Ian Miers

And now is when someone should point out private compute for AIs and TEEs are not secure enough to make on by default chat monitoring a good idea. Because they aren't. It's terribly insecure, especially against hostile governments. It's just ... better than without.

Private AI needs to be the norm because opting out is impossible for many apps. Take messaging or photo sharing: even if you opt out, the recipient likely has AI enabled—maybe even on by default. Your data ends up in their app's AI cloud. Private compute for AI must be a default.

And before anyone says TEEs have imperfect security, the point is they're a massive improvement. And essential in a future where AI assistants get baked into your chat apps and browser watching every move you make, video you view, and message you send.

This is doable today. Apple already has Private Cloud Compute, and Nvidia's H100 GPUs come with Trusted Execution Environments built right in. The pieces are there—your AI conversations could run where even the NYT, OpenAI, and hackers can't snoop.

Making LLM chats private is a good idea. We've accepted too much data harvesting already—this moment lets us reset the norm around who controls our data online. But let's go further: put LLM chats in private compute, so you get technical guarantees you control your data.

x.com/sama/status/...

Classic Google: an A/B test (a rare overt one)
Classic Google AI: it doesn't actually work (you can't submit)

Incidentally, if your Signal is now flooded with work chats, you can organize chats into folders
Settings->Chats->Chat Folders. Looks like its Android only for now.

Friend messaged me: Signal's going mainstream. They've got 150+ active chats. Work life invaded their friend space.

Its not just Signal being in the news: people don't trust other apps. Too many places to half-ass privacy: be it backups, ads, or an AI reading over your shoulder.

It's the year 2030. AIs write all our sitcoms now, but they're just endless FRIENDS clones because the underpaid content moderators in offshore offices learned that's the pinnacle of American comedy.

In particular, once you have digital passports/drivers licenses loaded into everyone's devices for privacy preserving uses, it becomes easier for governments to require non-private uses too. Like attaching your real name to everything you do online.

Privacy preserving identity also raises some questions:
1) where is it appropriate to require such checks. To pick spicy extremes from US politics: should we age gate LGBT sex ed content online? 2nd amendment content?
2) What guarantees do we have privacy isn't turned off later?

So what comes next?
Well one problem with digital IDs (even without privacy) is checking the ID is actually your ID and not someone else's you copied.

Phones, however, have biometric sensors in them. They can check the ID is of you without sending data to a third party.

Anonymous credentials from ECDSA Anonymous digital credentials allow a user to prove possession of an attribute that has been asserted by an identity issuer without revealing any extra information about themselves. For example, a us...

So, this would let you prove to a website you are over 18 while hiding your identity.

Notions of zk-identity have been around for a while, but 1) this is amazing step to worlds wide scale usage
2) Some hard work went into making this practical eprint.iacr.org/2024/2010.

It’s now easier to prove age and identity with Google Wallet Learn more about new Google Wallet updates, including new ways to use your digital ID for age and identity verification.

Google announced they will support privacy preserving age verification via zero-knowledge proofs.

You prove you have a signed digital copy of a drivers license and it says you are over 18 without revealing anything about you (name, birthdate, etc)
blog.google/products/goo...

hasn't launched

But the whatsApp AI opt-out is a fig leaf, it has to be enabled per chat. And they won't even be explicit that its opting out of a security downgrade caused by AI features in WhatsApp. Instead its phrased as an advanced feature most users can ignore.

A responsible roll out of AI in an **encrypted** chat app should require opt in by the message author.
Instead, WhatsApp is saying look, the recipient gets to decide if they can upload your texts/photos to Facebooks AI. They clearly know this is creepy, hence the opt-out.

"When the setting is on, you can block others from exporting chats, auto-downloading media to their phone, and using messages for AI features"

But the last bit only makes sense for AI features inside WhatsApp, that WhatsApp built, anything else is covered by "exporting chats."

WhatsApps "advanced protection" blog post is double speak. Instead of end-to-end encryption, you get downgraded to end-to-AI encryption. But its phrased as a feature: you can opt out of "others" uploading data, as if WhatsApp has nothing to do with it.
blog.whatsapp.com/introducing-...

The war on encryption is dangerous Government demands to access encrypted data via back doors will leave it vulnerable to hacks, breaches and theft

on.ft.com/4kBAyyo

The US learned this the hard way. China's "Salt Typhoon" exploited telecom backdoors meant for the FBI. A Senator called it "the worst telecom hack in our history." In DC policy lingo, in the era of Great Power Competition, encryption is an asset. The UK's fighting the last war
t.co/HNmzZbTkEQ

The UK is fighting the last war by trying to backdoor encrypted messaging worldwide. The US tried the same trick in the Obama and Bill Barr DoJs. Thankfully, saner minds prevailed. Now the FBI recommends encrypted messaging because it makes us safer from nation state hacking.

This isn't about backups. The UK wants a backdoor to spy on nearly all iMessages. Worldwide. Remember backups are on by default: every iMessage gets uploaded to iCloud. Even if you turn off backups, your friends won't. The UK is asking Apple for copies of virtually every iMessage

@meredithmeredith.bsky.social points out the real story with Apple disabling encrypted backup (and therefore effectively iMessage encryption) in the UK. The UK is demanding a global backdoor for all data, including Americans. Apple is resisting as best they can.

Bottom line, the UK is trying to force Apple to break a key part of end-to-end encryption for users, even outside the UK. The UK shouldn't have access to Americans' data, and they can't be trusted to secure it from other countries who really shouldn't have access.

In 2015, a backdoor the NSA put in VPNs was exploited by a foreign power—sounds like a bad airport novel. It's real. US Senators even questioned how the intel agency lost its own lessons-learned report for the breach. A report the UK should read! archive.ph/JRScFWy

Salt-Typhoon was a hack of US telecom systems that was so bad, it caused the FBI and every Anglosphere intelligence service (except the UK) to recommend everyone use the exact end-to-end encryption the UK wants to undermine.

The UK is demanding access to Apple users' chats and photos, world-wide. The UK is an ally, but they shouldn't have access to American data. Worse, the UK is likely unable to secure the data, exposing it to other foreign governments who are not allies. It's happened before...

U.K. orders Apple to let it spy on users’ encrypted accounts Secret order requires blanket access to protected cloud backups around the world, which if implemented would undermine Apple’s privacy pledge to its users.

Easily overlooked threat: The UK is demanding Apple expose your iCloud data, no matter where you live. Apple is fighting for limits, but the demand is world-wide access, not just for UK persons. This is terrible for US sovereignty and national security.
wapo.st/4k2AF5Z

Trump and Apple better tell the UK to go to hell with its demand to access Americans’ private, encrypted texts and files. Trump and American tech companies letting foreign governments secretly spy on Americans would be an unmitigated privacy and national security disaster.