[dragonwriter]

> I assumed that these are reverse engineered from legitimately illegal and problematic porn of known origin

I would assume these were engineered by getting the perceptual hash valies, using distance from the hash values in the DB as an error function, and starting with an innocuous image and hash value, and iterating to a collision for each.

[zepto]

That technique can’t fool Apple’s algorithm.

For what it’s worth, the null hypothesis is that they are just fakes and the commenter is at best trying to illustrate a point.

[dragonwriter]

> For what it’s worth, the null hypothesis is that they are just fakes and the commenter is at best trying to illustrate a point.

No, that's not “the null hypothesis”. It is a positive claim.

[zepto]

Yes it is the null hypothesis.

The poster is making a positive claim without evidence. Indeed the claim is unverifiable.

Reasonable priors lead fo a null hypothesis that they are at least simply mistaken.

This is without even taking into account other indicators of credibility or authority, or perverse incentives, as priors.

This is a rational use of ‘null hypothesis’, but it also matches the scientific use, which would be that the claim is spurious unless experiment shows otherwise.

In any case, we know that the poster is in fact wrong in their claim.

[dragonwriter]

> Yes it is the null hypothesis.

No, its not.

> The poster is making a positive claim without evidence.

True.

That doesn't make the alternate positive claim you have posited into “the null hypothesis”.

A null hypothesis is null. What you are stating may be your prior, but it is not the, or even a valid, null hypothesis.

> This is a rational use of ‘null hypothesis’, but it also matches the scientific use,

“Null hypothesis” is a very specific scientific term of artz it has no other meaning.

And, no, the specific counternarrative presented here does not match the scientific use of “null hypothesis”.

[zepto]

You are still wrong. I don’t make a positive claim.

All images that do not actually trigger detection are fakes in terms of the poster’s claim.

That’s not my prior. It is the null hypothesis for any set of randomly selected images.

The poster’s claim is that the images have a special property. That is the positive claim which they failed to provide evidence for, and is logically false based on their description of the method.

[salawat]

How do you know? Do you have access to Apple's algorithms and an account to generate enough hits, and access to the safety vouchers and decryption system to verify your assertions?

I mean, if you're calling someone out, at least provide some evidence yourself. Short of a reproducible outcome, you're just as questionable in conclusion as the poster.

[zepto]

No. I have access to the published information on how the system works, and I have access to the poster’s claim.

The poster’s claim is false based on what they have said.

> you're just as questionable in conclusion as the poster.

Not correct. You don’t need evidence to disprove a claim that is logically false. The poster’s claim is logically false.

Here is a copy of the explanation I gave elsewhere:

—-

I can be certain because I have looked at the images, and they are obviously not CSAM. Since the visual derivative is generated from CSAM, any spoof must look like it could be mistaken at a glance for CSAM.

What prevents a generated image from matching both is that the attacker would need to know what the image they are trying to spoof looks like, in order to make a false positive of both. I.e. the attacker would need a copy of the original CSAM, and the spoofed file would end up looking like it could be at least plausibly mistaken for that exact image.

[ac29]

> I can be certain because I have looked at the images, and they are obviously not CSAM. Since the visual derivative is generated from CSAM, any spoof must look like it could be mistaken at a glance for CSAM.

Isnt this making the relatively huge assumption that humans and Apple's algorithms have the exact some opinion of what something "looks like"?

[zepto]

> Isnt this making the relatively huge assumption that humans and Apple's algorithms have the exact some opinion of what something "looks like"?

No. The visual derivative is designed to be matchable by human inspection.

Even if that was not true, which it is, the poster’s claim would still be false, since the poster doesn’t have access to the source CSAM and therefore would not be able to produce the visual derivative regardless of whether I could visually inspect it.

Being able to see by inspection that they images don’t match CSAM is one of two independent ways in which the claim can be shown to be false.