HACKINTOSH.ORG | Macintosh discussion forums

Macintosh News => Apple News => Topic started by: HCK on May 18, 2021, 04:05:08 pm



Title: Apple's Security Compromises in China Outlined in New Report
Post by: HCK on May 18, 2021, 04:05:08 pm
Apple's Security Compromises in China Outlined in New Report

Apple has been making concessions on privacy and security in order to continue building and selling its devices in China, according to an in-depth report from The New York Times (https://www.nytimes.com/2021/05/17/technology/apple-china-censorship-data.html).





(https://images.macrumors.com/article-new/2021/05/China-iCloud-Feature-2.jpg)


The focal point of the report is Apple's decision to comply with a 2016 law that requires all personal information and data collected in China to be kept in China, which has led Apple to build a China data center (https://www.macrumors.com/2017/07/12/apple-china-data-center-cybersecurity-law/) and relocate Chinese customers' iCloud data (https://www.macrumors.com/2018/01/10/apple-announces-chinese-icloud-handover/) to China, managed by a Chinese company.





Apple fought against China's efforts to gain more control over customer data, but given China's leverage over Apple, Apple had no choice but to comply. There were initially disagreements over the digital keys that can unlock iCloud (https://www.macrumors.com/guide/icloud/) encryption. Apple wanted to keep them in the United States, while Chinese officials wanted them in China.





Ultimately, the encryption keys ended up in China, a decision that "surprised" two unnamed Apple executives who worked on the negotiations and who said that the decision could potentially endanger customer data. There is no evidence that the Chinese government has access to the data, but security experts have said that China could demand data or simply take it without asking Apple, especially given compromises in encryption key storage and the fact that a third-party company manages customer data on Apple's behalf.


"The Chinese are serial iPhone (https://www.macrumors.com/guide/iphone/) breakers," said Ross J. Anderson, a University of Cambridge cybersecurity researcher who reviewed the documents. "I'm convinced that they will have the ability to break into the servers."



In a statement, Apple told The New York Times that it "never compromised" the security of users or user data in China "or anywhere we operate." Apple says that it still controls the keys that protect the data of Chinese customers, and the China data center is using the most advanced encryption technology available, which is more advanced than what Apple uses in other countries.





Apple has also been removing apps (https://www.macrumors.com/2020/12/31/apple-removes-39000-game-apps-from-china-store/) from the App Store (https://www.macrumors.com/guide/app-store/) in China at the request of the Chinese government after China began requiring an official license to release an app. Apple told The New York Times that it has done so to comply with Chinese laws.
"These decisions are not always easy, and we may not agree with the laws that shape them," the company said. "But our priority remains creating the best user experience without violating the rules we are obligated to follow."
The New York Times' report (https://www.nytimes.com/2021/05/17/technology/apple-china-censorship-data.html) goes into much more detail on the compromises that Apple has made in China, and it is well worth reading in full.<div class="linkback">Tag: China (https://www.macrumors.com/guide/china/)</div>
This article, &quot;Apple's Security Compromises in China Outlined in New Report (https://www.macrumors.com/2021/05/17/apple-security-compromises-china-icloud/)&quot; first appeared on MacRumors.com (https://www.macrumors.com)

Discuss this article (https://forums.macrumors.com/threads/apples-security-compromises-in-china-outlined-in-new-report.2296551/) in our forums

<div class="feedflare">
<img src="http://feeds.feedburner.com/~ff/MacRumors-Front?d=yIl2AUoC8zA" border="0"></img> (http://feeds.macrumors.com/~ff/MacRumors-Front?a=mnnFPBrRadQ:S_xSXfBOx4c:yIl2AUoC8zA) <img src="http://feeds.feedburner.com/~ff/MacRumors-Front?d=6W8y8wAjSf4" border="0"></img> (http://feeds.macrumors.com/~ff/MacRumors-Front?a=mnnFPBrRadQ:S_xSXfBOx4c:6W8y8wAjSf4) <img src="http://feeds.feedburner.com/~ff/MacRumors-Front?d=qj6IDK7rITs" border="0"></img> (http://feeds.macrumors.com/~ff/MacRumors-Front?a=mnnFPBrRadQ:S_xSXfBOx4c:qj6IDK7rITs)
</div><img src="http://feeds.feedburner.com/~r/MacRumors-Front/~4/mnnFPBrRadQ" height="1" width="1" alt=""/>

Source: Apple's Security Compromises in China Outlined in New Report (https://www.macrumors.com/2021/05/17/apple-security-compromises-china-icloud/)