- The Apple Den
- Posts
- RIP Apple Security Updates?
Not yet a subscriber? Sign up here!
Good morning! āļø *Tim Cook voice*
The UK is trying to ban security updates, we could see the first Ultra iPhone, boring iPhone 15 Pro colors, iOS 17 is quickly approaching, and more!
Estimated reading time: 3.7 minutes
š Poll
Last week, I asked: will average consumers care about USB-C?
Here were some of my favorite replies:
No - āAverage consumers arenāt thinking about that sort of stuff. The phone has to work so they can use social media and take photos. For them, a charger is a charger.ā Iām increasingly finding myself in this camp as Iāve asked around lately.
No - āMost don't care, but will be happy when their cables are consistent across all devices. I think the pressure should be more focused on Apple keeping their cable up-to-date with modern technology rather than USB-C specifically.ā I agree, I also think Apple needs to make a more durable cable than the standard ones
Yes - āYes, but not in a positive way. The average consumer will be quite upset at having to replace cables for everything once again. There was quite an uproar the last time the iPhone changed its charging port.ā Idk, I think Apple is going to really āsellā USB-C at the event & in stores so that you donāt think of it as āreplacingā but rather āupgradingā - you know Apple will do some magic marketing like always!
Yes - āSo many devices now use USB-C including water pics, toothbrushes, flashlights, lighters, and many others, It's convenitent to be able to use the same charging station and cables for all.ā This is the most common sentiment and I agree!
This week: Do you prefer pre-recorded Apple Events, or live/in-person Apple Events? Why?
Live or Pre-Recorded Apple Events? |
š¤¦š»āāļø The UK wants to Ban Apple Security Updates
You know, Iām getting sick of legislators trying to change the path of technology when they clearly do not understand the subject matter as well as they think they do.
The latest case in point? Security updates from Apple. The UK is now trying to ban security updates.
The United Kingdom government has unveiled plans to revise the Investigatory Powers Act 2016 (IPA)
In the revised plan, they state that tech companies would need to notify the British government before rolling out a security fix
But if the security fix blocks a vulnerability thatās being exploited by security services, it could be refused permission to push the update
Device manufacturers would likely also have to notify the government before making available important security updates that fix known vulnerabilities and keep devices secure. Accordingly, the Secretary of State, upon receiving such an advance notice, could now request operators to, for instance, abstain from patching security gaps to allow the government to maintain access for surveillance purposes.
E2E Encryption
Keep in mind, this is the same government who has wanted to ban end-to-end encryption since 2017.
Apple recently stated that they would remove iMessage and FaceTime entirely from the UK instead of removing E2E encryption.
This isnāt just something that can be removed from an app or service. Gruber puts it best:
Itās a complete fantasy that E2EE can be toggled like a light switch and still allow messages to be delivered. The end-to-end encryption isnāt a sugar coating, some sort of extra layer of protectionāāāitās fundamental to the messaging protocols themselves. It has to be, when you think about it. If it were possible for, say, Signal, to silently disable E2EE but still have messages go through, how could users ever trust the service?
You could neither trust that what you were sending would be delivered securely, nor that what you received wasnāt intercepted by an interloper. Thereās an explicit guarantee with all of these E2EE messaging platforms that messages can only go through securely.
Removing E2EE wouldnāt require some mere tweak to the protocols, it would require replacing the protocols entirely (with inherently insecure ones).
The craziest part about all of this is: The UK could very well pass this law. And they will think that Apple, WhatsApp, and other companies who are all-in on E2EE will just abide by their new laws. They think Apple is bluffing.
But I can see a scenario where Apple follows through and bans FaceTime and iMessage in the UK. And this could set the example for WhatsApp, Signal, and other E2E messaging apps to do the same and pull their apps from the App Store in the UK.
This is madness and will be very interesting to see where we go from here.
Reply