Slashdot Mirror
In a Leaked Memo, Apple Warns Employees to Stop Leaking Information (bloomberg.com)
Apple warned employees to stop leaking internal information on future plans and raised the specter of potential legal action and criminal charges, one of the most-aggressive moves by the world's largest technology company to control information about its activities. From a report: The Cupertino, California-based company said in a lengthy memo posted to its internal blog that it "caught 29 leakers," last year and noted that 12 of those were arrested. "These people not only lose their jobs, they can face extreme difficulty finding employment elsewhere," Apple added. The company declined to comment on Friday. Apple outlined situations in which information was leaked to the media, including a meeting earlier this year where Apple's software engineering head Craig Federighi told employees that some planned iPhone software features would be delayed. Apple also cited a yet-to-be-released software package that revealed details about the unreleased iPhone X and new Apple Watch. Leaked information about a new product can negatively impact sales of current models, give rivals more time to begin on a competitive response, and lead to fewer sales when the new product launches, according to the memo.
I hate it when companies force NDAs on business operations. I had one that said we couldn't talk about any aspect of the business, even though there was nothing to hide except corrupt business practices (which is probably the reason for it).
... it "caught 29 leakers," last year and noted that 12 of those were arrested. "These people not only lose their jobs, they can face extreme difficulty finding employment elsewhere," ...
It must have been something you assimilated. . . .
Apple could give users' files to the FBI, or sell access to detailed individual customer data to 3rd parties, but to our knowledge, they haven't. Facebook has sold such data to 3rd parties, it's pretty much their business model. Zuck deserves the shame he got, even from Cook
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Name a company that doesn't ask their employees to protect corporate secrets.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Knowing Apple, they probably added some sort of digital fingerprint to the memo so they could catch the leaker.
I hope that the leaker was smart enough not to forward the headers...
As a former Apple diehard (been clean about 10 years now), I really can't believe what major league douche bags Apple has become. I only stopped using their computers because my university didn't support them on their network at the time, but between incredibly overpriced machines and devices, suing everyone under the sun and over matching them on lawyers, threatening and almost abusing employees on the regular, trying to intimidate everyone that has anything to do with them, making devices that are almost impossible to repair and then deliberately breaking third party repairs with software updates which seem to have no legitimate purpose and appear to only be pushed to break the repairs, spam dialing 911 from their repair centers and then not having any idea how to stop it, supporting terrorists (I'm all for protecting people's data and standing up to the man about it, but you lose your right to have your data shielded when you openly murder a room full of people), their general smugness about everything, and probably a few other things I'm missing, I am very glad that I haven't contributed a dime to them in the last decade. I think back to how awful M$ was in the '90s (and they're still not much better), and I feel like Apple has actually surpassed them in terms of shitty and abusive business practices. It would almost be impressive if it wasn't so horrifying.
Apple doesn't claim to have decryption keys for everything that goes through iCloud, nor have they ever. Quite the contrary, in fact, since they explicitly state in their security white papers that they don't have the keys for much of it. For instance, iMessages, which go through iCloud, are end-to-end encrypted, with the sending device encrypting the message once for each receiving device. Likewise, FaceTime and many other services are end-to-end encrypted.
There are some things that they can decrypt (e.g. iCloud Backup contents, documents stored in iCloud, etc.), but those are mostly the items actually being stored there, rather than merely passing through it.
After all, it can't possibly be due to the high price or to Siri's limitations.
#DeleteChrome
Yo Dawg, I heard you liked leaking memos, so I leaked a memo about leaking memos so you could leak memos while you leak memos.
Except Apple has never claimed anything like that. The FBI claimed that. Apple can grant access to user's iCloud account given a warrant; however, the problem is that data on the phone is encrypted using device level keys that Apple does not have access nor ability to get.
In the San Bernandino case, the FBI wanted data off the phone. So Apple advised that they should allow the iPhone to automatically sync up and backup tothe iCloud account. Instead the FBI instructed the police to reset the password which then locked Apple and the FBI out of the phone's data.
Well, there's spam egg sausage and spam, that's not got much spam in it.
They're not saying it's a blacklist, they're saying you're unlikely to get a job if the first thing potential employers get when they Google your name is a news article along the lines of "Former Apple employee convicted of selling company secrets, also fined $3,000 for three instances of copyright infringement in unrelated file sharing lawsuits brought by NBC Universal, Fox Studios, and Buttsex Video Inc, but sentencing postponed for unsolicited candid photos."
You are not alone. This is not normal. None of this is normal.
Just desserts. The expression is more about chocolate cake than the Sahara....
"I do not agree with what you say, but I will defend to the death your right to say it"
WTF, has no one any clue anymore?
The "establishing of the connection", the "online status" that is what goes via iCloud.
As soon as the two parties are connected all traffic goes over "the internet" ... no secret iCloud middle man involved. What would be the point of that?
Despite seemingly being on "my side" in this, it's worth pointing out that iMessages are a form of asynchronous communication akin to text messages, so the two (or many more) devices don't actually connect to each other via the Internet in the way that you suggest. Moreover, iCloud actually is involved as a sort of middle man in the sending of each and every message (though it isn't privy to the contents of those messages), since in addition to being the pipe through which iMessages are sent, iCloud is also what Apple uses as their key exchange mechanism for the end-to-end encryption in iMessages.
For example, in the case that someone wants to send me an iMessage, their device needs to encrypt a copy for every single device I've registered with Apple. But how does their device know what key(s) to use? And how will the message reach my devices that aren't online right now? The answer is that iCloud provides the sender with the public key for each of my registered devices, allowing them to encrypt the message in such a way that only my device(s) can decrypt the message, and then iCloud holds onto those messages until each of my devices checks in. It's a secure way of doing things...
[Lengthy aside: It's theoretically possible for Apple to create a tool for evil that allows them to inject a device into your list of registered devices, thus allowing them to read every iMessage you receive (from then on). They would also need to suppress existing behavior in iOS, since iOS currently notifies you of new devices added to your account and gives you an opportunity to revoke their access. That said, the creation of such tools is in no way in Apple's best interests. Federal wiretapping laws prohibit law enforcement agencies at all levels of government from demanding that manufacturers create new tools to access communications, but the law also allows law enforcement to demand that manufacturers make use of existing systems to tap communications, the use of which would almost certainly undermine consumer trust in Apple's devices should it ever come to light. That's a large part of why Apple pushed back against the FBI a few years ago, since Apple knew that the moment they crossed that line there'd be no going back. Pandora's Box would have been open.]
...that is simple enough to be used by the masses.
In contrast, end-to-end encrypted systems that are aimed at people with significant security concerns (e.g. whistleblowers, people in oppressive states, etc.) are anything but simple to use, since they rely on implementing their key exchange mechanism via off-platform channels (e.g. users have to physically meet in person or send their public keys via some other trusted system). For those sorts of systems, it isn't possible for a middle man to inject their own devices into the conversation like that, but users are still either having to put their mutual trust in some other system for key exchange or else must engage in the arduous practice of being in physical proximity to each and every person/device with which they want to communicate before being able to communicate.
All of which is to say, iMessages are end-to-end encrypted, but iCloud still plays a vital role in sending them. It isn't just there to facilitate a connection between two devices.