> A big dump of lots of CSAM at one particular timestamp is a pretty easy thing to spot.
Only if that system / heuristic has been built. The same could have been said about Apple’s systems for identifying bulk account hijacks, but Apple didn’t, which I suppose is the value of this story.
And companies aren’t allowed to Just inspect content once they identify CSAM. It is kryptonite for criminal liability. Companies are required to turn it over to the feds quickly and to try not to disturb metadata.
I suspect your line of thought would work given full ability to inspect (and some assumptions about what an IP change actually proves), but in practice Apple still hasn’t gotten the basics around account hijacks/fraud sorted out, so I’m hesitant to cheer them on as they try to quickly jump into the deep screaming “think of the children!”.
Only if that system / heuristic has been built. The same could have been said about Apple’s systems for identifying bulk account hijacks, but Apple didn’t, which I suppose is the value of this story.
And companies aren’t allowed to Just inspect content once they identify CSAM. It is kryptonite for criminal liability. Companies are required to turn it over to the feds quickly and to try not to disturb metadata.
I suspect your line of thought would work given full ability to inspect (and some assumptions about what an IP change actually proves), but in practice Apple still hasn’t gotten the basics around account hijacks/fraud sorted out, so I’m hesitant to cheer them on as they try to quickly jump into the deep screaming “think of the children!”.