this post was submitted on 04 Sep 2023

160 points (97.6% liked)

Technology

58061 readers

31 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

160

Apple’s Decision to Kill Its CSAM Photo-Scanning Tool Sparks Fresh Controversy (www.wired.com)

submitted 1 year ago by [email protected] to c/[email protected]

25 comments fedilink hide all child comments

all 27 comments

sorted by: hot top controversial new old

[–] [email protected] 83 points 1 year ago (2 children)

Man, I remember the controversy when this initiative launched. Can't please anyone, it seems.

[–] [email protected] 36 points 1 year ago (2 children)

I never supported since it was on device and given this is the US hashes to spot "extremism could be added" given apple doesn't know what the hashes are.

[–] [email protected] 28 points 1 year ago* (last edited 1 year ago)

No you're wrong.

They are not cryptographic hashes. They are "perceptual" hashes or "fuzzy" hashes. They're basically just a low resolution copy of the original image. It's trivial for an attacker to maliciously send innocent seeming images that are a hash collision. This is, by the way, a feature not a bug. Perceptual hashes are not designed to perform a perfect match.

There are plenty of free white-papers on how perceptual hashes work, and Facebook's implementation is even open source.

Apple said they tested 100 million perfectly legal images and three had collisions with a CSAM perceptual hash. When you consider how many photos Apple was proposing to scan (hundreds of trillions of photos) that means thousands of false positives would have occurred even if nobody maliciously abused the system.

And because of all that - Apple was planning to do human reviews of every photo. They would, therefore, have seen every match (and every false positive). It couldn't have been hidden from Apple.

[–] [email protected] -3 points 1 year ago (1 children)

What makes you day apple didn't know what they are? Is this a thing that happened that I'm not aware of?

[–] [email protected] 12 points 1 year ago* (last edited 1 year ago) (1 children)

If they only get the hashes supplied, Apple can't tell why they're bad files.

[+] [email protected] -5 points 1 year ago (2 children)

[deleted]

[–] [email protected] 27 points 1 year ago (1 children)

Nobody cared it was running on iCloud. People cared it was going to be running on their phones, scanning literally everything they had.

[–] [email protected] 10 points 1 year ago

THIS. I don't care/I don't mind companies like Apple or Google using this scanning technology for cloud-based storage services like icloud or google cloud or whatever. But I do not want this creepy surveillance shit on my personal device. Because sure, one day they say that it is used for CSAM. It's not long before it gets expanded to other stuff like climate crisis protesters/activists or LGBTQ+ content (which need I remind you is illegal in some countries!) or other subjects that the government isn't a fan of.

[–] [email protected] 15 points 1 year ago* (last edited 1 year ago)

The consumer is not at fault for believing their personal data on their own hardrive, in the phone they paid for, should not be seen by anyone but themselves if they do not choose it to be.

It's not the consumers fault for believing this to be the case given this is how computer technology always worked.

Their only fault is for using Apple, when Apple has gone to extreme lengths to blur the line between what is your and what is theres, and effectively makes it impossible to keep things on your phone only on your phone unless you opt out of iCloud entirely. iCloud is so integrated, it's not clear to the user that everything on the phone is also on the cloud, and therefore not private.

[–] [email protected] 77 points 1 year ago (1 children)

There are two types of people in support of this scanning: technologically illiterate or malicious.

Either way, keep your invasive scanners off of my shit.

[+] [email protected] -57 points 1 year ago (5 children)

I understand why people want privacy and it’s legitimate. As an honest citizen I’d want that too.

But, as a policeman in a country without a dictator, I feel also really frustrated to know that a pedophile or any criminal is able to escape justice because the encryption is good enough.

It’s always difficult to find the right balance. Especially because some governments are corrupts and trying to eliminate political threats.

[–] [email protected] 52 points 1 year ago (1 children)

What about people who keep paper magazines of printed porn? I guess it's really frustrating how too good a lock and key of an apartment is? We should really outlaw locks and keys that the government can't open at any moment, with no notice. Search warrants should be unnecessary.

Disregarding whataboutism about much larger problems, specifically here, about something like the church.....

[–] [email protected] 17 points 1 year ago (1 children)

And don’t even get me started on how hard it is to have 24x7 cameras installed in every room of every household. It’s so frustrating to not be able to just know what everybody is doing all the time!

[–] [email protected] 2 points 1 year ago

Police cameras, you say?

[–] [email protected] 25 points 1 year ago (1 children)

I feel also really frustrated to know that a pedophile or any criminal is able to escape justice because the encryption is good enough

How do you know something that's provably false? Pedophiles who evade justice are not doing careless things that need end to end encryption, like backing up their porn to iCloud. The problem doesn't start or end with encryption. The policy is entirely about privacy and has nothing to do with protecting children.

[–] [email protected] -1 points 1 year ago (1 children)

I totally agree about privacy, but I can’t agree when some people are thinking every government is trying to do mass surveillance and has evil thoughts.

Online criminality is kind of new and internet can’t just be heaven for criminals.

It’s about finding a right balance between all of these things and remembering that most citizens are honest.

And, despite the fact that some people here just seem to hate the police no matter what, it’s also important to be able to investigate on the web.

One day, these people could be the victim of someone and they would be probably really happy if there was a way to catch these criminals.

That being said I don’t know what the perfect balance is and I’m trying to be open minded about it.

[–] [email protected] 2 points 1 year ago (1 children)

I'm actually interested to hear what you think is the right balance. I'm personally of the conviction that the public's privacy trumps the needs of law enforcement. Where does the balance lie, for you?

[–] [email protected] 2 points 1 year ago (1 children)

I don’t know what the right balance would be.

I think I’d trust my government and my police (which I work for) enough to have a lot more cameras in the streets. But I wouldn’t want that to happen in a totalitarian country.

Personally, I wouldn’t want my devices to be scanned by whatever program, but I wouldn’t mind if what was coming in and out of my computer was scanned to prevent organized crime in a certain way.

But only because to communicate I’m using installations which don’t belong to me, but to the phone company.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago)

I think the problem with this is assuming the incentive is to do good for humanity. That’s never the case, or better saying, that’s never what prevails. Possibilities are always gamed to profit or power gain. The same way a medical system is corrupted so that surgeons make unnecessary surgeries to earn more regardless of the risk you take (in a context where medicine is all about human life, hence “good”), I don’t trust any organization scanning everything you do and everything you have for the “good of humanity”.

Even science institutions have been turned into tools for power, despite modern science starting as a method for curious people to understand the world and sharing their discoveries with other like-minded people.

[–] [email protected] 7 points 1 year ago

Ah, but as a citizen who doesn't trust the police or the government even without a dictator. Cops lie all the time, on camera, here. Thankfully everyone sees why this is a gross invasion of privacy.

[–] [email protected] 5 points 1 year ago

Would you be in favor of mandatory explosive implants in the brain that can only be activated by police? Consider all the crimes that could be stopped dead on their tracks.

[–] [email protected] 1 points 1 year ago

“Some governments.” Government is corruption. How much varies, but if given leeway they all go the same direction.

That’s you, by the way—the hand of corruption. Respectfully.

[–] [email protected] 20 points 1 year ago

Scanning everyone's photos is a clear invasion of user privacy.

Not scanning everyone's photos means people retain privacy, and bad actors may then have content that we, as a society, agree they should not have.

These two things are at odds, so any solution is a compromise (or at least, a choice of one thing over another), and either will always be controversial. It's not just photo scanning that falls into this, but also things like VPN usage -- really, virtually anything that lets users retain privacy could also be used for nefarious purposes.

Personally, I don't want to live in a world where everyone's photos are scanned, because I am vehemently opposed to that level of surveillance and believe it would lead to profit motives (e.g. better ad targeting). I do hope there is another way to curb CSAM content, but ultimately I don't see mass surveillance as viable.

[–] [email protected] 20 points 1 year ago

This outrage is going to be had by several people who want protection of children who had monsters do a terrible thing to them and who exacerbated the situation by uploading it to the cloud, which makes sharing it easier. However, these people aren’t seeing the bigger implications of this. I don’t really think many of the people that are against CSAM scanning are against protection for children or prevention of the very thing this is designed to prevent, myself included. However, what people are against is the scanning of material on your phone (which is what Apple proposed). People don’t want pictures scanned on their phones, even if it’s only as those photos will be uploaded to the cloud. Several companies were doing the scanning after the content was placed on the cloud, which many people against the previously mentioned scanning were in favor of. Apple, who is not in favor of scanning of your cloud data, was against this, which I think is admirable.

The fact of the matter is that scanning data for any purpose is at odds with the protection of your privacy. I, for one, am in favor of privacy protection. And although at times it may seem like people are against things like the protection for children, the fact is we’re actually in favor of protection for everyone.

[–] [email protected] 18 points 1 year ago (1 children)

Nonpaywall version: https://archive.ph/udnOc

[–] [email protected] 2 points 1 year ago

Thank you!