[HN Gopher] The Deceptive PR Behind Apple's "Expanded Protection... ___________________________________________________________________ The Deceptive PR Behind Apple's "Expanded Protections for Children" Author : arespredator Score : 337 points Date : 2021-08-12 19:52 UTC (3 hours ago) (HTM) web link (piotr.is) (TXT) w3m dump (piotr.is) | jliptzin wrote: | There is something you can do about it: don't use Apple products | blairbeckwith wrote: | That strategy will last ~15 minutes until Google is doing the | same thing. | | Then what? I would argue that what Google is doing already is | way more privacy-compromising than this. | hirundo wrote: | That's a great argument for a Linux phone or de-googled | Android build. | zug_zug wrote: | Good thing this didn't exist in 1776, or I'd be living in Great | Britain. | atbpaca wrote: | I doubt Apple has not thought about the PR & policy consequences | of such an iPhone backdoor. For me, it's even more sad to see | Apple using the fight against CSAM, a noble cause, as a shield | and a way to convince the masses that breaking its promise to | protect privacy is OK. "What happens in your iPhone stays on your | iPhone [no longer]" | farmerstan wrote: | Whoever controls the hash list controls your phone from now on. | Period. End of sentence. | | Apple has not disclosed who gets to add new hashes to the list of | CSAM hashes or what the process is to add new hashes. Do | different countries have different hash lists? | | Because if the FBI or CIA or CCCP or KSA wants to arrest you, all | they need to do is inject the hash of one of your photos into the | "list" and you will be flagged. | | Based on the nature of the hash, they can't even tell you which | photo is the one that triggered the hash. Instead, they get to | arrest you, make an entire copy of your phone, etc. | | It's insidious. And it's stupid. Why Apple is agreeing to do this | is disgusting. | fortenforge wrote: | There are numerous incorrect statements in your comment. | | First: Apple has disclosed who gets to curate the hash list. | The answer is NCMEC and other child safety organizations. | https://twitter.com/AlexMartin/status/1424703642913935374/ph... | | Apple states point-blank that they will refuse any demands to | add non-CSAM content to the lists. | | Second: Why can't the FBI / CCCP inject a hash into the list. | Here's a tweet thread gamifying that scenario: | https://twitter.com/pwnallthethings/status/14248736290037022... | | The short answer is that at some point an Apple employee must | visually review the flagged photo, and confirm that it does | represent CSAM content. If it does not, then Apple is under no | legal obligation to report it. | farmerstan wrote: | How do you know there aren't bad actors working at the NCMEC? | If I know that adding a hash to a list will get it flagged, | and I could conveniently arrest or discredit anyone I wanted, | I would certainly send people to work there. | | How will Apple know whether a hash is for non-CSAM content? | Spoiler alert: they won't. | | And Apple claims it will be reviewed by a human. Sure, just | like YouTube copyright claims? Or will it get automated in | the near future? And what about in China? Or Saudi Arabia or | other countries with less human rights? | | The point is that it is completely an easy way to get tagged | by a government or bad actors as a pedophile. It's sickening | that Apple would let this "technology" into their products. | robertoandred wrote: | What on earth? To clear up some of your false statements: | | - You need several hash matches to trigger a review - The | reviewer can of course see what triggered the review (the | visual derivative) - The reviewer would see that the matches | are not CSAM, and instead of the report being sent on to the | NCMEC it would instead start an investigation of why these | innocuous images were matched in the first place - If the CIA | or FBI or CCP wanted to arrest you, there are much easier ways | than this | shmerl wrote: | This ad seems fitting in the context: | https://www.youtube.com/watch?v=tdVzboF2E2Q | tuatoru wrote: | Unless Apple can demonstrate that the techniques they are using | are _intrinsically_ specific to CSAM and to CSAM only--the | techniques do not work for any other kinds of photo or text-- | slippery slope arguments are perfectly valid and cannot be | denied. | | Apple is a private company and as such its actions amount to | vigilantism. | FabHK wrote: | Question: | | Would Apple report CSAM matches worldwide to one specific US NGO? | That's a bit weird, but ok. Presumably they know which national | government agencies to contact. | | Opinion: | | If Apple can make it so that | | a) the list of CSAM hashes is globally the same, independent of | the region (ideally verifiably so!), and | | b) all the reports go only to that specific US NGO (which | presumably doesn't care about pictures of Winnie the Pooh or | adult gay sex or dissident pamphlets) | | then a lot of potential for political abuse vanishes. | trynumber9 wrote: | Apple said they're only enabling it in the US for now. | Accacin wrote: | Eh, I completely agree that this is a step too far, but the | solution is so simple. Stop using Apple devices - luckily I | switched from iOS to CalyxOS when my iPhone 7 broke earlier this | year. Honestly, it wasn't so bad. | psychomugs wrote: | This is throwing the baby (pictures) out with the bathwater. I | am for better or worse deeply rooted in the Apple tree (phone, | laptop, tablet, and, recently, watch); for all its occasionally | infuriating and arguably stupidly designed warts, the fact that | so many features disappear and Just Work is something you can | nary say for other ecosystems. | hypothesis wrote: | That's the thing, for years I had to tolerate those silly | issues from people who are supposed to be best in the | industry. There is still no default calculator installed on | iPad in 2021! | | For some people, it's simply no worth it anymore, after | primary commitment is gone.. | atbpaca wrote: | when are they going to add this backdoor to MacOS? | Componica wrote: | Imagine taking a photo or have in your gallery a photo a dear | leader doesn't want to spread. Ten minutes later you heard a | knocking at your door. That's what I'm most worried about, how is | this not creating the infrastructure to ensnare political | dissidents. | psyc wrote: | I am profoundly disappointed that almost all of the discussion | is about the minutiae of the implementation, and "Hmm.. Am I ok | with the minutiae of Apple's specific implementation at | rollout?" And almost nobody is discussing the basic general | principle of whether they want their own device to scan itself | for contraband, on society's behalf. | hypothesis wrote: | Maybe people realize that's not a winning strategy and thus | keep going back to technical details... | EugeneOZ wrote: | in "Photos" app, in the bottom right corner there is a "search" | icon. When I click it, and entering "beach", I can see photos | I've made on the beach (or in the sea, near the beach). | | What does it mean? My (and your) photos are scanned and analyzed. | I've heard literally zero noise about this feature - nobody was | complaining (at least not loud enough to let me notice it). | | So, why the hell all of that fuzz is being raised now? You're | (and mine) photos will be scanned and analyzed AGAIN. Not by | humans, by algorithms. In some really rare cases they might be | checked by humans, but you 100% will not have troubles with the | law if photos don't contain CSAM. | | I have 2 kids and I'm not buying that argument "oh my library of | naked photos of my child - I'm in danger". If you are uploading | naked photos of your child to iCloud - it's similar to publishing | them. Everything that is uploaded to the Internet, will belong to | the Internet, and you don't have so much control of it. If, for | some awkward reason, you have sets of naked photos of your child | and you want to save them - never ever send them to the Internet. | | If you think that not-so-experienced users should not know about | this rule - I'm pretty sure they don't even know (or care) about | this "scandal". All of that FUD wave is raised by the journalists | and echoes on forums like this one. | kevinpet wrote: | What are those cases where they might be checked by humans? To | determine whether it's an innocent baby bath? If you have naked | photos of a partner which happen to hit a statistical match for | certain patterns that are similar to CSAM? These aren't far | fetched scenarios, these are exactly the most likely types of | photos that would be likely flagged. Are you okay with those | photos being passed around Apple's security review team for | entertainment? Leaked to the press if you later run for office? | | How about in 15 years when your small children aren't small? Is | this the magical software that can tell the difference between | 18 year old boobs and 17 year old? The danger isn't to child | molesters, it's to people who get incorrectly flagged as child | molesters and need to fight to prove their innocence. | EugeneOZ wrote: | I'm not even sure if it's a joke or you are serious. | | It is a check against existing hashes in a big database of | confirmed CSAM. What are the chances that photos of your | partner are in that database? If your partner is older than | 12 - it's 0%. | | Who is taking more risk to be sued for the leakage of the | photos, you or Apple? | | The last part doesn't worth to be discussed because children | in that DB are younger than 12. | shapefrog wrote: | It turns out people liked it when their phone scanned their | photos for 'selfie' or 'beach' for them. | | Apparently tagging 'child porn' on your photos for searching | isnt the killer feature someone thought it might be. | EugeneOZ wrote: | Yeah :) Also, it's funny that Apple here goes for bigger | risks: reputation, trust, all of that noise, then risks of | false accusations. And for what? To help with stopping the | pedophile networks. | | "But no, wait, they want to use algorithms to scan my photos, | it's a privacy violation..." | | Just wake up. | shapefrog wrote: | They can have a full resolution copy of my photo, all 12 | million pixels, along with the exact time, location and | direction I was facing when I took it... but I draw the | line firmly at a hash of it being taken. | shuckles wrote: | So what you're saying is if Apple had a 5 year plan to help | China disappear minorities, they should've just kept | improving photos search? Maybe this child safety effort isn't | aimed at satisfying some authoritarian wet dream after all! | [deleted] | shapefrog wrote: | Given that they classified a photo I took at a pool as | 'beach', they have an awfully long way to go. If their | disappearing algorithm doesnt improve they will be | disappearing chinese majorities instead of minorities. | spoonjim wrote: | Any idea why Apple didn't just implement server side scanning | like everyone else? | pvarangot wrote: | This article speculates that that's because Apple is not | scanning on iCloud to respect their privacy policy: | https://www.hackerfactor.com/blog/index.php?/archives/929-On... | | Apple's report count to the NCMEC is really low so it's | probably true that they are not scanning on iCloud unless they | receive a warrant. | lawkwok wrote: | In this TechCrunch interview, Apple believes it is less | invasive since no one can be individually targeted. | | The hashes are hard coded into each iOS release which is the | same for all iOS devices. The database is not vulnerable to | server side changes. | | Additionally, FWIW, they do not want to start analyzing entire | iCloud photo libraries so this system only analyzes new | uploads. | | https://techcrunch.com/2021/08/10/interview-apples-head-of-p... | Dah00n wrote: | >The hashes are hard coded into each iOS release | | Do you have a source on that? Since it is illegal to share | those hashes in any way or form. Even people working with | photo forensic and big photo sharing sites cannot get access | to them. I very much doubt Apple can incorporate them into | the iOS release without breaking multiple laws. The hashes | themselves can easily be reversed to (bad quality) pictures | so having the hashes equals having child pornography. | | Edit: | | https://www.hackerfactor.com/blog/index.php?/archives/929-On. | .. | Engineering-MD wrote: | That was very insightful article from a legal aspect. | Strongly recommend others read this to understand more | nuanced opinion. | FabHK wrote: | > Since it is illegal to share those hashes in any way or | form | | Source? (The link you provide does not claim that, as far | as I could see.) | lixtra wrote: | The article claims that photoDNA is reversible to 26x26 | images and _claims_ that the hashes are therefore CP. | lawkwok wrote: | From the interview I linked, Apple Privacy head Erik | Neuenschwander said, "The hash list is built into the | operating system, we have one global operating system and | don't have the ability to target updates to individual | users and so hash lists will be shared by all users when | the system is enabled." | | Where did you hear sharing hashes is illegal? How would | anybody determine whether CASM at scale without those | hashes? | | Your hackerfactor source states, "In 2014 and 2015, NCMEC | stated that they would give MD5 hashes of known CP to | service providers for detecting known-bad files." | trynumber9 wrote: | NCMEC will share MD5 but not the hashes used for | perceptual matching. | wyager wrote: | Pessimistically: to allow them to (eventually) scan other | content that you don't upload. I think pessimism about Apple's | behavior is somewhat warranted at this point. | fortenforge wrote: | It's a good question. The only explanation that makes sense is | that this now allows them to begin end-to-end encryption of | iCloud photos. I see that many commentators are claiming that | they could already have started e2e encryption without | introducing this "backdoor." While this is true, Apple would | then be creating a perfect environment for child abusers to | house their CSAM content on Apple's own servers. You can | understand why Apple might not want to do that. | | This allows Apple to get to what is in their mind the best of | both worlds: a truly private cloud for their valued users while | not creating a safe haven for child abusers. | abecedarius wrote: | Lawyerly word games. The e in e2e is the _user_ , or a device | loyal to them; malware on the user's device has always been | understood as a subversion of e2e. | barbazoo wrote: | Potentialy to be able to introduce e2e encryption later on. | mortenjorck wrote: | As covered in other articles, that is exactly what they were | doing previously. | rootusrootus wrote: | I'm not so sure. John Gruber's write-up said that Apple has | only sent over a couple hundred reports in the last year to | the gov't, compared to over 20 million from Facebook. This | suggests to me that Apple's scanning wasn't nearly so | widespread. | zionic wrote: | Because no one in their right mind uploads CP to a cloud | service, and apparently pedos abuse Facebook's easy sign up | process to bulk upload CP. | | Not that it matters when those Facebook sign ups are | probably proxied with throwaway emails | tpush wrote: | No, they did not. That was erroneous reporting by the | Telegraph that a lot of outlets copied [0]. | | The correction: | | > This story originally said Apple screens photos when they | are uploaded to iCloud, Apple's cloud storage service. Ms | Horvath and Apple's disclaimer did not mention iCloud, and | the company has not specified how it screens material, saying | this information could help criminals. | | And from the interview with TechCrunch: | | > This is an area we've been looking at for some time, | including current state of the art techniques which mostly | involves scanning through entire contents of users' libraries | on cloud services that -- as you point out -- isn't something | that we've ever done; to look through users' iCloud Photos. | | [0] https://www.telegraph.co.uk/technology/2020/01/08/apple- | scan... | rvz wrote: | Yep, that's deceptive advertising on privacy and everyone bought | into it and walked straight into the reality distortion field. | | Another innovative 'gotcha' by Apple. A reminder that they are | not your friends. | anko wrote: | From the article; | | > You could of course say that it's "a slippery slope" sort of | argument, and that we should trust Apple that it won't use the | functionality for anything else. Setting aside the absurdity of | trusting a giant, for-profit corporation over a democratically- | elected government, | | And then later it reads | | > and has previously cancelled their plans for iCloud backups | encryption under the pressure of FBI. | | Isn't the FBI in place because of the democratically elected | government? It seems like the for profit organisation is trying | to do the right thing, and the government is stopping them. | | This is the fundamental problem with arguments based on "trust" - | the government seems to be doing the wrong thing. | balozi wrote: | Dear tech users, | | Associating with some of you has become a liability. One may be | smart enough to avoid iPhone and Alexa et al. but what to do when | one is surrounded by people who willingly expose themselves to | nefarious technology? | | In short, I don't want pictures of me being hoovered up along | with your baby pics from your iPhone. | wpdev_63 wrote: | I used to always get the latest and greatest iphone but with the | politics and everything that's going on why would I want to spend | more than the absolute minimum on my cellphone? There are plenty | of wholesome things to spend money on other than tech. | xg15 wrote: | > _In the world of computer security this technology has a name, | it's called "a backdoor." A well-documented and well-intended | backdoor, but still a backdoor. Installed and enabled by default | on millions of devices around the world._ | | Sorry, but that backdoor has already existed for a long time. It | exists in every IoT gadget, smart car and other connected device | that phones home to its vendor and can receive arbitrary firmware | updates. It exists for every app and every desktop software that | will automatically update itself in the name of "evergreen | software". | | This is just the first time someone is publicly making use of the | backdoor. | querez wrote: | I have a newborn at home, and like every other parent, we take | thousands of pictures and videos of our newest family member. We | took pictures of the very first baby-bath. So now I have pictures | of a naked baby on my phone. Does that mean that pictures of my | newborn baby will be uploaded to Apple for further analysis, | potentially stored for indefinite time, shared with law | enforcement? | 908B64B197 wrote: | Wait until someone manages to create an image (white noise) | that's a hash collision for anything in that database. And then | starts spamming random strangers via airdrop. | | Enjoy explaining why your mugshot and arrest record had these | charges attached to it! | | (Actually, in this case the prosecution would probably use the | other pictures on the phone that were not detected by the | scanning tool as a way to get a guilty plea deal!) | GuB-42 wrote: | Assuming it is possible (I think it is), there is a manual | verification process if you have a match. And obviously, the | white noise will be rejected, like all pictures that do not | look remotely like the original. | | But it can be a form of denial of service: saturate the | system with hash collisions so that people can't keep up. | FabHK wrote: | It would have to be a number of pictures that are flagged, | and after that threshold is exceeded, they (more precisely, | their "visual derivative") are reviewed by a human. So, no | mugshot and no arrest record, even if you choose to accept | any number of pictures sent from random strangers via | airdrop. | bouncycastle wrote: | My understanding is that you should not upload these photos to | the cloud anyway. The cloud is not your computer and who knows, | maybe apple engineers might be snooping on them, or there could | be a hack and so on..Putting on the cloud is like sharing with | Apple. | s5300 wrote: | So... this is the way I understand it, which the general public | will never have the attention span to understand, so it doesn't | fucking matter one bit. | | LEO's/FBI/every other institution/group that deals with child | pornography and abuse have teams that go through a near | infinite amount of pictures and videos of CP/etc. | | These are then marked by said people as either - yes, | CP/Abuse/etc - or marked false positive. | | Once marked as what they're after, they're uploaded to a shared | database between all groups involved. | | _Only_ what is in these worldwide national databases is what | 's going to be checked against. Your new pictures of your | children will have obviously never made their way to any of | these groups as they've never been shared/distributed in any | areas of the internet/etc these people work in to track down | trafficking rings (well, I'd hope you're not selling pictures | of your children to them). | | This is the way I understand it. I admit I haven't looked into | it that much. If it's anything different than what I've said, | then yeah, it's probably fucked. I don't get what people don't | understand about checking against a database though. No, your | new pictures of whatever are not in this pre-existing database | dev_tty01 wrote: | No. The CSAM (Child Sexual Abuse Material) scanning is | comparing hashes of photos about to be uploaded to iCloud | against a specific set of images at NCMEC (National Center for | Missing and Exploited Children) which are specific to missing | and exploited children. It is not machine learning models | looking for nudes or similar. It is not a generalized | screening. If enough matched images are found, the images are | flagged for manual verification. If the manual verification | confirms that the images match specific images in the NCMEC | database, law enforcement is informed. | | Be aware that almost all cloud providers screen photos. | Facebook reported 20 million images in 2020, Google reported | half a million. Dropbox, Box, and many, many others report | images. See | https://www.missingkids.org/content/dam/missingkids/gethelp/... | to see a complete list of companies that screen and report | images. | | The other thing Apple announced which is completely separate | from the CSAM photo scanning is additional parental controls | for the Messages app. If a parent opts in for their under-13 | children, a machine learning model will look for inappropriate | material and warn the child prior to showing the image. The | child is also told that their parent will be flagged if the | child looks at it anyway. For 13-18 year olds whose parents | opted in, the teen is warned first about the content. If the | teen continues past the warning the image is shown and no | further action is taken. Parents are not flagged for children | 13 and over. As I said, this is a parental control for pre- | adult kids. It requires opt-in from the parents and has no law | enforcement implications. | throwaway212135 wrote: | I am not sure the right questions are being asked. | | 1. Who is adding these photos to NCMEC? 2. How often are | these photos added? 3. How many people have access to these | photos - both adding and viewing? | | Everyone is focused on Apple and no one is looking at MCMEC. | If I wanted to plant a Trojan horse, I would point everyone | towards Apple and perform all of the dirty work on the NCMEC | end of things. | jet_32951 wrote: | Exactly. An unknown mechanism adds hashes to a NGO subject | to exactly what conditions? | | This initiative makes me extremely leery of black boxes, to | the extent that any algorithm between subject and | accusation had damned well better be explainable outside | the algorithm; else I as a jury member am bound to render a | "not guilty" verdict. | nicce wrote: | Their system needs real images in the training phase, | because they are building the system which produces | hashes. There must be someone to confirm from Apple, that | indeed correct photos are flagged. At least in the | beginning. | | We don't know really how adding new hashes work. NCMEC | has the whole new algorithm and they drag-n-drop new | images? Hopefully not like that. | ok123456 wrote: | The correct answer is a well qualified "Maybe." The hashes | are fuzzy AI generated weights. It's impossible to know what | will cause a false-positive. | aczerepinski wrote: | Comparing hashes reminds me of this announcement from a few | years ago that Google had produced a SHA1 collision: | https://security.googleblog.com/2017/02/announcing-first- | sha... | | Can you imagine the chaos of a successful collision matching | some explicit material being sent as a prank or targeted | attack? | benlivengood wrote: | No chaos. The photos would be reported, reviewers would say | "that's weird" since the false positive was obviously | harmless and the industry would eventually switch to a | different hash method while ignoring the false positives | generated by the collision. If there were a flood of false | positive images being produced the agencies would work | faster to come up with a new solution, not perform mass | arrests. | farmerstan wrote: | Right. Kind of like how copyright violations on YouTube | are double checked and the humans say "that's weird" and | deny the request. Or maybe they will just report | everything and let the law work everything out. If | they're innocent they have nothing to worry about, right? | sandworm101 wrote: | Yes, if they wind up part of a child porn investigation. Your | cloud account gets hacked. Some perv gets your images. He is | then arrested and his "collection" added to the hash | database... including your family photos. | | Context often matters more than the nature of the actual | content. Police aquire thousands of images with little hope of | ever knowing where they originated. If they are collected by | pervs, and could be construed as illegal in the hands of pervs, | the images become child porn and can be added to the databases. | snowwrestler wrote: | It's worth pointing out that this could happen with any | Internet-attached photo storage, and pre-dates Apple's | announcement. | | What Apple announced is a new system for reading the existing | hash lists of known CSAM images and doing the comparison on | the device as part of the iCloud upload, rather than on the | server after upload. | nicce wrote: | Actually, we don't know yet whether you can access your | photos from the web anymore after this update, because E2EE | "like" implementation. | | Protocol is rather device specific (while allowing multi- | device), so it might not be enough to access or hack iCloud | account to access the photos. So, things get complicated. | dathinab wrote: | Unlikely except if you send them to a iphone which is | registered with a "child" account. | | Apple uses two different approaches: | | 1. Some way to try to detect _known_ child pornographic | material, but it's fuzzy and there is no guarantee that it | doesn't make mistakes like detecting a flower pot as child | porn. But the chance that your photos get "miss detected" as | _known_ child pornographic material shouldn't be too high. BUT | given how many parents have IPhones it's basically guaranteed | to happen from time to time! | | 2. Some KI child porn detection on child accounts, which is not | unlikely to labile such innocent photos as child porn. | fossuser wrote: | Even in the child account case it's not sent to Apple - it | alerts parent accounts in the family. It's also just nudity | generally, more akin to garden variety parental control | content filtering. | | The child account iMessage thing is really entirely separate | from the CSAM related iCloud announcement. It's unfortunate | people keep confusing them. | fortenforge wrote: | Lots of people responding to this seem to not understand how | perceptual hashing / PhotoDNA works. It's true that they're not | cryptographic hashes, but the false positive rate is | vanishingly small. Apple claims it's 1 in a trillion [1], but | suppose that you don't believe them. Google and Facebook and | Microsoft are all using PhotoDNA (or equivalent perceptual | hashing schemes) right now. Have you heard of some massive | issue with false positives? | | The fact of the matter is that unless you possess a photo that | exists in the NCMEC database, your photos simply will not be | flagged to Apple. Photos of your own kids won't trigger it, | nude photos of adults won't trigger it; only photos of already | known CSAM content will trigger (and that too, Apple requires a | specific threshold of matches before a report is triggered). | | [1] "The threshold is selected to provide an extremely low (1 | in 1 trillion) probability of incorrectly flagging a given | account." Page 4 of https://www.apple.com/child- | safety/pdf/CSAM_Detection_Techni... | ummonk wrote: | To be clear, it's 1 in 1 trillion per account. 1 in 1 | trillion per photo would potentially be a more realistic | risk, since some people take tens of thousands of photos. | andrei_says_ wrote: | Who looks at the photos in that database? How do we know it | is a trustworthy source? That it doesn't contain photos of | let's say activists or other people of interest unrelated to | its projected use? | hsn915 wrote: | I think most people don't upload to facebook pictures of | their kids taking a bath? But they more than likely store | such pictures on their phones/laptops. | shawnz wrote: | The 1 trillion figure is only after factoring in that you | would need multiple false positives to trigger the feature. | It's not descriptive of the actual false positive rate of the | hashing itself. | farmerstan wrote: | How do new hashes get added to this database? How do we know | that all the hashes are of CSAM? Who is validating it and is | there an audit trail? Or can bad actors inject their own | hashes into the database and make innocent people get | reported as pedophiles? | akersten wrote: | This is all behind a huge, neon-flashing-lights asterisk of | "for now." | | How long until they try to machine-learn based on that | database? The door's open. | fortenforge wrote: | Apple previously stored photo backups in their cloud in | cleartext. The door was always open. At some point if you | are providing your personal images for Apple to store, you | have to exercise a modicum of trust in the company. If you | don't trust Apple, I suggest you don't use an iPhone. | [deleted] | FabHK wrote: | Probability of a false positive for a given image = p | | Probability of N false positives (assuming independence) = | p^N | | Threshold N is chosen by Apple such that p^N < 10^-12, or N | log p < -12 log 10, or N > -12 log(10)/log(p) [since log(p) < | 0, since p < 1]. | [deleted] | [deleted] | stickfigure wrote: | The false positive rate for any given image is not 1 in a | trillion. Perceptual hashing just does not work like that. It | also suffers from the birthday paradox problem - as the | database expands, and the total number of pictures expands, | collisions become more likely. | | The parent poster does make the mistake of assuming that | other pictures of kids will likely cause false positives. | Anything could trigger a false positive - especially flesh | tones. Like, say, the naughty pictures you've been taking of | your (consenting) adult partner. I'm sure Apple's outsourced | low-wage-country verification team will enjoy those. | darkhorn wrote: | Just don't critisize your government in any way. Otherwise they | will find anything illegal to arrest you like from crossing | street in red to I don't know what. You will be fine becouse | there is a legal system and no one can put you into jail for | crimes you have not commited. Just look at Julian Assange or | random Joe in Belarus who was arrested for wearing red white | hat. The justice system always is in the innocent people's | side, without exception. | [deleted] | stevenicr wrote: | from my current understanding - that does occur with m-soft | one-drive which is a default in many systems), but not the | hash-looking thing apple is currently proposing. | baal80spam wrote: | No, it doesn't work like that. | zionic wrote: | Yes it does, it uses fuzzy perceptual hashes not crypto | hashes. | | So if your innocent baby pic looks similar enough to a | previously tagged child abuse image then YES, it will flag | you and send a copy to the feds. | | And before you correct me, the Apple employee will see a | picture of your naked baby and hit "forward to NCMEC", | which... upon investigation is actually just the feds | outworlder wrote: | IF there are multiple matches, IF it's going to icloud, | THEN a 'derivative image' will be show for screening and IF | deemed to be warranted, sent to NCMEC. | migueldeicaza wrote: | No, this will never be caught. | | This only catches ownership of illegal photos. | slownews45 wrote: | If you don't choose upload to icloud, no upload to apple at | all. | | If you do choose icloud upload (most do), they were being | uploaded already and stored and may be available to law | enforcement. | | If you do upload to icloud, NOW they will be screened for | matches with "known" images in a database, and if you have more | than a threshold number of hits, you may be reported. This will | happen on device. | | Apple will also scan photos in their cloud system as well from | what I can tell (though once on device is working less should | land in cloud). | | Note that it is HIGHLY likely that google photos / facebook / | instagram and others will or are already doing similar scanning | and reporting. I've heard millions of reports go in a year. | zionic wrote: | Disabling iCloud does not remove the scanning system or it's | database from your phone. | shapefrog wrote: | Not syncing your contacts to icloud does not remove the | uploading system and its components from your phone. | | Disabling iCloud does not remove the uploading system from | your phone. | | Pressing end recording on a video does not remove the video | capture system from your phone. | cwkoss wrote: | Arent the perceptual hashes based on a chunk of the image? | | I wonder what the false positive rates are for: | | - A random image against the DB of perceptual hashes | | - Images of a baby's skin against the DB of perceptual hashes | | It seems like the second would necessarily have a higher | false positive rate: similar compositions (contains baby's | skin) would more likely have similar chunks. Is it just a | little higher or several orders of magnitude higher? | | I know hash collisions are rare, but wonder how much rarity | of collisions decreases with perceptual hashes. | fossuser wrote: | It's two factors, both the match on an image hash and an | unknown threshold of matches at which point the data gets | sent up. If the threshold is not met then nothing gets | notified (even if there is a match). Arguably this is why | this approach is better for privacy. Cloud matches would | not be able to have this extra threshold (in addition to | this model allowing e2ee on the cloud in the future). | | I'd also like to know more about the specifics here, my | guess is that threshold value is pretty high (their 'one in | a trillion' comment not withstanding). It's probably | targeting large CSAM dumps of matches which would not get | flagged by different images. | slownews45 wrote: | Absolute - I think this is one of two key questions for me. | That is why I put "known" in quotes. It can't be an exact | match because it has to handle cropping, rotation, resize | etc. | | Images then do get a manual review before a report is made | which is good and may help provide feedback on alogs being | used. | | Going to be hard though for apple to set the second factor | to high - I'd say 5 maybe? It's hard to say you had matches | on potential CASM and ignored them I'd think. | still_grokking wrote: | According to | | https://rentafounder.com/the-problem-with-perceptual- | hashes/ | | the false-positive rate will be likely high. Given the | billions of pictures going through this system there are | going to be a lot of false accusations of child porn | possession likely (and alone such an accusation can ruin | lives). | | HN discussion of that article from a few days ago: | | https://news.ycombinator.com/item?id=28091750 | slownews45 wrote: | This is where the thresholding and manual review come in, | but could be a bit scary for sure. | fossuser wrote: | It's worth reading this, which is basically the only good | reporting I've seen on this topic: | https://daringfireball.net/2021/08/apple_child_safety_initia... | | There are legitimate things to be concerned about, but 99% of | internet discussion on this topic is junk. | joe_the_user wrote: | _99% of internet discussion on this topic is junk._ | | And how is that? | | It seems like the Gruber article follows a common formula for | justifying controversial approaches. First, "most of what you | hear is junk", then "here's a bunch of technical points | everyone gets wrong"(but where the wrongness might not change | the basic situation), then go over the non-controversial and | then finally go to the controversial parts and give the | standard "think of the children" explanation. But if you've | cleared away all other discussion of the situation, you might | make these apologistics sound like new insight. | | Is Apple "scanning people's photos"? Basically yes? They're | doing it with signatures but that's how any mass surveillance | would work. They promise to do this only with CSAM but they | previously promised to not scan your phone's data at all. | madeofpalk wrote: | But some of those technical points are important. Parent | comment was concerned that photos of their own kids will | get them in trouble - it appears the system was designed to | explicitly to prevent that. | joe_the_user wrote: | The Daring Fireball article actually is a little | deceptive here. It goes over a bunch of that won't get | parents in trouble and gives a further couched | justification of the finger printing example. | | The question is whether an ordinary baby photo is likely | to collide with the one of the CSAM hashes Apple will be | scanning for. I don't think Apple can give a definite no | here (Edit: how could give a guarantee that a system that | finds any disguised/distorted CSAM won't tag a random | baby picture with a similar appearance. And given such | collision, the picture might be looked at by Apple and | maybe law enforcement). | | Separately, Apple does promise only to scan things going | to iCloud for now. But their credibility no long appears | high given they're suddenly scanning users' photos on the | users' own machines. | | Edited for clarity. | FabHK wrote: | > how could give a guarantee that a system that finds any | disguised/distorted CSAM won't tag a random baby picture | with a similar appearance. | | Cannot guarantee, but by choosing a sufficiently high | threshold, you can make the probability of that happening | arbitrarily small. And then you have human review. | | > And given such collision, the picture might be looked | at by Apple and maybe law enforcement | | No, not "the picture", but a "visual derivative". | refulgentis wrote: | It's also not even wrong in so many ways that it really | highlights how far DF has fallen over the years. Really ugly | stuff, handwaving about hashing and nary a mention of | perceptual hashing and collisions. Not a technology analysis | of any sort. | ursugardaddy wrote: | It's still a non-zero chance it triggers a no-knock raid by | the police that kills your family or pets. | | it happens all the time | lawkwok wrote: | Non-zero being technically true because of the subject | matter, but I don't see how Apple's system increases the | risk of authorities killing family or pets more than | server-side scanning. | merpnderp wrote: | Their neural hashing is new, and they claim has a one in | a trillion collision rate. There are 1.5 trillion images | created in the US and something like 100 million photos | in the compared database. That's a heck of a lot of | collisions. And that's just a single year, Apple will be | comparing everyone's back catalog. | | A lot of innocent people are going to get caught up in | this. | lawkwok wrote: | We'll have to wait and see how good their neural hashing | is, but just to clarify the 1 trillion number is the | "probability of incorrectly flagging a given account" | according to Apple's white paper. | | I think some people think that's the probability of a | picture being incorrectly flagged, which would be more | concerning given the 1.5 trillion images created in the | US. | | Source: https://www.apple.com/child- | safety/pdf/CSAM_Detection_Techni... | fossuser wrote: | I think you're wrong about the risk (the paper says per | account), but even so you need to compare it to the | alternatives. | | Photos in iCloud are unencrypted and Apple checks for | CSAM on the unencrypted photos server side, they know of | all matches. | | _OR_ | | Photo hashes are checked client side and only if a | certain threshold of matches is passed does Apple get | notified at all (at which point there's a sanity check | for false positive by a person). This would allow all | photos on iCloud to be able to be encrypted e2e. | | Both only happen when iCloud photo backup is enabled. | | The new method reduces the risk. | samename wrote: | John Gruber is biased because his brand is closely tied to | Apple's brand. Ben Thompson wrote a better review on the | topic: https://stratechery.com/2021/apples-mistake/ | | There's also the Op-Ed by Matthew Green and Alex Stamos, | cyber security researchers: | https://www.nytimes.com/2021/08/11/opinion/apple-iphones- | pri... | fossuser wrote: | They have a podcast together called Dithering which is | pretty good (but not free) - they're friends. | | I think John's article is better than Ben's, but they're | both worth reading. | | Ben takes the view that unencrypted cloud is the better | tradeoff - I'm not sure I agree. I'd rather have my stuff | e2ee in the cloud. If the legal requirements around CSAM | are the blocker then Apple's approach may be a way to | thread the needle to get the best of both worlds. | samename wrote: | Friends can disagree. Everyone has their own biases - | good and bad. I think it's always good to keep people's | biases in mind when reading their work. | fossuser wrote: | I agree, but it doesn't necessarily mean what they say is | wrong. | | I like that they disagree - the issue doesn't have an | obviously correct answer. | [deleted] | AlexandrB wrote: | One logical conclusion of systems like this is that | modifying your device in any "unauthorized" way becomes | suspicious because you might be trying to evade CSAM | detection. So much for jail-breaking and right to repair! | | I think I'd rather have the non-e2ee cloud. | fossuser wrote: | I don't really buy that - you could just turn off iCloud | backup and it'd avoid their current implementation. | echelon wrote: | And you think this will be the ultimate implementation? | | Let the devil in, and he'll treat himself to tea and | biscuits. | fossuser wrote: | I think it's possible to have nuanced policy in difficult | areas where some things are okay and others are not. | sa1 wrote: | For me it's the worst of both worlds - e2ee has no | meaning if the ends are permanently compromised - and | there's no local vs cloud separation anymore which you | can use to delineate what is under your own control - | nothing's under your control. | fossuser wrote: | The end isn't really compromised with their described | implementation. | | The only thing sent is the hash and signature and that's | only if there are enough matches to pass some threshold. | | I don't really view that as 'permanently compromised' - | at least not in any way more serious that Apple's current | capabilities to compromise a device. | | I think e2ee still has meaning here - it'd prevent Apple | from being able to see your photo content on their | servers. | | This is a nuanced issue, I don't think there's an | obviously better answer and both outcomes have different | risks. [0] | | [0]: | https://www.lesswrong.com/posts/PeSzc9JTBxhaYRp9b/policy- | deb... | sa1 wrote: | Yeah, and as argued in one of the blog posts - that's | just a policy decision - not a capability decision - | malleable to authoritarian countries' requests. | fossuser wrote: | Yes - and I agree that that's where the risk lies. | | Though I'd argue the risk has kind of always lied there | given companies can ship updates to phones. You could | maybe argue it'd be harder to legally compel them to do | so, but I'm not sure there's much to that. | | The modern 'megacorp' centralized software and | distribution we have is dependent on policy for the most | part. | matwood wrote: | That's the problem I had with Ben's post - it's _always_ | been policy since Apple controls and distributes iOS. | fossuser wrote: | Yeah - the sense I got was he just liked the cleaner cut | policy of a hard stop at the phone itself (and he was | cool with the tradeoff of unencrypted content on the | server). | | It does have some advantages - it's easier to argue (see: | the disaster that is most of the commentary on this | issue). | | It also could in theory be easier to argue in court. In | the San Bernardino case - it's easier for Apple to | decline to assist if assisting requires them to _build_ | functionality rather than just grant access. | | If the hash detection functionality already exists and a | government demands Apple use it for something other than | CSAM it may be harder for them to refuse since they can | no longer make the argument that they can't currently do | it (and can't be compelled to build it). | | That said - I think this is mostly just policy all the | way down. | sa1 wrote: | Yup, we can agree on that. | echelon wrote: | > The end isn't really compromised with their described | implementation. | | They've turned your device into a dragnet for content the | powers that be don't like. It could be anything. They're | not telling you. And you're blindly trusting them to have | your interests at heart, to never change their promise. | You don't even know these people. | | You seriously want to cuddle up with that? | fossuser wrote: | > "They've turned your device into a dragnet for content | the powers that be don't like. It could be anything. | They're not telling you" | | They're pretty explicitly telling us what it's for and | what it's not for. | | > "And you're blindly trusting them to have your | interests at heart, to never change their promise. You | don't even know these people." | | You should probably get to work building your own phone, | along with your own fab, telecoms, networks, - basically | the entire stack. There's trust and policy all over the | place. In a society with rule of law we depend on it. You | think your phone couldn't be owned if you were important | enough to be targeted? | amelius wrote: | > The only thing sent is the hash and signature and | that's if there are enough matches to pass some | threshold. | | Not true. If there are enough matches, someone at Apple | will have a look at your pictures. Even if they are | innocent. | fossuser wrote: | I think the one thumbnail of the matching hash? Just to | make sure there isn't a (they argue one in a trillion, | but I don't know if I buy that) false positive. | | That's if there is enough matches to trigger the | threshold in the first place, otherwise nothing is sent | (even if there are matches below that threshold). | | Alternatively this is running on all unencrypted photos | you have in iCloud and all matches are known immediately. | Is that preferable? | drenvuk wrote: | I really don't understand how you're arguing as if you | don't see the bigger picture. Is this is a subtle troll? | | They are now scanning on the device. Regardless of how | limited it is in its current capabilities, those | capabilities are only prevented from being expanded by | Apple's current policies. The policies enacted by the | next incoming exec who isn't beholden to the promises of | the previous can easily erode whatever 'guarantees' we've | been given when they're being pressured for KPIs or | impact or government requests or promotion season or | whatever. This has happened time and again. It's been | documented. | | I really am at a loss how you can even attempt to be fair | to Apple. This is a black and white issue. They need to | keep scanning for crimes off our devices. | | So to your answer your question, yes it is preferable to | have them be able to scan all of the unencrypted photos | on iCloud. We can encrypt things beforehand if need be. | It is lunacy to have crime detecting software on the | device in any fashion because it opens up the possibility | for them to do _more_. The people in positions to ask for | these things always want more information, more control. | Always. | | The above reads like conspiracy theory but over the past | couple of decades it has been proven correct. It's | honestly infuriating to see people defend what's going on | in any way shape or form. | fossuser wrote: | Frankly the distinction seems arbitrary to me. | | This is a policy issue in both cases - policy can change | (for the worse) in both cases. | | The comparison is about unencrypted photos in iCloud or | this other method that reveals less user information by | running some parts of it client side (only if iCloud | photos are enabled) and could allow for e2e encryption on | the server. | | The arguments of "but they could change it to be worse!" | applies to any implementation and any policy. That's why | the specifics matter imo. Apple controls the OS and | distribution, governments control the legislation (which | is hopefully correlated with the public interest). The | existing 'megacorp' model doesn't have a non-policy | defense to this kind of thing so it's always an argument | about policy. In this specific implementation I think the | policy is fine. That may not hold if they try to use it | for something else (at which point it's worth fighting | against whatever that bad policy is). | | Basically what I said here: | https://news.ycombinator.com/item?id=28162418 | | This implementation as it stands reveals less information | about end users and could allow them to enable e2ee for | photos on their servers - that's a better outcome than | the current state (imo). | amelius wrote: | > I think the one thumbnail of the matching hash? | | So it _is_ sending pictures? That makes your argument | quite a bit weaker. | | > Is that preferable? | | Nope, E2EE without compromises is preferable. | matwood wrote: | > So it is sending pictures? That makes your argument | quite a bit weaker. | | Important to note this is only ran on images going to | iCloud so they are already sent. | fossuser wrote: | I think the thumbnail is only when the threshold is | passed _and_ there 's a hash match. The reason for that | is an extra check to make sure there is no false positive | match based on hatch match (they claim one trillion to | one, but even ignoring that probably pretty rare and | strictly better than everything unencrypted on iCloud | anyway). | | > Nope, E2EE without compromises is preferable. | | Well that's not an option on offer and even that has real | tradeoffs - it would result in less CSAM getting | detected. Maybe you think that's the acceptable tradeoff, | but unless government legislatures also think so it | doesn't really matter. | | This isn't the clipper chip, this is more about enabling | _more_ security and _more_ encryption by default but | still handling CSAM. | | The CSAM issue is a real problem: | https://www.nytimes.com/interactive/2019/09/28/us/child- | sex-... | drenvuk wrote: | >Well that's not an option on offer and even that has | real tradeoffs - it would result in less CSAM getting | detected. Maybe you think that's the acceptable tradeoff, | but unless government legislatures also think so it | doesn't really matter. | | It should and can be an option. Who cares what they offer | us. Do it yourself. | FabHK wrote: | > someone at Apple will have a look at your pictures | | No, but at a "visual derivative" | slownews45 wrote: | Even HN reporting / article linking / comments have been | surprisingly low quality and seem to fulminate and declaim | with surprisingly little interesting conversation and tons of | super big assertions. | | Linked articles and comments have said apple's brand is now | destroyed, that apple is committing child porn felonies | somehow with this (the logical jumps and twisting to get to | these claims are very far from strong plausible | interpretation). | | How do you scan for CASM in an E2EE system is the basic | question Apple seems to be trying to solve for. | | I'd be more worried about the encrypted hash DB being | unlockable - is it clear this DOES NOT have anything that | could be recreated into an image? I'd actually prefer NOT to | have E2EE and have apple scan stuff server side, and keep DB | there. | still_grokking wrote: | From https://www.hackerfactor.com/blog/index.php?/archives/ | 929-On... | | > The laws related to CSAM are very explicit. 18 U.S. Code | SS 2252 states that knowingly transferring CSAM material is | a felony. (The only exception, in 2258A, is when it is | reported to NCMEC.) In this case, Apple has a very strong | reason to believe they are transferring CSAM material, and | they are sending it to Apple -- not NCMEC. | | > It does not matter that Apple will then check it and | forward it to NCMEC. 18 U.S.C. SS 2258A is specific: the | data can only be sent to NCMEC. (With 2258A, it is illegal | for a service provider to turn over CP photos to the police | or the FBI; you can only send it to NCMEC. Then NCMEC will | contact the police or FBI.) What Apple has detailed is the | intentional distribution (to Apple), collection (at Apple), | and access (viewing at Apple) of material that they | strongly have reason to believe is CSAM. As it was | explained to me by my attorney, that is a felony. | | Apple is going to commit child porn felonies according to | US law this way. This claim seems actually quite | irrefutable. | FabHK wrote: | > This claim seems actually quite irrefutable. | | I don't think so. | | Apple transfers the images to iCloud, yes, but before the | threshold of flagged photos is reached, Apple doesn't | know that there might be CSAM material among them. When | the threshold is exceeded and Apple learns about the | potential of CSAM, the images have been transferred | already. But then Apple does not transfer them any | further, and has a human review not the images | themselves, but a "visual derivative" that was in a | secure envelope (that can by construction only be | unlocked once the threshold is exceeded). | rootusrootus wrote: | Apple isn't looking at the actual image, but a | derivative. Presumably their lawyers think this will be | sufficient to shield them from accusations of possessing | child porn. | still_grokking wrote: | "But look, I've re-compressed it with JPEG 80%. It's not | THAT picture!". | | It would be interesting to hear what a court has to say | if a child porn consumer would try to defend him/her with | this "argument". | rootusrootus wrote: | Love 'em or hate 'em, it is hard to believe Apple's | lawyers haven't very carefully figured out what kind of | derivative image will be useful to catch false positives | but not also itself illegal CP. I assume they have in | fact had detailed conversations on this exact issue with | NCMEC. | still_grokking wrote: | Firstly, the NCMEC doesn't make the the laws. They can't | therefore give any exceptional allowance to Apple. | | Secondly, any derivatives that are clear enough to enable | a definitive judgment whether something's CP or not by an | Apple employee would be subject to my argument above. | Also just collecting such material is an felony. | | I don't see any way around that. Only that promising some | checks before stuff gets reported for real is just a PR | move to smoothen the first wave of pushback. PR promises | aren't truly binding... | madeofpalk wrote: | Don't you think that Apple has their own attorneys and | lawyers? | still_grokking wrote: | Don't you think that telling people now that there will | be a "check" at Apple before things get reported to NCMEC | could be a PR lie to keep people calm? | | They can easily say afterwards that they're "frankly" | required to directly report any suspicion to enforcement | agencies because "that's the law", and they didn't know | because that was an oversight? | | That would be just an usual PR strategy to "sell" | something people don't like: Selling it in small batches | works best. (If the batches are small enough people often | don't even realize how the whole picture looks. Salami | tactics are tried tool for something like that; used for | example in politics day to day). | laserlight wrote: | IMHO, what Apple is doing is not _knowingly_ transferring | CSAM material. Very strong reason to believe is not the | same as knowing. Of course it's up to courts to decide | and IANAL. | mdoms wrote: | Go ahead and click on some google results after searching | for child porn and see if that defence holds up. | laserlight wrote: | Can you elaborate how your reply relates to Apple's case | and my comment? | slownews45 wrote: | Ahh - an "irrefutable" claim that apple is committing | child porn felonies. | | This is sort of what I mean and a perfect example. | | People imagine that apple hasn't talked to the actual | folks in charge NCMEC. | | People seem to imagine apple doesn't have lawyers? | | People go to the most sensationalist least good faith | conclusion. | | Most mod systems at scale are using similar approaches. | Facebook is doing 10's of MILLIONS of images to NCMEC, | these get flagged by users and/or systems, and in most | cases then facebook copies, checks through moderation | queue and submits to NEC. | | Reddit uses the sexualization of minors flags. In almost | all cases, even though folks may have strong reasons to | believe some of this flagged content is CSAM, it still | gets a manual look. Once they know they act | appropriately. | | So the logic of this claim about apples late to party | arrival of CSAM scanning is weird. | | We are going to find out that instead of trying to charge | apple with some kind of child porn charges, NCMEC and | politicians are going to be THANKING apple, and may start | requiring others with E2EE ideas to follow a similar | approach. | mdoms wrote: | Sorry under which of these other moderation regimes does | the organisation in question transmit CSAM from a client | device to their own servers? To my knowledge Apple is the | only one doing so. | matwood wrote: | Apple is attaching a ticket to images as the user uploads | to iCloud. If enough of these tickets think CSAM and | allow an unlock key to be built, they will unlock and get | checked. It's still the user who has turned on iCloud and | uploaded the images. | zionic wrote: | You don't. That's the entire point of E2EE, the data | transferred is private between you and the recipient party. | nonbirithm wrote: | Another reminder that many parts of HN have their own | biases; they're just different than the biases found on | other networks. | | Instead of exclusively focusing on the authoritarian | slippery slope like it's inevitable, it's worth wondering | first: why do the major tech companies show no intention of | giving up the server-side PhotoDNA scanning that has | already existed for over a decade? CSAM is still considered | illegal by half of all the countries in the entire world, | for reasons many consider justifiable. | | The point of all the detection is so that Apple _isn 't_ | found liable for hosting CSAM and consequently implicated | with financial and legal consequences themselves. And | beyond just the realm of law, it's reputational suicide to | be denounced as a "safe haven for pedophiles" if it's not | possible for law enforcement to tell if CSAM is being | stored on third-party servers. Apple was not the best actor | to look towards if absolute privacy was one's goal to begin | with, because the requests of law enforcement are both | reasonable enough to the public and intertwined with | regulation from the higher powers anyway. It's the nature | of public sentiment surrounding this issue. | | Because a third party insisting that user-hosted content is | completely impervious to outside actors also means that it | is possible for users to hide CSAM from law enforcement | using the same service, thus making the service criminally | liable for damages under many legal jurisdictions, I was | surprised that this debate didn't happen earlier (to the | extent it's taking place, at least). The two principles | seem fundamentally incompatible. | belorn wrote: | The encryption on the hash DB has very little to do with | recreating images. It is pretty trivial to make sure that | it is mathematical impossible to do (just not enough bytes, | and hash collisions means there is an infinitive large | number of false positives). | | My own guess is that the encryption is there so that people | won't have access to an up-to-date database to test | against. People who want to intentionally create false | positive could abuse it, and sites that distribute images | could alter images to automatic bypass the check. There is | also always the "risk" that some security research may look | at the database and find false positives from the original | source and make bad press, as they have done with block | lists (who can forget the bonsai tree website that got | classified as child porn). | echelon wrote: | Gruber practically (no, perhaps _actually_ ) worships Apple. | He'd welcome Big Brother into his house if it came with an | Apple logo, and he'd tell us how we were all wrong for | distrusting it. He's not the voice to listen to this time, | and you should trust him to have your best interests at | heart. | | People are furious with Apple, and there's no reason to | discount the completely legitimate concerns they have. This | is a slippery slope into hell. | | It's a good thing congress is about to start regulating Apple | and Google. Maybe our devices can get back to being devices | instead of spy tools, chess moves, and protection rackets. | | (read: Our devices are supposed to be _property_. Property is | something we fully own that behaves the way we want. It doesn | 't spy on us. Property is something we can repair. And it | certainly is not a machination to fleece the industry by | stuffing us into walled and taxed fiefdoms, taking away our | control. Discard anything that doesn't behave like property.) | | [edit: I've read Gruber's piece on this. It's wish-washy, | kind of like watching a moderate politician dance on the | party line. Not the direct condemnation this behavior | deserves. Let's not take his wait and see approach with | Dracula.] | mistrial9 wrote: | > regulating Apple and Google | | this is not strong safety for citizens | | source: political history | acdha wrote: | > Gruber practically (no, perhaps actually) worships Apple. | He'd welcome Big Brother into his house if it came with an | Apple logo, and he'd tell us how we were all wrong for | distrusting it. | | You mean the same Gruber who described the situation as | "justifiably, receiving intense scrutiny from privacy | advocates."? The one who said "this slippery-slope argument | is a legitimate concern"? | | I'm having a hard time reconciling your pat dismissal with | the conclusion of his piece which very clearly rejects the | position you're attributing to him as grounds for | dismissal: | | > But the "if" in "if these features work as described and | only as described" is the rub. That "if" is the whole | ballgame. If you discard alarmism from critics of this | initiative who clearly do not understand how the features | work, you're still left with completely legitimate concerns | from trustworthy experts about how the features could be | abused or misused in the future. | | I mean, sure, know where he's coming from but be careful | not to let your own loyalties cause you to make a bad-faith | interpretation of a nuanced position on a complex issue. | shapefrog wrote: | If icloud backup works as advertised - it backs up your | device. | | However, if we consider the slipery slope, under pressure | from a shaddow government, the contents of your phone | could have been uploaded to the CIA every day, including | live recordings 24 hours a day. | fossuser wrote: | Thanks - I couldn't have said it better. | Dah00n wrote: | Yes but so is much in that link or at least it is very | biased. This one is far better: | | https://www.hackerfactor.com/blog/index.php?/archives/929-On. | .. | montagg wrote: | "If it works as designed" is I think where Gruber's article | does it's best work: he explains that the design is pretty | good, but the _if_ is huge. The slippery slope with this is | real, and even though Apple's chief of privacy has basically | said everything everyone is worried about is currently | impossible, "currently" could change tomorrow if Apple's | bottom line is threatened. | | I think their design is making some really smart trade offs, | given the needle they are trying to thread. But it shouldn't | exist at all, in my opinion; it's too juicy a target for | authoritarian and supposedly democratic governments to find | out how to squeeze Apple into using this for evil. | Spooky23 wrote: | The EFF wrote a really shitty hit piece deliberately confused | the parental management function with the matching against | hashes of illegal images. Two different things. From there, a | bazillion hot takes followed. | rootusrootus wrote: | Yeah I found the EFF's piece to be really disappointing, | coming from an organization I'm otherwise aligned with | nearly 100% of the time. | shapefrog wrote: | EFF today is really not the organisation it was just a | few years ago. I dont know who they hired badly, but the | reasoned takedowns have been replaced with hysterical | screaming. | matwood wrote: | > hysterical screaming | | Given the political/societal climate, it probably gets | them more donations. | washadjeffmad wrote: | The EFF article refers to a "classifier", not just matching | hashes. | | So, three different things. | | I don't know how much you know about them, but this is what | the EFF's role is. Privacy can't be curtailed uncritically | or unchecked. We don't have a way to guarantee that Apple | won't change how this works in the future, that it will | never be compromised domestically or internationally, or | that children and families won't be harmed by it. | | It's an unauditable black box that places one of the | highest, most damaging penalties in the US legal system | against a bet that it's a perfect system. Working backwards | from that, it's easy to see how anything that assumes its | own perfection is an impossible barrier for individuals, | akin to YouTube's incontestable automated bans. Best case, | maybe you lose access to all of your Apple services for | life. Worst case, what, your life? | | When you take a picture of your penis to send to your | doctor and it accidentally syncs to iCloud and trips the | CSAM alarms, will you get a warning before police appear? | Will there be a whitelist to allow certain people to "opt- | out for (national) security reasons" that regular people | won't have access to or be able to confirm? How can we know | this won't be used against journalists and opponents of | those in power, like every other invasive system that | purports to provide "authorized governments with technology | that helps them combat terror and crime[1]". | | Someone's being dumb here, and it's probably the ones who | believe that fruit can only be good for them. | | [1] https://en.wikipedia.org/wiki/Pegasus_(spyware) | FabHK wrote: | > When you take a picture of your penis to send to your | doctor and it accidentally syncs to iCloud and trips the | CSAM alarms, will you get a warning before police appear? | | You would have to have not one, but N perceptual hash | collisions with existing CSAM (where N is chosen such | that the overall probability of that happening is | vanishingly small). Then, there'd be human review. But | no, presumably there won't be a warning. | | > Will there be a whitelist to allow certain people to | "opt-out for (national) security reasons" that regular | people won't have access to or be able to confirm? | | Everyone can opt out (for now at least) by disabling | iCloud syncing. (You could sync to another cloud service, | but chances are that then they're scanned there.) | | Beyond that, it would be good if Apple built it | verifiably identically across jurisdictions. (If you | think that Apple creates malicious iOS updates targeting | specific people, then you have more to worry about than | this new feature.) | | > How can we know this won't be used against journalists | and opponents of those in power, like every other | invasive system that purports to provide "authorized | governments with technology that helps them combat terror | and crime[1]". | | By ensuring that a) the used hash database is verifiably | identical across jurisdictions, and b) notifications go | only to that US NGO. Would be nice if Apple could open | source that part of the iOS, but unless one could somehow | verify that that's what's running on the device, I don't | see how that would alleviate the concerns. | dathinab wrote: | Two different things which are sold as one package _by | Apple_. | | Two different things which both are known to be prone to | all kind of miss-detection. | merpnderp wrote: | Can you quote what you found confusing, because I didn't | see anything that didn't agree with the Apple announcement | they linked in the piece. | bastardoperator wrote: | Like this part? | | "The Messages feature is specifically only for children in a | shared iCloud family account. If you're an adult, nothing is | changing with regard to any photos you send or receive | through Messages. And if you're a parent with children whom | the feature could apply to, you'll need to explicitly opt in | to enable the feature. It will not turn on automatically when | your devices are updated to iOS 15." | vondur wrote: | I still don't understand how this is allowed. If the police | want to see the photos on my device, then they need to get a | warrant to do so. Full stop. This type of active scanning | should never be allowed. I hope that someone files a lawsuit | over this. | amelius wrote: | You agreed to the EULA :) | vondur wrote: | I'm not sure EULA's can effectively bargain away US | constitutional protections. | fossuser wrote: | Speculating (IANAL) - it's only when iCloud photos is | enabled. I'd guess this is akin to third party hosting the | files, I think the rules around that are more complex. | mdoms wrote: | You must be joking. It would be hard to find anyone more | biased in favour of Apple than Gruber. | samename wrote: | Unless those pictures are also in the NCMEC database, there | won't be a match.* | | * As addressed in the comments below, this isn't entirely true: | the hash looks for visually similar picture and there may be | false positives. | gambiting wrote: | Absolutely not true. Apple is using a similarity based hash, | so if the NCMEC database contains a picture that's _similar_ | to one that you have, it could produce a match even if it 's | not the same. Apple says this isn't an issue, because a | person will look at your picture(yes, a random person | somewhere will look at the pictures of your newborn) and | judge whether they are pictures of child abuse or not. If | this unknown person thinks your picture shows child abuse, | you will be reported to NCMEC and then what happens is | unknown - but likely that it would result in some legal | action against you. | samename wrote: | Good point, thanks, updated my comment. | Spooky23 wrote: | Where's your evidence on this? | | The NCMEC database and this hashing have been around for | like 15 years. I'm curious as to how you know this. | mattigames wrote: | False positives have been found, not because the photo | hold any similarities but because the hashes match: https | ://www.hackerfactor.com/blog/index.php?/archives/929-On.. | . | gambiting wrote: | Literally Apple said in their own FAQ that they are using | a perceptual(similarity based) hash and that their | employees will review images when flagged. If that's not | good enough(somehow) then even the New York Times article | about it says the same thing. What other evidence do you | need? | lawkwok wrote: | Keep in mind, this manual review only happens after Apple's | system detects multiple occurrences of matches. Until that | point, no human is alerted of matches nor does anyone see | how many matches there have been. | | In a TechCrunch interview Apple said that they are going | after larger targets that are worth NCMEC's time. | zionic wrote: | Parents take a lot of photos of their kid. Like, _lots_. | jamesu wrote: | "Multiple occurrences of matches" could have definitely | been an issue for a friend of mine. When they took a | picture, they'd often go for the "blitz the subject with | the camera" approach, then never ended up deleting all | the bad pictures because they had hoarding tendencies. | vxNsr wrote: | > _Apple is using a similarity based hash, so if the NCMEC | database contains a picture that 's similar to one that you | have, it could produce a match even if it's not the same_ | | It's actually worse than this, if the hashes are similar | then they'll get sent for review. Your picture could be a | picture of an abstract painting[0] which has no visual | similarity to anything in the db, but through the magic of | crypto is similar and it too will be flagged. | | [0] The reason I use this example is because someone posted | a bunch of abstract art that was flagged by the algo. | josefx wrote: | As far as I understand they use some kind of hash. I suspect | their paper on avoiding hash collisions is right next to the | Nobel price wining description of the worlds first working | perpetuum mobile. | potatoman22 wrote: | https://en.wikipedia.org/wiki/Perceptual_hashing | Dah00n wrote: | That is not true. If you read what experts who actually do | something to stop CP (unlike Apple) say there are proven | false positives. | | https://www.hackerfactor.com/blog/index.php?/archives/929-On. | .. | samename wrote: | Thanks, I updated my comment. | FabHK wrote: | Yes, and you can put a number on the probability of that | happening, say a fixed p << 1. And then you can choose the | number of required matches before flagging, say N. And then | (assuming independence [1]) you have an overall probability | of p^N, which you can make _arbitrarily small_ by making N | sufficiently large. (I 'm pretty sure that's how Apple came | up with their "1 in a trillion chance per year".) And then | you still have manual review. | | [1] you could "help" independence by requiring a certain | distance between images you simultaneously flag. | [deleted] | deeblering4 wrote: | What would prevent someone from, for instance, printing off an | illegal photo, "borrowing" a disliked co-workers iCloud enabled | phone, and snapping a picture of the illegal picture with their | camera? | | On iOS the camera can be accessed before unlocking the phone, and | wouldn't this effectively put illegal image(s) in the targets | possession without their knowledge? | [deleted] | randyrand wrote: | yes | fortenforge wrote: | These illegal photos are not trivial to obtain. Possessing (and | here, the printing step necessitates possession) these illegal | photos is in and of itself a crime in most relevant | jurisdictions. | | But OK, let's say that you've found a way to get the photos and | you're comfortable with the criminal implications of that. At | that point why don't you just hide the printed photos in your | coworker's desk? My point is that if you have a disgruntled | coworker who's willing to resort to heinous crimes in order to | screw you over, there's many different things they could do | that are less convoluted. | tick_tock_tick wrote: | It takes 1 minutes on TOR to find enough to get anyone thrown | in jail don't make it sound harder than it really is. As for | photos vs printing taking a photo reports it for you so | you're never involved. | cebert wrote: | As much as the tech and security community has concerns and | objections to this policy change on the part of Apple, I'm | skeptical there will be any notable impact to Apple's revenue and | future sales. | hypothesis wrote: | I remember people were saying same thing about Linux on | Desktop, yet we have viable alternatives to proprietary OSes. | | Yes, someone will have to struggle to get us there, but will | have alternative if we don't give up. | tehjoker wrote: | I'd like to point out that the government (and by proxy Apple, | companies care even less) doesn't give a shit about children. | They are advocating a policy of mass infection, they didn't give | a crap about children in Flint drinking toxic water, etc. If they | cared about kids, they would care a lot about thinks that | physically hurt and kill them. This means we don't have to take | their stated reasons for this at all seriously. | | Apple, if you care about children, you'll pay more than your | legally owed taxes and push for improved access to education, | nutrition, and free child care. They're only interested in the | avenue that coincidentally dramatically increases their | surveillance powers and the powers of the government. | | Weird, can't figure that one out. | johnvaluk wrote: | My common sense is tingling, telling me that Apple's eventual | move will be one of malicious compliance, finally implementing | e2ee in a way that provides them with culpable deniability and | users with a much desired privacy enhancement. | atbpaca wrote: | #NotUpdating to iOS15, also #NotUpgrading this time until further | notice. | ur-whale wrote: | > The Deceptive PR | | Tautology | phkahler wrote: | I really don't get all the hype. This is not a backdoor as it's | called in TFA. It's not Apple "reaching into your device". It is | literally checking for specific images and reporting their | presence to Apply if found. It's not using AI to analyze your | photos or anything like that. It's looking for specific images, | and only prior to uploading them to iCloud. It won't even flag | your own nasty images because the hash won't match. | | Note: The above assume we're talking about a typical hash of data | and not an image-analysis "hash" of what it thinks the content | it. This is supported by the language they use. | | Yes, it's a bit big-brother. But I already assume the authorities | can fairly easily get ALL your iCloud data if they ask Apple the | right way. | | You know what's creepy AF? Having a private conversation and | getting facebook ads the next day relating to the topic. Talk | about an acquaintance acting schizophrenic and get ads about | medications and treatment for that? Creepy as fuck. And that was | on the wifes iPhone - I have Android and didn't get that stuff, | but I seem to remember similar incidents where I got ads for | stuff talked about. That's serious voice analysis, not just | checking a file hash, and it happens when your phone is in your | pocket. | sureglymop wrote: | I think the perceived problem is the database of hashes to be | matched. If this is a database that can be contributed to by | other parties this can be used to "frame" people of a crime. | This can the be used for example to get rid of political | dissidents etc. Since there are just hashes in the database, | this should be fairly easy. | | This is what I THINK people are worried about. I don't have an | Apple device so I haven't really fact checked all of this. | refulgentis wrote: | It's a dam-break moment for Apple on privacy - until now, | people could be unaware, or wave away , concerns about storing | iCloud data exclusively on government servers because it was | China, promoting ""antivirus"" software on boot because it was | Russia, not encrypting iCloud backups because who knows maybe | that's just been a complete oversight for years even after | detailed reporting on how Apple used it to escape arguing about | encryption after San Bernardino, and additionally made it super | easy to get the backups, just show me a warrant | | Now it's on _your_ phone in _your_ country. No handwaving, no | sticking ones hand in the sand. The only hopeful argument being | posited is that somehow this will "make iCloud more private in | the long run" | daveidol wrote: | Wait are you saying you get ads based on things you converse | about out loud in the real world because your phone is | listening to everything in your pocket? You know that is a myth | and isn't true, right? | shapefrog wrote: | You saying one conspiracy is 100% true but another one is | laugh out loud impossible? | zepto wrote: | I agree with you, but I want to correct you - they _are_ using | an image analysis hash, not a cryptographic hash. However it | doesn't change the logic of your argument. They require | multiple positive marches, and they also require a visual | derivative of the CSAM images to match. | mustacheemperor wrote: | The 'hype' seems to me to be the valid-sounding concern that | this tool creates the ability to "look for specific images | prior to uploading them to iCloud" on Apple devices, and that | while today that capability is exclusively applied to save the | children, that tool could later be repurposed by authoritarian | regimes or other human rights abusers. | | Speaking towards what we can assume the authorities can do, we | know the FBI cannot compromise an encrypted iPhone because they | attempted to force Apple to do that via court order. From what | I can tell, the objections to Apple's expanded protection | tooling is similar to the objections to adding backdoors to | iPhone encryption so the FBI can break into devices used by | criminals. It's great to stop the crime today, but how could | this be repurposed tomorrow. | 1vuio0pswjnm7 wrote: | "The hypothesis that I have is that Apple wishes to distance | itself from checking users' data. They've been fighting with the | FBI and the federal government for years, they've been struggling | with not reporting CSAM content to the NCMEC, they don't want to | be involved in any of this anymore." | | However there is close to zero evidence to support this idea. I | was just reading something the other day that directly | contradicted this; it suggested the relationship has been | excellent save for a single, well-publicised dispute over | unlocking an iPhone. In other words, the publicly aired dispute | was an anomaly, not representative of the underlying | relationship. | | Even more, unless the pontificator works for Apple or the | government, she is not a good position to summarise the | relationship. Plainly put, it is not public information. | | What does such baseless speculation achieve. Is it like spreading | a meme. I dont get it. | | "The worst part is: how do I put my money where my mouth is? Am I | going back to using Linux on the desktop (2022 will be the year | of Linux on the desktop, remember), debugging wifi drivers and | tirelessly trying to make resume-from-suspend work? Am I getting | a Pixel and putting GrapheneOS on it like a total nerd? FUCK." | | Is having a computer with closed source wifi drivers and working | resume-from-suspend more important than having a computer with an | open OS that does not include an intentional backdoor. | | Maybe the problem is not how to put your money where your mouth | is, its how to put your mouth where your money is. What does | GrapheneOS cost. Maybe this is not about money. | | Options like GrapheneOS, even the mere idea of GrapheneOS, i.e., | that there can be alternatives to BigTech's offerings, get buried | underneath Apple marketing. Much of that marketing Apple gets for | free. It comes from people who do not work for Apple. | | Bloggers and others who discuss computers can help change that. | They can also help Apple sail through any criticism (and they | do). | severak_cz wrote: | > The hypothesis that I have is that Apple wishes to distance | itself from checking users' data. | | This is best explanation of the whole situation I have read. | hu3 wrote: | And in the process hand over more user data to tyrants. | | Surely they know this will be abused to check user data before | it is uploaded to iCloud. All it takes is a willing government. | crummy wrote: | How is that different from how things work now? | [deleted] | rootsudo wrote: | https://www.missingkids.org/theissues/end-to-end-encryption | | Geez. | still_grokking wrote: | The main statement on that site does once more not explain why | real criminals just wouldn't use not backdoored software. | | Indeed, it just looks like another move in the current crypto- | wars. | seph-reed wrote: | I really don't see why the scanning would ever be done on the | phone instead of on iCloud if it only affects iCloud images. | | But I do have guesses why. | pvarangot wrote: | This article speculates that that's because Apple is not | scanning on iCloud to respect their privacy policy: | https://www.hackerfactor.com/blog/index.php?/archives/929-On... | | Apple's report count to the NCMEC is really low so it's | probably true that they are not scanning on iCloud unless they | receive a warrant. | wyager wrote: | "In order to respect our privacy policy, we need to even more | egregiously violate your privacy in a weird lawyer-y way" | czzr wrote: | Only semi-good reason is it would enable E2E encryption in the | cloud while still allowing detection of CSAM. | roody15 wrote: | Except despite this being repeated over and over... Apple has | not said anything about E2E | zepto wrote: | It's also being repeated over and over that apple is doing | this so they can later do some more evil scanning. They | haven't said anything about that either. | macintux wrote: | Apple almost never talks about features like that until | they're ready, so while you're correct, it doesn't mean | much. | wyager wrote: | It's been leaked before that Apple folded under pressure | from the FBI not to add iCloud encryption for images. | ummonk wrote: | That would seem to back up the theory that they plan to | roll out E2EE and are adding on-device scanning first to | enable that. | czzr wrote: | As I said, the design enables this, if Apple chose to do | it. It remains to be seen if they will. | zionic wrote: | The design more plausible enables total device | surveillance than questionable iCloud Backups. (I refuse | to call a backdoored setup E2EE) | zepto wrote: | That's silly. The design is so narrowly tailored to scam | for CSAM that nobody can use it for anything else. | FabHK wrote: | It all depends on what perceptual hashes you use. If | Apple can institute a process whereby those are tied to | the OS version, but not to the region, then it would be | impossible to impose jurisdiction-specific exceptions. | zepto wrote: | > It all depends on what perceptual hashes you use. | | I'm talking about the mechanism as described, not a | hypothetical. | | > If Apple can institute a process whereby those are tied | to the OS version, but not to the region, then it would | be impossible to impose jurisdiction-specific exceptions. | | As it is the mechanism they have built only works in the | US jurisdiction. | nullc wrote: | Apple is free to enable E2E encryption today, without the | backdoor. | outworlder wrote: | In-device scanning is used for the feature that warns teens | (and if =< 12yr old, their parents). | | Biggest mistake Apple has ever done was to roll out three | different features at once and announce at the same time. This | is creating all sorts of confusion. | FabHK wrote: | And CSAM detection as well. | AlexandrB wrote: | That's the crux of it. Why bother with on-device | identification, unless one of: | | a. Apple intends to E2E encrypt iCloud data. | | b. This is intended to extend to _all_ photos on the device in | the future. | | I'm hoping it's (a), but it's probably (b). And in either case | it sets a bad precedent for other companies to follow. | | Edit: This also turns every jailbreak into a possible CSAM | detection avoidance mechanism, giving the government plausible | cover to treat them as serious, criminal actions. Apple would | probably love that. | still_grokking wrote: | Where is this stance coming form that Apple needs to break | E2E crypto to be "able" to "E2E encrypt iCloud data"? | | That makes absolutely no sense. There is nowhere such a | requirement. | | They could just E2E encrypt iCloud data. Point. | matwood wrote: | There is no requirement right now, but you only need to | look at what's happening in the US, UK, and EU to see the | battle setting up around E2EE. Apple may see this feature | as a way to quiet critics of E2EE. Hard to know if it will | be enough. | | But, I think it's safe to say if Apple did turn on E2EE w/o | any provision for things like CSAM, it would help drive | legislation that is likely more heavy handed. | FabHK wrote: | They could E2E iCloud, of course. Question is whether they | could while still staying on the right side of the law. | still_grokking wrote: | Is there a law requiring device manufactures to search | (without any warrant!) the devices of all their | customers? | | How do for example hard drive manufacturers comply? | [deleted] | Barrin92 wrote: | >The worst part is: how do I put my money where my mouth is? Am I | going back to using Linux on the desktop (2022 will be the year | of Linux on the desktop, remember) | | people really need to retire this meme. On the desktop in | particular as a dev environment Linux is completely fine at this | point. I can understand people not wanting to run a custom phone | OS because that really is a ton of work but for working software | developers Fedora, Ubuntu whatever any mainstream distro is at | this point largely hassle free. | ajsnigrutin wrote: | I hate ubuntu from the bottom of my heart, for breaking stuff | and changing stuff that used to "just work" all the time, but | 99.999% of the time, that means "background stuff", "normal | users" never mess around with, and for normal users, a "usb key | -> install -> next, next, next -> finish -> reboot" just works. ___________________________________________________________________ (page generated 2021-08-12 23:00 UTC)