Thursday, January 19

Geek

Daily News Stuff 19 January 2023

Hell No Edition

Top Story


Tech News



Disclaimer: Not like IRyS who immediately identified the location as Sydney and then spent two minutes looking for Australia on a map.

Posted by: Pixy Misa at 06:02 PM | Comments (10) | Add Comment | Trackbacks (Suck)
Post contains 275 words, total size 3 kb.

1 Zelazny - how to take a perfectly good story line and turn it into a botched mess.  Maybe sanity will strike, maybe the sun will nova......

Posted by: Frank at Thursday, January 19 2023 09:53 PM (rglbH)

2 On the upside, at long last Colbert will finally have a platform to let everyone know how dreadful Trump & The Republicans are.

Posted by: normal at Thursday, January 19 2023 10:40 PM (obo9H)

3 Thee good news buried in the Zelazny story is that they don't even have a writer, much less a network. They're basically just attaching a famous name to the rights they optioned in the hopes of securing funding.

-j

Posted by: J Greely at Thursday, January 19 2023 10:54 PM (oJgNG)

4 Just read the Apple story, and he doesn't have the smoking gun he thinks he does. We know Apple is offloading a lot of processing into their "cloud" "AI", and mediaanalysisd does OCR and face recognition on all images (not very well, at least in Monterey). It's definitely the tool they'd use for their invasive "CSAM"-scanning, but he doesn't have evidence that it's currently trying to upload or download perceptual hashes, just that it tried to connect to an Apple server. I wouldn't be surprised if it was, but he's currently got no evidence.

Personally, I'd like to turn it off just to stop the OCR; it further bloats the Spotlight search index, and Spotlight was already annoying for stopping you from ejecting external drives while it re-rescans their contents.

-j

Posted by: J Greely at Thursday, January 19 2023 11:39 PM (oJgNG)

5 Given that apple has said they are going to scan all of your files for . . . well, they imply that it's for something we all agree is bad, but nowhere do they actually say that's all they're doing . . . and then they "walk it back" by saying they are "take[ing] additional time over the coming months to collect input and make improvements before releasing these critically important child safety features", I'd say that the burden of proof is on apple here.  I mean, other than apple telling you they're scanning everything on your computer, and your computer trying to access certain apple servers, with certain service names, there's not really any evidence.
I'll tell my wife I'm investing all of our savings in tulip bulbs, and when she says that's stupid and I'm going to lose all of our money, I'll just tell her that I'm taking additional time to collect input and make improvements.  Before I go ahead and invest all of our savings in tulip bulbs.

Posted by: normal at Friday, January 20 2023 03:00 AM (LADmw)

6 While I'd love to see Apple open up their code for an independent security/privacy audit, anything they do short of that won't convince guys like this, who by his own admission has no idea what the connection was for or what the API call contained, just that it went to an Apple API server. The rest of the article is no better than FUD; he didn't even run strings on the binary (which would actually have made his case stronger, given the way they named their SQL schema; it would have sounded much juicier if he'd thrown in something like "UPDATE Assets SET masterFingerprint=(?), adjustedFingerprint=(?) WHERE localIdentifier=(?)").

His thought process began and ended with the discovery that the offending daemon had the words "media" and "analysis" in the name. That's not good enough to support his claims, and actually makes it easier for Apple to blow off. Until someone gets a process trace or a traffic capture that shows possible shenanigans, Apple can just say "just a crank with an axe to grind".

-j

Posted by: J Greely at Friday, January 20 2023 03:23 AM (oJgNG)

7 "Given that apple has said they are going to scan all of your files for . . . well, they imply that it's for something we all agree is bad"
Louis Rossmann had a video about yesterday and he called it Copy Paste several times.

Posted by: Rick C at Friday, January 20 2023 08:46 AM (BMUHC)

8 "His thought process began and ended with the discovery that the offending daemon had the words "media" and "analysis" in the name."
If you clicked Pixy's other links to his blog you'll see he's got a real bee in his bonnet about Apple phoning home in general, which, honestly, wants me to get a PC Engines box and start black holing sites en masse, starting with MS and Google analytics servers.

Posted by: Rick C at Friday, January 20 2023 08:48 AM (BMUHC)

9 Yeah, I'm salty about the Colbert announcement, and hope the project dies before being realized.

Posted by: Pat Buckman at Friday, January 20 2023 10:54 AM (r9O5h)

10 Rick, Pihole is successful at blocking access to most analytics sites, although it wasn't blocking the specific Apple hostname this guy found. By the way, he doesn't seem to have noticed, but his screenshot says the connection attempt was "via Private Relay", which is a feature that requires a paid iCloud+ subscription, and he claimed there was no iCloud account on the machine.

(which reminds me that I own a Little Snitch license and never got around to installing it on this Mac because the old version generated so much noise that it was worthless for spotting real issues; I suppose I should see what 5.x looks like)

-j

Posted by: J Greely at Friday, January 20 2023 03:52 PM (oJgNG)

Hide Comments | Add Comment




Apple pies are delicious. But never mind apple pies. What colour is a green orange?




56kb generated in CPU 0.0321, elapsed 0.1348 seconds.
58 queries taking 0.1117 seconds, 335 records returned.
Powered by Minx 1.1.6c-pink.