upvote

points

by jandrewrogers3 hours ago |
comments
upvoteby simjnd2 hours ago|
next
[-]
It would only be a backdoor if it's implemented as a backdoor.

The way Apple Health exchanges data with 3rd-party trackers (Fitbit, Garmin, etc.) is very well built and a good model of how other components in iOS could allow data exchange with very granular permissions.

Apple touts the "Private Cloud Compute". If they found a way to share your personal context to process on their cloud in a private and anonymized way, there is no reason the same process couldn't be used to handoff data to a 3rd party AI provider.

reply
upvoteby jandrewrogers2 hours ago|
parent|
[-]
The technical problem is nothing like exchanging data with fitness trackers.

One of the issues here is that there are many people with strong opinions that don't understand the thing they have strong opinions about. Which is the normal state of human affairs.

reply
upvoteby simjnd2 hours ago|
parent|
[-]
Indeed but you ignore my second paragraph: they have developed (and 3rd-party audited) a way to handoff all the data (parts of your Personal Context, etc.) to their cloud servers in a privacy preserving way on-device. Why couldn't the same process could be used to handoff the data to a 3rd-party AI provider? (genuine why, if you have an understanding of the thing you have a strong opinion about I'd genuinely appreciate the answer)

It looks like Apple is framing this as a privacy issue as a marketing tactic so that consumers will blame the EU when Apple COULD implement it without endangering privacy.

reply
upvoteby theshrike792 hours ago|
parent|
next
[-]
Apple PCC is using completely mad and paranoid amounts of security down to hardware and firmware level making sure nobody at any point of the supply chain can access the data.

EU can’t and won’t enforce the same rigour for 3rd party cloud AI. Which is the problem for Apple.

If said 3rd party service leaks private data, guess which company is going to be in the BIG HEADLINE and which one will hardly be mentioned in the news?

reply
upvoteby benoau1 hours ago|
parent|
next
[-]
They've just announced PCC for Google Cloud using Nvidia GPUs and Intel CPUs so it would probably run on just about anything -

https://security.apple.com/blog/expanding-pcc/

reply
upvoteby simjnd1 hours ago|
parent|
prev|
next
[-]
Ah, I see. I overestimated the amount of stripping / anonymization that was being done on device. Thought the server-side could be quite generic. Thanks!
reply
upvoteby bigyabai1 hours ago|
parent|
prev|
[-]
> EU can’t and won’t enforce the same rigour for 3rd party cloud AI. Which is the problem for Apple.

Why should they? If the user decides to trust a third party, Apple shouldn't retain veto power for the customer's choice.

This is how macOS treats apps like OpenClaw. It can absolutely work for iOS too.

reply
upvoteby JumpCrisscross2 hours ago|
parent|
prev|
next
[-]
> Why couldn't the same process could be used to handoff the data to a 3rd-party AI provider?

You have more safeguards if it’s running on your own metal. It’s reasonable to want to understand that better, perhaps with your own red team, before opening up customer data to actual potential hostiles.

reply
upvoteby simjnd1 hours ago|
parent|
[-]
Yeah I overestimated the amount of stripping / anonymization that was being done on device and didn't realize how much plumbing was required server-side too to have good enough privacy guarantees
reply
upvoteby spullara2 hours ago|
parent|
prev|
[-]
The 3rd party firm is the one that wants the data. No need for someone to steal it from them.
reply
upvoteby t-sauer27 minutes ago|
prev|
next
[-]
> I understand Apple's position on this one

Well then explain me this: There are absolutely no restriction on MacOS where I can give Claude free access to everything. If you are a Mac and iPhone user that essentially gives it access to the exact same data. Why is the data only protect worthy when accessed on the phone directly?

reply
upvoteby xlii2 minutes ago|
parent|
[-]
[delayed]
reply
upvoteby flaunf2211 hours ago|
prev|
next
[-]
> This is essentially a backdoor into all of your data.

This is the rhetoric used against right to repair. "What if enemies get access to our citizens' data if we allow anyone but us to repair your car?"

reply
upvoteby superxpro121 hours ago|
parent|
next
[-]
The hypocrisy is easily explained by the overall attack on ownership... you dont own your own data. you dont own your car, your phone, your pc. Everyone wants to own all your stuff...
reply
upvoteby HappyPanacea50 minutes ago|
parent|
prev|
[-]
I have never seen this argument against (admittedly I'm not big into such debates) right to repair, did it came up somewhere?
reply
upvoteby flumpcakes2 hours ago|
prev|
next
[-]
iPhones have pretty good privacy controls. I don’t see how they can’t extend those to cover AI apps. I imagine the settings menu will get bonkers though. User education about apps slurping up all your data is needed regardless. People just trust apple with their talk of private cloud computing.
reply
upvoteby andix2 hours ago|
prev|
next
[-]
> This is essentially a backdoor into all of your data.

No. Only if you would consider the Linux/macos/windows filesystem API a backdoor too. On your desktop any app with sufficient permissions can read all your data. Would you call that a backdoor?

reply
upvoteby 1 hours ago|
parent|
[-]
deleted
reply
upvoteby iAMkenough1 hours ago|
prev|
[-]
Why do you use the phrase backdoor?

Is Apple incapable of designing a permissions system that allows a user to grant access to email and messages to an app of their choice?

We already download apps and grant them permissions to subsections of personal data on our devices.

I don’t believe Apple is incapable of designing a system that respects a user’s choices and granted permissions.

reply