Then why have a client side scanner in the first place?
You're exposing the hashes to the world, you're not able to E2E encrypt anything if you need to server side scan, which you probably do since trusting the client no matter what is generally bad in potentially adverserial situations, and you get all this negative press and loss of reputation and potentially pressure from governments around the world to use this for other ends. Cui Bono?
The second scan applies only for those images which are flagged as positive, which are then accessible by Apple.
This is applied to detect adversarial hashes. The rest of the images stays encrypted. So, indeed on-device scanning is the only way to enable at least partial E2EE with CSAM detection.
Yes, this was PR failure Apple. They rushed the announcement because of the leaks, and secondly they thought that people will understant the system when they did not. There is too much misundersting. That scanning for example is built-in so deep into the iCloud pipeline, that one does not simply change the policy for scanning the whole phone.
On a technical level I think you're correct. As a holistic approach to the problem, I still disagree. This is too cute for its own good. The PR misunderstanding is a symptom of that.
>The second scan applies only for those images which are flagged as positive, which are then accessible by Apple.
In the end, Apples software is scanning all of the images, why is it any more privacy respecting to do it this way? I guess reasonable people can disagree on that, personally I wasn't fully aware of the cloud side scanning either, and I don't think the public was either. This is similar to Snowden's revelations, if you were paying attention you probably already knew a lot of that, but the incident made everyone aware of it in a very blunt way.
>The rest of the images stays encrypted
I think this is unclear, Apple can still decrypt those other images, how else could you view them in a browser?
This goes back to what Stratechery said about capability vs policy.
You might want to reconsider holding your breath for that. No they aren't doing E2E encryption, if/when they will, they will announce it. Until they announce something everything else is pure speculation.
You're exposing the hashes to the world, you're not able to E2E encrypt anything if you need to server side scan, which you probably do since trusting the client no matter what is generally bad in potentially adverserial situations, and you get all this negative press and loss of reputation and potentially pressure from governments around the world to use this for other ends. Cui Bono?