> Apple claims that there is a "one in one trillion chance per year of incorrectly flagging a given account". I'm calling bullshit on this.
Why? You can get any false positive rate you want if you don't care about the false negative rate.
It seems likely that that was a design criterion and they just tweaked the thresholds and number of hits required until they got it.
The last analysis on HN about this made the exact same mistake, and it's a pretty obvious one so I'm skeptical about the rest of their analyses.
It is nice to have some actual numbers from this article though about how much CP they report, the usefulness of MD5 hashes, etc.
Edit: reading on, it seems like he just misread - it sounds like he thinks they're saying there's a 1 in a trillion chance of a false positive on a photo but Apple are talking about an account which requires multiple photo hits. The false positive rate per photo might be 1 in 1000 but if you need 10 hits then it's fine.
Why? You can get any false positive rate you want if you don't care about the false negative rate.
It seems likely that that was a design criterion and they just tweaked the thresholds and number of hits required until they got it.
The last analysis on HN about this made the exact same mistake, and it's a pretty obvious one so I'm skeptical about the rest of their analyses.
It is nice to have some actual numbers from this article though about how much CP they report, the usefulness of MD5 hashes, etc.
Edit: reading on, it seems like he just misread - it sounds like he thinks they're saying there's a 1 in a trillion chance of a false positive on a photo but Apple are talking about an account which requires multiple photo hits. The false positive rate per photo might be 1 in 1000 but if you need 10 hits then it's fine.