Ask HN: What do you intend to do about Apple's invasion of your privacy?
For those —like myself— who are upset about Apple's recent decision to share perceptual hashes of your phone's private content with a third party, what do you intend to do about it? Are people changing phones to opt-out, or installing custom ROMs?
It's been very heartwarming to see that a large part of the Hacker News community shares many of my concerns regarding what I feel is a very invasive overreach by Apple. For my own part, this has been the incentive to stop procrastinating and finally get myself a phone that can run a custom Android ROM. I know this doesn't solve all of the issues of privacy on mobile phones, however it is a move much more consistent with my ethics, given my own dislike of Google's business practices.
63 comments
[ 3.0 ms ] story [ 114 ms ] threadThe computations are performed on device, but only for images that have been uploaded to iCloud.
I’ll keep on using Nextcloud for cloud storage and keep iCloud disabled as it has always been.
There’s more pressing matters right now
When I look at the alternatives (e.g., Facebook), I see pictures being stored in the cloud unencrypted, where they can be scanned for a match with the CSAM hashes.
Apple, on the other hand, is developing a system to scan for CSAM matches client side, in a way that allows pictures to be stored encrypted, and paving the way for full end-to-end encryption.
Assuming that scanning for CSAM is going to happen, which I'm generally in favor of, Apple's approach is more privacy preserving, and reinforces my happiness with their privacy direction.
No, they did not. This feature is only enabled for photos that are synced to iCloud. If this applies to you, it is because you already assented to having your photos stored by Apple.
The FAQ covers this: https://www.apple.com/child-safety/pdf/Expanded_Protections_...
Normally, photos are stores on the iCloud, fully encrypted, right? I always assumed that Apple had keys where they could decrypt your iCloud when complying with a legal investigation, where an actual warrant is presented.
This bypasses that privacy protection entirely - there is now a way for apple to pull your private photo out of your phone(yes, only if you were going to upload to icloud, yes), without needed an actual court order - it's matched against an unknown database, using an unknown algorithm, and uploaded for "inspection" WITHOUT TELLING YOU. So Apple just decides to break your own encryption, on your own device, uploading your data in secret for verification, because they suspect the material you have is illegal. Like, again, this is bad for privacy, not good in any possible way.
I just don't think this is at all compatible with the pro-privacy and pro-encryption stance they are taking, that's why I'm calling it dishonest.
I disagree that Apple is being dishonest. The FAQ I linked to is clear and forthcoming, and explains exactly what is happening. It is true that Apple is doing something they hadn't done before and that few of us had expected, and they're no longer being absolutists about privacy to the same extent they were before, but that's not identical to being "dishonest." Dishonesty, in my view, refers to intentional factual incorrectness (1 == 2), not a disagreement about characterizations.
Finally, they're not "uploading" your photos. If this applies to you, then your photos were already uploaded to iCloud because you said they could. And they're not "breaking your encryption," they are operating in a decrypted context because you gave them your keys (albeit implicitly). Further, they're not even uploading your photo from your phone (which, again, you've already told them to do if you're using iCloud) for the purpose of analysis; they're reporting a fingerprint. Please read the FAQ in full - it's very clear.
> not good in any possible way
Many disagree, and would say that reporting child sexual abuse is, in fact, good.
Yes, followed by the actual photo for verification by a human, and if it's indeed a reportable picture it's then sent to authorities. It's very clear from their FAQ that's how it works. That's what I mean by apple "breaking" encryption - the photo is encrypted on the phone, and encrypted on the cloud - except that if their algorithm says it matches(or is just similar to) some hash somewhere, the actual photo will be sent without encryption to them for verification. That's the part I have an issue with. They are not saying to the authorities "hey we found something matching a known hash on this guy's device, do with it what you will"(in which case I'd expect the police to arrive with a search warrant), they do actually analyze, send through to themselves, verify and send to authorities the actual pictures from your phone.
The fact that a permission to store the pictures in iCloud was given before is again problematic, because apple repeatedly says that the iCloud contents are encrypted and they can't see them without a warrant - except in this case here, they can and they will.
>>Many disagree, and would say that reporting child sexual abuse is, in fact, good.
Beyond a doubt, yes, obviously. But the fight against child abuse shouldn't be at all costs, and every technological solution where our privacy is violated should be met with suspicion first. Not to mention the entire discussion about the dangers of this system existing in the first place, Apple saying they will refuse state request to add content detection that isn't related to child abuse doesn't really hold much water, sorry - if doing so is the condition to continue operating in a market large enough, they will absolutely do it and I have zero doubts they would.
I don't have a better solution of how to protect innocent children, but you have to ask, what else is this technology able to do outside of it's intended use.
Meanwhile Apple's invited itself to look inside your storage device. Is this feature coming to MacOS, btw?
I thought Apple fanaticism was a 90s-00s thing.
They haven’t even properly addressed the serious concerns for abuse of this from malicious actors (individuals, hacking groups, companies, government etc) past, “won’t happen here”.
https://www.crowdsupply.com/sutajio-kosagi/precursor/
Given the many users who keep having a @gmail.com address, their privacy is already invaded by Google. Even switching off location on a typical Android device doesn't mean off. [0] Some people have to drastically flash a custom ROM to escape, where as most just won't bother.
As for the Linux phone ecosystem; they are not even ready yet. So for everyone outraged at Apple right now will just keep on using their Macs and iPhones as normal.
[0] https://www.cnet.com/tech/services-and-software/google-alway...
Sure, but the average Apple user is also using Googlestuff for search, or via mere browsing. Google has its hand in too much of the internet, they're unavoidable. He who swears fealty to Google need not interact with much Applestuff; the obverse is not true.
Google reads gmail to sell you shit; Apple reads your pictures to match against fuzzy hashes that are CSAM, we swear. And whatever other hashes a gag-order National Security Warrant might force them to include.
Then, I intend to sit back and watch the show, and see how it shakes out. I don't really expect much to change from Apple, but if anything does it's going to take time for it to happen, and it'll take time for any alternatives to surface.
If I really reflect, I don’t really see what good a smart phone has done for me: it’s abused my attention for little in return. Of functions that make my life better, maps, a timer and a competent compact camera are essentially it. I’ll use my laptop for any other function.
The CSAM scanning isn’t alarming to me, but the general on-device photo scanning is. It’s not a question of if a state will abuse this functionality for something else, but when. It’s continuing to erode private life, and as most defenses of speech go: I’m often defending scoundrels and awful people to defend speech.
Privacy rights are taken away slowly, usually for good reasons.
However, I have a planned depreciation cycle for all of my devices. During the next cycles over the next 2-5 years, I’m going to assess moving entirely to open-source (Linux laptop, reMarkable tablet, Kobo…).
Right now, my main blockers to go full open source are a lack of time and patience. Given I’m planning to head from a start-up into a doctoral program, I’m guessing I’ll be able to have a little more space to experiment. As well, the market within a two-year span horizon should be good enough to improve the smart phone market.
TL;DR: This isn’t enough to get me to sell all of my Apple gear, but it is enough for me to restart assessing alternate devices and potentially replace devices as they naturally wear out.
To put it in a different way - I'm 100% happy for police to enter and search my house if they show at my door with a warrant. But if I had to have cameras installed in every room of my house scanning my every action to make sure I'm not maybe committing a crime, that's not ok.
-generate hash of a meme criticizing Winnie the Pooh
-submit to Apple
-receive user addresses of every inferior citizen that would better serve the state by working in the cotton-fields of flyover country
Did you ever read Three-Body Problem? I lead my digital life as if I am being watched and tracked all the time.
They crossed the line, and I'm out of the Apple ecosystem. I don't think the objections are overblown, and I think they're causing real harm, in addition to the slippery slope concerns: 1) abuse is inevitable, 2) feature creep is inevitable.
I'll add this Twitter thread: https://twitter.com/alexstamos/status/1424054544556646407
I don't have a plan yet. I felt a lot more affinity for Apple over Google, given their security models, business models, data models, rhetoric, and OSes.
My Apple Escape Plan
1. Backup and migrate all things caught within the Apple Ecosystem
2. Buy a Pixel 5
3. Load it with Graphene OS. https://grapheneos.org/
4. Over time replace cloud services with ones that use true and provable end-to-end encryption.
5. Delete Everything from Apple. Delete Account. Create New One pseudonymously for development use required with a duel booted Mac.
6. Migrate over time to decentralized cloud solutions on IPFS/File Coin
I think iPads are my favorite digital device ever (I write books, Mosh/tmux to dev servers, and great for consuming content) so the idea of leaving the Apple ecosystem is a sad idea.
Sharing hashes with third parties? Seriously?
Then, I bought a 2019 MacBook Air. One with the new keyboard design. It failed in six months and required three separate trips to the Apple store to get fixed. One day I couldn't get anything to load for about an hour. It turns out Apple's binary signing servers were down and that caused my self installed binaries to fail to load. I felt I had graduated from that sort of nannying by then.
Right around the time Big Sur became available my MBA refused to use my external display. It had worked perfectly for a year prior. Some searching revealed many users resolved their display issues after updating their OS. That seemed more like a coincidence but I had unplugged and plugged everything in at least twenty times by this point. I was ready to try anything. I upgraded to Big Sur and my monitor connected again. I always found it odd my system destabilized when that update became available. Probably a coincidence though.
iOS 14 killed the battery life on my iPhone 6s. It's an old phone, but I bought it new in 2019. I can get pretty reasonable battery life if I turn low power mode on, but it turns off automatically when the phone is "sufficiently charged", and I don't receive it to be much better than the battery life I got before iOS 14.
Recently, I have noticed my Magic Trackpad is much more "glitchy". The cursor jumps around the screen, for example. That was really the thing that always held me back from jumping ship. I really like the trackpad. A lot. At lead I did.
That's a long way to say already felt Apple was going backwards, not forwards. Still, Apple is pretty good. I'm afraid to pick something that I might find worse.
You have to give up a lot if you want to leave the major closed ecosystems (Apple, Window, and Android). In a way you are making yourself a digital second class citizen. You can even see the way the major close source ecosystems try to make you a second class citizen on their platform for choosing another platform. MS Office alternatives for a long time, and maybe still are, never quite fully comparable with the genuine article. If you are an Android user and all of your friends use Apple your friends get a crappy experience compared to the experience they have with others using iMessage. You're practically a burden to communicate with.
If you want to have privacy, I believe you must accept becoming a true second class citizen, or go to extreme lengths to maintain you privacy (and maybe still be a second class citizen anyway). I understand everyone is questioning what Apple is doing, but we should be questioning all of the privacy invasion we are forced to accept to be first class citizens in our society.
You must give up some privacy or accept a degree of second class personhood for the following (in the USA).
- Driver's License: Picture, address, physical description (including weight), and signature. It is very impractical to go with out a driver's license in most of the United States.
- Credit Score: This example is actually unreasonable because you can't actually opt out of having a credit score. You are also punished for not participating with a lower credit score.
- Bank Account: You need to provide personal info to open a bank account. It isn't easy to function without one, and you will pay more money to have access to the money you are paid via payroll check.
- Job: You ne...