This feels like forced CSAM scanning through a back door even without explicit iCloud upload. I'm just glad I haven't installed either of those OSs. Too many bad experiences from the past have made me extremely wary of installing OS updates. Fool me once, ...
The main issues here are the default opt-in and not announcing this feature way back in September. If someone wants this, they can always enable it if it’s opted out by default. I’d expect Apple to fix this soon.
The link below is from the original author of this revelation, and is better suited for discussion, IMO. The author, Jeff Johnson, is a long time developer of applications on macOS and iOS/iPadOS.
Apple Photos phones home on iOS 18 and macOS 15
Discussed five days ago at https://news.ycombinator.com/item?id=42533685
December 28 2024
https://lapcatsoftware.com/articles/2024/12/3.html
The follow up is also interesting and relevant:
The internet is full of experts
December 31 2024
"fix this"
You mean backtrack, right? I don't think we should give them credit
"According to their criticism, an iPhone user is not entitled to question an iPhone feature. Whatever Apple says must be trusted implicitly."
The really annoying thing is that if you opt out on your phone it does not opt out on your computer and vice versa. You have to opt out in both places individually.
So, why are we mad about this? The techniques used maintain perfect privacy throughought the process. It's a neat feature with no downsides for the user.
> So, why are we mad about this?
Not everyone wants the software/OSes we run to automatically send data elsewhere. I bought the damn device, I own it, yet somehow it/the company decides that some things it comes across on it, can be sent to the company?
No thank you, I prefer consensual computing.
> with no downsides for the user
No downsides for you, with your requirements/use cases. If the user has a requirement of "Doesn't send anything to anyone without consent", then this is obviously a downside.
>Not everyone wants the software/OSes we run to automatically send data elsewhere.
I personally find it offensive when a mega-corp makes the assumption that my connection to the Internet is available for them to build for-profit services without giving me sufficient agency.
The cant-disable-Wifi-safely dark pattern is bad enough. But turning me into a data harvester for their million-dollar services, without even thinking about giving me a cut?
No thanks.
Alas, these anti-patterns have become a norm by way of ignorance, and its not getting better.
Because apple could, just as easily, have auto opted-out everyone from this decision. I am not, by default, training data for AI or machine learning.
Could Apple get any training data out of this, given the homomorphic encryption?
If not, then why the default opt-in?
Because it's a) a useful function for the app that b) can't practically be done entirely on-device, and c) they believe they're not sending anything private off-device.
None of that justifies signing me up for something without my permission.
That wasn't the question you asked.
You asked "If not [for training data], then why the default opt-in?" and I gave three alternative reasons.
None of which are sufficient justifications...
It must be awfully convenient to believe that the only possible reason for it to be on is the same reason you made up entirely based on nothing. Personally, I don't find that logic convincing.
Your reasoning is also based on nothing beyond your own speculation.
no u
a) Compensating for missing location metadata is a valid feature for a photo library. Peer competitor Google Photos also implements location estimation from landmarks.
b) The sizes of contemporary general vision models and the size of the vector database for matching potentially millions of landmarks suggest that this is not suitable for running on-device.
c) Apple's entire strategy is to do cloud computation without private data, so it stands to reason that they believe they're not using private data.
Apple turning a feature on by default can only possibly be a conspiracy to surreptitiously obtain training data from people’s photos? It couldn’t just be that they think most people will want the feature?
It’s one thing to argue that Apple is doing this for nefarious reasons, but to suggest that this is somehow the only conceivable option is a bit nuts.
>Apple turning a feature on by default can only possibly be a conspiracy to surreptitiously obtain training data from people’s photos?
Apple-scale companies have done far worse. It is hardly a "conspiracy" to allege Apple behaves like other companies of its ilk.
>It couldn’t just be that they think most people will want the feature?
Apple doesn't care what the end user thinks. "A lot of times, people don't know what they want until you show it to them" -Steve Jobs
>only conceivable option is a bit nuts.
I am merely suggesting it as the most likely option, not the only option.
I think it's technically impossible for Apple to get training data from this due to the encryption. In which case it's not a likely option at all.
The purpose of the homomorphic encryption is that they can compare similar landmarks without seeing the unencrypted image data on the server side.
Right, so I assume that they can’t build up a database of images to use for training future models. But I was hoping someone who understands homomorphic encryption and machine learning better than me could confirm this.
The question should be "why are you not mad about this?".
I'm not mad about this because I use Google Photos, which has been doing the same thing for the last two years without people on the internet telling me to be mad about it.
Using Google photos was your own choice. If your default browser decides tomorrow to opt you in to mine crypto, I'll wager you would be unhappy.
Not sure what you mean. Google Photos is the default on every smartphone I've ever owned and this setting has been on by default as long as it has existed. You could just as easily say "Using Apple Photos was your own choice" and get shouted down.
The point is that outrage isn't automatic. Not everyone is going to be equally mad about a check box.
People aren't complaining that Apple Photos is installed by default. They're complaining that it's sending data up to Apple by default. You have to explicitly opt in to Google Photos backing up your photos to the cloud. That setting is not on by default.
You have to opt in to send your photos to Google Photos.
Same. But honestly with all the "I pay extra for Apple because privacy" posts around here, I kind of expect better from them. Whereas everybody pretty much knows that if you dance with Google, they're going to be looking down your top...
Personally, the whole "send a vector embedding of part of a picture wrapped in encryption and proxies" seems like it probably is better, but maybe Google is doing all of thatz too.
Because Apple did a great job implementing a useful feature in a privacy-preserving way, and I don't want to toggle on 100 opt-in features when I setup a new iPhone
This should be a choice between "recommended experience" and "advanced experience" when you set your phone up. If one selects the latter they get all the prompts. It should then be possible to toggle between experiences at any point.
Ok. Maybe Apple won’t mind running my executable and letting it send sensitive data to my server?
"We" don't automatically, naively assume that a brand new feature, which has undergone no external validation, that uploads data/metadata from your personal, private photos library without your foreknowledge or consent, is "perfect".
You get what you put up with.
Not trying to justify this but rather state it plainly for those still scratching their heads over such behavior.
Is this actually a surprise, or even news, really, to anyone here?
Ownership is a thing of the past. It doesn't have to be but when I suggest alternatives people say it's "impractical" for them but then act all surprised pikachu when it turns out they're totally beholden to what some billionaire thinks is best...
Oh well.
"Is anyone surprised" isn't exactly whataboutism but this type of thing comes up so often, I need a word for it
Whatever that word is, people need to do less of it, I don't think it ever really contributes anything
I'm not trying to imply we are defeated, I'm simply trying to convey that our focus should be on the fact that all our castles are in a hostile kingdom.
I'm quite tired of all this "Leopards keep eating my face and I Don't Know Why!". This sort of message board has been rife with this sort of sentiment since the 90's (and probably earlier; I'm young-ish) and these organizations have only gotten stronger since then. You're playing their game to their benefit. I hope that clears things up some, and I'm glad to know this sort of sentiment (the "This is what happens when you build your castle in a hostile kingdom") comes up often, as it implies more people are getting over it.
I would be embarrassed if this specifically happened to me, as I am embarrassed when similar things happen to me in other hostile ecosystems. It drives me to improve and pursue autonomy, digital or otherwise. How else can we move forward, and I mean, for good? There are so many things I do on computers that are not, in fact, constant uphill battles. It's possible!
It's just regular defeatism
I don't think it's real though, it's a covert call to action via reverse psychology: "everything is really really bad, it's almost hopeless and past time so... [do something about it]"
Agreed, that's the second level of meta, the over-the-top defeatism as a call to action.
> Is this actually a surprise, or even news, really, to anyone here?
Yes, it's literally news, all over the tech news sites, including Hacker News.
And yes, it's actually a surprise. Noted cryptograph Matthew Green said, "It’s very frustrating when you learn about a service two days before New Years and you find that it’s already been enabled on your phone." https://bsky.app/profile/matthewdgreen.bsky.social/post/3lef...
Please show me where you, anonymous HN commenter, predicted that Apple would add Enhanced Visual Search in iOS 18.1 and silently opt everyone in.
> when I suggest alternatives people say it's "impractical" for them
So are you just choosing to ignore the practical concerns of people? Life is a series of tradeoffs. There is no perfect tech. If your alternatives are so indisputably superior, then why aren't they winning the market? Every time there's bad news about a big tech company, some commenters come out of the woodwork to provide condescending lectures for us unwashed masses, but these commenters invariably fail to acknowledge the many ways in which their alternatives are actually worse for most people, less useful, less practical, lacking in features, indeed more annoying than whatever bad news happens to be currently under discussion. The reason that the products of big tech companies are so popular is that those products are good and useful in many ways, despite the downsides. How about a discussion about what people have to give up exactly in order to switch to the alternatives, a discussion of the very real downsides to the alternatives?
Oh well.
> act all surprised pikachu when it turns out they're totally beholden to what some billionaire thinks is best...
You're equivocating on the notion of surprise. On the one hand, nobody is surprised that tech CEOs have a lot of power over the users of their tech. That's an extremely vague, general notion. On the other hand, yes, people are surprised about some of the specific things that tech companies do, especially when those specific things are against the tech company's stated values. Are you claiming that nobody should talk about, complain about, or report in the news about the specific things that tech companies and billionaires do? Should we have complete silence about things happening with products used by billions of people?
I mean, that it’s a “surprise” and that he is upset he only found out about the features existence only two days before New Years seem a bit, well nonsense. Apple mentioned the feature in the 2024 iPhone event, including that it will be a combination of both onboard ml and services (it’s at about 55 minutes in the stream). Then there’s the blog post that describes the privacy features fairly detailed from October 24 (Combining Machine Learning and Homomorphic Encryption in the Apple Ecosystem). I think the feature went live in iOS 18.1 which was released three days later on october 28 according to google. There’s even a post on Reddit from five months ago noting the toggle appearing in the beta.
There is a debate that could be had about opt in vs opt out if services but the idea that apple tried to sneak the feature in or hid how it works doesn’t hold up in my opinion.
> Apple mentioned the feature in the 2024 iPhone event, including that it will be a combination of both onboard ml and services (it’s at about 55 minutes in the stream).
I believe you're mistaken. At the 55 minute mark in the stream, Craig Federighi announced Visual Intelligence, exclusively for iPhone 16. That's not the same as Enhanced Visual Search, which appears to be available not only for all iPhone and iPad models but also for Mac.
"Note: Visual intelligence with Camera Control requires Apple Intelligence and is available in iOS 18.2 or later on all iPhone 16 models." https://support.apple.com/guide/iphone/use-visual-intelligen...
Moreover, Apple Intelligence, and thus Visual Intelligence, is opt-in rather than opt-out.
> Then there’s the blog post that describes the privacy features fairly detailed from October 24 (Combining Machine Learning and Homomorphic Encryption in the Apple Ecosystem).
How many people read Apple's machine learning blog? I certainly don't.
> I think the feature went live in iOS 18.1
That's what we're speculating, based on some vague evidence, but I'm not sure anybody knows for certain.
> There’s even a post on Reddit from five months ago noting the toggle appearing in the beta.
You're seriously citing a single obscure Reddit post as evidence that this wasn't a surprise to the general public?
Youre correct about stream, my bad but I feel you’re extremely uncharitable with your words. “There’s even a post on reddit […]” was what I wrote to note that people had picked up on the feature toggle during the beta which is also where the 18.1 info came from.
How would you have liked to have received information about this feature? We might disagree wether the technical blog post is not good enough and, let’s face it, no one probably read the legal notice for Photos & privacy.
> How would you have liked to have received information about this feature?
This is not a difficult question. Obviously, from an Apple announcement directed to all Apple users, for example in a keynote event, a press release, or an in-app announcement of the new feature, giving the user an explicit option.
> no one probably read the legal notice for Photos & privacy
I did read the legal notice, which is how I became concerned in the first place, but the notice was at the bottom of the Photos Settings, alongside the toggle to turn off Enhanced Visual Search, neither of which I discovered except by chance last week.
> And yes, it's actually a surprise
Not sure why. Apple has presumably had AI scanning your photos for years now.
It's how they power the Faces feature.
That happens entirely on device, no internet component.
"On-device performance is especially important as the end-to-end process runs entirely locally, on the users device, keeping the recognition processing private." https://machinelearning.apple.com/research/recognizing-peopl...
Apple introduced the Faces feature in iPhoto in January 2009.
Everyone is going to keep using Apple devices. No one is really going to care, Apple will suffer no reputation damage, hence Apple (and other companies) will keep doing it.
Everyone/no one used in the main - 99%+ of people.
I'm sure, like the siri spying lawsuit where Apple gives you $20 for your privacy(if you ask for the $20), there's another lawsuit & $20 pahment waiting for this "privacy respecting company" to give you.
It's fantastic. Searching through my photo library in plain text is one of the few useful features of machine learning I've ever encountered.
"But I don't want them to do it."
With all due respect, quit your bitching and turn it off.
"But I shouldn't have to."
The needs of the normal many outweigh the needs of the edge case weirdo few.
"But this is the first step in a long downwa.."
No, it isn't.