: 0

      Any? Any questions, yet? I have just the small music player by Apple, but I see music pop-ups on my win set. Why? Metadata, is used for more then that. Meta data includes whatever it wants to load to the cloud, metadata, includes algorithm s you never heard of, and constructs you have only thought about, translated to a cover page, your who, what when where and why. Now, who is it shared with? Better yet and get some foil out, who is it not shared for a profit with...you.

    15. Re: why am i not surpised by MachineShedFred · · Score: 1

      Yeah, how dare they comply with legal court orders rather than risk contempt fines and sanctions!

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
    16. Re: why am i not surpised by Type44Q · · Score: 0

      But at least they're brave. ;)

    17. Re:why am i not surpised by currently_awake · · Score: 1

      The US government doesn't give American corporations the choice of saying no. This is why American Corp = Untrustworthy.

    18. Re:why am i not surpised by Anonymous Coward · · Score: 0

      One interesting thing to note, is that the warrant process and our adversarial system of justice were not originally intended to be used by the government. It was fairly libertarian in a sense, there were no police and anyone who had a grievance could swear out a warrant and even get a bunch of their friends together to execute it. Giving this power to the State as well makes it responsible for self-policing the Fourth Amendment, which clearly hasn't worked out well.

    19. Re:why am i not surpised by bmo · · Score: 1

      Metadata is more useful.

      Contents of email, chats, voicemail, etc., are less important than who you talked to, when, and where. The number of times you communicate with someone says how important they are. It tells people who your friends really are, in spite of what you /say/ about your friends. If $JOE_FBI asks you about $RANDOMPERSON and you say "I don't know $RANDOMPERSON" and the metadata says you talked to $RANDOMPERSON 8 times last week, that's significant. Metadata is also more searchable and compact.

      Metadata tells you who is an active member of an organization, to be rounded up and imprisoned later - one that $JOE_FBI might be assigned to or simply has a grudge against.

      Saying "it's not equal to them giving up access to the device" is minimizing the importance of metadata.

      --
      BMO

    20. Re:why am i not surpised by Wraithlyn · · Score: 1

      LOL try harder to hear what you want to hear.

      "a number of other very useful categories of data" != "everything".

      --
      "Mind, as manifested by the capacity to make choices, is to some extent present in every electron." -Freeman Dyson
    21. Re: why am i not surpised by Anonymous Coward · · Score: 0

      you are a fucking idiot

    22. Re:why am i not surpised by superwiz · · Score: 1

      but not general warrants, they are expressly forbidden.

      You may think so. And it may have been the writers' intent. But the decision about what The Constitution means is relegated to (usually) 9 individuals (currently 8). I am going to go ahead and assume (despite the thin veil of anonymity) that you are not one of those individuals. And until their majority states otherwise in a court case, the choice to use such warrants remains available to the executive.

      --
      Any guest worker system is indistinguishable from indentured servitude.
    23. Re:why am i not surpised by ahabswhale · · Score: 1

      The provide data when warrants are issued. They don't get a choice in the matter. Every other company does the same thing.

      --
      Are agnostics skeptical of unicorns too?
    24. Re: why am i not surpised by Anonymous Coward · · Score: 0

      and you are a parrot

    25. Re:why am i not surpised by Anonymous Coward · · Score: 0

      So, you have any PROOF to say otherwise, please give it, paranoid delusion is not proof.

      Oh for fuck sake when it's Microsoft nobody cares about proof. "They have telemetry to improve spell check, prediction and handwriting that has a switch in control panel that you can turn off" which translates to "Microsoft is stealing all your data and selling it to advertisers and giving it to the government".

      And when Apple admits they send many different types of data to the government from their closed platforms and devices with encrypted traffic so you don't know what's going on it's all "Oh but we don't know for sure whether they are or aren't".

    26. Re:why am i not surpised by AutodidactLabrat · · Score: 1

      Yes, it means everything.
      What I like to call "Bartcop's razor" went something like this
      Any 'mistake' that adds to the wealth, power or prestige of any corporation
      WILL be repeated unless there is a strong disincentive (like prison) to stop it
      So yes, "a number of" means EVERYTHING!

    27. Re:why am i not surpised by BlueStrat · · Score: 1

      but not general warrants, they are expressly forbidden.

      You may think so. And it may have been the writers' intent. But the decision about what The Constitution means is relegated to (usually) 9 individuals (currently 8). I am going to go ahead and assume (despite the thin veil of anonymity) that you are not one of those individuals. And until their majority states otherwise in a court case, the choice to use such warrants remains available to the executive.

      Oh, I'm aware that the federal government is using general warrants in complete violation of the US Constitution while trying to avoid any cases making it to a SCOTUS ruling, at least until they have the court comfortably packed with friendly justices.

      That is the danger of allowing 9 politically-appointed, unelected individuals to be the ultimate power to "interpret" the Constitution, as what the definition and scope of "interpretation" is and encompasses always broadens and becomes increasingly politically and ideologically biased.

      People are increasingly losing faith and respect for the legal system and the government as a whole as the weight of political corruption and cronyism, which scales proportionately with the power, size, & scope of government, becomes increasingly worse. History shows that when that faith and respect drops below a certain point among enough people, really, really bad things happen. In other countries it has often led to violent revolts and revolutions. No nation whose people do not as a whole generally believe in its' leaders and government can remain standing.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
  2. Faith-based security by Anonymous Coward · · Score: 4, Insightful

    Closed source encryption = faith-based security.

    1. Re:Faith-based security by Anonymous Coward · · Score: 1

      same as open source encryption, unless you happen to be a mathematical and code genius. similar amounts of eyes review all of them as their are very very few who have the necessary skills to do so.

    2. Re:Faith-based security by Alain+Williams · · Score: 2

      I am not a mathematical genius, but I know of some who are and that they have looked at the open source code and said that they are happy. This does not guarantee that they have not overlooked something, but is much better than the closed source scenario where only a few have seen the code - and I do not know who those few are or who they work for.

    3. Re:Faith-based security by wvmarle · · Score: 2

      More importantly:

      Closed source crypto: those that have seen the code are restricted by NDAs and usually on the payroll of whoever developed and deploys the encryption. These people have various reasons not to speak out on any potential issues, including back doors. You'll have to wait for a Snowden or Mannings to step up and reveal any issues.

      Open source crypto: everyone, including "the enemy" and others with vested interests to break it and reveal exploits can see and analyse the code. They are not bound by NDAs, often live and work under various jurisdictions which means they can not all be gagged by laws.

      The main reason we can trust closed-source crypto is that it is in the interest of the developing/deploying company that it actually works. Apple has lots to lose if it turns out their crypto is weak and contains easily exploitable back doors or bugs. It will probably not bankrupt them, but it'd be a really serious blow to the credibility of the company - and it'd take years if not decades for the general public to put their trust in Apple again.

      This is why I do trust Apple (and other companies) to have really strong encryption that actually works and has no back doors, even though I'd strongly prefer them to open source it so third parties can confirm this is the case.

    4. Re:Faith-based security by Vasheron · · Score: 1

      Kerchoff's Principle essentially states that the security of a cryptographic system should depend only upon the secret key and not on the secrecy of the system itself. Indeed in the book Cryptography Engineering, the authors claim that they have reviewed may secret cryptographic systems and all of them had flaws.

    5. Re:Faith-based security by Anonymous Coward · · Score: 1

      Closed source encryption = faith-based security.

      Unless you audit everything yourself, you're employing faith based security.

  3. They respond to warrants?! by BLKMGK · · Score: 4, Informative

    Total surprise! It's why they've made sure they can't get through their own crypto...

    --
    Build it, Drive it, Improve it! Hybridz.org
    1. Re:They respond to warrants?! by Lisandro · · Score: 5, Insightful

      That was my exact first thought. I'm far from an Apple fanboy, but why the hell is the story framed to sound like they're surreptitiously sharing customer data with the NSA or something

    2. Re:They respond to warrants?! by ArtemaOne · · Score: 2

      I came here to see if anyone had posted this. None of this is even story-worthy. If they have the information they must respond to a warrant.

    3. Re:They respond to warrants?! by BLKMGK · · Score: 5, Insightful

      Exactly! Metadata is things like IP addresses of logins or names of accounts. These are things they have to have in order to operate and it's not something they can deny a valid warrant. AOL, Google, Yahoo!, and many many other companies respond to these requests. But if they cannot get at the data they cannot turn it over. Some companies, like Yahoo! apparently, give way more than others but if they couldn't get to the data they couldn't and Apple claims they no longer can. Put a good password on your account, your backups, and good grief don't use the cloud. How hard is that? Non-story unless they can show that Apple is breaking the most recent crypto...

      --
      Build it, Drive it, Improve it! Hybridz.org
    4. Re:They respond to warrants?! by Anonymous Coward · · Score: 0

      "Metadata." A term just vague enough to satisfy the public, just vague enough to let the government store whatever they want.

      "We only collect metadata."

      Sure.

    5. Re:They respond to warrants?! by BigBuckHunter · · Score: 2

      This is the third clickbait Anti-Apple article today. They had the google vulnerability disclosure article and yet another MacBook Pro pooh-pooh article. Apple has always cooperated with LEA warrants and will continue to do so.

    6. Re:They respond to warrants?! by dissy · · Score: 1

      Apple has already publicly stated exactly this during the FBI lawsuit that clearly no one paid any attention to.

      They stated they have and will continue to honor legally issued warrants for data on a specified customer.

      What they will not do is hand over data for all customers at once without a warrant, and they would not remove their customers encryption leaving them vulnerable to attack by basically everyone.

      Those last two are what the FBI demanded, and failed to sue Apple over.
      In fact during the lawsuit Apple stated they already handed over the data they had on Syed after getting a warrant. It was the crippling of every customers phone by disabling everyone's encryption the FBI didn't (and couldn't) produce a warrant for which Apple refused to do.

      You don't need a wikileak to show what Apple said in their own announcement to the public and what is in public court records.

    7. Re:They respond to warrants?! by Anonymous Coward · · Score: 0

      Because there is no headline otherwise.

      There are people who believe their love/hate for any particular team/product/company allows them to post any kind of unjustified, unsubstantiated innuendo .

    8. Re:They respond to warrants?! by Anonymous Coward · · Score: 0

      These are things they have to have in order to operate

      Not true. Almost all, if not all, data regarding past user communications is not necessary in order to operate. Which-calls-were-made-when-to-whom? You can safely forget about that after the calls are concluded. Now, it's true that this data might be _useful_ for operations (e.g. for keeping track of bandwidth use patters to decide where to widen the pipe, get new equipment and so on), but it's certainly not _necessary_; and even the usefulness doesn't decrease significantly, or at all, after some anonymization or aggregation.

      and it's not something they can deny a valid warrant.

      I call cIrcular reasoning... If a warrant is valid of course the law requires you respect it. But they could very well state such a warrant is _not_ valid on constitutional grounds and refuse to respect it. If there's a chance the government might raid them, they could do what other service providers do, such as guaranteeing private frequent deletion of backlogs of private data; or encrypting all user-specific data so that only the user can access it; or keeping data outside the US; or other means.

    9. Re:They respond to warrants?! by willy_me · · Score: 1

      You can safely forget about that after the calls are concluded

      This is the point of encryption. They never have the unencrypted data so there is nothing to forget. If they have the information at any point in time, authorities produce a warrant requiring them to remember that information. This is why the metadata is fair game - the provider (Apple in this case) requires it to operate. But the data contents (email, documents, etc.) are never decrypted by the provider and remain secure.

    10. Re:They respond to warrants?! by ljw1004 · · Score: 2

      Put a good password on your account, your backups, and good grief don't use the cloud. How hard is that?

      How hard is that? ... pretty much impossible. Don't get me wrong. I used to use my own personal linux server for documents and photos and music. Went through three machines over fifteen years, always with RAID, always with offsite backups. I wrote a frontend to let me browse photo thumbnails quicker than google drive or onedrive.

      But it was too hard to meet reasonable family needs. Too hard to share photos with (non-technical) family members. To hard to automatically upload photos+videos from my phone. Too slow to share 100mb+ videos. Too hard to share a collaborative grocery list and the like. And when a problem happened (e.g. a RAID drive failure) it happened when I was up to my neck in work duties or diaper changing or whatever. Infants and unslept spouses don't appreciate that you're spending time administering your server rather than doing your share of childcare, and don't appreciate "I need to fix up the server" as a reason for why we can't update our family grocery list or calendar or to-do list. So the server limps along on only one drive for a month, or two months, and suddenly it's too precarious or out of commission for a while.

      If your use-case doesn't involve this much family sharing, or if you have the expertise and time to manage your server, then good for you. But I don't think "good grief don't use the cloud" is useful advice in general.

    11. Re:They respond to warrants?! by tlhIngan · · Score: 2

      This is the third clickbait Anti-Apple article today.

      It's because Apple made the news earlier this week with a product announcement. This brings out all the haters because you know what? Apple stuff leads to ad clicks. So click-bait articles about Apple, especially since Apple is in the news, means lots of ad money.

      It's what journalism has evolved into on the Internet - whatever you can do to trick users into clicking your articles for ads. Gawker might have been the first to formalize it from the get-go - writers were paid by the click, literally.

      Apple announces something, so you generate 100 articles about that something. Which generates 200 articles about why that something is completely studio, idiotic and completely pointless. Which generates another 300 articles about why Tim Cook did or didn't do something on stage. Followed by 400 articles about something not related to Apple at all but they throw in Apple's name to get an ad click. Followed by 1000 articles about news about Apple form years ago.

      Face it - Apple news is like black friday sales. When Apple makes an announcement, websites lap it up make about the only real money they'll made from ad impressions all year. A few Apple articles is enough to pay for the entire website for the year. The rest of the year the other boring crap is just bonus money.

    12. Re:They respond to warrants?! by Anonymous Coward · · Score: 0

      " in response to warrants and other forms of legal process. "

          seems like that implies without warrants also..

    13. Re:They respond to warrants?! by Feral+Nerd · · Score: 1

      That was my exact first thought. I'm far from an Apple fanboy, but why the hell is the story framed to sound like they're surreptitiously sharing customer data with the NSA or something

      Because that way they get more clicks as the members of the self appointed Apple critics brigade pile in here to vent their rage?

    14. Re:They respond to warrants?! by Anonymous Coward · · Score: 1

      I did a quick review of their iMessage protocol. It uses old and weak cryptographic primitives, and provides no forward and/or future secrecy. You also have to trust Apple to serve the correct public keys. I wouldn't be surprised if the NSA can crack it.

    15. Re: They respond to warrants?! by Anonymous Coward · · Score: 0

      So why was Apple kicking and screaming when the FBI came to them with a court order signed from a judge.?

    16. Re: They respond to warrants?! by Anonymous Coward · · Score: 0

      You chose that life now deal with it. All I hear is bitching and excuses. You find time for that shit. I setup a file server and haven't touched it in 6 months because it just works. The occasional patches but that's about it. If you can find time to have your wife have you by the balls by creating a fucking "to do" list, then you can patch a fucking server for 2 hours a week.

      It's called multi tasking.

    17. Re:They respond to warrants?! by BLKMGK · · Score: 1

      I use some cloud services - photo sharing, email, things like that, if someone sees my vacation pics I don't care. What I don't do is upload a backup of my phone to the cloud. It's stored locally and it's password protected. Yes, the password could be cracked but end of the day I don't save anything earth shattering in it and I've raised the bar significantly - no fappening for me!

      Likewise system backups are done locally as is media storage - my storage has grown over the years and been upgraded as needed. I'm currently pondering backup up to the cloud - but it will be within an AES 256 encrypted blob that I have control over and password protected. Again, it could be cracked but I'm balancing risk vs gain here and this backup will be a "break glass" sort of thing and not something I ever hope to HAVE to use. I'll use a hefty long password for it for sure - kept in a password manager that's also storing AES 256 blobs for me.

      I don't run this on a full on RAID box either. I use unRAID which boots from a thumb drive and seldom needs patching. It maximises space for drives consumed, minimizes electricity use, and if I want can run Docker or even VMs as needed but I don't do that. I do run VMs on another server though but it's kept separate and could burn up and not touch my main storage. The unRAID box just purrs in a closet, I've run one for about 7 or more years now - no data loss.

      --
      Build it, Drive it, Improve it! Hybridz.org
    18. Re: They respond to warrants?! by BLKMGK · · Score: 1

      Because the order was overly broad and was requesting that they build software for the FBI that could potentially be used for additional cases sans warrant. Apple was cooperating with them until the FBI requested that, in fact Apple was cooperating with them prior to receiving a warrant because they understood that this case was of importance for public safety - then the FBI asked for the keys to the candy store and Apple shut them down.

      --
      Build it, Drive it, Improve it! Hybridz.org
  4. Missing context by Anonymous Coward · · Score: 1

    But the context is missing

    That's the whole problem with all of these WikiLeaks emails. We see people shooting messages back and forth but we have no idea what conversations may have led up to, or occurred as a result of, each email. A lot of them are snippets of news articles and other research, looking for opinions and bouncing ideas around. We don't know what decisions were or weren't made based on most of this stuff because we're only seeing a small window into a much larger operation.

    "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged."

    1. Re: Missing context by Anonymous Coward · · Score: 0

      Context. Politicians are liars. Good enough?

    2. Re: Missing context by MightyMartian · · Score: 2

      No it isn't good enough. Injecting cynicism isn't a replacement for context.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    3. Re:Missing context by Anonymous Coward · · Score: 1

      And it is amazing how people automatically take the content of these leaks as 100% authentic? How hard would it be for those releasing the information to make a few changes here and there to support their political ideology? Those releasing the WikiLeaks documents as well as those releasing the Snowden information have proved beyond a shadow of a doubt they are using these leaks to drive their political platform. Snowden stole millions of documents but only a small percentage has been released by the gate keepers. They release a few documents containing non-specific information about intelligence programs and then make that vague program description sound like an extinction level event. Where is all the supporting documents containing the details for these programs? Any complicated system designed by the government will generate reams of documentation but none of this information has been released. The information released about the NSA cyber security efforts look more like Power Point presentations used to secure future funding. It doesn't mean any of these programs actually leave the whiteboard. Maybe the unreleased information contains information contradicting the storyline put forth by those releasing the information?

    4. Re:Missing context by AHuxley · · Score: 1

      AC fake emails don't make party political workers quit.
      AC "How hard would it be for those releasing the information to make a few changes here and there to support their political ideology?"
      Smart people in the press have some really great experts for that. They look at every word, sentence, name, date, format, font and write up reports.
      If anything had been added, altered or changed the press would have found it.
      The media world wide has a long institutional memory of been offered altered or fake or historically forged documents over the years. By default they hire smart people to look over them before, during and after publication as a wider whole set of documents.
      The decades of a rush to publish has be replaced with a few different experts been tasked to see if what is on offer is real, a trap, a limited hangout or bait or fake.
      AC some of the documents even have some fancy DKIM (DomainKeys Identified Mail) signature features. Is the use of 2048 bit keys still ok AC?.
      https://en.wikipedia.org/wiki/...
      If the codes did not add up the press would have found that. Their document experts would have tested for valid signatures at different stages.
      Even bloggers and other interested people can report on DKIM result by using different apps.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:Missing context by Sax+Russell+5449D29A · · Score: 1

      How hard would it be for those releasing the information to make a few changes here and there to support their political ideology?

      Extremely hard. Like AHuxley there pointed out, the emails are signed by domain keys and you and me, and everybody else, can validate the authenticity and integrity of every email that has the DKIM. To say that they would have forged an email in a way that still validates through a DKIM validator, WikiLeaks (or some other party) would've had to have stolen Google's and other domains' private DKIM keys. Mind you that these keys are *extremely* well protected, especially on Google's services.

      That being said, to say that Podesta's emails have been forged, you would have to simultaneously argue that *every* email sent from e.g. Google's email servers are potentially forged or subject to forgery right now. If Google, for example, believed this to be true, they'd be changing their keys right now.

      --
      -SR
  5. it needs to be in your own hands. by Anonymous Coward · · Score: 1

    If you give ANY large corporation data about yourself, they can and will disclose that data to the feds, and a lot of the time to advertisers too.

    The only way past all this is to take matters into your own hands. End to end encryption, so no one in the middle CAN disclose the contents. Do not use services that depend on centralized servers. Run your own servers if you have to for your friends and family to use for IM/vidchat/etc.

    Stop centralizing the internet, and this will be less of a problem. We're here because everyone is so keen on discarding the original internet architecture and putting all our eggs in a tiny number of massive baskets, and then giving away the key.

    1. Re:it needs to be in your own hands. by AHuxley · · Score: 1

      Re Or add to the basket every day.
      Take up landscape photography. Buy a few books about one time pads online with a credit card and ensure all privacy settings are wide open during the search for a few well written books that review well. Download or buy some steganography apps.
      At the end of every email you send on an Apple computer or device add a very small creative photo banner.
      Create a small photo of a typed one time pad text and use steganography to hide a new one in every image. With a just few emails per week thats a few hundred over a few years.
      Is every email a hidden message? Some? A few or just one important one? None?
      If a US brand wants to be super helpful, help them track friends of friends of friends. Just make sure every new one time pad image is unique and has a new photo to be placed in.
      Considering the interest in detecting steganography might create thats 3 hops of contacts from a small group of random people to sort.

      --
      Domestic spying is now "Benign Information Gathering"
  6. Can you say Fascism? by Anonymous Coward · · Score: 0

    If it was any more obvious, the jike would be lost.

    1. Re:Can you say Fascism? by Anonymous Coward · · Score: 0

      You mean kike?

  7. Where is your God now? by RubberDogBone · · Score: 1, Troll

    Well, this one is for all you Apple fans who jumped up and down and breathlessly supported Apple over the Santa Barbara phone case.

    The company you cherished and supported and defended and swore could do no wrong.... was stabbing you in the back and selling you down the river the whole time.

    Ha Ha Ha Ha Ha

    The truth is, big companies like Apple don't get to become big companies like Apple unless they sell out LONG before they get that big. They've ALL sold out. They ALL happily hand over your data all the time. You have NO privacy. NOBODY will protect you. And if you ever really believed otherwise, you were a fool.

    --
    Sig for hire.
    1. Re:Where is your God now? by ArtemaOne · · Score: 2

      You sound ridiculous. Do you know what the US Government would do to a corporation that denied assistance to legal warrants from the judicial branch?

    2. Re:Where is your God now? by Anonymous Coward · · Score: 0

      Nice troll.

      You still fail at reading comprehension.

    3. Re: Where is your God now? by Bing+Tsher+E · · Score: 1

      The same thing any government would do. But it's appealing to act like a few special companies refuse. It could even become a bit of marketing hype for a company to pretend they refuse. Or even that they're special somehow and have designed their system to make impossible not to refuse. All within a shroud of secrecy, and behind closed-source software and trade secrets, of course...

    4. Re:Where is your God now? by AHuxley · · Score: 4, Informative

      Re "Do you know what the US Government would do to a corporation .. "
      "The One Telco Exec Who Resisted The NSA Has Been Released From 4+ Years In Jail" (Sep 27th 2013)
      https://www.techdirt.com/artic...
      This news just adds to the PRISM decryption and other issues that US brands seem to offer assistance with.
      https://en.wikipedia.org/wiki/...
      If its important encrypt well away from any and all Apple products, send the communications.
      Anonymity is hard to ensure but at least people can get their privacy back from Apple and the mil/gov.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:Where is your God now? by bloodhawk · · Score: 1

      holy fuck. I hate apple more than most but you sound like a fucking retard. All companies are required to respond to legal warrants, Including Microsoft, Google and Any open source based companies or organisations. grow the fuck up.

    6. Re:Where is your God now? by superwiz · · Score: 1

      Uhm... go to court? It's what's happening to Microsoft. They are refusing to give access to data stored in Ireland. For now, at least, the issue is in the hands of the courts.

      --
      Any guest worker system is indistinguishable from indentured servitude.
    7. Re:Where is your God now? by ArtemaOne · · Score: 1

      Right, Ireland. You just made it off topic, but I don't have mod points.

    8. Re:Where is your God now? by superwiz · · Score: 1

      Sorry, in which way does MS vs DOJ situation not fit the description "what the US Government would do to a corporation that denied assistance to legal warrants from the judicial branch?"

      --
      Any guest worker system is indistinguishable from indentured servitude.
    9. Re:Where is your God now? by ArtemaOne · · Score: 1

      The word "legal" is the key here. They're trying to get something from Ireland, which is more than questionable in terms of legality.

    10. Re:Where is your God now? by superwiz · · Score: 1

      The courts have final word in what is legal because their opinion of the meaning of the law is binding. You haven't mentioned why the hypothetical company would deny such government request. If it did so on the basis of a questionable legality of the warrant, the government would do what I originally said they would do. They would go to court.

      --
      Any guest worker system is indistinguishable from indentured servitude.
  8. wikileaks must be fore this by gumbi+west · · Score: 0

    I'm confused, isn't wikileaks pro-sharing? Isn't that all they do?

    1. Re: wikileaks must be fore this by Anonymous Coward · · Score: 0

      Yeah, better security would kind of derail their operating model, which I think is still "find some patsy with a clearance to send us poorly protected data."

    2. Re:wikileaks must be fore this by Anonymous Coward · · Score: 0

      No of course not. It is Russian covert operations that selects and paints a misleading picture.

  9. 2015-12-20 by Anonymous Coward · · Score: 0

    Firstly it's not selling it, Apple are responding to warrants as they're legally required to do. But notice the date? This was around the time the FBI was demanding back doors in phones. They're clearly lobbying to head off that. San Bernadino case being earlier that month.

    *However*, the golden rule of security is you protect your own stuff. Because if there's an easy backdoor, the FBI will take it. Regardless of jurisdiction, your right to challenge the warrant etc. they will always take the easiest path, and if slapping a warrant on Apple is the easiest route that minimizes your chance to challenge their warrant, then they will do that.

  10. Not news by Anonymous Coward · · Score: 1

    Yeah, this isn't news. Anyone who followed the San Bernardino case knows the sticking point with Apple wasn't handing over user data to the FBI - they already handed over the guy's iCloud backups, after all - it was being required to write new code.

    Essentially once it became clear that they weren't going to be able to get into the device without having to - gasp - do some software development, they balked. But up until that point, they were happily helping the FBI try and access that iPhone.

    Apple never has and never will be "on their customer's side." They're more than willing to sell you out to the government at a moment's notice.

  11. it's the law by YesIAmAScript · · Score: 1

    What did you think they did?

    They make changes to make it impossible to turn over your data. But that will never be the case for some kinds of data, like when you last accessed your account, etc.

    --
    http://lkml.org/lkml/2005/8/20/95
  12. Where's the beef? by Anonymous Coward · · Score: 0

    Garbage news? They were issued legal warrants on an individual case by case basis and responded to those warrants. Yes there were a ton of warrants but as long as they are input and responded to individually there is nothing nefarious happening unless I'm missing something. This is not news, this is how the government is supposed to work.

    1. Re:Where's the beef? by fred911 · · Score: 1

      It's not with disclosure by warrant, it's disclosure by " other forms of legal process". I don't know of any other form of legal process that permits release or use of any user data without the user's express permission (including "metadata").

      --
      09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  13. Not a huge Apple fan... by Zontar+The+Mindless · · Score: 1

    ...but the headline is a bit clickbait-y.

    How about you let us make our own judgements?

    In this case, the facts seem to be that Apple follows the law, and that it's reluctant to enable a back door.

    --
    Il n'y a pas de Planet B.
  14. In other news... by jmcvetta · · Score: 1

    In other news, water is wet, the pope is catholic, and bears shit in the woods.

    1. Re:In other news... by Anonymous Coward · · Score: 0

      When a bear shits in the woods, does it wipe its ass with a rabbit?

  15. complex crimes? by Anonymous Coward · · Score: 0

    If Apple can't help but making up bullshit language like this, by using the phrase "complex crimes", imo they can't be trusted.

    I can ofc guess at what "complex crimes" might mean, but this is no way an objective way of describing things, this phrase is much too vague.

  16. Re:At this point by Alain+Williams · · Score: 1

    I don't know why the parent is moderated troll. If you want to be secure that is the correct assumption to make: be it true or false. The only safe machines are the one that you control - physically; nothing in the cloud can be 100% trusted.

    However: there are levels of trust; how much of a target are you, how dangerous/important are your secrets ? For most of us most vendor/... security is sufficient since we are unlikely to be of interest to government spooks. But: get active politically, or in a trade union, ... and you become a target.

    I am not talking of stupid companies like TalkTalk and Ashley Madison who just don't have a real clue about security or simply can't be bothered.

  17. Well, duh. by Anonymous Coward · · Score: 0

    Of course any company will provide data to law enforcement upon presentation with legal orders to do so. Otherwise the company and persons involved with withholding the data could be held in contempt and may be an accessory if there was a crime involved. The idea that a company can simply choose which laws and lawful orders it will obey is some fragment of rebellion left in the minds of its leadership from the days when they were teenagers and in rebellion against their parents. Not obeying the law is a much more serious action and has potentially serious consequences. This is as it should be. Otherwise, Russia and Putin await these a-holes.

  18. Translation by Anonymous Coward · · Score: 0

    ... hope that our tech companies would work with government ...

    Translation: Please provide 'Blackberry' level of "concerns about the threat to citizens". She's not opposing corporate policies but is using weasel words to claim that "a law enforcement official charged with the responsibility of preventing attack" will be given some mechanism to defeat privacy and encryption.

    ... have to rely on the neighbor.

    Bring on the East German style of national security.

  19. What was wrong with the Stasi? by Anonymous Coward · · Score: 0

    I mean, I really want a convincing answer that does not apply equally well to all the shit the security agencies of the "free countries" are pulling these days.

  20. Wikileaks is a Russian covert operation by Anonymous Coward · · Score: 0

    Have they uncovered anything embarrassing about Russia? Of course not.
    Why are we so fooled by its propaganda?

  21. Apple Caved to China by Anonymous Coward · · Score: 0

    The iPhone has been very successful in China. You can bet your last dollar that Apple has caved to the Chinese government.

  22. This just in! by jodido · · Score: 1

    In what must be the biggest surprise story of the week, Apple, a big corporation, acts like a big corporation. Jokes aside, the government is *Apple's* government, not yours. Like it's Exxon's or Monsanto's, or Koch whatever. It's called capitalism, a lot of you say you like it, so don't get all outraged when capital rules. And you don't.

  23. Bernie Sanders by Anonymous Coward · · Score: 0

    Remember when the Clinton campaign actively conspired to defraud voters and steal the nomination from Bernie Sanders by rigging and corrupting the voting process? Good times. If you are or were a Bernie Sanders supporter, don't forget that YOU GOT FUCKED.

    Also, Apple "complying with legal requests for data that help solve complex crimes" is not earth shattering news. Every fucking body does this. I'm an Apple hater from way back, and I'd love to see them crash and burn up like a Note 7, but come on, this isn't even newsworthy.

    The question we should all be asking is "Why aren't Bill and Hillary both rotting in prison for their crimes?"

  24. Why is this even a story? by Anonymous Coward · · Score: 0

    Slow news day, huh? This amounts to "Apple responds to specific court orders with specific information, as required by law." The headline makes this sound like they're secretly decrypting private data and sending everything to the government. Which they aren't. Not much to see here.

  25. Apple fanbois pot calling kettle black by juniorkindergarten · · Score: 0

    To all the Apple fanbois:

    You're the pot calling the kettle black! You jumped all over Blackberry when they worked with governments.

    Looks good on ya!

    --
    "Every security scheme that is based on secrets eventually fails." - Steve Jobs
  26. not nuanced enough by superwiz · · Score: 1

    The subtle difference between sharing data and writing a non-existent program to access data inside a device when no such program currently exists remains the key. Of course, Apple shares data which they have and can provide when they get subpoenas. They probably do it even without subpoenas under the assumption that the government is a good-faith actor. But such assumption was not enough (as far as we know) to force Apple to write a program which would have made hacking into their own devices possible. So this story DOES NOT contradict the claim that Apple did not help the government break into secure storage on iPhones. I am not saying that Apple didn't do it. But I am pointing out that there is difference between what this email says Apple did and what the government asked them to do in the instance which became famous earlier this year.

    --
    Any guest worker system is indistinguishable from indentured servitude.
  27. Verification... by Anonymous Coward · · Score: 0

    Any business that receives a legal document in the mail claiming to be from a LEA or government bureaucracy should verify the authenticity of it through at least two different, and separate, channels.

  28. Timmy Cook The Lier Yet Again by Anonymous Coward · · Score: 0

    How many times of outing Timmy Cook will it take to get him and his succulent subordinates out of Apple Inc.?

    We are waiting.

    Ha ha

  29. Just as a point RE Yahoo! by Anonymous Coward · · Score: 0

    They fought and lost on exactly that turnover of data years ago when M$, ATT etc were already giving that information over with or without a warrant.

    Yahoo! Lost and ended up spending millions in penalties before aquiescing.

    Lots of things to hate on Yahoo! for, but that isn't one of them.

  30. Not entirely news by cfalcon · · Score: 1

    I was going to say it isn't really news- but it sort of is. The new part is that Apple is using their stance as a defense in emails to powerful people. The old part is that (a) Apple has metadata that is available to them and (b) Apple shares everything that they can with any government that asks. Apple will deliver, when given a lawful order, metadata, anything that isn't encrypted, and anything that they can decrypt. This includes everything in icloud.

    This should, frankly, not be a surprise, but if you just glanced at the stories from last year, you'd be forgiven for thinking that. If you instead looked at the documents that Apple provides for law enforcement ( https://www.apple.com/legal/pr... ), or law enforcements own documents (which I can't easily google at the moment, but they are out there), you'll see that Apple basically hands over every single thing, every single time. For the older phones that weren't encrypted with a user key, they would unlock the entire phone. Every thing that they are technically capable of unlocking, they do. Since forever!

    I also doubt they are in any way unique in this. It *is* the law, after all. It's also probably a big part of why Apple has added more and more user-only accessible parts to their phone, such as encrypting it in such a way that they can't read it (the phone itself, iMessage). Meanwhile, every piece of metadata is duly handed over, as they have access to that.

    Basically, this is only a surprise if you didn't ever bother to look into it much, which, I mean, not everyone would. The new part is the email where they defend themselves to the Clinton campaign.

  31. Deja vu all over again - Scooter by thunderclees · · Score: 1

    Citizen 4 had already shown in a leaked document (a PowerPoint of all things) that Apple, Facebook, Micro$oft, Google amongst others were already on the alphabet mafia payroll.

  32. To sum up: still safe to use Apple devices by Anonymous Coward · · Score: 0

    I will try to sum this up after reading several comments here: Apple is obligated to respond to warrants for handing over data they possess. This does not include any data encrypted on end-user devices, because Apple does not have the key, and Apple cannot defeat their crypto mechanisms to decipher the data without this key. Moreover, since there are no sweeping warrants allowed (for indiscriminately forking over the available data on every Apple customer), this is actually a non-story.