this post was submitted on 24 Aug 2023
338 points (98.3% liked)

Technology

59201 readers
2880 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Everyone in the tech industry facepalms almost every time legislators try to pontificate on technology, but the British government appears to be trying to set a new record. After putting iMessage and FaceTime at risk, the government is now suggesting that it might ban some Apple security updates.

all 50 comments
sorted by: hot top controversial new old
[–] jet@hackertalks.com 73 points 1 year ago* (last edited 1 year ago) (1 children)

https://www.justsecurity.org/87615/changes-to-uk-surveillance-regime-may-violate-international-law/

Linking to the original article and not an article summarizing the article.

TLDR The UK government wants service providers in the UK to request permission to apply updates including security updates. They may deny that permission for national security reasons.

Ie if the government wants it broken so they can keep exploiting it they will prevent anybody from getting patched.

[–] jet@hackertalks.com 34 points 1 year ago (29 children)

This is one step removed from requiring software vendors to add back doors

[–] umami_wasbi@lemmy.ml 20 points 1 year ago

Or deny that request, and turn the bug to a back door.

load more comments (28 replies)
[–] amzd@kbin.social 58 points 1 year ago (2 children)

Ok so Apple would have to disclose the vulnerability to follow proposed EU rules then can't implement the fix in UK? That seems like a disaster waiting to happen

[–] LeTak@lemm.ee 46 points 1 year ago (2 children)

Imagine Apple shares a patch and the UK does not approve the install. Ok nice. Now everyone knows a vulnerability that affects most of the Apple devices in UK. What could go wrong.

[–] pivot_root@lemmy.world 20 points 1 year ago (2 children)

Next step: require all security patches to be submitted to the UK government for review before disclosing it to any other government or to the public.

[–] imperator3733@lemmy.world 14 points 1 year ago (2 children)

At that point Apple might as well pull out of doing business in the UK entirely.

[–] KSPAtlas@sopuli.xyz 4 points 1 year ago

As someone in the uk, please have them do so the uk learns its lesson

[–] Honytawk@lemmy.zip 3 points 1 year ago

Yes, pulling out of the UK is on the tables now.

See, one of the amazing parts of the EU is the capability of collective bargaining.

If the UK was still in the EU, then any company looking to pull out of the UK because of laws would cause the EU to ban the company in every other country until they comply.

A company would essentially need to pull out of the entire EU in those instances, and with their 700 million rich inhabitants, that is one huge market to leave.

But leaving a 70 million market isn't that big of a deal.

[–] Spotlight7573@lemmy.world 9 points 1 year ago

A most favored nation clause, but for security. Great... just what we needed.

[–] PersnickityPenguin@lemm.ee 3 points 1 year ago

Apple immediately ceases sales and support for all apple products in the UK.

[–] Powerpoint@lemmy.ca 23 points 1 year ago (1 children)

The UK did allow Brexit to happen, they haven't exactly been making the best decisions.

[–] killeronthecorner@lemmy.world 9 points 1 year ago

Hey now, we may be dumb and we may be obstinate but I'm tired time for bed grumble grumble

[–] graphite@lemmy.world 53 points 1 year ago (2 children)

Under the latest plans, tech companies would need to notify the British government before rolling out a security fix but might be refused permission if it blocks a vulnerability that’s being exploited by security services…

I suppose these days it's cheaper to find some half baked vulnerability and pray it lasts a while instead of just adding back doors in the devices

[–] ikidd@lemmy.world 37 points 1 year ago (2 children)

That's the stupidest fucking thing I've heard from a government that seems to take pride in how stupid and authoritarian their legislation can get. They're giving the US a run for it's money.

[–] graphite@lemmy.world 3 points 1 year ago

It's beginning to feel all bad at this point, yeah, I agree.

They'll save a lot of money, but (a) the cost isn't worth it and (b) it's just totally assenine logic that takes a dump on the idea of a government's existence having any sense of meaning that goes beyond serving the interests of the wealthy.

[–] djmarcone@lemm.ee 2 points 1 year ago

If the reason is actually for leaving 0days open then it is actually for the USA. Since the USA spies on foreign citizens such as UK citizens, the UK spies on the USA citizens.

Because otherwise it would be illegal. Or something.

[–] umami_wasbi@lemmy.ml 9 points 1 year ago (1 children)

Or wait the service provider submit a fix, deny it, and then exploit. Even cheaper than find one cuz they just need to wait to be summitted.

[–] Petter1@lemm.ee 1 points 1 year ago

iOS Jailbreaker‘s life

[–] KelsonV@lemmy.world 49 points 1 year ago

I was expecting this to be a half-baked plan to block something using a less-than-half-baked definition that would also cover security updates.

The fact that someone actually thinks explicitly blocking security updates is a good idea is just appalling.

[–] BigVault@kbin.social 47 points 1 year ago

Hospital emergency rooms across the UK are likely to be declaring a major incident to deal with the rash of injuries caused by the force of facepalming and banging heads against desks throughout the tech sector.

The NHS is struggling enough as it is.

[–] BilboBargains@lemmy.world 33 points 1 year ago (1 children)

Welcome to the world of British politics. When their advisor on drugs, the scientist prof David Nutt, pointed out that riding a horse is statistically known to be more dangerous than MDMA he was summarily dismissed from his post. These people don't want inconvenient facts to spoil their Victorian era conception of reality. So it will go with their absurd and pernicious spying charter.

[–] moosemoosemoose@lemmy.ca 6 points 1 year ago

Reminds me of a quote I have always enjoyed:

"We know no spectacle so ridiculous as the British public in one of its periodical fits of morality." Thomas B. MacCaulay

[–] lustrum@sh.itjust.works 33 points 1 year ago* (last edited 1 year ago) (1 children)

This might have worked a decade ago. Companies are EXTREMELY hot on device patches now. I work for a big company and we have a week to install the latest iOS patches on our phone. We get regular updates when software is out. If windows gets a certain patch behind the system can't update, it requires a full flash.

The same with banning encryption, the average Joe might not care but big companies have a lot to protect in IP and legally. Imagine a US company wanting send IP to a UK company for design/validation/manufacturing. They just won't because our devices/networks will be vulnerable to IP being stolen

[–] Honytawk@lemmy.zip 3 points 1 year ago

They would need to put the IP on a flash drive and hand deliver it like it was the 1970's.

[–] Aesthesiaphilia@kbin.social 27 points 1 year ago

Surveillance state.

[–] Lowered_lifted@lemmy.world 15 points 1 year ago

Lol @ their intelligence agencies telling them that this is a bad idea & them going ahead anyway

[–] XTornado@lemmy.ml 12 points 1 year ago* (last edited 1 year ago) (1 children)

They want to end the """British Empire""" once and for all. It's a long term plan that started with Brexit.

[–] randomperson@lemmy.world 5 points 1 year ago (5 children)

Is Britain as relevant nowadays as people think tho?

[–] BilboBargains@lemmy.world 16 points 1 year ago (1 children)

Every day we sink further into irrelevance. Look at the fate of Greece. Their culture and contributions to mathematics, philosophy and literature created the foundations of modern civilization. Now they are a holiday destination and not much else.

[–] Claidheamh@slrpnk.net 11 points 1 year ago (1 children)

Well, you guys don't even have holiday destination going for you. Good luck lads.

[–] BilboBargains@lemmy.world 3 points 1 year ago

We're fucked!

[–] FlyingSquid@lemmy.world 2 points 1 year ago (1 children)

When you have submarines with nuclear missiles on them, you remain pretty damn relevant.

[–] randomperson@lemmy.world 3 points 1 year ago

North Korea relevant then?

[–] Honytawk@lemmy.zip 2 points 1 year ago

There are those who think Britain is still great. That is why they could convince so many to vote for Brexit.

But since the world has become so interconnected, and Britain has lost all its colonies, it won't be capable of dealing with the world on its own anymore.

Some needed Brexit in order to come to that conclusion.

[–] XTornado@lemmy.ml 2 points 1 year ago

I don't think , that's why the quotes on British Empire half joking, but let's be honest I am clueless here maybe they are more relevant than I think they are.

[–] VampyreOfNazareth@lemm.ee 12 points 1 year ago

Add to the law that all politicians phone data must be shared with the tax payer.

[–] UltraMagnus0001@lemmy.world 6 points 1 year ago

nsa is happy