Google or Facebook should stop using HTTPS there with a big red banner saying WE HAD TO DISABLE ENCRYPTION BECAUSE YOUR GOVERNMENT WANTS TO SEE WHAT YOU DO, THE SIDE EFFECT IS EVERYONE CAN SEE WHAT YOU DO
this post was submitted on 21 Feb 2025
184 points (100.0% liked)
Technology
67242 readers
3455 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
All UK machines, phones, and servers should just remove all root certificates. Can't trust encryption right?
X509Brexit.
Then they wouldn't have to interact with any part of the encrypted internet.
Why didn't you take the obvious: "BreX609it"
Apple said users who already had it turned on will be given a period of time to disable it in order to keep using their iCloud accounts, although the length of time was not stated.
I'm in the UK and have ADP enabled but I am yet to be informed by Apple when/if it will be disabled in the future. I'm glad we had a change in government but this is a serious misstep from Labour.
ETA: I've written to my local MP to voice my disapproval of this "technical capability notice" and I urge anyone else in the UK to do so as well.
Start a petition, I’m sure people will sign it based on how serious this could be for security in general
When was the last time a petition achieved anything? Better off writing directly to your MP. Parliamentary petitions exist purely to allow MPs to ignore the problem as it's easier to dismiss a few thousand signatures on a petition rather than a few thousand letters stacking up on their desks.
Both. Do both. Make it easier for them to address the issue than ignore you. Depending on which side of the aisle your MP is on, focus your letter on either "those evil are doing thus terrible thing, I know you're bold enough to stand up to them." or "this policy seems to have the following problems, and it's leaving you open to attack from . It'd be a shame if you lost your position over it."
Looking at it from that point of view I agree with what you are saying, I haven’t thought about it that way before.
Lol. Some galaxy brains were 'Oh my Apple would never roll over and simply do what they're told! They'll keep our data safe!' and mad at me for saying exactly this was going to happen.
Well, huh, look at that. A corporation that rolled over faster than a well-trained golden retriever. Who would have guessed it.
To be fair this is the opposite of rolling over. Rolling over would be adding the back door.
Yep. This is exactly what I expected them to do. They don’t want the liability of losing your data or enabling your privacy to be compromised on their devices, and the eroded trust of their customer base from that.
Unfortunately the UK put them between a rock and a hard place here. As shitty as it is, I’m glad they opted to remove the feature for only that market, rather than weaken it for everyone. It sucks, but it’s the lesser evil.
I don’t think they had any good choices here. Just like the San Bernardino shooter’s iPhone, they decided not to make the device’s OS inherently less secure with the inclusion of a backdoor and I can at least appreciate that much.
So despite all the tough talk, they just roll over and capitulate. The only way to protest this is to move your stuff off Apple.
…to less-secure alternatives? Do you really think Google is going to say “no backdoor, we’re keeping encryption, we don’t need YOUR market”?
No? Kinda? I'd say a Pixel (so Google hardware, yeah) with Graphene, and either self-hosted, or independent end-to-end encrypted cloud storage.
There are alternatives to the tech conglomerates.
Even your alternative requires someone to give money to a tech conglomerate. There is no perfect alternative this late into capitalism Even if there was, it’s not realistic for millions of Apple devices around the world to suddenly be replaced.
By no means should that discourage anyone reading this from taking action to control your data better, however. I also self-host and am doing everything I can to minimize my reliance on big companies, but there are time, skill and monetary gaps there not everyone can overcome.
To a more secure alternative, obviously. There are other options than Apple and Google.
Apple’s choices here were:
-
Do what they did, and remove the feature for the UK only
-
Create a backdoor into their OS that can potentially be used by not just governments, but bad actors too, effectively crippling security for every single device they sell worldwide and bypassing the usefulness of on-device encryption entirely.
-
Exit the UK market, which is not realistic and would leave millions of UK customers without any further recourse than to replace their Apple devices, which is incredibly wasteful and expensive (not to mention inconvenient).
Apple chose the lesser evil. What more could you possibly expect in this situation? If you want to protest, protest the government demanding that level of surveillance on their citizens.
- Artificially pull out of UK, by forcing all UK residents to select a different country of residence with a banner as to why UK residents can't have iPhones, then store all their ADP encrypted data on data warehouses outside of the UK. Then claim that they (Apple) don't track users and have to trust that users are selecting the correct countries of residence, and that they (Apple) will not allow the UK government to peak into non-UK residents, so they can't help "sorry (not sorry)".
Option 4 is similar to option 3 by telling the government to shove it, but with the very important benefit of still allowing the residents to use their products. It's (almost) a win win.
Also not realistic. Even if the UK government didn’t perceive that as fraud, Apple accounts (and most other businesses’ accounts) are region-locked and cannot be transferred elsewhere to prevent going around laws in this way.
This means that every user would also need to make new Apple accounts in their new country of choice and give up any purchases/subscriptions/data in their UK accounts. And possibly need new out of country phone numbers and service as well.
This is why "privacy" doesn't work on a closed system controlled by a third party.
….or a government demanding a way in.
Uhm this is exactly why you only store already-encrypted data on remote servers