Home > Archive >  2007 >  December >  23


What I learned about security, privacy and Apple

Sunday, December 23, 2007 by Dave Winer.

A picture named mac.jpgFirst, thanks for the great comments on yesterday's post about Apple and the hard disk of my MacBook. People were universally positive and helpful, and I can say I really learned some really important things as a result of the discussion. Permalink to this paragraph

First, the cost of the data on the hard disk swamps the value of the value of the disk and even the value of the computer. There was source code on the computer, and other information, which if it fell into the wrong hands, could cause some serious problems for me. Permalink to this paragraph

I have no agreement with Apple that covers the security or privacy of the data. As far as I know they think they own the contents of the disk as well as the disk itself. The experience I had with them actually makes me think they probably do feel its theirs. This from a company that takes the security of its own private information very seriously, they seem to have almost no regard for the security of its customers' information. Permalink to this paragraph

You have no control over when a hard disk will crash, or any foreknowledge of when it's even likely to crash. So there's no way to protect against this kind of security issue. And that's what it is. What kind of sense does it make to invest in firewalls, and of what value is Apple's claim that Macs are inherently more secure, when all the data on one of my computers is now completely out of my control forever? Permalink to this paragraph

I'm not so concerned about the privacy issues, but I could imagine that other people might be. And if identity thieves are not aware of this backdoor way to get access to private information, how long before they are? Security experts always warn us that obscurity is not a good strategy for security. Permalink to this paragraph

So what to do?  Permalink to this paragraph

Basically I've given up on trying to get Apple to do the right thing and give me my disk back. Some people at the Emeryville store are well-itentioned, and are just naive about the problems that can come when you trust people with all your data. Others just don't care. Either way it seems unlikely that I'm going to get it back, and even if I do, it's been out of my control for too long.  Permalink to this paragraph

I'm going to go through the tedious job of changing the passwords on all my sensitive online accounts. That was overdue anyway. And next time a laptop blows its hard disk, I'm either going to replace it myself and shred the old disk, the same way I'd shred any sensitive documents before throwing them out, or just throw away the whole computer. I know this isn't green, but there seems to be no other course that's anything close to secure. Permalink to this paragraph

And always be aware that you could lose a laptop, or it could be stolen. So far it seems that this is not yet an identity theft concern, but you can't be sure, and it won't be long before it is.  Permalink to this paragraph

Thanks again for all the good info, advice and vibe. ;-> Permalink to this paragraph






© Copyright 1994-2007 Dave Winer Mailto icon.

Last update: 12/23/2007; 7:34:07 PM Pacific. "It's even worse than it appears."

Click here to view blogs commenting on  RSS 2.0 feed.