Apple Provides Further Clarity on Why It Abandoned Plan to Detect CSAM in iCloud Photos

[bookofxero]

Again if there is ZERO concerns, why is there even a threshold on false positives at all. If this is truly how it functions there should be absolutely zero false positives. So there is no need for a threshold.

Because they are FUZZY hashes so that people can’t just run a script to crop them and get around hash checks and you don’t want to be “the boy who cried wolf”, no matter how small the odds are, but I get that that takes a few moments of contemplation for some people and may not have occurred to you prior to your post.

 

[VulchR]

Because they are FUZZY hashes so that people can’t just run a script to crop them and get around hash checks and you don’t want to be “the boy who cried wolf”, no matter how small the odds are, but I get that that takes a few moments of contemplation for some people and may not have occurred to you prior to your post.

But the fuzzy hashes are bound to lead to false positives and a method has already been published online the modifies pictures to defeat the hashes but leave the pictures perceptually unaffected. This was a bad idea on multiple levels, which is why Apple dropped it. Ironically, the UK is about to pass a law requiring something like this (CSAM scanning even in encrypted personal messaging systems, which will break encryption), so we're likely to lose WhatsApp, Telegram, etc. because the UK government's never-ending thirst for blanket surveillance.

 

[Ethosik]

We just got through having people tell me how statistically nearly impossible false positives are. Now we are back to discussing fuzzy matching?

Which is it? If even getting one false positive is such a rare occurrence, then I don’t think there should be any threshold. If you even have one image that gets flagged the authorities should be contacted. This stuff is serious business and a threshold of 30 is just too high.

 

[Analog Kid]

If even getting one false positive is such a rare occurrence, then I don’t think there should be any threshold.

Where has it been said that getting one false positive is such a rare occurrence? I can't tell if you're still not understanding or if you're pretending to be naive thinking it's somehow demonstrating something-- but if the later I can't figure out what...

 

[jseymour]

For those of you who did not see the danger inherent in Apple implementing client-side/on-device content scanning, I bring you this:

EU’s Plan To Mass Surveil Private Chats Has Leaked

Didi Rankovic April 4, 2024

[German EP member (MEP) Patrick Breyer] ... went on to explain that the upcoming regulation is set up in a way that will result in the end of the privacy of people’s digital communications, since the subject of content searches will be “millions” of chats and photos, including those belonging to persons who have no links to child sexual abuse.

And because the technology proposed to carry out the mass surveillance is unreliable, there are also risks of this content getting leaked.

Another “victim” of the regulation is end-to-end encryption, which Breyer says will be undermined by client-side scanning.

Full article: EU’s Plan To Mass Surveil Private Chats Has Leaked

Apple's earlier proposed on-device CSAM scanning engine would have enabled such a thing with the software equivalent of the flip of a switch.

 

[Glenny2lappies]

Seems that some people are treating 1984 as a user manual!