Comment by Hackbraten

1 month ago

That technology of perceptional hashes could have failed in numerous ways, ruining lives of law-abiding users along the way.

7 comments

Hackbraten

Reply
EagnaIonat  1 month ago

The chance of a hash colliding is near 0%. The hashes are for some of the worst content out there, its not trying to detect anything else.

Even so a human is in the loop to review what got a hit. Which is exactly currently happens now.

  • nullc  1 month ago

    > The chance of a hash colliding is near 0%.

    The 'chance' is 100% -- collisions and even arbitrary second preimages have been constructed.

    > The hashes are for some of the worst content out there, its not trying to detect anything else.

    You don't know that because apple developed powerful new cryptographic techniques to protect themselves and their data providers from accountability.

    • EagnaIonat  1 month ago

      > collisions and even arbitrary second preimages have been constructed.

      The chance of a mismatch is 8.63616855509e-78%

      If the hash was an atom then you would have to guess which atom in the observable universe it is. That is how likely a collision will happen.

      1 reply →

  • Hackbraten  1 month ago

    > The chance of a hash colliding is near 0%

    Until someone finds a successful collision attack.

    > Even so a human is in the loop to review what got a hit.

    Until shareholder/growth pressure causes them to replace that human with an AI.

    • nullc  1 month ago

      > Until someone finds a successful collision attack.

      Indeed, and within hours of the hash function being made available to me I developed a second preimage attack (strictly stronger than a collision attack)... allowing me to modify images in a visually non-objectionable way to match an arbitrary hash value.

      > Until shareholder/growth pressure causes them to replace that human with an AI.

      Indeed, but more than that:

      The "human" is still a dire privacy loss. Perhaps Apple's review might have protected you from some erroneous reports to law enforcement, but does it protect you from an apple-employed stalker ex? does it protect you from paparazzi? Does it protect you from the double thinking ("do I photograph my kids playing in the sprinklers? do I take a nude photo of my spouse?") due knowing that your private activity is being watched?

      One could easily argue that some AI second level review is an "improvement", which is another reason why your assumption that even that backstop would eventually be removed is a reasonable one.

    • EagnaIonat  1 month ago

      > Until someone finds a successful collision attack.

      The only way to get a successful collision attack is to have a picture/video that is stored in that hash database.

      To put it in perspective. You randomly picking the same atom twice in the observable universe has a higher chance than getting a mismatch.

      > Until shareholder/growth pressure causes them to replace that human with an AI.

      How do you think it will impact shareholders to know that the company is not actively scanning for illegal content.

      Also it's Interpol/FBI that get involved.