[ad_1]
Technology over the years companies have struggled between two impulses: need encrypt user data to protect privacy and need detect the worst abuses on their platforms. Now Apple is launching a new cryptographic system that wants to thread that needle, detecting images of child abuse stored in iCloud, without theoretically introducing new forms of invasion of privacy. In doing so, they have also pushed for a rift between privacy and cryptography experts, who see their work as an innovative new solution and see it as a dangerous capitulation. government surveillance.
Today Apple unveiled a new set of technology measures in iMessage, iCloud, Siri and Search, all of which the company says are designed to prevent child abuse. A new setting will be used to select family iCloud accounts machine learning To detect nudity in images sent in iMessage. The system can also block the sending or receiving of these images, display warnings, and in some cases alert parents who have seen or sent them to a child. Siri and the search will show a warning if someone perceives that they are looking for or seeing child sexual abuse material, also known as CSAM, and offers opportunities to seek help for their behavior or report what they have found.
But in Apple’s most innovative and controversial features, the iPhone, iPad and Mac will now integrate a new system that verifies that images uploaded to iCloud in the U.S. are known as images of children’s sexual abuse. This feature will use part of the cryptographic process that takes place on the device and Apple’s servers to detect these images and report them to the defunct and exploited National Center (NCMEC) and ultimately to enforce U.S. law.
Apple says none of these new features to combat CSAM jeopardize user privacy, as the iCloud detection mechanism will also use clear cryptography to prevent Apple’s scanning mechanism from accessing spectacular non-CSAM images. The system was designed and analyzed in collaboration with Stanford University cryptographer Dan Boneh, and Apple’s predictions about the feature receive the approval of some well-known cryptography experts.
“I believe the Apple PSI system offers a great balance between privacy and usability, and will be very helpful in identifying CSAM content while maintaining a high level of user privacy and at least keeping false positives,” said Benny Pinkas, an Israeli cryptographer. Bar-Ilan University, which reviewed Apple’s system, wrote in a statement to WIRED.
Child safety teams, for their part, immediately applauded Apple’s moves, saying they “bring the necessary balance to justice for those who live in the most traumatic moments that unfold online,” said Julie Cordua, the group’s chief child advocacy. Thorn wrote in a statement to WIRED.
Other cloud storage providers, from Microsoft to Dropbox, are already detecting images uploaded to servers. Some privacy critics say that by adding image analytics to users ’devices, Apple has taken a step toward a worrying new way of surveillance and weakened its historic privacy stance in the face of pressure to enforce the law.
“I don’t advocate for child abuse. But the idea that your personal device constantly scans and monitors you, according to some very objectionable content criteria, and conditional notification to the authorities is a very slippery slope, “says Nadim Kobeissi, a cryptographer and founder of Paris-based cryptography software company Symbolic Software. , I will switch to an Android phone if this continues. “
Apple’s new system is not a direct scan of users ’images, either on company devices or on iCloud servers. Instead, it’s a clear and complex new way to analyze images, designed by Apple to prevent them from viewing those photos unless they are specified as members of a user-uploaded CSAM multi-image collection. The system takes a “hash” of all the images a user sends to iCloud, converting the files into a string of characters derived from those images. Then, like older CSAM detection systems like PhotoDNA, it compares them to the extensive CSAM image hashe collection provided by NCMEC to match them.
Apple is also using a new way of hashing called NeuralHash, which the company says can be used to match images even if they are cropped or have changes in color. Just as it is essential to prevent leakage, its system never downloads these NCMEC hashes to a user’s device. Instead, it uses some cryptographic tricks to turn so-called blind data downloaded into the user’s phone or computer into a seemingly meaningless string of characters derived from these hashes. This blinding prevents any user from getting hashes and using it to bypass system detection.
[ad_2]
Source link
