Comment by etaioinshrdlu
4 years ago
Also, if they send perceptual hashes to your device - it's possible images could be generated back from those hashes. These aren't cryptographic hashes, so I doubt they are very good one-way functions.
Another thought - notice that they say "if too many appear". This may mean that the hashes don't store many bits of information (and would not be reversible) and that false positives are likely - ie, one image is not enough to decide you have a bad actor - you need more.
But at Apple's scale, statistically, some law-abiding users would likely get snagged with totally innocent images.
Just a bad idea all around.
It's also just plain absurd. Hundreds of pictures of my own children at the beach in their bathing suits? No problem. Hundreds of photos of other peoples' children in bathing suits? Big problem. Of course, the algorithm is powerless to tell the difference.
I believe it's built on hashing, so it'll only find images in the db they have with already known content. Your own photos won't get mixed up.
Ah, I guess unsurprisingly the twitter thread is light on details. I saw "perceptual hash" which I usually interpret to mean some kind of feature-based semantic hash that is not as sensitive to small edits. Even if it isn't currently used, the door is open for it to be implemented in the future.
1 reply →
In cryptography creating a one-way function is not a problem. The only thing required for that is loosing information, which is trivial. For example taking the first n bytes of a file is a one-way hash function (for most files). So reversing the hashes is most definitely not a problem.
Creating collisions could be though, eg. brute forcing a normal picture by modifying random pixels by a bit into matching an illegal content’s hash is a possibility.