[zepto]

Exactly. They already analysed photos on your phone for search. They don’t in fact do CSAM detection on the photos on your phone.

But why are people only objecting now when they were already doing on-device analysis?

CSAM detection is a complete red herring. It is less of a general purpose scanning mechanism than the search function that was already there.

[Wowfunhappy]

They're doing on device analysis, but there isn't any process by which an image of a hotdog will be sent to someone else without my knowledge.

[zepto]

Right, but neither is the CSAM code being used to detect anything but CSAM.

If a bit can be flipped to make the CSAM detector go evil, surely it can be flipped to make photo search go evil, or spotlight start reporting files that match keywords for that matter.

There is nothing special about this CSAM detector except that it’s narrower and harder to repurpose than most of the rest of the system.

[pritambaral]

> ... to make photo search go evil, or spotlight start reporting files that match keywords for that matter.

As your immediate parent has already said: there isn't any process by which an image of a hotdog will be sent to someone else without my knowledge.

Neither "photo search" nor "spotlight" report anything to third parties currently.

[zepto]

No, but a ‘bit flip’ could make them do so just as easily as a ‘bit flip’ could make the CSAM detector do something nefarious.

[pritambaral]

How are you still not getting this?: "search" and "spotlight" do not have the code to report anything to anyone.

[zepto]

How are you still not getting it? The code to ‘report’ something is barely more than a one liner http request. It could be added at any time.

On the other hand, making the CSAM code scan your text documents would be pointlessly difficult given that the other mechanisms exist.