First a question: Do we know if all file hosters will delete files that are reported to them, based on nothing more than a request and a link? Or do some or all of the hosters also require a password to the file so they can decrypt it and verify that it's illegal? If so, please read on. Here's a suggestion for how to extend the retention of files uploaded to file hosts. It seems fairly obvious, so may have been suggested already but I've not seen it.
It starts off fairly routine:
File(s) to be uploaded must first be encrypted using a random password, unique to that file only. The encrypted file must also be made to have a unique MD5 checksum by including some random data such as a thumbnail pic or a text file containing some random text. The contents of the file mustn't be identifiable without the password.
The file is then uploaded to 1 or more file hosts (only 1 may be necessary using this method) and the link posted to this forum in the usual way but WITHOUT providing the password. Clear thumbnails and a description MUST be provided of the contents of the upload.
This gives time for as many people as possible to download the file. The file can't (assuming my opening paragraph) be reported by haters and deleted by the host because there is no password to decrypt it, and no match to any existing blacklisted MD5 checksum.
The downside of this method is that it relies on trust and delayed gratification as people have to wait before they can access the file they have downloaded. But it also means no captures or other link obfuscations are needed, and no time wasted effing around with downloads from crappy hosts which keep failing the download towards the end, or require you to change your IP address 100 times before you find a server that's ready.
Now the important bit: How to provide the password. I have a couple of suggestions, you may have more.
The OP who uploaded the file could just post the password after a pre-declared number of days/weeks. This would work better with members who have already gained karma and a reputation for previously uploaded files. People may not want to waste time downloading files if they can't trust that they will at some point receive the password.
Alternatively, or in addition, the OP who uploaded the file could IMMEDIATELY provide the password to a (willing!) Moderator, who could test it against the file download and if successful, indicate on the forum that the password has been verified. The Moderator would also then be able to provide the password on the forum after a set time, if the OP hadn't done so for whatever reason. The password could even be added to a central database on the forum which is displayed publicly on the relevant dates. This would facilitate people finding all the passwords to the files they downloaded.
As a further enhancement to this system, it could be a requirement that before the password is posted on the forum, someone must post a mirror to the upload, but again encrypted with a new MD5 checksum and password. This will ensure the continuation of the file availability after the first password is provided.
OK, I know this suggestion isn't ideal, but it might just be a good compromise as the deletion bots and Antis get more effective, especially when big unhoards are involved.
Any thoughts or suggestions?
0 comments:
Post a Comment