Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

iMessage and FaceTime are end-to-end encrypted and work in China. There's different rules for Apple.


>iMessage and FaceTime are end-to-end encrypted and work in China. There's different rules for Apple.

Does it count as "encrypted" if the keys have been given to the people spying on you?


The point of end-to-end encryption is that Apple doesn't have any keys to give.


How do you know? Have you audited the source code of the software?


Have you audited the code for Signal's app? Have you built and installed the app from that audited source?

Asking "have you audited the source" is such a meaningless question when you're not building from source (and auditing the compiler...), which practically nobody, not even HN users, are doing.

Please read Reflections on trusting trust and rethink what your threat model is, and what you consider "secure". https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p7...


At least it's technically possible for Signal. Try getting hold of iMessage's source.


How does one use public key cryptography without some kind of key?


imessage also uses rsa 1024 which is very much within the range practical brute force these days


Is there a public announcement/commitment saying that Apple does not share any data with China?


> Is there a public announcement/commitment saying that Apple does not share any data with China?

They have to share data:

https://www.reuters.com/article/us-china-apple-icloud-insigh...

> And even though Chinese iPhones will retain the security features that can make it all but impossible for anyone, even Apple, to get access to the phone itself, that will not apply to the iCloud accounts. Any information in the iCloud account could be accessible to Chinese authorities who can present Apple with a legal order.

> Apple said it will only respond to valid legal requests in China, but China’s domestic legal process is very different than that in the U.S., lacking anything quite like an American “warrant” reviewed by an independent court, Chinese legal experts said. Court approval isn’t required under Chinese law and police can issue and execute warrants.

Previous to this, the data was stored on American servers and subject to American legal safeguards.


The account data will be in data and will be accessible, however the messages are not as those go direct device to device without ever being plaintext on Apple's servers.


They shared the iCloud private keys with the Chinese government to get permission to operate there...just google it


That's not what they said.

They will comply with legal orders in China. Nowhere does it say they shared the private keys to the servers.


You're missing the point. iCloud access can't get you access to iCloud messages. Those are encrypted on the devices and the keys are on the devices, not in Apple data centers.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: