I won't be posting any more preimages against neuralhash for now
56 by nullc | 0 comments on Hacker News.
I've created and posted on github a number of visually high quality preimages against Apple's 'neuralhash' [1][2] in recent days. I won't be posting any more preimages for the moment. I've come to learn that Apple has begun responding to this issue by telling journalists that they will deploy a different version of the hash function[3]. Given Apple's consistent dishonest[4] conduct on the subject I'm concerned that they'll simply add the examples here to their training set to make sure they fix those, without resolving the fundamental weaknesses of the approach, or that they'll use improvements in the hashing function to obscure the gross recklessness of their whole proposal. I don't want to be complicit in improving a system with such a potential for human rights abuses. I'd like to encourage people to read some of my posts on the Apple proposal to scan user's data which were made prior to the hash function being available. I'm doubtful they'll meaningfully fix the hash function-- this entire approach is flawed-- but even if they do, it hardly improves the ethics of the system at all. In my view the gross vulnerability of the hash function is mostly relevant because it speaks to a pattern of incompetence and a failure to adequately consider attacks and their consequences. - https://ift.tt/3D66hSq Your device scanning and reporting you violates its ethical duty as your trusted agent. - https://ift.tt/381zeR8 Apple's human review exists for the express purpose of quashing your fourth amendment right against warrantless search. - https://ift.tt/3giR8mX Apple is not being coerced to perform these searches and if they were that would make their actions less ethical, not more. - https://ift.tt/3zavPeR Apple uses complex crypto to protect themselves from accountability. - https://ift.tt/3B15noB A simplified explanation of a private set intersection. - https://ift.tt/2WcA0Zd Perceptual hashes at best slightly improve resistance to false negatives at the expense of destroying any kind of cryptographic protection against false positives (as this thread has shown!). Smart perverts can evade any perceptual hash, dumb ones won't alter the images. - https://ift.tt/383uVow Apple's system and ones like it likely create an incentive to abuse more children And these posts written after: - https://ift.tt/3zeeYbi A second "secret" hash function cannot be secret from the state actors that produce the database for Apple. - https://ift.tt/3j7YcoE fuzzy hashes with resistance against false positives tracable to sha256 are possible, but require you to value privacy over avoiding false negatives. [1] https://ift.tt/3mohBn8 [2] https://ift.tt/3y6qDHM [3] "Apple however told Motherboard in an email that that version analyzed by users on GitHub is a generic version, and not the one final version that will be used for iCloud Photos CSAM detection." https://ift.tt/3k4yDnF [4] https://ift.tt/2XQadqB