Slashdot Mirror
ISPs to Create Database to Combat Child Porn
BlueCup writes to tell us that several media companies are banding together to create a database of child pornography images to help law enforcement officials combat distribution of questionable material. In addition to the database several tools and new technologies are also planned but most notable is what some perceive as a willingness to cooperate which critics say has been lacking in the past. From the article: "Each company will set its own procedures on how it uses the database, but executives say the partnership will let companies exchange their best ideas — ultimately developing tools for preventing child-porn distribution instead of simply catching violations."
This is a great idea. With a couple of tiny issues.
ISPs have long said that they are just carriers and are not responsible for the content they provide access to. As soon as the technological solution for implementing a "content filter" is there, RIAA and friends will _require_ ISPs to use it for that purpose as well.
This is completely ignoring the technical stupidity of trying to "fingerprint" media that is _not_ going to be transferred in plaintext.
...stopping the proliferation of nuclear weapons by creating a massive stockpile?
---
DRM is like antifreeze, to the MPAA/RIAA it's sweet, to the consumers it's poison.
Child porn is the darkest side of the internet. Its the thing all net users should be on guard for, and the argument invoked against the internet by countless alarmists.
However, I don't agree with this database. Keeping these images, even for law enforcement purposes, is a violation of the privacy of children who have already been subjected to a horrific violation. Leave them alone already.
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
What exactly is different between Company A (ISP) and Company B (Offshore Freakshow) amassing a huge database of child porn? Company B is probably even in a jurisdiction where having it is legal by local laws, but Company A is certainly not. We have zero tolerance laws so strict they ruin people's lives for a banner ad containing a legal model that simply wasn't documented properly. So how come it doesn't apply here?
~Rebecca
This can be problematic and annoying for users when the databases aren't correctly updated. A case in point: the Internet Watch Foundation maintains a database of child porn / other obscene URLs so that ISPs can take that list (hashed, so the URLs are not revealed) and block them.
Recently, a popular imageboard at http://img.4chan.org/b/imgboard.html has been added to that list for reasons unknown. Several UK ISPs, including BT Internet and NTL, have blocked that URL. Complaints to either the ISPs or the IWF from both the users and the site admin have gone unanswered. I am personally quite annoyed by this as I'm a regular user of that board.
It's this sort of unaccountable censorship of the Internet that makes me suspicious of such 'helpful' databases.
how many ways can these pictures be hidden?
zip, rar, and other compression formats
encrpyted
hidden inside other files (stenography)
the list goes on...
these people should learn, you cant fight the internet
AOL, for instance, plans to check e-mail attachments that are already being scanned for viruses. If child porn is detected, AOL would refer the case to the missing-children's center for further investigation, as service providers are required to do under federal law.
Sounds like one of those 'good on paper' ideas that later spins itself into a slavering monster that eats half the internet. What's to say they don't start scanning for other things? Is the RIAA going to be knocking on my door because I sent an AOL member a Metallica MP3?
We can't let the ISPs have a monopoly on child porn databases and filtering. We need an open-source child porn database, using open standards and free from DRM, and freely available to the public, so that everyone can access all the world's child porn and thereby protect themselves against it.
from tfa: "the goal is to ultimately develop techniques for checking other distribution techniques as well, such as instant messaging or Web uploads"
so they will be scanning our web traffic in real-time to determin if we are sharing child porn?
anyone else see this and think something along the lines of "this is just a 'think of the children' excuse to implement advanced monitoring systems, which in due time the govt. will take over 'in the public interest'"?
These online companies were previously protecting themselves from liability for their customers' transmissions by claiming that filtering this data would be an expensive and prohibitive task. By volunteering this service, they've crossed that line. It should be possible for the music companies, MPAA, etc. to demand filtering as well.
It's a pretty stupid plan nonetheless. These digital fingerprints will only catch casual or newbie child porn traffickers. Encryption will easily render these fingerprints useless. The worrisome side effect is the false positives that will be triggered by this fingerprinting technique. As an example, try using one of those packages that tries to tag your mp3s by fingerprinting... Pretty unreliable stuff.
Seth
$5 / month hosted VPS on linux = awesome!
Yes! Exactly!
Think of the children!!
Er, wait, that's the problem to begin with . . .
(It's an oldie but a goodie, folks!)
It's not offtopic, dumbass. It's orthogonal.
Anyway, it's just another case of "think of the children!!1"
If anything, I think the point is to NOT think of the children. At all. STOP IT SCUMBAG.
No a troll but a serious question.
.. I knew I should have read TFA .. they are advocating an automated process that is trained to recognise signatures of pics that are deemed to be bad. If they can do that for $1,000,000 I will be really surprised, as I don;t think it has ever been sucessfully done before for any type of image. I wonder who sold them this snake oil (again)
How do they categorise what is collected in their database as child porn? I have yet to see an automated system that can look at a photo and describe what it is (although several have been promoted over the years) I imagine that the decision as to what category the pics falls under must be made by a human. So my question is whose standard do they apply for the process?
I can see that this process could be very arbitrary. So while I am not advocating child porn, I can also see that the data collection process could get very messy and have lots of false positives and negatives. and like the TSAs no fly list, could be very hard to get off it once you are on.
Oh shit
I am Slashdot. Are you Slashdot as well?
I thought the same thing while watching some news report about child porn on television recently. A cop was sitting at his computer doing some clicking as he viewed child porn (obviously the camera didn't show the screen), and he talked about his war against distributors. Something just wasn't right about the way he talked about child porn, almost as if it took effort to disparage it and I got the sneaking suspicion that he had been compromised by it in some way. It made me wonder how much of a risk there is of a police officer developing an addiction to the matter he's sworn to defend against, a la Philip K. Dick's A Scanner Darkly One wonders why cops are allowed to work on this on their own, seems to me it would make much more sense to allow people access to the material only in teams, perhaps mixed-gender.
...those who speak up against this incredibly stupid idea are just latent child porn users. Voila, more people you can potentially detain if you see fit.
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
Petaphiles of disk space.
*rim short*
Thank-you, thank-you, I'll be here all week
I am Slashdot. Are you Slashdot as well?
RTFA - no way! Not when the link is on the words "database of child pornography"... I can imagine the headlines now... 3,000,000 /.ers arrested for paedophilia!
Time is an illusion. Lunchtime doubly so. - Douglas Adams
The subject is really complicated, here you have a conjunction action from the top ISP companies, but there are some things we must know.
This means that if "somebody" sends to me an image that triggers the filter I'm gonna be a "suspect" (at least for a while) so AOL refer the case and 1 minute later i have an investigation running on my private emails.
BTW... i don't want to sound paranoid, but this is a "way to start", then the database can include another kind of images (who knows?). Or just filter anything they want. The comparison with the Antivirus system (intentionally and not so technical related) put me more alert.
I don't want to sound liberal, I'm against child pornography, but i think that this is not the way to fight against it. If some sick-man (A) have a picture of some-more-sick-asshole(B) doing nasty things with a child, he(A) is a sick person but not a criminal, the asshole(B) must go to jail because he abuse (mental and physical) the boy (the other guy(A) must go to a doctor).
Another idea could be the "infection" of some images/files/videos and leave in the wild (this pedophiles bastards are not technical specialist, the majority of them are teachers, fathers or military related). So we keep track of the files all over, and figured out "sources" where they upload this files not a "single email address" i mean where a lot of files converge from different places. Then, security experts with some legal support, 0wn the server and monitors everything... and the investigation continues.
Also the P2P networks has a LOT of "pedophilic" shares, but you can't run after every sick people, you must go to the source and condemn the one who abuse the child.
I don't like the idea of "monitors everything -> searching for something". I think it must be like i said before... its a HUGE difference.
Rock and Roll
This'll be different in what way from the massive database and set of image search tools that Interpol already maintains? It's not like every signatory agency (including those in the US) doesn't already have access to it, and it's been running for years.
/ PR2005/PR200536.asp
http://www.interpol.int/Public/ICPO/PressReleases
I've met some of the guys running it, and while I really admire their dedication and achievements, I can honestly say there's no job on earth I'd less like to have.
So, yeah, go ahead and build your database. By the time it is up and running, it will be obsolete, and we'll be discussing other problems.
Is there anyway I can get a copy of that database? Anyone? Bueller?
rhY
I hold very few opinions. I hold information based on observation and fact. If you wish to disagree, please use facts.
"Something just wasn't right about the way he talked about child porn, almost as if it took effort to disparage it and I got the sneaking suspicion that he had been compromised by it in some way"
Compromised? Not in the way you mean.
Unfortunately, I have some experience of this from about 10 years ago. While I was working for a large corporation as a sysadmin I came across a stash of this stuff. To cut a long story short it went from that to helping the police gather evidence against three individuals and from there to helping them to crack a much larger ring of paedophiles.*
A normal adult wants to love and protect kids. I can tell you these people (I use the term advisedly) are *really* not normal and some of the images made me physically sick - literally. We are not talking about kids in the nude - you don't want to know. There is NO way a NORMAL adult will be compromised... really! What that police officer was probably feeling was... nothing. You have to be like that to be able to take it at all and even then it does damage. It's so bad that you *must* stop after a couple of years.
"One wonders why cops are allowed to work on this on their own, seems to me it would make much more sense to allow people access to the material only in teams, perhaps mixed-gender."
Well, you are in a team. Part of the reason of trawling through the material on your own is logistics (manpower, etc) and the other is; why expose people to more than necessary? And, as I mention above, the dangers aren't that you'll turn into a paedophile yourself.
* Yes we got them - it was on the front page of the papers - especially the bit about most of them getting 15 months. We spent two years taking them down. Go figure!
For that matter, how are they verifying their copy? Obviously if its a 6 year old getting raped you'd flag it and add the hash, but what if its just a girl taking a picture for her boyfriend that leaks out? Especially if its a 16 year old that looks like shes 18? or a 18 year old that looks like shes 16? What about Art? Family photograph from a country where theyre open about nudity(okay, would still be illegal here, but you get what I'm getting at).
Theres a lot of gray area, and a huge list of hashes isn't going to be very descriptive. While we're at it, they're just flagging files transfered.. What if someone sets up a relayer in a country where its legal and uses it to send kiddieporn to you via email? Click a message, commit a crime and go to jail. Or if someone defaces a site and puts up CP, or if someone just ups random CP to a public site(4chan), or any number of other ways.
Going after real pedophiles hurting real people would be great, but this isn't going to help and passing this kind of tech off as "for the children" is downright offensive.
Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
Wanna bet that some slimey police exec is helping himself with those images?
I'd open a book on it, but only at 1/33.
Just like the Catholic Church is full of pedophiles and pederasts, no doubt "internet" law enforcement is filled with closet perverts who delight in ammassing volumes upon volumes of illicit data. It's probably also filled with those who get their thrills from snooping on other people's emails.
Let's put it this way. Where's the best place for a criminal to hide. A position of authority.
May the Maths Be with you!
There is NO way a NORMAL adult will be compromised... really!
... besides, who at /. believes in the validity of the term "NORMAL" being used as a moral beacon? Everybody can be corrupted. Thankfully not everybody has the same tastes in vices as pedophiles.
"He who fights with monsters might take care lest he thereby become a monster. And if you gaze for long into an abyss, the abyss gazes also into you."
Friedrich Nietzsche, Beyond Good and Evil, Aphorism 146
"Common sense will be the death of us all"
Hypothetical scenario 1:
I piss off the wrong person. This person has access to material of this kind, and a zombie botnet. He arranges for this botnet to spam me with pictures of kiddy porn. The emails are caught by this system and flagged, and suddenly I'm the subject of an investigation. The way that sort of thing works here in the UK, I'm likely to be splashed all over the papers before my innocence is proved (which won't make nearly as large headlines, of course). Even if I am cleared, my reputation may well be shot to hell; people over here aren't too picky when it comes to this sort of thing. A few years ago a tabloid paper raised hell about paedophiles having been released into the community after serving their sentence. Some of the resulting protests saw a paediatrician being hounded from her home - people saw "paed" and thought "paedo". Rationality often takes a back seat where kids are concerned; this could be a very cheap and easy way to utterly ruin someone.
Hypothetical scenario 2:
I go on holiday with my family. I take photographs. I email some of these photographs to my friends and parents. Some of them contain shots of my 6 year old daughter in her swimming costume. An overzealous automated process tags this as a false positive, and suddenly we're all under investigation.
To be honest, scenario 2 doesn't worry me so much; it should be obvious to even the most rabid "think of the children" zealot that the photos are perfectly innocent. It's the first one that gives me grave cause for concern. It would potentially take some effort to prove ones innocence, during which time you're very likely to have been utterly pilloried in the press. If you have kids yourself, they may even have been taken into care for the duration, and are likely to have been teased or bullied about it at school.
I appreciate that measures do need to be taken to fight against child porn, but given the highly sensitive nature of the subject, I have conerns about implementing any sort of automated system.
It's official. Most of you are morons.
Wouldn't it make more sense to arrest people if and when they actually harm a child?
..... but so what? The kids in the pictures aren't getting any worse just because other people are looking at them. The harm was already done when the pictures were taken, and it isn't going to be undone.
I have absolutely no problem whatsoever with people who just want to look at pictures. Yes, they may well be pictures documenting a crime that was committed
I say let people jack off into a box of tissues as much as they damn well like. At least once they've spent their pocket money, they're no danger to anyone for a couple of hours. If they're doing more than look at pictures, then by all means go after them. But what a person does within the privacy of their own imagination is nobody else's business.
Je fume. Tu fumes. Nous fûmes!
Sharing of child pornography leads to more child pornography.
Sharing of copyrighted music leads to less copyrighted music.
Find the anomaly.
In fact, to follow the "think of the children" idea, I believe that such a database would lead with more CP production, as you would have to "replace" the material censored (assuming this measure would be efficient) leading to profits for pornographer producer.
Just a thought
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
While we're at it, they're just flagging files transfered.. What if someone sets up a relayer in a country where its legal and uses it to send kiddieporn to you via email? Click a message, commit a crime and go to jail. Or if someone defaces a site and puts up CP, or if someone just ups random CP to a public site(4chan), or any number of other ways.
This is what worries me about the "it's illegal to view $foo" laws - it's entirely possible that you don't know you're about to view $foo until it's too late and you've broken the law. Is there a need to go after people who have simply downloaded something dodgy since they may not have intentionally done so? Better to concentrate on people who are *paying* for content since by paying they are financially supporting the continuation of the crime (the people who haven't paid are not supporting the real criminals).
http://blog.nexusuk.org
So, the ISP's put this system in place, the GOV hires a bunch of spammers (all under the table of course) to email low grade kiddy porn to everbody who looks like the next terrorist and VOILA instant access to all your information: digital and physical. A kiddy porn investigation gets the judges to write out all kinds of warrants for the FBI and you are powerless to stop it.
Some asshat senator mad at your company for opposing one of his bills? Send some kiddy porn to you, and start an investigation. Even if they don't find anything, you'll most likely lose half of your cusotmers and most of your respect.
I'm scared.If O2 is good, O3 must be 1.5 times better!
This is why the child pornography filters employed by most Danish ISPs now will only redirect the user to an "Oops, you do know that this stuff is illegal, right?" page.
Then again, our filters are made mostly to protect the innocent from being subjected to CP by accident (and yes, it'll stop a few from ever getting into the stuff), not so much prevent someone who really wants it from getting it - they'll always find a way...
human sexauality is a continum, most of us find the opposite sex attractive, most prefer the same age and discriminate based on things like hair color, body shape ect, fewer are attracted to the same sex but same age; some are farther out on the fringe, it's the way we are born.
Apocalypse Cancelled, Sorry, No Ticket Refunds
First off, the National Center for Missing and Exploited Children already has this "databae" or "library" of child porn images. They would be the maintainers of it, not the ISPs themselves. That is what the article says, and that would be the legal requirements - police and other government agencies cannot keep child porn even for sample purposes.
NCMEC will be undoubtably supplying a hash database to ISPs. MD5 or SHA1 probably as these are in common use today. This would enable matching of identical files quickly and easily.
Unfortunately, we are already running into the limits of simple MD5 matching with child porn cases today. You resize the picture or brighten it up a little bit and that changes the MD5 value and your database, library or whatever is then useless. You have a new, original picture with a new original hash value. There are other ways to accomplish this which do not suffer from these limitations without giving up high-speed autonomous comparisons. Check out http://www.infinadyne.com/icatch.html for some ideas.
Yes, I work at the company that is producing this product.
the point is NOT about the KIND of content. that's just a way to get popular soccer-moms (etc) up in arms and mobilized on your side.
what is REALLY shocking is that this opens the door for ISPs to get their 'fingers on the bits' (its a data comm term - sorry about the double ententre).
so far, it has not been 'ok' to let ISPs scan for content and make judgements on it. most ISPs have drawn the line to say that we are just a carrier of bits and we are not RESPONSIBLE for what the user includes in the payload.
the music and film industry has tried to get ISPs to do their spying. with mixed success.
but scream 'CP' and you can't publicly NOT support that (and still keep your job). "have you stopped beating your wife yet?" goes the old joke. there's no safe way to answer that. if you publicly oppose such a politically charged idea, you are a boogeyman and an evil person. if you support it, you will pass under the suspicion-radar and will more or less be left alone.
this is a power grab to OFFICIALLY define an isp's job as net-nanny. first they claim to be protecting the citizenry - but its really far more devious than that. once the gov and the isp's convince joe sixpack that its in their 'benefit' for the net-nannies to read all your content ahead of you, you will NEVER get that level of privacy back again.
this is a sham. whenever someone says "won't you please think of the children!" you can bet that there are alterior motives going on.
remember: those in power just want to keep and increase their control level. fingers on the datacomm bits is one thing they've been after for a long time!
--
"It is now safe to switch off your computer."