It’s not data harvesting if it works as claimed. The data is sent encrypted and not decrypted by the remote system performing the analysis.
What if I don’t want Apple looking at my photos in any way, shape or form?’
I don’t want Apple exflitrating my photos.
I don’t want Apple planting their robotic minion on my device to process my photos.
I don’t want my OS doing stuff I didn’t tell it to do. Apple has no business analyzing any of my data.
Well they don’t. I don’t want to justify the opt-in by default but, again (cf my reply history) here they are precisely trying NOT to send anything usable to their own server. They are sending data that can’t be used by anything else but your phone. That’s the entire point of homomorphic encryption, even the server they are sent to do NOT see it as the original data. They can only do some kind of computations to it and they can’t “revert” back to the original.
If they don’t look at my data, they don’t even have to encrypt it.
If they don’t try to look at my data, they don’t need to wonder whether they should ask my permission.
I don’t want Apple or anybody else looking at my data, for any reason, is my point.
Yet I’ll still try to clarify the technical aspect because I find that genuinely interesting and actually positive. The point of homomorphic encryption is that they are NOT looking at your data. They are not encrypting data to decrypt them. An analogy would be that :
we are a dozen of friends around a table,
we each have 5 cards hidden from others,
we photocopy 1 card in secret
we shred the copied card, remove half of it, put it in a cup and write a random long number on that cup
we place that cup in a covered bowl
one of us randomly picked gets to pick a cup, count how many red shards are in it, write it back in the cup and writes adds the number to the total written on the bowl, we repeat that process until all cups are written on only once
once that’s done we each pick back our up without showing it to the others
Thanks to that process we know both something about our card (the number of red shards) and all other cards (total number of red shards on the bowl) without having actually revealed what our card is. We have done so without sharing our data (the uncut original card) and it’s not possible to know its content, even if somebody were to take all cups.
So… that’s roughly how homomorphic encryption works. It’s honestly fascinating and important IMHO, the same way that cryptography and its foundation, e.g. one way functions or computational complexity more broadly, are basically the basis for privacy online today.
You don’t have to agree with how Apple implemented but I’d argue understanding how it works and when it can be used is important.
Let me know if it makes sense, it’s the first time I tried to make an analogy for it.
PS: if someone working on HE has a better analogy or spot incorrect parts, please do share.
It makes sense, but you totally miss my point.
To go with your analogy, my point is:
I’m not interested in playing cards
That’s it.
I don’t care how fascinating the technology is and how clever Apple are: they are not welcome to implement it on my device. I didn’t invite them to setup a card game and I expect them not to break into my house to setup a table.
I wish, sadly that’s not how using non open source or open hardware devices work. You are running their software on their hardware with their limitations. It’s not a PC or SBC.
Edit: if we were to stick to the card game analogy, it’d be more like playing the card game in a hotel, in a room that you rented, rather than at home.
And it should, unfortunately it’s not. Maybe right to repair and other laws will, hopefully, change that but for now, it’s bundling, part pairing and locks all the way down.
TLDR edit: I’m supporting the above comment - ie. i do not support apple’s actions in this case.
It’s definitely good for people to learn a bit about homomorphic computing, and let’s give some credit to apple for investing in this area of technology.
That said:
Encryption in the majority of cases doesn’t actually buy absolute privacy or security, it buys time - see NIST’s criteria of ≥30 years for AES. It will almost certainly be crackable <oneday> either by weakening or other advances… How many people are truly able to give genuine informed consent in that context?
Encrypting something doesn’t always work out as planned, see example:
“DON’T WORRY BRO, ITS TOTALLY SAFE, IT’S ENCRYPTED!!”
Yes Apple is surely capable enough to avoid simple, documented, mistakes such as above, but it’s also quite likely some mistake will be made. And we note, apple are also extremely likely capable of engineering leaks and concealing it or making it appear accidental (or even if truly accidental, leveraging it later on).
Whether they’d take the risk, whether their (un)official internal policy would support or reject that is ofc for the realm of speculation.
That they’d have the technical capability to do so isn’t at all unlikely. Same goes for a capable entity with access to apple infrastructure.
The fact they’ve chosen to act questionably regarding user’s ability to meaningfully consent, or even consent at all(!), suggests there may be some issues with assuming good faith on their part.
How hard is it to grasp that I don’t want Apple doing anything in my cellphone I didn’t explicitely consent to?
I don’t care what technology they develop, or whether they’re capable of applying it correctly: the point is, I don’t want it on my phone in the first place, anymore than I want them to setup camp in my living room to take notes on what I’m doing in my house.
My phone, my property, and Apple - or anybody else - is not welcome on my property.
Sorry for my poor phrasing, perhaps re-read my post? i’m entirely supporting your argument. Perhaps your main point aligns most with my #3? It could be argued they’ve already begun from a position of probable bad faith by taking this data from users in the first place.
What if I don’t want Apple looking at my photos in any way, shape or form?’
Then you don’t buy an iPhone. Didn’t they say a year or two ago that they’re going to scan every single picture using on-board processing to look for images and videos that could be child porn and anything suspicious would be flagged and sent to human review?
It’s not that simple. If I don’t want any of my photos scanned, I would have to avoid every iphone, ipad, and mac with this feature turned on, effectively meaning I can’t send a photo to anyone using an apple device.
Well, the other cloud services just did server side csam scan long before apple and they do it respecting your privacy less than apple.
Apple wanted to improve the process like EU wants it, so that no illegal data can be uploaded to apple’s servers making them responsible. That is why they wanted to scan on devices.
But any person who ever used spotlight in the last 4 years should have recognised how they find pictures with words. This is nothing new, apple photos is analysing photos with AI since a very long time.
What if I don’t want Apple looking at my photos in any way, shape or form?’
I don’t want Apple exflitrating my photos.
I don’t want Apple planting their robotic minion on my device to process my photos.
I don’t want my OS doing stuff I didn’t tell it to do. Apple has no business analyzing any of my data.
Well they don’t. I don’t want to justify the opt-in by default but, again (cf my reply history) here they are precisely trying NOT to send anything usable to their own server. They are sending data that can’t be used by anything else but your phone. That’s the entire point of homomorphic encryption, even the server they are sent to do NOT see it as the original data. They can only do some kind of computations to it and they can’t “revert” back to the original.
If they don’t look at my data, they don’t even have to encrypt it.
If they don’t try to look at my data, they don’t need to wonder whether they should ask my permission.
I don’t want Apple or anybody else looking at my data, for any reason, is my point.
I agree on permission.
Yet I’ll still try to clarify the technical aspect because I find that genuinely interesting and actually positive. The point of homomorphic encryption is that they are NOT looking at your data. They are not encrypting data to decrypt them. An analogy would be that :
Thanks to that process we know both something about our card (the number of red shards) and all other cards (total number of red shards on the bowl) without having actually revealed what our card is. We have done so without sharing our data (the uncut original card) and it’s not possible to know its content, even if somebody were to take all cups.
So… that’s roughly how homomorphic encryption works. It’s honestly fascinating and important IMHO, the same way that cryptography and its foundation, e.g. one way functions or computational complexity more broadly, are basically the basis for privacy online today.
You don’t have to agree with how Apple implemented but I’d argue understanding how it works and when it can be used is important.
Let me know if it makes sense, it’s the first time I tried to make an analogy for it.
PS: if someone working on HE has a better analogy or spot incorrect parts, please do share.
It makes sense, but you totally miss my point. To go with your analogy, my point is:
That’s it.
I don’t care how fascinating the technology is and how clever Apple are: they are not welcome to implement it on my device. I didn’t invite them to setup a card game and I expect them not to break into my house to setup a table.
I wish, sadly that’s not how using non open source or open hardware devices work. You are running their software on their hardware with their limitations. It’s not a PC or SBC.
Edit: if we were to stick to the card game analogy, it’d be more like playing the card game in a hotel, in a room that you rented, rather than at home.
It’s funny how it feels like my money when I pay for the device at the cash register.
And it should, unfortunately it’s not. Maybe right to repair and other laws will, hopefully, change that but for now, it’s bundling, part pairing and locks all the way down.
sdklf;gjkl;dsgjkl;dsgjkl;dsgsjkl;g
TLDR edit: I’m supporting the above comment - ie. i do not support apple’s actions in this case.
It’s definitely good for people to learn a bit about homomorphic computing, and let’s give some credit to apple for investing in this area of technology.
That said:
Encryption in the majority of cases doesn’t actually buy absolute privacy or security, it buys time - see NIST’s criteria of ≥30 years for AES. It will almost certainly be crackable <oneday> either by weakening or other advances… How many people are truly able to give genuine informed consent in that context?
Encrypting something doesn’t always work out as planned, see example:
“DON’T WORRY BRO, ITS TOTALLY SAFE, IT’S ENCRYPTED!!”
Source
Yes Apple is surely capable enough to avoid simple, documented, mistakes such as above, but it’s also quite likely some mistake will be made. And we note, apple are also extremely likely capable of engineering leaks and concealing it or making it appear accidental (or even if truly accidental, leveraging it later on).
Whether they’d take the risk, whether their (un)official internal policy would support or reject that is ofc for the realm of speculation.
That they’d have the technical capability to do so isn’t at all unlikely. Same goes for a capable entity with access to apple infrastructure.
How hard is it to grasp that I don’t want Apple doing anything in my cellphone I didn’t explicitely consent to?
I don’t care what technology they develop, or whether they’re capable of applying it correctly: the point is, I don’t want it on my phone in the first place, anymore than I want them to setup camp in my living room to take notes on what I’m doing in my house.
My phone, my property, and Apple - or anybody else - is not welcome on my property.
Sorry for my poor phrasing, perhaps re-read my post? i’m entirely supporting your argument. Perhaps your main point aligns most with my #3? It could be argued they’ve already begun from a position of probable bad faith by taking this data from users in the first place.
Oh yeah I kinda missed your last point. Sorry 🙂
Then you don’t buy an iPhone. Didn’t they say a year or two ago that they’re going to scan every single picture using on-board processing to look for images and videos that could be child porn and anything suspicious would be flagged and sent to human review?
It’s not that simple. If I don’t want any of my photos scanned, I would have to avoid every iphone, ipad, and mac with this feature turned on, effectively meaning I can’t send a photo to anyone using an apple device.
Correct.
Well, the other cloud services just did server side csam scan long before apple and they do it respecting your privacy less than apple.
Apple wanted to improve the process like EU wants it, so that no illegal data can be uploaded to apple’s servers making them responsible. That is why they wanted to scan on devices.
But any person who ever used spotlight in the last 4 years should have recognised how they find pictures with words. This is nothing new, apple photos is analysing photos with AI since a very long time.
“opt out” to looking at my data ✅