Apple’s Tim Cook on U.S government surveillance: ‘There is no back door, the government doesn’t have access to our servers’

“ABC News is planning to air an interview with Apple CEO Tim Cook this evening, but a few bits and pieces have already started trickling out,” Greg Kumparak reports for TechCrunch.

“In the first big excerpt to be released, Cook touches on his concerns regarding the NSA and their deeply controversial PRISM surveillance program,” Kumparak reports. “‘The government doesn’t have access to our servers,’ Cook says. ‘They would have to cart us out in a box for that.'”

“Of course, as many have pointed out since companies first started making these sorts of official statements, there are many a concern that even ‘The government doesn’t have access to our servers’ can’t sate,” Kumparak reports. “Talk of theoretical gag orders aside, one of the most disconcerting tenants of the PRISM program is the idea that the NSA doesn’t need a company’s approval (or even for the company to know) for them to start gathering data; they purportedly just snatch what they can as the data passes through the Internet’s central hubs.”

[protected-iframe id=”e74c61a70c9a9a1954134d55e2e1cf26-17146794-18685410″ info=”http://abcnews.go.com/video/embed?id=21656468″ width=”590″ height=”332″ style=”border:none;”]

Full article here.

MacDailyNews Take:

Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety. – Benjamin Franklin, Historical Review of Pennsylvania, 1759

Visit the Apple-backed reformgovernmentsurveillance.com today.

Related articles:
ABC News to interview Apple CEO Cook about Mac’s 30th anniversary on January 24 – January 23, 2014

Yahoo CEO Marissa Mayer calls on Obama administration to provide greater U.S. NSA transparency – January 22, 2014
Obama’s NSA proposals fall far short of real change – January 17, 2014
U.S. NSA devises radio pathway into computers to conduct surveillance, launch cyberattacks – January 15, 2014
The NSA, Apple’s iPhone and a whole lot of bad reporting – January 8, 2014
U.S. NSA seeks to build quantum computer to crack most types of encryption – January 3, 2014
Ex-NSA chief calls for Obama to reject commission’s recommendations to rein in NSA surveillance – December 30, 2013
How the U.S. NSA remotely bugs your Apple iPhone – December 30, 2013
Report: U.S. NSA intercepts computers during shipping to install surveillance malware – December 30, 2013
U.S. NSA uses Google cookies to pinpoint targets for hacking – December 11, 2013
Apple, Google, others call for government surveillance reform – December 9, 2013
U.S. NSA secretly infiltrated Yahoo, Google data centers worldwide, Snowden documents say – October 30, 2013
Obama administration decides NSA spying is ‘essential,’ but oversight of NSA is not – October 8, 2013
Apple’s iPhone 5s with Touch ID seen as protection against U.S. NSA – September 16, 2013
German government: Windows 8 contains U.S. NSA snooping back doors; too dangerous to use – August 23, 2013
Report: NSA can see 75% of U.S. Web traffic, can snare emails – August 21, 2013
NSA can read email, online chats, track Web browsing without warrant, documents leaked by Edward Snowden show – July 31, 2013
Momentum builds against U.S. government surveillance – July 29, 2013
U.S. House rejects effort to curb NSA surveillance powers, 205-217 – July 24, 2013
Obama administration scrambles to shut down imminent U.S. House vote to defund NSA spying – July 24, 2013
Obama administration demands master encryption keys from firms in order to conduct electronic surveillance against Internet users – July 24, 2013
Apple, Google, dozens of others push Obama administration to disclose U.S. surveillance requests – July 19, 2013
Secret court agrees to allow Yahoo to reveal its fight against U.S. government PRISM requests – July 16, 2013
How Microsoft handed U.S. NSA, FBI, CIA access to users’ encrypted video, audio, and text communications – July 11, 2013
DuckDuckGo search engine surges 33% in wake of PRISM scandal – June 20, 2013
Yahoo: Since December 2012, we have received up to 13,000 U.S. gov’t requests for customer data – June 18, 2013
Apple: Since December 2012, we have received U.S. gov’t requests for customer data for up to 10,000 accounts – June 17, 2013
Nine companies, including Apple, tied to PRISM, Obama to be smacked with class-action lawsuit – June 12, 2013
U.S. lawmakers urge review of ‘Prism’ domestic spying, Patriot Act – June 10, 2013
PRISM: Do Apple, Google, Facebook have an ethical obligation not to spy on users? – June 8, 2013
Plausible deniability: The strange and unbelievable similarities in the Apple, Google, and Facebook PRISM denials – June 7, 2013
Google’s Larry Page on government eavesdropping: ‘We had not heard of a program called PRISM until yesterday’ – June 7, 2013
Seecrypt app lets iPhone, Android users keep voice calls, text messages away from carriers, government eyes and ears – June 7, 2013
Obama administration defends PRISM data-collection as legal anti-terrorism tool – June 7, 2013
Facebook, Google, Yahoo join Apple in sort-of denying PRISM involvement – June 7, 2013
Report: Intelligence program gives U.S. government direct access to customer data on Apple servers; Apple denies – June 6, 2013

32 Comments

  1. As it was explained already, it is the same information, but that is accessible through separate servers, not directly Apple’s working servers. I am not sure that Cook is legally able to discuss this due to the fact that there is secret court with secret rulings that impose gag order. So Cook can say that there is “no back door” and no access to “our” servers by NSA, but the reality is more complicated than that.

    1. The only true way to secure consumer data is to allow “no password recovery” option. Under condition that if the password is forgotten there will be no way to recover the data, users must have option when Apple does not store deciphering keys on its servers at all.

      In this case NSA will have all time of the future to decipher hundreds of megabytes or even few gigabytes of monolithic data that has 2048-bit long password.

      Until such option is offered, there is no way to ensure that consumer data is truly private. Unfortunately, Apple, Microsoft and Google do not plan to offer such option — one of the reasons for that is that NSA would hate it; and there even may be legal limitations on that.

      1. Hmmm… the password to my FileVault key is not recoverable, not even by Apple (I opted not to back it up to their server). So there’s a “no password recovery option,” at least for my physical hard drive.

        As for my network, well, I do the best I can, using a VPN based outside this country.

        Nevertheless, nothing in my life is so exciting that the NSA would give a shit about it anyway. I just try to keep as many people out as possible.

        1. … if the NSA has access to someone’s servers – not if they have access to the links between systems and servers. There’s a “wire” between your system and that “VPN based outside the country” that the NSA can tap.
          Yes, you can scramble the information traveling along that wire. That might well slow them down. AND peak their interest! Which makes you less boring than you think you are.

    1. I get what you’re talking about — from clips like this I sense a very practiced diplomacy, at odds with what Infinite Loop insiders have (ahem) told me is a cool determination and an economy of speech at decision moments.

      In protracted direct negotiations with China Mobile, in fielding questions at conference calls, and in interviews like this, he has shown a grasp, and an increasingly skilful handling, of all those constantly trying to get the better of him.

        1. What more would you have him say?
          1. No back door.
          2. No govt access to our servers.
          Sounds like that pretty much covers it, at least where Apple has control. Data flowing to and from those servers via the net is outside Apple’s control, so Apple obviously can’t speak to that. I think the gag order that Cook wants rescinded concerns how many and what kinds of subpoenas they have been served with. They have no control over that either, other than to give statistics (when allowed).

          1. I’d like to see some personality. Steve Jobs had that, you could trust it, it made you feel good about investing in him. Tim is ok. I get it, it’s a tough place to exist, with so much scrutiny. I’d like to see him loosen up a bit I guess. Maybe it’s those power bars he eats all day long.

  2. Ideally, all data going in and out of a server and in and out of the client machine are encrypted. You use a key exchange system where the server has one only and the client has one only. Theoretically, this keeps the crooks (aka the NSA) out of your private data.

    However, it has been discovered that the NSA has been in the loop and involved with at least one commonly used random number generator which happened to be the default choice when using RSA branded encryption. That not-so-random number generator allows the NSA to crack the resulting encryption remarkably easily.

    This has left open the question of what other encryption was corrupted by the NSA. I’m not going to cast aspersions, but it’s a primary question at the moment.

      1. Of course, what’s required for safety is an actual non-computer randomization source. There are a few around the Internet. Then of course there’s the human, for which we are all suitable. PGP and GPG encryption both use requested human input to add randomization. I enjoy using my own personal randomization whenever I create passwords.

  3. No company, not even Apple, can guarantee complete security of user data. Apple’s built-in encryption is not unbreakable. Apple doesn’t control local networks nor ISPs. And if you think iCloud is super secure, you seriously need to read the user agreement. Apple datamines the hell out of your data, almost as bad as Google or any other major “cloud computing” player.
    https://www.apple.com/legal/internet-services/icloud/en/terms.html

    “… Apple may collect, use, transmit, process and maintain information related to your Account, and any devices or computers registered thereunder, for purposes of providing the Service, and any features therein, to you. Information collected by Apple when you use the Service may also include technical, statistical, or diagnostic information related to or resulting from your use that may be used by Apple to support, improve and enhance Apple’s products and services. For more information please read our full privacy policy at https://www.apple.com/privacy/. You further understand and agree that this information may be transferred to the United States and/or other countries for storage, processing and use by Apple, its affiliates, and/or their service providers. Please note that personal information regarding individuals who reside in a member state of the European Economic Area (EEA) is controlled by Apple Distribution International in Cork, Ireland. ”

    We have reached the age where corporations have as much or more power than governments, without any of the controls that most governments have. But whenever a corporation wants to evade reasonable responsibility, it merely transfers it to the state. Apple’s EULA removes all liability and responsibility, and it tells the user that their data can be handed over to any other entity as the law may allow. (The law, of course, being written by corporate lobbyists).

    All is not yet lost, however, As slow and corrupt as we have allowed our representative bodies to become, the people can still petition for change. The people DO need to wake up and stop pretending Apple is a little underdog here to protect the consumer. It’s transformed itself into a megacorporation and is now run by a management team that thinks profit first. As a rule, corporations exist only to extract maximum cash from the people — corporate mangement teams are legally required to do this and are fired when they don’t. Apple used to be a nice exception to the rule, but the Cook legacy has been one of many disappointments. I don’t believe him for a second when he claims Apple doesn’t provide data to the NSA. Of course he does — they just qualify it as “metadata” and claim that nobody really looks at it, they just log your digital devices’ every action & location.

    Finally, iBeacon is a dream for the NSA. You know damn well that spies are working to leverage it to their advantage. What you buy is a security concern to the paranoid of the nation, don’t you know? Only when citizens kick the military-industrial complex out of the halls of government will sanity and privacy regain their place in society. Don’t trust Apple or any other to coddle you and keep your data secure. That’s not what Apple does — and it never was.

    1. Mike, when you post anonymously on MDN and tell everyone else to “wake up and stop pretending Apple is a little underdog here to protect the consumer,” your words will tend to receive very little respect. Long term Apple users/fans have been called “lemmings” and “kook-aid drinkers” and such for so long that we tend to get defensive when someone utilizes that type of attack. The majority of Mac users are reasonably intelligent and reasonable. You won’t strengthen your arguments by attempting to belittle us.

      Your argument concerning the “security” of data in iCloud is confusing. The context of the article in question is the security of online data relative to NSA data-gathering and searches. But you suddenly change course and start talking about Apple’s privacy/data policies with respect to user data stored in iCloud. That is completely different. You then go further in attempting to equate Apple’s iCloud legalese with Apple being “as bad as Google or any other major ‘cloud computing’ player” in terms of data mining. Based upon my interpretation of Apple’s iCloud Terms of Service and my long term experience with Apple, I do not agree that Apple is even close to Google or other companies in this respect. Granted, Apple is a corporation and will change over time as its management changes. But, for now, Apple has earned a reasonable amount of trust.

      1. Exactly. I have no illusions about the realities Apple has to deal with, but they are nowhere near Google or anyone else in this regard. And I believe that they are NOT cooperating with the NSA one millimeter more than is absolutely required.

  4. Well, one way to tell if your info has been hoovered up is [redacted by NSA].

    A way of dodging all that is [redacted by NSA]

    I always use [redacted by NSA]

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.