Apple Remains Silent About Plans to Detect Known CSAM Stored in iCloud Photos

[Unregistered 4U]

Anything that involves more than just them and they go out of their way to provide details on I tend to question. This feature smells funny....just as funny as some of the internal things that didn't smell right and were not. Apple is not your friend, nor are they concerned about your best interests. They care about themselves and their money before anything else. If they are pushing this its not because they care about the issue. They either are being forced to do in a scenario like the government telling them they are going to push for backdoor legislation and this was a compromise, or some other reason that benefits them or they are being forced to do. This benefits them somehow.

I know you will argue against this. But the reality is that Apple is seen differently when you go from being it's biggest fan to an employee and find out how much they really don't give a crap about us or doing the right thing. It's not the company you all hope it is. I learned you never should work for your heros.

I would only wonder why wouldn’t you question everything? Aside from those things that have an easily verified “physical” basis, I mean? If they say “iMessage is encrypted”, that’s just them and they don’t go out of their way to provide details. So, do you not question that?
Actually, I guess they do go into some detail.

How iMessage sends and receives messages securely

iMessage sends and receives messages securely in Apple devices.

support.apple.com

Does this reach the level of detail required to NOT trust them on this?

 

[BellSystem]

I would only wonder why wouldn’t you question everything? Aside from those things that have an easily verified “physical” basis, I mean? If they say “iMessage is encrypted”, that’s just them and they don’t go out of their way to provide details. So, do you not question that?
Actually, I guess they do go into some detail.

How iMessage sends and receives messages securely

iMessage sends and receives messages securely in Apple devices.

support.apple.com

Does this reach the level of detail required to NOT trust them on this?

I trust anything verifiable. I am automatically skeptical of anything that doesn't fit a normal progression or customer demand. I don't question their tech specs or how products work in general. If they say the government isn't monitoring/capturing traffic to their datacenters...I question that because they could easily be held in a mandate to say that.

But this thing sticks out from their normal methodology. It has zero benefit to them and isn't a selling point for the masses. In fact its a risky product that risks sales just around customer misunderstanding. For Apple to push hard against something that serves them no obvious benefit means outside pressure is involved. I've seen plenty of examples of that. They spent a lot of time trying to make it super clear which means they knew it was going to be a polarizing thing to do. Polarizing things are items they tend to avoid unless it's absolutely mandatory. So either the gov/law is involved as a compromise or something.....or someone on the board or Tim has an axe to grind. It screams that it isn't a choice.

Do I think they are intentianlly trying to be dishonest here? Not sure. There are some really crap people working in Apple that do things that do not fit the company ethos. But then there are people like Phil Schiller, that I have personally interacted with, that are genuine and really do care about people (inside or out). I had a huge problem once that nobody cared about for some reason....I reached out to Phil and he jumped in and solved it. He was way up the rung and could have just ignored me, but didn't. I ran out of options and he knew it. My issue was also a customer facing one and he was the only one that saw what I saw. If all the people were like him I'd trust everything they said (within reason), but they are not. I have had the misfortune of watching some really wicked people do some pretty heavy damage. Transparent to the customer, but not to the people involved.

 

[Unregistered 4U]

It has zero benefit to them and isn't a selling point for the masses.

I can see why you’d say there’s no benefit to them and not a selling point for the masses when they say there is a benefit to them and a selling point for the masses. Because, after all, that’s just them saying it’s a benefit to them and a selling point for the masses and if you don’t trust that and discount it, then of course there’s no benefit.

Phil Schiller, that I have personally interacted with, that are genuine and really do care about people (inside or out).

In the end, though, if he continues his employment at Apple knowing how bad it is, isn’t he a part of the problem by allowing it to continue and not addressing it with the full authority of his position? I mean, sure, that one time he helped one lower level person resolve a customer issue, but, at his position, he’s just picking and choosing issues to get involved in rather than improving the processes all around, which he has the power to do.

Think of it like this, if you’d been one of the many to send Phil Schiller an email and he DIDN’T reply (which is very likely the average case and not the exception), what would be your impression of him them? That he’s trustworthy, but just really really busy? I don’t think so.

 

[Scotticus]

My understanding was it's only on your device if you're using an iCloud backup with your photo library. Am I wrong or do you not have the option to not use iCloud backup with your photos app.

That's correct. Supposedly, if you're not backing up to iCloud, then it isn't checking. However, once this system is in place, do we really expect it to not be exploited by governments/hackers to peek at our data regardless of whether we're uploading to iCloud or not?

 

[Scoob Redux]

So, if there’s an “amber alert” and, via their security cameras, a retail business finds the vehicle in their parking lot, they should NOT report that to law enforcement?

Why would they? This isn't 1984 - we are not all obligated to assist the enforcers. Amber Alerts are one of the worst...convincing people that kids are being abducted left and right. It just isn't so. The vast majority of Amber Alerts are domestic disputes where the non-custodial parent is late returning the kid from visitation and it gets reported as "abduction".

 

[bsolar]

So, if there’s an “amber alert” and, via their security cameras, a retail business finds the vehicle in their parking lot, they should NOT report that to law enforcement?

They should be able to choose whether to take part in the law enforcement and report, or not.

In the US there is actually no legal obligation to report a crime unless you are directly asked about it during an investigation or fall under some "mandatory reporter" category, e.g. a teacher or medical care professional dealing with their charges.

Excluding those special cases, reporting a crime is a free choice, not a legal obligation.

 

[mdatwood]

That's correct. Supposedly, if you're not backing up to iCloud, then it isn't checking. However, once this system is in place, do we really expect it to not be exploited by governments/hackers to peek at our data regardless of whether we're uploading to iCloud or not?

The problem with this line of thinking is that Apple can already do what you're worried about. They control the entire software stack, and if they want to snoop on your phone they can.

Apple's new method here is more private than leaving all iCloud photos unencrypted and scanning once it hits iCloud (what's happening today on all cloud storage providers). In the all unencrypted scan scenario it's easier to change the database photos are scanned against, and it's possible for a warrant to force the release of photos. If Apples new method came out, the database is part of iOS releases and is supposedly auditable, and it would shut down warrant access (assuming E2E of iCloud photos came out soon after).

 

[StudioMacs]

And, considering that Apple has never said that iCloud Photos are end-to-end encrypted, that wouldn’t factor into this anyway! You moved the goalposts of iCloud Photos being end-to-end encrypted (and they’re not), I’m just moving them back to where they were to start with.

https://support.apple.com/en-us/HT202303

Apple says photos are encrypted In transit and on the server.

 

[mdatwood]

https://support.apple.com/en-us/HT202303

Apple says photos are encrypted In transit and on the server.

Correct. Unfortunately, not E2E. The speculation when all this originally happened was the new scanning method was a precursor to turning on E2E for photos. At this point we may never know.

 

[dk001]

The problem with this line of thinking is that Apple can already do what you're worried about. They control the entire software stack, and if they want to snoop on your phone they can.

Apple's new method here is more private than leaving all iCloud photos unencrypted and scanning once it hits iCloud (what's happening today on all cloud storage providers). In the all unencrypted scan scenario it's easier to change the database photos are scanned against, and it's possible for a warrant to force the release of photos. If Apples new method came out, the database is part of iOS releases and is supposedly auditable, and it would shut down warrant access (assuming E2E of iCloud photos came out soon after).

You should review the year old info. That is exactly what a few Nation States were looking into; how to leverage Apple’s design to mass search user devices.

 

[mdatwood]

You should review the year old info. That is exactly what a few Nation States were looking into; how to leverage Apple’s design to mass search user devices.

Once again, if the fear is 'nation state will force Apple to do X', then the game is already over. If you think a nation state will secretly get Apple to search for things other than the audited CSAM hashes just prior to going to iCloud, why can't they secretly get Apple to do that now?

I'm not trying to be reductive, but if the argument is we can't trust Apple, that means we can't trust Apple now. Which IMO is a better position than 'we can't trust Apple if this one thing happens'. It's like everyone already forgot about PRISM.

 

[BaldiMac]

Why would they? This isn't 1984 - we are not all obligated to assist the enforcers. Amber Alerts are one of the worst...convincing people that kids are being abducted left and right. It just isn't so. The vast majority of Amber Alerts are domestic disputes where the non-custodial parent is late returning the kid from visitation and it gets reported as "abduction".

Why would someone make up ******** like this about Amber Alerts? There's only 150 to 200 Amber Alerts per year in the whole country. They are only issued when law enforcement believes there is an imminent danger of physical harm to the child. Not because someone is late.

 

[dk001]

Once again, if the fear is 'nation state will force Apple to do X', then the game is already over. If you think a nation state will secretly get Apple to search for things other than the audited CSAM hashes just prior to going to iCloud, why can't they secretly get Apple to do that now?

I'm not trying to be reductive, but if the argument is we can't trust Apple, that means we can't trust Apple now. Which IMO is a better position than 'we can't trust Apple if this one thing happens'. It's like everyone already forgot about PRISM.

I hear you and this topic has arisen before. We know what we know. If that ability exists and is currently hidden ...

 

[Fat_Guy]

I believe Apple won’t bother scanning for CSAM without telling everyone first. There is more than one way to “skin that cat” if they so desire. Where are you going to otherwise?


Have your girlfriend send nude photos through the supposedly encrypted Facebook Messenger and watch the warnings pop up at your end. Let’s say she botched the encryption setup - still, it is unnerving to see this in action! Now I use Blackberry commercial grade security and so far so good. I hate to say this but if you don’t pay for it you are buying nothing. I simply don’t trust any free app that supposedly keeps your secrets secret. And everyone has something to hide - it’s called your God given right to privacy. You can go totallly open source with a Pinephone which is the only usable phone in this area; or you buy commercial grade security for businesses.




You get what you pay for!

 

[Unregistered 4U]

Why would they? This isn't 1984 - we are not all obligated to assist the enforcers. Amber Alerts are one of the worst...convincing people that kids are being abducted left and right. It just isn't so. The vast majority of Amber Alerts are domestic disputes where the non-custodial parent is late returning the kid from visitation and it gets reported as "abduction".

Because they want to? We know that they would even hand over their surveillance video to the authorities. That’s the reality of today, even if you really wish they wouldn’t.

 

[Unregistered 4U]

They should be able to choose whether to take part in the law enforcement and report, or not.

In the US there is actually no legal obligation to report a crime unless you are directly asked about it during an investigation or fall under some "mandatory reporter" category, e.g. a teacher or medical care professional dealing with their charges.

Excluding those special cases, reporting a crime is a free choice, not a legal obligation.

Agreed. And I would imagine that those who benefit from those “free choices” are happy for the involvement of otherwise unaffected persons.

 

[Unregistered 4U]

https://support.apple.com/en-us/HT202303

Apple says photos are encrypted In transit and on the server.

End to End according to that page means:
For additional privacy and security, many Apple services use end-to-end encryption, which encrypts your information using keys derived from your devices and your device passcode, which only you know.

So anything on that page that does NOT say E2E means that it’s NOT encrypted in a way that ONLY YOU KNOW.

Encrypted in transit and on the server means that anyone that doesn’t hold the key would have a more difficult time deciphering the data. Anyone with the key (in this case, Apple) would still be able to decrypt the images. They HAVE to be able to decrypt them in order to perform the CSAM scanning required by all image hosting companies.

 

[Unregistered 4U]

I believe Apple won’t bother scanning for CSAM without telling everyone first. There is more than one way to “skin that cat” if they so desire. Where are you going to otherwise?


Have your girlfriend send nude photos through the supposedly encrypted Facebook Messenger and watch the warnings pop up at your end. Let’s say she botched the encryption setup - still, it is unnerving to see this in action! Now I use Blackberry commercial grade security and so far so good. I hate to say this but if you don’t pay for it you are buying nothing. I simply don’t trust any free app that supposedly keeps your secrets secret. And everyone has something to hide - it’s called your God given right to privacy. You can go totallly open source with a Pinephone which is the only usable phone in this area; or you buy commercial grade security for businesses.




You get what you pay for!

To be clear, they ARE performing scans using the CSAM hashes on all the images they’re storing in the cloud. It’s a part of being an image hosting company, especially if you want to avoid prosecution. Apple would DEFINITELY tell everyone if they moved the hash scanning to the devices because it’d be a part of a big new privacy feature… E2E encryption for iCloud Photos. With that enabled, even if a government request came in, even if someone were to social engineer an Apple employee, they still wouldn’t get any images.

 

[bsolar]

Agreed. And I would imagine that those who benefit from those “free choices” are happy for the involvement of otherwise unaffected persons.

On the other side, sometimes involving the authorities does not lead to anyone's benefit, be it for a misunderstanding of the situation that lead to that involvement, malice, or just plain incompetence. The main issue is assuming the perfect scenario.

In your Amber alert example the idea is "there is an Amber alert, I call the police on that car and I will save a kid from being kidnapped", when the reality is maybe a custody dispute leading one parent to file a bogus a kidnapping claim that leads to the other parent and child being held at gunpoint and getting terrified at best, potentially wounded or killed at worst.

Suddenly getting involved turned from helping a innocent child to becoming the unwitting helper of a disgruntled parent wanting to harm o cause trouble to their former partner.

 

[ThunderSkunk]

Let’s hope this gets introduced. Harmful material and the individuals who share it could be held to account.

Better hope you don’t have kids that decide to be intrigued by sex and do their own research like I did when I was 13, bc I did not want to see pictures of older looking people, I looked for examples of other kids my own age. Luckily those were the days before the internet was just another extension of the police state.

This uninvited corporate/police intrusion into peoples homes and kids sexual development should wreck up a lot of families and ruin a lot of lives. And since that’s how Americans have to learn, by getting all ideological and bludgeoning themselves in the fervor & then forever trying to negotiate back down from there, then yeah, go for it.

 

[rme]

The CSAM scanners caught an evil pedophile!
"A Dad Took Photos of His Naked Toddler for the Doctor. Google Flagged Him as a Criminal."

https://www.nytimes.com/2022/08/21/technology/google-surveillance-toddler-photo.html

https://archive.ph/tL6wk

 

[dk001]

The CSAM scanners caught an evil pedophile!
"A Dad Took Photos of His Naked Toddler for the Doctor. Google Flagged Him as a Criminal."

https://www.nytimes.com/2022/08/21/technology/google-surveillance-toddler-photo.html

Article behind a paywall for me.
Google has something else running as this type is not CSAM.

 

[rme]

Article behind a paywall for
Google has something else running as this type is not CS

Thanks. Added an archive.

 

[pdoherty]

Well…. Basically, we need to look at the facts as presented. There are no facts to support the theory that hashing specific images identified as being a part of a child exploitation system will lead to anything other than what has been stated. Anything other than that is conjecture and a theory the government are conspiring to do more. Thats a conspiracy theory. People may not trust the government/s however people here claiming hashes will be used for other things as a certainty purely based on paranoia, not facts.

The reality, is that we know governments can tap any phones now anyway, if they choose. Such is the ability of government espionage. They don’t need hashing on files, just an imei & phone number.

So, because citizens didn’t push back to stop ‘The Patriot Act’ and its intrusions into privacy, you use that as a reason to not push back when they attempt it again?

 

[pdoherty]

Apple will always do what’s right for customers. Ignoring this serious and disturbing problem will never be an option for Apple.

Those who are doing nothing wrong have nothing to fear.

This is about protecting young children from disgusting abuse.

How does this CSAM thing protect any children from abuse? All it does is prevent (or catch) those who upload existing, already-known-offending, images. And that’s with the charitable assumption it’s never abused and no one ever gets setup using it.