Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They have been scanning Gmail for a while using this, as nearly every provider does : https://en.wikipedia.org/wiki/PhotoDNA


From what I can tell, that is not used on Android or user devices though. So it's not the same thing as what Apple is doing.


Yes what Apple does is slightly different technically : they run a network on device, then when you upload the picture to their Cloud services, they attach the hash generated to the picture.

It's only on their servers that they will do the check against the database of CSAM content. So in that sense, it's pretty much the same that what other providers do, it remains attached to their online service, and they check the hash against the database instead of checking the picture (as others do).

If you don't use their iCloud service, the hash is never checked.

I still don't think having the client as part of the system is a good thing, but in terms of abuse it's about the same thing.

What Apple's system allow is a way to do a check while keeping the data encrypted in some 3rd party service. That part certainly raises questions should it be extended.


Thanks, that makes sense!




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: