PC-Admin/redlight
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update technical spec

Browse Source
This commit is contained in:
PC-Admin 2023-08-16 06:55:57 +08:00
parent 11866a5db8
commit d8a1912915
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -26,7 +26,7 @@ The goal of this tool is to block abusive content across many small to medium si
"Redlight servers" will be trusted homeservers that are modified, they'll cache the source list in memory while providing an API interface to "Redlight clients". Redlight servers will pick their own "content tags" that they are filtering, which by extension will allow clients to pick a level of filtering that suits them.
Redlight clients will be untrusted homeservers that are whitelisted by their desired Redlight server. When a user on a client homeserver attempts to join a room, the hashes of the user_id and room_id will be sent to the redlight server, which will confirm or deny if the room is abusive, the client then denies the user entry to that room if it is flagged. If a user attempts to access abusive rooms multiple times their account will be "frozen" and attempts to access any further rooms will be denied. Real-time alerts about users accessing abusive rooms or account freezes will also be sent to an "alert room" on the redlight clients server.
Redlight clients will be untrusted homeservers that are whitelisted by their desired Redlight server. When a user on a client homeserver attempts to join a room, the hashes of the user_id and room_id as well as an auth token will be sent to the redlight server, which will confirm or deny if the room is abusive, the client then denies the user entry to that room. If a user attempts to access abusive rooms multiple times their account will be "frozen" by the redlight server and attempts to access any further rooms will be denied. Real-time alerts about users accessing abusive rooms or account freezes will also be sent to an "alert room" on the redlight clients server.
For a more detailed description of how it will work please consult the [Technical Specification](./technical_spec.md).

4
technical_spec.md
View File

@ -12,14 +12,14 @@ Tags - Content tags that describe the type of abusive material found in a room,
Redlight Server - Will be trusted homeservers that are modified, they'll cache the source list in memory while providing an API interface to "Redlight clients". Redlight servers will pick their own "content tags" that they are filtering, which by extension will allow clients to pick a level of filtering that suits them.
Redlight Client - Will be untrusted homeservers that are whitelisted by their desired Redlight server. When a user on a client homeserver attempts to join a room, the hash of the room_id will be sent to the redlight server, which will confirm or deny if the room is abusive, the client then denies the user entry to that room if it is flagged.
Redlight Client - Will be untrusted homeservers that are whitelisted by their desired Redlight server. When a user on a client homeserver attempts to join a room, the hash of the user_id and room_id, as well as an auth token will be sent to the redlight server, which will confirm or deny if the room is abusive. The client will then grant or deny the user entry to that room.
## The Core Issue
You might be wondering, why not just release a list of these room_ids (or their hashes) and openly let people filter them?
Ultimately anything that can be used to identify abusive content can be used to identify abusive content. It's why access to these tools is typically so restricted. The problem isnt that the hashes could be reversed, it's that the hashes can be used to identify the abuse content.
Ultimately anything that can be used to identify abusive content, can be used to identify abusive content. It's why access to these tools is typically so restricted. The problem isnt that the hashes could be reversed, it's that the hashes can be used to identify the abusive content.
Imagine if you have 100 room_ids and you know 1 is abusive, well you could us an openly distributed hash-list to find that content and do the right thing and block it. Or you could use it to locate that content a lot faster to consume it and break the law with it.