For a so called software dev, os’ no less, an open source pro even, the fact you can’t see what I’m talking about is petrifying.It's not even remotely a hypothetical invasion of privacy. Good griefThis is bringing "reaching" to a whole new level. What next: "They both use software, so it's the same thing?"
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
University Researchers Who Built a CSAM Scanning System Urge Apple to Not Use the 'Dangerous' Technology
- Thread starter MacRumors
- Start date
- Sort by reaction score
No. It is now a well documented Apple proposed invasion of privacy. What we are arguing is how broad (scope) and the actual impact.
No. Most are stating it’s ok now, but what if bad actors change the variables. A future potential of mass surveillance and/or staged accusations.
*sigh*...
I never even suggested, much less claimed, I was better than anybody. I cited my meager "credentials" to show I had some expertise in the subject area. So, yes: I am more knowledgeable wrt to open source project development than many others, because I've participated in several open source projects at various levels throughout the years.
You, OTOH, clearly have no understanding whatsoever of how it all works, so you would be wise to stop commenting upon it.
You keep stating this. Why?
I said that open source is only secure when it’s been verified. Whacking something on GitHub or GitLab or somewhere doesn’t immediate guarantee its security, safety or privacy. It needs to be audited or verified or checked by one (or the group collective). Until then it’s no more secure than anything else.
LMAO!! Most? Maybe in a specific niche category.
Your attempt to play off as "situation is normal all is sunshine and roses" has nothing to do with what I posted.
I never claimed to be a "pro." I claimed I had a degree of expertise in the subject area. Stop making stuff up.
I can clearly see what you're talking about, and what you're talking about is equally as clearly utter nonsense. At least in prior exchanges you were making some degree of sense, even if I did disagree with nearly everything you wrote. Now you're just babbling random nonsense in some hope something will stick. Thus, following this, I will be disregarding your comments entirely.
Most who? Again, the challenge I've now offered at least three-four times, to different on-device CSAM-scanner defenders: Cite one single credible security professional, organization, or group, or privacy group or organization, that's expressed support for Apple's plans.
(But you'll have to cite it to someone who's still paying you attention. I will no longer be doing so.)
Just reading this thread it’s obvious that most people are worried about it’s future potential rather than it’s current proposed usage. Why don’t you read up a bout more about it, instead of assuming?
All of the serious security people are lamenting its future potential for abuse. Read and you will see.
Bonus.
Hey.I’m a bit puzzled about this initiative. So maybe someone can clarify this for me.
Lets say all this is legal and does not really affect anyones right to privacy for the given purpose. Let’s workout this rationally. I suppose the objective is somewhat to help stopping child abuse and catch criminals, right?
In context, when it comes to users there are two options. Either the user is a child abuser(1) or is not (2).
1) If the user is, given all the marketing done around this measure … for sure such user will stop using iPhones and iPads. Instead use something else. Don’t see how the objective is fundamentally met. My children for sure aren’t more protected against these criminals with this initiative.
2) If the user is not, what’s the point given that no other reason is presented?
In this model all users are treated as suspects with no ability to prove otherwise. I don’t like this attitude … are we all suspects of such vile thing now?
Wouldn’t it be better if given a warrant written by a Judge, supposedly because someone is a suspect of abusing children, this feature than be enabled remotely for a given user instead of being always on? I mean, banks are required to open safety boxes given such warrants, why aren’t techs like Apple required to do so? Its their OS isn’t it?
Myself, I do have a problem with how Apple is deploying this because everyone is than treated as a suspect. But I would have no problem if the alternative was available to law enforcement agencies. Of course such thing need to be regulated through Governmental policies that all companies as well as Apple would need to comply I guess. Much like banks.
But it seams that Apple is against this given prior situations were law eforcement agencies looked for Apple in aiding them in accessing perpetrator device only to be denied assistance.
So what is the actual Apple agenda here?
When Apple came to argue not to include chargers in the iPhone as a matter of environmental protection conscience … I found it weird because is uncharacteristic of companies of this kind …. Well to me the actual agenda was easy to find. Given that iPhone abandoning any kind of ports, including charging ports, in favor of wireless charging, clearly was about selling wireless chargers separately (magnetic chargers and so on). Just look at the multitude of wireless charging devices Apple as come with since … oh the environment protection I guess it does not apply …
I guess in this case, the actual agenda is still to be revealed … because thinking about it logically I don’t see how this measure as it is, reaches the intended result. Similar to the charger removal situation. I can see how it may help reaching other kinds of results … but don’t want to speculate on that.
Lets say all this is legal and does not really affect anyones right to privacy for the given purpose. Let’s workout this rationally. I suppose the objective is somewhat to help stopping child abuse and catch criminals, right?
In context, when it comes to users there are two options. Either the user is a child abuser(1) or is not (2).
1) If the user is, given all the marketing done around this measure … for sure such user will stop using iPhones and iPads. Instead use something else. Don’t see how the objective is fundamentally met. My children for sure aren’t more protected against these criminals with this initiative.
2) If the user is not, what’s the point given that no other reason is presented?
In this model all users are treated as suspects with no ability to prove otherwise. I don’t like this attitude … are we all suspects of such vile thing now?
Wouldn’t it be better if given a warrant written by a Judge, supposedly because someone is a suspect of abusing children, this feature than be enabled remotely for a given user instead of being always on? I mean, banks are required to open safety boxes given such warrants, why aren’t techs like Apple required to do so? Its their OS isn’t it?
Myself, I do have a problem with how Apple is deploying this because everyone is than treated as a suspect. But I would have no problem if the alternative was available to law enforcement agencies. Of course such thing need to be regulated through Governmental policies that all companies as well as Apple would need to comply I guess. Much like banks.
But it seams that Apple is against this given prior situations were law eforcement agencies looked for Apple in aiding them in accessing perpetrator device only to be denied assistance.
So what is the actual Apple agenda here?
When Apple came to argue not to include chargers in the iPhone as a matter of environmental protection conscience … I found it weird because is uncharacteristic of companies of this kind …. Well to me the actual agenda was easy to find. Given that iPhone abandoning any kind of ports, including charging ports, in favor of wireless charging, clearly was about selling wireless chargers separately (magnetic chargers and so on). Just look at the multitude of wireless charging devices Apple as come with since … oh the environment protection I guess it does not apply …
I guess in this case, the actual agenda is still to be revealed … because thinking about it logically I don’t see how this measure as it is, reaches the intended result. Similar to the charger removal situation. I can see how it may help reaching other kinds of results … but don’t want to speculate on that.
Last edited:
Your argument is tantamount to Tesla offering to sell cars with opaque black windshields that rely 100% on autonomous driving and experts warning that it will lead to wrecks and deaths, but you being a Tesla fanboy and pushing back that they’re just “lamenting its future potential for accidents”.
While the intention is good, this could lead to privacy concerns. And this won't really stop child porn pervs- they will just use a normal camera... the only real solution to stopping that awful "industry" is to take down the leaders of those operations. But sacrificing the privacy of all users is not an option, just because of a few bad apples. I feel this could lead to scanning users images in order to provide personalized adds, so the iPhone could basically become like Facebook
Hey, it’s not my argument. It’s what all of the hoohaa is about. Nobody has seen the system working yet, nobody has verified it (Apple has stated it will be audited by security professionals and the hashes are able to be audited by the user), all of anything that’s been discussed is hypothetical. Even the experts with their letter are just lamenting the potential of it. Until it’s seen I’m afraid that’s all any of us are doing.
If you have you would notice those are not my primary concerns.
As I posted on more than a few threads, I am looking to understand “Why this solution?” and “Why on our devices?”.
The current design appears to undermine / undercut the Apple mantra of privacy.
There is too much we don’t know and Apple is being very quiet. This solution is too easy to bypass making the resources placed into this “CSAM solution” and the way it was announced, especially with the resulting pushback, highly suspicious.
Last edited:
Not accurate.
Top items I have run across in my days of trying to understand:
1. Potential backdoor
2. Why on device
3. Why now
4. Sets a bad legal precedent (think San Bernadino)
5. Potential misuse - especially Governments
6. Does nothing to prevent the creation of CSAM
7. Undermines Apple’s current stance on privacy
Keep in mind this is only the CSAM function. Not the functionality built into Messages.
It bothers me so many fail to understand this very basic point….I’ve seen it worded in so many ways but you nailed it…. It’s simply the existence of the code on Our devices that is the violation, all the other arguments about it dilute the message. I suppose we should expect it from fans that can’t fanthom leaving Apple but it is important that the rest of us get this basic message out to the uninformed or misinformed….. ie don’t just talk about it here, at least mention this everywhere you frequent on the web
I don't think they've ignored them so much as they don't have a counter, because there aren't any. ICBW.
The internet is awash with speculation. There can be no facts regarding the implementation until it’s released for people to see and for people to test properly.
Until then, no researcher worth their salt will say whether they support it or not. Of course, everyone will be able to state their distrust or dislike of the implementation, but all of that’s completely irrelevant until it’s actually in the hands of researchers and can be audited.
It’s really not a hard concept to grasp.
It’s not publicly available yet. There have been no released independent audits by security researchers yet. Everything that is said so far is purely speculation based on a combination of the white papers and faqs Apple has released, and opinions based on either the present or some future potential. It’s not conducive to a good discussion when there are no real facts present, especially when the only facts that are present so far are apples, and people are wilfully ignoring them, preferring their fantasy version created upon speculation.
Until it’s released and until we can see independent audits, as is always the case with ios security features, then not a single person is anymore knowledgeable than me on the matter.
That’s why I am seeing all kinds of professionals pushing against this not to mention over 90 civil rights groups and a significant chunk of Apple employees.
Love to see open honest peer review of this functionality.
I never thought Apple would become their own "Black Hat Hacker". Good intentions mean nothing when it gets abused, and misused.