[perihelions]

Is there perhaps an invisible anti-counterfeiting constellation [0] on the ballot? Have digital cameras started enforcing that type of optical DRM?

It's true the envelope's closed, but part of the ballot paper is visible through the transparent window.

Should the poster be worried about their smartphone reporting them to law enforcement?

[0] https://en.wikipedia.org/wiki/EURion_constellation

[randomhodler84]

Now that Apple has changed the rules, everyone should be under their impression that their phone is a cop and will snitch them out to the re-education board for punishment. This is reality.

[sneak]

Color printers already do this, embedding the device serial into microdot patterns on print-outs.

Scanner firmware won't scan currency, even if doing so is legal.

[causi]

I've never had an issue scanning currency. Some machines won't photocopy it.

[hkt]

It isn't reality.

But if it was, I would suggest using a different phone. Maybe a fairphone running /e/ - that's my setup, with almost exclusively open source software. I can recommend it.

[jodrellblank]

> "This is reality."

No, it isn't. Go learn about the system they built instead of posting fearmongering lies about it.

[marcinzm]

What they built is a way of scanning things on your phone and reporting that to Apple. The chance of multiple governments not passing laws eventually to force this into scanning for whatever they wish is low. Previously to this Apple could have fought back on privacy terms but now its argument will be much weaker.

edit: It's also a model based scanner so they scan for types of things and similar things instead of explicit copies of things. Which makes it an even more powerful tool for governments than a simple direct scanner.

[Retric]

All of which has been common for a long time. You where already sending your unencrypted phots to Apple, that’s the point when you should be concerned. Apple and all other service providers are required by US and most other countries laws to do searches on their servers.

The only difference is Apple is upfront about what their doing on iCloud where most backup providers are keeping silent.

Edit: iCloud data is specifically called out as available here: https://www.apple.com/legal/privacy/law-enforcement-guidelin...

[xoa]

>All of which has been common for a long time

No, this has never been done before.

>You where already sending your unencrypted phots to Apple

No, I wasn't. The whole point here is that Apple is not scanning server side, they've built the functionality to scan device side. You need never use iCloud in any way whatsoever in order for Apple's new scanning tech to be used against you. That is a major difference.

>Apple and all other service providers are required by US and most other countries laws to do searches on their servers.

No, they are not, even if that was the new thing Apple is doing which it isn't. If a company builds server-side scanning, then they may be required to fulfill certain requirements. But companies are not required to actually do that in the first place even if many choose to do so. Apple already did scan uploaded photos and voluntarily chose not to have E2EE for iCloud data in order to please law enforcement agencies, but that's a voluntary choice by Apple. This new client side scanning is a different beast. Please try to gain even the slightest fucking clue what you are talking about before spouting off on something so important.

Edit: to add for those interested in more details on the law, the federal reporting requirements are under 18 U.S. Code § 2258A [0]. What you'll see there is a "Duty To Report", and the reason for that is to evade Constitutional protections. If the government compelled companies to scan, as well as any legal challenges (by very well funded actors) and public blow back, as a practical matter those companies would become State Actors for the purposes of 4th Amendment evaluation. However, even if it's heavily incentivized so long as it's "voluntary" courts have repeated ruled that 3rd parties can do searches that would be illegal for the government, turn discovered evidence over to the government who in turn may then use it freely. Walter v. United States (1980, [1]) is a good example, covering the [righteous and just prosecution] of someone transporting "films depicting homosexual activities" after it was mailed to the wrong address and turned over to the FBI which I'm sure everyone here on HN would applaud and definitely is what they have in mind when they think of client side scanning in the US. Tim Cook is carrying on that tradition with Pride no doubt.

----

0: https://www.law.cornell.edu/uscode/text/18/2258A

1: https://www.oyez.org/cases/1979/79-67

[Retric]

> The whole point here is that Apple is not scanning server side

False. Apple complies with the laws pertaining to customer data and provides data as legally required. III. Information Available from Apple

J. iCloud

https://www.apple.com/legal/privacy/law-enforcement-guidelin...

> You need never use iCloud in any way whatsoever in order for Apple's new scanning tech to be used against you.

False. Phones don’t download the CSAM hashes so they can’t do device side scanning as they have nothing to compare the images to. Yes, the phone uploads a hash, but they also upload the unencrypted images along side it.

Thus the only thing that changes is Apple isn’t paying for the compute power to do the hashing. That and a tiny amount of extra bandwidth on uploading images.

PS: In response to your edit, perceptual hashes are a grey area. However, as long as a judge agrees they can very much just take down production systems when it pertains to a case. That’s a rather big stick to force compliance even if it’s not an explicit law it’s very much a consequence of it. Thus companies really don’t push back as some that have simply got raided.

[randomhodler84]

You are missing the point. It’s too easy to make excuses “for the children”. We are tying to fight against dystopia here, against a global technological panopticon. Even if this feature was made with entirely the best intentions, with the strictest controls and best audits — it’s still a cop in your pocket. And that cop always wants more. And more. History has demonstrated this.

[jodrellblank]

I don't know how you can fight against dystopia when you don't care about the difference betewen fantasy and reality.

[randomhodler84]

Fantasy is believing that granted powers will not be abused because the powerful claim they won’t abuse them. Yes, we extrapolate and this might seem outlandish to the naive. Some of us know how history rhymes and call out the patterns that are paving the road the hell.

[schroeding]

I just took a picture of every Euro banknote (which of course have EURion on them) in my wallet with my Poco Phone (which has the same MIUI version / camera app) and all photos are perfectly normal

But could of course be a special change in this Xiaomi model :-)

The german postal voting documents do, with 99,9% certainty, not include any EURion constellations (---and they have no window, the return address is printed directly on the envelope--- EDIT: they do in cologne! See [1], last image, sorry for the misinformation). Wouldn't make much sense, as the envelope is thrown away immediately and the inner letter (which is not the ballot) contains a unique number per postally voting citizen that's not trivialy guessable.

They are however made from non-bleached (only coloured) recycling paper, so maybe the camera is picking up some artifacts from the different visible paper fibers?

[1] https://imgur.com/a/SCHGo4N

[captainmuon]

Oh god, I am waiting for law enforcement to print this on their uniforms so they can't be photographed.

[perihelions]

Richard Stallman coined the term "treacherous computing" to describe things like this. Pity it hasn't caught on -- I think it should!

https://www.gnu.org/philosophy/can-you-trust.en.html [2002]

[petepete]

He's always right in the long run.

[monkeybutton]

Should pair well with playing copyrighted audio.

[soco]

If it was so efficient people marching at rallies would have used it already (on themselves I mean).

[myself248]

Looking at OP's photos, I can't discern any such markings.

[detritus]

I think you'd be surprised at how light and subtle these things can be. I remember seeing some on something printed back in early 2000s and they were yellow dots barely registerable under a magnifying loupe, never mind by eye up close.

Which, if the same sort of case here, makes the CCD(s) on the phone here particularly impressive.

[monopoledance]

There is something really scary about this being all secret functionality. How do I know my scanner/printer/camera/... isn't snitching on me when connected to the internet?

Also can I put those dots in any picture/document to mess with cameras/editing software? Or is there more than those few dots to it? Would be kinda useful for public images, to at least annoy some stalkers, impersonators and other creeps. Doing this all over the place could also really support open source projects like GIMP!