This is a very verbose article that does not really engage with the actual question in the title. I still do not understand why apple (and in general big tech it seems?) reroute users to external forensic services instead of doing the forensics themselves. This only thing the article says about it is "they do not want/it is better this way".
Apple does extensive forensics itself, and spends more on platform and hardware security than all but perhaps? two other companies in the world. By referring people to nonprofit labs, Apple is encouraging information about spyware systems --- which target multiple platforms --- to be widely disseminated, and allows the OSINT process, which Apple has no comparative advantage in running, to work out targeting and sourcing.
The norm in high-end platform security practices at companies is to keep cards as close to the vest as possible, revealing information largely in the form of feature-style announcements of security improvements. The norm Apple is setting here is better.
This is why I read more comments than articles.
It said that AccessNow is really good at intake, and it wouldn’t be good for Apple to be in the business of inspecting so much personal data.
My guess is that if Apple did this themselves, it would be firewalled from most of Apple, so like AccessNow, so hopefully they help fund AccessNow.
The engineering requirements to build a branch of a company with the security needs of specialized SOC would be crazy endeavor and to the point that whatever comes of it would probably look as foreign to the main company's function than what currently exists. Having a separate non-profit agency handle these cases would not only allow for the agency's incentives to align, but also the overall security design approach to its facilities and internal networks. It's a win-win for both private and public interest imo.
If you are targeted, presumably, they will be attacking you from every angle they can. If you have other tech besides Apple's, then that's just another attack vector. If Apple did this, they'd be Apple focused leaving many vulns. By this group being not Apple specific, they can be up on all the ways like IoT devices, Android, etc.
Based on that, it seems smart for each of the tech players to support the 3rd party solutions
Consider the liabilities, expectations, and political issues if Apple was doing such support work in-house. For the last - Apple has large, profitable operations in a fair number of the countries which might be targeting certain dissidents and journalists. Mr. Cook does not want any "you are aiding our worst enemies..." pushback when he is negotiating with the governments of those places.
The big takeaway from this article:
> All the experts TechCrunch spoke with strongly recommend turning on Lockdown Mode if you think you may be a target, especially if you are a journalist, human rights defender, or dissident.
What does Lockdown Mode do?
> When someone enables Lockdown Mode, some Apple apps and services work differently. For example, most attachments and link previews are blocked on iMessage, FaceTime calls from unknown contacts are filtered, location information is removed from shared pictures and certain fonts on websites are prevented from loading.
https://techcrunch.com/2023/12/07/apple-says-it-is-not-aware...
IIRC, it also disables the Javascript jit compiler and configuration profiles.
> While it may look like Apple is abdicating its responsibility to protect its users
After reading the whole thing it still looks like that. After doing all that work to identify who’s been targeted with mercenary spyware why would you want to go to someone else to have them try their best at finding who it was?
I don't see how you can come to that conclusion. Apple has obviously gone to significant effort to detect and notify in these situations, and they actually provide helpful information - pointing victims to an organization which can actually help them. Abdicating responsibility would be to do none of these.
Agree the article doesn’t answer the question at all.
My guess is expertise and scale; if Apple finds five such users a day, that doesn’t support a staff of 100 forensic experts. But if Apple, Facebook, Google, etc, etc, find 500 users a day, that might.
But who knows? The article sure doesn’t.
The real question is: does Apple donate to this nonprofit?
According to this[1] it looks like Apple is more or less directly funding the helpline, so it's more like Apple is outsourcing the work.
Note that I don't think the 2024 table is complete yet. Compared to 2023 there's hardly anything on it. In 2023 you can see that Meta was specifically funding the helpline. Lots of other major tech companies show up too.
Though mostly the charity seems to run on European taxpayer money (~60% of its funding).
Looks like Apple has been funding them for at least the past 3 years so this may even be fair.
If you're really targeted, "they" will also go for your non Apple devices like your "smart" TV. So you could probably use support to harden all your tech stuff.
That’s a good point.
Apple’s game is deep vertical integration. That’s all fine and dandy for selling products, but helps not one bit for customers who aren’t all-in on Apple’s ecosystem. A third party who only does this sort of work, in a platform agnostic way, is the sane way to handle things.
Right. If there is training or some other non-Apple/vendor agnostic stuff that has to go on (VPN) or device management they probably don’t want to get involved.
>After doing all that work to identify who’s been targeted with mercenary spyware why would you want to go to someone else to have them try their best at finding who it was?
Thus is a great question and Apple's actions here seem to undermine many of the privacy arguments they've made against Right To Repair.
[deleted]
It seems sensible to send people to the appropriate avenue for support, they have no idea how someone has been compromised and by taking ownership it becomes their problem.
If someone breaks into your house do you call the builder for help?
> If someone breaks into your house do you call the builder for help?
If they constructed and installed the locks, and a weakness in the locks appears to have been the entry point for the break in, then yeah maybe?
There are weaknesses in everything around you. If apple were to be the owner of the issue then what’s to stop apple covering it up? It’s better for a third party to support, track and collate the issues and then for that knowledge to be addressed by Apple, or any other tech company.
Apparently quantum computing is around a decade away, when that happens I’ve been told you can say goodbye to all privacy at that point.
And the locks can be remotely patched to remove the weakness... seems fair.
Not the builder, but calling the lock maker for sure.
Even if you do go to the builder, what are they going to tell you other than “yup. Lock got busted: here, here, and here, you should probably call the <people who investigate break ins for a living>”?
I feel like the notification already does exactly that, no? “Hey, your phone looks busted, go call the <people who investigate sophisticated cyber surveillance targeting for a living>.”
And from the angle of “yeah you guys installed the locks wrong and they just opened the door, you should fix that”- does anyone reject the idea that the vuln would get reported to Apple, and that they’d be on it like crazy?
Damn builders used glass for my windows. Don't they know how easy that is to break?
no, you call the police and your insurance company. the insurance company might enquire with the builders on who's at fault. hope that helps.
[dead]