Claims that Apple is phoning home to analyze every image on your Mac have been proven false. Jeffrey Paul, security researcher and consultant, claimed early last week that his Mac was sending small bits of data to Apple every time he clicked on an image on his computer.
After Paul’s claims caused a bit of a stir, researchers got to the bottom of what was actually happening. Not only did they conclude the network activity was innocent — it was caused by a bug that’s already been patched in the latest macOS update.
Apple phone home?
Jeffrey Paul wrote in a viral blog post that he was browsing through pictures in the Finder, when he was alerted by Little Snitch — a macOS app that reports on which apps are connecting to the internet and where they’re sending their data. His Mac was talking to Apple servers every time he clicked on an image file “via a program named
mediaanalysisd […] a background process for analyzing media files,” Paul wrote. He says he doesn’t use iCloud and doesn’t have an Apple ID, so what’s his computer doing?
Paul conjectured this could be Apple’s canceled program to scan users’ computers for child sexual abuse material, aka CSAM. (The company announced its CSAM-scanning program last summer, indefinitely delayed its rollout weeks later, and then completely canceled it in December.) Paul’s theory spread like wildfire to Hacker News and a plethora of now-deleted posts on reddit.
What’s mediaanalysisd really doing?
Security research group Mysk Inc. explained in a Twitter thread what
mediaanalysisd actually does. When you click on an image, “the process runs machine learning algorithms to detect objects in photos,” like animals, objects and people. This is the same process that also powers features like Live Text, which has been part of Apple’s software since 2021. It happens entirely on-device — no phoning home to Apple required.
So what’s up with the network activity? Mysk analyzed what exactly
mediaanalysisd sends to the Apple servers only to find that it sends and receives … nothing. It sends a
null request and receives a
It turns out the network activity is a bug. And better yet, if you’ve updated to macOS 13.2, released earlier this week, the bug is already fixed!
This is what Apple actually does with your photos
As explained by Howard Oakley, software developer at The Eclectic Light Company, there are other situations where Apple does need to do some server-side processing on your photos. This powers features like Visual Look-Up.
This is, of course, implemented in a privacy-forward way. Apple first computes a neural hash of the image — mathematical white noise that can’t be undone to reveal any personally identifying information. The hash is then “uploaded to Apple’s servers to perform look up and return its results to the user,” so you can read up on the breed of dog or the species of flower you have a picture of.
What can you do to preserve your privacy?
If you’re worried about your privacy, Apple has a number of solutions for you.
First, you can go to Settings > Siri and disable Siri Suggestions, which will disable the aforementioned Visual Lookup feature.
New in iOS 16.3 and macOS 13.2, you can have the contents of your iCloud account end-to-end encrypted. That way, Apple has no means whatsoever of accessing any of your data stored in Photos, iCloud Drive, Messages, Notes and other apps — even if compelled by police.
Via Michael Tsai