| ▲ | Apple's Claimed Private Data Flows Pass Through Amazon Infrastructure(gist.github.com) |
| 17 points by sandbox_escape 7 hours ago | 23 comments |
| |
|
| ▲ | 7 hours ago | parent | next [-] |
| [deleted] |
|
| ▲ | yazaddaruvala 7 hours ago | parent | prev | next [-] |
| Having both worked at Amazon and still in the cloud industry, to me this seems like a strange take. Apple leases these computers from Amazon like it would from any other colo. Why wouldn’t these servers be considered Apple servers? Barring a major privacy violation by AWS (which doesn’t seem likely), or some other sort of 0-day hack the data on these servers is entirely private to Apple. |
| |
| ▲ | orev an hour ago | parent | next [-] | | If Apple is leasing physical servers from Amazon, without Amazon further involved in running them (other than dealing with hardware issues), then this argument holds water. Otherwise it doesn’t, even if they’re using Amazon VMs or some higher level services. A VM hosted on someone else’s physical platform is not an “own servers” in this context (which is who has access to the data). I know HN is very imbued with the cloud approach, and maybe from that perspective running your own servers is just so unthinkable it may as well not exist at all, you don’t get to change how language works. If someone says they’re running on “their own servers” that always means the whole stack including physical and up. Ownership is determined not only by who pays for it, but also who has direct access to the actual devices. | |
| ▲ | sandbox_escape 7 hours ago | parent | prev | next [-] | | This means trusting AWS’s privacy policies too, which users aren’t always aware of or expecting when Apple promises full control. It’s about honest transparency. We pay a premium for Apple's privacy restrictions and then end up being tricked to rely on Amazon's. It is false advertisement to say the least.... | | |
| ▲ | ShadowRegent 6 hours ago | parent [-] | | When Apple says your data doesn't leave their servers, that doesn't mean those servers have to be in their own datacenters or that Apple doesn't have other vendors that help them deliver their service. It also doesn't mean those companies have access to your unencrypted data. That data also, by necessity, likely traverses other networks in encrypted form on its way between you and Apple. | | |
| ▲ | sandbox_escape 6 hours ago | parent [-] | | Apple claims that data they are in full control of your data from Safari, Maps, and Spotlight etc.... Data center or not, this contradicts both the spirit and letter of that promise. This is basic logic. | | |
| ▲ | mingus88 6 hours ago | parent [-] | | If you have any evidence that Amazon is accessing the data of their leased tenants, that would be an earth shattering indictment of the entire cloud industry It would be akin to accusing Datapipe or any other provider of pulling drives out of any client with racked servers in their data centers. | | |
| ▲ | orev an hour ago | parent [-] | | And that’s exactly why high security applications don’t use cloud like this; because that can never be guaranteed by some policy compliance certificate. That’s the only thing stopping them from pulling drives, etc. |
|
|
|
| |
| ▲ | bell-cot 6 hours ago | parent | prev [-] | | Yes-ish. When you're making broad "trust us" claims to consumers - who don't know the industry or its practices, let alone the technical details - then the really honest approach is to follow those consumer's understanding of your promises. Otherwise, they might end up feeling that they were duped by the weasel-words of a sleazy lawyer. | | |
| ▲ | countrpt 5 hours ago | parent [-] | | Maybe some might feel that way at first, but it’s also an opportunity and responsibility to educate. This problem is why enterprise contractual agreements and large compliance systems exist for companies at this scale. Large hosting providers like AWS, Azure, GCP, etc. provide an ability to scale and assurances about risk mitigation, privacy, and availability that are much more viable than each company having to maintain their own private in-house fleets just to create an additional illusion of privacy/security that’s actually no better than tight contractual controls to begin with. Maybe they need to explain this properly, but servers don’t magically have a lower level of risk just because they’re behind your four walls. In fact, if you lack the experience and expertise, the risk is almost certainly higher depending on your threat model. (And for Apple, their threat model is at the nationstate level. They don’t choose their hosting providers lightly.) |
|
|
|
| ▲ | al_borland 6 hours ago | parent | prev | next [-] |
| > This appears inconsistent with Apple’s privacy statement that such system data “never leaves Apple servers or goes to third parties.” As I recall, this statement was specifically about Apple Intelligence. It was for their AI that couldn’t be done on-device, and wasn’t going to ChatGPT after user authorization. It was not a general statement that all Apple endpoints are in-house. |
| |
| ▲ | 6 hours ago | parent | next [-] | | [deleted] | |
| ▲ | sandbox_escape 6 hours ago | parent | prev [-] | | So Apple can't ever really claim it is in control of your data. Marketing teams can dance the red tape but can they fulfill the promise? | | |
| ▲ | al_borland 6 hours ago | parent [-] | | Having servers in AWS doesn’t mean they are public. And what’s the alternative? Google? Their business model is based on collecting and using user data to increase profits in their AdWords business. | | |
| ▲ | bell-cot 6 hours ago | parent [-] | | Possible alternative - Apple making their “never leaves Apple servers or goes to third parties” claim true, by building & operating the required all-Apple infrastructure. | | |
| ▲ | Someone 6 hours ago | parent [-] | | > Apple making their “never leaves Apple servers or goes to third parties” claim true, As far as I can tell, the article being discussed made up the ‘fact’ that Apple made such a claim. I googled the ‘quote’ from the article This raises questions about Apple’s public privacy claim that such system data “never leaves Apple servers or goes to third parties.” and could not find any evidence that Apple actually made that claim. Even the phrase “leaves Apple servers” doesn’t get any hits to statements by Apple. I also browsed https://www.apple.com/privacy but couldn’t find anything there that’s close to that statement. The closest I found is a statement about Private Cloud Compute, where they say “If it requires greater computational capacity, it can draw on Private Cloud Compute and send only the data relevant to your task to be processed on Apple silicon–based servers” (https://www.apple.com/privacy/features/) So, even there they do not claim they own those servers or that they are located in Apple’s data centers, but I think it can be inferred that they own them. |
|
|
|
|
|
| ▲ | nicce 7 hours ago | parent | prev | next [-] |
| Not really a secret, e.g.: https://www.cnbc.com/2024/12/03/apple-says-it-uses-amazons-c... |
|
| ▲ | 5 hours ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | hulitu 6 hours ago | parent | prev | next [-] |
| > Where is this data going once it reaches AWS, and how is it being handled outside Apple’s network? PRISM |
|
| ▲ | jackharlow12 7 hours ago | parent | prev | next [-] |
| [dead] |
|
| ▲ | RedHeadHunter 6 hours ago | parent | prev | next [-] |
| [dead] |
|
| ▲ | tomasf 7 hours ago | parent | prev | next [-] |
| [dead] |
|
| ▲ | jack1335 6 hours ago | parent | prev [-] |
| [dead] |
