Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I assume (and this is my opinion, to be ultra-clear) that it's a blocker for E2E encryption. As we've seen before, they wanted to do it by backed off after government pressure. It wouldn't surprise me if this removes a blocker.

Apple has shown that they prefer pushing things to be done on-device, and in general I think they've shown it to be a better approach.



From what I remember iCloud is only encrypted at rest but not E2E. Apple can decrypt it anytime.

The password manager (Keychain) is the only fully encrypted part of iCloud; If you lose your devices or forget the main password, the manager will empty itself. This does not happen with any other part of iCloud.


...yes, I'm saying that I think they _can't_ get to E2EE on iCloud without moving something like this client side.


Oh that would make sense.


That really makes little to no sense - it's not E2EE if you're going to be monitoring files that enter the encrypted storage. That's snakeoil encryption at that point.

I sincerely doubt Apple is planning to do E2EE with iCloud storage considering that really breaks a lot of account recovery situations & is generally a bad UX for non-technical users.

They're also already scanning for information on the cloud anyway.


Eh, I disagree - your definition feels like moving the goalposts.

Apple is under no obligation to host offending content. Check it before it goes in (akin to a security checkpoint in real life, I guess) and then let me move on with my life, knowing it couldn't be arbitrarily vended out to x party.


Going on with your life in this situation means police officers have been given copies of the photos that triggered the checkpoint. Do you want that?


Any image that would trigger _for this hashing aspect_ would already trigger _if you uploaded it to iCloud where they currently scan it already_. Literally nothing changes for my life, and it opens up a pathway to encrypting iCloud contents.


Apple's paper talks about decrypting suspect images. It isn't end to end.[1]

[1] https://www.apple.com/child-safety/pdf/CSAM_Detection_Techni...


Feel free to correct me if I'm wrong, but this is a method for decrypting _if it's matching an already known or flagged item_. It's not enabling decrypting arbitrary payloads.

From your link:

>In particular, the server learns the associated payload data for matching images, but learns nothing for non-matching images.

Past this point I'll defer to actual cryptographers (who I'm sure will dissect and write about it), but to me this feels like a decently smart way to go about this.


Matching means suspect. It doesn't have to be a true match.

It could be worse. But end to end means the middle has no access. Not some access.


And remember the E2EE is pure speculation at this point.


As long as your using an iPhone, apples got access. To be E2E, the screen still needs to be showing the encrypted values, not the real image


> To be E2E, the screen still needs to be showing the encrypted values, not the real image

No that is literally not the definition of end to end encryption.

End to end encryption means that only the final recipients of data can see what the data is. In this case, it's the user.


Then don't offer "E2EE"




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: