MEPs block tech firms from scanning for child sexual abuse material | POLITICO
“perhaps there’s a different approach they could try taking, other than surveilling everybody’s messages?”
#chatControl #clientSideScanning #csam #endToEndEncryption #surveillance
1/ obtain a hash of abuse material that’s both known & banned; if pervasive as claimed this shouldn’t be hard 2/ use algorithms from this paper to create a cat meme with the same ha…
Let Me Explain How a State Actor Could Perform a Denial-of-Service Attack on the Entire UK Government in the Wake of Ofcom “Online Safety Act” Client-Side Scanning
1/ obtain a hash of abuse material that’s both known & banned; if pervasive as claimed this shouldn’t be hard
2/ use algorithms from this paper to create a cat meme with the same hash
3/ send the cat meme to all MPs & Civil Servants via SMS, E-Mail, WhatsApp (bonus if it goes viral)
4/ watch as MPs are locked out & banned by platforms for possessing abusive material, preventing government
Also: there is no mitigation by saying “all of these cases should be appealed” because by the time enough resources have been deployed to resolve the appeal claims, government will have been offline for 12 hours or more.
Of course one could propose mitigations: the government could ex-ante inform all platform providers which accounts needed to be prevented from ever being blocked – to be given special treatment – however:
Also, there will be claims of “two-tier surveillance” and so forth.
White-Box Attacks on PhotoDNA Perceptual Hash Function
https://eprint.iacr.org/2026/486
[*] note: strictly, it is not necessary to obtain the material, merely the hash; therefore a leak of the existing database of hashes – several million in size – would be catastrophic by providing material for an infinite sequence of attacks like this.
#censorship #clientSideScanning #nationalSecurity #onlineSafetyAct #photoDna #surveillance
𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴 is a widely deployed perceptual hash function used for the detection of illicit content such as Child Sexual Abuse Material (CSAM). This paper presents the first mathematical description of 𝐴𝑙𝑙𝑒𝑔𝑒𝑑 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴, a new function which has identical outputs to that of 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴 for a large database of test images. From this description, several design weaknesses are identified: the algorithm is piece-wise linear and differentiable, the hash value only depends on the sum of the RGB values of each pixel, and it is trivial to find images with hash value equal to all zeroes. The paper further demonstrates that gradient-based optimization techniques and quadratic programming can exploit the mathematical weaknesses of 𝐴𝑙𝑙𝑒𝑔𝑒𝑑 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴 and 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴 to produce visually appealing exact collisions and second preimages; for near-collisions and near-second-preimages the image quality can be further improved. The same techniques can be used to recover the rough shapes of an image from its hash value, disproving the claim from the designer that 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴 is irreversible. Finally, it is also shown that it is easy to produce high-quality perceptually identical images with a hash value that is far from the original image allowing to avoid detection. We have implemented our attacks on a large set of varied images and we have tested them on both 𝐴𝑙𝑙𝑒𝑔𝑒𝑑 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴 and 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴. Our attacks have success rates close or equal to 100% and run in seconds or minutes on a personal laptop; they present a substantial improvement over earlier work that requires hours on parallel machines and that results only in near-collisions. We believe that with additional optimization of the parameters, the image quality and/or the attack performance can be further improved. Our work demonstrates that 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴 is unreliable for the detection of illicit content: it is easy to incriminate someone by sending them false content with a hash value close to illicit content (a false positive) and to avoid detection of illicit content with minimal modifications to an image (a false negative). False positives and leakage of information are particularly problematic in a Client Side Scanning (CSS) scenario as envisaged by several countries, where large hash databases would be stored on every user device and billions of images would be hashed with 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴 every day. Overall, our research cast serious doubts on the suitability of 𝑃ℎ𝑜𝑡𝑜𝐷𝑁𝐴for the large-scale detection of illicit content.
There is an entire genre of tricking AI customer service bots into doing work; but few are pointing out the obvious…
…that this is how all censorship circumvention works, and that content scanning will inevitably fail in the face of focused ingenuity.
https://twitter.com/om_patel5/status/2032248004443287962?s=20
#ai #censorship #clientSideScanning #onlineSafety #surveillance
Alec Muffett
Alec Muffett
alecm
Space Queen Enthusiast
