rcfa

Yeah, for how long…
…Apple cracked the door open, now governments will drive a wedge into the crack.

As much as I like the straight edges on the phone (e.g. to stand it on edge) on a wearable it means shaper corners (e.g. when wearing it for sleep tracking in bed have fun with non-rounded edges), more nicks and wear, as friction and contact is reduced to much smaller surface areas.

NOT a good idea.

applesauce007 said:

It is relatively easy to conclusively identify pedophile content than to identify terrorist content.
If Apple could detect terrorist content conclusively, I am sure they would be off of iCloud as well.

Wanting to keep identifiably illegal content off of a storage service is the right thing to do.
I hope other storage services follow suit.

This is a ridiculous thing to say, and incredibly naive.

In China having pictures of the Dalai Lama or even Winnie the Pooh on your phone can get you in trouble. One is considered an enemy of the state for fighting non-violently for an autonomous Tibet and religious freedom for Tibetan Buddhism, the other is used to mock the “Dear Leader“ Xi Jinping.
In Russia having pictures of Navalni, a prominent critic, may draw the attention of the FSB or its internal equivalent.

The world isn’t cuddly, there are no safe spaces, once privacy is eroded.

auxio said:

lkrupp said:

Remember, people, this is the former 'Facebook security chief’. Facebook and security are mutually exclusionary terms.

I was just about to say the same thing.  If people are outraged about CSAM scanning, they surely know about Facebook scanning everything (and not just hashes).  A former Facebook employee weighing in on it?  That's a joke right?

Not really, in this case. If you upload things to FB you do so fully aware that it’s for sharing with a more or less limited public. It’s like sending postcards.

What you keep on your phone/computer, which in essence is a brain prosthetic, is in its very essence private and not shared.
Imagine Apple scanning your diary or your thoughts! We’re literally just a technological gap distanced from “Minority Report”.

What if machine learning derives personality profiles of rapists? What if social media profiles allow the creation of very detailed psychological personality profiles? (They do!) You want Apple to scan (on device of course, for the protection of your privacy,) scan peoples social media interactions, and alert an NGO of people’s sex offender potential?

What if someone installs a hidden folder with offensive files on someone’s device, they get flagged and they deny any knowledge? Whom do you think the courts will believe?

The problem is not what Apple is doing now, but what it opens the door to.

We can only hope that some organization with deep pockets sues Apple, gets a temporary restraining order, and then finally wins the case on a wide ranging constitutional foundation.

radarthekat said:

Wait, let me understand….  You’re saying that China didn’t know about CSAM database scanning and couldn’t, without Apple introducing the hash on device, have told Apple and others that it wants them to implement on-device photo scanning for anything they want to spy on?  Of course China could have.  So there’s NOTHING inherent in Apple doing this that suddenly allows China to make such a demand.  They could have done so last week or a year ago, requiring Apple and other vendors to implement code to scan photos, or next month even if Apple undoes it’s changes.  So please tell me, what has changed?

It’s difficult to impossible to demand an infrastructure that needs to be working at the lowest levels of the OS to be built.
Governments have and do force the inclusion/exclusion of Apps and App-level functionality.

An infrastructure matter is hard to force, because a company like Apple can say it doesn’t fit into their OS’ architecture, etc.

None of these apply, once the infrastructure is actually in place. China, to stick with the example, may simply demand that they are in charge of the database and that they (rather than some NPO/NGO) be notified, citing “privacy laws” and “sovereign jurisdiction over criminal matters” as well as “national security concerns” as reasons, and on the surface, they are correct. After all, who guarantees that NPO isn’t an NSA front, and the hash database doesn’t contain items of concern to the Chinese government?

Once China is in charge of the hash database used in China, and violating notifications don’t go to Apple or an NGO but to Chinese authorities, it’s game over. After all, what’s a human rights violation and what’s a legitimate national security concern, is just a matter of perspective. We get (rightly) outraged at how Russia treats Navalny or China treats supporters of the Dalai Lama, yet many are blind to the plight of Snowden and Assange.

It’s one thing to architect a system that has no provisions for backdoors, it’s another to try to deny a government access to a back door that actually exists.