this post was submitted on 24 May 2024
68 points (97.2% liked)

Apple

17472 readers
46 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] simplejack@lemmy.world 15 points 5 months ago* (last edited 5 months ago) (3 children)

Lemmy: Apple doesn’t care about your privacy and is secretly keeping your deleted photos because they want your data.

Reality: 1) iCloud photos are E2EE 2) Apple doesn’t have an encryption backdoor, which is why the feds keep pushing for one 3) violating deletion requests is illegal in their core markets

Aaaand… 4) your ass probably already has thousands of photos that you didn’t delete. They don’t need your deleted photos if they want to train models. They have more than enough stuff that you didn’t delete.

[–] hedgehog@ttrpg.network 5 points 5 months ago

Small correction - iCloud Photos are only end-to-end encrypted if you enable Advanced Data Protection, which was introduced in December 2022, and otherwise Apple has the keys. See https://support.apple.com/en-us/102651 for more details.

So the uploaded photos in question couldn’t have been e2ee. Even so, it’s reasonable for people to question the legitimacy of e2ee given instances where it’s been shown to be a lie or for the data to also have been transmitted without e2ee, like Anker’s Eufy cameras’ “e2ee” feeds clearly being accessible without keys from the user devices, or WhatsApp exposing tons of messaging metadata to Meta.

That said, I personally wasn’t using iCloud Photos prior to enabling Advanced Data Protection, and I had a few deleted photos show up from several years ago, so Apple’s explanation makes sense to me. And, like you’ve pointed out, most of the speculation was devoid of any critical thinking.

[–] bokherif@lemmy.world 1 points 5 months ago (1 children)

Well people had other people's photos popping up in their own photos app. So not sure how they handle 'encryption'. But it's best to treat all photos uploaded to cloud as public, because that's likely how it is. Can't trust Google, Amazon or Apple with your data when they can and are making so much money off of it.

[–] simplejack@lemmy.world 1 points 5 months ago

No one was able to reproduce that. That claim of seeing others photos was from a Reddit user who deleted the post.

[–] AProfessional@lemmy.world -2 points 5 months ago (1 children)

As its all proprietary you can’t, and basically nobody can, say anything about a backdoor. It’s pure trust in this corporation.

[–] simplejack@lemmy.world 3 points 5 months ago (2 children)

It’s not proprietary. It’s the AES 256 standard.

[–] AProfessional@lemmy.world 3 points 5 months ago (1 children)

The OS is, it runs everything and can do anything locally.

[–] simplejack@lemmy.world 0 points 5 months ago

People were claiming Apple was secretly keeping deleted photos in the cloud. Which was what my parent comment was about.

[–] airglow@lemmy.world -1 points 5 months ago* (last edited 5 months ago) (2 children)

iCloud is proprietary by definition because Apple has not publicly released its source code under a free license.

[–] simplejack@lemmy.world 2 points 5 months ago

Yes. I’m referring to the encryption standard and I’m saying the photos stored in the cloud service are E2EE.

[–] tudor@lemmy.world 1 points 5 months ago (1 children)
[–] airglow@lemmy.world 1 points 5 months ago* (last edited 5 months ago)

AES is a specification, not a piece of software. Closed-source software like iCloud that implements the AES specification is still proprietary.