[koolhaas]

Presumably, it’s done this way so they can say computers other than your personal device do not scan photos and “look” at decrypted and potentially innocent photos. And technically the original image is never decrypted in iCloud by Apple - if 30 images are flagged they are then able to decrypt the CSAM scan meta data which contains resized thumbnails, for confirmation.

In summary, I’m guessing they tried to invent a way where their server software never has to decrypt and analyze original photos, so they stay encrypted at rest.

[roody15]

Apple frequently decrypts icloud data including photos based on a valid warrant. This new local scanning method does not stop apple from complying and decrypting images like they have for years.

https://www.apple.com/legal/privacy/law-enforcement-guidelin...

(Note: I have worked with law enforcement in the past specifically on a case involving Apple and two iCloud accounts. You submit a PDF of the valid warrant to Apple. Apple sends two emails one with the iCloud data encrypted. A second email with the decryption key.)

[koolhaas]

Of course, but it's a kind of last resort thing to support a valid legal process they cannot (and probably don't want to) skirt around. They also publish data on warrant requests.

To me it's pretty clear they are doing the absolute minimum possible to keep congress from regulating them into a corner, where they lose decision making control around their own privacy standards. The system they came up with is their answer for doing it in the most privacy conscious way (e.g. not decrypting user data in icloud) while balancing a lot of other threat model details, like what if CSAM-hash-providing organizations provide img hashes for a burning American flag, and lots of other scenarios outlined in the white paper.

[grlass]

calling resized thumbnails metadata is a bit of a stretch imo.

Surely that's just the data, but resized?

[koolhaas]

Yes I agree, bit of a stretch. Based on their whitepaper, it's a smaller version of the original image, I guess just large enough to support the human verification step.

But I'm unsure that the thumbnail is included with every CSAM "voucher" -- it's likely only included when you pass the 30 image limit. Need to read that section more clearly.

[saithound]

A thumbnail is included with every safety voucher. However, it is encrypted with a key that resides on your hardware and is unknown to Apple. So Apple doesn't have enough information to decrypt your thumbnails at will.

A secret sharing scheme is used to drip-feed Apple the key: each time a positive match occurs, Apple learns a bit more about your key. Once the threshold is reached, Apple will have learned enough to recover your encryption key, and will be able to use it to decrypt all your matching thumbnails at once.

[koolhaas]

Fascinating, thanks for clarifying.

[FabHK]

> Based on their whitepaper, it's a smaller version of the original image,

I seem to recall that the white paper speaks of a "visual derivative" without specifying it further.

[koolhaas]

The Technical Summary uses "visual derivative" without clarification, but their Threat Model PDF clarifies it further as thumbnails:

>The decrypted vouchers allow Apple servers to access a visual derivative – such as a low-resolution version – of each matching image.

https://www.apple.com/child-safety/pdf/Security_Threat_Model...

[berkona]

Resized thumbnails aren't a stretch... they're a scale. Bum dum tiss.... I'll let myself out

[zabatuvajdka]

Interesting technical problem/solution. Another benefit is saving on millions of server computations when modern iOS devices have neural chips etc.

I suppose folks who don’t like privacy implications can downgrade to an iPhone 4 and maybe it will not support the feature.

[Grustaf]

Or turn off iCloud syncing of photos.