Total surveillance through the back door: Apple's fatal fall from grace

Apple announces a kind of total surveillance for child protection with CSAM scanning, setting a fatal precedent.

 "It's an absolutely appalling idea because it will lead to distributed mass surveillance of our phones and laptops," comments security luminary Ross Anderson on Apple's latest foray into "security." Cryptography professor Matthew Green warns of a dam breaking. There's really nothing to add to that.

This is not about Apple searching for child porn on its servers and reporting it to the police. That's what all service providers like Google, Microsoft or Facebook do. It's about the fact that Apple now even wants to search for these images on the iPhones of its customers. Special search programs run secretly in the background on the devices without the owner's knowledge. Constantly and without any particular reason, for everyone. This is new. And it's frightening.

The IT group, of all people, which likes to adorn itself with the image of the defender of our privacy, is allowing itself to be harnessed to the surveillance state. The iPhone scanning for child porn involves nothing less than bugs embedded in the system that permanently search our devices for incriminating content! Exactly what they are looking for is, of course, a secret. But what can go wrong?

No, it is not enough to leave it in the dark. I'd rather list a few things that will go wrong:

1. After initially scanning only images in the cloud, the process will be extended to all content. Otherwise, the whole thing makes no sense at all.

2. The list of things to be searched for will be continuously expanded. Initially, it's child pornography - as always when you need the broadest possible consensus for new surveillance options. Then they look for terrorists, human traffickers, drug dealers, and so on and so forth. These are at least the ostensible targets. Secretly, of course, we are all being monitored - all the time.

3. States demand and get influence on the search criteria and of course access to the alarms triggered with it. So not only the USA and Germany. But also China, Russia, Hungary, Belarus, Saudi Arabia and so on. After all, a company has to comply with the law. And, of course, the manufacturer wants to continue selling its equipment.

4. Other manufacturers follow suit and build in similar functions. And at some point, this form of monitoring will even become mandatory. And why limit it to smartphones and notebooks? Why not monitor cameras and game consoles as well? The entire Internet of Things is becoming one surveillance nightmare.

5. Ways will be found to hack the search process. So targeted images or documents that are actually harmless, but still trigger a hit. And those will be foisted on people to discredit them.

Equipping our cell phones and computers with a permanent monitoring function that reports any misbehavior of any kind to the manufacturer is a terrible idea. It is a dam-breaker that will lead to unprecedented total surveillance. Anyone even considering such a thing must face massive headwinds.

That's why everyone should get behind it now:

"APPLE, DON'T DO THIS!"

Comments

Post a Comment

Popular posts from this blog

Chrome targeted by criminals: Why users need to update quickly now

A security vulnerability in Google Chrome is currently being exploited by cyber criminals. Malware could land on your PC through it. Read here how you can protect yourself. The Google Chrome browser is currently struggling with some security vulnerabilities. In a blog post , Google warns about a total of seven vulnerabilities, with the majority of these gaps being classified as a "high" threat to users. The vulnerabilities have been fixed in the latest version of Chrome for Windows, Linux and macOS. If you have Chrome version 90.0.4430.85 installed, it can no longer be exploited. If you have an older version of the browser installed, you should update urgently. You can find the download of the new version below these lines. Smartphone users do not have to be afraid of the security vulnerability. Google has not had to take any security measures here for the time being. The security vulnerability probably remained undiscovered by cyber criminals for the time being. So far, noth...
Read more

Face and voice recognition: Why TikTok wants to be allowed to collect biometric data in the USA

TikTok's privacy policy for the US now mentions the collection of biometric data from faces and voices. The background is likely to be a legal dispute that cost the company $92 million. Neue Datenschutzbestimmungen sind oft eher etwas für Juristen, doch die jüngste Aktualisierung von TikTok sollte alle Nutzerinnen und Nutzer in den USA aufhorchen lassen. Denn in den am 2. Juni aktualisierten Datenschutzbestimmungen für die USA ist ein Abschnitt enthalten, den es zuvor nicht gab. Er lautet übersetzt: »Wir sammeln möglicherweise biometrische Identifikationsmerkmale und biometrische Informationen, wie sie im US-Recht definiert sind, wie etwa von deinem Gesicht und deiner Stimme, aus deinen Inhalten.« Im englischsprachigen Original ist von »faceprint« und »voiceprint« die Rede. »Bevor wir damit anfangen«, frage man jedoch nach dem Einverständnis, wenn dies gesetzlich nötig sei, fügte noch TikTok hinzu. In response to an initial inquiry from "TechCrunch" about the ba...
Read more

Microsoft Teams, Zoom, WebEx: Berlin authority warns against popular video systems

After an initial data protection audit, some video service providers have made improvements to their offerings. But the Berlin data protection commissioner still sees serious shortcomings. The State Commissioner for Data Protection in Berlin (Germany), Maja Smoltczyk, advises against using leading video conferencing systems such as Microsoft Teams, Skype, Zoom, Google Meet, GoToMeeting, Teamviewer and Cisco WebEx. The reason is a retest of various offerings. After a number of services had already failed a test of data protection requirements last year, a new test of the major providers did not reveal any substantial improvement. Smoltczyk said that she was pleased "that our comments had persuaded so many providers to improve their offerings, in some cases very significantly, in terms of data protection". There are now enough legally compliant services for a wide range of purposes that there is no reason to break data protection law for video conferencing. However, if a provid...
Read more