Update: November 14, 2021: as apple has listened and refrained from implementing client side scanning, I went back and got an other iphone and iwatch (keeping the Android stuff just in case). A good article of October 14 2021 by leading computer security folks can be found here. The following was written August 11, 2021, just a few days after apple had announced mass spying on personal devices.

The Poisoned Apple: how Apple lost its trust

browser wars:

Sometimes, there are principles and basic rights which need to be defended vigorously. We might remember the Browser wars in the late 1990'ies. Even this page you are reading, has in the meta data a flag ``MSSmartTagsPreventParsing" because Microsoft, at the peak of its browser dominance, thought it to be acceptable to inject additional content into webpages (like links to Microsoft products if applicable). The browser wars were won with the emergence of other good browsers like Mozilla or then later with Chrome. The danger is not yet over, as we are in a time, when Chrome starts to dominate and with that also the arrogance of the company behind it. Arrogance means for example to push through standards which have to be accepted simply because of the dominance of the player. Any attempt for example to route web-traffic through servers owned by the browser company is unacceptable because in principle, it would allow filtering or modification of content.

Crypto wars:

Probably even more fundamental was the Crypto war which is not yet completely over. There was a time, when it was thought to be ok to limit strong cryptography. That war was also won because of non-political reasons like that the mathematics of strong cryptography is very simple and so can be built by anybody without the need to ask for permission. Even attempts to patent such mathematics is futile because it deals with mathematics developed centuries ago based on simple structures like primes or elliptic curves. When I was in the cryptology group of the Swiss military, one of the programs was to write from scratch all software for modern cryptology, even integer arithmetic was rewritten from scratch in Pascal. This was done during yearly 3 week ``mandatory services" during which also a lot of non-mathematical tasks were repeated like shooting rifles, basic military drill or throwing hand grenades. I mention this because a bunch of soldiers working for a few days a year could build such a system from scratch. Any group of professional programmers could do that too within a few weeks. Strong cryptography can not be forbidden because everybody can roll their own version.

Backdoor wars:

Again and again, some government or politicians ask for ``backdoors" in computer operating systems. This would allow law enforcement to enter a private computer and help so the investigation. There are many good reasons against such backdoors: if placed, they can be exploited also by third parties interested for example in extortion. Planting ransomware becomes much easier, if there are deliberate bypasses installed Backdoors would significantly reduce the ability to innovate in business. The reason is simple. Any business idea which leaks is for certain be taken up by the competition, especially by the big players. It would open door for bank robbers opening bank accounts (which are protected thanks to strong encryption). Backdoors are also in fundamental violation with the constitution. The fourth amendment clearly states: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." One can argue that one does not need to buy the product. Today, we have almost no option as we live in a duopoly and a smartphone is essentially required for modern live.

August 5th 2021

What Apple announced on August 5th 2021 is directly in violation to the constitution. I actually hope that the company will be sued once the system will be in effect. Clearly, searching without court order in private phones clashes with the right of being ``secure in their persons, houses, papers, and effects, against unreasonable searches". This is serious. Just to be clear: it is of course completely acceptable to have material on icloud searched. This is like a bank or storage service making sure that no dangerous material is planted in their vaults. It is also of course completely ok for law enforcement to investigate crimes and if there is suspicion, investigate and search individuals. This is what usually needs a court order and where a system is in place in which accused parties have rights. This is different now. The new scanning feature introduced by apple treats every customer as a potential criminal and is an example of ``unreasonable search" protected by the constitution of the United states. Unfortunately, Apple might get away with it because the EULA which users have to agree on will be clicked away by most apple users without reading. Its like renting a house, where the landlord reserves the right to search and monitor the interior of the property constantly or where your car has a built in system which reports any traffic violation directly to the police. Totally horrifying is that Apple devices will have stored on the device hashed versions of child abuse and child porn pictures. I myself would be disgusted to have even hashed and so unrecognizable versions of such horror on my device.

Why Apple lies about their intentions

Apple stores documents on iCloud in encrypted form in TLS 1.2. This or course prevent the company to scan iCloud content for illegal content. Hash functions are already a necessary part for encryption and an encrypted hash will be transmitted too. Is would be technologically easy to add a feature which allows to see whether two encrypted files are the same. One can implement this for example by producing on the users device an additional hash which is transmitted to iCloud using a strong NP complete one way function f. Also the hashes of each document in the illegal database is subjected to that one way function f. Now, on iCloud, it is possible to see whether there is a match. If yes, the necessary actions can be performed. There is no need to do the spying on the user on the client side and worse, planting kiddy porn hashes on every users device. There are clearly non-technical motives at play. The still effective think of the children rhetoric obviously worked.

Losing trust in Apple (I) video

Oliver Knill, Posted August 11, 2021,