In this living document, I will document reactions to uses of homomorphic encryption by members of the public. By “member of the public,” I mean people who may be technical, but are not directly involved in the development or deployment of homomorphic encryption systems. This includes journalists, bloggers, aggregator comment threads, and social media posts. My main goal is to understand how the public perceives the risks and benefits of using homomorphic encryption. As such, I will refrain as best I can from inserting my own commentary about the risks and benefits of using homomorphic encryption, or counter opinions to those I cite.
For background on FHE, see my overview of the field. For examples of production FHE deployments, see this living document.
If you come across any examples not in this list, please send me an email with a link.
Table of contents:
Response to Apple’s Enhanced Visual Search for photos
In October 2024 Apple released a new Photos feature called Enhanced Visual Search, enabled by default in iOS 18 and MacOS 15. This feature uses homomorphic encryption as part of a larger protocol to allow Apple to run a private nearest-neighbor search on user photos to identify landmarks and such based on an Apple-internal corpus of photos.
On 2024-12-28 Jeff Johnson wrote a blog post, Apple Photos phones home on iOS18 and macOS 15 in which he lambasts Apple for violating privacy. Johnson is a software engineer who seems to focus mainly on MacOS apps. He is also the sole proprietor of Underpass App Company, which designs apps that do various forms of “blocking” of unwanted behaviors in web browsers. He is credited for various security vulnerabilities in MacOS and iOS. He wrote a followup article three days later in which he doubles down on his complaints.
In his first article, he writes
From my own perspective, computing privacy is simple: if something happens entirely on my computer, then it’s private, whereas if my computer sends data to the manufacturer of the computer, then it’s not private, or at least not entirely private. Thus, the only way to guarantee computing privacy is to not send data off the device.
Johnson’s avoids commenting on the merits of homomorphic encryption. He claims he doesn’t have the expertise or desire to do so, and moves past it. Instead, Johnson seems to mainly care about the practical side of the security problem: that software has bugs and the more code you write the more likely there will be some kind of security vulnerability. He writes:
You don’t even have to hypothesize lies, conspiracies, or malicious intentions on the part of Apple to be suspicious of their privacy claims. A software bug would be sufficient to make users vulnerable, and Apple can’t guarantee that their software includes no bugs.
He later goes further to say that, even if the software had no bugs, he would still oppose the feature being imposed on him. In his second article, Johnson writes:
My argument was that Enhanced Visual Search offered me no benefits at all. I’ve literally never wanted to search for landmarks in my Photos library. Thus, in this specific case, no amount of privacy risk, no matter how small, is worth it to me.
This “no risk can justify zero reward” attitude is reasonable, but it doesn’t help me understand how much risk people see in using homomorphic encryption. If Johnson did want to identify landmarks in his photos, would this be sufficient protection? What feature would be useful enough to Johnson to justify using homomorphic encryption?
Johnson’s article scored 1320 points on HackerNews, making it the number 1 post on 2024-12-29 (beating the news of Jimmy Carter’s death). Most of the commentary was about opt-in versus opt-out software features, and the complexity of what people are agreeing to when they give consent versus their comprehension of what they are agreeing to, with many concurring with Johnson about not sending user data over the network for any reason without explicit consent. Some comments went far off the deep end, suggesting this feature is effectively a back-alley method of re-inserting CSAM scanning efforts into Apple’s software, so that flagged photos could be sent to law enforcement. Others pointed out many flaws in other commenters’ understanding, with comments akin to “read the fucking article.” One cryptographer, Matthew Green, chimed in to concur that while he could understand the system and evaluate its risks, it was enabled by default while he was on holiday and so he wouldn’t have had the time to do so anyway, suggesting that “enabled by default” was the main issue.
Many commenters seemed to claim this was “private information being sent to Apple,” without understanding what was actually being sent. So this raises a question that I would like to ask anyone I can about this topic: if you send an encryption of sensitive data to a company, and they don’t have the decryption key, does that constitute “sharing sensitive data” or is that “private”?
This blog post was directly or indirectly referenced by a variety of Apple-specific online publications, including
- MacWorld, which tried to convince the reader the feature is secure
- 9to5Mac, whose take was essentially, “meh, seems fine”
- Tom’s Guide, whose headline suggests a risk, but the article contains no new information.
Want to respond? Send me an email, post a webmention, or find me elsewhere on the internet.
This article is syndicated on: