Thursday, January 19
Daily News Stuff 19 January 2023
Hell No Edition
Hell No Edition
Top Story
- Apple's new M2 MacBooks and Mac Minis are out. Should you buy one? No. (Sneak.Berlin)
Remember the fuss when Apple was planning to scan the photos on your iPhone and alert the police if they thought anything on there might be untowards?
Well, they've implemented that, only on MacOS.
Without telling anyone.
And you can't turn it off.
This is unusual behaviour for Apple. It's not like they tracked all their users with unencrypted cookies, systematically locked users out of their own systems, or disabled third-party firewalls and network monitors that would let you track such activity.
Oh, wait, they did all those things.
Tech News
- Microsoft may start laying off 10,000 staff this week amid slowing economy. (Tom's Hardware)
Well, let's not panic until it's confirmed.
- Microsoft starts laying off 10,000 staff amid recession. (Tom's Hardware)
They used the R word.
- Amazon is laying off 18,000 staff. (Bloomberg)
I might feel bad about this if these companies didn't suck so much.
- Speaking of suck, a TV adaptation of Roger Zelazny's The Chronicles of Amber is under way... With Stephen Colbert named as the series producer. (Variety)
Yeah, this is going to be bad.
- Mailchimp got hacked. Again. In exactly the same way as last time. (Tech Crunch)
See my note about feeling bad if they didn't suck so much.
- Someone stole my car and now I own hundreds of vinyl records. (Substack)
San Francisco?
(Checks.)
Los Angeles. Not too far off.
Disclaimer: Not like IRyS who immediately identified the location as Sydney and then spent two minutes looking for Australia on a map.
Posted by: Pixy Misa at
06:02 PM
| Comments (10)
| Add Comment
| Trackbacks (Suck)
Post contains 275 words, total size 3 kb.
1
Zelazny - how to take a perfectly good story line and turn it into a botched mess. Maybe sanity will strike, maybe the sun will nova......
Posted by: Frank at Thursday, January 19 2023 09:53 PM (rglbH)
2
On the upside, at long last Colbert will finally have a platform to let everyone know how dreadful Trump & The Republicans are.
Posted by: normal at Thursday, January 19 2023 10:40 PM (obo9H)
3
Thee good news buried in the Zelazny story is that they don't even have a writer, much less a network. They're basically just attaching a famous name to the rights they optioned in the hopes of securing funding.
-j
-j
Posted by: J Greely at Thursday, January 19 2023 10:54 PM (oJgNG)
4
Just read the Apple story, and he doesn't have the smoking gun he thinks he does. We know Apple is offloading a lot of processing into their "cloud" "AI", and mediaanalysisd does OCR and face recognition on all images (not very well, at least in Monterey). It's definitely the tool they'd use for their invasive "CSAM"-scanning, but he doesn't have evidence that it's currently trying to upload or download perceptual hashes, just that it tried to connect to an Apple server. I wouldn't be surprised if it was, but he's currently got no evidence.
Personally, I'd like to turn it off just to stop the OCR; it further bloats the Spotlight search index, and Spotlight was already annoying for stopping you from ejecting external drives while it re-rescans their contents.
-j
Personally, I'd like to turn it off just to stop the OCR; it further bloats the Spotlight search index, and Spotlight was already annoying for stopping you from ejecting external drives while it re-rescans their contents.
-j
Posted by: J Greely at Thursday, January 19 2023 11:39 PM (oJgNG)
5
Given that apple has said they are going to scan all of your files for . . . well, they imply that it's for something we all agree is bad, but nowhere do they actually say that's all they're doing . . . and then they "walk it back" by saying they are "take[ing] additional time over the coming months to collect input and make improvements before releasing these critically important child safety features", I'd say that the burden of proof is on apple here. I mean, other than apple telling you they're scanning everything on your computer, and your computer trying to access certain apple servers, with certain service names, there's not really any evidence.
I'll tell my wife I'm investing all of our savings in tulip bulbs, and when she says that's stupid and I'm going to lose all of our money, I'll just tell her that I'm taking additional time to collect input and make improvements. Before I go ahead and invest all of our savings in tulip bulbs.
I'll tell my wife I'm investing all of our savings in tulip bulbs, and when she says that's stupid and I'm going to lose all of our money, I'll just tell her that I'm taking additional time to collect input and make improvements. Before I go ahead and invest all of our savings in tulip bulbs.
Posted by: normal at Friday, January 20 2023 03:00 AM (LADmw)
6
While I'd love to see Apple open up their code for an independent security/privacy audit, anything they do short of that won't convince guys like this, who by his own admission has no idea what the connection was for or what the API call contained, just that it went to an Apple API server. The rest of the article is no better than FUD; he didn't even run strings on the binary (which would actually have made his case stronger, given the way they named their SQL schema; it would have sounded much juicier if he'd thrown in something like "UPDATE Assets SET masterFingerprint=(?), adjustedFingerprint=(?) WHERE localIdentifier=(?)").
His thought process began and ended with the discovery that the offending daemon had the words "media" and "analysis" in the name. That's not good enough to support his claims, and actually makes it easier for Apple to blow off. Until someone gets a process trace or a traffic capture that shows possible shenanigans, Apple can just say "just a crank with an axe to grind".
-j
His thought process began and ended with the discovery that the offending daemon had the words "media" and "analysis" in the name. That's not good enough to support his claims, and actually makes it easier for Apple to blow off. Until someone gets a process trace or a traffic capture that shows possible shenanigans, Apple can just say "just a crank with an axe to grind".
-j
Posted by: J Greely at Friday, January 20 2023 03:23 AM (oJgNG)
7
"Given that apple has said they are going to scan all of your files for . . . well, they imply that it's for something we all agree is bad"
Louis Rossmann had a video about yesterday and he called it Copy Paste several times.
Louis Rossmann had a video about yesterday and he called it Copy Paste several times.
Posted by: Rick C at Friday, January 20 2023 08:46 AM (BMUHC)
8
"His thought process began and ended with the discovery that the offending daemon had the words "media" and "analysis" in the name."
If you clicked Pixy's other links to his blog you'll see he's got a real bee in his bonnet about Apple phoning home in general, which, honestly, wants me to get a PC Engines box and start black holing sites en masse, starting with MS and Google analytics servers.
If you clicked Pixy's other links to his blog you'll see he's got a real bee in his bonnet about Apple phoning home in general, which, honestly, wants me to get a PC Engines box and start black holing sites en masse, starting with MS and Google analytics servers.
Posted by: Rick C at Friday, January 20 2023 08:48 AM (BMUHC)
9
Yeah, I'm salty about the Colbert announcement, and hope the project dies before being realized.
Posted by: Pat Buckman at Friday, January 20 2023 10:54 AM (r9O5h)
10
Rick, Pihole is successful at blocking access to most analytics sites, although it wasn't blocking the specific Apple hostname this guy found. By the way, he doesn't seem to have noticed, but his screenshot says the connection attempt was "via Private Relay", which is a feature that requires a paid iCloud+ subscription, and he claimed there was no iCloud account on the machine.
(which reminds me that I own a Little Snitch license and never got around to installing it on this Mac because the old version generated so much noise that it was worthless for spotting real issues; I suppose I should see what 5.x looks like)
-j
(which reminds me that I own a Little Snitch license and never got around to installing it on this Mac because the old version generated so much noise that it was worthless for spotting real issues; I suppose I should see what 5.x looks like)
-j
Posted by: J Greely at Friday, January 20 2023 03:52 PM (oJgNG)
57kb generated in CPU 0.0124, elapsed 0.0994 seconds.
58 queries taking 0.0906 seconds, 349 records returned.
Powered by Minx 1.1.6c-pink.
58 queries taking 0.0906 seconds, 349 records returned.
Powered by Minx 1.1.6c-pink.
