cross-posted from: https://sopuli.xyz/post/12670977
iPhone owners say the latest iOS update is resurfacing deleted nudes
Nothing sinister, we just don’t delete what we say we delete. Instead we keep it in your profile to feed the algorithms and set the “deleted” flag to make you think it’s gone.
I mean, to be completely fair, that’s how data storage works.
We cannot really just make data disappear, so we let it get overwritten instead
But clearly the data is not overwritten and this was intentional. How do I know? Because that would amount to a massive amount of data, if it was de to a bug in Apple software or underlying filesystems, it would be detected in monitoring systems “Hey, we’re using 10x the data we should be, maybe we should look into it”.
The mistake was in the flag code that was supposed to fool us.
no when I say “overwritten” I mean that the area is set as deleted in the filesystem and the next time something writes to that area the data that was there before is disregarded.
and the next time something writes to that area the data that was there before is disregarded.
A single overwrite might not be enough to defeat physical forensics because shadows of the old data persist in how the new data is stored. Also when it comes to SSDs you might be waiting a long time for the data to get overwritten as the drive will wear-level its erm sectors (what are those things called with SSDs?).
So are you saying that they suffered from a filesystem bug that caused deletion failure? I’d imagine they use standard filesystems on their backend, I haven’t heard about any bugs like this.
If you ask me, what’s more likely, that a company known for shitty behavior lies about deleting files so they can continue to use that information to profit, – OR – that they are experiencing a filesystem bug on their backend, I’ll choose the former.
no I don’t believe a damn word of what apple’s gonna say on this, I just wanted to get the message out there that generally file deletion works by allowing data to be overwritten, so if the images are local this could very well just be that either it’s showing data that hasn’t been overwritten yet or it accidentally brought things out of the “recently deleted” depending on how long ago it was deleted.
Undeleting nudes
That’s iPhone
Seriously: I don’t think the cost benefit is there to intentionally make a maneuver like this. Any crap they pull needs to have a perfectly proper explanation, with our agreement to a specific term buried somewhere in their policies. Can only imagine how much money they blew throwing these billboards up all over the San Francisco Bay area. We have to buy Apple over Google for ostensible privacy gains, and Apple has to lock us in to their walled gardens to make up for their comparatively smaller ad/data business.
This post assumes Apple is aethical (that’s like amoral but for ethics right?) but still a self-interested economic actor. They can’t let short-term greed get in the way of long-term greed!
Seriously: I don’t think the cost benefit is there to intentionally make a maneuver like this.
You might be right
They can’t let short-term greed get in the way of long-term greed!
lol
deleted by creator
the shred command in Linux tries to do this, but it may not work if the hardware moves rewritten data blocks around to mitigate wear.
That’s skipping over the fact that recovering deleted data, even if it isn’t overwritten, is not an “oops”. It it takes extra effort, and if that data isn’t being protected it would be overwritten incidentally as drives are used.
There is a big difference in a database between “flagging” data and actually removing the association of the data to the database.
The data just needs to be overwritten to be truly deleted.
That’s how a lot of people handle deleted data in database, it’s literally just a flag. That’s why there’s a recommendation to edit Reddit posts before deleting them, to ensure they’re actually overwritten so they can’t just be restored.
Every time someone says something like this I have to explain CDC and regular old backups. There’s no way in hell Reddit doesn’t keep cold and hot backups of their shit. And while Reddit is unlikely to be doing CDC for soc2 or other compliance reasons, it’s the easiest method to capture data for analytics purposes.
CDC stands for change data capture. It’s generally done with databases by streaming the change log or ref log to a bucket or a service like Kafka where you can fast forward and rewind the log queue to see the state of the DB at any point in time. Even if you edit your comments it’s likely sitting in a Kafka topic or a snowflake bucket outside of the DB or cache used for the presentation layer.
Zero large scale websites operate with a truly single data store. There is always another layer that your user operations don’t impact
Yes, that’s certainly possible, but it’s also out of my control. I have basically three options:
- Delete account - we know this doesn’t delete comments
- Delete comment - “seems” to delete comments, but we’ve seen comments get restored - so probably using a “deleted” flag
- Edit comment with nonsense and when delete - should poison comment if they’re just using the deleted flag
That’s it. There’s no guarantee it works, but it has a much higher chance of working than the other two.
And there’s a good chance they delete old backups. Hosting every edit is expensive, so there’s a decent chance they clean up old data after some months.
In 2019 the total size of the text stored by Reddit was only 50TB. A Petabyte of data in cold storage is only 12k a year so even if they 500x in size since 2019 (very unlikely) it’s a drop in their ARR. given they sell the data for advertising and for AI, they are not deleting it. Reddit also self hosts a lot of their infra (they used to present their architecture at kubecon) so the storage costs would be even lower
Funny how you think an edit doesn’t write the old record to a comments_old table
Well, there’s a non-zero chance they were too lazy to implement that.
They don’t care about your security or privacy, they care about being the exclusive vendor of your personal information.
Just the nudes. Nothing else.
deleted by creator
Not true, it specifically states in the article that, for example, one user had over 300 photos reappear, “some of which were revealing”. This is obviously not great but it isn’t likely as scandalous as it’s being made out to be.
The joke --------->
You ¯\_(ツ)_/¯
If you never had any nudes in the first place, and update, is there a chance to get some?
Asking for a friend.
You should check out the federated backup of Apple Cloud. You can reach it at lemmynsfw.com. I mean your friend.
Every time I go looking, there’s a barren desert of male/gay content. In some lateral communities, furry porn is beating the content ratio like 10:1.
Y’all need to hold your phones or something while you browse the 5 billion straight communities, give me something that’s not weeks+ old. Uncut guys to the front of the queue, thanks. 📸
Be the change you want to see in the world
The only problem with that server is there are tons of shit you’d rather not see. It’s sadly not as easy to filter like the reddit porn subs are.
Is it that bad? I’ve been making a habit of blocking every community that shows up that I don’t want to see. So these days I rarely see stuff I really don’t want to see.
It just gets tiresome when you have to block 100 communities for the 15 you wanna see
In that case just subscribe to the 15 you want to see then?
Kinda hard to find them if you don’t know they exist in the first place.
Check your DMs 😏
Cool
Next up, it starts showing other peoples nudes
“I know it’s not your nude, but it’s a nude and that’s what you were looking for, right?”
Of course it’s company policy to never imply ownership in the event of a nude. It’s always the indefinite article “a” nude. Never “your” nude.
There’s a post on reddit about some dude who gave his phone to a friend (wiped it, new iCloud, everything), and the undeleted photos are from when OP owned the phone.
That’s a feature, not a bug
I mean that’s what is happening if the phone used to belong to someone else
Computer data is never actually “deleted” until it’s overwritten with new 1s and 0s — operating systems simply cut off references to it.
That’s not entirely correct, and I would expect a tech news site to know but ig not.
It’s true with spinny’s since they store data magnetically on the platter with 1s and 0s, but SSDs store data on the NAND as a held charge. If there’s a charge in the block it’s a 1 if there’s no charge it’s a 0.
With spinny’s, when a file gets marked as “deleted” the residual magnetic 1s and 0s will remain on the platter until eventually overwritten like they say
But with SSDs, when a file gets marked “deleted” then within no more than a few minutes TRIM comes along and ensures the charge on the NAND is released (Which means that data is gone, permanently) for that data, there’s no residuals to worry about like with spinny’s and is in fact necessary to ensure decent lifespans.
This is dependent on the TRIM schedule. It could be size based (execute a TRIM when 50% of the blocks are used).
It could be or maybe the SSD has its own on-firmware TRIM schedule, but all major OS’s execute a TRIM on a time based schedule no longer than every 10-15 minutes.
Afaik the default for windows 10 is weekly via disk defragmenter, and that assumes it recognizes the drive as an ssd. I’ve had drives cloned to ssds that retain the hdd flag and had to setup a 3rd party tool that actually saw it properly and would trim as expected.
11 might have reigned that in… but probably not.
Perhaps, but this is unrelated. The magnetic charges may still be there, but if the reference to the content is deleted, how is the filesystem meant to know what file is there? This seems really suspicious to me.
TRIM works outside the filesystem, it does not care about 99.9% of it, the only part it cares about is if there is a reference in filesystem to the block charges. No reference == data to be released
Good thing I already knew Iphone wasn’t private.
I mean, they make you sign in with an Icloud ID
Never accepted the agreement, it constantly asks me to but works without it
Having said that, I am sure it still steals my photos because it’s close sourced
damn, user ilikeboobies, is security conscious? What a time to be alive.
Surprise backup
Oh, it’s up!
I dont trust that client side scanning or other system components arent going through these half deleted files
can’t wait for my personally hosted, and managed hardware server to start serving me shit i never put up in the first place.
Oh wait that won’t happen, because i host it, and it’s mine, and i own it.
Well, someone obviously didn’t read past the headline: its undeleting images locally that haven’t been overwritten
yeah and i can’t have that issue because i use a real filesystem that isn’t schizophrenic, because if it was you would get dataloss
Thank fuck for nerds writing open source software. Otherwise my life would be hell.
merges WordPress into the apt repository for grep
watches the world burn
:)
The article is being disingenuous about data not being deleted unless it’s overwritten with 1’s and 0’s. Technically that’s true, but:
Most data being deleted is equivalent to a piece of paper being placed in a trashcan, and it’s “permanently” deleted when that trash gets hauled away to a landfill (or supposedly recycling but that’s another topic). Technically it’s still forensically accessible, but it isn’t accessible by any normal means. That piece of paper may not have been incinerated, but for the majority of practical purposes, it’s gone.
Apple never hauled the trash away, even though they claimed they did. There should be no way for them to accidentally restore those photos, just like there’s no way for you to accidentally get a piece of paper back in your trash bin after it’s been sent to a landfill.
Focusing on the 1s and 0s skips past the fact they failed to complete the first, obvious, essential step. If they didn’t delete it the simple way, they would never have gotten to the 1s and 0s step. This isn’t just a simple oversight, and those pictures were still very easily accessible, just not to the people who should have been in control of them.
In your analogy, they never even put the photos in the trash can. They just put a postit on them saying “don’t show to user”. Then the updated software forgot about the postits (and started to post tits).
deleted by creator
I’m a paper user and I burn all my letters using a large amount of heat.
Hm… I curiously checked my phone, deleted images/videos are still deleted and haven’t resurfaced. Then again I don’t mix technology with nudity. /shrug
I love mixing technology with nudity. But I have also avoided this problem because I don’t mix technology and Apple.
So you use a de-googled android?
You don’t mix technology and YOUR nudity 😉
haha…
I think mixing tech and nudity is awesome! I love getting dickpics!
Did you think some else’s nudes might have resurfaced there…?
No they’re just feeling morally superior for no good reason.
As a rule, files never get deleted… They get over written. So it depends on whether that process has happened to any loose images.
Are they not happy when they got back what they thought was lost? :-)
This is the best summary I could come up with:
Apple appears to have a bug that’s dredging up data that iPhone owners thought was gone.
Some iPhone owners are reporting that, after updating their phones to iOS 17.5, their deleted photos — some quite old — are popping up again, according to a Reddit thread that MacRumors spotted.
People reporting the apparent bug say that they’re seeing old photos appear in their Recents album after Monday’s update.
iOS does give users the option to restore deleted photos, but after 30 days, they’re supposed to be permanently removed.
The person who started the thread claimed that NSFW photos they had deleted “years ago” were back on their phone.
Computer data is never actually “deleted” until it’s overwritten with new 1s and 0s — operating systems simply cut off references to it.
The original article contains 288 words, the summary contains 131 words. Saved 55%. I’m a bot and I’m open source!
