this post was submitted on 24 May 2024
66 points (97.1% liked)

Apple

17421 readers
244 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 38 points 5 months ago (1 children)

Apple fixes bug: wHy dOeSn't aPpLe eLaBoRaTe wHaT ThIs bUg wAs aBoUt

Apple elaborates: WhO Is gOnNa bElIeVe aPpLe

[–] [email protected] 15 points 5 months ago* (last edited 5 months ago) (3 children)

Lemmy: Apple doesn’t care about your privacy and is secretly keeping your deleted photos because they want your data.

Reality: 1) iCloud photos are E2EE 2) Apple doesn’t have an encryption backdoor, which is why the feds keep pushing for one 3) violating deletion requests is illegal in their core markets

Aaaand… 4) your ass probably already has thousands of photos that you didn’t delete. They don’t need your deleted photos if they want to train models. They have more than enough stuff that you didn’t delete.

[–] [email protected] 5 points 5 months ago

Small correction - iCloud Photos are only end-to-end encrypted if you enable Advanced Data Protection, which was introduced in December 2022, and otherwise Apple has the keys. See https://support.apple.com/en-us/102651 for more details.

So the uploaded photos in question couldn’t have been e2ee. Even so, it’s reasonable for people to question the legitimacy of e2ee given instances where it’s been shown to be a lie or for the data to also have been transmitted without e2ee, like Anker’s Eufy cameras’ “e2ee” feeds clearly being accessible without keys from the user devices, or WhatsApp exposing tons of messaging metadata to Meta.

That said, I personally wasn’t using iCloud Photos prior to enabling Advanced Data Protection, and I had a few deleted photos show up from several years ago, so Apple’s explanation makes sense to me. And, like you’ve pointed out, most of the speculation was devoid of any critical thinking.

[–] [email protected] 1 points 4 months ago (1 children)

Well people had other people's photos popping up in their own photos app. So not sure how they handle 'encryption'. But it's best to treat all photos uploaded to cloud as public, because that's likely how it is. Can't trust Google, Amazon or Apple with your data when they can and are making so much money off of it.

[–] [email protected] 1 points 4 months ago

No one was able to reproduce that. That claim of seeing others photos was from a Reddit user who deleted the post.

[–] [email protected] -2 points 5 months ago (1 children)

As its all proprietary you can’t, and basically nobody can, say anything about a backdoor. It’s pure trust in this corporation.

[–] [email protected] 3 points 5 months ago (2 children)

It’s not proprietary. It’s the AES 256 standard.

[–] [email protected] 3 points 5 months ago (1 children)

The OS is, it runs everything and can do anything locally.

[–] [email protected] 0 points 5 months ago

People were claiming Apple was secretly keeping deleted photos in the cloud. Which was what my parent comment was about.

[–] [email protected] -1 points 5 months ago* (last edited 5 months ago) (2 children)

iCloud is proprietary by definition because Apple has not publicly released its source code under a free license.

[–] [email protected] 2 points 5 months ago

Yes. I’m referring to the encryption standard and I’m saying the photos stored in the cloud service are E2EE.

[–] [email protected] 1 points 5 months ago (1 children)
[–] [email protected] 1 points 5 months ago* (last edited 5 months ago)

AES is a specification, not a piece of software. Closed-source software like iCloud that implements the AES specification is still proprietary.

[–] [email protected] 7 points 5 months ago* (last edited 5 months ago) (2 children)

I’d still like a deeper dive into how database corruption led to data restoration

It seems like deleting a photo must just be removing the entry from the SQLite database, and not actually deleting the photo?

[–] [email protected] 2 points 5 months ago (1 children)

Media library apps have been doing this kind of stuff forever. An index of the files + metadata allows for a better and more performant experience. But, if an entry in the DB gets pooched, file remains on the drive and is hidden from the user.

Many media library apps actually have a way to repair and or rebuild the library DB if it gets out of sync or corrupted. iTunes straight up put that feature in the menu bar. The Photos app will do it if you launch the app while holding command-option.

Back when iPods were king, how many of us had old music come back to life after a fucked up iTunes library was rebuilt? It’s kind of a similar issue.

[–] [email protected] 1 points 5 months ago (1 children)

Sure, an index makes sense for quick search, but I’m confused why deleting it wouldn’t remove it from the filesystem too

Is that why iPhones seem to have no idea how much disk space they’re using?

[–] [email protected] 1 points 5 months ago (1 children)

Given the rarity of this, it could’ve just been the normal random stuff that happens in computer land. Requests that don’t complete because they were interrupted by a crash, the rare bad block, etc. Or maybe it was just a bug that occasionally reared its head under certain circumstances.

Whatever it was, it wasn’t the first time a piece of software had an index that was messed up and out of sync with the stored files.

As for the iPhone storage thing you mentioned, I don’t know what you’re talking about. There was a IOS 17 bug early on where people mentioned that the OS needed a restart to claw back space from temporary install files and caches.

That said, the corrupted DB we’re talking about appears specific to the photos app. It’s not the file system index. It’s basically a glorified preference file.

[–] [email protected] 1 points 5 months ago (1 children)

E.g. iCloud says it’s using 13.4 GiB to store photos, Settings -> General -> iPhone Storage says I can save 15.5 GiB because they’re backed up on iCloud, and if I use idevicebackup2 to pull everything off the phone, there are 21.7 gigs of photos

I’m wondering if these discrepancies are related to the photo app not actually deleting pictures from the filesystem

[–] [email protected] 1 points 5 months ago (1 children)

Weird. I’d bet money on syncing issues, compression, etc. But who knows, if you have a Mac you can rebuild the library, let that sync, and see what happens.

https://support.apple.com/guide/photos/repair-the-library-pht6be18f93/mac

[–] [email protected] 1 points 5 months ago (1 children)

I’d disregarded compression as a possibility because the wording is “full resolution photos and videos are safely stored in iCloud”

[–] [email protected] 1 points 5 months ago (1 children)

There is lossless compression. Not saying that’s the cause of the varied number, but it is a common thing.

[–] [email protected] 1 points 5 months ago* (last edited 5 months ago) (1 children)

They’re already using HEIC/HEIF

I would be disappointed if they’re compressing it even more on iCloud. You can’t generally meaningfully compress a compressed file

[–] [email protected] 1 points 5 months ago (1 children)

That’s not how lossless compression works. No data is lost.

For example, if you zip a folder of images, then unzip them, the pictures come out with their original sizes and structure. Zip is lossless.

Let’s use the analogy of a dish sponge.

Let’s pretend you wanted to make a dish sponge smaller. Lossy compression would make the sponge smaller by cutting off parts and throwing them away. Lossless would make it smaller by squish the sponge, and it would return to its normal shape once you stopped squishing it.

[–] [email protected] 1 points 5 months ago* (last edited 5 months ago)

For your analogy, you can’t put more water in a sponge that is completely saturated

Trying to compress a compressed file doesn’t really work - at least not for a meaningful gain in storage size with zip, bzip, 7zip, gzip, xz, lzma…

[–] [email protected] 7 points 5 months ago (2 children)

In a now-deleted post, a Reddit user last week alleged that their photos reappeared on an iPad they sold to a friend, despite them having erased the content of that iPad prior to selling it. Apple tells me that this claim was false.

I had a feeling this was the case. It makes absolute zero sense that a fully erased device on a different Apple ID could have this issue.

[–] [email protected] 6 points 5 months ago

It was such an obvious troll. Nobody with the slightest knowledge of how iOS works bought it. Just click bait.

[–] [email protected] 4 points 5 months ago

This is weird especially because iOS uses file based encryption, and when resetting the device the key is thrown away. So even if the files were still there, they would not be readable. I think they didn't reset the device properly and instead deleted the apps manually is likely why this happened

[–] [email protected] 3 points 5 months ago

In a now-deleted post, a Reddit user last week alleged that their photos…

A recently deceased Boeing employee alleged that the quality control process…

[–] [email protected] 1 points 5 months ago* (last edited 5 months ago) (2 children)

Apple repeatedly emphasizes that this problem was rare and affected a small number of users and a small number of photos. The company did not and does not have access to a user’s photos or video.

This is still a disconcerting issue, but there is comfort to be taken in the fact that the photos in question were not stored in iCloud and could not have resurfaced on a device after it was properly erased and sold.

Oh, if they say so themselves then I trust them 100% always trust the culprit words, thank you Apple for telling the truth (it's the truth because they said so)

Edit : apologies if this comment came off as aggressive, I did not check the community I was in ; I totally understand you guys would be less skeptical of apple than I am

[–] [email protected] 11 points 5 months ago

Tl;Dr: They’re saying pretty much what we expected.

Well, it does jive with what all the tech folks expected since it follows how OSs have always deleted files by deleting only the meta data. This is how recovery programs are able to recover corrupted and deleted data. This is obviously a simplified version but you get the idea.

[–] [email protected] 7 points 5 months ago (1 children)

I mean, maybe. But at the same time, they are the authoritative source for all things Apple. I’m sure they do downplay or exaggerate things, but that doesn’t mean they’re outright lying about everything. Then again, you could say that about any company in any sector. Be it Apple, Google, Samsung, or someone else, if you really don’t trust them, why do you use them?

That’s a never-ending death spiral of paranoia you won’t get away from. The only way to get close is to go 100% off-grid, no technology, no human contact, grow your own everything. Maybe that’s for some people, and kudos to them. But that’s not for me.

Pick your battles. Don’t sweat the petty stuff (nor pet the sweaty stuff). Also, don’t post anything you wouldn’t want the world to see if Tech Giant were to be hacked.

Also:

  1. search yourself online and remove yourself from all of those people search websites
  2. Freeze your credit accounts when you’re not actively using them
  3. Always set up 2FA (TOTP preferred, as SMS is weak) when available
  4. Use a password manager (like Keepass) and randomize all of your passwords
  5. Use at least 20-character long passwords when you can
  6. Complain loudly to websites that cap passwords at less
  7. Check haveibeenpwned.com for each email you use regularly
  8. Suppress your Lexus Nexis public data
  9. For US citizens, add yourself to the National Do Not Call Registry

Be proactive and not reactive.

[–] [email protected] 2 points 5 months ago

Those are good tips for the uninitiated, thanks for sharing!