undefined | Better HN

0 pointsyeldarb4y ago0 comments

> allows the producers and distributors of CSAM material to ensure that nearly all of the next generation of CSAM will suffer from hash collisions with perfectly innocent images

That’s a really interesting attack vector I hadn’t seen mentioned previously.

Most people are talking about the potential for adversarial images to be sent to users. If they were instead injected into the database itself (either by poisoning real CSAM or social engineering) that would have far wider ramifications.

I wonder what the most widely-saved pornographic images are across iCloud users.

If actual CSAM were perturbed to match the hash of, say, images from the celebrity nude leak a few years back and added to the database then thousands of users could be sent to “human review”. Since the images are actually explicit how would the human reviewers know not to flag them to authorities?

0 comments

theshrike794y ago

Because they're not CSAM?

People don't seem to grasp what kind of images end up in the CSAM databases. They are most definitely not "leaked celebrity nude selfie" level stuff.

Think of the most vile sexual thing you could do to a child and then times that by two and halve the child's age in your mind. That's the shit that gets in there.

It's not something even 4chan weebaboos share. It's stuff that makes Liveleak regulars go "ewwwww, gross".

saithound4y ago

The issue is not that a celebrity photo might get into a CSAM database. It's that a true CSAM photo, which has been modified to have the same hash as a "leaked celebrity nude selfie", will probably get into a CSAM database.

theshrike794y ago

The CSAM database is not generated by an AI. Actual people hand-pick the worst images to include in the list.

yeldarbOP4y ago

How is the human reviewer expected to make that judgement call? They’re not allowed to see the original to compare with for obvious reasons.

theshrike794y ago

They see a "visual derivative" of the original.

I think they can tell the difference between a naked celebrity and a molested child.

j / k navigate · click thread line to collapse

0 pointsyeldarb4y ago0 comments

> allows the producers and distributors of CSAM material to ensure that nearly all of the next generation of CSAM will suffer from hash collisions with perfectly innocent images

That’s a really interesting attack vector I hadn’t seen mentioned previously.

I wonder what the most widely-saved pornographic images are across iCloud users.

0 comments

theshrike794y ago

Because they're not CSAM?

People don't seem to grasp what kind of images end up in the CSAM databases. They are most definitely not "leaked celebrity nude selfie" level stuff.

Think of the most vile sexual thing you could do to a child and then times that by two and halve the child's age in your mind. That's the shit that gets in there.

It's not something even 4chan weebaboos share. It's stuff that makes Liveleak regulars go "ewwwww, gross".

saithound4y ago

theshrike794y ago

The CSAM database is not generated by an AI. Actual people hand-pick the worst images to include in the list.

yeldarbOP4y ago

How is the human reviewer expected to make that judgement call? They’re not allowed to see the original to compare with for obvious reasons.

theshrike794y ago

They see a "visual derivative" of the original.

I think they can tell the difference between a naked celebrity and a molested child.

j / k navigate · click thread line to collapse