(no title)
mikehearn | 4 years ago
In Apple's implementation, the device never knows if a particular picture is a CSAM match. That determination is made in iCloud when the server attempts to decrypt the safety voucher. Until that point, it's just an encrypted payload that the device can't interpret one way or the other.
In your analogy, where "your home" is the equivalent of "your device", the police never enter the home to determine whether you have anything illegal. Instead, there's some process that boxes up all your stuff into nondescript, anonymous boxes that can only be opened if someone has the key.
To determine illegality, you'd have to voluntarily send them off to the police (police = iCloud), where they only have a handful of keys - they have a "gun" key, a "knife" key, and a few other keys for boxes containing illegal items. But the boxes are nondescript, so the police don't know whether you have anything illegal until they insert the key and turn it. If the "gun" key successfully opens the box, the box contains a gun, and you are reported. If all the police's keys fail on a particular box, then whatever is inside must not be illegal and the police never learn its contents.
Needless to say, this analogy is tortured because it's hard to apply Apple's tech to a physical process, but the point is that whether something is "illegal" isn't able to be determined until you voluntarily ship it off to an entity that has the keys to unlock it.
noptd|4 years ago
That's a distinction without a difference w.r.t the end result but I'll offer a more apt analogy regardless.
A better analogy would be the police installing a device in your house that's capable of seeing or hearing anything that happens and then claiming there's nothing to worry about. The device is only watching a specific door in your house and forwarding a hash of that information to their servers. Nevermind that it would only take a policy change and an OTA update that you have no visibility into, or chance of blocking, before it's watching your entire house in real-time.
But hey, you have several other doors to enter or exit your house from, and it's not like the camera actually knows anything, only the people on the other end do, so what's the big deal right?
Would you trust the police in that scenario?