Comment by salawat
4 years ago
Nice.
Gotta love it when the moral busy bodies ignore the nuts and bolts details of their own system. How exactly do they think an image search works in the first place? You have to have the right pattern to search for.
The funny thing is that these organizations actually have legal carve-outs for CSAM, but the services they hit to search for CSAM don't. This was one of my gripes with the EARN IT Act lat year if I rcall correctly. If not that, I may need to go searching back through legislation referencing CSAM to find it again. I know at least the FBI, and I think a couple of orgs that help aggregate reporting of CSAM were mentioned.
I'd probably go down the route of posting log snippets including their User-Agent and a timestamp, plus the screenshots of the temp file in a directory listing plus a snippet of the email notice with regards to that particular file. There is no cure to poor behavior like being confronted with undeniable proof of the outcome of your own actions.
This kind of thing isn't a joke, and careless spamming of that sort of thing can take down services without super diligent Admins.
Given they seem so concerned. Perhaps they should negotiate a dedicated endpoint and get legal carve-outs for search providers to provide it.
Their crawler doesn't identify itself, here's what one of the log entries looks like:
x.x.x.176 - - [16/Apr/2021:13:xx:xx -0400] "GET /search.php?url=hxxps://i.imgur.com/xxxxxxx.xxx HTTP/1.1" 429 357 "hxxps://4archive.org/board/b/thread/xxxxxxxxxxx" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36"
We blocked that one successfully, but the same image was used to search iqdb.org, bypassing their filter and resulting in the current prolonged downtime. Their host took the site down ~3 days ago, and has not been responding to any tickets since...