Wilf <wilf@postingx.uk> wrote
> Lewis wrote
>> RonTheGuy <ron@null.invalid> wrote
>>> nospam wrote

>>>> there are multiple ways to opt-out of csam checking,

>>> How did you opt out to hackers & governments using the back doors?

>> There is no back door.

> I've been watching this conversation and I am really am perplexed, so I'm
> hoping that one of you knowledgeable folk here can clarify for me and for
> others, maybe.

> Why do some people think there is or is going to be a "back door"?

They are ignorant and don’t have a clue about what a backdoor is.

> What do they classify as a "back door",

Anything they stupidly believe that apple is snooping on their iphone or
ipad.

> and why do some here say there is no "back door"?

Because there isn't.
https://en.wikipedia.org/wiki/Backdoor_(computing)

On 9/16/2021 7:11 AM, badgolferman wrote:
> Wilf <wilf@postingx.uk> wrote:
>> On 16/09/2021 at 03:23, Lewis wrote:
>>> In message <16y8ioruep95q$.dlg@news.solani.org> RonTheGuy <ron@null.invalid> wrote:
>>>> On Sep 15, 2021, nospam wrote
>>>> (in article<news:150920210158598871%nospam@nospam.invalid>):
>>>>> there are multiple ways to opt-out of csam checking,
>>>
>>>> How did you opt out to hackers & governments using the back doors?
>>>
>>> There is no back door.
>>>
>>
>> I've been watching this conversation and I am really am perplexed, so
>> I'm hoping that one of you knowledgeable folk here can clarify for me
>> and for others, maybe.
>>
>> Why do some people think there is or is going to be a "back door"? What
>> do they classify as a "back door", and why do some here say there is no
>> "back door"? TIA.
>>
>
> It’s a matter of perspective. Call it a back door, side door, or full
> frontal attack. What it comes down to is Apple is introducing a method
> which will scan your personal device for files which someone has determined
> are illegal. Who that “someone” is will be ambiguous forever.

Exactly. Those that insist that it's not a "back door" are really
arguing semantics.

EFF called it a "narrow back door," which is probably the most accurate
description.

From
<https://www.eff.org/deeplinks/2021/08/apples-plan-think-different-about-encryption-opens-backdoor-your-private-life>:

"All it would take to widen the narrow backdoor that Apple is building
is an expansion of the machine learning parameters to look for
additional types of content, or a tweak of the configuration flags to
scan, not just children’s, but anyone’s accounts. That’s not a slippery
slope; that’s a fully built system just waiting for external pressure to
make the slightest change."

Let's just hope that the "delay" turns into "forever" and this dopey
idea goes away. It would be great to know if Tim Cook knew about this
whole thing before it was announced, and if he made the decision to stop
it, especially after Apple initially doubled down on their initial
proposal. Steve Jobs would never have let this whole thing occur in the
first place.

badgolferman <REMOVETHISbadgolferman@gmail.com> wrote
> Wilf <wilf@postingx.uk> wrote:
>> On 16/09/2021 at 03:23, Lewis wrote:
>>> In message <16y8ioruep95q$.dlg@news.solani.org> RonTheGuy
>>> <ron@null.invalid> wrote:
>>>> On Sep 15, 2021, nospam wrote
>>>> (in article<news:150920210158598871%nospam@nospam.invalid>):
>>>>> there are multiple ways to opt-out of csam checking,
>>>
>>>> How did you opt out to hackers & governments using the back doors?
>>>
>>> There is no back door.
>>>
>>
>> I've been watching this conversation and I am really am perplexed, so
>> I'm hoping that one of you knowledgeable folk here can clarify for me
>> and for others, maybe.
>>
>> Why do some people think there is or is going to be a "back door"? What
>> do they classify as a "back door", and why do some here say there is no
>> "back door"? TIA.

> It’s a matter of perspective.

Ignorance, actually.

> Call it a back door, side door, or full frontal attack.

What apple is planning to do is none of those.

> What it comes down to is Apple is introducing a method which will scan
> your personal device for files which someone has determined are illegal.

ONLY if you CHOOSE to upload them to the icloud.

> Who that “someone” is will be ambiguous forever.

Wrong, as always.

sms <scharf.steven@geemail.com> wrote
> On 9/16/2021 2:39 AM, Wilf wrote:
>> On 16/09/2021 at 03:23, Lewis wrote:
>>> In message <16y8ioruep95q$.dlg@news.solani.org> RonTheGuy
>>> <ron@null.invalid> wrote:
>>>> On Sep 15, 2021, nospam wrote
>>>> (in article<news:150920210158598871%nospam@nospam.invalid>):
>>>>> there are multiple ways to opt-out of csam checking,
>>>
>>>> How did you opt out to hackers & governments using the back doors?
>>>
>>> There is no back door.
>>>
>>
>> I've been watching this conversation and I am really am perplexed, so I'm
>> hoping that one of you knowledgeable folk here can clarify for me and for
>> others, maybe.
>>
>> Why do some people think there is or is going to be a "back door"? What
>> do they classify as a "back door", and why do some here say there is no
>> "back door"? TIA.

> Trust what the Electronic Frontier Foundations said.

It would be stupid because they have got it wrong.

> "Apple is planning to build a backdoor into its data storage system and
> its messaging system,"

No it is not.

> See
> <https://www.eff.org/deeplinks/2021/08/apples-plan-think-different-about-encryption-opens-backdoor-your-private-life>.

Its just plain wrong.
https://en.wikipedia.org/wiki/Backdoor_(computing)

In article <shvpm2$g8t$1@dont-email.me>, sms
<scharf.steven@geemail.com> wrote:

> Those that insist that it's not a "back door" are really
> arguing semantics.

nope. they're using the actual definition of backdoor, which does not
describe what apple is doing. it's not even close.

> EFF called it a "narrow back door," which is probably the most accurate
> description.

not only is it not accurate, it's totally wrong.

> Steve Jobs would never have let this whole thing occur in the
> first place.

nobody knows what steve jobs would or would not have done, certainly
not you.

On 2021-09-16, Lewis <g.kreme@kreme.dont-email.me> wrote:
> In message <shv3ci$2b5$1@gioia.aioe.org> Wilf <wilf@postingx.uk> wrote:
>> On 16/09/2021 at 03:23, Lewis wrote:
>>> In message <16y8ioruep95q$.dlg@news.solani.org> RonTheGuy <ron@null.invalid> wrote:
>>>> On Sep 15, 2021, nospam wrote
>>>> (in article<news:150920210158598871%nospam@nospam.invalid>):
>>>>> there are multiple ways to opt-out of csam checking,
>>>
>>>> How did you opt out to hackers & governments using the back doors?
>>>
>>> There is no back door.
>
>> I've been watching this conversation and I am really am perplexed, so
>> I'm hoping that one of you knowledgeable folk here can clarify for me
>> and for others, maybe.
>
>> Why do some people think there is or is going to be a "back door"?
>
> A few possible reasons:
>
> o They are Androol trolls
> o They only read headlines
> o They only read posts form Androol trolls
> o They din't know what a back door is.
>
>> do they classify as a "back door", and why do some here say there is
>> no "back door"? TIA.
>
> A back door is a hidden feature or a flaw in software that allows
> unknown and unauthorized access to a computer's data. There is no
> hidden feature or flaw, not unknown access, no unauthorized access, no
> back door.

Assuming Wilf really wants to know how Apple's proposed system works:

Photo Library Scanning

* photos being uploaded to Apple’s iCloud servers from your photo
library are examined on device just before upload (rather than after
upload on the server) — they are examined on device rather than in the
cloud by generating a hash of the photo being uploaded and comparing
that hash with an on-device hash database of known child abuse images

* end users cannot access, view, or modify the database of known child
sexual abuse photos — nor can they identify which images were flagged

* photos that match the hashes of known child sexual abuse photos are
flagged as potential violations by generating encrypted safety voucher
containing metadata about the matching photo and a visual derivative
of the photo with sensitive portions obscured — the safety voucher is
also uploaded to iCloud

* your photos in iCloud are encrypted both in transit and at rest on the
servers, and Apple does not decrypt them or access them on the servers
in order to scan them, which means Apple employees know absolutely
nothing about photos that do not match hashes of known child sexual
abuse material — nor do they know anything about photos that are not
uploaded to Apple servers

* the risk of the system incorrectly flagging an account is extremely
low (1 in 1 trillion probability of incorrectly flagging a given
account)

* only accounts with safety vouchers that exceed a threshold of multiple
(over 30) matches to known child sexual abuse photos are able to be
reviewed by Apple employees — until this threshold is exceeded, the
encrypted vouchers cannot be viewed by anyone, thanks to an encryption
technology called private set intersection (also known as threshold
secret sharing)

* only vouchers that are reviewed and verified by a human being to be
actual child abuse material are forwarded to authorities

Child Protection in Messages

* this feature is only available for accounts set up as families with
iCloud Family Sharing

* parent/guardian accounts must opt in to turn on the feature for their
family group

* parental notifications can only be enabled by parents/guardians for
child accounts age 12 or younger

* when enabled, the feature uses on-device AI (rather than the
aforementioned database of hashes) to analyze images that are sent and
received by the child - this happens privately so that Apple does not
have any knowledge of it

* if a child account sends or receives sexually explicit images, the
photo will be blurred and the child will be warned, presented with
helpful resources, and reassured it is okay if they do not want to
view or send the photo

* if parents desire (they must opt-in), as additional precaution, young
children can also be told that, to make sure they are safe, their
parents will get a message if they do view it

With this in mind, we know that if this matching activity concerns you,
you can opt out by refraining from uploading photos to iCloud (by
disabling iCloud Photos, My Photo Stream, and iMessage).

* Since these are all optional services, opting out is very easy to do.

* Claims stating that Apple is supposedly scanning your entire device
24/7 are unfounded.

* Claims that Apple is scanning every single photo on your device are
also unfounded.

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

On 16/09/2021 at 17:28, Jolly Roger wrote:
> On 2021-09-16, Lewis <g.kreme@kreme.dont-email.me> wrote:
>> In message <shv3ci$2b5$1@gioia.aioe.org> Wilf <wilf@postingx.uk> wrote:
>>> On 16/09/2021 at 03:23, Lewis wrote:
>>>> In message <16y8ioruep95q$.dlg@news.solani.org> RonTheGuy <ron@null.invalid> wrote:
>>>>> On Sep 15, 2021, nospam wrote
>>>>> (in article<news:150920210158598871%nospam@nospam.invalid>):
>>>>>> there are multiple ways to opt-out of csam checking,
>>>>
>>>>> How did you opt out to hackers & governments using the back doors?
>>>>
>>>> There is no back door.
>>
>>> I've been watching this conversation and I am really am perplexed, so
>>> I'm hoping that one of you knowledgeable folk here can clarify for me
>>> and for others, maybe.
>>
>>> Why do some people think there is or is going to be a "back door"?
>>
>> A few possible reasons:
>>
>> o They are Androol trolls
>> o They only read headlines
>> o They only read posts form Androol trolls
>> o They din't know what a back door is.
>>
>>> do they classify as a "back door", and why do some here say there is
>>> no "back door"? TIA.
>>
>> A back door is a hidden feature or a flaw in software that allows
>> unknown and unauthorized access to a computer's data. There is no
>> hidden feature or flaw, not unknown access, no unauthorized access, no
>> back door.
>
> Assuming Wilf really wants to know how Apple's proposed system works:
>
> Photo Library Scanning
>
> * photos being uploaded to Apple’s iCloud servers from your photo
> library are examined on device just before upload (rather than after
> upload on the server) — they are examined on device rather than in the
> cloud by generating a hash of the photo being uploaded and comparing
> that hash with an on-device hash database of known child abuse images
>
> * end users cannot access, view, or modify the database of known child
> sexual abuse photos — nor can they identify which images were flagged
>
> * photos that match the hashes of known child sexual abuse photos are
> flagged as potential violations by generating encrypted safety voucher
> containing metadata about the matching photo and a visual derivative
> of the photo with sensitive portions obscured — the safety voucher is
> also uploaded to iCloud
>
> * your photos in iCloud are encrypted both in transit and at rest on the
> servers, and Apple does not decrypt them or access them on the servers
> in order to scan them, which means Apple employees know absolutely
> nothing about photos that do not match hashes of known child sexual
> abuse material — nor do they know anything about photos that are not
> uploaded to Apple servers
>
> * the risk of the system incorrectly flagging an account is extremely
> low (1 in 1 trillion probability of incorrectly flagging a given
> account)
>
> * only accounts with safety vouchers that exceed a threshold of multiple
> (over 30) matches to known child sexual abuse photos are able to be
> reviewed by Apple employees — until this threshold is exceeded, the
> encrypted vouchers cannot be viewed by anyone, thanks to an encryption
> technology called private set intersection (also known as threshold
> secret sharing)
>
> * only vouchers that are reviewed and verified by a human being to be
> actual child abuse material are forwarded to authorities
>
> Child Protection in Messages
>
> * this feature is only available for accounts set up as families with
> iCloud Family Sharing
>
> * parent/guardian accounts must opt in to turn on the feature for their
> family group
>
> * parental notifications can only be enabled by parents/guardians for
> child accounts age 12 or younger
>
> * when enabled, the feature uses on-device AI (rather than the
> aforementioned database of hashes) to analyze images that are sent and
> received by the child - this happens privately so that Apple does not
> have any knowledge of it
>
> * if a child account sends or receives sexually explicit images, the
> photo will be blurred and the child will be warned, presented with
> helpful resources, and reassured it is okay if they do not want to
> view or send the photo
>
> * if parents desire (they must opt-in), as additional precaution, young
> children can also be told that, to make sure they are safe, their
> parents will get a message if they do view it
>
> With this in mind, we know that if this matching activity concerns you,
> you can opt out by refraining from uploading photos to iCloud (by
> disabling iCloud Photos, My Photo Stream, and iMessage).
>
> * Since these are all optional services, opting out is very easy to do.
>
> * Claims stating that Apple is supposedly scanning your entire device
> 24/7 are unfounded.
>
> * Claims that Apple is scanning every single photo on your device are
> also unfounded.
>

Thank you, that is very interesting. And yes, I do "want to know"!!!

The only thing is, and this is something I've seen elsewhere, so it's
not my own, could a malevolent government insist that other hashes were
included in the database and therefore hijack the purpose of this move?

--
Wilf

On 16/09/2021 at 10:39, Wilf wrote:
> On 16/09/2021 at 03:23, Lewis wrote:
>> In message <16y8ioruep95q$.dlg@news.solani.org> RonTheGuy <ron@null.invalid> wrote:
>>> On Sep 15, 2021, nospam wrote
>>> (in article<news:150920210158598871%nospam@nospam.invalid>):
>>>> there are multiple ways to opt-out of csam checking,
>>
>>> How did you opt out to hackers & governments using the back doors?
>>
>> There is no back door.
>>
>
> I've been watching this conversation and I am really am perplexed, so
> I'm hoping that one of you knowledgeable folk here can clarify for me
> and for others, maybe.
>
> Why do some people think there is or is going to be a "back door"? What
> do they classify as a "back door", and why do some here say there is no
> "back door"? TIA.
>

Very helpful and interesting responses, thank you all. And, yes, it was
a genuine query.

--
Wilf

On 16/09/2021 at 16:03, Lewis wrote:
>> do they classify as a "back door", and why do some here say there is no
>> "back door"? TIA.
> A back door is a hidden feature or a flaw in software that allows unknown
> and unauthorized access to a computer's data. There is no hidden
> feature or flaw, not unknown access, no unauthorized access, no back
> door.

Might that just be semantics, though? Ok, so if a back door is something
hidden, then this is not a back door per se. Maybe a 'Front Door'? But
it could allow governments to insist that other hashes be included in
the database used to identify offending pictures.

--
Wilf

On 9/16/2021 10:40 AM, Wilf wrote:

<snip>

> The only thing is, and this is something I've seen elsewhere, so it's
> not my own, could a malevolent government insist that other hashes were
> included in the database and therefore hijack the purpose of this move?

That's one of, but not the only, objection to this back door (or
whatever anyone wants to call it). And the question is not "could a
malevolent government insist...?," it's a virtual certainty that they
would insist.

Would Apple cave if such a government insisted is the real question.
Based on historical evidence, it's entirely possible; listen to the
podcast at
<https://www.kqed.org/forum/2010101883563/apple-caves-to-chinese-government-on-privacy-surveillance-and-censorship-finds-nyt-investigation>
and read
<https://www.nytimes.com/2021/05/17/technology/apple-china-censorship-data.html>.

In article <shvvj8$11i8$1@gioia.aioe.org>, Wilf <wilf@postingx.uk>
wrote:

> >
> > Assuming Wilf really wants to know how Apple's proposed system works:
> >
> > Photo Library Scanning
> >
> > * photos being uploaded to Apple¹s iCloud servers from your photo
> > library are examined on device just before upload (rather than after
> > upload on the server) ‹ they are examined on device rather than in the
> > cloud by generating a hash of the photo being uploaded and comparing
> > that hash with an on-device hash database of known child abuse images
> >
> > * end users cannot access, view, or modify the database of known child
> > sexual abuse photos ‹ nor can they identify which images were flagged
> >
> > * photos that match the hashes of known child sexual abuse photos are
> > flagged as potential violations by generating encrypted safety voucher
> > containing metadata about the matching photo and a visual derivative
> > of the photo with sensitive portions obscured ‹ the safety voucher is
> > also uploaded to iCloud
> >
> > * your photos in iCloud are encrypted both in transit and at rest on the
> > servers, and Apple does not decrypt them or access them on the servers
> > in order to scan them, which means Apple employees know absolutely
> > nothing about photos that do not match hashes of known child sexual
> > abuse material ‹ nor do they know anything about photos that are not
> > uploaded to Apple servers
> >
> > * the risk of the system incorrectly flagging an account is extremely
> > low (1 in 1 trillion probability of incorrectly flagging a given
> > account)
> >
> > * only accounts with safety vouchers that exceed a threshold of multiple
> > (over 30) matches to known child sexual abuse photos are able to be
> > reviewed by Apple employees ‹ until this threshold is exceeded, the
> > encrypted vouchers cannot be viewed by anyone, thanks to an encryption
> > technology called private set intersection (also known as threshold
> > secret sharing)
> >
> > * only vouchers that are reviewed and verified by a human being to be
> > actual child abuse material are forwarded to authorities
> >
> > Child Protection in Messages
> >
> > * this feature is only available for accounts set up as families with
> > iCloud Family Sharing
> >
> > * parent/guardian accounts must opt in to turn on the feature for their
> > family group
> >
> > * parental notifications can only be enabled by parents/guardians for
> > child accounts age 12 or younger
> >
> > * when enabled, the feature uses on-device AI (rather than the
> > aforementioned database of hashes) to analyze images that are sent and
> > received by the child - this happens privately so that Apple does not
> > have any knowledge of it
> >
> > * if a child account sends or receives sexually explicit images, the
> > photo will be blurred and the child will be warned, presented with
> > helpful resources, and reassured it is okay if they do not want to
> > view or send the photo
> >
> > * if parents desire (they must opt-in), as additional precaution, young
> > children can also be told that, to make sure they are safe, their
> > parents will get a message if they do view it
> >
> > With this in mind, we know that if this matching activity concerns you,
> > you can opt out by refraining from uploading photos to iCloud (by
> > disabling iCloud Photos, My Photo Stream, and iMessage).
> >
> > * Since these are all optional services, opting out is very easy to do.
> >
> > * Claims stating that Apple is supposedly scanning your entire device
> > 24/7 are unfounded.
> >
> > * Claims that Apple is scanning every single photo on your device are
> > also unfounded.
> >
>
> Thank you, that is very interesting. And yes, I do "want to know"!!!

check apple's white papers for more detail.

> The only thing is, and this is something I've seen elsewhere, so it's
> not my own, could a malevolent government insist that other hashes were
> included in the database and therefore hijack the purpose of this move?

it's designed specifically to prevent that.

the database used is an intersection of at least two entities, so at a
minimum, you'd have to get all of them to conspire against the same set
of images.

<https://i1.wp.com/9to5mac.com/wp-content/uploads/sites/6/2021/08/Screen-
Shot-2021-08-13-at-2.01.20-PM.jpeg>

but that's only part of the process. once ~30 images are flagged, it
goes to manual review, so you'd *also* have to get the manual review
team on board with the conspiracy.

In article <si0081$v96$1@dont-email.me>, sms
<scharf.steven@geemail.com> wrote:

> > The only thing is, and this is something I've seen elsewhere, so it's
> > not my own, could a malevolent government insist that other hashes were
> > included in the database and therefore hijack the purpose of this move?
>
> That's one of, but not the only, objection to this back door (or
> whatever anyone wants to call it).

it's a baseless objection from those who don't understand how it works
and refuse to earn how it works.

> And the question is not "could a
> malevolent government insist...?," it's a virtual certainty that they
> would insist.

they might insist, but the question is will they succeed.

the answer is a resounding no.

apple's system is designed specifically to prevent that from happening
by using the intersection of multiple entities:

<https://i1.wp.com/9to5mac.com/wp-content/uploads/sites/6/2021/08/Screen-
Shot-2021-08-13-at-2.01.20-PM.jpeg>

> Would Apple cave if such a government insisted is the real question.
> Based on historical evidence, it's entirely possible;

it's not possible without a massive conspiracy.

> listen to the
> podcast at

that podcast is not relevant. it was about apple obeying chinese laws
when doing business in china, which is something any company doing
business in china must do.

In article <shvvpm$11i8$3@gioia.aioe.org>, Wilf <wilf@postingx.uk>
wrote:

> >> do they classify as a "back door", and why do some here say there is no
> >> "back door"? TIA.
> > A back door is a hidden feature or a flaw in software that allows unknown
> > and unauthorized access to a computer's data. There is no hidden
> > feature or flaw, not unknown access, no unauthorized access, no back
> > door.
>
> Might that just be semantics, though?

nope. the definition is clear, except to those with agenda and the
usual trolls.

> Ok, so if a back door is something
> hidden, then this is not a back door per se.

exactly the point.

> Maybe a 'Front Door'? But
> it could allow governments to insist that other hashes be included in
> the database used to identify offending pictures.

multiple governments would need to conspire against the same images
(good luck getting multiple governments to agree on anything) *and* get
the manual review team to go along with it.

<https://i1.wp.com/9to5mac.com/wp-content/uploads/sites/6/2021/08/Screen-
Shot-2021-08-13-at-2.01.20-PM.jpeg>

nospam <nospam@nospam.invalid> wrote:
> In article <slrnsk6n6p.22a.g.kreme@m1mini.local>, Lewis
> <g.kreme@kreme.dont-email.me> wrote:
>
>>> do they classify as a "back door", and why do some here say there is no
>>> "back door"? TIA.
>>
>> A back door is a hidden feature or a flaw in software that allows unknown
>> and unauthorized access to a computer's data. There is no hidden
>> feature or flaw, not unknown access, no unauthorized access, no back
>> door.
>
> yep. it's the very opposite.
>

It is the juiciest piece of meat ever dangled in front of hackers. Even if
it doesn’t meet the definition of a back door in your mind now it won’t be
long before it will become one.

On 16/09/2021 at 19:10, nospam wrote:
> In article <shvvj8$11i8$1@gioia.aioe.org>, Wilf <wilf@postingx.uk>
> wrote:
>
>>>
>>> Assuming Wilf really wants to know how Apple's proposed system works:
>>>
>>> Photo Library Scanning
>>>
>>> * photos being uploaded to Apple¹s iCloud servers from your photo
>>> library are examined on device just before upload (rather than after
>>> upload on the server) ‹ they are examined on device rather than in the
>>> cloud by generating a hash of the photo being uploaded and comparing
>>> that hash with an on-device hash database of known child abuse images
>>>
>>> * end users cannot access, view, or modify the database of known child
>>> sexual abuse photos ‹ nor can they identify which images were flagged
>>>
>>> * photos that match the hashes of known child sexual abuse photos are
>>> flagged as potential violations by generating encrypted safety voucher
>>> containing metadata about the matching photo and a visual derivative
>>> of the photo with sensitive portions obscured ‹ the safety voucher is
>>> also uploaded to iCloud
>>>
>>> * your photos in iCloud are encrypted both in transit and at rest on the
>>> servers, and Apple does not decrypt them or access them on the servers
>>> in order to scan them, which means Apple employees know absolutely
>>> nothing about photos that do not match hashes of known child sexual
>>> abuse material ‹ nor do they know anything about photos that are not
>>> uploaded to Apple servers
>>>
>>> * the risk of the system incorrectly flagging an account is extremely
>>> low (1 in 1 trillion probability of incorrectly flagging a given
>>> account)
>>>
>>> * only accounts with safety vouchers that exceed a threshold of multiple
>>> (over 30) matches to known child sexual abuse photos are able to be
>>> reviewed by Apple employees ‹ until this threshold is exceeded, the
>>> encrypted vouchers cannot be viewed by anyone, thanks to an encryption
>>> technology called private set intersection (also known as threshold
>>> secret sharing)
>>>
>>> * only vouchers that are reviewed and verified by a human being to be
>>> actual child abuse material are forwarded to authorities
>>>
>>> Child Protection in Messages
>>>
>>> * this feature is only available for accounts set up as families with
>>> iCloud Family Sharing
>>>
>>> * parent/guardian accounts must opt in to turn on the feature for their
>>> family group
>>>
>>> * parental notifications can only be enabled by parents/guardians for
>>> child accounts age 12 or younger
>>>
>>> * when enabled, the feature uses on-device AI (rather than the
>>> aforementioned database of hashes) to analyze images that are sent and
>>> received by the child - this happens privately so that Apple does not
>>> have any knowledge of it
>>>
>>> * if a child account sends or receives sexually explicit images, the
>>> photo will be blurred and the child will be warned, presented with
>>> helpful resources, and reassured it is okay if they do not want to
>>> view or send the photo
>>>
>>> * if parents desire (they must opt-in), as additional precaution, young
>>> children can also be told that, to make sure they are safe, their
>>> parents will get a message if they do view it
>>>
>>> With this in mind, we know that if this matching activity concerns you,
>>> you can opt out by refraining from uploading photos to iCloud (by
>>> disabling iCloud Photos, My Photo Stream, and iMessage).
>>>
>>> * Since these are all optional services, opting out is very easy to do.
>>>
>>> * Claims stating that Apple is supposedly scanning your entire device
>>> 24/7 are unfounded.
>>>
>>> * Claims that Apple is scanning every single photo on your device are
>>> also unfounded.
>>>
>>
>> Thank you, that is very interesting. And yes, I do "want to know"!!!
>
> check apple's white papers for more detail.
>
>> The only thing is, and this is something I've seen elsewhere, so it's
>> not my own, could a malevolent government insist that other hashes were
>> included in the database and therefore hijack the purpose of this move?
>
> it's designed specifically to prevent that.
>
> the database used is an intersection of at least two entities, so at a
> minimum, you'd have to get all of them to conspire against the same set
> of images.
>
> <https://i1.wp.com/9to5mac.com/wp-content/uploads/sites/6/2021/08/Screen-
> Shot-2021-08-13-at-2.01.20-PM.jpeg>
>
> but that's only part of the process. once ~30 images are flagged, it
> goes to manual review, so you'd *also* have to get the manual review
> team on board with the conspiracy.
>

Thanks, I'll try to look at those white papers.

--
Wilf

On 16/09/2021 at 19:10, nospam wrote:
> In article <shvvpm$11i8$3@gioia.aioe.org>, Wilf <wilf@postingx.uk>
> wrote:
>
>>>> do they classify as a "back door", and why do some here say there is no
>>>> "back door"? TIA.
>>> A back door is a hidden feature or a flaw in software that allows unknown
>>> and unauthorized access to a computer's data. There is no hidden
>>> feature or flaw, not unknown access, no unauthorized access, no back
>>> door.
>>
>> Might that just be semantics, though?
>
> nope. the definition is clear, except to those with agenda and the
> usual trolls.
>
>> Ok, so if a back door is something
>> hidden, then this is not a back door per se.
>
> exactly the point.
>
>> Maybe a 'Front Door'? But
>> it could allow governments to insist that other hashes be included in
>> the database used to identify offending pictures.
>
> multiple governments would need to conspire against the same images
> (good luck getting multiple governments to agree on anything) *and* get
> the manual review team to go along with it.
>
> <https://i1.wp.com/9to5mac.com/wp-content/uploads/sites/6/2021/08/Screen-
> Shot-2021-08-13-at-2.01.20-PM.jpeg>
>

Thank you, that does make sense.

--
Wilf

In article <si01ja$9km$1@dont-email.me>, badgolferman
<REMOVETHISbadgolferman@gmail.com> wrote:

> >>> do they classify as a "back door", and why do some here say there is no
> >>> "back door"? TIA.
> >>
> >> A back door is a hidden feature or a flaw in software that allows unknown
> >> and unauthorized access to a computer's data. There is no hidden
> >> feature or flaw, not unknown access, no unauthorized access, no back
> >> door.
> >
> > yep. it's the very opposite.
> >
>
> It is the juiciest piece of meat ever dangled in front of hackers.

juicy or not, it's going to be *very* difficult to hack it for all
sorts of reasons which been explained many times.

> Even if
> it doesn¹t meet the definition of a back door in your mind now it won¹t be
> long before it will become one.

it can't 'become one'.

On Sep 16, 2021, nospam wrote
(in article<news:160920211410447675%nospam@nospam.invalid>):
> it's designed specifically to prevent that.

Apple can't control malware & government coders who open these back doors.

Ron, the humblest guy in town.

On Sep 16, 2021, nospam wrote
(in article<news:160920211410457746%nospam@nospam.invalid>):
>> And the question is not "could a
>> malevolent government insist...?," it's a virtual certainty that they
>> would insist.
>
> they might insist, but the question is will they succeed.
>
> the answer is a resounding no.

Why then did Apple say they follow all the laws everywhere iPhones are sold?

Is Apple now going to say a "resounding no" to the laws of those countries?

Ron, the humblest guy in town.

In article <p8flgfea8xm5$.dlg@news.solani.org>, RonTheGuy
<ron@null.invalid> wrote:

> Apple can't control malware & government coders who open these back doors.

there aren't any backdoors to open.

seriously, read the white papers and learn what a backdoor actually is
before you go throwing around words you don't understand.

In article <zylpvxyharje.dlg@news.solani.org>, RonTheGuy
<ron@null.invalid> wrote:

>
> Why then did Apple say they follow all the laws everywhere iPhones are sold?

they do.

On Sep 16, 2021, nospam wrote
(in article<news:160920211410467808%nospam@nospam.invalid>):
> multiple governments would need to conspire against the same images
> (good luck getting multiple governments to agree on anything) *and* get
> the manual review team to go along with it.

Malware writers don't have to agree to anything to open these back doors.

Ron, the humblest guy in town.

On Sep 16, 2021, Wilf wrote
(in article<news:shv3ci$2b5$1@gioia.aioe.org>):
> Why do some people think there is or is going to be a "back door"?

For now it seems Apple listened to privacy experts so maybe there won't be
these new back doors added to every phone which users can't opt out of.

By opting out I mean what everyone means which is that the governments and
malware writers will be opening these new back doors and that is what the
user can't opt out of.

Ron, the humblest guy in town.

In article <al56vbi12fdr$.dlg@news.solani.org>, RonTheGuy
<ron@null.invalid> wrote:

> > multiple governments would need to conspire against the same images
> > (good luck getting multiple governments to agree on anything) *and* get
> > the manual review team to go along with it.
>
> Malware writers don't have to agree to anything to open these back doors.

what part of there is no backdoor is not clear?

read the white papers on how it actually works and why there is no
backdoor.

On Sep 16, 2021, sms wrote
(in article<news:shvpm2$g8t$1@dont-email.me>):
> EFF called it a "narrow back door,"

It doesn't matter how narrow a back door is since governments and malware
writers around the world will be the ones opening them up on your phone.

Ron, the humblest guy in town.