A team of researchers at the Imperial College in London have presented a simple method to evade detection by image content scanning mechanisms, such as Apple’s currently delayed backdoor surveillance scheme to scan users’ photo libraries, ostensibly for Child Sexual Abuse Material (CSAM), but which could easily be bastardized to scan for political images, words, etc. wouldn’t even work if Apple foolishly implements the travesty.
Bill Toulas for BleepingComputer:
A team of researchers at the Imperial College in London have presented a simple method to evade detection by image content scanning mechanisms, such as Apple’s CSAM.
CSAM (Child Sexual Abuse Material) was a controversial proposal submitted by Apple earlier this year. The proposal was eventually retracted in September, following strong backlash from customers, advocacy groups, and researchers.
The main idea is to compare image hashes (IDs) of pictures shared privately between iOS users to a database of hashes provided by NCMEC and other child safety organizations.
If a match is found, Apple’s reviewers will look into the content and alert the authorities of the distribution of child abuse and pornography, all without compromising the privacy of people who share legal images (non-matches).
This theoretically sounds like a good system to prevent the dissemination of harmful material, but practically, it inevitably opens a “Pandora’s box” for mass surveillance.
However, the question that researchers at the Imperial College in London asked is, would such a detection system even work reliably in the first place?
The research presented at the recent USENIX Security Symposium by British researchers shows that neither Apple’s CSAM nor any system of this type would effectively detect illegal material.
As the researchers explain, it’s possible to fool content detection algorithms 99.9% of the time without visually changing the images.
MacDailyNews Take: Apple must abandon, not just delay, its ill-conceived, fundamentally-flawed backdoor surveillance scheme.
“Our results shed strong doubt on the robustness to adversarial black-box attacks of perceptual hashing-based client-side scanning as currently proposed. The detection thresholds necessary to make the attack harder are likely to be very large, probably requiring more than one billion images to be wrongly flagged daily, raising strong privacy concerns.” — Department of Computing and Data Science Institute, Imperial College London
Just as treating every citizen as a criminal is bad governance, treating every customer as a criminal is bad business, Apple.
Please help support MacDailyNews. Click or tap here to support our independent tech blog. Thank you!