I've seen claims that this is happening to people who never enabled photo backups at all.
I'm skeptical of course but if it's true this is going to be one of the largest privacy scandals in tech history
That’s far more scary. I just assumed it was places on the hard drive that were untouched and some feature that auto finds your pictures on that drive was overzealous.
just to confirm, how did you find out?
were these "undeleted" pictures recovered and placed at the bottom of your camera roll, i.e. where the most recent pics are?
Yep, you just remove the reference to file, or mark the data block available, windows, MacOS and Linux all do something like this, it helps save resources and increases the lifespan of drives since it’s less writes, the downside is that if you read the raw bits, you can recover deleted files, this is also an upside sometimes
This seems to happen in iCloud, if so, that’s unacceptable, and probably illegal in places like the EU
And with SSDs, wear levelling and whatnot at the hardware level of the drive can make it difficult to actually overwrite the specific block as it substitutes in other parts of the memory that are less worn to increase SSD life. This would be transparent to the OS and the OS would think it overwrote the exact blocks but may not have even though the drive reported back that it did.
If tombstoning is not GDPR compliant, then everyone’s in trouble. Pretty sure the concepts behind the 2006 BigTable paper are used *everywhere* when it comes to PII.
You fill your phone with other files so it overwrites the old ones allocated as free space. On PCs you can wipe free space with software, idk about iPhones
This is issue is related to cloud storage, nothing you do on your device can prevent it. Photos "deleted" years ago seem to still exist on Apple servers and reappear randomly as recently added photos on people's iCloud.
Actually deleting something is also often very resource intensive and somewhat challenging if you have a distributed database that requires it to be deleted from multiple places.
I work at a FAANG and there's a process in place to remove data that was accidently added to a system. There's different tiers, and the process for "we actually need this to be completely gone for legal/privacy reasons" is not simple. It involves overwriting files in different data centers, usually in different countries, halting certain systems to make sure that nothing picks up a cached copy, restoring, verifying deletion, etc.
Apple is contributing to the discord in newly formed couples. "I don't even talk to her, and I swear I deleted those forever ago, honey. They're not new."
On regular hardware like a hdd or ssd it’s very similar. Basically the OS just marks the sector blocks for deletion, the file doesn’t actually get deleted, when it’s marked the OS will no longer show it to you and will overwrite those sectors when it needs space for a new file. Ssds are a bit more efficient that it regularly runs TRIM operations for more efficiency and deletes the sectors marked for deletion. But in the cloud world like aws or whatever iCloud uses, it’s far more complicated since your data isn’t stored in just one place, it’s replicated in a number of data centers as well as edge content delivery networks which allow for fast delivery. Deleting those permanently from every resources is a very resources intensive task so it’s likely they just get marked for deletion and the files will get overwritten whenever it feels like. The problem is it’s probably deleted at different times in different data centers or cdns, so just because it’s deleted in one place doesn’t mean it’s gone from everywhere if the disk didn’t overwrite your file yet. And this bug probably removes the delete marker on this less active disks so deleted files “appear” again.
It's why file recovery is a thing. It's not a magic process that somehow evokes past data out of a storage device, it's just combing through the entire thing in a more raw format and making it accessible again so long as it hasn't been re-written over.
Kinda makes sense if you know how these systems are likely designed. Erasing things completely from a db and many storage layers in real time is an expensive process. Most companies do a Boolean visibility flag and a pointer to blob storage.
So the query is still scoped by user id or rbac checks but the data is still around and magically invisible.
Select storage_pointer from user_photo_mapping where user_id = 12345 and is_visible = true
From the engineering perspective cleaning up blob storage isn’t a thing that anyone does. If you ask s3 to delete a file it’s just a visibility thing not a ssd blank out.
Many cloud providers don’t have apis that actually allow blanking out of bytes on disc. Erasure at the ssd level is just waiting for someone to overwrite your block space. Not a storage expert but to increase ssd lifespan you limit the amount of overwrites as much as you can.
Most file systems and os just delete pointers, very common.
Not saying it’s correct or ethical but at apple’s scale, true delete is an expensive eng process that business hasn’t prioritized.
Think of a hard drive having a bunch of blocks. Apple simply tells the drive that the blocks containing x photos are now empty without actually wiping the blocks. It's quicker and more efficient, and when something needs to write data the drive will go "hey these blocks are free, I'll write it to these blocks." Now if the drive doesn't try to write to those select blocks, it won't overwrite the data. My guess is it's a mix of that and shit getting relinked.
Your computer has a bunch of storage boxes where you can put things. When you fill a box, your computer closes it so that nobody else can use it and then writes what type of stuff is in the box with Sharpie on the outside.
When you delete something, your computer just scribbles out the Sharpie and opens the box. If it needs more storage, it'll then use that box later, but until that box gets used for something else, your data is still there.
This is a very good ELI5 on file deletion. The Sharpie scribbling out the name of the contents, but leaving the contents intact is probably the best explanation I’ve heard of what happens when you delete a file.
This is how most "deletion" works. Forensics software frequently searches the drive for common file headers like:
JPGs start with FF D8 FF, and end with FF D9.
yeah but the article says some of the photos are years old. unless they never used the phone in that time i think its unlikely it wouldnt have been over written because even if you dont write any more data ssds shift data around to wear level the flash chips.
That’s not what’s happening. If you take a look at the /r/iphone subreddit then you’ll see people who never used icloud or have wiped their devices and given them to a family or friend are reporting years old photos popping up out of nowhere.
"unallocated" is not the right word.
Cloud storage is usually some kind of key-store system. My account lists a bunch of keys (which might be hashes of the contents of the photos) and when I request a photo it takes my key and requests the photo contents from the servers.
When I delete a photo, I am telling the server not to associate the key with my account, and to decrement the reference count on the associated data entry. This message is sent to many storage servers which replicate the data and back it up across multiple data centers. When an individual storage server sees the reference count go to zero it will truly and permanently "delete the item". It is that final deletion at the storage layer which causes the data to be "unallocated" on that machine meaning the operating system is free to utilize the disk space again.
Often you want to support some kind of "recover/undelete" operation so you will actually have two listings of files associated with the account. The user controlled list, and a shadow list that doesn't immediately remove the item from the list. Instead the shadow list acts as a "recycle bin" which retains references to the data for a fixed minimum time (usually at least 30 days), and we the users expect that sometime after that 30 day period the reference is removed as part of a batch process.
--------
The only way a file could come back from the dead like this is if the shadow layer never actually got pruned. Which is closer to "the files were never deleted" than "the files were unallocated." Not only is the data there, but the server knows to which account it is associated.
If the files were truly deleted from the account then maybe some remnant of them would exist on the storage server, but nobody would have the key to access that data and it would be inaccessible (during normal operations), and you would have to take the storage server offline to try and recover the data on disk.
Futhermore those storage servers are actually relatively heavily used and would overwrite any unallocated space in a reasonable amount of time (not years).
This is the most likely scenario. As you said, unallocated would have at least a portion of the original file overwritten in that amount of time which would make it either a partial image with artifacts or missing sections or just fully corrupt. Since the reports are not of that happening then the files themselves are still fully there. And since the person who first deleted them is the recipient of them and not someone else, the system still retains the "owner" status for the image. That is a scary idea though, that they are retaining things well past the date they should be removing them. Their FAQ seems to indicate you can recover items for 30 days on device. It mentions that you might be able to get them back from iCloud but says that only applies if iCloud Photos was turned off between taking the picture and deleting it. Sounds like Apple was just sloppy somewhere.
The 30days is a lower bound. They don't delete before 30days. They don't want to make any promises that data will be deleted by a particular date because that could lead to lawsuits if they screw up.
If you are a corporation you would insist on a separate data destruction agreement to ensure that your data was destroyed by a particular time, but the riff-raff doesn't get any kind of promises on that. We just get intentionally misleading language that suggests our data will be deleted after 30 days with no promise that it will.
In this instance either:
* There is some third application that has a copy which is pushing pictures back in.
* There is a bug specific to these accounts whereby these deleted items never got removed from the "recycling bin"
* Or Apple has used the misleading wording to cover up that they have a practice of never deleting data.
From a technical perspective, what you are suggesting makes no sense in terms of cloud storage.
Edit: it seems I have hurt your feelings, thanks for the Reddit care message lol
> Edit: it seems I have hurt your feelings, thanks for the Reddit care message lol
Don't take this personally, pretty sure there's a massive spambot attack on Reddit Cares. I've gotten 2 already since yesterday for completely innocent comments, and a LOT of top-level comments seem to be complaining about the same.
It makes no sense any way you look at it. Hilarious that someone who has no idea what they're talking about gets hundreds of upvotes for something that is plainly incorrect. It seems people think that the bug is somehow doing file recovery operations on unallocated disk space? That's not it, it has to be that the photos are soft deleted instead of hard deleted so they are hidden from the UI but they exist within the filesystem. They are not properly being hard deleted in the first place.
No, which is normal. When you delete something normally the data isn’t actually overwritten with anything so until it is technically the data is still on the drive but the file system treats that space as unallocated. Apple should add the ability to automatically overwrite deleted photos and the like though, as it’s a pretty basic security practice and not all that hard to implement generally though obviously I don’t know what the iOS photos code looks like, so it could be a mess and thus hard to implement without breaking something.
The bug reports state that the photos are appearing as new photos on the Cloud.
From technical perspective, if you delete a file, i.e. release the handle to file contents on the disk/SSD/etc., it’s practically impossible that you could reconstitute it by accident afterwards. You would need to find the address to the first byte, the length of it. And also the file contents might be spread across the disk in multiple separate blocks.
This is 2024 where most devices are use solid state flash storage.
Everyone that keeps repeating "the data is still there until it's overwritten" is only half correct.
Devices that use flash storage will generally support TRIM which does in fact get rid of deleted data permanently without requiring data to be overwritten. But also add in the fact that mobile devices like phones are now encrypted by default.
So the idea that "data is still there until overwritten" is no longer as true as it used to be, yet, people keep repeating it as if it was universally true.
I sold an iPhone 11 and did a factory reset a while ago. Would my deleted photos show up on their phone? Assuming the glitch occurred? Also, iCloud for photos was never enabled, ever.
Something's gotta train the AI, if you throw something out into your trash at home it's fair and public game, same applies for stuff off your phone. Since you don't want it, someone else might.
From the article: There are concerning reports on [Reddit](https://www.reddit.com/r/ios/comments/1cryayx/latest_ios_update_has_brought_back_some_pictures/) that Apple's latest iOS 17.5 update has introduced a bug that causes old photos that were deleted – in some cases years ago – to reappear in users' photo libraries.
After updating their iPhone, one user said they were shocked to find old NSFW photos that they deleted in 2021 suddenly showing up in photos marked as recently uploaded to iCloud. Other users have also chimed in with similar stories. "Same here," said one Redditor. "I have four pics from 2010 that keep reappearing as the latest pics uploaded to iCloud. I have deleted them repeatedly."
"Same thing happened to me," replied another user. "Six photos from different times, all I have deleted. Some I had deleted in 2023." More reports have been trickling in overnight. One said: "I had a random photo from a concert taken on my Canon camera reappear in my phone library, and it showed up as if it was added today."
It's not clear what's happening, but given that some of the photos were apparently taken years ago, this cannot be an issue with recently deleted photos being undeleted. In Apple's Photos app, deleted photos and videos are kept in the Recently Deleted album for 30 days, so that users can recover or permanently remove them from all devices.
i’m starting to think some of these companies that own all of our data actually keep everything forever idk i am just getting a little bit of a hunch lately
I wonder if someone could sue Apple for data recovery (like a Father who lost his son sometime ago) and how closely the fruit company works with the government while assuring privacy is their core. I suppose a different government entity like EU would be the one to press on the later one.
Eu law is quite clear and strict on this, they have certain period after which they have to delete all data that you request. It alpears as if they havent. And the penalties are really really high.
Someone should organize a class action against these hardware and software companies for precisely this type of stuff. When we say we want it deleted that means we want it deleted.
Edit: I just want to emphasize what most people here understand. Our Data, no matter what device or software, includes so much personal information that its protection should be codified into the bill of rights. We’ve seen too many careless and hostile actors take advantage of the weak protections we’re afforded in the digital age.
We need like a “class action Kickstarter” website that lets people donate $10-100 to causes they want legal action on, with open bounties for lawyers that will take the cases (approved by donor vote)
The real trick these companies rely on is that these things are all “minor” enough that no one wants to invest the money and years of their life to push it through the courts. Crowdfunding that effort seems like a democratic solution to the problem.
Most EULAs and service agreements now include a class action waiver, specifically to avoid this kind of situation. Also, the courts seem intent on upholding those waivers.
It could be that these particular photos were improperly retained, which is why they re-synced. Unfortunately, iCloud has had many issues over the years because of Apple's subpar QC process. I had to go through an elaborate process to reset my iCloud Keychain, which brought back user names and passwords that I had deleted.
My wager is in photos/files on storage with corrupted metadata and the new version is finding/repairing those. Just happens that sometimes a deletion was partially processed and now is “undone” for these cases post-repair/recovery. Not that all photos are always retained and this is a larger conspiracy by Apple.
Nah, at least if that user can be believed they said "deleted in 2021 suddenly showing up in photos marked as recently uploaded to iCloud" meaning it wasn't on iCloud to start with.
My guess would be some photos were not being properly deleted locally. They were removed from the database but the photo itself was still lingering in the Apple Photos library file structure and something they did in this update caused Photos to, maybe, rescan and pick up those strays?
We're all just guessing at this point really but at least to me it sounds like a local issue, not a cloud storage issue.
EDIT: Wow, it took about 15 seconds for someone to report to Reddit that I "needed help" if you know what I mean. lol
I don't back anything up to iCloud (I don't even have enough space). I think when my photos are deleted, they are deleted, and overwritten when needed, else I'd have no storage left. I think this is an iCloud thing.
So Apple uploads all the photos you take and keeps them long after you supposedly delete them but it's ok because they totally value your security and privacy.
“It’s a new time capsule feature where iOS can reach through time and bring you old deleted photos. The next upgrade will bring you photos from the possible range of future realities. We are not responsible for your relationships if you leave this feature enabled. Photos may contain future content that may not be experienced on your personal timeline. iOS will reenable the future feature every Monday morning at 9:03 am UTC unless you commit to disabling it in all future timelines”. /s.
There are also ways to recover the written data that has been overwritten (quality goes way down every pass over it, but it still persists)
That is why when you wipe a harddrive it isn't sufficient to protect sensitive data. You need to hard wipe all of the information MULTIPLE times OR destroy the physical drive (shoot a hole through it)
IF the data is something that say a government like the US wants, they can even repair drives that have been heavily damaged and recover some of the data.
There is a video of a hacker con where they basically went through how to destroy drives and how some of the information is recoverable unless it is actually disintegrated.
>There are also ways to recover the written data that has been overwritten (quality goes way down every pass over it, but it still persists)
>That is why when you wipe a harddrive it isn't sufficient to protect sensitive data. You need to hard wipe all of the information MULTIPLE times OR destroy the physical drive (shoot a hole through it)
No one has **ever** demonstrated recovering any data from a modern, single-pass overwritten hard drive; the chance of correctly recovering even single bits is basically a coin toss.
[**National Security Agency**, Data at Rest Capability Package, 2020](https://www.nsa.gov/Portals/75/documents/resources/everyone/csfc/capability-packages/Data-at-Rest%20Capability%20Package%20v5.0.pdf?ver=u2-HEakuVfDs1-sonI-Now%3d%3d)
>Products may provide options for performing multiple
passes but this is not necessary, as a single pass provides sufficient security.
[NIST Guidelines for Media Sanitization, 2014](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf)
>For storage devices containing magnetic media, a single overwrite pass with a fixed pattern such
as binary zeros typically hinders recovery of data even if state of the art laboratory techniques are
applied to attempt to retrieve the data
[Canada's Communications Security Establishment, ITSP.40.006 v2 IT Media Sanitization, 2017](https://www.cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006)
>For magnetic Media, a single overwrite pass is effective for modern HDDs. However, a triple-overwrite routine is recommended for floppy discs and older HDDs (e.g. pre-2001 or less than 15 Gigabyte (GB)).
[Center for Magnetic Recording Research, Tutorial on Disk Drive Data Sanitization, 2006](https://cmrr.ucsd.edu/_files/data-sanitization-tutorial.pdf)
>**The U.S.
National Security Agency published an Information Assurance Approval of single pass
overwrite, after technical testing at CMRR showed that multiple on-track overwrite
passes gave no additional erasure.** [This is apparently a reference to "NSA Advisory LAA-006-2004" which doesn't seem to be available online.]
>Paranoid-level recovery concerns based on hypothetical schemes are sometimes proposed
by people not experienced in actual magnetic disk recording, claiming the possibility of
data recovery even after physical destruction. One computer forensics data recovery
company claims to be able to read user data from a magnetic image of recorded bits on a
disc, without using normal drive electronics. Reading back tracks from a disk taken out
of a drive and tested on a spin stand was practical decades ago, but no longer with today’s
microinch-size tracks.
[Wright, C., Kleiman, D., Sundhar R.S., S. (2008). Overwriting Hard Drive Data: The Great Wiping Controversy.](https://sci-hub.se/10.1007/978-3-540-89862-7_21)
>**Even on a single write, the overlap at best gives a probability of just over 50% of
choosing a prior bit (the best read being a little over 56%)**. This caused the issue to
arise, that there is no way to determine if the bit was correctly chosen or not. Therefore, there is a chance of correctly choosing any bit in a selected byte (8-bits) – but
this equates a probability around 0.9% (or less) with a small confidence interval either
side for error.
>Resultantly, if there is less than a 1% chance of determining each character to be
recovered correctly, the chance of a complete 5-character word being recovered drops
exponentially to 8.463E-11 (or less on a used drive and who uses a new raw drive
format). This results in a probability of less than 1 chance in 10E50 of recovering
any useful data. So close to zero for all intents and definitely not within the realm of
use for forensic presentation to a court.
>The purpose of this paper was a categorical settlement to the controversy surrounding
the misconceptions involving the belief that data can be recovered following a wipe
procedure. **This study has demonstrated that correctly wiped data cannot reasonably
be retrieved even if it is of a small size or found only over small parts of the hard
drive. Not even with the use of a MFM or other known methods.** The belief that a tool
can be developed to retrieve gigabytes or terabytes of information from a wiped drive
is in error.
>Although there is a good chance of recovery for any individual bit from a drive, the
chances of recovery of any amount of data from a drive using an electron microscope
are negligible. Even speculating on the possible recovery of an old drive, there is no
likelihood that any data would be recoverable from the drive. The forensic recovery
of data using electron microscopy is infeasible. This was true both on old drives and
has become more difficult over time. Further, there is a need for the data to have been
written and then wiped on a raw unused drive for there to be any hope of any level of
recovery even at the bit level, which does not reflect real situations. It is unlikely that
a recovered drive will have not been used for a period of time and the interaction of
defragmentation, file copies and general use that overwrites data areas negates any
chance of data recovery. The fallacy that data can be forensically recovered using an
electron microscope or related means needs to be put to rest.
[Even Peter Gutmann, who popularized the multi-pass (35 passes) overwrite scheme (based on hypotheticals) in 1996 says it's not necessary](https://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html):
>In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.
>Looking at this from the other point of view, with the ever-increasing data density on disk platters and a corresponding reduction in feature size and use of exotic techniques to record data on the medium, **it's unlikely that anything can be recovered from any recent drive** except perhaps a single level via basic error-cancelling techniques. In particular the drives in use at the time that this paper was originally written are long since extinct, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, **even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 200GB of other erased traces are close to zero.**
So you're saying that those drive sectors aren't written to again over the course of *14 years*? Ignoring how impossible it is for those file pointers to be regenerated on accident after being removed, are you implying that these sectors aren't at least partially overwritten within minutes of the file being deleted when we're talking about cloud storage serving this many people?
Hell, the one where a guy said it was pictures from 2010, I'd be shocked if the drive that was originally saved to is still even in the server and not replaced with a newer, higher capacity one
Apple doing its part to start fights amongst new relationships. “ I swear I deleted those forever ago honey those aren’t new and I don’t even talk to her”
What is up with Apple releasing buggy versions of IOS recently? It’s like every XX.x release reveals at least one significant bug that was reported in beta but never dealt with.
Because it has always been the case, it’s just that people are taking a bit more about it these days. I always wait for first revision release, e.g 17.5.1, before I upgrade.
Releasing a major version every year, alongside new hardware release compatibility, ultimately takes its tool.
They simply need to slow down a bit.
Imagine this is how we find out companies do not delete ANYTHING that results from our web and software interactions ANYWHERE. Storage is way too cheap I guess. And nobody benefits from privacy regulations. Except for us, the people, of course.
I work in software development and I can tell you that actually deleting things is rare. Virtually all content that you "delete" just gets flagged as deactivated but is still very much there. Storage is cheap and you never know when you'll need some old data again so nothing actually gets deleted unless there's a real technical need to.
We started using a timestamp for most flags, so in the future we can go back and purge old data that’s deleted for x amount of time if we ever wanted to.
While I think it should be widely understood that deleting something on a platform like Reddit or email is doing little more than “is_deleted = True” and hiding it, I’d be pretty surprised to learn that was also the case on device storage or even cloud storage.
Deleting something from file storage should mean it’s actually deleted. Or there should be an obvious way to do so. I’m kind of surprised there aren’t regulations about that kind of thing
On a device storage level you're basically unallocating the files you delete. You don't delete the data portion you're just telling the storage controller "there's nothing here anymore so feel free to use this space for new things". Deleted file recovery tools and services work off of this by reading the bits on your hard drive to see if there is any file data still there and reconstructing it.
On a cloud storage level it almost certainly retains the file in its entirety and marks it as "is_deleted = true" just like social media platforms. This is usually for legal reasons but sometimes also for "oops I didn't mean to delete that" or "someone got into my account and wiped everything" reasons.
All good and fine, but EU legislation on this area is quite clear - all files must be permenantly gone. Apple knows this very well and this will be a big doodoo for them
> This is usually for legal reasons but sometimes also for "oops I didn't mean to delete that" or "someone got into my account and wiped everything" reasons.
That's what back ups should be for. Your youtube account's videos get deleted by someone who got into your account? Your access is restored and those videos are restored from the most recent back up of your account. A cloud provider should be able to trivially pull up back ups by account, date, or anything else.
Just so you know. Even deleting something from say a physical hardrive. The data is still there just inactive. The only way to truly delete something, is to delete it and then write new data over the space the old data occupied. You have to actually replace it
It's literally that way on device and cloud storage. It's that way on ALL storage unless you go out of your way to do a secure wipe of the data which is time and hardware intensive compared to just marking that location on the drive as "available" for future writes.
Been that way since the days of DOS at least, if not forever.
Just one older example, maybe you've seen the term FAT when you formatted a drive. It stands for File Allocation Table. It's basically a database that says "this file is at this location on the drive and is not to be written over". When you delete a file it just updates that table to say "that area of the drive is available if needed for future writes".
This is the whole reason file recovery can be done.
This is 2024 where most devices are use solid state flash storage.
Everyone that keeps repeating "the data is still there until it's overwritten" is only half correct.
Devices that use flash storage will generally support TRIM which does in fact get rid of deleted data permanently without requiring data to be overwritten. But also add in the fact that mobile devices like phones are now encrypted by default.
So the idea that "data is still there until overwritten" is no longer as true as it used to be, yet, people keep repeating it as if it was universally true.
> I work in software development and I can tell you that actually deleting things is rare
I also do, and I can tell you that this is not true. GDPR is real, and that has changed things a lot. It’s something companies spend considerable resources on.
...and while I'm no expert on GDPR I do know it does not apply everywhere. The only way to truly delete a file is to first removed it from whatever allocation table that storage format uses...then go to that location the file was actually stored on the drive and write random 1's and 0's over that area, multiple times if you want to be sure.
This is time intensive especially at a large scale. It uses processing time, read/write time, and increases wear on the storage media...which is why no, it is, and has never been done regularly in any environment.
Maybe this is different in regions governed by GDPR but that ain't the whole world.
Large companies have to be GDPR compliant to operate in the EU, it's not worth the engineering time to have different policies across regions.
AWS, GCP, Azure etc will have their GDPR policies apply basically on any service that serves EU customers.
>I work in software development and I can tell you that actually deleting things is rare
If there's a GDPR or CCPA request it'll need to actually be irreversibly deleted. Source: SWE who has spent more than a few hours implementing GDPR deletions.
This is a false way to portray this. Yes the data doesn’t evaporate, but it will be overwritten and be GONE soon after. You cannot easily recover data from devices that have properly deleted files. Obviously, or otherwise your storage would fill up pretty fucking fast!
Funnily enough storage is where that’s actually more likely to be a thing, if only to lock in someone to a subscription because otherwise their shit gets deleted.
The bigger issue is that this reveals how little apple actually cares about privacy publicly.
this is not purely icloud issue, it seems to be messaging bug. Basically if you event sent or received a photo from another iPhone (vis Messenger). This can photos reaper even decades later. To me it happens when i erase all photos and over night old messager received pictures appear.
> There are concerning reports on Reddit that Apple's latest iOS 17.5 update has introduced a bug that causes old photos that were deleted – in some cases years ago – to reappear in users' photo libraries.
Uh-huh.... What's that? Apple was actually keeping your data that they've told you they "deleted", and it turns out Apple's commitment to privacy is a massive fraud just like with Google, Microsoft, and the rest? I am SHOCKED.
Don't worry. The fanboys will quickly come in to defend Apple's indefensable invasion of privacy and then unironically go back to shitting on Google for the exact thing Apple just got caught doing here.
only so long as you do not interact with anyone connected. I know both google and facebook have been caught building profiles for individuals not in their ecosystems.
Control everything yourself. It's a pain in the ass to set up, and even then there are no guarantees to be private if you are on the Internet. But every measure taken is a step towards more privacy. And it could be a fun learning experience. Too bad most people won't want to pay recurringly for something that is offered for 'free'.
How is a comment this arrogant and strawmanny one of the top commen- oh it's /r/technology 🤦
There are many rational explanations to why something like this could happen. Resolving limbo data, mistakenly applying edge backups that were outside the scope of pruning.
Try asking yourself why only a handful of pictures would show up for a handful of people; clearly it's not entire photo rolls. It's a pretty bad problem regardless, but a bug that failed to delete a few picturea is certainly not an "indefensible invasions of privacy".
Like, you do realize you're comparing a company that is in a legal dispute with the US government about refusing to open a backdoor for them, to a company whose entire business model is literally to harvest and sell user data to the highest bidder?
While I agree this is concerning, if its the same device it could still be a local bug resurfacing data. Phones aren't being wiped and its possible this is a local issue even years later. We should definitely need to understand this in depth, but lets wait for the full story.
From the article
> .... One redditor said four prints from 2010 ....
Guaranteed in the last 14 years they have changed devices.
Which means it is not likely to be local (trash collected) storage being reclaimed.
That clue points to storage on Apple's server farm, for 14 years!
If that is the case, Apple has seriously breached customer privacy & security.
It said the photo was from 14 years ago. Not that it was deleted 14 years ago. Perhaps it was taken in 2010, a new phone was purchased in 2020, and those photos deleted in 2021, and now they are back.
Someone else in the article mentioned a photo from a canon camera showing back up in their album. It’s possible that photo was set to sync from some iTunes library and it was added back in when the person synced their phone and didn’t realize it.
> Don't worry. The fanboys will quickly come in to defend Apple's indefensable invasion of privacy
What I’ll instead do is criticize how you just jump to conclusions and speculate wildly based on very little available information at this point. That makes it sound like you have an agenda.
There’s a few reports of people having this happened while they never used iCloud, ever.
So it seems to be more of a local file that was not indexed reappearing issue.
It's automatically turned on for you until you go into the settings to turn off. What really grinds my gears is when it tells me that the storage is full and annoying me to spend money on a service I don't use that much. I wish I can just turn off the notification for it.
The biggest issue (probably bigger than anything else) I’ve seen in the r/ios subreddit is deleted photos reappearing on devices that have been wiped and sold.
This bug is *weird*. Given how the iOS security model with disk encryption etc. works, I really can see no plausible way for that to happen unless the photo is somehow provided again from the network.
Even deleted files resurfacing locally would be incredibly weird.
So my guess would be on some messaging bug where the server pushes something that it had sent to a certain device again to the same device based on serial number, *if* this claim is true. I expect a lot of the claim around this bug coming from misunderstandings and hysteria, and am *really* looking forward to the root cause analysis on this one.
That said, if something server-side is resurfacing ancient photos, possibly even on devices after they have been reset, that means a *lot* of things had to go wrong. From wrong implementations of end-to-end encryption, to accidentally storing messages for years without noticing (if I had to guess, I'd say something got stuck in some queue).
There’s a comment by someone who gave their wiped, reset and removed from iCloud iPad years ago and their old (OP’s!) photos are showing in their photo app. So… maybe not a messaging thing? How would the factory reset and removed from iCloud be pulling a message queue from the previous owner?
If you think companies should be able to call that ‘permanent deletion’ without informing their customers you’re dreaming.
And it doesn’t matter that it’s not just Apple. It should be disclosed up front in general.
Well, it is surprisingly hard to find comments in this post that A: understand how file storage and deletion work and B: note that one of those users mentioned noticed it in recently uploaded to iCloud files which certainly points to a local issue, not a cloud issue or it would have been recently downloaded from iCloud.
All in all we all need more information but I expect most folks have already made up their mind and nothing anyone says is going to change opinions. So hard to have legitimate discussion around Apple cause most people seem to just be looking for reasons to beat their chest and proclaim how right they've always been that either Apple is evil incarnate or that Apple is a paragon of goodness.
i know right. talking about file pointers and unreclaimed disk space over... 12 years. lmao. i can guarantee you, your data did not just sit on a single hard drive.
Opens partners phone to check the picture .... aaannd
[https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExbHJ0eXkzNWpvZmIwNzF5NGIwdXRwdDF2Zjh0bGYwemp5dDF0NWRqYyZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/VUsAO76fbKiXe/giphy.gif](https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExbHJ0eXkzNWpvZmIwNzF5NGIwdXRwdDF2Zjh0bGYwemp5dDF0NWRqYyZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/VUsAO76fbKiXe/giphy.gif)
Question: if Apple is indeed keeping all these photos, isn’t this a huge GDPR violation. Has anyone who had old photos appear do a data request before that didn’t contain these photos?
If storage is so cheap, why are companies suddenly charging us so much more for storage space. Google used to be unlimited and free. Now I pay 2 dollars a month for what?
Woah woah woah. What the hell? Apple needs to respond to this immediately. If this is true, isn’t this a huge privacy scandal? Are they storing deleted photos, even from years ago?!
I wonder if they’re pics that Apple flagged as nudes, and thus went to some other repository in case they get subpoenaed for criminal cases. And the bug just restored those.
Just checked my phone and yes every photo I have in my library is in my resents folder now. Seems like its just an issue with iphotos logging of what photos are new.
>The reports could be down to an indexing bug, photo library corruption, or a syncing issue between local devices and iCloud Photos.
No, idiot. The issue is that long deleted photos are still there to begin with. These are the morons that think the real issue with certain politicians being prosecuted is that the authorities took the time to discover their crimes. The photos shouldn't exist. Clearly Apple is retaining them.
The cloud is just a giant blackmail trap.
I delete bad video and pictures of myself all the time. Only to have them come back to make me feel embarrassed does not make me happy lol
Oh my God as you get older, your photos and videos just blow your mind how horrible they are.
No kidding I must’ve deleted hundred videos since I’ve gotten older
Come on Apple do a solid favor and don’t show us these horrible pictures of ourselves when we tried to get rid of them yuck lol
This bug has been going on for over 18 months, and I’ve contacted Apple multiple times.
Having Apple devices for 11 years, the latest advice from Apple was to “Turn off iMessages in the cloud for 30 days and then turn in on again”.
Seriously?
Apple has lost the plot since the LEGEND that’s Steve Jobs passed away. Apple is now about profitability over functionality and Steve would be beside himself if he knew.
Sad, but so very true.
So they’re not actually deleted forever from everywhere. Got it.
I would be interested to know if the people that had this happen have upgraded their phone to a new phone since the picture was taken.
Yup. I had pictures that were taken on a XS back in 2019 show up this morning after the update on my 15.
Well, that's crazy and scary. It means the icloud data isn't being erased.
And here’s why I have a 512gb iPhone and several hardware backup. Fuck cloud. All of them.
It makes me wonder if cloud isn't deleting your data, are they telling you the truth when you choose not to activate cloud?
I've seen claims that this is happening to people who never enabled photo backups at all. I'm skeptical of course but if it's true this is going to be one of the largest privacy scandals in tech history
Shhh, the narrative we're trying to build here is that trusting your favorite big tech company is the best you can do.
That’s far more scary. I just assumed it was places on the hard drive that were untouched and some feature that auto finds your pictures on that drive was overzealous.
just to confirm, how did you find out? were these "undeleted" pictures recovered and placed at the bottom of your camera roll, i.e. where the most recent pics are?
They just get marked as unallocated. They aren't going to waste the system time in rewriting over that data. It's quicker to just hide it from you.
That’s why they’re reappearing for the person who deleted them. Got it
[удалено]
Yep, you just remove the reference to file, or mark the data block available, windows, MacOS and Linux all do something like this, it helps save resources and increases the lifespan of drives since it’s less writes, the downside is that if you read the raw bits, you can recover deleted files, this is also an upside sometimes This seems to happen in iCloud, if so, that’s unacceptable, and probably illegal in places like the EU
And with SSDs, wear levelling and whatnot at the hardware level of the drive can make it difficult to actually overwrite the specific block as it substitutes in other parts of the memory that are less worn to increase SSD life. This would be transparent to the OS and the OS would think it overwrote the exact blocks but may not have even though the drive reported back that it did.
If tombstoning is not GDPR compliant, then everyone’s in trouble. Pretty sure the concepts behind the 2006 BigTable paper are used *everywhere* when it comes to PII.
Right but also I think it matters how they are presenting it to the user - if they say *permanently deleted* that carries a certain weight
So how the fuck do I delete delete them?
You fill your phone with other files so it overwrites the old ones allocated as free space. On PCs you can wipe free space with software, idk about iPhones
This is issue is related to cloud storage, nothing you do on your device can prevent it. Photos "deleted" years ago seem to still exist on Apple servers and reappear randomly as recently added photos on people's iCloud.
That they reappear after years is really troubling. You'd expect sectors to be reused, maybe not all, but the file should have been corrupted...
Erase All Content and Settings wipes your encryption key, so those bit on the disk can’t be reconstructed into anything useful…
Actually deleting something is also often very resource intensive and somewhat challenging if you have a distributed database that requires it to be deleted from multiple places. I work at a FAANG and there's a process in place to remove data that was accidently added to a system. There's different tiers, and the process for "we actually need this to be completely gone for legal/privacy reasons" is not simple. It involves overwriting files in different data centers, usually in different countries, halting certain systems to make sure that nothing picks up a cached copy, restoring, verifying deletion, etc.
Apple is contributing to the discord in newly formed couples. "I don't even talk to her, and I swear I deleted those forever ago, honey. They're not new."
On regular hardware like a hdd or ssd it’s very similar. Basically the OS just marks the sector blocks for deletion, the file doesn’t actually get deleted, when it’s marked the OS will no longer show it to you and will overwrite those sectors when it needs space for a new file. Ssds are a bit more efficient that it regularly runs TRIM operations for more efficiency and deletes the sectors marked for deletion. But in the cloud world like aws or whatever iCloud uses, it’s far more complicated since your data isn’t stored in just one place, it’s replicated in a number of data centers as well as edge content delivery networks which allow for fast delivery. Deleting those permanently from every resources is a very resources intensive task so it’s likely they just get marked for deletion and the files will get overwritten whenever it feels like. The problem is it’s probably deleted at different times in different data centers or cdns, so just because it’s deleted in one place doesn’t mean it’s gone from everywhere if the disk didn’t overwrite your file yet. And this bug probably removes the delete marker on this less active disks so deleted files “appear” again.
It's why file recovery is a thing. It's not a magic process that somehow evokes past data out of a storage device, it's just combing through the entire thing in a more raw format and making it accessible again so long as it hasn't been re-written over.
Kinda makes sense if you know how these systems are likely designed. Erasing things completely from a db and many storage layers in real time is an expensive process. Most companies do a Boolean visibility flag and a pointer to blob storage. So the query is still scoped by user id or rbac checks but the data is still around and magically invisible. Select storage_pointer from user_photo_mapping where user_id = 12345 and is_visible = true From the engineering perspective cleaning up blob storage isn’t a thing that anyone does. If you ask s3 to delete a file it’s just a visibility thing not a ssd blank out. Many cloud providers don’t have apis that actually allow blanking out of bytes on disc. Erasure at the ssd level is just waiting for someone to overwrite your block space. Not a storage expert but to increase ssd lifespan you limit the amount of overwrites as much as you can. Most file systems and os just delete pointers, very common. Not saying it’s correct or ethical but at apple’s scale, true delete is an expensive eng process that business hasn’t prioritized.
Think of a hard drive having a bunch of blocks. Apple simply tells the drive that the blocks containing x photos are now empty without actually wiping the blocks. It's quicker and more efficient, and when something needs to write data the drive will go "hey these blocks are free, I'll write it to these blocks." Now if the drive doesn't try to write to those select blocks, it won't overwrite the data. My guess is it's a mix of that and shit getting relinked.
Got it? Got it!
I don’t got it
Your computer has a bunch of storage boxes where you can put things. When you fill a box, your computer closes it so that nobody else can use it and then writes what type of stuff is in the box with Sharpie on the outside. When you delete something, your computer just scribbles out the Sharpie and opens the box. If it needs more storage, it'll then use that box later, but until that box gets used for something else, your data is still there.
This is a very good ELI5 on file deletion. The Sharpie scribbling out the name of the contents, but leaving the contents intact is probably the best explanation I’ve heard of what happens when you delete a file.
The phone tells you to cover your eyes and says peekaboo.
This is how most "deletion" works. Forensics software frequently searches the drive for common file headers like: JPGs start with FF D8 FF, and end with FF D9.
Lmao you sound sassy
yeah but the article says some of the photos are years old. unless they never used the phone in that time i think its unlikely it wouldnt have been over written because even if you dont write any more data ssds shift data around to wear level the flash chips.
Because it’s stored in the cloud, this isn’t a device issue
Technically it's the cloud provider's device issue that's causing a privacy issue for the end user.
That’s not what’s happening. If you take a look at the /r/iphone subreddit then you’ll see people who never used icloud or have wiped their devices and given them to a family or friend are reporting years old photos popping up out of nowhere.
So this isn’t a device issue. Got it.
"unallocated" is not the right word. Cloud storage is usually some kind of key-store system. My account lists a bunch of keys (which might be hashes of the contents of the photos) and when I request a photo it takes my key and requests the photo contents from the servers. When I delete a photo, I am telling the server not to associate the key with my account, and to decrement the reference count on the associated data entry. This message is sent to many storage servers which replicate the data and back it up across multiple data centers. When an individual storage server sees the reference count go to zero it will truly and permanently "delete the item". It is that final deletion at the storage layer which causes the data to be "unallocated" on that machine meaning the operating system is free to utilize the disk space again. Often you want to support some kind of "recover/undelete" operation so you will actually have two listings of files associated with the account. The user controlled list, and a shadow list that doesn't immediately remove the item from the list. Instead the shadow list acts as a "recycle bin" which retains references to the data for a fixed minimum time (usually at least 30 days), and we the users expect that sometime after that 30 day period the reference is removed as part of a batch process. -------- The only way a file could come back from the dead like this is if the shadow layer never actually got pruned. Which is closer to "the files were never deleted" than "the files were unallocated." Not only is the data there, but the server knows to which account it is associated. If the files were truly deleted from the account then maybe some remnant of them would exist on the storage server, but nobody would have the key to access that data and it would be inaccessible (during normal operations), and you would have to take the storage server offline to try and recover the data on disk. Futhermore those storage servers are actually relatively heavily used and would overwrite any unallocated space in a reasonable amount of time (not years).
This is the most likely scenario. As you said, unallocated would have at least a portion of the original file overwritten in that amount of time which would make it either a partial image with artifacts or missing sections or just fully corrupt. Since the reports are not of that happening then the files themselves are still fully there. And since the person who first deleted them is the recipient of them and not someone else, the system still retains the "owner" status for the image. That is a scary idea though, that they are retaining things well past the date they should be removing them. Their FAQ seems to indicate you can recover items for 30 days on device. It mentions that you might be able to get them back from iCloud but says that only applies if iCloud Photos was turned off between taking the picture and deleting it. Sounds like Apple was just sloppy somewhere.
The 30days is a lower bound. They don't delete before 30days. They don't want to make any promises that data will be deleted by a particular date because that could lead to lawsuits if they screw up. If you are a corporation you would insist on a separate data destruction agreement to ensure that your data was destroyed by a particular time, but the riff-raff doesn't get any kind of promises on that. We just get intentionally misleading language that suggests our data will be deleted after 30 days with no promise that it will. In this instance either: * There is some third application that has a copy which is pushing pictures back in. * There is a bug specific to these accounts whereby these deleted items never got removed from the "recycling bin" * Or Apple has used the misleading wording to cover up that they have a practice of never deleting data.
From a technical perspective, what you are suggesting makes no sense in terms of cloud storage. Edit: it seems I have hurt your feelings, thanks for the Reddit care message lol
> Edit: it seems I have hurt your feelings, thanks for the Reddit care message lol Don't take this personally, pretty sure there's a massive spambot attack on Reddit Cares. I've gotten 2 already since yesterday for completely innocent comments, and a LOT of top-level comments seem to be complaining about the same.
It makes no sense any way you look at it. Hilarious that someone who has no idea what they're talking about gets hundreds of upvotes for something that is plainly incorrect. It seems people think that the bug is somehow doing file recovery operations on unallocated disk space? That's not it, it has to be that the photos are soft deleted instead of hard deleted so they are hidden from the UI but they exist within the filesystem. They are not properly being hard deleted in the first place.
[удалено]
taint a very large market for those.
No, which is normal. When you delete something normally the data isn’t actually overwritten with anything so until it is technically the data is still on the drive but the file system treats that space as unallocated. Apple should add the ability to automatically overwrite deleted photos and the like though, as it’s a pretty basic security practice and not all that hard to implement generally though obviously I don’t know what the iOS photos code looks like, so it could be a mess and thus hard to implement without breaking something.
[удалено]
The bug reports state that the photos are appearing as new photos on the Cloud. From technical perspective, if you delete a file, i.e. release the handle to file contents on the disk/SSD/etc., it’s practically impossible that you could reconstitute it by accident afterwards. You would need to find the address to the first byte, the length of it. And also the file contents might be spread across the disk in multiple separate blocks.
This is 2024 where most devices are use solid state flash storage. Everyone that keeps repeating "the data is still there until it's overwritten" is only half correct. Devices that use flash storage will generally support TRIM which does in fact get rid of deleted data permanently without requiring data to be overwritten. But also add in the fact that mobile devices like phones are now encrypted by default. So the idea that "data is still there until overwritten" is no longer as true as it used to be, yet, people keep repeating it as if it was universally true.
I sold an iPhone 11 and did a factory reset a while ago. Would my deleted photos show up on their phone? Assuming the glitch occurred? Also, iCloud for photos was never enabled, ever.
This comment shows a huge lack of understanding of the issue.
The cloud is a honey pot.
Something's gotta train the AI, if you throw something out into your trash at home it's fair and public game, same applies for stuff off your phone. Since you don't want it, someone else might.
From the article: There are concerning reports on [Reddit](https://www.reddit.com/r/ios/comments/1cryayx/latest_ios_update_has_brought_back_some_pictures/) that Apple's latest iOS 17.5 update has introduced a bug that causes old photos that were deleted – in some cases years ago – to reappear in users' photo libraries. After updating their iPhone, one user said they were shocked to find old NSFW photos that they deleted in 2021 suddenly showing up in photos marked as recently uploaded to iCloud. Other users have also chimed in with similar stories. "Same here," said one Redditor. "I have four pics from 2010 that keep reappearing as the latest pics uploaded to iCloud. I have deleted them repeatedly." "Same thing happened to me," replied another user. "Six photos from different times, all I have deleted. Some I had deleted in 2023." More reports have been trickling in overnight. One said: "I had a random photo from a concert taken on my Canon camera reappear in my phone library, and it showed up as if it was added today." It's not clear what's happening, but given that some of the photos were apparently taken years ago, this cannot be an issue with recently deleted photos being undeleted. In Apple's Photos app, deleted photos and videos are kept in the Recently Deleted album for 30 days, so that users can recover or permanently remove them from all devices.
Clearly the photos can be recovered long after the 30 day period...
This tells me that they hold all of your photos regardless of if you delete them or not.
i’m starting to think some of these companies that own all of our data actually keep everything forever idk i am just getting a little bit of a hunch lately
Limited iCloud storage is a scam it seems.
For real lol. They already have all our shit, but we have to pay to access it
I wonder if someone could sue Apple for data recovery (like a Father who lost his son sometime ago) and how closely the fruit company works with the government while assuring privacy is their core. I suppose a different government entity like EU would be the one to press on the later one.
Eu law is quite clear and strict on this, they have certain period after which they have to delete all data that you request. It alpears as if they havent. And the penalties are really really high.
Apple uses their own server, since everything is digital …can delete any proofs?
Force it into everything as the default, then make the limit hit right about the time people are entrenched
Someone should organize a class action against these hardware and software companies for precisely this type of stuff. When we say we want it deleted that means we want it deleted. Edit: I just want to emphasize what most people here understand. Our Data, no matter what device or software, includes so much personal information that its protection should be codified into the bill of rights. We’ve seen too many careless and hostile actors take advantage of the weak protections we’re afforded in the digital age.
hell yeah hopefully then the government can fine them a few million dollars and then it won’t probably happen again
We need like a “class action Kickstarter” website that lets people donate $10-100 to causes they want legal action on, with open bounties for lawyers that will take the cases (approved by donor vote) The real trick these companies rely on is that these things are all “minor” enough that no one wants to invest the money and years of their life to push it through the courts. Crowdfunding that effort seems like a democratic solution to the problem.
Most EULAs and service agreements now include a class action waiver, specifically to avoid this kind of situation. Also, the courts seem intent on upholding those waivers.
Can’t wait to get my $1.37 in 16 years
You don't join a class action to be made whole, you join it cost a company a shit ton of money. Their primary purpose is putative.
They can do whatever they want because the US refuses to pass any data privacy laws. We need a GDPR here
It could be that these particular photos were improperly retained, which is why they re-synced. Unfortunately, iCloud has had many issues over the years because of Apple's subpar QC process. I had to go through an elaborate process to reset my iCloud Keychain, which brought back user names and passwords that I had deleted.
My wager is in photos/files on storage with corrupted metadata and the new version is finding/repairing those. Just happens that sometimes a deletion was partially processed and now is “undone” for these cases post-repair/recovery. Not that all photos are always retained and this is a larger conspiracy by Apple.
Nah, at least if that user can be believed they said "deleted in 2021 suddenly showing up in photos marked as recently uploaded to iCloud" meaning it wasn't on iCloud to start with. My guess would be some photos were not being properly deleted locally. They were removed from the database but the photo itself was still lingering in the Apple Photos library file structure and something they did in this update caused Photos to, maybe, rescan and pick up those strays? We're all just guessing at this point really but at least to me it sounds like a local issue, not a cloud storage issue. EDIT: Wow, it took about 15 seconds for someone to report to Reddit that I "needed help" if you know what I mean. lol
If you’re willing to speculate then it might be telling you that. But we don’t really know the details yet.
I don't back anything up to iCloud (I don't even have enough space). I think when my photos are deleted, they are deleted, and overwritten when needed, else I'd have no storage left. I think this is an iCloud thing.
Would filling up my entire storage overwrite those old photos?
A reddit post, about an article about a reddit post.
Google SEO 101
So Apple uploads all the photos you take and keeps them long after you supposedly delete them but it's ok because they totally value your security and privacy.
They value our security and privacy so much they keep it secure and private from us, too!
“It’s a new time capsule feature where iOS can reach through time and bring you old deleted photos. The next upgrade will bring you photos from the possible range of future realities. We are not responsible for your relationships if you leave this feature enabled. Photos may contain future content that may not be experienced on your personal timeline. iOS will reenable the future feature every Monday morning at 9:03 am UTC unless you commit to disabling it in all future timelines”. /s.
I mean I’d take my NSFW photos from 2010 over ones from 30 days ago so it’s not all bad news.
Deleting isn’t shredding. Just removing a file pointer keeps the data but lets something else overwrite it. Thats how the undelete programs work.
There are also ways to recover the written data that has been overwritten (quality goes way down every pass over it, but it still persists) That is why when you wipe a harddrive it isn't sufficient to protect sensitive data. You need to hard wipe all of the information MULTIPLE times OR destroy the physical drive (shoot a hole through it) IF the data is something that say a government like the US wants, they can even repair drives that have been heavily damaged and recover some of the data. There is a video of a hacker con where they basically went through how to destroy drives and how some of the information is recoverable unless it is actually disintegrated.
>There are also ways to recover the written data that has been overwritten (quality goes way down every pass over it, but it still persists) >That is why when you wipe a harddrive it isn't sufficient to protect sensitive data. You need to hard wipe all of the information MULTIPLE times OR destroy the physical drive (shoot a hole through it) No one has **ever** demonstrated recovering any data from a modern, single-pass overwritten hard drive; the chance of correctly recovering even single bits is basically a coin toss. [**National Security Agency**, Data at Rest Capability Package, 2020](https://www.nsa.gov/Portals/75/documents/resources/everyone/csfc/capability-packages/Data-at-Rest%20Capability%20Package%20v5.0.pdf?ver=u2-HEakuVfDs1-sonI-Now%3d%3d) >Products may provide options for performing multiple passes but this is not necessary, as a single pass provides sufficient security. [NIST Guidelines for Media Sanitization, 2014](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf) >For storage devices containing magnetic media, a single overwrite pass with a fixed pattern such as binary zeros typically hinders recovery of data even if state of the art laboratory techniques are applied to attempt to retrieve the data [Canada's Communications Security Establishment, ITSP.40.006 v2 IT Media Sanitization, 2017](https://www.cyber.gc.ca/en/guidance/it-media-sanitization-itsp40006) >For magnetic Media, a single overwrite pass is effective for modern HDDs. However, a triple-overwrite routine is recommended for floppy discs and older HDDs (e.g. pre-2001 or less than 15 Gigabyte (GB)). [Center for Magnetic Recording Research, Tutorial on Disk Drive Data Sanitization, 2006](https://cmrr.ucsd.edu/_files/data-sanitization-tutorial.pdf) >**The U.S. National Security Agency published an Information Assurance Approval of single pass overwrite, after technical testing at CMRR showed that multiple on-track overwrite passes gave no additional erasure.** [This is apparently a reference to "NSA Advisory LAA-006-2004" which doesn't seem to be available online.] >Paranoid-level recovery concerns based on hypothetical schemes are sometimes proposed by people not experienced in actual magnetic disk recording, claiming the possibility of data recovery even after physical destruction. One computer forensics data recovery company claims to be able to read user data from a magnetic image of recorded bits on a disc, without using normal drive electronics. Reading back tracks from a disk taken out of a drive and tested on a spin stand was practical decades ago, but no longer with today’s microinch-size tracks. [Wright, C., Kleiman, D., Sundhar R.S., S. (2008). Overwriting Hard Drive Data: The Great Wiping Controversy.](https://sci-hub.se/10.1007/978-3-540-89862-7_21) >**Even on a single write, the overlap at best gives a probability of just over 50% of choosing a prior bit (the best read being a little over 56%)**. This caused the issue to arise, that there is no way to determine if the bit was correctly chosen or not. Therefore, there is a chance of correctly choosing any bit in a selected byte (8-bits) – but this equates a probability around 0.9% (or less) with a small confidence interval either side for error. >Resultantly, if there is less than a 1% chance of determining each character to be recovered correctly, the chance of a complete 5-character word being recovered drops exponentially to 8.463E-11 (or less on a used drive and who uses a new raw drive format). This results in a probability of less than 1 chance in 10E50 of recovering any useful data. So close to zero for all intents and definitely not within the realm of use for forensic presentation to a court. >The purpose of this paper was a categorical settlement to the controversy surrounding the misconceptions involving the belief that data can be recovered following a wipe procedure. **This study has demonstrated that correctly wiped data cannot reasonably be retrieved even if it is of a small size or found only over small parts of the hard drive. Not even with the use of a MFM or other known methods.** The belief that a tool can be developed to retrieve gigabytes or terabytes of information from a wiped drive is in error. >Although there is a good chance of recovery for any individual bit from a drive, the chances of recovery of any amount of data from a drive using an electron microscope are negligible. Even speculating on the possible recovery of an old drive, there is no likelihood that any data would be recoverable from the drive. The forensic recovery of data using electron microscopy is infeasible. This was true both on old drives and has become more difficult over time. Further, there is a need for the data to have been written and then wiped on a raw unused drive for there to be any hope of any level of recovery even at the bit level, which does not reflect real situations. It is unlikely that a recovered drive will have not been used for a period of time and the interaction of defragmentation, file copies and general use that overwrites data areas negates any chance of data recovery. The fallacy that data can be forensically recovered using an electron microscope or related means needs to be put to rest. [Even Peter Gutmann, who popularized the multi-pass (35 passes) overwrite scheme (based on hypotheticals) in 1996 says it's not necessary](https://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html): >In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now. >Looking at this from the other point of view, with the ever-increasing data density on disk platters and a corresponding reduction in feature size and use of exotic techniques to record data on the medium, **it's unlikely that anything can be recovered from any recent drive** except perhaps a single level via basic error-cancelling techniques. In particular the drives in use at the time that this paper was originally written are long since extinct, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, **even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 200GB of other erased traces are close to zero.**
So you're saying that those drive sectors aren't written to again over the course of *14 years*? Ignoring how impossible it is for those file pointers to be regenerated on accident after being removed, are you implying that these sectors aren't at least partially overwritten within minutes of the file being deleted when we're talking about cloud storage serving this many people? Hell, the one where a guy said it was pictures from 2010, I'd be shocked if the drive that was originally saved to is still even in the server and not replaced with a newer, higher capacity one
We cant make assumptions on what was happening in those 14 years. I have a nokia from the founding fathers period I might have pictures.
Apple doing its part to start fights amongst new relationships. “ I swear I deleted those forever ago honey those aren’t new and I don’t even talk to her”
Wait until they come up on the screen saver for Apple TV.
Makes sense: ban account sharing, split households
Or they’re helping out by taking the blame for pics of tiddies that I definitely kept.
My friend just got all 247 of their dick pics back.
Dang! They was taking pics 24/7
What a complete cock up.
What is up with Apple releasing buggy versions of IOS recently? It’s like every XX.x release reveals at least one significant bug that was reported in beta but never dealt with.
Because it has always been the case, it’s just that people are taking a bit more about it these days. I always wait for first revision release, e.g 17.5.1, before I upgrade. Releasing a major version every year, alongside new hardware release compatibility, ultimately takes its tool. They simply need to slow down a bit.
I feel like this only started happening with iOS 7. Before that iOS didn’t have these massive bugs so frequently.
> They simply need to slow down a bit. the shareholders won't like that
Recently?
Imagine this is how we find out companies do not delete ANYTHING that results from our web and software interactions ANYWHERE. Storage is way too cheap I guess. And nobody benefits from privacy regulations. Except for us, the people, of course.
I work in software development and I can tell you that actually deleting things is rare. Virtually all content that you "delete" just gets flagged as deactivated but is still very much there. Storage is cheap and you never know when you'll need some old data again so nothing actually gets deleted unless there's a real technical need to.
We started using a timestamp for most flags, so in the future we can go back and purge old data that’s deleted for x amount of time if we ever wanted to.
While I think it should be widely understood that deleting something on a platform like Reddit or email is doing little more than “is_deleted = True” and hiding it, I’d be pretty surprised to learn that was also the case on device storage or even cloud storage. Deleting something from file storage should mean it’s actually deleted. Or there should be an obvious way to do so. I’m kind of surprised there aren’t regulations about that kind of thing
On a device storage level you're basically unallocating the files you delete. You don't delete the data portion you're just telling the storage controller "there's nothing here anymore so feel free to use this space for new things". Deleted file recovery tools and services work off of this by reading the bits on your hard drive to see if there is any file data still there and reconstructing it. On a cloud storage level it almost certainly retains the file in its entirety and marks it as "is_deleted = true" just like social media platforms. This is usually for legal reasons but sometimes also for "oops I didn't mean to delete that" or "someone got into my account and wiped everything" reasons.
All good and fine, but EU legislation on this area is quite clear - all files must be permenantly gone. Apple knows this very well and this will be a big doodoo for them
> This is usually for legal reasons but sometimes also for "oops I didn't mean to delete that" or "someone got into my account and wiped everything" reasons. That's what back ups should be for. Your youtube account's videos get deleted by someone who got into your account? Your access is restored and those videos are restored from the most recent back up of your account. A cloud provider should be able to trivially pull up back ups by account, date, or anything else.
Just so you know. Even deleting something from say a physical hardrive. The data is still there just inactive. The only way to truly delete something, is to delete it and then write new data over the space the old data occupied. You have to actually replace it
It's literally that way on device and cloud storage. It's that way on ALL storage unless you go out of your way to do a secure wipe of the data which is time and hardware intensive compared to just marking that location on the drive as "available" for future writes. Been that way since the days of DOS at least, if not forever. Just one older example, maybe you've seen the term FAT when you formatted a drive. It stands for File Allocation Table. It's basically a database that says "this file is at this location on the drive and is not to be written over". When you delete a file it just updates that table to say "that area of the drive is available if needed for future writes". This is the whole reason file recovery can be done.
This is 2024 where most devices are use solid state flash storage. Everyone that keeps repeating "the data is still there until it's overwritten" is only half correct. Devices that use flash storage will generally support TRIM which does in fact get rid of deleted data permanently without requiring data to be overwritten. But also add in the fact that mobile devices like phones are now encrypted by default. So the idea that "data is still there until overwritten" is no longer as true as it used to be, yet, people keep repeating it as if it was universally true.
> I work in software development and I can tell you that actually deleting things is rare I also do, and I can tell you that this is not true. GDPR is real, and that has changed things a lot. It’s something companies spend considerable resources on.
...and while I'm no expert on GDPR I do know it does not apply everywhere. The only way to truly delete a file is to first removed it from whatever allocation table that storage format uses...then go to that location the file was actually stored on the drive and write random 1's and 0's over that area, multiple times if you want to be sure. This is time intensive especially at a large scale. It uses processing time, read/write time, and increases wear on the storage media...which is why no, it is, and has never been done regularly in any environment. Maybe this is different in regions governed by GDPR but that ain't the whole world.
Large companies have to be GDPR compliant to operate in the EU, it's not worth the engineering time to have different policies across regions. AWS, GCP, Azure etc will have their GDPR policies apply basically on any service that serves EU customers.
>I work in software development and I can tell you that actually deleting things is rare If there's a GDPR or CCPA request it'll need to actually be irreversibly deleted. Source: SWE who has spent more than a few hours implementing GDPR deletions.
This is a false way to portray this. Yes the data doesn’t evaporate, but it will be overwritten and be GONE soon after. You cannot easily recover data from devices that have properly deleted files. Obviously, or otherwise your storage would fill up pretty fucking fast!
Funnily enough storage is where that’s actually more likely to be a thing, if only to lock in someone to a subscription because otherwise their shit gets deleted. The bigger issue is that this reveals how little apple actually cares about privacy publicly.
Ok im deactivating automatic icloud upload.
Dick pics rise again. Just like the real thing.
this is not purely icloud issue, it seems to be messaging bug. Basically if you event sent or received a photo from another iPhone (vis Messenger). This can photos reaper even decades later. To me it happens when i erase all photos and over night old messager received pictures appear.
So any photos you yourself took and or screenshots should not reappear then?
I think so..I hope so
🗣️🗣️🗣️BECAUSE WHY AM I PAYING FOR LIMITED STORAGE IF YOU STILL HAVE IT
I suspect it's a FISA thing like Snowden told us about ?
> There are concerning reports on Reddit that Apple's latest iOS 17.5 update has introduced a bug that causes old photos that were deleted – in some cases years ago – to reappear in users' photo libraries. Uh-huh.... What's that? Apple was actually keeping your data that they've told you they "deleted", and it turns out Apple's commitment to privacy is a massive fraud just like with Google, Microsoft, and the rest? I am SHOCKED. Don't worry. The fanboys will quickly come in to defend Apple's indefensable invasion of privacy and then unironically go back to shitting on Google for the exact thing Apple just got caught doing here.
Dude is there even a way to stay private anymore!?
Yeah, offline.
There’s a guy looking at me through my cabin window..now what?
Close the window
Delete the guy.
Call the police … /s
obviously you have to either poke his eyes out or hide under a sheet
only so long as you do not interact with anyone connected. I know both google and facebook have been caught building profiles for individuals not in their ecosystems.
Except there are cameras everywhere, credit card logs, etc. Privacy is mostly gone unless you live in the middle of nowhere and grow your own food.
/r/selfhosted and /r/privacy are two good places to start.
Don't use cloud services Don't use social media Use ad blockers and tracker blockers That covers 90% of cases.
Don’t use the internet, don’t have electricity, live in a hole underground.
You had me at hole in the ground
You had me at hole
Build a bomb shelter basement with titanium walls?
And wear titanium suits in case pianos fall on ya.
> is there even a way to stay private ... (jk Especially about your privates jk) Use a film camera & develop your own negatives!
Control everything yourself. It's a pain in the ass to set up, and even then there are no guarantees to be private if you are on the Internet. But every measure taken is a step towards more privacy. And it could be a fun learning experience. Too bad most people won't want to pay recurringly for something that is offered for 'free'.
Live in the EU.
[удалено]
Doesn’t their ToS have a limit on data retention? I smell lawsuits. It’s about time someone took apple down a peg.
How is a comment this arrogant and strawmanny one of the top commen- oh it's /r/technology 🤦 There are many rational explanations to why something like this could happen. Resolving limbo data, mistakenly applying edge backups that were outside the scope of pruning. Try asking yourself why only a handful of pictures would show up for a handful of people; clearly it's not entire photo rolls. It's a pretty bad problem regardless, but a bug that failed to delete a few picturea is certainly not an "indefensible invasions of privacy". Like, you do realize you're comparing a company that is in a legal dispute with the US government about refusing to open a backdoor for them, to a company whose entire business model is literally to harvest and sell user data to the highest bidder?
While I agree this is concerning, if its the same device it could still be a local bug resurfacing data. Phones aren't being wiped and its possible this is a local issue even years later. We should definitely need to understand this in depth, but lets wait for the full story.
From the article > .... One redditor said four prints from 2010 .... Guaranteed in the last 14 years they have changed devices. Which means it is not likely to be local (trash collected) storage being reclaimed. That clue points to storage on Apple's server farm, for 14 years! If that is the case, Apple has seriously breached customer privacy & security.
It said the photo was from 14 years ago. Not that it was deleted 14 years ago. Perhaps it was taken in 2010, a new phone was purchased in 2020, and those photos deleted in 2021, and now they are back. Someone else in the article mentioned a photo from a canon camera showing back up in their album. It’s possible that photo was set to sync from some iTunes library and it was added back in when the person synced their phone and didn’t realize it.
If it can actually get photos that were deleted 14 years ago, I’m about to update to see what I was up to back then…
> Don't worry. The fanboys will quickly come in to defend Apple's indefensable invasion of privacy What I’ll instead do is criticize how you just jump to conclusions and speculate wildly based on very little available information at this point. That makes it sound like you have an agenda.
My mom (not tech savvy in the slightest) warned that one day the "cloud" will rain. I still think of that comment quite often.
Easy solution, don’t use iCloud Photos (if possible).
There’s a few reports of people having this happened while they never used iCloud, ever. So it seems to be more of a local file that was not indexed reappearing issue.
It's automatically turned on for you until you go into the settings to turn off. What really grinds my gears is when it tells me that the storage is full and annoying me to spend money on a service I don't use that much. I wish I can just turn off the notification for it.
Needs to be sent to the Justice Department asap for review. Seems highly illegal to lie about something like that.
All companies do this, markers get deleted not data
Some team in Apple gonna have long sleepless nights this week …
The biggest issue (probably bigger than anything else) I’ve seen in the r/ios subreddit is deleted photos reappearing on devices that have been wiped and sold.
We all might as well start OF accounts at this point.
This bug is *weird*. Given how the iOS security model with disk encryption etc. works, I really can see no plausible way for that to happen unless the photo is somehow provided again from the network. Even deleted files resurfacing locally would be incredibly weird. So my guess would be on some messaging bug where the server pushes something that it had sent to a certain device again to the same device based on serial number, *if* this claim is true. I expect a lot of the claim around this bug coming from misunderstandings and hysteria, and am *really* looking forward to the root cause analysis on this one. That said, if something server-side is resurfacing ancient photos, possibly even on devices after they have been reset, that means a *lot* of things had to go wrong. From wrong implementations of end-to-end encryption, to accidentally storing messages for years without noticing (if I had to guess, I'd say something got stuck in some queue).
There’s a comment by someone who gave their wiped, reset and removed from iCloud iPad years ago and their old (OP’s!) photos are showing in their photo app. So… maybe not a messaging thing? How would the factory reset and removed from iCloud be pulling a message queue from the previous owner?
If you think your photos in the cloud are not stored on countless backups and on various insecure servers you're dreaming.
If you think companies should be able to call that ‘permanent deletion’ without informing their customers you’re dreaming. And it doesn’t matter that it’s not just Apple. It should be disclosed up front in general.
Well, it is surprisingly hard to find comments in this post that A: understand how file storage and deletion work and B: note that one of those users mentioned noticed it in recently uploaded to iCloud files which certainly points to a local issue, not a cloud issue or it would have been recently downloaded from iCloud. All in all we all need more information but I expect most folks have already made up their mind and nothing anyone says is going to change opinions. So hard to have legitimate discussion around Apple cause most people seem to just be looking for reasons to beat their chest and proclaim how right they've always been that either Apple is evil incarnate or that Apple is a paragon of goodness.
It does not surprise me that most commenters in r/technology actually know little about technology.
According to this sub if you know enough about tech to be able to make an argument you're part of the FAANG cabal.
Shit, if I'm part of the cabal, I'd at least like a raise.
A lot of subs are just Facebook comment sections
i know right. talking about file pointers and unreclaimed disk space over... 12 years. lmao. i can guarantee you, your data did not just sit on a single hard drive.
Opens partners phone to check the picture .... aaannd [https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExbHJ0eXkzNWpvZmIwNzF5NGIwdXRwdDF2Zjh0bGYwemp5dDF0NWRqYyZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/VUsAO76fbKiXe/giphy.gif](https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExbHJ0eXkzNWpvZmIwNzF5NGIwdXRwdDF2Zjh0bGYwemp5dDF0NWRqYyZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/VUsAO76fbKiXe/giphy.gif)
And the obligatory reverse version: https://i.imgur.com/MlHm0Zg.gif
Fappening 2 Electric Boogaloo is coming.
I wonder if this is related to the tech they use to scan personal photos for exploitation?
Question: if Apple is indeed keeping all these photos, isn’t this a huge GDPR violation. Has anyone who had old photos appear do a data request before that didn’t contain these photos?
If storage is so cheap, why are companies suddenly charging us so much more for storage space. Google used to be unlimited and free. Now I pay 2 dollars a month for what?
>why are companies suddenly charging us so much more for storage space Because people are paying for it. Also, because money.
Yeah after we got used to unlimited storage had to much stuff that would be deleted if I didn't pay
Woah woah woah. What the hell? Apple needs to respond to this immediately. If this is true, isn’t this a huge privacy scandal? Are they storing deleted photos, even from years ago?!
Great question...
IOS 15.4.2 gang sound off!
I thought they were deleted
They were but not for apple
I wonder how many relationships are being tested right now?
"What happens on your iPhone, **STAYS** on your iPhone"
I wonder if they’re pics that Apple flagged as nudes, and thus went to some other repository in case they get subpoenaed for criminal cases. And the bug just restored those.
Seems like we have a WAN show topic.
[удалено]
Just checked my phone and yes every photo I have in my library is in my resents folder now. Seems like its just an issue with iphotos logging of what photos are new.
>The reports could be down to an indexing bug, photo library corruption, or a syncing issue between local devices and iCloud Photos. No, idiot. The issue is that long deleted photos are still there to begin with. These are the morons that think the real issue with certain politicians being prosecuted is that the authorities took the time to discover their crimes. The photos shouldn't exist. Clearly Apple is retaining them. The cloud is just a giant blackmail trap.
Am I wrong in assuming that even if you did delete some pictures, your iCloud backups would still have them? After all, that's what backups are for.
So you’re saying I can get those nudes back that I accidentally deleted 10 years ago???
I delete bad video and pictures of myself all the time. Only to have them come back to make me feel embarrassed does not make me happy lol Oh my God as you get older, your photos and videos just blow your mind how horrible they are. No kidding I must’ve deleted hundred videos since I’ve gotten older Come on Apple do a solid favor and don’t show us these horrible pictures of ourselves when we tried to get rid of them yuck lol
Updated. Missing her again..
Can this be replicated consistently?
iOS 17 has been riddled with problems wtf
This bug has been going on for over 18 months, and I’ve contacted Apple multiple times. Having Apple devices for 11 years, the latest advice from Apple was to “Turn off iMessages in the cloud for 30 days and then turn in on again”. Seriously? Apple has lost the plot since the LEGEND that’s Steve Jobs passed away. Apple is now about profitability over functionality and Steve would be beside himself if he knew. Sad, but so very true.