this post was submitted on 31 Aug 2023
374 points (99.5% liked)

Selfhosted

51249 readers
420 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
374
Lemmy Safety now supports cleaning local pict-rs storage from CSAM (github.com)
submitted 2 years ago* (last edited 2 years ago) by db0 to c/[email protected]
48 comments fedilink hide all child comments
 

I posted the other day that you can clean up your object storage from CSAM using my AI-based tool. Many people expressed the wish to use it on their local file storage-based pict-rs. So I've just extended its functionality to allow exactly that.

The new lemmy_safety_local_storage.py will go through your pict-rs volume in the filesystem and scan each image for CSAM, and delete it. The requirements are

  • A linux account with read-write access to the volume files
  • A private key authentication for that account

As my main instance is using object storage, my testing is limited to my dev instance, and there it all looks OK to me. But do run it with --dry_run if you're worried. You can delete lemmy_safety.db and rerun to enforce the delete after (method to utilize the --dry_run results coming soon)

PS: if you were using the object storage cleanup, that script has been renamed to lemmy_safety_object_storage.py

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 2 years ago (1 children)

I think there’s potential here for a centralised database of metadata (hashes, time-stamps, usernames) so it’s easier to stamp this out as a connected community. As has been noted, as long as you’re working in good faith, most government authorities won’t prosecute people running platforms like a Lemmy instance. But joining together to show solidarity might make it easier to prove that good faith, especially for smaller instances.

[–] db0 1 points 2 years ago* (last edited 2 years ago) (1 children)

The tools has a lot of false positives as it casts a wide net to catch the actual positives. There's no human review involved, so you can't use these hits to mark usernames and time-stamps unless someone goes thjrough the hits and finds actual CSAM.

[–] [email protected] 2 points 2 years ago (1 children)

That’s reasonable, I wouldn’t want anyone to have to do those manual checks. However, wouldn’t false positives be relatively rare for a single username? Could correlational data of repeated flags within a certain timeframe be used to single out bad actors?

[–] db0 1 points 2 years ago

Yes, correlating single usernames would be a good way, but currently the script cannot connect images to posts