Apple backs down on CSAM features, postpones launch

123457

Comments

  • Reply 121 of 158
    ivanhivanh Posts: 597member
    only “postponed”, not rescinded. Don’t be fooled.

    darkvader
  • Reply 122 of 158
    In all honesty, I just don‘t understand how they did not see the outrage coming.

    This is SO 180 degrees from what they‘ve been marketing the iPhone as: „the most personal device we own”, “what happens on the device stays on the device”, etc.

    How could they possibly think that people would be ok with Apple invading that proclaimed, utterly important privacy?

    I don’t get it.
    muthuk_vanalingamanantksundaramelijahgdarkvader
  • Reply 123 of 158
    davidwdavidw Posts: 1,686member
    crowley said:
    bb-15 said:

    A user lends their phone to a friend, that friend uploads the wrong kind of image, that is report to NDMEC then law enforcement & then the phone owner has a the police barging into their house. 
    You would need to do that something like 30 times for the police to come barging on your door.  Do you even lend your phone to a friend for anything other than a quick call?  I don't.  These gotchas that people are offering are always such a preposterous stretch.  
    No, just once would be enough if the "friend" uploads 30 images with matching hashes. Or are you saying that if a "friend" uploaded 100 images with matching hashes, that Apple will ignore it and only count that as 1 instance? So a "friend" can upload 100 images with matching hash, 29 times and you will not be flagged because 30 times is the limit? That's not right.  
    darkvader
  • Reply 124 of 158
    Did Apple ever explain in easy to understand language how a human can review the photos if they are encrypted and private? Which is it? Reviewable by humans or encrypted? It can't be both.
    Encrypted but with keys held by Apple, so that the images can be decrypted on-demand.
    So not encrypted then?
    Would Apple agree to upload all their source code to GitHub where it is encrypted but GitHub holds the keys so that it can be decrypted on-demand?
    edited September 2021 elijahgdarkvader
  • Reply 125 of 158
    hucom2000 said:
    In all honesty, I just don‘t understand how they did not see the outrage coming.

    This is SO 180 degrees from what they‘ve been marketing the iPhone as: „the most personal device we own”, “what happens on the device stays on the device”, etc.

    How could they possibly think that people would be ok with Apple invading that proclaimed, utterly important privacy?

    I don’t get it.
    *This* is the key point. If you're going to brand/market/differentiate yourself on privacy, be authentic and behave consistently with that claim. 

    Otherwise, you're no different from the rest, including Google and Microsoft. Which is fine (and I am guessing most of us will still probably stick with Apple out of sheer inertia or convenience), but don't demean or sidestep an important principle you wear on your sleeve. 
    muthuk_vanalingam
  • Reply 126 of 158
    robaba said:
    lkrupp said:
    Dead_Pool said:
    Subway’s Jared tweets his appreciation!
    Think of the children who will suffer abuse because a few privacy wackos don’t want Apple to scan their photos. Fuck those kids, right?
    Nope. Apple can very well scan the photos in iCloud and report it to authorities. They have the keys to decrypt the files stored in iCloud, so there is NOTHING that is preventing Apple from doing it and NO ONE is against this. The opposition is only for doing the scan ON the device, NOT in iCloud.
    This is the very issue that Apple is trying to avoid.  They don’t want to be able to scan your data on their services because they know if they do, ANYTHING that passes through their servers will eventually be requested by some authoritarian government, and they will have to provide that access, UNLESS that information is already encrypted and Apple doesn’t have the key.  This is the golden ring (golden Apple?) that they have been reaching for and everyone has been lauding them for.  The problem is this—how to they keep their system from becoming a haven for every bad actor in the known ‘verse?  Apples solution was to embed the process into the phones in a way that does not open the end user to further degradation of their privacy—only hashes, only looking for known matches, only in the process of uploading to their servers (not just passing through).  Like it or not that’s now binned.

    my point is, if Apple is to be able to provide users with the golden ring of security from government snooping, it’s going to need some solution for bad actors of completely scrap it’s services division.  At nearly half of its pre-tax earnings, there’s no way Apple can afford to abandon services.  Even then it will still be blamed for enabling bad actors.  No-one will want to be connected to the next 9/11 type incident when it inevitably happens.
    You are SPECULATING without ANY evidence whatsoever to back up your claim. Can you share any links with "official" information from Apple stating that they are planning to encrypt the data in iCloud and NOT hold the keys to them as soon as they implement the on-device CSAM scanning? 

    StrangeDays said:
    mr. h said:
    gatorguy said:

    I get that you really REALLY want to paint a glowing picture of "gosh Apple is doing this for us", but is there any even circumstantial evidence Apple was ready to make everything end-to-end encrypted in a way they could not access any of your data even if they were ordered to? Not as far as I know. It's more of a hope and prayer since otherwise it's not for the betterment of us users. 
    All I can say about that is that the whole scheme would be totally pointless if they weren't going to encrypt the photos. Why go to all the effort of designing this enormously complicated system, calculating hashes on-device, doing the CSAM hash-matching in a "blind" way so even the device itself doesn't know if there's been a match, and then going to all the convoluted effort of generating doubly-encrypted "vouchers" and associated "image information", if the photo itself was uploaded to iCloud unencrypted?

    Certainly, this system would enable the photos to be uploaded to iCloud encrypted, but I concede that as far as I know, Apple hasn't said that they would do that. It's just that, as I said, the whole scheme seems totally pointless if the photos are uploaded to the server in the clear anyway.

    How about Apple just offers a toggle in iCloud photos settings? The two options would be:

    1. Photos are CSAM-scanned and encrypted before being uploaded to iCloud.
    2. Photos are not CSAM-scanned, but are uploaded to iCloud in the clear. The server then does the CSAM scan.

    Would this solution make everyone happier?
    Yup, that would make at least 99% of the users happy. There are few odd ones out, but this would be a workable solution imho. 
    They’ve already been doing that for over a year. 

    https://nakedsecurity.sophos.com/2020/01/09/apples-scanning-icloud-photos-for-child-abuse-images/
    Great. Then where is the need to move it to on-device? What is the motive behind it?
    elijahgdarkvader
  • Reply 127 of 158
    davidwdavidw Posts: 1,686member
    techconc said:
    lkrupp said:
    And as AppleInsider and Apple have stated, images are not scanned on the device. But you choose to believe it’s a lie because...?
    No, images are scanned on device.  What's funny is that people are just getting worked up about this now.  Apple has been scanning images on our devices for a long time.  This isn't the CSAM hash type scanning, this is the machine learning scanning I'm talking about.  That's how we can search for generic things like "dog" or "beach" a get a bunch of relevant pictures from our library.  Where is all of the "slippery slope" type of discussions around that?  Seriously, the level of stupid being raised about this topic is mind numbing. 
    It's not the "scan" that people are worked up about, it's the "search". Apple is searching for certain images on your device, that they don't want on their servers, not just scanning them for your benefit.

    This would be like if UPS brought a drug sniffing dog into your home, to sniff the parcels that you are about to ship by UPS. Obviously UPS has the right to not want to ship illegal drugs and to search any parcel in their system that might be suspected of containing illegal drugs. But they don't have the right to do the search while the parcels were still in the shipper's home and there was no reason to believe that the shipper was shipping any illegal drugs. Even if the parcels already had the UPS shipping labels on them. They would have to wait until the parcels are in their truck or warehouse, to do the search. Whether they suspect the parcels contained illegal drugs or not.  

    Plus when Spotlight or Photos "scan" your images, it for your benefit, not for Apple's or anyone else's.  

    And yet, there are those that can't or won't, see the difference between Apple "scanning" the images on your device for your benefit and Apple "searching" for images on your device for theirs. When Spotlight or Photos scan your images for "dogs", it's not searching for any sign of animal abuse and will report you over to the SPCA if it finds photos that might be evidence of animal abuse. 
    elijahgmuthuk_vanalingamdarkvader
  • Reply 128 of 158
    bb-15bb-15 Posts: 283member
    crowley said:
    bb-15 said:

    A user lends their phone to a friend, that friend uploads the wrong kind of image, that is report to NDMEC then law enforcement & then the phone owner has a the police barging into their house. 
    You would need to do that something like 30 times for the police to come barging on your door.  Do you even lend your phone to a friend for anything other than a quick call?  I don't.  These gotchas that people are offering are always such a preposterous stretch.  
    You have what is called confirmation bias.
    From your response you assume that in the history of cell phones that the lending of a phone can only occur for a few seconds.
    You probably believe that no one has ever had more than one cell phone line under their name with more than one phone number.
    Therefore you come to your conclusions based on your bias & lack of information.  

    I will inform you of some facts. 
    1. A person can have more than one cell phone line & more than one cell phone using different lines. 
    This is true of my brother & my best friend’s girlfriend. 
    2. It is possible for a person who has an extra cell phone (with a separate line) to lend that to another person for several weeks/months. 
    My brother lent his wife one of his phones for months. My best friend’s girlfriend lent one of her phones to her family member for months. 
    edited September 2021 darkvader
  • Reply 129 of 158
    crowleycrowley Posts: 10,453member
    davidw said:
    crowley said:
    bb-15 said:

    A user lends their phone to a friend, that friend uploads the wrong kind of image, that is report to NDMEC then law enforcement & then the phone owner has a the police barging into their house. 
    You would need to do that something like 30 times for the police to come barging on your door.  Do you even lend your phone to a friend for anything other than a quick call?  I don't.  These gotchas that people are offering are always such a preposterous stretch.  
    No, just once would be enough if the "friend" uploads 30 images with matching hashes. Or are you saying that if a "friend" uploaded 100 images with matching hashes, that Apple will ignore it and only count that as 1 instance? So a "friend" can upload 100 images with matching hash, 29 times and you will not be flagged because 30 times is the limit? That's not right.  
    Who are your "friends" that this is something that might happen?!
    jony0
  • Reply 130 of 158
    crowleycrowley Posts: 10,453member
    bb-15 said:
    crowley said:
    bb-15 said:

    A user lends their phone to a friend, that friend uploads the wrong kind of image, that is report to NDMEC then law enforcement & then the phone owner has a the police barging into their house. 
    You would need to do that something like 30 times for the police to come barging on your door.  Do you even lend your phone to a friend for anything other than a quick call?  I don't.  These gotchas that people are offering are always such a preposterous stretch.  
    You have what is called confirmation bias.
    From your response you assume that in the history of cell phones that the lending of a phone can only occur for a few seconds.
    You probably believe that no one has ever had more than one cell phone line under their name with more than one phone number.
    Therefore you come to your conclusions based on your bias & lack of information.  

    I will inform you of some facts. 
    1. A person can have more than one cell phone line & more than one cell phone using different lines. 
    This is true of my brother & my best friend’s girlfriend. 
    2. It is possible for a person who has an extra cell phone (with a separate line) to lend that to another person for several weeks/months. 
    My brother lent his wife one of his phones for months. My best friend’s girlfriend lent one of her phones to her family member for months. 
    Ok, fair enough, I don't always consider every possible weird circumstance that might be within the realm of human possibility.  So is it your brother or his wife that you think might be uploading CSAM to iCloud?

    More to the point, without there facetiousness, you've constructed a scenario, now explain how it might lead to an actual, real world problem with Apple's CSAM solution.
    jony0
  • Reply 131 of 158
    bb-15bb-15 Posts: 283member
    crowley said:
    bb-15 said:
    crowley said:
    bb-15 said:

    A user lends their phone to a friend, that friend uploads the wrong kind of image, that is report to NDMEC then law enforcement & then the phone owner has a the police barging into their house. 
    You would need to do that something like 30 times for the police to come barging on your door.  Do you even lend your phone to a friend for anything other than a quick call?  I don't.  These gotchas that people are offering are always such a preposterous stretch.  
    You have what is called confirmation bias.
    From your response you assume that in the history of cell phones that the lending of a phone can only occur for a few seconds.
    You probably believe that no one has ever had more than one cell phone line under their name with more than one phone number.
    Therefore you come to your conclusions based on your bias & lack of information.  

    I will inform you of some facts. 
    1. A person can have more than one cell phone line & more than one cell phone using different lines. 
    This is true of my brother & my best friend’s girlfriend. 
    2. It is possible for a person who has an extra cell phone (with a separate line) to lend that to another person for several weeks/months. 
    My brother lent his wife one of his phones for months. My best friend’s girlfriend lent one of her phones to her family member for months. 
    Ok, fair enough, I don't always consider every possible weird circumstance that might be within the realm of human possibility.  So is it your brother or his wife that you think might be uploading CSAM to iCloud?

    More to the point, without there facetiousness, you've constructed a scenario, now explain how it might lead to an actual, real world problem with Apple's CSAM solution.
    It’s fine. A lot of strange things can happen in this world that many people don’t know about. One of many examples in my long life;
    - One morning I was in bed with a new girlfriend, when the police (without warning) were let in by the apartment manager. They asked who I was, then they questioned my new girlfriend (while we were in bed) about the location of her former boyfriend. They said he was wanted on child sexual abuse charges.
    - Today, child sexual abuse often involves entrapping young teenagers over social media. A perpetrator using someone else’s cell phone would be one way to do that.  
    - When I was in college I shared an apartment with 3 other guys. Also, friends came in & out at all hours. People were up while others were sleeping, & two of us slept on couches in the living room, with valuables in a pants pocket. In that situation it’s pretty easy to get something without someone knowing it & put it back later. If questioned about that, the roomie could say, ‘hey dude my cellphone wasn’t working so I borrowed yours’.  
    darkvader
  • Reply 132 of 158
    MplsP said:
    How many of the people screaming about CSAM have Facebook, WhatsApp, Instagram, and google apps on their devices and an Amazon or google smart speaker in their home?
    Those other companies are not scanning your device, nor are they scanning every single photo on your device.  People are fine with companies scanning their own servers because they choose what to upload to the cloud.  Apple wants to scan every single photo on your device if iCloud Photos is turned on, and Apple turns it on by default.  You can't claim you are a privacy advocate and turn around and scan everyone's personal device at the same time.  Apple can't claim privacy and then tell the customer they have keys to your house to look at everything you own.
    muthuk_vanalingamdarkvader
  • Reply 133 of 158
    elijahg said: No one agreed to Apple scanning devices for CSAM when they bought their phones. 
    Anyone using iCloud has to agree to the terms of service. Apple reserves the right to scan files being backed up in the cloud. And only files that are coming from apps that the user has chosen to be backed up in iCloud would be scanned in either scenario. 
    That is incorrect.  When iCloud Photos is turned on, Apple will scan EVERY SINGLE photo on YOUR device.   You don't get to choose because Apple set it up that way.   The moment you take a photo with the phone, Apple scans it.  If it is a 'partial' match to a hash, it is flagged without your knowledge.
    darkvader
  • Reply 134 of 158
    lkrupp said:
    lkrupp said:
    Dead_Pool said:
    Subway’s Jared tweets his appreciation!
    Think of the children who will suffer abuse because a few privacy wackos don’t want Apple to scan their photos. Fuck those kids, right?
    Nope. Apple can very well scan the photos in iCloud and report it to authorities. They have the keys to decrypt the files stored in iCloud, so there is NOTHING that is preventing Apple from doing it and NO ONE is against this. The opposition is only for doing the scan ON the device, NOT in iCloud.
    And as AppleInsider and Apple have stated, images are not scanned on the device. But you choose to believe it’s a lie because...?
    Apple has openly and clearly stated that the CSAM hashes are stored on your device and every photo on your device is scanned BEFORE they are uploaded to their servers when iCloud Photos is turned on, and Apple turns it on by default.  Apple will scan every photo on your device.  Why do you choose not to believe that?
    muthuk_vanalingamdarkvader
  • Reply 135 of 158
    Rogue01 said:
    lkrupp said:
    lkrupp said:
    Dead_Pool said:
    Subway’s Jared tweets his appreciation!
    Think of the children who will suffer abuse because a few privacy wackos don’t want Apple to scan their photos. Fuck those kids, right?
    Nope. Apple can very well scan the photos in iCloud and report it to authorities. They have the keys to decrypt the files stored in iCloud, so there is NOTHING that is preventing Apple from doing it and NO ONE is against this. The opposition is only for doing the scan ON the device, NOT in iCloud.
    And as AppleInsider and Apple have stated, images are not scanned on the device. But you choose to believe it’s a lie because...?
    Apple has openly and clearly stated that the CSAM hashes are stored on your device and every photo on your device is scanned BEFORE they are uploaded to their servers when iCloud Photos is turned on, and Apple turns it on by default.  Apple will scan every photo on your device.  Why do you choose not to believe that?
    Stop the fucking nonsense.  

    By definition, when iCloud Photos is turned on, all photos stored in the Photos app (no where else) are uploaded to iCloud, hence all photos stored in the Photos app are scanned, when they are uploaded to iCloud!

    Apple DOES NOT EVER scan every photo on your device.  Apple only scans photos stored in the Photos app, and only if iCloud Photos is turned on, do they scan them.

    iCloud Photos is NOT turned on by default.  Period.  You are new here, so I'll assume you have NEVER used an Apple device, right?
    [Deleted User]
  • Reply 136 of 158
    "We wish that this had come out a little more clearly for everyone because we feel very positive and strongly about what we're doing, and we can see that it's been widely misunderstood," said Federighi.

    Poor Craig.  When even he doesn't understand the complaints, you know something is very wrong at Apple.

    Apple was VERY clear and not misunderstood at all.  That is why they got so much backlash from pretty much every organization and customers.  Apple made it very clear that the hashes would be stored on device and the scanning would take place on device, before anything is uploaded to the cloud.  Apple defaults iCloud Photos to on, so every photo would be scanned and either matches or partial matches would be reported.  If over 30, a third party contractor would review the actual photos and decide whether or not to report you to authorities.

    Apple can't claim to care about privacy and then tell people they are going to scan every photo on their devices because they are trying to 'save the children'.  Remember it was not that long ago that Apple got caught with having third party contractors listen to Siri conversations with location and ID data, and only after they got caught, they finally installed an 'off' switch in the software.  It would not be long for Apple to include iCloud Drive with CSAM scanning so they can scan all your documents too.  There is still a major bug in the macOS setup in which you decline iCloud Drive, but once logged into the Finder, iCloud Drive is turned back on, and must be manually turned back off.
    darkvader
  • Reply 137 of 158
    You peeps must be real bored to keep discussing this :D
    edited September 2021 jony0
  • Reply 138 of 158
    crowleycrowley Posts: 10,453member
    bb-15 said:
    crowley said:
    bb-15 said:
    crowley said:
    bb-15 said:

    A user lends their phone to a friend, that friend uploads the wrong kind of image, that is report to NDMEC then law enforcement & then the phone owner has a the police barging into their house. 
    You would need to do that something like 30 times for the police to come barging on your door.  Do you even lend your phone to a friend for anything other than a quick call?  I don't.  These gotchas that people are offering are always such a preposterous stretch.  
    You have what is called confirmation bias.
    From your response you assume that in the history of cell phones that the lending of a phone can only occur for a few seconds.
    You probably believe that no one has ever had more than one cell phone line under their name with more than one phone number.
    Therefore you come to your conclusions based on your bias & lack of information.  

    I will inform you of some facts. 
    1. A person can have more than one cell phone line & more than one cell phone using different lines. 
    This is true of my brother & my best friend’s girlfriend. 
    2. It is possible for a person who has an extra cell phone (with a separate line) to lend that to another person for several weeks/months. 
    My brother lent his wife one of his phones for months. My best friend’s girlfriend lent one of her phones to her family member for months. 
    Ok, fair enough, I don't always consider every possible weird circumstance that might be within the realm of human possibility.  So is it your brother or his wife that you think might be uploading CSAM to iCloud?

    More to the point, without there facetiousness, you've constructed a scenario, now explain how it might lead to an actual, real world problem with Apple's CSAM solution.
    It’s fine. A lot of strange things can happen in this world that many people don’t know about. One of many examples in my long life;
    - One morning I was in bed with a new girlfriend, when the police (without warning) were let in by the apartment manager. They asked who I was, then they questioned my new girlfriend (while we were in bed) about the location of her former boyfriend. They said he was wanted on child sexual abuse charges.
    - Today, child sexual abuse often involves entrapping young teenagers over social media. A perpetrator using someone else’s cell phone would be one way to do that.  
    - When I was in college I shared an apartment with 3 other guys. Also, friends came in & out at all hours. People were up while others were sleeping, & two of us slept on couches in the living room, with valuables in a pants pocket. In that situation it’s pretty easy to get something without someone knowing it & put it back later. If questioned about that, the roomie could say, ‘hey dude my cellphone wasn’t working so I borrowed yours’.  
    The first has nothing to do without phones, so not sure why you’ve mentioned it.

    The second doesn’t explain anything. Where are these people getting these phones that aren’t theirs? Where are the owners?  Because as soon as the owner reports it missing or stolen and locks it using Find My or changes the iCloud password the problem is gone. And if they don’t lock it then the police can use Find My iPhone and have a pretty good lead to a child abuser. 

    And for the third you’re suggesting that one of your friends is going to carefully pry your phone out of your pocket, use your face or fingerprint to unlock it, and then look for child porn and save it into your photos, and then return the child porn laden phone to your pocket?  For what purpose, exactly?  Do you seriously maintain that there’s any likelihood at all that would’ve happened while you were at college?  

    As I said before, preposterous stretches.
    edited September 2021
  • Reply 139 of 158
    Illusive said:
    You peeps must be real bored to keep discussing this :D
    The saddest, the most self-unaware comment of this thread. 

    Or any other. 
  • Reply 140 of 158
    davidwdavidw Posts: 1,686member
    nicholfd said:
    Rogue01 said:
    lkrupp said:
    lkrupp said:
    Dead_Pool said:
    Subway’s Jared tweets his appreciation!
    Think of the children who will suffer abuse because a few privacy wackos don’t want Apple to scan their photos. Fuck those kids, right?
    Nope. Apple can very well scan the photos in iCloud and report it to authorities. They have the keys to decrypt the files stored in iCloud, so there is NOTHING that is preventing Apple from doing it and NO ONE is against this. The opposition is only for doing the scan ON the device, NOT in iCloud.
    And as AppleInsider and Apple have stated, images are not scanned on the device. But you choose to believe it’s a lie because...?
    Apple has openly and clearly stated that the CSAM hashes are stored on your device and every photo on your device is scanned BEFORE they are uploaded to their servers when iCloud Photos is turned on, and Apple turns it on by default.  Apple will scan every photo on your device.  Why do you choose not to believe that?
    Stop the fucking nonsense.  

    By definition, when iCloud Photos is turned on, all photos stored in the Photos app (no where else) are uploaded to iCloud, hence all photos stored in the Photos app are scanned, when they are uploaded to iCloud!

    Apple DOES NOT EVER scan every photo on your device.  Apple only scans photos stored in the Photos app, and only if iCloud Photos is turned on, do they scan them.

    iCloud Photos is NOT turned on by default.  Period.  You are new here, so I'll assume you have NEVER used an Apple device, right?

    Save space on your iPhone

    iCloud Photos can help you make the most of the storage space on your iPhone. When Optimize iPhone Storage is turned on, all your full‑resolution photos and videos are stored in iCloud in their original formats, with storage-saving versions kept on your iPhone as space is needed.

    Optimize iPhone Storage is turned on by default. To turn it off, go to Settings  > [your name] > iCloud > Photos, then tap Optimize iPhone Storage.


    https://support.apple.com/guide/iphone/use-icloud-photos-iph961b96c4d/ios



    If you are not new here and have used an Apple device, what's your excuse for not knowing?

    edited September 2021 gatorguyanantksundaramdarkvader
Sign In or Register to comment.