Apple Outlines Security and Privacy of CSAM Detection System in New Document

[mw360]

A fisa court pen Stroke is all they would need, top secret and Apple can’t even appeal due to national security…. Brought to you by your friendly patriot act

To do what exactly? The system can only detect hashes of images verified by multiple child protection agencies in 2+ different countries. The FISA court would have to compel a foreign child protection agency to fake their CSAM database with non-CP pictures AND compel Apple reviewers to report matches. And then what pictures are Apple NSA searching for? What set of 30 pictures will the targets all possess? It doesn't make any sense. Just use the FISA court to demand Apple change Autocorrect to scan every word you type. I mean is it were really that easy for a FISA court to authorise unconstitutional searches, that would be a far easier thing to do.

 

[JCCL]

I’m bookmarking your profile just so I can watch you get over this or switch to the worlds least privacy oriented company, in real time

Seems like you won’t be seeing much, now that your profile is not available.

 

[Mercury7]

A fisa court pen Stroke is all they would need, top secret and Apple can’t even appeal due to national security…. Brought to you by your friendly patriot act

To do what exactly? The system can only detect hashes of images verified by multiple child protection agencies in 2+ different countries. The FISA court would have to compel a foreign child protection agency to fake their CSAM database with non-CP pictures AND compel Apple reviewers to report matches. And then what pictures are Apple NSA searching for? What set of 30 pictures will the targets all possess? It doesn't make any sense. Just use the FISA court to demand Apple change Autocorrect to scan every word you type. I mean is it were really that easy for a FISA court to authorise unconstitutional searches, that would be a far easier thing to do.

all is lost if people are still thinking this is about child porn, it’s a back door, once you give permission to have it installed then it can be used for anything legally….the government has been begging Apple for this for years… Apple has always said no, now they are saying yes. If it’s ok with you then have at it…. It’s not ok with me, I won’t have it knowingly on any of my devices

 

[Mercury7]

how I view my privacy, I full expect the government to be able to read this post, crawl all my searches … basically have access to anything I do online…. It’s kinda an express permission for using the internet because I am making that choice, I quit Facebook and twitter and I have quit some email providers that went too far in censorship/tracking and ad distribution.. but that was a choice also… I know many that accepted those violations. However I will never except any hardware in my home that runs software designed to monitor me, I would never let an Alexa into my house and I won’t have my appletv or my homepods if they go down the same road Alexa did. And I surely won’t carry ios15 devices that have asked my permission to monitor me. That’s my take… it’s just principles, I live a normal Life, nothing to hide but I value my privacy….. I decide what to share with the world, no one has blanket permission

 

[citysnaps]

A fisa court pen Stroke is all they would need, top secret and Apple can’t even appeal due to national security…. Brought to you by your friendly patriot act,
——-
as far as you saying Apple can do this already… no, laws require probable cause for search and seizure without permission, if a cop asks you to look in your trunk and you say sure then it’s all legal, if you say no then they need a warrant….owning a ios15 device gives them permission

FISA: *Foreign Intelligence* Surveillance Act.

Take a look at the Act's definitions (50 USC 1801), and other elements, to understand what that means.

 

[So@So@So]

German press union tries to stop Apple and think it's illegal in the EU (even if the rollout is not planned for the EU yet, the existence of backdoor alone seems t be illegal):

Überwachung contra Pressefreiheit

Journalistinnen und Journalisten aus Deutschland, Österreich und der Schweiz protestieren gegen eine Ankündigung des Apple-Konzerns, Mobiltelefone künftig auch lokal überwachen zu wollen.

www.djv.de

 

[Playfoot]

I can't help but wonder why Apple decided to take this step(s). The more I think about this, the more I am confused.

1. The news dropped late Friday - if memory serves correct. This is where PR and releases go to die in the hopes that it will not survive to Monday and a new cycle.
2. So, Apple was aware this was a bad idea? Or a controversial idea? Or was just incompetent.
3. Released only a half baked explanation, had no experts lined up ready to go?
4. The system, as I have read in the Apple documents makes many assumptions. One, that a person who is addicted to or trades in CSAM uses an iPhone, and more specifically will run out to purchase a new iPhone with iOS15. And of course, update or purchase the latest apple tech/OS. Two, said person will decide to store all CSAM on his device. Three, upload sufficient amounts of CSAM to pass a 30 hit mark. Four, not only upload, but upload to iCloud.
5. Of course, fifth would be that IF all the preceding "IF's" are met, that the CSAM hash file from NCMEC would contain matching hashes/images. And just to repeat myself, sixth, must have the use iCloud for pictures feature enabled (unless Apple changes its collective mind...)

The question in my mind is WHY would Apple waste so much good will, that is "Privacy Capital" for something based on a list of serious "IF's"?

Obviously I am missing something. And of course, Apple is far smarter than me. Yet, still I do wonder.

 

[bobcomer]

The question in my mind is WHY would Apple waste so much good will, that is "Privacy Capital" for something based on a list of serious "IF's"?

New iPhones are coming out shortly, and soon after that, monterey Mac's so they had to fess up that this was what they are doing. They'd probably have to postpone iOS15 and the iPhone 13's if they changed their minds now.

My guess is originally they planned to put in place EE2E, but that didn't work out, so they only had part, the bad part, of what they were going to announce. Not that *I'd* want EE2E if there was a bypass like the on device scanning, but it makes more sense.

 

[Playfoot]

New iPhones are coming out shortly, and soon after that, monterey Mac's so they had to fess up that this was what they are doing. They'd probably have to postpone iOS15 and the iPhone 13's if they changed their minds now.

My guess is originally they planned to put in place EE2E, but that didn't work out, so they only had part, the bad part, of what they were going to announce. Not that *I'd* want EE2E if there was a bypass like the on device scanning, but it makes more sense.

If we were in the same city, could bet an adult beverage for the winning answer...

IF what you write is true, in some ways that might even more worrying. Apple is usually very smooth with it product launches, PR and spin. No matter what side of the debate someone sits, this is a massive PR cockup....Will be in uni case studies going forward.

 

[Mercury7]

FISA: *Foreign Intelligence* Surveillance Act.

Take a look at the Act's definitions (50 USC 1801), and other elements, to understand what that means.

I’m fully versed in the patriot act and Fisa , it is used to spy on American citizens everyday of the week, one of the most abused systems we implemented after 9/11, used to circumvent constitutional rights in the name of national security, that’s not conjecture, it’s proven fact, why do you think Edward Snowden is still living in Russia…. Because he spilled the beans. It’s not a stretch to know the NSA will use this back door Apple is providing them

 

[bobcomer]

IF what you write is true, in some ways that might even more worrying. Apple is usually very smooth with it product launches, PR and spin. No matter what side of the debate someone sits, this is a massive PR cockup....Will be in uni case studies going forward.

I think so too.

 

[citysnaps]

I’m fully versed in the patriot act and Fisa , it is used to spy on American citizens everyday of the week, one of the most abused systems we implemented after 9/11, used to circumvent constitutional rights in the name of national security, that’s not conjecture, it’s proven fact, why do you think Edward Snowden is still living in Russia…. Because he spilled the beans. It’s not a stretch to know the NSA will use this back door Apple is providing them

What backdoor is that regarding the system Apple is putting in place to compare a database of hashed CP photos? And the NSA will use the FISA Court to accomplish that?


"why do you think Edward Snowden is still living in Russia"

Pure guess, but I suspect it's because he feels living in Russia is better than going to prison in the US for 20+ years.

 

[duffman9000]

Hey, as playfoot said… this is about a system designed to live on your phone and search for whatever data they are looking for, it has nothing to do with the normal surveillance we all are use to and somewhat expect…. This is the government having perma access to your device …. Only limitations would be what they can get a secret fisa court to agree to…. I keep saying Trojan horse because that’s what it is, they are using one universally hated crime to convince people it’s for the greater good. But once it’s on your phone they can use it as they see fit

——-
just to add to this… most security folks are pointing out that because Apple is global, lots of governments throughout the world will use the system nefariously almost immediately…..they are asking the simple question, can you trust Apple to not give China access when China threatens to pull their products off the shelf if they don’t…that’s how compromises happen…. China however is probably more interested in using it for espionage instead of just spying on its own citizens but likely would use it for both

To add more information about China for people who will say Apple won’t comply with China’s request…

Yes they will. Just like they complied to have all Chinese iCloud accounts hosted in China. A Chinese company manages the Chinese iCloud accounts. Although the encryption keys are stored in China, only Apple has access to the keys. Surely, what could possible go wrong with this approach.

 

[Mercury7]

What backdoor is that regarding the system Apple is putting in place to compare a database of hashed CP photos? And the NSA will use the FISA Court to accomplish that?


"why do you think Edward Snowden is still living in Russia"

Pure guess, but I suspect it's because he feels living in Russia is better than going to prison in the US for 20+ years.

It’s cool, you obviously have not read through the 1000+ post here explaining this or you have dismissed it, either way it shows why this will be implemented because it would take the majority of Apple users to say no, not just a few voices, Apple knew the child porn thing would silence most that care about privacy and the rest might see a headline or two and never read it and go about their merry way. Regardless it’s still a personal decision of whether you want to be monitored or not…. You will be, I will not be

 

[citysnaps]

It’s cool, you obviously have not read through the 1000+ post here explaining this or you have dismissed it, either way it shows why this will be implemented because it would take the majority of Apple users to say no, not just a few voices, Apple knew the child porn thing would silence most that care about privacy and the rest might see a headline or two and never read it and go about their merry way. Regardless it’s still a personal decision of whether you want to be monitored or not…. You will be, I will not be

But I have. Specifically, what NSA backdoor? And...since FISA has now been introduced into the conversation, what role does the Foreign Intelligence Security Act Court play?

Two easy questions. Rather than obfuscating, why not answer them?

 

[slomojoe]

Yes interesting but they have no reason for this to be used at the user end on users's hardware which is surveillance. If they so wish use it on their own servers, and kicking against that sends out signals that its nothing to do with child safety and everything to do with the forerunner to a backdoor.

you are incorrect

having the database on device gives more security to the end user not less, anything done "in the cloud" or on apple's servers is completely blind to us the users, images could be added willy nilly, the database could changed and we the user would have no idea what is taking place

apple is specifically placing the database on-device because it gives us the users more transparency,

1) it is put on device only with a signed operating system
2) no remote updates are possible this ensures that the same database is every phone worldwide
3) this prevents apple from replacing the database with another database
4) apple will provide a root hash with every database which will published as a knowledge based article
5) the user can then inspect the hash on their own device to see that it hasn't changed
6) all of this can be audited by third parties

can you see that if this done in the cloud we have no transparency, we have no access to know what database is being used and how it is used or what is in it

basically apple is placing the database on a table and allowing the whole world to gather round the table and affirm that the database hasn't been changed or substituted (the phone) since all eyes are on it

all of this makes the process far more secure than doing scanning on the cloud where we have no idea how it is taking place

 

[Scotticus]

What, this comes as a surprise to you? When's the last time you read a news story about someone busted for child porn where it was revealed they had only 10 images of it? Unless they were just getting started when they got caught (or successfully hid most of it), that's rarely the case. Normally it's at least hundreds of images that are found on their devices. Definitely normally more than 30.

You said "People who are into pornography of any type are usually addicted to it and collect hundreds and thousands of images...", which is absolutely ridiculous. So I laughed at you.

 

[jseymour]

Hey, you can't deny that they know they have to keep peeling back the layers on this one.

They can peel back layers until the Last Trump of Doom. It's still mass surveillance and a privacy violation, and I'll not stand for it. They can assert it's something other than what it truly is, and, certainly, many people will believe it. But, while that may make it true in their minds, it still won't really be true.

 

[slomojoe]

I would only point naysayers to the patriot act… once these tools are in place they will be utilized …. Some in Congress and our intelligence will be salivating for full access

i am not so sure, congress cannot demand access to phones for just any reason, typically they fall back on the 4 horsemen: child porn, terrorism, drug dealers and money laundering (https://www.schneier.com/blog/archives/2019/12/scaring_people_.html) of these, child porn is most potent weapon since the average person, rightly, will get up in arms and call for action. child porn is a really potent weapon to use against encryption. if apple is indeed going to do e2ee then they have defused that argument right from the get-go.
money-laundering, drug dealing and terrorism fall far behind child-porn when it comes to reasons to demand back doors into phones.

we are trading some privacy, only in the upload of photos to a specific "place" namely icloud for e2ee everywhere else and that arguably gives us way more benefit and protection than we have now

but yeah, if apple does start to slide down that slippery slope we will know what we are up against and then all bets are off

 

[citysnaps]

you are incorrect

having the database on device gives more security to the end user not less, anything done "in the cloud" or on apple's servers is completely blind to us the users, images could be added willy nilly, the database could changed and we the user would have no idea what is taking place

apple is specifically placing the database on-device because it gives us the users more transparency,

1) it is put on device only with a signed operating system
2) no remote updates are possible this ensures that the same database is every phone worldwide
3) this prevents apple from replacing the database with another database
4) apple will provide a root hash with every database which will published as a knowledge based article
5) the user can then inspect the hash on their own device to see that it hasn't changed
6) all of this can be audited by third parties

can you see that if this done in the cloud we have no transparency, we have no access to know what database is being used and how it is used or what is in it

basically apple is placing the database on a table and allowing the whole world to gather round the table and affirm that the database hasn't been changed or substituted (the phone) since all eyes are on it

all of this makes the process far more secure than doing scanning on the cloud where we have no idea how it is taking place

I totally agree with you.

Some people are saying that also provides NSA backdoor access, apparently via the FISA Court. Without explaning how.

That doesn't make any sense to me. Smells more like an "anything in the world is potentially possible" sort of thing. What are your thoughts?

 

[Mercury7]

you are incorrect

having the database on device gives more security to the end user not less, anything done "in the cloud" or on apple's servers is completely blind to us the users, images could be added willy nilly, the database could changed and we the user would have no idea what is taking place

apple is specifically placing the database on-device because it gives us the users more transparency,

1) it is put on device only with a signed operating system
2) no remote updates are possible this ensures that the same database is every phone worldwide
3) this prevents apple from replacing the database with another database
4) apple will provide a root hash with every database which will published as a knowledge based article
5) the user can then inspect the hash on their own device to see that it hasn't changed
6) all of this can be audited by third parties

can you see that if this done in the cloud we have no transparency, we have no access to know what database is being used and how it is used or what is in it

basically apple is placing the database on a table and allowing the whole world to gather round the table and affirm that the database hasn't been changed or substituted (the phone) since all eyes are on it

all of this makes the process far more secure than doing scanning on the cloud where we have no idea how it is taking place

Sounds like a law enforcement operation to me, crossing the t’s and dotting the i’s when they come for you, I’m sure the nsa and fbi will love this when they get the program expanded. iCloud searches were never meant to be the end all of prosecutions for anything, they were used to identify suspects and get warrants for further surveillance

 

[Mercury7]

i am not so sure, congress cannot demand access to phones for just any reason, typically they fall back on the 4 horsemen: child porn, terrorism, drug dealers and money laundering (https://www.schneier.com/blog/archives/2019/12/scaring_people_.html) of these, child porn is most potent weapon since the average person, rightly, will get up in arms and call for action. child porn is a really potent weapon to use against encryption. if apple is indeed going to do e2ee then they have defused that argument right from the get-go.
money-laundering, drug dealing and terrorism fall far behind child-porn when it comes to reasons to demand back doors into phones.

we are trading some privacy, only in the upload of photos to a specific "place" namely icloud for e2ee everywhere else and that arguably gives us way more benefit and protection than we have now

but yeah, if apple does start to slide down that slippery slope we will know what we are up against and then all bets are off

The pushback is about wanting the back door not to be installed in the first place, once it’s in place you will not know if it’s being used nefariously…. People like Snowden that blow the whistle on that type of stuff is pretty rare, Once people grant access then that’s pretty much it… your monitored for as long as you participate in the ecosystem

 

[bobcomer]

e2ee everywhere else

You are assuming you'll get that with no evidence.

 

[slomojoe]

I totally agree with you.

Some people are saying that also provides NSA backdoor access, apparently via the FISA Court. Without explaning how.

That doesn't make any sense to me. Smells more like an "anything in the world is potentially possible" sort of thing. What are your thoughts?

yeah, totally, does facebook or google lay out in detail how they are scanning for csam ?

i don't think so, their system of server side scanning is infinitely more opaque, dangerous and open to considersably more abuse, they may only be using 1 database of csam which could be corrupted, they are not detailing how they are getting images or using and comparing them

apple is using only those hashes which appear in 2 separate databases which insures that the material being compared against is actual verified csam

apple is putting the database in plain sight and providing the hash for all to see and allowing 3rd party audit, we the users can check the hash on our device

if the nsa really wants to use a backdoor via the fisa they can damn sure do it anytime they want, this attempt by apple to deal with csam neither stops them nor does it make it any easier for the nsa to do what it wants, they'll just do it

i am afraid we are seeing a river of paranoia here along the lines, as you say, of "anything is possible", yeah anything is possible, tim cook may be the manchurian candidate, an nsa stooge

i don't think people are taking into account just what it would take for governments to pass legislation permanently breaking encryption and security on phones

we need to find a new way forward that balances the needs of government and the rights of users and from what i see apple is trying to do just that

in the end it all comes down to trust, if you really don't trust apple then go somewhere else, how about google

i think we have no choice but to trust and take the tradeoff of transparent, verifiable on device scanning, for the e2ee encryption that i believe apple is working toward

 

[slomojoe]

You are assuming you'll get that with no evidence.

true, i am, but it seems logical, apple continues to add as much privacy to their products as they can and e2ee seems a logical goal