undefined | Better HN

0 pointsPrimeMcFly2y ago0 comments

> "Apple" wasn't scanning your phone, neither was there a "backdoor".

Yes, you're right. But I've seen calls for phones to scan all content before being uploaded or encrypted, and it often feels, at least in some countries, that could still plausible happen. I suppose that's what I had in mind when I wrote my comment.

> But the exact same risk exists when you upload stuff to the cloud anyway and on an even bigger scale.

There's a difference with them actively doing it and announcing they are doing it, vs the possibility they are doing it silently without consent.

0 comments

theshrike792y ago

ALL cloud providers are actively scanning all of your content right now, unless you specifically encrypt it yourself.

It's a cost of doing business pretty much, you need to give the authorites access to customers data or they can go "but think of the children, there might be child abuse material in there!" and that's really damn hard to argue against.

Thus: checking stuff on-device and keeping the cloud locked so that not even the hoster can access it nor can they create a backdoor.

PrimeMcFlyOP2y ago

> you need to give the authorites access to customers data

At least some cloud providers require a warrant before doing so.

theshrike792y ago

Of course they need a warrant. Officer Johnson from Randomtown Alabama can't just call up Google and tell they want access to everything in GDrive :D

But the point is that if the data is fully encrypted, no warrant will help against pure mathematics. A cloud provider cannot give something they have no access to.

PrimeMcFlyOP2y ago

> Of course they need a warrant.

Right, but your post kind of made it seem like they didn't. And with the CSASM stuff, they didn't need anything to match hashes. So what happens when that gets expanded to other types of content that they still don't need a warrant for? Like torrent files?

> But the point is that if the data is fully encrypted, no warrant will help against pure mathematics. A cloud provider cannot give something they have no access to.

Agreed, but most don't use encryption, and should still have privacy rights for their data.

1 more reply

j / k navigate · click thread line to collapse

0 comments

theshrike792y ago

ALL cloud providers are actively scanning all of your content right now, unless you specifically encrypt it yourself.

Thus: checking stuff on-device and keeping the cloud locked so that not even the hoster can access it nor can they create a backdoor.

PrimeMcFlyOP2y ago

> you need to give the authorites access to customers data

At least some cloud providers require a warrant before doing so.

theshrike792y ago

Of course they need a warrant. Officer Johnson from Randomtown Alabama can't just call up Google and tell they want access to everything in GDrive :D

But the point is that if the data is fully encrypted, no warrant will help against pure mathematics. A cloud provider cannot give something they have no access to.

PrimeMcFlyOP2y ago

> Of course they need a warrant.

> But the point is that if the data is fully encrypted, no warrant will help against pure mathematics. A cloud provider cannot give something they have no access to.

Agreed, but most don't use encryption, and should still have privacy rights for their data.

1 more reply

j / k navigate · click thread line to collapse