Alec Muffett Profile picture
everybody deserves good security. see also: @alecmuffett@mastodon.social

Aug 13, 2021, 9 tweets

1/n OMG, this deserves breaking down:

2/ So, @ncmec are basically goaled and compensated for their headline "number of reports" metric. The bigger the number, the more govbucks and funding, for instance in their *previous* counterblast to end-to-end encryption: missingkids.org/blog/2019/post…

3/ Hardly anyone ever asks about the cost-benefit of doing this, because children. Simply: it would be rude.

So you should totally go read this thread and then come back here:

4/ Okay: into this walks @Apple, who have majorly screwed up the launch of their "developed in a vacuum" CSAM solution, and who are attempting to work around major criticisms which others [LIKE ME] are raising, re: their misconceived and ill-planned idea.

Aaaaand…

5/ "Let's use databases from several countries, to minimise risk that one Government could insert hashes to discover leaks of (say) NSA documents."

But NCMEC is goaled to drive the number of reports *upwards*.

Can you see where this is going, yet?

6/ NCMEC are not goaled towards minimising the number of hashes, nor towards deduplication, nor performance, and from what I understand they are not goaled upon quality assurance.

They are goaled on *growth* - which means: EVER MORE HASHES, AND SHARING.

7/7 So: Apple are presenting as a "solution" to governmental collusion, their unstated faith in NCMEC @MissingKids and @IWFhotline and … we don't know how many more… as-if they're all independent, above reproach, and not sharing data in/amongst themselves entirely "on trust".

8/7 ps: if you need evidence of an "institutional mindset" at @MissingKids, look no further than their "Screeching Minority" comment:

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling