It’s not because they don’t understand the technology. It’s because they’re trying to push their own opinionated agenda on others.
I’m not sure which is grosser? Apple pushing for spyware, or people opposing it have made some technical mistakes in the letter?
It’s ironic that all of the major Apple influencers are defending Apple. First, Apple is trying to gaslight opposing people as pedos, or screeching noises of the minority.
Now these influencers are doing similar things by labelling people as spreading misinformation. The problem is, most of the things in the letter are facts, which none is acknowledged.
I hope we can all agree the intent of the CSAM scanning technology is a good thing. Whether it turns out to be a breach of privacy probably won’t be known for some time, possibly years, IMO.
End-to-end encryption, by common definition, “ensures that a message is turned into a secret message by its original sender, and decoded only by its final recipient”. Apple has announced they will be installing technology to monitor the Messages app. And regardless of the reason why or how it will be used that will break E2E encryption. That is significant because up to now Apple has fought governments to avoid doing that.
The Times They Are a-Changin’
2 Likes
Well said, but what are we going to do to stop Apple from doing something so heinous?
- Spread the words. 2. Vote with our wallet.
Doing nothing is exactly what Apple expected people to do. Because people feel powerless and scared on these issues.
Is the general public going to be doing that in mass? Otherwise, it has no effect.
Caveats/disclaimers: I dislike this direction Apple’s taken, and generally agree with the caution folks are arguing for here.
It strikes me, however, that the root of the idea “I can’t trust Apple not to abuse this new system/service” is “I can’t trust Apple.” If that’s true, (a) it’s too late, and (b) the “new system” part of the idea is irrelevant. If you don’t trust a company, you probably shouldn’t be using it.
That’s not a critique—there’s plenty of reasons to be distrustful of big tech (and little tech, and everyone in between).
That said, this thread is about alternatives to iCloud, not about whether this new system is bad.
It is funny to me that one of the options is the Google ecosystem. With that in mind, this initiative has really weird timing. Apple’s under more scrutiny for antitrust/monopolistic tendencies than ever right now. This move really underscores how there aren’t really alternatives to big tech cloud services.
It seems like a bad move, perception-wise. Why draw attention to the fact that there’s nowhere for users to go at a time like this?
I realize I am inferring a few things from this sentiment, but I will still say this: please get vaccinated. The folks in my life who may die if you don’t will appreciate it.
1 Like
There’s no alternative to big cloud services for a reason. It requires an extreme amount of infrastructure for all of the servers.
1 Like
This could be said for anything on the social scale, no? Maybe just do nothing for environmental change, do nothing for racism, and do not vote?
My point is that I don’t see anybody outside of the tech community who cares enough to “protest” Apple’s decision.
I don’t think that’s the case. Most people used to trust Apple to do the right things. But this event has changed that.
It’s also not about trusting Apple entirely. It’s that Apple is putting itself in this position where it becomes much more difficult to refuse authorities on using this technology.
1 Like
The people working in this field (of which I am one) have known about and considered this “loophole” in E2EE for a long time. Pervasive encryption is one the reasons that we’re looking more and more at doing detection and response at the endpoint rather than from a place in the network.
(Neither defending nor supporting Apple here, just saying we’ve been thinking and talking about this for years.)
3 Likes
Technical understanding for the minute differences in what encryption, end-to-end encryption, key escrow, the secure enclave, or distributed neural networks actually means is not obvious to everybody.
Many do not follow Apple-specific tech news that deliberately as people that would sign up in a forum of mac power users. If you sit bubble-outsiders down and explain the pros, cons, and risks from my experience most will object.
Most do also not understand the state of what surveillance is possible with “big data” and especially with the assistance of ML. The sheer fact that the self-proclaimed “documentary” Social Dilemma had its viral 5 minutes and everybody seemingly was shocked, somewhat proves this.
Another problem is that people can not grasp 1) large-scale numbers and 2) exponential growth. Apple’s acclaimed “11 trillion operations per second” for the M1 sure sounds like a lot to everyone, but not many can picture what the implications are. Pair this with exponential growth for chip performance and you can only imagine what could be possible in 5 or 10 years in terms of real-time scanning/indexing. There is the possibility for something very grim.
However, if you as a tech-literate and knowledgeable person educate the people around you this could be stopped. Either by users boycotting/switching or there being legislative pressure. Just like the privacy of your home is protected in most countries, a right to digital privacy is needed more than ever.
5 Likes
Wake me up when something actually happens.
Sorry, I can’t travel back in time to do so.
Maybe 2015 (China’s social credit system), 2013 (NSA), or 1993 (clipper chip) would be a place to start if we don’t want to go back all too far.
6 Likes
This is again, not making any statement of support or detraction toward Apple for this, but: Anyone concerned that about a slippery slope should realize that this action by Apple has almost no bearing on that. The slope has always been there and Apple has always had the ability to put monitoring agents on our devices without our knowledge (especially on the i(Pad)OS devices.
Anyone concerned that a hostile government could compel Apple to hand over data about you should realize that’s always been the case. Nothing has changed in that respect.
What has changed is that Apple is being transparent and communicating that, only before you upload photo data to their servers, they’re checking to try to ensure that it’s not of a kind that is almost universally considered among the most heinous of data.
Also, Apple has been scanning your photos on-device for years. They do this to classify photos and enhance search and management, as we all know, but for some reason I feel the need to point out anyway 
From a practical privacy and security point of view, very, very little has changed except our perception and (it seems) a sudden awareness that this company can (like many others) have very deep access to nearly all of the data we possess.
The question should be asking is not whether our data is completely private (it’s not, and you can’t do anything about that (no, really, you can’t)) but instead, we should be asking (and demanding) effective governance and transparency around how our privacy is managed.
6 Likes
This is a much better-stated version of what I tried to say above!
1 Like
I always found the federated learning aspect of Apple’s NN indexing approach both interesting, yet concerning. I criticized from the start that there was no opt-out.
And of course, at some point all you have left is to trust when it comes to closed-source soft- and hardware.
I would love to see legislation that requires independent audits to be done for such features for every update. Yes, you’d also have to trust the auditors, but that would be a start.
1 Like
Open source, while theoretically somewhat better in this respect, is no panacea either. Ken Thompson’s Reflections on Trusting Trust is a classic and delightfully clever illustration of that: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
(I’ll concede that “delightful” is highly subjective 
)
Sure, as an individual that task is almost not doable. Yet, with over 1 billion devices, world-wide usage and subsequently interest in the matter, I’m sure the “hive-mind” would succeed.
Of course, one could argue that even all this would be noble, but still it is not guaranteed that the software actually shipped is the one that was open-sourced or audited …