| 30 Jul 2025 |
 @emma:rory.gay | and im 100% certain of that | 13:28:12 |
| @emma:rory.gay | they publicly state that they rely on cloudflare to prevent CSAM being uploaded to their homeserver, and images posted in their rooms are merely scanned by mjolnir's NSFW.JS based protection (that gets patched out in nixpkgs anyways) | 13:28:52 |
 @jh-devv:matrix.org | In reply to @emma:rory.gay
matrix.org does not use a CSAM scanning tool.
đź”—Approaches to tackling CSEA
[...]
We use Cloudflare’s CSAM detection APIs on unencrypted content on Matrix.org.
We use the IWF Hash, URL and Keyword lists from the IWF on unencrypted content on Matrix.org.
[...]
| 13:29:52 |
| @jh-devv:matrix.org | Yea | 13:30:13 |
| @jh-devv:matrix.org | I was just confused | 13:30:18 |
| @emma:rory.gay | yeah, thats cloudflare | 13:30:19 |
| @jh-devv:matrix.org | Sorry! | 13:30:22 |
| @emma:rory.gay | as for the IWF thing, that's not available to us anyways | 13:30:32 |
| @jh-devv:matrix.org | In reply to @emma:rory.gay
matrix.org does not use a CSAM scanning tool. I mean, they use cloudflrares one? | 13:30:43 |
| @emma:rory.gay | IWF only talks in "Notable registered businesses" | 13:30:48 |
| @emma:rory.gay | yeah but thats not really something you can invest in | 13:31:21 |
| @emma:rory.gay | that's part of cloudflare's paid tier btw, and doesnt apply to media being proxied from other homeservers | 13:31:51 |
| @emma:rory.gay | (and even then, enabling cloudflare on a matrix homeserver causes a whole host of problems for both local users and other homeservers) | 13:32:26 |
| @emma:rory.gay | no matter how you turn it, you either pay cloudflare and only get protected for users on your own homeserver uploading CSAM, or you become a large for-profit company | 13:34:20 |
| @emma:rory.gay | * no matter how you turn it, you either pay cloudflare and only get protected for users on your own homeserver uploading CSAM (and break federation), or you become a large for-profit company | 13:35:41 |
 Cat | In reply to @emma:rory.gay
no matter how you turn it, you either pay cloudflare and only get protected for users on your own homeserver uploading CSAM (and break federation), or you become a large for-profit company The Canadians have a project that supposedly is not as stupid | 13:41:20 |
| Cat | As in they actually try to allow more people to do the right thing | 13:41:26 |
