Apple's Security Compromises in China Outlined in New Report
lundi 17 mai 2021, 22:46 , par MacRumors
The focal point of the report is Apple's decision to comply with a 2016 law that requires all personal information and data collected in China to be kept in China, which has led Apple to build a China data center and relocate Chinese customers' iCloud data to China, managed by a Chinese company.
Apple fought against China's efforts to gain more control over customer data, but given China's leverage over Apple, Apple had no choice but to comply. There were initially disagreements over the digital keys that can unlock iCloud encryption. Apple wanted to keep them in the United States, while Chinese officials wanted them in China.
Ultimately, the encryption keys ended up in China, a decision that 'surprised' two unnamed Apple executives who worked on the negotiations and who said that the decision could potentially endanger customer data. There is no evidence that the Chinese government has access to the data, but security experts have said that China could demand data or simply take it without asking Apple, especially given compromises in encryption key storage and the fact that a third-party company manages customer data on Apple's behalf.
'The Chinese are serial iPhone breakers,' said Ross J. Anderson, a University of Cambridge cybersecurity researcher who reviewed the documents. 'I'm convinced that they will have the ability to break into the servers.'
In a statement, Apple told The New York Times that it 'never compromised' the security of users or user data in China 'or anywhere we operate.' Apple says that it still controls the keys that protect the data of Chinese customers, and the China data center is using the most advanced encryption technology available, which is more advanced than what Apple uses in other countries.
Apple has also been removing apps from the App Store in China at the request of the Chinese government after China began requiring an official license to release an app. Apple told The New York Times that it has done so to comply with Chinese laws.'These decisions are not always easy, and we may not agree with the laws that shape them,' the company said. 'But our priority remains creating the best user experience without violating the rules we are obligated to follow.'The New York Times' report goes into much more detail on the compromises that Apple has made in China, and it is well worth reading in full.Tag: ChinaThis article, "Apple's Security Compromises in China Outlined in New Report" first appeared on MacRumors.comDiscuss this article in our forums
59 sources (15 en français)
lun. 14 juin - 05:55 CEST