The CSAM Question No One Is Asking Apple

Apple's Spying Eye

Apple opened up Pandora’s privacy destroying backdoor. It leveled many users’ trust in the company by invading the privacy of users’ devices. Apple waved its hands explaining that by destroying your property’s sovereignty, somehow, it is protecting your privacy. Apple’s explanations have been received as rather conflicted, confused, and disingenuous. During all that brouhaha, the always sad tech press failed to ask a fundamental question.

Is This Trip Really Necessary?

Since Apple contends it is only scanning your iPhone for photos you choose to upload to iCloud, why does Apple need to scan anything on your device? Apple, instead, can easily scan the photos once they reach its servers. As such, on-device scanning is unnecessary.

Apple has already been CSAM scanning user email on its iCloud servers since 2019. Moreover, in so doing, Apple has not bothered hunting through emails on user devices—because scanning emails sent to its servers makes way more sense. It’s more efficient. Apple has more control over its own hardware. And it doesn’t require invading users’ private devices.

Furthermore, users have no right to harm Apple’s property. Apple has every right to protect their own server property by scanning user emails for harmful malware, trojans and viruses. Arguably and similarly, Apple also has a right to scan for harmful CSAM on its servers.

The Big Picture

Apple’s on-server CSAM scanner works much more simply than its insanely intricate on-your-device CSAM scanner. And, It already built and has been using the on-server CSAM scanner for years. Better still, Apple’s on-server CSAM implementation has less negative impact on users’ privacy. So why did Apple, instead, go through the trouble to build, from scratch, the on-user-device backdoor implementation?

As I noted before, people seem to be missing the big picture. Everyone’s focusing on how CSAM hashes can be replaced with hashes matching for more dystopian ends (e.g., searches to uncover and oppress political views, groups, individuals, etc.). And while true, such abuses are possible with Apple’s CSAM system, it’s missing a far larger point. Software is infinitely mutable.

Apple’s on-device CSAM scanner employs a data-scanner/hash-maker process on your iPhone. The process has open access to read your data constantly without your permission or informing you. Currently, the data-scanner/hash-maker process only works with hashes. However, it can be reprogrammed. Instead of scanning your files to generate comparison hashes, it could be modified to simply read your files.

That process can be coopted because software is so easy to alter. For example, hackers could target the data-scanner/hash-maker process for exploit. Find a bug, and use the bug to inject a new code payload for whatever they want. Perhaps worse, governments can mandate that Apple change the code to search for anything (e.g., terrorists, enemies of the state, political adversaries, or other dystopian ends). Apple has complied with such requirements in the past. And it would be compelled to do so in the future.

The Hashing Trojan Horse

So this brings us back to the big question. Why does Apple need such a convoluted on-device CSAM scanner for files that will end up on its servers anyway? It could much more simply scan any photos you send on their servers rather than on your device.

While there may be many possibilities, one sad, dark and looming reason simply jumps out: Apple could have caved on a backdoor to powers-that-be. The on-device data-scanner/hash-maker makes a perfect Trojan Horse. It already has access to read your files. And once this backdoor is established, so is the slippery slope.


Subscribe
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

5 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
joe_u

This will ultimately end up going through the court system and eventually to the U.S. Supreme Court. Scanning iCloud servers is one thing, scanning personel devices is another. Loosing the confidence of your user base will ultimately tarnish the Apple brand.

Jeff Butts

Apple has already been CSAM scanning user email on its iCloud servers since 2019. Moreover, in so doing, Apple has not bothered hunting through emails on user devices—because scanning emails sent to its servers makes way more sense. It’s more efficient. Apple has more control over its own hardware. And it doesn’t require invading users’ private devices. Very true, and you make a number of great points here and in your other discussions of the CSAM debacle. I suspect, though, the reason for Apple to start doing on-device scanning is probably simple: digging its fingers into all the pies, not just… Read more »

Wrong. Period.