Apple uses sophisticated cryptography to make absolutely certain that you cannot hold them accountable for abuses of this system against you, NONE of which are prevented by its complex construction.
The private set intersection is an alternative to sending you a list of bad-image hashes which uses significantly more bandwidth than simply sending you the list. This alternative is superior for Apple because if they distributed the hashes it would be possible for someone to prove that they had begun matching against innocent images (such as ones connected to targeted races or religions, or sought to out particular pseudonyms by targeted images connected to them). It is inferior for the user for precisely the same reasons.
Some might be fooled into thinking the "threshold" behavior, somehow is in their interest: But no, Apple (or parties that have compromised them) can simply register the same images multiple times and bypass it and the privacy (for apple, but not for you) makes it impossible to detect that they've done that.
The existence of Spyware Engine is a problem, not technical details of how current version suppose to work. Suppose to work because we have not idea what it will do. Did you see the source code?
We are not that naive to believe for a second that this Spyware Engine will do what is claimed.
This is simply viewed as calculated attempt to legalize Spyware Engine on a personal device covered by some bs story intended to get emotional response from the audience to fog the real issue. It is always done this way so no surprises here.
All limitations of free speech on the web in Russia were done under umbrella of protecting children and immediately used against political opponents to this very day.
This is discussion about values [1] not technical details! Simply because Spyware may be already installed. It should not become any legal though or morally accepted anyhow.
I agree with you, but if you'd take the time to read my post you would see that I am arguing that it's not good even by their own claims!
They talk a lot about complex crypto to protect privacy but the primary thing it's doing is hiding what apple is matching against, which shields them against accountability.
I fully agree that even if the behavior were currently threading the needle it would still be an extremely bad move.
> They talk a lot about complex crypto to protect privacy but the primary thing it's doing is hiding what apple is matching against, which shields them against accountability.
NCMEC partners are not allowed to share the raw hashes, and I imagine Apple's contract with NCMEC to create a photo-comparison tool that will have auditable code (well, compiled code, but still) includes such a provision to slow or stop CSAM sharing enterprises from completely reverse engineering and cheating the system.
What they are making available is sufficient to 'cheat' the system in the sense that if you have an image you are concerned might match in some database you can modify it until the 'perceptual hash', which you can compute on your own, changes. The novel changed image is then unlikely to be a match in the database.
You don't have to have a copy of the database to be fairly confident that your modifications have made a target image non-matching. You would have to have the database in order to gather evidence that the matching was beginning to be used for unlawful, rights violating purposes, such as collecting targets for genocide.
I think it's a safe assumption that this sort of system is only effective against idiots-- which isn't an argument against it: lots of effective anti-crime measures mostly work against idiots. Adding functionality which destroys accountability which at most improves the system against non-targets, however, doesn't seem like an acceptable trade-off.
No, the existence and non-existence of a spyware engine doesn't constitute a problem. These companies spend billions of dollars, paying thousands of engineers a year, to develop solutions to problems that often don't even exist. It's safe to say that the sheer scale of every one of these tech companies means that this isn't something that incrementally gets worse, within a 6 month sprint they could push an update overnight going from step 0 to step 5 of total spyware.
> The private set intersection is an alternative to sending you a list of bad-image hashes which uses significantly more bandwidth than simply sending you the list.
How can the image hashes take up more space than the images themselves? Are you sure about this?
Using private set intersection takes more bandwidth than the server simply sending you a list of hashes to match against. (Significantly more, once you're taking about testing multiple images.)
Apple uses sophisticated cryptography to make absolutely certain that you cannot hold them accountable for abuses of this system against you, NONE of which are prevented by its complex construction.
The private set intersection is an alternative to sending you a list of bad-image hashes which uses significantly more bandwidth than simply sending you the list. This alternative is superior for Apple because if they distributed the hashes it would be possible for someone to prove that they had begun matching against innocent images (such as ones connected to targeted races or religions, or sought to out particular pseudonyms by targeted images connected to them). It is inferior for the user for precisely the same reasons.
Some might be fooled into thinking the "threshold" behavior, somehow is in their interest: But no, Apple (or parties that have compromised them) can simply register the same images multiple times and bypass it and the privacy (for apple, but not for you) makes it impossible to detect that they've done that.