The Apple CSAM Scanner (Child Sexual Abuse Material) has been around for a while now. It is back in the news with hackers being able to trick the Apple CSAM Scanner to create false positives.
How hackers are tricking Apple CSAM Scanner
While carrying out some reverse engineering to understand the Apple NeuralHash algorithm for on-device CSAM detection, a Reddit user discovered how a collision in the algorithm can lead to creating false positives. Such a collision can take place in two pieces of data with the same hash value, checksum, fingerprint, or cryptographic digest.
In another instance, a coder named Cory Cornelius discovered a collision in the algorithm, ie two images that create the same hash. This flaw can be used to create false positives. This leads to flagging the image to Apple as containing child abuse even if they’re entirely innocuous.
The entire process may not be as easy as it sounds, though the hackers can possibly generate an image that sets off the CSAM alerts even though it is not a CSAM image.
With Apple having no layers designed to ensure the false positive does not cause an issue. For instance, when an image is flagged it has to be reviewed by the actual person before it is sent to law enforcement.
But the hackers will be required to gain access to the NCMEC hash database, create 30 colliding images, and then get all of them onto the target’s phone before it even gets to that point.
The other issue with Apple CSAM Scanners is coders are able to reverse engineer it, which is a lot concerning. Normally collisions take months to show up, though one was discovered in the space of hours since the code went public.
What is Apple doing about it?
Apple may have to backtrack on its plans to use the NeuralHash algorithm. If not, the company at least needs to address the situation, as confidence in Apple’s photo-scanning plan is already low.