neural-hash-collider
pixel-spreadsheet
Our great sponsors
neural-hash-collider | pixel-spreadsheet | |
---|---|---|
37 | 1 | |
651 | 12 | |
- | - | |
1.2 | 0.0 | |
about 1 year ago | 6 months ago | |
Python | Python | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
neural-hash-collider
- Daily General Discussion - October 27, 2022
- Under pressure from Russian government Google, Apple remove opposition leader's Navalny app from stores as Russian elections begin
-
Delays Aren't Good Enough–Apple Must Abandon Its Surveillance Plans
This is incorrect.
The images in this link [1], are completely different. One is a cat, one is a dog. Same hash produced for both.
- The All-Seeing "i": Apple Just Declared War on Your Privacy
- Apple Just Gave Millions of Users a Reason to Quit Their iPhones
-
Apple Just Gave Millions Of Users A Reason To Quit Their iPhones
Also, Apple’s NeuralHash is rather prone to hash collisions, i.e. false positives, so you should absolutely expect at least some of your on-device pics to be viewed by unauthorized Apple/government personell.
-
Bay Area doctor found with 2k images, videos of child pornography on iCloud
Step 2) run neural hash collider on the image and any image hash from the CSAM database
This one from Apple is not just a hash algorithm. It uses AI to make a signature that can be the same if minor modifications appear. It's been already reverse engineered and a collider exists. See this and this.
-
We built a system like Apple’s to flag child sexual abuse material — and concluded the tech was dangerous
Calling this a "hash" can be misleading, perhaps purposefully so by Apple. It's really a semantic/perceptual embedding. There's already at least one open source library to purposefully generate NeuralHash collisions, and it's very very easy: https://github.com/anishathalye/neural-hash-collider
pixel-spreadsheet
-
Delays Aren't Good Enough–Apple Must Abandon Its Surveillance Plans
It's not a problem that can be realistically solved with technology. The problem existed before electricity had been discovered[1][2] and continues to exist[3] in a significant way regardless of the presence of computers and the Internet.
I'd guess that the intent behind client-side scanning is to force child abusers away from mainstream technology towards niche technology[4][5][6], increasing the signal-to-noise ratio for finding and targeting child abusers. At present, there is nothing inherently suspicious about someone using WhatsApp, which means child abusers can hide amongst millions of other users. If CSAM is instead pushed onto Tor and a little-heard-of encrypted messaging app with servers located in eastern Europe, the theory is that it becomes easier to target just these niche users. If they're using Tor, they must have something to hide and therefore further investigation is warranted...?
A key problem with this approach is that, as has happened in other criminal circles, criminals find increasingly clever ways to remain 'boring' and not inviting of further scrutiny, or to otherwise remain hidden in the masses. For example, 9/11 hijackers communicated using boring methods, without encryption, using a coded language to make messages appear innocuous[7]. Even if general purpose computing was prohibited, would it be realistic to prevent users from using spreadsheet formulas to implement encryption and display of images[8][9][10], without impacting other users?. Another key problem is that innocent people will likely be targeted and harassed by association with niche technologies, which also wastes resources that could be used to limit child abuse via more effective means.
It would be possible to implement something that looks like North Korea's Kwangmyong[11] and largely solve the CSAM-sharing-via-computers problem, but at that point you've essentially banned computing altogether. This is actually a decision some countries have made[12] but good luck convincing the modern world that it'd be a good idea to eradicate the last 40 years of technological advancement whilst other countries continue to leap ahead technologically with the help of open and unrestricted access to general purpose computing.
[1] https://en.wikipedia.org/wiki/Pederasty
[2] https://en.wikipedia.org/wiki/Bacha_bazi
[3] https://europepmc.org/article/nbk/nbk554624
[4] https://en.wikipedia.org/wiki/ANOM
[5] https://en.wikipedia.org/wiki/EncroChat
[6] https://en.wikipedia.org/wiki/Tor_(network)
[7] https://hcgroups.wordpress.com/2010/02/13/july-2001-communic...
[8] https://poisonninja.github.io/2016/12/07/AES-in-Google-Sheet...
[9] https://www.iacis.org/iis/2017/2_iis_2017_103-112.pdf
[10] https://github.com/takacs/pixel-spreadsheet
[11] https://en.wikipedia.org/wiki/Kwangmyong_(network)
[12] https://en.wikipedia.org/wiki/2021_Burmese_protests#Internet...
What are some alternatives?
hardened_malloc - Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
neuralhash-collisions - A catalog of naturally occurring images whose Apple NeuralHash is identical.
json - JSON for Modern C++
harbormaster
glodroid_manifest - Android port that aims to bring both user- and developer-friendly experience in using AOSP with a set of single-board computers (SBC), phones and other devices.
AppleNeuralHash2ONNX - Convert Apple NeuralHash model for CSAM Detection to ONNX.
photoshopCClinux - Photoshop CC v19 installer for Gnu/Linux
website - The elementary.io website
owasp-mastg - The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
GmsCore - Free implementation of Play Services
block-validation-geth - To be deprecated in favor of https://github.com/flashbots/builder
mev-boost-relay - MEV-Boost Relay for Ethereum proposer/builder separation (PBS)