[aomobile]

Is Apple proposing anything? I think they are just going ahead with it

[ostenning]

Probably gaslight their users for the next 4 years and then backflip with a Key Note saying how they are revolutionising privacy by removing it

[hypothesis]

They are going right ahead with this and there is no stopping it. And, if history is any indication, we’re going to hear more of this when needed…

[1] https://www.theguardian.com/technology/2019/jul/26/apple-con...

[DavideNL]

Not in the EU, it will be blocked by privacy regulation..

[nicce]

Sigh… All these articles and demos are based on their old release, which is also emulated on onnxruntime. Who knows how they actually use it.

We should cool down a little and wait for the real system, before expecting anything from them. Let’s see then how bad it is, now we are just victims of speculation.

[JohnJamesRambo]

You are basically saying “Let’s just wait and let them scan our phones.”

[nicce]

At this point, it is hard to argue anything which sides with Apple, as the most have set their minds.

However, this is something which have been planned for years. Bad PR won't undo this, and stepping back is not happening overnight.

There is so much misinformation in this subject, because it is really hard to see the bigger picture. We are in this situation, because of the leaked information. Was it intentional for political reasons, who knows.

Apple is definitely going to announce some E2EE features very soon, such as backups in the next event. It is very hard to invent better system, than they have released now, to enable E2EE and apply CSAM scanning.

When you step into the Apple system (which is quite closed, and nobody really can make extensive review for it), you give all your trust for Apple. Whether this scanning happens on your phone, or in the cloud, it does not really matter, as long as the end result is the same (same files are scanned).

How about the abuse of the system? Prior on-device scanning, government could ask Apple to add feature for telling, if users have Winnie the Pooh images on their phone. (Could you spy for us?) After adding the on-device scanning, now they ask Apple to add this hash dataset to find Winnie the Pooh images. (Could you spy for us?) The question is still the same. Does some technical change affect for the managers and the chair?

How about forging CSAM images to make FBI to show up in the neighbors door? Not going to happen easily. The only problem here is to brute force their human review process. In that case, it is further double checked by NCMEC. But still, at first we need some hash which exist in their database, and secondly that image should be uploaded to iCloud. And not only once, 30 times with different hash.

[fragmede]

> which is quite closed, and nobody really can make extensive review for it

That's what Apple wants you to think, and they're very successful at marketing, but it's not really true. The jailbreak scene is not what it once was, but there are innards to Apple devices and services. Apple engineers put their pants on one leg at a time, the same as everyone else.

[nicce]

This is true, but there has been always a great delay on reverse process. One year can mean a lot in the current world.

[vineyardmike]

It seems that this is based of a github project that takes the hash algo directly from binaries in MacOS - so it is what apple shipped.

[matheusmoreira]

They're the ones who need to cool it with the global surveillance.

[smt88]

Test in prod? Wait until one of these false positives gets to court?

[echelon]

You mean let Apple slide here?