iOS 17.5 Bug May Also Resurface Deleted Photos on Wiped, Sold Devices [Updated]

[sigmasirrus]

I had that enabled for over a year. Still had a photo from 2019 resurface.

😔Dang…

 

[Pezimak]

I’m truly shocked that someone could F up this bad at Apple. Can’t wait to see the ad that Samsung comes up with for this one.

I‘m not considering the bugs they’ve had before, we once if I recall even had them release the WRONG update and bricked devices before! They had to hurriedly stop it before release if the ‘correct’ version…

 

[verdi1987]

This is bizarre. After wiping a device, how is there anything to restore?

Wiping doesn’t necessarily overwrite every byte in storage, but presumably the encryption keys should have been destroyed.

 

[tonie walker]

i need my refund Timmy! your sorry won’t cut it

 

[MrRom92]

Apple is perverts

 

[klasma]

Apple is complying with the ”Right to be remembered”.

 

[klasma]

Oh no all your nude photos!

This would have been fun if CSAM scanning had been implemented.

 

[SectualChocolet]

But we have such creative talent making pencil pro shadows you know that is why we didn’t bother doing real work hence these bugs.

 

[chrono1081]

As an apple user that doesn’t drink the kool aid I still find this hard to believe to be honest. Need Evidence.

My thoughts exactly. One Reddit post doesn’t convince me.

 

[dampfnudel]

This is unacceptable. I guess whoever got the sold/trade-in/returned devices can also retrieve locations and other personal information from the photo files. Some users also took photos of finance related documents.

I was just thinking about embarrassing photos and forgot that people also take photos of documents that they would never want anyone else to see, either strangers who purchase their phones as pre-owned or even family members they hand their phone down to. I just wonder how widespread of an issue this is. I can see court cases in Apple’s future if this causes more than just embarrassment for some people affected.

 

[MrENGLISH]

I just updated my son's iPhone 12 PM to 17.5 - this device used to be mine for over 2 years - and so far I am not seeing any of my old photos on it. I have never used iCloud to backup my photo library if that plays any sort of role in this.

 

[verdi1987]

I call BS.
Even if the files were not encrypted.
Resetting the devices creates new partitions.
The OS won’t randomly start scratching through the unassigned/unused storage to recover data

I think another article mentioned Apple was trying to fix a bug where photos were missing from some customers’ libraries. It’s not inconceivable that whatever fix they implemented to restore the orphaned files would unintentionally produced this bug.

 

[PotentPeas]

Really wondering how this is happening.

It might not be that the photos are "undeleted" on the device, but rather they got stuck somewhere in the iCloud photo sync infrastructure, and a new bug is causing them to be "re-synced" to the user's device. That would explain why they could persist after the device was "wiped".

Though to explain why they are showing up with a different Apple account attached to the device now, it would have to be that the iCloud sync bug is using a device identifier/token of some kind and not the actual Apple account to deal with the photos.

Hopefully, a quick fix from Apple is coming soon, this is a pretty embarrassing after all...

 

[Pezimak]

If the person you sold your phone to has already updated, they may be seeing photos in your iCloud library now.

All I have to say is:

And:

A company who ’Heavily’ sells its devices on the ideology and image of security, introduces this bug that I bet beta testers will have warned them about, it’s often when iOS bugs are releases beta testers state how they advised Apple about them.

 

[TruthAboveAllElse]

Why would you fire someone for this? They just learned the most expensive lesson about IT security that it's possible to learn. This will make them better at their job - vs. someone else who still needs to learn a painful lesson such as this.

Because they didn’t sign an apology letter

 

[ninecows]

Not surprising at all. Developers never check their work and rely on QA to find bugs. But QA engineers are often a level or three levels lower in their knowledge of the code base, which explains a never ending stream of bugs, some are silly, but some like this one, are not. It takes extreme focus and a culture dedicated to security to ship a quality product, which almost no company in Silicon Valley has.

With big data, agile and CI/CD you don’t need QA any more. Your users are just your beta testing team working for free.

 

[j26]

I ironic that one of the headlines down below is "Turn a Live Photo into a Boomerang"

It seems ALL photos are boomerangs now - throw them away and they still come back...

 

[salz4life]

This is why I don't take nude photos..... well, that and I'm revolting...

 

[Pezimak]

Really wondering how this is happening.

It might not be that the photos are "undeleted" on the device, but rather they got stuck somewhere in the iCloud photo sync infrastructure. That would explain why they could persist after the device was "wiped".

Though to explain why they are showing up with a different Apple account attached to the device now, it would have to be that the iCloud sync bug is using a device identifier/token of some kind and not the actual Apple account to deal with them.

Hopefully, a quick fix from Apple is coming soon, this is a pretty embarrassing after all...

It means, when you delete your photos, and Apple warns you it will delete them from ALL devices, that Apple are NOT actually ‘deleting’ the photos as such… because the data has to exist somewhere AND still be linked to your old devices for it to be restored onto your old devices.

 

[yustas]

This is unacceptable for a company that’s „privacy focused”.

Privacy focused is a billboard slogan. They are privacy focused in the same way Forster Farms are focused on raising free range chickens. A privacy focused company wouldn't wait 15 years or so to introduce "advanced" data protection.

 

[contacos]

And Apple is just keeping quiet. They really need to be forced by the EU to do F all these days

 

[SanderEvers]

Next article. “iOS 17.5 Bug May Also Resurface Deleted Passwords on Wiped, Sold Devices”

I said password manager, good luck getting past the manager's master password. Even if you could recover the file.

And with "master password" I mean a generated random 512 bit key (that isn't stored nor cached on device) + my biometric unlock.

 

[dampfnudel]

Really wondering how this is happening.

It might not be that the photos are "undeleted" on the device, but rather they got stuck somewhere in the iCloud photo sync infrastructure, and a new bug is causing them to be "re-synced" to the user's device. That would explain why they could persist after the device was "wiped".

Though to explain why they are showing up with a different Apple account attached to the device now, it would have to be that the iCloud sync bug is using a device identifier/token of some kind and not the actual Apple account to deal with the photos.

Hopefully, a quick fix from Apple is coming soon, this is a pretty embarrassing after all...

I guess 17.5.1 can’t come soon enough for some. Unless Apple can’t fix this until 17.5.2.

 

[Jason2000]

apple employees need to see jail time for this incompetence.

And we need definitive proof before jailing anyone.

 

[Falco McGregor]

Hey, if Apple screwed up then they deserve the heat, but this is a lot of speculation and doom-posting from a single anonymous Reddit comment with zero corroboration.