2 min read

Apple to Scan iPhones for Evidence of Child Abuse Starting with iOS 15

Filip TRUȚĂ

August 06, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Apple to Scan iPhones for Evidence of Child Abuse Starting with iOS 15

Apple this week announced plans to expand protections for children, giving itself the ability to scan user photos for evidence of Child Sexual Abuse Material (CSAM).

“At Apple, our goal is to create technology that empowers people and enriches their lives — while helping them stay safe,” the company says on a new page on its website dedicated to child protections.

“We want to help protect children from predators who use communication tools to recruit and exploit them, and limit the spread of Child Sexual Abuse Material (CSAM),” it adds.

Technology developed in collaboration with child safety experts and used in iOS and iPadOS will allow the iPhone maker to detect known CSAM images stored in iCloud Photos.

Instead of scanning images in the cloud, Apple will perform on-device matching using a database of known CSAM image hashes provided by the National Center for Missing and Exploited Children (NCMEC), and other child safety organizations. The database is essentially an unreadable set of hashes stored on users’ devices.

The technology is detailed in two technical papers (1,2) the company published this week. However, Apple also offers a description of the CSAM detection feature in plain English:

“Before an image is stored in iCloud Photos, an on-device matching process is performed for that image against the known CSAM hashes. This matching process is powered by a cryptographic technology called private set intersection, which determines if there is a match without revealing the result. The device creates a cryptographic safety voucher that encodes the match result along with additional encrypted data about the image. This voucher is uploaded to iCloud Photos along with the image.”

Then, using something called “threshold secret sharing,” the system ensures the scanned images cannot be interpreted by Apple unless the iCloud Photos account crosses a threshold of known CSAM content. Apple claims the threshold provides “an extremely high level of accuracy” - less than a one in 1 trillion chance per year of incorrectly flagging a given account.

If the threshold is exceeded, the account and its photos undergo manual review by Apple employees. If there is a match, Apple disables the user’s account and sends a report to NCMEC. Users can file an appeal to have their account reinstated if they feel they’ve been mistakenly flagged.

The company says the technology provides significant privacy benefits over existing techniques since Apple only learns about users’ photos if they have a collection of known CSAM in their iCloud Photos account.

The feature is set to be enabled in iOS 15 and iPadOS 15 later this year.

Privacy experts are concerned that Apple’s move will open the door to mass surveillance by governments around the globe.

The BBC asked Matthew Green, a security researcher at Johns Hopkins University, to offer his take on the matter.

"Regardless of what Apple's long term plans are, they've sent a very clear signal. In their (very influential) opinion, it is safe to build systems that scan users' phones for prohibited content," Green said. "Whether they turn out to be right or wrong on that point hardly matters. This will break the dam — governments will demand it from everyone."

And some fear that, if the feature is successful, the next move might be to start scanning user accounts for material involving drug use, pirated content, etc.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Hacking cars remotely with just their VIN Hacking cars remotely with just their VIN
Graham CLULEY

December 05, 2022

2 min read
Russian courts attacked by CryWiper malware that poses as ransomware Russian courts attacked by CryWiper malware that poses as ransomware
Graham CLULEY

December 05, 2022

2 min read
Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read