I understand people's objection with Apple's on-device implementation of this scanning, but that didn't seem to be parent's objection. I was just trying to clarify.
This is in essence the problem with the new on-device initiative from Apple (calling it a tool is rather misleading).
If allowed to go forward, it is only a matter of time before the capability is expanded.
So it's a big no to the scanning capability, you would think that Apple had gotten the message by now.
And the other initiative is also open for abuse, by allowing the device administrator to spy on the user. Admittedly not as bad as the on-device scanning.
I hope this is a case of Apple delaying it long enough to silently cancel the feature or completely change it to not be on-device scanning rather than Apple delaying it long enough to be well out of the news cycle and silently enable it at a later date. Both features mentioned have potential for abuse and create an adversarial relationship with ones own device so I'm not sure what they do to implement them without these remaining concerns.
It has always been technically feasible for them to have software on the phone that scans everything on the phone. I don't see how this changes anything. Apple is trying to avoid scanning in the cloud so that the data can be E2EE and not subject to being stolen by someone that gets access to their servers somehow.
now that apple has shown the world that Pandora's box is open it is a foregone conclusion that on device scanning will be implemented on android as well. and not just for images of course, but all device contents.
apple:
- “Let us be clear, this technology is limited to detecting CSAM [child sexual abuse material] stored in iCloud and we will not accede to any government’s request to expand it,”
also appel:
- “These decisions are not always easy, and we may not agree with the laws that shape them,” the company said. “But our priority remains creating the best user experience without violating the rules we are obligated to follow.”
the on-device method will 100% absolutely be abused in due time. apple will simply claim it is a new system, not the previously used CSAM method, and then hide behind their "lawful obligation".
It’s a lie to say they are scanning the device, when you know that are only scanning files that are uploaded. We know now that you understand both this distinction and what Apple is actually doing, so it’s clear that you were lying.
My understanding is that on-device scanning was meant to prevent an argument from {government, law enforcement, 'think of the children' types} against E2EE solutions.
Apple's solution for a lot of things in general, is to favour on-device solutions.
Correction, Apple has given no public commitment to completely shelve their on-device scanning. There's no guarantee they won't try boiling the frog with their CSAM scanning plans.
I didn't realise that theres no requirement to scan. So I'll yield on that.
But its still possible that Apple are preparing for a scenario where it does become a requirement in the future.
As for the E2EE part, I can't imagine that this wouldn't be launched with E2EE alongside, otherwise theres literally no point whatsoever, they could have just done the scan on iCloud.
As for why this combats 'your data being whisked away', check the technical documentation. What they're doing with Private Set Intersection and Threshold Secret Sharing are clear steps to make this system unexploitable, anonymous, and so that it doesn't leak any metadata whatsoever.
I also believe Apple doesn't really want to scan your photos on their servers. I believe their competitors do, and they consider this compromise (scan on device with hashes) is their way of complying with CSAM demands while still maintaining their privacy story.
It’s not only a matter of Apple’s openness about it. It’s the fact of what they’re announcing.
reply