Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Electronic Frontier Foundation Iphone Privacy Apple

Why EFF Flew a Plane Over Apple's Headquarters (eff.org) 29

EFF.org has the story: For the last month, civil liberties and human rights organizations, researchers, and customers have demanded that Apple cancel its plan to install photo-scanning software onto devices. This software poses an enormous danger to privacy and security. Apple has heard the message, and announced that it would delay the system while consulting with various groups about its impact. But in order to trust Apple again, we need the company to commit to canceling this mass surveillance system.

The delay may well be a diversionary tactic. Every September, Apple holds one of its big product announcement events, where Apple executives detail the new devices and features coming out. Apple likely didn't want concerns about the phone-scanning features to steal the spotlight.

But we can't let Apple's disastrous phone-scanning idea fade into the background, only to be announced with minimal changes down the road. To make sure Apple is listening to our concerns, EFF turned to an old-school messaging system: aerial advertising.

During Apple's event, a plane circled the company's headquarters carrying an impossible-to-miss message: "Apple, don't scan our phones!" The evening before Apple's event, protestors also rallied nationwide in front of Apple stores. The company needs to hear us, and not just dismiss the serious problems with its scanning plan. A delay is not a cancellation, and the company has also been dismissive of some concerns, referring to them as "confusion" about the new features.

Apple's iMessage is one of the preeminent end-to-end encrypted chat clients. End-to-end encryption is what allows users to exchange messages without having them intercepted and read by repressive governments, corporations, and other bad actors. We don't support encryption for its own sake: we fight for it because encryption is one of the most powerful tools individuals have for maintaining their digital privacy and security in an increasingly insecure world.

Now that Apple's September event is over, Apple must reach out to groups that have criticized it and seek a wider range of suggestions on how to deal with difficult problems, like protecting children online...

The world, thankfully, has moved towards encrypted communications over the last two decades, not away from them, and that's a good thing. If Apple wants to maintain its reputation as a pro-privacy company, it must continue to choose real end-to-end encryption over government demands to read user's communication.

Privacy matters now more than ever. It will continue to be a selling point and a distinguishing feature of some products and companies. For now, it's an open question whether Apple will continue to be one of them.

This discussion has been archived. No new comments can be posted.

Why EFF Flew a Plane Over Apple's Headquarters

Comments Filter:
  • We. customers of Apple products need to express themselves by calling/emailing/protesting/whatever
    • Not buying because we know Android will never try something like this.

      • Samsung copies everything Apple does so they were probably waiting to see how it went over first.

      • by west ( 39918 )

        Surely everyone understands that *anything* kept on a major vendor's server is scanned for problematic files unless the backup is also encrypted by the client (in which case the server provider cannot decrypt the files to scan them.). Currently none of the major providers offer this capability and would be in deep trouble with the government if they did.

        So, at the moment, the on-phone scanning is essentially meaningless. Far more intrusive scanning of everything that is backed up (i.e. everything on your

        • Surely everyone understands that *anything* kept on a major vendor's server is scanned for problematic files unless the backup is also encrypted by the client (in which case the server provider cannot decrypt the files to scan them.).

          To my thinking, the Apple plan was to scan the photos being uploaded before they hit the servers, while Google waits until the are on the server.

          The difference is what does Google do after they find kiddie porn hashes on their servers?

          Once you find it, you can't leave it there, gotta be removed. So Apple was probably just trying to avoid the scrubbing process.

          • by ceoyoyo ( 59147 )

            The difference is what does Google do after they find kiddie porn hashes on their servers?

            Starts showing you ads for white vans and candy?

            • The difference is what does Google do after they find kiddie porn hashes on their servers?

              Starts showing you ads for white vans and candy?

              I wouldn't doubt it. The classic ones are the vans with the wooden Venetian blinds, and the "Don't laugh - your daughter might be in here" bumper stickers.

        • No mod points, so I will just add this.

          For these companies, monitoring everything isn't weird or unusual, it's normal business practice. When they decided to announce they're scanning for pedos, the implied "everyone is getting scanned" didn't even register for them mentally. It's a given for them. It's only weird to everyone else.

          The smarter thing is to just go ahead and do it, and don't say anything that even implies it's happening. Like how Android scans all your photos now, whether you use their cloud b

      • Not buying because we know Android will never try something like this.

        You are being facetious aren't you?

        Because although the mechanism is different, they do scan all of your cloud imiages for kiddie pR0n hashes

      • by Anonymous Coward

        Android will never try something like this.

        https://protectingchildren.goo... [protecting...ren.google]

        Since 2008, we've used "hashing" technology, which creates a unique digital ID for each known child sexual abuse image, to identify copies of images on our services that may exist elsewhere.

        In 2013, we introduced algorithmic changes to Google Search to more aggressively prevent images, videos, and links to CSAM from appearing in search results. We've since implemented this change globally, automatically checking against millions of queries.
        At Google and YouTube, both CSAI

        • Android does not scan your local device. All the scanning is done on their servers. This is the critical difference with what Apple is doing. They're crossing the line from scanning their computers to scanning yours. That's a major difference and worth resisting at all costs.
      • LOL, no.

        Did you not notice that all of the outrage and pushback against Apple on this has been from civil rights and consumer privacy groups? There has been not a peep from Google or Amazon or Facebook or Microsoft or whoever. If any of them were NOT spying on you for the government, they would LOVE to throw the second punch and KO Appleâ(TM)s flagging reputation as the one major tech company that gives a rip about their customersâ(TM) privacy. Any company that is not already spying on you for the

    • We. customers of Apple products need to express themselves by...

      not buying their products to begin with.

  • The world, thankfully, has moved towards encrypted communications over the last two decades, not away from them, and that's a good thing.

    It’s more like the digital world would cease to function if you took away the ability to send information without it being intercepted than it’s moving toward it. Let’s see people run online banks, make online purchases, or do any of the million other things that break down horribly without it. I get the distinct impression that they are feverishly looking for a way to keep encryption for themselves and stop everyone else they can from using it to maintain control, because if modern digi

    • You're half-right. But it's not encryption ONLY for themselves. It's UNBREAKABLE only for themselves. BREAKABLE by them for everyone else.

      • BREAKABLE by them for everyone else.

        This has certainly been a focus, but ultimately this means the encryption is largely theatrical as the intent is to exploit it. Even if the party that does this is completely trustworthy and maintains perfect security over the back door the information loss can still easily lead to bad outcomes, much less when it’s put to malicious clandestine actions that are all too tempting with that much power.

    • by PPH ( 736903 )

      Letâ(TM)s see people run online banks, make online purchases, or do any of the million other things that break down horribly without it.

      Credit cards. The inter-bank cleaning system [wikipedia.org]. TLAs have had their fingers in these for decades. And commerce proceeded as if nothing happened.

  • The world, thankfully, has moved towards encrypted communications over the last two decades, not away from them, and that's a good thing.

    And don't think the FBI [vice.com] doesn't appreciate that. [therecord.media]

  • It's the only language corporations understand.
  • by Anonymous Coward

    If it is really that good, then all devices (and storage locations) ever used by CEO and Board and major stockholders and all top executives and all of their family, relatives, and friends should be scanned NOW BEFORE releasing to general public. And all the results should also be publicly released.
    How many illegal, embarrassing, non-politically-correct, etc instances will it find for those in power?
    Their family and friends might think it invasion of their privacy.
    How many of them will have charges for kid

  • Assuming it is genuine, I support Apple in the fight child porn and human trafficking. I think everyone can agree with that.

    The concern is then, whats next? That said, there is nothing preventing Apple from pushing something that does this anyways (or any kind of malware for that fact.) In fact, none of the cloud providers really need to push something onto a device, they can just scan what's in their clouds - maybe won't be as effective as a tech savvy criminal may turn off all cloud services. Encryption

Do you suffer painful hallucination? -- Don Juan, cited by Carlos Casteneda

Working...