exceptionhandler

scatz said:

Zoom is an extremely good product. I have tried many of the other options including facetime and teams. I think (gut feeling) that Zoom clients operate within a much smaller bandwidth. Never had any major problems with it. Facetime though......

netrox said:

This whole CSAM is tiring, it's been done by Google, MS, Tumblr, Reddit, and so on for YEARS! Apple just announced to make us know they're doing the same thing. I don't recall anyone batting an eye with MS, Google, Facebook, and so on. 

https://www.microsoft.com/en-us/photodna

https://protectingchildren.google/intl/en/

Illusive said:

exceptionhandler said:

Illusive said:

Does anyone here realize THIS means iCloud Photos stay virtually unencrypted, just as they have been since at least 2020? That CSAM thingy was supposed to scan the pics on-device so that they could be uploaded securely to iCloud if they don't violate the policy. 

But this is the back door officials are looking for… what good is e2e encryption if there is any point in the process where data can be transmitted so that it notifies a 3rd party of what it may contain? If there’s any point where data can be transmitted, it renders the purpose of encryption useless.

While apples solution won’t transmit anything until a certain threshold is met, the capability is there to transmit info about the data being encrypted, which necessarily circumvents the e2e process.  It becomes a “we promise and absolutely swear we won’t do anything else” which is as good as no e2e encryption.  This is a slippery slope, and new “features” could feasibly added touting the “success” of the on device scanning, and so it would begin…

The data may technically be e2e encrypted, but the weak point becomes just outside the front door.  If something or someone is sitting there, watching what is going in or coming out, then what good is having opaque walls?  If I knew someone was watching my front door (which in this case we do), I’d just do my criminal stuff somewhere else.

This also opens the door for bad actors to exploit this system… people have already started poking and prodding the disabled version of this in ios14.

I personally consider iCloud photos to be public, and act accordingly, despite any “niceties” Apple may provide in terms of privacy of the service.  While I’d like to see icloud photos encrypted so that absolutely the only intended parties can see them (people I’ve shared with), I would not accept this on device scanning to achieve that.

TL;DR. Stopped reading after 'slippery slope'. Sorry, dude You wanna sound serious, get technical first. My guess is you watch too much YouTube - and possibly read too much conspiracy fiction, too.

Anyway, opt out of iCloud Photos if you're anxious about someone flipping through your cat pics. This generation is just beyond silly.

elijahg said:

exceptionhandler said:

elijahg said:

Come on Apple. If there is a hole in an app that's bad enough, but having an exploitable hole in an app that allows a further exploit in that app's sandbox, enabling an attacker to escape the sandbox points to some very shoddy code practises. Someone needs to take a good hard look at their unit tests and make them much more robust. Sanitising input is a solved problem, to have repeated issues as a result of specially crafted data is really quite atrocious.

Having been apart of many dev teams, no amount of due diligence and policy can catch everything, no matter how good you are.  Fact is, dev teams are made up of people, and each person can make mistakes.  That’s why we have checks and balances like code reviews, unit tests, QA, and the like.  No system is perfect, human or digital (which is built by humans).  Always expecting perfection is only setting yourself up to be disappointed.

Apple researched it and found a fix to a problem that does not appear to be easily found and issued the fix.  What more could you ask for?

http://www.stilldrinking.org/programming-sucks

Of course not, but this isn't the first nor the second time this has happened to iMessage. Having a hole in iMessage and then a second hole in the sandbox that's supposed to stop holes in iMessage from becoming a problem isn't good. Means their unit tests aren't thorough enough and the sandbox isn't doing enough bounds checking.

anantksundaram said:

exceptionhandler said:

The ice sheets are actually growing, contradicting previous assumptions:

http://www.foxnews.com/science/2015/11/03/new-study-finds-antarctic-ice-growing-countering-earlier-studies.html

I'm all for reducing pollution, don't get me wrong, but I fail to see the alarmists view point as reality.

Fox News? ROTFLMAO. 

I think you accidentally misssed the "/sarcasm" tag?

(You do know they're talking about the Antarctic ice sheet, right?)