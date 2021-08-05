



Later this year, Apple plans to roll out technology that will enable it to detect known child sexual abuse material and report it to law enforcement agencies in a way that is said to protect user privacy.

Apple told TechCrunch that detection of child sexual abuse material (CSAM) is one of several new features aimed at better protecting children who use its services from online harm, and children. He said it includes filters that block potentially sexually explicit photos sent and received via Apple’s iMessage account. .. Another feature intervenes when a user attempts to search for CSAM-related terms via Siri and Search.

Most cloud services Dropbox, Google, and Microsoft list some user files that have already been scanned for content that may violate our Terms of Service or that may be illegal, such as CSAM. I am. However, Apple has long resisted scanning users’ files in the cloud by giving users the option to encrypt their data before it reaches Apple’s iCloud server.

According to Apple, the new CSAM detection technology, Neural Hash, instead works on the user’s device and does not decrypt the image until a series of checks are made to ensure that the threshold is reached and the content is cleared. You can identify if a user has uploaded a known child abuse image to iCloud.

News of Apple’s efforts leaked Wednesday when Matthew Green, a professor of cryptography at Johns Hopkins University, revealed the existence of a new technology in a series of tweets. The news has been hit by resistance from some security professionals and privacy advocates, as well as users who are accustomed to Apple’s approach to security and privacy not found in most other companies.

Apple is trying to mitigate fear by burning privacy through multiple layers of encryption, created in a way that requires multiple steps, before it falls into the hands of Apple’s final manual review. ..

Neural Hash, powered by iOS 15 and macOS Monterey, will be released next month or two months, and will work by converting a user’s iPhone or Mac photo into a unique string of letters and numbers called a hash. Minor changes to the image can change the hash and prevent the match. According to Apple, NeuralHash strives to ensure that identical, visually similar images, such as cropped or edited images, have the same hash.

Before the images are uploaded to iCloud Photos, these hashes are matched on the device with a database of known hashes of child abuse images provided by child protection organizations such as the National Center for Missing and Exploiting Children (NCMEC). .. NeuralHash uses an encryption technique called private set intersection to detect hash matches without revealing what the image is or alerting the user.

Results are uploaded to Apple, but cannot be read by themselves. Apple uses another encryption principle called threshold secret sharing, which can only decrypt content if the user exceeds the threshold for known child abuse images in iCloud photos. Apple doesn’t say what that threshold is, but if, for example, the secret is split into 1000 and the threshold is 10 images of child abuse content, then the secret is 10 of them. He said it could be reconstructed from any of the images.

At that point, Apple can decrypt the matching image, manually verify the content, disable the user’s account, report the image to NCMEC, and pass NCMEC to law enforcement. Apple states that this process is more privacy-friendly than scanning files in the cloud, as NeuralHash only searches for known child abuse images, not new child abuse images. Apple states that the chances of false positives are one trillionth, but a protest process is in place in case your account is falsely flagged.

Apple has published technical details on how NeuralHash works on its website and has been reviewed by crypto experts.

However, despite widespread support for efforts to combat child sexual abuse, there are still elements of surveillance that many find uncomfortable with handing over to algorithms, and some security experts say. , Apple wants more public debate before exposing technology to users.

The big question is why not now and soon. Apple said there has never been a CSAM detection that protects privacy. However, companies like Apple, the U.S. government and its allies, weaken or backdoor the encryption used to protect users’ data to allow law enforcement agencies to investigate serious crimes. We are also facing considerable pressure from.

The tech giant has refused to backdoor the system, but is facing resistance to efforts to further block government access. The data stored in iCloud is encrypted in a way that even Apple can’t access, but after Reuters complained last year that the FBI would hurt the investigation, Apple made a full phone backup of the user to iCloud. Reported that it withdrew its plans to encrypt.

News about Apple’s new CSAM detection tool also raises concerns that technology could be abused to flood victims with images of child abuse and flag accounts for closure without public debate. However, Apple downplayed the concern and stated a manual review to confirm evidence of possible misuse.

Apple said Neural Hash will initially roll out in the United States, but doesn’t say if it will roll out internationally or when. Until recently, companies like Facebook were forced to turn off child abuse detection tools across blocks after their practices were inadvertently banned. According to Apple, this feature is technically optional in that it doesn’t require the use of iCloud Photos, but it’s required for users to use it. After all, your device is yours, but Apple’s cloud isn’t.

