You can stand up a device and wire-shark it. In fact many in the security industry probe solutions like this all the time to try and make a name for themselves. If/when someone finds something untrue, they publish it to become famous, collect bounties, and become expert consultants at ridiculously high rates. Also, this is a document sighted in many court cases and if Apple lied about it, it would ruin their business and expose them to untold levels of liability. Plus, you can look into their financials and understand that if they had any financial incentive to implement their own backdoors, it certainly isn't for the money. Their money comes from device sales.
Besides, do you run NO software that isn't open source and you haven't read through the source? Thought so. At some level, you have to take the documentation and contracts at face value, and if you can prove them wrong, you have a strong case on your hands.
I agree that would be the best idea, if data security was your end goal. But that is not the end goal. The end goal is to provide a service that has to work even when your phone is off. They need to store/forward those messages. Any semi-competant techie will tell you the same thing. So, given as to how they need to store your messages to deliver to your devices that come online later, they have IMHO come up with a pretty clever solution: iOS Security . This states the level of encryption, the storing of private keys, and the methods and processes.
Can this be cracked in the future? Yes. Should you then just destroy all services that require online storage of sensitive data? No. You implement the best techniques you know how, and improve when life teaches you.
You are incorrect sir. The data they specify is stuff like your shipping address (which they need if you buy something like a picture book). To learn about Messages security: read from the horses mouth: iOS Security .
My understanding with apple's ecosystem, especially around messages and account details, is that the company doesn't hold the decryption keys. Each device creates a public/private key pair, the private keys are stored on device, the public keys are in an API you draw from to send a message to each of the recicioente devices. The downside to this form of communication is each outbound message has to be encrypted and transmitted multiple times (matching the device count of the recipient).
Therefore, it doesn't matter who has the data, as long as the government hasn't secretly cracked the form of encryption Apple uses, and they really never receive the private keys, which would otherwise be subject to subpoena.
Bullshit hallucinations! This is an utter and blatant disregard against self-incrimination.
If there is a stab victim, and one of your kitchen knives is missing, they can't ask you where the knife is. Well, they can, but you can refuse to answer. It's not contempt of court to plead the 5th. It's a protected right. Regardless of whether or not the knife was used, your fear of self-incrimination is warranted or not, or anything else. It's a right.
Also, don't give me "your pin code" can't incriminate you. Neither can the geolocation of the bloody knife (pun intended).
Sorry, but this is stupid. The guys making more money spend it, and a large portion goes into the goods and services provided by the local economy, they will eat at nice restaurants, frequent local entertainment venues, and the like. Even if that weren't the case, most of that comes in the form of stocks. Amazon is a publicly traded company. You too can enjoin in the success by buying into their company and riding the same wave.
Never trade efficiency for entitlements. Someone else will just take the efficiency and out-compete you.
For all the hatred on Amazon because of their low prices and competition, still almost 1/2 of online sales now goes through them. Obviously they are winning the mindshare of their consumers. If you don't like it, compete! Offer a better value proposition. I'll buy from you then.
It doesn't put immigrants at risk. Immigrants have green cards, or visas, and are allowed to be here. It puts criminals at risk of having to avail themselves of the justice system, since they broke our immigration laws.
How is dragnet record requests from ISPs and telecom carriers not unreasonable?? Sorry, but I disagree with you. Stupid interpretation can be bad for the freedoms and laws we have enshrined. Because of our stupid two party system, we may not always have the right political climate to fix what was once done. The 4th would never fly if it were being proposed today. Too many blue lives / law and order types who don't see the value of privacy, and can't imagine their freedoms being taken away because "governments never persecute good Christians".
That's a very good point. But with our defense budget, I felt the counter arguments would be strong so I left he whole "armed citizenry" argument off my list. I agree with you though.
What a fucking douche. There are millions of people who own firearms and don't shoot children. There are drivers who intentionally run over children. Are you going to forbid kit car plans because someone might use them for killing children? There are legitimate uses of a weapon. Self defense, hunting (legalized and regulated), sport (skeet shooting), and of course on the firing range.
You and your fucking comment are as sick as the deranged asswipes who shoot at innocent people, children included. Fucking retard.
First, Apple's hardware consistently outperforms the competition. Do you actually research? iPhones have the fastest bench marks in the industry. That really isn't disputed, by anyone.
Second, they are a corporation, of course they are profit driven. You think Google and Samsung hawk phones for the goodness of their souls or some religious calling? Please. Take a fucking chill pill and calm the fuck down.
Apple agreed to store Chinese data in China. This allows China to subpoena Apple for the data of its citizens.
But, Apple has a modus operandi to process as much data on the phone as possible, and encrypt with user-held decryption keys what it stores on its servers. They didn't generate and give China a special master key or the like. Whatever you can say about them, within the confines of the various bodies of law they operate it, they seem to push for the most privacy-focused solution to privacy challenges.
Note: I realize there are probably other vulnerabilities out there, and this will probably be a never-ending game of chess between law enforcement / authoritarian governments, and big tech. It is just great to see them pushing back against George Orwell's 1984.
When it comes to Xeon, the various cache levels are higher per core.
Also you can expand the system to dual, 4x or 8x processor packages, allocate way more memory, have more PCIe lanes to drive high volume IO, etc etc.... Though those aren't all x86, just the server side, which is why they dominate there.
That is speculation, and traders are free to speculate on it. Virtually every company in existence has been in "infinity * earnings" territory, BTW. Most companies that aren't generating revenue, and some that never have (think of how many bio companies invent vaccines at huge costs with the hopes of being acquired).
Most people who complain about never making a profit have no idea how stocks operate and should never invest in them. Stick with mutual funds, they know how to handle your money. These are moon-shot companies that aren't focused on quarter-to-quarter profits, and instead are focused on long-term platforms or intellectual property. Profits are not the only way to value a company, as the market has clearly shown with Tesla and Amazon as clear examples.
Until someone puts out a law saying companies can force employees to turn in / turn off their cell phones. Then the same people will be crying foul for giving employers that power.
The problem here is if you are a three employee retailer with a small online presence, states and counties and cities have their own taxes, and you have to determine the applicable rate for every combination. Also, what happens when you order from international shippers, who don't hold dollars or have accounts with the state?
This is a non-story. It's good security practice to designate end dates to terminate credentials you know are there for temporary work (which I assume his was since they mention a contract and it had an expiry date and renewal was needed). Kudos to the company for having all their systems integrated such as building access and workstation logins. This was just an oversight on management when they fired his previous manager.
What pisses me off is the headline. No... an AI Boss didn't determine it would be more profitable if he didn't work there. It didn't go through the steps to fire him and send him to the Employment Line, write him his final check, and spank his ass on the way out. The system did what it was designed to do, and only when they realized they fired the guy who was in charge of renewing his contract, did they fix it. Simple.
What they could have done better is succession management to make sure the manager who was supposed to renew the contract had his responsibilities covered.
Slashdot Mirror
Show me where it says private messages again? Or Device Keys for that matter?
You can stand up a device and wire-shark it. In fact many in the security industry probe solutions like this all the time to try and make a name for themselves. If/when someone finds something untrue, they publish it to become famous, collect bounties, and become expert consultants at ridiculously high rates. Also, this is a document sighted in many court cases and if Apple lied about it, it would ruin their business and expose them to untold levels of liability. Plus, you can look into their financials and understand that if they had any financial incentive to implement their own backdoors, it certainly isn't for the money. Their money comes from device sales.
Besides, do you run NO software that isn't open source and you haven't read through the source? Thought so. At some level, you have to take the documentation and contracts at face value, and if you can prove them wrong, you have a strong case on your hands.
I agree that would be the best idea, if data security was your end goal. But that is not the end goal. The end goal is to provide a service that has to work even when your phone is off. They need to store/forward those messages. Any semi-competant techie will tell you the same thing. So, given as to how they need to store your messages to deliver to your devices that come online later, they have IMHO come up with a pretty clever solution: iOS Security . This states the level of encryption, the storing of private keys, and the methods and processes.
Can this be cracked in the future? Yes. Should you then just destroy all services that require online storage of sensitive data? No. You implement the best techniques you know how, and improve when life teaches you.
You are incorrect sir. The data they specify is stuff like your shipping address (which they need if you buy something like a picture book). To learn about Messages security: read from the horses mouth: iOS Security .
My understanding with apple's ecosystem, especially around messages and account details, is that the company doesn't hold the decryption keys. Each device creates a public/private key pair, the private keys are stored on device, the public keys are in an API you draw from to send a message to each of the recicioente devices. The downside to this form of communication is each outbound message has to be encrypted and transmitted multiple times (matching the device count of the recipient).
Therefore, it doesn't matter who has the data, as long as the government hasn't secretly cracked the form of encryption Apple uses, and they really never receive the private keys, which would otherwise be subject to subpoena.
Bullshit hallucinations! This is an utter and blatant disregard against self-incrimination.
If there is a stab victim, and one of your kitchen knives is missing, they can't ask you where the knife is. Well, they can, but you can refuse to answer. It's not contempt of court to plead the 5th. It's a protected right. Regardless of whether or not the knife was used, your fear of self-incrimination is warranted or not, or anything else. It's a right.
Also, don't give me "your pin code" can't incriminate you. Neither can the geolocation of the bloody knife (pun intended).
Sorry, but this is stupid. The guys making more money spend it, and a large portion goes into the goods and services provided by the local economy, they will eat at nice restaurants, frequent local entertainment venues, and the like. Even if that weren't the case, most of that comes in the form of stocks. Amazon is a publicly traded company. You too can enjoin in the success by buying into their company and riding the same wave.
Never trade efficiency for entitlements. Someone else will just take the efficiency and out-compete you.
For all the hatred on Amazon because of their low prices and competition, still almost 1/2 of online sales now goes through them. Obviously they are winning the mindshare of their consumers. If you don't like it, compete! Offer a better value proposition. I'll buy from you then.
2019
It doesn't put immigrants at risk. Immigrants have green cards, or visas, and are allowed to be here. It puts criminals at risk of having to avail themselves of the justice system, since they broke our immigration laws.
Happy to clear that up for everyone.
How is dragnet record requests from ISPs and telecom carriers not unreasonable?? Sorry, but I disagree with you. Stupid interpretation can be bad for the freedoms and laws we have enshrined. Because of our stupid two party system, we may not always have the right political climate to fix what was once done. The 4th would never fly if it were being proposed today. Too many blue lives / law and order types who don't see the value of privacy, and can't imagine their freedoms being taken away because "governments never persecute good Christians".
Bullshit.
Industrial espionage does not? What if it was a board or a program you had worked on and spent hours coding and engineering?
That's a very good point. But with our defense budget, I felt the counter arguments would be strong so I left he whole "armed citizenry" argument off my list. I agree with you though.
Here. Now you know.
What a fucking douche. There are millions of people who own firearms and don't shoot children. There are drivers who intentionally run over children. Are you going to forbid kit car plans because someone might use them for killing children? There are legitimate uses of a weapon. Self defense, hunting (legalized and regulated), sport (skeet shooting), and of course on the firing range.
You and your fucking comment are as sick as the deranged asswipes who shoot at innocent people, children included. Fucking retard.
First, Apple's hardware consistently outperforms the competition. Do you actually research? iPhones have the fastest bench marks in the industry. That really isn't disputed, by anyone.
Second, they are a corporation, of course they are profit driven. You think Google and Samsung hawk phones for the goodness of their souls or some religious calling? Please. Take a fucking chill pill and calm the fuck down.
Apple agreed to store Chinese data in China. This allows China to subpoena Apple for the data of its citizens.
But, Apple has a modus operandi to process as much data on the phone as possible, and encrypt with user-held decryption keys what it stores on its servers. They didn't generate and give China a special master key or the like. Whatever you can say about them, within the confines of the various bodies of law they operate it, they seem to push for the most privacy-focused solution to privacy challenges.
Note: I realize there are probably other vulnerabilities out there, and this will probably be a never-ending game of chess between law enforcement / authoritarian governments, and big tech. It is just great to see them pushing back against George Orwell's 1984.
I feel better now that if anyone wants to access my phone, they need to ask me first. If only the carriers would stand up for us the same way.
When it comes to Xeon, the various cache levels are higher per core.
Also you can expand the system to dual, 4x or 8x processor packages, allocate way more memory, have more PCIe lanes to drive high volume IO, etc etc.... Though those aren't all x86, just the server side, which is why they dominate there.
That is speculation, and traders are free to speculate on it. Virtually every company in existence has been in "infinity * earnings" territory, BTW. Most companies that aren't generating revenue, and some that never have (think of how many bio companies invent vaccines at huge costs with the hopes of being acquired).
Most people who complain about never making a profit have no idea how stocks operate and should never invest in them. Stick with mutual funds, they know how to handle your money. These are moon-shot companies that aren't focused on quarter-to-quarter profits, and instead are focused on long-term platforms or intellectual property. Profits are not the only way to value a company, as the market has clearly shown with Tesla and Amazon as clear examples.
Until someone puts out a law saying companies can force employees to turn in / turn off their cell phones. Then the same people will be crying foul for giving employers that power.
The problem here is if you are a three employee retailer with a small online presence, states and counties and cities have their own taxes, and you have to determine the applicable rate for every combination. Also, what happens when you order from international shippers, who don't hold dollars or have accounts with the state?
This is a non-story. It's good security practice to designate end dates to terminate credentials you know are there for temporary work (which I assume his was since they mention a contract and it had an expiry date and renewal was needed). Kudos to the company for having all their systems integrated such as building access and workstation logins. This was just an oversight on management when they fired his previous manager.
What pisses me off is the headline. No... an AI Boss didn't determine it would be more profitable if he didn't work there. It didn't go through the steps to fire him and send him to the Employment Line, write him his final check, and spank his ass on the way out. The system did what it was designed to do, and only when they realized they fired the guy who was in charge of renewing his contract, did they fix it. Simple.
What they could have done better is succession management to make sure the manager who was supposed to renew the contract had his responsibilities covered.