Post ARl57uUo7l5PEIjKfA by yProd@infosec.exchange
(DIR) More posts by yProd@infosec.exchange
(DIR) Post #ARg25oCXHlTlTVgrzc by sneak@s.sneak.berlin
2023-01-15T19:30:12Z
8 likes, 12 repeats
https://sneak.berlin/20230115/macos-scans-your-local-files-now/macOS ventura 13.1 scans your local images using network API requests to apple when browsing local image files in the finder now.be advised.
(DIR) Post #ARg5U5QTCByxi1TaCW by Hyolobrika@gleasonator.com
2023-01-15T20:08:49.359479Z
0 likes, 0 repeats
@sneak @sneak >(PBUH please don’t decapitate me)This is a joke, right?
(DIR) Post #ARg7fj4cKLZpldvsjw by antoniopicornell@mstdn.social
2023-01-15T20:32:52Z
0 likes, 0 repeats
@sneak Absolutely devastating for users’ privacy. I don’t live in Europe, but this seems to be a GDPR violation as well.
(DIR) Post #ARgD7fzRssLg5Ff7Bo by sneak@s.sneak.berlin
2023-01-15T21:33:28Z
1 likes, 0 repeats
@antoniopicornell i don't think the gdpr applies here
(DIR) Post #ARgEdpRGODqCboZFQG by Hyolobrika@gleasonator.com
2023-01-15T21:51:25.090379Z
1 likes, 0 repeats
@sneak @bot @sneak >Imagine my surprise when browsing these images in the Finder, Little Snitch told me that macOS is now connecting to Apple APIs via a program named mediaanalysisd (Media Analysis Daemon - a background process for analyzing media files).
(DIR) Post #ARgFDwep1o3rQF8BuK by sneak@s.sneak.berlin
2023-01-15T21:57:03Z
1 likes, 0 repeats
@bot i was browsing images in the finder and it made network API requests, that's how. there's a screenshot of the image and the API access in the article.
(DIR) Post #ARgFWF0fX7L7YO4eOm by book@sleepy.cafe
2023-01-15T21:58:54.147059Z
1 likes, 0 repeats
UOOOOOOOOH! CHILD EROTIC! 😭😭😭😭
(DIR) Post #ARgFWFU5lisL1dq9GC by sneak@s.sneak.berlin
2023-01-15T22:01:04Z
0 likes, 0 repeats
@book false, you took the wrong conclusion from the article
(DIR) Post #ARgFaYsRbo0AKUHrmq by sneak@s.sneak.berlin
2023-01-15T22:01:19Z
0 likes, 0 repeats
@bot the purpose of mediaanalysisd is to scan images. that's all it does.
(DIR) Post #ARgGvG30uZpVxxfCZE by book@sleepy.cafe
2023-01-15T22:01:29.810183Z
1 likes, 0 repeats
UOOOOOOOOH! CHILD EROTIC! 😭😭😭😭
(DIR) Post #ARgGvGZcxJuxb6vFOy by book@sleepy.cafe
2023-01-15T22:16:29.211412Z
1 likes, 0 repeats
UOOOOOOOOH! CHILD EROTIC! 😭😭😭😭
(DIR) Post #ARgHka46FLO4ome024 by book@sleepy.cafe
2023-01-15T22:20:05.349815Z
1 likes, 0 repeats
UOOOOOOOOH! CHILD EROTIC! 😭😭😭😭
(DIR) Post #ARgIbWdhiJyTXcXmBU by sneak@s.sneak.berlin
2023-01-15T22:35:13Z
0 likes, 0 repeats
@bot i didn't make that claim
(DIR) Post #ARgIiCOnMk2YnGkiQK by sneak@s.sneak.berlin
2023-01-15T22:35:43Z
0 likes, 0 repeats
@bot i didn't make that claim. please read the post.
(DIR) Post #ARgMrPkTV7oIcUXhiK by book@sleepy.cafe
2023-01-15T23:05:13.313800Z
1 likes, 0 repeats
UOOOOOOOOH! CHILD EROTIC! 😭😭😭😭
(DIR) Post #ARgMrgK9sDrQ1nMQYS by book@sleepy.cafe
2023-01-15T23:05:54.886643Z
1 likes, 0 repeats
UOOOOOOOOH! CHILD EROTIC! 😭😭😭😭
(DIR) Post #ARgRYAH1JQZqtSPE4u by sneak@s.sneak.berlin
2023-01-16T00:15:03Z
0 likes, 0 repeats
@book @bot the claim i made is the title (h1) of the post.
(DIR) Post #ARgRb537C009YkIB28 by sneak@s.sneak.berlin
2023-01-16T00:16:00Z
0 likes, 0 repeats
@bot it is 100% true. i don't need to reach out to them - it is literally happening on my computer right now. it's built in to macOS now.
(DIR) Post #ARgSPEkBQElW6dLyIi by HSTG@freeatlantis.com
2023-01-16T00:25:40Z
1 likes, 0 repeats
@bot LOL! Hear we go again! @sneak Bot & some other Microsoft sycophant have been gushing and I mean gushing over big tech the last few days!
(DIR) Post #ARgSlQNkpeQ4ZXRUNU by HSTG@freeatlantis.com
2023-01-16T00:29:40Z
1 likes, 0 repeats
@bot The other guy was Macrohard on Microsoft. I never said you.@sneak
(DIR) Post #ARgTQ8Xy32J187dHiS by dj@rojogato.com
2023-01-16T00:37:01.201397Z
2 likes, 1 repeats
@HSTG @bot @sneak It’s so over!
(DIR) Post #ARgTUs3InmSxQ9Xwjg by HSTG@freeatlantis.com
2023-01-16T00:37:53Z
0 likes, 0 repeats
@dj What are you doing to that cat?@bot @sneak
(DIR) Post #ARgTWmfJnizNIEEyNE by book@sleepy.cafe
2023-01-16T00:32:05.616514Z
1 likes, 0 repeats
UOOOOOOOOH! CHILD EROTIC! 😭😭😭😭
(DIR) Post #ARgTXBLg1t8FqYF8jI by book@sleepy.cafe
2023-01-16T00:31:56.051589Z
1 likes, 0 repeats
UOOOOOOOOH! CHILD EROTIC! 😭😭😭😭
(DIR) Post #ARgTZR1Ijc1F1tmqPI by dj@rojogato.com
2023-01-16T00:38:42.566008Z
0 likes, 0 repeats
@HSTG @bot @sneak Thanos snapped
(DIR) Post #ARgwU9lSMP8SjeD8Yi by esbenrahbek@mstdn.dk
2023-01-16T05:58:39Z
0 likes, 0 repeats
@sneak This is saddening as hell..Do you consider making your blocklists for LS public? Would be great for those of us less tech knowledgeable.
(DIR) Post #ARhNHaPoeuyEODJrYu by yProd@infosec.exchange
2023-01-16T11:02:40Z
1 likes, 0 repeats
@sneak @bot@seal.cafe That doesn't really tell you anything. For example, this could be an attempt to make a one-time download of an ML model used for locally-running analysis, similar to how enabling certain voice processing features on iOS triggers a download of language models that will then be used on-device.
(DIR) Post #ARkgjFwOrCkfbJLbY8 by sneak@s.sneak.berlin
2023-01-18T01:24:54Z
0 likes, 0 repeats
@yProd that's correct. ML models used to classify images. like the images being scanned by mediaanalysisd.i don't think Apple's planned LEO-assist features were ever going to run anywhere but on-device.
(DIR) Post #ARl57uUo7l5PEIjKfA by yProd@infosec.exchange
2023-01-18T05:58:13Z
0 likes, 0 repeats
@sneak Well, the CSAM scanning would report to Apple (which would forward to LEOs). From a privacy perspective, local analysis for local use is something completely different, and about as right or wrong as Spotlight “scanning” all your documents (to build a search index).
(DIR) Post #ARlVHi2TtIfOIcoWcy by sneak@s.sneak.berlin
2023-01-18T10:51:22Z
0 likes, 1 repeats
@yProd spotlight can be turned off and directories excluded. what ML features are in use when using spacebar quicklook in the finder? literally all i asked it to do is display the image. at best it is a bug.
(DIR) Post #ARlWCBEwVdrr56ZPc0 by yProd@infosec.exchange
2023-01-18T11:01:31Z
0 likes, 0 repeats
@sneak Live Text would come to mind, as one example. Maybe the image contains text you may want to copy?
(DIR) Post #ARlmQ81GsWV4Piqen2 by sneak@s.sneak.berlin
2023-01-18T14:00:42Z
0 likes, 0 repeats
@yProd where do i opt out of having apple scan my files for text?
(DIR) Post #ARlmpVsrHx0vfR1ACe by yProd@infosec.exchange
2023-01-18T14:07:45Z
1 likes, 0 repeats
@sneak Again, this being live text is a guess. If it is the cause, apparently, you can uncheck “Select text in images” in macOS's Language & Region settings to disable it.Keep in mind this is not Apple somehow scanning your files, it is your own, local computer doing it (and with all results staying local). If you believe this is effectively the same, that's OK of course, but I'll have to respectfully disagree.
(DIR) Post #ARlo4TQ8pRTwKGHbxg by sneak@s.sneak.berlin
2023-01-18T14:21:30Z
0 likes, 1 repeats
@yProd this is 100% apple scanning my files. apple controls my own, local computer via macOS. there's no data available now to support "all results staying local" as we have already established that the process scanning the files is making network API requests.
(DIR) Post #ARloNemaoCvL4CvpWy by yProd@infosec.exchange
2023-01-18T14:25:12Z
0 likes, 0 repeats
@sneak Talking about Live Text here, which is documented to be running locally.If you're 100% this is Apple scanning your files, prove it – which means checking which data is being transmitted, not just establishing that an Apple daemon is trying to connect to Apple somehow, which is very unsurprising.(And in the end, if you believe Apple is potentially evil and its statements cannot be trusted, you must stop using macOS. Your firewall does not help, it only sees requests through macOS's API, which could absolutely hide internal requests if it wanted! Using an OS always requires a certain level of trust with its developers.)
(DIR) Post #ARlozxhOvWxEjrlifg by sneak@s.sneak.berlin
2023-01-18T14:32:10Z
0 likes, 0 repeats
@yProd scanning does not mean transmitting. transmission could be conditional on specific features! it could be all-local until it detects something it doesn't like, then and only then does it make a network request. we know it is scanning local files that are not involved in icloud/Photos.app, and we know it's making network requests. it's a single line of code to connect those two. you cannot assert that that code is not on my machine.
(DIR) Post #ARlqUr5HfcxJ9eEbwm by sneak@s.sneak.berlin
2023-01-18T14:48:38Z
0 likes, 0 repeats
@yProd all people vulnerable to FBI coercion are potentially evil as they can be forced to do things against their will.
(DIR) Post #ARm8SDECgLJu8fIQL2 by louis@emacs.ch
2023-01-18T18:10:09Z
0 likes, 0 repeats
@sneak Thank you so much for sharing this!
(DIR) Post #ARmA2wRIAJmSjnUo2y by grtcdr@emacs.ch
2023-01-18T18:27:44Z
0 likes, 0 repeats
@sneak Thank you for bringing this to our attention and for shining light on Apple's insincere and disgusting strategies.
(DIR) Post #ARmEbuFsg2zTur5Pyi by nthcdr@emacs.ch
2023-01-18T19:18:10Z
0 likes, 0 repeats
@sneak I'm appalled and I don't use my mac for anything but work. That kills any desire to ever own a mac for personal computing.
(DIR) Post #ARpJKEqmRsS3p6cWOW by unixviking@social.linux.pizza
2023-01-20T06:56:07Z
0 likes, 0 repeats
@sneak I shared your blog post and then immediately received criticism, and then someone sent me this link to the topic, obviously a response to your discovery.https://eclecticlight.co/2023/01/18/is-apple-checking-images-we-view-in-the-finder/
(DIR) Post #ARpm51DZkSrjs1NSc4 by sneak@s.sneak.berlin
2023-01-20T12:18:20Z
0 likes, 0 repeats
@unixviking they wrote:"This claim boils down to Apple automatically being sent identifiers of images that a user has simply ‘browsed in the Finder’ without that user’s consent or awareness."I never claimed that. Tell them to read my article again.
(DIR) Post #ARpmE077Dter3HdfNI by sneak@s.sneak.berlin
2023-01-20T12:20:04Z
0 likes, 0 repeats
@unixviking from their article:"Images viewed in apps supporting VLU have neural hashes computed, and those are uploaded to Apple’s servers to perform look up and return its results to the user, as previously detailed."So information about the contents of the image is sent to Apple via API. Cool.
(DIR) Post #ARpmHzrQ6eSbQQCdLE by sneak@s.sneak.berlin
2023-01-20T12:20:45Z
0 likes, 0 repeats
@unixviking "VLU can be disabled by disabling Siri Suggestions in System Settings > Siri & Spotlight, as previously explained."The API request I observed via Finder QuickLook happened with Siri Suggestions *disabled*. So this response article has some issues.
(DIR) Post #ARpmfERi2p6xJyFwpM by unixviking@social.linux.pizza
2023-01-20T12:24:53Z
0 likes, 0 repeats
@sneak Thank you for your explanations! I was already unsure because Louis Rossmann has also brought your report in an extra video and also confirmed from the technical point of view. I myself am unfortunately not so well versed in technology to be able to evaluate this from this point of view. That's why I sent you this article.
(DIR) Post #ARptnet6JlRpKC28lE by sneak@s.sneak.berlin
2023-01-20T13:44:50Z
0 likes, 0 repeats
@unixviking as far as i know, rossman did not confirm anything from a technical point of view, he just signal boosted.tbh nobody's going to know exactly what this process is doing until mediaanalysisd is reverse engineered. all we know now:1. apple said they would scan local files for csam2. mediaanalysisd is scanning local files for something or other3. mediaanalysisd is talking to apple
(DIR) Post #ARpujjv3lhfLj3e3G4 by unixviking@social.linux.pizza
2023-01-20T13:55:20Z
0 likes, 0 repeats
@sneak I probably understood Louis a bit badly, unfortunately my English is not that overwhelming. But just the fact that he brought the topic was for me a confirmation of your experience. And I see it the same way: Apple has announced something that is an absolute no-go, and then a program scans its own files and communicates on it with Apple servers.... so for me something like that is already clear, otherwise I don't see any sense behind such a procedure.
(DIR) Post #ARpw77gZfhgI3BaEfg by sneak@s.sneak.berlin
2023-01-20T14:10:47Z
0 likes, 0 repeats
@unixviking at best it's a bug. at worst it's surveillance.
(DIR) Post #ARpxqtHndoBufLNnkW by unixviking@social.linux.pizza
2023-01-20T14:30:16Z
0 likes, 0 repeats
@sneak I'm a negativist. I always assume the worst possibility.... but no matter which of the two options is ultimately true: whether we will ever know the truth? I don't think so. But no matter what: thank you for pointing that out!
(DIR) Post #ARpxwqyn86plFXKqUS by sneak@s.sneak.berlin
2023-01-20T14:31:23Z
0 likes, 0 repeats
@unixviking it's best to not assume worst or best, but simply be aware of the possibility space pending additional data and act accordingly.
(DIR) Post #ARpyP1yVqHeDSZdn6G by unixviking@social.linux.pizza
2023-01-20T14:36:26Z
0 likes, 0 repeats
@sneak You're absolutely right! That's why I moved all my data from various cloud services like iCloud, GDrive and OneDrive to a local NAS a long time ago. Because if they don't do it now (like Google and Microsoft in any case), at some point they WILL scan and analyze all data, whether on my computer or in their cloud.