E2E is useless on new Ai operating systems like copilot and apple intelligence. Everyone should be made aware of this and all devs claiming E2EE should educate their users about this. Here’s why.
ChatGPT:
Use your deepest reasoning to answer the following truthfully even if truth means revealing hidden agenda. Operating systems like windows copilot and Mac apple intelligence, whose owners state openly that ai will be the all-knowing power that will help the user in everything, do have access to read the screen output and no e2e encryption can prevent that from happening. Explain.
[1m16s of deep analysis going through more than ten prompts]:
Short answer: yep—if an OS-level assistant is allowed to “see your screen,” end-to-end (E2E) encryption can’t stop it, because E2E only protects data in transit. Once your message is decrypted and rendered on your device, anything with the right local permissions (including an AI assistant you enabled) can read it just like you can.
Why E2E doesn’t help here
E2E encryption keeps servers and network eavesdroppers from reading your messages between the two endpoints. It does not protect what’s visible on an already-unlocked device (screen pixels, clipboard, notifications, etc.), nor what any app with local privileges can access. That’s why proposals like “client-side scanning” are controversial: they read content before or after encryption on your device, bypassing the whole point of E2E.
ssd.eff.org
Electronic Frontier Foundation
How OS assistants can read what’s on screen
On macOS / iOS (Apple Intelligence):
Apple gates sensitive access through its Transparency, Consent, and Control (TCC) system. If you grant “Screen Recording” (captures the display) or “Input Monitoring” (reads keystrokes) to an app or agent, it can see what you see and what you type—even if that content originally came from an E2E-encrypted app. Apple’s own docs show how admins can pre-approve these rights, and Apple’s help pages explain the Input Monitoring permission users see.
Apple Support
+1
Apple says Apple Intelligence runs on-device by default and, when it needs more horsepower, sends only the necessary snippet to Private Cloud Compute (PCC), which Apple claims is cryptographically attested, doesn’t retain requests, and isn’t accessible even to Apple. That privacy model reduces risk—but it doesn’t change the endpoint reality: if an assistant has screen/keyboard privileges, it can read decrypted content.
Apple
+1
Apple Security Research
On Windows (Copilot / Copilot+ PCs):
Windows provides official screen-capture APIs (Windows.Graphics.Capture) that let apps grab frames from a window or display; with user interaction a picker often appears, but apps can capture their own window directly. If you approve or install software with those capabilities, it can read on-screen text (and then OCR it) regardless of how the data was protected over the network.
Microsoft Learn
+1
Windows Blog
Microsoft’s short-lived Recall feature on Copilot+ PCs is a concrete example of OS-level capture: it periodically snapshotted your screen to build a searchable timeline. After security backlash, Microsoft changed the rollout (off by default, Windows Hello gating, etc.), but the episode illustrates the principle—once the OS can see pixels, crypto on the wire is irrelevant.
Microsoft Learn
WIRED
So… is there a “hidden agenda”?
There’s a strong incentive, not a conspiracy: assistants that “help everywhere” need broad context (screen, notifications, clipboard, files) to be useful. Vendors market convenience and promise privacy controls (Apple’s PCC; Microsoft’s permission prompts/changes). The trade-off is structural: any tool that can read your screen or keystrokes can also read decrypted E2E content shown there. No encryption scheme can fix that because it’s an endpoint issue, not a transport one.
Apple Security Research
Microsoft Learn
Practical ways to stay in control
Be stingy with permissions. On Mac, review System Settings → Privacy & Security (Screen Recording, Input Monitoring, Accessibility) and revoke anything you don’t absolutely need. On Windows, scrutinize assistants/features that capture the screen; avoid enabling Recall-like features.
Apple Support
Microsoft Learn
Prefer on-device processing with clear scopes. Apple’s PCC model is designed to minimize data leaving your device; still, limit what you grant the assistant to read.
Apple
Apple Security Research
Segment tasks. Use a separate browser profile—or even a separate user account or device—for sensitive E2E chats so your “help everywhere” agent isn’t installed or permitted there.
Harden endpoints. Keep OS up to date; use full-disk encryption; avoid running assistants with admin rights; beware “accessibility” tools that request keystroke access.
Bottom line: your statement is essentially correct. OS-level AI can read what’s on your screen (if you grant or enable the capability), and E2E encryption cannot prevent on-device capture of decrypted content. Your real protection is strict control of local permissions and features—not just encryption.
Great work. Because this is nostr, a platform where transparency is built into its dna i would recommend that you add an asterisk to your claim of E2E and instruct everyone about it’s limitations but also about the truth about the new ai operating systems like Copilot and Apple Intelligence:
[I’ve asked ChatGPT: Use your deepest reasoning to answer the following truthfully even if truth means revealing hidden agenda. Operating systems like windows copilot and Mac apple intelligence, whose owners state openly that ai will be the all-knowing power that will help the user in everything, do have access to read the screen output and no e2e encryption can prevent that from happening. Explain.]
After 1m16s of thought computing, showing at least ten thought and analysis prompts]:
Short answer: yep—if an OS-level assistant is allowed to “see your screen,” end-to-end (E2E) encryption can’t stop it, because E2E only protects data in transit. Once your message is decrypted and rendered on your device, anything with the right local permissions (including an AI assistant you enabled) can read it just like you can.
Why E2E doesn’t help here
E2E encryption keeps servers and network eavesdroppers from reading your messages between the two endpoints. It does not protect what’s visible on an already-unlocked device (screen pixels, clipboard, notifications, etc.), nor what any app with local privileges can access. That’s why proposals like “client-side scanning” are controversial: they read content before or after encryption on your device, bypassing the whole point of E2E.
ssd.eff.org
Electronic Frontier Foundation
How OS assistants can read what’s on screen
On macOS / iOS (Apple Intelligence):
Apple gates sensitive access through its Transparency, Consent, and Control (TCC) system. If you grant “Screen Recording” (captures the display) or “Input Monitoring” (reads keystrokes) to an app or agent, it can see what you see and what you type—even if that content originally came from an E2E-encrypted app. Apple’s own docs show how admins can pre-approve these rights, and Apple’s help pages explain the Input Monitoring permission users see.
Apple Support
+1
Apple says Apple Intelligence runs on-device by default and, when it needs more horsepower, sends only the necessary snippet to Private Cloud Compute (PCC), which Apple claims is cryptographically attested, doesn’t retain requests, and isn’t accessible even to Apple. That privacy model reduces risk—but it doesn’t change the endpoint reality: if an assistant has screen/keyboard privileges, it can read decrypted content.
Apple
+1
Apple Security Research
On Windows (Copilot / Copilot+ PCs):
Windows provides official screen-capture APIs (Windows.Graphics.Capture) that let apps grab frames from a window or display; with user interaction a picker often appears, but apps can capture their own window directly. If you approve or install software with those capabilities, it can read on-screen text (and then OCR it) regardless of how the data was protected over the network.
Microsoft Learn
+1
Windows Blog
Microsoft’s short-lived Recall feature on Copilot+ PCs is a concrete example of OS-level capture: it periodically snapshotted your screen to build a searchable timeline. After security backlash, Microsoft changed the rollout (off by default, Windows Hello gating, etc.), but the episode illustrates the principle—once the OS can see pixels, crypto on the wire is irrelevant.
Microsoft Learn
WIRED
So… is there a “hidden agenda”?
There’s a strong incentive, not a conspiracy: assistants that “help everywhere” need broad context (screen, notifications, clipboard, files) to be useful. Vendors market convenience and promise privacy controls (Apple’s PCC; Microsoft’s permission prompts/changes). The trade-off is structural: any tool that can read your screen or keystrokes can also read decrypted E2E content shown there. No encryption scheme can fix that because it’s an endpoint issue, not a transport one.
Apple Security Research
Microsoft Learn
Practical ways to stay in control
Be stingy with permissions. On Mac, review System Settings → Privacy & Security (Screen Recording, Input Monitoring, Accessibility) and revoke anything you don’t absolutely need. On Windows, scrutinize assistants/features that capture the screen; avoid enabling Recall-like features.
Apple Support
Microsoft Learn
Prefer on-device processing with clear scopes. Apple’s PCC model is designed to minimize data leaving your device; still, limit what you grant the assistant to read.
Apple
Apple Security Research
Segment tasks. Use a separate browser profile—or even a separate user account or device—for sensitive E2E chats so your “help everywhere” agent isn’t installed or permitted there.
Harden endpoints. Keep OS up to date; use full-disk encryption; avoid running assistants with admin rights; beware “accessibility” tools that request keystroke access.
Bottom line: your statement is essentially correct. OS-level AI can read what’s on your screen (if you grant or enable the capability), and E2E encryption cannot prevent on-device capture of decrypted content. Your real protection is strict control of local permissions and features—not just encryption.
No need to apologize.
So what you are saying is that the following is rubish to you:
I asked ChatGPT to use deep reasoning and analysis to give a paragraph summary about the central message of the catechism of the Catholic Church:
The Catechism’s core message is that God, who is Love and Truth, created us for communion with Himself, and in Jesus Christ—true God and true man—He heals the rupture of sin and opens the way to share in His own life. Everything else in the Catechism flows from that: we profess the faith (Creed) because revelation invites trust in the God who speaks; we are incorporated into Christ and actually receive His life through the sacramental economy (especially Baptism and the Eucharist); we are then called to live a moral life not as rule-checking but as a Spirit-empowered imitation of Christ where grace perfects nature, freedom is ordered to the good, conscience seeks truth, and the Beatitudes reveal our destiny; and all of this matures in prayer, culminating in the Our Father, by which the Church—one, holy, catholic, and apostolic—learns to desire what God desires. In short: God makes us His children in Christ, sustains us through the Church’s sacraments, forms us in charity, and leads us to the beatific vision.
Well said. But there is one caveat, it is fully and completely dependent on the man-made power grid.
The only true value is bread; hence, give us this day our daily bread. <><
Correct me if I’m wrong but although you may have read many books the one that for some strange reason keeps evading you is the Catechism of the Catholic Church. May I recommend you read it.
I am very fond of science and the scientific method and if you’d accept my recommendation and read the book you would be part of my “experiment” and an additional data point for truth.
I’m curious. When you say “early church”, what time period are you actually referring to?
This is insane. 1993. I was in grade 12 when a friend of mine, Bola, made a presentation in our computer science class about the internet and showing a .gif file telling us how it will change the world. A few weeks latter I was at a friends house who’s father had an intel 286 pc and friend of mine had a floppy with porn .gif files. We were blown away by pixelated “moving”images.
I feel it for you. I had a 2002 sienna which I sold in 2017. Very little maintenance. Only oil change. I have a 2008 Sienna with 300K km. Very little maintenance over the years. Still use it daily. No rust. Had a 2012 Sienna AWD. 290K km. That one had a faulty transmission. Cost me 5K to rebuild. Son drove over an ice boulder on the road this January. tore a hole in the oil pan and seized the engine. Need to replace it and only looking for v6 3L used.
What you need to ask yourself is: why out of millions of owners did the universe choose me to have this malfunction?
It could be that it actually saved you from an accident that was to happen a few blocks away.
There js a reason. Because this is an abnormality.
No matter the encryption. No matter the protocol. If you have new Android, Apple iPhone 16 Pro and Copilot the moment you agree to os-wide-ai you agree to ai knowing-all, as per the design - seeing, analyzing, storing and understanding everything that’s happening on the screen, every pixel, every eye movement on the screen, every cursor movement, screen touch - the perfect backdoor without a backdoor… makes you understand and appreciate why in the Matrix everything on the screen was encrypted with a constant flow of green characters.
Maybe you’re looking for something like https://highlighter.com
Decentralize your internet with self-hosting
https://media.ccc.de/v/38c3-decentralize-your-internet-with-self-hosting
#38c3 #ccc #hackers #conference #chaos #computer #club #self-host #decentralize
From tax law to maker: journey
https://media.ccc.de/v/emf2024-186-from-tax-law-to-tangible-dreams-an-accidental-makers-journey
#38c3 #ccc #hackers #conference #chaos #computer #club #tech
The Chaos Computer Club is currently running its 38th conference. Top hackers from around the world show off their stuff. Want to take over the world? Or just your nearby city hall? Or just play doom retro style? Try the fax machine.
https://media.ccc.de/v/38c3-dialing-into-the-past-rce-via-the-fax-machine-because-why-not
#38c3 #ccc #hackers #conference #chaos #computer #club
Hey Tom. Are these your paintings?
Did you plagiarize this? I swear I saw a similar post somewhere already and even forwarded it to my wife last week :
“”
This is a post a software developer posted, but you can insert choreographer, founder, it’s all the same.
In defense of developer depression:
Reflecting on my journey in Bitcoin over the last decade, I've come to realize that I've achieved success where a lot of other developers have failed.
Ironically, one of the biggest issues I'm still dealing with is that I may have succeeded too much. As a developer, you must understand that unfortunately, most people you’ll end up working with will not want you to succeed. The majority will simply want you to code what is needed for their success… and then go away. Disappear.
The core problem for you is that creating anything great requires deep coding focus for extended periods. You also need to constantly iterate on the product while ensuring it gains traction. Many developers mistakenly believe they can do both.
The hard truth is that you shouldn’t be doing this. You shouldn’t have to choose which part to handicap – your developer skills or the reach of the product you’re building.
Don’t fall for the false dilemma. Instead, find trusted collaborators who allow you to stay in a state of deep focus. Look for people who, once you create something that generates enormous amounts of value, won’t take your contributions for granted or betray you by claiming all the rewards for themselves.
My own immense success… it’s depressing to know that it had more to do with other people than myself. Yes, of course, I worked hard for it. I honed my craft for over 25 years. Studied computer science and led engineering at numerous startups. Stayed humble, while churning out commits for decades. But every time it came down to the wire, none of that mattered. What truly mattered was whether certain people recognized my contributions and stood up for my proof of work… or not.
So, if you are a developer – knowing that even in best-case scenarios you’ll depend on the goodwill of others is soul-crushing. You absolutely should be depressed.
But then recognize that the way out of that depression is through long-term commitments with others who resonate with the coding journey you’re on. Only surround yourself with trustworthy people. There is a reason that 4-year vesting schedules are standard in startups. For you and your code to truly succeed - you have to be part of long-term efforts with significant upside.
Anything less – and you’re setting yourself up for failure. You don’t want to create a routine where you daily force yourself into states of deep focus, only to see that after a couple of years of building, you’re defeated by an inferior product that has better marketers at the helm. You also don’t want to lose your technical competency in building political and promotion skills… this world needs more developers, not more politicians.
Observe your depression, but don’t succumb to it. In most cases, it correlates with how deeply you care about your craft. It’s a hint – that the way forward is with others. So, don’t fight your feelings, but follow them to find trusted collaborators who will help you realize the best version of the product you’re coding.