Apple’s defenses that protect data from being sent in the clear are globally disabled.
  • cybersin@lemm.eeEnglish
    758·
    2 months ago

    This is dumb.

    Even if you encrypt network traffic, the receiving server still knows what you’re doing. All it does is prevent third parties from snooping.

    Usually.

    • stephen01king@lemmy.zipEnglish
      433·
      2 months ago

      Yes, so not only are they doing something shady, they’re doing something shady and exposing your data to anyone wanting to snoop it. What’s dumb about criticising the latter part?

      • cybersin@lemm.eeEnglish
        277·
        2 months ago

        The fact that anyone thinks they have any semblance of privacy when typing into an online AI chatbot is saddening.

        Of course anything you type into a externally hosted AI is going to be harvested and sold.

        But sure, in this case you are also potentially exposing your queries to your ISP or someone listening on your local network too.

        • breadsmasher@lemmy.worldEnglish
          23·
          2 months ago

          Regardless of the downstream server, you should expect the interim traffic to be encrypted in transit

          • cybersin@lemm.eeEnglish
            611·
            2 months ago

            Sure, it’s not a bad thing and it should be standard practice, but to act like encrypted traffic guarantees privacy is silly.

            • prettybunnys@sh.itjust.worksEnglish
              18·
              2 months ago

              The thing is that with the traffic unencrypted it opens the door to all sorts of attacks on that traffic.

              It’s not just privacy.

              If you can intercept and interpret you have the ability to replace as well.

              This is the integrity of your data

            • stephen01king@lemmy.zipEnglish
              8·
              2 months ago

              Tell me where in this thread are anyone expecting privacy from any online LLM service, or anyone saying encrypted traffic guarantees privacy?

    • trolololol@lemmy.worldEnglish
      11·
      2 months ago

      Yep it also prevents anyone in the airport impersonating the WiFi and the bytedance server (which is trivial) and crafting payloads that run insecure code on your phone ( not that easy but there’s heaps of CVEs like this in apps like Safari over the years, so there’s at least 2x as many in an app like this)