Slashdot Mirror
Tool To Allow ISPs To Scan Every File You Transmit
timdogg writes "Brilliant Digital Entertainment, an Australian software company, has grabbed the attention of the NY attorney general's office with a tool they have designed that can scan every file that passes between an ISP and its customers. The tool can 'check every file passing through an Internet provider's network — every image, every movie, every document attached to an e-mail or found in a Web search — to see if it matches a list of illegal images.' As with the removal of the alt.binary newgroups, this is being promoted under the guise of preventing child porn. The privacy implications of this tool are staggering."
This will cause huge latency issues and cost beaucoup bandwidth. ISPs would be shooting themselves in the foot if they did this with all traffic. OTOH, I could see laws requiring such tools for P2P traffic -- in fact that may well be inevitable, with the **AA's "ruling class" status these days.
Caveat Utilitor
This could have an upside....
Where Global Big Brother Watches YOU!
ends with the MPAA and RIAA suing you for your mp3s and .mpgs.
Careful What You Wish For....
"The tool can 'check every file passing through an Internet provider's network -- every image, every movie, every document attached to an e-mail or found in a Web search -- to see if it matches a list of illegal images.' "
How exactly is this going to be accomplished? The equipment cost must be staggering and would consume allot of power. Way to conserve electricity, I thought we were trying to reduce the amount of power the Internet consumes. Does also this remove the common carrier status of ISP's?
I hope this never comes to fruition.
Wasn't that the Aussie spyware company attached to Sharman Networks/KaZaA?
Before it got raided, I mean?
I call shenanigans.
Can it decrypt SSL/SSH in real time?
extern warranty;
main()
{
(void)warranty;
}
This would be useless against their number one traffic maker, bit torrent. The packets are random at best and completely disorganized at worst so this product would be especially useless when coming across say, packets from a torrent whos contents have been encrypted.
Not to mention the million other ways to get around this.
So what happens when the malware guys decide to have their malware fire off images that are on this list of banned files/images?
Suppose that their 'smart' and have the image embeded in the malware (or otherwise obscured). the malware sits there for a while and infects as many systems as possible... then the SPAM event happens. With this crap... I mean "wonderful, keep-our-kids-safe" software kicks in and drags even more of the internet down, who's gonna pick up the tab?
I know... have the **AA morons... I mean overlord masters, sign an iron-clad agreement to pick up that tab and I'll gladly get infected. :|
Except... I don't really feel like being arrested for having been infected by perverted malware. :(
When those around you are loosing their heads while you are keeping yours, maybe you've misunderstood the situatiuation.
... what is going to prevent this proverbial snowball from building into a full-blown avalanche? I guess it has already become one to some extent... I can't recall a time in history when the WORLDS rights and privacy were as stripped and neglected as it is now, and then everyone suddenly got their right to privacy and freedom back. Despite its amazing capabilities, technology sure has put us into an interesting position when in the hands of people like "Brilliant Digital Entertainment" ... yeah, real brilliant. Crackheads.
Because I'm *sure* that people wouldn't just find ways to add hash busters, right? Hell, even the idiot spammers solved this one. Do they really think that spending zillions on hardware will help anyone but the hardware vendors peddling this crap?
Ok, on really simple protocols, like HTTP or FTP, maybe - but most, if not all, p2p traffic is safe, i think. This is of course because of the chunky nature of transmission - you can't really tell what part of the file went through your pipe just by looking at it, and since parts are sent at random, you cannot rebuild the file with your chunks without guiding information, be it a torrent file, a list of parts for emule, or whatever else there is. And you need the whole file to get your hash-check. That's one. Two: encryption totally kills the effort, as the ISP can in no way examine your file without interfering with your transfer, and SSL exists solely to protect you from this.
Even if my line of thinking is really misguided here, this would require lots and lots of processing power - i mean, on a routing line with a hundred users on one end, it's thousands of hash-checks to be made for every stupid rebuilt file - both processes of course painfully CPU-eating, unless you want false-positives, since you didn't bother to use a proper hashing algorithm.
All in all, this looks to me like a terrible waste of money.
"We are the music makers, and we are the dreamers of dreams [...]."
Time to make a utility that puts a file into an encrypted 7Zip archive, with the password stored in some reversable encryption method (encrypt the password with all zeroes as a key 1 million to 2 million times), so it would take x CPU seconds on some hardware to decrypt it.
This would allow files to still go across the net without requiring passwords or keys, but prevent utilities like this from just passively obtaining traffic, just due to the CPU cycles involved.
Of course, just stuffing a password in the comments field works too, but with a decent text parser, it can be extracted.
Its just more of the same cat and mouse game. The real crooks will not be affected while Joe ISP User will lose his privacy even more.
According to the Wikipedia entry on Australian copyright law "[...]Brilliant Digital Entertainment in Australia were raided for copyright violations[...]" in 2004.
It looks like someone switched sides but taking a closer look they only seem to be in charge of the adware that came with Kazzaa, so I guess they were always evil.
Comment removed based on user account deletion
They're claiming they'll man-in-the-middle p2p users to disable encryption. Major problems there.
They're using a hash for the images/movies. Alter the image tags, or change a pixel, you've beat it. The more they ignore diffs, the more false positives they'll get.
There's my five seconds of thought on the efficacy/ethics of this. If you manage to solve all those problems, come back and I'll give it another five seconds. See you in ten years.
But hey, once it's in place they can use it for the *AA! Which is really what this is about, more free handouts to obsolete business models.
This is fantastic, since the amount of money required by an ISP to implement this will sink them. This will filter all "idiot" ISPs, who think they are rulers of the internet.
is to have ISPs scan all downloading files to make sure they do not contain malware or viruses so we don't have so many botnet zombies around the web from idiots opening britneysex.exe
When will people say NO to their overzealous pious government types?
When is too much invasion of privacy?
http://www.torproject.org/
but it would determine whether a file is digitally identical to one on the child-porn list
So if this thing does perform a hash on a file, then changing one small part of it would completely alter the result. Presumably there's more to it than that - otherwise anyone wanting to post an image (that was on a list - there's nothing that limits this to kiddie porn) would make a near-identical copy and the whole detection system becomes worthless.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
Google can't figure out how to organize photos, asking us to help TAG them ( especially searching for kitty porn!) We can hack any software, website, no security can stop committed people... so once again we'll inconvenience EVERYONE except the people who DO trade kitty porn.
Its just more of the same cat and mouse game. The real crooks will not be affected while Joe ISP User will lose his privacy even more.
True. True. Sadly, true.
And the clueless policy makers, whose friends/relatives/business partners have hatched this scheme will forge ahead regardless because they are "doing something to stop illegal activities".
This from the guy you created Kaaza...P2P network.
Stole compute time from other people and sold the processing time.
Yeah, very trustworthy.
Ha, haaaa, bewaaaa ROFL.
If they build a better mouse trap, we'll just build a better mouse. The Cycle goes on.
So ngrep, in other words? It's not as though this is particularly new or exciting technology.
I still don't see the point in this.
If I was to be the leader of an International Child pornography ring;
a) I'm using https
b) I'm using POP3S/IMAPS
c) I'm using Pidgin + Off the Record Messaging Plugin
d) I'd be using Encrypted LVM
The article doesn't confirm it also breaks AES on the fly. So until then, I ask, why do we care?
If so, I'm going to need tor or something! All day I've been looking for a cat to adopt.... am I sick? The security business preys on fear, and a false illusion of safety.... ridiculous...
Can it decrypt SSL/SSH in real time?
According to the article they use man-in-the-middle attacks. This is probably quite easy if the server is using self-signed certs.
The problem with all the hysteria around child pornography is that it's too easy to frame someone. A little research, five minutes alone with your computer, and an anonymous phone call are all someone needs to ruin your life and reputation.
Let me be perfectly clear: Even if you're completely innocent, this is a serious threat to you. If someone decides to frame you, you won't be able to prove your innocence, and it won't matter even if you can. That's unacceptable. Yes, child porn is bad, but a society where anyone can anonymously destroy anyone else is much, much worse.
so once again we'll inconvenience EVERYONE except the people who DO trade kitty porn.
"kitty porn"...won't anyone think of the cats?
This can be filed in the Really Dumb Idea bin. It would be so easy to make a server that always alters images/movies by a few random bits to defeat hash checks. However, if the RIAA would pay me M$10, then I'll gladly make them yet another copyright infraction detection scheme...
Excuse me, but please get off my Pennisetum Clandestinum, eh!
I'm categorizing this as "alarmist crap". Unless it's done clandestinely, there would be lawsuits, and as many have already stated in comments here, there's almost no chance that it could foil encrypted transfers, and there's a likelihood that it doesn't work at all. Not getting worried until I hear that it's actually being implemented.
There are fundamental problems with this.
First the police database would grow.
All people wanting to bypass this would have to do is append a few characters to a file, or compress it. They could easily make a single file into a million files with there techniques alone. They can modify the files them selves by slightly changing color values. That creates a million more files. Now comes the nasty part.
They've flooded the police database, now the original file is a billion files, a billion hashes. What is the probability of many accidental hash collisions with innocent files. Soon you will have problems sending all kinds of stuff.
Not to mention the exponential growth of hardware requirements on everyones part.
What we really need is a tool to collect and monitor elected official's e-mail and attachments, even if they are submitted from a non-government e-mail account.
How much would you bet that the MPAA and RIAA are going to try to get laws passed that require ISPs to install and use this software?
Fight Spammers!
They actually use an army of low-wage Chinese and Indian workers to scan all that data. It's cost effective, but the side effect is that in a few years millions of Asians, who might otherwise have become normal, productive, law-abiding citizens of their respective countries, will instead have become deranged pedophiles.
Eventually we'll get a few files blocked a day, just because they match hash values.
...and take up a collection to pay the spammers to send a regular smattering of these files in their usual spam loads. ...and both overwhelm the filter and crush the ISP NAPs. ...and express our displeasure at the rapidly coming destruction of probable cause on the Internet.
Because we know that shortly after the 'authorities' can do this, they will be asking to investigate the intended recipients, on the premise that they have 'probable cause'.
I can't hardly tell the difference between the NY Attorney General and the RIAA any more. No, kiddie pr0n is not good and I condemn it. But we give up a lot when we give up the rights granted so long ago. Stick to the stings, guys, and try to avoid deliberately incriminating innocent people, ok?
Damn, what political party can I be a member of now... They all suck.
deleting the extra space after periods so i can stay relevant, yeah.
Why not snoop every phone call, open and scan every piece of snail mail, record every conversation?
Oh, because people realize that doing that would be contrary to our laws and ethics, but get some sort of paralysis every time somebody brings up child porn and the Internet?
Yeah... thought so. It's the same exact thing, but try convincing people of that.
Pirate EVERYTHING.
FTA: ... This is done by changing the underlying protocol settings that establish how the sender and recipient exchange the file. This trickery, unknown to either the sender or recipient, would make it possible for CopyRouter to see the underlying files, calculate a hash value and compare the files to the list of illegal files.
Encrypted files on the peer-to-peer network could not be decrypted by CopyRouter, but the company claims it can fool the sender's computer into believing that the recipient was requesting an unencrypted and uncompressed file.
Now I read that like this: I want to download a driver that is compressed. The app however, asks the server for an uncompressed version of the file. I think that's impossible.
Scenario 2: I ask for an encrypted file from my online storage provider. This app can then send a request that I wanted to download it unencrypted. This is also impossible as it was uploaded encrypted in the first place.
This is done by changing the underlying protocol settings
What? Send it as plain text? What protocol settings?
Either the explanation FTA is shit or I'm missing something.
Don't be apathetic. Procrastinate!
this is the beginning of big brother. soon if this is allowed to happen everything will be approved (xkcd.com/129) content there will be no limit to censorship it will be worse than the Nazis. this must never be allowed to exist, i call upon the entire internet to find a way to counter this. we hacked the wii we can break this now nerds CHARGE.
this would pretty much eliminate /b/ on 4chan
Does this mean I can't read 4chan anymore?
I was never a big Tool fan anyway, although I don't quite understand why a band gets to tell an ISP what to do.
You know what? In a dozen years of actively surfing porn, I've never encountered kiddie porn in the wild. This great big threat to all mankind so severe that we all need to put woolly pullovers over all our electronic gear and filter all telecommunications is simply and plainly crap. It's a ruse.
There are some people who want to control everyone else. They want to control what you see, what you hear, and as much as is humanly possible, what you think. They want to monitor us all (but not themselves, of course) and make us all cookie-cutter little clones who all think the same harmless little thoughts and are all scared of their authority.
F * U * C * K them.
Anyone telling you this sort of "protection" is necessary is deluded or a liar. Either way, such people should be ignored or in extreme cases, put somewhere they cannot bring harm to others.
Seems to me that if a user attempts to download a file that happens to have the same hash as a "known bad" file, they could be in for a world of hurt unless the system does verification of some kind. And if the verification step is conducted manually rather than automatically -- in the interest of expediency, of course -- what do you bet the odds are that some law enforcement types aren't going to be bothered with niceties like actually checking that some file is indeed prohibited material?
Try mounting your own defense when you are systematically blocked from obtaining a copy of the file that you attempted to download in the first place. (Yes, surely our hypothetical user's attorney could find this file, even if they needed to use an ISP outside the country to do it. This assumes that Joe User has an attorney and can afford to mount a defense.)
A malicious actor could craft a file that will generate a hash collision with some known prohibited file, and if the sender/creator is suitably crafty and hides his tracks, such techniques could be easily used to grief our hypothetical user with virtually no chance of reprisal against the originator of the bogus file.
And just send them back and forth through any ISP that uses this. Would be funny to watch them try to figure it out.
And good luck trying to teach a jury about hash collisions.
"a tool they have designed that can scan every file that passes between an ISP and its customers."
Unless they do a man-in-the-middle attack, they can't view encrypted files.
Just run everything over an SSL session. If they even dare to decrypt my SSL session with my bank, they'd be in very serious trouble.
Yeah, the monopolies are really going away.
Also, when I started reading the article I thought "oo, the NY attorney general is going after an ISP for spying too much. Yay!" Finishing sentences depresses me.
Comment removed based on user account deletion
Any politician who supports the use of such tools has lost my vote. Period.
Only if we can screen the NY official files for potential misdeeds.
Won't this just cause people to produce new child pornography that isn't getting filtered yet? C'mon guys. Which is more important, stopping guys from fapping to images of children or stopping the actual harm being inflicted upon the children? Christ almighty, I can't believe how there isn't an intelligence requirement to get power in this world.
What day is it? Could you please tell me?
We need a new internet.
Not really, I suppose it is a charged subject. If you have kids, it's really scary... Well child molesters or porn traders still have a LOT more rights than terror suspects.... Please vote Nov 4th!
Lots of speculation can be solved by spending a few minutes with the details at http://msnbcmedia.msn.com/i/msnbc/Sections/NEWS/PDFs/081016_copyrouter.pdf (the link in the article was subtle).
This is a deep packet PROCESSING application (not INSPECTION). Given a chance to change the requests in flight, one could remove compression and encryption. Yes it's evil to remove the encryption from the initial request (change to a NULL encryption method) and it can be expensive to remove compression but boy does it make this sort of detection easier.
As others have noted, changing the file even a bit causes a new hash. This tool will catch the lazy/stupid/naive bad guys trading child porn and the like.
I got an idea..
Why not just have one or more databases of known child pornography checksums?
That way, someone who is concerned could download a database, something like:
MD5SUM|FileSIZE|Date-Reported|Mime-Type
A person could download the checksum and simply delete files that are potentially child porn and tools could comb usenet spools deleting the garbage.
Man fuck George Bush, all this crap destruction of privacy began when him and his bitches broke the ice by legalizing torcher and wire tapping. If McCain wins im moving to Sweeeeeeeden
According to the slideshow, the results themselves are modified. Any smart person, if looking for child porn or whatever content is being restricted, can simply configure their client to ignore the specific hash(es) for the replacement files.
This is just a hash check. And ain't it a coincidence that this news comes only a couple of days after this announcement?
http://www.gnupg.org/
http://www.filephile.net/
Cut off a few pixels/seconds of the kiddie pr0n/pirate music or resample to a different bitrate/compression factor. Binary comparison returns false, and illicit sharing continues.
This "tool" is useless and I hope the ISPs realize it.
From the article:
"Can software fool encryption schemes?
Encrypted files on the peer-to-peer network could not be decrypted by CopyRouter, but the company claims it can fool the sender's computer into believing that the recipient was requesting an unencrypted and uncompressed file."
This means that if you are requesting a legitimate file that SHOULD BE ENCRYPTED it may be transmitted in the clear. Oh my! Can you say law suit? Sure you can!
The race isn't always to the swift... but that's the way to bet!
All my FTP sites are currently encrypted.
Fuck them, fuck the aussies and fuck jew york.
Fuck spicago as well.
(racist comments I can't claim ownership of, but also can't remember what movie they came from)
--Toll_Free
This is not going to be very difficult to defeat. Sure, there's encryption, but even for the slightly-less-than-completely-paranoid types, the solution is not very difficult.
When you consider the problem the scanner has to solve, and the algorithm that will most likely be used (Google Boyer-Moore string matching for an intro...), the solution becomes almost trivial.
Software like this exists to satisfy the "due diligence" aspect of running a business. I'm still surprised that people take this seriously. I mean, how long has warez been around? Has any technical or legal measure ever prevented people from getting the bits they were looking for? It will make things difficult for the average user, and I'm not to keen on the spy-on-everyone, the-sky-is-falling-terrorists-are-everywhere mentality. But ultimately, it means very little for the astute user. The implications for changing society to accept constant surveillance are more worrisome, though.
The society for a thought-free internet welcomes you.
I'm no programmer, but wouldn't it be possible to make a program that randomly changes a few bits in a file every time it's up/downloaded? I know that wouldn't work for programs, (unless they were in a compressed archive, with an area of the file specifically set aside for "randomness" - another application entirely, but still doable?) but for a 2 hour video, a few pixels misplaced here or there wouldn't be a big deal?
Note --- this is a bit off the cuff, so I won't say I'm committed to this solution, but....that said:
You know -- the only way to stop this is to stop the insanity. If someone feels they have to catch child porn, then I move to make child porn legal in a free society.
Lets make the *acts* illegal, not pictures, or stories, or images, or cartoons, or thoughts of acts.
This is especially important as computer images become more realistic -- since at some point -- we'll be able to produce "child porn" (by some definition), but it will be entirely in someone's mind -- imaginary and nothing more than an imaginary creation -- yet there will no records of the model's background, nothing to prove their age -- because they would be computer constructs.
On the other hand -- suppose you just ban the material on "looks" -- who decides who looks too young to be with whom? If the images are not of real people, what is the crime? And how will the crime be "evaluated". In "real life" people's ages are hard enough to pin down -- with a bit (or alot) of makeup, real people can look much older or younger -- so how could anyone even begin to think they can come up with some 'fair' way to decide the ages of images of computer characters?
As for real child molesters -- or those who really sexually abuse children -- willful, convicted guilt: castration/ova-ectomy (besides any prison term).
That way -- people and think whatever they wanna think -- and we through the book on them on a real-world, physical violation.
I'm just thinking this child-porn thing is the fine-wedge that is going to be used to crap on every bit of privacy and right that could be left in this world.
-l
Is Fine Too
They government has been doing this the whole time.
Comment removed based on user account deletion
capital punishment doesn't stop other capital crimes, so why would your idea work?
The funny part is, he's absolutely RIGHT about the "group-think" that goes on around here on this website, period. Too many "Pro-*NIX" lemmings, & "anti-microsoft" types as well, & nobody has the balls to speak up for themselves, vs. that "group therapy mentality"... very sad. Even the poster was afraid to post under his usual nick/handle here (which is WHY I go by anonymous - anyone STUPID enough to register & post here sets themselves up for tracking, easily, no less, by this "group mind" here, lol... which is a pack of little weasels imo, in any walk of life). My guess is along the lines of the topic - sponsored by "big money" to stop P2P transfers of files, not the "cover story" of going after child pr0n etc. et al (our society today is laughable - they tell you 1/2 of what is going on, with a plausible cover story, but never end up using it for that, but instead, something else, & something else that really affects the most people it can, regular joes usually, not child pornographers etc. - want to stop that last one? Go after the pr0n sites instead)
-Simple way around hash tables- Encapsulate your file. Zip, Rar, ISO...etc
if it gets blocked Add another dummy file to your file. IE add - Your DPI Scheme Sucks If You Use Hashtables.txt
rinse repeat...
If you want to fix that...You would need to decompress those files on the fly...which would require significant computational power. Not to mention would be against the constitution (I think that falls in the illegal wire-tap sort of thing)
this will not be implemented.
It's also faster than their tool, and it doesn't care what the file is named.
This whole "stop child porn" crusade simply makes me sick. Not because I like child porn, I personally find the idea quite unpleasent, but because people who crusade against child porn are putting their own desire to express righteous indignation above the interest of the very kids they claim to be interested in protecting.
For instance it turns out that 99% or so of child molestation is committed by family/friends and trusted community members. When you pass really harsh punishments against child porn/molestation and demand these perverts be alienated rather than phrasing it as treatment parents/relatives become more reluctant to bring their sucpiscions to the authorities. If you think you might be helping nice uncle Joe get over his sickness you are going to be a lot more willing to credit the possibility that something isn't right than if you know that the mere suggestion (even if you are wrong) may keep him from ever holding a decent job again.
It gets even worse. We know that someone with sexual urges towards children is much more likely to act on them if he lacks a social support network, a good job, social respect etc.. Thus by yanking all these things away from people who look at child porn we may be increasing the chances they will actually molest someone.
Moreover, by criminalizing an activity you lower the barrier between that activity and more extreme behavior. For instance criminalizing marijuanna meant that pot smokers ended up coming into contact with harder core drug dealers and criminals who they would have never associated with if the law hadn't created this bridge. So by criminalizing the mere possesion (of course sale or creation) of child porn we may be making it easier for guys to make the transition from just looking to taking action (after all society is telling them what they are already doing is just as bad).
Do I know if any of these effects is significant? No, of course not. But the point is that neither do any of the people who are righteously demanding we enforce these tough laws. The people who really care about the kids are the ones demanding we collect data before we legislate. The ones calling for something to be done in outraged tones are selfishly putting their own emotional needs over the welfare of the children they claim to care about.
If you liked this thought maybe you would find my blog nice too:
OK, why are they being allowed to treat electronic content differently from sealed letters and packages? Do they steam open your letters and parcels to see if anything contentious is being sent? No, and I'll bet that's because it is unconstitutional... so why are they treating electronic delivery differently? There should be massive protests against this... no way should they be able to use the protecting you from child-porn line either... With snail mail, they have to get a warrant to intercept and open your mail and packages... the same should apply for electronic content...
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
So are they boasting this tool can decrypt ssl traffic? If so this is nothing but a glorified hacking tool. If the claim is true I can imagine governments all around the world rubbing their hands and salivating at the possibility of decrypting your online banking and credit card transactions.
TFA states that they claim to be able to scan inside encrypted files too - in real time! - which is downright bullshit!
This tool will not work against SSL connections, VPN- or SSH tunnels or just plain old encrypted P2P or TOR networks. Those protocols are designed to detect and defeat man-in-the-middle attacks like this would be. Even the NSA cannot break strong encryption in reasonable time, let alone real time (as far as we know anyway).
It can only - as AOLs equivalent tool does - work against plain text emails and similar, and as it is a hash scanner, altering a single bit in a banned image or its file name would fool it.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
Aren't both sides using the same argument here? "[Newsgroups|new tool] can be used for [child porn|privacy invasion], therefore it should be banned."
so when some big group of people agree on something that is already a group-think and any possibility that they got to this point by actually using their brains for thinking is excluded?
Makes for a great news media sound bite, but what they've done is implemented Idea #2 of the Six Dumbest Ideas in Computer Security. Still, as long as it drives up their public visibility and stock price, who cares whether it works or not.
"...Internet service providers could easily be seen by the public as "overreaching," making it harder to get public support for efforts of law enforcement. What's needed, said the group's executive director, Grier Weeks, is for cops to investigate the leads they already have..."
and
"The Department of Justice and all 50 attorneys general are sitting on a mountain of evidence leading straight to the doors of child pornography traffickers," Weeks said. "We could rescue hundreds of thousands of child sexual assault victims tomorrow in America, without raising any constitutional issues whatsoever. But government simply won't spend the money to protect these children. Instead of arrests by the Federal Bureau of Investigation, the child exploitation industry now faces Internet pop-ups from the Friendly Bus Investigators. That was always the fundamental difference between the Biden bill and the McCain bill. Biden wanted to fund cops to rescue children. McCain wanted to outsource the job."
This my friends is about the money! The U.S. Government and Brilliant Digital (ironic business name!) both know this won't work. Brilliant Digital see this as a market to exploit and make millions of dollars. The U.S. Government get a "cheap" way of "dealing" with child pornography and a perception from the general public as "something being done".
I'm sure the Government know about Brilliant Digital's dubious past but the percieved "benefits" are too good to miss.
It's a win-win for both parties!
I have children myself and I find developments like this horrifying.
Someone does not become a paedophile by looking at images on the internet, it's deeper and more complex then this - blocking content will not cure the problem or reduce related crimes in any way.
The last quoted paragraph sends chills down my spine and really makes me angry.
Children can be rescued if the funding is available but a company like Brilliant Digital will recieve the funding instead and the problem is never solved - people are made richer instead.
I really mean Think of the children
You make it sound so easy.
Do you have access to child porn?
If "someone" is going to be framing someone else, won't they have to break the law to obtain child porn?
Don't you think it "strange" that they know where to find said porn to "plant" on someones computer?
Creepy strange.
If you really want to stop it, stop whining and write to your representative in parliament/congress.
If you don't think that will get you anywhere, then join the political party you feel least uncomfortable with ( get your friends to do the same ) and have direct influence. It doesn't take many people to change the course of a political party.
I can't do it all by myself.
Get in there and do something about it - or shut the f#@~% up!
Encrypt everything.
Why don't we just kill all the children. That way, we can be 100% sure that they aren't being abused.
/eh. Getting pretty sick of all the censorship that's getting pushed and passed under the flag of "protecting children"
Skiffy is Spiffy, but Ort is tort.
Imagine a net where we wouldn't know Saddam had no weapons of mass destruction.
Imagine a net where we wouldn't know the three WTC centre buildings were taken down by demolition.
Imagine a net where we wouldn't know of Israel's ethnic cleansing of palestine.
Imagine a net where we wouldn't know that the accusations made against Iran are bogus.
Imagine a net where we wouldn't know of the Coup in Venezuala sponsored by the CIA.
Imagine a net where we wouldn't know about Abu Ghraib.
Imagine a net where we wouldn't know about Extraordinary rendition, torture and murder of innocents.
Imagine a net where we wouldn't know about warrantless wiretapping and domestic spying.
Imagine a net where we wouldn't know about the USS Liberty.
Child pornography is NOT the focus of implementing these systems - it is putting into place the mechanisms that will allow some future government to clamp down on information of their crimes and those of their allies and take another small step towards the totalitarian state.
first of all files are long and not transferred as one piece, to do what they want to do your download wouldnt start until the ISP had recieved the entire file, say goodbye to streaming video, say hello to up to double download speed. Plus ISP cant possibly afford such massive, high-speed, buffering to even attempt it. You couldnt do it on disk cause it would sow it down even more, they would have to have rooms of 128GB ram servers that do nothing but hash files.
Also, this could very easily be circumvented. The unloader or P2P programs only have to introduce 1 bit of change and the hash would be differnt, this is why Youtube has to manually take down the same thing a bunch of times.
Sigh. My late great-uncle might disagree with you about that. He taught the subject for nearly 40 years at the Univ. of Minnesota. I think he was dean of the law school before he retired.
I will say that it is accurate to say that there is very little in the way of international law that developed out of the efforts of a parliamentary like body. Instead, virtually all of it is defined by treaty.
Back on topic. I'm not aware of any treaty that defines a common definition of the term "common carrier." Nor am I aware of any UN resolution to that effect. That pretty much covers the usual options, doesn't it? :)
... ISPs aren't currently responsible for what travels across their network. If they adopt this technology, won't they take one step closer to being held liable for the content passing through their networks?
Where are those six votes going to come from? Nobody in their right mind wants this.
You assume they have "brains" in the first place, & this? This is where you are making assumptions, & you know what the infamous "they" say, about that. Something to the effect of "making an ASS out of U and ME" - for instance, advocating the use of "Open Sores", which is far easier to find security vulnerabilities in, & simply because it is "open" (which is much simpler to run thru than doing an assembly dump of closed source through a debugger for instance), or, telling people (especially the young) to chase after using open sores OS' like Linux for example - which is far less used, & thus, lessening their chances for employment (simply because the surface area of LINUX based OS is less in terms of its usage, than is Windows by way of comparison, for every role a computer assumes from home user/end user on network lans/departmental servers/enterprise-class mission-critical servers)... get it? This is the viewpoint being constantly "pounded on" by "the team/in-crowd" here, and guess what? It's misleading a lot of younger people especially. Not saying that Linux is "bad", because @ this point, it's not too shabby, but it's taken it 15 & some years now. However, the point being that Linux is far less used, it will never catch up completely to Windows. You hear this, every year here "THIS IS THE YEAR OF THE LINUX DESKTOP" well, been hearing that for more than a decade now, & your "group think" predictions here are worth squat so far, for around 10 yrs. now. It's my belief yes, look @ other things, get familiar with them, but do NOT put all your eggs in 1 basket, and concentrate on the one that tends to be winning over the most users, because that is where you will increase your chances for work/a livelyhood.
I've been thinking about this. It's our fault, the IT community's, that this sort of thing can go on. We once had the argument that strong crypto was outlawed from export. But once that limitation was removed from the US it really became our fault that all these sniffable protocols are still out there.
My sarcasm detector didn't go off, so, to me, it seems that you are quite serious.
You are completely wrong, as both of them are part of the "protect the children" rhetoric/bullshit. They both co-sponsored this load of bullshit (KIDSPA). The fact that the next president of the US is going be so completely devoid of reason to support such a thing is scary.
This is what happens after more than a decade of conservative majority rule in a puritanical country. Republicans use the term "kiddie porn" the way they accuse Democrats of using "mother's health"; as an all-purpose phrase to get across any evil legislation they want.
I would have nothign to worry about. I would just copyright some random POS and send it through the internets, then send my attack dogs... i mean lawyers... claiming the ISP violated my copyrights by copying the file to look at it. Then I would claim they had to pay damages. Then if I won I would keep sending the same file over and over and sue again in multiples. I know you think this does not work, but if Blizzard can pull some sort of copyright BS with the maker of glider, which was the stupidest copy right rational ever, then anything is possible.
It's interesting to see you saying this, because it seems like every fifth post I see is someone saying the same type of thing... Wait, does that make complaints about "/. group-think" slashdot group-think?
*head explodes*
Resistance is futile. Your technological distinctiveness will be added to our own. You will become one with the morgue
Something they don't seem to mention... how many bits are their hashes, and how many files do they intend to look for? God knows there have to be tens of millions of kiddie porn images out there, and the numbers just get higher if they want to track music and movies too. Set that against the billions and billions of files sent over the internet. I hope they have a really long hash, or they just might get some unintentional collisions.
I don't reply to ACs
Heh, you're right "common carrier" does not seem to be explicitly defined by treaty (ie: it's more of a tradition than a rule) - found this on the WIPO site...
"63 The concept of a "common carrier," dating from 16th century English common law, captures private entities that perform public functions. Since at least the middle ages, most significant carriers of communications and commerce have been regulated as common carriers. Common carrier rules have resolved the disputed issues of duty to serve, nondiscrimination, and interconnection. Facilities such as railroads, telegraphs and telephone companies were obliged either by common law or by legislation to implement an equal "duty to serve" regime. The history of common carrier duties illuminates three reasons supporting the imposition (and the occasional elimination) of those requirements. Common carrier duties have been imposed variously upon theories of de facto and de jure monopoly, on the theory that the enterprise had become "essential," and upon theories that the enterprise was publicly concerned in a particular manner (See James B. Speta, A Common Carrier Approach to Internet Interconnection, 54 Fed. Comm. L.J. 225 (2002) (surveying the history of common carriers and arguing that the same reason justify a general interconnection obligation for Internet carriers)."
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
Seeing Australia's close proximity to China, and the effects of the Chinese economy on the Australian economy, as well as the numerous Chinese in Australia, it is obvious ploy they want to sell this to China. Even the big corporations in America, such as M$, provide grants and pay their employees in China to research writing software like this. Remember the M$' news report of their chinese researchers being able to "fingerprint" users by their browsing habits. As long as there are buyers, especially big buyers, people will make it and sell it. Even if the buyer shoots them in the foot with the product. I think in regards to our rights as westerners, it is a question of whether our governments will compete against governments like China in gathering analytics on the people of their nation. What does China gain by studying the people that live there with such software, and will can/our governments need or want the same information? Corporations here use the same type of technology that is used to censor people in such states like China to create advertising revenue. I think that despite what we feel enroaches on our rights, with the way things work in the economy and academics this field is going to advance through corporate and government sponsorships. There's just too much juicy information available through the 'net and monitoring what people browse for is obviously too much of a temptation for any researcher, government, corporation to pass up.
Comment removed based on user account deletion
!@#$ you Briliant and all your goons too!
Uncle Mantis
If a company is making software that filters everything then I belive they should be audited to be sure they are practicing what they preach!
Uncle Mantis
01.jpg, 02.jpg, 03.jpg .... 0n.jpg, it seems I hardly knew ye.
This is bad news for 99% of internet users brought about by what is shaping up to be yet another wet nappie airy fairy mamby pamby government and i thought they had some sense in OZ seems i was mistaken big time yet another case of the majority being screwed by the minority, Maybe a life sentence for the writers of such un-needed spam ware may dissuade them .
Not anon just hacked with the donkeys that keep crawling out of the crap
I think what they are saying is that since your ISP will run their software they will have the ultimate "man in the middle" attack.
You will request a file to be compressed and encrypted, your ISP will intercept that request and modify it to request the file in the clear and uncompressed. As they get the file they will have to compress and encrypt it before passing it on to you so that you will be none the wiser.
The race isn't always to the swift... but that's the way to bet!
You know what really bothers me the most? There's a lack of context.
I can send you off to www.mysite.com/mypage.html and plastered on there can be a blacklisted pic. I can advertize it as a funny pic, you don't know, you wont know until you see it. Now obviously a SITE like that wont stay up for long, but posted on a big site quick enough you can frame many many people who had no intent.
Additionally with sites like 4chan. I'm sure a lot of 16-17 year olds go through that site but they look like they could be 18+, you can't really tell, and there's no way to be sure. If one of the pics posted on there is blacklisted, bam that's a lot of people who though they were looking at an 18 year old and soon are pegged w/ this problem.
The real issue is INTENT, did the offended INTEND to see kiddie pron? 9/10 cases, probably not. The difference is, did you close the page? or save the pic? and no level of government bullshit shy of tapping your pc is going to come close to detecting that.
It's like buying shoes, and then later the police come to your door and arrest you for buying shoes that were stolen. You didn't buy them BECAUSE they were stolen... but the govm't isn't willing to make the distinction.