Hacker News new | ask | show | jobs
by floatingatoll 1760 days ago
For macOS, I'm talking about XProtect and MRT. I don't know the exact subsystem names on iOS, apologies.

https://support.apple.com/guide/security/protecting-against-...

Each system is closed source, provides a mechanism for checking content signatures against files on disk, and is thought to report telemetry to Apple when signatures are found.

How is CSAM scanning new and different from those existing closed-source systems?
1 comments
neolog 1760 days ago
I'd say the primary differences are that the CSAM scan is a perceptual hash rather than a regular file hash, and that the technical infrastructure of the CSAM system is designed from the ground up to be used against (rather than for) the user and report them individually to authorities for violation.
link
floatingatoll 1760 days ago
Do you have an alternate design in mind that is both "used for the user", and is also effective at reporting CSAM content being uploaded from the device, without allowing CSAM abusers to opt-out of that reporting? I haven't been able to come up with anything myself, but maybe you've had better luck.
link
neolog 1760 days ago
I can only point to other people who know more than me.

https://stratechery.com/2021/apples-mistake/ is a smart tech commentator

https://www.nytimes.com/2021/08/11/opinion/apple-iphones-pri... are two security/encryption experts

link