Apple elaborates on iOS 17.5 bug that resurfaced deleted photos

Apple fixes bug: wHy dOeSn't aPpLe eLaBoRaTe wHaT ThIs bUg wAs aBoUt

Apple elaborates: WhO Is gOnNa bElIeVe aPpLe

Poor Apple, people really should give them a break.
- Scrutinizing the big tech giants is valid, but the confirmation bias and tin foils hattery around this topic has been a little silly. In a technology community, it sure would be nice to have conversations about how the technology actually works.
- Well it keeps people very busy, it seems. So what's the point I am clearly missing here? It feels like we are living in that rabbit asking the bakery for a carrot cake joke.

Lemmy: Apple doesn’t care about your privacy and is secretly keeping your deleted photos because they want your data.

Reality: 1) iCloud photos are E2EE 2) Apple doesn’t have an encryption backdoor, which is why the feds keep pushing for one 3) violating deletion requests is illegal in their core markets

Aaaand… 4) your ass probably already has thousands of photos that you didn’t delete. They don’t need your deleted photos if they want to train models. They have more than enough stuff that you didn’t delete.

Small correction - iCloud Photos are only end-to-end encrypted if you enable Advanced Data Protection, which was introduced in December 2022, and otherwise Apple has the keys. See https://support.apple.com/en-us/102651 for more details.
So the uploaded photos in question couldn’t have been e2ee. Even so, it’s reasonable for people to question the legitimacy of e2ee given instances where it’s been shown to be a lie or for the data to also have been transmitted without e2ee, like Anker’s Eufy cameras’ “e2ee” feeds clearly being accessible without keys from the user devices, or WhatsApp exposing tons of messaging metadata to Meta.
That said, I personally wasn’t using iCloud Photos prior to enabling Advanced Data Protection, and I had a few deleted photos show up from several years ago, so Apple’s explanation makes sense to me. And, like you’ve pointed out, most of the speculation was devoid of any critical thinking.
Well people had other people's photos popping up in their own photos app. So not sure how they handle 'encryption'. But it's best to treat all photos uploaded to cloud as public, because that's likely how it is. Can't trust Google, Amazon or Apple with your data when they can and are making so much money off of it.
- No one was able to reproduce that. That claim of seeing others photos was from a Reddit user who deleted the post.
As its all proprietary you can’t, and basically nobody can, say anything about a backdoor. It’s pure trust in this corporation.
- It’s not proprietary. It’s the AES 256 standard.

In a now-deleted post, a Reddit user last week alleged that their photos reappeared on an iPad they sold to a friend, despite them having erased the content of that iPad prior to selling it. Apple tells me that this claim was false.

I had a feeling this was the case. It makes absolute zero sense that a fully erased device on a different Apple ID could have this issue.

It was such an obvious troll. Nobody with the slightest knowledge of how iOS works bought it. Just click bait.
This is weird especially because iOS uses file based encryption, and when resetting the device the key is thrown away. So even if the files were still there, they would not be readable. I think they didn't reset the device properly and instead deleted the apps manually is likely why this happened

I’d still like a deeper dive into how database corruption led to data restoration

It seems like deleting a photo must just be removing the entry from the SQLite database, and not actually deleting the photo?

Media library apps have been doing this kind of stuff forever. An index of the files + metadata allows for a better and more performant experience. But, if an entry in the DB gets pooched, file remains on the drive and is hidden from the user.
Many media library apps actually have a way to repair and or rebuild the library DB if it gets out of sync or corrupted. iTunes straight up put that feature in the menu bar. The Photos app will do it if you launch the app while holding command-option.
Back when iPods were king, how many of us had old music come back to life after a fucked up iTunes library was rebuilt? It’s kind of a similar issue.
- Sure, an index makes sense for quick search, but I’m confused why deleting it wouldn’t remove it from the filesystem too
  Is that why iPhones seem to have no idea how much disk space they’re using?
Yeah they keep it for AI training.
Such bs.
- @Valmond @ozymandias117 oh so we’re still doing the baseless-accusation-without-knowing-how-it-works thing?
  They keep deleted photos for a time in iCloud in case someone comes looking for them
  Every cloud storage provider does it, every mail server does it, it’s incredibly commonplace

In a now-deleted post, a Reddit user last week alleged that their photos…

A recently deceased Boeing employee alleged that the quality control process…

Apple repeatedly emphasizes that this problem was rare and affected a small number of users and a small number of photos. The company did not and does not have access to a user’s photos or video.
This is still a disconcerting issue, but there is comfort to be taken in the fact that the photos in question were not stored in iCloud and could not have resurfaced on a device after it was properly erased and sold.

Oh, if they say so themselves then I trust them 100% always trust the culprit words, thank you Apple for telling the truth (it's the truth because they said so)

Edit : apologies if this comment came off as aggressive, I did not check the community I was in ; I totally understand you guys would be less skeptical of apple than I am

Tl;Dr: They’re saying pretty much what we expected.
Well, it does jive with what all the tech folks expected since it follows how OSs have always deleted files by deleting only the meta data. This is how recovery programs are able to recover corrupted and deleted data. This is obviously a simplified version but you get the idea.
I mean, maybe. But at the same time, they are the authoritative source for all things Apple. I’m sure they do downplay or exaggerate things, but that doesn’t mean they’re outright lying about everything. Then again, you could say that about any company in any sector. Be it Apple, Google, Samsung, or someone else, if you really don’t trust them, why do you use them?
That’s a never-ending death spiral of paranoia you won’t get away from. The only way to get close is to go 100% off-grid, no technology, no human contact, grow your own everything. Maybe that’s for some people, and kudos to them. But that’s not for me.
Pick your battles. Don’t sweat the petty stuff (nor pet the sweaty stuff). Also, don’t post anything you wouldn’t want the world to see if Tech Giant were to be hacked.
Also:
search yourself online and remove yourself from all of those people search websites
Freeze your credit accounts when you’re not actively using them
Always set up 2FA (TOTP preferred, as SMS is weak) when available
Use a password manager (like Keepass) and randomize all of your passwords
Use at least 20-character long passwords when you can
Complain loudly to websites that cap passwords at less
Check haveibeenpwned.com for each email you use regularly
Suppress your Lexus Nexis public data
For US citizens, add yourself to the National Do Not Call Registry
Be proactive and not reactive.
- Those are good tips for the uninitiated, thanks for sharing!