Reply to post:

Child abuse image hash list shared with major web firms

Raumkraut

cryptographically broken and unsuitable for further use

"Cryptographically" being the operative word. In this case, it's not being used cryptographically.

for important things - like anything approaching censorship or criminal justice, perhaps - I don't think we should be using MD5

In their defence, it's entirely possible that they started using MD5 for this purpose before MD5 was so widely considered useless. And since it's a criminal offence to have possession of the images in question (exceptions notwithstanding), they may no longer have the source images from which to generate new hashes. However, they certainly shouldn't be using it for new images, and given the inclusion of PhotoDNA hashes in the programme, it's entirely possible they no longer do so.

That said, I would certainly hope they do a more detailed check than just comparing MD5 hashes, before breaking your door down in the middle of the night.

I'm a dreamer, I know.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon