You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
When files are uploaded to ACMAS there is no safety validation check to ensure that the file isn't malicious before being offered to end-users.
Describe the solution you'd like
We should add an intermediate step between a user uploading a file to the site and making it accessible through the search features. www.virustotal.com seems as though they offer a 500 requests/day @ 4 requests/minute free-tier through which we could send the file for verification before adding it to our database.
Given that users are now required to be signed in to gain the ability to upload, we should also automatically ban the user and block their username and email from being used to create a new account in the future. A great additional step would be to block their MAC address, if that's something we can query through Python/Django.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
When files are uploaded to ACMAS there is no safety validation check to ensure that the file isn't malicious before being offered to end-users.
Describe the solution you'd like
We should add an intermediate step between a user uploading a file to the site and making it accessible through the search features. www.virustotal.com seems as though they offer a 500 requests/day @ 4 requests/minute free-tier through which we could send the file for verification before adding it to our database.
Given that users are now required to be signed in to gain the ability to upload, we should also automatically ban the user and block their username and email from being used to create a new account in the future. A great additional step would be to block their MAC address, if that's something we can query through Python/Django.
The text was updated successfully, but these errors were encountered: