[AusNOG] More legislative interventions

Matt Palmer mpalmer at hezmatt.org
Wed Apr 10 11:12:03 EST 2019

On Wed, Apr 10, 2019 at 10:56:12AM +1000, Paul Wilkins wrote:
> Now I would say that for instance, if the eSecurity Director posts the CRC
> of a file as being "abhorrent violent" content, and your company doesn't
> expeditiously take down that material, expect problems down the pike. I
> doubt a CRC check alone is sufficient.

Given that a CRC changes if you modify any bit of the file, and common CRC
implementations have a space of either 16 or 32 bits (65,536 and ~4 billion
possible values, respectively), "insufficient" doesn't even begin to
describe such a scheme.

> I'd say a fingerprinting system to
> match altered copies of the subject file should be implemented.

Once again with this magical "figerprinting" scheme.  Nothing like what
you're describing actually exists.  Further, there's no point in each
company coming up with their own scheme for calculating this magical
fingerprint, because if the eSecurity Director wants to say "take down
everything like this fingerprint" they have to use the *same* scheme to come
up with the same fingerprint.

> It doesn't have to work in all cases.

It won't work in *any* case.

> I am not a lawyer. This is not expert advice.

Yes, I think that is quite evident.

- Matt

More information about the AusNOG mailing list