University Researchers Who Built a CSAM Scanning System Urge Apple to Not Use the 'Dangerous' Technology

[Reed_College_Dropout]

Tough choice. New chip is going to make it hard to recommend buying it right at launch without some reviews and time first. It could be great, or could have issues or app compatibility issues.

I THINK my eye is more toward the 5a right now. It's basically everything you need n a phone- relatively big AMOLED, water-resistant, HUGE battery, decent enough specs and storage, all for $450. That would not be a huge hit to me to take selling it off to buy a 6 or something else later.

Even if Google accounts the 6 in October you may not get full hands-on reviews and find issues until Nov-Dec once it gets in more hands.



For me, just IMO, the Fold is just too fragile (and expensive) still. Getting WAY better and certainly impressive but there is still too much risk with that display to shell out that much $.

I understand. I thought about the cost at first as well, as it is something everyone should consider. However, when I add the cost of my iPhone 12 Pro Max -128GB ($1099) and my iPad Mini w/ WiFI & Cellular 256GB ($679) that's $1778.

The Fold 3 - 512GB was $1657 out the door with Samsung Care+ for a year included, a Samsung silicon case, a 25w super fast charger, and a Galaxy SmartTag. The 512GB Fold 3 has more storage than my iPhone and iPad Mini combined, not to mention it is two devices in one, which is the biggest draw. My friend has had no durability issues with the Fold 2, and it didn't even have a case on it.

 

[rme]

I'm finding that harder and harder to imagine for myself. I already decided not to get a new MBP or iPad Pro, but now no new iPhone 13 either. I wish I could sell my M1 MBA for a decent price. (I'm keeping my Intel Mac Mini, I can keep it on an older OS.)

Would've been decent if Apple had offered locked-in M1 Macbook buyers at least a partial refund as part of this announcement. No courage I guess.

 

[dk001]

obviously, Apple will be the gatekeeper here. They can allow or deny government interference in this system.

But isn’t that always the case? They already get requests for data, to install back doors, etc and each time Apple has to allow or (hopefully) deny these requests. So I’m not sure CSAM changes anything. They can say yes or no as before.

As a customer your only option is to trust or distrust the company. I can’t imagine Apple is doing a 180 here on their privacy stands. Otherwise they wouldn’t have made a big deal of it all these years.

"Hi!
I'm Agent Jamie Smith and this is my Federal Legal Posse.
Here is a FISA warrant and an addendum to your CSAM db.
Here is the instructions you will follow in the event you get a match.
And lastly, here is the Gag Order limiting what you can discuss and communicate.
Kindly have a Super Sparkly day and we will see you next time!"

 

[Reed_College_Dropout]

Would've been decent if Apple had offered locked-in M1 Macbook buyers at least a partial refund as part of this announcement. No courage I guess.

That would've been awesome!

 

[Reed_College_Dropout]

While I hate the intrusion and violation of privacy, despite the good intentions, because we all know it will be abused for something other than the original public intention.

I wonder if this is more Apple protecting itself, as some govt. entity has come after them for unknowingly hosting illicit child images/vids in the cloud.

You can bet our government is involved. I'm sure China's is as well.

 

[Mercury7]

I'm finding that harder and harder to imagine for myself. I already decided not to get a new MBP or iPad Pro, but now no new iPhone 13 either. I wish I could sell my M1 MBA for a decent price. (I'm keeping my Intel Mac Mini, I can keep it on an older OS.)

If we are forced out then no doubt a financial hit is coming, I can just trade in the phones at T-Mobile because I’m doing the lease thing anyway but I’ll take a hit on my iPad Pro and as mentioned, really not a whole lot of competitors in the ipad space. I have a Appletv and homepods too but those will probably be safe to keep til end of life

 

[ZEEN0j]

Could. And in the end that's what it boils down to. Could.

and...

"Apple has strongly pushed back against such a possibility, saying it will refuse any such request from governments."

Some will trust Apple's assertion. Others won't.

Those who don't should VOTE WITH THEIR WALLETS. Of those who don't trust Apple, I suspect a very tiny number will step up and follow through. That requires courage.

.

Very much so. To add to this. I’m not defending Apple but to evaluate this you have to account everything Apple is doing.

The issue these researchers have is neglecting the fact that your hashes will not be compared to just one governments CSAM library but to at least two. So let’s say China forces their way there. Those hashes or images will have to be added to another countries as well. It’s like this for exactly this reason. If that’s a safe way I’m not sure. But they are ignoring it

 

[bobcomer]

If we are forced out then no doubt a financial hit is coming, I can just trade in the phones at T-Mobile because I’m doing the lease thing anyway but I’ll take a hit on my iPad Pro and as mentioned, really not a whole lot of competitors in the ipad space. I have a Appletv and homepods too but those will probably be safe to keep til end of life

Dang, I forgot about the Apple TV, the latest, of course. I've sure spent a lot of money on Apple products.

I still like it better than the alternative, but, ...

 

[TheRealNick]

I hate to break it to you, but there are no alternative products that don't track our every move and scan our devices. Big Brother is here to stay. This is only going to get worse if we continue to allow it.

I’m looking at a Linux based solution and a pi-hole which whilst not perfect is far cry from what Apple is doing here.

 

[pdoherty]

Waiting for the survillience apologists to argue these two researchers "don't understand" the process...

That attitude is all over this other thread…

Serious Question about the "Outrage" behind CSAM Scanning

A Case could be made without the outrage that even iCloud data shouldn't be scanned but thats not what the outrage is about. The primary objections of pundits and some users is that the scan is occurring on device rather than on iCloud. so my Questions and confusion rather is this: If the only...

forums.macrumors.com

 

[rme]

I’m looking at a Linux based solution and a pi-hole which whilst not perfect is far cry from what Apple is doing here.

I'm getting this : https://frame.work
The DIY edition can be ordered without Windows.

 

[sevarre]

Apparently some of the code is already present on iOS 14.

https://www.reddit.com/r/jailbreak/comments/p76oax

Time to get back in the jailbreak community, I guess- maybe there are ways to circumvent this by having more autonomy over the device. Hadn’t felt the need to do so since Apple started pushing their commitment to privacy and the sanctity of user data, but obviously that has gone to ****.

Doesn‘t matter what you say your intentions are when using X, but what X has the power and capacity to do... because if X is capable of being used in a certain way by powerful people, you can bet it eventually will be. Especially when Apple has the insanely vast user base it currently has. The amount of times companies backslide on their “original intentions” should be a meme by now it is such a freaking joke.

 

[dk001]

There's that "could" word again. Which was my point, previously.

Still boils down to trusting Apple and its assertion: "Apple has strongly pushed back against such a possibility, saying it will refuse any such request from governments."

If you trust Apple, fine. If you don't, Vote With Your Wallet. I suspect no more than a tiny number of the "don'ts" won't.

That's the challenge. Apple says they "won't" and Apple says they "follow all applicable laws".
In this case they can't do both.
Which do they pick?
$$$$$

 

[Krizoitz]

A foreign government could, for example, compel a service to out people sharing disfavored political speech. That's no hypothetical: WeChat, the popular Chinese messaging app, already uses content matching to identify dissident material. India enacted rules this year that could require pre-screening content critical of government policy. Russia recently fined Google, Facebook and Twitter for not removing pro-democracy protest materials.

So Apple shouldn’t use a more limited scanning system because some governments ALREADY spy on citizens using their phones/apps in a far more intrusive way? That’s a complete contradiction.

If China wants to pass a law forcing companies to allow them to spy on users THEY CAN ALREADY DO THAT. Apples CSAM system has nothing to do with that.

 

[Mercury7]

The funny part is, if Cook lived in China he would be imprisoned and most likely killed for being gay. It is pure greed that drives him, not making the world a better place to live.

Yeah… when this first broke I was wondering if Tim knew the laws against his lifestyle are still on the books in many states, I wonder if he would be against scanning his device for that stuff, not trying to equate the two… just saying if tech is going to monitor for illegal behavior then why wouldn’t it apply…. No doubt that will be the governments argument when they ask Apple to start tracking other stuff

 

[citysnaps]

That's the challenge. Apple says they "won't" and Apple says they "follow all applicable laws".
In this case they can't do both.
Which do they pick?
$$$$$

Hard to say in *this particular* situation. I'm not going to reflexively say they will, using that particular methodology/technology (photo hash matching).

 

[mrsebsin]

Dear Apple, just following up. As mentioned iCloud and Apple TV+ are cancelled, but I almost forgot about Apple Card. Not to worry, it has now been cancelled as well. Keep me posted if I should get rid of the hardware as well.

 

[RobArtLyn]

I just REALLY wish people would stop the (false) hot take "oh but Google and MS do it too!!!"

There's a HUGE difference between voluntarily using an online service or not, an informed decision and choice, and an OS update on your device that you have no say in.

That is the nuance here. I would have no issue if they scanned iCloud KNOWING they were going to do it. You consented to that and can choose another service. Same with Google and MS.

But not 100% of devices without consent. I suppose you can not update your OS but who knows how far back in OS this code goes, and makes its own security risks not updating too; not a viable solution either.

But for the love of God can we understand the consent issue of Google/MS vs. Apple here and you get no choice when it is on device.

And Google/MS didn't sell privacy as an aspect of their services either; ever. Remember....

If you do not voluntarily consent to using their iCloud service for your photos, then what happens on your phone will still stay on your phone.

 

[Krizoitz]

Apparently some of the code is already present on iOS 14.

https://www.reddit.com/r/jailbreak/comments/p76oax

Time to get back in the jailbreak community, I guess- maybe there are ways to circumvent this by having more autonomy over the device. Hadn’t felt the need to do so since Apple started pushing their commitment to privacy and the sanctity of user data, but obviously that has gone to ****.

Doesn‘t matter what you say your intentions are when using X, but what X has the power and capacity to do... because if X is capable of being used in a certain way by powerful people, you can bet it eventually will be. Especially when Apple has the insanely vast user base it currently has. The amount of times companies backslide on their “original intentions” should be a meme by now it is such a freaking joke.

1. A similar algorithm already exists, Apple has stated its not the one being used with the CSAM detection.
2. No need to jailbreak your phone, if this concerns you just don’t sync to iCloud and it won’t be enabled
3. Your phone has been scanning the content of your photos for years. Open the photos app and you can search by all kinds of keywords, like dogs or mountains or birthday cakes, etc. All of that is based on AI scanning of your photos. Your photos in the cloud can be scanned already too. Google et. al. have been doing that to identify CSAM for years. Apples approach is far less intrusive.
4. Governments could already try and pass laws to force companies like Apple to allow access to or scan for content. As the researchers in the article state it’s already being done, CSAM scanning tech doesn’t make it any more easy. If anything it’s a more complicated and difficult method of looking for content. It would be WAY easier, say, for China to just demand Apple give them complete access to their Chinese data centers. Or prevent Apple devices sold in China from utilizing encryption to begin with.

What you do with your phone is your choice, but you should do it based on calm analysis and actual facts, not the fear mongering and innacuracies being thrown around.

 

[citysnaps]

"A foreign government could, for example, compel a service to out people sharing disfavored political speech. That's no hypothetical: WeChat, the popular Chinese messaging app, already uses content matching to identify dissident material. India enacted rules this year that could require pre-screening content critical of government policy. Russia recently fined Google, Facebook and Twitter for not removing pro-democracy protest materials."

There's that *could* word again. And Apple could refuse, like they asserted they would.

I'm not going to reflexively say Apple will, using that particular methodology/technology (photo hash matching).

 

[Mercury7]

Just saw a segment on ONAN about this, unfortunately they didn’t grasp the distinction of why the push back was going on… kinda lumping apple in with all the rest just doing cloud scans…. It’s unfortunate, I imagine other media is failing to report this accurately also… hard to have push back by the general public if they are misinformed

 

[Krizoitz]

I just REALLY wish people would stop the (false) hot take "oh but Google and MS do it too!!!"

There's a HUGE difference between voluntarily using an online service or not, an informed decision and choice, and an OS update on your device that you have no say in.

That is the nuance here. I would have no issue if they scanned iCloud KNOWING they were going to do it. You consented to that and can choose another service. Same with Google and MS.

But not 100% of devices without consent. I suppose you can not update your OS but who knows how far back in OS this code goes, and makes its own security risks not updating too; not a viable solution either.

But for the love of God can we understand the consent issue of Google/MS vs. Apple here and you get no choice when it is on device.

And Google/MS didn't sell privacy as an aspect of their services either; ever. Remember....

You literally do have that choice. Don’t use iCloud sync for photos and nothing gets scanned. If your going to rant about something you might want to get your facts straight first.

 

[Mercury7]

There's that *could* word again. And Apple could refuse, like they asserted they would.

Why would anyone dismiss the word “could” in today’s world….. if it’s an advantage to anyone it’s the same as “will” and in the case of Apple it changes to “compelled”

 

[bushman4]

Apple should stick to Privacy

 

[sevarre]

1. A similar algorithm already exists, Apple has stated its not the one being used with the CSAM detection.
2. No need to jailbreak your phone, if this concerns you just don’t sync to iCloud and it won’t be enabled
3. Your phone has been scanning the content of your photos for years. Open the photos app and you can search by all kinds of keywords, like dogs or mountains or birthday cakes, etc. All of that is based on AI scanning of your photos. Your photos in the cloud can be scanned already too. Google et. al. have been doing that to identify CSAM for years. Apples approach is far less intrusive.
4. Governments could already try and pass laws to force companies like Apple to allow access to or scan for content. As the researchers in the article state it’s already being done, CSAM scanning tech doesn’t make it any more easy. If anything it’s a more complicated and difficult method of looking for content. It would be WAY easier, say, for China to just demand Apple give them complete access to their Chinese data centers. Or prevent Apple devices sold in China from utilizing encryption to begin with.

What you do with your phone is your choice, but you should do it based on calm analysis and actual facts, not the fear mongering and innacuracies being thrown around.

2. “Because a user’s photos stored in iCloud are end to end encrypted so that even Apple can’t access the data, NeuralHash instead scans for known CSAM on a user’s device...”

Quote from a TechCrunch article. Either I don‘t understand this correctly or I do understand it and it is incorrect or you are incorrect.