Jeremy Kun on Nostr: I think the author brings up some decent points about the rollout, and I am generally ...

I think the author brings up some decent points about the rollout, and I am generally in favor of opt-in features whenever possible. More so when the feature is based on new/novel research. It's also reasonable for someone who had never heard of homomorphic encryption to live by the credo, "anything that phones home is not private," because this HE stuff is really fantastical. Finally, his point about bugs is good--any additional surface area is a risk no matter how awesome the math, and while that's an overly broad point, it seems particularly relevant to this feature. It's good to be suspicious, that's the lifeblood of the security industry.

On the other hand, it's a rich juxtaposition to say "the only way to guarantee privacy is to not send data off the device" alongside "I don't understand what homomorphic encryption is." Unless he's trying to make a point about the possibility of cracking the crypto, which is valid but not something I often hear, then just knowing that only _encrypted_ data leaves the device should suffice for his purposes to guarantee privacy. And that is true of Apple's implementation (provided the code matches their papers), with the exception of the centroid of the cluster being requested, and they use this anonymization network technique (the part that smells riskiest to me) to hide which centroid the device is querying (Apple provides the centroids to the device).