Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] MSC1453: Antivirus support #3811

Open
ara4n opened this issue Jul 26, 2018 · 10 comments
Open

[WIP] MSC1453: Antivirus support #3811

ara4n opened this issue Jul 26, 2018 · 10 comments
Labels
kind:feature MSC for not-core and not-maintenance stuff needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. proposal A matrix spec change proposal

Comments

@ara4n
Copy link
Member

ara4n commented Jul 26, 2018

This is a placeholder for a future MSC to document a proposal for the antivirus stuff we've been experimenting with recently, which amounts to a set of new APIs which proxy access to the media repository via an AV scanner server, whilst giving a way for clients to send encrypted E2E attachment keys to the AV scanner (if they want) so the scanner can scan the content before handing the response back to the client. https://github.com/matrix-org/matrix-content-scanner is the experimental implementation and contains the API doc which would need to make it into a MSC.

@turt2live turt2live added the proposal A matrix spec change proposal label Jul 26, 2018
@slipeer
Copy link

slipeer commented Dec 17, 2018

ICAP protocol is a standard for integrating security systems. Many antiviruses and DLP systems support it. Opensource antivirus ClamAV can be integrated through ICAP by C-ICAP

@ara4n
Copy link
Member Author

ara4n commented Jan 6, 2019

yup, the proposal here will implement ICAP.

Someone needs to port the https://github.com/matrix-org/matrix-content-scanner#api doc into an MSC to flesh this out.

@slipeer
Copy link

slipeer commented Jan 9, 2019

Note that if you implement the check when downloading a file:

  • download requests are always more frequent - there will be more load
  • you can check the files uploaded by other servers

but if you perform file check on upload:

  • in addition to the antivirus, you can integrate, for example, a DLP system.
  • it is possible to block uploading and distribution of a virus file over the Matrix network.

@turt2live turt2live added the kind:feature MSC for not-core and not-maintenance stuff label Apr 21, 2020
@turt2live turt2live added the needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. label Jun 8, 2021
@turt2live turt2live changed the title Antivirus support [WIP] MSC1453: Antivirus support Jun 8, 2021
@ankar84
Copy link

ankar84 commented Oct 18, 2021

but if you perform file check on upload:

  • in addition to the antivirus, you can integrate, for example, a DLP system.
  • it is possible to block uploading and distribution of a virus file over the Matrix network.

I think it is the best approach of DLP and Antivirus software because Matrix stay clean in that case. Bad file don't event uploaded.

@richvdh richvdh transferred this issue from matrix-org/matrix-spec-proposals Mar 1, 2022
@ara4n ara4n transferred this issue from matrix-org/matrix-spec May 9, 2022
@MTRNord
Copy link
Contributor

MTRNord commented May 10, 2022

but if you perform file check on upload:

  • in addition to the antivirus, you can integrate, for example, a DLP system.
  • it is possible to block uploading and distribution of a virus file over the Matrix network.

I think it is the best approach of DLP and Antivirus software because Matrix stay clean in that case. Bad file don't event uploaded.

Well a hostile user then would simply disable the upload checks

@minecraftchest1
Copy link

I personally think the best system would be a combination of both. Scan media during upload, as well as scanning files before serving. Store a list of mxc's and/or hashes of passed/failed media to prevent constant rescanning.

@m00nwtchr
Copy link

m00nwtchr commented Sep 4, 2022

Or scan files on upload, and on retrieve when requested by the local homeserver from a remote (on the local homeserver).
Though I suppose this wouldn't cover that homeserver's own users, then (in the case of a admin disabling the check).

@C0ffeeCode
Copy link

Can this also be used for scanning media for illegal/harmful/disturbing content?

@m00nwtchr
Copy link

You'd need to use a technique like Neural Hash to create a database of content you want to block, but theoretically you could use this to implement the integration, afaict.

@ndren
Copy link

ndren commented Sep 17, 2022

Please make sure that this is documented that it must be always opt-in for E2EE attachments. It's important that this is up to explicit user choice, after they have considered their threat model. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind:feature MSC for not-core and not-maintenance stuff needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. proposal A matrix spec change proposal
Projects
None yet
Development

No branches or pull requests