iTranslated by AI
Leveraging Cloudflare's Free CSAM Scanning Tool for Fediverse Instances
Blocking CSAM
CSAM stands for Child Sexual Abuse Material.
Detecting and blocking CSAM is crucial when operating websites where users can upload arbitrary images, or when running software like Fediverse instances that proxy/cache untrusted images.
In fact, when I was operating a Misskey instance, there were incidents where spam from remote servers (servers operated by others in the federation) would set CSAM (child pornography) as user icons or profile images.
Needless to say, merely possessing CSAM is a serious crime in Japan. Even if you have no malicious intent, having CSAM cached on the CDN or server under your domain is a situation you want to avoid at all costs.
While utilizing APIs provided by major companies such as Azure AI Content Safety is an option, it requires implementation on the application side and generally costs money if used beyond a certain frequency.
That is where Cloudflare's CSAM Scanning Tool comes in handy.
How to Use
If you are already using Cloudflare's CDN, it is so simple that it barely needs an explanation. Just log in to the dashboard and enable the "CSAM Scanning Tool" from "Caching → Configuration".
You will be asked for an email address, which will be used to notify you if CSAM is actually discovered. Be sure to provide an address where you can be notified as quickly as possible.
Important Notes
- Needless to say, it will not work if the proxy is not enabled in your Cloudflare DNS settings.
- Depending on your region, website administrators may be required by law to report any discovered CSAM to appropriate organizations such as the NCMEC (National Center for Missing & Exploited Children).
- I have not been able to find any specific laws in Japan regarding this, but in general, it is considered appropriate to report such findings to the police or other relevant authorities.
Discussion