• Corpus ID: 238856713

Bugs in our Pockets: The Risks of Client-Side Scanning

  title={Bugs in our Pockets: The Risks of Client-Side Scanning},
  author={Harold Abelson and Ross J. Anderson and Steven M. Bellovin and Josh Benaloh and Matt Blaze and John L. Callas and Whitfield Diffie and Susan Landau and Peter G. Neumann and Ronald L. Rivest and Jeffrey I. Schiller and Bruce Schneier and Vanessa Teague and Carmela Troncoso},
Our increasing reliance on digital technology for personal, economic, and government affairs has made it essential to secure the communications and devices of private citizens, businesses, and governments. This has led to pervasive use of cryptography across society. Despite its evident advantages, law enforcement and national security agencies have argued that the spread of cryptography has hindered access to evidence and intelligence. Some in industry and government now advocate a new… 

Figures from this paper

Exploiting and Defending Against the Approximate Linearity of Apple's NeuralHash
The surprising discovery that N EURAL H ASH is approximately linear is made, which inspires the development of novel black-box attacks that can evade detection of “illegal” images, generate near-collisions, and leak information about hashed images, all without access to model parameters.
Thoughts on child safety on commodity platforms
It is shown that the real problem of online child sexual abuse is much more complex than offender image sharing, providing a new set of ‘harm archetypes’ to better group harms into categories that have similar technical characteristics and bringing more clarity to the processes currently used by platforms and law enforcement in relation to child sex abuse content and the real world impacts.
Learning to Break Deep Perceptual Hashing: The Use Case NeuralHash
It is shown that current deep perceptual hashing may not be robust, generally not ready for robust client-side scanning and should not be used from a privacy perspective.
YASM (Yet Another Surveillance Mechanism)
Many types of surveillance exist on anything from smartphones to IoT devices, but most of them are not as ubiquitous and intrusive as Client Side Scanning (CSS) for Child Sexual Abuse Material
Are iPhones Really Better for Privacy? A Comparative Study of iOS and Android Apps
It is found that third-party tracking and the sharing of unique user identifiers was widespread in apps from both ecosystems, even in apps aimed at children, and that neither platform is clearly better than the other for privacy across the dimensions the authors studied.


The risks of key recovery, key escrow, and trusted third-party encryption
This report examines the fundamental properties of these requirements and attempts to outline the technical risks, costs, and implications of deploying systems that provide government access to encryption keys.
Exploiting Lawful Intercept to Wiretap the Internet
This paper will review Cisco's architecture for lawful intercept from a security perspective and explain how a number of different weaknesses in its design coupled with publicly disclosed security vulnerabilities could enable a malicious person to access the interface and spy on communications without leaving a trace.
Identifying Harmful Media in End-to-End Encrypted Communication: Efficient Private Membership Computation
This work explores the technical feasibility of privacypreserving perceptual hash matching for E2EE services, formalizing the problem space and identifying fundamental limitations for protocols and design and evaluate interactive protocols that optionally protect the hash set and do not disclose matches to users.
Adversarial Detection Avoidance Attacks: Evaluating the robustness of perceptual hashing-based client-side scanning
A large-scale evaluation shows perceptual hashing-based client-side scanning mechanisms to be highly vulnerable to detection avoidance attacks in a black-box setting, with more than 99.9% of images successfully attacked while preserving the content of the image.
Security Metrics for the Android Ecosystem
The complex network of players in the Android ecosystem who must collaborate to provide updates is mapped, and it is determined that inaction by some manufacturers and network operators means many handsets are vulnerable to critical vulnerabilities.
The Athens Affair
How some extremely smart hackers pulled off the most audacious cell-network break-in ever. On 9 march 2005, a 38-year-old Greek electrical engineer named Costas Tsalikidis was found hanged in his
Security Engineering: a Guide to Building Dependable Distributed Systems Banking and Bookkeeping
Banking systems include the back-end bookkeeping systems that record customers' account details and transaction processing systems such as cash machine networks and high-value interbank money transfer systems that feed them with data.
Evasion Attacks against Machine Learning at Test Time
This work presents a simple but effective gradient-based approach that can be exploited to systematically assess the security of several, widely-used classification algorithms against evasion attacks.
The protection of information in computer systems
This tutorial paper explores the mechanics of protecting computer-stored information from unauthorized use or modification by examining in depth the principles of modern protection architectures and the relation between capability systems and access control list systems.
Cisco Architecture for Lawful Intercept in IP Networks
Cisco's Architecture for supporting lawful intercept in IP networks provides a general solution that has a minimum set of common interfaces and does not attempt to address the specific legal requirements or obligations that may exist in a particular country.