I understand the technologies they're proposing deploying at a decent level (I couldn't implement the crypto with my current skills, but what they're doing in the PSI paper makes a reasonable amount of sense).
The problem is that this "hard" technological core (the crypto) is subject to an awful lot of "soft" policy issues around the edge - and there's nothing but "Well, we won't do that!" in there.
Plus, the whole Threat Model document feels like a 3AM brainstorming session thrown together. "Oh, uh... we'll just use the intersection of multiple governments hashes, and, besides, they can always audit the code!" Seriously, search the threat model document for the phrase "subject to code inspection by security researchers" - it's in there 5x. How, exactly, does one go about getting said code?
Remember, national security letters with gag orders attached exist.
Also, remember, when China and Apple came to a head over iCloud server access, Apple backed down and gave China what they wanted.
Even if this, alone isn't enough to convince you to move off Apple, are you comfortable with the trends now clearly visible?
And if those are all that's left that meet your criteria for a non-abusive platform, then... well, that's what you've got to work with. Maybe try to improve those non-abusive platforms.
I'm rapidly heading there. I'm pretty sure I won't run Win11 given the hardware requirements (I prefer keeping older hardware running when it still fits my needs) and the requirement for an online Microsoft account for Win11 Home (NO, and it's pretty well stupid that I have to literally disconnect the network cable to make an offline account on Win10 now, and then disable the damned nag screens).
If Apple is going full in on this whole "Your device is going to work against you" thing they're trying for, well... I'm not OK with that either. That leaves Linux and the BSDs. Unfortunately, Intel isn't really OK in my book either with the fact that they can't reason about their chips anymore (long rant, but L1TF and Plundervolt allowing pillage of the SGX guarantees tells me Intel can't reason about their chips)... well. Hrm. AMD or ARM it is, and probably not with a very good phone either.
At this point, I'm going down that road quite quickly, far sooner than I'd hoped, because I do want to live out what I talk about with regards to computers, and if the whole world goes a direction I'm not OK with, well, OK. I'll find alternatives. I accept that unless things change, I'm probably no more than 5-10 years away from simply abandoning the internet entirely outside work and very basic communications. It'll suck, but if that's what I need to do to live with what I claim I want to live by, that's what I'll do.
"I think this is a terrible idea and I wish Apple wouldn't do it, but I don't care enough about it to stop using Apple products" is a perfectly reasonable stance, but it does mean that Apple now knows they can do more of this sort of thing and get away with it. Good luck with the long term results of allowing this.
> And if those are all that's left that meet your criteria for a non-abusive platform, then... well, that's what you've got to work with. Maybe try to improve those non-abusive platforms.
There's always the potential to work on the underlying laws. Not every problem can be solved by tech alone.
The problem is that this "hard" technological core (the crypto) is subject to an awful lot of "soft" policy issues around the edge - and there's nothing but "Well, we won't do that!" in there.
Plus, the whole Threat Model document feels like a 3AM brainstorming session thrown together. "Oh, uh... we'll just use the intersection of multiple governments hashes, and, besides, they can always audit the code!" Seriously, search the threat model document for the phrase "subject to code inspection by security researchers" - it's in there 5x. How, exactly, does one go about getting said code?
Remember, national security letters with gag orders attached exist.
Also, remember, when China and Apple came to a head over iCloud server access, Apple backed down and gave China what they wanted.
Even if this, alone isn't enough to convince you to move off Apple, are you comfortable with the trends now clearly visible?