Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/adulau/statuses/113485515442411925">Alexandre Dulaunoy (adulau@infosec.exchange)'s status on Friday, 15-Nov-2024 19:12:46 JST</a><a href="https://infosec.exchange/@adulau" title="adulau@infosec.exchange"><img src="https://gnusocial.jp/avatar/204538-48-20231027091710.webp" width="48" height="48" alt="Alexandre Dulaunoy" style="position: absolute; left: 0; top: 0;">Alexandre Dulaunoy</a><div><ul><li></ul></div></section><article><p><a href="https://mastodon.iftas.org/@jaz" rel="nofollow noreferrer">@jaz</a> </p><p>The importance of sharing CSAM detection indicators cannot be overstated, it significantly improves detection at scale. Despite multiple requests for <a href="https://infosec.exchange/tags/DFIR" rel="tag">#DFIR</a> activities, we were denied access to these databases. This restriction is a missed opportunity, as it limits detection capabilities.</p><p>Frankly, I don’t see the risks of sharing these indicators. The cybersecurity community has been sharing IoCs, malware hashes, and domains for years. Why should CSAM indicators be treated differently? With technologies like encrypted Bloom filters, even public sharing can be done securely.</p><p>If we truly want broad and effective detection in <a href="https://infosec.exchange/tags/fediverse" rel="tag">#fediverse</a> and other social networks, we need widespread sharing of CSAM indicators.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4004429#notice-7824074">In conversation</a><time datetime="2024-11-15T19:12:46+09:00" title="Friday, 15-Nov-2024 19:12:46 JST">about 10 days ago</time> <span>from <span><a href="https://infosec.exchange/@adulau/113485515442411925" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@adulau/113485515442411925">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Alexandre Dulaunoy (adulau@infosec.exchange)'s status on Friday, 15-Nov-2024 19:12:46 JSTAlexandre Dulaunoy
- Jaz (IFTAS)
@jaz
The importance of sharing CSAM detection indicators cannot be overstated, it significantly improves detection at scale. Despite multiple requests for #DFIR activities, we were denied access to these databases. This restriction is a missed opportunity, as it limits detection capabilities.
Frankly, I don’t see the risks of sharing these indicators. The cybersecurity community has been sharing IoCs, malware hashes, and domains for years. Why should CSAM indicators be treated differently? With technologies like encrypted Bloom filters, even public sharing can be done securely.
If we truly want broad and effective detection in #fediverse and other social networks, we need widespread sharing of CSAM indicators.
In conversationabout 10 days ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice