• milicent_bystandr@lemm.ee
    link
    fedilink
    arrow-up
    16
    ·
    1 year ago

    I wonder if projects like Signal could make a community run and certified hash database that could be included in Signal et al without threat of governments and self-interested actors putting malicious entries in. It definitely doesn’t solve every problem with the client side scanning, but it does solve some.

    But… an open, verifiable database of CSAM hashes has its own serious problems :-S Maybe an open, audited AI tool that in turn makes the database? Perhaps there’s some clever trick to make it verifiable that all the hashes are for CSAM without requiring extra people to audit the CSAM itself.

    • ADTJ@feddit.uk
      link
      fedilink
      arrow-up
      10
      ·
      1 year ago

      You’re unfortunately also handing people distributing csam a way to verify whether their content would be detected by checking it against the database

      • milicent_bystandr@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Yes, though doesn’t client side scanning do that anyway? Or must the client side scan be completely secret and also only communicate to law enforcement/whatever secretly?