Security News > 2021 > November > Researchers show that Apple’s CSAM scanning can be fooled easily
A team of researchers at the Imperial College in London have presented a simple method to evade detection by image content scanning mechanisms, such as Apple's CSAM. CSAM was a controversial proposal submitted by Apple earlier this year.
The research presented at the recent USENIX Security Symposium by British researchers shows that neither Apple's CSAM nor any system of this type would effectively detect illegal material.
As the researchers explain, it's possible to fool content detection algorithms 99.9% of the time without visually changing the images.
The trick is to apply a special hashing filter on the images, making them appear different to the detection algorithm even if the processed result looks identical to the human eye.
Applying additional image transformation before computing the perceptual hash of the image is also unlikely to make detections any more reliable.
"Our results shed strong doubt on the robustness to adversarial black-box attacks of perceptual hashing-based client-side scanning as currently proposed. The detection thresholds necessary to make the attack harder are likely to be very large, probably requiring more than one billion images to be wrongly flagged daily, raising strong privacy concerns." - concludes the paper.