0:00

Hello and welcome to a

0:02

free preview of sharp tech.

0:04

One related question

0:06

and something that

0:08

has perplexed me this

0:11

entire time, why does the

0:13

UK government think it's entitled

0:15

to have backdoor access to

0:18

advanced data protection users all

0:20

over the world? Like is

0:22

there some aspect of... advanced

0:25

data protection that means any

0:27

backdoor would have to be

0:29

implemented globally because like on

0:32

its face it seems insane

0:34

for the UK government

0:36

to demand access to encrypted

0:38

data of American users or

0:41

Australian users or Japanese users like

0:43

that's the piece where it's hard to

0:45

be all that sympathetic to the UK

0:47

here. Yeah well that's also why this

0:50

story isn't over. So, so, so, I

0:52

mean, it's a very good question. I

0:54

think just to, you know, when you

0:56

think about this changing of the

0:58

balance by Apple, there is a

1:00

bit where people like, why are

1:02

you upset, Ben, we're just going

1:04

back, the UK just wants to

1:06

go back to where we were.

1:08

And I think the problem is, it's

1:11

a real problem to introduce

1:13

the norm of building back

1:15

doors into encryption. And,

1:17

and so in suburbs, that's why.

1:20

That's why I added that extra

1:22

update. We're saying, look, Apple's a

1:24

little bit to blame here as

1:27

well, because they shifted us to

1:29

a place where the only answer

1:31

is a backdoor if you're going

1:34

to satisfy law enforcement. And that's

1:36

bad. And so the, the, why everywhere?

1:38

I don't know. I mean, I

1:40

think the UK has a hard time.

1:43

I mean it's hard to like

1:45

do this without psychoanals analyzing

1:47

the UK and their previous

1:49

sort of ruling the world

1:51

mindset and the fact that

1:53

they don't anymore there's some

1:55

speculation the US national security

1:57

apparatus is on board with them doing

1:59

that because can't do it so can

2:01

they do it on our behalf

2:04

you know the so I I

2:06

don't I mean there's also the

2:08

fact that you know data is

2:10

inherently international like like what do

2:12

what do borders mean in a

2:14

world like if the point of

2:16

this is international terror networks like

2:18

yeah what's the point of a

2:21

border situation this is where but

2:23

this gets at why it's not

2:25

resolved yet Apple's response which

2:27

again I think was

2:29

perfectly predictable and understandable and

2:32

I think it behooves everyone

2:34

to stop right here, is

2:36

basically turning off advanced data

2:38

protection in the UK, which is

2:41

we're not going to put a

2:43

backdoor, we'll just remove this feature.

2:45

And I think that is a

2:47

justifiable place. It basically reverts, this

2:49

is a better way to get back to

2:51

the uneasy compromise than to

2:53

institute a norm. of putting back

2:56

doors into data and to introduce

2:58

the blindness of a Kalea type

3:00

solution where you're putting it a

3:02

back door and someone might break

3:04

through and you have no idea.

3:06

Exactly. It puts all of that

3:08

data at risk. I mean, and

3:10

that's right. It's better data all

3:12

over the world. It's better to

3:14

know my data is insecure than

3:16

to think it's actually not, right?

3:18

So I think this is a

3:20

good place. Let's stop here. It

3:22

makes sense. It seems like the

3:24

only way Apple could have responded

3:26

to this when you really sort

3:28

of game out the possibilities. I

3:30

know so I don't understand why

3:33

it's stunning. I mean the three

3:35

options Apple had was one you

3:37

can provide the UK authorities with

3:39

access to or backdoor access to

3:41

worldwide user data which potentially puts

3:43

all of that at risk. That's

3:45

untenable for Apple. You could pull

3:47

advanced data protection from the UK

3:49

which is what they did which

3:51

does ultimately make it. easier for

3:53

the UK government to access UK

3:55

users information. You could also just

3:57

completely pull iCloud services from the

3:59

region. which would protect UK users

4:01

from potential intrusions into their Apple

4:03

data, but deny them of I-Cloud

4:05

services and deny Apple of that

4:07

revenue? Well, it also sort of

4:10

makes your phone unusable. I mean,

4:12

so many apps and things rely

4:14

on I-Cloud. I mean, the problem

4:16

is that they are not satisfying

4:18

that. Like this technical directive, again,

4:20

applies so that they have worldwide

4:22

access. And Apple is not satisfying

4:24

that. I don't see how they

4:26

could satisfy that. I think the

4:28

UK should be satisfied with what

4:30

Apple gave them. And if they

4:32

keep pursuing this saying, that's nice,

4:34

you turn it off for the

4:37

UK, no, we want it for

4:39

the world, I don't think they're

4:41

going to like how that story

4:43

ends. I don't see any world

4:45

in which Apple, again, I... I've

4:47

had lots of critiques about Apple's

4:49

framing of privacy and the way

4:51

I think they've used it in

4:53

an anti-competitive way against entities like

4:55

Facebook, but I don't, that is,

4:57

that doesn't mean I dismiss it

4:59

or not think it's a real

5:02

commitment. And Apple's not going to

5:04

do this for worldwide. just to

5:06

stay in the UK market, right?

5:08

Like I just don't, like that

5:10

was the next step. My first

5:12

step was Apple's gonna pull ADP

5:14

in the UK. The next question

5:16

is if the UK says, sorry,

5:18

not good enough, we asked for

5:20

worldwide access. Like, I see it,

5:22

I have a hard time seeing

5:24

it playing out any other way.

5:26

So I also want to read

5:29

just a sampling of the pushback

5:31

while we're here before we shift

5:33

gears. Tim Sweeney writes. Crazy Apple

5:35

PR spin being paraded here through

5:37

different partisan channels. Apple just compromised

5:39

all UK users by removing iCloud

5:41

encryption and are having reporters say

5:43

it was a brave act of

5:45

rebellion. They think we're all idiots.

5:47

Apple customers and Apple employees alike.

5:49

And then he added, the Apple

5:51

PR propaganda on this one is

5:53

strong. Typically respectable reporters are touting

5:56

Apple compromising encryption in the UK

5:58

as somehow rebelling and refusing to

6:00

build a backdoor. Folks, Apple just

6:02

opened the front door. Do you

6:04

have takes on that particular line

6:06

of attack? Yeah it's really stupid

6:08

and it honestly delegitimizes a lot

6:10

of Tim Sweeney's Apple critiques. I

6:12

mean like this is a problem

6:14

partisans fall into like Sweeney has

6:16

been fighting Apple for years and

6:18

years and years and so the

6:21

immediate interpretation is the worst possible

6:23

one that seems to lack any

6:25

sort of understanding or context. Like

6:27

large companies have to follow the

6:29

laws. That's why Tim Sweeney's been

6:31

trying to get the law changed

6:33

like in the EU and that

6:35

is trying to hold Apple's feats

6:37

to the fire to follow the

6:39

law. totally legitimate. In this case,

6:41

what does he expect Apple to

6:43

do? Right. Like, to defy the

6:45

UK's law, then what? I mean,

6:48

it's, it's asinine. That's the piece

6:50

of it that's honestly confusing to

6:52

me as a media consumer because

6:54

Tim Sweeney also surfaced this tweet

6:56

from Aaron Wolf and said Apple

6:58

could easily have built their products

7:00

in such a way that their

7:02

answer to the UK government would

7:04

be we just sell computers to

7:06

our customers and then they decide

7:08

to use encryption. You have to

7:10

coerce them, not us. Instead, they

7:13

built an entire ecosystem in which

7:15

Apple maintains complete control over how

7:17

their computers are used. Now governments

7:19

are coercing Apple. This was very

7:21

predictable. I mean, what's the alternate

7:23

scenario in which Apple isn't vulnerable

7:25

to this kind of pressure? Like,

7:27

what's the world they want to

7:29

see? No, it's very easy. You

7:31

don't set up by cloud on

7:33

your computer, which you can do

7:35

with, which you can do with,

7:37

which you can do. I mean,

7:40

I don't know if you can

7:42

do on an iPhone, you can

7:44

certainly do it on a Mac.

7:46

Like it's what I talked about

7:48

before you set up your own

7:50

backup server you set it or

7:52

you don't back up you don't

7:54

worry about it. You like the

7:56

reality is is Apple has done

7:58

what I think needs to be

8:00

done and appropriately so which is

8:02

the one thing you are incapable

8:04

of doing as a consumer is

8:07

having on device encryption that that

8:09

is like encryption you have to

8:11

have to have a seed you

8:13

have to have something at the

8:15

core that to sort of build

8:17

the whole encryption on top of.

8:19

That is in Apple's chips. That's

8:21

in the secure enclave. If you're

8:23

just building on software, anyone who

8:25

gets, basically anyone who gets root

8:27

to a system has access to

8:29

everything. It's in, so unless you're

8:32

out there building your own chips

8:34

and building your own computer, at

8:36

some point, you have to trust

8:38

someone. if you're going to have

8:40

viable encryption. And frankly, I just

8:42

would expect these people to understand

8:44

how this stuff works. And I

8:46

think they do, which makes me

8:48

frustrated about this discussion, because it's

8:50

kind of fundamentally dishonest in that

8:52

regard. I think my... I've been

8:54

very clear in my criticism of

8:56

Apple, especially on some of these

8:59

privacy points about going over the

9:01

top, but you have to be

9:03

honest about the reality, the water

9:05

you're swimming in, and what Apple

9:07

provides, and I think them for

9:09

it, is they give the root

9:11

level security and belief that you

9:13

can have fully encrypted data. on

9:15

your device. And if you take

9:17

the necessary, does Apple make it

9:19

super easy and obvious to link

9:21

your device to their cloud services?

9:24

Yes, they do. And they do

9:26

that because they're trying to build

9:28

products that people like. And people

9:30

like having backups. They like being

9:32

able to go on the website

9:34

and access their photos. They like

9:36

knowing if their device drops in

9:38

the ocean, they're not going to

9:40

lose pictures of Charles hitting Rose.

9:42

Like, like, there's this. delusion that

9:44

people live in, that's not the

9:46

real world. If you want to

9:48

go the Richard Stallman route and...

9:51

try to build all your own

9:53

pieces, go ahead, it's going to

9:55

suck to use, and also you're

9:57

still dependent on the root provider

9:59

of security, whoever that might be.

10:01

It's not you because you can't

10:03

build your own chip. And wouldn't

10:05

it be less secure in that

10:07

scenario? Once you start introducing... No,

10:09

it's not. Like I mean, Intel

10:11

has a similar concept with their

10:13

chips or chipmakers do, but you're

10:16

depending on them that there's not

10:18

some sort of backdoor. This is

10:20

just the reality. Would not and

10:22

should not give into the UK

10:24

because this is the real thing.

10:26

I need Apple to be trustworthy

10:28

for me to believe that my

10:30

device is trustworthy Because at the

10:32

other day, I can't build that

10:34

I can take care of my

10:36

own backups I can take care

10:38

of lots of things, but I

10:40

need to spend depend on the

10:43

root provider to be trustworthy and

10:45

Apple Say whatever you want and

10:47

I said plenty criticizing them about

10:49

these issues I do trust them

10:51

that the core device is secure

10:53

and that's why I salute them

10:55

for standing up in the San

10:57

Bernardino case And that's why I

10:59

salute them for backing out of

11:01

the UK here I don't want

11:03

the company that I provide on

11:05

to provide a level of security

11:07

that I cannot provide on myself

11:10

to get into the backdoor building

11:12

habit And it's insane to do

11:14

to do to say otherwise and

11:16

so The reality is if you

11:18

want Aaron Wolf's world, number one,

11:20

you're gonna have to depend on

11:22

someone at the root. And after

11:24

that, you can do it all

11:26

yourself. You can build a fully

11:28

open source stack. You can have

11:30

your own device, but someone has

11:32

to provide that chip. Someone has

11:35

to provide that core. That's what

11:37

I was asking is. If you're

11:39

building your own stack, it's probably

11:41

going to be less secure than

11:43

what Apple has established over the

11:45

last 30 years. Apple hasn't been

11:47

act. And that's part of the

11:49

appeal and part of what they're

11:51

selling. Yeah, if you want to

11:53

be like a out there sort

11:55

of like conspiracy theory saying that

11:57

Apple, you know, the NSA has

11:59

a backdoor. Whatever, that's fine. Maybe

12:02

they do, maybe they don't. I

12:04

can't afford to live my life

12:06

worrying about that. And so it

12:08

sort of is what it is.

12:10

I'm not sort of... I mean,

12:12

you're not committing crime at like

12:14

a worldwide scale either. I don't

12:16

really worry about this stuff very

12:18

much. Well, some just checkered critics

12:20

might... No, just kidding. So you

12:22

have the... So this is just

12:24

a fundamental reality is whoever controls

12:27

root controls everything. And so... None

12:29

of us have the capability of

12:31

controlling root when it comes to

12:33

computing. So we have to choose

12:35

someone to trust. And that's why

12:37

it's essential Apple do, number one,

12:40

do exactly what they did,

12:42

which is not build a back

12:44

door. And number two, why if

12:46

you want to critique Apple, it's

12:48

actually the exact opposite. It's they

12:50

should have never pushed it so

12:52

far. They should have been okay

12:54

with the uneasy compromise and introducing

12:56

advanced data protection. In the short term,

12:59

yes, we're making it more secure,

13:01

but you didn't think through the

13:03

second and third order effects, which

13:05

is you're inviting this sort of

13:08

confrontation, which potentially compromises the entire

13:10

stack. Interesting, yeah. Well, we'll see

13:12

what the UK pushes for going

13:14

forward. It hadn't occurred to me that

13:16

the UK could continue this fight as

13:18

we move forward. I thought things were

13:21

pretty much resolved on Friday, but... They

13:23

should be resolved if they're not dumb.

13:26

All right, and that is the end of

13:28

the free preview. If you'd like to hear

13:30

more from Ben and I, there are links

13:32

to subscribe in the show notes, where you

13:34

can also go to Sharptec.fm.

13:36

Either option will get you access

13:39

to a personalized feed that has

13:41

all the shows we do every

13:43

week, plus lots more great content

13:45

from Strutecory and the Strutecory Plus

13:47

bundle. Check it out, and if

13:49

you've got feedback, please email us

13:52

at email at Sharptec.com.