WingNews logo WingNews
top | item 38579271

(no title)

zucker42 | 2 years ago

> Who is saying that?

There is a quote in the top level comment of this thread that says that.

> It’s untenable that there’s unsanctioned client software for a messaging platform for which privacy and security are a primary feature.

discuss

order

simondotau|2 years ago

That is not even remotely similar to the claim you made. Nowhere in that sentence is the claim that privacy and security cannot exist without a vertically integrated corporation.

All they're saying is that the existence of third party software compromises Apple's ability to make blanket statements about the security and privacy of this one specific platform. An unofficial third party client breaks an established network of trust — which is an objective fact. If you doubt this, then you really should use this Chromium fork I just developed. Use it to log into your internet banking. Don't be scared. There's nothing to worry about. See, there's a lock symbol in the address bar and everything.

cdata|2 years ago

Sure, but also recognize: web browsers constitute a mature, multi-polar ecosystem; we do not clutch pearls when a user chooses Firefox, or Safari, or Chrome (or myriad others) to transact on the web.

Can a bad actor slap a green lock on an insecure browser clone and harm users? Certainly. And yet, in a survey of the systemic threats to security and privacy on the open web, such attacks are relegated to the margins.

Apple encourages a popular narrative that centralization and control beget trust, and from there may enable privacy and security. Look no further than the comments on this HN post to see the narrative echoed!

It's fair to point out that it's not literally what Gruber wrote, but readers will fill in the negative space around his uncritically apologetic commentary. To state the implied message: trust in Apple's way, and remember that third parties (who are not accountable to Apple) will ultimately deprive you of privacy and security!

oarsinsync|2 years ago

> All they're saying is that the existence of third party software compromises Apple's ability to make blanket statements about the security and privacy of this one specific platform.

We’ve also got examples of Apple making misleading statements about the security and privacy of their platform, as a result of government gag orders.

That recent disclosure makes me suspect that every vector that they do not disclose explicitly as being private, is very much not private. To that end, the platform is clearly neither private nor secure if you value privacy from the government.

…so I’m not particularly concerned about third party software being a cause for concern anymore.

catlifeonmars|2 years ago

> An unofficial third party client breaks an established network of trust

I think this is key. The problem is the security of iMessage as a protocol is dependent on trust between client (implementations). Which is actually not that great from a security perspective.

I don’t mean that there are necessarily vulnerabilities in the protocol (there very well may be), but that the protocol is not something that Apple is willing to depend upon to uphold their desired security guarantees.