NeuralHash is BROKEN - How to evade Apple's detection & craft hash collisions (w/ Open Source Code)

Channel:
Switzerland Yannic Kilcher
Subscribers:
284,000
Published on ● Video Link: https://www.youtube.com/watch?v=6MUpWGeGMxs


Category:
Tutorial
Duration: 8:16
10,654 views
602

#apple #icloud #neuralhash

Send your Apple fanboy friends to prison with this one simple trick ;) We break Apple's NeuralHash algorithm used to detect CSAM for iCloud photos. I show how it's possible to craft arbitrary hash collisions from any source / target image pair using an adversarial example attack. This can be used for many purposes, such as evading detection, or forging false positives, triggering manual reviews.

OUTLINE:
0:00 - Intro
1:30 - Forced Hash Collisions via Adversarial Attacks
2:30 - My Successful Attack
5:40 - Results
7:15 - Discussion

DISCLAIMER: This is for demonstration and educational purposes only. This is not an endorsement of illegal activity or circumvention of law.

Code: https://github.com/yk/neural_hash_collision
Extract Model: https://github.com/AsuharietYgvar/AppleNeuralHash2ONNX
My Video on NeuralHash: https://youtu.be/z15JLtAuwVI

ADDENDUM:
The application of framing people is a bit more intricate than I point out here. Apple has commented that there would be a second perceptual hashing scheme server-side, i.e. the model would not be released, which makes forging false positives harder. Nevertheless, evading the system remains fairly trivial.

Links:
TabNine Code Completion (Referral): http://bit.ly/tabnine-yannick
YouTube: https://www.youtube.com/c/yannickilcher
Twitter: https://twitter.com/ykilcher
Discord: https://discord.gg/4H8xxDF
BitChute: https://www.bitchute.com/channel/yannic-kilcher
Minds: https://www.minds.com/ykilcher
Parler: https://parler.com/profile/YannicKilcher
LinkedIn: https://www.linkedin.com/in/yannic-kilcher-488534136/
BiliBili: https://space.bilibili.com/1824646584

If you want to support me, the best thing to do is to share out the content :)

If you want to support me financially (completely optional and voluntary, but a lot of people have asked for this):
SubscribeStar: https://www.subscribestar.com/yannickilcher
Patreon: https://www.patreon.com/yannickilcher
Bitcoin (BTC): bc1q49lsw3q325tr58ygf8sudx2dqfguclvngvy2cq
Ethereum (ETH): 0x7ad3513E3B8f66799f507Aa7874b1B0eBC7F85e2
Litecoin (LTC): LQW2TRyKYetVC8WjFkhpPhtpbDM4Vw7r9m
Monero (XMR): 4ACL8AGrEo5hAir8A9CeVrW8pEauWvnp1WnSDZxW7tziCDLhZAGsgzhRQABDnFy8yuM9fWJDviJPHKRjV4FWt19CJZN9D4n



Other Videos By Yannic Kilcher


2021-09-20Topographic VAEs learn Equivariant Capsules (Machine Learning Research Paper Explained)
2021-09-16[ML News] Roomba Avoids Poop | Textless NLP | TikTok Algorithm Secrets | New Schmidhuber Blog
2021-09-14Celebrating 100k Subscribers! (w/ Channel Statistics)
2021-09-10[ML News] AI predicts race from X-Ray | Google kills HealthStreams | Boosting Search with MuZero
2021-09-06∞-former: Infinite Memory Transformer (aka Infty-Former / Infinity-Former, Research Paper Explained)
2021-09-03[ML News] Blind Chess AI Competition | Graph NNs for traffic | AI gift suggestions
2021-09-02ALiBi - Train Short, Test Long: Attention with linear biases enables input length extrapolation
2021-08-27[ML News] Stanford HAI coins Foundation Models & High-profile case of plagiarism uncovered
2021-08-26Fastformer: Additive Attention Can Be All You Need (Machine Learning Research Paper Explained)
2021-08-23PonderNet: Learning to Ponder (Machine Learning Research Paper Explained)
2021-08-19NeuralHash is BROKEN - How to evade Apple's detection & craft hash collisions (w/ Open Source Code)
2021-08-18[ML News] Nvidia renders CEO | Jurassic-1 larger than GPT-3 | Tortured Phrases reveal Plagiarism
2021-08-16How Apple scans your phone (and how to evade it) - NeuralHash CSAM Detection Algorithm Explained
2021-08-13[ML NEWS] Apple scans your phone | Master Faces beat face recognition | WALL-E is real
2021-08-06[ML News] AI-generated patent approved | Germany gets an analog to OpenAI | ML cheats video games
2021-08-02[ML News] MMO Game destroys GPUs | OpenAI quits Robotics | Today w/ guest host Sanyam Bhutani
2021-07-15[ML News] Facebook AI adapting robots | Baidu autonomous excavators | Happy Birthday EleutherAI
2021-07-11I'm taking a break
2021-07-08[ML News] GitHub Copilot - Copyright, GPL, Patents & more | Brickit LEGO app | Distill goes on break
2021-07-03Self-driving from VISION ONLY - Tesla's self-driving progress by Andrej Karpathy (Talk Analysis)
2021-06-30[ML News] CVPR bans social media paper promotion | AI restores Rembrandt | GPU prices down


Tags:
deep learning
machine learning
arxiv
explained
neural networks
ai
artificial intelligence
paper
what is deep learning
deep learning tutorial
introduction to deep learning
neuralhash
neural hash
neural hash collision
neuralhash collision
neuralhash broken
break neuralhash
evade neuralhash
apple detection
icloud neuralhash
adversarial examples
neuralhash adversarial example
apple hash collision
how to neuralhash