On 8/2/23 22:03, John Curran wrote:
Now one can argue that real world security analogies don’t apply, because in the real world there is often the prosecution of culprits – unlike occurs with those caught in spam filters – but I would note that there is rather significant prosecution efforts (and successes) today against CSAM production and distribution, so that comparison to spam detection really doesn’t hold up – even modestly functional measures that mitigate a small additional fraction of the activity would make a real very difference to those who don’t have to suffer the harms of trafficking & production.
The specific point I made is that if there's some oracle used to decide whether a message is CSAM, that is accessible to an app, then the same oracle can be used to test whether some altered version of a CSAM image, or for that matter a synthetic image, passes the oracle. This by itself helps CSAM producers generate images that will evade CSAM detectors.
(The analogy to spam filters is if the spammers can test their messages against spam filters that are in use, they can easily generate spam that reliably evades such filters. Prosecution has nothing to do with it.)
The general point is simply this: it's not unusual for a naive solution to make a problem worse. It's easy to have misplaced faith in a newly proposed solution. It's not hard to find examples of this in past IETF work.
Keith
