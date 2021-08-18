Apple has encountered a monumental backlash to a new child pornography detection (CSAM) technology it announced earlier this month. The system, which Apple calls NeuralHash, has yet to be activated for its more than one billion users, but the technology is already facing heat from security researchers who say the algorithm produces false results .

NeuralHash is designed to identify known CSAM on a user’s device without having to own the image or know the content of the image. Since a user’s photos stored in iCloud are end-to-end encrypted so that even Apple cannot access the data, NeuralHash instead searches for known CSAMs on a user’s device, which it says Apple is more privacy-friendly because it limits scanning to just photos rather than other companies that scan a user’s entire file.

Apple does this by searching for images on a user’s device that have the same hash a string of letters and numbers that can uniquely identify an image provided by child welfare organizations like NCMEC. If NeuralHash finds 30 or more matching hashes, the images are reported to Apple for manual review before the account owner is reported to law enforcement. Apple says the risk of a false positive is about one in a trillion accounts.

But security experts and privacy advocates have expressed concern that the system could be abused by actors with considerable resources, such as governments, to implicate innocent victims or to manipulate the system to detect other elements that authoritarian nation-states find objectionable. NCMEC called the critics “the screaming voices of the minority,” according to a leaked memo distributed internally to Apple staff.

Last night, Asuhariet Ygvar reverse engineered Apple’s NeuralHash into a Python script and code published on GitHub, allowing anyone to test the technology, whether or not they have an Apple device to test. In an article on Reddit, Ygvar said NeuralHash “already exists” in iOS 14.3 as obscured code, but was able to reconstruct the technology to help other security researchers better understand the algorithm before it was deployed to iOS devices and macOS later this year.

It didn’t take long before others tinkered with the published code and soon arrived the first. reported case of a “hash collision”, which in the case of NeuralHash is one where two entirely different images produce the same hash. Cory Huntersville, a well-known Intel Labs researcher, discovered hash collision. Ygvar confirmed the collision shortly after.

Hash collisions can spell the end of systems that rely on cryptography for their security, such as encryption. Over the years, several well-known password hashing algorithms, like MD5 and SHA-1, have been retired after collision attacks rendered them ineffective.

Kenneth White, crypto expert and founder of the Open Crypto Audit Project, said in a tweet: “I think some people do not understand that the time between discovering the iOS NeuralHash code and [the] the first collision did not last for months or days, but a few hours.

When contacted, an Apple spokesperson declined to comment on the matter. But in a background call where reporters weren’t allowed to quote executives directly or by name, Apple played down the hash collision and argued that the protections it puts in place, such as Manual review of photos before they are reported to law enforcement, are designed to prevent abuse. Apple has also said that the reverse engineered version of NeuralHash is a generic version, not the full version that will roll out later this year.

It’s not just civil liberties groups and security experts who are expressing concern about the technology. A senior lawmaker in the German parliament sent a letter to Apple CEO Tim Cook this week saying the company was heading down a “dangerous path” and urging Apple not to implement the system.