Hm… I curiously checked my phone, deleted images/videos are still deleted and haven’t resurfaced. Then again I don’t mix technology with nudity. /shrug
Yeah… I think I’d rather do that in person than to video record or take images of myself nude. Privacy and security is a pretty big deal to me. Hence, I don’t mix technology with nudity.
You’ve never been in a long distance relationship? And as I said, some people need to take nudes for medical reasons. It’s not a hypothetical situation, I know multiple people who have done this.
It’s fine that you have your own personal philosophy for taking nudes, but your post is coming off as judgemental of those who do.
It’s not the individual’s fault, it’s Apple’s fault for being unclear about what the delete feature is actually doing.
Hm… I never felt a need to expose myself (using tech) to another person to feel validated or to get their (or my) rocks off or for any other reason, honestly. I’m not trying be morally superior, I’m just saying I don’t expose myself with technology as a medium. In fact, I’ve never posted a photo of myself on any social media. I take privacy and security seriously.
Plus look at the consequences of exposing yourself to others through tech… blackmail, image-based abuse/exploitation, revenge p*rn etc…
My initial comment was simply stating that Apple’s latest update hasn’t undeleted any of my photos/videos in general but that then again I don’t have any nude images/videos on my iphone/iCloud storage if the claim is that nude images/videos exclusively are getting undeleted.
It’s not just nudes, though. This could happen for any deleted picture. I’m not really expecting them to zero out the file system block or anything, but this implies they’re not even doing file system level deletion.
i’m almost certain this is more of a cloud bug than anything. Fucking up the incredibly basic process of “hey this shit isn’t real, don’t look here for anything” is hilarious.
There shouldnt be a fucking excuse. Did you accidentally roll back an fs journal? No, good, because that’s how you get dataloss
Indeed. But Apple does have the tech to analyze images/videos:
Apple’s CSAM detection capability is built solely to detect known CSAM images stored in iCloud Photos that have been identified by experts at NCMEC and other child safety groups.
ok so probably not, CSAM detection, specifically modern detection the kind that MS does, is based on image hashes, and how it works is that the law collects and creates the hash sets for these images, and distributes them to tech companies, who can then use them to calculate against hashes of existing photos, and if a match returns, ladies and gentleman, we got em.
Not true, it specifically states in the article that, for example, one user had over 300 photos reappear, “some of which were revealing”. This is obviously not great but it isn’t likely as scandalous as it’s being made out to be.
There’s so much misinformation online, sure it could have been a joke but it’s so easy to just be lazy, read the comment straight and move on acting like there’s some kind of operation going on at Apple stealing your nudes. I don’t really care if it’s a joke or not, and you’re not even the OP so who are you to say it’s for a fact a joke?
There’s a post on reddit about some dude who gave his phone to a friend (wiped it, new iCloud, everything), and the undeleted photos are from when OP owned the phone.
With a factory reset the phones encryption keys will be destroyed and nothing should be retrievable from that device. Even if the data isn’t overwritten, without the encryption key no one could read it.
At least that’s my understanding of the modern safety- and encryption features of recent phone models/mobile OS’s.
The worst part: Apple’s iCloud is end-to-end encrypted and even Apple can’t see the users files, at least that is what they say.
If what the dude on Reddit states is true, then this is bad, really really bad! 😮
It does happen I have a buddy who sold his phone to another buddy they reset it but there was still random files and stuff on it even after factory reset
I’m an android user and I shred my files using a app that uses an algorithm that overwritten that bytes of the file
I suspect that it doesn’t actually work. I mean, they can overwrite the logical positions in the file file if they want, but that doesn’t entail that it actually overwrites the underlying physical blocks, for a number of reasons, starting with some of the stuff at the drive level, but also because of higher-level issues. What filesystem does Android use?
YAFFS is a robust log-structured file system that holds data integrity as a high priority. A secondary YAFFS goal is high performance. YAFFS will typically outperform most alternatives.[3] It is also designed to be portable and has been used on Linux, WinCE, pSOS, RTEMS, eCos, ThreadX, and various special-purpose OSes. A variant ‘YAFFS/Direct’ is used in situations where there is no OS, embedded OSes or bootloaders: it has the same core filesystem but simpler interfacing to both the higher and lower level code and the NAND flash hardware.
A log-structured filesystem is a file system in which data and metadata are written sequentially to a circular buffer, called a log.
So, what happens is that when you write, it’s going to the log, and then there’s a metadata update once the write is complete saying “I wrote to the log”. The app probably isn’t writing to the previous location of the data on the disk, because writing to byte offset 32,000 the second time in a file will go to a different logical location on the storage device than the first time you wrote it, causing the thing to not actually be overwritten.
We address the problem of secure data deletion on log-structured file systems. We focus on the YAFFS file system, widely used on Android smartphones. We show that these systems provide no temporal guarantees on data deletion and that deleted data still persists for nearly 44 hours with average phone use and indefinitely if the phone is not used after the deletion. Furthermore, we show that file overwriting and encryption, methods commonly used for secure deletion on block-structured file systems, do not ensure data deletion in log-structured file systems.
I’d also note that this is a lead-up to proposed solutions, but that’s only handling things down to the level that the OS sees, not what the flash device sees; they don’t mention things like wear leveling, so they probably aren’t taking that into consideration.
EDIT: Oh, they do mention it, but just to say that some of their approach might work (like, what they mean is that if it writes enough data in the background, it might eventually overwrite whatever, even if the OS has no control as to what’s being written):
Wei et al. [16] have considered secure deletion on flash storage in the context of solid state drives (SDDs). An SSD makes use of a Flash Translation Layer (FTL). This layer allows a regular block-based file system (such as FAT) to be used on flash memory by handling the nuances of erase blocks opaquely through the FTL’s layer of indirection. This layer has the same effect as a log-structured file system, where the FTL writes new entries at empty locations, so old entries remain until the entire erase block can be reclaimed. They executed traditional block-based approaches to secure deletion and determined that they do not properly sanitize data on flash storage. They also showed alarmingly that some built-in sanitization methods do not function correctly either. They propose to address this concern by having flash hardware manufacturers make use of zero overwriting, and add it into the FTL hardware. They state that circumventing the problem of a lack of secure deletion requires changes in the FTL, but depending on how the FTL is implemented, our userlevel approaches may also succeed similarly without requiring hardware changes.
I appreciate this thread’s nuanced discussion of how file deletion works from a technical standpoint depending on storage medium. But as a user, when I delete something, it should go away forever. I don’t care how.
If every time an OS had to delete something it had to fill the space with zeros or garbage data multiple times just to make extra sure it's gone, we'd all be trashing our flash chips very fast, and performance would be heavily degraded. There really isn't a way around this.
The solution to keep private files private is to put them into an encrypted container of some sort where you control the keys.
Step away from hardware constraints for a moment, and consider the OS:
If the OS says a file is deleted, under no circumstances should the OS be able to recover it. Sure, certain tools may exist to pull it back; but it should be unavailable to the OS after that. And yet, apparently a software update was enough to recover these files. Thus, the concerns about data safety in an environment where the OS cannot be trusted to remove data when it says it has been removed.
I think this is just semantics at this point, but to me there is a difference between “deleted” and “erased”. I see deleted as the typical “moved to trash” or rm action, with erased being overwritten bits, or like microwaving a drive.
Edit - If i remember correctly deleting something in most OS’s/File Systems just deletes the pointer to that file on disk. The data just hangs out until new data is written to that sector. The solution, other than the one you mentioned about encrypting stored data and destroying the key when you want the data “deleted”, would be to only ever store data in volatile memory. That would make for a horrendous user experience though.
If you delete normally, only the index of the files are removed, so the data can be recovered by a recovery program reading the “empty” space on the disk and looking for readable data.
If you do a single pass erase, the bits will overwritten one time. About half the bits will be unchanged, but that makes little difference. Any recovery software trying to read it will read the newly written bits instead of the old ones and will not be able to recover anything.
However, forensic investigation can probably recover data after a single pass erase. The shred command defaults to 3 passes, but you can do many more if you need to be even more sure.
Unless you have data that someone would spend large sums on forensics to recover, 1 to 3 passes is probably enough.
Information theory aside: In practice all because you can’t write bit-by-bit and if you leave full bytes untouched there still might be enough information for an attacker to get information, especially if it’s of the “did this computer once store this file” kind of information, not the actual file contents.
If I’m not completely mistaken overwriting the file once will be enough to prevent recovering with logical means, that is, reading the bits the way the manufacturer intended you to, physical forensics can go further by being able to discern “this bit, before it got overwritten, was a 1 or 0” by looking very closely at the physical medium, details on how much flipping you need to defeat that will depend on the physical details.
And I wouldn’t be too terribly sure about that electro magnet you built into your case to erase your HDD with a panic button: It’s in a fixed place, will have a fixed magnetic field, it’s going to scramble everything sure but the way it scrambles is highly uniform so the bits can probably be recovered. If you want to be really sure buy a crucible and melt the thing.
Also, may I interest you in this stylish tin-foil hat, special offer.
Well, the storage device should handle that then. And modern NVMEs do. Self-encrypted drives are used to hide deleted information from an attacker that desolders the storage chips.
Edit: there are NVMEs that dont use self encryption, BUT they should still recognize a deleted sector.
I think tech would be a better place if it did actually go away when you deleted things. If something’s not explicitly backed up people really should have no hope of bringing it back.
Lol. I actually used to know a guy that claimed he used to have computer setup with a small thing to thermite on his hard drive and had set it up so if there were too many wrong passwords it would set the igniter off for the thermite. I don’t know if you really, did but he definitely had the technical skills to do that. He was one of those extreme early adopters of BSD and Linux who never used GUI. Oh and he was batshit crazy, legitimately I can see him thinking that was a good idea.
Many years ago, we had a troubled employee leave work very mad. He was quite furious with his computer and went home for his revolver unbeknownst to us. He came back to work with it and unloaded all six rounds into the system. Each round went through the case and each one missed the drive/motherboard/videocard. So, the system was still working despite the abrupt extra cooling holes. This further incensed him and he went away even madder, but this time in cuffs.
Hmm. I don’t know. Like, the actual surface involved in the storage is a lot smaller than the actual phone, and I imagine that you may-or-not destroy it with a given pellet.
I remember '80s movies – from a time when a lot of people weren’t all that personally-familiar with computers – where someone “destroying a computer” consisted of shooting its screen, which might be not that far off what would be happening. here. In fact, I bet that that probably has a TV Tropes entry.
googles
Well, they have a guy punching it, same kind of idea.
I’ve started seeing people, who really should know better, referring to the PC tower as the CPU. As in, “I bought a bracket that mounts to my variable height desk which can hold my CPU up off the floor and let it move with my desk”.
Bro I’m looking at a picture of a custom water cooled PC here, you should know the fucking difference between a CPU and a computer case.
I learned everything about how to build a PC from buildapc... like 12 years ago. Nowadays it has been infested by idiots who don't know shit but act like they do, and also think more RGB = more better.
I don’t know what happened, but I put together a PC for the first time in some years, and holy mother of God, all the components have RGB LEDs slapped on them now. I had to actively work to find parts that didn’t have RGB LEDs on them (and I still accidentally wound up with some on the motherboard). I mean, yeah, LED case fans have been a thing for a while, and there was always a contingent that put electroluminescent strips on their computers. And it kinda grew into a lot of keyboards and mice. But now it’s a large portion of CPU fans, most cases, RAM sticks have RGB LEDs, motherboards have RGB LEDs. I didn’t have trouble finding non-RGB LED NVMe storage, or non-RGB LED SATA drives, but even there, you can get them. Hell, there are RGB LED cables.
I can only assume that a large portion of the people building PCs these days are doing it to have them physically blinged up.
Like, nothing wrong with wanting to do that, but I couldn’t believe the tiny proportion that wasn’t doing that.
The only way my box is blinged up is with tastefully beige-brown fans. I actually felt slightly betrayed by Noctua when they started making black fans.
Eh, that’s been a thing for a long time. Decades at least.
I think that the problem is that there isn’t really a great term to clearly refer to the “non-monitor-and-peripherals” part of the “computer”. “Case” would refer to just the case, not what’s in it. “Tower” or “desktop” is overspecific, refers to particular form factors. I have a tower, but some people have under-monitor desktops (though that’s rare today) or various times of small form factor PCs. If I say “computer”, that doesn’t really clearly exclude peripherals.
And honestly, we don’t really use the term “GPU” quite correctly either. I’ll call a whole PCI video card a “GPU”, but I suppose that strictly-speaking, that should only be talking about a specific chip on the card.
8 bit games would label the computer player as CPU as a shorthand, I honestly probably got snapped at by a nerd sometime in my teens for making the mistake and got the central processing unit lecture so I don’t really make that association but I also never heard anyone pronounce “NES” not as an acronym prior to YouTube, so, I figure different people have different experiences also.
You know what? They’re technically correct. There’s historically plenty of computer systems which came in multiple different cases, sometimes that’s still the case but the most obvious examples are historical, where you would get something like the CPU (yes) in one case and then a huge-ass card reader in another case and drum memory in yet another. Those drums were used as RAM. Each case was standing on the floor, at least chest-high.
Simply integrating various peripherals into the CPU doesn’t make the CPU any less of the CPU. Even ignoring the case thing and just looking at the CPU package (or even die): Modern CPUs contain a lot of things that would’ve been external to it, or even in a different case, in the past. You’ll hear the term “SoC”, system on a chip, thrown around but that’s misleading most CPUs nowadays are SoCs: You have your CPU cores, yes, but you also have a memory controller, you have storage interfaces and general IO (PCIe is a storage interface), as well as a GPU. It’s been a long time since mainboards came with northbridges. Newer CPUs may have enough memory on package to reasonably run without external memory (and not just “use the cache as ram during early boot” kind of stuff).
Imo there should be options for standard deletion and total deletion. Standard is faster, puts less wear on the drive, and keeps the files potentially recoverable, whole total would make it totally unrecoverable at the expense of taking slightly longer and putting a bit more wear on the drive
It’s to prevent you from accidentally deleting a photo you would never want to delete. If you want to make sure it’s deleted, you just go into the Photos app and delete it from the Recently Deleted folder. I prefer this approach, as I have accidentally deleted a photo that I did not mean to, and luckily it was still there. Use cases are different though, so.
That still doesn’t fully erase the data though. It just tells the computer that that space on the drive is available to be overwritten, but the 1s and 0s are still recoverable
Right, right. I understand that. I was just explaining why the option is good for people like me. I don’t take nudes, and I don’t receive nudes, so I don’t mind if the data is still there or not. I’m just glad the photo of me and my friend was still there when I noticed it was missing from my album after a recent meme deletion spree. lol
Add comment