Submitted 5 months ago by misk@sopuli.xyz to technology@lemmy.world
https://www.theverge.com/2024/5/15/24157284/apple-iphone-ios-17-5-update-deleted-photos-voicemails
cross-posted from: sopuli.xyz/post/12670977
iPhone owners say the latest iOS update is resurfacing deleted nudes
Nothing sinister, we just don’t delete what we say we delete. Instead we keep it in your profile to feed the algorithms and set the “deleted” flag to make you think it’s gone.
I mean, to be completely fair, that’s how data storage works.
We cannot really just make data disappear, so we let it get overwritten instead
But clearly the data is not overwritten and this was intentional. How do I know? Because that would amount to a massive amount of data, if it was de to a bug in Apple software or underlying filesystems, it would be detected in monitoring systems “Hey, we’re using 10x the data we should be, maybe we should look into it”.
The mistake was in the flag code that was supposed to fool us.
Proper deletion should include writing all 1s or all zeroes to the block but y’all be lazy as fuck.
the shred command in Linux tries to do this, but it may not work if the hardware moves rewritten data blocks around to mitigate wear.
That’s skipping over the fact that recovering deleted data, even if it isn’t overwritten, is not an “oops”. It it takes extra effort, and if that data isn’t being protected it would be overwritten incidentally as drives are used.
There is a big difference in a database between “flagging” data and actually removing the association of the data to the database.
The data just needs to be overwritten to be truly deleted.
They don’t care about your security or privacy, they care about being the exclusive vendor of your personal information.
Just the nudes. Nothing else.
Not true, it specifically states in the article that, for example, one user had over 300 photos reappear, “some of which were revealing”. This is obviously not great but it isn’t likely as scandalous as it’s being made out to be.
The joke --------->
You ¯\_(ツ)_/¯
It’s scandalous regardless. The nudes just highlight the danger of this.
If you never had any nudes in the first place, and update, is there a chance to get some?
Asking for a friend.
You should check out the federated backup of Apple Cloud. You can reach it at lemmynsfw.com. I mean your friend.
Every time I go looking, there’s a barren desert of male/gay content. In some lateral communities, furry porn is beating the content ratio like 10:1.
Y’all need to hold your phones or something while you browse the 5 billion straight communities, give me something that’s not weeks+ old. Uncut guys to the front of the queue, thanks. 📸
The only problem with that server is there are tons of shit you’d rather not see. It’s sadly not as easy to filter like the reddit porn subs are.
I think that already happened and was called “The Fappening”. You can still find it with Google.
I remember the night when I found out about that and saw Jennifer Lawrence was one of the victims 😍
Check your DMs 😏
Computer data is never actually “deleted” until it’s overwritten with new 1s and 0s — operating systems simply cut off references to it.
That’s not entirely correct, and I would expect a tech news site to know but ig not.
It’s true with spinny’s since they store data magnetically on the platter with 1s and 0s, but SSDs store data on the NAND as a held charge. If there’s a charge in the block it’s a 1 if there’s no charge it’s a 0.
With spinny’s, when a file gets marked as “deleted” the residual magnetic 1s and 0s will remain on the platter until eventually overwritten like they say
But with SSDs, when a file gets marked “deleted” then within no more than a few minutes TRIM comes along and ensures the charge on the NAND is released (Which means that data is gone, permanently) for that data, there’s no residuals to worry about like with spinny’s and is in fact necessary to ensure decent lifespans.
This is dependent on the TRIM schedule. It could be size based (execute a TRIM when 50% of the blocks are used).
It could be or maybe the SSD has its own on-firmware TRIM schedule, but all major OS’s execute a TRIM on a time based schedule no longer than every 10-15 minutes.
Perhaps, but this is unrelated. The magnetic charges may still be there, but if the reference to the content is deleted, how is the filesystem meant to know what file is there? This seems really suspicious to me.
There’s most certainly residuals, I’ve accidentally deleted then installed Windows on top of a bunch of my game saves. I found some random file recovery application and let it run for awhile. Guess what? Nearly everything was readable despite the fact it got wiped and then had a whole windows install.
NAND also experiences minor permanent damage on writes. Actually clearing the NAND involves a write as the charge has to be forced out (a write of 0s)
This can happen when TRIM is disabled
Here’s a study published last year I read that goes through this exact thing
In consideration of results obtained from the experiments, it concluded that the behavior of Wear Leveling in different SSD manufacturers having the same storage capacities does not match. It varies based on the number of files, types of files, and sizes. The recovery of files from different SSD manufacturers showed different results. In all SSDs, not a single trace of any file found in disk format scenario(s). Whereas, some of the data recovered in the delete case and from only one drive. It clearly showed different behavior of data recoveries in format and delete cases. The obvious finding from this study is that the time interval of image acquisitions played a significant role, and the longer time interval supports few chances of data recovery because the TRIM and Garbage Collection process effects clearing residual data from the drives
Which means that data is gone, permanently) for that data, there’s no residuals to worry about like with spinny’s and is in fact necessary to ensure decent lifespans.
I doubt that the firmware is doing an overwrite of TRIMmed data. Rather, I expect it’s marking it as having been TRIMmed, and so can report that it’s zeroed to higher layers. But if you can modify the firmware or otherwise bypass it, you may be able to get at the underlying media.
I doubt that the firmware is doing an overwrite of TRIMmed data. Rather, I expect it’s marking it as having been TRIMmed, and so can report that it’s zeroed to higher layers. If a higher layer queries the firmware for its content, sure, they might get zeroes returned. But if you can modify the firmware or otherwise bypass it, you may be able to get at the underlying media.
TRIM is garbage collection and is a part of the wear leveling system. The whole point of TRIM is to have the SSD only hold the charge it needs too for still in use (i.e. not deleted) data. It’s the charge that damages blocks over time, so to extend lifespans it clears everything not needed. It’s not overwriting data for security or anything per se, but rather just a result of its longevity processes
Now, I’m sure there are cheap no name SSD controllers out there with ineffective TRIM operations that just lie about the operation, but any controller worth its salt is gonna have proper TRIM.
There is also the “bad block” issue, where storage media can take blocks – which may contain readable data – out of use, so that higher layers cannot access them. That applies to rotational drives and it looks like SSDs do the same thing. Again, might require bypassing or modifying the firmware to get direct access. But there can be data leaked there.
Part of that process is to move the data to another block and release the charge to prevent further damage, it’s possible the block is damaged in such a way that it won’t even release the charge, but if that’s the case it’s incredibly unlikely to be readable.
I also wouldn’t be terribly surprised if there is lingering information even after zeros are written to an SSD that might be recoverable if you could directly access the media, though I’m not familiar with the situation there. That is the case for rotational drives – the drive platter itself is “analog”, doesn’t just store a discrete string of ones and zeroes at the physical level. I once knew a cryptographer who was working on quantifying that leakage for rotational drives.
Yea it’s possible, but now you’re in the needing x-ray machines, powerful microscopes, full clean room labs and people with extensive, specific skill sets which means $$$$$$$$$$$$$$$$$$$$ or in other words, state level budgets range. 99.99999% of people will be fine
Surprise backup
Oh, it’s up!
Is it just nudes or is it all old photos?
The former would be hilarious, it would mean that iOS explicitly classified those images as nudes.
Indeed. But Apple does have the tech to analyze images/videos:
Apple’s CSAM detection capability is built solely to detect known CSAM images stored in iCloud Photos that have been identified by experts at NCMEC and other child safety groups.
Hm… I curiously checked my phone, deleted images/videos are still deleted and haven’t resurfaced. Then again I don’t mix technology with nudity. /shrug
There are tons of reasons to take nude photos… you often have to send in nude photos for the beginning stages of surgery consultations.
And sexting is fun.
This comment comes across insanely judgemental of the individual, when the issue is that Apple deleting data and thus violating privacy.
It’s not just nudes, though. This could happen for any deleted picture. I’m not really expecting them to zero out the file system block or anything, but this implies they’re not even doing file system level deletion.
Yeah… I think I’d rather do that in person than to video record or take images of myself nude. Privacy and security is a pretty big deal to me. Hence, I don’t mix technology with nudity.
I love mixing technology with nudity. But I have also avoided this problem because I don’t mix technology and Apple.
So you use a de-googled android?
You don’t mix technology and YOUR nudity 😉
haha…
I think mixing tech and nudity is awesome! I love getting dickpics!
Did you think some else’s nudes might have resurfaced there…?
No they’re just feeling morally superior for no good reason.
As a rule, files never get deleted… They get over written. So it depends on whether that process has happened to any loose images.
can’t wait for my personally hosted, and managed hardware server to start serving me shit i never put up in the first place.
Oh wait that won’t happen, because i host it, and it’s mine, and i own it.
Well, someone obviously didn’t read past the headline: its undeleting images locally that haven’t been overwritten
merges WordPress into the apt repository for grep
watches the world burn
:)
The article is being disingenuous about data not being deleted unless it’s overwritten with 1’s and 0’s. Technically that’s true, but:
Most data being deleted is equivalent to a piece of paper being placed in a trashcan, and it’s “permanently” deleted when that trash gets hauled away to a landfill (or supposedly recycling but that’s another topic). Technically it’s still forensically accessible, but it isn’t accessible by any normal means. That piece of paper may not have been incinerated, but for the majority of practical purposes, it’s gone.
Apple never hauled the trash away, even though they claimed they did. There should be no way for them to accidentally restore those photos, just like there’s no way for you to accidentally get a piece of paper back in your trash bin after it’s been sent to a landfill.
Focusing on the 1s and 0s skips past the fact they failed to complete the first, obvious, essential step. If they didn’t delete it the simple way, they would never have gotten to the 1s and 0s step. This isn’t just a simple oversight, and those pictures were still very easily accessible, just not to the people who should have been in control of them.
I still don’t get why people take pictures of themselves being nude and complained when it got leak because data breach
“I don’t understand why people have sex and then complain when they can’t get an abortion because of Roe v Wade being appealed.”
This is what you sound like. Blame the system, not the individual for having a better sex life than you.
Pretty sure physical contact is far superior to… sending nudes. But if that’s having a better sex life, hey good on you LOL
Are they not happy when they got back what they thought was lost? :-)
I’m a paper user and I burn all my letters using a large amount of heat.
This is the best summary I could come up with:
Apple appears to have a bug that’s dredging up data that iPhone owners thought was gone.
Some iPhone owners are reporting that, after updating their phones to iOS 17.5, their deleted photos — some quite old — are popping up again, according to a Reddit thread that MacRumors spotted.
People reporting the apparent bug say that they’re seeing old photos appear in their Recents album after Monday’s update.
iOS does give users the option to restore deleted photos, but after 30 days, they’re supposed to be permanently removed.
The person who started the thread claimed that NSFW photos they had deleted “years ago” were back on their phone.
Computer data is never actually “deleted” until it’s overwritten with new 1s and 0s — operating systems simply cut off references to it.
The original article contains 288 words, the summary contains 131 words. Saved 55%. I’m a bot and I’m open source!
No way! Prove it
Carful, this deleted comment might resurface!
Hopefully my previous comment about playing with dried dog shit in a kids sandpit is the best defensive manoeuvre.
lolola@lemmy.blahaj.zone 5 months ago
I appreciate this thread’s nuanced discussion of how file deletion works from a technical standpoint depending on storage medium. But as a user, when I delete something, it should go away forever. I don’t care how.
wreckedcarzz@lemmy.world 5 months ago
grabs your phone, throws it on the ground and blasts it with a shotgun
There you go! =)
piracysails@lemm.ee 5 months ago
Cloud’s deleted folder enters the chat.
gravitas_deficiency@sh.itjust.works 5 months ago
Well… if you really want to delete them…
takes blasted phone, insert remnants into small iron cup, places in inductive furnace
lolola@lemmy.blahaj.zone 5 months ago
Hey at least I know it gets the job done
TimeSquirrel@kbin.social 5 months ago
If every time an OS had to delete something it had to fill the space with zeros or garbage data multiple times just to make extra sure it's gone, we'd all be trashing our flash chips very fast, and performance would be heavily degraded. There really isn't a way around this.
The solution to keep private files private is to put them into an encrypted container of some sort where you control the keys.
5too@lemmy.world 5 months ago
Step away from hardware constraints for a moment, and consider the OS:
If the OS says a file is deleted, under no circumstances should the OS be able to recover it. And yet, it apparently was. Thus, the concerns about data safety in an environment where the OS is unreliable.
LodeMike@lemmy.today 5 months ago
Well, the storage device should handle that then. And modern NVMEs do.
LodeMike@lemmy.today 5 months ago
The OS should never let that happen. It always should abstract the partition into a filesystem.
LucidNightmare@lemmy.world 5 months ago
It’s to prevent you from accidentally deleting a photo you would never want to delete. If you want to make sure it’s deleted, you just go into the Photos app and delete it from the Recently Deleted folder. I prefer this approach, as I have accidentally deleted a photo that I did not mean to, and luckily it was still there. Use cases are different though, so.
starman2112@sh.itjust.works 5 months ago
That still doesn’t fully erase the data though. It just tells the computer that that space on the drive is available to be overwritten, but the 1s and 0s are still recoverable
starman2112@sh.itjust.works 5 months ago
Imo there should be options for standard deletion and total deletion. Standard is faster, puts less wear on the drive, and keeps the files potentially recoverable, whole total would make it totally unrecoverable at the expense of taking slightly longer and putting a bit more wear on the drive