So this person, as a system administrator, wants to be able to sacrifice security for his personal convenience so he can login from anywhere. Does not sound like a system administrator that actually prioritises the right things. Security, especially if its not your own system, should always come first.
You have to balance those two, because the only server that's 100% secure is the one that's powered off. Everyone does that differently. I don't see sshd with key-only auth as dangerous, but password login makes me uncomfortable. Do you drive down to the data center your server is in every time you want to access it?
"I'm using VPN"
Great now you moved the target from sshd to wireguard.
>Great now you moved the target from sshd to wireguard
I definitely agree with your general sentiment, but in this case wireguard has a much better designed protocol. No response to scans, waaaaay smaller attack surface, no deep integration with a shell that needs to be explicitly disabled depending on use case, no pile of obscure authentication options that you need to make sure to disable...
Sure, but have you heard of reducing the attack surface? If you need to have to be able to log in at all times then youre probably at a scale that you have oncall processes and multiple people that can respond to incidents at a moments notice and having pub key auth enabled only makes sense. If you dont need that then youre probably small enough that that enablig only public key auth or putting it behind a vpn suffices. And having something like wireguard is much better than having something like password login enabled.
Anyone who sacrifices security for convenience is asking for trouble.
The nastiest break in I ever had worked because I installed wget on that server for convenience.
It exploited a known Drupal vulnerability to drop in a PHP script that in turn executed wget to download a payload.
So I agree about the importance of reducing the attack surface.
Now, ssh with password authenticated on a tightly controlled server, without fail2ban, port knocking and other tricky setups is exactly it. A setup with reduced attack surface.
> Anyone who sacrifices security for convenience is asking for trouble.
The you should switch off your mobile devices, destroy the sim cards and never connect again.
Is it just me or this whole find my network capability is a security nightmare? I mean I understand its usefulness but can the [insert authority here] just request apple to tell them where this person is even without cellular coverage? Ive decided to move away from the apple ecosystem either way because of this but it just seems to me to be a surveillance nightmare.
The system is designed specifically to make this impossible.
Your tag doesn't know its position, it simply broadcasts its own, rotating public key. Since the key changes randomly (in a way that you as the legitimate owner can predict), a third party can't easily follow the tag.
Other devices see that key, and share their position, encrypted with your tag's public key.
That makes it relatively hard to get the data, essentially impossible without forcing Apple to re-design the system and push malicious updates, which is generally considered as something that goes beyond what normal subpoenas can do.
The US government has told Google to query its location database for any device in the vicinity of certain crimes before. There's no way they're not trying to get Apple to do the same.
If Apple designed they'd crypto system as well as they claim that's not viable at this moment in time, but the government can certainly try.
Anybody can write a subpoena, but Apple is on record as having absolutely no problem telling anyone who does so to go fuck themselves and then backing it up with litigation.
No, because Apple doesn't have the private key of the account holder, and so can't see which rotating codes are associated with that account holder since it's all encrypted.
No they can't. Apple doesn't know who has which tag. It's built with privacy in mind. I know Apple listen touts privacy while having ulterior motives but I looked at the technical design specs and this is pretty great
I doubt Samsung and Google have gone to such lengths with their trackers.
Apple always seems to design services the way a privacy-obsessed nerd would, (if you forced said privacy nerd to design a P2P tracking network).
It's like, "oh, you want all your photos to be searchable, like 'dogs' or 'Eiffel tower'? Fine, we'll create an on-device embedding of each photo, use homomorphic encryption so you can share it with us and we can match it to its contents without even knowing what they are, then we'll send that back to your device for storage. Oh, and we'll use a relay so we don't even see your IP address while doing this, not that it matters since we can't decrypt the content anyway." It's pretty wild, like they could have easily skipped all this and only a fraction of a fraction of a fraction of users would even know or care.
In fact, I was pretty annoyed that the news story from the above example was "Apple is looking at all your photos and violating your privacy", since they spent so much effort doing it the right way, in a way that respects your privacy, it makes it less likely they will bother going through the effort again
I think when you're at apple's scale, the cost of doing all of that difficult engineering pales in comparison to the cost of responding to subpoenas and bad press/lost sales from compromising user privacy. (google did something similar when they stopped storing per-user location data)
Separately; it doesn't matter how good your technology is or how much you believe in it, you need to win the PR battle of convincing people of how it works. An example is VPN companies who claim not to keep logs testifying in court under oath that they can't produce requested logs, or Mullvad being unable to comply with a search warrant for storage drives because their servers didn't contain any.
You misunderstood the point of the news story. Apple automatically opted in everybody's iPhones to sending data to Apple, unlike every other company that requires explicit opt in.
No other company automatically sends data about pictures users take on their phones off the phone. Not a single one. All required explicit opt-in except for Apple. Hence, the news story.
I guess it's a matter of informing the public that homomorphic encryption means no information is visible to Apple, so Apple never receives any information about your pictures at all.
I guess you could make the argument "well what if one day they stop using homomorphic encryption", but that argument doesn't make much sense since 1) why would they and 2) you could already ask the same question today "what if they just started sending info anyway"
I was mainly thinking of Samsung's SmartTag, not Google's recent venture. I have looked for info on the SmartTags in the past and couldn't find it. I have some Samsung ones myself.
I didn't look at the Google ones because I don't use a Google account. So I couldn't use them anyway.
But good to hear that they did design it well, I'll check that video.
I'm absolutely not an Apple fanboy actually. I use Samsung phones. And FOSS on my computers. I moved away from iOS and Mac years ago because I found them too locked in.
I don't trust Samsung and Google as far as I can throw them but apparently in this case they did an ok job. And unfortunately there's no meaningful alternative to the duopoly of iOS and Android. So I was left with two bad choices.
But I don't trust any big tech no. It's just really hard to do without them, sadly.
Interesting thanks. I understand that its designed to be anonymous, but I guess it requires faith in Apple not complying to any forceful request from a security authority in the US to not modify it in secret.
Which mobile phone maker do you have more faith in? Which telco?
Apple have done work, and published tools for researchers, to make it so they can't "modify it in secret". The tools for security research community help verify that and "keep them honest". For instance, this is partly what the prompts about new devices or log in on other devices are about, there's a key exchange happening, and you get told. You can also exchange keys with Messages contacts to verify you're talking to them. You can turn on iCloud Advanced Security and Apple don't get even your backup keys. Also see the new Lockdown Mode.
Granted, Apple can change their minds and become anti-privacy or pro data-brokers and ad-tech, but some of these proofs would break so folks would know.
Anyway, if the government wants to know where you are, they can just ask the Chinese who've been watching Americans' cell phone identifiers move around.
In seriousness, the telcos already sell* this position data to data-brokers and law enforcement have portals to just watch you scurry around, even without a warrant.
* Sometimes telcos share your location data in ways that aren't "selling" so they can say they don't sell it. But the data goes and telcos derive value in exchange.
Just because someone doesn't trust Apple to build a worldwide live location tracking system doesn't mean they don't want someone else to build a worldwide location tracking system. There's an inherent risk to worldwide location tracking systems and while I think the genie is out of the bottle now, I would prefer there not to be a worldwide location tracking network at all.
Airtags have become a commodity at this point and despite attempts to prevent this, criminals are already using them to follow potential victims to their homes. I know GPS trackers and a bunch of different find-my style networks existed long before Apple brought the airtag to market, but those didn't turn up in purses and cars quite as often as Airtags now do.
Apple tries their best to make this thing secure and safe, but there's only so much safety they can add before the devices become useless.
Cryptographers who design these systems do consider the threat of a malicious future iteration of the company and thus try to reduce the trust in a centralized authority.
Apple did fight in court to not have to crack the San Bernardino shooter’s phone, which probably didn’t garner much sympathy with the general public, specifically against government power to compel them to make changes to subvert security.
They also publish a Transparency Report about government requests they’ve received and how many they’ve responded to.
It didn't garner sympathy with the public because they had previously lied to the public that they were technically incapable of complying with those data requests. After the government explained how Apple could comply, Apple shamefully removed the erroneous claim from its website without informing its customers who had believed that claim.
All the big tech companies that have user data publish government data request transparency reports.
The government attempted to force them to write a new operating system for them that would allow them to get the data on the phone. This was never about the San Bernardino phone, everyone knew there was nothing of any use on it and everyone involved was dead. It was about getting precedent on record that they could force a company to backdoor their OS on a court order.
They eventually dropped their request when it became obvious Apple wasn't going to roll over for them.
Your post reeks of some personal vendetta against Apple, and has no factual basis.
If the statement isn't true, then why did Apple stop making that claim? It's because my statement is true. Apple was capable of getting the data.
It is possible for Apple to build a device that Apple wouldn't have been able to access the data on, as they claimed. That isn't what they provided to their customers.
You're using bad faith arguments to defend a multi-trillion dollar company that pushes a restrictive model of computing on its customers for its own benefit for what purpose?
Apple can't access the data on the devices. They've spent absolute fucktons of money building their infrastructure that way, and they give up hundreds of millions of dollars that Meta and Google gladly suck up by not monetizing their customers' data.
Apple provides me with the devices I want that do the things I want them to do. "restrictive model of computing" is a concept that doesn't really mean anything. I can do anything I want on my Mac. My iPhone is way more locked down, and it doesn't bother me a bit. My guess is that like most Apple haters, you don't use Apple devices and have taken up a cause against them based on things that don't have any effect on you.
> The government attempted to force them to write a new operating system
Which they are absolutely capable of, but refused to that time. People in this thread keep talking about provable trust when the software is fully under Apple’s control, which is just puzzling. It’s still a “trust me bro”. Whether you trust them due to past track record is something else. In fact, that you even need to bring up their refusal as evidence means you don’t believe they’re technically incapable of complying.
The government wanted Apple to backdoor iOS at their command.
Apple told the government to go fuck themselves.
None of that addresses whether it was technically possible or not. You've made up a theory in your head about how it was possible based on what some dumbfuck government lawyer made up to file with a court, but that doesn't make any of it true.
And again, none of this had anything to do with that phone. The government wanted to establish precedent that they could order Apple to create a backdoored iOS for them, so that they could use that to spy on people. They gave up when it became obvious Apple wasn't going to roll over for them and rewrite iOS so they could use it the way they wanted to.
Your beliefs about some theory about Apple claiming something about "provable trust" or whatever are really probably unfounded and don't even make any sense.
> Your beliefs about some theory about Apple claiming something about "provable trust" or whatever are really probably unfounded and don't even make any sense.
> Cryptographers who design these systems do consider the threat of a malicious future iteration of the company and thus try to reduce the trust in a centralized authority.
It’s no use. All the opaqueness to Apple relies on
> This private key pair and the secret are never sent to Apple and are synced only among the user’s other devices in an end-to-end encrypted manner using iCloud Keychain.
Which is trivial to compromise from Apple. They do their best to minimize trackability from third parties though.
Provable how? iOS software is closed source and unverifiable. New code can be added to send any data anywhere at any point. Explain to me how you prove closed source software won’t send data under its control ever.
And we don’t even need to go as far as key exchanges, and forget about Find My. Maybe those are better protected and it’s harder for them to pull a sneaky without someone noticing. The location data of your phone isn’t in Secure Enclave and the OS can do whatever the hell it likes with it, good luck verifying a huge closed source OS which phones home all the time isn’t sending your location home. At the end of the day you’re trusting them (or just don’t care because you probably aren’t pissing off TLA, which is certainly true in my case), provable security is extremely limited.
iCloud Keychain escrow data is encrypted by HSM clusters that have administrator keys destroyed; if Apple tried to compromise a keychain by installing malicious HSMs users would first get notified that their data had been lost due to failed/destroyed HSMs.
Trusted computing is a technical concept. People use Bitcoin because it’s provably secure against clearly outlined threats, not because they trust some vendor. Apple and a certain group of fans want to present iOS as a trusted computing platform for certain use cases, but it’s not.
Anyway, I see you’re just trolling here, so there’s no point talking to you.
Given apples outright refusal to help the FBI previously I have more faith than other companies that they’ll do the right thing. But nothing’s perfect.
I think it's worth mentioning that FindMy consists of two distinct "networks"; there's the one where other Apple devices find your stuff, and another where your devices upload their locations straight to Apple. The FindMy app combines these two networks to show the most recent location. As far as I can tell this project only uses the former network, which would require an explicit backdoor due to the way it is designed. But if you're trying to defend against government agencies, that latter network is probably more of your concern.
Is it just me or this whole find my network capability is a security nightmare?
Settings → your_name → Find My → device → toggle off
If you don't trust that this will really disable the feature, then you are going to have to think hard about every electronic device you own.
Do you trust the firmware in your Android phone? What about the non-open-source modem chip? What about the SIM card, which runs Java? Are there microphones you haven't noticed built in to your TV remote? (Many have them.) Your toaster likely has a chip in it more powerful than a networked DOS-era computer. (Mine does.) How do you know it's not joining a nearby wifi network and sending out information?
Ever since the China/iCloud thing, I don't fully trust Apple. But among big tech companies, it's certainly the one that I trust the most.
Its idiotic to focus on the last 100 years. Those american innovations you mention came on the shoulders of innovations from the arabs, romans, ottomans and many other cultures/societies before them. Where is the praise for them?
Why are we so focused on who is the best. We seriously need a population reset. People can be so idiotic and self absorbed.
The fact that ppl think AI is now the solution to everything just because we have a good auto complete tech developed goes to show how much our industry needs a reset. The other day I read someones comment about how we should spend 7T dollars to get to AGI. If our industry had a little more sense and standard, half of the ppl in tech wouldnt meet the bar for sensibility. We probably would also be a lot further ahead in areas we need to be and id definitely enjoy working more in tech. Less idiocy, more sensibility
I'm German, please don't try to belittle someone's point just because you believe them to be from someplace, that's not how it works on this forum. Please go read the guidelines linked at the bottom of the page. Specifically, respond to the strongest possible interpretation of what someone says, not the weakest.
Actually it would. 2% is a lot in the scheme of things. Every bit counts. And to thin it doesnt or that we need to slash only those things emitting more than X amount is a bit simplistic.
Thinking we should just leave billionaies alone and let them do as they wish is nonsense.
2% is not a lot. If it takes 50 years of accumulation for things to get bad, saving 2% means it'll be bad in 51 years. And remember, that's for all of the airplanes in all of the world (tens of thousands from commercial alone).
The actual savings from Bezos' and Musk's planes is something like 0.000_024 percent. So if it takes 50 years until it gets bad, it'll take about 50 years and 8 minutes after you take away their planes.
Whether something counts should be done with math, not feel good sentiment or pandering to people's envy.
> 2% is not a lot. If it takes 50 years of accumulation for things to get bad, saving 2% means it'll be bad in 51 years.
Only if you simplify everything beyond all measures. But the climate is a little more complicated than "we can only emit X more tons before things get bad".
As an example, there are feedback loops that accelerate climate change once hit. Over time this amplifies the effect of any reduction we achieve now.
Also, the more time we have to "find a solution" as many people bet on, the more of our current biosphere will survive. Aside from any moral obligations, this is obviously in our best interest as it increases the chances of more humans surviving.
Even if you argue against these points, there are many others - none included in the math you've done.
I don't think you understood the argument. I rounded up to 2% to give the most possible benefit of the doubt that anything involving airplane flights matters.
Do you really think that saving .000024% by getting rid of Bezos and Musk's jets is going to delay that complicated feedback loop and buy someone the time to save the world? Do you really think 2% is going to delay anything significantly?
Because I don't see how you can "it's complicated" your way into that belief.
No, I'm pretty sure I understand your argument perfectly well: by removing any nuance and simplifying the model beyond belief you show that changes have no effect. When adding that nuance back in, suddenly the effect comes back.
> Do you really think 2% is going to delay anything significantly?
As soon as you define "significantly", I'll gladly answer your question.
My back of the napkin example chose 50 years because it made the numbers round. Let's pick more relevant numbers. The Paris Climate goals are to keep the increase under 2C, and depending on what IPCC model you believe, it looks like we'll blow through that goal in about 25 years (2050). So now, assuming you get to take all airplanes out of the skies, not just Bezos and Musk's, and you save 2% on emissions because of it. How many years does 2% buy you past 2050? I would consider 10 years significant, 1 year certainly is not.
If your answer isn't measured in years, possibly with a confidence interval, we'll both know this is more of you trying to "win" an internet discussion by arguing in bad faith.
You're deliberately looking at the wrong aspect and once again reducing a complex issue to a simple number. The question isn't "how many years does this give us until we reach an arbitrary goal", it's "what effect does the additional time have?".
We're currently experiencing a mass extinction only rivaled by previous incredibly catastrophic events. Even a single year could mean whole ecosystems collapsing or not collapsing. If we find a technological solution for climate change in 2050, but critical species went extinct due to overheating in 2049, the 2% air emissions will be the difference between billions of people dying or not dying.
I don't know how to quantify these risks, and apparently neither do you. But that doesn't mean we can ignore them when we consider the best course of action. It only means: your model is insufficient and simplifies things beyond reason.
I doubt you believe 2% is going to save billions of lives because of a tipping point in 2049. That's another bad faith argument, but go ahead and ground all the aircraft. No skin off my back.
The reason for pointing out insignificant things is so that people aren't distracted from the significant things.
"It's complicated." So go ahead and keep everyone worrying about Taylor Swift's jet. Create a carbon tax for billionaires. Offset the emissions, or whatever. But you aren't looking at things that could actually make a difference.
It's not a bad faith argument to bring up a scenario deliberately constructed for showing complexities your simplifying model deliberately ignores. Obviously I don't believe that this scenario will literally happen, and I can't imagine you're interacting in good faith if you still don't understand that.
It's bad faith unless you really believe that's _plausible_, not some extremely stretched version of _possible_.
> Obviously I don't believe that this scenario will literally happen
So you don't think that's really plausible, and I don't think it was a good faith argument.
I'm going to say it again, because I don't think you got it: The reason for criticizing when people focus on insignificant things is because it's a distraction from focusing on things that could actually make a difference.
I absolutely believe that it's plausible for a comparable scenario to occur. It might not be 2049 and 2050, but 2075 and 2080? Or 2100 and 2110?
Unless you believe that humanity will 100% die off or 100% fix climate change tomorrow, the chance of a 2% reduction in CO2 output having no measurable effect on our future is close to 0%, yet your modelling puts it at close to 100%.
I'm going to say it again, because I don't think you got it: you're deliberately misrepresenting the situation and simplifying things beyond reason. The correct response to an inability to model something isn't to just leave it out. You specifically pointed out that we should make these decisions based on math, but your math is incomplete enough to be useless.
We should wrap this up. Saying 2075 or 2110 is the same ridiculous claim as 2049, but I'll pretend you believe it'll save a billion lives to be done with it.
Btw, since you're only really interested in winning debates, you probably shouldn't open the window for other people to define the terms. When you asked me for a definition of "significant", it puts you in a bad spot no matter whether you do or don't respond to it. Of course you didn't respond with a number of years, because that would support my point. I gave a really concrete scenario, and you refused to answer, and it was obvious to both of us why you didn't answer.
Best of luck in your future internet battles. Everyone needs a hobby.
Yeah, we should. You're still not able to accept that your simplistic framing is useless and still insisting that any arguments are only valid if they simplify just as much, since your position falls apart otherwise. Ending the conversation with ad-hominems definitely shows you're not just a bad-faith troll, sure.
If you group emissions sufficiently finely, no single measure has any effect. We need to do hundreds of little changes to reach carbon neutrality. The discussion what to prioritize is not easy, but dismissing things just because they only contribute x% is not helpful.
Please look at that chart and aggressively pick all the items you're going to add up. Prioritize the difficult choices and make the helpful decisions. Focusing on energy CONSUMPTION is a losing battle, you won't even get to 50% in theory, and in practice you'd lose political will as people realize you're taking them back to the stone age.
Now look at the chart and focus on energy PRODUCTION. If someone could make enough emission-free electricity, you can get rid of nearly all of it. Except for airplanes, because batteries are heavy - but thankfully that's only 2% and doesn't matter very much.
No matter how you slice it or whatever sentimental argument you throw at it, Bezos, Musk, and Taylor's jets don't add up to anything that matters.
It's death by a thousand cuts, with that way of thinking why would we close a single coal plant? Taken in isolation they amount to nothing either.
If your argument is "everything but airplanes", it would be interesting to know why you think they are so important?
As for energy consumption reduction leading us back to stone age: it's about cutting the excess to keep what matters, no one arguing for it will pretend for a second that the excess stops at stone age level. Thankfully it doesn't even go as far as 250 years ago, when our world was still entirely renewable.
If commuting for 50km for work is what matters, cutting the excess means replacing many SUVs by an (electric) bus or a train plus an e-bike. And maybe create jobs or housing closer. Not "not working" or "dying".
> no one arguing for it will pretend for a second that the excess stops at stone age level. Thankfully it doesn't even go as far as 250 years ago, when our world was still entirely renewable.
Look at the chart. Cement, Iron, and Steel are responsible 10.2% of global emissions. Without those, it's almost the definition of stone age. I'm not sure about "renewable", but the world was not zero emissions 250 years ago. There were just fewer people.
My argument is not "everything but airplanes". My petty argument is that this article is stupid, and the bigger point is that focusing on the energy consumption side is a dead end. The problem is that EVERY sector is not very significant. That's what that chart shows:
Eliminate air travel: 1.9%
Eliminate all trucking and cars: 11.9%
Eliminate residential heating/cooling: 10.9%
Eliminate commercial energy use: 6.6%
And so on...
If you focus on energy consumption, you can't solve that WITHOUT a thousand cuts, and that's totally unrealistic. And rage bait articles appealing to people's dislike and envy of billionaire airplanes for 0.000024% benefit don't help. Anyone who focuses on that is not using an engineering mindset and is distracted from the goal.
Ok, so now look at it from the energy production side. Get real serious about nuclear or wind/solar/batteries (and a few agricultural changes), and you could actually make a difference.
This is usually the point where someone says nuclear plants are always over cost and take too long to build, but the US military has hundreds of reactors running safely, and they were constructed for some government definition of "on time". If we were serious about achieving the goal in the US, we'd be pushing for a new branch of the military to manage public reactors or something, or we'd get real serious about batteries.
Btw, I fucking hate flying. The experience is miserable, and I can deal with ground/water shipping for anything I buy. It wouldn't change my life one bit if we grounded all the airplanes. But I'm not dumb enough to think that would change anything about the predictions for the climate, and flying has benefits to other people. The point was that you can't really solve air flight with batteries or nuclear power, so thankfully 2% isn't much.
What a silly take. Of course it wouldnt change things in an instant but i twould long term. So if everyone divested from fossil fuel companies, tanking their stock price, and redirected that cash to renewable energy companies, you are saying no impact would happen in the long term? I beg to differ. It would force these companies to actually change their long term strategies so that investors continue to provide cash to them.
Dont worry, Oxfam doesnt need your simplistic views and support based on your own simplistic analysis.
The other thread on HN about the funding waymo received just went to show how little Tesla and their fans know about Autonomy and that it cannot be solved with their hardware stack. They talk a lot but wouldnt dare put their money where there mouth is and sit in the backseat and take a ride across town with supervised FSD (which is an oxymoron). It is such a clear stock pumping scheme by Elon to maintain their Market cap and people fall for it. Im long Uber and Goog on this and when Tesla fanboys finally get struck with reality its going to be hilarious.
