you're right. but I think it would help if clients had such an option instead of (maybe) having to use a 3rd party app which does (or maybe doesn't) strip all the data. then have the server do a check and return a warning if metadata is found. at that point the user can decide if he cares or doesn't. Or strip the data server side but from what I understand that breaks the checksum?
Discussion
Warnings don’t work, normal folks learned to ignore them due to warning fatigue. Refuse to accept is the only way. Stripping with default blossom will not work, csum will break, and honestly I don’t think any of the clients even check. SHA256 is slow and not the best for that, Blake3 is much faster and as reliable.
oshash is fast
SHA256 by itself is great for cryptography, Blake3 is just very fast on modern CPUs and outdoes SHA256 by miles. Regardless of implementation
It’s a great and super-fast algorithm, especially the WASM implementation! But until it’s bundled by default in Linux, other major OSes, and browsers, it’s unlikely to go mainstream. Switching algorithms is pretty tricky once you’ve committed to one. Still, Blake3 is definitely impressive!
Agree. I am still planning to use blake3 to produce hash and keeping it as an alternative.
Sounds great! I’ve always been a fan of Oshash for media—it integrates so well with the OpenSubtitles ecosystem, which has most of the world’s content indexed. I remember it was quite a challenge and even a bit controversial when they switched to a better hashing algorithm. I think the resistance came from the sheer scale of the ecosystem and the compatibility issues involved, but it’s impressive how they made it work in the end!
It seems that it does not read the full file to produce hash, which can be OK for some use cases but not ideal for integrity. 🤔
uff truth on the warnings!