Issue 1433 - Thursday 19th August, 2021

In Today's Issue

The News

Apple's NeuralHash already fooled by non CSAM images

Someone's already managed to fool Apple's CSAM detection system. A bloke on Reddit discovered NeuralHash (the main component of Apple's detection setup) already running on iOS 14, which lead to someone else creating a collision, "meaning he tricked the system into giving two different images the same hash" - opening the door to adversarial attacks. Apple reckons the NerualHash version discovered by the Redditor is "a generic version, and not the one final version that will be used for iCloud Photos CSAM detection", but a few security people interviewed in the linked article by Vice seem open to the idea that the production version of NeuralHash won't be that different to what's been discovered today.

Facebook's Widely Viewed Content Report smells of bullshit

Facebook has released its first ever report into the most popular stuff on Facebook. It "covers the public News Feed content seen by Facebook’s US viewers between the beginning of April and the end of June" and "contains sections including showing the top 20 domains, links, pages, and posts in terms of views". The most popular post on Facebook is a "a letter scramble that invites users to pick out the first three words they see" and was viewed over by over 80 million people. Ethan Zuckerman had a squiz at the report and found that a good chunk of the top 20 URLs shared on Facebook are straight up spam and the report itself is practically useless at trying to discover what Facebook's algorithm is pushing on people.

Australian online retailers have crap privacy policies

Analysis of eBay, Amazon, Catch and Kogan's Australian privacy terms by UNSW senior lecturer Dr Katharine Kemp found "they offer little variation in quality or competition, despite significant variance in form". Unsurprisingly, Australian retailers offer far less protection in their privacy terms than European ones, who have detailed legislation and harsh penalties for breaches. Dr Kemp says that "no marketplace wishes to provide consumers with substantial privacy choices while their rivals may continue to undermine consumers' privacy to their own advantage without detection", so we're kinda fucked unless laws are made because the retailers sure as shit aren't gonna collect less data or better protect what they do collect out of their own free good will.

Something I Saw On The Internet

Serenity is a passion project operating system built from the ground up

SerenityOS looks really fucking cool. I found out about it in this Arstechnica story, which describes SerenityOS as "a love letter from the ex you never quite forgot" for people "who grew up with NT4 systems but matured on modern Linux and BSD" (i.e: me!). It's not a Linux distribution and has nothing to do with UNIX at all - it's a "hobby" OS made from the ground up by Andreas Kling. He started it years ago as a personal therapy project to help recover from an addiction. At first it was by him, for him, but over time Andreas has found fellow developers wanting the same type of operating system. It's still very basic and not ready to be someone's daily driver OS, but I get the feeling it will be fun to watch this project progress.


AfterPay and eBay are doing a 15% off promo. Some good stuff here if you aren't averse to using AfterPay:

The End

📻 The Divine Chord - The Avalanches, MGMT & Johnny Marr

😎 The Sizzle is curated by Anthony "@decryption" Agius and emailed every weekday afternoon.

💬 Did you know that The Sizzle has a Slack group? Join in and chat with other subscribers like you.

💳 Paid subscriber looking to manage your billing info? Visit the customer portal.

The Sizzle is created on Wathaurong land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.​