upvote

points

by criley28 hours ago |
comments
upvoteby brookst7 hours ago|
[-]
You should read the paper.

Like any good security paper, it doesn’t assert immunity to particular parties. Instead, covers things like how PCC attests that the running software image is identical to the publicly-available, forensically-studied one.

Fear is real for sure, but don’t let fear be an excuse to lose rigor in thinking.

reply
upvoteby TalkingCodeMonk6 hours ago|
parent|
next
[-]
What if the CA certs are compromised, as was alluded to for GCP in the Snowden leaks?

All server security measures are irrelevant if every client req/res is dragnet siphoned off to NSA servers in plaintext. It would also afford the corporation deniability even if they were aware or involved.

This is why everything than can feasibly be E2EE (or performed locally) should be, unless the data is explicitly public. There are too many opportunities for compromise even when the provider has the best of intentions, and ruling class psychopaths aren't intentionally destroying democracy or implementing big brother.

reply
upvoteby brookst6 hours ago|
parent|
[-]
I’m having a hard time parsing that.

Are you suggesting that PCC specifically is sending things in plaintext, or that the security promises in the server and arch are false, or that a compromised CA means… IDK what?

I’m with you on the big principles, but are you implying more specific attack vectors or just kind of maybe everything could be compromised somehow?

reply
upvoteby TalkingCodeMonk5 hours ago|
parent|
[-]
> In an NSA presentation slide on “Google Cloud Exploitation,” however, a sketch shows where the “Public Internet” meets the internal “Google Cloud” where their data reside. In hand-printed letters, the drawing notes that encryption is “added and removed here!”

http://web.archive.org/web/20140101231153/https://www.washin...

https://blog.cryptographyengineering.com/2013/09/06/on-nsa/

reply
upvoteby criley27 hours ago|
parent|
prev|
[-]
This is a non-answer, and in fact, a statement like "don't let fear be an excuse to lose rigor in thinking" in response to my question "how verifiable are their claims" is insulting and sloppy. Rigor in thinking includes human discussion and humans asking questions, but yet you shot that down.

ChatGPT, do what this user wouldn't, and answer the dang question:

> No, Apple cannot verify that Private Cloud Compute is completely immune to nation-state actors, contains no zero-days, or could never be subjected to secret legal compulsion. Nobody can honestly establish those absolutes for a complicated, evolving computer system operating across multiple jurisdictions.

> What Apple has done is more meaningful than ordinary corporate “due diligence,” however. PCC is specifically engineered to make clandestine access—whether by hackers, insiders, or governments—technically difficult, difficult to target, and more likely to leave externally detectable evidence...

> Against ordinary attackers, rogue employees, conventional cloud administrators and routine government data requests, PCC appears exceptionally strong for a cloud AI service.

> Against a targeted nation-state willing to combine zero-days, supply-chain compromise, endpoint exploitation, legal pressure and secrecy, the right description is: Highly resistant, deliberately difficult to target, and unusually auditable—but not immune.

Thanks ChatGPT. Don't know why I bother to ask humans anymore, it's StackOverflow the whole way down.

reply
upvoteby chipotle_coyote6 hours ago|
parent|
[-]
"I did not like your answer, therefore I will use the 100% reliable, bullet-proof method of having an algorithm generate the statistically most likely words that form a plausible answer to my question."
reply
upvoteby TalkingCodeMonk5 hours ago|
parent|
[-]
If you knew what you were talking about, you would've already used your brain to verify that ChatGPT's response was accurate.
reply