• bloodfart
    link
    fedilink
    arrow-up
    2
    ·
    7 months ago

    the fbi had to pay a third party shop a million bucks to desolder the nand and copy it so they could try every combination of passcodes to get… no useful data.

    it’s not optics when your device security requires that degree of technical skill and manpower to defeat.

    almost a decade ago.

    and you see the attack vector and take steps to mitigate it.

      • bloodfart
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        7 months ago

        Apple was identified as a participant in PRISM three years after google was and five years after Microsoft. Their cloud service (what PRISM refers specifically to) can be protected from that program by enabling Advanced Data Protection (capitalized here to indicate that such a generic name has specific meaning).

        Lifelog was officially cancelled in 2004, three years before the iPhone was released.

        I’m not sure how the email spam filter project honeypot is related to what we’re talking about.

        What are we talking about? I replied to your comment about how apple not giving a backdoor to the fbi for the San Bernardino shooters phone was optics and not a real commitment to security.

        I truly see their response as more than simply optics considering it took a one million dollar physical compromise to defeat the phones lock and apple responded to the agency’s success by moving to a system for device encryption that mitigated that hardware attack vector.

        E: lifelong -> lifelog. Thanks autocorrect

          • bloodfart
            link
            fedilink
            arrow-up
            1
            ·
            7 months ago

            Would you mind pointing me to the smartphone guide?

            It’s not a paranoia measuring contest, but I’m decently noided out as well and was never able to find conclusive links between lifelog and Facebook aside from some insanely dubious coincidences. Even the tla -> Facebook pipeline shows all the signs of simply being administrative and security state assets revolving dooring into the private sector a-la iraq 2 just like they freely move from positions within the agencies of one administration or another to the rest of aang.

            I welcome new to me information though…

            I’m no fan of cloudflares dns, but the bot aimed project honeypot never bugged me. It always seemed as benign as a function of a group that makes money off internet shit running “good” (whatever that means) can be. Feel free to pill me on cloudflare though.

            As you correctly guessed, I do own and use Apple devices, and have developed for them. I am familiar with the way the do not track system works, and it is, as the article you linked states, possible to send and receive tracking data through channels outside of it. I actually used to use lockdown privacy, the program from the authors of that study, but switched to a dns blocker.

            It’s worth noting that since att was added to ios the line was publicly that trackers would be slowly pushed out. I noticed this myself when using lockdown privacy. Over time it would block fewer and fewer trackers not because they weren’t there, but because the ways apps were allowed to classify their data would narrow.

            I’d love to see the same people do that study now. Realizing I could be fine with a simple dns blocker was why I stopped using their product!

              • bloodfart
                link
                fedilink
                arrow-up
                1
                ·
                7 months ago

                When I get a chance to actually read that with the level of attention it demands I’ll probably ask you some questions about it.

                This is not a defense of Zuckerberg: he said that in 2004. People were more slapdash about their personal data back then and frankly he was right.

                It’s always surprising to me how much more attention is paid to policies and warrant canaries in the privacy space than the jurisdiction a company falls under. It’s not like Facebook could tell the government “no, thank you.” When they’re served a warrant for search and seizure.

                I tend to see corporate actions as aligned against my interests as opposed to ontologically evil. There’s no need for an overtly coordinated conspiracy when the same goals are accomplished through a revolving door policy between the administrative state and the largest data handling companies in human history.

                Of course, Facebook would never even want to say no to such a request because making the kind of money they do requires close coordination with government.

                I get it. Reddit was a huge platform and relying on trust there was impossible.

                I didn’t come to lemmy from reddit, and my ideas about privacy are more grounded and everyday than yours. To give you some idea of how I got to where I am, I foiad myself after getting a tipoff and found out that completely unrelated to anything digital or computerized or any failure of operational security from my actions, I don’t have privacy.

                Before that, what now seems like many years ago, when data brokerages became accessible I looked for myself and everything (and I mean everything) was there. Again, through no fault of mine and in one case without any relation to digital documents at all I did not have privacy. In one case it happened while I was a child!

                People wring their hands about gen a coming into adulthood with unerasable digital records that will haunt them forever. I’m middle age.