Connect with us


Apple didn’t engage with the infosec world on CSAM scanning – so get used to a slow drip feed of revelations • The Register

Voice Of EU



Apple’s system to scan iCloud-bound photos on iOS devices to find illegal child sexual abuse material (CSAM) is supposed to ship in iOS 15 later this year.

However, the NeuralHash machine-learning model involved in that process appears to have been present on iOS devices at least since the December 14, 2020 release of iOS 14.3. It has been adapted to run on macOS 11.3 or later using the API in Apple’s Vision framework. And thus exposed to the world, it has been probed by the curious.

In the wake of Apple’s initial child safety announcement two weeks ago, several developers have explored Apple’s private NeuralHash API and provided a Python script to convert the model into a convenient format – the Open Neural Network Exchange (ONNX) – for experimentation.

On Wednesday, Intel Labs research scientist Cory Cornelius used these resources to create a hash collision – two different images that, when processed by the algorithm, produce the same NeuralHash identifier.

That’s expected behavior from perceptual hashing, which is designed to compute the same identifier for similar images – the idea is that one shouldn’t be able to, say, convert a CSAM image from color to grayscale to evade hash-based detection.

This raised the possibility of ‘poisoned’ images that looked harmless, but triggered as child sexual abuse media

As Apple explains in its technical summary [PDF], “Only another image that appears nearly identical can produce the same number; for example, images that differ in size or transcoded quality will still have the same NeuralHash value.”

But in this instance, the matching hashes come from completely dissimilar images – a beagle and a variegated gray square. And that finding amplifies ongoing concern that Apple’s child safety technology may be abused to cause inadvertent harm. For instance, by giving someone an innocent image that is wrongly flagged up as CSAM.

Apple has said there’s less than “an extremely low (1 in 1 trillion) probability of incorrectly flagging a given account,” but as Matthew Green, associate professor of computer science at Johns Hopkins, observed via Twitter, Apple’s statistics don’t cover the possibility of “deliberately-constructed false positives.”

“It was always fairly obvious that in a perceptual hash function like Apple’s, there were going to be ‘collisions’ — very different images that produced the same hash,” said Green in reference to the collision demo. “This raised the possibility of ‘poisoned’ images that looked harmless, but triggered as child sexual abuse media.”

Jonathan Mayer, assistant professor of computer science and public affairs at Princeton University, told The Register that this does not mean that Apple’s NeuralHash image matching scheme is broken.

“That would be a reasonable response if NeuralHash were a cryptographic hash function,” explained Mayer. “But it’s a perceptual hash function, with very different properties.”

With cryptographic hash functions, he said, you’re not supposed to be able to find two inputs with the same output. The formal term for that is “second-preimage resistance.”

“With a perceptual hash function, by comparison, a small change to the input is supposed to produce the same output,” said Mayer. “These functions are designed specifically not to have second-preimage resistance.”

Mayer said while he worries the collision proof-of-concept will provoke an overreaction, he’s nonetheless concerned. “There is a real security risk here,” he said.

Of greatest concern, he said, is an adversarial machine-learning attack that generates images that match CSAM hashes and appear to be possible CSAM during Apple’s review process. Apple, he said, can defend against these attacks and, in fact, describes some planned mitigations in its documentation.

Apple, said Mayer, “has both a technical mitigation (running a separate, undisclosed server-side perceptual hash function to check for a match) and a process mitigation (human review),” he explained. “Those mitigations have limits, and they still expose some content, but Apple has clearly thought about this issue.”

“I’m less concerned about the attack than some observers, because it presupposes access to known CSAM hashes,” said Mayer. “And the most direct way to get those hashes is from source images. So it presupposes an attacker committing a very serious federal felony.”

Mayer’s objections have more to do with the way Apple handled its child safety announcement, which even the company itself was forced to concede has led to misunderstandings.

“I find it mind boggling that Apple wasn’t prepared to discuss this risk, like so many other risks surrounding its new system,” said Mayer. “Apple hasn’t seriously engaged with the information security community, so we’re going to have a slow drip of concerning developments like this, with little context for understanding.”

The Register asked Apple to comment, but we expect to hear nothing.

Cupertino comeback

Apple, aware of these developments, reportedly held a call for the press in which the company downplayed the hash collision and cited safeguards like the operating system’s code signing to guarantee the integrity of the NeuralHash model, human review, and redundant algorithmic check that runs server-side.

Nonetheless, AsuharietYgvar, the pseudonymous individual who made the NeuralHash model available in ONYX format, and asked to be identified as “an average concerned citizen,” expressed concern that Apple was misinforming the public and skepticism about the supposed server-side check.

This is highly questionable because it adds a black box in the detection process, which no one can perform security audits on

“If their claim was true, the collision would appear to no longer be a problem since it’s impossible to retrieve the algorithm they are using on the servers,” said AsuharietYgvar in a message to The Register. “However, this is highly questionable because it adds a black box in the detection process, which no one can perform security audits on.

“We already know that NeuralHash is not as robust as Apple claimed. Who can believe their secret, non-audited secondary check will be better? Considering that Apple already described their NeuralHash and Private Set Intersection algorithms in detail, it’s ironic that eventually they decided to keep the integral parts in secret to combat security researchers. And if I did not make their NeuralHash public, we will never know that the algorithm is that easy to defeat.”

“Another real problem is that this system can be easily worked around to store CSAM materials without being detected,” AsuharietYgvar continued. “Since the NeuralHash model is public now it’s trivial to implement an algorithm which completely changes the hash without introducing visible difference. This will make those materials easily pass the initial on-device check.

“I believe what I did was a firm step against mass surveillance, but certainly this will not be enough. We cannot let Apple’s famous 1984 ad become a reality. At least not without a fight.” ®

Source link


Facebook oversight board to review system that exempts elite users | Facebook

Voice Of EU



Facebook’s semi-independent oversight board says it will review the company’s “XCheck” system, an internal program that has exempted high-profile users from some or all of its rules.

The decision follows an investigation by the Wall Street Journal that revealed that reviews of posts by well-known users such as celebrities, politicians and journalists are steered into the separate system.

Under the program, some users are “whitelisted”, or not subject to enforcement action, while others are allowed to post material that violates Facebook rules pending content reviews that often do not take place. The Xcheck system, for example, allowed Brazilian footballer Neymar to post nude pictures of a woman who had accused him of rape, according to the report.

Users were identified for additional scrutiny based on criteria such as being “newsworthy”, “influential or popular” or “PR risky”, the Wall Street Journal found. By 2020 there were 5.8 million users on the XCheck list, according to the newspaper.

The oversight board said Tuesday that it expects to have a briefing with Facebook on the system and “will be reporting what we hear from this” as part of a report it will publish in October.

The board may also make other recommendations, although Facebook is not bound to follow these.

The Journal’s report, the board said, has drawn “renewed attention to the seemingly inconsistent way that the company makes decisions, and why greater transparency and independent oversight of Facebook matters so much for users”.

Facebook told the Journal in response to its investigation that the system “was designed for an important reason: to create an additional step so we can accurately enforce policies on content that could require more understanding”. The company added that criticism of it was “fair” and that it was working to fix it.

A representative for Facebook declined to comment to the Associated Press on the oversight board’s decision.

Source link

Continue Reading


Philippines imposes 12 per cent digital services tax • The Register

Voice Of EU



The Philippines has become the latest nation to impose a digital services tax.

Such taxes require the likes of Netflix and Spotify to pay local sales taxes even though their services are delivered – legally, notionally, and physically – from beyond local jurisdiction.

The Philippines has chosen a rate of 12 per cent, mirroring local value added taxes.

“We have now clarified that digital services and the goods and services traded through digital service providers should generally be subject to VAT. This is just a matter of common tax sense,” said Joey Salceda, a member of the Philippines’ House of Representatives and a backer of the change to the nation’s tax code.

Salceda tied the change to post-pandemic economic recovery.

“If brick and mortar establishments, which are the hardest-hit by the pandemic, have to pay VAT, the giants of e-commerce shouldn’t be exempt,” he said.

However, local companies that are already exempt from VAT by virtue of low turnover won’t be caught by the extension of the tax into the virtual realm.

Salceda’s amendments are designed to catch content streamers, but also online software sales – including mobile apps – plus SaaS and hosted software. The Philippines’ News Agency’s report on the amendment’s passage into law even mentions firewalls as subject to VAT.

The Philippines is not alone in introducing a digital services tax to raise more revenue after the COVID-19 pandemic hurt government revenue – Indonesia used the same logic in 2020 .

But the taxes are controversial because they are seen as a unilateral response to the wider issue of multinational companies picking the jurisdictions in which they’ll pay tax – a practice that erodes national tax bases. The G7 group of nations, and the OECD, think that collaborations that shift tax liabilities to nations where goods and services are acquired and consumed are the most appropriate response, and that harmonising global tax laws to make big tech pay up wherever they do business is a better plan than digital services taxes.

The USA has backed that view of digital services taxes, by announcing it will impose tariffson nations that introduce them – but is yet to enact that plan.

Meanwhile, the process of creating a global approach to multinational tax shenanigans is taking years to agree and implement.

But The Philippines wants more cash in its coffers – and to demonstrate that local businesses aren’t being disadvantaged – ASAP. ®

Source link

Continue Reading


How to ask your boss for more flexible working

Voice Of EU



While returning to the office is now possible for many, some workers might still want the option of flexible working some of the time. Here’s how to broach the subject.

This week marked the beginning of a phased and staggered return to workplaces for many employees in Ireland.

It essentially marked the first official green light for employers to ready their offices and start putting plans in place for their staff’s return.

Click here to check out the top sci-tech employers hiring right now.

However, HR body CIPD Ireland urged employers to be mindful of anxious workers as they face “another round of upheaval” with the return to offices.

So, while employers are finalising plans about how, where and when their teams will work, some employees may be wondering how to go about expressing their preference, worried that it’s not in line with what the company wants.

While there have been plenty of discussions and remote work advocates calling for leaders to be more flexible and recognise that the future of work will be hybrid, the reality for individual employees can feel very different.

While big-picture debates around the right to request remote work are happening, how do you ask for what you want in the here and now, when your boss is determined to have a full return to the office?

Explain your reasons

If remote or flexible working isn’t something your boss is already willing to give you, then you must treat it like a pay rise request.

Explain clearly and concisely the reasons why you want more flexibility, how it will benefit you and make you a more engaged, happier worker.

While family commitments might be an important factor, so too is work-life balance and getting rid of long commutes. And, while there is light at the end of the pandemic tunnel, Covid-19 is still a very real concern, so don’t be afraid to express your reservations about this too.

Make a business case

When you ask for a pay increase, you provide proof of the value you have added to the company. Take the same approach here and explain to your boss how flexible working will actually be beneficial to them.

Some managers who resist remote working might still have an office-based mentality where presenteeism is key. But there are numerous studies that show that knowledge workers are more productive when working remotely.

And, when done as a purposeful business strategy, remote working can help teams prioritise work more clearly as well as allowing for more downtime and work-life balance.

Be realistic

Depending on your manager, your team and the work you do, it may not be feasible to ask to work from home five days a week.

It’s important that you are realistic about asking for what you want and also realistic about what you can deliver in return. Remote workers can be more productive but they can also be in danger of burning out so be thoughtful about what strategy will work best for both you and your manager.

Listen to their perspective

While conversations around remote working appear to be mostly positive, it can be a different situation behind the office doors.

Many managers and leaders are still hesitant about moving to a fully flexible working strategy and this can lead to workers feeling like they are not being listened to.

However, one of the best ways to combat that hesitancy from managers is to listen to their concerns and address them in a problem-solving manner.

Being able to alleviate some of your manager’s worries might make them more amenable to allowing for more flexibility.

Make expectations clear

If you do convince your boss to allow for a more flexible working plan than what they had originally considered, it’s important that both sides understand what is expected.

Without clearly defining the outcomes of the new set-up, misunderstandings can lead to disappointments and feelings of mistrust in the idea of flexible working.

Source link

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!