this post was submitted on 20 Jun 2024
87 points (98.9% liked)

World News

39019 readers
2325 users here now

A community for discussing events around the World

Rules:

Similarly, if you see posts along these lines, do not engage. Report them, block them, and live a happier life than they do. We see too many slapfights that boil down to "Mom! He's bugging me!" and "I'm not touching you!" Going forward, slapfights will result in removed comments and temp bans to cool off.

We ask that the users report any comment or post that violate the rules, to use critical thinking when reading, posting or commenting. Users that post off-topic spam, advocate violence, have multiple comments or posts removed, weaponize reports or violate the code of conduct will be banned.

All posts and comments will be reviewed on a case-by-case basis. This means that some content that violates the rules may be allowed, while other content that does not violate the rules may be removed. The moderators retain the right to remove any content and ban users.


Lemmy World Partners

News !news@lemmy.world

Politics !politics@lemmy.world

World Politics !globalpolitics@lemmy.world


Recommendations

For Firefox users, there is media bias / propaganda / fact check plugin.

https://addons.mozilla.org/en-US/firefox/addon/media-bias-fact-check/

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] mox@lemmy.sdf.org 10 points 4 months ago* (last edited 4 months ago) (1 children)

Its trivial to defeat

Maybe, depending on the algorithm used. Some are designed to produce the same output given similar inputs.

It's also easy to abuse systems like that in order to get someone falsely flagged, by generating a file with the same checksum as known CSAM.

It's also easy for someone in power (or with the right access) to add checksums of anything they don't like, such as documents associated with opposing political or religious views.

In other words, still invasive and dangerous.

More thoughts here: https://www.eff.org/deeplinks/2019/11/why-adding-client-side-scanning-breaks-end-end-encryption

[–] MSids@lemmy.world 2 points 4 months ago* (last edited 4 months ago) (2 children)

Checksums wouldnt work well for their purposes if they could easily be made to match any desired checksum. It's one way math.

[–] mox@lemmy.sdf.org 3 points 4 months ago* (last edited 4 months ago)

One-way math doesn't preclude finding a collision.

(And just to be clear, checksum in the context of this conversation is a generic term that includes cryptographic hashes and perceptual hashes.)

Also, since we're talking about a list of checksums, an attacker wouldn't even have to find a collision with a specific one to get someone in trouble. This makes an attack far easier. See also: the birthday problem.

[–] piecat@lemmy.world 2 points 4 months ago

Checksums, on the other hand, are designed to minimize the probability of collisions between similar inputs, without regard for collisions between very different inputs.[8] Instances where bad actors attempt to create or find hash collisions are known as collision attacks.[9]

https://en.m.wikipedia.org/wiki/Hash_collision#:~:text=Checksums%2C%20on%20the%20other%20hand,are%20known%20as%20collision%20attacks.