[shuckles]

I agree database poisoning is a legitimate threat! Including the database in an iOS release (so it can’t be targeted and updated out of band) mitigates it somewhat. At the end of the day, though, more should be done to make NCMEC’s database transparent and trustworthy. And other databases too, if Apple decides to ship country-specific blacklists.

[feanaro]

I personally don't believe this process can be made to be trustworthy enough while still serving its stated purpose. It will always remain opaque enough that it could and will be used to violate civil rights.

[shuckles]

I don’t see how this system is particularly less trustworthy than the existing system of iOS updates.