Reply to post: Re: re: this seems like a sensible middle ground.

Re: re: this seems like a sensible middle ground.

Please, just read the damned technical documents.

Their system doesn’t scan photos which are only stored on your device because it depends upon uploading the on-device hash AND the encrypted payload to iCloud Photos for any actual matching to occur, which is then all completed server-side. Your device also can’t know if any given image is known CSAM or not without uploading all of the data,

The technical paper says it only matches against the known CSAM database which is purely partial-matches based on hashing, not machine learning like people have implied. It’s Microsoft PhotoDNA but refactored to securely do half of the task on-device. It can’t match new images which haven’t first been added to that known CSAM database just like PhotoDNA can’t. But it can have false positives technically. To avoid that being a major issue, they implemented a threshold so one has to have at least more than one positive known CSAM match for anything to matter. To further ensure occasional false positives don’t colour any reputations, all devices produce synthetic false matches deliberately, such that pretty much everyone shows up as potentially having some CSAM on their devices at random at some point. The synthetic false matches do not provide valid data in their payloads and can’t be used as a way to unlock access to real images but cause enough flagging to occur to protect everybody against false accusations based upon numbers of matches.

The design of this new system is clearly built with the idea of later deploying iCloud end-to-end encryption. Otherwise, they’d just be scanning photos entirely server-side after they’ve been uploaded to iCloud like the rest of the industry is already doing and they wouldn’t be making an announcement about it like it’s a big achievement. If they’re not going to implement full end-to-end encryption of the actual photos then this would be a pointless circlejerk as well as an unnecessary hit to PR since I bet most lay people don’t even know PhotoDNA is a thing.