Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This whole thing is reminding me of the outrage over Apple and Google's privacy preserving 'Exposure Notification System' system from the Covid years. It defies intuition that they can alert you to exposure without also tracking you, but indeed that's what the technology lets you do.

Similarly here, it feels like the author is leaning into a knee jerk reaction about invasion of privacy without really trying to evaluate the effectiveness of the technologies here (client side vectorization, differential privacy, OHTTP relays, and homomorphic encryption).

Though I 100% agree Apple should ask the user for consent first for a feature like this.



I would love to evaluate the privacy of these technologies.

Someone reply with a link to the source code so I can see exactly what it is doing, without having to take an internet rando's word for it.

Better yet, let me compile it myself.


You can start with this https://github.com/apple/swift-homomorphic-encryption

Of course it is not the whole technology stack, but it is something at least. If your evaluation leads to potential problems, you can create issues right there on the github project!


If you have the capability to actually skillfully analyze this type of crypto, disassembling the binaries from your device (or at the very least, an ipsw for your device) should be trivial.

After all, you wouldn’t actually be trusting the source code given to you to match what’s running on your device, would you?


Reverse engineering is a separate skillet on its own, on top of the other ones you need to read the source code and good developers aren't necessarily good at that.

> After all, you wouldn’t actually be trusting the source code given to you to match what’s running on your device, would you?

That's why the best practice in the industry follows reproducible builds.


You had better build your own silicon chips and phone hardware as well in that case.


Don't let perfect be the enemy of good.


That's what rallying against Apple in the name of privacy is already...


Are you saying we shouldn't hold Apple accountable for privacy encroachments then?


I don't think this is. I think this is well within the search improvement config that started in like iOS 15.


So my options are unreservedly trust Apple or etch my own transistors? Who pays your salary, Rando?


The comment I was replying to was stating that source code was necessary to solve privacy, I just said you’d need to get down to silicon if you’re going that far. Don’t be rude. I’m unemployed right now.


That COVID feature was opt-in. Author is complaining about a lack of opt in now.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: