Apple doesn’t seem to do that covertly, what is wrong with blaming them when they actually do above things? This is a genuine question, because rn I see no issue with automated searching CP through their my iphone.

In theory, Apple could silently push above updates without any prior practice. Then why this issue became an issue only now?

Now, you might argue that this absolute power in this case is being used for good - but given the brush the US just had with accidental Nero, it’s worth being wary of how tools and powers might not only be used by current powers, but by future ones too.

If you don't want tools of mass oppression to exist, don't create them. (We are here now.)

The fight against Japan in 1945 was important, as is the fight agains child abuse today.

But we will have to live with the choises we make, in the short run like I wrote about above and also in the long run when a crazy president is elected like you write.

I actually trust local police and courts. But I don't blindly trust future police, future courts and future politicians.

And when it comes to multi national companies I trust them to maximize shareholder value, even if that means doing what China or Saudi Arabia wishes.

As a sibling commenter noted, we are long past that. I see points of all of you in this subthread and I agree, but this doesn’t answer my last question. Tools of mass everything are already here for more than a decade, ready to deploy and use. And when these are used to do an actually good thing (stopping dickpics to minors), everyone wakes up and blames them for the possibility that could always be deployed overnight without any prior notice.

You are forgiven if you have missed it but in the wake of Snowden Google and others have hardened their systems massively.

Signal, Matrix and others are actually making it hard to do dragnet surveillance.

> And when these are used to do an actually good thing (stopping dickpics to minors), everyone wakes up and blames them for the possibility that could always be deployed overnight without any prior notice.

Because boundaries have been overstepped again. This is a constant battle that we software people have with authorities :-)

There has been an informal truce that they leave our devices alone and we accept that they scan the cloud.

Now things are about to change and we'll respond. We've won before and I think we can do it again.

PS: There are always good reasons.

PPS: We won the last big one: Cryptography software was "munitions" and couldn't be exported until someone took it on them to make a book out of it, ship it to Europe and let cryptography people here scan it.

So according to the argument up front terrorists won, and I guess we should have a lot of problems now, but we don't have.

It all adds up.

But also this is a terrible argument. As a frog i will not wait until i am boiled to raise complaints.

Apple's ToS change with every iOS release. You have to accept to continue. Do you ever read them?

(More specifically, in the EU any terms/conditions imposed after sale of goods are non-enforcable).

So sooner or later, you probably need to accept them if you don’t want to be stuck with iOS 14 for the next 7 years.

I fully expect someone else does it now and I even think there exist GitHub repos or some SaaS or something (some tldr for eulas?)

(Today I more or less consequently don't read thenm because 1. as a European they aren't valid if they go beyond what European law allows 2. nobody can be expected to read those anyway and if I admit to reading them I just make my life harder.)

It is unfortunate because although the consequences are seismic the actual problem is subtle and abstract; and difficult to get people excited over. Basically, civilisations that protect the weak against the strong (and in this case, the strongest party is by far the government and the police) are more prosperous. The more the strong are empowered to act against the weak the worse the actual outcome gets. Although not on any one easy axis to measure.

I suspect part of it is that every political movement hinges on a small network of people organising it. These systems are fantastic plausible-deniability screens for powerful people to disrupt and destroy those networks to preserve the status quo. Like, for example, how China tries to operate.

You can see signs of similar systems developing in the US. Note that Trump then Biden were both the targets of official investigations (Trump-Russia, Bidan's son & Ukraine). That isn't going to go away, it'll probably be a long time before we see a president who isn't being investigated for something. The tools that people like Apple are building will be drawn in to the struggle, and not to promote truth or fairness but to destroy their support networks if they aren't friends of the Tim Cooks and Susan Wojcickis of the world. And make no mistake, powerful people aren't looking after your interests because you like the companies they run.

Plus on the way through they are going to be used to target minorities. That part is just sort of traditional, though incidental. Like when they decide to search people's phones for marijuana use but not cocaine and it turns out different racial groups use different drugs.

The only defence is blanket bans on activity that could be used to target people.

The system seems designed to make it hard to use it for anything else. How will a hash driven by a visual perception based neural net be used on ZIP files? How can you add ZIP files to your iCloud Photo Library?

Sure, Apple could possibly do any number of bad and worse things. It’s a matter of trust that every time we update our iPhones that the update doesn’t include a ZIP file scanner or a blasphemy-scanner. This has always been the case, even before the introduction of the CSAM voucher mechanism.

If you'll indulge me, would you bet $1000 that this style of scanning isn't expanded in the next 3 years to include non-CSAM content?

They are winning the battle in incremental steps, they have no need to rush.

I'm less interested in the actual bet. I'm more interested in trying to understand if we both think this system will eventually be abused.

If you WOULD take the 10 year version, would you take an open ended "some point in the future, this will be abused" bet?

I would probably also take a more broad version of that bet, if we agreed upon a good definition of "abuse".

10 years is tricky though, because this topic has a political angle about it.

I look at this stuff as a political move by Apple as much as anything else. There's a lot of political pressure around encryption, and the "think of the children" angle is very compelling for a lot of people. This CSAM voucher system is cleverly designed to handle that concern without compromising privacy or security for anyone who isn't uploading multiple previously-known CSAM images to their iCloud Photo Library.

How this political situation will unfold over the next 10 years is hard to say. I hope for the best. But it's important for threats to privacy and security to be challenged.

I have wished for more legitimate and valid criticism of this system. Almost every criticism that I've seen is based on plain misunderstandings of how the system works, which isn't helpful.

There is a system in place to make a 'backup' of the entire device to a remote server in place and has been in place on every iphone since October 12, 2011. The entire device is covered; logs, calls, messages, files, photos etc. Pandoras box has been open for 10 years.

It is called iCloud backup. If they want to repurpose an existing function against the expressed permission of the user to exfiltrate their data and use it against them, why not just use that instead?