You what now???
Since when does your local police department respond to a "Microsoft complaint?"
if its CSAM related (which is implied via photodna involvement), microsoft does not contact local police. they contact NCMEC (or the appropriate equivalent), who then coordinates the law enforcement response.
if it isnt CSAM, microsoft does not contact local police to aid with support, because that would be ridiculous to coordinate over a billion accounts across tens of thousands of police departments around the world. and police forces would obviously not tolerate acting as microsoft support personnel.
there has to be a substantial amount of missing context, or this story is (partially? fully?) fabricated, or the user is mistaken/wasnt talking to microsoft.
Microsoft reached out to the police department, then the person went to the local police department to verify who they were. I don't see how this could be a scam.
It’s been done before: https://krebsonsecurity.com/2022/03/hackers-gaining-power-of...
(If they established connections between accounts by using images, surely they would block vast swathes of people using generic harmless images you can find online)
This sounds like a horrible privacy violation. Is it true? What do they do if they find a match?
Incidentally, how it works is clever and interesting imo, though defeatable if you know how it works: https://www.hackerfactor.com/blog/index.php?%2Farchives%2F93...
The obvious alternative of course, is openly and aggressively getting users to agree to uploading their files to Microsoft’s computers (OneDrive), which are scanned.
However in the age of machine learning, copilot and the like, I would not be surprised if local scans start becoming a thing, since offering classification of objects in photos is a perfectly reasonable thing to offer from Microsoft’s point of view, and of course CSAM detection can come along with that.
But yeah, they also just super aggressively try to trick you into sending all your files to onedrive.
if you get multiple child sexual abuse material (CSAM) matches, the police will be knocking on (down) your door. microsoft isnt going to nicely ask you to go down the the police station. they dont even contact local police, they forward the information to the appropriate national entity (e.g. NCMEC) who coordinates the law enforcement response.
and if it isnt CSAM related, microsoft is not going to be contacting your local police, period.
something isnt adding up here. i suspect this post is ragebait.
Why would they not? I once had a problem with material uploaded on a file sharing system hosted on Hetzner. I received an email about it from Hetzner, but I was on holiday and I didn't check my email so after 48 hours or so the local police (French gendarmerie) came to my address and politely asked for my server logs.
Luckily I had forgotten to update my billing address on my Hetzner account, so it was my parents address and I was on holidays at my parents.
I guess its a hash collision, but that is pretty crazy. Sounds like the plot to a scifi dystopia.
Coming soon to every AI enabled product near you
Through A Scanner Darkly, indeed.
Oh well, Philip K Dick enters the chat again. With Solar Lottery this time.
There’s your problem. Don’t create a Microsoft account? Why would you need one anyway? To use windows? Why? Get Linux or switch to Mac.
What?
I take it you're not one of the many people who've had a dozen different services over the years get bought up by Microsoft, then forcefully migrated to multiple Microsoft Accounts, and then lose access to all of them?