Hacker News new | ask | show | jobs
by drbawb 1283 days ago
>The abandoned plan was perceptual hashing, which should return the same hash for very similar photos . . .

Is there any proof they actually abandoned this? NeuralHash seems alive and well in iOS 16[1]. Supposedly the rest of the machinery around comparing these hashes to a blind database, encrypting those matches, and sending them to Apple et al. to be reviewed has all been axed. However that's not exactly trivial to verify since Photos is closed source.

[1]: https://support.apple.com/guide/iphone/find-and-delete-dupli...
2 comments
TimTheTinker 1283 days ago
Anything over a network can be decrypted and inspected with a MITM proxy (manually adding its root certificate to the trust store), as long as only TLS (no application-level encryption) is being used.
link
lxgr 1283 days ago
As far as I remember, iOS native apps and services now either consistently use CA pinning or largely don't respect user-added CAs.
link
azinman2 1283 days ago
There are a multitude of ways to inspect the decrypted traffic of your own device, whether it's a jailbroken iPhone provided by Apple to the security community or a non-kosher jailbroken device. People inspect this traffic all the time.
link
manmal 1283 days ago
No. Install Charles Proxy (iOS app) and see what you can get of the MITM proxy it ships with. Many apps don’t ship with pinning.
link
soziawa 1283 days ago
But most importantly the whole OS and all of the integrated apps do use pinning.
link
drbawb 1281 days ago
> . . . as long as only TLS (no application-level encryption) is being used.

Therein lies the rub: the payload itself is protected by an encryption scheme where the keys are intentionally being withheld by either party. In the case of Apple's proposed CSAM detection Apple would be withholding the secret in the form of the unblinded database's derivation key. In the case of Advanced Data Protection the user's key lives in the SEP, unknown to Apple.

By design the interior of the "safety vouchers" cannot be inspected, supposedly not even by Apple, unless you are in possession of (a) dozens of matching vouchers and (b) the unblinded database. So on the wire you're just going to see opaque encrypted containers representing a photo destined for iCloud.

link
miohtama 1283 days ago
Apple does not need scan your photos on a server, because they now can do it on a device.
link