matrix-spec-proposals icon indicating copy to clipboard operation
matrix-spec-proposals copied to clipboard

Published 20 hours ago verified publisher icon matrix-org

[WIP] MSC1453: Antivirus support

Open ara4n opened this issue 7 years ago • 10 comments
trafficstars

This is a placeholder for a future MSC to document a proposal for the antivirus stuff we've been experimenting with recently, which amounts to a set of new APIs which proxy access to the media repository via an AV scanner server, whilst giving a way for clients to send encrypted E2E attachment keys to the AV scanner (if they want) so the scanner can scan the content before handing the response back to the client. https://github.com/matrix-org/matrix-content-scanner is the experimental implementation and contains the API doc which would need to make it into a MSC.

ara4n avatar Jul 26 '18 11:07 ara4n

ICAP protocol is a standard for integrating security systems. Many antiviruses and DLP systems support it. Opensource antivirus ClamAV can be integrated through ICAP by C-ICAP

slipeer avatar Dec 17 '18 09:12 slipeer

yup, the proposal here will implement ICAP.

Someone needs to port the https://github.com/matrix-org/matrix-content-scanner#api doc into an MSC to flesh this out.

ara4n avatar Jan 06 '19 14:01 ara4n

Note that if you implement the check when downloading a file:

  • download requests are always more frequent - there will be more load
  • you can check the files uploaded by other servers

but if you perform file check on upload:

  • in addition to the antivirus, you can integrate, for example, a DLP system.
  • it is possible to block uploading and distribution of a virus file over the Matrix network.

slipeer avatar Jan 09 '19 05:01 slipeer

but if you perform file check on upload:

  • in addition to the antivirus, you can integrate, for example, a DLP system.
  • it is possible to block uploading and distribution of a virus file over the Matrix network.

I think it is the best approach of DLP and Antivirus software because Matrix stay clean in that case. Bad file don't event uploaded.

ankar84 avatar Oct 18 '21 11:10 ankar84

but if you perform file check on upload:

  • in addition to the antivirus, you can integrate, for example, a DLP system.
  • it is possible to block uploading and distribution of a virus file over the Matrix network.

I think it is the best approach of DLP and Antivirus software because Matrix stay clean in that case. Bad file don't event uploaded.

Well a hostile user then would simply disable the upload checks

MTRNord avatar May 10 '22 08:05 MTRNord

I personally think the best system would be a combination of both. Scan media during upload, as well as scanning files before serving. Store a list of mxc's and/or hashes of passed/failed media to prevent constant rescanning.

minecraftchest1 avatar Jun 20 '22 02:06 minecraftchest1

Or scan files on upload, and on retrieve when requested by the local homeserver from a remote (on the local homeserver). Though I suppose this wouldn't cover that homeserver's own users, then (in the case of a admin disabling the check).

m00nwtchr avatar Sep 04 '22 06:09 m00nwtchr

Can this also be used for scanning media for illegal/harmful/disturbing content?

C0ffeeCode avatar Sep 04 '22 14:09 C0ffeeCode

You'd need to use a technique like Neural Hash to create a database of content you want to block, but theoretically you could use this to implement the integration, afaict.

m00nwtchr avatar Sep 04 '22 20:09 m00nwtchr

Please make sure that this is documented that it must be always opt-in for E2EE attachments. It's important that this is up to explicit user choice, after they have considered their threat model. Thanks!

ndren avatar Sep 17 '22 06:09 ndren