Mastodon Feed
Reblogged by slightlyoff@toot.cafe ("Alex Russell"):
lcamtuf@infosec.exchange ("lcamtuf :verified: :verified: :verified:") wrote:
My $0.02 re: the Apple stuff.
Provably private cloud computing is still a pipe dream - homomorphic encryption, etc.
Approximations are possible. They are complex, fragile, and with threat model carve-outs you can drive a truck through.
This ain't necessarily bad, but three things can simultaneously be true:
It's a major improvement from the infra security standpoint,
It doesn't confer any bulletproof assurances to you, the consumer,
In light of #2, it can be a step back if it blurs the PR line between keeping your stuff local and your device shipping it off to the cloud.