this post was submitted on 01 Sep 2023
165 points (100.0% liked)

Privacy Guides

16826 readers
2 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] rikonium@discuss.tchncs.de 17 points 1 year ago* (last edited 1 year ago) (1 children)

Yes, however my (Others may have other concerns, this is just off the top of my head) chief concern was the breaking a major barrier - in that explicitly user-hostile code would be running on the device itself, one I own. I’d say it’s more of the equivalent of club employees entering your home to check your ID prior to, or during your club visit, and using your restroom/eating a snack while they’re there. (scanning would use “your” device’s resources)

There’s also the trivial nature of flipping the require_iCloud_photos=“true” value to “false” whether by intention or by accident. I have an open ticket with Apple support where my Apple Maps saved locations, favorites, guides, Home, reports, reviews ALL vanished without a trace. Just got a callback today saying that engineering is aware of the problem and that it’s expected to be resolved in the next iOS update. I’m the meantime, I’m SOL, so accidents and problems can and do happen, nor is Apple the police.

And on top of that there’s also concerns of upstream perversion of the CSAM database for other purposes - after all, who can audit it to ensure it’s use for CSAM exclusively and who can add to it? Will those images from the device and database be pulled out for trials or would it be a “trust the machine, the odds of false positives are x%” situation? (I believe those questions might have been already answered when the controversy was flying but there’s just a lot of cans of worms waiting to be opened with this, as well as Apple being pressured to scan for more things once the technology has been made.)

[–] phillaholic@lemm.ee 6 points 1 year ago (1 children)

The CSAM database isn’t controlled by Apple. It’s already in use practically everywhere. Apple tried to compromise between allowing private encrypted image storage at scale and making sure they aren’t a hot bed for CSAM. Their competitors just keep it unencrypted and scan it for content, which last time I checked is worse 🤷‍♂️

[–] Natanael@slrpnk.net 3 points 1 year ago (1 children)

But Apple still fetches that list of hashes and can be made to send an alternative list to scan for

[–] phillaholic@lemm.ee 2 points 1 year ago (1 children)

It’s not very useful for much else. It only find known copies of existing CSAM. It doesn’t detect new ones. Governments could already force Apple to do whatever they want, so it’s a keep to say this is going to do much more.

[–] mahony@lemmy.world 2 points 1 year ago (1 children)

You go way out of your way to lick Apples boot here. With comparing hashes to whatever Apple wants/is told to, you can profile everyone, find leaked material the gov doesnt want you to have and so on. The fact that people just accept it, or endorse it is beyond me, but again, after the last 3 years I came to the conclusion that most people are scared to be free.

[–] phillaholic@lemm.ee 2 points 1 year ago (1 children)

While scanning for leaked government documents is the first thing I’ve heard that could be a problem for whistleblowers, I’ll point out this scanning tech is already in use in major cloud platforms and no government has forced anyone to do it. Having a database of all government documents like that wouldn't be trivial to put together either. It’s just not practical to be used that way.

I don’t care that it was Apple who did this, it presents a legitimate answer to E2E encryption of data while cutting many government arguments off at the legs. Without an answer we are closer to E2E being made illegal then we are nothing happening.

[–] mahony@lemmy.world 2 points 1 year ago (1 children)

Yes, thats why I dont use cloud and have a degoogled android. The problem is that this is a slippery slope. I can say I dont mind because it doesnt affect me, but step by step they outlaw anything else, even custom roms and alternative app stores. Either people are against it, or this will get much worse down the line.

[–] phillaholic@lemm.ee 2 points 1 year ago

I don’t think it’s a slippery slope. That ship set sailed when we started putting our data on other people’s computers. Your situation is extremely niche, not many are going to go through that effort.