You may have heard that the US government has a bit of a mess on its hands after House Speaker Mike Johnson worked out a somewhat carefully crafted compromise continuing resolution funding plan to …
I’m extremely wary of any law that can be used to censor or otherwise remove material online, but one gripe i have with the Techdirt article is their assertion that hash matching is expensive or difficult.
Generating a SHA hash of an image when uploaded is very inexpensive in terms of processing, and there’s already going to be a db somewhere that stores the image metadata, so it’s not like putting the hash there is hard. Similarly, a simple No/SQL lookup for a known hash is incredibly simple and non-intensive.
The real issue is the lack of an appeal mechanism, the lack of penalty for, or legal mechanism to, ignore false reports (which should probably be about spam/ volume of requests, rather than single requests), and the lack of definition around what exactly a site must do to show good-faith, reasonable compliance.
I’m extremely wary of any law that can be used to censor or otherwise remove material online, but one gripe i have with the Techdirt article is their assertion that hash matching is expensive or difficult.
Generating a SHA hash of an image when uploaded is very inexpensive in terms of processing, and there’s already going to be a db somewhere that stores the image metadata, so it’s not like putting the hash there is hard. Similarly, a simple No/SQL lookup for a known hash is incredibly simple and non-intensive.
The real issue is the lack of an appeal mechanism, the lack of penalty for, or legal mechanism to, ignore false reports (which should probably be about spam/ volume of requests, rather than single requests), and the lack of definition around what exactly a site must do to show good-faith, reasonable compliance.
Depends on “how identical” is “identical”.
The SHA hash of a file, is easy to calculate, but pretty much useless at detecting similar images; change a single bit, and the SHA hash changes.
In order to detect similar content, you need perceptual hashes, which are no longer that easy to calculate.
Why “no longer”?
because of the “perceptual” part.
A normal hash has the property that it produces wildly different hashes for even the tiniest of changes in the file.
Perceptual hashing flips that requirement on its head, and therefore makes finding a suitable hash function much harder.
Oh, the way I read it it seemed like they were saying perceptual hashes used to be easier to calculate
Change one bit, now we have a brand new hash