undefined | Better HN

0 pointsjrockway4y ago0 comments

Apple's using my electricity and my silicon to call the cops on me. We have no idea what hashes they're checking images against; we can't see the raw data, and we can't see the hashes, and we can't see what they're sending to their servers.

There is no technical reason why this needs to exist. If they want to scan iCloud photos for something, they can do that on their servers. iCloud is not end-to-end encrypted. Law enforcement can do whatever they want with the data you send there. Since they chose the client-side route, they have to be up to something, and it all smells very fishy. Today, they say it's for CSAM. Tomorrow, it will be for any discontent against whatever government wants to oppress its people this week -- and as time goes forward, that is not just third-world countries where you don't live, it could be your own.

Do you really want to explain to the police at your door at 3:30 in the morning why you read a website called Hacker News? This is the first step towards that reality.

Imagine I wrote a program that contained the phone numbers of people I don't like. The database is encrypted, and the only way to see if you're on that list is to install the app on your phone. The app does two things -- nothing if you're not on my list, or it sends me your location (at your expense!) if you are. Would you install that app? Absolutely not, that would be crazy. But that is basically what is bundled into iOS now.

I really like my iPhone and iPad Pro. I like how Apple handles privacy in general. But I can't accept this. It's a step too far. You don't have to draw the line there, but I draw the line there.

0 comments

21 comments · 6 top-level

zepto4y ago· 8 in thread

> iCloud is not end-to-end encrypted

Yet. Have you considered that this might be a necessary precursor to making iCloud e2e?

dont__panic4y ago

If the goal was to make iCloud e2e, why not release both features at the same time so people can see that they're codependent (in Apple's eyes)? Without any kind of announcment or promise of e2e iCloud, we're just speculating for possible reasons why this might be OK. Might as well guess that this is going to allow Apple to give us free iCloud storage, too, while we're coming up with wishlist features.

zepto4y ago

> we're just speculating for possible reasons why this might be OK.

Sure. All the statements about why it’s not ok are also just speculation.

> why not release both features at the same time

That’s not how Apple typically works. They release a feature, try to make sure it works as expected and only then release the features that depend on it.

benhurmarcel4y ago

Then doesn't that seem hypocritical to you to defend dropping Apple right now for the imagined future possibility that all local photos could be scanned (instead of just the uploads)?

AbjectFailure4y ago

There’s little point in E2E encryption if snooping is moved outside of either end. This measure is only necessary for implementing E2E in iCloud insofar as it allows the feds to do the very thing I want E2E to prevent them from doing in the first place.

It’s as if USPS invented a new type of envelope that is physically impossible to open for anyone whose name is not written on the outside of it. Just one caveat: before they’ll give you any of these envelopes, you must allow them to read the letters being put inside.

If your concern is someone intercepting your mail before it gets to its intended recipient, this is great news. If your threat model involves federal agencies reading your mail, you’re no better off than you would be without these fancy new envelopes.

zepto4y ago

> if snooping is moved outside of either end

Yes, but this isn’t snooping.

1 more reply

nottorp4y ago

Necessary ... for the US government? Definitely not for me.

IncRnd4y ago

Scanning people's on-phone photos clearly has nothing to do with being a precursor to e2e encryption. The photos get transferred either way, so one has nothing to do with the other.

hkt4y ago

Except for giving the authorities a way in to replace the one they're losing.

1 more reply

anonuser1234564y ago· 5 in thread

> But I can't accept this. It's a step too far.

So turn off iCloud photos?

novok4y ago

For now. We see the direction apple is moving.

anonuser1234564y ago

The direction of not letting people store child porn on their servers? That's pretty much what everyone in the cloud space is doing already.

This service exists so Apple can E2EE your data while still placating DOJ.

1 more reply

AbjectFailure4y ago

Why should Apple let pedophiles store CSAM on iPhones just because they’re not uploading it to iCloud Photo Library? It’s morally reprehensible to not disable that flag when it’s such a simple thing they can do to catch so many more criminals!

skinkestek4y ago

This is obviously sarcasm but I'd preface it with an explanation since HN is multicultural and not not everyone here is brought up to catch it effortlessly.

Edit: The point here is that even if Apple tries very hard to make this be only about photos about to be uploaded to the cloud, if the percentage of phones that turns off iCloud storage increases as a response to this new "snitch-on-me" feature that will be a very good argument for law enforcement to ask for a list of IMEIs that are not using iCloud, and it will also tempt them to demand that Apple start scanning all files.

anonuser1234564y ago

You own your iPhone. Apple owns iCloud servers.

It's very simple. You want to upload images to iCloud? Then let your phone scan it and upload it. You don't want your images scanned? Don't upload them to iCloud.

1 more reply

scoopertrooper4y ago· 2 in thread

> Apple's using my electricity and my silicon to call the cops on me.

Okay.

> We have no idea what hashes they're checking images against; we can't see the raw data, and we can't see the hashes, and we can't see what they're sending to their servers.

Apple is getting the entire image regardless, this happens as part of the iCloud upload process.

> There is no technical reason why this needs to exist. If they want to scan iCloud photos for something, they can do that on their servers. iCloud is not end-to-end encrypted. Law enforcement can do whatever they want with the data you send there. Since they chose the client-side route, they have to be up to something, and it all smells very fishy.

It's a hell of a lot cheaper to distribute the load onto the device than to do it on GCP. However, this whole line of thinking is ridiculous, iOS is your operating system, it can send what it likes where it likes without you knowing about it. Why does this particular thing cause concern?

> Tomorrow, it will be for any discontent against whatever government wants to oppress its people this week -- and as time goes forward, that is not just third-world countries where you don't live, it could be your own.

> Do you really want to explain to the police at your door at 3:30 in the morning why you read a website called Hacker News? This is the first step towards that reality.

https://www.txstate.edu/philosophy/resources/fallacy-definit...

> Imagine I wrote a program that contained the phone numbers of people I don't like. The database is encrypted, and the only way to see if you're on that list is to install the app on your phone. The app does two things -- nothing if you're not on my list, or it sends me your location (at your expense!) if you are. Would you install that app? Absolutely not, that would be crazy. But that is basically what is bundled into iOS now.

Again, your overlooking the fact that this app is already coming from Apple the company that made iOS. They already control your phone, why would they need some additional app?

troyvit4y ago

> iOS is your operating system, it can send what it likes where it likes without you knowing about it. Why does this particular thing cause concern?

Then I guess it's not my operating system after all.

jlbang4y ago

From the Slippery Slope page, their first example of a false slippery slope: "We can't permit the sale of marijuana by doctor's prescription, because that will lead people to believe it's an acceptable drug; this will open the floodgates to the complete legalization of the drug for use by every pothead in the country."

Umm... that happened.

Spivak4y ago

Your line is the maybe pennies of electricity over the lifetime of the phone? Weird. I can totally understand your line being the CSAM scanning itself but you seem to be fine with the exact same scanning being done with even more opaqueness and less transparency because it's done server side.

I also get the slippery slope thing since you don't really have any control over what your device does but that's been true since forever. Running some scan() method and posting matches to a URL is something that literally could have been done in the last 10 years. It's not like this tech is magically enabling something that wasn't possible before.

And I do get the using your resources argument but iPhones have had integrated DRM since forever.

The thing I don't get is why now? Surely you should have left ages ago?

gjsman-10004y ago

Apple could scan on the cloud. Rumor is that Apple wants to use E2E on iCloud, and this is a necessary step to shut up the government's biggest critique of E2E and deploy it before the government can figure out a different excuse. We'll see if that pans out.

jasonlotito4y ago

> This is the first step towards that reality.

You know, I could respect your opinion that this is where you draw the line, but you ignore all of Apple's history if you think this is the first step. This isn't the first step, this isn't the first chapter, this is at best the middle of the book where the plot twist happens.

No, this is clearly no the first step. This is the first step you chose to see the reality of the situation. You'll look back and you'll see how everything was paved with good intentions and how people sounding the alarm were ignored.

This isn't the first step.

j / k navigate · click thread line to collapse

0 comments

21 comments · 6 top-level

zepto4y ago· 8 in thread

> iCloud is not end-to-end encrypted

Yet. Have you considered that this might be a necessary precursor to making iCloud e2e?

dont__panic4y ago

zepto4y ago

> we're just speculating for possible reasons why this might be OK.

Sure. All the statements about why it’s not ok are also just speculation.

> why not release both features at the same time

That’s not how Apple typically works. They release a feature, try to make sure it works as expected and only then release the features that depend on it.

benhurmarcel4y ago

Then doesn't that seem hypocritical to you to defend dropping Apple right now for the imagined future possibility that all local photos could be scanned (instead of just the uploads)?

AbjectFailure4y ago

zepto4y ago

> if snooping is moved outside of either end

Yes, but this isn’t snooping.

1 more reply

nottorp4y ago

Necessary ... for the US government? Definitely not for me.

IncRnd4y ago

Scanning people's on-phone photos clearly has nothing to do with being a precursor to e2e encryption. The photos get transferred either way, so one has nothing to do with the other.

hkt4y ago

Except for giving the authorities a way in to replace the one they're losing.

1 more reply

anonuser1234564y ago· 5 in thread

> But I can't accept this. It's a step too far.

So turn off iCloud photos?

novok4y ago

For now. We see the direction apple is moving.

anonuser1234564y ago

The direction of not letting people store child porn on their servers? That's pretty much what everyone in the cloud space is doing already.

This service exists so Apple can E2EE your data while still placating DOJ.

1 more reply

AbjectFailure4y ago

skinkestek4y ago

This is obviously sarcasm but I'd preface it with an explanation since HN is multicultural and not not everyone here is brought up to catch it effortlessly.

anonuser1234564y ago

You own your iPhone. Apple owns iCloud servers.

It's very simple. You want to upload images to iCloud? Then let your phone scan it and upload it. You don't want your images scanned? Don't upload them to iCloud.

1 more reply

scoopertrooper4y ago· 2 in thread

> Apple's using my electricity and my silicon to call the cops on me.

Okay.

> We have no idea what hashes they're checking images against; we can't see the raw data, and we can't see the hashes, and we can't see what they're sending to their servers.

Apple is getting the entire image regardless, this happens as part of the iCloud upload process.

> Do you really want to explain to the police at your door at 3:30 in the morning why you read a website called Hacker News? This is the first step towards that reality.

https://www.txstate.edu/philosophy/resources/fallacy-definit...

Again, your overlooking the fact that this app is already coming from Apple the company that made iOS. They already control your phone, why would they need some additional app?

troyvit4y ago

> iOS is your operating system, it can send what it likes where it likes without you knowing about it. Why does this particular thing cause concern?

Then I guess it's not my operating system after all.

jlbang4y ago

Umm... that happened.

Spivak4y ago

And I do get the using your resources argument but iPhones have had integrated DRM since forever.

The thing I don't get is why now? Surely you should have left ages ago?

gjsman-10004y ago

jasonlotito4y ago

> This is the first step towards that reality.

This isn't the first step.

j / k navigate · click thread line to collapse