undefined | Better HN

0 pointsfh93022y ago0 comments

Can you show a source for your iCloud backup CSAM scanning claim? These days iCloud supports E2EE so they have no ability to scan once you enable it.

Signal does not support any cloud backups and WhatsApp uses iCloud so this seems like a flawed comparison.

0 comments

fmajid2y ago

Straight from the horse's mouth:

https://www.apple.com/child-safety/pdf/CSAM_Detection_Techni...

"Before an image is stored in iCloud Photos, an on-device matching process is performed for that image against the database of known CSAM hashes".

Thus the scanning is done by your device against the unencrypted image before uploading it to iCloud. The fact they abandoned the plan is irrelevant, by considering it in the first place (and to a very high level of engineering R&D as evidenced by the document), they set a precedent and forefeited any trust. It's CSAM today, it will be mentions Winnie the Pooh mocking Xi Jinping tomorrow, and of abortion in Texas the day after.

Now, the only way I'd trust an Apple-mediated encrypted messaging service is if the clientapp is third-party and thus can't be backdoored retroactively if Apple feels it expedient to do so.

RedComet2y ago

Even with e2ee enabled for iCloud, Apple has access to hashes of the plaintext files.

j / k navigate · click thread line to collapse