Reverse engineering project: https://archive.is/YQWOM

Hash collision: https://archive.is/OhQUd

What this means: Apple may take steps to change NeuralHash to mitigate this before actually putting it into use (provided they aren't lying and already using it). This also doesn't mean that anyone knows which hashes would cause an image to be flagged (probably not possible without someone leaking the list).

But it may be possible for malicious actors to guess which images would be included in the database, hash them, and find collisions that they could then get people to download.

Update

Apple says the collision is "not a concern". By which I assume they mean "we don't care."

Reverse engineering project: https://archive.is/YQWOM

Hash collision: https://archive.is/OhQUd

What this means: Apple may take steps to change NeuralHash to mitigate this before actually putting it into use (provided they aren't lying and already using it). This also doesn't mean that anyone knows which hashes would cause an image to be flagged (probably not possible without someone leaking the list).

But it may be possible for malicious actors to guess which images would be included in the database, hash them, and find collisions that they could then get people to download.