It doesn't mention a burner account anywhere, but as the author of FindMy.py, I happen to know how this stuff works :-). But yes, create a new account (either through an Apple device or the website or w/e), attach it to an Apple device or hackintosh at least once, then log out again.
You're extensively describing the technical implementation while missing the fundamental issue: Why is Apple enabling this feature by default for what is, essentially, a luxury photo search feature?
Let's break this down:
1. Nobody is questioning whether Apple's technical implementation is sophisticated or secure. It clearly is.
2. Nobody is suggesting the privacy toggles don't work. They do.
3. The issue is about Apple deciding that automatically sending data about users' photos (regardless of how securely) is an acceptable default for a feature many users may never want or need.
Consider the value proposition here: Apple invested significant engineering resources into complex homomorphic encryption and differential privacy... so users can search for landmarks in their photos? And they deemed this feature so essential that it should be enabled by default?
This feels like using a golden vault with military-grade security to store grocery lists. Yes, the security is impressive, but that's not the point. The point is: Why are my grocery lists being moved to the vault without asking me first?
A privacy-respecting approach would be:
"Hey, would you like to enable enhanced landmark search in your photos? We've built some really impressive privacy protections to make this secure..."
Instead of:
"We've already started analyzing your photos for landmarks because we built really impressive privacy protections..."
The sophistication of the technology doesn't justify making it the default for what is ultimately an optional convenience feature.
You're presenting a false dichotomy between "perfect user understanding" and "no user choice." The issue isn't whether users can fully comprehend homomorphic encryption or differential privacy – it's about basic consent and transparency.
Consider these points:
1. Users don't need a PhD to understand "This feature will send data about your photos to Apple's servers to enable better search."
2. The complexity of the privacy protections doesn't justify removing user choice. By that logic, we should never ask users about any technical feature.
3. Many privacy-conscious users follow a simple principle: they want control over what leaves their device, regardless of how it's protected.
The "it's too complex to explain" argument could justify any privacy-invasive default. Would you apply the same logic to, say, enabling location services by default because explaining GPS technology is too complex?
The real solution is simple: explain the feature in plain language, highlight the benefits, outline the privacy protections, and let users make their own choice. Apple already does this for many other features. "Default off with opt-in" is a core principle of privacy-respecting design, regardless of how robust the underlying protections are.
I don't believe I said or implied that anywhere: 'You're presenting a false dichotomy between "perfect user understanding" and "no user choice."'? Happy to be corrected if wrong.
Closest I come to presenting an opinion on the right way UX was "I'm not sure what the right call is here.". The thing I disagreed with was a technical statement "the only way to guarantee computing privacy is to not send data off the device.".
Privacy respecting design and tech is a passion of mine. I'm pointing out "user choice" gets hard as the techniques used for privacy exceed the understanding of users. Users can intuitively understand "send my location to Google [once/always]" without understanding GPS satellites. User's can't understand the difference between "send my photo" and "send homomorphicly encrypted locally differentially private vector of e=0.8" and "send differentially private vector of e=50". Your prompt "send data about your photos..." would allow for much less private designs than this. If we want to move beyond "ask the user then do it", we need to get into the nitty gritty details here. I'd love to see more tech like this in consumer products, where it's private when used, even when opted-in.
I appreciate your passion for privacy-respecting technology and your clarification. You make good points about the nuances of privacy-preserving techniques. However, I think we can separate two distinct issues:
1. The technical excellence of Apple's privacy protections (which you've explained well and seem robust)
2. The ethical question of enabling data transmission by default
Even with best-in-class privacy protections, the principle of user agency matters. A simplified prompt like "This feature will analyze your photos locally and send secure, anonymized data to Apple's servers to enable better search" would give users the basic choice while being technically accurate. The technical sophistication of the privacy measures, while commendable, doesn't override the need for informed consent.
This is not a matter of respect, it is a matter of ethics. Otherwise you will just end up rationalizating technocratic, unethical technology. No amount of passion will justify that.
The choice is between "use an online service" or "don't use an online service". That's simple enough for anyone to understand.
Apple can try to explain as best it can how user data is protected when they use the online service, and then the user makes a choice to either use the service or not.
In my case, I have don't even have a practical use for the new feature, so it's irrelevant how private the online service is. As it is, though, Apple silently forced me to use an online service that I never wanted.
Holy crap! Enabled by default! Thank you for letting everyone know.
“Enhanced Visual Search in Photos allows you to search for photos using landmarks or points of interest. Your device privately matches places in your photos to a global index Apple maintains on our servers. We apply homomorphic encryption and differential privacy, and use an OHTTP relay that hides IP address. This prevents Apple learning about the information in your photos. You can turn off Enhanced Visual Search at any time on your iOS or iPadOS device by going to Settings > Apps > Photos. On Mac, open Photos and go to Settings > General.”
“Though the roads may wind far and wide,
And cities gleam with promises bright,
The heart will always turn to the soil,
Where the roots of our ancestors lie.
No matter how distant the dream may be,
Home will call, and there we shall be.”
We need a poet who sings about having a "dangerous, dirty city" to call home, and the yearning of the heart is to escape to somewhere better and never returning.
That's true. It's probably one of the main themes of the modern era, in the arts and in life, the freedom to pursue individualism and novelty, and break with religion and tradition.
This meaning of "leaving home" as a cultural trend, I see it as part of the modern historical period that has passed its peak. We're living in the natural and logical result, and searching for a way back home.
> The modern era is closely associated with the development of individualism, capitalism, urbanization, and a belief in the positive possibilities of technological and political progress.
> It has been a period of significant development in the fields of science, politics, warfare, and technology. It has also been an Age of Discovery and globalization. During this time, the European powers and later their colonies, strengthened its political, economic, and cultural colonization of the rest of the world. It also created a new modern lifestyle and has permanently changed the way people around the world live.
> In the 19th and early 20th century, modernist art, politics, science, and culture have come to dominate not only Western Europe and North America, but almost every area on the globe, including movements thought of as opposed to the western world and globalization.
> The brutal wars and other conflicts of this era, many of which come from the effects of rapid change, and the connected loss of strength of traditional religious and ethical norms, have led to many reactions against modern development.
Oh come on! You must expand on your theories of remote viewing. Did you mean that after a remote viewing session the subject is shown a true report of the target location?
For example, a subject is told to do a remote viewing of Trumps toilet. After the session or sometime later they are shown evidence of Trumps toilet. Or even get a vip tour. Is that the gist?
A question which I’m being asked more frequently as time goes by. Something that I just thought of is that i’ve worked mostly on long term projects which i’m usually the main architect. I know how the systems work inside out so I don’t really need IDEs to help
me out with showing me where stuff is or being an encyclopaedia of function names, parameters etc.
Its a similar story with frameworks, those who create systems which are mostly frameworks wired together and those who strive for minimal dependencies. You can guess which camp I’m smoking my pipe in.
“You will be asked for your Apple-ID, password and your 2FA”
You mean get another apple device and setup another account?
reply