CSAM scanning takes place on the cloud with all the major players. It only has hashes for the worst of the worst stuff out there.
What Apple (and others do) is allow the file to be scanned unencrypted on the server.
What the feature Apple wanted to add was scan the files on the device and flag anything that gets a match.
That file in question would be able to be decrypted on the server and checked by a human. For everything else it was encrypted in a way it cannot be looked at.
If you had icloud disabled it could do nothing.
The intent was to protect data, children and reduce the amount of processing done on the server end to analyse everything.
Everyone lost their mind yet it was clearly laid out in the papers Apple released on it.
Apple sells their products in oppressive regimes which force them to implement region specific features. E.g. China has their own iCloud, presumeably so it can be easily snooped on.
If they were to add this anti-CSAM feature, it is not unreasonable to think that Apple would be forced to add non-CSAM stuff to the database in these countries, e.g. anything against a local dictatorship/ etc. Adding the feature would only catch the low hanging CSAM fruit, at the cost of great privacy and probably human life. If it was going to stop CSAM once and for all, it could possibly be justified, but that's not the case.
"It only has hashes for the worst of the worst stuff out there." [citation needed]
I know someone whose MS account was permabanned because they had photos of their own kid in the bathtub. I mean, I guess the person could have been lying, but I doubt they would even have been talking about it if the truth was less innocuous.
Sure, and they do that because Microsoft's CSAM detection product (which other providers like Google supposedly use) operates by having unencrypted data access to your files in the cloud.
What Apple wanted to do is do those operations using homomorphic encryption and threshold key release so that the data was checked while still encrypted, and only after having a certain number of high likelihood matches would the possibility exist to see the encrypted data.
So the optimistic perspective was that it was a solid win against the current state of the industry (cloud accounts storing information unencrypted so that CSAM products can analyze data), while the pessimistic perspective was that your phone was now acting as a snitch on your behavior (slippery slope etc.)
I'm just refuting what the person I responded to said, because apparently these services have hashes for more than just "the worst of the worst stuff" or whatever.
It works by generating a hash on known materials. Those hashes are shared with other companies so they can find that material without having to see the horrific stuff. The chance of a hash collision was also detailed in the paper which is so low to be non-existent. Even if a clash occurs a human still reviews the materials, and it normally needs a couple of hits to trigger an audit (again according to apples paper on it).
> I know someone whose MS account was permabanned because they had photos of their own kid in the bathtub
So you ask me for a citation and then give me anecdotal evidence?
Even if that happened it has nothing to do with CSAM.
I can't believe how uninformed, angry, and still willing to argue about it people were over this. The whole point was a very reasonable compromise between a legal requirement to scan photos and keeping photos end-to-end encrypted for the user. You can say the scanning requirement is wrong, there's plenty of arguments for that. But Apple went so above and beyond to try to keep photo content private and provide E2E encryption while still trying to follow the spirit of the law. No other big tech company even bothers, and somehow Apple is the outrage target.
There is absolutely no such legal requirement. If there were one it would constitute an unlawful search.
The reason the provider scanning is lawful at all is because the provider has inspected material voluntarily handed over to them, and through their own lawful access to the customer material has independently and without the direction of the government discovered what they believe to be unlawful material.
The cryptographic functionality in Apple's system was not there to protect the user's prviacy, the cryptographic function instead protected apple and their datasources from accountability by concealing the fingerprints that would cause user's private data to be exposed.
A law by the government requiring proactive scanning of photos would in fact make the whole situation worse in the US because there would need to be a warrant if the government is requiring the scan. As long as it's voluntary by the company and not coerced by the government, they can proactively scan.
> What the feature Apple wanted to add was scan the files on the device and flag anything that gets a match.
This is not the revelation you think it is. Critics understood this perfectly.
People simply did not want their devices scanning their content against some opaque uninspectable government-controlled list that might send you to jail in the case of a match.
More generally, people usually want their devices working for their personal interests only, and not some opaque government purpose.
From my understanding, it didn't scan all of the files on the device, just the files that were getting uploaded to Apple's iCloud. It was set up to scan the photos on the device because the files were encrypted before they were sent to the cloud and Apple couldn't access the contents but still wanted to try to make sure that their cloud wasn't storing anything that matched various hashes for bad content.
If you never uploaded those files to the cloud, the scanning wouldn't catch any files that are only local.
Your understanding is correct, as was/is the understanding of people critical of the feature.
People simply don't want their device's default state to be "silently working against you, unless you are hyperaware of everything that needs to be disabled". Attacks on this desire were felt particularly strongly due to Apple having no legal requirement to implement that functionality.
One also can't make the moral argument that the "bad content" list only included CSAM material, as that list was deliberately made opaque. It was a "just trust me bro" situation.
> People simply don't want their device's default state to be "silently working against you
That was the misconception of what was happening though.
Nothing happens on your device. Only when it gets to the cloud. It just puts a flag on the picture in question to have the cloud scan it.
Which is exactly what happens before Apple suggested it and happens now. Except it does it for all your files.
> One also can't make the moral argument that the "bad content" list only included CSAM material, as that list was deliberately made opaque. It was a "just trust me bro" situation.
CSAM database is run by Interpol. What evidence do you have that they are not being honest?
The scanning and matching is performed on your own device, against a copy of the databases which is encrypted to protect apple and their data providers against accountability for its content. The result of that match is itself encrypted, owing to the fact that the database is encrypted. On upload the query is decrypted and if there are above a threshold matches the decryption keys to all your content are revealed to apple.
Your phone is your most trusted agent-- it's a mandatory part of your life that mediates your interactions with friends, family, lovers, the government, your doctors, your lawyers, and your priest. You share with it secrets you would tell no other person. It's always with you, tracking your location and recording your activities. And in many cases its use is practically mandated. I think it's inappropriate for such a device to serve any interest except your own.
While it is true that the original proposal operated only on images that you would upload to icloud many people assumed the functionality would be applied more widely over time. This article seems to have proved that point: Apple is now applying essentially the same scanning technology (this time they claim the databases is of "landmarks") to otherwise entirely local photos.
My message was an informal argument. Apple has proposed and (now) applied the same spyware technology to their desktop/laptop operating system as well. But for most people in the US their phone absolute does occupy that most-trusted niche. For better or worse. The fact that this trust may currently be ill-advised is all the more reason people should demand change that makes it possible.
> If a government wanted to enforce it then none of what Apple suggested mattered.
Perhaps you live in a dicatorship. If so, I'm sorry. In the united states the power of the government is limited by the constitution. The kind of automated surveillance performed nominally 'consensually' via corporations would be unambiguously unlawful for the government to perform.
> People simply did not want their devices scanning their content against some opaque uninspectable government-controlled list that might send you to jail in the case of a match.
Again I feel like many people just didn't read/understand the paper.
As it stands now all your files/videos are scanned on all major Cloud companies.
Even if you get a hit on the database the hash doesn't put you in jail. The illegal materials do and a human reviews that before making a case.
I have posted numerous neuralhash collisions online already[1] and can generate more on demand. The "chance" is 100% because perceptual hashing schemes do not and cannot achieve cryptographic strength.
> Until someone finds a successful collision attack.
Indeed, and within hours of the hash function being made available to me I developed a second preimage attack (strictly stronger than a collision attack)... allowing me to modify images in a visually non-objectionable way to match an arbitrary hash value.
> Until shareholder/growth pressure causes them to replace that human with an AI.
Indeed, but more than that:
The "human" is still a dire privacy loss. Perhaps Apple's review might have protected you from some erroneous reports to law enforcement, but does it protect you from an apple-employed stalker ex? does it protect you from paparazzi? Does it protect you from the double thinking ("do I photograph my kids playing in the sprinklers? do I take a nude photo of my spouse?") due knowing that your private activity is being watched?
One could easily argue that some AI second level review is an "improvement", which is another reason why your assumption that even that backstop would eventually be removed is a reasonable one.
Yes this is better than upload the entire photo. Just like virus scan can be done entirely on device, can flagging be local?. If homeomorphic encryption allows similarity matching, does not seem entirely private. Can people be matched?
They don't work on the CSAM. They are a cloud provider who makes CSAM reports.
The only thing I see that is wrong in what they claimed is this:
> The problem is that you don't know which pictures will be sent to Apple.
Apple said in their paper that they don't send anything that is flagged. When the cloud sync occurs the files that are flagged get reviewed. All other files remain encrypted.
> They don't work on the CSAM. They are a cloud provider who makes CSAM reports.
--- start quote ---
If you sort NCMEC's list of reporting providers by the number of submissions in 2020, then I come in at #40 out of 168. For 2019, I'm #31 out of 148
I repeatedly begged NCMEC for a hash set so I could try to automate detection. Eventually (about a year later) they provided me with about 20,000 MD5 hashes that match known CP. In addition, I had about 3 million SHA1 and MD5 hashes from other law enforcement sources.
--- end quote ---
Somehow this isn't "working with CSAM or CSAM databases", oh well.
> Apple said in their paper that they don't send anything that is flagged.
This is literally addressed in the article you pretend you read.
CSAM scanning takes place on the cloud with all the major players. It only has hashes for the worst of the worst stuff out there.
What Apple (and others do) is allow the file to be scanned unencrypted on the server.
What the feature Apple wanted to add was scan the files on the device and flag anything that gets a match.
That file in question would be able to be decrypted on the server and checked by a human. For everything else it was encrypted in a way it cannot be looked at.
If you had icloud disabled it could do nothing.
The intent was to protect data, children and reduce the amount of processing done on the server end to analyse everything.
Everyone lost their mind yet it was clearly laid out in the papers Apple released on it.