None of these articles are proof of anything and again you’re just taking their word for it. None of this is apple open sourcing the software for audit and none of these certifications makes them special. This is like saying a Microsoft Surface device passed all of these certifications and checks so it can’t get malware.
It literally describes their entire security process, which is vetted by NIST (a government agency of the United States of America who create standards), NASA (a government agency of the US that focuses on civil space programs, aeronautics research and space research), DISA (a DoD combat support agency that provides IT and communications support to the president, VP, Secretary of Defense, DoD, and any individual or system contributing to the defense of the US), and LANL (one of sixteen research and development laboratories of the DoE who conduct multidisciplinary research in fields such as national security, space exploration, nuclear fusion, renewable energy, medicine nanotechnology, and supercomputing).
Those guys are always looking at Apple’s security. Always.
Its vetted, tested, and hardened based on scientific research by many organizations. Its not just apple whipping this shit up willy nilly.
You are still insisting that these stop apple from writing software to harvest user data. The chips can work and the software can still be flawed or malicious. You seem to think that these certifications make it impossible to write malicious software for this hardware. You fundamentals don’t understand what you’re implying.
With services that are end-to-end encrypted, such as iMessage, the service operator cannot access the data that transits through the system. One of the key reasons such designs can assure privacy is specifically because they prevent the service from performing computations on user data. Since Private Cloud Compute needs to be able to access the data in the user’s request to allow a large foundation model to fulfill it, complete end-to-end encryption is not an option. Instead, the PCC compute node must have technical enforcement for the privacy of user data during processing, and must be incapable of retaining user data after its duty cycle is complete.
We designed Private Cloud Compute to make several guarantees about the way it handles user data:
A user’s device sends data to PCC for the sole, exclusive purpose of fulfilling the user’s inference request. PCC uses that data only to perform the operations requested by the user.
User data stays on the PCC nodes that are processing the request only until the response is returned. PCC deletes the user’s data after fulfilling the request, and no user data is retained in any form after the response is returned.
User data is never available to Apple — even to staff with administrative access to the production service or hardware.
So we are back to Apples promises of privacy and security being meaningless because you can’t verify that any of these claims are valid. The hardware may be secure but that doesn’t mean much in this case.
I never left the topic of Apple’s promises of privacy and security. The article you linked initially is completely about third party apps and their tracking. Using their App Store policies, Apple have steered apps into stating if they track you or not. It doesn’t eliminate tracking. It simply lets the user know how much data will be harvested.
You can see how it shook up a lot of the big harvesters when they were EXTREMELY slow to update their apps following this policy going into affect. Each app had to determine what was being harvested and figure out a way to let the user know. You’ll notice the big apps like any Google apps, Facebook (Meta), IG, etc waited a looooong time before releasing any of that data.
Apple themselves post this data in each and everyone of their apps. You can find it in the app store. Its transparent, and they let you know what they do with it.
There is no secret tracking, if thats what you are implying. The article you linked focuses on third party apps anyways, not Apple’s own apps.
Apple above all has more access than any 3rd party app. You simply have no way of knowing what apple is doing behind the scenes without the source code. You are merely taking their word for it.
I’m done with this. Ads in this case are just one aspect. Apples ad service is a multi billion dollar part of their business and if you think they’ve done that with zero ad targeting you’re being extremely naive.
Harvesting data in this case is also extremely vague and doesn’t have to involve ads at all. If they’re advertising privacy and security then it obviously should be about more than ad targeting data. It should be the case that they have no access to any user data on the device or being stored in the cloud. For instance iCloud storage is not end to end encrypted by default, instead Apple has the encryption keys and can decrypt user data at any time.
You absolutely cannot guarantee privacy and security without knowing exactly what’s going on behind the scenes, especially when we are talking about a company that is more beholden to shareholders than its own users.
None of these articles are proof of anything and again you’re just taking their word for it. None of this is apple open sourcing the software for audit and none of these certifications makes them special. This is like saying a Microsoft Surface device passed all of these certifications and checks so it can’t get malware.
It literally describes their entire security process, which is vetted by NIST (a government agency of the United States of America who create standards), NASA (a government agency of the US that focuses on civil space programs, aeronautics research and space research), DISA (a DoD combat support agency that provides IT and communications support to the president, VP, Secretary of Defense, DoD, and any individual or system contributing to the defense of the US), and LANL (one of sixteen research and development laboratories of the DoE who conduct multidisciplinary research in fields such as national security, space exploration, nuclear fusion, renewable energy, medicine nanotechnology, and supercomputing).
Those guys are always looking at Apple’s security. Always.
Its vetted, tested, and hardened based on scientific research by many organizations. Its not just apple whipping this shit up willy nilly.
You are still insisting that these stop apple from writing software to harvest user data. The chips can work and the software can still be flawed or malicious. You seem to think that these certifications make it impossible to write malicious software for this hardware. You fundamentals don’t understand what you’re implying.
https://security.apple.com/blog/private-cloud-compute/
What fundamentals am I missing?
https://support.google.com/pixelphone/answer/11062200?hl=en#zippy=%2Cnist-fips----cmvp-cavp
Pixel devices have the same certificates. Does this mean Google can’t harvest my data?
Correct. It will not harvest data until you log into a Google service and agree to their ToS.
So we are back to Apples promises of privacy and security being meaningless because you can’t verify that any of these claims are valid. The hardware may be secure but that doesn’t mean much in this case.
I never left the topic of Apple’s promises of privacy and security. The article you linked initially is completely about third party apps and their tracking. Using their App Store policies, Apple have steered apps into stating if they track you or not. It doesn’t eliminate tracking. It simply lets the user know how much data will be harvested.
You can see how it shook up a lot of the big harvesters when they were EXTREMELY slow to update their apps following this policy going into affect. Each app had to determine what was being harvested and figure out a way to let the user know. You’ll notice the big apps like any Google apps, Facebook (Meta), IG, etc waited a looooong time before releasing any of that data.
Apple themselves post this data in each and everyone of their apps. You can find it in the app store. Its transparent, and they let you know what they do with it.
There is no secret tracking, if thats what you are implying. The article you linked focuses on third party apps anyways, not Apple’s own apps.
Apple above all has more access than any 3rd party app. You simply have no way of knowing what apple is doing behind the scenes without the source code. You are merely taking their word for it.
I’d love to have the source code, yes, but there are literally zero ads on my apple devices until I open the app store.
What data are they harvesting? and again, can you provide a source that they are harvesting data on users?
I’m done with this. Ads in this case are just one aspect. Apples ad service is a multi billion dollar part of their business and if you think they’ve done that with zero ad targeting you’re being extremely naive.
Harvesting data in this case is also extremely vague and doesn’t have to involve ads at all. If they’re advertising privacy and security then it obviously should be about more than ad targeting data. It should be the case that they have no access to any user data on the device or being stored in the cloud. For instance iCloud storage is not end to end encrypted by default, instead Apple has the encryption keys and can decrypt user data at any time.
You absolutely cannot guarantee privacy and security without knowing exactly what’s going on behind the scenes, especially when we are talking about a company that is more beholden to shareholders than its own users.