Sharing your thoughts both pro and con here is fine but for those of you against what’s planned should just write Tim Cook an email yourself at tcook@apple.com and let him know how you feel.
Seems like nearly all commenter didn’t read the article, or even the headline, before commenting.
To be fair, most other media outlets offer way worse headlines, and not a one I’ve seen outside of AppleInsider has even attempted to calmly explain the policies.
As Mike W pointed out … Apple is actually the LAST tech behemoth to implement these policies. Where were you people when Google, Facebook, Microsoft, and Twitter among others adopted these same controls and rules?
What good are parental controls if they don’t do anything about child sexualisation and exploitation?
I understand that Apple are trying to do a good thing here but this really goes against the grain as far as privacy is concerned. What also worries me is the this can be used by people to bribe or blackmail. There a plenty of ways that people inadvertently download files etc. What if a banned image is slipped in to your photo library without your knowledge. The next thing you know is the police are knocking on your door. This is way worse that having your PC held for ransom. It’s potentially your life that could be ruined simply because you made a mistake download a file you shouldn’t have.
Just imagine getting hit by a ransom ware that threatens to place child pornography on your computer. There are plenty of people who will panic and do the wrong thing by paying up instead of going to the police. This type of blackmail only has to work a small fraction of the time to be highly profitable.
There has to be another way to track the trafficking of this type of imagery as it is being distributed. I don’t think looking a people’s private content is the right way to do it. It is open to too much risk for hacking and could easily ruin many innocent people’s lives.
Seems like nearly all commenter didn’t read the article, or even the headline, before commenting.
To be fair, most other media outlets offer way worse headlines, and not a one I’ve seen outside of AppleInsider has even attempted to calmly explain the policies.
As Mike W pointed out … Apple is actually the LAST tech behemoth to implement these policies. Where were you people when Google, Facebook, Microsoft, and Twitter among others adopted these same controls and rules?
What good are parental controls if they don’t do anything about child sexualisation and exploitation?
Just a few points:
I didn't say anything when other companies implemented these changes because I didn't know. And I feel really bad about this because through my own ignorance, I lost the opportunity to rip Google a second arsehole. Which brings me to my next point.
As far as I can tell, Google is supplying the tech that makes the tagging possible; I can't see where they are handing over matches of CSAM pictures found on Google Pics to law enforcement. They just supplied the tech that will have much wider benefit by tagging the pictures found floating around the web and tracing them back to their source.
Google: Let's clean up the internet. Apple: Let's just worry about our servers.
Google is doing something about sexualisation and exploitation by attacking the sources. Apple's solution will do very little because perverts are not storing their images on iCloud accounts where backups can be accessed with a legal request.
When I was a kid I used to get stop-searched a lot; and when I started driving, I was stopped again so the police could make sure I hadn't stolen the vehicle. I hadn't burgled any houses and I hadn't stolen the cars. Now since this has probably never happened to you, let me tel you something you may not be aware of: being accused of something you didn't do is not a good feeling; it's stressful and it's shaming, even when you haven't done anything. That's before we end up in in inevitable situation of somebody losing their family and their livelihood over a false accusation, and Apple being told they have to search for pictures of dissidents in folks' photo library too.
Hah! My Android-loving friends were gleefully all over this. They asked me if I'll now consider a high-end Android for my next phone.
"All that's happened," I said, "is that one of the reasons for not choosing an Android phone – better privacy on Apple phones – has been squashed. That still leaves about nine other reasons."
"Good one, dude."
"You're forty-five years-old. Stop calling me dude."
"Sure, and you'll stop banging on about Apple giving a shit about your privacy."
I understand that Apple are trying to do a good thing here but this really goes against the grain as far as privacy is concerned. What also worries me is the this can be used by people to bribe or blackmail. There a plenty of ways that people inadvertently download files etc. What if a banned image is slipped in to your photo library without your knowledge. The next thing you know is the police are knocking on your door. This is way worse that having your PC held for ransom. It’s potentially your life that could be ruined simply because you made a mistake download a file you shouldn’t have.
Just imagine getting hit by a ransom ware that threatens to place child pornography on your computer. There are plenty of people who will panic and do the wrong thing by paying up instead of going to the police. This type of blackmail only has to work a small fraction of the time to be highly profitable.
There has to be another way to track the trafficking of this type of imagery as it is being distributed. I don’t think looking a people’s private content is the right way to do it. It is open to too much risk for hacking and could easily ruin many innocent people’s lives.
Apple could face a very severe backlash on this.
Michael Green, the researcher who put this out there, has some examples of how similar hash values can apply to images that are not actually the same when you look at them.
There are two attack points here:
Disguised images sent to your phone, which is unlikely through Airdrop, but easily done through email. Images placed on the CSAM database by the government or a hacker.
Remember that Apple that Apple will be storing hashed data on your phone related to illegal porn that they will be trying to match using a deliberately imprecise algorithm that hasn't been reviewed by any expert outside of Apple.
It's terrifying that Apple is allowing the government to bypass legal restrictions that would have made this type of search unlawful. I am not defending criminals or pedos but I strongly object to the government having unlimited insight into the photos on personal devices. A list of hashes is exactly that, and that list could be expanded to anything the government would like as I strongly assume the the government is providing the hashes to Apple initially.
I must live a very boring life. There are no naked pictures of me out there and even if there were, nobody would want to see them. Other than banking details, which the government can access without my phone, getting into the hands of criminals there is nothing I would be concerned about if it made its way onto the front page of the NYTimes. The only people this is going to affect is child pornographers and pedophiles. Good riddance. Small positives are not going to be flagged so this is not going to affect innocent and legal users. For the paranoid, the safest and easy solution is don’t backup to iCloud though, save everything to local computers, backing those up locally and then saving a copy using encrypted backblaze service or something similar.
For a very long time I’ve trusted Apple to do the right thing.
They’ve been prepared to make difficult decisions to maintain and enhance that trust.
They’ve now stepped over that line.
I’ve been paying them for decades for what amounts to surveillance systems I’ve placed in my home, carry with me everywhere and perform my secure and private work, correspondence etc on.
I’ve justified paying a premium for apple kit because I trusted them that everything was private and remained private.
That is now not the case.
Apple are now enabling algorithms to judge me. Every photo I take will be judged for approval. Every Siri request I make will be judged, every internet search I make I will be judged.
It used to be that those convicted of crimes where subject to having their electronic activities scrutinised, now everyone everywhere will be scrutinised.
I no longer trust Apple in my home or holding my families data.
the biggest fear is when something goes wrong.
People and systems make mistakes. People don’t care when mIntakes happen to other people.
no one is interested when mistakes happen to you, no smoke without fire etc etc etc.
Worth taking a look at Matthew Green’s Twitter feed. Some fascinating stuff in there.
He points out that Apple is using a fuzzy matching algorithm, and that it's possible to have false matches that will flag due to the the fuzziness of the match. He also points out that no one has seen Apple’s matching algorithm, a matching algorithm built by the same company that gave you iTunes Match and Siri.
But that’s okay, to make sure that there’s no chance of a false match, Apple will have some stranger look at your pictures to make sure. So if your photos start showing up in odd places around the internet, this may be why.
Are you sure about fuzzy matching? I can’t see how that would work for a hash. The whole point of hashing is that minor changes on the source produce a totally different hash. Take a picture and generate a hash. Now add a black dot to the picture. Regenerate the hash. It’s totally different. Every character.
For the first time in 28 years I’m considering leaving Apple products. Child pornography is disgusting and an outrage, but overreach of power is currently running rampant in the US and that will eventually ruin an entire country.
I’m wondering if this is some sort of deal that Apple has struck to prevent an even more intrusive solution from US law enforcement. If that’s the case then I imagine Google will have to implement something very similar in the near future.
But regardless, what I realise now is that I have been somewhat naive about Apple's stance on privacy. All this clever stuff they bang on about: “We can’t see this, we won’t look at that” – it really is smoke and mirrors. What Apple is doing is walking through the girls’ locker room while promising to keep its eyes shut. Yeah, that’s nice of them, but guess what? They’re still in the locker room.
So the next time GoogleGuy breezes through trying to prove that Google cares just as much about privacy as Apple does, I’m afraid he won’t be wrong: they both kinda suck, but at least Google is honest about it.
What extraordinary times we live in.
Google's had this system since about 2013 as you've noted in a follow-up comment, server-side. Like Apple will, they scan users' Google Photos libraries. Facebook since 2010, Microsoft since 2008. Twitter, as you've said.
And yes, they scan pro-actively, and report to the authorities. They all use the same approach as it pertains to law enforcement that Apple will start using shortly.
So, for the folks saying "this is my last Apple product" by all means go if you're uncomfortable. Have a good time finding a vendor that doesn't do this. In short, any image that a server can see, anywhere, on anybody's servers or even passing through them, is very likely going to be looked at for this material whether you want it to or not.
And, like I said on page one of this comment thread -- if you don't want Apple to do it and think this is some kind of massive privacy breach despite Apple not knowing or giving one single care that you've got 45,000 pictures of your dog frolicking in your back yard despite how you may think the system works, turn off iCloud Photos. That simple.
And, the other system, the explicit Messages notification to parents which is getting conflated with the CSAM hash table identification by folks that didn't read the article: It's opt-in, and only for child accounts in a Family Sharing setup. That's all.
He gives an example of a simple 6 numeric hash there. Just like a 6 digit password is more likely to collide than a 256 alphanumeric password, the same is true of a hash. From stack overflow.
If we have a "perfect" hash function with output size n, and we have p messages to hash (individual message length is not important), then probability of collision is about p^2/2^n+1 (this is an approximation which is valid for "small" p, i.e. substantially smaller than 2n/2). For instance, with SHA-256 (n=256) and one billion messages (p=10^9) then the probability is about 4.3*10-60.
A mass murdering space rock happens about once every 30 million years on average. This leads to a probability of such an event occurring in the next second to about 10-15. That's 45orders of magnitude more probable than the SHA-256 collision. Briefly stated, if you find SHA-256 collisions scary then your priorities are wrong.
He gives an example of a simple 6 numeric hash there. Just like a 6 digit password is more likely to collide than a 256 alphanumeric password, the same is true of a hash. From stack overflow.
If we have a "perfect" hash function with output size n, and we have p messages to hash (individual message length is not important), then probability of collision is about p^2/2^n1 (this is an approximation which is valid for "small" p, i.e. substantially smaller than 2n/2). For instance, with SHA-256 (n=256) and one billion messages (p=10^9) then the probability is about 4.3*10-60.
A mass murdering space rock happens about once every 30 million years on average. This leads to a probability of such an event occurring in the next second to about 10-15. That's 45orders of magnitude more probable than the SHA-256 collision. Briefly stated, if you find SHA-256 collisions scary then your priorities are wrong.
Yeah, I know you read the articles, history demonstrates this.
A large number of commenters in this post did not, however.
For a very long time I’ve trusted Apple to do the right thing.
They’ve been prepared to make difficult decisions to maintain and enhance that trust.
They’ve now stepped over that line.
I’ve been paying them for decades for what amounts to surveillance systems I’ve placed in my home, carry with me everywhere and perform my secure and private work, correspondence etc on.
I’ve justified paying a premium for apple kit because I trusted them that everything was private and remained private.
That is now not the case.
Apple are now enabling algorithms to judge me. Every photo I take will be judged for approval. Every Siri request I make will be judged, every internet search I make I will be judged.
It used to be that those convicted of crimes where subject to having their electronic activities scrutinised, now everyone everywhere will be scrutinised.
I no longer trust Apple in my home or holding my families data.
the biggest fear is when something goes wrong.
People and systems make mistakes. People don’t care when mIntakes happen to other people.
no one is interested when mistakes happen to you, no smoke without fire etc etc etc.
Yeah, that's the problem though isn't it? Lots of folk chucking out maths and stats and saying it can't happen … great, until you're the one it happens to.
But the thing to remember that this is something that all companies are going to have to agree to, so unless you get rid of everything that plugs in, it's going to be pretty hard to escape.
Look on the bright side: you no longer have to pay a premium for Apple kit. You may have put up with Siri's shortcomings because you believed those shortcomings were a trade-off for privacy. Well, this announcement means the privacy field is pretty much level, so buy what works best for you.
Look on the bright side: you no longer have to pay a premium for Apple kit. You may have put up with Siri's shortcomings because you believed those shortcomings were a trade-off for privacy. Well, this announcement means the privacy field is pretty much level, so buy what works best for you.
I have literally no idea how you're coming up with this conclusion. It isn't based on facts.
Nothing that Apple announced yesterday has anything to do privacy, including but not limited to email metadata harvesting for ad serving, Alexa data collection for suggested product sales, variable Amazon pricing based on purchase history, Facebook data scraping, Android privacy issues, photo metatagging for ads, or anything else.
Apple still doesn't know what's in your photo library because of anything announced yesterday.
Comments
To be fair, most other media outlets offer way worse headlines, and not a one I’ve seen outside of AppleInsider has even attempted to calmly explain the policies.
As Mike W pointed out … Apple is actually the LAST tech behemoth to implement these policies. Where were you people when Google, Facebook, Microsoft, and Twitter among others adopted these same controls and rules?
What good are parental controls if they don’t do anything about child sexualisation and exploitation?
What also worries me is the this can be used by people to bribe or blackmail.
There a plenty of ways that people inadvertently download files etc. What if a banned image is slipped in to your photo library without your knowledge. The next thing you know is the police are knocking on your door. This is way worse that having your PC held for ransom. It’s potentially your life that could be ruined simply because you made a mistake download a file you shouldn’t have.
Apple could face a very severe backlash on this.
Just a few points:
I didn't say anything when other companies implemented these changes because I didn't know. And I feel really bad about this because through my own ignorance, I lost the opportunity to rip Google a second arsehole. Which brings me to my next point.
As far as I can tell, Google is supplying the tech that makes the tagging possible; I can't see where they are handing over matches of CSAM pictures found on Google Pics to law enforcement. They just supplied the tech that will have much wider benefit by tagging the pictures found floating around the web and tracing them back to their source.
Google: Let's clean up the internet.
Apple: Let's just worry about our servers.
Google is doing something about sexualisation and exploitation by attacking the sources. Apple's solution will do very little because perverts are not storing their images on iCloud accounts where backups can be accessed with a legal request.
When I was a kid I used to get stop-searched a lot; and when I started driving, I was stopped again so the police could make sure I hadn't stolen the vehicle. I hadn't burgled any houses and I hadn't stolen the cars. Now since this has probably never happened to you, let me tel you something you may not be aware of: being accused of something you didn't do is not a good feeling; it's stressful and it's shaming, even when you haven't done anything. That's before we end up in in inevitable situation of somebody losing their family and their livelihood over a false accusation, and Apple being told they have to search for pictures of dissidents in folks' photo library too.
"All that's happened," I said, "is that one of the reasons for not choosing an Android phone – better privacy on Apple phones – has been squashed. That still leaves about nine other reasons."
"Good one, dude."
"You're forty-five years-old. Stop calling me dude."
"Sure, and you'll stop banging on about Apple giving a shit about your privacy."
"Agreed. But I'm still not buying a Samsung."
"Yuh, whatever."
"I repeat: you're forty-five years-old."
You're suggesting that they aren't ready for their own feature?
How would they contact the parents of the kids?
What?
This program would be useless if there was an opt out. You buy another phone from a different company. Note that Google does this too in Android.
Probably not, why would they?
Score?
You've heard of Apple, right?
There is no database of images, it's a database of images hashes, and the data is from the National Center for Missing and Exploited Children (NCMEC).
The answer to pretty much all of these questions was in the article. For those others, common sense would do you in good stead.
Michael Green, the researcher who put this out there, has some examples of how similar hash values can apply to images that are not actually the same when you look at them.
There are two attack points here:
Disguised images sent to your phone, which is unlikely through Airdrop, but easily done through email.
Images placed on the CSAM database by the government or a hacker.
Remember that Apple that Apple will be storing hashed data on your phone related to illegal porn that they will be trying to match using a deliberately imprecise algorithm that hasn't been reviewed by any expert outside of Apple.
What can possibly go wrong.
this is going to affect is child pornographers and pedophiles. Good riddance. Small positives are not going to be flagged so this is not going to affect innocent and legal users. For the paranoid, the safest and easy solution is don’t backup to iCloud though, save everything to local computers, backing those up locally and then saving a copy using encrypted backblaze service or something similar.
I’ve justified paying a premium for apple kit because I trusted them that everything was private and remained private.
the biggest fear is when something goes wrong.
no one is interested when mistakes happen to you, no smoke without fire etc etc etc.
And yes, they scan pro-actively, and report to the authorities. They all use the same approach as it pertains to law enforcement that Apple will start using shortly.
So, for the folks saying "this is my last Apple product" by all means go if you're uncomfortable. Have a good time finding a vendor that doesn't do this. In short, any image that a server can see, anywhere, on anybody's servers or even passing through them, is very likely going to be looked at for this material whether you want it to or not.
And, like I said on page one of this comment thread -- if you don't want Apple to do it and think this is some kind of massive privacy breach despite Apple not knowing or giving one single care that you've got 45,000 pictures of your dog frolicking in your back yard despite how you may think the system works, turn off iCloud Photos. That simple.
And, the other system, the explicit Messages notification to parents which is getting conflated with the CSAM hash table identification by folks that didn't read the article: It's opt-in, and only for child accounts in a Family Sharing setup. That's all.
https://www.apple.com/child-safety/
If we have a "perfect" hash function with output size n, and we have p messages to hash (individual message length is not important), then probability of collision is about p^2/2^n+1 (this is an approximation which is valid for "small" p, i.e. substantially smaller than 2n/2). For instance, with SHA-256 (n=256) and one billion messages (p=10^9) then the probability is about 4.3*10-60.
A mass murdering space rock happens about once every 30 million years on average. This leads to a probability of such an event occurring in the next second to about 10-15. That's 45orders of magnitude more probable than the SHA-256 collision. Briefly stated, if you find SHA-256 collisions scary then your priorities are wrong.
A large number of commenters in this post did not, however.
A favourable outcome in the Epic case?
Exclusion from right-to-repair legislation?
”If we just inject this picture/file/document in this database, and you tell us which users have it on their phone …”
Could be the best deal they ever made.
Yup, s’funny, I said he was scaremongering when he said Apple would be checking your pictures and sending their interpretation to law enforcement.
The match has to be fuzzy because it’s rare that a CSAM picture will be sent around the internet without being enlarged or compressed.
The other thing is that no one has seen Apple’s matching algorithm, but as long it wasn’t written by the same people who wrote iTunes Match …
Thirdly, Apple’s record of review processes is pretty shit, has to be said.
Yeah, that's the problem though isn't it? Lots of folk chucking out maths and stats and saying it can't happen … great, until you're the one it happens to.
But the thing to remember that this is something that all companies are going to have to agree to, so unless you get rid of everything that plugs in, it's going to be pretty hard to escape.
Look on the bright side: you no longer have to pay a premium for Apple kit. You may have put up with Siri's shortcomings because you believed those shortcomings were a trade-off for privacy. Well, this announcement means the privacy field is pretty much level, so buy what works best for you.
Nothing that Apple announced yesterday has anything to do privacy, including but not limited to email metadata harvesting for ad serving, Alexa data collection for suggested product sales, variable Amazon pricing based on purchase history, Facebook data scraping, Android privacy issues, photo metatagging for ads, or anything else.
Apple still doesn't know what's in your photo library because of anything announced yesterday.