If it’s just a list or hashes, any possessor of CSAM could simply modify a few pixels to make it no-matching, no? How "flexible" is the matching?
And if it is flexible, what about false positives? What if I have a pictured of my naked son on my device and I get flagged? Will the picture of my son get uploaded to the cloud "for further analysis" even though I don’t have iCloud enabled and never signed up for this?
I think it makes sense to take a step back and ask yourself if Apple, or any sensible Western company, would set up a system that could falsely flag millions of people, or even a hundred. Even without going into implementation details, it seems clear that they would not have a system that would flag standard family photos.
To prevent false-positives, who knows if they have a "review" team that takes a tiny little peek at my naked son. Do you know for sure that no such system is in place or ever will be in place? What if they do get hundreds of thousands of false positives in the future? How would they improve their system if not by reviewing the existing system with real data?
They are not looking at your photos at all, they are comparing hashes of them to hashes of KNOWN predatory material. Your family photos will not be in that database.
And if it is flexible, what about false positives? What if I have a pictured of my naked son on my device and I get flagged? Will the picture of my son get uploaded to the cloud "for further analysis" even though I don’t have iCloud enabled and never signed up for this?
Edit: A sibling post has this link, which answers some of these questions: https://www.apple.com/child-safety/pdf/CSAM_Detection_Techni...