Imagine my surprise when browsing these images in the Finder, Little Snitch told me that macOS is now connecting to Apple APIs via a program named mediaanalysisd (Media Analysis Daemon - a background process for analyzing media files). [...]
- In 2021, Apple said they'd scan your local files using your own hardware, in service of the police.
- People got upset, because this is a clear privacy violation and is wholly unjustifiable on any basis whatsoever. (Some people speculated that such a move by Apple was to appease the US federal police in advance of their shipping better encryption features which would otherwise hinder police.)
- Apple said some additional things that did NOT include "we will not scan your local files", but did include a confirmation that they intend to ship such features that they consider "critically important".
- The media misreported this amended statement, and people calmed down.
- Today, Apple scanned my local files and those scanning programs attempted to talk to Apple APIs, even though I don't use iCloud, Apple Photos, or an Apple ID. This would have happened without my knowledge or consent if I were not running third-party network monitoring software.
By default, Little Snitch allows all connections to Apple and iCloud. To block this process (and others) you have to un-check the "icloud.com" and "apple.com" rules on the "System" tab. And then endure two days of whack-a-mole while re-allowing the ones you actually want to be able to connect to Apple, like softwareupdated and IMTransferAgent and a dozen others.
Update: Lots of people keep sending me this rebuttal, and telling me "it no longer phones home as of the OS update that was released 5 minutes from now, so problem solved." Ok, that may well be. But when my OS was phoning home on my photos yesterday and happens to not be phoning home on them today... that doesn't really build trust. Intent matters, and we know what Apple's intent is because they told us. Code matters, and we are not allowed to see Apple's code.
Maybe the fact that it phoned home with a null response is only because the test photos didn't match some magic neural net -- congratulations, Apple didn't report your test images to the FBI.
We cannot know. But suspicion and mistrust are absolutely justified. Apple is examining your photos and then phoning home. The onus is on them to explain -- and prove -- what they are doing and why. They are undeserving of you taking them at their word.
Previously, previously, previously, previously, previously, previously.