A Message to Our Customers (2016)(apple.com) |
A Message to Our Customers (2016)(apple.com) |
The selling points of apple to me were to provide excellent hardware combined with excellent software, combined with a guarantee to protect my privacy.
The first point still holds true, the 2nd not so much anymore, and the 3rd was destroyed by the most recent move.
My stance will cause a ripple effect, I convinced quite a few people to use apple if they can afford it due to their general stance and their commitment to democratic values. Not all of them will listen if I now tell the opposite story, but most will. I hope Apple feels the effects of this decision in one of the upcoming stock-holder meetings.
Of course, I don't believe this helps against child abuse or any crime at all, in fact I believe the opposite effect happens: criminals probably know about moves like this one far earlier than the general public and react accordingly.
Apple knew a supplier was using child labor but took 3 years to fully cut ties[1].
> taking a stance against widespread anti-democratic tendencies.
"While US lawmakers have proposed legislation aimed on curbing American companies' ability to use forced Uyghur labor, Apple sought to weaken the bill, The New York Times reported last month."[1]
> caring about their profits by respecting their customers
"Cook argued that people choose iOS specifically so they won’t have to make risky decisions with sensitive data."[2]
But also,
"Apple takes flak for disputing iOS security"[3]
---
Apple has always been ripe with hypocrisy, It's astonishing to see people claiming the latest incident to be like the only blemish on its record.
If a lone developer from some village releases a software and makes a claim that its secure we'd rush to ask for source code, 3rd party security audit and what not; But if Apple asks for our trust because it's Apple, Why not the hardware is shiny right?
When did the premise for security shift from 'zero trust' to 'Apps open fast, So I'm fine with it'?
[1] https://www.businessinsider.com/apple-knowingly-used-child-l...
[2] https://www.theverge.com/2021/5/22/22448139/tim-cook-epic-fo...
[3] https://arstechnica.com/information-technology/2019/09/apple...
There are already cases linked in other comments where the same hash dataset has had valid hits, via Google-stored photos, iirc.
All your posturing is just that: posturing. As with so many things they offer via iCloud, Apple does offer non-cloud solutions for most things their devices do, and in such scenarios the data is not subjected to the things people often object to (hash scanning in this case, unencrypted iOS backups, etc etc).
As has been pointed out elsewhere this is not about breaking encryption or arbitrarily browsing through all your dick pics or whatever. It’s a compromise to be able to say that Apple is doing something with a reasonable expectation of effectiveness to combat child abuse materials, without needing to just give whichever prick inhabits the FBI directors chair an easy way to view everything you store in iCloud.
And as I said if you’re not happy with that compromise you can turn off iCloud photos, the same as you can turn off iCloud backups.
So, you can believe all you want about what criminals will or won’t do or about how smart they are or are not, and even about how much influence you have over other peoples buying decisions. Just remember though, believing something doesn’t necessarily mean you’re right.
> "However mobile OS's may now and then answer popular ends, they are likely in the course of time and things, to become potent engines, by which cunning, ambitious, and unprincipled men will be enabled to subvert the power of the people and to usurp for themselves the reins of government, destroying afterwards the very engines which have lifted them to unjust dominion." -- George Washington
>a man [was] arrested on child pornography charges, after Google tipped off authorities about illegal images found in the Houston suspect's Gmail account
https://techcrunch.com/2014/08/06/why-the-gmail-scan-that-le...
In the case of a false positive, that information lives on Google's server where it can be subpoenaed and misused to incriminate you.
We've seen it before with location data.
>Innocent man, 23, sues Arizona police for $1.5million after being arrested for murder and jailed for six days when Google's GPS tracker wrongly placed him at the scene of the 2018 crime
https://www.dailymail.co.uk/news/article-7897319/Police-arre...
With Apple's system, a single false positive would never even leave the device. Multiple images have to be found to match known kiddie porn images before a human review is triggered.
I'm frustrated, too.
With that one post, Apple and Tim earned trust from a group of people that trust very few. And in an instance, both Apple and Tim have now burned all of it.
I think I can see the issue pretty clearly here.
- Real harm is enabled with encryption. I get it.
- Back doors break encryption for everyone and don't stop encryption for bad guys.
Am I missing something?
https://techcrunch.com/2021/08/10/interview-apples-head-of-p...
Highlights:
Unlike Google, Microsoft, Facebook, and the rest Apple has not been scanning your online data (iCloud) for the past decade.
When this is turned on, only images you attempt upload to iCloud will be scanned.
If you turn off photo synching to iCloud, nothing will be scanned.
If photo scanning shows that many images on your device match known kiddie porn images (not just one), a human will review the data to make sure passing it on to the authorities is called for or if there have been multiple false positives.
If multiple images do not match known kiddie porn images, nothing happens.
They have already proven that.
Apple seems to get a lot of credit for opposing the former, but gets mocked when they say they would oppose the latter. But as far as I can tell, the legal argument is exactly the same for both situations: can the government compel Apple to add functionality that they do not want to add?
Apple’s plans seem creepy to me, but I have been less than impressed with the specificity of arguments against it. Most seem to stop at “what if the government forces them to expand it” without addressing exactly how, under current federal law, the government would do that.
For example, see this Twitter thread arguing that it would be very difficult for the feds to do that:
https://twitter.com/pwnallthethings/status/14248736290037022...
I don't agree with today's apple shift on encryption and disregard of privacy but we should also make sure not to hide the huge problematic that global interconnected networks have right now on vulnerable people, their lives and the lives of the ones around them.
be on guard against threat to privacy is important but maybe we should focus on finding solution for these problems too
I switched back from a Dell XPS 13 9350 running Ubuntu to a Macbook Air M1 quite recently.
- Lenovo laptops with Fedora preinstalled[1]
- Clevo and its HW customers: System76 and Tuxedo being the most notable ones (I think)
- Purism Librem 14
- Framework modular laptop[2]
Now I can’t help but wonder if this was all for show.
The government does break these laws to get what they want AND they silence the people that they force to break the laws.
Why are we pretending that anything has changed?
Why get mad at Apple if we have already conceded that they are powerless before the government in general?
It's not "the government". There are many governments around the world. What happens when China, Russia, or another country legislates using this technology for some other purpose. Those are big markets. Will Apple back out of them or give in?
They will give in, at least in China. They currently host all of their iCloud content in China on Chinese servers (and turn over encryption keys), they have banned all VPN apps from the Chinese app store, and they removed the Hong Kong protest app at the behest of the CCP. They will do whatever China tells them to, because, at least from their perspective, they have to. All their manufacturing is in China.
I can't even imagine an outcome where Apple doesn't start looking for pictures of tank man or anti-government images on Chinese citizen's phones. The Chinese government will hand them a list of hashes and say "these photos are illegal here, tell us whenever you find one". Maybe Apple will hold the line of "only photos uploaded to iCloud", but even then they just built the capability to scan everything on someone's phone, and the iCloud part is simply a switch that we have to hope they don't flip.
I'm trying not to be too hopelessly negative here but I can't believe Apple decided that encrypting iCloud backups is worth trading for a file scanner on your phone. What the fuck.
Is this meant as a rhetorical question? Because they are pretty different from both a technical and policy perspective.
Breaking encryption means the government can have access to everything without restriction. It also means there is a backdoor for others to discover.
This approach of matching signatures means that the government needs to have specific content it is looking to match. The government asks "does the device have this specific file" and Apple returns a yes or no. They can't do broad searches for unknown content. Apple also remains as the gatekeeper between its users and the government when it comes to extending the scanning.
We can still be against the latter while acknowledging that this isn't as scary a scenario as the former and therefore it isn't purely a legal question of which approach Apple would be more likely to accept.
Apple can’t search phones under the technology they announced, so the government can’t ask Apple for information about what is on people’s phones.
The government could only ask Apple to add hashes to an operating system that Apple runs. Structurally, this is the same as asking them to add functionality, which is what they objected to in 2016.
There is also a scope issue; if every iPhone has the same hash list, then the government is essentially fishing in everyone’s phone for a file. This is typically illegal. The government has to be specific about why they think a certain person/people have a piece of data before they can get a warrant to go get it.
Remember that (as the Twitter thread reminds us) the entire CSAM scanning effort is voluntary. The government is not forcing Apple to scan for CSAM, so how would they force Apple to scan for anything else?
search without reasonable cause is a violation of the 4th amendment and due process
Which is the point that you seem to largely be ignoring. Apple has its own motivations here and it isn't purely a question of what the government is forcing them to do. Apple knows that once encryption is broken, it is broken for everything. This new proposal is much more targeted and gives Apple control while also preserving their ability to say no on technical grounds for further privacy invasions. That is why they would prefer it over the previous government proposal.
I do believe we should be skeptical of these companies stated positions unless we can see a profit motive. The previous stance that Apple said they had was "we value your privacy and you should pay us for that".
They also demonstrated in the case in 2016 with terrorists and the FBI that they meant it.
In this case, they have flipped entirely, and are now adding features without being compelled that subvert that stated goal.
Apple will scan your phone/data without a warrant AND report to the government now. This is their public opinion now. Forget their compelled and forced actions. Now they are proud to be the bad guys.
> With Apple's system, a single false positive would never even leave the device.
"Apple's system" may change overnight and signal every single match, however. They likely will, if they ever start believing that false positives are de facto impossible.
Apple is adding a much more private way to scan your iCloud photos only.
"Google's system" allows your data to be misused by anyone who can get a warrant.
Also, I have huge doubts that Google is reviewing the data to be sure it isn't a false positive before handing it over to the authorities.
They very famously refuse to hire expensive human beings when flawed machine learning algorithms are cheaper.
"Apple said that while it does not have anything to share today in terms of an announcement, expanding the child safety features to third parties so that users are even more broadly protected would be a desirable goal."
https://www.macrumors.com/2021/08/09/apple-child-safety-feat...
Do you really think they would go to all this trouble and then say oh you don't want to get scanned? Just turn off iCloud photos.
https://www.macrumors.com/2021/08/09/apple-child-safety-feat...
Citation needed.
Apple has made no such claim and has made it clear that if you turn iCloud photos off, nothing is scanned.
>If users are not using iCloud Photos, NeuralHash will not run
https://techcrunch.com/2021/08/10/interview-apples-head-of-p...
Unlike Google, they set up a system where no data hits Apple's server unless multiple images match known examples of kiddie porn.
But Google steps on your privacy in so many other ways, it's probably not worth defending this one technicality.
They have literally said exactly that.
>Q: So if iCloud Photos is disabled, the system does not work, which is the public language in the FAQ. I just wanted to ask specifically, when you disable iCloud Photos, does this system continue to create hashes of your photos on device, or is it completely inactive at that point?
A: If users are not using iCloud Photos, NeuralHash will not run
https://techcrunch.com/2021/08/10/interview-apples-head-of-p...
Apple has merely developed a way to scan the contents of their cloud in a way that keeps the data about false positives off their servers until they are reasonably sure there is an issue. (Multiple images must match known examples of kiddie porn before a human review is triggered)
Scanning on the server itself is way less private.
With Apple's system, no data hits their servers until multiple images match known examples of kiddie porn.
If there is a single false positive, Apple won't even know about it.
You can't provide data you never had, so Apple's system is much more private.