back to article Apple's warrant canary riddle: Cock-up, conspiracy, or anti-Google point-scoring

The internet was in a tizzy this week following the disappearance of what's assumed to be a warrant canary in Apple's latest report on governments demanding users' private data. The mere presence of the canary paragraph is supposed to signal that no information has been extracted. Thus, if it vanishes, it's assumed records …

  1. John Tserkezis

    I think everyone's reading too much into this. This is wholly about covering Apple's arse, and little else. Since you can't tell anyone your data is being peeked at, you remove any hint that it might be the case. So Apple is covering it's arse.

    As far as Apple "refusing demands for data", that's bullshit, or at least marketing-influenced stretching of the truth. In the event GovCo fronts up with a valid court order, Apple has two choices, either pony up the data requested, or, suffer the steep consequences of not doing so. Without a court order on the other hand, you may very well say no without consequence. I see the reports "prune down" the legal requirements to make it look like Apple will never pony up any data under any conditions. This is not true, however, it IS better than the likes of Yahoo, who are reputed to hand over data first, and ask questions later. So kudos to them on that note.

    On the subject of protecting the users (as some other non-el reg reports imply), this again is not the case, but rather, Apple making life easier for themselves. If Apple is presented with a phone for hacking, now, Apple CAN'T do it, rather than WON'T do it. There is clear legal distinction between the two, one means it's beyond your capability even if you wanted to, the other means you COULD do it, just don't want to. And there are penalties against that to "discourage" the activity. So rather than Apple manhandle phones manually where requested, now they don't have to touch them at all.

    So this has nothing to do with the user, rather Apple covering it's own arse, with the reporters making it look like they're doing it out of the goodness of their own fruity hearts. Read it for what it is people.

    1. Anonymous Coward
      Anonymous Coward

      Canary or Herring?

      I'm glad I'm not alone in this universe.

      John Tserkezis is right. This is Apple's way of etching as much plausible deniability as they can for if and when their half-truths are discovered.

      I see no yellow canary, just a red herring.

      1. Gordon 10 Silver badge
        FAIL

        Re: Canary or Herring? or Potato

        Potato potatoe. I don't give a stuff what Apples motives are - if the result is that its made the Feds job harder on mass data trawls fair play to them.

        Ultimately results count more than motives.

        1. Dan 55 Silver badge
          Black Helicopters

          Re: Canary or Herring? or Potato

          "Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge such an order if served on us."

          Apple receives an order under Section 215 of the USA Patriot Act. It's now not allowed to update that paragraph and say that it has received orders under Section 215 of the USA Patriot Act. So it changes to...

          "To date, Apple has not received any orders for bulk data."

          Whatever those other orders might be. But whatever they are, it's not talking about Section 215 of the USA Patriot Act.

          This is an ex-bird.

    2. SuccessCase

      "I think everyone's reading too much into this. This is wholly about covering Apple's arse, and little else."

      This is almost a contradictory statement. Apple are responsible in different ways to their shareholders, their customers and their government. All three. There is often, in different ways, a tension between all three, with each party having different requirements, but on this topic the tension is mostly between government and customer/citizen with both pulling in different directions. The government wants more access to private data, the citizen, in the main, wants the government to have less. Tech companies running cloud services, Apple included, have been left in the middle in no man's land, unfairly left to resolve what is essentially a government/political issue because politicians and political apparatchiks have abdicated on their responsibility to ensure their policy is an acceptable one by the people. If Apple are indeed motivated purely to cover their own arse (I'm always wary of the reasoning of anyone who talks in absolute terms about other's motivation - as it seems to me you are then the kind of person who is prepared to tell me what I am thinking, when clearly you can have no absolute knowledge of such), the precise way to do that is to, put up a canary, treat it properly as a canary and publish a white paper detailing every aspect of their security systems and how they are implemented so the world knows what measures they are taking and how they are implementing them. It may surprise you to know that Apple, who have always been an extremely secretive company, have recently publish a detailed and comprehensive white paper covering all aspects of how they have implemented security.

      No people are not reading too much into it.

      1. Anonymous Coward
        Anonymous Coward

        @ SuccessCase

        I believe when this was stated, "I think everyone's reading too much into this", it was implied that a multiple tier discovery for motive is not needed, because the answer is in front of our face.

        Also, when you think of "other's motivation", are the "other's" corporations that are indistinguishable from your own personal life, or every personal life? Are corporations the same as people?

        Also, I don't see this as a question of shareholder relationships. When a government forces you to do something, either everyone is on board (including shareholders), or everybody is overboard. To me, that is a serious problem of citizens, corporations, all non-government entities loosing control. Seems like Communism, but anymore, I'm not sure if a little of that is really a bad thing. However, what I do know is that I'm not seeing bombs blowing up over my town (yet, I guess).

        There's a certain indescribable feeling of bombs blowing up around you. To date, our Western governments have been doing a great job of keep civilians unfamiliar with that feeling.

        1. John H Woods Silver badge

          What?

          "To date, our Western governments have been doing a great job of keep civilians unfamiliar with that feeling."

          And my tiger-repellent key-fob has also proven to be pretty effective.

          1. Anonymous Coward
            Anonymous Coward

            Re: What?

            "...my tiger-repellent..."

            With the last name of "Woods", I wouldn't of thought you'd be that afraid of pussy.

            1. DF118

              Re: What?

              Wouldn't HAVE.

              FFS.

    3. John H Woods Silver badge
      Holmes

      Reading "too much" into it ... ?

      John Tserkezis: "I think everyone's reading too much into this"

      The definition of a warrant canary is a statement whose amendment or removal IS a message. So either you are saying that the initial statement was not a warrant canary, or that it was and it has been triggered accidentally (e.g. by someone amending the wording with a different purpose than sending the message).

      I think both of these are unlikely. If the statement were not a warrant canary, why would it have been so specific in its wording? If it were a warrant canary, who would have been authorized to change the wording who wouldn't also have known they shouldn't remove the original highly specific wording?

      "How often have I said to you that when you have eliminated the impossible, whatever remains, however improbable, must be the truth?" said someone or other...

  2. Notas Badoff

    How to win friends...

    a) What would be the costs of a lengthy battle with the US govt over this issue. $100's millions.. $n billions?

    b) What would be the public benefit to the company from this battle?

    c) Profit!!!!

    This just seems like a slamdunk to me. No matter what the outcome, their bottom line has to increase. Shoot, they can even take the legal costs off on their taxes, right? They have to be hoping the government steps over that line.

    (Heck, it might even make me like them!)

    1. Anonymous Coward
      Anonymous Coward

      Re: How to win friends...

      You don't seem to understand what governments are empowered with. Apple can in no way challenge the U.S. government on this AND come out on top. And this isn't because Apple is bad, or because the U.S. government is bad, it's because governments, not just the U.S. government, have real power and needs to protect real people (No matter what some think sadly, iO6 < PEOPLE).

      On a side note, I would LOVE to see Apple challenge the U.S. government on it's intelligence...LOVE IT!!

      P.S. Not a Apple fan.

      1. WonkoTheSane Silver badge

        Re: How to win friends...

        I call OXYMORON. You used government & intelligence in the same sentence!

      2. Anonymous Coward
        Anonymous Coward

        Re: How to win friends...

        > Apple can in no way challenge the U.S. government on this AND come out on top

        Lets play devils advocate, you have a company with more money than the GDP of a small-medium sized country. If Apple really wanted too they could fight this for years, making life very uncomfortable and expensive for the US Government and Intelligence services. Then if these entities decided to get really nasty and trying to rack up massive fines etc, then they would have the PR disaster of bankrupting one of the worlds "most loved" cults companies.. which I doubt any politician (or administration) could survive, it would make the Public enemy number 1!

        Back in reality, this would never happen as bottom line is Apple only has 2 interests, Money and Shareholders!

        1. a53

          Re: How to win friends...

          Not quite, Apple want/need their fans to continue loving them. We pay a bit over the odds for our computing/mobiles and Apple can't afford to offend us, getting found out to have been letting us down would be catastrophic. I quite like Tim Cook, he comes across as a fairly genuine person. Granted he's not Steve Jobs, but he's doing ok, by me, so far.

          Out of interest, what would it cost Apple to post a bulletin somewhere saying "Sorry, the feds got got to us" ? Then taking the notice down after being told to.

        2. thomas k.

          more money than the GDP of a small-medium sized country

          Why not, then, buy a small-medium sized country and move their entire operation there, lock, stock and barrel? That would put them out of the NSA's and FISA's reach, no?

          1. K
            Facepalm

            Re: more money than the GDP of a small-medium sized country

            Seen any small-medium countries for sale recently? Nowt on ebay, gumtree or craigslist :(

          2. Anonymous Coward
            Anonymous Coward

            Re: more money than the GDP of a small-medium sized country

            There's a movement to create a libertarian zone (free for governmental interference) in Guatemala, basically along the lines of the long-term lease the UK had with China around Hong Kong. I haven't been paying any attention in that direction in a while, so no idea on the name or current status.

            1. DougS Silver badge

              Re: more money than the GDP of a small-medium sized country

              You mean the one in Chile?

              http://www.salon.com/2014/09/16/ayn_rands_capitalist_paradise_lost_the_inside_story_of_a_libertarian_scam_partner/

              If there's another one being tried in Guatemala, I don't know why anyone should expect it to work out any better.

        3. Anonymous Coward
          Anonymous Coward

          Re: How to win friends...

          Lets play devils advocate, you have a company with more money than the GDP of a small-medium sized country. If Apple really wanted too they could fight this for years, making life very uncomfortable and expensive for the US Government and Intelligence services

          I think the government also has the power to seize everything that twitches in Apple HQ on suspicions of supporting terrorist activities. They could keep them shut for a little while until shareholders started to make pained noises. Sure, it would be mutually assured destruction, but you should not underestimate the power of people who don't give a damn because it's not their money and the law allows then enough leeway to get away with it (which is the real problem).

          They have the bigger guns..

          Having said all that, the real reason the likes of Microsoft and Apple are getting aggressive about privacy is that both have spend over a decade dealing with Europe as well, and they will have realised that losing *substantial* business through privacy risk has become a real possibility. Google hasn't seen that yet if their behaviour in EU courts is anything to judge by, they're too new to have burned their fingers yet. They'll learn.

      3. Yet Another Anonymous coward Silver badge

        Re: How to win friends...

        >Apple can in no way challenge the U.S. government on this AND come out on top.

        1, Apple announce they are now a Swiss corporation - their money is all offshore anyway to avoid tax.

        2, They very publicly close the cupertino office and move their whizzkids to some nice offices in Monoco - the kit is made in china anyway

        3, They run a series of TV ads saying they have been forced to do this by oppresive laws introduced by the current president, and the following list of local politicians who are up for re-election soon.

        4, Californian governor being doorstepped by media asking how democrats allowed secret US military agencies to force their beloved Apple to move abroad.

        1. Anonymous Coward
          Anonymous Coward

          Re: How to win friends...

          Apple employees thousand of what would be termed "key staff" in the US, Including irreplaceable developers and hardware designers. Like wise they have billions in infrastructure, data centers other facilities on US soil. Apple would need to shut all of these and basically cease operating and trading in the US to avoid any kind of legal scrutiny. But no longer being a US based entity, they cant fall back on the constitution, so the NSA has much more free reign to use the backdoor.

    2. DougS Silver badge

      Re: How to win friends...

      Granted a $250K per day fine is nothing - less than $100 million a year. They'd make that up by selling a quarter million more iPhones a year.

      This sort of thing might score points with the Reg readers - at least those whose Apple hatred doesn't color their perception so much that they simply assume Apple is lying and in bed with the government because, well, Apple is "evil", right? But do they run the risk of turning off customers if they take it too far?

      It is one thing to be all about privacy. Apple makes money on the hardware, the people who buy iPhones are the customers. Google makes money on advertising, the people who buy Android phones are the product. Playing up that distinction is all well and good, but if they push too far on the "we won't let the government get their mitts on our customer's stuff, and if they do we've got a way to let you know about it even though the law says we can't say anything" they may turn some people off.

      Not El Reg readers. I'm talking about the kind of people who think that all Muslims are the same, suicide bombers waiting to happen, the US should nuke the middle east (except Israel) and let God sort of them out. Those people. If Apple pushes far enough to get Rush Limbaugh railing against them for being anti-American and helping the terrorists, there's no way that the Libertarian-leaning techies who decide to stomach a switch from Android to iPhone because of data privacy can outweigh the damage the conservative spin machine would do to Apple.

      I think this is great, but I'm really more concerned about Apple keeping my data private from those who want to target ads at me, rather than worrying about NSA trawling. Just encrypt the hell out of stuff, make sure Apple doesn't have the keys and store as little as possible where they must have keys for stuff to work and I'm fine. The carriers are going to cooperate regardless, so the government will know where I am (or where my phone is, which is the same 98% of the time) no matter what protections Apple puts in place. They'll know who I call, when, and for how long. And who I text, unless I text other iPhone owners :) Nothing I can do, or Apple, to fully protect myself from NSA "big government", but they can have a big impact by keeping my data safe from marketers and from "little government" (i.e. police) should I have the misfortune to be arrested, whether deserved or not.

  3. Doctor Syntax Silver badge

    Precautionary principle

    If you're in a position to be worried by such things it would be best to regard it as being an ex-canary, OTOH if you;re in a position to be worried by such things, it's too late.

  4. Andy The Hat Silver badge

    You're in a mine and have a big, bouncy, young canary that sings so loudly it hurts everyone's ears. The mine owners are unhappy as it costs them money when the canary signals ...

    The senior miner, wanting more profit from his workforce, decides to "ease their pain" and swap the canary for a older bird, that's quiet, has a touch of narcolepsy and looks peaky at the best of times. Fewer signals, less down time, management happy.

    Hasn't changing Apple's canary simply consigned it to a dead canary sketch? It moved ... no it didn't ... it's just resting ...

    1. John McCallum

      Mine canary

      They didn't work that way,singing and being all bouncy bouncy they fell of their perch and sometimes died.

  5. Spearchucker Jones

    Whenever there's doubt, there is no doubt.

    That raises another issue governments have. Mass surveillance and the ability to get data of smart phones is only going to catch the stupid people. The clever ones are the ones you (governments) want to catch, and they're exactly the ones who don't have iPhones or Androids. So they spend 99% resources ensuring smart people don't use avenues stupid ones do, and 1% on avenues smart people do use. Net result is you (governments) don't catch exactly the people they want to catch.

    So even for uncle Sam this is a zero sum game.

    1. Cipher
      Big Brother

      Re: Whenever there's doubt, there is no doubt.

      Today one must assume that all traffic is being sniffed at a minimum. I suspect that metadata from every conceivable source is being slurped, and most of the actual content is stored for analysis on demand.

      If you value your privacy start with that asumption and work forward...

    2. Anonymous Coward
      Anonymous Coward

      Re: Whenever there's doubt, there is no doubt.

      The thing is, with the all-seeing eye, the enemy has to be on eternal vigilance, putting the shoe on the other foot: the bad guys have to be lucky all the time; the plods only have to be lucky once. One slip and they're history. Look what happened to bin Laden. One slip and now he's fish food somewhere in the Indian Ocean.

      Anyway, what's to stop a Section 215 order from ordering you not to remove the notice saying you haven't been served a Section 215 notice. Unless failure to remove the notice constitutes something more serious than aiding and abetting terrorism (basically an existential threat), they could probably blow off any legal counter-threats (essentially, "Which would you rather be charged with: perjury or terrorism?").

  6. Ben Liddicott

    "Order" vs. "Requests".

    To date, Apple has not received any orders for bulk data.

    So they've joined the inner circle, and are now voluntarily handing bulk data over, without being ordered to do so?

    If you want to tighten up the warrant canary, you don't re-word it to be more vague, you add additional clauses for the other thinks you have also not done.

    This is an ex-canary.

  7. Richard Taylor 2 Silver badge

    "It's hard to swallow the suggestion that Apple would, merely on a matter of principle, mount a terribly expensive challenge to the Patriot Act and similar laws. There's little tangible reward for Apple for such an outlay."

    If you want to grow rather than decline outside the U.S. then there are very tangible rewards. And pushing this might even result in Apple relocating.

    1. DougS Silver badge

      How much benefit?

      I take it you live outside the US, and have a much better perspective on this than those who are resigned to living under NSA surveillance. Do you really think it would cause a material switch from Android to iPhone over this single issue?

      If Apple stood on principle and challenged the government over this, I can see a segment of the US population castigating them as "aiding and abetting terrorism" by fighting the government. It would definitely cost Apple sales in the US. Would they be more than made up for in the RoW?

      I guess what I'm asking is: Is this issue going to move the needle in a way that data privacy on a personal/corporate level obviously doesn't? At least based on the fact Android owners are currently willing to hand over all kinds of stuff to Google every time they use their phone, and allow Google to use it to sling targeted ads at them. Pay more for an iPhone, get privacy in exchange. Do people outside the US not care about targeted ads to the same degree they care about mass data collection by the NSA?

  8. Anonymous Coward
    Anonymous Coward

    pairing

    You can choose to not pair your iThing with another computer...

  9. boozy

    Bulk Data

    "Apple has not received any orders for bulk data"

    We have, however, received a large number of orders for specific data

    1. Mike Bell

      Re: Bulk Data

      Nope.

      From Apple's current privacy policy:

      "In the first six months of 2014, we received 250 or fewer of these [National Security Order] requests. Though we would like to be more specific, by law this is the most precise information we are currently allowed to disclose."

      I wouldn't equate 250 with a large number.

      In the same document:

      "The vast majority of the requests Apple receives from law enforcement come from an agency working on behalf of a customer who has requested assistance locating a stolen device."

      1. Yet Another Anonymous coward Silver badge

        Re: Bulk Data

        >I wouldn't equate 250 with a large number.

        Although in a previous case it was revealed that a single warrant had covered ALL communications of a certain cell carrier

  10. chrisf1

    Canaries ?

    Personally I'd say the better precedent would be the AA salute. From 1911 if an AA patrol did not salute a member it meant that there was a speedtrap ahead.

    http://www.theaa.com/aboutaa/history.html#tabview%3Dtab1

  11. oneeye

    Hi, check out this quote by Tim Cook from www.nakedsecurity/sophos.com Cook finished by addressing government surveillance.

    I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.

    Very interesting,don't you think?

  12. Marcus Fil
    Black Helicopters

    There, fixed it for them

    "Apple has received an order under Section 215 of the USA Patriot Act. Apple challenged the order when it was served on it, but to no avail. When our collective balls are in a vice, what we are going to do? You never saw this message, if such a message exists Apple is indisposed to comment about it at the present time."

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020