Retain the content and/or hash of linksharing files that we take down

storj / edge

Storj edge services (including multi-tenant, S3-compatible server to interact with the Storj network)

GNU Affero General Public License v3.0

48 stars 18 forks source link

Retain the content and/or hash of linksharing files that we take down #343

Closed ferristocrat closed 11 months ago

ferristocrat commented 1 year ago

Goal

We want to start retaining the content and/or hash of linksharing files that we take down
This will help us backtest any solution we may implement for proactively identifying these files (rather than waiting for a takedown request)

Acceptance Criteria

Manual or automated process implemented for storing the content and hash for files we take down

Links

amwolff commented 1 year ago

@storj/edge-team any idea where we should store it?

amwolff commented 1 year ago

I think we should use eventkit for this.

adaRn commented 1 year ago

I'm not sure about the volume, so an extreme opinion here: I'd be OK even with storing these in a Google Sheet, if this makes it super simple

amwolff commented 1 year ago

From sprint planning: probably implement the functionality in authservice-admin to send a hash of the object to eventkit for later analysis.

v2 would be moving the offending object to a bucket that we control while scanning it beforehand with, e.g., ClamAV—if the object is malware/dangerous, we would keep it and discard it otherwise.

amwolff commented 1 year ago

@jtolio Related to #342, how do you feel about retaining the checksum of the content that we take down for legal reasons?

storj-gerrit[bot] commented 1 year ago

Change cmd/authservice-admin: send link information before taking down link mentions this issue.

storj-gerrit[bot] commented 1 year ago

Change cmd/authservice-admin: send link information before taking down link mentions this issue.

storj-gerrit[bot] commented 1 year ago

Change pkg/hashreader: add package mentions this issue.