On Wed, Apr 10, 2019 at 10:56:12AM +1000, Paul Wilkins wrote: > Now I would say that for instance, if the eSecurity Director posts the CRC > of a file as being "abhorrent violent" content, and your company doesn't > expeditiously take down that material, expect problems down the pike. I > doubt a CRC check alone is sufficient.
Given that a CRC changes if you modify any bit of the file, and common CRC implementations have a space of either 16 or 32 bits (65,536 and ~4 billion possible values, respectively), "insufficient" doesn't even begin to describe such a scheme. > I'd say a fingerprinting system to > match altered copies of the subject file should be implemented. Once again with this magical "figerprinting" scheme. Nothing like what you're describing actually exists. Further, there's no point in each company coming up with their own scheme for calculating this magical fingerprint, because if the eSecurity Director wants to say "take down everything like this fingerprint" they have to use the *same* scheme to come up with the same fingerprint. > It doesn't have to work in all cases. It won't work in *any* case. > I am not a lawyer. This is not expert advice. Yes, I think that is quite evident. - Matt _______________________________________________ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog