“Debunked: The Truth about mediaanalysisd and Apple’s Access to Your Local Photos on macOS”

Pawel Szydlowski
4 min readJan 27, 2023
Photo by Jeffrey Paul — https://sneak.berlin/

A recent thread on Twitter raised concerns that the macOS process mediaanalysisd, which scans local photos, was secretly sending the results to an Apple server. This claim was made by a cybersecurity researcher named Jeffrey Paul. However, after conducting a thorough analysis of the process, it has been determined that this is not the case.

The mediaanalysisd process is a background task that starts every time an image file is previewed in Finder, and then calls an Apple service. The process is designed to run machine learning algorithms to detect objects in photos and make object-based search possible in the Photos app. It also helps Finder to detect text and QR codes in photos. Even if a user does not use the Photos app or have an iCloud account, the process will still run.

The process scans local photos — photo source: https://twitter.com/mysk_co

The analysis of the mediaanalysisd process revealed that it does not access any suspicious resources. The content of its framework, MediaAnalysis.framework, clearly shows that the process is used for object detection in photos, and its binaries file contains a huge list of objects the model is trained to detect. Some examples…

--

--

Pawel Szydlowski
Pawel Szydlowski

Written by Pawel Szydlowski

Mobile Developer, R&D Engineer and Mathematician. Polish🇵🇱, lived in Ireland and Netherlands. Writing about technology, mindfulness, healthy lifestyle & news.

No responses yet