so i remember when scratch added the camera everyone was talking about ‘oh no what if they record the screen and store it in a cloud database’ and i /thought/ we resolved this by just not letting you make cloud variables in projects with the camera plugin. but uh, i just tried to do that and it worked?? how long has this been allowed? maybe since 3.0? i swear we had this whole discourse years ago and maybe i'm missing something but this seems like a major security concern


**pinning an entry from below**
okay all of the posts on this thread are ‘seems like it would be a very small image’ and yes. it would be a small image. again, the image would look like this with a whole lot of inefficiency in compression https://scratch-mit-edu.ezproxyberklee.flo.org/projects/412812463

that's still /an image/. like it's still big enough where you could consider it to be a picture of a person. we are past the point where it is productive to argue about whether an image of that size and color detail is ‘too intrusive’. personally i wouldn't want someone to unknowingly take a picture of me in that image format, but that's kind of irrelevant, because just purely in terms of data security ethics, i don't think there's much of a case for ‘it’s okay for people to take small low res pictures of users on a website of mostly children and save them online'.

we're past the point of figuring out how to optimize a hypothetical secret internet camera, what i'm saying is (and i believe this used to be the case anyways back in 2.0) that st should just disable the camera plugin in projects with cloud logs. that seems like an easy fix and is not contingent on windows and thresholds of whether we're letting people steal ‘too much’ webcam data.

like just to clarify- we've always been able to record the screen. the point where it becomes a data liability is when you can record the screen /and/ save values in external databases

You have by far not enough space in the cloud to do that and I guess that you can't scan the entire screen in that short frame.

What is your question?

HTML-Fan wrote:

You have by far not enough space in the cloud to do that and I guess that you can't scan the entire screen in that short frame.

no we can definitely scan the screen, we've always been able to do that (see npr cameras) https://scratch-mit-edu.ezproxyberklee.flo.org/projects/388354077/but how much space theoretically do we have? i know they recently reduced it but what's the maximum resolution you could get from, say, a 2 bit image

CANSLP wrote:

HTML-Fan wrote:

You have by far not enough space in the cloud to do that and I guess that you can't scan the entire screen in that short frame.

no we can definitely scan the screen, we've always been able to do that (see npr cameras) https://scratch-mit-edu.ezproxyberklee.flo.org/projects/388354077/but how much space theoretically do we have? i know they recently reduced it but what's the maximum resolution you could get from, say, a 2 bit image

from my calculations you could have a 160x160 black and white image or around a 113x113 4-color image. seems like a nontrivial amount of information

CANSLP wrote:

HTML-Fan wrote:

You have by far not enough space in the cloud to do that and I guess that you can't scan the entire screen in that short frame.

no we can definitely scan the screen

I know. But scratch's speed totally sucks. So before you have scanned just 1/10, there's a new frame.

HTML-Fan wrote:

CANSLP wrote:

HTML-Fan wrote:

You have by far not enough space in the cloud to do that and I guess that you can't scan the entire screen in that short frame.

no we can definitely scan the screen

I know. But scratch's speed totally sucks. So before you have scanned just 1/10, there's a new frame.

did you see the example i linked? we can already scan images

CANSLP wrote:

CANSLP wrote:

HTML-Fan wrote:

You have by far not enough space in the cloud to do that and I guess that you can't scan the entire screen in that short frame.

no we can definitely scan the screen, we've always been able to do that (see npr cameras) https://scratch-mit-edu.ezproxyberklee.flo.org/projects/388354077/but how much space theoretically do we have? i know they recently reduced it but what's the maximum resolution you could get from, say, a 2 bit image

from my calculations you could have a 160x160 black and white image or around a 113x113 4-color image. seems like a nontrivial amount of information

for reference, here's a 160x160 image https://www.google.com/search?q=face%20imagesize%3A160x160%20&tbm=isch&safe=images&safe=images&tbs=iar%3As&hl=en&ved=0CAEQpwVqFwoTCND4mfyr3OoCFQAAAAAdAAAAABAI&biw=1425&bih=789#imgrc=FTU1YslFdjeeJM

You can't put that stuff that easy into a cloud variable. And it's really slow. And you get asked if you want to enable the camera. And I guess that you can't stop the stream to get a frame.

CANSLP wrote:

no we can definitely scan the screen, we've always been able to do that (see npr cameras) https://scratch-mit-edu.ezproxyberklee.flo.org/projects/388354077/but how much space theoretically do we have? i know they recently reduced it but what's the maximum resolution you could get from, say, a 2 bit image

The project you linked doesn't have Cloud Vars.

Nobody can store it, and that much would be too much for cloud to handle.

okay here's how much image data you can store on the cloud https://scratch-mit-edu.ezproxyberklee.flo.org/projects/412812463/
it's a little smaller than i though but it's still definitely /an image/, seems like we for sure shouldn't be letting you turn the camera on when there's a cloud log

Basic88 wrote:

CANSLP wrote:

no we can definitely scan the screen, we've always been able to do that (see npr cameras) https://scratch-mit-edu.ezproxyberklee.flo.org/projects/388354077/but how much space theoretically do we have? i know they recently reduced it but what's the maximum resolution you could get from, say, a 2 bit image

The project you linked doesn't have Cloud Vars.

Nobody can store it, and that much would be too much for cloud to handle.

you definitely can store it. that one specifically seems to be 3-bits over about 50x20 pixels, i've been able to store 3-bit images over 72x72 https://scratch-mit-edu.ezproxyberklee.flo.org/projects/412812463

the only thing is, that would be too low res, and its not color, I cant make out my brother from my father on that thing. is it really a security risk?

JackK211424 wrote:

the only thing is, that would be too low res, and its not color, I cant make out my brother from my father on that thing. is it really a security risk?

it's for sure within the range of ‘you should not be allowed to do this on a website with a large underage user base’. seems like you should err on the side of not letting people take pictures of children online

CANSLP wrote:

it's for sure within the range of ‘you should not be allowed to do this on a website with a large underage user base’. seems like you should err on the side of not letting people take pictures of children online

They don't store it, I can tell (for storing you would need cloud vars).

Basic88 wrote:

CANSLP wrote:

it's for sure within the range of ‘you should not be allowed to do this on a website with a large underage user base’. seems like you should err on the side of not letting people take pictures of children online

They don't store it, I can tell (for storing you would need cloud vars).

what. i know this camera project isn't storing them online. i'm not snitching on some npr project, i'm saying we should probably change the way cloud logs and/or the camera works so that you can't take pictures of people and store them online (which you currently can)

I've tried it many times you can't do it without having many thousands of variables.

Can I explain something to you?
There are 10 max cloud variables.
You can store 256 chars in each.
Which means there are 2560 chars in total.
I haven't seen anyone being able to create a black-white scanner yet.
There are a lot of colors being able to be scanned, without black-white scanning.
Scratch's stage is 4:3, and to get a full size image, it has to be 480x360 pixels.
That's 172800.
Even if we make it smaller, for example, 48x36, which is already unable to be seen, it's still 1728.
Let's say there are 60000 colors that are able to be scanned, but it's actually more. 5 chars per pixel. Now, let's multiply that by 1780. 5x1728=8640. Is that too much? Yep. So how are you going to scan it? Even if it's just 48x36, 1 Char per color, it's 1780, which technically is able to be stored, is not comprehensable.
Now, if I did the math wrong, tell me.

-Zyte- wrote:

Now, if I did the math wrong, tell me.

You're supposed to exponentiate the number of colors and the number of pixels.
So, if you were to have 2 colors and 1728 pixels, there would actually be 15,129,776,317,850,095,820,092,511,389,349,266,990,292,718,729,815,631,986,418,537,353,879,463,563,521,162,185,150,219,603,700,165,130,994,236,082,131,324,756,445,942,491,538,167,955,612,355,559,370,819,630,786,874,949,073,054,392,871,127,532,858,565,042,604,704,229,027,792,897,149,278,536,911,570,984,376,289,178,239,414,281,093,587,086,254,280,625,511,423,417,734,560,103,547,720,775,941,236,898,584,297,864,754,056,409,689,723,511,538,383,397,266,829,071,642,966,529,789,271,374,337,767,970,717,302,376,007,449,935,423,628,987,375,161,285,038,699,647,338,790,955,261,847,896,303,406,764,539,379,637,294,632,424,461,577,413,789,356,619,528,237,622,525,126,579,905,139,518,845,267,220,627,456 combinations!

To put that number in perspective: remember the number of possible usernames? That is around 10^-490 times smaller. To put that in perspective, the Planck length is only 10^-62 times smaller than the length of the observable universe.