[sushiburps]

Apple has through side channels leaked iCloud is the largest open host of CSAM among big tech. It's the only large provider that hosts images that doesn't automatically scan. The only difference is Apple wants to do it while leaving your photos in the cloud encrypted. This isn't rational, it's an anti-Apple culture war position.

[int_19h]

This entire argument is based on the premise that Apple only scans photos that the user has requested to be uploaded to iCloud, and will continue to do so.

I don't think many people believe that anymore. Not even the Apple's goodwill, necessarily - but that, once the system is in place and normalized, the governments won't mandate it and extend its scope by legislative fiat.

[snazz]

Are the photos in iCloud actually encrypted, though? As far as I’m aware, a government agency can subpoena them already. I’m not sure I agree with the slippery-slope argument, but I’m still failing to see how Apple’s current security model prevents them from performing the hashing on iCloud servers and avoiding all this drama.

[noptd]

And there's no reason they can't scan the images on their servers.

[_jal]

Can you point to any examples of these leaks?

(Edit: Thanks for the links.)

[shuckles]

It’s not a leak. It’s an observation from evidence that came out during discovery in the Apple vs. Epic trial that’s being reported now that it’s useful context: https://www.forbes.com/sites/johnkoetsier/2021/08/19/apple-e...

[sushiburps]

https://www.theverge.com/22611236/epic-v-apple-emails-projec...

#71, from the Epic v. Apple anti-trust trial discovery.

[diebeforei485]

That's referring to iMessage. Predators grooming children is not something the on-device photo library scanning is going to fix.

They could let users report such messages to Apple, but that requires having a team of humans to review iMessage reports.

[bigiain]

The CASM perceptual hash scanning is not the only new thing, there's also on-device machine learning algo used by Messages app attempting to identify "sexually explicit photos" as well:

"The Messages app will add new tools to warn children and their parents when receiving or sending sexually explicit photos. When receiving this type of content, the photo will be blurred and the child will be warned, presented with helpful resources, and reassured it is okay if they do not want to view this photo. As an additional precaution, the child can also be told that, to make sure they are safe, their parents will get a message if they do view it. Similar protections are available if a child attempts to send sexually explicit photos. The child will be warned before the photo is sent, and the parents can receive a message if the child chooses to send it.

Messages uses on-device machine learning to analyze image attachments and determine if a photo is sexually explicit. The feature is designed so that Apple does not get access to the messages." -- https://www.apple.com/child-safety/

While that's billed as "available for Family accounts in iCloud", so _probably_ opt in, it's another piece of software I never asked for and don';t want on the phone I bought.

[diebeforei485]

I'm well aware, and that's a good feature. I do think they should go one step further and give minors the option to report abusive messages (eg. sextortion).

[genewitch]

They could pay 10,000,000 total per year to 100 people and it'd be a rounding error, with their nearly 2,000,000,000,000 market cap.

[bigiain]

https://en.wikipedia.org/wiki/ICloud_leaks_of_celebrity_phot...

[diebeforei485]

I'd much prefer they scan their shared albums on the server.