Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Wait! Why are we just finding out about this just now?

I agree. It’s just strange and the timing of this is so off. Apple is really trying to convince the consumers to upgrade the iOS 15.
Yeah this should have been published sooner. Instead Apple sat on in until they started forcing people to upgrade from iOS 14. Almost seems like this is Apple's way of trying to convince people to make the upgrade.
 
This was never confirmed and is speculation. Code was found but its purpose wasn't necessarily for this.

An early version was found hidden in iOS 14.3 and reverse engineered by somebody who must be pretty smart.


Once the hacker community gets a good look at this, all bets are off.

One question that I’ve never seen answered: how is Apple going to stop this from being turned into a surveillance tool when a government says “Use this database and send the matches to this address, or you can’t sell your phone here.”
 
  • Like
Reactions: VulchR
An early version was found hidden in iOS 14.3 and reverse engineered by somebody who must be pretty smart.


Once the hacker community gets a good look at this, all bets are off.

One question that I’ve never seen answered: how is Apple going to stop this from being turned into a surveillance tool when a government says “Use this database and send the matches to this address, or you can’t sell your phone here.”
The code is there but Apple said it isn't the one they're going to use for scanning in Photos.

"Apple however told Motherboard in an email that that version analyzed by users on GitHub is a generic version, and not the one final version that will be used for iCloud Photos CSAM detection. Apple said that it also made the algorithm public."

 
Well that statement right there pretty much blows a whole in their entire App Store-Is-A-Safe-Walled-Garden narrative.
I think it enforces the App Store-Is-A-Safe-Walled-Garden narrative. There was an exploit, but they didn't approve any apps to use the exploit. If there were other App Stores, then they might not have even know about the exploit, and let those apps in.
 
The types of security holes/exploits we are seeing across the board right now are worrying.

Went into my ‘Passwords’ in Settings today and discovered that a whole lot of websites have been compromised.

I wonder if Apple, Google etc…can keep up with all of it, more so worried about smaller websites/forums that are run by a few people.

Edit:

This video seems to explain it well
 
Last edited:
It's already on iOS 14, it was not released with iOS 15, but it was planned to be enabled by the time iOS 15 was released. If you have iOS 14 you already have CSAM installed. Also, this whole CSAM scanning controvercy is completely overblown and misunderstood.
Ah. Thanks for the information. Still, I think those of us holding out on iOS 14 are sending a message to Apple.
 
  • Like
Reactions: WaltEvor
Just like no one is forcing you(the royal you) to accept Apple as it is. There is always android that does exactly what some people want.
I don't accept Apple as it is. I am rooting for the new bill in front of the senate that will allow sideloading.
 
in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences

This is a terrible lie because the curated and locked down nature of iOS protects us from bad actors in the first place. That's literally Apple's argument against recent court cases.
 
iOS 14 is riddled with other security issues/bugs and privacy flaws that was patched in iOS 15. I don't understand you guys, what's your plan? Staying on iOS 14 forever? Are you gonna refuse iOS 16 as well? If you care about privacy and security, update your software. Security flaws is the number one reason people get hacked and ransomwared.
iOS14 would've been fine is Apple had integrity and accountability, and kept what they said about continuing support for iOS14 alongside iOS15.
 
One question that I’ve never seen answered: how is Apple going to stop this from being turned into a surveillance tool when a government says “Use this database and send the matches to this address, or you can’t sell your phone here.”
They wouldn't stop it. Apple was just virtue signaling, while they literally set the system to wash off their hands if the system is misused. They literally said they're just matching hashes, and they won't know what the database contain. They're setting themselves for plausible deniability. And we already know that Apple will follow what local laws require (Chinese iCloud servers, Pre-installed local apps in Russia, S.Korean requirement for alternative payment, etc).
 
So you're saying that if there's a hole in the garden's wall, we might as well just break the entire wall down?
Do people still not realize nothing on your phone is obligatory? No one is forcing you do use any functionality you don't want. Why does it affect you that some people want to use the phone they paid with their money differently from you?
 
Do people still not realize nothing on your phone is obligatory? No one is forcing you do use any functionality you don't want. Why does it affect you that some people want to use the phone they paid with their money differently from you?
Why does it affect you that some people want to use the phone they paid with their money differently from you?

That question can be asked the same way to you. All iOS users are using the same wall, the same platform. If you wanted a hole in it to poke something through, other users will also have the hole whether they want to poke something through it or not since everybody is on the same wall, the same platform. A hole is a hole. You are basically forcing your preference of having a hole in the wall for everybody else.
 
…that could have potentially exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences…

“could have potentially” .. as in “did”?
 
  • Like
Reactions: VulchR
No one will be forcing you to sideload apps, you will still be able to download exclusively from your precious Apple app store.
I'm not concerned about me, I'm security-conscious and cautious. It's everyone else I'm worried about, the ones who uncritically will sideload a free game or the pseudosmart user who's just the right amount of smart to get into trouble, but unaware and naive enough not to realise it. It will be them who will get their phones riddled with malware and ransomware, not me.

I don't want iPhone to turn into the malwared mess Android is. I suggest you get yourself one of those phones. I hear the AV-apps and anti-malware apps is great for battery life!
 
Sorry but that argument makes no sense. There's no "hole" with you to interact if you stay on App Store strictly. You have to at least download malware in order for it to affect you.
Also people keep forgetting that MacOS isn't locked like iOS and everyone's just fine...
 
I'm not concerned about me, I'm security-conscious and cautious. It's everyone else I'm worried about, the ones who uncritically will sideload a free game or the pseudosmart user who's just the right amount of smart to get into trouble, but unaware and naive enough not to realise it. It will be them who will get their phones riddled with malware and ransomware, not me.

I don't want iPhone to turn into the malwared mess Android is. I suggest you get yourself one of those phones. I hear the AV-apps and anti-malware apps is great for battery life!
How much experience with Android do you have? I've used it for 10+ years and almost everyone I know (including my mother who can't stop opening clickbait articles) is still there and I haven't heard of a single instance where someone caught a virus or malware. Not everything companies advertise is true.
 
Why does it affect you that some people want to use the phone they paid with their money differently from you?

That question can be asked the same way to you. All iOS users are using the same wall, the same platform. If you wanted a hole in it to poke something through, other users will also have the hole whether they want to poke something through it or not since everybody is on the same wall, the same platform. A hole is a hole. You are basically forcing your preference of having a hole in the wall for everybody else.
Sorry but that argument makes no sense. There's no "hole" with you to interact if you stay on App Store strictly. You have to at least download malware in order for it to affect you.
Also people keep forgetting that MacOS isn't locked like iOS and everyone's just fine...
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.