University Researchers Who Built a CSAM Scanning System Urge Apple to Not Use the 'Dangerous' Technology

[Playfoot]

All I have defended is the simple fact that there is no proof of anything, yet one person here is going mental about the world turning into nazi Germany, among many other huge reaches before anyone knows anything.

Nope. Why do I need to answer any questions?! If you’re asking why finding perpetrators of child abuse is more important than finding people who speed in their car, then I think the answer is fairly obvious. There is always a victim in child abuse. This is not the case with speeding, which only involves accidents.
Road carnage is awful, but it’s not at all in the same league. What a terrible thing to equate.
However, I’m not sure the op was entirely asking this which you have asked - I think they meant more like - opening this door could enable other types of ‘spying’, and am I ok with that as I appear ok with this current casm thing.
And my answer to that is as I have stated many many times - it’s a hypothetical question based around internet hysteria. Until we and researchers have it in our hands then there is no point wittering on about it. I’ll form my opinion when I have some solid facts on it.

I have been giving extremely straight answers.

I was fairly certain an example of Godwin's law would appear when I asked the question about this type of technology being used for saving people from death, dismemberment and injury caused by car accidents. Admittedly, I didn't think it would happen quite so quickly. To be certain, I did a search of this thread and there is only one mention of "Nazi".

As the reference was used in a reply my message, I must assume I am the "one person here".

I must offer an apology as I had thought, based on your responses you wouldn't offer a reasonably clear answer. However, you did: above you stated you are content to have Apple, and I assume by extension other corporations, to use technology to proactively monitor and report infractions of the law without the owner of the device knowing a report has been sent to Apple and possibly authorities.

As for your claim there are not victims in traffic accidents, I suggest anyone who believes this to speak with survivors, with friends and family of those who are killed or maimed in traffic accidents. To speak with family and friends of those who were driving cars struck by speeders. To speak with family of those family and friends of pedestrians struck by speeding cars...There are victims.

To be clear, I am not stating one is worse than the other. Only that both are terrible.

 

[Schismz]

Edward Snowden's thoughts:

The All-Seeing "i": Apple Just Declared War on Your Privacy

“Under His Eye,” she says. The right farewell. “Under His Eye,” I reply, and she gives a little nod.

edwardsnowden.substack.com

 

[RedRage]

Comparing speeding, including road deaths or not, to child abuse is abhorrent, by the way.
i know what you’re trying to say, obviously. But what a disgusting way to try to prove your point.

He makes a great point. You just don't like it.

 

[antiprotest]

For me, a simple question is in order. For all those who claim the hash system is acceptable, safe, indeed a moral and societal necessity then using Apple technology in cars to report speeding is also acceptable.

After all, approximately 40,000 people die and over 4 million require significant medical care annually. Compound those numbers with grieving families and friends, and I assume more are impacted than by CSAM.

Apple can and does track routes, and knows when someone is speeding if its technology is in a vehicle. So, if with the introduction of iOS16 Apple starts reporting speeders to the police, obviously with an Apple employee reviewing the data, ALL of those in favour of the CSAM would accept this.

So, supporters of CSAM technology, would you support this? Yes, or no?

A simple question.

Or as I said in another thread:

I think it is terribly backward for Apple to detect crime after it has happened. By the time they have done all that hashing and verifying and reporting, many children have already been hurt.

Presumably predators and other criminals display certain patterns of behavior before and during their crimes. Apple should take SIRI (now Seriously Invasive Rectal Insertion) to the next level and make it detect patterns of motion, interests and preferences (web sites, reading materials, pictures, length of time spent on each item, etc.), eye movements and pupil dilations, facial expressions when taking selfies and video calls, and content of texts, emails, and conversations -- yes, "hash" everything to death so that you can still call yourself a privacy company -- and then report those scumbags to the relevant agencies before they can commit the crime. The data collected by SIRI would be the evidence in court to convict the people, showing that they will indeed commit those crimes in the future.

Then we will finally end up with the glorious Minority Report scenario that we have desperately longed for. False positive you say? Come on, you're arguing just to be arguing. You are so ignorant. You must not understand software engineering. There's less than one in a trillion trillion trillion chance. SIRI doesn't see what you intend to do, only what you will do. And suppose it really happens to you, all you have to be is Tom Cruise.

 

[dk001]

Kind of sounds an alarm bell or two …

The All-Seeing "i": Apple Just Declared War on Your Privacy

“Under His Eye,” she says. The right farewell. “Under His Eye,” I reply, and she gives a little nod.

edwardsnowden.substack.com

After posting looks like I was a late poster
That’s cool - worth a second post.

 

[pdoherty]

I was fairly certain an example of Godwin's law would appear when I asked the question about this type of technology being used for saving people from death, dismemberment and injury caused by car accidents. Admittedly, I didn't think it would happen quite so quickly. To be certain, I did a search of this thread and there is only one mention of "Nazi".

As the reference was used in a reply my message, I must assume I am the "one person here".

I must offer an apology as I had thought, based on your responses you wouldn't offer a reasonably clear answer. However, you did: above you stated you are content to have Apple, and I assume by extension other corporations, to use technology to proactively monitor and report infractions of the law without the owner of the device knowing a report has been sent to Apple and possibly authorities.

As for your claim there are not victims in traffic accidents, I suggest anyone who believes this to speak with survivors, with friends and family of those who are killed or maimed in traffic accidents. To speak with family and friends of those who were driving cars struck by speeders. To speak with family of those family and friends of pedestrians struck by speeding cars...There are victims.

To be clear, I am not stating one is worse than the other. Only that both are terrible.

Yours is a perfectly-valid analogy and demonstrates the point well. It isn’t about which thing is worse, though one could certainly argue death/maiming/crippling from car accidents is pretty bad. I mean, if the poster you’re replying to only wants the most-heinous crimes allowed to be infringing like this CSAM is doing, then why don’t we have it also examine every text message we ever send so we can stop assassins. I mean, they’re literally murdering people for money.

 

[dk001]

Yours is a perfectly-valid analogy and demonstrates the point well. It isn’t about which thing is worse, though one could certainly argue death/maiming/crippling from car accidents is pretty bad. I mean, if the poster you’re replying to only wants the most-heinous crimes allowed to be infringing like this CSAM is doing, then why don’t we have it also examine every text message we ever send so we can stop assassins. I mean, they’re literally murdering people for money.

This is something we seriously do not need.

 

[slomojoe]

Edward Snowden's thoughts:

The All-Seeing "i": Apple Just Declared War on Your Privacy

“Under His Eye,” she says. The right farewell. “Under His Eye,” I reply, and she gives a little nod.

edwardsnowden.substack.com

an interesting take by a smart guy, though i really have to say he is much more confident than i am that we are forfeiting our future privacy, privacy that we likely will never get even if apple hadn’t done this

our data just leaks out all over the place, it is simply a fact of life as we more and more live in (are caught in ?) a web of technology that is delivered by people who are hungry for every scrap of data they can get

anything like actual privacy is now a full-time job if you live anywhere urban, it requires so much effort and still the data leaks

maybe the answer is just to throw off so goddamn much data that the system can make little sense of it, import 200000 random images into icloud, use multiple phones, vary your name a dozen different ways, but still the data collection robot will adapt

the perfect privacy phone is no phone

 

[smoking monkey]

I think it is terribly backward for Apple to detect crime after it has happened. By the time they have done all that hashing and verifying and reporting, many children have already been hurt.

That's true, but it can also stop future crime by identifying a P and letting the law take care of that P so they can't commit a crime again. What is the answer? Dunno. Too complicated. Possibly not what they are doing though.

Just how many Ps it's going to catch also is debatable. I think this is more about letting Ps know that they aren't going to be able to use an Apple device for their sicko behavior. And that's what this is really about. Apple of course are against it, but from the company's POV they really don't want it on their hardware. There was a report from earlier this year stating that CP was rife on iPhones.

As for people who are worried by the immediate impact (not privacy debate) of this and think they could accidentally get set up by this... No. That's simply not going to happen. Get over yourself. Nobody cares that much about you to set you up with CP.

I'm interested to see the sales figures of iPhones in Hollywood after this is introduced.

 

[nickdalzell1]

Heck, one could argue that you had no privacy even in Mayberry. Remember that old 'you can't keep a secret in Mayberry' trope?

I've lived in a small township before. Doesn't take long before everyone knows you name, or what you want before you even ask. Pre-Google if you will, '70s style.

Even in the '60s, having a credit card meant you pretty much had your info sold to third parties anyway. It's not a new concept at all. We have accepted certain limits on privacy, but this is going too far.

 

[dk001]

That's true, but it can also stop future crime by identifying a P and letting the law take care of that P so they can't commit a crime again. What is the answer? Dunno. Too complicated. Possibly not what they are doing though.

Just how many Ps it's going to catch also is debatable. I think this is more about letting Ps know that they aren't going to be able to use an Apple device for their sicko behavior. And that's what this is really about. Apple of course are against it, but from the company's POV they really don't want it on their hardware. There was a report from earlier this year stating that CP was rife on iPhones.

As for people who are worried by the immediate impact (not privacy debate) of this and think they could accidentally get set up by this... No. That's simply not going to happen. Get over yourself. Nobody cares that much about you to set you up with CP.

I'm interested to see the sales figures of iPhones in Hollywood after this is introduced.

They’ll buy whatever latest fad their publicist says to get.

 

[cupcakes2000]

I was fairly certain an example of Godwin's law would appear when I asked the question about this type of technology being used for saving people from death, dismemberment and injury caused by car accidents. Admittedly, I didn't think it would happen quite so quickly. To be certain, I did a search of this thread and there is only one mention of "Nazi".

As the reference was used in a reply my message, I must assume I am the "one person here".

I must offer an apology as I had thought, based on your responses you wouldn't offer a reasonably clear answer. However, you did: above you stated you are content to have Apple, and I assume by extension other corporations, to use technology to proactively monitor and report infractions of the law without the owner of the device knowing a report has been sent to Apple and possibly authorities.

As for your claim there are not victims in traffic accidents, I suggest anyone who believes this to speak with survivors, with friends and family of those who are killed or maimed in traffic accidents. To speak with family and friends of those who were driving cars struck by speeders. To speak with family of those family and friends of pedestrians struck by speeding cars...There are victims.

To be clear, I am not stating one is worse than the other. Only that both are terrible.

The nazi comment to which I was referring, was directed at me — and it was moderated along with the whole related conversation.

i didn’t claim there where no victims. I stated that death by speed caused traffic accidents are precisely that, accidents - ie: it may or may not happen.
Child abuse is not an accident, and there is always a victim with every case.

FYI - you’re putting words in my mouth. I didn’t state anywhere i was happy for any company to track me and or report me to law enforcement for any purpose they see fit. What I said and I’ll continue to say, even though you seem to go blind upon reading this paragraph- I’m withholding my opinion on the matter until I see for myself any nefarious possibilities, until I see any professional security audits. Unlike you I’m not willing to form an opinion on anything which is based on internet hysteria and hearsay.
No one has seen this tech yet. No one can possibly know. It’s a very very simple sentence to read.

 

[cupcakes2000]

What about the opinions of those that the article is about?

It’s an opinion based on no information. I generally respect the eff and such like, but I won’t ride along with hysteria. These researchers the article are referring too are not even talking about the same tech that Apple is using, as far as anyone knows. They know the same as we do which is nothing other than what Apple have stated and what others have guessed at.
That’s not good enough to form a valid opinion.

 

[icanhazmac]

It’s an opinion based on no information.

Um, they built it. Who has more information on the technology used?

I generally respect the eff and such like, but I won’t ride along with hysteria.

Um, they built it.

They know the same as we do which is nothing other than what Apple have stated and what others have guessed at.

Um, they built it. They know more than anyone.

That’s not good enough to form a valid opinion.

Um, they built it.

How can you completely discount the opinion of the people who designed the technology? When they say it is dangerous that should be a very very easy concept to understand.

 

[ghanwani]

Worth a read:

The All-Seeing "i": Apple Just Declared War on Your Privacy

“Under His Eye,” she says. The right farewell. “Under His Eye,” I reply, and she gives a little nod.

edwardsnowden.substack.com

 

[Playfoot]

The nazi comment to which I was referring, was directed at me — and it was moderated along with the whole related conversation.

i didn’t claim there where no victims. I stated that death by speed caused traffic accidents are precisely that, accidents - ie: it may or may not happen.
Child abuse is not an accident, and there is always a victim with every case.

FYI - you’re putting words in my mouth. I didn’t state anywhere i was happy for any company to track me and or report me to law enforcement for any purpose they see fit. What I said and I’ll continue to say, even though you seem to go blind upon reading this paragraph- I’m withholding my opinion on the matter until I see for myself any nefarious possibilities, until I see any professional security audits. Unlike you I’m not willing to form an opinion on anything which is based on internet hysteria and hearsay.
No one has seen this tech yet. No one can possibly know. It’s a very very simple sentence to read.

I am focused the intent to increase surveillance, to be assumed to be guilty, increased monitoring, and as many security professionals have stated an effective back door.

As for putting words, in your mouth, I apologise. When you stated, "...opening this door could enable other types of ‘spying’, and am I ok with that as I appear ok with this current casm (sic) thing.", it seemed you were answering in the affirmative.

And this is where you and I disagree: I am opposed to the seemingly never ending creeping loss of privacy, the constant monitoring and tracking, of the assumption of guilt.

 

[cupcakes2000]

Um, they built it. Who has more information on the technology used?



Um, they built it.



Um, they built it. They know more than anyone.



Um, they built it.

How can you completely discount the opinion of the people who designed the technology? When they say it is dangerous that should be a very very easy concept to understand.

No they didn’t build this. They built something else that they feel is similar. Read the article.

 

[cupcakes2000]

I am focused the intent to increase surveillance, to be assumed to be guilty, increased monitoring, and as many security professionals have stated an effective back door.

As for putting words, in your mouth, I apologise. When you stated, "...opening this door could enable other types of ‘spying’, and am I ok with that as I appear ok with this current casm (sic) thing.", it seemed you were answering in the affirmative.

And this is where you and I disagree: I am opposed to the seemingly never ending creeping loss of privacy, the constant monitoring and tracking, of the assumption of guilt.

We don’t differ at all. I am also against constant spying and tracking and the loss of privacy.
I’m just not willing to join the parade of people that seem to know what Apple has created and instantly dismiss it as spying or a backdoor, before they’ve even seen it.
That’s the difference.
If you’re so ‘innocent until proven guilty’ why can’t you afford Apple the same rights? It’s not like they haven’t made massive strides in the industry re: privacy. They have credentials and form.

 

[cupcakes2000]

As for putting words, in your mouth, I apologise. When you stated, "...opening this door could enable other types of ‘spying’, and am I ok with that as I appear ok with this current casm (sic) thing.", it seemed you were answering in the affirmative.

You misquoted me here. It was not a statement it was a question.

However, I’m not sure the op was entirely asking this which you have asked - I think they meant more like - opening this door could enable other types of ‘spying’, and am I ok with that as I appear ok with this current casm thing.

Edit: well it wasn’t a question by me but an assumption on the original question you posed. But I believe the misunderstand stems from your misinterpretation of the bolded below.

“However, I’m not sure the op was entirely asking this which you have asked - I think they meant more like - opening this door could enable other types of ‘spying’, and am I ok with that as I appear ok with this current casm thing.”

 

[Theo Belk]

It’s 100% relevant since people have been freaking out about the mere fact that Apple is suddenly scanning the content of photos.

BTW, I’ll cut you some slack since you’re a newbie, but making false accusations like the one about astroturfing is frowned on by the moderators.



No it doesn’t. There NEVER
was end to end encryption on iCloud photos. This bypasses nothing. And if China passed a law that said Apple couldn’t encrypt photo uploads (or anything) they could do that to. The only thing stopping Apple from giving in to such laws is Apple. The CSAM system does nothing to change that situation.


Since the entire tool is built around this specific database, it is more difficult, but the point is if Apple wanted to build an easy backdoor they could have. Taking a FAR narrower approach that targets one specific category is demonstrating they aren’t going to simply bend over and do what some power mad government demands. If they were they could have done that already.



Why is it funny to point out that nothing has changed in regards to what authoritarian regimes could try to do? The CSAM system in no way makes that any easier or more likely. Those attacking Apple on this front are being completely illogical.



Clearly not since your “analysis” involved making statements that were trivially proven as false, and you had to throw in an ad hominem attack for no reason. You’ve helped to prove my points, thanks.

I see little other explanation for your opinions other than some kind irrational support of Apple as a non-employee or getting paid which seems slightly more likely. But you could just be misguided into thinking Apple needs defense.

You misunderstand databases. The remote mechanism that interacts with the database is the hard part. After that the data source can be more or less interchangeable and any instructions sent to the clients can be included in the new database. Look up how botnets work.

Its probably not a good idea to base your judgement of people on whether MacRumors forums thinks I'm a noob.

 

[russell_314]

I don’t understand what you don’t agree. That Apple or any software builder, as builders have the capability to build in whatever are their ideas … that is a matter of fact. Without it how could they build anything in the first place?

The core issue is that before they were against back doors. Now they changed their minds, backdoors with CSAM as long they are the ones doing the policing its ok for the sake of Children. Pair this with some past … say their privacy and security concern, failing to aid the democratic institutions responsible to take down criminal in the context of a killer of children … They already assuming themselves as the regulators of digital goods in their devices while enforcing a “Tax”, over 2 billions of people using them. Now assuming the role of digital police …

What’s the agenda?

What I don’t agree with is Apple is only CAPABLE of scanning your phone for CSAM. Apple is SAYING they’re only scanning your iPhone for CSAM. It’s kind of like me searching through your house telling you I’m only looking for drugs but that doesn’t mean I can’t look for other stuff while I’m searching.

 

[pdoherty]

What I don’t agree with is Apple is only CAPABLE of scanning your phone for CSAM. Apple is SAYING they’re only scanning your iPhone for CSAM. It’s kind of like me searching through your house telling you I’m only looking for drugs but that doesn’t mean I can’t look for other stuff while I’m searching.

If you’re doing it via a proper warrant you aren’t supposed to looking anywhere or for anything that wasn’t clearly spelled out in the warrant (with supporting probable cause).

 

[russell_314]

If you’re doing it via a proper warrant you aren’t supposed to looking anywhere or for anything that wasn’t clearly spelled out in the warrant (with supporting probable cause).

You are correct that you’re not supposed to be looking for anything not spelled out in the warrant however, it is widely acceptable that if something else is found during the normal search then that is admissible. For example if the police are searching your house for drugs that means they can go pretty much anywhere that drugs could be. If during that search they were to find something else say a firearm that was illegal you would get prosecuted for that. Also this applies to Apple for example if they were looking for CSAM and then found something else they are obligated by law to report it to law enforcement. I can only speak of US law because I don’t know other countries.

You can’t really compare what Apple is doing what to the warrant situation because they don’t have a warrant to search your iPhone and you’re not even getting notified when a search is happening. Yes Apple has publicly announced that they will be doing this but you’re going to know when the police walk in your house but you won’t know when they’re searching your iPhone. It would be like the police saying yes we’re going to be searching everyone’s houses but then creeping in at night when you’re asleep looking around and then leaving when you don’t even know what happened.

 

[cupcakes2000]

You are correct that you’re not supposed to be looking for anything not spelled out in the warrant however, it is widely acceptable that if something else is found during the normal search then that is admissible. For example if the police are searching your house for drugs that means they can go pretty much anywhere that drugs could be. If during that search they were to find something else say a firearm that was illegal you would get prosecuted for that. Also this applies to Apple for example if they were looking for CSAM and then found something else they are obligated by law to report it to law enforcement. I can only speak of US law because I don’t know other countries.

You can’t really compare what Apple is doing what to the warrant situation because they don’t have a warrant to search your iPhone and you’re not even getting notified when a search is happening. Yes Apple has publicly announced that they will be doing this but you’re going to know when the police walk in your house but you won’t know when they’re searching your iPhone. It would be like the police saying yes we’re going to be searching everyone’s houses but then creeping in at night when you’re asleep looking around and then leaving when you don’t even know what happened.

And yet- it’s not an open ended search. It’s a hash match. Unless that matches they’re not looking at anything at all. And if that matches there has to be a further 29 matches for them to physically look at something, and then it’s only the 30 matches. So still not anything close to having your house searched.
*Disclaimer: I’m talking talking about facts and in relation to what we know. Not hysteria or emotion generated by internet rumours *

 

[jseymour]

How can you completely discount the opinion of the people who designed the technology? When they say it is dangerous that should be a very very easy concept to understand.

Should be, yes. But some people, for whatever reason or reasons, are going to trust it, anyway.

I am somewhat conversant in this subject area. (Interestingly, some people seem to feel my noting that somehow decreases the value of my comments. Go figure.) The key word there is "somewhat." This means I don't pass judgement on these things entirely on my own counsel, because there are people out there a lot more knowledgeable than I. Thus: If I'd seen any support for Apple's plan from any security or privacy people I might be inclined to give Apple a pass. (I'd have to closely examine their arguments.) But that's not what's happening. The security and privacy communities have been opposed to this without exception.