exceptionhandler

Illusive said:

exceptionhandler said:

Illusive said:

Does anyone here realize THIS means iCloud Photos stay virtually unencrypted, just as they have been since at least 2020? That CSAM thingy was supposed to scan the pics on-device so that they could be uploaded securely to iCloud if they don't violate the policy. 

But this is the back door officials are looking for… what good is e2e encryption if there is any point in the process where data can be transmitted so that it notifies a 3rd party of what it may contain? If there’s any point where data can be transmitted, it renders the purpose of encryption useless.

While apples solution won’t transmit anything until a certain threshold is met, the capability is there to transmit info about the data being encrypted, which necessarily circumvents the e2e process.  It becomes a “we promise and absolutely swear we won’t do anything else” which is as good as no e2e encryption.  This is a slippery slope, and new “features” could feasibly added touting the “success” of the on device scanning, and so it would begin…

The data may technically be e2e encrypted, but the weak point becomes just outside the front door.  If something or someone is sitting there, watching what is going in or coming out, then what good is having opaque walls?  If I knew someone was watching my front door (which in this case we do), I’d just do my criminal stuff somewhere else.

This also opens the door for bad actors to exploit this system… people have already started poking and prodding the disabled version of this in ios14.

I personally consider iCloud photos to be public, and act accordingly, despite any “niceties” Apple may provide in terms of privacy of the service.  While I’d like to see icloud photos encrypted so that absolutely the only intended parties can see them (people I’ve shared with), I would not accept this on device scanning to achieve that.

TL;DR. Stopped reading after 'slippery slope'. Sorry, dude You wanna sound serious, get technical first. My guess is you watch too much YouTube - and possibly read too much conspiracy fiction, too.

Anyway, opt out of iCloud Photos if you're anxious about someone flipping through your cat pics. This generation is just beyond silly.

First part, not helpful! ¯\_(ツ)_/¯ 

Second part, somewhat helpful, but I’d add for those who don’t wish for the scanning on their device to stay on 14 or lower, and for those who absolutely want to be sure, stop using iCloud photos altogether (which the smart criminals will do anyways).

“Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” - Benjamin Franklin

“There is no justification for taking away individuals' freedom in the guise of public safety.” - Thomas Jefferson

“Trade liberty for safety or money and you'll end up with neither. Liberty, like a grain of salt, easily dissolves. The power of questioning - not simply believing - has no friends. Yet liberty depends on it.” - Thomas Jefferson

Illusive said:

Does anyone here realize THIS means iCloud Photos stay virtually unencrypted, just as they have been since at least 2020? That CSAM thingy was supposed to scan the pics on-device so that they could be uploaded securely to iCloud if they don't violate the policy. 

But this is the back door officials are looking for… what good is e2e encryption if there is any point in the process where data can be transmitted so that it notifies a 3rd party of what it may contain? If there’s any point where data can be transmitted, it renders the purpose of encryption useless.

While apples solution won’t transmit anything until a certain threshold is met, the capability is there to transmit info about the data being encrypted, which necessarily circumvents the e2e process.  It becomes a “we promise and absolutely swear we won’t do anything else” which is as good as no e2e encryption.  This is a slippery slope, and new “features” could feasibly added touting the “success” of the on device scanning, and so it would begin…

The data may technically be e2e encrypted, but the weak point becomes just outside the front door.  If something or someone is sitting there, watching what is going in or coming out, then what good is having opaque walls?  If I knew someone was watching my front door (which in this case we do), I’d just do my criminal stuff somewhere else.

This also opens the door for bad actors to exploit this system… people have already started poking and prodding the disabled version of this in ios14.

I personally consider iCloud photos to be public, and act accordingly, despite any “niceties” Apple may provide in terms of privacy of the service.  While I’d like to see icloud photos encrypted so that absolutely the only intended parties can see them (people I’ve shared with), I would not accept this on device scanning to achieve that.

MplsP said:

How many of the people screaming about CSAM have Facebook, WhatsApp, Instagram, and google apps on their devices and an Amazon or google smart speaker in their home?

I do not have any of those things… I obviously can’t speak for everyone though…

This is only going to be in the new versions of Apple’s OS’s, right? My simple solution to this will be not to upgrade for the time being.

scatz said:

Zoom is an extremely good product. I have tried many of the other options including facetime and teams. I think (gut feeling) that Zoom clients operate within a much smaller bandwidth. Never had any major problems with it. Facetime though......

I wouldn’t go so far to call zoom extremely good…
https://www.darkreading.com/vulnerabilities---threats/zoom-joins-microsoft-teams-on-list-of-enterprise-tools-hacked-at-pwn2own/d/d-id/1340626

https://appleinsider.com/articles/20/04/06/nyc-schools-pull-the-plug-on-zoom-following-fbi-warning