Apple Removes All References to Controversial CSAM Scanning Feature From Its Child Safety Webpage [Updated]

[GrumpyCoder]

And here's an interesting discussion, with further links, what can happen when collisions get you in trouble even though you're innocent: https://news.ycombinator.com/item?id=28236102#28238071

Also worth a read:
https://www.kammenlaw.com/blog/2019/11/how-often-are-people-falsely-accused-of-child-porn/
https://www.jamescrawfordlaw.com/blog/false-accusations-child-pornography-do-first

This largely depends on a country's law of course. There's been a somewhat recent case in Europe (Germany?) where a father was falsely accused and lost pretty much everything before he was found innocent in court.

That's why we need reliable and explainable AI systems, not just for safety critical applications like autonomous cars, drones, robots, etc. but for report systems as well. In general, any AI that makes a decision where the output can be catastrophic. We've seen some very interesting talks at the last GTC from various researchers in the industry about this topic.

 

[Flight Plan]

This was a mess from the beginning and pulling it was the only logical thing to do.

But they haven't pulled it. The article clearly states that they're just no longer going to TELL us they're working on it.

 

[Flight Plan]

Good news for all abusers?

Here we go again with the tyranny of the "forced binary choice".

• "Do it my way or you're a murderer" (agree to expensive solutions that won't really solve global warming)
• "Do it my way or you just want to kill grandma and grandpa" (promulgated even HERE on MacRumors during the 2020's First Annual Maskapalooza.
• Now your flavor is "Do it my way or you're a pedo." (agree to ALL scanning of all your devices)

I'm disappointed in this cheap and lazy tactic to get people to agree with you.

Why are you making such an "enlightened" claim that Apple is already betraying its customers? Your personal gut feelings are of no interest to anyone here, feel free to bring facts.
If you end up like Julian Assange, you have my sympathy.

I'm completely confused by your comment.

Courageous freedom lovers don't always have to win, but courage is something exhausting, strange, rare and great in mankind.

People are courageous every single day. By the millions. Do you even know what you're suggesting?

I hope Apple brings it back. We need to stop pedophiles and child sex abuse. Children need to be protected.

Then maybe YOU should be working harder to promote that humans be raised to be protective of children.

These conspiracy theories always seem to forget the amount of brand damage it would cause if Apple were caught sneaking in surveillance technology without telling customers.

Now this is a very good point. And you're right, it would cause brand damage. That's why I as a stockholder (and really, who doesn't hold SOME stock in Apple at this point?) don't want Apple doing this. There are better ways to catch people than accusing all of them of committing the same crime.

Apple has been very public stance pro-privacy and getting caught doing anti-privacy things would cause irreparable harm to the company and the damage would probably be measured in billions of dollars, not to mention scandals like this tend to cost CEOs their jobs.

Funny how all that never gets mentioned.

Well now you mentioned it. And yes, I don't want my retirement taking a nosedive because Apple screwed up and accused the wrong person(s) of a crime. So they should cease and desist.

To Bull 07: Way to not get the point of all this. I mean really, 10 out of 10 plus a gold star.

The tyrannical only want their own way, and are not willing to even consider a better path that doesn't accuse everybody of wrongdoing.

Do you think that governments can penetrate Apple's server unnoticed (without man in the middle) and understand its structure? Do you have any sources?

Well, are you suggesting that absolutely zero former Apple employees have gone on to work for a tyrannical government after their employment at Apple? Because that'd be kind of ignorant of you, wouldn't it? ?

 

[Flight Plan]

I am phasing out iCloud from my devices, I am surprised to discover that it is in fact quite possible and fairly painless to live without being logged into iCloud. Though of course Apple does not make that easy for you

I would like to find some good sources on how to do this in a mixed-device situation. I have a non-homogenous Apple, Android, Linux, and Windows situation, scattered all over my house, garage, and even in the back yard.

 

[DMG35]

But they haven't pulled it. The article clearly states that they're just no longer going to TELL us they're working on it.

Yes I'm aware. The article was updated well after I wrote that to reflect that Apple wasn't in fact pulling it.

 

[crymimefireworks]

Right, when you read into the details of all academic papers, they contain assumptions, some which work in the real world, some that don’t. In this case, they intercepted the output of the matching process (which they were able to do because they had control of the “black box”). Rewrite the paper so that they don’t have access to the output… well, I’m assuming then the paper either wouldn’t get published OR would get FAR less attention, two things that would be against the best interests of the folks creating the papers.

In the real world, they wouldn’t have access to the output, which is a critical part of the whole exercise. Remove the method that they used to actually test and tweak the images (and who knows how many times they had to adjust their images in the black box test), and you completely remove their ability to create a match. Correction: there IS a way they could have access to the output in the real world. And, that’s if someone gets sent to jail (indicating that the changes they made to the images weren’t good enough to avoid detection). But, since they would only be investigated after several images had been uploaded, they wouldn’t even have full confidence of which images in the set were the ones that weren’t good enough. Not very efficient or effective, even for the most motivated criminal.

I hear what you're saying. Without knowing the hash, it would be impossible for hackers to create fake images that match the hash.

Question -- Is it possible to get a list of the hashes of the CSAM database?

 

[SupremeAntBee]

I hope Apple brings it back. We need to stop pedophiles and child sex abuse. Children need to be protected.

This is something for law enforcement to battle, not a computer/wanna-be all things to all men(people) company.
The fact that there are people out there who are disappointed that this violation of privacy, no matter who you are, is unfathomable to me!
I am so sick of Apple and its antics under Tim Cook’s direction, and will be switching to another platform and devices when the ones I have are declared “obsolete,” at Apple’s discretion, of course.
I am not nor ever was what some people would derisively call an “Apple Fanboy,” but I did like its products to the point of using them exclusively. That is no longer the case. Apple has lost me with this CSAM BS and its inability to keep consistent with its apps and myriad OSes.
Sure no company is perfect, and will have its flaws, but how many more chances is Apple expecting from its users. I feel awful for people who have just “switched” to Apple, because I know what is in store for them, which is terribly sad to say, think and realize.
IMHO, A once great computer and software company, is no more.

 

[4491275]

Boooooo. Boycott. Bye-bye Apple. You’ve made too many exceptions, too many back doors, given into government pressure, and abandoned your focus on privacy. Shame. I don’t think I’ll ever buy another Apple device again if this is not remedied. And I have no expectation that it will because you are not listening to your customers and this is the last straw for me. A deGoogled android is not a welcome addition for me, but if that’s what it takes—then that’s what it takes. #shame

 

[VulchR]

I hear what you're saying. Without knowing the hash, it would be impossible for hackers to create fake images that match the hash....

There are two potential attacks on the system possible. Creating innocent-looking images to trigger an apparent CSAM match, which could be used as malicious payloads against recipients of messages, and editing CSAM material so that it looks the same but avoids detection. Neither require knowledge of the code for the hash per se, although of course that would help. They only need the output of the hashing when exposed to various images to infer what the hash does. Honestly I do not know how feasible that would be, but communications are never completely secure and Apple's proposed system does phone back home...

 

[Nuvi]

As stated earlier, 63% of what was referred was explicit material, the rest were suspicious ages, apparent child grooming, etc that they felt warranted investigation. The fact that the police felt almost all weren't a problem is a police decision, the reasons for which we aren't privy to.

You honestly think I should trust more on some shady private NCMEC organisation without any third party auditions or oversight than Swiss federal police? If Swiss police say over 90% reports are false than thats what they are. If NCME claims they “they felt warranted investigation” but police states over 9 out of 10 were false then that says whole lot about NCME and their capabilities. Also its worth noticing that 40% of NCME “suspicious” material was about teens sending photos of themselves to other teens.

Also why on earth US has this private organisation dealing with the issue and not real police or some other federal organisation?

 

[eatrains]

You honestly think I should trust more on some shady private NCMEC organisation without any third party auditions or oversight than Swiss federal police? If Swiss police say over 90% reports are false than thats what they are. If NCME claims they “they felt warranted investigation” but police states over 9 out of 10 were false then that says whole lot about NCME and their capabilities. Also its worth noticing that 40% of NCME “suspicious” material was about teens sending photos of themselves to other teens.

Also why on earth US has this private organisation dealing with the issue and not real police or some other federal organisation?

No, they said 86% of reports were not criminally relevant, meaning they couldn't pursue charges for one reason or another. That doesn't mean they were "false".

 

[Apple Crusader]

Good too much potential for abuse (and I am not saying that ironically).

“Update: Apple spokesperson Shane Bauer told The Verge that though the CSAM detection feature is no longer mentioned on its website, plans for CSAM detection have not changed since September, which means CSAM detection is still coming in the future.“

 

[Apple Crusader]

Congratulations everyone, now what you've likely achieved is that Apple will just quietly scan iCloud Photos for CSAM server-side instead, and we'll probably never get end-to-end encryption.

End-to-end encryption doesn’t mean crap if a company gets to decide what photos are inappropriate on your own device. Today it is “save the children”, tomorrow it is “Your political opinion violates or woke policies”.

They could very easily implement end-to-end encryption but choose not to. Something about “muh terrorism” (when have they ever stopped a terrorist attack by violating people’s privacy? Hint: never) and “muh moderated content”.

 

[JahBoolean]

End-to-end encryption doesn’t mean crap if a company gets to decide what photos are inappropriate on your own device. Today it is “save the children”, tomorrow it is “Your political opinion violates or woke policies”.

They could very easily implement end-to-end encryption but choose not to. Something about “muh terrorism” (when have they ever stopped a terrorist attack by violating people’s privacy? Hint: never) and “muh moderated content”.

xKeyscore data is used by interpol all the time =)

 

[Nuvi]

No, they said 86% of reports were not criminally relevant, meaning they couldn't pursue charges for one reason or another. That doesn't mean they were "false".

You’re wrong. Swiss police spokesperson has stated the following:

"Last year we received around 9,000 reports. Just under ten percent of them were criminally relevant.”

Sending “tips” to Police which lead to nowhere is what you call false reporting.

In all honesty the whole NCMEC as organisation feels shady. Why on earth US has a private organisation funded by US government without any third party oversight dealing with child abuse? Shouldn’t it be FBI or some other federal organisation? Even NSA has more accountability than NCMEC. The “funny” thing is that NCMEC is lobbying around a world for access to private data and against E2EE. Another “funny” fact is that CEO of NCMEC used to work for Lockheed Martin as director of security operations for information systems and global solutions. But hey, all of sudden this guy just want’s to “save the children”.

Seriously, why an earth Apple even considered working with a organisation like that?

 

[eatrains]

You’re wrong. Swiss police spokesperson has stated the following:

"Last year we received around 9,000 reports. Just under ten percent of them were criminally relevant.”

Sending “tips” to Police which lead to nowhere is what you call false reporting.

In all honesty the whole NCMEC as organisation feels shady. Why on earth US has a private organisation funded by US government without any third party oversight dealing with child abuse? Shouldn’t it be FBI or some other federal organisation? Even NSA has more accountability than NCMEC. The “funny” thing is that NCMEC is lobbying around a world for access to private data and against E2EE. Another “funny” fact is that CEO of NCMEC used to work for Lockheed Martin as director of security operations for information systems and global solutions. But hey, all of sudden this guy just want’s to “save the children”.

Seriously, why an earth Apple even considered working with a organisation like that?

No, he stated this:

"2020 trafen bei uns rund 8000 Meldungen ein. Strafrechtlich relevant waren davon ca. 14 Prozent. Beim Rest können die Urheber nicht identifiziert werden oder es handelt sich um unproblematische Darstellungen, wie das oben genannte Urlaubsfoto. Dank den daraus resultierenden Strafverfahren können Pädokriminelle verurteilt und Personen davon abgehalten werden, weitere verbotene Inhalte zu konsumieren oder weiterzuverbreiten."

 

[GBaughma]

No, I’m not concerned at all. There’s some thinking here that Apple wasn’t performing CSAM checks and suddenly decided to do so. They’ve BEEN doing CSAM checks, EVERYONE does against every image uploaded to the cloud.

Apple was attempting to implement a process where they could actually leave all your images in the cloud encrypted with a key that they don’t have access to. That’s the only thing that would be different. Apple and everyone else is doing the same CSAM scanning they’ve been doing all along.

A key they don't have access to?
Believe me... there is ALWAYS another key.

 

[GBaughma]

A picture of a parent giving their kid a bath isn’t going to be in the database.

Well, not entirely true.
If the picture got shared around, and was included in a bust of a pedophile along with a bunch of other CP pictures... it *could* end up in the database.

 

[Flight Plan]

Yes I'm aware. The article was updated well after I wrote that to reflect that Apple wasn't in fact pulling it.

Aaah, okay.

 

[makitango]

You’re wrong. Swiss police spokesperson has stated the following:

"Last year we received around 9,000 reports. Just under ten percent of them were criminally relevant.”

Sending “tips” to Police which lead to nowhere is what you call false reporting.

In all honesty the whole NCMEC as organisation feels shady. Why on earth US has a private organisation funded by US government without any third party oversight dealing with child abuse? Shouldn’t it be FBI or some other federal organisation? Even NSA has more accountability than NCMEC. The “funny” thing is that NCMEC is lobbying around a world for access to private data and against E2EE. Another “funny” fact is that CEO of NCMEC used to work for Lockheed Martin as director of security operations for information systems and global solutions. But hey, all of sudden this guy just want’s to “save the children”.

Seriously, why an earth Apple even considered working with a organisation like that?

I trust the Swiss folks more than a third party with ties to whomever and a first party which ended E2EE on iCloud because they bent the knee and sacrificed privacy to please sweet baby government.
Yes there may and will be criminals exploiting security for bad things, but so is every tool to humans.
When there is misconduct, we investigate. When there is none, we don't or we practice positive intent. That is what privacy is about, same as trust in every relationship.

Lest we know we are way past that because everyone in Apple's view these days is a potential serial killer and child porn consumer and deserves to be screened 24/7.

 

[10Jannette]

Apple’s care and overwhelming concern for child abuse is laughable. Ut-oh! Should I have said that, especially in light of hacking away at our right to free speech-says that tacky little document “THE CONSTITUTION OF THE UNITED STATES OF AMERICA”- Let me get back on track! I didn’t hear a peep outta of the Apple Gods about full term abortion, child abuse. But, then again big business is already making enough per year outta of the abortion business to pay off the national debt. Best to leave well enough alone. Taking our privacy one software update at a time is where the “new” big money is! Thank God for their common sense! Am I allowed to still mention God? I’m so sick of double speak hypocrites!

 

[Yuck9]

Just because they remove it from website does not mean they are removing the software. They are just doing damage control. They did not expect this much backlash so by them removing the wording does not mean they will remove the scans.
They will go ahead with it to cover there ass. I don't trust them to remove it but it is what they are hoping for.

 

[MysticCow]

our right to free speech

Free speech only means the government cannot lock you up because you said something incredibly stupid.

You do not get a "consequence-free move," though, as social implications of what you say and do still apply.

People, ESPECIALLY THOSE THAT LIKE THE COLOR ORANGE, don't tend to understand this anymore and simply want consequence-free moves, which is was and will not be the stated intent of your "free speech rights."

 

[Fat_Guy]

Apple’s plan is ultimately to get out of selling phones completely. They will probably end up giving you a phone for free as everything else they offer will be a subscription. All multi-tier subscriptions services, and in this view you can see why they didn’t see the push back scanning on-device. We are still old school and out of the loop for what the future holds. We still believe that when we buy a phone that device is ours and every thing on it is ours. But is that really the case now? Are the apps on the device ours or are we just allowed to use them?







Anyway, soon like physical credit cards, the cell phone will just be a means to an end and not our property. When that happens this issue of on-device scanning will a non-issue. Phones will get boring as they are now, so why buy them and spend money upgrading. Apple will give you one for free and give you another upgraded one when necessary. You just keep paying them a monthly set of subscriptions.





The only mistake Apple made was doing the on-device scanning when people were still buying phones and thinking the phones were their property. When push comes to shove Apple could probably deactivate the phone as the OS is theirs. So you have a husk of a phone and nothing to do with it. This is why you should support a free and open source alternative like Linux phones. Then the phone is yours and the OS is free for anyone. Your phone and your property.







But that makes too much sense so bend over to all big tech, listen to songs but not own them, watch movies but not own them, just keep paying your hard earned money every month and if you stop - you end up with nothing. What a deal…







But can you blame big tech? We are the ones doing this to ourselves.

 

[VulchR]

Apple’s plan is ultimately to get out of selling phones completely. They will probably end up giving you a phone for free as everything else they offer will be a subscription. All multi-tier subscriptions services, and in this view you can see why they didn’t see the push back scanning on-device. We are still old school and out of the loop for what the future holds. We still believe that when we buy a phone that device is ours and every thing on it is ours. But is that really the case now? Are the apps on the device ours or are we just allowed to use them?







Anyway, soon like physical credit cards, the cell phone will just be a means to an end and not our property. When that happens this issue of on-device scanning will a non-issue. Phones will get boring as they are now, so why buy them and spend money upgrading. Apple will give you one for free and give you another upgraded one when necessary. You just keep paying them a monthly set of subscriptions.





The only mistake Apple made was doing the on-device scanning when people were still buying phones and thinking the phones were their property. When push comes to shove Apple could probably deactivate the phone as the OS is theirs. So you have a husk of a phone and nothing to do with it. This is why you should support a free and open source alternative like Linux phones. Then the phone is yours and the OS is free for anyone. Your phone and your property.







But that makes too much sense so bend over to all big tech, listen to songs but not own them, watch movies but not own them, just keep paying your hard earned money every month and if you stop - you end up with nothing. What a deal…







But can you blame big tech? We are the ones doing this to ourselves.

I don't like subscriptions either, and I find Apple's emphasis on subscriptions as diagnostic of a lack of innovation and vision (other than of money).