Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

To add more detail to that, Apple's proposed CSAM scanning worked by computing a hashed value for each photo on your device then compare that to a list of known CSAM image hashes downloaded from Apple. Entirely on your device, aka the "client," as in "client side scanning" (to clarify, Apple's cloud is not the client, your personal device is). Then if you have photos that hashed to a value on the known CSAM hash list (which this isn't MD5 or similar bullshit hash algo, so that would only happen if you either engineered a hash collision or actually had CSAM content) they'd send them over to have a human look at. That's multiple photos, cause 1 match could well be a false positive.

It did a great job at freaking people out hearing about their photos getting scanned and it could be defeated by making a 1 pixel change to any photos a pedo would hide on their phone (since any changes to the image would totally change the hash).



>could be defeated by making a 1 pixel change to any photos a pedo would hide on their phone (since any changes to the image would totally change the hash).

This isn't the way those hashes work. A 1 pixel change would still hash similar enough to be matched. Maybe there are adversarial 1 pixel changes that could break the hashing, but I doubt it.

Even cropping, watermarks and other manipulations like that would still match. "Perceptual hashing", very different to cryptographic hashing. It's basically checking if an image looks "similar enough".

I believe this is why they needed multiple matches, because otherwise there must have been too many false positives.

This may be too oversimplified, but imagine that in a series of CSAM images, there might be, for example, a wall or furniture or something, that could appear similar enough to a wall in one of your own photos. That's a match, off to the gulag with you!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: