387 comments

[ 4.5 ms ] story [ 308 ms ] thread
Apple caved under pressure from China. The explanation Cook gave is not just an embarrassment, it calls into question the veracity of all of his other statements.

Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?

And why should the US government be satisfied with a fully encrypted iMessage given that Apple will cave to demands given enough pressure?

Because Apple has already gotten away with giving the US government the finger over cracking iPhones at the request of the FBI and they backed down.

American politicians are in their pocket. Chinese not so much.

Users buying what you’re asking on the other hand :man-shrugging:

I agree that Apple's stated rationale for removing the HKmap.live app is embarrassing and the removal is a capitulation to China's government.

The reasons China's government has decried the app are bogus, but those false reports and allegations do not originate with Apple.

However, Apple appears to be accepting those reasons at face value and probably because Apple is kowtowing.

Regarding whether iMessage is free from backdoors, Apple has given no reason for anyone to believe they are outright lying about the technical features of their software and hardware or their position regarding privacy.

In other words, Apple appears to be caving into pressure from the Chinese government and Apple are openly admitting this surrender.

However, Apple has not to date lied about what they are doing and we do not yet have a reason to doubt their representations about the security of their encryption.

> Regarding whether iMessage is free from backdoors, Apple has given no reason for anyone to believe they are outright lying about the technical features of their software and hardware or their position regarding privacy.

Except if you live in China and have backups/storage on iCloud used by the various things you do with your iPhone.

You can lie by omission. iMessage depends on IDS Directory Servers for two phones to exchange public keys. If China can spoof or run their own IDS Directory Server, they can potentially execute a man-in-the-middle attack.
So you are saying that an organization that supports false accusations by others, but is not known to originate them, should be given the benefit of the doubt about assertions they originate.

Here is another model: an organization that supports falsehoods to placate someone powerful in a small matter, like hosting an app, can be trusted to placate the powerful in a more important matter.

OT: Appropriately TIL kowtow is a word that came from China

early 19th century: from Chinese kētóu, from kē ‘knock’ + tóu ‘head’.

> However, Apple has not to date lied about what they are doing and we do not yet have a reason to doubt their representations about the security of their encryption.

Today, they showed that they are willing to lie under sufficient influence.

This sole data point is sufficient to tarnish what was assumed to be a perfect record.

There is no such thing as 99.999% integrity. Apple either has 100% integrity or is inviting you to play russian roulette with it’s products and services.

We might have already rolled the dice enough times - 1.4e9 active devices trusting apple about 10 times a day for 282 days this year = 3.948 trillion rolls of the dice. A 0.001% chance of betrayal by Apple is 39.4 million betrayals this year (approximately the population of Canada)

> However, Apple has not to date lied about what they are doing and we do not yet have a reason to doubt their representations about the security of their encryption.

Did you read the original link, or the memo it linked to?

"the app was being used maliciously to target individual officers for violence and to victimize individuals and property where no police are present."

This was written by Tim Cook, speaking for Apple. That is Apple lying about what they are doing.

>That is Apple lying about what they are doing.

That is a ludicrous interpretation of that statement, in my opinion. Apple is being told by the government of a nation they're operating under that the law has been broken and that those things happened. What is Apple supposed to do in this case? Tell China "we don't believe you" and then what? You think China is going to change its tune? Or do you think Apple can get away with saying "Ok, fine! We're not going to do business here!" with zero repercussions?

This is not Apple lying. This is Apple making public what they were told by the Chinese government. Apple is not the bad guy here. China is.

The US isn't a closed market and can't effectively eject Apple from the market. While I disagree with the choice Apple made, it's a very rational one. Permanent removal from China would probably be worse for freedom in China over 20 years, and massively worse for Apple in the short term.

No company should be expected to back or foment a revolution somewhere, from my perspective they're looking out for their own beet interest and the best interest of their customers.

> Permanent removal from China would probably be worse for freedom in China over 20 years,

I'm curious about how you came to this conclusion.

Because they would be replaced by local Chinese companies.

Are you saying that would have no effect on freedom for the users?

(comment deleted)
If Apple capitulates to every demand the Chinese government makes then perhaps there isn’t much of a difference.
Right. But of course the Chinese government has asked Apple for a backdoor, and (to our knowledge) Apple has not provided that. So long as that's true, an iPhone really is one of the most secure option for Chinese residents.
> (to our knowledge)

This is really the key phrase here. What we know for sure is: Google and Facebook services do not work in China while Apple and Microsoft's do.

Actually, to our knowledge, they provided exactly that.
Apple is open about the fact that their cloud services are operated by a Chinese company in China. No Chinese company has the option of refusing government demands for access to information. Therefore, at least the cloud services should be considered backdoored.
Agreed, not to hijack, but I fail to see the that $ORG not being at the table Vs. them constantly redefining morality for their actions to be at the table to be a less worse outcome.
I think the act of them being at the table is more likely to move the needle on the Chinese side.
For one thing, pretty much every Android device made for the Chinese market has had its OS adulterated in some way, at OEM build time, at the behest of the Chinese government. Whereas, Chinese resellers can't really adulterate an iPhone's OS; there's just the one OS image (per model), signed and sealed by Apple, and if China wants to put a rootkit on it, they'd have to convince Apple to put it into that same base-image where any random security researcher (outside of China's reach to quash publication) might find it.

(And yes, either way the phone's baseband will be adulterated by Chinese ISPs at the government's behest, but modern smartphones isolate themselves from their baseband pretty well, so this only matters if you're using your phone as a phone [calling/texting], instead of as a tablet with a data modem.)

No point in debating the details of which tech is more secure or what is encrypted or adulterated or whatever. Apple has made it clear that they will make sure the Chinese gov't gets what it wants. Even in a supposedly "autonomous" Hong Kong, China complains and Apple submits--flags, apps, speech, whatever. No need to even go to court, and certainly no point.

So Apple has made it clear that if China wants something, the tech details won't matter. "Oh, I'm sorry, we don't have that information to give you." "Well, start keeping it from now on, but don't tell them, because telling them would offend us, and you don't want that...."

It's not "whatever." Apple has removed emoji and an app; they don't provide the government with backdoors or biometric data. There really is a line.
Why do you think there's a line? What is that based on?
https://www.independent.co.uk/life-style/gadgets-and-tech/ne...

2018:

"The iPhone maker’s latest Transparency Report reveals it received 32,342 demands from governments around the world to access 163,823 devices, with 80 per cent of the requests granted."

Come on, seriously? This is what they ADMIT to worldwide.

Here's on China: https://www.apple.com/legal/transparency/cn.html

Again, what they admit to. And that's only on the second half of 2018. With all their regular anti-consumer practices on hardware, you're really going to imagine they're champions of individual freedoms and privacy?

Apple's iCloud servers for Chinese users are located in China, run by a Chinese tech service provider and provides them with the keys - as stipulated by the Chinese government. Of course the government has access to the data.
iCloud is backdoored at the server for all users in China.
"So Apple has made it clear that if China wants something, the tech details won't matter."

This is an interesting statement and has important implications here in the United States as well: who's the bigger entity? The Multinational Megacorporation or the Country? Who dictates terms to whom? If a company wishes to do business in a country shouldn't they be expected to follow their laws? We need to be very careful in how we answer this question because we're at risk of losing our own democracy to a corporatacracy.

Well, you're pretty close here.

Yes, the iPhone has the best secure enclave.

However, there is nothing stopping Apple from making separate builds with extra "features" for the Chinese market, and installing them. Same keys, OS version chosen by region. Boom. Chinese version acceptable to Chinese government, rest of the world secure. Easy.

From my experience in this area, I would expect the Ministry of Industry and Information Technology to accept nothing less.

>Permanent removal from China would probably be worse for freedom in China over 20 years

How does Apple advance freedom in China?

I'm presuming a local company would be even more willing to bend than Apple is, and would do so more often.
Spyware is routinely found preinstalled on Chinese branded phones, and Chinese border guards will install spyware on tourists' Android phones. iPhone users are much better protected from this stuff.

1: https://www.cyberscoop.com/android-malware-china-huawei-zte-...

2: https://9to5mac.com/2019/07/03/spyware/

Spyware is also found in iOS in China via iMessage so what’s your point?
If we don’t talk about zero day vulnerability, which may be used by government to spy citizens, iMessage is end to end encrypted and secure.

Chinese local chat app like WeChat, or customized Android from Xiaomi or Huawei, they have back doors, which allow Chinese gov access data directly.

Spyware from unintentional vulnerability vs. intentional back doors are different.

If your phone is backed up to iCloud, and your phone (or iCloud account, it's not clear) has the region set to China, then your messages are most likely accessible by the Chinese government, because Apple's cloud services are operated by a Chinese company in China, and Chinese companies don't have the option of resisting information requests from the government.
How would permanent removal be worse? iMessage is not magically more free than other messaging apps available in China.
(comment deleted)
Let’s call it what it is: bribery and corruption. It’s under the guise of market access, but it’s effectively still a payout by a government to do that you’re told. Apple wants to have it both ways, we are a moral authority in the US where we don’t have to worry about government interference but because we want access to the China market we’ll do whatever the government tells us to do. How much more dependent does China need to be before China can control other behavior it doesn’t like.
> Permanent removal from China would probably be worse for freedom in China over 20 years

If there is one myth that the past couple of weeks have conclusively debunked, it is the idealistic conceit that the presence of western businesses in the Chinese market will inevitably liberalize China.

I wonder if the backlash will form the opposite theory? Will people try to make the firewall bidirectional to prevent this type of global censorship?
Past couple of weeks? Developing China's economy and integrating it into world markets with the expectation that it would liberalize China has been a pipe dream for a good 30+ years now.
I honestly don't care when Apple complies with local law a la iCloud China. I think that is disappointing but completely reasonable, whether we agree with the law or not.

However, Hong Kong is a special administration region, and has historically enjoyed high level of judicial independence. When Apple takes the clue from a Chinese government newspaper - not even a legal request - and do the CCP's bidding proactively, it crosses a line. This is not compliance. This is self-censor.

You can argue that Hong Kong is part of China, and therefore Apple's operation in Hong Kong should comply with Chinese law. But what is next? China also claims sovereignty over Taiwan, will Apple self-censor Taiwanese App Store soon? Will Apple removes the Taiwanese flag from Taiwanese iOS users if China government demands so [1]?

It's also sad to see Apple pushes back on US government requests because they can, and kowtows to the Chinese governments without their having to even sending a take-down request! If one day Apple fires some employee because the Chinese government thinks he/she "hurt Chinese people's feeling" in a personal tweet [2], I will not be surprised!

[1] https://www.engadget.com/2019/10/09/apple-removes-taiwan-fla...

[2] https://www.washingtonpost.com/sports/nba/nba-statement-diff...

Taiwan and Hong Kong are totally different cases.

Taiwan is an independent country, no matter Chinese gov admits it or not. It has their own government, laws, military etc.

Hong Kong is not, it’s only a special area belonging to China. When British handed it over to China years ago, China promised the situation will not change for 50 years. Although it’s a lie, it shows that China will have full control of HK eventually.

> they're looking out for their own beet [sic] interest and the best interest of their customers

I'm sure you think you just explained this, but it completely escaped me. How is yanking this app in the best interest of their customers?

Let's break "their customers" into 3 groups:

1. Protestors in HK. It clearly isn't in their best interest . So not those customers, right?

2. Non-protestors in China (including HK). You're argument is that this way they can still enjoy Apple products? Even though those products can no longer be trusted not to betray them to any whim of a hostile government?

3. Customers outside China. The argument here seems to be that Apple makes lots of money in China and that an Apple that makes tons of money in China and outside of China is better for non-Chinese customers than an Apple that makes tons of money outside of China but not inside of China.

This third group and justification is the most interesting to me. I stipulate that I have put words in your mouth. So let me take those words out of your mouth and just say this is the only way I can make sense of what you wrote.

When I follow this train of thought the only way I can see it being true is if Apple's very existence is threatened if some other company were able to fill the void in China, then leverage that to gain so much market power outside of China that they could squash Apple. And even that alone doesn't make things worse for (former) Apple customers. The only way that would be worse is if this hypothetical competitor's products were actually worse than Apple's and only able to dominate the market because of the market power they enjoy due to Apple's absence in the Chinese market.

That is such a stretch that I feel your argument should be dismissed. Can you fill in the holes of my understanding to help me see things your way?

I think this is an extremely important discussion because it seems to be the mindset held by a lot of decision makers. Is the NBA worried that they will stop making many $millions if they don't expand into China? That is, not only will they not double or triple their profits; they will actually stop making money outside of China? Is Disney worried about this? Are Microsoft and Amazon? Is it a fight for survival? Or is it pure naked greed?

Perhaps it could be argued that Apple is completely dependent on manufacturing facilities within China and losing that access would indeed be lethal. Some of Apple's biggest competitors outside China recognized that risk a long time ago and moved to minimize it. Why has Apple left themselves so vulnerable? Is it the only way they could produce inexpensively enough to stay competitive? Or is it, again, pure naked greed?
>Is it the only way they could produce inexpensively enough to stay competitive?

I hope you’re joking.

The argument as I understand it is that group 2 mostly does not care about being protected from their government or even agrees with the government's actions, and they get to benefit from continued access to Apple's superior products. I'm not endorsing this argument, but it's not prima facie crazy.
> Permanent removal from China would probably be worse for freedom in China over 20 years,

Huh?

> No company should be expected to back or foment a revolution somewhere, from my perspective they're looking out for their own beet interest and the best interest of their customers.

Profit is not an adequate moral compass. I deeply disagree that by forming a corporation, individuals who would otherwise have ethical obligations are somehow no longer obligated to behave ethically. You're literally claiming that it's okay to enable the violation of human rights for profit.

Removal of an app is not enabling the violation of human rights. Now if Apple turned over the name and address of every person who had the app, that'd be the enabling of violating human rights.
Especially seeing the app doesn’t do anything that the website can’t do.
Did you visit the website? It's hella slow.

I imagine the app cached a lot of the map data locally and used a native renderer.

Isn't that more of implementation detail? I've seen a few browser based game demos that work well on the iPhone and caching can also be done on mobile. While an app may be better for low end Android phones from an optimization standpoint, there are no "low end" iPhones that have been introduced since 2013 that wouldn't have a decent enough processor to handle a web based, optimized app.

I don't believe that more people -- especially on HN -- are focusing less on the web as a means to get around the "wall garden" than focusing on sideloading.

> Removal of an app is not enabling the violation of human rights. Now if Apple turned over the name and address of every person who had the app, that'd be the enabling of violating human rights.

This is the line you want to draw? "I didn't help them tear gas the protestors, I just made it harder for protestors to avoid being tear gassed?"

That is an incredibly flawed statement. Apple's not the one putting any barricades up. The Chinese government is.
No, it's Apple. The Chinese government is crying, and Apple, being the spineless company that it is, buckled under the slightest bit of pressure. Apple removed the app from their app store. Apple is in complete control of what apps are in there.
No, but the US can make it hard for certain companies by imposing tariffs that hurt certain industries and “investigating” companies that get on the wrong side. Do you think a Democratic administration would target companies run by the “liberal elite” or that a Republican administration would go after churches that are supporting political candidates?
> Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?

At least in China, you can probably assume iMessage is back-doored given that iCloud content in mainland China is operated by a Chinese internet company. Apple quietly posted this last week on their support page:

"iCloud services in China mainland are now operated by Chinese internet services company Guizhou on the Cloud Big Data Industrial Development Co., Ltd., (GCBD). This allows us to continue to improve iCloud services in China mainland and comply with Chinese regulations."

It goes on to say:

"iCloud services and all the data you store with iCloud, including photos, videos, documents, and backups, will be subject to the new terms and conditions of iCloud operated by GCBD."

Source: https://support.apple.com/en-us/HT208351

EDIT: After some research, it looks like the iCloud handover actually happened last year (https://www.theregister.co.uk/2018/01/11/icloud_china_goes_t...).

Actually we can't assume that at all. It seems I'm going to have to repost this comment a thousand times https://news.ycombinator.com/item?id=20904857

>Apple has already publicly said in court filings, and under threat of perjury, that they don't make any exceptions for China. From Apple's filing [1]:

>Finally, the government attempts to disclaim the obvious international implications of its demand, asserting that any pressure to hand over the same software to foreign agents “flows from [Apple’s] decision to do business in foreign countries . . . .” Opp. 26. Contrary to the government’s misleading statistics (Opp. 26), which had to do with lawful process and did not compel the creation of software that undermines the security of its users, Apple has never built a back door of any kind into iOS, or otherwise made data stored on the iPhone or in iCloud more technically accessible to any country’s government. See Dkt. 16-28 [Apple Inc., Privacy, Gov’t Info. Requests]; Federighi Decl. ¶¶ 6–7. The government is wrong in asserting that Apple made “special accommodations” for China (Opp. 26), as Apple uses the same security protocols everywhere in the world and follows the same standards for responding to law enforcement requests. See Federighi Decl. ¶ 5.

and a declaration from Craig Federighi personally [2]:

>Apple uses the same security protocols everywhere in the world.

>Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government. We believe any such access is too dangerous to allow. Apple has also not provided any government with its proprietary iOS source code. While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device.

>It is my understanding that Apple has never worked with any government agency from any country to create a "backdoor" in any of our products and services.

>I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct.

When China wants something from iCloud they do it the same way that law enforcement does it everywhere in the world, which is through Apple.

[1] https://assets.documentcloud.org/documents/2762131/C-D-Cal-1...

[2] https://www.documentcloud.org/documents/2762118-Federighi-De...

Please don't copy-paste the same comments on Hacker News. It lowers the signal-noise ratio. Threads are supposed to be conversations. In good conversation, people don't recite boilerplate at each other.
Apple itself states that it cannot access data in China without permission from the contracting company. Why would the Chinese government ask apple for data it can't provide, but a Chinese company could?

Also note your documents are from 2016, these events mostly started in 2017.

The boilerplate ToS doesn't contradict anything they've said in the court filings I linked to or the press statements and Tim Cook's interview (linked to in the original thread) about how iPhone/iCloud security works in China.
If you look at "E. Access to Your Account and Content" section in the Chinese iCloud T&C [1], it seems like there is an extra clause there not present in the same section in the US T&C [2].

"...You understand and agree that Apple and GCBD will have access to all data that you store on this service, including the right to share, exchange and disclose all user data, including Content, to and between each other under applicable law."

Shouldn't this be cause for concern?

[1] https://www.apple.com/legal/internet-services/icloud/en/gcbd...

[2] https://www.apple.com/legal/internet-services/icloud/en/term...

Apple has said in statements to the press, as well as Tim Cook's interview with Vice, that they retain the keys and that they haven't been made available to GCBD.

>Originally, iCloud data was stored on Apple-controlled servers, with the Cupertino company holding the encryption keys. Apple announced a year ago that this would change to comply with new laws in China, and that data for Chinese iCloud accounts would be moved to a server run by Guizhou-Cloud Big Data (GCBD), a company owned by the provincial government.

>However, I have spoken to Apple today, who confirmed that it still holds the encryption keys, and states categorically that they have not been made available to either GCBD or China Telecom.

https://9to5mac.com/2018/07/18/chinese-icloud-data-china-tel...

Where did Tim Cook specifically say that?

Because in the vice interview you keep citing he specifically dances around answering that question.

The servers were nationalized and the TOS agreement was changed since that 9-to-5 article came out.

Maybe Apple isn't giving access, but forcing the users to move to data centers which are later nationalized, and Then forcing users to agree to give access to that same state-owned company doesn't sound like they are restricting access anymore.

Microsoft has the same setup for Azure.

>Get a physically isolated instance of Azure for your cloud computing services—operated by 21Vianet, a company based in China.

Besides censorship and spying on users, China probably doesn't want it's company's data hosted in a place the US's 3 letter agencies can access it via an NSL.

https://azure.microsoft.com/en-us/global-infrastructure/chin...

AWS is working on it too. Internally, the region is very much treated as untrustworthy.
Very interesting. Any additional info? Info that is maybe not public?
AWS is very upfront about AWS China. See https://aws.amazon.com/about-aws/global-infrastructure/regio... and click AWS China Regions on the left side.

I would be asking AWS about the future of AWS Hong Kong which has historically has had special freedoms from China. See current events for more on that.

Typical issue is the ICP License ( https://en.wikipedia.org/wiki/ICP_license ), which is why Western companies set up shop in Hong Kong.

For now, like you say. If China decides to make one country one system, it's curtains for all the Western infrastructure and instances located there. Depending on how it goes down, it could be a big security/confidentiality issue for the data located or flowing through there.

I'm hopeful China would have a lot to lose by pulling the plug, since Hong Kong is a valuable interface to the West, but it might happen sooner or later with how unstable geopolitics is becoming.

Actually ALL data centers hosted in China will be subject to data examination by the Ministry of Public Security

https://www.chinalawblog.com/2019/10/chinas-new-cybersecurit...

The inspection team has complete access to the network system. Inspection can cover both the technical aspects of the network system and the data/information maintained on the servers. See Article 10. The inspectors can fully access the system and they are permitted to copy any data they find. See Article 15. The only restriction on the inspectors copying the data in your company’s system is that the inspectors must provide you with a receipt. Though Article 10 “restricts” access to matters involving national security, the definition of national security in China is so broad that there is no real limitation on what can be accessed, copied and removed.

Aren't foreign companies not allowed to operate in China without partnering with local companies? I think most (if not all) companies that sell services and digital products (online games, etc) operate this way.
That's not the only possible model. You can also have wholly foreign owned Chinese subsidiaries in the free trade zone if you get the appropriate licenses granted. Forgot the details though, sorry. That setup is apparently relatively "easy" for trade with physical goods, our lawyers told us some years ago, but wanting to do e-commerce without selling physical items meant all sorts of additional licenses had to be sought, and since nobody had done that before, it was unclear whether it would go through.

I remember a hilarious 24h trip to Shanghai because the Chinese law firm had found somebody who was well connected and willing to talk to us. It was somebody's cousin. In the day long meeting, the lawyers were entirely tight lipped and refused to give any legal opinion, merely reading the letter of the law back to us (which is not useful at all in China). The only person who was willing to give any guidance (and preciously little at that) was the cousin.

It was simultaneously very serious, with lots of money at stake, hilarious, exhausting, exhilarating, difficult, full of (cultural, not legal) learnings, and very, very frustrating.

> That setup is apparently relatively "easy" for trade with physical goods, our lawyers told us some years ago, [...]

As someone who is going through this process currently (WFOE), the easiness of the thing was probably exaggerated by your lawyers ;). The most annoying thing is that it is quite hard to get a definitive answer of the kind of licenses one needs, who grants them, and especially the criteria to meet.

Heh, thanks for the reminder - the woeffee. m(

Yeah, it's qualitatively the same problem. Just there is prior art for physical goods. And I put the "easy" in scare quotes for a reason! Good luck!

If I travel to China does that mean my iCloud data will sync to Chinese iCloud?
No, it is based on the account itself. There is no sync between the two sets of servers so that wouldn't work for them to base it on the physical location of the device.
Says Apple. Do you believe them?

Apple has been kind of marginal quality wise for awhile, mostly being better than the alternative because the alternative is garbage. But their handling of this makes much of what they say suspect.

I would believe them based on technical reasons. Given that there's a special system, hosted on another company's servers, just for China, syncing non-Chinese iPhones into the Chinese iCloud system would be more work, and for what gain?
it could also be argued that the current system of partnering with a chinese government backed partner company is more work. in these systems efficiency is only one consideration, abiding by the laws and regulations of the host country is another. however in this case from what i've read your icloud data is tied to the account's country.
No, it depends on your iCloud account location instead of where you are.
Does that mean that a Chinese citizen can register their account in the US or buy a US account and avoid having their data handed to the Chinese government?

I personally think it's a bit more complicated than that.

Yes, a Chinese citizen can register an US or any other country’s account to avoid using GCBD data center. In fact, before Apple transferred all Chinese iCloud account data to GCBD, it sent out emails to warn related users, and instructed them to change regions if they don’t want to store personal data in China.

Although register an account is easy, maintain such account is a pain. First, not all Chinese citizen can get an international credit card that support US dollars, so no way to purchase apps; second, for those who can get one, App Store may not allow to use it because it’s not a valid US card; third, even they can use that card for purchasing apps, US App Store, iTunes Store may not have those Chinese specific apps or music; last not to mention that the behavior of an US account using non US card outside US for a really lone time may trigger anti fraud protection.

It would be fascinating if that’s the situation.

Would that also mean an individual wanting to avoid five eyes surveillance can register their account in China?

> "iCloud services and all the data you store with iCloud, including photos, videos, documents, and backups, will be subject to the new terms and conditions of iCloud operated by GCBD."

How do I know if my data is on the Chinese iCloud? I've been to China once and connected to iCloud.

My understanding is that it's based on the region setting of your phone, but I'd be happy to be corrected.
From the other comments, it's more likely to be the region of one's Apple ID, which is decoupled from the region of one's phone.

As one can log in and out of multiple Apple IDs (from different countries) in the App Store without breaking anything synced with one's primary iCloud account, it's very likely that Apple encourages this as a best practice.

>Apple quietly posted this last week

Quietly? They issued a support article and it was big news in most news outlets when it was released.

> Apple caved under pressure from China. The explanation Cook gave is not just an embarrassment, it calls into question the veracity of all of his other statements.

I was thinking about the complexity of the world the other day, and how so many people hold diametrically opposed beliefs, but often based on solid reasoning and genuine facts. How could this be?

If you think about it, the modern world is so complex, with so many facts (some of which are actual facts, some of which are popular opinions now considered to be fact), with all of the inter-connected, Nth order cause and effect going on, how is a person who wants to be as objective as possible supposed to actually come up with a reasonable model of what's going on, even if they're willing to put in the work? People skilled in communications and the psychology of persuasion can pick and choose a subset of "facts" and put together plausible and completely contradictory descriptions of the very same story, and done correctly it's very difficult even for the vigilant to know you're being duped. So what's a person to do?

What I came up with is the idea that yes, one should indeed take "facts" into consideration, including some sort of notion of trustworthiness for each fact, but what's missing is the value of lies in coming up with one's model of reality. So, when trying to figure out what the real deal is on any given situation, don't first look for the facts, but rather the obvious lies - if you can find obvious lies or misrepresentations of reality coming from powerful (politicians or corporate leaders) or influential people (the media), this is probably a good trail to follow to lead you toward the most important parts of the truth. Of course, there's lots of complexity involved here as well, you have to consider the nature of the bias from the messenger, compare versions of the lie across different outlets, etc etc etc, but in many cases I suspect this is a highly productive approach for maximizing the correctness of one's models.

So in this case, as the article points out, "However, over the past several days we received credible information....that the app was being used maliciously to target individual officers for violence". Obviously a lie, although in this case, considering Tim Cook's no dummy I expect he knew everyone would know he's lying, so I wouldn't form any specific conclusions on this, other than money >>> honesty and principles for him, but why should we expect more from him than any other important person in Western society....this is just how we are. Despite the wonderful sounding platitudes we tell ourselves, this is our culture. And the Achilles heel that I believe China will be able to continue to exploit indefinitely, because I simply can't see it ever changing, it has become so normalized that hardly anyone can even recognize it anymore.

EDIT: Thinking more, with this being so obvious once you're aware of it, I can't imagine this is a unique theory I've come up with. Does anyone know a name for this style of thinking?

> …the modern world is so complex… […] …with all of the inter-connected, Nth order cause and effect going on, how is a person who wants to be as objective as possible supposed to actually come up with a reasonable model of what's going on, even if they're willing to put in the work?

If you don't already watch it, you may really enjoy "The Good Place". (Any additional elaboration would be a spoiler.)

After watching the trailer, I think I need some!
> And why should the US government be satisfied with a fully encrypted iMessage given that Apple will cave to demands given enough pressure?

Unlike China, the US is still governed by mostly democratic laws and a Constitution, and law enforcement and politicians can't just wish new laws into effect.

As Penn Jillette says, "The Chinese Bill of Rights isn't worth the paper it isn't written on."

Law enforcement, district attorneys, and judges have a lot of latitude about how the law is applied. Not to mention the latitude that regulatory agencies have.
Your comment has made a really really deep impression on me. For the past several years, I’ve been a hardcore Apple loyalist only for their stance on privacy and security.

It’s time to stop being deluded. I’m going to stop paying premium for apple and assume all my devices are hostile by default.

What the actual fuck Apple.

You are Chinese and assumed your data would be encrypted with Apple?
Before you made such judgement you need to think why you have freedom of speech and privacy here, because they all protected by US laws. The companies here can do things against government for protecting users privacy and security is because laws protected them.

Also, the privacy people talked about these days is more focusing on how these data got stored and used by companies and advertisement agencies. They shouldn’t use your data for profit without appropriate consent.

All the companies here in US will follow court orders and hand over personal data when they required. In this case, no company can again the court and refuse to provide data.

Back to this case. You can assume your dats is safe here in the US, because it’s protected by the laws.

> You can assume your dats is safe here in the US, because it’s protected by the laws.

I honestly don't think that you can assume your data is safe in the US. The laws are lax and not well-enforced (and are mostly civil in nature anyway). The US may be better than China on this score, but it's worse than a lot of other modern nations.

I never trusted Apple, the problem is that I think they're still the best of the lot :/
(comment deleted)
>Apple caved under pressure from China. The explanation Cook gave is not just an embarrassment, it calls into question the veracity of all of his other statements.

What veracity? He is a businessman in a trillion dollar company. He says what pleases the market -- the domestic and the foreign one, not his personal beliefs...

The first priority is always profits or growth.

If one sincerely cared for the environment for example, would stop tons things that Apple is doing, not just one. The CEO of a multinational churning consumer gadgets by the shit-loads only cares for the environment to the degree that said caring doesn't impact the bottom line.

>Why should users believe that (closed source) iMessage encryption is free from backdoors when we know that Cook will dance around sensitive truths?

Well, that's an easier thing to answer, because there would be leaks from Apple employees (NSA had leaks, for Apple it would be many times easier) if that was the case. Tons of engineers would know.

>And why should the US government be satisfied with a fully encrypted iMessage given that Apple will cave to demands given enough pressure?

Because Apple will also cave to their demands.

Besides it's another thing to please some foreign customer by caving in to remove an app (especially if said foreign customer is a sovereign state and the app is anti-policy -- companies are not in some obligation from the US or otherwise to side with protesters), and another thing to e.g. cave in to China and give them a backdoor to iMessage as you seem to imply as a potentiality. In fact the latter would be treason (or close) for a US-based company and have much more serious repercussions...

Part of Apple's image that earned it loyal customers is that they care more about their customers than most other companies. Apple doesn't sell your data, it protects your privacy, will fight government agencies asking for user's data, etc.
A lot of that was for PR, especially against rivals like Google and Microsoft. Apple definitely made some improvements but there were better approaches for just about everything they did that would've helped users and industry alike.
I wonder how much this "Apple is fighting for your privacy" image isn't even intentional PR, but just an accident. Watching HN threads over the years, as Google kept doubling down on surveillance capitalism, the usual "Apple vs. Google" / "Android vs. iPhone" threads started to point out that Apple is not doing what Google is doing. I have a feeling the opinion of Apple being pro-privacy has spiraled out from this.
Google is trying their hardest to data mine you. Apple is data mining you... but it's not their main push.

Thus Apple is more secure?

>Part of Apple's image that earned it loyal customers is that they care more about their customers than most other companies.

>Apple doesn't sell your data, it protects your privacy, will fight government agencies asking for user's data, etc.*

That's a quite recent thing, say starting around 2015 or so, as a differentiating branding to Google, Amazon, and Facebook. They might mention it here and there, but they didn't tout it all the time before, and almost none before 2012 with Jobs. And Apple had already had its huge rise by that point. It's not like the "privacy conscious" are a large enough market to make for the later growth. In fact, if anything, the privacy conscious would have moved to Apple first.

Plus, Apple is not "pro privacy" because it's some political champion of privacy, but simply because it's business model (hardware, software, services tied to them) doesn't need selling ads and user data. Whereas Facebook's and Google's whole business model revolves around turning user info to targeted ads...

Apple's image was "the computer for the rest of us", "empowering people", etc. Even the 1984 ad was about corporate sameness and drudgery of then computing, not about some anti-government rebellion.

Apple was never in politics or taking some stance to world affairs (besides "Against AIDs" etc), and before Cook came out (and the cultural/marketing climate was friendly to jumping on the bandwagon), they'd never cared for the LGBT movement either.

Who thought most of these things? Every Apple customer knows that Apple overcharges for everything but the alternative is not acceptable to them (Android, Windows, etc) l.

Apple doesn’t sell your data because it’s not their business model.

Most people don’t care about privacy, if they did, they wouldn’t use Facebook or Google.

>The first priority is always profits or growth.

When Apple split with Google, they did so over access to customer data. At the time wall street was salivating over the huge profits to be gained from mining customer data, and Google was dangling billions of dollars in front of Steve Jobs' face to get him to fold. He didn't, and also turned down lucrative deals offered by Facebook.

That was all at a time when user privacy was widely seen as a marginal issue, and long before big privacy breaches regularly got into the mainstream press. Apple could have made huge amounts of money, but instead they turned those deals down and instead spent billions of dollars building their own maps and engineering iMessage with end-to-end encryption. No other tech company has come even close to Apple's record on user privacy and security. I can't even think of another one that's even tried.

That's what's so upsetting for me over this HK Maps issue. I know they have a lot at stake, including the livelihoods and safety and security of thousands of employees in China, but I still think they made the wrong call on this.

iMessage is pretty secure, but there are practical limits to how secure it can be, while also enabling cloud backups and data recovery options. Here's a somewhat sensationalised take, which does go into the practical reasons for the limitations. What it doesn't point out is that if you don't enable iCloud backup (maybe just backing up to iTunes), your secure keys never go to the iCloud servers so there is actually a way to stay secure even in China.

https://medium.com/bob-kfir-tech/how-secure-is-imessage-8cc7...

Apple could never out-Google Google, and they knew it. Accepting Google's suit without their own alternatives by default would have relegated their platform to be just another Google app launcher for key functionalities.

They instead opted to pursue a business model that played to their own strengths.

You seem to believe that Apple's iMessage service is somehow exempt from Lawful Intercept requirements. Let me quote from those in the EU (China's requirements could be more lenient, but I somehow doubt that):

"3.3 If network operators/service providers initiate encoding, compression or encryption of telecommunications traffic, law enforcement agencies require the network operators/service providers to provide intercepted communications en clair."

https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:C...

On iPhones running google services, either Apple is in it just for the money or they aren't. Apple maps cost them a fortune and makes them no money, that's just a fact. They could also have easily played Google, facebook and twitter against each other, instead they said no to them all.

Lawful Intercept has a fatal flaw. It doesn't require the service provider to have encryption keys for the traffic, and they can't provide what they don't have.

Lawful Intercept has no such flaw. It does not let you of the hook just because you think you are clever and say "Oopsy, I can't".

If your service can't comply with regulation when requested or inspected, then your service will be disallowed until you can.

Tim Cook previously said "not on our platform" before and people warned about censorship and centralized control that would eventually harm to the most dependent users. This is the direct outcome of such a policy where a few have ultimate power over the masses. It's a sad development for Apple.
> Why should users believe that (closed source) iMessage encryption is free from backdoors

That's an easy one: the encryption happens client side and thus any backdoor has to sit on the clients and, if it exists, would be available to security researchers. There is no guarantee of it happening, but I believe some of those researchers reverse engineer whatever binary apple published and then check it for backdoors.

Of course there are still tricks that apple could pull, like adding backdoors only to targeted phones, changing the filesystem to present one version of the binary to the OS command that executes it and another to anyone else (like security researchers), extracting the unencrypted message contents using chips that sit on the memory bus (e.g. baseband), etc. But these tricks are harder to pull off and are still detectable as they happen on end-user devices.

They definitely won't say "yeah there is a backdoor". Ultimately, you need to trust them.

Doctored binaries (that leak private keys) can be sent to only select devices of a people under surveillance. So reverse-engineering generally available app will show nothing.

Apple REALLY must be coerced into allowing app sideloading (and accept push notifications not only through APNS)

The OS comes from apple, too. How does sideloading help when the OS is backdoored? How does installing your own OS help when there is a backdoor in the hardware?
Sideloading helps to install the apps you want (or need), not the apps Apple allows you to use. Thing is, you buy a very expensive piece of hardware, and you don't even truly own it. Of course, Apple frames it as 'care to protect you from malware', but in reality, it's just a digital handcuff.
I agree with the points you make, but you are arguing in terms of freedom, not in terms of security.
I wish they could take some middle ground here for example requiring that users read out loud a 1000 word statement describing the risks involved and limiting access to capabilities like background refresh, notifications, etc. if the user hasn't interacted with that app in a week.

Or they could just beef up progressive web apps...

Tim Cook is a crook and a moral coward. Single signature signing authorities for software will always be inevitably used for evil, and here it directly has been.

Apple does have a choice here. An easy one. It could remove the requirement that all iOS apps have to be signed to run on Apple devices. Simple. And at that point the Chinese government have no further way to blackmail them.

But Apple has decided it's future ability to behave in an anti-competitive fashion is more important than democracy for the people of Hong Kong.

Honestly, as a person who prizes Apple’s products and happily depends on them for work, personal life, etc. I think Tim Cook needs to either open up sideloading or be promptly fired and replaced by somebody who will. None of this sits well with me. It is a situation we do not need to be in. I agree that he is a moral coward, and in far too important and dangerous a position to be so.
The first duty of public companies is to the shareholders. Users fuzzy feelings figure very little in the incentive structure. Sideloading is probably too damaging to the short term profits of the company to be on the table. Or it might not even be a question worth considering for the board .
I agree. I hope this will be enough of a disaster in terms of optics that it renders him unfit and forces this outcome.
At this point I would think the Chinese government would take such an action as "defiance". If Apple is worried Chine might close its supply chains, opening up side loading would really piss them off.

Plus it's just not in the DNA of Apple to do side loading. Goes against the grain of everything.

This is a huge stain on the company, the brand, and Cook’s leadership.

It’s not just censorship—it’s active cooperation with an authoritarian power under the fig leaf of TOS violations. Truly astonishing.

And the people who purchase apple products.

They gave Apple this level of control in the first place.

Oh, get off your high horse. Which devices are you using from a company that isn’t similarly large and doesn’t do the same thing?
I'm far from perfect, but I don't purchase products from a company that has dictatorial control over the software installed on my phone, so I'm not complicit in handing over that power to corporations (and in turn the CCP), iPhone users are. Their actions helped lead to this.
(comment deleted)
No disrespect to Steve Jobs but my guess is that he would do the same thing.
I doubt it. There are infinite ways to word this email, a different CEO may not have written anything.

Cook presumably had some goal while sending this internal email, I doubt he achieved it. Telling your employees lies as weak as this certainly isn’t going to improve morale.

"Tim Cook is a crook and a moral coward". i 2nd that.
hacker news admins should investigate the downvote patterns on articles critical of china ...there seems to be a very strong downward pressure on articles critical of china — so much that i suspect there may be a down vote ring..
Yup. There are a few "throwaway" accounts that are also fairly obviously astroturfing too.
Dang explained yesterday [1] that there is a "common news item" penalty to stories to avoid very hot topics from dominating the front page, but that they have removed this restrictions from some articles.

[1] https://news.ycombinator.com/item?id=21211124

Down vote brigades are real.

So to are government shills.

Finally the mods regularly lie about their ongoing censorship policy.

Look no further then the fact that such topics cannot be discussed.

My post will be removed very quickly.

I don't have time to dig up specific links at the moment, but if you look through https://news.ycombinator.com/posts?id=dang, you'll see that I've written about this extensively in the last few days.

China-related stories are anything but suppressed here—it has been the most-discussed single theme of the last week, and one of the most of the last several months. See these #1 stories from the last few days:

https://news.ycombinator.com/front?day=2019-10-07

https://news.ycombinator.com/front?day=2019-10-08

https://news.ycombinator.com/front?day=2019-10-10

got it. thanks for the response.

Just worried that HN could be a target for concerted manipulation just like facebook/reddit/twitter

I dunno man. A couple days ago 20 percent of the front page was anti China.

Also, HN explicitly will remove posts that offer nothing but flamewar bait. Both algorithmically and manually.

Among other things, you can't downvote articles.
You can flag articles.
If you flag on-topic articles your flagging privileges can be revoked.
Seeing how dang danced around user flags here, and outright doesn't see anything unusual about how stories are sunk, I doubt that is done: https://news.ycombinator.com/item?id=21195297

When was the last time you saw mods mention that flagging privileges of some users have been suspended? For me it was around the Snowden revelations, when there were a lot of articles about that, a lot of complaints about there being too many articles, and apparently abuse of the flagging feature.

Can I play devil's advocate for just a moment? Gruber asks for evidence. His only complaints seems to be the lack of evidence and a question of whether the app violates local (Hong Kong) law. Cook's memo directly addresses both of those issues:

> However, over the past several days we received credible information, from the Hong Kong Cybersecurity and Technology Crime Bureau, as well as from users in Hong Kong, that the app was being used maliciously to target individual officers for violence and to victimize individuals and property where no police are present. This use put the app in violation of Hong Kong law.

So then, is the complaint simply that Cook is not providing direct evidence of these claims? Is that a reasonable expectation? What evidence could Cook provide that would directly tie violence (we know that Hong Kong protesters have committed violence) to this particular app? It seems like everyone agrees that this app was useful for organizing Hong Kong protests, and that some Hong Kong protesters have committed violence and broken local laws.

Please don't take this as some statement of political support for any particular government, company, or group. I'm attempting to address the specifics of this memo and Gruber's complaints. I am not attempting to make any argument of the form "the Hong Kong protests are [good, bad] and therefore any tool that helps the protesters is [good, bad]." The overall merits of the Hong Kong protests are not, from what I can tell, relevant to Apple's decision to ban this app or Gruber's complaints about Apple's decision and memo.

My first question is whether the "Hong Kong Cybersecurity and Technology Crime Bureau" is a reliable source of information under the current circumstances. I haven't been reading all the news about the Hong Kong protests, but what I have been reading suggests that China is applying an enormous amount of pressure to halt the protests, or reduce the international visibility of what is happening in Hong Kong.

It doesn't seem to me to take much of a leap of faith to think that China is applying pressure on the Hong Kong Cybersecurity and Technology Crime Bureau to get this app removed.

Cook's memo says that the reports, from the bureau as well as from the app's users, are "credible." That at least implies that Apple evaluated the credibility of the claims. I do understand that some people (like Gruber) might want Apple to provide material evidence, but is that really Apple's responsibility or usual behavior? It would seem extremely odd (and not at all comforting) to me if Apple, for example, released video evidence of a violent attack along with some record of this app being used by the attacker. That seems like something a government should do in a legal case, of course, but it would be seem strange to me for Apple to do that. And even if they did, I suspect it wouldn't convince people who are convinced that China is doctoring or inventing evidence to vilify the Hong Kong protesters.
What is the generally accepted criteria for "credible information"? How could Apple have communicated better about how they reviewed or corroborated the claims given by the Hong Kong Cybersecurity and Technology Crime Bureau?
This is the part of Cook's email that is harder to swallow. I doubt that reports from actual users (rather than Chinese cutouts) even exist.

The Hong Kong police force is not a credible source of information, given that it is the chief antagonist in the Hong Kong protests, and that a core demand of the millions demonstrating is an independent investigation of its conduct.

Would it not make more sense, in such a highly charged political environment, that Apple should tie their own hands and only remove the app at the mandate of a court order?

That would make it obvious that Apple is complying with law, and that they haven't "bowed to pressure" from either side.

If there is a claim that the app is violating law, then that should be validated by a judicial process, not by the operating nuances of a company.

If Apple are receiving reports from users that the law is being broken, they should be passing those on to law enforcement, and publicly complying with the response, not acting as their own arbitrator.

I think that could be a valid choice for Apple to make, and I think reasonable people could disagree about which choice Apple ended up making.

But it seems very plausible to me that Apple was presented with credible information that this app was being used to organize violent attacks and that Apple made a reasonable choice to ban the app according to Apple's policies about following local laws as well as Apple's internal policies about apps causing harm. I think that can be the case regardless of anyone at Apple's views about the merits of the Hong Kong protests as a whole.

Absolutely. The problem with Apple's, and many other companies, early response policies is it depends on the source of truth, such as the police, not being complicit.

If they always wait for a court order, PR disasters happen, and polticians dredge up 'think of the children' arguments.

If they don't wait for an order they can become part of the machinery of ill-intentioned polticial or commercial forces.

Damned if they do, damned if they don't.

However, I still think waiting for an order, especially in tense environments, is the right moral choice. I concede it probably isn't the right economic choice a lot of the time.

I totally agree. But there is a point you may not aware.

Government, law enforcement and court are not separated in China, they all belonging to the same central government. So if you really want a court order, they’ll issue one quickly.

That’s the tricky situation. Companies must obey local laws, but local laws are built on behalf of central government, and court exists for protecting central government.

No problem with that. I presume gp focused on a court order since that's the way it works in his local culture. The important part is Apple not acting as their own arbitrator.

If the order came from the HK gov, citizens know who is responsible for it and can act accordingly. And I'd expect this to be the reason Apple received pressure to remove it "by themselves".

That's fine, but Apple acted without one being issued. Which made them the arbiter, rather than the Chinese officials.
Against individual officers though? That is what's absurd.

And what of Twitter and Telegram and Messenger and Gmail and Weechat and Outlook?

This is also the same organization whose spokesperson that called a protestor being brutalized by officers a "yellow object" and who have been routinely documented fabricating evidence. Taking their word at face value is patently absurd.

Tim's statement doesn't add up.

I'm not intimate enough with any of the parties involved in this situation, so my reply will also be comfortably generic:

Yes, it's a reasonable demand. If public opinion is asking something of Apple, and its CEO chooses to answer, every aspect of the answer is open to scrutiny. Gruber indeed lists the specific evidence he would expect:

> - When was HKmap.live “used maliciously to target individual officers for violence”?

> - When was it used to “victimize individuals and property where no police are present”?

> - What local laws in Hong Kong does it violate?

It's unlikely that a CEO would be so thorough. Apple is particularly obsessed with secrecy, and tech companies in general seem to not want to disclose details when they restrict access to a product or platform.

But it's still a reasonable demand from an individual standpoint.

I'm just not sure what that evidence could look like. Like I said, don't we have sufficient evidence that this app was used to organize protests in Hong Kong, and that some protesters in Hong Kong committed violence against officers and against individuals and property where no police were present?

As for Hong Kong law, I can agree that it might be nice to cite a specific law, but I also don't find it at all difficult to believe that any government would have a law that allows the government to prohibit a communication medium that is being used to organize anti-government protests that have been sometimes violent.

It is worth considering why a government would not have such a law.
Apple should've given some kind of overview of how exactly the app was used to target police officers. Knowing that the app was aggregating info on police presence, I can see a dozen ways to maliciously use this info.

For example, it could have been used to identify locations where police is about to withdraw to target last remaining officers. Or to identify a good place for an ambush with good escape options and no video surveillance and then lure police into the ambush by reporting a minor accident. Information about location and movements of the adversary is invaluable for exactly this reason - it gives the other side advantage in planning.

If something like this really did happen and if Apple has any specifics, it should totally release it down to exact location and time of incidents and the aftermath. These are very serious allegations that need substantial proofs.

That is not what the application does though. it is not "being used to organize anti-government protests". that is not the reason it was removed. it was a map with icons. by that logic any and all communications apps ( telegram especially) would be outside the law because you can organize protests using them, way better than using icons on a map.
This is exactly what authoritarian governments do. They muddy the truth and make official and important sounding institutions make official statements that paint a situation in exactly they need it to be to further their own goals. I don’t understand how anybody can trust any information that comes out of the Hong Kong Cybersecurity and Technology Crime Bureau when the whole issue is that the HK government is no longer independent.

And beyond the actions of the Chinese government, corporations like Apple have no integrity upon which to base trust for them anymore. They need to cough up real proof instead some canned response that basically tells us to trust them on blind faith alone.

So, news in a non-authoritarian country are all truth? Non-authoritarian gov never “muddy the truth and make official and important sounding institutions make official statements that paint a situation in exactly they need it to be to further their own goals” ?
It can atleast be independently verified. Nothing coming out of the chinese govt's mouth in these circumstances can ever be independently verified
This whataboutism doesn't disprove any of the GP's claims.
This is exactly what authoritarian governments do. They muddy the truth and make official and important sounding institutions make official statements that paint a situation in exactly they need it to be to further their own goals.

And how is this different than the current American administration?

The difference is that there is media that is free enough to speak out about how the administration is lying. There are institutions that can resist, whoever little, and reveal the truth in some way. You have none of this in China. Companies, media, individuals, government institutions - all are beholden to the CCP in a way that prevents any kind of accountability, transparency and responsibility.

The US is currently a clusterfuck, yes. But if they were anything like China, the media would be in a blackout, thousands of political enemies would be sent to gulags and people across the board would be losing their jobs for speaking out.

To pretend that the US is in any way comparable is such an absurd distortion of reality, and really plays into China's narrative. Why criticize China if the US is just as bad ?

> His only complaints seems to be the lack of evidence

That's seriously disingenuous. His complaints is about how what Tim wrote doesn't make any sense, not about evidence. He only ask for evidence because he is logical, he knows that he may have not thought of everything and could be potentially wrong.

> The first allegation is that “the app was being used maliciously to target individual officers for violence”. This makes no sense at all. The app does not show the locations of individual officers at all. It shows general concentrations of police units, with a significant lag.

How could you explains this? I don't even need evidence, just a way for that to be possible (without outside coordination, that would be just absurd, simply use the same channel to coordinate instead).

I thought I provided a reasonable interpretation of Cook's comments in my previous comment, when I said "It seems like everyone agrees that this app was useful for organizing Hong Kong protests, and that some Hong Kong protesters have committed violence and broken local laws."

Of course the app doesn't show individual officers, but I don't think it's reasonable to interpret Cook's memo as claiming that the app literally showed the location of individual officers. An app that shows hotspots of police activity can obviously be used to find and target individual officers for violence.

> Of course the app doesn't show individual officers, but I don't think it's reasonable to interpret Cook's memo as claiming that the app literally showed the location of individual officers.

I'm not certain how else to read the passage below other than Cook claiming protestors used it to target individual officers somehow.

"However, over the past several days we received credible information, from the Hong Kong Cybersecurity and Technology Crime Bureau, as well as from users in Hong Kong, that the app was being used maliciously to target individual officers for violence" -Tim Cook

Even if the alleged crimes allegedly abused the app (something certainly not endorsed by the app makers), the same can be said for a lot of other apps. Thieves use facebook to look for people who give details on when they are on vacation for example. Snapchat and Skype and kik and whatapp and every other social messaging and social media app and service is abused by pedo criminals grooming their victims. etc

But those alleged crimes could not have possibly helped by the app, as has been pointed out: you don't get to see individual officers' locations and it does not show areas with no police at all either, just police hotspots (and technically, most areas even in a dense city like Hong Kong are without immediate police presence most of the time, anyway).

But even if we played devil's advocate and took the allegations of criminal activity that abused the app at face value, and assumed Tim Cook is not free to share specifics as the information might be confidential, he could at least answer what local laws were allegedly violated by the app itself. Those laws certainly are not confidential information.

This app specifically lists where the police are. That is its primary purpose.

Comparing it to Facebook or Snapchat makes absolutely no sense.

> This app specifically lists where the police are.

Since when is that a crime?

When news reporters cover a protest in US and show live where the police is, are they committing a crime?

It’s a crime if it’s being used to physically attack the cop.
Not to mention that laws are different in different countries.
This is a fair point. Laws are different, so procedures can be different. Not to mention the city’s situation is critical - protests - violence from both side.

Following US procedures in HK does not make sense. Companies always obey local laws but not laws in another country.

That's why I said Tim Cook should actually spell out what local Hong Kong laws were violated, if any. There actually could be some, but so far I did not see anybody actually pointing out any such laws, neither the Hong Kong government, nor the myriad of journalists covering the story about the app, nor Apple which surely had their in-house counsel and maybe evn external counsel look into this matter.

After that, the next question is if Apple, which even kinda positions itself as the new "Don't be evil" company including fighting some governments e.g. when they get told to subvert their own security tech, should side with such draconian laws or with the app makers.

The police are phsyically attacking the people, it's quite different. Yes, this app helps protestors, but it also helps the public avoid being treated extremely violently by the police.
I never said what the people were doing was wrong. All I said was that it would be illegal in some places if it’s being used for that.
No, listing where the police are is not a crime. Attacking the police is a crime. Inciting to attack the police is probably a crime too in most jurisdictions around the world. Neither the app nor the app makers attacked police nor endorsed let alone incited attacking the police.
A friend of mine is a police officer and regularly posts on Facebook about the events he's policing. By your logic, if someone used that information to track him down and attack him he's the one breaking the law?

Incidentally if he posted about a riot in our city (thankfully pretty much unheard of) he'd be carrying out exactly the same function as this app!

By removing this app some amount of public opinion swings towards the notion that the HK Government (and police) are the victims here. Let's not forget the decision that led to the protests and the incidents of police brutality that have occurred since.

Perhaps avoiding police is the primary use case of the app.

Dude, in HK the police raise are legally obliged to raise flags to warn the public of things such as firing tear gas, dispersing crowds, illegal assembly etc. They will also post on Twitter to notify the public where and when they will disperse the public. The HK police force wants the public to know where they are, so in the context of HK, banning this app is kind of ridiculous.

Considering the brutality of the HK police force in recent months, I would argue that this app is great at providing the public with information on how to avoid being tear gassed, beaten or arrested by avoiding the police. A lot of locals have been extremely pissed off with the police force. They have gone into very residential areas and fired tear gas unnecessarily among a whole host of other things.

Compare it to Waze, which somehow remains in the app store.
Is Waze available in HK or China?
Actually makes lot of sense. From the blog..

..the app aggregates reports from Telegram, Facebook and other sources.

Every time there is a major protest or football (soccer) game in Germany, facebook and twitter and everything else is full of messages regarding major police presence. It's the protesters or fans warning each other, it's the local residents warning each other, oh, and the police itself is often an avid user of facebook and twitter itself warning people to avoid certain areas if there is violence to help regular citizens avoid getting caught up in it.

The vast majority of people do not post or read those messages to coordinate violence against the police, but merely to stay out of the way when police and black block protestors or football hooligans clash.

I live near a football stadium, and there are some violent clashes of drunk hooligans and police after many games, but thankfully usually only on a small scale involving maybe 10-30 people against the police. Nonetheless, I made it a habit to avoid certain area for a couple of hours after a home game.

No, the complaint is not that Cook is not providing direct evidence, and it is a complete misrepresentation to suggest so. It makes your protestations of disinterest rather suspect, as those of supposed "devil's advocates" so often seem to be.

The complaint is that Cook's claims are extraordinary and seemingly impossible on their face because of the fundamental nature of the app in question. Its purpose is to show the aggregated position of large concentrations of police, so as to let users avoid confrontations with them. How can such an app be used to "target individual officers for violence", since it provides no information about individual officers?

When so extraordinary a claim is made, hearsay evidence isn't the issue. What is necessary is an explanation of how the seemingly impossible is possible. Cook does not provide this or even address the apparent problem. A neutral person, reading Cook's memo without the proper background, might be mislead into believing the app in question does provide tracking of individual police officers. I don't accept this is an accident on Cook's part. I think he is deliberately attempting to mislead his own employees regarding the nature of the app, and as a consequence his decision to ban it.

Cook's cited but unenumerated "credible" information received from a government body and users only compounds the situation. Cook could provide plenty of additional material to support his claim. He could provide more detailed information on exactly what information was received, in what volume, and in what form. He could explain the efforts the company undertook to perform independent corroboration of the evidence. He could provide a detailed account of why, in this case, he believes an autocratic government currently conducting a brutal repression of its own citizens can be trusted to communicate honestly about it, given neither it, nor any similar autocratic government, has ever spoken honestly about similar situations in the past.

Fundamentally, the problem isn't whatever evidence does or does not exist. It is that Cook's memo is a weak, politician's attempt to justify a misdeed by making absurd claims for which he provides no evidence at all. He is trying to make a problem go away, not engage with a difficult situation as a human being.

I don't understand why people would flag comments as 'suspect', have we reached McCarthyism or the hyper sensitive Chinese level yet? Why is it impossible for people to address the opinions and reasons within a comment specifically without resorting to 'suspecting the motives of the individual'? In other words, why does the motives of the individual matters to you if the opinion expressed within the comments can stand by themselves?
Maybe because the poster characterized the problem as: "So then, is the complaint simply that Cook is not providing direct evidence of these claims? Is that a reasonable expectation? What evidence could Cook provide that would directly tie violence (we know that Hong Kong protesters have committed violence) to this particular app?"

Whereas the article says: "The first allegation is that “the app was being used maliciously to target individual officers for violence”. This makes no sense at all. The app does not show the locations of individual officers at all. It shows general concentrations of police units, with a significant lag. As the developer and @charlesmok, a Hong Kong legislator, have pointed out, the app aggregates reports from Telegram, Facebook and other sources. It beggars belief that a campaign to target individual officers would use a world-readable crowdsourcing format like this."

It could be incompetence, but it seems much more like clear disingenuousness, which is a pretty common thing nowadays.

When something is not merely wrong, or foolish, but seems so indicative of failing to comprehend the article, it stands to reason that it may not be in good faith.

In other words, the person you responded to specifically stated that the comment CANNOT stand by itself; it supposed things opposite of what was said in the article.

I really did not intend to misrepresent Gruber's complaints. Gruber enumerates his complains quite clearly, and I believe I addressed them quite plainly and fairly.

I also don't think that Cook's claims are extraordinary or at all difficult to believe, so perhaps that's the more fundamental disagreement you and I have.

Not the same commenter, but it seems like the lengthy protestations of disinterest are a reaction to the prevailing online climate of exactly the kind of paranoid hysteria embodied in, for example, the assertion that anyone playing devil's advocate is probably on the devil's side so to speak. Being able to hold and consider multiple contrary or incompatible positions simultaneously is in fact a sign of a fairly sophisticated intellect in the process of doing a thorough inquiry.
Even the devil's advocate [ https://en.wikipedia.org/wiki/Devil%27s_advocate ] is supposed to cite facts and reason properly -- not claim a falsehood in support of the devil, which misrepresenting the article is.

You can't just precede anything with "just playing devil's advocate for a moment" and make it immune from scrutiny, that's the intellectual equivalent of "just a prank". From the WP article, emphasis mine:

> explore the thought further using a valid reasoning

I welcome scrutiny, and I disagree with this particular scrutiny.
I could have just done the same, and just say "I disagree" without making an argument, but that's not really much of a discussion is it.
I think there may be a misrepresentation here. Apple is not a court of law for Hong Kong, so they did not gather evidence and make a call.

IMHO it is far more likely that a representative from the mentioned Hong Kong government agency reached out to ask the app to be removed for the reasons given, and Apple complied with their request. If I'm correct, Apple is taking the supplied information at face value and also as a formal (legal) request.

In that light, the reason for the (internal) statement here is due to the press this app already received and because many employees of Apple have a humanitarian interest in Hong Kong - or even have friends and family who live there.

> [O]ver the past several days we received credible information [...] that the app was being used maliciously to [...] victimize individuals and property where no police are present.

Okay, but even if true, I've got very credible evidence that Twitter and Facebook (not to mention Safari!) have been used maliciously to victimize individuals and property. Will these apps be banned? If not, why not?

> So then, is the complaint simply that Cook is not providing direct evidence of these claims?

The complaint, I believe, is that nobody (including Cook) believes any of this. I'm sure he did get a message from the Hong Kong authorities (aka, the Chinese government) and at least one user in Hong Kong (aka, also the Chinese government) claiming the things he says they claimed. And he doesn't really believe they are true, but feels compelled to pretend he does, so he sent out the email, and now everyone else is being asked to pretend they're true too.

And Gruber is pointing out that they can't really be true, given the nature of the app. Which is quite right, but of course, it's beside the point. Cook isn't going to read Gruber's blog post, slap his forehead, and go "I've been hoodwinked!" and rescind the decision. He knows what he's doing.

> Is that a reasonable expectation? What evidence could Cook provide that would directly tie violence (we know that Hong Kong protesters have committed violence) to this particular app?

The claim is not that the app facilitated very particular types of violence, which we do not know has occured. (Although again, even if true, that's not a good reason to ban the app.)

Apple was in a similar situation with the FBI asking to unlock suspected terrorist phones, and they pushed back.

Let's not give them a pass here, as it's quite obvious why they're accepting the Chinese statements at face value, because of how dependent they are on the Chinese market.

This is about money, not principles.

I don't think Apple deserves a pass, but removing an app from the store is not similar to creating a special version of the OS with a backdoor.
(comment deleted)
They (very quietly) created a special version of iCloud which is entirely run by a Chinese state-owned company. I don't see how that's any different to "a special version of the OS with a backdoor".
> Let's not give them a pass here, as it's quite obvious why they're accepting the Chinese statements at face value, because of how dependent they are on the Chinese market.

Let's not forget that in the United States, Apple has recourse to push back against government requests within the system of the law.

The point is that this app collates information from other sources. Popular, encrypted sources where you don’t know the source like Telegram.

Why would one use this public app to target individual cops (when it doesn’t even reveal individual cops, and by virtue of its aggregation of data is likely to reveal groups of cops more often) when they could use any of the primary sources instead?

Maybe the other part is true, where criminals are using the app to target areas where cops are not present. That would actually make sense. But the first reason doesn’t add up.

> So then, is the complaint simply that Cook is not providing direct evidence of these claims?

The complaint is that the claims are not credible given what we know of the app's capabilities. How could an app that highlights areas of heavy police activity be used to single out and attack lone officers without backup? If his claims were plausible, it might be different, but extraordinary claims demand extraordinary evidence.

>>Can I play devil's advocate for just a moment?

Makes me sad we have lost soo much respect for liberty that people feel compelled to play "devil's advocate" in favor of a totalitarian regime.

I think it is clear that any "evidence" that has come from " Hong Kong Cybersecurity and Technology Crime Bureau" should be rejected out right and not trusted at all

Further the fact that the app may have broken "local laws" should also have no impact at all on the discussion, we are talking about a Totalitarian regime with countless Human Rights violations, their local laws are objectively at odds with what anyone should consider just or proper

So it comes down "Does this app violate Apple Policies", given that apple like most companies write the rules so at any time anything can be a violation at their sole discretion then technically yes, but so could any app at any time.

At the end of the day allow me to Translate Apple's Statement SouthPark Style

"Like the NBA, Blizzard, and countless other companies, we welcome the Chinese censors into our homes and into our hearts. We too love money more than freedom. Long Live the communist party of China"

No one has pointed to the Hong Kong law this app is supposed to be violating, including the Hong Kong authorities, who when asked basically said "go ask Apple".

Couple that with the fact that no officers have been targeted individually in Hong Kong protests since they began, and you begin to see that the whole thing sounds fishy.

What is the law being broken that no one knows about, and the cases of violence no one has heard of?

>Couple that with the fact that no officers have been targeted individually in Hong Kong protests since they began... the cases of violence no one has heard of?

This is the part I don't understand. Sky News UK has footage of protesters targetting an undercover police officer they'd discovered and setting him alight with a Molotov cocktail before trying to take his gun. It aired here on Australia's ABC News as well. (The Molotov cocktail incident happens at 0:17 https://youtu.be/VNGJK1k2MbY )

I'm with you on the other points, and I'm confident this app wasn't involved with that incident. But claiming the protestors have never been violent or targetted individual officers doesn't seem to match with reality.

(Of course, it's also worth questioning why there were undercover police with guns in the crowds in the first place.)

You’re not playing the devils advocate, instead of steelmanning his argument you’re coming up with something completely different.

Cook clearly made an extremely specific claim, not a general one about protesters being violent.

>the app was being used maliciously to target individual officers

This is honestly the most disappointing part of this entire saga. That Apple’s leadership realized that this is an issue, that the company’s employees do too, and that they think it’s appropriate to send out an email to placate the company but contains no real information and falls apart immediately if you look at it for longer than a couple seconds.
This reads like propaganda.

I wonder if they have to do this to keep their supply-chain open. Now would be a good time to take that $200bn and invest in some new factories.

Cook has said repeatedly that they can't buy the labor they have available n China ta any price anywhere in the world. It's not a problem they can throw money at unfortunately.
Why couldn't they cut into their profit margins if he cared that much?
Probably because they couldn't get the labor and supply chains they need at any price.
> In this case, we thoroughly reviewed [the facts], and we believe this decision best protects our users.

When I read Tim Cook's letter, this line at the end jumped out to me as super off. Even if everything else was completely true, how would this decision protect Apple users? Unless all the police have iPhones?

I think Apple culture is to treat employees like customers. That is to say, like they’re 4 years old and need to accept what they’re told.
Positive Tinfoil hat on: The police would have used / were starting to use presence of the app as evidence that users were participant in the protest and arrested them. Or the police would have been able compromise the users, the app or the data (but then why not keep it as a honeypot?)
For those who want to read the e-mail:

https://pastebin.com/dFyftCuZ

As for me, I sold my Apple stock yesterday. Tim won't miss my $10k. But I won't miss him when I am able to move to a better platform.

yeah...not sure i can ditch my macbook pro yet but next phone is not going to be iphone anymore...
why not? Short of developing for iPhone, iPad, or macOS, I don't think they bring anything new to the table that minor inconveniences on a Windows or Linux platform wouldn't solve.
I guess you have to use Linux because Microsoft does the same thing. Azure China is isolated from the rest and hold by a Chinese company; Windows and Office 365 has Chinese specific version; Skype is not available etc.
Yes because Android has your privacy needs covered! Don't let the door hit you on your way out
I didn't see any mention of Android in GP's comment. Can't miss any opportunity we can to have a dig though, can we?
It's entirely plausible that the Hong Kong police have assembled a documented narrative of incidents of crime and abuse. The call for evidence into what might be a handful of cases isn't interesting.

What is unconvincing is that an app's potential to be used with crime is sufficient for people to understand Mr. Cook's bright-line, process, or thinking around the matter.

This app was likely being used in ways which critically supported the mitigation of risk to life, a fact which Mr. Cook described only as "benign"; the failure to discuss the balance against the app's relation to public health, and the failure to frame the nature of Hong Kong police and law, makes any attempted weighing suggested by Mr. Cook to be of low credibility as a lens into his process.

Presumably Google Maps, Search, and other apps also facilitates crime at a magnitude well beyond the app in question, but how does the weighing work?

(comment deleted)
Gruber is taking Ceglowski and HKmap.live's comments at face value, but they aren't disinterested actors. They both have (admirable) agendas in the pro-democracy protests. Of course they're going to characterize the app in the best light possible (it's so you can avoid the protests and avoid inadvertently running into cops).

Apple most likely did get legitimate examples of the app being used for that, and that was all the pretext they needed to remove it. The real issue is that the CCP is also likely holding a gun to their head both in the state newspaper but also privately. And obviously Apple isn't going to light themselves on fire which is what people really want to see them do.

Then there's the bad faith critics that are using this as an opportunity to say they're hypocrites because they are politically active on various issues (like the encryption fight with the FBI), as if it isn't because they're protected by the rule of law in Western nations and they aren't in China.

Ultimately everyone understands this. The real original sin is the fact that the West normalized relations with China in the first place [1]. Corporations like Apple aren't going to liberate China, and they can't even if they wanted to. The US and other countries could decide tomorrow to sanction China and Apple and every other business would be unable to do business with them. They could treat China like North Korea or Iran. That's a political question for governments, not corporations.

[1] https://en.wikipedia.org/wiki/Three_Communiqu%C3%A9s

Why not ban Waze for their police reporting feature?
Incidentally, I think that measures by Uber to identify riders who are cops and deny them rides should have gotten Uber the same treatment as any other organized crime syndicate.
Incidentally to China’s authoritarianism you think companies should have their rights to who uses their services or not relinquished? What if a mall prevented undercover officers from using their property to investigate them, requesting they use public channels with it’s law or regulatory enforcement?

I’ve read a few articles on it and since 2017 no charges have been laid. So clearly Uber didn’t break any laws by enforcing their terms of service.

I’d much rather have this sort of thing be written clearly into law so whether or not they can force you to let them secretly use your service or not without identification can be constrained, limited in scope so it’s not a fishing expedition, and subsequently challenged in court.

Is police reporting illegal in the countries in which Waze operates?

I don’t buy that HKMap did anything illegal, but asking for equivalence with an app which is doing something vaguely similar in a jurisdiction where any of those things are perfectly legal seems to be missing the point.

Ironically, Waze is owned by Google and not available in China because they did not capitulate to the Chinese government, so maybe that's a bad analogy.
The police and their unions have complained a lot in western countries about Waze. It’s a very controversial feature to them too. Which shows what type of government they’d build if we keep saying yes to them.

This app is excluded to HK as well, it’s not like they have to appease China by proxy considering their app stores are already different.

It is really going too far to say that police would build some kind of non-free government, just because they complain about an app that helps people avoid getting caught for speeding.
Of course, if that was the only example.
Google pulled out of China because their market share and profits were non existent.
Hong Kong law is very similar to American law. Don't confuse Hong Kong with China. The parallel to Waze is a good one.
As the academic Zeynep Tufekci (@zeynep) pointed out on Twitter, some of the things Tim Cook claims the app was used for aren’t even possible:

> HK map app can't be used to "individually" target police because it doesn't have any granular reporting and as anyone in Hong Kong can attest, the police travel in large groups. Repeat: the app has no granular function. More like police here, tear gas there, road block here. (https://twitter.com/zeynep/status/1182384310873219077)

Also, if it does indeed violate a law, why can no-one tell us which law? Even the HK police deferred to Apple when asked about this.

> Apple most likely did get legitimate examples of the app being used for that, and that was all the pretext they needed to remove it.

If they have examples, they should share them. It would have been easy for Tim to put the dates and locations of incidents in his email. There are plenty to go around on the protestor side: look up what happened at the Prince Edward MTR station on 8/31, for example.

People who disagree with my characterization of the app can still ask themselves why Tim Cook can't point to any Hong Kong law the app contravenes, even thought he claims it is illegal.
> even thought he claims it is illegal.

citation?

> Moreover, what are these incidents where protesters have targeted individual police for a premeditated attack? Can Mr. Cook point to a single example? Can anyone?

The message stated that they had credible sources. That really should be enough in that type of communication. He was not trying to make a court case providing evidence he was describing the company decision to employees.

Now if there actually haven’t been any such cases then it adds question to the sources not to Apples decision or communication.

And really you can’t expect a company like Apple to start employing foreign government spies to infiltrate government institutions in order to provide credibility checking of information provided. If the police are saying they have reports of misuse of the app and violent attacks Apple has to act on that.

The venue really doesn't matter considering that the source is effectively unimpeachable. Sure, it might be proper for Apple to err on the side of caution when violence is involved, but in this case, there is definitely violence on both sides, and one side (the state) definitely has the upper hand.

Plus, the idea that the app could be used for specific targeting of individual police has pretty clearly been debunked.

In the end its really just a question of whether you think Apple should be on the side of egalitarianism or unrestricted profit.

Apple's supply chain is China-based. If Apple doesn't pull app, then China's leadership probably shuts down that supply chain. China's leadership doesn't give a damn about Apple or Foxcomm or even the NBA. It's probably a real blow to Tim Cook since he is famous for setting up such an amazing supply chain. He put Apple in such a dangerous position. He caved and made up an excuse.
That’s a double edged lever. If apple can’t make iPhones in china it can’t employ Chinese citizens, and these jobs move out of the country. So does the investment in training. Though it might clear up the market for local brands.
I'm sure someone will take up the slack.
China isn't going to shutdown Apple's supply chain, that's revenue to Chinese companies. The threat is that they would make it more difficult for Chinese buyers of the iPhone or put regulatory hurdles in front of Apple to make it difficult to sell iPhones in China. China is one of Apple's largest markets.
I honestly don't think Xi cares. He is playing the long game and would rather China buy a Chinese company's product. I bet Apple is replaceable in his eyes.
If China shuts down Apple’s manufacturing in China then you will see a mass exodus of all US-ordered manufacturing from China.

If it can happen to Apple it can happen to anyone.

Blocking Google and Wikipedia didn't cause an exodus of internet companies.
Just say you've been asked by the authorities in the territory to remove the app, and you've complied. Full stop.

There are lots of apps missing from the China app store.

This whole thing about removing the app to protect users strains credibility.

It's already known that iCloud in China is operated by a state-owned telecom (GCBD) see https://news.ycombinator.com/item?id=21217920 so they could use the data to track the protestors.

And iPhone usages is comparatively small according to https://gs.statcounter.com/os-market-share/mobile/china (Android 79% and iPhone 20%)

Then https://hkmap.live/ is available as a website.

So why the outcry about this? In the end, for-profit companies will do what gives them profit. You should not rely on them for anything that won't give them profits.

> iCloud in China is operated by a state-owned telecom ... so they could use the data to track the protestors.

Please stop spreading lies unless you have evidence to back up your claim.

From [0]: "Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government."

Disclaimer: mainlander here.

[0]: https://news.ycombinator.com/item?id=21209190

Is that true of the company they've contracted to manage iCloud in China?
Sorry the parent post was referring to the latter part: "so they could use the data to track the protestors"; it is a known fact that iCloud in China is managed by a Chinese company starting in 2018/01 [0].

[0] (link in Chinese): https://www.zhihu.com/question/265371940/log

Apple may have not, GCBD have.
The cynic in me agrees, but by that logic we wouldn't be surprised to find Beige Corp selling heroin or guns to schoolchildren if it "gives them profit". What stops them? Regulation is part of it, but also having at least some interest in keeping their good name...
> You should not rely on them for anything that won't give them profits.

You’re absolutely right and for the vast majority of companies put in this position I wouldn’t be happy about their decision but I definitely wouldn’t hold it against them. That said, if ever there were a company in the history of the world whose users are rabidly loyal enough, whose economic contributions in China are substantial enough, and with the “Fuck You Money” necessary to do what’s right when it comes to China, it’s Apple.

And when you consider that Apple launched themselves into America’s living rooms with the “1984” commercial, I might even go so far as to say that Apple could have leaned in to whatever negative consequences they may have suffered as a result.

I'm assuming that the website still works, since it's probably the source of data for the app anyway.

At the end of the day, Apple taking down the app seems like an expected outcome, and HK is outside of the great firewall, so anyone can still access the site. What's the problem?

The single page app at https://hkmap.live/ opens on iOS with a note telling you how to add it to your Home Screen.

That gives you a custom app icon, which opens as a live full screen map app w/o browser chrome.

This open mechanism to “sideload” what a regular user can’t tell the difference from an App Store app was the original iPhone app distribution strategy for both live and offline HTML5 apps, provided to developers before the App Store existed.

It remains relatively trivial to distribute apps this way.

The silver lining here is that a lot of people are thinking hard for the first time about what it means to give up the right to install whatever software you want on your own hardware.

A devil's bargain always seems like a good deal until the bill comes due.

Right because the average iPhone user cares about what happens in China.
Doesn’t Waze show where the police are?
And drivers kill a lot more people than protestors.
I hope the FCC can somehow massively fine Apple for this. It's completely disgusting and pathetic.

I can hope, even though it won't happen.

Apple lied about being in bed with the NSA, too... I don't know why anyone consider Apple much better then Google when it comes to privacy...
can you give a source?
first search result that I found: https://www.cheatsheet.com/technology/apple/is-apple-lying-a... (didn't read it though, but they lied about being part of PRISM)
Do you mean, being a victim of prism? When tech companies found out about the NSA wiretapping unencrypted connections between their datacenters they pretty much flipped out and got serious about security against nation-state attacks.
I don't. PRISM doesn't work how you described it, as far as I know... It is basically a backdoor to Apple for the NSA (so whatever Apple can see, the NSA can also see).
It's still not clear how complicit companies were in the Prism findings.

Specifically, did Apple/Google/etc actively cooperate with the NSA (outside of court ordered warrants), or did the NSA break in, or did the NSA have agents within the companies.

If anyone knows differently and has a source the community would be very interested to hear about this.

Why haven't they banned other police tracking apps like waze?
(comment deleted)
(comment deleted)