Will you leave the Apple ecosystem because of CSAM?

[leman]

I can certain say that don't like this development. Apple's approach is not unreasonable, but given the current political climate, I am worried about where this technology will take us in the future. After the recent Federighi interview, he some of the crucial points (reliability of CSAM hash sources, role of security researchers), I am willing to wait and see how the situation develops. As long as scanning is strictly limited to CSAM and iCloud uploads, I'm fine with it.

Leaving Apple ecosystem over this is IMO silly — what would that achieve? All other cloud providers already do SCAM scanning and Android + Windows are already more invasive in regards to privacy.

 

[Mattewes]

Personally I am not upset by this, and doesn’t feel like a step backwards from Apple’s privacy stance. I think the fact we need this kind of scanning is more upsetting than the implementation.
I think its worth noting the timing of this as well, it was always going to be divisive to bring out these measures, but if you are going to do something that you know will generate mixed press, at least do it just before the announcement of the new Macs and iPhones. Soon the wider world won’t be talking about this any more…

 

[jseymour]

I will not start to use Apple Pay because of this.

I stopped using Apple Pay and cancelled my Apple Card because of it.

Android is every bit as "polished" as IOS, and in fact, in many ways it is much better.

That depends upon how one defines "polish." Apple products are certainly much more well-integrated and work well together much better than Android products. Or at least any I've ever used. I'm going to miss that aspect of Apple products. But stand-alone? Yeah, I guess I could agree with that.

Android is certainly much better in some respects than iOS. E.g.: There are some apps (e.g.: WiFi Analyzer) that are simply not available for iOS. Period. They do not exist. I've an app on Android called Back Country Navigator. Awesome off-road mapping and navigation app. Out of curiosity I recently looked for it, or an analogue, on Apple's app store. Nope. Email clients. The email clients for iOS quite frankly all blow chunks. Android has K9 Mail, which rocks. I don't need a cloud service with Android. It's convenient, but I don't need it, because there are many ways to get photos, videos, and files on and off an Android device. iOS, not so much. I can put my music on an Android device and play it the way I want. Apple? Subscribe to iTunes or no music for you.

So, yeah, there are many, many advantages to Android. Apple's privacy policies and what I perceived to be their mildly better security used to trump those advantages. That no longer obtains.

Exactly. Most of us are well aware of the technical issues and lack of polish of the alternatives. But I used to look at Apple as “the lesser of evils” and this decision removes that. Not really worth the premium anymore for me.

This ^^^^^

iPhone XS Max + Watch 5 user. Previously Nokia user so no real experience of Android.

Samsung S21 is arriving today. Their new watch looks interesting but ...

Yeah... I won't be going with Samsung. I trust Samsung even less than I trust Google or, now, Apple. Haven't decided where I'm going for phone and tablet. For the watch I'm looking into a FitBit Sense.

Did you ever read ...

Actually, yes, I read all that stuff. I always have.

I no longer trust Apple. It's that simple.

And, again: You can keep insisting in-the-cloud scanning is the same thing as on-device scanning, but it will still never be true.

 

[VulchR]

This and a far lot worse is technically possible in the future. Do you stop it all now? What will you resort to?

Passing laws that preclude surveillance without a warrant.

 

[VulchR]

Apple has had on device scanning far before this moment. How do you know they haven't been reporting home? Did you just trust them? Also, since on-device scanning already exists, couldn't they then abuse that as well?

Also, before iOS 15, all Siri queries were handled on the server, and now they're on your device.

Well, if there was cause for distrust before, there is doubly so now. It's not just what Apple has done, but that they have provided a roadmap that they claim allows for surveillance without invasion of privacy. This blueprint can be used by authoritarian governments to detect just about any kind of forbidden content, possibly without the knowledge of mobile device users. I hope you don't blaspheme, criticise the government or religion, listen to radical music, view porn, or indeed high fashion, have pictures with faces of gay people, etc...

As for Siri, local voice recognition is useful for things like voice dictation. However, I rarely use Siri (or Alexa) to look up information, and then it is usually innocuous requests like 'What is the weather forecast?'. I consider my photos, on the other hand, far more sensitive and private.

 

[jseymour]

Well, if there was cause for distrust before, there is doubly so now.

Yeah, it's not as if Apple's had a lily-white reputation to date. They've been caught with their collective hand in the cookie jar several times. They've always gotten away with it (mostly) via a "mea culpa. we're sorry. we won't do it again" or "that wasn't what was really happening" or "It was inadvertent" and "sorry, we'll make it stop" kind of a thing.

People who love a thing are inclined to overlook the thing's flaws. So it's been with many Apple customers. So it's been with me.

Up until now. Now they've crossed a line. A very prominent line. There's no mistaking what they're doing. There's no mistaking it's intentional. They aren't getting a pass from me on this one.

 

[Brian Y]

Not because of CSAM, but I started leaving the Apple ecosystem last year. Was fed up with the walled garden, and how buggy it had become (the final straw for me was that iCloud photo library had freaked out, and I had to wait a week for a support ticket to get access to my photos).

It's been hard, and I can't completely go as I still have a Macbook for work.

My bottom line: I used to trust Apple. I don't trust them now.

 

[SamRyouji]

Well...Apple might implement this CSAM secretly behind our backs but they announced it instead. Maybe they're testing the water? Dunno.
.
I'm uncomfortable of this backdoor since the implementation and the system behind it is indeed a very slick and slippery slope. But I won't leave Apple just because of this one backdoor and Siri secretly recording my conversations for "better understanding of spoken language". Other systems have too many backdoors unnoticed. In today's era, if I want the utmost maximum privacy, I might as well go off the grid.

 

[CasualFanboy]

Can't a malicious hacker upload "bad images" to icloud on your behalf also? It works the same both ways.

Of course, malicious hackers can do a lot with the right skills, and damn near anything if those skills are combined with poor defenses and physical access.

BUT, at least then you're less likely to be personally targeted, and the information is less likely to be used in building a legal case against you.

And if a hacker somehow planted CSAM on your device, if you found it you could either delete or possibly report it yourself. With this scanning policy, someone could target you personally, and then make sure it was reported before you ever even had the chance to know it was there.

With this type of scenario, the danger to average people is being targeted by state forces or some other type of powerful rival. Most of the time when hackers exploit something for LULZ, they will do the same thing to a bunch of accounts all at the same time.

 

[leman]

Well...Apple might implement this CSAM secretly behind our backs but they announced it instead. Maybe they're testing the water? Dunno.
.
I'm uncomfortable of this backdoor since the implementation and the system behind it is indeed a very slick and slippery slope. But I won't leave Apple just because of this one backdoor and Siri secretly recording my conversations for "better understanding of spoken language". Other systems have too many backdoors unnoticed. In today's era, if I want the utmost maximum privacy, I might as well go off the grid.

That's what I am thinking as well. At least Apple puts a lot of effort in documenting these things. I don't like where this is heading but I am not ready to ascribe nefarious intentions to Apple.

At any rate, what all of this proves is that we can't leave these kind of decisions to private corporations. Privacy protection has to come from the legislators, and I think it's really frustrating how the governments are either completely incompetent and naive in these matters, or simply evil.

 

[leman]

Can't a malicious hacker upload "bad images" to icloud on your behalf also? It works the same both ways.

Major cloud providers already scan for CSAM, so this kind of attack is nothing new and certainly not unique to Apple. I was not able to find any evidence of such attacks being carried out en masse or someone getting into trouble because of child pornography planted onto their cloud storage.

 

[CasualFanboy]

That depends upon how one defines "polish."

Isn't that just someone with ancestry in Poland?

 

[dk001]

Someone calling it how it is, don't know why android users get offended when people say it's not as polished as iOS and tends to lag, even had people tell me they've left android because of the way it lags, had 3 family members android users switch to iOS recently, even they said iOS is more polished and doesn't lag like android, no shame in admitting it does happen.

Some of us get annoyed when certain folk try to treat Android as a single big bucket. It isn’t. Some even harp using Android comparisons from years past.

Right now running 12 ProMax and OnePlus 9 Pro side by side. Both have their plusses and minuses. They both are very good and very polished. It comes down to what flavor of Android you are running and on what device. If your new Android is lagging, that is on you and the device you selected.

Now back to our regilarly scheduled topic.

 

[dk001]

Yes. I guess my point was that my reasons for being against this are not a result of me having illegal files on my device.

Tbh, I'm less worried about a malicious hacker than I am a future iteration of this feature which looks at the photos in my 'memes' album and decides that they could be offensive to someone.

That is my biggest concern.
Apple cannot say “We won’t allow expansion of this feature” AND “We follow the legal law” and be correct. The two items are not mutually compatible in todays society.

 

[katbel]

My preferred answer would have been a mix
I will not feel comfortable, not rush to update to 15 and since a long time I’m only just sharing folders in photos, for other reasons though.
Definitely I hope they will tune it better but they are on a slippery slope with our privacy and lost my trust.
The big issue is that alternative are worse

 

[dk001]

That's what I am thinking as well. At least Apple puts a lot of effort in documenting these things. I don't like where this is heading but I am not ready to ascribe nefarious intentions to Apple.

At any rate, what all of this proves is that we can't leave these kind of decisions to private corporations. Privacy protection has to come from the legislators, and I think it's really frustrating how the governments are either completely incompetent and naive in these matters, or simply evil.

When you take a step back and look at these two functions Apple developed and documented, you see some very high quality work. Apple likely has no intention of misusing these. Other players however (LEO, FISA, Nations, etc…) are far more likely looking at this and planning how they can leverage this to benefit their operations and data collection.

 

[jseymour]

Apple cannot say “We won’t allow expansion of this feature” AND “We follow the legal law” and be correct. The two items are not mutaually compatible in todays society.

Precisely.

[N.B.: The following is purposely vague so as to avoid the thread being hauled off in a political direction. My apologies.]

In a particular U.S. state they passed a law increasing regulation on a certain type of product. Many owners of that type of product disregarded the new law, fearing what might come next. Sure enough: Soon that state passed a new law outlawing said type of product and requiring owners to... divest themselves of all products of that type. That, by all reports, was also widely disregarded.

Now imagine the U.S. government took the same measures as that one state, then instructed Apple "We require you to add signatures matching the profiles of common products of this type" to their scanning database. Voilà: Instant government surveillance enabled by Apple and users' very own "smart" phones.

Will it happen? That I cannot say. But can it happen? With the software Apple's adding to their OS' it most definitely can. My guess is it most definitely will.

 

[CasualFanboy]

Apple likely has no intention of misusing these

I disagree with this part, but definitely agree the greatest threat comes from state and multi-national agencies.

 

[dk001]

Precisely.

[N.B.: The following is purposely vague so as to avoid the thread being hauled off in a political direction. My apologies.]

In a particular U.S. state they passed a law increasing regulation on a certain type of product. Many owners of that type of product disregarded the new law, fearing what might come next. Sure enough: Soon that state passed a new law outlawing said type of product and requiring owners to... divest themselves of all products of that type. That, by all reports, was also widely disregarded.

Now imagine the U.S. government took the same measures as that one state, then instructed Apple "We require you to add signatures matching the profiles of common products of this type" to their scanning database. Voilà: Instant government surveillance enabled by Apple and users' very own "smart" phones.

Will it happen? That I cannot say. But can it happen? With the software Apple's adding to their OS' it most definitely can. My guess is it most definitely will.

Yeah. My first thought was FISA and a Gag Order.

 

[usagora]

I think the point here is that Apple is installing a backdoor onto your device. That means they can scan for any content they want. Currently it’s just iCloud Photos, but when they flip the switch on their servers, it can be anything.

I have no more concern that Apple will all of a sudden turn rogue than I do that my own parents will put a hit out on me for the right amount of money. But hey, it's technically possible, right? LOL!

Apple has ALWAYS had the ability to sabotage you if they wanted to - they could easily trick you into installing a "back door" without informing you or masking it in legalese and doing whatever they wanted. Yet Apple is being very up front about what they're dong, and people are acting like they're out to get them. I find that very odd.

 

[Jayson A]

I disagree with this part, but definitely agree the greatest threat comes from state and multi-national agencies.

That’s why they’re using 2 different sovereign jurisdictions not controlled by the same government to build the list from and only keeping what’s common between them. It’s an extra step to prevent inserting non CSAM hashes into the list. Then, Apple will only use I hash list for the world. They won’t have a separate one for China

 

[zkap]

There are layers to this. It is not a good direction Apple is taking and I am in the "Apple has lost my confidence" camp. Even with the people who cannot afford (for whatever reason) to leave Apple, it doesn't mean this won't have consequences.

Personally, I won't leave the Mac because between using Windows and having my privacy violated with Apple (even assuming that Windows provides supreme privacy protection), I would choose Mac with privacy violations. The thought of using Windows makes my stomach turn, so for the time being I am in the ecosystem.
With that said, I have lost all enthusiasm for upgrading or updating my iDevices. We are customers and we vote with our wallets. First and foremost, I won't be updating to iOS15 / Monterrey and I probably won't even install any security updates anymore.
As for hardware, I have an M1 MBP, XR and the 10.5 Pro. The current plan is to run those into the ground, whereas normally I would have an upgrade plan year-by-year and I would have upgraded to the M1 iPad Pro next year, with the new iPhone coming the year after. Now, I don't think that will be happening. I think with the XR and the 10.5 Pro, a battery replacement and staying on the current OS should mean I can continue using these for the next couple of years without a problem. In that time, I will see what happens with Apple's "privacy" and whether something changes for me or for them. I'll have plenty of time to contemplate this, but as far as staying up to date goes, that's on pause. No software updates anymore, no hardware upgrades, and I'll be on the lookout for other devices that could interest me.

For those who are bewildered at the thought of switching to Android, yes there is no privacy elsewhere, but as someone in this thread already said, Apple isn't worth the premium anymore. I think that's very important, because if I won't have privacy anyway, then I may as well pay less for a Samsung phone. I don't think it's merely about comparing privacy policies, but looking at the whole package and the thing with Apple is, that package is very expensive. This will make people rethink things, because some of those who are aware of this will inevitably ask themselves how it is worth it. The math just doesn't work for me anymore, I don't expect to have more privacy elsewhere, but I fail to see why Apple should charge me their premium now.

 

[PsykX]

You can keep insisting in-the-cloud scanning is the same thing as on-device scanning, but it will still never be true.

I'm genuinely curious to hear you about why on-device scanning is worse than in-the-cloud.

IMO in-the-cloud scanning is worse because a cloud is a black box, and the owner is the company behind it. They can upgrade their algorithms and add criterias whenever they want. They can get away more stealthily with doing more and more shady stuff with your data.

On-device : I own my device and I can decide to keep an old version of iOS if I don't feel comfortable with a new one.

 

[Mega ST]

On device you get their -coded- bad karma database forced on your device. Plus "your" device gets a parallel mind being remotely used by somebody else for his priorities.

 

[AbSoluTc]

It IS whining, what action are y’all doing to stop/voice you guys don’t like it? Are y’all selling your iPhones right this second? Most aren’t, are y’all making petitions? I haven’t seen a single post about one in here. it’s all bark in these posts and no bite. And yes I understand the implications of what it brings.

I don't think you do. Congrats on being in the beta!

There are petitions that have been signed by many.

Just because you don't see it here, don't assume it's not happening. Same goes with your .5% assumption as well. Don't post info as fact without backing it up.