Update: November 14, 2021: as apple has listened and refrained from implementing
client side scanning, I went back and got an other iphone and iwatch (keeping the
Android stuff just in case). A good article of October 14 2021 by leading computer
security folks can be found here.
The following was written August 11, 2021, just a few days after apple had announced mass
spying on personal devices.
The Poisoned Apple: how Apple lost its trust
browser wars:
Sometimes, there are principles and basic rights which need to be defended vigorously.
We might remember the Browser wars in the late 1990'ies.
Even this page you are reading, has in the meta data a flag ``MSSmartTagsPreventParsing" because Microsoft,
at the peak of its browser dominance, thought it to be acceptable to inject additional content into webpages
(like links to Microsoft products if applicable). The browser wars were won with the emergence of other good
browsers like Mozilla or then later with Chrome. The danger is not yet over, as we are in a time, when
Chrome starts to dominate and with that also the arrogance of the company behind it. Arrogance means for example
to push through standards which have to be accepted simply because of the dominance of the player.
Any attempt for example to route web-traffic through servers owned by the browser company is unacceptable because
in principle, it would allow filtering or modification of content.
Crypto wars:
Probably even more fundamental was the Crypto war which is
not yet completely over. There was a time, when it was thought to be ok to limit strong cryptography. That war
was also won because of non-political reasons like that the mathematics of strong cryptography is very simple
and so can be built by anybody without the need to ask for permission. Even attempts to patent such mathematics
is futile because it deals with mathematics developed centuries ago based on simple structures like primes or
elliptic curves. When I was in the cryptology group of the Swiss military, one of the programs was to write from
scratch all software for modern cryptology, even integer arithmetic was rewritten from scratch in Pascal. This
was done during yearly 3 week ``mandatory services" during which also a lot of non-mathematical tasks were repeated
like shooting rifles, basic military drill or throwing hand grenades. I mention this because a bunch of soldiers
working for a few days a year could build such a system from scratch. Any group of professional programmers could
do that too within a few weeks. Strong cryptography can not be forbidden because everybody can roll their own version.
Backdoor wars:
Again and again, some government or politicians ask for ``backdoors" in computer operating systems.
This would allow law enforcement to enter a private computer and help so the investigation. There are many
good reasons against such backdoors: if placed, they can be exploited also by third parties interested for example
in extortion. Planting ransomware becomes much easier, if there are deliberate bypasses installed
Backdoors would significantly reduce the ability to innovate in business. The reason is simple.
Any business idea which leaks is for certain be taken up by the competition, especially by the big players.
It would open door for bank robbers opening bank accounts (which are protected thanks
to strong encryption). Backdoors are also in fundamental violation with the constitution. The fourth amendment clearly states:
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and
seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation,
and particularly describing the place to be searched, and the persons or things to be seized."
One can argue that one does not need to buy the product. Today, we have almost no option as we live in a duopoly
and a smartphone is essentially required for modern live.
August 5th 2021
What Apple announced on August 5th 2021 is directly in violation to the constitution. I actually hope that the company will
be sued once the system will be in effect. Clearly, searching without court order in private phones clashes with the
right of being ``secure in their persons, houses, papers, and effects, against unreasonable searches". This is serious.
Just to be clear: it is of course completely acceptable to have material on icloud searched. This is like a bank or
storage service making sure that no dangerous material is planted in their vaults. It is also of course completely ok
for law enforcement to investigate crimes and if there is suspicion, investigate and search individuals.
This is what usually needs a court order and where a system is in place in which accused parties have rights.
This is different now. The new scanning feature introduced by apple
treats every customer as a potential criminal and is an example of ``unreasonable search" protected by the
constitution of the United states. Unfortunately, Apple might get away with it because the EULA which users have to
agree on will be clicked away by most apple users without reading. Its like renting a house, where the landlord reserves
the right to search and monitor the interior of the property constantly or where your car has a built in system which
reports any traffic violation directly to the police.
Totally horrifying is that Apple devices will have stored on the device hashed versions of child abuse and
child porn pictures. I myself would be disgusted to have even hashed and so unrecognizable versions of such
horror on my device.
Why Apple lies about their intentions
Apple stores documents on iCloud in encrypted form
in TLS 1.2.
This or course prevent the company to scan iCloud content for illegal content. Hash functions are already
a necessary part for encryption and an encrypted hash will be transmitted too.
Is would be technologically easy to add a feature which allows to see whether two encrypted files are the same. One can
implement this for example by producing on the users device an additional hash which is
transmitted to iCloud using a strong NP complete one way function f.
Also the hashes of each document in the illegal database is subjected to that one way function f. Now, on iCloud, it is
possible to see whether there is a match. If yes, the necessary actions can be performed.
There is no need to do the spying on the user on the client side and worse, planting kiddy porn hashes on every
users device. There are clearly non-technical motives at play.
The still effective
think of the children rhetoric obviously worked.