Comment by themaninthedark

1 month ago

I am bit bit confused: Data is being sent to Apple, in such a way that it can not be traced back to the user. Apple does some processing on it. Then somehow magically, the pictures on your phone are updated with tags based on Apple's processing....but Apple doesn't know who you are.....

4 comments

themaninthedark

Reply
raincole  1 month ago

You joked, but you accidentally described what homomorphic encryption does. (if implemented correctly)

> Then somehow magically, the pictures on your phone are updated with tags based on Apple's processing....but Apple doesn't know who you are.....

Yes, this is the whole point.

kalleboo  1 month ago

There is a way to perform processing on encrypted data so the result is also encrypted and the person doing the processing never knows anything about the data that was processed on or the result (which can only be decrypted by the user with the original encryption keys)

https://en.wikipedia.org/wiki/Homomorphic_encryption

> Homomorphic encryption is a form of encryption that allows computations to be performed on encrypted data without first having to decrypt it. The resulting computations are left in an encrypted form which, when decrypted, result in an output that is identical to that produced had the operations been performed on the unencrypted data. Homomorphic encryption can be used for privacy-preserving outsourced storage and computation. This allows data to be encrypted and outsourced to commercial cloud environments for processing, all while encrypted

And the way the data comes back to you is via the third-party relay which knows your IP but nothing else

  • themaninthedark  1 month ago

    Ok, that's the step that was missing. I couldn't figure out how there was a benefit to the users without data being fed back and data can't be fed back without knowing some ID.

    So, while Apple doesn't know the ID of the person sending the data, they have a 'room number' that links back to an ID.

    If Apple were to decide to scan photos for pictures of 'lines of white powder' they couldn't tell the police your name but they could say that the 3rd party knows who you are.