Comment by zepto
4 years ago
No, your hashes are not uploaded to the cloud, yes, hashes are downloaded to your phone. Yes, it will be interesting to see if it gets spammed with false positives, although it seems as though that can easily be identified silently to the user.
Interesting? You think it will be interesting? False positives in this case cause swat teams to be sent to people’s houses.
How hard would it be to create a valid image that matches some 128bit hahs
If the details of the "hashing" scheme used is publicized, I imagine it will be near trivial. It's a long-standing problem in computer vision, to find a digital description of an image such that two similar images compare equal or at least similar.
State-of-the-art for this field is deep learning, and a /huge/ problem with the DL approach is that you can generate adversarial examples. So for example, a picture of a teacup that is identified by /most/ networks as a dog. It's particularly damning, because it seems like you don't have to do this for particular deep networks, they get tricked the same way, so to speak.
Since this algorithm presumably runs on-device, I am sure it won’t be long before someone has reverse engineered it…
1 reply →
If it’s a cryptographic hash - very hard.
This isn't cryptographic though. That would make the entire database absolutely trivial to bypass with tiny imperceptible random changes to the images.
It's a perceptual hash.
It cannot be a cryptographically secure hash, simply because avoiding detection would then be trivial: change one channel in one pixel by one. Imperceptible change, different cryptographic hash.
The tweets talk about perceptual hashes, not cryptographic hashes.
But the probability is still not zero, and the number of iPhones in the world is large. A hash collision is possible, however unlikely.
2 replies →