[HN Gopher] Is Apple checking images we view in the Finder?
___________________________________________________________________
Is Apple checking images we view in the Finder?
Author : tagawa
Score : 183 points
Date : 2023-01-21 19:06 UTC (3 hours ago)
(HTM) web link (eclecticlight.co)
(TXT) w3m dump (eclecticlight.co)
| simonCGN wrote:
| I suppose you should do it the other way round: there is a
| rumour, you see if it is true rather than assuming it is true and
| try to find evidence if it is true.
| bboygravity wrote:
| What if there's no way to find out if it's true?
| yreg wrote:
| Then assume it is true when making security decisions, but
| don't pretend it is true when talking about it in
| discussions. (imo.)
| hbarka wrote:
| I recognize the author's use of Scapple for the flowchart
| diagram. One of my favorite visual mapping apps appropriated from
| the writing, not techie, community.
| gernb wrote:
| I read that as some creative way to use Scrapple for diagrams
| and went to check out what it was. Imagine my disappointment
| that it was just some poorly named software and not actually
| diagrams made from scrapple
|
| https://en.m.wikipedia.org/wiki/Scrapple
| hbarka wrote:
| Yup, it's Scapple unlike Scrapple. A strange word without
| history. Let me add a plug for them (Literature and Latte):
| https://www.literatureandlatte.com/scapple/overview
|
| They also have another amazing app called Scrivener, made for
| writers and novelists, but can hold its own against other
| note-taking apps.
| jsz0 wrote:
| Probably untrue but the general trend of Apple throwing in the
| towel on privacy has made me start seriously thinking about the
| logistics of moving away from macOS in the near future. I know
| it's going to be super unpleasant because I've been a 20+ year
| macOS snob and it's an integral part of how I get any work done.
| Making a reluctant change is so difficult. I almost hope Apple
| makes some terribly egregious changes to macOS that will make it
| easier for me to cut it loose and move on.
| [deleted]
| tomxor wrote:
| Baby steps... maybe start with dual booting, or a VM, over time
| you get more and more comfortable as you find the bits you need
| on Linux or whatever.
|
| You will probably never find a replacement for everything, but
| eventually you get to a threshold where the "Apple Hates Me"
| vibes > "Not quite everything I want", then you have somewhere
| to go when you flip the table... You will probably still hate
| it initially, but the nice thing is that you can work on it,
| making it into what you want, and unlike with Apple or MS you
| can make progress... it will stay how you put it, because the
| authors of the software are not working against you. i.e it
| gets more comfortable over time, and less of a battle over
| time.
|
| Admittedly how easy this is, is highly subjective, e.g if you
| are a media person then it's going to be painful whatever
| platform you head to (although I hear audio and video editing
| alternatives are getting better).
| indymike wrote:
| I've unplugged as much as I can from both Windows and MacOS. I
| still have to carry a Mac because of Xcode (and mobile
| development), Affinity (for design) and from time to time, MS
| Office (usually to deal with some ancient VBA code). The daily
| driver is just an LG Gram with Kubuntu, and here's the
| difference:
|
| Command line: Linux wins by a mile. GNU gettext has better tab
| completion (i.e. it will complete parameters and paths). If you
| work with Linux servers, it's nice to have the same directory
| structure... and while brew is nothing short of amazing,
| package management on Linux (deb, rpm, pacman, etc...) is still
| the best.
|
| Design: A lot of tools have moved to the cloud (i.e. Figma and
| Canva are getting better) but pro grade design software like
| Affinity Designer (or Adobe stuff) is still the best,
| especially if print shops are involved. If Serif ports Affinity
| to Linux, I will buy it for every machine at my company just to
| say thanks.
|
| Video: Davinci and OSB run extremely well on Linux so life is
| good :-)
|
| Development: Honestly everything is better on Linux... but no
| Xcode, which is required to distribute to the App Store. Xcode
| is a nice IDE, but most of the work I do is in JetBrains IDE
| (GoLand, PyCharm, WebStorm... and occasionally C Lion).
|
| On the hardware front, Apple still makes great hardware, but
| some of the PC manufacturers are making great machines, too
| (LG, Lenovo, Dell). I'm particularly happy with LG's Gram 17"
| which has a giant screen and is an ounce or so heavier than a
| 13" MacBook Air. The M1 and M2 are fast, but a modern i7 or
| better is plenty fast and you can get one with 32GB for cheap.
| golem14 wrote:
| Maybe today. What does it matter when apple can change their
| policy anytime the feel like it? Maybe they can dynamically turn
| things on and off.
| JayGuerette wrote:
| Apple isn't creating neural hashes for CSAM detection, as they'd
| have to be in possession of source material to create them, so
| they're getting them from someone else. Since it's
| indistinguishable in it's hash form, when the supplier becomes
| interested in looking for something else, nobody will ever know.
| yreg wrote:
| >so they're getting them from someone else
|
| Is there any evidence they even do neural hash CSAM detection?
| echelon wrote:
| Do not let Apple off the hook. This must be removed.
|
| This functionality _will_ be used in other global jurisdictions
| to clamp down on freedom. In a world where we cede more control
| and increasingly subjugate ourselves, it 's only a matter of
| time before it's used against us too.
|
| Say no to monitoring.
| brookst wrote:
| So the thing the article concludes isn't being done, must be
| removed?
| echelon wrote:
| Maybe that's the case. We should be vigilant and treat the
| concern with utmost seriousness.
|
| Once upon a time, Apple announced they would do this. We
| can't ever let them.
| brookst wrote:
| The suppliers are well documented and it takes two suppliers
| agreeing on the same neural hash.
|
| So, when the US center for missing and exploited children
| decides to collide with the Japanese equivalent to detect IDK
| what, yea, you wouldn't know. Assuming those agencies don't
| operate with transparency.
| rurp wrote:
| Requiring two suppliers to agree is simply the current
| policy. I think the GPs concern is that Apple's policies can
| change without warning or notice. That seems like a pretty
| valid concern to me, which Apple has zero interesting in
| mollifying.
| User23 wrote:
| If you upload your data to a server that server's owners can do
| whatever they want with it. How do people still not get this?
| josephcsible wrote:
| Distinguish between choosing to upload your data to a server
| vs. working with data on your local hard drive without air-
| gapping your computer first.
| yreg wrote:
| This article is not about people uploading data to a server
| intentionally, so I don't see the connection. Who are the
| people who 'still don't get this'?
| cyanydeez wrote:
| If apples not building an AI behind each of their users, sell
| your stock now.
| lamontcg wrote:
| What happens if we just delete mediaanalysisd? I really don't
| need visual search algorithms using Apple's cloud servers.
| CharlesW wrote:
| You can also just turn off Siri Suggestions:
| https://eclecticlight.co/2022/04/08/how-to-enable-use-and-fi...
| alin23 wrote:
| There's also a follow up to that with more findings here:
| https://eclecticlight.co/2023/01/20/demonstrating-causal-con...
| [deleted]
| zwilliamson wrote:
| Does anyone have a list of Apple urls that we can block via
| something like pi hole?
|
| On a side note, I'm actively evaluating options to replace my
| aging MacBook. Anyone have a System76 laptop?
| oneplane wrote:
| Apple does: https://support.apple.com/en-gb/HT210060
|
| But as others have written: this won't result in what you think
| it results in.
| int_19h wrote:
| If you're looking for a Linux laptop specifically, take a look
| at StarLabs.
|
| https://us.starlabs.systems/
| tagawa wrote:
| Spoiler alert:
|
| "There is no evidence that local images on a Mac have identifiers
| computed and uploaded to Apple's servers when viewed in Finder
| windows."
| cookie_monsta wrote:
| So, Betteridge's Law?
|
| https://en.m.wikipedia.org/wiki/Betteridge's_law_of_headline...
| b3morales wrote:
| Sort of, but this article seems to be specifically a response
| to a recent blog post that said that the answer was "Yes":
| https://sneak.berlin/20230115/macos-scans-your-local-
| files-n...
| IndySun wrote:
| Thank you. I much prefer Sneaks stance on Apple than
| eclectic light's. Both post enough useful public
| information to remind people that Apple are not as
| different to other giants in underhand software tech
| shenanigans. Eclectic often make us aware of Apple updating
| software without permission, which is bad enough, and
| commonly known on this forum. But Sneak will present
| reasons why Apple users should not become complacent, and
| for that I am grateful.
| acdha wrote:
| The problem is that Sneak tends towards conspiratorial
| thinking so you need to read posts through the lens of
| separating what's factually established from what
| hypothetically could be done in the future.
| poszlem wrote:
| The phrase 'there is no evidence' can be interpreted in two
| ways, one being that it is highly likely but unproven, and the
| other being that it has been disproven and should not be
| believed.
|
| I'm afraid we are still in the first version territory given
| what we know about big tech and Apple's recent behaviour.
| runjake wrote:
| Caveat:
|
| "Images viewed in apps supporting VLU have neural hashes
| computed, and those are uploaded to Apple's servers to perform
| look up and return its results to the user, as previously
| detailed[1]." (but not for CASM reasons)
|
| 1. https://eclecticlight.co/2022/03/25/how-visual-look-up-
| works...
| randyrand wrote:
| what is VLU?
| MBCook wrote:
| Visual look up. I believe it's the thing where Apple will
| tell you if something is a tree or a plant or a dog or
| whatever. And you can click on it and it hopefully tells
| you what kind like lab vs poodle vs Great Dane.
| SkyMarshal wrote:
| iOS 15+ Visual Lookup:
| https://support.apple.com/guide/iphone/visual-identify-
| objec...
| btown wrote:
| A bit hard to believe that VLU's NeuralHashes aren't _also_
| passed through CSAM detection, when NeuralHashes were first
| announced to the world in the context of CSAM detection:
| https://www.apple.com/child-
| safety/pdf/CSAM_Detection_Techni...
|
| That said, to reiterate the OP, there's no evidence that VLU
| executes when using Finder or QuickLook alone.
| mftb wrote:
| Are you sure? Because in a prior article on the same source
| your parent linked it would appear that it is being used
| with QuickLook[0].
|
| "While VLU is taking place, the image being looked up is
| opened in the floating window of a QuickLook preview."
|
| [0]https://eclecticlight.co/2022/03/23/how-visual-look-up-
| works...
| btown wrote:
| Hmm, there is some ambiguity in the author's writing
| style. I interpreted what you quoted above as "if you are
| in Safari.app or Preview.app and activate VLU explicitly,
| it displays the image in a QuickLook window." The author
| does say in https://eclecticlight.co/2023/01/18/is-apple-
| checking-images... that:
|
| > Although the original description given was 'Finder
| browsing', for some that might include the display of
| images as QuickLook Previews, by selecting the image and
| pressing the Spacebar... [The process triggered from
| this] is consistent with the briefer task used in Live
| Text, and quite different from VLU. There is thus no
| evidence of the generation of neural hashes or any search
| query by PegasusKit typical of the later stages of VLU...
|
| > Local images that are viewed in QuickLook Preview
| undergo normal analysis for Live Text, and text
| recognition where possible, but that doesn't generate
| identifiers that could be uploaded to Apple's servers.
| mftb wrote:
| Understood. My own personal take-away, is that even with
| all the digging those folks have done it is not possible
| to know what Apple is actually doing. Which kind of
| reinforces your original point in the comment that I was
| responding to.
| hnaccy wrote:
| Is there any way to disable VLU?
|
| It sounds like anytime I open an image in Preview it sends
| hashes to apple?
| runjake wrote:
| FTA:
|
| "VLU can be disabled by disabling Siri Suggestions in
| System Settings > Siri & Spotlight, as previously
| explained[1]."
|
| 1. https://eclecticlight.co/2022/04/08/how-to-enable-use-
| and-fi...
| jjcon wrote:
| For the record I don't believe Apple is collecting that info -
| having said that I think the biggest issue with Apple is that
| it is not possible to fully audit and determine what they
| collect and what they don't. Just because they aren't
| constantly sending hashes over the internet after viewing each
| photo in finder doesn't mean that similar data isn't collected
| at all over the many encrypted connections apple maintains with
| their servers and Mac computers.
|
| It would be colossally stupid for them to betray user trust in
| that way as it would almost certainly come out eventually, but
| that doesn't change the trust problem they ultimately do have.
| marcosdumay wrote:
| > It would be colossally stupid for them to betray user trust
| in that way
|
| Yes. Unless, of course somebody is pointing a gun to their
| heads and forcing them, like the US government was already
| caught doing to other companies.
| slenk wrote:
| Interesting. Do you have any more info I could read
| regarding that.
| amelius wrote:
| It's freaking annoying that you can't use an Apple device
| without being connected to Apple.
|
| There should be a law against that sort of thing, for
| hardware that you fully paid for.
| 2OEH8eoCRo0 wrote:
| I agree, that's why I don't buy them. All of my computers
| are 9+ years old and run fully up to date Linux or Windows.
| htag wrote:
| Wow! Did you know you can run Linux on modern hardware?
| It's faster that way, and doesn't change the amount of
| telemetry reported.
| kevin_thibedeau wrote:
| Modern hardware has backdoors that can't be disabled.
| michaelmrose wrote:
| Is there any proof that such potential backdoors are
| practical and not theoretical? Have you considered non
| x86 hardware. If you were made of money for example Talos
| II or other more reasonable priced options?
| oneplane wrote:
| So does older hardware, nothing was gained here.
| 2OEH8eoCRo0 wrote:
| Why? They all still accomplish what I need them to.
| hgsgm wrote:
| Modern hardware isn't much faster.
| htag wrote:
| 2023 hardware is much faster than 2014 hardware.
| kitsunesoba wrote:
| So much so that 2023 laptops often trounce 2014 desktops,
| with a fraction of the power budget and cooling capacity.
|
| It was true that power stagnated for a long time but it's
| finally back on the upturn.
| frankfrankfrank wrote:
| I'm not sure what would make you think that Windows is
| even in the slightest better.
|
| In fact it is proven that not only is Microsoft deeply in
| bed with the whole US Government, but the amount of
| vulnerabilities and flaws and outright back doors that
| have been publicly exposed in Windows is wildly larger.
|
| I don't even understand this immense focus on criticizing
| Apple, as valid as it is, when people use Android and
| Windows and Google services that are all shown as clear
| hangar door sized vulnerabilities.
|
| It really kind of boggles my mind. Apple is constantly
| being out under pressure by the government and is
| constantly pushing increasing security and privacy
| features, as imperfect as they may be, but that is in
| comparison to Windows and Android, folks.
| mulmen wrote:
| The CSAM thing did irreparable damage to Apple's
| reputation. We foolishly trusted them as benevolent
| dictators of the walled garden. They demonstrated why
| that can't work. Everyone is fallible, nobody deserves
| absolute trust.
| kbf wrote:
| They announced their plans, people objected and they
| listened. I don't get what the problem is?
| 2OEH8eoCRo0 wrote:
| I use Linux but have a barebones Windows 10 install for
| one stupid stressful game that doesn't work on Linux due
| to anticheat. I audibly groan when rebooting to Windows
| to play.
|
| With that said I can still use Windows without a
| Microsoft account.
| CharlesW wrote:
| > _With that said I can still use Windows without a
| Microsoft account._
|
| It sounds like you may not realize that you have never
| needed an Apple account (i.e. an Apple ID, which might
| call an "iCloud account") to use macOS. No magic tricks
| are required, although some Apple services will naturally
| not be avaiable.
| daf203723087 wrote:
| > With that said I can still use Windows without a
| Microsoft account.
|
| Only because you are a power-user and know the magic
| trick to perform when installing Windows to avoid signing
| in with a Microsoft account.
| Someone wrote:
| > There should be a law against that sort of thing, for
| hardware that you fully paid for.
|
| So, if Apple were to say you didn't fully pay for the
| hardware, it would be OK?
| themitigating wrote:
| I don't think more government regulation for such a
| specific reason is a good idea. Just don't buy their
| products.
| oneplane wrote:
| Do you really think the general consumer knows about any
| technical details of the products they buy, and if they
| did, they would care enough to chose the less-comfortable
| option for no perceived gain? This almost never works,
| and I think you know that.
| themitigating wrote:
| Do you really think the general consumer knows any
| medical details of the vaccines they buy? Should we
| regulate misinformation?
| alwayslikethis wrote:
| At some point this "voting with your wallet" argument
| gets ridiculous. How realistic is going through life
| without one of these slaveware devices? (defining
| slaveware as hardware or software that treats you as a
| slave to the corporation that made it) Most people are
| coerced to using it, not even knowing the difference,
| forcing you to use the slaveware as well.
| EMIRELADERO wrote:
| While not specifically that, the EU's Digital Markets Act
| is moving things in that direction. I recommend reading the
| full text of the legislation, it has many gems.
| dotancohen wrote:
| > There should be a law against that sort of thing, for
| hardware that you fully paid for.
|
| Why? That sounds like exactly the type of issue that the
| market will fix, by buying from a different vendor.
| oneplane wrote:
| It seems the market isn't what you tink it is. At the
| same time, people also don't understand that the issue
| isn't what they think it is.
|
| There is a vocal minority on most of these things:
|
| - Powerusers and "learnt just enough to be dangerous"
| users complain about products not being targeted towards
| their wishes
|
| - Privacy alarmists don't like what they can't control
|
| - Commercial interests don't like having to pay for
| things, but do like getting paid for their own things
|
| Technically all correct, but in practise this is nearly
| all in the same bucket as fastfood, sugar, air pollution
| etc. It's something that affects everyone, but it's much
| easier to deny it, ignore it, and just go with the nice,
| easy, comfortable, and profitable paths.
| whiddershins wrote:
| You can wipe it and install Linux and use the hardware you
| paid for unencumbered.
|
| So do you mean use the software you paid for? (Fair)
|
| Or am I missing a nuance.
|
| Edit: Or are you referring to iDevices.
| amelius wrote:
| Running Linux on it is not the solution, as there is no
| documentation. Volunteers have been reverse engineering
| the GPU, but they still don't know whether their
| assumptions are all correct.
|
| Also, is the Linux support actually official? Considering
| the above, I think not. I can't vote with my wallet for a
| company that has no clear map for the future, for my
| particular usecases.
|
| Yes, iDevices are another problem. And yes, paying for
| the software when you use only the hardware is a problem
| too.
|
| Too many problems with this company. I honestly can't
| understand why so many other hackers are happy being
| tethered and parent-controlled by Apple.
| cassianoleal wrote:
| > I honestly can't understand why so many other hackers
| are happy being tethered and parent-controlled by Apple.
|
| Obviously it varies from person to person.
|
| Some just don't care about this at all and/or don't
| consider it an issue.
|
| Some are just really used to it, or invested in the
| platforms, and don't want to waste time moving.
|
| Some will just find much worse experiences for their
| taste anywhere else.
|
| There are likely other personas in this story, these are
| just off the top of my head.
| shanebellone wrote:
| I haven't used Apple in 5-8 years. I prefer to build my
| desktops and don't use my phone much, so Android is
| sufficient.
|
| Frankly, I do not understand the disdain for Apple. They
| built their stack. That should be admired. Also, it's one
| ecosystem in the market.
|
| Don't like it? Buy something else.
| amelius wrote:
| Yes, fair, thanks for the reminder.
| cassianoleal wrote:
| > You can wipe it and install Linux and use the hardware
| you paid for unencumbered.
|
| Not all the hardware, or at least not yet if you're on
| Apple Silicon.
| snazz wrote:
| Asahi Linux works decently well on Apple silicon Macs
| today.
| Gigachad wrote:
| Apple doesn't place any restrictions on doing this, in
| fact they have set it all up to make install Linux as
| convenient as possible without directly adding drivers to
| Linux.
|
| Mainline Linux can now run all the critical features of
| apple silicon laptops and the remaining stuff like power
| management is really just waiting on someone to work out
| what the best way to modify Linux to support it would be.
| 1vuio0pswjnm7 wrote:
| "For the record I don't believe Apple is collecting that info
| - having said that I think the biggest issue with Apple is
| that it is not possible to fully audit and determine what
| they collect and what they don't."
|
| This begs the question why is it not possible. I monitor the
| traffic on the computers I own which means I have sometimes
| to decrypt traffic from applications and then re-encryot
| before sending from the loopback to the local network I own
| and then over the wire onto "the internet". I like to know
| what data applications are sending or trying to send. I like
| to have control over it. That's not unreasonable in the
| slightest.
|
| Yet, in the "tech" company model of computer network use, the
| computer owner is discouraged, e.g., scary browser warnings,
| SSL errors, connection failures, etc., from placing any trust
| in themselves. Instead it advocates, if not effectvely
| mandates, placing trust (and fees, i.e., for "domain names")
| in some other entity, e.g., Apple, other "Certificate
| Authorities", etc. The mere act of questioning this model is
| often attacked by "tech" workers commenting online. Watch it
| happen in the replies.
|
| Under this model, it is as if the the computer and local
| network owner does not also own the traffic. Who owns the
| computer. Who owns the local network. Who own the data. Who
| should be allowed to view it and control it. If anything, one
| would think the computer and network owner should be allowed
| to prevent _any_ third party, including Apple, if they so
| choose, from initiating remote connections and sending data
| from the computer owner 's computer.
|
| Even after purchase Apple believes it is entitled to collect
| data from someone else's computer, over someone else's
| network. And it also believes no computer purchaser ever has
| an interest in seeing what data is being collected, by
| monitoring the traffic, let alone an interest in preventing
| these connections. There is no option provided to globally
| disable all phoning home to Apple, to indicate "No, thank
| you."
|
| It was not always like this, folks. I owned older Apple
| computers that never made such assumptions. The computer
| belonged to the purchaser. Generally, firewalls were not used
| to block software pre-installed on the computer by Apple. The
| so-called "tech industry" has moved the needle and tried to
| normalise what is IMHO an entirely different scenario.
| charcircuit wrote:
| >Even after purchase Apple believes it is entitled to
| collect data from someone else's computer, over someone
| else's network.
|
| They are collecting data on how their software in used.
| Also this article is talking about a visual search feature
| that uses Apple's servers to search for things in your
| images. Apple is just as much entitiled to do this as a
| multiplayer game connecting to game servers. You choose to
| use the software and you choose to permit it onto your
| network.
|
| >e.g., scary browser warnings, SSL errors, connection
| failures, etc., from placing any trust in themselves
|
| These tech companies are trying to improve the security of
| their ecosystem. TLS is paramount in them modern world to
| protect people from MitM attacks.
| oneplane wrote:
| > I like to know what data applications are sending or
| trying to send
|
| Good luck with that. Unless you are running a Commodore 64
| it is unlikely that a single person can understand, inspect
| and make decisions on modern operating systems or even
| individual applications.
|
| There was a small window in which you had the option to use
| your computer as a 'digital typewriter' and 'sometimes send
| a fax', but expected and supplied functionality this day
| and age relies on many small components being heavily
| interconnected, much in the same way that social circles
| are interconnected, social networks (the digital variant)
| are based on critical mass (not technical prowess, legal
| status or privacy) and the amount of people that have
| narrow/well-defined use cases for their computers are at an
| all-time low making them less and less significant to cater
| to.
|
| If you had a Apple computer with 10.3 or newer, this was
| the norm. If you had macOS 9 with iTools, it was the norm
| as well (for a bit until it got dropped in favour of
| MobileMe).
|
| The old times weren't better, just different (and much less
| feature-rich). Great for a few power users, bad for
| everyone else.
| stoned wrote:
| Eh... it depends on what you think is good and bad. It's
| not clear to me that surveillance capitalism will be a
| long term good. Gadgets and social media are fun, but
| digital feudalism will be (is?) a lot less fun and
| rewarding.
| MaxBarraclough wrote:
| > Good luck with that. Unless you are running a Commodore
| 64 it is unlikely that a single person can understand,
| inspect and make decisions on modern operating systems or
| even individual applications.
|
| This is defeatist, and ignores the second-order
| advantages of Free and Open Source software. You don't
| need a Commodore 64, you need a decent GNU/Linux distro.
|
| In practice, it's far less common for FOSS to contain
| code that works against the user's interests, as the
| vendor/developer has no veil of ambiguity and no
| deniability. Only one person needs to find the
| troublesome code, and they can make the rest of us aware.
| Everyone knows this, so FOSS malware is rarely released
| in the first place.
|
| FOSS isn't a silver bullet (see Firefox's telemetry) but
| it's not the case that there's nothing you can do but use
| user-hostile proprietary software for everything.
| cycomanic wrote:
| I don't know how someone can make such a detailed analysis and
| apparently not understand the limitations of the same analysis.
| How can such a broad statement be posted otherwise?
|
| There could be all sorts of explanations why a connection might
| not have shown up in their analysis, rate limiting, batch
| upload, regional settings. It would have been much better to
| say: "in my tests I could observe any evidence..." or something
| similar.
| ChrisMarshallNY wrote:
| _> Basing claims on the inference that two events might be
| connected, without understanding the nature of either, is
| reckless if not malicious._
|
| It can easily happen, though. I did it yesterday, with a bank,
| concerning a credit card number that had been purloined. It was
| unwise, and reckless, and I ended up owning it, and apologizing
| (plus, I learned about a trigger that I need to watch out for).
|
| That said, just because something "easily happens," does not make
| it OK. We can "easily" get homicidally angry, and it would be A
| Bad Thing, if we acted on our impulses.
|
| A mark of my personal maturity, is grounding these impulses,
| before they make it to the outside. When I fail (like yesterday),
| I get embarrassed.
| gockflaps wrote:
| It's refreshing to see someone actually take the time to do some
| proper analysis on this, rather than simply assuming that Apple
| are up to no good and getting angry about it based on nothing.
| Nice work by the author, and a well-explained writeup.
| etchalon wrote:
| A great rebuttal and investigation into a topic that was raised
| by a shallow alarmist last week.
| ramesh31 wrote:
| This ignores the possibility that the scan results could be
| collected and uploaded at a later time, possibly obfuscated
| within the payload of some other benign process. I fully accept
| that the sum of engineering and thought by Apple is much smarter
| than either myself or the average security researcher, and in an
| adversarial situation such as this, it's far from an impossible
| scenario. Ultimately, with a closed source OS, we will never
| really know more than what Apple wants us to know.
| duxup wrote:
| Isn't that "possible" for any computer or device connected to
| the internet?
|
| I feel like "possible" is doing a lot of work here that applies
| everywhere.
| djur wrote:
| > scan results could be collected and uploaded at a later time
|
| The images could also be analyzed and uploaded by software
| installed remotely on your computer overnight. If you actually
| consider yourself to be in an "adversarial" relationship with
| Apple you should not use their products -- they have
| uncountable opportunities to attack you.
| [deleted]
| ok123456 wrote:
| It's wild that you need a firewall just to stop OS features from
| phoning home every file you preview on your computer.
| MBCook wrote:
| Right. Because preventing the computer from talking to Apple
| where it finds out if there are updates or new malware
| definitions in addition to the documented thing it's doing is a
| much better option than turning off the option in settings.
| handsclean wrote:
| Yes, firewalls often prevent this from happening, waiting to
| read about some new setting on HN does not. Firewalls also
| aren't going to block legitimate traffic unless they're badly
| configured.
| acdha wrote:
| You have to think about the problem in context: if abuse
| were happening, which to be clear is not true, you couldn't
| trust a computer made by the company running the program
| you disagree with. They control the software stack and
| network endpoints, so they could exempt their own services
| from the local firewall and avoid a network firewall by
| using something like their network update service to
| receive queries.
| pwdisswordfish9 wrote:
| As if apple would have their services obey firewall
| restrictions.
| est31 wrote:
| Or even VPNs...
| https://www.macrumors.com/2022/10/13/ios-16-vpns-leak-
| data-e...
| gjsman-1000 wrote:
| Or just turn off "Siri Suggestions" in System Settings as
| stated in the article.
| c22 wrote:
| I'd probably stick with the firewall just to be safe,
| thorough, and future-proofed...
| VWWHFSfQ wrote:
| Apple allows itself to bypass the OS firewall so you will
| need something at the network level.
| Xylakant wrote:
| You'd need a network level firewall for that - the OS can
| circumvent any firewall you run on your computer. That
| would imply that you're unprotected once you leave your
| home network. The firewall would also need to inspect all
| network traffic, including TLS secured connections.
| [deleted]
| djur wrote:
| Using a firewall to protect your privacy from the company
| that designed the hardware and wrote the software for your
| computer is kind of like putting on a raincoat before going
| swimming.
| ok123456 wrote:
| Why do they deserve any trust when they're phoning home?
| djur wrote:
| Why do you have any less trust for what they're doing
| with your data on their servers versus what they can
| already do with it on yours? If you don't trust them to
| have access to your data, you should not use their
| hardware and you should not use their software.
| scarface74 wrote:
| The person you are replying to is saying that at some
| level you have to trust someone and "open source" is not
| the answer.
|
| There have been plenty of latent bugs in Linux that took
| years to discover that could have led to information
| extraction
| ok123456 wrote:
| "Every platform has RVEs eventually" is a pretty lazy
| answer.
|
| The answer is to stop normalizing telemetry and data
| exfiltration even if it's 'the good guys' doing it. It's
| not your "cloud" therefore it's not your data.
| scarface74 wrote:
| So if you are not going to trust anyone are you going to
| stop using computers?
| djur wrote:
| No, that's not what I'm saying. I think it's conceivable
| that with a great deal of effort you could build an open
| source system that is highly trustworthy. What I'm saying
| is that the gradient between "highly trustworthy" and
| "untrustworthy" is extremely steep.
|
| To use another analogy, someone using a firewall to keep
| a MacBook from phoning home is like a person who invests
| in a really high-quality lock on their jewelry box to
| keep their housecleaner from stealing from them.
| yreg wrote:
| I believe the firewall is not supposed to be protection
| against Apple doing an attack on you, but against them
| collecting data because you forgot to change some setting
| to opt out somewhere.
| djur wrote:
| If you don't trust Apple with your data, a firewall will
| not protect you. They can collect data at any time and
| have many options for extracting it from your computer. A
| firewall will only really help with "above the table"
| behavior.
| yreg wrote:
| That's what I said.
| oneplane wrote:
| You actually have to opt in to this, but most people do
| because they don't care or understand what it is they are
| doing. In some cases, data shared features have to be re-
| opted-in during major OS upgrades (maybe because the
| processes that process the data are divided differently
| or using different API endpoints.. who knows).
| gjsman-1000 wrote:
| Well... macOS is hardly the worst IoT offender. Roku is
| unbelievable. ;) Many good reasons to set up a Pi-Hole...
| Helmut10001 wrote:
| Just replaced my router with OPNsense and starting to get some
| sense for all the egress traffic.
| titzer wrote:
| It's beginning to look like it wasn't a great move to become _so_
| dependent on _so much_ closed source software. "It's open
| source" they cry. Yeah, system level stuff, just with some
| closed-source barnacles attached that do god knows what,
| stealthily, unaccountably, and yet brazen to a terrifying degree.
| "Trust us". Hmmm.
| squarefoot wrote:
| Broadly speaking, if something is closed source and connected, it
| phones home. Whether it can collect sensitive private data about
| the user is just a matter of when. The sooner common users
| realize that, the safer they can be in the future. Unfortunately,
| spying on users is a well paid business, therefore even without
| involving 3 letter government agencies and/or conspiracy
| theories, we should expect every hardware/software manufacturer
| to attempt to profit from that, if not because pretty much
| everyone else in the field is doing the same already.
| [deleted]
___________________________________________________________________
(page generated 2023-01-21 23:00 UTC)