I was seriously considering switching to Apple for my next phone because of all their privacy marketing. With this update, I'm not touching Apple with a 10 foot pole.
If this was a problem, would we not be seeing a slew of complaints about innocents being dragged through the mud with OneDrive and PhotoDNA? The only thing unique about Apples implemention is that it's client-side.
Yes. The concern is reasonable, but given that this technology is widely implemented in basically every cloud storage offering, there isn't much to suggest that the described outcome will actually happen.
Maybe anecdotal evidence, but I've read multiple posts/news stories about people affected by sanctions because of a shared name. I figure that if there was an issue where PhotoDNA had actually led to someone being arrested, that would have made headlines somewhere, at least here.
But there is a difference. Sure the same technology might be integrated into several cloud storage provider. But i can choose to use a storage provider or not. If Apple is activating this technology on your phone you can not opt out. Your phone will be searched.
But this will be triggered only while uploading to iCloud, so if you are not using iCloud for photos the algorithm will never run? Or that’s why I understood.
I might be mistaken but how it's not the same thing?
- You don't like storage provider - you don't use it
- You don't like ecosystem/smartphone provider - you don't use it
On top of that you can opt out even now by disabling updates it just means that you won't have access to the newest iOS and take risk that at some point software developers will stop supporting OS you decided to stick to.
>You don't like ecosystem/smartphone provider - you don't use it
This just doesn't work like this in our day and age. We are one ecosystem (android) away from complete domination of this scanning technology. You could argue that I could use a librem or something but at that point all librem users automatically become suspicious because "all major manufacturers have this, he probably has something to hide".
If it only was that easy. Social pressure to use certain services often trump personal preferences. Sure, I can change provider from X to Y, but unless I successfully convince my mother to do the same, I'll end up having both X and Y as my mom will still use X.
Yeah this is what really irks me, cloud providers always struck me as "optional", this is adding a feature which can trivially be tweaked to simply scan your entire phone for wrongthink and send the results to the CCP.
If Google decides to implement this, which doesn't seem very unlikely because of the optics of NOT implementing this, people who aren't tech savvy won't really have a realistic way to opt out.
I just don't think there is very much evidence that in practice false positives are a big issue and the article is very much pushing that argument.
This comparison of images to known hashes is only for Apple's iCloud Photo feature, which is optional.
That said, many hosted providers/social networks have similar features - they just have server-side implementations and might not have felt the need for disclosure.
Apple is a US company and this feature is rolling out to US customers in partnership with US law enforcement. I don’t think we have invoke the CCP boogeyman to be worried about this.
If you think Apple is going to install something onto your phone to scan everything for wrongthink and send it to the CCP, you shouldn’t be installing their updates or using an iPhone anyway. They can already do that at any time. This feature doesn’t make it any easier. On the contrary, this feature seems specialized for its purpose, and to slide down your slippery slope they would need some different and more general kind of spyware.
I think my "slippery slope" concerns are less technical and more overton window shifting. If you have this practice of scanning images in place, it's not as huge as a leap to suggest we should register hate propaganda images (for instance, infographics) and not allow Apple to lawfully host it on its servers and so on. You just get less and less steps away from justifying banning things like propaganda against the government or individuals in the government and such.
I would agree on a purely technical level your phone is already pwned by Apple so worrying about this on a technical level is closing the barn door after the horse got out. However from a social perspective one of the holdouts against photo scanning has stopped being a holdout, and doing things from client-side makes it seem less wrong to do other things client-side.
Besides the privacy stuff, this also is a bit more of a slide towards software that you purchase being ultimately controlled by and for the benefit of parties other than yourself.
Only if you use iCloud photos, so you do have a choice.
In practice any major cloud provider is going to or is already doing this. We need a better regulatory approach, it isn’t practical to put the responsibility on providers.
They've said the on-device scanning is done only when you are using iCloud Photos. So it's on-device scanning but only when you are deciding to share your photos with Apple... At least that's how it is for now.
"CSAM image scanning is not an optional feature and it happens automatically, but Apple has confirmed to MacRumors that it cannot detect known CSAM images if the iCloud Photos feature is turned off."
We won't get one though, because the "think of the children!!!" crap is extremely pervasive and anyone going against it will be smeared as a pedo defender.
It is unrealistic to expect corporations, which exist solely via regulations of various governments, to act as if they are immune from government regulatory control. In fact, a lot of negative press for FAANG (add extra letters as needed) specifically makes the point that they are acting as if they are bigger than any government.
In that mindset, the answer is absolutely to combat and to attempt to change broken laws first.
Also, it isn't just "think of the children". For instance, there have been some _terrible_ proposals under the banner of Right to Repair. People tend to not want to invest the time in understanding the ramifications of the actual proposals, and instead vote for or against the concept. One of the reasons ballot measures are both empowering and terrifying.
Good regulations take time and care - and generally, less is more.
"On device scanning" and "only if you use iCloud photos" doesn't make any sense does it? If it's really the case they're just preparing the ground for the next step which they hope won't get as much publicity...
Probably because they are also adding a feature to parental controls which when enabled checks images sent to the phones of your children 13 and under and if the image matches a known bad image they give the child the option to accept it or not, warning the child that if they elect to accept it their parents will be notified and given a copy of the image.
That has to be done on the phone because Messages is end-to-end encrypted. If they are going to have to have hash matching on the phone anyway for that, it makes sense to also use that for checking images that are to be sent to the cloud.
There are multiple features. This particular one is about client-side scanning before upload to Apple's iCloud Photo service, which is optional to use.
Presumably it is client side so that they can do anonymization/encryption of photos on the server, and treat any data access outside the account and account they have shared the photo with as an audited and cross-organizational event.
But if you want to use another hosted service, you can... and likely get their implementation of a similar system. Presumably this is US regulatory compliance.
Presumably the cloud synchronization checks are not a feature Apple wanted to add, but one which they had to under US regulations. Other providers have done this for years server-side, but Apple needed a different approach since the photos are E2E encrypted[1]
It is not a ML model but a list of known image hashes, and is only enabled for US-based accounts, furthering my suspicions this was minimum-effort for regulatory compliance.
Note they _do_ have a feature (also announced today) that uses ML models, but it is meant for local filtering and parental controls/notifications. This feature is also US-only and the parental notifications policy is fixed and age-based. I believe this is both to fit into regulations (e.g. US recognition of rights based on age) and into cultural norms.
I suspect they will have different rules in different jurisdictions when this rolls out further in the future.
[1]: With separate key escrow HSMs for account recovery and legal compliance with e.g. court-ordered access.
Why do some people seem to think that it will stay limited to that forever? It's not just you, it's multiple people in here who think that this is ok. They are our devices. They should not be running software that can get us arrested on our devices. It won't stop there. It never stops there when they can ask for more.
because we’re not discussing hypotheticals, but real life.
and in real life governments elected by the people have been pushing for this for years. the result has been google and all the other cloud providers already implementing this. apple was the last big one to hold out.
will they expand this in the future? sure, whatever. the system is so broken, and i’m so powerless, that at this point in time it doesn’t matter what i want.
at least it will only apply to the US. the ROW is spared. at least for now.
If you take their technical summary [1] at face value, they designed it to be limited.
Even if the hashing and matching happen on the local device, a match can only be revealed server-side. The hash database distributed to local devices will be blind hashed with a server-side secret key and the locally derived hash match will need to be decrypted with that key to be read by Apple. So theoretically if the local device doesn't upload content to iCloud, no content matching can be revealed, even if the hashing and matching has been done locally.
Of course, you also need to trust that Apple won't be uploading those locally derived hashes to iCloud without the user's permission if iCloud backups are disabled.
You can opt out by not using iCloud for your photos. If you prefer, you can install Google Photos or OneDrive onto your iPhone and let your images be scanned in the clear in the cloud instead.
- The scanning will be performed only if photos are to be uploaded to iCloud.
- The database will be encrypted multiple times in a way that it can't be clearly read.
- There's not notification to Apple in any way in case of matches.
- Instead, each match result is again encrypted in a way that is inaccessible to Apple and uploaded together with photo
- If there a lot of positive matches, they eventually will become able to decrypt it. That's when they will do manual check, lock the account if it is correct and notify authorities.
This is definitely one of those topics where going public can have immediate negative consequences for someone even if it turns out to have been a false positive.
> The only thing unique about Apples implemention is that it's client-side.
This is just another case of, 'your phone' is not yours. People stores their lives and thoughts in a device that they have no control of.
I am not against those use per se. I am worried about what it means legally. The minimum that we need is a more clear legal framework. This is a private company accessing personal data without consent and without any formal requirement from law enforcement.
> This is just another case of, 'your phone' is not yours. People stores their lives and thoughts in a device that they have no control of.
This is specific to photo synchronization to the cloud, which is an optional service.
In that sense, it isn't really doing anything different than say a OneDrive photo sync app - except it is doing the check on the client side, rather than having the server decrypt to do the check.
It is part of the default install and setup wizard, but thats a battle we lost decades ago in the PC world. You still have to opt into iCloud synchronization for this to be enabled.
The system is used during synchronization to iCloud Photos, which is an optional feature.
Other hosting providers do similar scans, but they do not do them within the client-side component. Presumably, this is done to give the hosting environment no access to the actual data (e.g. data access such as by subpoena becomes a cross-organizational auditable event)
I have a very common name too... I was an inch away to be denied a loan for my house because there was this guy with my same name, surname and date of birth that was in the CRIF (a sort of registry for people with very low credit score here in Italy).
I know the feeling.
And while we all agree about the fact the child porn should be stopped and people should go to jail for it, apparently "what happens on your iPhone stays on your iPhone" only until Apple says so.
Do you suppose any government is going to pass laws which prohibits companies from scanning photos for CSAM either on-device or in the cloud? When half the time it's being done at the insistence of those self same governments?
I know this isn't the answer, but I am happy to have a globally unique name.
I was lucky to have not one but two uncommon surnames. (grandmother remarried, children got an extra surname). There are only a dozen people with that combination of surnames.
I'm the only person in the UK with my sequence of names, they told me so when I was getting my covid jab and didn't have my NHS number on me so they had to find me by name and match to my photo ID.
French immigrant mother so French first name and middle name, and then an uncommon British (Welsh I think, dad's parents didn't learn English until they got to secondary school) second name.
I have no idea how it works in other countries, but in Poland there are publicly accessible `.csv` files with data about names and surnames in the PESEL system (the ID assigned to people with Polish citizenship) since its creation. A double surname would be marked as a separate entry. If something like this exists in other countries, checking the rarity of a combination of surnames would be quite easy.
I, too, have pretty good reason to believe I have a globally unique name. Which makes me wonder, how common is that? I have no idea how even to begin coming up with a rough estimate. I can’t even make an educated guess about the order of magnitude.
Had the same problem in France. It resolved shortly, in a few days, but the bank cancelled my credit card, without warning, on a Friday. I have one of the most common first name along with one of the most common last names. There are thousands of people with the same name as I. The guy who was on the no-banking-list was not the same age, wasn't born or lived in the same city, everything else was different.
Regulators are aware and are creating rules to prevent this. For example, the upcoming EU AI law requires companies to provide a detailed explanation for eg credit scoring if requested.
I don't think my name is particularly common, but I got stopped while going through immigration in Australia a while back, and was quizzed in a private room by 2 men in black suits for quite a while - who I was, why I was there, who I worked for, that kind of thing.
In the end, they thanked me for cooperating (they were actually quite friendly and polite in general, not like going I to the US, for example) and explained that they were looking for someone with the same name as me.
I have an unusual, hard to spell surname. One time when I lived in the UK I found it hard to open a new bank account.
After a bit of investigating I found out that I had been placed on the Credit Industry Fraud Avoidance System because different spelling of my name had been used in previous applications. This was seen as an attempt to get past credit checking, in reality the people entering my name in to their systems mis-spelled/mis-typed my name. As a result of someones carelessness I was flagged as being risky.
I wonder how Apple will fish out “child porn” from tons of innocuous pictures of babies, often mostly in the nude (children like to wear no clothes). Is their algo clever enough to understand context?
In theory they are simply matching against a known database of existing images, and as such your baby/family images will not be a match - they are personal images that have not been catalogued elsewhere. There is also meant to be human verification of any flagged images.
In practice ?
(Edit: This is for the iCloud scanning. The (i)Message warning around sexting is a whole other issue)
> There is also meant to be human verification of any flagged images.
"Rest assured our system is safe, a random guy working in a digital sweatshop at the end of the world will get to see your naked baby pictures just to make sure you're not a criminal"
This is definitely an 'added' risk they need to qualify - how they will stop any verification from leaking private images.
One would hope that such checks should be minimal and therefore performed by suitably qualified (and equally audited) personnel. As you allude, it is more likely that such work is outsourced in the same way that the manufacturing of the phone is.
Apple never gets to see your photo. Even if the photo matches the database and even if you have enough photos matched to reach the threshold that lets Apple decrypt the hashes, the photo itself is not decrypted or sent to anyone as part of this process. Only the related metadata.
Amazon in the pursuit of Alexa quality control has most recordings manually reviewed by real people to see whether the response was appropriate. This includes any accidental triggers. It probably does not surprise that these devices have recorded sensitive information like bank details and passwords, or have recorded instances of domestic abuse which employees have been forced to listen to [1]. It absolutely wouldn't surprise me to learn that Apple will have a team of people reviewing everything that gets flagged, who will get to see everyone's private photos and also probably be exposed to real CSAM.
Jeepers good point, actually this went from an inconvenience to a total show stopper for me.
What will the job interview sound like for this job? “Do you have any experience in recognising child porn?”, “yes, many years, and great enthusiasm for the job”.
> There is also meant to be human verification of any flagged images.
So Apple does have access to everything you store on your phone? Either they're lying about being concerned about privacy or you don't have your facts straight.
Wait, if the Apple algorithm flags a photo of my kid in his bath, some unknown human is going to check the picture for verification purpose ? That's even more cringe.
If it’s a fixed db, not an “artificial sort-of intelligence”.
But that’s a stupid way around it, surely. Child porn is surely, and tragically, in continuous production. And really, it’s the production that is the biggest issue, this is the continued abuse of children. And that’s the one bit the algo won’t match against?
I don't know about you, but I just decided to switch from an iPhone back to a Nokia feature phone (where is mobile Linux when you need it?) and start backing out of Apple's ecosystem. I'm quite positive I can live without apps, just as I used to before Y2K. And, in case you're wondering, no: I have nothing to do with illegal adult imagery. [Edit #1] This article gets (at least) one thing right: when it comes to certain kinds of crime, an accusation is ALL it takes to destroy your life. [Edit #2] I used to laugh at all the "we have your password, send Bitcoin or..." spam. The first "you have a picture of a gray cat on your phone, send Bitcoin or..." message would give me a friggin' heart attack.
I'll get a small folder with decent battery life - anything that's dumb as a fencepost and fits inside my pocket. I was getting tired of carrying a large holster on my belt, anyway.
Probably hardware. GPS either requires a bootstrap starting point or it has to completely solve the equations to calculate the location (slow!).
Expensive phones triangulate via towers (fast!) and use that to bootstrap the GPS unit. Some GPS units don’t support that bootstrapping and are, thus, slower.
The mobile web interface of Google Maps is hideous and unusable. I had to use it from time to time, when OSM didn't have the data I needed, and I regretted every second of it.
Just take a mobile device and avoid matching it to any identity, if - like many - you have needed pocket computing power since forever and since forever you have been a private individual.
That's not really possible. iPhones require an iCloud account which even if not directly linked to you, serves as a pool of information that Apple can gather about you and work out your identity from. The second you switch on your phone, it connects to several cell towers and enables your position to be triangulated. As you move around between work, home, the shops, it's constantly informing the providers of your location. Even if you switch SIMs regularly, your device's IMSI number is static and serves as a unique fingerprint. Conveniently, spoofing IMSI numbers is illegal. Guess why.
Theoretically it might be possible to combat cell tower triangulation by having the modem only respond to one tower at a time and insert artificial latency to make it harder to work out your distance. But, another convenient fact: cell modems are all closed source, proprietary black boxes. They also have DMA (Direct Memory Access) to your phone.
Perhaps I should be wearing a tinfoil hat but these don't seem like coincidences to me. They seem like intentional measures to weaponise a tool in our everyday lives.
You mean a phone to receive a text for MFA? "Most" can't be more than that.
However there are a couple of new "Fintech" banks in the UK that are mobile app only. No website and I assume very difficult to get anyone on the phone. That seems crazy to me. Access to your bank is at the mercy of Google/Apple.
Rooted is unrelated, some apps require it, others don’t.
But several require their proprietary app to access the online banking website from your computer.
That list is outdated. I was doubtful DKB (which you can’t even use with rooted Android devices, I had to cancel my account via customer support because they decided to cut me off with a minor update) allows chipTAN, and the latest comment is that they stopped supporting it.
I'm regularly using chipTAN with a stand-alone TAN generator (similar to [1], based on optical flicker-code) for a DKB account. No problems so far.
Deutsche bank uses PhotoTAN, which supports hardware TAN generators [2].
Some banks use different but similar TAN generators (e.g. SecurePlus [3]), and I also witnessed Postbank accounts operated with USB-based TAN generators [4] called "BestSign".
AFAICS, no, they don't. If you don't install the bank's app, you are usually offered to use a stand-alone hardware TAN generator. I currently have 4 TAN generators for different bank accounts (because everybody seeems to use a different protocol).
On the positive side, a stand-alone air-gapped TAN generator feels much saver than using a (possibly back-doored) smart-phone to do on-line banking.
Obviously I can't speak for every country and every bank, but at least in two countries and with two banks they are trying really hard to get me off the hardware tokens and onto mobile phones.
They have done all kinds of dark patterns, for example they update the website (which eventually becomes a mandatory update), but that requires relinquishing the hardware token, or they update their mobile app, and if you even try to log-in into the new app they automatically cancel your token, etc.
When my token's battery died, they didn't want to give me a new one. They said they don't offer the service anymore. Only after escalating N times and explaining that I need a hardware token because their SMS-based 2FA didn't work internationally they gave me a new token. Suddenly it wasn't discontinued anymore. Now they moved off SMS-based 2FA to some mobile app, so I suspect next time I need a token I won't be able to get it.
Make no mistake, enjoy your TAN generator while you can, because you will not be able to enjoy it for long.
In the country I live in right now, the only way to get a proof for your COVID-19 vaccination is if you "voluntarily" enroll into some phone-based authentication scheme with your government that requires a modern, non-jailbroken iOS or Android device.
In germany (and I'd assume standardized throughout europe) COVID vaccination digital certificate is just that: a digitally signed certificate (encoding your name+vaccination meta-info) passed around via QR code. While you can use an App to read and present it, just having a paper-copy of the QR code (plus some ID document proving that the name on the certificate matches your person) should be enough to prove your vaccination status.
There is nowhere to get a paper copy from in my country. At least not without going through insurmountable hoops. I tried.
You have to log-in to a government website, and you do it either through a mobile phone registered with the government, or with a smartcard and a proprietary Java application. Pick your poison. (And they don't want to issue new smartcards either.)
Yes, exactly. Maybe you can protect yourself (a bit) by having two phones. One for browsing and communication and one to get official (banking/vaccination/etc) stuff done.
I'm not in Germany, but I am currently moving banks because the only way to do online banking is to have an Android or Apple phone, either for 2FA or for mobile banking. They don't have hardware generators. I currently have an old Windows phone (unsupported) and a Pinephone (unsupported), so no online banking for me.
There is a new EU regulation that requires certain security considerations. Sadly, all banks decided that the best way to implement those was to develop a proprietary solution for themselves and completely avoid anything even close to being standardized.
What bothers me is they all had 2FA in the form of certificates or SMS auth, and most of them moved off of that to some other solution (current bank has 3rd party login which I can do with a cert, the old bank only has an app). What's wrong with cert auth? It can't be less secure than an android app.
Some banks offer it (usually those with higher fees), but unless you count every separate Sparkasse and VR as their own Bank (for non-Germans: It’s similar-ish to a franchising system), I wouldn’t say "usually".
Mine has it as an option, but it also supports this[1] external tan generator. I use it since I do not understand how a single device that could hold all the data needed for online banking can be considered 2 factor, when its 1 factor at best.
I think a good balance between usability and privacy is to use LineageOS with MicroG (an open implementation of GApps APIs) or something like Sailfish OS.
> while waiting for the PinePhone and the Libre M to mature further.
This can't happen fast enough... though I can't get behind Purism/LibreM it's just too fucking expensive, basic privacy and ownership of your device shouldn't be a privilege.
In case you hadn't heard this story, all PinePhones in a recent batch of shipments were redirected to NewZealand, regardless of their final destination [1]. Some people were suggesting that this could mean they were possibly tampered with.
I switched to an iphone about a year and half ago and I’m feeling it too. My current plan is to switch to a lineageOS device. Apple has completely run off the rails in the past year, from aggressive politicking to now complete abandonment of their core values.
I didn’t even realize apple had the ability to do something like this? Can someone explain how this is even possible for them to do? This wasn’t an update was it? Just a flipped switch?
But without an update to the os or even an app on the os, how are they able to make this change? I’m not in this space but id love to understand the technicals here, especially the ramifications for, ‘what else are they capable of doing without my permission?’
Ah, thanks for clarifying the question, and it's a really good one, and I haven't seen the answer to that. I'm guessing it would have been part of one recent update to the OS, and the feature then gets enabled on a certain date or remotely or something like that.
And your final question "What else are they capable of doing without my permission?" --- the answer is anything they want. Concretely, what are the capabilities installed NOW that they can take advantage of, who knows exactly?
As an example, I do remember a looong time ago Google remotely removed apps from Android phones, pretty sure Apple could or might even have done so as well.
Apple has the ability to do so[0]. I believe they have used it against malware in the past, but finding articles is proving to be complex.
Another solution for apple is to simply revoke the codesigning certificate that is used to sign the app, which will render the application un-runnable.
That's the issue - apple devices run an opaque blob signed by the entity developing it which is also is in possession of the source code which it does not share with anyone, so users can't inspect it to see what it actually does.
For comparison in a Linux distro:
- everything is built from source on distro infrastructure, users can inspect any an all source code of everything running on their machine
- software updates are transparent and not enforced, user can read changelog or compare source code of the updates
- software updates of individual packages don't usually go directly from upstream open source software developers but via a package maintainer in the distro, for each distro
- if an upstream project introduced fishy stuff like Apple is doing would almost certainly be noticed by either one of the package maintainers or users due to changes in the source or in software behavior, alerting others to do source code analysis and stop the attempt from affecting users
Nothing technical prevents them from putting something in ring zero which does silent updates without announcing them, but that's not what's happening here.
Privacy was never a "core value" at Apple. Have people forgot about Prism? During that, Apple bent over backward to give data to the nsa. Other companies like yahoo sued to try preventing it. Privacy is a marketing tactic at apple they used when they realized it could be used against their competitors like Google who have business models based on knowing as much as possible about their consumers.
Actually voicemail and calls can (and are) scanned for content as well. Best to stick with in-person conversations only, not around any technology that has a microphone.
It's not (only) about the hardware, both PureOS and Plasma Mobile platforms are nowhere near production-grade software, likely cannot be even considered beta-quality by an end-user.
postmarketOS mostly only supports well very old devices, and the Pinephone which is also based on completely outdated hardware. I wish there was something a little more recent with Linux support.
What is not “production-grade” about PureOS? It’s the same OS they install on their laptops and the mobile options are baked into GTK. Do you use PureOS? As far as I understand it’s just Debian, with some changes to Gnome and both of those run in production in lots of places.
Sailfish OS is mobile Linux and can run on smartphones. I didn't personally use it but the website claims it to run on the Sony Xperia 10 II from 2020.
Purchasing Sailfish has some geographical restrictions.
"Sailfish X is currently available in the countries of the European Union, Norway and Switzerland ("Authorized Countries") and the use of our website and services to purchase Sailfish X outside of the Authorized Countries is prohibited."[0]
This is effectively just (understandable) CYA on Jollas part, likely due to the some countries respecting the insanity that are software patents.
In practice only the act of buying the actual Sailfish OS license in https://shop.jolla.com needs to be done from the the EU/supported countries. That can be done via a EU VPN and none of the Jolla provided services (RPM repositories needed for system updates, etc.) are geoblocked. I went to Japan with Sailfish OS phone twice with no issues at all.
I have been using Sailfish OS since its launch in 2013 and it works fine, even for regular users (if you install it for them).
I have recently installed it on the Xperia 10 II you mention as well use a couple Xperia X devices in the family. Use the Jolla 1 & Jolla C before back when Jolla still manufactured their own devices.
Frankly, before some of the PinePhone distro mature, this is the only really usable Linux distro based independent mobile OS. And it has been available for years, yet people don't seem to be aware of it or seem to ignore it for some reason.
And if you have any questions about Sailfish OS, fire away! :)
One of the reasons I want the Xperia 10 II is because of the TOF sensor and the camera array.
Does the Sailfish OS offer software which utilises those?
For some reason the default camera only uses the "normal" camera but the Advanced Camera application from the community repos (Open Repos) can use all three without issues.
No idea about the ToF sensor - I woukd guess it could be used unless it nerds some weird Android blobs to function.
I've been aware of it but the fact that there's proprietary parts makes it a non-starter for me. Why leave one closed-source ecosystem to go join another? I'll get a phone I can flash with postmarketOS/Plasma Mobile/Ubuntu Touch instead.
Because Sailfish OS works now and is mikes better in both openness and privacy violations than both iOS and Android ?
And while I agree that the closed source parts are stupid I still think Sailfish OS is a good stepping stone to full open distros and hardware once they reach sufficient maturity.
How's the Anbox support on it? I'd like to keep using the large F-Droid app ecosystem until native alternatives are as good.
Also have they resolved the kernel updating issue? All phones which ship with Android 11 or lower are unable to have their kernel updated because each device uses a modified kernel[1]. Phones which ship with Android 12 like the Pixel 6 all use the same Android Common Kernel, so it's enabled Google to guarantee the Pixel 6 will have at least 5 years of kernel and OS updates for the first time in Android's history.
The 50€ for a Sailfish OS license also pays for a (proprietary) Android emulation layer (called Alien Dalvik, originally by the Miriad Group) that works really well. More here:
You can even install microg or full blown Google apps if you really want & are fine with the implications (still less problematic having Google stuff in the emulator than on a native device IMHO).
There have been actually also some attempts to get Anbox running on Sailfish OS as the community ports dont get the Android emulation layer, only officially supported devices.
As for major version kernel update issues - they did not, but I am not really sure it's that problematic in the end.
So basically they base their port on the best kernel version + blob bundle from the Sony open device program at the time, then stick with it. Apparently the way updates of these low level things work on devices originally shipping with Android are too stupid and fragile to make supportable over the air updates possible for Sailfish OS.
They could port the adaptation to newer bundle from the open device program and either mandate re-flashing or support two versions based on different kernels on a single device. Both not very good options imho.
Still, not updating the major kernel version does not mean the Don support the devices or newer rebuild the kernel. All the Xperia devices in the program are still getting OS updates, including security fixes for the kernel. They actually only recently dropped support for their Jolla 1 handset released in 2013.
It's just when you really need the latest kernel features or the most advanced Android emulation layer you might need to get the most recently supported device.
Thanks for the info! The limited supported hardware and kernel updates has me hesitant still but I'll give it another look, it's been years since I did last.
While not as fast (+ I think keeping parts of it closed is stupid and never gave them any benefit) as I would like there is definitely continuous progress being made in Sailfish OS, not to mention a very nice community of users, app developers, translators, device porters and contributors to the open parts of Sailfish OS.
If Spyware Engine is allowed to be installed by some idiot with company in his hands to amplify his idiocy, what prevents another idiot with company in his hands to do the same?
And how about specially crafted 'normal' pictures sent to individual to trigger the system? Special mind would have a perfect tool to get some one down / put into the troubles.
Once things like Apple is doing become normalized, the next step becomes making it illegal to distribute or use software that doesn't do it. So running your Linux phone will be illegal, and why would you want to do that anyway, except to look at child pornography?
Similarly, non-sanctionable digital currencies like Bitcoin will be made illegal.
Avoiding modern tech is a workaround, but will be get increasingly hard as the world becomes increasingly reliant on it. (Cash, also, will have to go away.)
Yep, I'm gonna go into a dumb phone if those changes go in. Privacy was the whole reason I was in Apple's ecosystem. If they're gonna spy on me, even if it's a good reason, then there's no privacy anymore. Basically: fuck them.
Which is why I hope that steam deck success. It'll open many more option for linux portable, and hopefully linux mobile based on steamos will follow through.
It's more like a small tablet, I presume. That's fine as long as more apps appears on steam os natively, and that it can also run on the mobile device.
I’m in the same boat. I loved Apple’s stand on privacy. That seems to have now been thrown out the window. I despise child abuse but this isn’t how you protect children. What are my options on Android? Any smaller phones? Everything I see there is enormous. I loved my original iPhone SE. :(
I’d like something like my 4 inch iPhone SE but I know that is impossible. How about 4.7 inch range like the new iPhone SE?
Edit: If anyone is ever reading this and looking, I went with a Pixel 2, has a 5 inch screen and a good camera. I'll see how it goes. Will be nice to not be locked into Apple anymore.
Any Android One phone is clean (aside from Google ofc). Sadly the program will probably be cancelled because many manufacturers want their own spyware installed on phones. I think Android will at some point fail.
There is librem and pinephones and they don't look bad, but don't expect many apps and interoperability. Some people regard that as a plus.
Don't even get me started with the 1 in a trillion probability, we know adversarial images could be created that will trick the system even when you don't have access to the model.
One in a trillion? I wonder what assumptions went into computing that number, and I cheer for the "courageous" person who is bluffing it inside the company. Anybody in tech knows that whatever assumptions were valid yesterday are very likely to break today or tomorrow, and with it, whatever piece of software used it. Apple should know better, they have zero-day exploits regularly. And that's before even accounting for the political pressures.
I can't precisely buy a new phone in a whim, but I'm not trusting my well-being to any "one in a trillion" in the marketing of a company.
One in a trillion. How many photos are taken every day on iPhones? I can assure you that it’s a non-zero number of “one in a trillion” at least once a week.
>Let's see if fear of AI is greater than brand loyalty and convenience
I don't think so - I think corporations and governments are getting better and better at PR and so, we'll see, slowly but surely, more and more features like this.
Didn't system in Minority Report worked absolutely amazing except several edge cases by super rich who would easily get away with murder in current society anyway? I know movie is used as an example of something very bad, but why, never got it.
But with murders they have an objective statistics that murder rate fell to zero, which is pretty cool by itself.
Most of murders are not premeditated. I guess stopping people who in head of the moment would kill would be enough but they weirdly went further than that.
In the beginning of the movie guy was going to kill his wife, if you believe technology of predicting future they have.
> we know adversarial images could be created that will trick the system
It could maybe be used to perform a kind of DDoS attack on the human verification stage by increasing false-positives, but I doubt a non-child-porn image would fool a human into thinking it looks like child porn just because of some carefully-applied noise.
Also, in what conceivable way is this like Minority Report, ie three psychic humans, floating in a pond, hallucinating the future?
I guess that would be for the defence to bring up in court given the images will be supplied by the police and they will consider them to be genuine child pornography
Im really starting to develop a visceral hatred for Apple.
They are talking sanctimoniously about privacy out of one end of their mouth, put on a family friendly face by banning anything offending prude sensibilities, while having no qualms about doing as much business as they possibly can in China. Now this.
They are the ultimative dystopian corporation, I find them even worse than Facebook in that regard, at least Facebook has some interest in free speech and does not operate in China.
I guess the reason I am so angry is that I like the devices and engineering marvels they can produce. But I cannot be a customer of this.
> at least Facebook has some interest in free speech and does not operate in China.
That wasn’t really their choice, and they’ve been trying to find a way back into the market since the day they were banned. They still make billions of dollars every year on ads from Chinese buyers that run globally.
> Most cloud services — Dropbox, Google, and Microsoft to name a few — already scan user files for content that might violate their terms of service or be potentially illegal, like CSAM.
There's an expectation that what you upload on the cloud will get some scrutiny, being on somebody else machine.
But here they'll scan the local files on your own device, that you supposedly "own" (but not really, because Apple already locked it up to make sure you can only install stuff they have approved and taken a cut off)
The compute is on the edge; the data is local, just marked for cloud sync. This way, you get to pay for the capital and energy costs of the scanning instead of Apple.
Am I misunderstanding that this is the literal last step for a photo destined for iCloud, and a way to keep apple from having to decrypt your private photos to scan them? With iCloud sync off, does this scan still happen?
Correct. Functionally there is no difference to what Google does with their own cloud photo service. The only difference is where the processing occurs.
Turning off cloud photo syncing will disable the scan on both Android and iOS.
It's only a matter of time until this comes to non-Apple devices as well, I think. Personally, I'm biding my time with Android phones hoping that phones where I personally control the software running on them can become usable.
First it will be to catch those pesky pedophiles. And terrorists, they fell out of fashion recently, but let's not forget about them. Then, obviously, we need to cut hate speech, homophobia, transgenderphobia, antifeminism, racism and all those bad, bad things. And fake news and misinformation, all those covid vaccination/lockdown skeptics in the first place.
And at the end we will be allowed to talk only about the stuff that three or four corporations and their political associates are fine with.
terrorists didn't fall out of fashion, they just need a break to recover. Hence the retreat from Afghanistan. You can't fight against terrorism if you run out if terrorists
I do not know the details, so I can speculate only. A lawsuit may yet happen if that is the only way to free up the money. However, a lawsuit is expensive and time consuming, so it is probably not the best place to start. Also, I don't believe the bank has any obligation to do business with a customer, so the most you could hope for would be to free up the funds. I believe the author would prefer to continue to be able to bank unimpeded (and switching banks won't help as the problem will follow unless and until it is cleared up). Finally, the bank has a pretty good defense. They are required by law to impose the sanctions, so prudence requires them to act first and ask questions later.
at first I was going to ignore this comment and all the leading questions, but then I saw you were OP.
it wasn't a xenophobic or islamophobic comment nor was it condoning the reality or your experience with it, it was an observation from how you wrote your post and what I know about the world
Apologies for divining malintent. No, I don't have a name like that. And it shouldn't matter even if I have. If you read my name, you wouldn't think I'd be on a list. But here I am.
Now we just need to place a photo on our opponents phones - journalists, politicians, someone whos job you want, you name it - and their phone will call the police itself and bring the proof too, and it's their burden to prove their innocence.
What's changed is that I could've once taken reasonable measures to mitigate that risk. All of that's now in Apple's hands and they've got no reason to protect me.
An attacker who has a way to place multiple illegal images onto someone’s phone and into their iCloud Photo Library without their consent… it’s an interesting idea but how is it possible?
Not very long ago we would have said, "an attacker who has a way to remotely control someone's iPhone without their consent simply by sending a text message... It's an interesting idea but how is it possible?" Then we learned about NSO Pegasus and that it was not only possible, but was already being done to the phones of unsuspecting victims across the world.
There’s the whole NSO Pegasus that answers for how regarding remotely. However social engineering is also possible. Drunk out in town makes an easy target for a skilled social engineer.
Think of all those leakers or hackers who just happened to always have kiddie porn on their devices. Somehow. This has been the default state of things.
The issue here has nothing to do with children, they would always use 'children' as excuse. The issue here is installation of Spyware Engine.
The very fact of existence of such Spyware Engine has effect that each person would behave as 'someone is looking'.
This means zero privacy. This means 'no privacy' feeling. Everyone is more 'careful' when people around. And this has prolonged effect on society's freedom, democracy and rights of individual because independent thinking happens when true privacy is there.
Even a fear of false triggering the system and exposure of one's private thoughts/pictures/events to other people during 'sorting out false alarm' would make people behave differently. Even if they have nothing to do with any children the fear that their private moments can become public just because some AI would decide so would make each person think twice about each step.
This is a huge attack on privacy of individual and should not be taken lightly. The effect will be also huge. Just imagine what they will do next if they get away with this. Just imagine what other companies will do once this is accepted for apple devices.
I think this can/should also be considered as a fraud because when one bought apple device one was never told that spyware would be installed some day later.
Edit: I think it should be illegal/made illegal to install any spyware on any device for any excuse without warant. Spyware is a Search of 'home' without warrant to some degree, isn't it? Done through the hands of some private company under some excuse... What about Fourth Amendment?
There is a nonzero price to enforce norms and laws.
For instance, let's imagine a technology emerges that can render any wall in a building transparent and penetrable for a short time, without affecting the structural integrity of the building. How much easier would it make the job of the law enforcement! How many crimes would it help prevent or at least detect! Of course it will be a securely guarded technology, so that it won't fall to hands of random strangers, malicious hackers, or burglars; only the law enforcement agencies would use it, and only for legitimate purposes! Honest.
Would you endorse such a technology in your town? Mandate it for your neighborhood? Why? Are you comfortable with the idea that a number of crimes will go undetected or not prevented because this feature is not implemented? Not rhetorical questions all.
I think the context is suitable: the arguments for increasing efforts of law enforcement, because "think of the children", accompanied with promises that only the good guys will have the new technical means, and the law enforcement won't even make honest mistakes using it, to say nothing of ever abusing it.
I love cyberpunk because its predictions are all coming true, so I feel that I've got a fair warning.
This is stuff directly from Deus Ex (1999). Repercussions for posting wrong memes are also mentioned in Deus Ex, and are also coming true. (The epidemic situation is not that dire as depicted there, though. At least not yet.)
There is a complicated legal and political process because there are a lot of things which are criminal that really shouldn't be. Historically, the law has been used to come down hard on people who:
* Say bad things about the king.
* Said good things about the king.
* Are homosexual and attempting to live their life.
* Are black and attempting to live their life.
* Are foreign, regardless of activity.
* Are female and attempting to own property.
* Are local but not the right type of local.
* The actual person is OK but they're trying to help the Jews.
* Own the wrong book.
* Worship the wrong god.
And in hindsight it is generally agreed that those laws were poorly thought out. Giving the police tools to enforce 100% compliance with the law is by no means a sane thing to do. And if that is the plan it would behove us to make sure the law is good first. Which it obviously isn't there are gaping holes in every legal system.
Now in the West there're just as many taboos. You can't openly discuss lots of things. Maybe there's no criminal penalty for this (although in some EU countries there's already a criminal penalty for wrong^H^H^H hate speech, same is planned in Canada), but by saying "wrong" things you'll be expelled from society, expelled from your job.
Is taking one taboo and just turning it upside down actually good? Punishing homosexuals was wrong but is forcing people to change gender, brainwashing children with homosexual propaganda and persuading children to change the gender by chemical and surgical means better?
I predict that in 5-10 years in USA it would become obligatory to participate in "pride parades". People who avoid them would be put on "the list".
This situation is not symmetrical and it looks absurd.
There's a writer famous in Russia - Victor Pelevin. In his last book he stated something that was almost obvious to us: USA now is the same totalitarian society as was USSR.
«Современная Америка — это тоталитарный совок 1979 года с ЛГБТ на месте комсомола, корпоративным менеджментом на месте КПСС, сексуальной репрессией на месте сексуальной репрессии и зарей социализма на месте зари социализма». Но разница в том, что «в совок 1979 года можно было привезти джинсы из Америки, а сегодняшняя Америка — это такой совок, в который джинсы уже никто не привезет». «Американская культура в современном виде — это проект ГРУ. Яд "novichok" отравил североамериканскую душу и заструился обратно в Россию. (…) Когда все, связанное с Россией, демонизировано на Западе, сетевые дурочки, прививающие здесь американскую культурную репрессию под зычный храп ФСБ, кажутся по-своему трогательными: геройкам слава! Но если рассказать им, что на самом деле они внедряют созданные ГРУ химеры, они столкнутся с таким сарказмом судьбы, который перенесет не всякая душа», — пишет в своем романе Голгофский.
(too long to translate, but basically: "Contemporary USA is a totalitarian Soviet state from 1979 with LGBT in place of comsomol, corporate management in place of Communist Party, sexual repression in place of sexual repression, and dawn of socialism in place of dawn of socialism. But the big difference is that it was possible to bring jeans and bubble gum from USA into Soviet state of 1979, while there's no place from where you can bring "jeans" into contemporary USA" (mocking the myth that jeans and bubble gum were tokens of western "freedom" in USSR).
Maybe you should read the news on the other side of the fence. In the UK, LGBT training is a compulsory class for children. Many Muslim families are pulling their children out of school because they're not being given the choice to withdraw their children from classes where opinions about sexuality are being presented as fact in contrary to the principles they want to raise their child with.
Many? You sure about that? Also, "opinions about sexuality are being presented as fact in contrary to the principles they want to raise their child with". How do you think things like that help? We want a tolerant and inclusive society, thank-you. I know gay Muslims in the UK. Can you imagine what life is like for them?
> In the UK, LGBT training is a compulsory class for children.
This is way overhyped. It's barely more than “gay people exist, don't bully them” most places. One lesson in PSHE class – maybe two or three, if you get lucky and your teachers decide to teach you about binary trans people too, or if sexuality is mentioned in the Equality Act lesson (which mostly focuses on disability and maternity leave).
> opinions about sexuality are being presented as fact
By this logic, we should ban other children from talking about their religions in schools; they're likely to say things like “Jesus is God” or “God isn't real”. It's unlikely a religious child would get particularly confused with a teacher exposing them to different views on morality, given how much they're already exposed to that.
What does "LGBT training" mean? What I gather is that what they are teaching kids is, in essence, "be kind to each other". Do these families that are protesting not have the same biases against gay people that the person I originally responded to has?
I’ve seen some media in the last few years that definitely qualifies as LGBT propaganda and would therefore be banned under Russian (and other countries’) laws.
The most recent I can think of is that creepy Blues Clues episode… why do prepubescent children need to know about Pride and any sexuality at all?
The reasonable middle to me is to introduce LGBT issues in sex-ed when kids are going through puberty and treat it with decorum. You can punish homo/transphobia when it occurs, not try to program it out of literal toddlers with a creepy song about families marching.
I never learned about marriage in school, I learned about it from my parents since it is a global social norm.
I would teach them about false equivalence in school however.
Anyway the issue isn’t with kids learning about LGBT, it’s HOW they learn about it. I wouldn’t promote nightclubbing or pickup artistry to my kids. I do also have issues with how aspects of mainstream ‘straight culture’ are pushed to kids as well.
For example, drag is an inherently adult form of entertainment now being pushed to kids. Grown men throwing money at drag kids makes my stomach turn. Two moms or dads taking their kid to play in the park does not.
Of course I would campaign for it to be accessible. It would be a complete revolution in archeology, architecture, engineering, maintenance, rescue and firefighting and geology should it also work on rocks.
Not sure I see the relation to Apple laying Fully Automated AI ThinkPol groundwork though.
Let's assume that it only works with thin walls, so it has limited archaeology use. Firefighting is a very fair point.
Would you, reader, trust the firefighters to not abuse such a power by mistake? Would you trust the chance of it being abused for the chance of being rescued during a serious fire? Not an easy question.
You can put checks and balances in place. Firefighters have vehicles with ladders, but they don't drive up to houses and break-and-enter. If it can be made obvious when they're using it, and there's independent oversight, I think the trade-off is definitely worth it.
>Of course it will be a securely guarded technology, so that it won't fall to hands of random strangers, malicious hackers, or burglars; only the law enforcement agencies would use it, and only for legitimate purposes! Honest.
Here lies the problem. You can't guarantee that. Law enforcement itself has criminals. In some countries law enforcement is even one of the largest collection of criminals.
And then something like Trump happens. Do you really want to give such powers to people like Trump and it's followers, not to mention more malicious ones?
There is no way that this technology is only used for good.
And what comes on top, it doesn't stop crime, just it's modus operandi.
If they can't use their computer to handle certain data, they use hacked ones and hide it there. You know the trick how drug smugglers use the suitcases of tourists to smuggle their drugs?
I run a shipping company. You want to send a package. It is illegal for me to handle and ship certain things (e.g., nuclear bombs). Further, I don’t want to handle any of those things. Furthermore, if I find those things (e.g., when a package breaks open), I am legally required to alert the authorities.
What assurance can you provide to the me (the shipping company) that there is nothing illegal in your box? Suppose I ask you to attest but then I find out later that a bunch of people have been lying on their attestation forms which means I have been unknowingly, undesirably made party to illegal activities? Every other company solves this by simply opening everyone’s package and looking. Suppose my shipping company’s clever engineers invent a detector I can give to you that doesn’t require me to look inside the package but can tell me with some certainty that there are no illegal things in the package. What statistical properties would the detector need to have to satisfy you that this was better than forcing every package open?
This isn’t an analogy, it’s just reality, right up to the sentence “every other company solves this by simply opening everyone’s package”. Every shipping company doesn’t open every package today, and in the real world there are no magical package opening robots, though there are some specialized detectors. So we already know from experiment that imperfect detection is better than forcing every package open.
It is an analogy to what Apple is doing. Analogically you are sending something to Apple to handle for you (either store or ship) and they have legal obligations and business requirements. Every other company manages those by ‘opening your package’ is analogous to server-side image scanning like PhotoDNA.
PhotoDNA is analogous to the detectors. The analog of “opening every package” would be human review of every picture.
We already have real world evidence for “what statistical properties the detector would need to have” to be better than opening every package, because the real delivery companies are literally doing this today. There’s nothing hypothetical about the question.
Perhaps the analogy could have been clearer and the hypothetical more broad. I was trying to press on the difference between the shipper doing a very specific test vs some functionally similar but unknown test being done by the shipping company (the server-side test is unknown, it could be hashes, non-hash based image comparison, or manual review). I wasn’t asking about something like the sensitivity or specificity of those tests, rather, why we would be fine with one and not the other when the difference is not whether but when, where, and what test is applied.
That’s a pretty good analogy, but it’s what you do with the detectors answer that’s the problem. If you just say: “The detect says no, we won’t accept your package”. Then there’s no problem.
Apple could do the same, simply letting the user know that this/these images cannot be uploaded to iCloud, and then do nothing else.
The problem is that the results of these scans are pretty useless. They don’t prove anything. While Apple knows that law enforcement and politicians will believe it’s 100% correct, because they don’t even understand that DNA can be wrong, and demand customer names from Apple.
> And it is always pretended that the bad guys can only exist on the client side and not on the supervisor side.
This is very much the crux of it.
Back during the immediate post-9/11 era there was a huge push to restrict all kinds of civil liberties (and the birth of today's surveillance state) in the name of preventing the next terror attack, which could be "a mushroom cloud" in the words of George W. Bush.
There's a problem with this reasoning.
Osama bin Laden wasn't some random dude who got radicalized. He was a member of one of the wealthiest families in the world. He was born rich, grew up rich, attended Harvard, and had a family that rubbed shoulders with heads of state and were directly connected to the Saudi royal family.
Osama bin Laden was a member of what I've heard described as the "superclass," those who are beyond just being "merely rich" in that they possess not only vast wealth but internationally diversified wealth and powerful political connections.
He was of the social class that is behind the glass of a surveillance state, and if he wanted to avoid any possibility of surveillance himself he and other members of his class could easily afford expensive security consultants and specialized devices. They could also afford armies of attorneys to get them off any lists and out of any trouble.
If someone detonates an atomic bomb in Washington DC, it will not be some random middle class youth who got radicalized on a 'chan board or a Facebook group. It will not be some random protestor or dissident. It will be someone like Osama bin Laden. It will be someone with the money, expertise, connections, and background to find, recruit, and pay the personnel required to obtain or build a nuclear device. It will be someone with the connections to organize the logistics to smuggle it into the country and put it in position.
It will be a member of the global elite.
People with bin Laden's level of wealth and privilege are the dangerous ones. The lens of scrutiny should be aimed at them. One member of the middle class radicalized with toxic ideology might shoot up a school, but one elite radicalized with the same ideology could blow up a city or engineer a super-plague.
The risk to the existing order comes from outsiders with leadership abilities.
Osama bin Laden's $30MM (per Wikipedia) inheritance from his estranged family no doubt greased some skids, but mission-driven people with charisma come from all socioeconomic backgrounds, and some of them succeed. (FWIW he did not attend Harvard, and AFAIR never set foot in the US.)
The general pattern is that the wealthy are, on average, supportive of the existing order. They are the winners of the current game. Of course there are always rebellious children who are motivated by religion or power or fame etc, but most of them are feckless due to their upbringing. And ultimately, there are so few of them.
Leadership abilities can be found across all economic strata. Most are happy to leverage their talents into moderate economic advantage, but some are driven by "larger" causes.
I would say that the intersection of leadership abilities, belief in a "larger" cause, belief in victimization, and a willingness to harm innocent people (or to blame them for their inaction against your oppressor) ... is what leads to the risk of violence against the existing order.
Looks like you’re right about Harvard. I’ve heard that claim for years but it seems to be a confusion with another member of the (large) family and controversy about Saudi money at Harvard.
My point is that people with money and power are far more able to execute large scale crimes, and not just terrorism. Meanwhile surveillance is experienced more and more as you move down the socioeconomic pyramid.
Apple is catching flak for this but overall their devices respect privacy more than most cheaper devices. They also cost a lot more. Your average cheapo phone or laptop comes absolutely stuffed to the gills with spyware and runs older OSes with bad security. The poorer you are, the more spyware riddled and insecure your devices probably are.
Bin Laden did take a course at Oxford and palled around with Britain's best and brightest of the young. So there is some connection with the West's elite universities.
Bin Laden certainly has been to Oxford, but I’ve not heard of any connexion with the university.¹ I wouldn’t say that those attending language schools and similar tend to interact much with students of the university. With the exception of a few cramming programmes for admissions, the ‘best and brightest’ (I assume by this you mean those sufficiently academically able to get into Oxbridge as matriculated students—I daresay the average Imperial mathmo is brighter than the average Cambridge land economist) tend not to take courses in Oxford outside the university, since they mostly use the name ‘Oxford’ to entice gullible tourists who don’t realise that these places have nothing to do with the university.
You are forgetting that if the alt-right movement is not itself a product of GamerGate, it got an enormous JATO boost from GamerGate. One of the darkest eras in recent American history -- the Trump administration -- happened in large part because some basement nerds were pissed that a woman wrote a God-damned video game.
Do not discount the effects of chan boards and Facebook groups so foolishly.
I lived through that idiocy and you're not wrong, but I really don't think all those trolls and Pajama Nazis would be particularly dangerous without elite backing.
Some of it may have been organic at first, but things don't stay organic for long these days. The instant there's even a whiff of a popular movement that can be exploited the propagandists are on it... especially if it's a movement that can be exploited so as to win an election or make money. The thing that made that stuff dangerous was elites and their water-carriers like Steve Bannon, Donald Trump, Milo Yiannopolis, Rupert Murdoch, etc. empowering and steering all those useful idiots.
The Pajama Nazis have a camp of doppelgängers that I've come to call Basement Bolsheviks, but they haven't had much impact since that camp of idiots doesn't seem useful to anyone with money and power (yet?).
The fact that they've decided to move this processing from their servers to the local device means they 100% intend to scan all of your photos and not only those that you upload to iCloud in the future.
I don't think they do. I also don't think they can easily decrypt icloud as you're making it out to be.
However... yeah. This is a massive breach of trust. Having any spyware agent on my device is disgusting. I can't imagine the abuse cases this sort of thing can be used for.
Apple have a fairly detailed page on the approach including independent evaluations. Which states that it’s only for iCloud. But there’s no reason why this couldn’t change in the future.
Well, simple minded people will always try to use that rhetoric.
I see the same pattern with pro-vaccine and "anti-vax", either you support vaccines or you are labeled "anti-vax", all is black-and-white without any nuances.
That sort of discussion rarely leads to any productive outcome.
> I think this can/should also be considered as a fraud because when one bought apple device one was never told that spyware would be installed some day later.
I have an itch that somewhere in the hundreds of pages of EULA no one ever reads there is a "You accept that Apple has the right to modify its software at any time for any reason" kind of thing
I'm pointing out that sensibility is determined by multi-person consensus which by definition will tend to exclude a lot of viewpoints.
The presence of legitimate common sense (an actual concordance of principles, life experience, understanding, and the existence of a fungible nominative signpost that will be reliably reproduced within error bars) is surprisingly difficult to hew and maintain. It morphs over time, and is exactly why these multi-national tech companies implementing things like this is so terrifyingly dangerous. If they implement the capability to do a thing, they are now the movers of the political Overton window by realizing the means. They are literally shaping the rhetorical landscape.
Example: Let's say the push for this intrusive client side scanning came from the U.K., and the U.K. marketplace alone accounted for enough business to make it too painful to NOT do (simplifying economic/business assumption for illustrative purposes, and just picking on the U.K for because they are $not_my_jurisdiction). In the U.S. (Third Party Doctrine aside), this feature would be something that would be a U.S. Constitutional violation (4th Amendment) if mandated by the legislature short of an Amendment, yet since it would be done out of expedience in the absence of someone telling them NOT to do it, they'd ship it by default on American phones anyway. The mere existence of the capability greatly increases the willingness of jurisdictions to use it. This means the most privacy eroding jurisdictions are creating a race to the bottom for infecting everyone else barring population Al refusal to say No unambiguously.
I don't know why this jurisdictional backdooring isn't more obvious to people than it is. Or maybe I'm just starting to grasp how politics actually works vs. working in theory, but this really does seem to be completely screwing up how process is supposed to go. This is nothing short of a private entity taking the practical reins of power, and the political edifice coming along behind and post-facto rationalizing what the actual trailblazers are doing.
To be frank, this terrifies me even more than Congress being in charge. Congress's process rounds out most things to some level of effectual benign nature. Tech companies though? If you even start asking the important questions about higher order effects, either out the window you go, or everyone looks at you like a nut.
If Spyware Engine is allowed to be installed by some idiot with company in his hands to amplify his idiocy, what prevents another idiot with company in his hands to do the same?
And how about specially crafted 'normal' pictures sent to individual to trigger the system? Special mind would have a perfect tool to get some one down / put into the troubles.
"And how about specially crafted 'normal' pictures sent to individual to trigger the system? Special mind would have a perfect tool to get some one down / put into the troubles."
Exactly this was my first thought.
Sad that these days my first thought, if some new "system" to prevent/catch something/one is introduced, is "How could this system be abused to blame somebody?".
Of course, that can be the basis for blackmail but I guess that what's going to happen most frequently will be a parent sending a bathroom or beach picture of a child to his/her spouse or parents, getting flagged and... what? This is going to happen tens of thousands of times pretty soon.
But you don't take your clothes off in places with cctv, because you know that you don't want to be recorded doing that.
People are aware where and how they are recorded.
Phones are (well.. were) private, people take nudes, do naked video calls and all the other related stuff, because they trust that there is only one other person watching this, and they usually trust that person.
Now, we're one step away from trump-beats-cnn-gif-meme getting into the hash database to flag all the trump supporters. When the next wikileaks happens, and they can track who had the documents/photos/videos first, possibly even before they got leaked. Someone (4chan,...) can email you photos an videos that are of something random, but crafted in a way to create a false positive (a bit slower form of swatting).
This is basically setting up cctv in your bedroom, saying it's there "to protect the children" and trusting some stupid algorithm to look at you.
Someone stole my Aunt's laptop a while ago, but she managed to hunt the person down and get it back only to find the bloody thing had it's password reset, accounts wiped, etc...
She gave it to me to get back in working order, and I had to ask her if she was interested in pressing charges, because handing it to me may compromise chain of custody of any investigation. She decided not to proceed with filing charges, but just wanted me to investigate and restore the bloody thing.
The person in question sync's their mobile content to that laptop. I had more than enough evidence of phone use while driving, who they were associating with, where they were hanging out, what they were doing, etc.... I didn't even have to try digging.
Do not underestimate the level of mindless information spillage by modern devices, nor the level of exposure guaranteed always on, officially acknowledged hooks into your device sensor or input feeds offers.
We have had to remind (older) family members at times to not send pictures of their young children/relatives if the pictures have any nudity or could possibly be considered suggestive.
Even if not illegal in any way, it’s one of those things where even an accusation can be seriously damaging. The prospect of your phone continually scanning your photos will make that even worse.
> each person would behave as 'someone is looking'.
They (that is, we) should already. We should assume being looked at, unless we can reasonably prove it's not so. In all public places, for certain. Using all public services, for certain.
This decision erodes the trust in personal handheld terminals (quaintly still named "phones"). This is great that the announcement is made publicly. I can easily imagine a similar feature to be deployed tacitly in other countries and other platforms.
If your consumer hardware auto-updates, it's "their" hardware where "their" is the set of all software vendors with keys allowing them to auto-update anything on your computer.
> Just imagine what other companies will do once this is accepted for apple devices.
No need to imagine.
China flat out censors chat programs and discussion sites, and some words will instantly get you put on "the list".
Winnie the Pooh, for example.
Oh, you say that you're just interested in the wonderful literary works of A. A. Milne, but that's what the anti-government types always say! Prove your innocence in this kangaroo court, and you'll be let off with merely a stint in a re-education camp.
I was using Tantan last year, a Chinese dating app. I tried to send a woman I was flirting with a message like “that pic of you is sexy”, and the app warned me against using vulgar language.
I can’t say sexy. In a dating app. With a woman I matched with. What am I supposed to do? Say she’s doing a great job of maximizing her gene pool’s potential for aesthetic presentation in the context of a romantic setting?
> I can’t say sexy. In a dating app. With a woman I matched with.
Would you go into a Christian church and start preaching about Hindu gods? Some might, but nearly everyone would say it's disrespectful of a different culture.
So it seems to me like it'd be a cultural difference. In Western culture sex is prominent (America, Europe, etc) even if repressed (America). In Chinese culture... well I'm going to assume it's still very much repressed.
Seems like you’re exercising a lot of social control over the couple. Why shouldn’t they be allowed to privately communicate their feelings. Simply chalking up social control to “cultural differences” ignores the fact that these aren’t cultural mores developed independently, but the results of a highly moralizing tyrannical government trying to assert social control for the material benefit of those at the top.
Indeed. After all, the application is supposed to be only a conduit for a private conversation between two people.
Two adults can negotiate their own communications protocol. Just because you met someone in a Catholic church, doesn't mean they aren't interested in Hindu gods or in sexuality. People are not defined by the culture they live in.
A dating app that tells you what you can or cannot say in a 1:1 conversation isn't a conduit for private communication - it's acting like a chaperone on the date. Except normally, chaperones are there to prevent sex, not police thoughts.
> Why shouldn’t they be allowed to privately communicate their feelings.
I agree.
> Simply chalking up social control to “cultural differences” ignores the fact that these aren’t cultural mores developed independently, but the results of a highly moralizing tyrannical government trying to assert social control
I've never been to China. But even from an outsider's point of view your statement strikes me as self-centered. What right do you have to enforce your own morals upon an entire other nation?
> a highly moralizing tyrannical government trying to assert social control for the material benefit of those at the top.
Western countries are arguably the same. How does that make the Chinese government wrong and Western countries right?
> Seems like you’re exercising a lot of social control over the couple.
To circle back to this comment; am I? The control is over the internet. Until they've met in real life you're just a stranger on it. Strangers on the internet can be very dangerous and with very little repercussion. Governments have an obligation to protect their citizens. So you should speak kindly and respectfully. You never know what words might upset the other end.
When you meet in person then you're putting your own person at risk for the words you say instead of just an online pseudonym. When you meet in person the stakes have been raised. What does the government do to prevent the couple from talking sexy after they've met in real life? I'm sure there's a lot but once you've met in real life then either you're physically in their culture or they're physically in your culture and respect boundaries must have changed.
Can that system be abused for the people at the top? Absolutely. Is it abused for the people at the top? Well I live in America and so I see a lot of anti-China propaganda so I'd argue that it probably is. But you'd be blind to think that China's alone in that.
> What right do you have to enforce your own morals upon an entire other nation?
Careful with this argument. What right did the Northern States have to enforce their own morals upon the Southern States (which had ceded, and were therefore their own country)?
I'm not saying you're wrong. I'm saying this is not valid justification.
> What right did the Northern States have to enforce their own morals upon the Southern States (which had ceded, and were therefore their own country)?
That's a very good argument. But let me counter: we fought a war over it. That's what gives us the right to enforce the North's morals over the South's. Do you want to fight a war against China over our differences?
Even disregarding the war itself; that was about slavery and human rights (freedom) with strong undertones of racism. So if you want to make privacy a human rights issue then sure and yes. I'll even agree with you: I think privacy should be a human right! But until privacy is a human right recognized and enforced then again: what right do we have to enforce your own morals upon an entire nation?
UN's UDHR Article 12 [0] is very light about privacy (and what it even means) and (IMO) has a very very poor history of enforcement of human rights. Even more, it states:
> No one shall be subjected ... to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
And I would argue that statement extends to calling someone "sexy" which might be an insult to someone with different morals than yours.
It depends on the context. The fact that it's a dating app means both people expect a certain privacy in their words and a certain "vulgarity" like calling eachother sexy without repurcusions.
Just like a porn website doesn't shield you from porn because it's "on the internet" , a dating website shouldn't shield you from intimate language.
> What right do you have to enforce your own morals upon an entire other nation?
Aren't they suggesting that the individuals involved decide what kind of language is appropriate for their conversation? I can't imagine how you'd call that "enforc[ing] your own morals" upon anyone, let alone an entire nation!
Actually it's a good advice from Tantan. Chinese dating culture is very different. I'm not sure "sexy" is going to be received well, especially if she uses a translator (which is common).
You would think any western nation would make a counter draft for freedom. But just look at these cowards...
The US has its own problems, but who should take something like the EU seriously? For what stands this union of countries? For absolutely nothing. Extremely weak, especially considering the union was advertised as standing for common values.
The common values of the European Union are there, visible for all: graft through subsidies and comfy posts for you and your political allies. Tried and proven, works beautifully, all the politicians love it!
That definition of Spyware Engine has existed for a while. Every browser checks sites and downloads using Google's Safe Browsing [1]. Firefox constantly phones home to googleusercontent and AWS. Apple sends hashes of every application you run on MacOS to its Akamai hosted service -- try blocking Akamai on your firewall while still connected to the internet and the OS becomes unresponsive. The OS features to scan and report home have been around for a long time.
I think Apple checking photos before they uploaded to its own servers is their way around the Fourth Amendment while using relatively similar methods that they already use for malware.
Devil's advocacy aside, I buy the slippery slope argument and I find these methods reprehensible and open to abuse. I agree with all of it. I think this new addition is a step on the downward slope. I don't use MacOS, nor Windows, nor any cloud services personally. I keep an iPhone 7 around to chat with "iMessage" friends -- and this is the straw that stops me from using for that. I have never used iCloud for photos even when I was using an iPhone regularly.
I used to have an Android phone, which I also never sync'd with Google's cloud/drive. Then after an update, the sync-to-cloud option was automagically turned on again and my photos started to upload. I deleted them from the cloud and swore off ever using an Android phone again.
Addendum: That Mozilla support link is also interesting in terms of privacy. It's flagged as a privileged page for me so it loads Google Analytics that would otherwise be blocked by browser extensions.
It seems like the fourth amendment would be more applicable in Apples case, as it's doing the searching within your own home, where searches are explicitly forbidden.
A strong belief of mine is: the technology should never betray its owner. Regardless who the owner is, regardless if they are benevolent, regardless of their wishes or background.
They are doing everything client side so it seems like an apartment complex saying you are not allowed to have fires inside your apartment so they installed a smoke detector in your apartment. Most people would agree that it's a reasonable check because they don't plan on burning down their apartment but yes, if they keep pressing on it can definitely become orwellian.
> The issue here has nothing to do with children, they would always use 'children' as excuse. The issue here is installation of Spyware Engine.
I'm not sure that's entirely true. There is a reason stuff like this is debatable and is being considered by a reputable company. It is not black and white and both sides have some valid arguments. There are absolute atrocious monsters in this world and apple is in a tough spot. They are locking down their devices and it is keeping both bad and good guys out. You may think good riddens, they both shouldn't be able to get in but there are downsides to building a completely impenetrable device (e.g. tor is great for freedom, but also makes it a lot easier for criminals to operate). They are receiving pressure from law enforcement and no doubt people in their company have glimpsed the horror of child abuse and want to do something about it. They wouldn't be able to sleep at night if they did nothing, but they also won't be able to sleep at night because of the incredibly slippery slope they just stepped out on.
We also don't live in a libertarian society and I don't think most people would like the reality of living in one. On the state security and personal liberty spectrum, I think they united states is a lot closer to libertarian than we are to the ccp tho but there is no spot on that spectrum where everyone will be happy. Finding the least bad spot is an incredibly difficult problem for Apple.
That's what they say. And we should trust them on this because...? More importantly, even if they're doing everything client-side now, why should we trust it won't change in a few years?
Also, they aren't doing everything client-side. For this measure to be useful, it has to send out the hashes, or that there were matches detected, to the company, and ultimately the law enforcement.
> it seems like an apartment complex saying you are not allowed to have fires inside your apartment so they installed a smoke detector in your apartment
This situation is not like a fire. A fire in one apartment threatens the entire building (and everyone in it), and it spreads very quickly like started. This is more like installing chemical sensors in every apartment that will automatically call the police when they sniff out illegal drugs. You have nothing to fear if you're not an illegal drug user... unless the sensor has a false positive against your medication. Or the volatiles from your cooking. Or the cleaning agents. Or a jar with a mix of benign substances that someone sent you to screw with you. Or...
Perhaps people would mind less if they could trust the system will work. But anyone with even little bit of exposure to tech industry already knows that these systems don't work, and data collected is routinely abused.
> And we should trust them on this because...? More importantly, even if they're doing everything client-side now, why should we trust it won't change in a few years?
If you use an Apple phone, you have no choice but to trust them. They produce your phone and control everything on that phone. Did you trust them before? If so, why and why would you not trust them now with this feature? If you didn't trust them before and don't trust them after this feature, you probably shouldn't use one of their phones.
> This situation is not like a fire. A fire in one apartment threatens the entire building (and everyone in it), and it spreads very quickly like started. This is more like installing chemical sensor...
I would consider a sensor that detects drugs in apartments a lot more orwellian and I'm pretty sure that something like that would be a lot more controversial than what apple is doing here. They are not adding a feature to catch people that use drugs, just child predators. There is a massive gap between the two and there are zero people that consider allowing child predators to exist is a good idea. I'm also pretty sure that there are zero people that agree that letting apartments burn down is a good idea.
> Perhaps people would mind less if they could trust the system will work. But anyone with even little bit of exposure to tech industry already knows that these systems don't work, and data collected is routinely abused.
Yep, exactly, this changes nothing really. I hate apple products and I don't use any, but their reputation is the least bad and I trust them more than others.
There are horrible monsters in this world, we don't live in a libertarian society, most people don't want to, and a lot of people will be completely fine with sacrificing client side scanning of their pictures to catch those horrible monsters out there. This issue is not black and white/right versus wrong. There are trade offs and it was a judgement call by apple. Everyone has some line where they would be ok with this feature. If it helps avoid the scarring of 1,000 children per year, maybe you don't think its worth it, but there is some line where everyone concedes. I don't really know what is an acceptable amount of horribly scarred children to trade for not having one's pictures scanned on one's phone but if they keep their word and it doesn't turn into an orwellian nightmare, then I would be incredibly grateful for every scumbag they help take off the streets.
> This means zero privacy. This means 'no privacy' feeling. Everyone is more 'careful' when people around. And this has prolonged effect on society's freedom, democracy and rights of individual because independent thinking happens when true privacy is there.
100% agree, this is called a "chilling effect", shutting down discussion and giving more power to the status quo.
> "The very fact of existence of such Spyware Engine has effect that each person would behave as 'someone is looking'. This means zero privacy. This means 'no privacy' feeling. Everyone is more 'careful' when people around."
These are pressures which likely help keep society relatively stable. People's behaviour is guided and influenced by what other people might think of it, and human ancestral environment up until cities(?) was small groups and families and villages where everyone knew everyone else's business. I don't think we should take it as given that changing that is unarguably for the better. Historically there was always the chance that someone would eavesdrop, or see your diary lying around, or open your mail,
> "And this has prolonged effect on society's freedom, democracy and rights of individual because independent thinking happens when true privacy is there"
Citation needed because "Please don't machine-process my photos because I get so anxious I can't think" sounds like a problem you need to deal with, not a problem for everyone else to deal with. So does "The effect will be also huge. Just imagine what they will do next if they get away with this." - always jumping to the worst possible doom scenario is something people see therapists about.
> "The issue here is installation of Spyware Engine."
This is no more than a bank having to make sure you aren't storing stolen diamonds in their bank vaults, and they've now found a way to check only the things people are about to bring into the bank to alert the bank as early as possible.
I'm glad you've nailed the crux of the problem - if this is no more than a bank making sure you aren't storing stolen diamonds in their bank vaults -- then surely the analogy to bank vaults here is 'the phone you purchased from Apple'.
But you are right - as long as they have the right to push code to your device at any time, it isn't really yours. Shame it costs so much to keep the bank's vaults in our pockets at all times.
This system does not stop you keeping whatever you want on the phone you purchased from Apple, it only affects what you try to send to iCloud, so no the analogy to bank vaults is not your phone, it is asking Apple to hold your data on their servers and people trying to send them illegal data to hold.
But it's a single line-of-code change away to change that. If someone amasses troops along your border for 'military exercises', do you just trust them not to walk over if they find no defenses there?
as someone who use custom ROMs entirely for 10+ years there is hardly any comeback possible, since they would need to be used in first place in past, how many phones had custom ROMs at peak 0.1% ? Plus good luck installing custom ROM without affecting functionality of phone or installing at all, Sony will mess your camera, Huawei/Honor doesn't allow it at all, Oppo/Realme will disable fingerprint sensor, Samsung will trip the knox and some features will never work again, so what's there left? pretty much only Pixel and Xiaomi, unless you wanna tablet only Pixel which is hardly distributed anywhere in world
Custom ROMs are like Linux. Only advanced users will use them.
Regarding the functionality we lose when using a custom ROM, I think the trick is to use a device from a "modding friendly" brand. Samsung, Sony or Huawei are not modding friendly. Get a OnePlus, Asus, Xiaomi/Poco/Redmi or Google Pixel and most if not all hardware will work fine.
(My experience is based using the OnePlus 3, OnePlus 8 Pro and Redmi Note 9S with LineageOS and a Asus Zenfone 6 with OmniROM. Fingerprint works fine and even more exotic features like the IR blaster on the 9S or the flip camera on the Zenfone 6 works.)
Now, by replacing the original OS you also remove some things that makes the phone better. Eg: the stock camera app, which often gives you better processing (there are modded GCam apps that might help fix this, alternatively you can save DNG/raw files). One useful feature that I had on the Zenfone 6 that custom ROMs can't give me is the ability to stop charging at a certain % (can be done with Magisk, but it's not supported by the ROM itself).
The main problem for me are the apps. Many require Google services and Google's safetynet and both are a problem if you decide to use "pure" Android. Even if one decides to install Google Apps to have the Play Store and their other services, there's still the safetynet issue that gets triggered just for unlocking your device.
Tomorrow are all Macs(heck PCs) also going to come under the same ambit? How is one supposed to work on classified business or government tasks if a piece of software is actively gong to rummage through it all.
The poster was mistaken for someone that was correctly sanctioned (at least in the legal sense). The risk she perceives with Apple is that they will falsely accuse people of crime.
These are completely different situations. Not to mention how infinitely unlikely it is that _several_ of your photos would be similar enough to known abusive material to be flagged.
>There aren’t enough people (nor PR capital) to look through all of your photos.
This is a nonsense sentence. They ARE going through all your photos, both in this effort, comparing hashes, and for classifying your photos with ML, a highly publicised feature. Both happen on device.
> The risk she perceives with Apple is that they will falsely accuse people of crime.
In my country, there was not so long ago a case of a person wrongly accused of murder[0]. He spent 18 years in prison, despite there being no convincing evidence of him committing the crime. The people invested in the case wanted to have a scapegoat ASAP. Cases related to pedophilia are often very emotionally-charged, given the nature of the crimes. It can easily lead to hastily made decisions that can ruin many lives.
> Not to mention how infinitely unlikely it is that _several_ of your photos would be similar enough to known abusive material to be flagged.
Given enough time and enough attempts, there still is a possibility of something like that occurring. And this is with an assumption that the algorithm used will be correctly implemented with no false positives at all – something that I doubt even a manual analysis by humans would be able to achieve given the volume of data to check.
My point was that the article has nothing to do with the Apple situation. Being confused for someone rightly accused of a crime is very different from being falsely accused.
And I'm not sure what your main point is. Yes, sometimes people are wrongly accused, even convicted. Is that argument against having a legal system, or what are you trying to say?
I am trying to say that over eagerness in searching for a crime where there is none could cause more damage than it is worth. Those committing the crimes would quickly switch to other methods, but those innocent would be caught by accident.
I am also not saying that such people should be left free and unpunished, but that the method proposed could cause far more bad than good, in my humble opinion of course.
A legal system of some kind is obviously necessary, but using argument of thinking about `insert a group of people you should care about` can easily lead to abuse of the established laws.
At least these popups will install the knowledge in children, that technology is not trustworthy and secure by default. Better than making them believe otherwise.
>> Random noise due to lighting conditions that takes an innocent photo (or, more likely, an intimate photo of you or your partner) and makes the algorithm assume that it is similar to a restricted photo.
What algo is Apple using to compare 'similar' hashes from images, does anyone know?
With an M1 Mac or heck any soldered storage chip, you can't really be sure if data is swiped correctly. Whether on your own devices or on a second on device, before getting caught by stupid client side application with check for arbitrary documents.
553 comments
[ 2.8 ms ] story [ 316 ms ] threadIf this was a problem, would we not be seeing a slew of complaints about innocents being dragged through the mud with OneDrive and PhotoDNA? The only thing unique about Apples implemention is that it's client-side.
In the story it didn't became a well known issue since it would happen only to few unlucky individuals.
The same goes for the unintended asset freezing.
- You don't like storage provider - you don't use it
- You don't like ecosystem/smartphone provider - you don't use it
On top of that you can opt out even now by disabling updates it just means that you won't have access to the newest iOS and take risk that at some point software developers will stop supporting OS you decided to stick to.
This just doesn't work like this in our day and age. We are one ecosystem (android) away from complete domination of this scanning technology. You could argue that I could use a librem or something but at that point all librem users automatically become suspicious because "all major manufacturers have this, he probably has something to hide".
you could as well live in woods away from society, but that's obviously not the solution to bad laws
If Google decides to implement this, which doesn't seem very unlikely because of the optics of NOT implementing this, people who aren't tech savvy won't really have a realistic way to opt out.
I just don't think there is very much evidence that in practice false positives are a big issue and the article is very much pushing that argument.
That said, many hosted providers/social networks have similar features - they just have server-side implementations and might not have felt the need for disclosure.
I would agree on a purely technical level your phone is already pwned by Apple so worrying about this on a technical level is closing the barn door after the horse got out. However from a social perspective one of the holdouts against photo scanning has stopped being a holdout, and doing things from client-side makes it seem less wrong to do other things client-side.
Besides the privacy stuff, this also is a bit more of a slide towards software that you purchase being ultimately controlled by and for the benefit of parties other than yourself.
In practice any major cloud provider is going to or is already doing this. We need a better regulatory approach, it isn’t practical to put the responsibility on providers.
https://www.macrumors.com/2021/08/05/apple-csam-detection-di...
"CSAM image scanning is not an optional feature and it happens automatically, but Apple has confirmed to MacRumors that it cannot detect known CSAM images if the iCloud Photos feature is turned off."
We won't get one though, because the "think of the children!!!" crap is extremely pervasive and anyone going against it will be smeared as a pedo defender.
In that mindset, the answer is absolutely to combat and to attempt to change broken laws first.
Also, it isn't just "think of the children". For instance, there have been some _terrible_ proposals under the banner of Right to Repair. People tend to not want to invest the time in understanding the ramifications of the actual proposals, and instead vote for or against the concept. One of the reasons ballot measures are both empowering and terrifying.
Good regulations take time and care - and generally, less is more.
That has to be done on the phone because Messages is end-to-end encrypted. If they are going to have to have hash matching on the phone anyway for that, it makes sense to also use that for checking images that are to be sent to the cloud.
Presumably it is client side so that they can do anonymization/encryption of photos on the server, and treat any data access outside the account and account they have shared the photo with as an audited and cross-organizational event.
But if you want to use another hosted service, you can... and likely get their implementation of a similar system. Presumably this is US regulatory compliance.
This is going to bite more innocent people through false positives than criminals who already know how to get away with these things.
It is not a ML model but a list of known image hashes, and is only enabled for US-based accounts, furthering my suspicions this was minimum-effort for regulatory compliance.
Note they _do_ have a feature (also announced today) that uses ML models, but it is meant for local filtering and parental controls/notifications. This feature is also US-only and the parental notifications policy is fixed and age-based. I believe this is both to fit into regulations (e.g. US recognition of rights based on age) and into cultural norms.
I suspect they will have different rules in different jurisdictions when this rolls out further in the future.
[1]: With separate key escrow HSMs for account recovery and legal compliance with e.g. court-ordered access.
the tech runs locally, but only on those photos.
and in real life governments elected by the people have been pushing for this for years. the result has been google and all the other cloud providers already implementing this. apple was the last big one to hold out.
will they expand this in the future? sure, whatever. the system is so broken, and i’m so powerless, that at this point in time it doesn’t matter what i want.
at least it will only apply to the US. the ROW is spared. at least for now.
Even if the hashing and matching happen on the local device, a match can only be revealed server-side. The hash database distributed to local devices will be blind hashed with a server-side secret key and the locally derived hash match will need to be decrypted with that key to be read by Apple. So theoretically if the local device doesn't upload content to iCloud, no content matching can be revealed, even if the hashing and matching has been done locally.
Of course, you also need to trust that Apple won't be uploading those locally derived hashes to iCloud without the user's permission if iCloud backups are disabled.
[1]: https://www.apple.com/child-safety/pdf/CSAM_Detection_Techni...
You are consenting to the upload and are aware that it can be searched so not a legal problem.
Law enforcement will also review the picture in the cloud instead of busting your door to search your phone and the whole scenario from article.
When they do it client side they can't just upload your content on hash collision. (or maybe they do which is also a problem in itself)
- The scanning will be performed only if photos are to be uploaded to iCloud.
- The database will be encrypted multiple times in a way that it can't be clearly read.
- There's not notification to Apple in any way in case of matches.
- Instead, each match result is again encrypted in a way that is inaccessible to Apple and uploaded together with photo
- If there a lot of positive matches, they eventually will become able to decrypt it. That's when they will do manual check, lock the account if it is correct and notify authorities.
This is just another case of, 'your phone' is not yours. People stores their lives and thoughts in a device that they have no control of.
I am not against those use per se. I am worried about what it means legally. The minimum that we need is a more clear legal framework. This is a private company accessing personal data without consent and without any formal requirement from law enforcement.
This is specific to photo synchronization to the cloud, which is an optional service.
In that sense, it isn't really doing anything different than say a OneDrive photo sync app - except it is doing the check on the client side, rather than having the server decrypt to do the check.
It is part of the default install and setup wizard, but thats a battle we lost decades ago in the PC world. You still have to opt into iCloud synchronization for this to be enabled.
Yeah, the only thing unique is installation of Spyware Engine in personal device that will do 'who knows what' later. What can possibly go wrong?
Other hosting providers do similar scans, but they do not do them within the client-side component. Presumably, this is done to give the hosting environment no access to the actual data (e.g. data access such as by subpoena becomes a cross-organizational auditable event)
I know the feeling.
And while we all agree about the fact the child porn should be stopped and people should go to jail for it, apparently "what happens on your iPhone stays on your iPhone" only until Apple says so.
https://twitter.com/chrisvelazco/status/1081330848262062080
Do you suppose any government is going to pass laws which prohibits companies from scanning photos for CSAM either on-device or in the cloud? When half the time it's being done at the insistence of those self same governments?
I was lucky to have not one but two uncommon surnames. (grandmother remarried, children got an extra surname). There are only a dozen people with that combination of surnames.
How can you be sure of that?
French immigrant mother so French first name and middle name, and then an uncommon British (Welsh I think, dad's parents didn't learn English until they got to secondary school) second name.
For the benefit of non-Polish-speakers:
- Nazwiska - surnames
- żeńskie - female
- męskie - male
He was denied an operation at the bank once, but was quickly able to clarify the issue and unblock it (probably he got lucky).
But he had to have himself removed from the white pages and the ring label (ring label? whatever, il citofono :D) because of violent threats.
This is a major part of the problem with algorithms: what if the issue is "computer says no" and that's the most detailed explanation you can get?
In the end, they thanked me for cooperating (they were actually quite friendly and polite in general, not like going I to the US, for example) and explained that they were looking for someone with the same name as me.
After a bit of investigating I found out that I had been placed on the Credit Industry Fraud Avoidance System because different spelling of my name had been used in previous applications. This was seen as an attempt to get past credit checking, in reality the people entering my name in to their systems mis-spelled/mis-typed my name. As a result of someones carelessness I was flagged as being risky.
Casual identifiers have to be stored as plaintext. To facilitate record matching (linking) across data stores.
The only way to enable full field level encryption for data at rest is to issue everyone GUIDs.
If we're not willing to do that, for whatever reason, the status quo (a boring dystopia) will persist.
cite: Translucent Databases
As for the photo scanning isn’t it already happening?
It can absolutely help with misidentifying individuals forever and ever.
I somehow doubt it.
In practice ?
(Edit: This is for the iCloud scanning. The (i)Message warning around sexting is a whole other issue)
That shouldn't make anyone sleep soundly at night. The person at the other end has no incentive to not turn your life upside down.
"Rest assured our system is safe, a random guy working in a digital sweatshop at the end of the world will get to see your naked baby pictures just to make sure you're not a criminal"
One would hope that such checks should be minimal and therefore performed by suitably qualified (and equally audited) personnel. As you allude, it is more likely that such work is outsourced in the same way that the manufacturing of the phone is.
[1] https://www.theguardian.com/technology/2019/apr/11/amazon-st...
What will the job interview sound like for this job? “Do you have any experience in recognising child porn?”, “yes, many years, and great enthusiasm for the job”.
I’m looking for my old Huawei phone now.
So Apple does have access to everything you store on your phone? Either they're lying about being concerned about privacy or you don't have your facts straight.
But that’s a stupid way around it, surely. Child porn is surely, and tragically, in continuous production. And really, it’s the production that is the biggest issue, this is the continued abuse of children. And that’s the one bit the algo won’t match against?
I'm looking at doing the same and I noticed Nokia has published the source code for the 8110 (I believe kaios runs ontop of Linux)
Expensive phones triangulate via towers (fast!) and use that to bootstrap the GPS unit. Some GPS units don’t support that bootstrapping and are, thus, slower.
Theoretically it might be possible to combat cell tower triangulation by having the modem only respond to one tower at a time and insert artificial latency to make it harder to work out your distance. But, another convenient fact: cell modems are all closed source, proprietary black boxes. They also have DMA (Direct Memory Access) to your phone.
Perhaps I should be wearing a tinfoil hat but these don't seem like coincidences to me. They seem like intentional measures to weaponise a tool in our everyday lives.
Nope. I have several dev devices. None of which have an iCloud account setup.
Didn’t do anything special; just skipped it at setup.
However there are a couple of new "Fintech" banks in the UK that are mobile app only. No website and I assume very difficult to get anyone on the phone. That seems crazy to me. Access to your bank is at the mercy of Google/Apple.
Deutsche bank uses PhotoTAN, which supports hardware TAN generators [2].
Some banks use different but similar TAN generators (e.g. SecurePlus [3]), and I also witnessed Postbank accounts operated with USB-based TAN generators [4] called "BestSign".
[1] https://www.voelkner.de/products/476429/REINER-SCT-tanJack-o...
[2] https://genostore.de/db/phototan-lesegeraet/92/phototan-lese...
[3] https://cb.kobilshop.com/secureplus-generator/1/secureplus-g... securePlus Generator
[4] https://www.seal-one.com/devices.en#DiVc3100KLink BestSign
On the positive side, a stand-alone air-gapped TAN generator feels much saver than using a (possibly back-doored) smart-phone to do on-line banking.
They have done all kinds of dark patterns, for example they update the website (which eventually becomes a mandatory update), but that requires relinquishing the hardware token, or they update their mobile app, and if you even try to log-in into the new app they automatically cancel your token, etc.
When my token's battery died, they didn't want to give me a new one. They said they don't offer the service anymore. Only after escalating N times and explaining that I need a hardware token because their SMS-based 2FA didn't work internationally they gave me a new token. Suddenly it wasn't discontinued anymore. Now they moved off SMS-based 2FA to some mobile app, so I suspect next time I need a token I won't be able to get it.
Make no mistake, enjoy your TAN generator while you can, because you will not be able to enjoy it for long.
In the country I live in right now, the only way to get a proof for your COVID-19 vaccination is if you "voluntarily" enroll into some phone-based authentication scheme with your government that requires a modern, non-jailbroken iOS or Android device.
You have to log-in to a government website, and you do it either through a mobile phone registered with the government, or with a smartcard and a proprietary Java application. Pick your poison. (And they don't want to issue new smartcards either.)
I've run into a few that require 2FA - either SMS or email, your choice.
[1]https://www.mediamarkt.de/de/product/_reinersct-tanjack%C2%A...
I’ve been looking at trying something like a Pixel but with Calyx as a first step while waiting for the PinePhone and the Libre M to mature further.
This can't happen fast enough... though I can't get behind Purism/LibreM it's just too fucking expensive, basic privacy and ownership of your device shouldn't be a privilege.
[1]https://news.ycombinator.com/item?id=28002447
I didn’t even realize apple had the ability to do something like this? Can someone explain how this is even possible for them to do? This wasn’t an update was it? Just a flipped switch?
And your final question "What else are they capable of doing without my permission?" --- the answer is anything they want. Concretely, what are the capabilities installed NOW that they can take advantage of, who knows exactly?
As an example, I do remember a looong time ago Google remotely removed apps from Android phones, pretty sure Apple could or might even have done so as well.
Another solution for apple is to simply revoke the codesigning certificate that is used to sign the app, which will render the application un-runnable.
[0]: https://www.macrumors.com/2008/08/06/apples-ability-to-deact...
This means they can intercept even e2e encrypted messages such as signal, if they wanted.
When you control kernel, you can do anything, to anything running on that system.
For comparison in a Linux distro:
- everything is built from source on distro infrastructure, users can inspect any an all source code of everything running on their machine - software updates are transparent and not enforced, user can read changelog or compare source code of the updates - software updates of individual packages don't usually go directly from upstream open source software developers but via a package maintainer in the distro, for each distro - if an upstream project introduced fishy stuff like Apple is doing would almost certainly be noticed by either one of the package maintainers or users due to changes in the source or in software behavior, alerting others to do source code analysis and stop the attempt from affecting users
Nothing technical prevents them from putting something in ring zero which does silent updates without announcing them, but that's not what's happening here.
Basically, is it with interacting with Apple users if you are worried about that problem?
Here it is: https://puri.sm/products/librem-5 and https://www.pine64.org/pinephone/.
[1] https://wiki.postmarketos.org/wiki/Devices
It also supports the Librem 5, but also the Oneplus 6 and 6T
* benchmark results faked by software
* personal data collection
* backdoor
All of these do not appear on the English page so there's a link to the French one : https://fr.wikipedia.org/wiki/OnePlus#Controverses
It costs $50, though.
https://jolla.com
"Sailfish X is currently available in the countries of the European Union, Norway and Switzerland ("Authorized Countries") and the use of our website and services to purchase Sailfish X outside of the Authorized Countries is prohibited."[0]
https://shop.jolla.com
I think it is because of the USA's allowance of trivial patents which act like a trade block.
In practice only the act of buying the actual Sailfish OS license in https://shop.jolla.com needs to be done from the the EU/supported countries. That can be done via a EU VPN and none of the Jolla provided services (RPM repositories needed for system updates, etc.) are geoblocked. I went to Japan with Sailfish OS phone twice with no issues at all.
For reference:
- getting SFOS from outside of EU:
https://together.jolla.com/question/184861/ask-purchase-sail...
https://forum.sailfishos.org/t/has-jolla-abandoned-sailors-i...
- stats from the community Sailfish OS software repository showing a lot of traffic from countries outside of the officially supported area
https://openrepos.net/statistics/global
I have recently installed it on the Xperia 10 II you mention as well use a couple Xperia X devices in the family. Use the Jolla 1 & Jolla C before back when Jolla still manufactured their own devices.
Frankly, before some of the PinePhone distro mature, this is the only really usable Linux distro based independent mobile OS. And it has been available for years, yet people don't seem to be aware of it or seem to ignore it for some reason.
And if you have any questions about Sailfish OS, fire away! :)
No idea about the ToF sensor - I woukd guess it could be used unless it nerds some weird Android blobs to function.
And while I agree that the closed source parts are stupid I still think Sailfish OS is a good stepping stone to full open distros and hardware once they reach sufficient maturity.
Also have they resolved the kernel updating issue? All phones which ship with Android 11 or lower are unable to have their kernel updated because each device uses a modified kernel[1]. Phones which ship with Android 12 like the Pixel 6 all use the same Android Common Kernel, so it's enabled Google to guarantee the Pixel 6 will have at least 5 years of kernel and OS updates for the first time in Android's history.
[1] https://lwn.net/Articles/830979/
https://jolla.zendesk.com/hc/en-us/articles/201440787-What-A...
You can even install microg or full blown Google apps if you really want & are fine with the implications (still less problematic having Google stuff in the emulator than on a native device IMHO).
There have been actually also some attempts to get Anbox running on Sailfish OS as the community ports dont get the Android emulation layer, only officially supported devices.
As for major version kernel update issues - they did not, but I am not really sure it's that problematic in the end.
So basically they base their port on the best kernel version + blob bundle from the Sony open device program at the time, then stick with it. Apparently the way updates of these low level things work on devices originally shipping with Android are too stupid and fragile to make supportable over the air updates possible for Sailfish OS.
They could port the adaptation to newer bundle from the open device program and either mandate re-flashing or support two versions based on different kernels on a single device. Both not very good options imho.
Still, not updating the major kernel version does not mean the Don support the devices or newer rebuild the kernel. All the Xperia devices in the program are still getting OS updates, including security fixes for the kernel. They actually only recently dropped support for their Jolla 1 handset released in 2013.
It's just when you really need the latest kernel features or the most advanced Android emulation layer you might need to get the most recently supported device.
Thats what kept me there for all those years. :)
Did you take PureOS into account ? It is the Linux OS installed on the Librem 5 phone. https://puri.sm/products/librem-5/
And how about specially crafted 'normal' pictures sent to individual to trigger the system? Special mind would have a perfect tool to get some one down / put into the troubles.
Once things like Apple is doing become normalized, the next step becomes making it illegal to distribute or use software that doesn't do it. So running your Linux phone will be illegal, and why would you want to do that anyway, except to look at child pornography?
Similarly, non-sanctionable digital currencies like Bitcoin will be made illegal.
Avoiding modern tech is a workaround, but will be get increasingly hard as the world becomes increasingly reliant on it. (Cash, also, will have to go away.)
I’d like something like my 4 inch iPhone SE but I know that is impossible. How about 4.7 inch range like the new iPhone SE?
Edit: If anyone is ever reading this and looking, I went with a Pixel 2, has a 5 inch screen and a good camera. I'll see how it goes. Will be nice to not be locked into Apple anymore.
https://www.phonearena.com/phones/size/Google-Pixel-4a,Googl...
Keep in mind that bezels have gotten much smaller over time.
There is librem and pinephones and they don't look bad, but don't expect many apps and interoperability. Some people regard that as a plus.
There's the Pinephone these days, but it's not ready for general consumption.
Let's see if fear of AI is greater than brand loyalty and convenience. An unstoppable force meets an immovable object.
Apparently Apple has a team working as AI police. These people decide who gets reported.
> While noting the 1-in-1 trillion probability of a false positive, Apple said it "manually reviews all reports made to NCMEC to ensure reporting accuracy." (https://arstechnica.com/tech-policy/2021/08/apple-explains-h...)
Don't even get me started with the 1 in a trillion probability, we know adversarial images could be created that will trick the system even when you don't have access to the model.
I can't precisely buy a new phone in a whim, but I'm not trusting my well-being to any "one in a trillion" in the marketing of a company.
Not arguing with the general sentiment though.
I don't think so - I think corporations and governments are getting better and better at PR and so, we'll see, slowly but surely, more and more features like this.
It could maybe be used to perform a kind of DDoS attack on the human verification stage by increasing false-positives, but I doubt a non-child-porn image would fool a human into thinking it looks like child porn just because of some carefully-applied noise.
Also, in what conceivable way is this like Minority Report, ie three psychic humans, floating in a pond, hallucinating the future?
They are talking sanctimoniously about privacy out of one end of their mouth, put on a family friendly face by banning anything offending prude sensibilities, while having no qualms about doing as much business as they possibly can in China. Now this.
They are the ultimative dystopian corporation, I find them even worse than Facebook in that regard, at least Facebook has some interest in free speech and does not operate in China.
I guess the reason I am so angry is that I like the devices and engineering marvels they can produce. But I cannot be a customer of this.
That wasn’t really their choice, and they’ve been trying to find a way back into the market since the day they were banned. They still make billions of dollars every year on ads from Chinese buyers that run globally.
But here they'll scan the local files on your own device, that you supposedly "own" (but not really, because Apple already locked it up to make sure you can only install stuff they have approved and taken a cut off)
only the files you upload to apple photos.
Turning off cloud photo syncing will disable the scan on both Android and iOS.
Further, they are looking into doing something similar as Apple:
https://bgr.com/tech/whatsapp-refuses-to-use-facebooks-creep...
And at the end we will be allowed to talk only about the stuff that three or four corporations and their political associates are fine with.
This stuff happens all the time. Banks will even shutdown your account for suspicious activity and refuse to tell you what activity was suspicious.
I bet its probably more like Abdul Mohammad and the 100 variations of spelling that in English
edit: as anyone that gets OFAC list updates daily would notice
Also, it’s hard not to read your comment and wonder if you hate a large proportion of the human species,
> I bet its probably more like Abdul Mohammad and the 100 variations of spelling that in English
it wasn't a xenophobic or islamophobic comment nor was it condoning the reality or your experience with it, it was an observation from how you wrote your post and what I know about the world
The law of large numbers.
And, consequently, a sanctioned person could probably do the same to avoid sanctions.
All in all - it’s very possible.
The very fact of existence of such Spyware Engine has effect that each person would behave as 'someone is looking'.
This means zero privacy. This means 'no privacy' feeling. Everyone is more 'careful' when people around. And this has prolonged effect on society's freedom, democracy and rights of individual because independent thinking happens when true privacy is there.
Even a fear of false triggering the system and exposure of one's private thoughts/pictures/events to other people during 'sorting out false alarm' would make people behave differently. Even if they have nothing to do with any children the fear that their private moments can become public just because some AI would decide so would make each person think twice about each step.
This is a huge attack on privacy of individual and should not be taken lightly. The effect will be also huge. Just imagine what they will do next if they get away with this. Just imagine what other companies will do once this is accepted for apple devices.
I think this can/should also be considered as a fraud because when one bought apple device one was never told that spyware would be installed some day later.
Edit: I think it should be illegal/made illegal to install any spyware on any device for any excuse without warant. Spyware is a Search of 'home' without warrant to some degree, isn't it? Done through the hands of some private company under some excuse... What about Fourth Amendment?
And it is always pretended that the bad guys can only exist on the client side and not on the supervisor side.
For instance, let's imagine a technology emerges that can render any wall in a building transparent and penetrable for a short time, without affecting the structural integrity of the building. How much easier would it make the job of the law enforcement! How many crimes would it help prevent or at least detect! Of course it will be a securely guarded technology, so that it won't fall to hands of random strangers, malicious hackers, or burglars; only the law enforcement agencies would use it, and only for legitimate purposes! Honest.
Would you endorse such a technology in your town? Mandate it for your neighborhood? Why? Are you comfortable with the idea that a number of crimes will go undetected or not prevented because this feature is not implemented? Not rhetorical questions all.
> Destroying the privacy of several billion people is not an adequate price to pay for capturing a dozen or even a hundred bad guys.
> Sure it did get them some. So would carpet-bombing New York City. Success alone is a worthless measure without taking cost into account.
-- http://yro.slashdot.org/comments.pl?sid=4631081&cid=45871537
Or
http://www.usatoday.com/story/news/2015/01/19/police-radar-s...
This is stuff directly from Deus Ex (1999). Repercussions for posting wrong memes are also mentioned in Deus Ex, and are also coming true. (The epidemic situation is not that dire as depicted there, though. At least not yet.)
* Say bad things about the king.
* Said good things about the king.
* Are homosexual and attempting to live their life.
* Are black and attempting to live their life.
* Are foreign, regardless of activity.
* Are female and attempting to own property.
* Are local but not the right type of local.
* The actual person is OK but they're trying to help the Jews.
* Own the wrong book.
* Worship the wrong god.
And in hindsight it is generally agreed that those laws were poorly thought out. Giving the police tools to enforce 100% compliance with the law is by no means a sane thing to do. And if that is the plan it would behove us to make sure the law is good first. Which it obviously isn't there are gaping holes in every legal system.
Now in the West there're just as many taboos. You can't openly discuss lots of things. Maybe there's no criminal penalty for this (although in some EU countries there's already a criminal penalty for wrong^H^H^H hate speech, same is planned in Canada), but by saying "wrong" things you'll be expelled from society, expelled from your job.
Is taking one taboo and just turning it upside down actually good? Punishing homosexuals was wrong but is forcing people to change gender, brainwashing children with homosexual propaganda and persuading children to change the gender by chemical and surgical means better?
I predict that in 5-10 years in USA it would become obligatory to participate in "pride parades". People who avoid them would be put on "the list".
This situation is not symmetrical and it looks absurd.
There's a writer famous in Russia - Victor Pelevin. In his last book he stated something that was almost obvious to us: USA now is the same totalitarian society as was USSR.
«Современная Америка — это тоталитарный совок 1979 года с ЛГБТ на месте комсомола, корпоративным менеджментом на месте КПСС, сексуальной репрессией на месте сексуальной репрессии и зарей социализма на месте зари социализма». Но разница в том, что «в совок 1979 года можно было привезти джинсы из Америки, а сегодняшняя Америка — это такой совок, в который джинсы уже никто не привезет». «Американская культура в современном виде — это проект ГРУ. Яд "novichok" отравил североамериканскую душу и заструился обратно в Россию. (…) Когда все, связанное с Россией, демонизировано на Западе, сетевые дурочки, прививающие здесь американскую культурную репрессию под зычный храп ФСБ, кажутся по-своему трогательными: геройкам слава! Но если рассказать им, что на самом деле они внедряют созданные ГРУ химеры, они столкнутся с таким сарказмом судьбы, который перенесет не всякая душа», — пишет в своем романе Голгофский.
(too long to translate, but basically: "Contemporary USA is a totalitarian Soviet state from 1979 with LGBT in place of comsomol, corporate management in place of Communist Party, sexual repression in place of sexual repression, and dawn of socialism in place of dawn of socialism. But the big difference is that it was possible to bring jeans and bubble gum from USA into Soviet state of 1979, while there's no place from where you can bring "jeans" into contemporary USA" (mocking the myth that jeans and bubble gum were tokens of western "freedom" in USSR).
https://www.bbc.co.uk/news/uk-england-48294017
This is way overhyped. It's barely more than “gay people exist, don't bully them” most places. One lesson in PSHE class – maybe two or three, if you get lucky and your teachers decide to teach you about binary trans people too, or if sexuality is mentioned in the Equality Act lesson (which mostly focuses on disability and maternity leave).
> opinions about sexuality are being presented as fact
By this logic, we should ban other children from talking about their religions in schools; they're likely to say things like “Jesus is God” or “God isn't real”. It's unlikely a religious child would get particularly confused with a teacher exposing them to different views on morality, given how much they're already exposed to that.
The most recent I can think of is that creepy Blues Clues episode… why do prepubescent children need to know about Pride and any sexuality at all?
The reasonable middle to me is to introduce LGBT issues in sex-ed when kids are going through puberty and treat it with decorum. You can punish homo/transphobia when it occurs, not try to program it out of literal toddlers with a creepy song about families marching.
Anyway the issue isn’t with kids learning about LGBT, it’s HOW they learn about it. I wouldn’t promote nightclubbing or pickup artistry to my kids. I do also have issues with how aspects of mainstream ‘straight culture’ are pushed to kids as well.
For example, drag is an inherently adult form of entertainment now being pushed to kids. Grown men throwing money at drag kids makes my stomach turn. Two moms or dads taking their kid to play in the park does not.
>I predict that in 5-10 years in USA it would become obligatory to participate in "pride parades". People who avoid them would be put on "the list".
is not accurate. We can do it on Longbets.org. I'll give you the full ten year window.
https://www.sciencealert.com/wi-fi-signals-can-identify-you-...
https://www.nbcnews.com/tech/tech-news/mit-device-can-detect...
Not sure I see the relation to Apple laying Fully Automated AI ThinkPol groundwork though.
Let's assume that it only works with thin walls, so it has limited archaeology use. Firefighting is a very fair point.
Would you, reader, trust the firefighters to not abuse such a power by mistake? Would you trust the chance of it being abused for the chance of being rescued during a serious fire? Not an easy question.
Here lies the problem. You can't guarantee that. Law enforcement itself has criminals. In some countries law enforcement is even one of the largest collection of criminals. And then something like Trump happens. Do you really want to give such powers to people like Trump and it's followers, not to mention more malicious ones?
There is no way that this technology is only used for good.
And what comes on top, it doesn't stop crime, just it's modus operandi.
If they can't use their computer to handle certain data, they use hacked ones and hide it there. You know the trick how drug smugglers use the suitcases of tourists to smuggle their drugs?
If a police officer is in your house and you need to go to the bathroom, do you close the door?
I run a shipping company. You want to send a package. It is illegal for me to handle and ship certain things (e.g., nuclear bombs). Further, I don’t want to handle any of those things. Furthermore, if I find those things (e.g., when a package breaks open), I am legally required to alert the authorities.
What assurance can you provide to the me (the shipping company) that there is nothing illegal in your box? Suppose I ask you to attest but then I find out later that a bunch of people have been lying on their attestation forms which means I have been unknowingly, undesirably made party to illegal activities? Every other company solves this by simply opening everyone’s package and looking. Suppose my shipping company’s clever engineers invent a detector I can give to you that doesn’t require me to look inside the package but can tell me with some certainty that there are no illegal things in the package. What statistical properties would the detector need to have to satisfy you that this was better than forcing every package open?
We already have real world evidence for “what statistical properties the detector would need to have” to be better than opening every package, because the real delivery companies are literally doing this today. There’s nothing hypothetical about the question.
Apple could do the same, simply letting the user know that this/these images cannot be uploaded to iCloud, and then do nothing else.
The problem is that the results of these scans are pretty useless. They don’t prove anything. While Apple knows that law enforcement and politicians will believe it’s 100% correct, because they don’t even understand that DNA can be wrong, and demand customer names from Apple.
This is very much the crux of it.
Back during the immediate post-9/11 era there was a huge push to restrict all kinds of civil liberties (and the birth of today's surveillance state) in the name of preventing the next terror attack, which could be "a mushroom cloud" in the words of George W. Bush.
There's a problem with this reasoning.
Osama bin Laden wasn't some random dude who got radicalized. He was a member of one of the wealthiest families in the world. He was born rich, grew up rich, attended Harvard, and had a family that rubbed shoulders with heads of state and were directly connected to the Saudi royal family.
Osama bin Laden was a member of what I've heard described as the "superclass," those who are beyond just being "merely rich" in that they possess not only vast wealth but internationally diversified wealth and powerful political connections.
He was of the social class that is behind the glass of a surveillance state, and if he wanted to avoid any possibility of surveillance himself he and other members of his class could easily afford expensive security consultants and specialized devices. They could also afford armies of attorneys to get them off any lists and out of any trouble.
If someone detonates an atomic bomb in Washington DC, it will not be some random middle class youth who got radicalized on a 'chan board or a Facebook group. It will not be some random protestor or dissident. It will be someone like Osama bin Laden. It will be someone with the money, expertise, connections, and background to find, recruit, and pay the personnel required to obtain or build a nuclear device. It will be someone with the connections to organize the logistics to smuggle it into the country and put it in position.
It will be a member of the global elite.
People with bin Laden's level of wealth and privilege are the dangerous ones. The lens of scrutiny should be aimed at them. One member of the middle class radicalized with toxic ideology might shoot up a school, but one elite radicalized with the same ideology could blow up a city or engineer a super-plague.
Osama bin Laden's $30MM (per Wikipedia) inheritance from his estranged family no doubt greased some skids, but mission-driven people with charisma come from all socioeconomic backgrounds, and some of them succeed. (FWIW he did not attend Harvard, and AFAIR never set foot in the US.)
The general pattern is that the wealthy are, on average, supportive of the existing order. They are the winners of the current game. Of course there are always rebellious children who are motivated by religion or power or fame etc, but most of them are feckless due to their upbringing. And ultimately, there are so few of them.
Leadership abilities can be found across all economic strata. Most are happy to leverage their talents into moderate economic advantage, but some are driven by "larger" causes.
I would say that the intersection of leadership abilities, belief in a "larger" cause, belief in victimization, and a willingness to harm innocent people (or to blame them for their inaction against your oppressor) ... is what leads to the risk of violence against the existing order.
https://en.m.wikipedia.org/wiki/Osama_bin_Laden
My point is that people with money and power are far more able to execute large scale crimes, and not just terrorism. Meanwhile surveillance is experienced more and more as you move down the socioeconomic pyramid.
Apple is catching flak for this but overall their devices respect privacy more than most cheaper devices. They also cost a lot more. Your average cheapo phone or laptop comes absolutely stuffed to the gills with spyware and runs older OSes with bad security. The poorer you are, the more spyware riddled and insecure your devices probably are.
1: http://news.bbc.co.uk/1/hi/uk/1595205.stm
Do not discount the effects of chan boards and Facebook groups so foolishly.
Some of it may have been organic at first, but things don't stay organic for long these days. The instant there's even a whiff of a popular movement that can be exploited the propagandists are on it... especially if it's a movement that can be exploited so as to win an election or make money. The thing that made that stuff dangerous was elites and their water-carriers like Steve Bannon, Donald Trump, Milo Yiannopolis, Rupert Murdoch, etc. empowering and steering all those useful idiots.
The Pajama Nazis have a camp of doppelgängers that I've come to call Basement Bolsheviks, but they haven't had much impact since that camp of idiots doesn't seem useful to anyone with money and power (yet?).
Apple can decrypt data on iCloud, so why not just do this offline? Doesn't make much sense.
It makes me think that the technology will be expanded to encompass all offline images at some point.
However... yeah. This is a massive breach of trust. Having any spyware agent on my device is disgusting. I can't imagine the abuse cases this sort of thing can be used for.
https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...
https://nakedsecurity.sophos.com/2020/01/09/apples-scanning-...
https://www.apple.com/child-safety/
However there is a very long list of companies not just doing things for good, but also for profit.
And when profit enters the equation, then the original mission statement tends to get distorted into something bad/worse.
Of course Apple is free to decide, but the consumer has the option to either loudly disagree or exit the Apple ecosystem altogether.
I see the same pattern with pro-vaccine and "anti-vax", either you support vaccines or you are labeled "anti-vax", all is black-and-white without any nuances.
That sort of discussion rarely leads to any productive outcome.
Well, by definition anyone not supporting vaccines IS anti-vax. There is no such thing akin to agnosticism with regard to vaccinations.
I have an itch that somewhere in the hundreds of pages of EULA no one ever reads there is a "You accept that Apple has the right to modify its software at any time for any reason" kind of thing
You have no idea the inherent power of being the "setter of definitions" in a legal context.
The presence of legitimate common sense (an actual concordance of principles, life experience, understanding, and the existence of a fungible nominative signpost that will be reliably reproduced within error bars) is surprisingly difficult to hew and maintain. It morphs over time, and is exactly why these multi-national tech companies implementing things like this is so terrifyingly dangerous. If they implement the capability to do a thing, they are now the movers of the political Overton window by realizing the means. They are literally shaping the rhetorical landscape.
Example: Let's say the push for this intrusive client side scanning came from the U.K., and the U.K. marketplace alone accounted for enough business to make it too painful to NOT do (simplifying economic/business assumption for illustrative purposes, and just picking on the U.K for because they are $not_my_jurisdiction). In the U.S. (Third Party Doctrine aside), this feature would be something that would be a U.S. Constitutional violation (4th Amendment) if mandated by the legislature short of an Amendment, yet since it would be done out of expedience in the absence of someone telling them NOT to do it, they'd ship it by default on American phones anyway. The mere existence of the capability greatly increases the willingness of jurisdictions to use it. This means the most privacy eroding jurisdictions are creating a race to the bottom for infecting everyone else barring population Al refusal to say No unambiguously.
I don't know why this jurisdictional backdooring isn't more obvious to people than it is. Or maybe I'm just starting to grasp how politics actually works vs. working in theory, but this really does seem to be completely screwing up how process is supposed to go. This is nothing short of a private entity taking the practical reins of power, and the political edifice coming along behind and post-facto rationalizing what the actual trailblazers are doing.
To be frank, this terrifies me even more than Congress being in charge. Congress's process rounds out most things to some level of effectual benign nature. Tech companies though? If you even start asking the important questions about higher order effects, either out the window you go, or everyone looks at you like a nut.
This is not a good way to go.
If Spyware Engine is allowed to be installed by some idiot with company in his hands to amplify his idiocy, what prevents another idiot with company in his hands to do the same?
And how about specially crafted 'normal' pictures sent to individual to trigger the system? Special mind would have a perfect tool to get some one down / put into the troubles.
Exactly this was my first thought. Sad that these days my first thought, if some new "system" to prevent/catch something/one is introduced, is "How could this system be abused to blame somebody?".
I don’t think that’s true. Compare the difference in how people react to cctv vs how they react to “Surveillance Camera Man”.
This is a cctv system, you can forget it’s there. Until it incorrectly flags you anyway.
People are aware where and how they are recorded.
Phones are (well.. were) private, people take nudes, do naked video calls and all the other related stuff, because they trust that there is only one other person watching this, and they usually trust that person.
Now, we're one step away from trump-beats-cnn-gif-meme getting into the hash database to flag all the trump supporters. When the next wikileaks happens, and they can track who had the documents/photos/videos first, possibly even before they got leaked. Someone (4chan,...) can email you photos an videos that are of something random, but crafted in a way to create a false positive (a bit slower form of swatting).
This is basically setting up cctv in your bedroom, saying it's there "to protect the children" and trusting some stupid algorithm to look at you.
She gave it to me to get back in working order, and I had to ask her if she was interested in pressing charges, because handing it to me may compromise chain of custody of any investigation. She decided not to proceed with filing charges, but just wanted me to investigate and restore the bloody thing.
The person in question sync's their mobile content to that laptop. I had more than enough evidence of phone use while driving, who they were associating with, where they were hanging out, what they were doing, etc.... I didn't even have to try digging.
Do not underestimate the level of mindless information spillage by modern devices, nor the level of exposure guaranteed always on, officially acknowledged hooks into your device sensor or input feeds offers.
Even if not illegal in any way, it’s one of those things where even an accusation can be seriously damaging. The prospect of your phone continually scanning your photos will make that even worse.
They (that is, we) should already. We should assume being looked at, unless we can reasonably prove it's not so. In all public places, for certain. Using all public services, for certain.
This decision erodes the trust in personal handheld terminals (quaintly still named "phones"). This is great that the announcement is made publicly. I can easily imagine a similar feature to be deployed tacitly in other countries and other platforms.
No need to imagine.
China flat out censors chat programs and discussion sites, and some words will instantly get you put on "the list".
Winnie the Pooh, for example.
Oh, you say that you're just interested in the wonderful literary works of A. A. Milne, but that's what the anti-government types always say! Prove your innocence in this kangaroo court, and you'll be let off with merely a stint in a re-education camp.
I can’t say sexy. In a dating app. With a woman I matched with. What am I supposed to do? Say she’s doing a great job of maximizing her gene pool’s potential for aesthetic presentation in the context of a romantic setting?
If she goes for that, she's a keeper.
Would you go into a Christian church and start preaching about Hindu gods? Some might, but nearly everyone would say it's disrespectful of a different culture.
So it seems to me like it'd be a cultural difference. In Western culture sex is prominent (America, Europe, etc) even if repressed (America). In Chinese culture... well I'm going to assume it's still very much repressed.
But the point about cultural differences does stand (not that it should result in a government being able to police how two adults communicate.)
Two adults can negotiate their own communications protocol. Just because you met someone in a Catholic church, doesn't mean they aren't interested in Hindu gods or in sexuality. People are not defined by the culture they live in.
A dating app that tells you what you can or cannot say in a 1:1 conversation isn't a conduit for private communication - it's acting like a chaperone on the date. Except normally, chaperones are there to prevent sex, not police thoughts.
I agree.
> Simply chalking up social control to “cultural differences” ignores the fact that these aren’t cultural mores developed independently, but the results of a highly moralizing tyrannical government trying to assert social control
I've never been to China. But even from an outsider's point of view your statement strikes me as self-centered. What right do you have to enforce your own morals upon an entire other nation?
> a highly moralizing tyrannical government trying to assert social control for the material benefit of those at the top.
Western countries are arguably the same. How does that make the Chinese government wrong and Western countries right?
> Seems like you’re exercising a lot of social control over the couple.
To circle back to this comment; am I? The control is over the internet. Until they've met in real life you're just a stranger on it. Strangers on the internet can be very dangerous and with very little repercussion. Governments have an obligation to protect their citizens. So you should speak kindly and respectfully. You never know what words might upset the other end.
When you meet in person then you're putting your own person at risk for the words you say instead of just an online pseudonym. When you meet in person the stakes have been raised. What does the government do to prevent the couple from talking sexy after they've met in real life? I'm sure there's a lot but once you've met in real life then either you're physically in their culture or they're physically in your culture and respect boundaries must have changed.
Can that system be abused for the people at the top? Absolutely. Is it abused for the people at the top? Well I live in America and so I see a lot of anti-China propaganda so I'd argue that it probably is. But you'd be blind to think that China's alone in that.
Careful with this argument. What right did the Northern States have to enforce their own morals upon the Southern States (which had ceded, and were therefore their own country)?
I'm not saying you're wrong. I'm saying this is not valid justification.
That's a very good argument. But let me counter: we fought a war over it. That's what gives us the right to enforce the North's morals over the South's. Do you want to fight a war against China over our differences?
Even disregarding the war itself; that was about slavery and human rights (freedom) with strong undertones of racism. So if you want to make privacy a human rights issue then sure and yes. I'll even agree with you: I think privacy should be a human right! But until privacy is a human right recognized and enforced then again: what right do we have to enforce your own morals upon an entire nation?
UN's UDHR Article 12 [0] is very light about privacy (and what it even means) and (IMO) has a very very poor history of enforcement of human rights. Even more, it states:
> No one shall be subjected ... to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
And I would argue that statement extends to calling someone "sexy" which might be an insult to someone with different morals than yours.
[0]: https://www.un.org/en/about-us/universal-declaration-of-huma...
Just like a porn website doesn't shield you from porn because it's "on the internet" , a dating website shouldn't shield you from intimate language.
Aren't they suggesting that the individuals involved decide what kind of language is appropriate for their conversation? I can't imagine how you'd call that "enforc[ing] your own morals" upon anyone, let alone an entire nation!
s/sexy/hot
The US has its own problems, but who should take something like the EU seriously? For what stands this union of countries? For absolutely nothing. Extremely weak, especially considering the union was advertised as standing for common values.
I’m always surprised when people say things like this.
As if we haven’t been carrying around highly capable “Spyware Engines” this whole time.
Apple doesn’t need the cover of stamping out child porn to spy on you. They can do it just fine, if they want to, without it.
I think Apple checking photos before they uploaded to its own servers is their way around the Fourth Amendment while using relatively similar methods that they already use for malware.
Devil's advocacy aside, I buy the slippery slope argument and I find these methods reprehensible and open to abuse. I agree with all of it. I think this new addition is a step on the downward slope. I don't use MacOS, nor Windows, nor any cloud services personally. I keep an iPhone 7 around to chat with "iMessage" friends -- and this is the straw that stops me from using for that. I have never used iCloud for photos even when I was using an iPhone regularly.
I used to have an Android phone, which I also never sync'd with Google's cloud/drive. Then after an update, the sync-to-cloud option was automagically turned on again and my photos started to upload. I deleted them from the cloud and swore off ever using an Android phone again.
[1]: https://support.mozilla.org/en-US/kb/how-does-phishing-and-m...
Addendum: That Mozilla support link is also interesting in terms of privacy. It's flagged as a privileged page for me so it loads Google Analytics that would otherwise be blocked by browser extensions.
> The issue here has nothing to do with children, they would always use 'children' as excuse. The issue here is installation of Spyware Engine.
I'm not sure that's entirely true. There is a reason stuff like this is debatable and is being considered by a reputable company. It is not black and white and both sides have some valid arguments. There are absolute atrocious monsters in this world and apple is in a tough spot. They are locking down their devices and it is keeping both bad and good guys out. You may think good riddens, they both shouldn't be able to get in but there are downsides to building a completely impenetrable device (e.g. tor is great for freedom, but also makes it a lot easier for criminals to operate). They are receiving pressure from law enforcement and no doubt people in their company have glimpsed the horror of child abuse and want to do something about it. They wouldn't be able to sleep at night if they did nothing, but they also won't be able to sleep at night because of the incredibly slippery slope they just stepped out on.
We also don't live in a libertarian society and I don't think most people would like the reality of living in one. On the state security and personal liberty spectrum, I think they united states is a lot closer to libertarian than we are to the ccp tho but there is no spot on that spectrum where everyone will be happy. Finding the least bad spot is an incredibly difficult problem for Apple.
That's what they say. And we should trust them on this because...? More importantly, even if they're doing everything client-side now, why should we trust it won't change in a few years?
Also, they aren't doing everything client-side. For this measure to be useful, it has to send out the hashes, or that there were matches detected, to the company, and ultimately the law enforcement.
> it seems like an apartment complex saying you are not allowed to have fires inside your apartment so they installed a smoke detector in your apartment
This situation is not like a fire. A fire in one apartment threatens the entire building (and everyone in it), and it spreads very quickly like started. This is more like installing chemical sensors in every apartment that will automatically call the police when they sniff out illegal drugs. You have nothing to fear if you're not an illegal drug user... unless the sensor has a false positive against your medication. Or the volatiles from your cooking. Or the cleaning agents. Or a jar with a mix of benign substances that someone sent you to screw with you. Or...
Perhaps people would mind less if they could trust the system will work. But anyone with even little bit of exposure to tech industry already knows that these systems don't work, and data collected is routinely abused.
If you use an Apple phone, you have no choice but to trust them. They produce your phone and control everything on that phone. Did you trust them before? If so, why and why would you not trust them now with this feature? If you didn't trust them before and don't trust them after this feature, you probably shouldn't use one of their phones.
> This situation is not like a fire. A fire in one apartment threatens the entire building (and everyone in it), and it spreads very quickly like started. This is more like installing chemical sensor...
I would consider a sensor that detects drugs in apartments a lot more orwellian and I'm pretty sure that something like that would be a lot more controversial than what apple is doing here. They are not adding a feature to catch people that use drugs, just child predators. There is a massive gap between the two and there are zero people that consider allowing child predators to exist is a good idea. I'm also pretty sure that there are zero people that agree that letting apartments burn down is a good idea.
> Perhaps people would mind less if they could trust the system will work. But anyone with even little bit of exposure to tech industry already knows that these systems don't work, and data collected is routinely abused.
Yep, exactly, this changes nothing really. I hate apple products and I don't use any, but their reputation is the least bad and I trust them more than others.
There are horrible monsters in this world, we don't live in a libertarian society, most people don't want to, and a lot of people will be completely fine with sacrificing client side scanning of their pictures to catch those horrible monsters out there. This issue is not black and white/right versus wrong. There are trade offs and it was a judgement call by apple. Everyone has some line where they would be ok with this feature. If it helps avoid the scarring of 1,000 children per year, maybe you don't think its worth it, but there is some line where everyone concedes. I don't really know what is an acceptable amount of horribly scarred children to trade for not having one's pictures scanned on one's phone but if they keep their word and it doesn't turn into an orwellian nightmare, then I would be incredibly grateful for every scumbag they help take off the streets.
100% agree, this is called a "chilling effect", shutting down discussion and giving more power to the status quo.
These are pressures which likely help keep society relatively stable. People's behaviour is guided and influenced by what other people might think of it, and human ancestral environment up until cities(?) was small groups and families and villages where everyone knew everyone else's business. I don't think we should take it as given that changing that is unarguably for the better. Historically there was always the chance that someone would eavesdrop, or see your diary lying around, or open your mail,
> "And this has prolonged effect on society's freedom, democracy and rights of individual because independent thinking happens when true privacy is there"
Citation needed because "Please don't machine-process my photos because I get so anxious I can't think" sounds like a problem you need to deal with, not a problem for everyone else to deal with. So does "The effect will be also huge. Just imagine what they will do next if they get away with this." - always jumping to the worst possible doom scenario is something people see therapists about.
> "The issue here is installation of Spyware Engine."
This is no more than a bank having to make sure you aren't storing stolen diamonds in their bank vaults, and they've now found a way to check only the things people are about to bring into the bank to alert the bank as early as possible.
But you are right - as long as they have the right to push code to your device at any time, it isn't really yours. Shame it costs so much to keep the bank's vaults in our pockets at all times.
Regarding the functionality we lose when using a custom ROM, I think the trick is to use a device from a "modding friendly" brand. Samsung, Sony or Huawei are not modding friendly. Get a OnePlus, Asus, Xiaomi/Poco/Redmi or Google Pixel and most if not all hardware will work fine.
(My experience is based using the OnePlus 3, OnePlus 8 Pro and Redmi Note 9S with LineageOS and a Asus Zenfone 6 with OmniROM. Fingerprint works fine and even more exotic features like the IR blaster on the 9S or the flip camera on the Zenfone 6 works.)
Now, by replacing the original OS you also remove some things that makes the phone better. Eg: the stock camera app, which often gives you better processing (there are modded GCam apps that might help fix this, alternatively you can save DNG/raw files). One useful feature that I had on the Zenfone 6 that custom ROMs can't give me is the ability to stop charging at a certain % (can be done with Magisk, but it's not supported by the ROM itself).
The main problem for me are the apps. Many require Google services and Google's safetynet and both are a problem if you decide to use "pure" Android. Even if one decides to install Google Apps to have the Play Store and their other services, there's still the safetynet issue that gets triggered just for unlocking your device.
These are completely different situations. Not to mention how infinitely unlikely it is that _several_ of your photos would be similar enough to known abusive material to be flagged.
>There aren’t enough people (nor PR capital) to look through all of your photos.
This is a nonsense sentence. They ARE going through all your photos, both in this effort, comparing hashes, and for classifying your photos with ML, a highly publicised feature. Both happen on device.
In my country, there was not so long ago a case of a person wrongly accused of murder[0]. He spent 18 years in prison, despite there being no convincing evidence of him committing the crime. The people invested in the case wanted to have a scapegoat ASAP. Cases related to pedophilia are often very emotionally-charged, given the nature of the crimes. It can easily lead to hastily made decisions that can ruin many lives.
> Not to mention how infinitely unlikely it is that _several_ of your photos would be similar enough to known abusive material to be flagged.
Given enough time and enough attempts, there still is a possibility of something like that occurring. And this is with an assumption that the algorithm used will be correctly implemented with no false positives at all – something that I doubt even a manual analysis by humans would be able to achieve given the volume of data to check.
[0]: https://pl.wikipedia.org/wiki/Sprawa_Tomasza_Komendy (in Polish)
And I'm not sure what your main point is. Yes, sometimes people are wrongly accused, even convicted. Is that argument against having a legal system, or what are you trying to say?
I am also not saying that such people should be left free and unpunished, but that the method proposed could cause far more bad than good, in my humble opinion of course.
A legal system of some kind is obviously necessary, but using argument of thinking about `insert a group of people you should care about` can easily lead to abuse of the established laws.
What algo is Apple using to compare 'similar' hashes from images, does anyone know?
https://www.apple.com/child-safety/pdf/CSAM_Detection_Techni...