[zpeti]

I really hope there is enough momentum to stop this. It's definitely the last straw for me in terms of apple products. I haven't bought a new iphone for 4 years, I'm slowly trying to switch to a lightphone (non smartphone). My mac needs a change but I will probably switch to linux.

It's absolutely ridiculous what apple has become. The exact opposite of what they used to represent, when I loved them. God rest Steve Jobs soul, his 1984 ad is exactly what apple is now. Screwed devs on app store, strongarmed into compliance, cooperation with china, worse and worse UX on phones, and now this...

Really disappointing.

[hughrr]

It’s too late either way. The fact that it even got this far through implementation says the vendor is not on my side. Not only that once capability is revealed it can be required by governments and manipulated under warrant. Particularly in some regimes, mine included, the vendor can be compelled to do something and not say anything. My comment doesn’t even cover how monumentally flawed the entire thing is either.

So I’ve been on the verge of doing this for years so this was the final push and motivation.

Yesterday I sold my iPad and Apple Watch. They are being shipped today. I’m just waiting on refunds on my AppleCare for my MacBook and iPhone now and I will sell them.

Yesterday I had a Nokia 215 arrive as a replacement phone. Also a monster pile of PC bits arrived which have been assembled into a Ubuntu running desktop. I am spending today migrating my data over carefully. When the MacBook sells I will buy a Nikon DSLR.

At the end of this I lose perhaps 20% convenience for an immeasurable privacy gain, lose a big chunk of the distractions from my life and end up with some cash left over which I will use to go on holiday.

The only thing I will miss is Apple Music but it’ll give me a chance to curate my music collection without distraction again.

[f3d46600-b66e]

How does Nokia 215 solve the problem? All messages, including any images, wi now go through the carrier's network (and the recipient's carrier) and be subject to intercept, analysis, and sale by those two entities.

I'm not sure how is that better?

Wouldn't AOSP/Lineage with Signal installed be better?

[ursugardaddy]

I don't know if the 215 supports tethering, but there are feature phones that do paired with a laptop or even something like a steam deck (running linux) is the way to go if you really need mobile internet

you get privacy and freedom from the smartphone-service-based-everything-forever lifesytle, it's nice

[hughrr]

I only need to make calls on it and send SMS. I never assume those are private.

[strzibny]

Carriers, at least in the Czech Republic, are very restricted in what they can do. Regular phone calls and SMS messages are much more private than anything else out there.

[ryan_lane]

It's not the carriers you need to worry about. Regular calls and SMS are absolutely not private.

[vel0city]

Before buying the DSLR, I'd recommend at least checking out the 1" sensor size market. These cameras still take excellent quality photos in a wide range of lighting conditions but are so much more compact than having an interchangeable lens system.

I sold my DSLR a couple of years after getting my G9x Mark II. The DSLR was always gathering dust compared to the G9x which with a small belt case could easily be taken anywhere.

That said these cameras are definitely not as flexible as a full SLR nor will you get the same performance. Its a large sensor when compared to a camera or other point and shoots but its still nothing compared to APS-C.

[dylan604]

There are plenty of Micro 4/3 sensors that have interchangeable lenses too though, so you don't have to be locked into a compact camera with built-in lenses. You can have the best of both worlds.

[noahjk]

I've heard good things about Panasonic's LUMIX G7, and it looks to be at a very reasonable price point. I personally use a Fuji X-T3 which is also more reasonably priced than full-frame, between that and Micro 4/3 price-wise. The main differentiators for a smaller sensor are low-light performance & dynamic range, but 99% of the time these won't matter. Megapixels shouldn't really even be considered - any of these cameras can take a photo to put on a billboard, DPI scales in relation to optimal viewing distance

[vel0city]

Agreed, those are also an excellent middle ground from a full-sized DSLR to a compact shooter but still give most of the performance and about all the flexibility of a DSLR.

[blacktriangle]

Even Apple Music has gone to shit. iTunes keeps managing to get worse and worse, and they're pushing hard to pretend you don't have your own collection to get you to buy into the subscription model.

At this point I'm going back to owning a seaparate dedicated music device that is totally divorced from the computer. There's just something intentional about walking over to a CD player or record player, picking out an album, and putting it on compared to mindlessly browing Spotify playlists.

[Cwizard]

I recently started looking into buying my music again since 90% of my Apple Music listen time goes to the same generic piano playlist. I figure I could have bought the playlist 10 times over by now... My question is where do you buy music these days? I would like it digitally but I would like to own it (no DRM stuff). Any suggestions on a good store to buy music online? Last time I bought music I did it on itunes...

[ryantgtg]

Bandcamp! No DRM, and also unlimited streaming of your purchases.

If most of your music is on major labels, then bandcamp may not be great for you.

I love it. I think I have around 300 purchases. It’s also great for discovering music. Much better than spotify in that regard.

[altantiprocrast]

https://www.navidrome.org/ might help

(I'm unaffiliated, just sharing)

[ryantgtg]

No sure if the parent (grandparent?) would find this helpful: but here’s the setup I use that provides a cool amount of options.

I use a Yamaha receiver (R-N803) that has their MusicCast software on it. And I use these various inputs:

- CD

- Phono

- USB. A little teensy usb loaded with music I’ve collected for the last 25 years - however, I’ve cleaned it up so it’s not filled with random things that makes my wife go “what is all this stuff! I just want to see MY music!”

- I have a Navidrome server running on a pi, with a hardrive connected to it. It basically contains the USB + all the other random stuff. This is played via the bluetooth input and Play:Sub app on my phone.

- Likewise I play the bandcamp app via Bluetooth through the receiver, and spotify as well (I mostly use spotify for listening to the back catalogs of established artists).

- Net Radio. Access thousands of radio stations, worldwide, that stream their service. It’s pretty cool!

There’s more. But, point is the setup is cool and diverse and it’s pretty easy to use.

[zpeti]

Great to hear someone else is doing the same. For me the biggest issue is I have young kids and the convienence of quick photo taking is good on a smartphone. Might look into pinephone or something similar.

[hutzlibu]

"Might look into pinephone or something similar."

Pinephone is my hope, too, but do not expect anything stable soon. That will take some time, probably years. It does not happen on its own, though, they need support now to make it a real alternative and not just a tinker toy.

[Fnoord]

There's like three major options if you want to run a FOSS smartphone, and I'll sum them up.

Pinephone: Cheap. The device isn't very powerful. With people coming from an Apple device, that's a problem.

Fairphone 3: Fair. The hardware isn't very powerful either, and the device is more expensive, but the product is better for the people who assembled it and the environment.

Librem 5: Open. Even more expensive than Fairphone, but the hardware features killswitches, and there's no binary blobs. Lacks the fair advantages Fairphone has.

Each of these can run a myriad of FOSS OSes from a deGoogled Android (ASOP-based fork) such as /e/ or Ubuntu or Debian/Arch/Ubuntu mobile versions or SFOS (Sailfish) community version (without Android emulation layer!), and each hardware and software has their pros/cons. I use a Fairphone 3 with stock firmware with a Pinephone as back-up phone (and have to use a Samsung flagship device for work). Previously I used a Fairphone 2 with LineageOS + microG (kind of like predecessor of /e/ before that took off).

PS: On the gaming side, I'm getting a Steam Deck. Its a bang for the buck compared to Aya Neo/Nintendo Switch/gaming smartphones). No, it isn't open hardware, but the device runs Linux and you get root on it, plus all the reviews (including Linus Tech Tips) are positive.

[hutzlibu]

"Fairphone"

It is nice the the fairphone trys to be nice and fair, but I would rather have a focus of a actual open phone under my control and they do not deliver this (not to blame them, the issue is hard). Fixing the global exploitive economy is a different issue and trying to solve everything at once is not working usually.

"Librem 5"

How useful is a microphone killswitch, if there is no killswitch for the speakers, that can be used as a microphone, too? And it would be news to me, that it is now completely free of binary blobs and their claims always felt a little bit dishonest to me. I recently read a interview by the former CTO that confirms it

https://www.phoronix.com/scan.php?page=news_item&px=Zlatan-T...

I would go with the Pinephone. For now I have a stupid samsung phone with facebook app preinstalled and unremovable, but have not yet found the time to try lineage with it.

[dahfizz]

> if there is no killswitch for the speakers, that can be used as a microphone, too?

I know that physically / electronically, a speaker is a microphone, but is there any way for someone to actually record sound through the speakers on the librem? There is a lot more to a microphone than just the diaphragm...

[Fnoord]

Pinephone is a certainly a good bang for the buck, but the hardware is nothing special, and the killswitches are DIP (better than nothing, like Fairphone's current iterations). If you want a cheap solution, this one's the one to opt for. Especially a good option for people who live in (relatively) poorer countries/regions than US or North/West-Europe.

A lot of people in our world simply cannot afford a Fairphone. I can, and I applaud the project, so I went for it. I also applaud the other projects, and remember that perfect is the enemy of good. That a Librem 5 isn't going to be perfect in terms of security, is OK. Its their first iteration (and they had various iterations of it, which lead to considerable delays).

There's also some keyboard smartphones such as Planet Cosmo Communicator and Planet Astro Slide. And some other ones as well such as F(x)tec (which is a good successor to Nokia N900). These are also niche, specific, with their hardware keyboard (which include custom layout such as Dvorak). But they can run alternative OSes, by default. I believe that, for me, this (hardware keyboard smartphone) is going to be the ultimate usability dream, if the keys are large enough. I previously owned a Nokia E71 and Nokia N900, before touch typing became the status quo.

> [...] I recently read a interview by the former CTO that confirms it [...]

I also backed Astro Slide (and own a Cosmo Communicator), and am disappointed with their hardware downgrade from Dimensity 1000 to 800. I hate it when promises are not kept. But it happens. As mentioned I owned a Nokia N900 previously, but I wasn't fond of the keyboard, so I hope Astro Slide's going to be better. And, given its like the Cosmo Communicator (which I am used to), I am confident it will be. The big disadvantage of Planet devices is their slow updates, and being reliant on Mediatek (MTK) which means EOL soon.

With regards to hardware keyboard I read Pinephone is planning such as well, which is great news because its otherwise such an affordable smartphone. Pine64 sells a lot of other cool FOSS stuff such as Pinecil and Pine Camera.

[fsflover]

> And it would be news to me, that it is now completely free of binary blobs and their claims always felt a little bit dishonest to me.

It's the only phone running FSF-endorsed OS without binary blobs, PureOS. It's recommended by the FSF [0]. More details here [1].

[0] https://www.fsf.org/givingguide/v11/

[1] https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque...

[marcosdumay]

> if there is no killswitch for the speakers, that can be used as a microphone, too?

Speakers can be wired to do that, but this is not something you can change with software.

[dylan604]

>phone with facebook app preinstalled and unremovable

I've never used a phone like this, but are you also forced to provide FB credentials during initial setup? If not, then is the FB app just being installed a privacy threat if it is never used? Is it still accessing information on the phone without being tied directly to you?

[m4rtink]

A slight correction about Sailfish OS - the official/commercial Android emulation layer is only available for officially supported Sony Xperia devices, as can be seen in the table on Jolla Shop:

https://shop.jolla.com/

I do have Xperia X & Xperia 10 II and can confirm Android emulation layern works very well.

You can run Sailfish OS on many other devices thanks to community porting work, but without support for the Jolla provide Android emulation layer. The devices will still run all the many native Sailfish OS apps + ARM compiled flatpaks just fine & the is community work in getting Anbox to run to provide Android emulation on the community ports as well. :)

[shadowoflight]

If one is okay with less-open hardware, the F(x)tec Pro 1 X seems to be a good higher-end smartphone that has a decent camera sensor, slide-out keyboard, AMOLED display, and can be ordered with either Ubuntu Touch or Lineage preinstalled.

It's at the top of my if-I-ever-jump-ship-from-Apple list of phones.

[Fnoord]

Yeah, I'm going for Astro Slide instead. I have used a keyboard similar to F(x)tec in past (the Pro 1 X is just a rebrand, btw) with Nokia N900 and Nokia E71. It simply does not type comfortably on such a keyboard, the keys are too small (there's always a learning curve with regards to layout as it is never 100% standard qwerty). If the Astro wouldn't be available I'm better off with touch type with a second screen as keyboard. Though, do see the Pinephone hardware keyboard link posted elsewhere in this thread. It seems to be akin to the Astro Slide. At least in spirit.

[hutzlibu]

That sounds quite good too. I like pragmatic approaches.

[squarefoot]

They have other interesting products on their site. I'm also waiting to decide if getting this Pinephone or waiting for a beefier one with more battery life (1), but I can wait since I'm not into smartphones. In the meantime I supported them by purchasing their solder iron, plus tips and other add ons, which works surprisingly good for the price, and I'll probably buy one of their SBCs. So if anyone wants to support them, there are other ways to do that.

(1) To Pinephone designers: I would absolutely love a 2cm thick Pinephone if that allowed some more speed and serious battery life. I'm serious about that; my current phone is a Nokia 8110 4G (the new "banana") which is 1.5 cm thick, and although the OS is a joke and I use it only for calls and as 4G access point for my laptop, wrt usability it's the best thing I've bought in years.

[fsflover]

> I would absolutely love a 2cm thick Pinephone if that allowed some more speed and serious battery life.

This is exactly what the keyboard mod is for. The keyboard has 6000 mHa battery (although it does not make Pinephone run faster).

[hughrr]

Fortunately mine are teenagers now so that bit of my life is over mostly. I only get photos of them lurking, hiding and giving me the middle finger and that’s about it :)

[asddubs]

well make sure to take plenty of pictures, you will cherish the memories of them lurking, hiding and giving you the middle finger for the rest of your life

[kowlo]

You may struggle to get the same functionality from a Nikon DSLR, but at least it has a better camera.

Are you switching from a laptop to a desktop machine? Do you have no use for the portability anymore?

[hughrr]

I still have a company issued laptop (Windows based). I don’t need a laptop for personal stuff.

[beardedwizard]

If you value privacy you won't use a company laptop for personal business.

[hughrr]

Yes the two worlds are and always will be kept separate. I could have worded that better before.

I have a desktop (not laptop) for my own stuff and a laptop for company stuff and a dock and KVM setup for it.

I am not using the company laptop for personal stuff.

[thunfischbrot]

Doesn't that really depend on how you use it? They might have a separate user account or even a whole separate OS installed like I do, encrypted, and use only online services.

[amelius]

> It’s too late either way. The fact that it even got this far through implementation says the vendor is not on my side.

Can Apple force people to install this even on devices they already sold?

[tchalla]

If you don't use iCloud Photo Library or sync photos to the iCloud, none of this will apply to you.

https://daringfireball.net/2021/08/apple_child_safety_initia...

[mandeepj]

> If you don't use iCloud Photo Library or sync photos to the iCloud, none of this will apply to you.

Not true. They will be scanning your messages also for inappropriate content - https://www.apple.com/child-safety/

[kemayo]

That's also opt-in, though it's opted in by the parent of the child you're communicating with.

If you're talking to adults, or children whose parents don't want to use the service, you're not getting your photos scanned.

[MomoXenosaga]

Interesting, time for American teens to switch to WhatsApp, Telegram or Signal. Kids have sex life finds a way.

Has Apple thought this through?

[read_if_gay_]

If this technology is that easily circumvented then why is there an expectation that it will be effective at all?

[unstatusthequo]

The CASM scanning happens on device, right? At least so we’ve heard.

My sense is Apple is trying to keep CASM off their servers. Scanning phones before it gets there was their solution to what I assume is a government demand/ultimatum. “Do this or we repatriate your foreign entity taxes” or some other shit.

I too feel that Apple just caved and eroded trust that took decades to build up. The only way this gets sorted is the “screeching minority” continues to screech and brings other in. Notify state attorneys general, FTC, etc. will that do anything? Who know? My bet is that it’s the DOJ behind all of this.

Hopefully the plaintiff bar which are already preparing class action lawsuits will find a way to get documents in discovery that allude to government coercion. But then again I’m sure there would be a clever way those are not produced under some “national security” bullbaiting reason.

All we can do is try, and keep the pressure on.

[FabHK]

> My sense is Apple is trying to keep CASM off their servers

It could (maybe) also be a prelude to enabling E2E encryption for everything in iCloud.

[rahoulb]

As I understand it (and I've not spent too long on this, just picking at various articles) - there are two separate things at play here.

Firstly - CASM scanning is done via fingerprinting - the image is fingerprinted on device and when uploaded to iCloud that fingerprint is compared with the "dodgy images" fingerprints and an alert raised if a threshold of matches is reached (what's the threshold and with whom?)

Secondly - there is on-device AI image recognition - when you send an image to someone else (via iMessage or the share sheet) it is checked for nudity and if the iCloud account in question is registered to a 13-year old or younger, their parents are alerted.

In both cases the fingerprinting/scanning is on-device and is triggered by the images leaving the device.

[dwighttk]

It isn’t being circumvented. It is intended to work on photos that are uploaded to iCloud. If you don’t use that (via turning it off or via selling everything Apple and switching to Linux) then you aren’t using it.

[read_if_gay_]

No. The intent is not that it works on iCloud. The intent is catching pedos.

This is obviously not effective given that you can get around it that easily if you want to. Coincidentally though, it will be totally effective at surveilling the 99.999% that are normal users and won’t go out of their way to disable iCloud. The whole CP thing is such an obvious farce.

[tinus_hn]

The theory would be that many people are stupid. Of course we only know about criminals who get caught and that tends to be because they made a mistake, so it looks like most criminals are stupid.

[JeremyNT]

So, you trust Apple to install this spyware and only use it in the way they currently describe. Great!

But what happens the second they get an order from $GOVERNMENT that tells them to use the spyware to also look at other documents on the device?

I think it's pretty obvious what Apple will say. They'll say "OK." They have no plausible deniability to tell $GOVERNMENT to go pound sand - they have demonstrated the capability already! Telling the spyware to scan different files is a trivial change from a technical perspective.

[caymanjim]

They could have done what you describe at any time in history. This doesn't change anything in that regard. Either you trust Apple enough to use their products or you don't.

[adventured]

> They could have done what you describe at any time in history.

That doesn't make sense. The issue is that Apple is very publicly signaling they are changing their approach to privacy now. Companies change approaches to any number of things all the time, they're not static entities. As such you have to evaluate their nature as a consumer on an ongoing basis, not one time forever. It's true of food, it's true of consumer electronics, it's true of general product or service quality, it's true of privacy issues or censorship, and so on. Apple even knew the consequences ahead of time - per the insider notes - and don't care, they charged ahead regardless.

[m4rtink]

They could have done that any time because their code is proprietary, their hardware closed & won't boot code not signed by apple + they gate keep all third party apps from their walled garden.

It would be much harder for them to pull of if the system was open with user actually in control.

[amanaplanacanal]

So I guess the answer is “don’t”.

[hughrr]

No but they just refuse to service your updates without this enabled.

[amelius]

Even security updates?

[dspillett]

Probably, at least until someone successfully gets a court to say otherwise, by which time it'll be irrelevant because everyone will either have installed & enabled it to get the updates or (less likely given how entrenched many iDevice users have become) moved to other products.

And after the case to stop them refusing security updates for those without it installed+enabled, there will need to be another one to force them to allow it to be disabled, then a few circuits around the court of public tattle to make it really disable and not magically re-enable itself at random intervals.

[easton]

Interestingly, iOS 15 is the first version of iOS in history to be optional if you want security updates. You will be able to choose if you want to go to iOS 15 and get the new features (including the CSAM prevention stuff), or you can stay on a security update only channel for iOS 14 (for a unknown period, but I'd guess until WWDC 2022? N-1 seems reasonable).

https://www.apple.com/ios/ios-15-preview/features/ (under settings)

[cultofmetatron]

get the z5. I got it a month ago, its smaller and lighter than a dslr and the image quality has been excellent.

heres my photo gallery all shot with the z5

https://www.flickr.com/photos/193526747@N04/

[hughrr]

That’s actually what I’m looking at so far. Thanks for the gallery link - some nice shots in there

[f3d46600-b66e]

On a DSLR front: are there now DSLR/cameras that do the type of "computational photography" that pixel or iphones are doing?

Not having to edit the pictures is a huge plus, and JPG files in Nikon, even with dynamic range on, are pretty mediocre compared to Pixel phone.

[cultofmetatron]

Generally, if you are shelling out the kind of money for a dslr or mirrorless, you want control over the final image. I shoot in raw and tweak the images I like by hand in darkroom. Lightroom is another option if you want to support adobe.

It takes longer but the end result looks MUCH better than anything your phone can produce. That said, sometimes I just want to take a selfie and not fiddle too much. Thats when I use my google pixel.

[ValentineC]

What might be useful for the next generation of prosumer cameras is being able to capture depth data (which is probably the main differentiator allowing computational photography to work on smartphones), with editing tools like Photoshop eventually supporting it.

[cultofmetatron]

lidar builtin to the mirrorless that takes a depth would be amazing. not just for computational photography but also to make focusing way more accurate!

[hughrr]

You can post process that from RAW if you want to. I generally want people to not fuck around with my images before I get to do it though if I'm honest.

[Raed667]

I'm not really sure about feature phones either. Modern Nokia ones come preloaded with Facebook and Whatsapp.

[hef19898]

As soon as I have time it will be CalyxOS on my current Pixel 2. Once I got to update, no idea when, to a Pixel 5 I'm going to try Graphene OS. Oh, and Linux on my private laptop. I don't think you can do anything else to avoid FAANG's eyes. And MS's. Which sucks, I still remember when the only thing tp worry about was malware, not being spied upon by OEMs. Oh, and being spied upon by three letter agencies and their counterparts, but there is not much you can do about that either way.

[hughrr]

You can remove them from the screen and they are not used unless activated.

[Raed667]

Again why are they there in the first place? Also how many eyes are on KaiOS anymore? How sure are we of its sandboxing and all other security/privacy aspects?

[ayush--s]

why would you miss apple music? spotify wipes the floor with apple music!?

[darthrupert]

Sounds to me like you just wanted to buy a lot of new stuff.

[nyuszika7h]

I find it laughable whenever someone says "this is the last straw" because it just shows how incredibly misinformed they are.

Yes, backdooring E2E encryption in general is a bad idea. However, consider two things:

* iCloud Photos was never E2E encrypted in the first place. They already can scan your photos all they want server-side, and they have been scanning for CSAM since 2019, while Google has been scanning for it since 2009. Yes, if iCloud Photos were to become E2E encrypted leaving in a backdoor like this could be bad, but it's still the lesser of two evils. Would you rather they keep photos non-E2E forever and have even more unfettered access to them than a "backdoor" allows? It does NOT scan photos that are not uploaded to the cloud, despite being on-device. And it's important to note the threshold and manual human review system put in place before the authorities receive any notification at all.

* For iMessage, all this entails is warning children under 18 about explicit content, and optionally notifying parents if the child is under 13 and the parent opted in. (I don't think it even sends the photo itself to the parents, but that's not explicitly clarified anywhere.) At no point do Apple or the authorities learn the contents of E2E encrypted iMessages. (Also worth noting: if you use iCloud Backup, your messages are no longer E2E encrypted in the backup, as Apple holds the keys to that. This was true even before the new system was introduced.)

[RHSeeger]

> It does NOT scan photos that are not uploaded to the cloud, despite being on-device.

Yet. Once it's on the device, it's a MUCH smaller step to use it in other ways. It's certainly easier fro governments to argue that they should be able to force it to be used arbitrarily... you know, for the children/terrorists/etc.

> And it's important to note the threshold and manual human review system put in place before the authorities receive any notification at all.

Until it's not. Once again, once it's in place, it's a lot easier for malevolent actors (governments) to force it to be used other ways.

This a back door. Plain and simple. The fact that it's not _currently_ going to be used for evil (depending on your definition of evil) does not mean it won't be in the near future. Back doors are bad. How many times does this need to be said?

[avianlyric]

> Yet. Once it's on the device, it's a MUCH smaller step to use it in other ways

We crossed this bridge a long time ago. Apple already has on device Neural Nets processing everyone one of your on device photos. That’s what powers spotlight search and “photo memories”.

Simple fact of the matter is that this isn’t the top of some slippery slope, it’s half way down one. A slope we started down when we figured out how to put powerful Neural Nets on mobile devices in people’s pockets.

> Until it's not. Once again, once it's in place, it's a lot easier for malevolent actors (governments) to force it to be used other ways.

Which is why Apples current solution makes it cryptography impossible to decrypt photos until a large enough number of suspect photos have been uploaded.

[trangus_1985]

The key difference, of course, is that when the neural network classifies certain types of content, it doesn't forward it to a centralized server "for review"

[sharken]

And depending on that review you could find yourself on the other end of some "questioning" from law enforcement.

Yes, you might laugh and say that won't happen, but on-device scanning is the first step.

In less trustworthy countries it's not that farfetched to imagine what this can be used for.

So Apple must back down now or face the consequences in the form of loss of reputation and eventually loss of sales.

[treesknees]

> Yet

I keep seeing this jump. There's no evidence this will happen. Apple can already technically do anything they want to compromise the security of your device in the next software update, so could Google or Samsung or any other company. But when in Apple's history have they done this? There is zero reason to believe this is the next step other than speculation and fear mongering.

[RHSeeger]

> Apple can already technically do anything they want to compromise the security of your device in the next software update

But they're making it easier for governments to come along and force them to do more. Or even for themselves, but I tend to think they're less of an issue.

I know "it's a slippery slope" gets overused... but if you keep taking baby slips down that slope, it only gets slipperier. You should avoid taking as many of those steps as possible.

[ryandrake]

Anyone can imagine a hypothetical future feature and oppose it. What if Apple one day replaces all my music with Best of ABBA? That would be terrible, but they haven't done or proposed it, so why argue about it?

[emptysongglass]

Because that's not what's being argued here. Nobody in power cares enough to mass load ABBA onto your phone. But there's very powerful nation states who care, more than they care about anything else, to maintain power at any cost.

[sharken]

Could anyone have imagined law enforcement using Corona contact-tracing data for other purposes ?

Because that actually happened, and in a democratic country even.

So it's not hard to imagine what less democratic countries could demand of Apple.

https://www.abc.net.au/news/2021-06-29/queensland-coronaviru...

[nicce]

> But they're making it easier for governments to come along and force them to do more. Or even for themselves, but I tend to think they're less of an issue.

It is as easy as always been. Only problem is that this might give them new ideas. As the most of the politics are probably non-tech people, they don’t know what is possible.

For tech person, functionality like this (on-device scanning and flagging) is super trivial to add. Antivirus engines have existed decades.

[new299]

> Would you rather they keep photos non-E2E forever and have even more unfettered access to them than a "backdoor" allows? It does NOT scan photos that are not uploaded to the cloud, despite being on-device.

Yes I'd rather they do this. The fact that they're implementing on device checks doesn't suggest to me that they will be deploying E2E encryption. It suggests to me that they will be expanding on device scanning to all content in the future.

If they were going to make iCloud E2E encrypted, it would be a clear win to announce this at the same time as deploying on device scanning.

[nicce]

Their PR did not handle this well. If you look at the spec, new encryption level has been added, which allows access by Apple only if CSAM hash threshold is reached. It is E2EE with backdoor now.

[new299]

Unless you have a public reference, I really doubt this is the case.

Because they’d also need to be announcing that you can no longer reset your iCloud password and recover to a new device. And I’ve not seen anything that suggests this.

So I suspect it is encrypted at rest, with a key known to Apple as before as well as this CSAM approach.

[nicce]

There is public reference on Apple site[1].

Citing final phrase on the paper to TLDR their system:

> Apple is able to learn the relevant image information only once the account has more than a threshold number of CSAM matches, and even then, only for the matching images.

This applies only for images, so you can still reset your password. Technically, there are two layers of encryption on images. Regular server-side encryption and this "E2EE like" encryption, which allows access for CSAM matches in specific threshold.

[1]: https://www.apple.com/child-safety/pdf/CSAM_Detection_Techni...

[new299]

This document contains the following:

> As part of setup, the device generates an encryption key for the user account, unknown to Apple.

The question is, how is this generated. Can it be re-derived from information Apple has? If not, how will Apple handle cases where the user loses or breaks their device?

Is it derived from the iCloud password? Currently Apple can reset your iCloud password and restore access to your images. Will Apple no longer be able to do this in the future?

It’s really unclear to me, and I’d want explicit answers to these questions personally.

[charcircuit]

It's not a backdoor if it's a public part of the system / protocol.

[nicce]

Hmm... that is technically correct.

[Notanothertoo]

Exactly. This has all been done for 10 years in various forms.

[neilv]

I blew my entire weekend trying to move off iPhone, to something more trustworthy (a problem that's getting harder, because of some other things going on): https://news.ycombinator.com/item?id=28111995

[cheald]

I run CalyxOS on a refurbished Pixel device. Works great, very privacy-respecting out of the box. Good at being a device that you actually own.

[neilv]

Thanks, I was looking at CalyxOS, and plan to try that "next weekend".

[neilv]

In case anyone reads this thread later.. So far, CalyxOS is working out well. The hardest parts were buying a used device for it (uncertainty of getting a version with an unlockable bootloader, and having to avoid all the OLED display problems).

[cheald]

Chiming in with my own experience, as well. The two wrinkles I've encountered:

* SafetyNet doesn't work, as expected, which means no Google Pay. Nothing else I use has been impeded, though. * Chromecasting doesn't seem to be implemented in MicroG, so no casting content

Other than that, it's been solid.

[stemc43]

lineage os is what I use. oneplus devices are simply superb.

but you are forewarned - you can blew through way more then a weekend de-oppressing you digital life.

[neilv]

Exactly. I've invested an hour or two :) towards trying to have the tech I use be less-creepy.

It turns out that compromises have to be made. And it's also a moving target.

[GeekyBear]

>It's definitely the last straw for me in terms of apple products.

Google, Microsoft, Facebook, Twitter, etc. have all been scanning content for those same child porn images for darn near a decade now.

>The system that scans cloud drives for illegal images was created by Microsoft and Dartmouth College and donated to NCMEC. The organization creates signatures of the worst known images of child pornography, approximately 16,000 files at present. These file signatures are given to service providers who then try to match them to user files in order to prevent further distribution of the images themselves, a Microsoft spokesperson told NBC News. (Microsoft implemented image-matching technology in its own services, such as Bing and SkyDrive.)

"There are two opportunities to look at content," when it's going into a cloud-storage account and when it's leaving, she said. "There is technology to do this," Grant added, pointing out that file signatures — unique hashes or fingerprints — could be used to confirm the nature of the files.

https://www.nbcnews.com/technolog/your-cloud-drive-really-pr...

[hef19898]

Scanning on their cloud storage is different from scanning on users devices. The latter is opening a door to mass surveillance that wasn't even there before. That is the problem, not the scanning itself.

[GeekyBear]

The thing that is changing here is that the images are scanned on the device before being uploaded to the cloud, instead of being scanned on the server after they are uploaded to the cloud.

If it hasn't been a problem that Google has been scanning your cloud data for the last decade, it didn't suddenly become a problem now.

[hef19898]

The scanning was already a problem. A lesser one, as not using Google or iCloud avoided it. Now I can't, because technically Apple can now look directly at the phone. No idea hey it is so hard to get that difference.

[nicce]

You should note the fact that everything on closed systems is based on trust. Apple has had always the opportunity to look directly on your phone. That does not simply change overnight when they add some feature. And currently they scan only those images on-device, which would end up into the cloud. You can avoid this scanning by not using iCloud.

The feature what everyone is afraid of (scan all in my device), is super trivial to add generally. Company like Apple can push it to public in less like week regardless if this Child Safety came first.

This new feature is actually really hard to develop, because they try to create E2EE system with backdoor. And they want to lock themselves out of this backdoor to prevent misuse.

[GeekyBear]

Technically, Google can look directly into Android phones.

There is no difference.

[JackGreyhat]

How?

[JK_2234]

Comments from a different post shows this is "Presumably to implement E2E encryption, while at the same time helping the NCMEC to push for legislation to make it illegal to offer E2E encryption without this backdoor."

If this is the case, then It is coming to every device (not just apple) or E2E will be made illegal(or a backdoor).

[14]

End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, and even the provider of the communication service – from being able to access the cryptographic keys needed to decrypt the conversation.[1]

End-to-end encryption is intended to prevent data being read or secretly modified, other than by the true sender and recipient(s). The messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves.

Because no third parties can decipher the data being communicated or stored, for example, companies that provide end-to-end encryption are unable to hand over texts of their customers' messages to the authorities.

Would it even be considered end 2 end encryption based on this Wikipedia definition? I don’t think it meets the definition if apple can determine certain files exist in a conversation.

[Razengan]

This reads like a pre-prepared rant.

> It's definitely the last straw for me in terms of apple products.

Uhh and where else will you go where the grass is so much rosier privacy-wise?

[misnome]

> I'm slowly trying to switch to a lightphone (non smartphone)

[nix23]

Pixel4 with LineageOS (Non google apps) F-Droid and Nextcloud for Backup and sync....grass is rosy for me ;)

[JackGreyhat]

Same here. Doubles battery life too...

[nix23]

The Nextcloud-Client could be better, but i am pretty happy with my setup.