Posts by yProd@infosec.exchange
 (DIR) Post #ARhNHaPoeuyEODJrYu by yProd@infosec.exchange
       2023-01-16T11:02:40Z
       
       1 likes, 0 repeats
       
       @sneak @bot@seal.cafe That doesn't really tell you anything. For example, this could be an attempt to make a one-time download of an ML model used for locally-running analysis, similar to how enabling certain voice processing features on iOS triggers a download of language models that will then be used on-device.
       
 (DIR) Post #ARl57uUo7l5PEIjKfA by yProd@infosec.exchange
       2023-01-18T05:58:13Z
       
       0 likes, 0 repeats
       
       @sneak Well, the CSAM scanning would report to Apple (which would forward to LEOs). From a privacy perspective, local analysis for local use is something completely different, and about as right or wrong as Spotlight “scanning” all your documents (to build a search index).
       
 (DIR) Post #ARlWCBEwVdrr56ZPc0 by yProd@infosec.exchange
       2023-01-18T11:01:31Z
       
       0 likes, 0 repeats
       
       @sneak Live Text would come to mind, as one example. Maybe the image contains text you may want to copy?
       
 (DIR) Post #ARlmpVsrHx0vfR1ACe by yProd@infosec.exchange
       2023-01-18T14:07:45Z
       
       1 likes, 0 repeats
       
       @sneak Again, this being live text is a guess. If it is the cause, apparently, you can uncheck “Select text in images” in macOS's Language & Region settings to disable it.Keep in mind this is not Apple somehow scanning your files, it is your own, local computer doing it (and with all results staying local). If you believe this is effectively the same, that's OK of course, but I'll have to respectfully disagree.
       
 (DIR) Post #ARloNemaoCvL4CvpWy by yProd@infosec.exchange
       2023-01-18T14:25:12Z
       
       0 likes, 0 repeats
       
       @sneak Talking about Live Text here, which is documented to be running locally.If you're 100% this is Apple scanning your files, prove it – which means checking which data is being transmitted, not just establishing that an Apple daemon is trying to connect to Apple somehow, which is very unsurprising.(And in the end, if you believe Apple is potentially evil and its statements cannot be trusted, you must stop using macOS. Your firewall does not help, it only sees requests through macOS's API, which could absolutely hide internal requests if it wanted! Using an OS always requires a certain level of trust with its developers.)