Remember how everyone kicked up a giant stink about apple adding “on device CSAM scanning when uploading photos to iCloud”?
They did that precisely because it would allow them to search for CSAM without giving up any privacy. As I said back when all that rage was happening, if apple don’t get to implement it this way you can be damn sure that the government is going to force them to implement CSAM scanning in a much more privacy-destroying way, and well here we are.
Who said it was givening up privacy. The worst I heard is slippery slope of they donthis they might ad more to it later. And how was it privacy compromising?
Anything could be added to the hashes with the user having no way to know what’s being searched for beyond “trust us”. This could be partially alleviated if, for example, the hash had to be signed by organizations in a combination of states that’d make it difficult to push through hashes for anything other actual CSAM (so not just Five Eyes)
Adversarial examples to intentionally set off the filter were demonstrated to be possible. Apple made it clear that there are types of content they’d be legally obligated to report once they became aware of, and it’d be well within a government agency’s capabilities to honeypot, say initially, terrorist recruitment material
Coincidental false positives are also entirely possible (ImageNet had some naturally occuring clashes) and can result in their employees seeing your sensitive photographs
The user’s device acting against the user cements other user-hostile and privacy-hostile behavior. “People could circumvent the CSAM scan” would be given as another reason against right to repair and ability to see/modify the software your own device is running
Tech companies erode privacy by flip-flopping between “sure we’re giving ourselves abusable power, but we’ll stand up to governments pressuring us to expand this” and then “well what were we supposed to do, leave the market?” when they inevitably concede
What’s anything? They are not looking for any CSAM pictures they are looking for specific ones that are in a database. Its not like they can create a hash for a guy letting his dog on a horse and find all those pictures.
they are looking for specific ones that are in a database
They could be looking for any images without your knowing - there’s no guarantee that those images came from a CSAM database.
Its not like they can create a hash for a guy letting his dog on a horse
They could trivially create a hash for a picture of a guy letting his dog on a horse (which would also include other very similar images).
I didn’t necessarily mean to claim that they can scan for a concept lacking a fixed image, if that’s what you’re saying. That would theoretically be possible with enough hashes, but impractical.
Like the politicians would have cared. This is just a convenient excuse. Either they would have found another one or they would have said “we can’t trust Apple to scan for this material. The police has to do these scans!”
We were right to oppose it then and we are right to oppose it now.
It was a government provided list of hashes check against. For me, I don’t like it because I don’t trust 3 letter agencies to not abuse the ability to search every iDevice in the world for arbitrary file hashes.
It was a database of hashes that were taken from the intersection of multiple country CSAM databases.
Germany couldn’t just put a picture of a nazi in there and have every iPhone flag everyone that has a picture of a nazi on it unless multiple other countries also had that same picture in their CSAM db.
It also only happened when you uploaded the photo to iCloud. Know what they do now instead? Just scan for CSAM on iCloud like google, Microsoft, imgur, Reddit, etc all do.
The end result is the same in detecting CSAM, but the way apple proposed was more secure and valued your privacy more.
CSAM, as defined by apple,
SPOILER that could be anything, including, and I could rattle off names, anything that threatens the government or those who got their tendrils into it, if we, For example have authoritarians change us to be facist, or re-introduce slavery or segrogation.
A mere picture of your bedroom or face could have a somthing in it that allows you to be put into a cohort for later use (legal or not)
No, that’s not at all what it was defined as or what it could be. CSAM is Child Sex Abuse Material. It wasn’t going to be memes of winny the pooh like people argued.
That’s also not how CSAM matching works. It simply compares hashes of images. If you take a photo of you in your bedroom with a sign saying “fuck the government” it will not match any CSAM database hashes no matter how authoritarian or fascist the government is, because they don’t have that same photo in their CSAM databases.
You’re doing what the outraged did back then and thinking CSAM scanning is some sort of AI powered image recognition that scans images for specific things. It’s not that at all. It is a database of known CSAM images that have been hashed and that have been confirmed by multiple different governments (multiple different ones so one government can’t just put an image of their president that they don’t like in theirs and then find out who has uploaded that photo. If it only appears in one government CSAM database it will not be checked). It takes your photo, hashes it, and then checks to see if that hash is in the CSAM database. It won’t be, ever.
You know what will be in there and matched? If you download child porn that is already out there on the web.
You’re naive if you think that is all it will ever be, and that there will never be scope creep, especially malicious scope creep that turns into overreach
Remember how everyone kicked up a giant stink about apple adding “on device CSAM scanning when uploading photos to iCloud”?
They did that precisely because it would allow them to search for CSAM without giving up any privacy. As I said back when all that rage was happening, if apple don’t get to implement it this way you can be damn sure that the government is going to force them to implement CSAM scanning in a much more privacy-destroying way, and well here we are.
Hmmmm funny because security researchers said the opposite, I kinda believe them more?
Who said it was givening up privacy. The worst I heard is slippery slope of they donthis they might ad more to it later. And how was it privacy compromising?
Anything could be added to the hashes with the user having no way to know what’s being searched for beyond “trust us”. This could be partially alleviated if, for example, the hash had to be signed by organizations in a combination of states that’d make it difficult to push through hashes for anything other actual CSAM (so not just Five Eyes)
Adversarial examples to intentionally set off the filter were demonstrated to be possible. Apple made it clear that there are types of content they’d be legally obligated to report once they became aware of, and it’d be well within a government agency’s capabilities to honeypot, say initially, terrorist recruitment material
Coincidental false positives are also entirely possible (ImageNet had some naturally occuring clashes) and can result in their employees seeing your sensitive photographs
The user’s device acting against the user cements other user-hostile and privacy-hostile behavior. “People could circumvent the CSAM scan” would be given as another reason against right to repair and ability to see/modify the software your own device is running
Tech companies erode privacy by flip-flopping between “sure we’re giving ourselves abusable power, but we’ll stand up to governments pressuring us to expand this” and then “well what were we supposed to do, leave the market?” when they inevitably concede
What’s anything? They are not looking for any CSAM pictures they are looking for specific ones that are in a database. Its not like they can create a hash for a guy letting his dog on a horse and find all those pictures.
They could be looking for any images without your knowing - there’s no guarantee that those images came from a CSAM database.
They could trivially create a hash for a picture of a guy letting his dog on a horse (which would also include other very similar images).
I didn’t necessarily mean to claim that they can scan for a concept lacking a fixed image, if that’s what you’re saying. That would theoretically be possible with enough hashes, but impractical.
How did they say it’s giving up privacy?
Like the politicians would have cared. This is just a convenient excuse. Either they would have found another one or they would have said “we can’t trust Apple to scan for this material. The police has to do these scans!”
We were right to oppose it then and we are right to oppose it now.
You were right to oppose doing it in the most privacy conscious way? Or were you against CSAM scanning at all?
It was a government provided list of hashes check against. For me, I don’t like it because I don’t trust 3 letter agencies to not abuse the ability to search every iDevice in the world for arbitrary file hashes.
It was a database of hashes that were taken from the intersection of multiple country CSAM databases.
Germany couldn’t just put a picture of a nazi in there and have every iPhone flag everyone that has a picture of a nazi on it unless multiple other countries also had that same picture in their CSAM db.
It also only happened when you uploaded the photo to iCloud. Know what they do now instead? Just scan for CSAM on iCloud like google, Microsoft, imgur, Reddit, etc all do.
The end result is the same in detecting CSAM, but the way apple proposed was more secure and valued your privacy more.
CSAM, as defined by apple, SPOILER that could be anything, including, and I could rattle off names, anything that threatens the government or those who got their tendrils into it, if we, For example have authoritarians change us to be facist, or re-introduce slavery or segrogation. A mere picture of your bedroom or face could have a somthing in it that allows you to be put into a cohort for later use (legal or not)
No, that’s not at all what it was defined as or what it could be. CSAM is Child Sex Abuse Material. It wasn’t going to be memes of winny the pooh like people argued.
That’s also not how CSAM matching works. It simply compares hashes of images. If you take a photo of you in your bedroom with a sign saying “fuck the government” it will not match any CSAM database hashes no matter how authoritarian or fascist the government is, because they don’t have that same photo in their CSAM databases.
You’re doing what the outraged did back then and thinking CSAM scanning is some sort of AI powered image recognition that scans images for specific things. It’s not that at all. It is a database of known CSAM images that have been hashed and that have been confirmed by multiple different governments (multiple different ones so one government can’t just put an image of their president that they don’t like in theirs and then find out who has uploaded that photo. If it only appears in one government CSAM database it will not be checked). It takes your photo, hashes it, and then checks to see if that hash is in the CSAM database. It won’t be, ever.
You know what will be in there and matched? If you download child porn that is already out there on the web.
You’re naive if you think that is all it will ever be, and that there will never be scope creep, especially malicious scope creep that turns into overreach
Anything scanning messages or media on my device is an absolute NO if I don’t control it.
You did control it though. It only scanned what you were uploading to iCloud, and only during the upload process.
If you turned off iCloud upload it never scanned anything.