Ok so lets assume there is 30 matches and a 25 year old that looks 15 is the subject. Apple would not verify the age of the subject?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Outlines Security and Privacy of CSAM Detection System in New Document
- Thread starter MacRumors
- Start date
- Sort by reaction score
“all the time” = only 265 reported CSAM in 2020, thousand-fold less than comparable companies
And those 265 come exactly from the iCloud webapp when users tried to email those pics out, not from dragnet scanning of iCloud Photos on-server.
Subpoenas are another matter.
1) You can turn off Spotlight
2) Spotlight isn't designed to report you if it thinks something on your computer is "suspicious"
The point is that they can decrypt your pictures anytime they want, given that it is not E2E encryption. No privacy is gained by scanning on the device.
If they had introduced E2E encryption at the same time, at least there would be a potential benefit for the user to weigh against the intrusion into your device. As it is, it is entirely adversarial with no advantage for the user. People don't like it if their own devices are turned against them, and rightfully so.
did you read the technical docs ? the database is signed with os15 and the hash of the database will be published by apple in a knowledge base article, there is no way they can alter the database, plus like the blockchain, it is in full view of everyone including users
the same system in the cloud is completely opaque we have no idea what is being matched or where the images came from or whether they have been added to or subtracted from
it would be infinitely easier for a bad actor to insert non-csam materials in cloud scanning and we wouldn't even know it
apple has chosen to put the database in every phone so it can be seen and not altered or messed with in any way
Then a person with child porn would play with modifications until their child porn isn't detected, making the whole solution pointless?
What “media organisations”?
Tech companies like Apple’s arch-enemies Epic and Whatsapp/Facebook?
How many employees?
That’s not proof of anything.
There are people with different ideas about this, doesn’t mean they’re right or wrong. Then there are those misrepresenting the facts or overreacting or being unreasonable (the battery concerns..lol) or being unfair.
1) I can’t on iOS/iPadOS
2) How do you know? It’s not open source.
3) Even if Spotlight doesn’t do anything nefarious today, how do you know it will not in the future if Apple is pressured to silently update it to send out all the indexing data?
There is speculation that some markets will get iCloud encryption where the user gets the encryption keys. Right now, Apple holds the keys.
I say some markets because I doubt China or Russia would allow that.
Five paragraphs of ranting yada yada. Without addressing my very simple question in the slightest.
Shocked. No...totally shocked.
Yeah, no nationstate or other well funded groups don’t spend resources on exploiting new frameworks. Apple is now saying databases from other countries will be included, another expansion before it’s even released. Every IOS and iPadOS device will have this forcibly installed, I’m assuming worldwide. because everybody is guilty until proven innocent by a process with no consumer challenge or notification process, until there is a knock on your door. But hey complicated software/human processes work 100% with no unintended consequence.
It’s literally science fiction that 30 matches depicting the same 15yo subject would escalate to human review.
You don’t understand how this works.
Yes that’s true. I have the same questions as to why do it user side when it can be done server side. It’s been speculated by smarter people than me that maybe Apple wants to turn on encryption where users would control their key. But if that were really the case I don’t know why Apple doesn’t get in front of that question.
Don’t say it when you don’t know it…. It’s totally unclear at this point what the program will do when it detects stuff on your phone…. But it’s still irrelevant to the issue that the software is still on your phone scanning for stuff regardless of whether you send it to iCloud …. Lets see a toggle cutting off the scan…. Doubt you will find that
Yes I do understand how it works. I am asking about the HUMAN REVIEW process, not the MATCHING PROCESS. What all goes in the human review process. Will they be checking drivers licenses for the subject to determine if they are under age or not? I DON'T KNOW THAT DETAIL. Which is why......I am asking? Seriously, you have had this attitude towards me for weeks when all I am doing is asking questions so I can learn the process. I am not saying I know everything. Which is why I am posting asking these questions so I do know.
if there are 30 matches the person who is uploading and who is getting matched is uploading child porn, period, because the false positive rate is so high, 1 in a billion is a lot but they (apple) are talking about 1 in a trillion
unless you have one of the images in the database (which itself is a confluence of 2 different database where images are matched to insure that at least 2 different agencies deemed it be child porn) you are not going to get a match
you can upload 100 pictures of your 2 year old daughter running naked through the lawn sprinklers and you won't get a match
Apple is installing software that scans your data but DOES NOT RELAY the results of said scan to Apple UNTIL you have uploaded the pictures to their servers ANYWAY.
It’s a bit more nuanced than “they’re scanning my local data”, we’ll agree to disagree about this till the end of times.
I am asking about the human review process, not the matching process. Have any details about how that process works been publicly stated? Will they be checking drivers licenses for the subject's age?
No. That's not Apple's job.
Again, read Apple's document about how the system works. It has been covered in length on this thread.
They are looking for exact matches at all stages, both the automated stage and the human review stage. That’s how reporting to NCMEC works.
Geez people, I am just asking questions here what is the damn problem? Apple did NOT go into specifics about how their manual review process will work. I have read the documents. I have watched videos on the topic. I have listened to podcasts on the topic. But its all been vague "Apple will manually review the pictures". HOW? What will they be doing? If the goal is to prevent child porn, shouldn't they be reviewing the drivers license of a child subject in a nude picture? Even if its not in CSAM, shouldn't that be the job to make sure child porn is stopped?
I am tired of repeating myself every third post. I HAVE READ THE DOCUMENTATION. It doesn't go into specifics. I cannot see the algorithm. I cannot play around with the code to really understand. Its like people on this site are SEVERELY AGAINST asking questions.
Auditability of the on-device database is a (small) step forward (interestingly that was not in the initial documentation they put out). But it still doesn't give you as a user any insight about what images are actually included in the database, because the system is specifically designed to prevent that. They now say that the database will be open to independent audits, but again that's just policy which they can change (or be forced to change) anytime.
no they will be checking for a false positive, if they get a match (1 in a billion or trillion) they will look at the photo, if it looks like child porn they will send it to ncmec who presumably will match by doing a visual analyses to the actual image it matches
but you will need 30 matched images before any of this happens, so unless you are uploading actual-seen-before-and-logged-by-ncmec-child porn you will not have any matches so the human review process is irrelevant