Hacker News new | ask | show | jobs
by bigyabai 2 days ago
> But how many users are legitimately capable of evaluating how privacy preserving a random Cloud AI provider is?

Probably the same number of customers that are legitimately capable of evaluating the privacy of Apple's PCC?

Let's not forget a tiny company called Apple that once proposed Client Side Scanning to "save the kids" by hashing your entire iCloud. Apple loves demanding the moral high ground to promote asinine surveillance mechanisms with no safety guarantees for their users. Senator Wyden is adamant that Apple colludes with the US government to surveil metadata and intercept Push Notifications. Apple's definition of "private" doesn't actually entail privacy at all. Many third-party services are better positioned to protect their users than Apple is.

So why should users defer to Apple's arbitrary definition of privacy? It's obviously bullshit. If you're a traveling journalist, protestor or dissident, you might end up like Jamal Khashoggi for trusting Apple's services to keep you private.
1 comments
theshrike79 1 day ago
Ahh, Apple's client side scanning - my favourite topic. The Internet collectively dropped their IQ to room temperature levels (in Celsius) when this was "discussed". I think I was one of maybe three people in the whole internet who actually read the papers describing how the feature works. The rest went with just the headlines and immediately sharpened their pitchforks and dulled their minds.

Let's go through the process in detail:

- IF you had iCloud syncing on (which meant your photos were on Apple's servers anyway) they would download a pre-generated set of perceptual hashes of KNOWN CSAM. Like actual child porn, vetted and verified by humans. Perceptual hashing is a fun tech, look it up, super useful outside of this context too.

- Then IF your phone, independently, with zero connections to the outside matched MULTIPLE (they didn't specify the exact count) known child pornography image phashes those would be uploaded to Apple's servers. There was some cryptographic boogaloo at this point too that mathematically prevented Apple from decrypting the photos without enough matches.

- Then an actual human would look at "reduced quality" (can't remember the exact term) versions of the matched photos and determine whether it's some dipshit / bad actor forcing fake matches with kitten pictures or actual CSAM material.

- If the human verifier confirms that the person's phone has actual confirmed child porn, the authorities would be contacted.

---

And the basic arguments:

"but muh privacy!" - You needed to have iCloud syncing enabled for this feature to be enabled at all. Your data is already on Apple's servers, they could just scan them there. But to do that they'd have to be able to decrypt them, which means the authorites can force them to do it too. Apple didn't want this. Thus: local scanning. You don't want your photos scanned, turn of iCloud sync. Done. Bad Tim Apple can't look at any of your photos.

"But what if I get multiple fake phash match files sent to me and I save all of them to my photos!" - then you'll inconvenience a human verifier for maybe 30 seconds. You won't get swatted or put on a list anywhere.

Oh and Apple already "hashes your entire iCloud" - also fully on device. That's why your iOS device runs hot for a week or so after installing a new major iOS revision. They run the fully local ML models on your pictures in the background and store them - also locally - to a database where you can go and search for "dog" or "receipt". Adding a phash to match to a local CSAM database is a non-issue at this point.

link