• million@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    2 years ago

    Here is the thing about the client side scanning, it was a way for them to fully encrypt iCloud while keeping law enforcement happy. In my mind it was a privacy win, as the alternative was to scan an unencrypted file in the cloud, much like Google, Microsoft, et al does.

    Privacy isn’t an absolute, there is a push pull with the other needs of a society, if folks legitimately think that CSAM isn’t a problem then they have had a very sheltered internet experience.

    I know this view is hugely unpopular with the privacy crowd but what Apple was doing honestly felt like a reasonable compromise to me. I guess it’s moot because they now have an encrypted iCloud option without the client side scanning.

    • alb@kbin.social
      link
      fedilink
      arrow-up
      4
      ·
      2 years ago

      The problem is that client-side scanning has been demonstrated to be a big threat to security by scholars in the field of encryption. In addition, client-side scanning can be circumvented by criminals by modifying the hash of images; this is why its introduction caused a big outcry and Apple dropped its introduction.

      • starchturrets@feddit.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 years ago

        I think the reason it caused such an outcry was that it was a little more advanced than simply checking a hash, which could be defeated by cropping it or something similar.

    • hemmes@lemmy.one
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 years ago

      My sentiments as well. When they wouldn’t open that shooter’s phone for the government and were about to goto war right before the FBI got it done with Azimuth Security (discovering nothing after spending nearly a million dollars lol). You would think they said to themselves “we have to do something to get out of the cross hairs.” And like you said, they soon released full end to end encryption to close the gap (which I’ve done and highly recommend).