If I paid £600 for a handset
I would also expect the chocolate factory not to provide advertising on the back of my actions.
Business model is completely different, and Google is an advertising company after all!!
In an interview which covered the company's data protection practices, Apple CEO Tim Cook has said that the company believes "from a values point of view, not from a commercial interest point of view," that privacy is a fundamental human right. Cook was being interviewed on National Public Radio's (NPR) All Tech Considered …
I'm fine if they show me ads. I'm fine, if, for example, I search for "hotels in Paris", and they show me paid ads about hotels in Paris.
I'm not so happy if they collect all of my actions (especially private data like emails), store them for as long as they like, try to correlate everything, and then sell those informations without a full consent.
And when I look for "hotel in Paris" they use all of those data to ensure I pay the highest price they can calculate I will pay, using all those data against me, and showing me skewed search result to ensure I won't access lower rates.
Those are two very different business models.
"they use all of those data to ensure I pay the highest price they can calculate I will pay, using all those data against me, and showing me skewed search result to ensure I won't access lower rates."
Mind if I steal that, mate?
That argument is the perfect response to all these people who want or accept profiling and tracking because "I don't want to see ads for shit I'm not interested in," and aren't convinced by the info-selling or psychological-manipulation aspect.
Now I can tell them, "Yes, OK, you'll see ads for shit you want, but they'll also use your data to work out the top price you'll pay for it and hide cheaper options from you!" Arguing from the hip pocket will be a lot more convincing than arguing from mind-bendery.
Oh man, I am so going to rip some people I know a new arsehole with this!
I use Google to lead to other websites. Including the booking sites, the various hotel chains themselves.
So for this nefarious Paris Hotel Price Maximizing plan to work, the entire hotel and hotel booking industry needs to be in cahoots with Google.
Some people might consider loosening their tinfoil hats.
[Google] "use all of those data to ensure I pay the highest price they can calculate I will pay, using all those data against me, and showing me skewed search result to ensure I won't access lower rates."
Really? That certainly is not my experience when searching for hotels in various parts of the US. A few minutes ago a search for "hotel in san francisco" gave a first page about a quarter filled with paid ads identified as such; a box listing a number of hotels,with options to sort by price, rating, or number of stars; several aggregators like hotels.com; and a reference to Mariott. Selecting "under $150" gave a list of dozens of hotels, including a fair number for well under $100 per night.
While Google's bread and butter is advertising, their ability to charge for that depends quite a bit on their search results satisfying users. The business model certainly differs from Apple's, but is not inherently wrong because of that.
Your anecdotal experience notwithstanding:
Google doesn't sell hotel rooms, but they do sell user data to Hotels.com, Marriott, et al. They have been publicly outed in the WSJ, and numerous other media / studies for "dynamic pricing" - up-pricing their offerings based on your data profile. You either accept that fact and live with it or you don't, but there is no arguing that it doesn't happen.
Siri can see data in your phone, but it's not tied to your Apple ID. Obviously some data (such as questions) gets sent to 'the cloud' for analysis, but because it's not linked to your ID then for example an analyst that might need to listen to something that Siri had difficulty with, doesn't have any way of knowing who you are.
Are they trying to say they break the law in America? specifically under the 2008 amendments to FISA that added provision for emergency eavesdropping. Are Apple somehow exempt from this? I understand that applies to telecommunications companies however if Apple encryption stops this from happening then surely they would be in trouble.
What good is encryption when you sync to icloud ? Exactly!
Besides, all this "going through the courts" obviously includes those "secret courts" ... in the world, you have two types of courts, courts of justice and secret courts - the latter must remain "secret" because they tramp all over justice.
Yes, iCloud content is encrypted during transit and storage, but with keys that Apple controls. Whereas an iPhone backup taken using iTunes encrypts the content using a key that only you control.
Even though it means I don't backup as often, I choose the latter as using iCloud in its current form means you give up some of the protection Apple offers through things like the way iMessage works. If the previous poster's blurb about CALEA is correct, they could ask Apple for your iMessage contents that are stored on iCloud (if you use iCloud) and Apple would be required to provide them. I don't know if that's actually the case, but it might be if that's how CALEA works.
"Are they trying to say they break the law in America? "
No, Cook makes it pretty clear that Apple will comply with the law completely. But they have no magic decryption wand. They haven't done anything insanely special with this - few companies that sell encryption software have the means to instantly decrypt messages that are encrypted with it, because all they're doing is supplying the algorithm.
Essentially, Apple will happily hand over your data to the NSA if the NSA can provide a legal reason they should be given it. But Apple cannot break their own encryption in real-time. This makes it kind of questionable why they're on the 'got your back' list, when they're completely willing to hand the information over but aren't willing to do something that it's literally impossible for them to do. OTOH, Dropbox also topped the 'got your back' list, and they hand over information at the drop of a hat, so maybe it's just that the list was absolute bullshit.
Under CALEA (not FISA) telecommunication carriers are not required to decrypt, or ensure that law enforcement personnel could decrypt, communications encrypted by the end user unless they (the carriers) provided the encryption capability and possess the key ("information necessary to decrypt"). (47 USC 1002 (b)(3)). If Apple provides the encryption and retains or has access to the keying information, it appears they might be required to assist law enforcement agencies in executing warrants for encrypted data, although they might not qualify as "carriers".
The important phrase in your quote is "retains or has access to the keying information". Apple does not have to the keys used to encrypt iMessage message, as it uses end to end encryption directly between devices.
Thus they are not required under CALEA to provide the described assistance to law enforcement personnel, and would be unable to do so even if forced (unless
Tim Cook was beaten with a rubber hose Apple was coerced into rewriting iOS to do iMessage encryption differently, using keys they control and could share with the spooks)
"Is this what you talking about:
"Increased the time for warrantless surveillance from 48 hours to 7 days, if the FISA court is notified and receives an application, specific officials sign the emergency notification, and relates to an American located outside of the United States with probable cause they are an agent of a foreign power. After 7 days, if the court denies or does not review the application, the information obtained cannot be offered as evidence. If the United States Attorney General believes the information shows threat of death or bodily harm, they can try to offer the information as evidence in future proceedings. "
... at least that seems to be the thesis of today's El Reg BlackBerry article, and sounds compelling to me. I therefore don't think this is much of a sales point, regardless of its motivation. Being very important to you and me doesn't make it the basis on which one sells hundreds of millions of handsets.
Because, I prefer to be wined and dined before someone fucks me.
At least here Apple are *on the surface* doing something.
They were also the last to sign up to Prism, which they can't legally talk about.
I'm sure all your data is safe.
<gasps for air from laughing>
Since he's a gay man who grew up in the US South, it would make sense that he views personal privacy as a critically important aspect of people's lives. I notice that when the subject comes up, he usually seems a little bit agitated and emotional - something you don't really see on other topics under discussion. This is purely speculation on my part, but it seems consistent.
You might be right, and if so that bodes well for Apple continuing down this path which as a customer is exactly what I want.
I wish they'd figure out a way I could use iCloud with a key that only I hold, rather than its current state where the in-flight encryption and at-rest encryption is done by keys which Apple controls. I suspect that's to make it easy to have iCloud interoperate between multiple devices, but I'd still like to see them figure out a way to at least offer the option of using your own key, even if it complicates that multi-device interoperability for those that choose this option.
"I wish they'd figure out a way I could use iCloud with a key that only I hold, "
Or, rather than wasting time doing that, they could just use standard public/private PKI encryption like everyone else, which seems to have done the trick for the last twenty years.
This doesn't need some 'Think Different' re-invention of the wheel. The security standards have all been there for years and work fine for this. Apple just haven't implemented them, out of a mis-placed fear of damaging the 'user experience'.
It was the same thing which lead to the iCloud hack last year (or rather, not a hack - just lots of private data being taken by unauthorized people. Which isn't a hack when it happens to Apple. Apparently); Apple could've implemented 2FA from the start, and they rolled it out in a matter of days afterwards. But they didn't put it in beforehand, because security pisses users off.
Apple don't take security seriously. They're getting better, but it's still way down their priority list, behind 'User experience' and 'looks cool' - so whenever there's a conflict, security takes a back seat.
Where did I suggest reinventing the wheel? I don't care how they wanted to do it, since currently they don't have user managed keys for iCloud. The use PKI for many things, it isn't like they invented their own scheme that caused the celebgate "scandal". Getting hold of someone's passwords is hardly "hacking iCloud". If I find out your Facebook password and you use the same password on GMail, have I "hacked Gmail"?
Yes, they should have had 2FA available for iCloud before that, but there are many things more important than iCloud that are still not protected by 2FA (none of my credit card companies provide a method for 2FA logins, for instance) This isn't a failing for just Apple, but is industry-wide. Even companies that take security seriously (which you can argue Microsoft has for the past decade, since they had so many problems with CodeRed, iLoveYou and friends in the early 2000s) still don't get it right a lot of the time.
Biting the hand that feeds IT © 1998–2019