← Back to context

Comment by Scion9066

1 month ago

From my understanding, it didn't scan all of the files on the device, just the files that were getting uploaded to Apple's iCloud. It was set up to scan the photos on the device because the files were encrypted before they were sent to the cloud and Apple couldn't access the contents but still wanted to try to make sure that their cloud wasn't storing anything that matched various hashes for bad content.

If you never uploaded those files to the cloud, the scanning wouldn't catch any files that are only local.

5 comments

Scion9066

Reply
mrshadowgoose  1 month ago

Your understanding is correct, as was/is the understanding of people critical of the feature.

People simply don't want their device's default state to be "silently working against you, unless you are hyperaware of everything that needs to be disabled". Attacks on this desire were felt particularly strongly due to Apple having no legal requirement to implement that functionality.

One also can't make the moral argument that the "bad content" list only included CSAM material, as that list was deliberately made opaque. It was a "just trust me bro" situation.

  • EagnaIonat  1 month ago

    > People simply don't want their device's default state to be "silently working against you

    That was the misconception of what was happening though.

    Nothing happens on your device. Only when it gets to the cloud. It just puts a flag on the picture in question to have the cloud scan it.

    Which is exactly what happens before Apple suggested it and happens now. Except it does it for all your files.

    > One also can't make the moral argument that the "bad content" list only included CSAM material, as that list was deliberately made opaque. It was a "just trust me bro" situation.

    CSAM database is run by Interpol. What evidence do you have that they are not being honest?

    • nullc  1 month ago

      The scanning and matching is performed on your own device, against a copy of the databases which is encrypted to protect apple and their data providers against accountability for its content. The result of that match is itself encrypted, owing to the fact that the database is encrypted. On upload the query is decrypted and if there are above a threshold matches the decryption keys to all your content are revealed to apple.

      Your phone is your most trusted agent-- it's a mandatory part of your life that mediates your interactions with friends, family, lovers, the government, your doctors, your lawyers, and your priest. You share with it secrets you would tell no other person. It's always with you, tracking your location and recording your activities. And in many cases its use is practically mandated. I think it's inappropriate for such a device to serve any interest except your own.

      While it is true that the original proposal operated only on images that you would upload to icloud many people assumed the functionality would be applied more widely over time. This article seems to have proved that point: Apple is now applying essentially the same scanning technology (this time they claim the databases is of "landmarks") to otherwise entirely local photos.

      2 replies →