Everyone in the tech industry facepalms almost every time legislators try to pontificate on technology, but the British government appears to be trying to set a new record. After putting iMessage and FaceTime at risk, the government is now suggesting that it might ban some Apple security updates.

  • @jet@hackertalks.com
    link
    fedilink
    English
    74
    edit-2
    1 year ago

    https://www.justsecurity.org/87615/changes-to-uk-surveillance-regime-may-violate-international-law/

    Linking to the original article and not an article summarizing the article.

    TLDR The UK government wants service providers in the UK to request permission to apply updates including security updates. They may deny that permission for national security reasons.

    Ie if the government wants it broken so they can keep exploiting it they will prevent anybody from getting patched.

  • amzd
    link
    fedilink
    611 year ago

    Ok so Apple would have to disclose the vulnerability to follow proposed EU rules then can’t implement the fix in UK? That seems like a disaster waiting to happen

    • LeTak
      link
      fedilink
      English
      491 year ago

      Imagine Apple shares a patch and the UK does not approve the install. Ok nice. Now everyone knows a vulnerability that affects most of the Apple devices in UK. What could go wrong.

      • @pivot_root@lemmy.world
        link
        fedilink
        English
        201 year ago

        Next step: require all security patches to be submitted to the UK government for review before disclosing it to any other government or to the public.

          • KSP Atlas
            link
            fedilink
            English
            51 year ago

            As someone in the uk, please have them do so the uk learns its lesson

          • @Honytawk@lemmy.zip
            link
            fedilink
            English
            41 year ago

            Yes, pulling out of the UK is on the tables now.

            See, one of the amazing parts of the EU is the capability of collective bargaining.

            If the UK was still in the EU, then any company looking to pull out of the UK because of laws would cause the EU to ban the company in every other country until they comply.

            A company would essentially need to pull out of the entire EU in those instances, and with their 700 million rich inhabitants, that is one huge market to leave.

            But leaving a 70 million market isn’t that big of a deal.

  • @graphite@lemmy.world
    link
    fedilink
    English
    541 year ago

    Under the latest plans, tech companies would need to notify the British government before rolling out a security fix but might be refused permission if it blocks a vulnerability that’s being exploited by security services…

    I suppose these days it’s cheaper to find some half baked vulnerability and pray it lasts a while instead of just adding back doors in the devices

    • @ikidd@lemmy.world
      link
      fedilink
      English
      381 year ago

      That’s the stupidest fucking thing I’ve heard from a government that seems to take pride in how stupid and authoritarian their legislation can get. They’re giving the US a run for it’s money.

      • @graphite@lemmy.world
        link
        fedilink
        English
        31 year ago

        It’s beginning to feel all bad at this point, yeah, I agree.

        They’ll save a lot of money, but (a) the cost isn’t worth it and (b) it’s just totally assenine logic that takes a dump on the idea of a government’s existence having any sense of meaning that goes beyond serving the interests of the wealthy.

      • @djmarcone@lemm.ee
        link
        fedilink
        English
        21 year ago

        If the reason is actually for leaving 0days open then it is actually for the USA. Since the USA spies on foreign citizens such as UK citizens, the UK spies on the USA citizens.

        Because otherwise it would be illegal. Or something.

    • umami_wasabi
      link
      fedilink
      English
      101 year ago

      Or wait the service provider submit a fix, deny it, and then exploit. Even cheaper than find one cuz they just need to wait to be summitted.

  • @KelsonV@lemmy.world
    link
    fedilink
    English
    521 year ago

    I was expecting this to be a half-baked plan to block something using a less-than-half-baked definition that would also cover security updates.

    The fact that someone actually thinks explicitly blocking security updates is a good idea is just appalling.

  • BigVault
    link
    fedilink
    491 year ago

    Hospital emergency rooms across the UK are likely to be declaring a major incident to deal with the rash of injuries caused by the force of facepalming and banging heads against desks throughout the tech sector.

    The NHS is struggling enough as it is.

  • @BilboBargains@lemmy.world
    link
    fedilink
    English
    341 year ago

    Welcome to the world of British politics. When their advisor on drugs, the scientist prof David Nutt, pointed out that riding a horse is statistically known to be more dangerous than MDMA he was summarily dismissed from his post. These people don’t want inconvenient facts to spoil their Victorian era conception of reality. So it will go with their absurd and pernicious spying charter.

    • @moosemoosemoose@lemmy.ca
      link
      fedilink
      English
      71 year ago

      Reminds me of a quote I have always enjoyed:

      “We know no spectacle so ridiculous as the British public in one of its periodical fits of morality.” Thomas B. MacCaulay

  • @lustrum@sh.itjust.works
    link
    fedilink
    English
    33
    edit-2
    1 year ago

    This might have worked a decade ago. Companies are EXTREMELY hot on device patches now. I work for a big company and we have a week to install the latest iOS patches on our phone. We get regular updates when software is out. If windows gets a certain patch behind the system can’t update, it requires a full flash.

    The same with banning encryption, the average Joe might not care but big companies have a lot to protect in IP and legally. Imagine a US company wanting send IP to a UK company for design/validation/manufacturing. They just won’t because our devices/networks will be vulnerable to IP being stolen

    • @Honytawk@lemmy.zip
      link
      fedilink
      English
      41 year ago

      They would need to put the IP on a flash drive and hand deliver it like it was the 1970’s.

  • Lifted_lowered
    link
    fedilink
    English
    151 year ago

    Lol @ their intelligence agencies telling them that this is a bad idea & them going ahead anyway

  • @XTornado@lemmy.ml
    link
    fedilink
    English
    13
    edit-2
    1 year ago

    They want to end the “”“British Empire”“” once and for all. It’s a long term plan that started with Brexit.

      • @BilboBargains@lemmy.world
        link
        fedilink
        English
        161 year ago

        Every day we sink further into irrelevance. Look at the fate of Greece. Their culture and contributions to mathematics, philosophy and literature created the foundations of modern civilization. Now they are a holiday destination and not much else.

      • Flying Squid
        link
        fedilink
        English
        31 year ago

        When you have submarines with nuclear missiles on them, you remain pretty damn relevant.

      • @XTornado@lemmy.ml
        link
        fedilink
        English
        31 year ago

        I don’t think , that’s why the quotes on British Empire half joking, but let’s be honest I am clueless here maybe they are more relevant than I think they are.

      • @Honytawk@lemmy.zip
        link
        fedilink
        English
        21 year ago

        There are those who think Britain is still great. That is why they could convince so many to vote for Brexit.

        But since the world has become so interconnected, and Britain has lost all its colonies, it won’t be capable of dealing with the world on its own anymore.

        Some needed Brexit in order to come to that conclusion.