Really...when did the actions of a rogue employee scale up to the general business practices of Apple?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Publishes FAQ to Address Concerns About CSAM Detection and Messages Scanning
- Thread starter MacRumors
- Start date
- Sort by reaction score
My concern with this, and people have never really addressed other than being patronizing because I am ASKING for what I am missing here. We have two scenarios.
Picture 1: I stand in front of my house, thumbs up next to my mailbox.
Picture 2: I keep the pose because my eyes were a bit closed and they took another picture seconds later.
Picture 1 and 2 are VERY VERY CLOSE in terms of a pixel match.
Okay lets walk through the scenario. Assume Picture 1 made it on CSAM. Apple's claims and documentations state that any modifications to picture 1 would result in a collision. Its not a 1:1 hash match to the entry in CSAM. We on the same page so far? Picture 1 gets flagged but picture 2 does not. Correct in that assumption yes? From what people have said, this is indeed correct.
Okay, so I launch Photoshop and adjust picture 1 to match exactly like picture 2. I spend hours to the point where it matches picture 2 pixel for pixel. Still with me? I now have three pictures. Picture 1, modified Picture 1 and Picture 2.
According to Apple any crops, color adjustments, rotations, transforms and edits to the picture will still result in a collision. So are they essentially saying now my modified picture 1 will result in a collision? Yet people are somehow stating picture 2 will NOT be a collision? 1/1trillion odds it will be a collision?
This is a clear contradiction according to Apple's own statements (modification of image results in collision) and people's own explanation of the logic (picture 2 CANNOT be matched).
The reason this type of scenario is concerning is that there might be quite a bit of legit pictures that have the same lets say "pixel attributes" that might produce the same hash as a matched image.
And please, do not respond with just "I don't understand". This is EXACTLY why I am posting this scenario because if someone DOES know why picture 2 truly will not match but modified picture 1 does and there is no concern here, then please explain it. I looked through Apple's document (modifications will be a match and its using AI to get the match). I am looking to understand this type of scenario. How can two identical images not match, yet any modifications to the matched images will match?!
The only recourse is to vote with your dollars. But I'm not sure the company is out of touch with reality. Unlike the app store anti-trust investigations, Congress will not step in to stop Apple. I guarantee it.
Far more creepy IMO. Google scans their servers. Apple scans your iPhone, iPad, and Mac.
I just deactivated iMessage and messages to iCloud.
Big questions for sure. You might find this thread instructive: https://news.ycombinator.com/item?id=28106867
no clear answers to your questions at this point
Well, how do we know that this latest move is not mandated by the government already? They sure do seem to pass a lot of 3000+ page bills that get turned into law. I mean they have to pass the bill so we can find out what is in it…
Could governments force Apple to add non-CSAM images to the hash list?
Exactly
Congrats on taking action! Curious to hear more of your decision process, are you planning to replce that functionality somehow or just go without?
1. It does matter since it gives you context. Apple is doing it in a more privacy-minded way.
2. You don’t know what you’re talking about, Facebook had more than 20 million CSAM incidents reported last year only, Chester maybe is not always as bright as you think.
3. This doesn’t mean that on the other hand you can weaponize “think of the children” for the opposite argument.
4. You don’t know, child abuse fighting NGOs know better than you.
5. They will ask you to consent. They‘re leaving the possibility to opt-out. They’re doing this scan ONLY, EXCLUSIVELY, SOLELY on data you’re about to PUT ON THEIR FRICKIN’ SERVERS anyway. (or better, it’s like a tree falling in a forest with no one listening until you upload them)
6. “Scan your private data 24/7” is a dumb catch-all buzzword. Do you disable the local file indexing of Windows Search or Spotlight? Do you disable the Photo app scanning your library for dogs, cats, trees, faces and birthday cakes? That’s 24/7 scanning. That could be “slippery sloped” as well. Just use only open source OSes and disable file indexing, go ahead.
7. I see, so you’re one of those guys…
8. What a bunch of “**** could happen” crap. Again, by this logic you should only use open source hardware, open source software and self-host your personal cloud.
9. “stuff could happen”
10. Yeah so funny for apple bashers and companies with a grudge against apple, except Apple while not perfect is still the champion of consumer privacy.
In addition to the above:
Despite Constitutional prohibitions against such things, the US has a well documented history of secret warrantless wiretaps and abuse of the FISA court system.
Essentially every technology has, in its time, been illegally subverted by US law enforcement.
As for China it doesn’t even have bedrock Constitutional like protections limiting the behaviors of it’s state actors.
Apple has clearly demonstrated a proof of concept that could be applied to anything, face comparison, words, word combinations or proper nouns, these aided by AI, all of this increasing in speed and scope ability as AI and on device processor speed increase.
These systems aren’t static, they will continually be refined and possibly expanded. Just as Apple gave none of its explanations until folks started complaining, Apple has given no commitment to notifying the public of any significant or incremental changes to the scope, spread, speed, or use of this tech.
Apple has stated that it follows local laws, clearly to both to protect against being prosecuted and, without a doubt, to protect market share or access, to even possibly to develop goodwill from enforcement entities as a hedge against monopoly breakup threats. (What justice department would want to break up a “cooperative” partner that makes it look good to its political leaders? This is what mutually beneficial aggressive back scratching could look like.)
Even if Apple’s actions here are pure and not the result of some current accommodation, appeasement or acquiescence to government pressure or demands, at some point in the future, maybe soon, maybe a generation or two down the road, future Apple management may see refusal as unnecessary or impossible, or as a hinderance to personal profit and the slippery slope becomes a vertical drop.
As a thought experiment: I don’t know if it exists or is technically feasible now, but let’s consider “AI Sub-hashing” where parts of photos, videos, or recorded or live voice audio, are extracted and analyzed after preparation with an AI twist that adjusts for positioning, lighting, aging of faces, or acoustic effects (spatial audio anyone?), that can compare the picture of your driver’s license in wallet, or faces/voices in your photos, or key words or text strings elsewhere on device, against sub-hashed faces/voices from public videos shot or provided by some kind of known or unknown security personnel.
The ability of powerful AI will be a force for future good, but like all past human endeavors and technologies, each can be a force for amplifying the abilities of totalitarians or evil doers.
Apple has shown us a glimpse of a self surveillance future, one where these extensions of our brain, person, private papers and effects are now capable of reporting us to a private non law enforcement entity and eventually, possibly directly, to a state security entity.
While the stated goals of Apple’s efforts here appear reasonable and laudable, it doesn’t take away that these surveillance techniques, and their application, or expansion, don’t exist in a vacuum.
Similarly, Apple’s assurances today, are not absolutes. The future ability and use of this tech will be shaped by future confluences of social pressures and AI performance increases we can not fully see or imagine and we only have the assurances of today’s Apple management that they and their distant successors, people they may not ever meet, won’t relent to what will be relentless government demands for expansion.
Doing the wrong thing for the right reason is still doing the wrong thing, because in the world of coercion and appeasement, the road to hell is paved with short-sighted accommodations and good intentions naïvely understood to be absolute and enduring in scope and this is what gives me unease.
(As for assurances of security and accuracy, I’m reminded respectively of NSO Group intrusions and iOS spellcheck that makes odd errors all the time.)
Maybe it’s because many of us eschewed Google for Apple because they assured us they think different, have a business model not based on intrusion, and they see privacy as a human right.
The others don’t go around pretending they care about your privacy as a selling point.
If I’m going to be spied on anyways, I would’ve gotten an Android.
My simple question to these questions; explain to me how you could have a picture so close to one that has been marked as child pornography without it actually being child pornography? Now explain how you could have more than one picture like this to the point where it would actually trigger a review from an Apple employee? And then try to imagine this will happen one in one trillion times and even comprehend what that number means in real world terms.
I think what’s missing is context.
Apple fight the FBI request then because the case was about setting precedent, and the last thing Apple wanted was for the courts to establish a precedent that FBI could compel them to unlock a criminal’s iphone whenever necessary because it would likely have required them to install some sort of back door, or knowingly leave a security flaw unpatched (which could in turn be discovered and abused by other parties).
I don’t think Apple’s stance has changed. They are still a design-led consumer electronics company intent on making the best products for their users (based on their own interpretation thereof), and this scanning feature simply leverages on their control over hardware and software.
Apple can’t even get iTunes Match right yet everyone buys this “1 in a trillion” like it’s gospel and Apple can do no wrong.Again, you do realize that it would take more than one picture matching to flag an account…and the chances of more than one picture “matching”, being reviewed by an Apple employee and NOT being child pornography is a one in one trillion chance of happening?
Oh…and for the other idiots up above (not you), they are reviewing the flagged images. They do NOT have access to every pic in your iCloud account.
This is spot on. What's more-Apple is the only tech company I would trust to execute something like this while at the same time maximizing privacy.
People should probably read more about it before peeing into their shoes. It's tied to a youth's phone and login being part of a family plan. It can be deactivated. Everyone just calm down.
For your lame example, I would say that means child pornographers would get away with the system, not innocent people getting flagged incorrectly.
Until:
A POS you have as a friend on a social media site downloads the picture you posted of your kid in the bath. He/she then includes that in a batch of CSAM photos he/she trades online for other CSAM images. Your photo hash gets collected and distributed by NCMEC. Now, you have CSAM material on your phone.
or
Someone wanting to harm you does the same and posts your photo on a CSAM forum, knowing it will be distributed and the hash will be logged.
People on here aren't upset about the iMessage thing...and yes, those that may be should read more and stop commenting.