Author Topic: Apple privacy letter (Law enforcement through your phone)  (Read 13390 times)

0 Members and 1 Guest are viewing this topic.

Offline PlainName

  • Super Contributor
  • ***
  • Posts: 7508
  • Country: va
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #100 on: August 24, 2022, 05:08:14 pm »
Quote
This may "catch" a few idiots, but unfortunately, I'd think most criminals would know better than to put pictures or videos on surveilled phones

Idiots like, say, the police?

https://www.theguardian.com/uk-news/2019/nov/19/police-chief-convicted-for-having-child-sex-abuse-video-on-phone-robyn-williams
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 7453
  • Country: pl
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #101 on: August 24, 2022, 06:51:18 pm »
Yep, a perfect example :D

Meanwhile the author of the video is free.
 

Offline bdunham7

  • Super Contributor
  • ***
  • Posts: 8175
  • Country: us
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #102 on: August 24, 2022, 07:07:42 pm »
Quote
This may "catch" a few idiots, but unfortunately, I'd think most criminals would know better than to put pictures or videos on surveilled phones

Idiots like, say, the police?

https://www.theguardian.com/uk-news/2019/nov/19/police-chief-convicted-for-having-child-sex-abuse-video-on-phone-robyn-williams

That's the thing about witch hunts--they devolve into indiscriminate, ill-considered campaigns that eventually ensnare people who are totally innocent of anything that would be considered a crime by sane, reasonable people.   Does anyone want to step up and defend this case as a reasonable exercise of state power?
A 3.5 digit 4.5 digit 5 digit 5.5 digit 6.5 digit 7.5 digit DMM is good enough for most people.
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 7453
  • Country: pl
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #103 on: August 24, 2022, 07:17:06 pm »
Well, arguably, yes, the policewoman and half of her family have been nailed for incompetence and distributing materials between themselves that they weren't supposed to distribute, instead of initiating formal procedures.

Now, whether you agree with the law or not, your taxes pay some people to actually enforce and follow it, so ::)
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 6126
  • Country: au
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #104 on: August 25, 2022, 03:02:32 am »
Propaganda? It's called mathematics. Look at something like SHA-256... the probability of a hash collision is so extraordinarily small.
Until it doesn't. They used to say the same about MD5.

At any rate, you made it sound like this property is somehow guaranteed, which is utter :bullshit:

As I said, the collision potential in MD5 was known about not long after it was published. As I also said, it's still deemed "good enough for many applications".

Never did I say that hashing was "guaranteed", in fact, I said the opposite, which you clearly chose to ignore. Please don't make ridiculous, falsified claims on my behalf.

I think you still fail to see how what you're describing still isn't really a problem for the specific application we are talking about in this thread. You seem to be inventing problems where they don't exist. I think I'll defer to expert opinion. instead of yours, if you don't mind.

Quote
This may "catch" a few idiots, but unfortunately, I'd think most criminals would know better than to put pictures or videos on surveilled phones

Idiots like, say, the police?

https://www.theguardian.com/uk-news/2019/nov/19/police-chief-convicted-for-having-child-sex-abuse-video-on-phone-robyn-williams

I think that's a bit of a generalisation. The actions of an individual does not mean that all in that group are idiots. I've personally investigated police internally for similar crimes, does that make me an idiot? Nope. I'm glad we got them though! The last guy got something like 16 years in jail. Good result.
« Last Edit: August 25, 2022, 03:07:27 am by Halcyon »
 

Offline bdunham7

  • Super Contributor
  • ***
  • Posts: 8175
  • Country: us
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #105 on: August 25, 2022, 03:27:11 am »
I think that's a bit of a generalisation. The actions of an individual does not mean that all in that group are idiots. I've personally investigated police internally for similar crimes, does that make me an idiot? Nope. I'm glad we got them though! The last guy got something like 16 years in jail. Good result.

You think the case in that link was a good result?  You're frightening me...
A 3.5 digit 4.5 digit 5 digit 5.5 digit 6.5 digit 7.5 digit DMM is good enough for most people.
 
The following users thanked this post: tooki

Offline magic

  • Super Contributor
  • ***
  • Posts: 7453
  • Country: pl
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #106 on: August 25, 2022, 04:55:23 am »
Never did I say that hashing was "guaranteed", in fact, I said the opposite, which you clearly chose to ignore. Please don't make ridiculous, falsified claims on my behalf.
Once again will I quote the post which started this whole stupid discussion about hashing and I have no desire to continue it any further.
 :horse:

They use algorithms which will not experience a hash collision, that way, every single file in the world will have it's own, unique hash.

(BTW, it's supposed to be its rather than it's, but I keep making this mistake myself too because English is simply weird.)
 

Offline bdunham7

  • Super Contributor
  • ***
  • Posts: 8175
  • Country: us
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #107 on: August 25, 2022, 05:14:11 am »
Never did I say that hashing was "guaranteed", in fact, I said the opposite, which you clearly chose to ignore. Please don't make ridiculous, falsified claims on my behalf.
Once again will I quote the post which started this whole stupid discussion about hashing and I have no desire to continue it any further.
 :horse:

They use algorithms which will not experience a hash collision, that way, every single file in the world will have it's own, unique hash.

(BTW, it's supposed to be its rather than it's, but I keep making this mistake myself too because English is simply weird.)

No, lets be fair here because this is a bit of a false contradiction.  Obviously if the hash is much smaller than the original file size, then you can't rule out the possibility of a collision.  And if you look a the universe of all possible files of that size, there would have to be collisions simply because there are more possible files than hashes.  However, for something like SHA256, it is unlikely that any two non-identical files created on this planet at any time in human history would have the same hash.  Therefore, it is very likely (I mean like 99.99999999999999999999999999% or better) that provided an adequate algorithm is used, every non-identical file in the world will indeed have its own unique hash, just as stated. Theoretically it might not be guaranteed, but practically and statistically it is.

However, I'll also say that I believe that the technology being used these days different than a straightforward hashing algo, in fact calling it a 'hash' is probably a deliberate deception to mask what they are really doing.  And while I disapprove of the whole show, the possibility of hash collisions even on inferior algorithms or non-deterministic AI isn't one of my concerns.
« Last Edit: August 25, 2022, 05:15:47 am by bdunham7 »
A 3.5 digit 4.5 digit 5 digit 5.5 digit 6.5 digit 7.5 digit DMM is good enough for most people.
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 7453
  • Country: pl
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #108 on: August 25, 2022, 05:18:49 am »
I don't know what exact technology is used and I'm not convinced if Halcyon knows it exactly either.

I oppose this exact sentence quoted because it simply is not true. Even if you believe that a random collision is unlikely to ever occur in practice, deliberate collisions are also a possibility as soon as whichever algorithm they use is broken.
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 6126
  • Country: au
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #109 on: August 25, 2022, 05:54:17 am »
I think that's a bit of a generalisation. The actions of an individual does not mean that all in that group are idiots. I've personally investigated police internally for similar crimes, does that make me an idiot? Nope. I'm glad we got them though! The last guy got something like 16 years in jail. Good result.

You think the case in that link was a good result?  You're frightening me...

The case I most recently dealt with was a good result. I wasn't talking about the idiot in the link.

I don't know what exact technology is used and I'm not convinced if Halcyon knows it exactly either.

I oppose this exact sentence quoted because it simply is not true. Even if you believe that a random collision is unlikely to ever occur in practice, deliberate collisions are also a possibility as soon as whichever algorithm they use is broken.

I've explained why, even in the extremely unlikely event of a collision, why it's not really all that important in this context. But you can continue ignoring that part if you like.  :popcorn:
As I said, you can consider MD5 "broken", but it's still in wide use today, and that's perfectly OK for these types of applications. People much smarter than you have tried to argue this point in court and have failed.
« Last Edit: August 25, 2022, 06:00:52 am by Halcyon »
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 7453
  • Country: pl
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #110 on: August 25, 2022, 07:11:23 am »
People much smarter than you
Was it really necessary, and from a moderator at that? ;)

The only personal remark about you I recall making is that I doubt you know the details of this scheme's implementation, and you don't seem to be denying this.

have tried to argue this point in court and have failed.
I made no claims about validity of any arguments.

As I said, you can consider MD5 "broken", but it's still in wide use today, and that's perfectly OK for these types of applications.
It isn't suitable, because MD5 collision attacks are known which enable creation of identical different files with the same checksum.

I could upload one such file containing CP somewhere so it would end up in the police database.
I could send a different file with the same checksum to you and you would save it because it doesn't look like CP to you.

Your cloud account is banned automatically and maybe you have the pigs knocking on your door if they didn't look at the file and just "trusted the experts". Enjoy all your electronics sized for a search and maybe returned after a few months/years if they find nothing, or maybe they find some pirate Windows or other shit.
« Last Edit: August 25, 2022, 12:43:28 pm by magic »
 

Offline Miyuki

  • Frequent Contributor
  • **
  • Posts: 908
  • Country: cz
    • Me on youtube
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #111 on: August 25, 2022, 08:21:07 am »
If you want to share any form of ilicit data, you use regular mail and send a USB disk or an SD card.

This is quick and safe for the criminal, since the data can be easily encrypted beyond govermental decryption methods. Plus, it is easy to hide the data to start with. A regular letter with attached MicroSD that shows a Word document is all there is to be found. Run an "undelete" tool and gigabytes of files are revealed. Or just include a ZIP archive with a very long password.

And with this simple example I think I have shown how ridiculous it is to control the ENTIRE POPULATION and remove their privacy to find a few criminals who just use a more secure method.
Just be aware that not telling a password is considered a crime in some countries
And avoiding modern "conveniences" like having everything in the cloud can make you a suspicious person together with sending letters
But agree

But it is nothing new. All that law enforcement is targeted toward low-hanging fruits. Like in a war against drugs. They catch a few grannies smuggling a bag of coke and a drug addict dealer from the back street and call it a success while spending millions  ::)
« Last Edit: August 25, 2022, 08:25:19 am by Miyuki »
 
The following users thanked this post: SiliconWizard

Offline Bicurico

  • Super Contributor
  • ***
  • Posts: 1816
  • Country: pt
    • VMA's Satellite Blog
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #112 on: August 25, 2022, 11:07:06 am »
If you want to share any form of ilicit data, you use regular mail and send a USB disk or an SD card.

This is quick and safe for the criminal, since the data can be easily encrypted beyond govermental decryption methods. Plus, it is easy to hide the data to start with. A regular letter with attached MicroSD that shows a Word document is all there is to be found. Run an "undelete" tool and gigabytes of files are revealed. Or just include a ZIP archive with a very long password.

And with this simple example I think I have shown how ridiculous it is to control the ENTIRE POPULATION and remove their privacy to find a few criminals who just use a more secure method.
Just be aware that not telling a password is considered a crime in some countries
And avoiding modern "conveniences" like having everything in the cloud can make you a suspicious person together with sending letters
But agree

But it is nothing new. All that law enforcement is targeted toward low-hanging fruits. Like in a war against drugs. They catch a few grannies smuggling a bag of coke and a drug addict dealer from the back street and call it a success while spending millions  ::)

If I was a criminal and wanted to share 1TB of illegal data (of whatever sort), I would simply exchange a 2.5" HDD in person, considering that I am not targeted, yet, which is what all this mass-surveillance is all about.

You have to be pretty dumb to think that the average criminal of IT related stuff is stupid enough to put illegal content on a cloud server, web server or mail server.
 

Offline Miyuki

  • Frequent Contributor
  • **
  • Posts: 908
  • Country: cz
    • Me on youtube
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #113 on: August 25, 2022, 11:22:18 am »
If you want to share any form of ilicit data, you use regular mail and send a USB disk or an SD card.

This is quick and safe for the criminal, since the data can be easily encrypted beyond govermental decryption methods. Plus, it is easy to hide the data to start with. A regular letter with attached MicroSD that shows a Word document is all there is to be found. Run an "undelete" tool and gigabytes of files are revealed. Or just include a ZIP archive with a very long password.

And with this simple example I think I have shown how ridiculous it is to control the ENTIRE POPULATION and remove their privacy to find a few criminals who just use a more secure method.
Just be aware that not telling a password is considered a crime in some countries
And avoiding modern "conveniences" like having everything in the cloud can make you a suspicious person together with sending letters
But agree

But it is nothing new. All that law enforcement is targeted toward low-hanging fruits. Like in a war against drugs. They catch a few grannies smuggling a bag of coke and a drug addict dealer from the back street and call it a success while spending millions  ::)

If I was a criminal and wanted to share 1TB of illegal data (of whatever sort), I would simply exchange a 2.5" HDD in person, considering that I am not targeted, yet, which is what all this mass-surveillance is all about.

You have to be pretty dumb to think that the average criminal of IT related stuff is stupid enough to put illegal content on a cloud server, web server or mail server.
Politicians do dumb things like this all the time
And they expect criminals are at the same level
 

Offline PlainName

  • Super Contributor
  • ***
  • Posts: 7508
  • Country: va
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #114 on: August 25, 2022, 11:40:47 am »
Quote
This may "catch" a few idiots, but unfortunately, I'd think most criminals would know better than to put pictures or videos on surveilled phones

Idiots like, say, the police?

https://www.theguardian.com/uk-news/2019/nov/19/police-chief-convicted-for-having-child-sex-abuse-video-on-phone-robyn-williams

I think that's a bit of a generalisation. The actions of an individual does not mean that all in that group are idiots. I've personally investigated police internally for similar crimes, does that make me an idiot? Nope. I'm glad we got them though! The last guy got something like 16 years in jail. Good result.

Ah, I didn't mean it labelled any policemaperson as an idiot. Rather that it can erroneously catch and screw over even those who know the rules inside out and are generally seen as trustworthy and above board individuals. Your average citizen doesn't stand a chance in comparison.
 

Offline Bicurico

  • Super Contributor
  • ***
  • Posts: 1816
  • Country: pt
    • VMA's Satellite Blog
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #115 on: August 25, 2022, 11:46:33 am »
I used to think that politicians are dumb.

While this may be true for some, I nowadays believe that most are indeed brilliant and very smart. They act dumb on purpose, when required. If they were really dumb, then people like myself (smarter than average dumb) would be in their places, but it seems I am not smart/good enough to enter that spheres.

And not being dumb at all, their decisions seem odd to us, but really they just happen to follow a different agenda. Their goals do not match what "the people" want.

This is a fundamental discussion, though, because democracy has a major flaw: more than often, the majority is actually wrong. And we all know that the majority of people are indeed dumb. So if the majority could actually make decisions like democracy suggests, then we would see many wrong decisions! Examples of what the majority would want to decide:

- lower taxes
- free healthcare
- free education
- free ...
- lower retirement age
- free parking
- no speed limit
- lower gas/energy/food price
- ...

The majority, however, would be indifferent to the question where the money comes from. They would bite the hand that feeds them: the rich. They would forget that the rich generate wealth. Without rich people investing in companies, we would have no jobs and as such no wealth or tax money... It is really more complicated than what the average citizen can grasp.

In my opinion, there is a political agenda, more than often controlled by organisations and groups of people which are hidden behind the politicians. They control what is happening, independantly of what party has been elected.

In order to better mask this reality, stupid topics are brought on the agenda, feeding hate and disagreement (like the whole gender debate, for instance - how can this have so much exposure, when it represents so few people, compared to much more important subjects that affect many more people).

The world has always been run like this, by few organizations (like the Masons, Opus Dei or Communist party collectiv). However, a new problem arose: the information society.

Suddenly, goverments cannot control the virtual gathering of people, ideas and information. And that scares them and they will only rest when every individual on the internet is automatically controlled (not enough resources to do it otherwise).

The whitch hunting for pedos or other criminals is just a pretext to implement the absence of any privacy on the internet against goverments.

Want to hunt pedos? Why not start with the catholic church? Why not use decoys and catch the networks that operate professionally? As I already mentioned, why not monitor the well-being of children in a better way? The pedo victims normally come from disfunctional families and it is the state that failed to help the affected children, despite manifestation of symptons in kindergarten or school.

Another big problem in current days is the concept of "political correctness". I am in doubt if it is ok to post what I write and think. Because current culture does not like those that use science, rationality and academic reasoning when used against hysteria issues like pedo, gender, BLM, etc.

How can this situation be changed? There is only one way: by educating the people and have them thinking for themselfes. I try to do that as a teacher. With limited success, if any.


Offline Miyuki

  • Frequent Contributor
  • **
  • Posts: 908
  • Country: cz
    • Me on youtube
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #116 on: August 25, 2022, 12:20:48 pm »
Politicians are not dumb in a way of low IQ.
They fall into the trap of narcissist psychopathy. They believe that are superior and know everything.
They also have insider information to make great business deals and gain huge money at the edge of the law. And most of them will have many lawyers to check it is still somewhat Ok.

There is also a big difference between the US and Europe. As the US is close to an oligarchy and both of their parties are closely connected with them. Whereas the EU with many independent parties competing with each other is a kind of self-organizing chaos. With no strong force behind it.
One can discuss what is better. But the index of living conditions is better for the EU.
But if you want to make a big business US is way better.
 

Offline Bicurico

  • Super Contributor
  • ***
  • Posts: 1816
  • Country: pt
    • VMA's Satellite Blog
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #117 on: August 25, 2022, 12:35:44 pm »
I do agree with you.

And to sum up my participation in this thread: the whole issue is (as most things) more complicated that it seems.

Back on topic, I would like to add:

If you have a file with 10 bytes and generate a hash with 1 byte, you will have 256^10 diferent possible files, all represented by just 256 different hashes. Of course there will be collisions.

No matter how much you expand this relation, unless the hash is composed of the same number of bytes as the input file, there will be collisions.

And files can be manipulated so that the hash is different and excluded from the database or innocent files can be manipulated to produce the same hash as an illegal file. With both damage can be done on purpose.

The random collisions, while statistically not frequent (take a hash with many more combinations than the number of files that will be analyzed), can and will happen, like the LOTTO Jackpot is distributed every now and then dispite the odds. And being wrongly flagged by AI because of a hash collision WILL cause damage to the poor victim.
« Last Edit: August 25, 2022, 12:40:30 pm by Bicurico »
 

Offline Miyuki

  • Frequent Contributor
  • **
  • Posts: 908
  • Country: cz
    • Me on youtube
Re: Apple privacy letter (Law enforcement through your phone)
« Reply #118 on: August 25, 2022, 12:45:10 pm »
I have one funny experience with AI failure on Facebook
The photo of my cat was flagged as pornography  :-DD
I know he is hairless and it makes it complicated for AI to distinguish
But it just illustrates at what level those algorithms are today
« Last Edit: August 26, 2022, 09:18:41 am by Miyuki »
 
The following users thanked this post: Someone, tooki, MT


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf