• 1 Post
  • 56 Comments
Joined 2 years ago
cake
Cake day: July 7th, 2023

help-circle

  • We secure your account against SIM swaps…with modern cryptography protocols.

    This just dosent make ANY sense. Sim swaps are done via social engeneering.

    See this for details. Their tech support people do not have the access necessary to move a line so there’s nobody to social engineer. Only the customer can start the process to move a line after cryptographic authentication using BIP-39.

    proprietary signaling protection

    If they wanted to be private, it would be Open source.

    I’m really tired of this trope in the privacy community. Open source does not mean private. Nobody is capable of reviewing the massive amount of code used by a modern system as complex as a phone operating system and cellular network. There’s no way to audit the network to know that it’s all running the reciewed open source code either.

    Voicemails can hold sensitive information like 2FA codes.

    Since when do people send 2fa codes via voicemail? The fuck? Just use signal.

    There are many 2FA systems that offer to call your number so the system can tell you your 2FA code.

    The part where I share your reaction to Cape is about identifying customers. This page goes into detail about these aspects, and it has a lot of things that are indeed better than any other carrier out there.

    But it’s a long distance short of being private. They’re a “heavy MVNO”. This means their customers’ phones are still using other carriers’ cell towers, and those can still collect and log IMSI and device location information. Privacy researchers have demonstrated that it is quite easy to deanonymize someone with very little location information.

    On top of that, every call or text goes to another device. If it goes through another core network, most call metadata is still collected, logged, and sold.

    If we accept all of Cape’s claims, it’s significantly better than any other carrier I’m aware of, but it’s still far from what most people in this community would consider private.


  • Part of that is the responsibility of the app developer, since they define the payload that appears in the APNs push message. It’s possible for them to design it such that the push message really just says “time to ping your app server because something changed”. That minimizes the amount of data exposed to Apple, and therefore to law enforcement.

    For instance the MDM protocol uses APNS. It tells the device that it’s time to reach out to the MDM server for new commands. The body of the message does not contain the commands.

    That still necessarily reveals some metadata, like the fact that a message was sent to a device at a particular time. Often metadata is all that law enforcement wants for fishing expeditions. I think we should be pushing back on law enforcement’s use of broad requests (warrants?) for server data. We can and should minimize the data that servers have, but there’s limits. If servers can hold nothing, then we no longer have a functional Internet. Law enforcement shouldn’t feel entitled to all server data.






  • The original paper about microplastics in the brain seems to have a serious methodological flaw that undermines the conclusion that our brains are swimming in microplastics.

    “False positives of microplastics are common to almost all methods of detecting them,” Jones says. “This is quite a serious issue in microplastics work.”

    Brain tissue contains a large amount of lipids, some of which have similar mass spectra as the plastic polyethylene, Wagner says. “Most of the presumed plastic they found is polyethylene, which to me really indicates that they didn’t really clean up their samples properly.” Jones says he shares these concerns.

    This is from other microplastics researchers. See this article. So before we panic about this, let’s wait for some independent replication and more agreement in the scientific community.

    Microplastics are a serious concern, and we need to deal with plastic pollution. Let’s just stick to high quality science while we do that.





  • The 1:1 matching and the porn detection were separate capabilities.

    Porn detection is called Communication Safety, and it only warms the user. If it’s set up in Screen Time as a child’s device, someone has to enter the parent’s Screen Time passcode to bypass the warning. That’s it. It’s entirely local to the device. The parent isn’t notified or shown the image, and Apple doesn’t get the image. It’s using an ML model, so it can have false positives.

    CSAM detection was exact 1:1 matching using a privacy-preserving hashing system. It prevented users uploading known CSAM to iCloud, and that’s it. Apple couldn’t tell if there was a match or find out the hashes of images being evaluated.

    Many people misunderstood and conflated the two capabilities, and often claimed without evidence that they did things that they were designed never to do. Apple abandoned the CSAM detection capability.








  • So even with BFU, does the iPhone not connect to the internet? I guess i hadn’t noticed it doesn’t.

    Well, it’s complicated. Most of these topics are. In BFU state, an iPhone (or iPad with cellular) with an active SIM and active data plan will connect to the Internet. It won’t connect to Wi-Fi at all. If you have USB restricted mode disabled and the right accessory connected it will connect to an Ethernet network, but that may fail if the network requires 802.1x and the credential is not available in BFU state. Similarly if USB restricted mode is disabled you can use tethering to a Mac to share its network.

    For location, there’s two mechanisms. One mechanism relies on directly communicating with the device, which only works if the device has network.

    The other mechanism is the “FindMy network” which uses a Bluetooth low energy (BTLE) beacon to let other nearby devices detect it, and they report that to FindMy. It’s a great technology. The way it uses rotating IDs preserves your privacy while still letting you locate your devices. I know that this works when a device is powered off but the battery is not completely dead. I’m not sure if it works in BFU state… my guess it that it does work. But this is not networking. It’s just a tiny Bluetooth signal broadcasting a rotating ID, so it’s one-way communication.

    Other than that, I’m not as sure how things work. I believe Bluetooth is disabled by default in BFU state, but I suspect users can choose to re-enable Bluetooth in BFU state to connect to accessibility accessories. I’m not sure about the new emergency satellite communication.

    But one thing I know for sure is that Apple has world class security engineers, and one area they work hard to secure is devices in BFU state.