Something that has haunted me for many years is how much Apple has built a brand around "we don't let anyone touch your data!"
And I don't mean just as a branding that "normal people" (ones who aren't interested in or involved with tech) believe
They even manage to sell it to people who know how things work behind the curtain!
I have had people I once respected that are as deep into the weeds of technology as I am ask me, point blank to my face. "Can you prove it?" when I snark that things like iCloud in China are obviously backdoored. This was before they bent the knee to the UK as well [1]
Is there something in the water for Apple users?
You have no proof Apple gives China a backdoor to encryption. The claim is as baseless as saying Google gives China a backdoor. Stop the FUD.
Chinese iCloud is hosted in domestic servers[0] with custom HSMs (Hardware Security Modules) installed[1] to geolocate E2EE keys for Chinese users in Chinese servers.
If Chinese authorities demanded physical access to the data there is nothing Apple can do to stop them. There is no proof that Apple provides credible security to these users and no historical audits that suggest they can.
[0] https://support.apple.com/en-us/111754
[1] https://www.nytimes.com/2017/07/12/business/apple-china-data...
So when Microsoft responds to an American warrant (or NSL) requiring a copy of a customer's data stored on Microsoft servers, that is a "backdoor in Windows"?
That's a weird moving of the goal posts!
Two things can be bad, you know :)
Well, first off, I never called it a backdoor. I just laid out the pitiful security situation Apple created for their Chinese users. You're the one putting words in my mouth.
Secondly, yes, especially if it's OneDrive. Both iCloud and OneDrive are first-party software products, they are built-into their respective operating systems as native features. If BitLocker was compromised, it would be a "Windows backdoor" too.
> I just laid out the pitiful security situation Apple created for their Chinese users.
Which American companies do you imagine are immune to American warrants or National Security Letters?