MBW 782: Pizza the Hutt

Beep boop - this is a robot. A new show has been posted to TWiT…

What are your thoughts about today’s show? We’d love to hear from you!

@Leo the ducking or whatever it is with Alex’s stream when you talked at the same time is very annoying… just saying. Like what occurs at 47m24s or so.

1 Like

I have to admit feeling a bit called-out with the beginning discussion of last week’s discusison. :slight_smile:

No worries. I was probably channeling a bit more indignation than was called for last week with Alec, and deserved some of that. It’s good that both Alex and Andy know each other well enough that they can have that kind of divisive discussion, know where each other are coming from in terms of their perspective, and appreciate the differing points of view. Which, after all, is truly what I want out of MacBreak (and other tech shows) - well reasoned differing points of view that help inform my own perspective.


Everyone keeps saying that Apple should scan the pictures in the cloud. The issue is everything (including pictures) is encrypted on the cloud. Apple has the keys to that content, but only uses those keys with a court warrant. If you want them to scan the pictures in the cloud they would always be unencrypting your photos. By doing this on your phone they can do the check, encrypt them, transfer to iCloud and it never is decrypted unless a court orders it.

All the security issues Andy mentioned with video doorbells are why I use HomeKit.There are multiple video doorbells that work with HomeKit and the secure video option.

Simply encrypt incoming photos with a key specific for incoming photos, and use that key in the cloud to decrypt and scan them, then use your PUBLIC key to encrypt them into your account and only your private key will be able to decrypt them. It wouldn’t be constant, because once scanned, they’re not changing. It’s only new uploads that need to be scanned once you scan the baseline. (Also, can’t you share your photos in the cloud with friends? Simply have a rule that says Apple is always a friend, and they can see ALL your photos.)

1 Like

Am I remembering correctly that Apple had some kind of deal around video storage specifically for security cameras?

They would scan the photo as it arrives, then encrypt it, much like most other services do, that encrypt at rest. Basically, if I haven’t encrypted a file, before uploading it, I assume that the hoster has access, but is professional enough to not let employees have direct access to my data.

It seems like Apple wants to move to encrypting with your keys on your device, before uploading to the cloud. This would also add the additional problem of, if you lose your key, you have lost your data… If Apple don’t have a copy of your key and you lose it, the data is gone. I believe that was one of the reasons why they haven’t done this, until now.

No, the point would be, if it is encrypted on your device, using your key, Apple couldn’t decrypt it, when served with a court order. The court order would have to be served on the user of the Apple account.

Yeah something was wrong with Alex’s audio during the whole show. I didn’t want to take the time to debug it. I’m hoping he’ll fix it before next week or we will have to try to do it. It’s challenging because he’s assumed to be the Zoom expert. It’s like trying to get Steve Gibson to fix his network issues - I have to presume they know what they’re doing.

Not sure why you think Apple only uses the iCloud crypto keys for law enforcement. Since they display file names and even file contents over the web I’m guessing they use them all the time.

1 Like

They can display those names and contents are you have entered your password to decrypt them. Are you seeing these some place else without logging in and providing a password? They decrypt device side.

“They would scan the photo as it arrives…”

I think Apple does not want to see your photos at all. In this scenario you would have to trust them, or anybody else, to do the right thing.

“It seems like Apple wants to move to encrypting with your keys on your device, before uploading to the cloud.”

I agree with this. I think that also is why they are introducing the iCloud Recovery Contacts feature so even if you forget the key someone can bail you out.

I do agree the best scenario is end to end encryption. Does this mean you would be okay with the hash matching on device if everything was end to end encrypted?

No. The personal device is sacrosanct, end of story.

And it isn’t the CSAM that is the problem, doing that is opening the floodgates to monitoring everything you are doing for governments around the world.

1 Like

So the hash matching technology has been in use for more than a decade and being used worldwide by dozens of companies. Governments worldwide have known this exists. Why haven’t we seen governments trying to add other hashes to this list before?

I do not see the advantage, from a government perspective, of changing the hashes before you upload or after the upload. It would actually be harder to keep it a secret. The hash changes are part of the OS so every iPhone in the world would get the same changes. Security researchers already have access to this hash database from Apple, so they would immediately see a change.

Governments have hundreds of other ways to monitor everything you are doing that no one complains about. Why would they risk doing something that would be easily exposed and open them up to bad press?

I think Apple’s solution was elegant with a number of built in safety measures that many people glossed over. I don’t expect everyone will agree with me.

Because it takes place on servers based in the USA under US law. Governments are starting to cotton onto this and, Russia, for example, insists that all data on its citizens is stored in Russia, so that they have jurisdiction over the data. The same with China.

And Europe, but as that is because the US laws are too weak and are a data protection joke, I have more trust in the data being stored here.

1 Like

So if the data is stored on a Russian or Chinese server they would have control of what is being hash matched server side. If the hash match is being performed on the device instead with the same set of hashes worldwide the individual governments would have less capabilities as it relates to this technology.

Because the governments don’t care. They already have control over the populations, they want more control over them, so they can stop them organising against the government Russia, Ukrain and China for example.

Or they want to suppress homosexuality or other “deviant” behaviour, which they have outlawed.


Microsoft, Google, Facebook and others have servers/data centers worldwide. This is not just happening on US based servers.

They just get the localised version for their country changed. Comply, or we make your devices and services illegal in our country.

1 Like

“They just get the localised version for their country changed. Comply, or we make your devices and services illegal in our country.”

Why would they bother? It is easier to just require they have access to the server keys and see everything. Trying to get a few thousand picture hashes added to this would not be worth the time or effort. They will want access to everything. Comply or get out.