Apple Archive

Apple has released new versions of all of its platforms, with only the Mac lagging behind for now. There’s iOS 15 and iPadOS 15, watchOS 8, HomePod 15, and tvOS 15. As usual, Apple’s device support for new updates is excellent and stretches back quite far, so pretty much every one of you who is an iOS users will be able to enjoy these new releases. You know where to find them.

Apple, in a statement to various news outlets: Last month we announced plans for features intended to help protect children from predators who use communication tools to recruit and exploit them, and limit the spread of Child Sexual Abuse Material. Based on feedback from customers, advocacy groups, researchers and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features. Good step, but it should be scrapped entirely. Let’s hope this is not just a case of Apple waiting for the storm to blow over, to then sneak it into a random point release.

Earlier this month, Apple unveiled a system that would scan iPhone and iPad photos for child sexual abuse material (CSAM). The announcement sparked a civil liberties firestorm, and Apple’s own employees have been expressing alarm. The company insists reservations about the system are rooted in “misunderstandings.” We disagree. We wrote the only peer-reviewed publication on how to build a system like Apple’s — and we concluded the technology was dangerous. We’re not concerned because we misunderstand how Apple’s system works. The problem is, we understand exactly how it works. There’s now so much evidence from credible, trustworthy people and organisations that Apple’s system is bad and dangerous, that I find it hard to believe there are still people cheering Apple on.

Researchers have produced a collision in iOS’s built-in hash function, raising new concerns about the integrity of Apple’s CSAM-scanning system. The flaw affects the hashing system, called NeuralHash, which allows Apple to check for exact matches of known child-abuse imagery without possessing any of the images or gleaning any information about non-matching pictures. On Tuesday, a GitHub user called Asuhariet Ygvar posted code for a reconstructed Python version of NeuralHash, which he claimed to have reverse-engineered from previous versions of iOS. The GitHub post also includes instructions on how to extract the NeuralMatch files from a current macOS or iOS build. Once the code was public, more significant attacks were quickly discovered. A user called Cory Cornelius produced a collision in the algorithm: two images that generate the same hash. If the findings hold up, it will be a significant failure in the cryptography underlying Apple’s new system. American tech media and bloggers have been shoving the valid concerns aside ever since Apple announced this new backdoor into iOS, and it’s barely been a week and we already see major tentpoles come crashing down. I try not to swear on OSNews, but there’s no other way to describe this than as a giant clusterfuck of epic proportions.

Dr. Neal Krawetz, one of the leading experts in the area of computer forensics research, digital photo analysis, and related topics, has penned a blog post in which he takes apart Apple’s recent announcement and the technology behind it. He actually has a lot of experience with the very problem Apple is trying to deal with, since he is the creator of FotoForensics, and files CSAM reports to the National Center for Missing and Exploited Children (NCMEC) every day. In fact, he files more reports than Apple, and knows all the ins and outs of all the technologies involved – including reverse-engineering Microsoft’s PhotoDNA, the perceptual hash algorithm NCMEC and Apple are using. The reason he had to reverse-engineer PhotoDNA is that NCMEC refused to countersign the NDA’s they wanted Krawetz to sign, eventually not responding to his requests altogether. Krawetz is one of the more prolific reporters of CSAM material (number 40 out of 168 in total in 2020). According to him, PhotoDNA is not as sophisticated as Apple’s and Microsoft’s documentation and claims make it out to be. Perhaps there is a reason that they don’t want really technical people looking at PhotoDNA. Microsoft says that the “PhotoDNA hash is not reversible”. That’s not true. PhotoDNA hashes can be projected into a 26×26 grayscale image that is only a little blurry. 26×26 is larger than most desktop icons; it’s enough detail to recognize people and objects. Reversing a PhotoDNA hash is no more complicated than solving a 26×26 Sudoku puzzle; a task well-suited for computers. The other major component of Apple’s system, an AI perceptual hash called a NeuralHash, is problematic too. The experts Apple cites have zero background in privacy or law, and while Apple’s whitepaper is “overly technical”, it “doesn’t give enough information for someone to confirm the implementation”. Furthermore, Krawetz “calls bullshit” on Apple’s claim that there is a 1 in 1 trillion error rate. After a detailed analysis of the numbers involved, he concludes: What is the real error rate? We don’t know. Apple doesn’t seem to know. And since they don’t know, they appear to have just thrown out a really big number. As far as I can tell, Apple’s claim of “1 in 1 trillion” is a baseless estimate. In this regard, Apple has provided misleading support for their algorithm and misleading accuracy rates. Krawetz also takes aim at the step where Apple manually reviews possible CP material by sending them from the device in question to Apple itself. After discussing this with his attorney, he concludes: The laws related to CSAM are very explicit. 18 U.S. Code § 2252 states that knowingly transferring CSAM material is a felony. (The only exception, in 2258A, is when it is reported to NCMEC.) In this case, Apple has a very strong reason to believe they are transferring CSAM material, and they are sending it to Apple — not NCMEC. It does not matter that Apple will then check it and forward it to NCMEC. 18 U.S.C. § 2258A is specific: the data can only be sent to NCMEC. (With 2258A, it is illegal for a service provider to turn over CP photos to the police or the FBI; you can only send it to NCMEC. Then NCMEC will contact the police or FBI.) What Apple has detailed is the intentional distribution (to Apple), collection (at Apple), and access (viewing at Apple) of material that they strongly have reason to believe is CSAM. As it was explained to me by my attorney, that is a felony. This whole thing looks, feels, and smells like a terribly designed system that is not only prone to errors, but also easily exploitable by people and governments with bad intentions. It also seems to be highly illegal, making one wonder why Apple were to put this out in the first place. Krawetz hints at why Apple is building this system earlier in this article: Apple’s devices rename pictures in a way that is very distinct. (Filename ballistics spots it really well.) Based on the number of reports that I’ve submitted to NCMEC, where the image appears to have touched Apple’s devices or services, I think that Apple has a very large CP/CSAM problem. I think this might be the real reason Apple is building this system.

Apple also addressed the hypothetical possibility of a particular region in the world deciding to corrupt a safety organization in an attempt to abuse the system, noting that the system’s first layer of protection is an undisclosed threshold before a user is flagged for having inappropriate imagery. Even if the threshold is exceeded, Apple said its manual review process would serve as an additional barrier and confirm the absence of known CSAM imagery. Apple said it would ultimately not report the flagged user to NCMEC or law enforcement agencies and that the system would still be working exactly as designed. After yesterday’s news and today’s responses from experts, here’s a recap: Apple is going to scan all photos on every iPhone to see if any of them match against a dataset of photos – that Apple itself hasn’t verified – given to them by the authorities of countries in which this is rolled out, with final checks being done by (third party) reviewers who are most likely traumatized, overworked, underpaid, and easily infiltrated. What could possibly go wrong? Today, Apple sent out an internal memo to Apple employees about this new scanning system. In it, they added a statement by Marita Rodriguez, executive director of strategic partnerships at the National Center for Missing and Exploited Children, and one of the choice quotes: I know it’s been a long day and that many of you probably haven’t slept in 24 hours. We know that the days to come will be filled with the screeching voices of the minority. Apple signed off on that quote. They think those of us worried about invasive technologies like this and the power backdoors like this would give to totalitarian regimes all over the world are the “screeching voices of the minority”. No wonder this company enjoys working with the most brutal regimes in the world.

Oliver Kuederle, who works with the image hashing technology used by Apple’s new technology that’s going to scan the photos on your iOS device continuously, explains that it is far, far from foolproof: Perceptual hashes are messy. The simple fact that image data is reduced to a small number of bits leads to collisions and therefore false positives. When such algorithms are used to detect criminal activities, especially at Apple scale, many innocent people can potentially face serious problems. My company’s customers are slightly inconvenienced by the failures of perceptual hashes (we have a UI in place that lets them make manual corrections). But when it comes to CSAM detection and its failure potential, that’s a whole different ball game. Needless to say, I’m quite worried about this. This is just one of the many, many problems with what Apple announced yesterday.

Apple has announced impending changes to its operating systems that include new “protections for children” features in iCloud and iMessage. If you’ve spent any time following the Crypto Wars, you know what this means: Apple is planning to build a backdoor into its data storage system and its messaging system. Child exploitation is a serious problem, and Apple isn’t the first tech company to bend its privacy-protective stance in an attempt to combat it. But that choice will come at a high price for overall user privacy. Apple can explain at length how its technical implementation will preserve privacy and security in its proposed backdoor, but at the end of the day, even a thoroughly documented, carefully thought-out, and narrowly-scoped backdoor is still a backdoor. Basically, Apple is going to scan your iCloud photo library, and compare cryptographic hashes of your photos to known photos containing child pornography. It’s hard to argue against this because it makes it seem as if you’re arguing against catching the sort of people that have such material. However, the issue with tools like this are not the ends – all of us are on the same side here – but the means. It’s more than obvious that this scanning is a gross invasion of privacy, but at the same time, you could easily argue that this is a bit of privacy we’d be willing to give up in order to aid in catching the worst elements of our society. The real problems stem from the fact that tools like this are simply never going to be foolproof. Software is incredibly unreliable, and while a random application crashing won’t ruin your life, an algorithm wrongfully labeling you as a pedophile most definitely will. On top of unintended consequences, malicious intent could be a major problem here too – what if some asshole wants to ruin your life, and sends you compromised photos, or otherwise sneaks them onto your device? And with Apple’s long history of working very closely with the most horrid regimes in the world, imagine what governments can do with a tool like this? On the ends that Apple is trying to get to here, we are all on the same side. The means to get there, however, need to be carefully considered.

The best moment of this year’s WWDC keynote was a straightforward demo of a macOS feature, Universal Control. The idea is simple enough: it allows you to use the keyboard and trackpad on a Mac to directly control an iPad, and even makes it simple to drag and drop content between those devices. What made the demo so impressive is how easy and seamless it all seemed. In a classic Apple move, there was no setup required at all. The segment happened so fast that it even seemed (incorrectly, as it turns out) like the Mac was able to physically locate the iPad in space so it knew where to put the mouse pointer. I mean, none of this stuff is new or technologically impressive, but as usual, Apple manages to make it easy, intuitive, and look and feel good and nice. I’d love to have something as straightforward and integrated like this in Linux.

Yesterday, during the Apple event, the company, as always, kept talking about they value privacy, and how privacy is a “fundamental human right”. A noble statement, of course, but it seems Apple does not consider people from China, Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda and the Philippines to be “humans”, because fundamental, tent pole privacy features announced yesterday will not be available to the humans living in those countries. Apple on Monday said a new “private relay” feature designed to obscure a user’s web browsing behavior from internet service providers and advertisers will not be available in China for regulatory reasons. The feature was one of a number of privacy protections Apple announced at its annual software developer conference on Monday, the latest in a years-long effort by the company to cut down on the tracking of its users by advertisers and other third parties. Privacy is a “fundamental human right”, but apparently not as fundamental as Apple’s right to make even more money.

Of the highest 1,000 grossing apps on the App Store, nearly two percent are scams, according to an analysis by The Washington Post. And those apps have bilked consumers out of an estimated $48 million during the time they’ve been on the App Store, according to market research firm Appfigures. The scale of the problem has never before been reported. What’s more, Apple profits from these apps because it takes a cut of up to a 30 percent of all revenue generated through the App Store. Even more common, according to The Post’s analysis, are “fleeceware” apps that use inauthentic customer reviews to move up in the App Store rankings and give apps a sense of legitimacy to convince customers to pay higher prices for a service usually offered elsewhere with higher legitimate customer reviews. Apple likes to claim the App Store is needed to keep people safe, but that simply is a flat-out lie. The App Store is filled to the brim not only with obvious scams, but also a whole boatload of gambling applications designed specifically to trick children into spending money. In fact, these “games” make up a huge proportion of the App Store’s revenue. Apple earns top dollar from every scam or disturbing gambling app on the App Store, so there’s a huge conflict of interest here that in and of itself should be enough reason to take control over iOS away from Apple. iOS users should have the freedom to install and use an application store that does not prey on their children and promotes scams.

Blockbuster report by The New York Times on Apple and Tim Cook gladly making endless concessions to please the Chinese government. Nothing in here is really new to most of us, but it’s startling to see it laid out in such detail, and sourced so well. For instance, when it comes to Chinese people, privacy is apparently no longer a “fundamental human right“: Inside, Apple was preparing to store the personal data of its Chinese customers on computer servers run by a state-owned Chinese firm. Tim Cook, Apple’s chief executive, has said the data is safe. But at the data center in Guiyang, which Apple hoped would be completed by next month, and another in the Inner Mongolia region, Apple has largely ceded control to the Chinese government. Chinese state employees physically manage the computers. Apple abandoned the encryption technology it used elsewhere after China would not allow it. And the digital keys that unlock information on those computers are stored in the data centers they’re meant to secure. This means zero privacy for Chinese Apple users, as Apple has pretty much ceded all control over this data to the Chinese government – so much so Apple’s employees aren’t even in the building, and Apple no longer has the encryption keys either. And on top of this, it turns out Apple is so scared of offending the Chinese government, the company proactively censors applications and other content in the Chinese version of the App Store, removing, censoring, and blocking content even before the Chinese government asks for it. “Apple has become a cog in the censorship machine that presents a government-controlled version of the internet,” said Nicholas Bequelin, Asia director for Amnesty International, the human rights group. “If you look at the behavior of the Chinese government, you don’t see any resistance from Apple — no history of standing up for the principles that Apple claims to be so attached to.” Apple even fired an App Store reviewer because the reviewer approved an application that while not breaking a single rule, did offend the Chinese government. That is how far Apple is willing to go to please its Chinese government friends. Apple isn’t merely beholden to China – it’s deeply, deeply afraid of China. How many more concessions is Tim Cook willing to make, and how many more Chinese rings is he willing to kiss?

Apple has announced a new, redesigned 24-inch iMac, featuring an M1 chip, a 4.5K display, and a range of color options, as well as an improved cooling system, front-facing camera, speaker system, microphones, power connector, and peripherals. These look pretty good, but they come with the same limitations as all the other identical M1 Macs – 8 GB of RAM standard with a maximum of a mere 16 GB, lacklustre graphics chip, no high refresh rate displays (in 2021!), barely any ports, zero expandability, and Linux/BSD support will always remain problematic and years behind the curve. Good processor, but at what cost?

Entire servers can now be marked as NSFW if their community “is organized around NSFW themes or if the majority of the server’s content is 18+.” This label will be a requirement going forward, and Discord will proactively mark servers as NSFW if they fail to self-identify. Discord previously allowed individual channels to be marked as NSFW and age-gated. The NSFW marker does two things. First, it prevents anyone under the age of 18 from joining. But the bigger limitation is that it prevents NSFW servers from being accessed on iOS devices — a significant restriction that’s almost certainly meant to cater to Apple’s strict and often prudish rules around nudity in services distributed through the App Store. Tumblr infamously wiped porn from its entire platform in order to come into compliance with Apple’s rules. There’s two things happening here. There’s the tighter restrictions by Discord, which I think are reasonable – you don’t want minors or adults who simply aren’t interested in rowdier conversations to accidentally walk into channels where people are discussing sex, nudity, or porn. Labeling these channels as such is, while not a panacea, an understandable move, also from a legal standpoint. I still think sex and nudity are far, far, far less damaging or worrisome than the insane amounts of brutal violence children get exposed to in movies, TV series, games, and the evening news, but I understand American culture sees these things differently. Then there’s Apple’s demands placed on Discord. This is an absolutely bizarre move by Apple on so many levels. First, the line between porn and mere nudity is often vague and nebulous, such as in paintings or others forms of art. This could be hugely impactful to art communities sharing the things they work on. Second, Discord is primarily a platform for close-knit groups of friends, and if everyone in your friend group is over 18, there’s going to be discussions and talk about sex, nudity, porn, and other things adults tend to talk about from time to time, just as there are in real life. None of these two – art and casual conversation – are criminal, bad, or negative in any way. And third, and this is the big one, these restrictions Apple is placing on Discord do not apply to Apple’s own applications. iMessage serves much the same function as Discord does, yet there’s no NSFW markers, 18+ warnings, or bans on such content on iMessage. Other platforms, such as Facebook, Twitter, and the damn web through Safari, provide access to far vaster collections of the most degenerate pornography mankind ever wrought, and yet, Apple isn’t banning them either. This just goes to show that, once again, that iPhone isn’t really yours. Apple decides how you get to use it, and you’re merely along for the $1000 ride. Android may have its problems, but at least I don’t have Tim Cook peeping over my shoulder to see if I’m looking at something he deems lewd.