Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Apple Has New Tools to Protect Children. But at What Cost? (nytimes.com)
23 points by aacook on Sept 3, 2021 | hide | past | favorite | 7 comments


I wish these articles also included the fact that other large tech companies are and have been doing this since around 2019.

CloudFlare as an example detailed this letter in a blog post in mid-2019 which also called out the 36 companies. CloudFlare then went on to implement the CSAM hashing tool in a blog called "Announcing the CSAM Scanning Tool, Free for All Cloudflare Customers" in December 2019. This was also discussed and applauded in HackerNews a few years ago.

See: https://twitter.com/mhkeller/status/1196818679683530752

Other large tech companies have something similar for a number of years. Apple have clearly been put under significant pressure about this. In more recent news, OnlyFans was under pressure from payment processors for not detecting CSAM content on their services, which is why they were removing adult content.


That CF tool is voluntary, it does not run automatically. Also, I haven't seen many people argue that CSAM scanning shouldn't happen on online cloud services. On local devices though? Massively over the red line.


You really do have to wonder why Apple are doing it on-device rather than in the cloud. As I don't believe iCloud is encrypted data at rest either.


Yeah super bizarre. A few weeks in, has anyone seen a good take on it being local besides the "it's because ECEE is coming" fanfic? Like why not do this in the cloud. Leave my device out of it.


Actually no sorry, upon checking iCloud data is E2E including both in transit and at rest. So it might be the only way in which Apple can do any scanning.


iCloud is not E2E, unless you consider "end-to-law-enforcement-to-end" E2E. [1]

In fact, Apple were going to do this but caved under pressure from law enforcement.

Imagine being an Apple engineer having joined a "privacy company" and then being forced to desecrate your users privacy in innumerable ways.

[1] https://www.howtogeek.com/710509/apples-imessage-is-secure.....


Apple's help page does not say that iCloud is E2EE, with the exception of certain services listed under the "End-to-end encrypted data" section:

https://support.apple.com/en-us/HT202303

The E2EE data includes Messages in iCloud (if iCloud Backup is disabled) and iCloud Keychain, but not Photos or iCloud Drive.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: