Tool To Allow ISPs To Scan Every File You Transmit

← Back to Stories (view on slashdot.org)

Tool To Allow ISPs To Scan Every File You Transmit

Posted by timothy on Thursday October 16, 2008 @10:03AM from the in-case-they-run-out-of-human-tools dept.

timdogg writes "Brilliant Digital Entertainment, an Australian software company, has grabbed the attention of the NY attorney general's office with a tool they have designed that can scan every file that passes between an ISP and its customers. The tool can 'check every file passing through an Internet provider's network — every image, every movie, every document attached to an e-mail or found in a Web search — to see if it matches a list of illegal images.' As with the removal of the alt.binary newgroups, this is being promoted under the guise of preventing child porn. The privacy implications of this tool are staggering."

85 of 370 comments (clear)

Probably just for P2P by clang_jangle · 2008-10-16 10:04 · Score: 5, Informative

FTFA:

Here's how CopyRouter would work, according to the company's slide show: A law enforcement agency would make available a list of files known to contain child pornography. Such files are commonly discovered in law enforcement raids, in undercover operations and in Internet searches that start with certain keywords (such as "pre-teens hard core"). Police officers have looked at those files, making a judgment that the children are clearly under age and that the files are illegal in their jurisdiction, before adding them to the list. Each digital file has a unique digital signature, called a hash value, that can be recognized no matter what the file is named, and without having to open the file again. The company calls this list of hash values its Global File Registry.
Whenever an Internet user searched the Web, attached a file to an e-mail or examined a menu of files using file-sharing software on a peer-to-peer network, the software would compare the hash values of those files against the file registry. It wouldn't be "reading" the content of the files -- it couldn't tell a love note from a recipe -- but it would determine whether a file is digitally identical to one on the child-porn list. If there were no match, the file would be provided to the user who requested it. But if there were a match, transmission of the file would be blocked. The users would instead receive another image or movie or document, containing only a warning screen.
The makers of CopyRouter claim that it can even be used to defeat encryption and compression of files in the Internet's Wild West: the peer-to-peer file-sharing tools such as Gnutella and BitTorrent.

This will cause huge latency issues and cost beaucoup bandwidth. ISPs would be shooting themselves in the foot if they did this with all traffic. OTOH, I could see laws requiring such tools for P2P traffic -- in fact that may well be inevitable, with the **AA's "ruling class" status these days.

--
Caveat Utilitor
1. Re:Probably just for P2P by zoward · 2008-10-16 10:07 · Score: 2, Insightful
  
  On the flip side, having this would in place could potentially make you liable for the material your customers are transmitting. So much for common carrier status. If I were an ISP I'd be fighting this thing tooth and nail.
  
  --
  "Can't you see that everyone is buying station wagons?"
2. Re:Probably just for P2P by negRo_slim · 2008-10-16 10:12 · Score: 4, Insightful
  
  This will cause huge latency issues and cost beaucoup bandwidth.
  A soft touch with this would yield far better results depending on your intent. I would imagine an ISP that is sick and tired of certain traffics could utilize a system like this to start taking a closer look. Catch a few token users and then you have a excuse to throttle/monitor/block at will. I mean think of the children! What worries me is that with so many computers doing the bidding of people other than their owners, who knows what kind of traffic is being exchanged. Seems like an easy way for law enforcement to take a closer look at an individual... I've come across very questionable images via Google from rather inane, yet obscure, search queries. You could be one Russian rickroll away from the authorities and those around you having some nasty suspicions in their head.
  
  --
  On the Oregon Cost born and raised, On the beach is where I spent most of my days
3. Re:Probably just for P2P by Anonymous Coward · 2008-10-16 10:26 · Score: 4, Informative
  
  The parent is an example of typical slashdot idiocy. ISPs aren't common carriers. Though my karama will end up a smoking crater for breaking with the established GroupThink, so I'm making this post anonymously.
  The immunity ISPs currently enjoy in the US come from various other safe harbor laws (i.e. Â230; DMCA). The constant slashdot drone of "ohhh.. ISPs can't suppress my free speech: common carrier common carrier!" is both entirely incorrect and dangerous, since it causes the geek squad to under-estimate the risks and the importance of things like net neutrality.
4. Re:Probably just for P2P by electrictroy · 2008-10-16 10:41 · Score: 2, Insightful
  
  I can see one way this might be abused - to eliminate political enemies. "Well Mr. Smith's ISP reports he downloads copies of "Playboy's College Girls". Is this really the man you want to be your next state represenative???"
  
  --
  The government is not your daddy. Its purpose is not to raid middle-class neighbors' wallets and give it to you.
5. Re:Probably just for P2P by Anonymous Coward · 2008-10-16 10:42 · Score: 2, Insightful
  
  "Each digital file has a unique digital signature, called a hash value, that can be recognized no matter what the file is named, and without having to open the file again. The company calls this list of hash values its Global File Registry."
  Wait a second. Hash value? I sure hope the law enforcement people have been told about hash collisions! I know it's unlikely in a large binary file like images or videos, but, taking one example, md5 hash collisions and ways to find them do exist, and it's inevitable that this fact about hashes could be put to some pretty nefarious uses (e.g., poisoning traffic with legal files that happen to yield the same hash as illegal ones).
  And then, of course, there's encryption or other techniques which could be used to obfuscate traffic to the point it wouldn't work.
  Quite apart from the awful possibility of a tool that would monitor traffic for all images and other files, I'm not even sure it would work as intended to catch the bad guys. Once they know it exists it would be easy for them to avoid. Sounds like a big waste of money.
6. Re:Probably just for P2P by Hyppy · 2008-10-16 10:49 · Score: 5, Interesting
  
  Even better... What happens if you send traffic to a user with one of the "bad files" in it? They don't need to have a connection open in order for you to send a jpeg to them. Even if the user's computer simply drops the unknown data, the ISP will pick it up in their scan. If all the software does is scan the hash values of images transferred over common protocols, I seriously doubt that it goes and checks to see if the user actually REQUESTED it before crying foul.
  
  One step further: make a file that has the same hash value of a "bad" file. This is trivial, especially if the file doesn't need to be valid for any application. If all that is checked is a hash of the traffic, then the actual contents of the file are meaningless.
  
  So, this software will allow law enforcement to ruin your life (any implication crime involving sex and/or kids will do that, guilty or not), by simply seeing an unknown party send you a block of unintelligible data that happens to have the same hash as "pr0n." Great.
  
  Anyone up for making an automated hash-spoofing packet forger? I'm sure something similar has already been done. With the speed of current connections, one could probably get the entire human race indicted for child pornography in under a week.
7. Re:Probably just for P2P by Klaus_1250 · 2008-10-16 10:57 · Score: 3, Informative
  
  Hash Values are useless anyway; change 1 pixel in an image and voila, new hash. They could use loose hashes as used for Spam-filtering, but the chances for collisions are higher.
  The other issue is of course, it won't work on encrypted connections. It might not even work for obfuscated connections. AFAIK, Authorities are seriously shooting themselves in the foot using these techniques. They will only drive CP and others further underground, to a point that finding and prosecuting the bastards becomes too difficult and expensive.
  
  --
  It only takes one man to change the Wisdom of the Crowd to Tyranny of the Masses.
8. Re:Probably just for P2P by PunkOfLinux · 2008-10-16 10:58 · Score: 3, Insightful
  
  If my ISP told my opponent what porn i watch, they'd be sued. To the GROUND.
  
  --
  Show this to your friends and family that don't know what a real hacker is
9. Re:Probably just for P2P by Fulcrum+of+Evil · 2008-10-16 11:10 · Score: 4, Funny
  
  "Well Mr. Smith's ISP reports he downloads copies of "Playboy's College Girls". Is this really the man you want to be your next state represenative???"
  What, am I going to not vote for him because he watches boring porn?
  
  --
  "We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
10. Re:Probably just for P2P by dat+cwazy+wabbit · 2008-10-16 11:14 · Score: 5, Insightful
  
  You would still lose the election.
11. Re:Probably just for P2P by Pax681 · 2008-10-16 11:21 · Score: 5, Funny
  
  You would still lose the election.
  but would he lose his erection?
12. Re:Probably just for P2P by Achromatic1978 · 2008-10-16 11:26 · Score: 2, Interesting
  
  Could be worse, could be Girls Gone Wild a bunch of semi-consenting drunken teenagers showing their breasts. "Here's my boobs!" Daddy is proud, I am sure.
13. Re:Probably just for P2P by CodeBuster · 2008-10-16 11:31 · Score: 4, Insightful
  
  The makers of CopyRouter claim that it can even be used to defeat encryption and compression of files in the Internet's Wild West: the peer-to-peer file-sharing tools such as Gnutella and BitTorrent.
  What are they going to do? Detect and Man in the Middle every single connection attempt that goes through their router? The file sharing tools will simply upgrade to stronger encryption, such as AES, and harden the connection handshaking against MITM attacks (perhaps by introducing public key infrastructure with well known key server(s)). It was my understanding that the present crop of file sharing tools provide obfuscation (ROT13 and the like) and not real encryption to set the bar just high enough to prevent packet inspection. However, it would not be difficult to implement stronger encryption methods (if they haven't done so already), should that prove necessary. In fact, the CopyRouter folks are at a distinct disadvantage in any encryption arms race since MITM and other cryptanalysis techniques are much more computationally expensive than the encryption itself AND the users outnumber the routers by thousands or even tens of thousands to one. The NSA might more credibly claim to be able to do this, but they have acres of underground super computers consuming as much electrical power as a small country, so I am very skeptical when anyone claims to be able to "defeat encryption" and doubly so when a private company mentions it as a bullet point in their power point presentation. It is more likely that this is a private company trying to sell a pig in a poke to ISPs and governments who don't inspect the merchandise to carefully or don't know any better.
14. Re:Probably just for P2P by meringuoid · 2008-10-16 11:44 · Score: 2, Interesting
  
  One step further: make a file that has the same hash value of a "bad" file. This is trivial
  I'm not sure whether there's any major prestigious prize given out in the field of crypto, but if there is, you just won it. Please publish!
  
  --
  Real Daleks don't climb stairs - they level the building.
15. Re:Probably just for P2P by DerekLyons · 2008-10-16 11:54 · Score: 5, Insightful
  
  The parent is an example of typical slashdot idiocy. ISPs aren't common carriers. Though my karama will end up a smoking crater for breaking with the established GroupThink, so I'm making this post anonymously.
  Yet, for all your noise and handwaving - you fail to establish that an ISP isn't a common carrier.
16. Re:Probably just for P2P by Baton+Rogue · 2008-10-16 11:55 · Score: 5, Insightful
  
  I think he's referring to MD5 Collisions where you can make a completely different file that matches the same MD5 hash of another file.
  But if all they are doing is comparing hash files, couldn't you just as easily change the resolution of the file, or insert a couple different bits around to change the file slightly, which ends up with a completely different hash?
17. Re:Probably just for P2P by svank · 2008-10-16 12:02 · Score: 5, Insightful
  
  But if all they are doing is comparing hash files, couldn't you just as easily change the resolution of the file, or insert a couple different bits around to change the file slightly, which ends up with a completely different hash?
  Yup. That, along with good encryption, means the bad guys get around this easily, while innocent bystanders are caught up by hash collisions.
18. Re:Probably just for P2P by Baton+Rogue · 2008-10-16 12:09 · Score: 4, Interesting
  
  After I RTFA, I got my answer.
  
  Encrypted files on the peer-to-peer network could not be decrypted by CopyRouter, but the company claims it can fool the sender's computer into believing that the recipient was requesting an unencrypted and uncompressed file.
  So basically what they do, is if your bittorrent client requests the files in encrypted format, they intercept that and instead request them unencrypted. They aren't decrypting the file, they are just asking for an unencrypted transmission of the file. If the file is in an encrypted zip file, then there is no way that they could see the actual files being transmitted.
19. Re:Probably just for P2P by conlaw · 2008-10-16 12:14 · Score: 2, Informative
  
  Please, folks, remember when you go to vote that both Obama and Biden have taught constitutional law so they at least know that programs such as this one violate the First and Fourth amendments. They may end up with an uphill battle trying to protect the Bill of Rights, but I believe that they'll try.
  We must not continue to allow our fundamental rights to be taken away under the rhetoric of "protect the children" and "watch out for the terrorists."
  Here endeth my rant for the day.
20. Re:Probably just for P2P by rohan972 · 2008-10-16 12:28 · Score: 2, Interesting
  
  Perhaps a "young hacker" will find the info and expose it. It's a bit suspicious, for example, that the Palin email "hacker" was the son of one of her political opponents. Let's see what his career and net worth is in 10 years. Whether or not he was doing it on others behalf, I'm sure there would be people available to be the designated hacker for much less money than a lawsuit payout would cost.
  
  --
  http://marriedmansexlife.com/
21. Re:Probably just for P2P by PopeRatzo · 2008-10-16 12:29 · Score: 2, Insightful
  
  ISPs aren't common carriers.
  My ISP is AT&T.
  They're not a common carrier?
  I agree with you though, that Net Neutrality is the answer to this puzzle. Without it, the Internet will be a pale shadow of what it once was, and what it could be.
  
  --
  You are welcome on my lawn.
22. Re:Probably just for P2P by PopeRatzo · 2008-10-16 12:33 · Score: 2, Insightful
  
  I would imagine an ISP that is sick and tired of certain traffics could utilize a system like this to start taking a closer look.
  So now it's our responsibility to make sure our ISP doesn't get "sick and tired" of our traffic? And we're supposed to give up the privacy of our transmitted data to insure that our ISPs are happy?
  
  I've come across very questionable images via Google from rather inane, yet obscure, search queries.
  Interesting, I was just thinking about how seldom I see anything remotely offensive in my regular use of Google Images. Of course, I seldom go to the 20th page of search results.
  This might be more of an issue for Google to refine its search engine rather than us letting our ISPs examine our every packet at will.
  
  --
  You are welcome on my lawn.
23. Re:Probably just for P2P by Fluffeh · 2008-10-16 12:37 · Score: 4, Insightful
  
  If I was a person who wanted to get this thrown out the window, I wouldn't look at trying to convince people that it is bad. I wouldn't look at how it could be abused. I would much rather be looking at how to misuse it myself. I mean what better way to show potentially how bad a system is than to get into the "black list of hashes" and add some. Add lots. Like a real lot. Every email suddenly gets a warning message with details of why. Yes it was hacked. Yes the public outrage will be huge. It would be so huge that it would end up getting shit-canned pretty damned quickly.
  
  Best way to get anyone to get rid of something is to make them hate it. All my email blocked today? You bastards! Turn that thing off.
  
  --
  Moved to http://soylentnews.org/. You are invited to join us too!
24. Re:Probably just for P2P by PopeRatzo · 2008-10-16 12:38 · Score: 4, Insightful
  
  If my ISP told my opponent what porn i watch, they'd be sued.
  Your ISP doesn't care about your stroke material.
  This is all about P2P, the RIAA and collecting data for government and marketing purposes. Don't kid yourself that your ISP is so broken up about the possibility of sketchy porn traveling their network.
  Just today I read an article quoting telecom execs about how SKYPE and other VOIP applications are going to make us less safe from terrorists. It's about profit and control, nothing more nothing less.
  
  --
  You are welcome on my lawn.
25. Re:Probably just for P2P by lysergic.acid · 2008-10-16 12:39 · Score: 3, Insightful
  
  absolutely. U.S. ISPs continue to justify overselling while complaining about "power users" using too much bandwidth and overloading their network.
  when will they realize that packet shaping and other intrusive network filtering/monitoring technologies such as this generate more overhead and are a waste of resources. instead of trying to manipulate/control subscribers, they should be upping bandwidth supply to meet the growing demand. then perhaps the U.S. wouldn't be left in the dust both in terms of average broadband speeds as well as cost of broadband.
  you don't employ mandatory property searches to combat child pornography. not only would it be ineffectual, but even if it did it still wouldn't be worth the encroachment of our civil liberties. frankly, idiots who use the banner of fighting child pornography to pass stupid laws to destroy our democratic freedoms or strip away the rights of individuals are a much greater threat to society than someone who just downloads child pornography. those are the real sociopaths IMO.
  if you want to protect children, give them free access to health care. give them free access to high education. create outreach programs to at-risk youth. employ social workers at school to watch for warning signs of abuse and provide counseling services at school for victimized children. narrow the disparity in education between the rich and poor so that poor children have equal opportunity to succeed in life.
  you don't protect children by creating a fascist society around them.
26. Re:Probably just for P2P by PopeRatzo · 2008-10-16 12:47 · Score: 5, Insightful
  
  but the company claims it can fool the sender's computer into believing that the recipient was requesting an unencrypted and uncompressed file.
  That's not hostile, much. As is common in our corporatocracy, here's a company that starts from the assumption that their customers are their enemy. So now we're going to pay our ISPs to "fool" our computers. Some "customer service" huh?
  No thank you.
  How about this: We pay you, and you give us bandwidth and stay the fuck out of our business. If we're using too much bandwidth, then spell it out in our contract and charge us more, so we can choose to give our business to someone else.
  
  --
  You are welcome on my lawn.
27. Re:Probably just for P2P by Almahtar · 2008-10-16 13:04 · Score: 2, Interesting
  
  That's assuming child pornographers are actually their target. If their real target is casual music pirates, this is really effective. Especially if they claim to target someone else.
28. Re:Probably just for P2P by ocularDeathRay · 2008-10-16 13:58 · Score: 2, Funny
  
  AND he was modded up!
  
  --
  Obama is a twitter sock puppet
29. Re:Probably just for P2P by TapeCutter · 2008-10-16 14:10 · Score: 5, Informative
  
  "My ISP is AT&T. They're not a common carrier?
  
  The AC is correct in what he is saying about common carriers. Check out the registered company name of your ISP and I will wager that it is not AT&T but rather a subsiduary of AT&T (ie: a seperate company in the eyes of the law).
  
  This is how the telco's in Australia with common carrier status get around the rule against sniffing the line, eg: Australia's "Telstra" is not an ISP but "Telstra Big Pond" is an ISP. Since common carrier rules are international I dare say AT&T do exactly the same thing.
  
  --
  And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
30. Re:Probably just for P2P by CSMatt · 2008-10-16 14:28 · Score: 3, Insightful
  
  If you think that this has anything to do with combating child pornography, then you are seriously naive.
31. Re:Probably just for P2P by Fluffeh · 2008-10-16 15:16 · Score: 2, Interesting
  
  This is why you firstly don't let them know who you are and secondly make sure that even if they do find out it was hacked proper - byt the time their PR and fixing machine gets switched on, enough people will have been pissed off so that any attempt just makes them look more inept.
  
  --
  Moved to http://soylentnews.org/. You are invited to join us too!
32. Re:Probably just for P2P by level99 · 2008-10-16 16:16 · Score: 2
  
  You would still lose the election.
  Not if he didn't inhale.
33. Re:Probably just for P2P by discogravy · 2008-10-16 16:19 · Score: 2, Interesting
  
  Laugh it up, but the reason Obama got a seat in the senate in 2004 so easily is because his predecessor was forced to step down after his tearful ex told a divorce court that he made her go to a swinger's club with him. On such things the fate of nations hang, sometimes. http://en.wikipedia.org/wiki/Jack_Ryan_(2004_U.S._Senate_candidate)
  
  --
  FreeBSD for the impatient.
34. Re:Probably just for P2P by robbiedo · 2008-10-16 16:46 · Score: 2, Insightful
  
  Is Child porn really this huge of an issue. While I certainly know the sexual abuse of children is awful betrayal of childhood trust, and deserved to be penalized by society, I certainly don't want to make fighting the crime worse than the crime itself, and give law enforcement more tools ripe for abuse.
35. Re:Probably just for P2P by logicnazi · 2008-10-16 17:04 · Score: 2, Insightful
  
  Yes, but his basic point is still valid. The DMCA only provides a shield against claims of copyright infringement. This isn't the issue here at all.
  Once the justice system recognizes some kind of legal obligation for the ISPs to scan the files passing through their pipes for child porn it is only a matter of time until some mother of an abused child sues the ISP for failing to properly monitor it's customers on the theory this would have prevented the abuse of her child.
  Now you might respond that any law placing such a requirement on the ISPs might immunize them against any such lawsuit provided they implemented the required monitoring. Perhaps, but as a practical matter that will bring little comfort to the ISPs.
  I mean even if the mother of an abused child doesn't have a legal leg to stand on once the public starts to think of ISPs as being responsible for child-porn monitoring just the bad PR alone from this kind of lawsuit poses a serious threat to the company. Moreover, when talking about child porn and child molestation you can't discount the total irrational fervor that comes over people.
  I mean if you were an ISP would you really want to bet that some crusading attorney general wouldn't go over every last nitpicking detail of the monitoring safe harbor in the hope of crucifying the company that (perhaps in the name of protecting privacy) wasn't aggressive enough in their monitoring. And even if some kind of safe harbor works the first time congress and the states would rush to change the law to prevent 'negligent' companies from getting off the hook.
  ------
  Don't get me wrong, this isn't a guarantee something like this won't happen. Sure, your local neighborhood ISP might not like the idea but this doesn't mean it's in the interest of AT&T or Verizon to risk being seeing as insufficiently outraged about child porn.
  
  --
  If you liked this thought maybe you would find my blog nice too:
36. Re:Probably just for P2P by paganizer · 2008-10-16 17:35 · Score: 2, Interesting
  
  From what I understand from dabbling in ISP-ism back in the mid-90's, the only common carrier protection a ISP enjoys is for a USENET server; a court ruling established that USENET had common carrier protection, therefore a ISP could not be prosecuted for what was on a NNTP server, unless they attempted to censor it; if they attempted to censor it, that would imply that anything illegal that got transmitted was purposefully allowed to remain on the server. The only protection is to just ignore it unless it is brought to your attention.
  What a GREAT time for Freenet 0.5 (which WORKS) to be on its last legs, fighting for it's life against Freenet 0.7 (which doesn't actually WORK).
  At least Tor and I2P are still going strong.
  
  --
  Why, yes, I AM a Pagan Libertarian.
37. Re:Probably just for P2P by LanMan04 · 2008-10-17 01:09 · Score: 2, Funny
  
  You would still lose the election.
  but would he lose his erection?
  Only if he's Asian and speaking English.
  
  --
  With the first link, the chain is forged.
38. Re:Probably just for P2P by GaryPatterson · 2008-10-17 02:03 · Score: 2, Informative
  
  Your ISP will have people who are of various political persuasions working there. Someone will one day think "This customer is a candidate for the election. What are they looking at?"
  Before you know it there are leaks and regardless of the outcome for the leaker, the candidate will be hurt and probably lose the election.
  It's the same as having every single phone call bugged and recorded. Someone will use it against someone else, or at the absolute minimum, data will end up sold to marketing companies.
39. Re:Probably just for P2P by eth1 · 2008-10-17 03:28 · Score: 2
  
  Please, folks, remember when you go to vote that both Obama and Biden have taught constitutional law so they at least know that programs such as this one violate the First and Fourth amendments.
  If they're such experts, why do they keep trying to violate the 2nd?
40. Re:Probably just for P2P by EvilBudMan · 2008-10-17 04:30 · Score: 2, Insightful
  
  No problem the next step will be just to make encryption illegal.
Starts with porn... by Izabael_DaJinn · 2008-10-16 10:11 · Score: 2, Informative

ends with the MPAA and RIAA suing you for your mp3s and .mpgs.

--
Careful What You Wish For....
1. Re:Starts with porn... by Goldberg's+Pants · 2008-10-16 10:17 · Score: 2, Funny
  
  MPG? Have you been in a coma for the last eight years or so? I honestly haven't come across an MPEG file of a movie since the late 90's!
2. Re:Starts with porn... by KillerBob · 2008-10-16 10:28 · Score: 3, Informative
  
  You probably have, but they're usually encapsulated in a container format like AVI or MKV. :)
  
  --
  If you believe everything you read, you'd better not read. - Japanese proverb
3. Re:Starts with porn... by travbrad · 2008-10-16 10:46 · Score: 2, Interesting
  
  Or if you've watched a DVD. .VOB files are basically just MPEG2 with some extra data for menus, chapters, etc
Huh? by LoRdTAW · 2008-10-16 10:11 · Score: 4, Insightful

"The tool can 'check every file passing through an Internet provider's network -- every image, every movie, every document attached to an e-mail or found in a Web search -- to see if it matches a list of illegal images.' "
How exactly is this going to be accomplished? The equipment cost must be staggering and would consume allot of power. Way to conserve electricity, I thought we were trying to reduce the amount of power the Internet consumes. Does also this remove the common carrier status of ISP's?
I hope this never comes to fruition.
1. Re:Huh? by fred+fleenblat · 2008-10-16 10:25 · Score: 5, Interesting
  
  TFA says they're going to use hash values. This will take a stateful packet inspection filter to catch, but the amount of state is only enough do the hash, and they can throw it away if it doesn't match anything on the blacklist.
  While hashing seems easy enough to get around, I think the real thing they're looking for is a repeated pattern of someone sending blacklisted images. If you send/receive thousands of images, there's a good chance that you'll screw up and maybe a dozen of them won't get resampled (or use some other trick) to change the hash value. you'll pop up on a screen someplace, they'll get a search warrant, and you are busted.
2. Re:Huh? by Anonymous Coward · 2008-10-16 10:27 · Score: 2, Insightful
  
  Does also this remove the common carrier status of ISP's?
  That's a myth. They don't have it.
3. Re:Huh? by thogard · 2008-10-16 10:58 · Score: 2, Interesting
  
  Did anyone do that "out of order packet" hack for the linux kernel yet? The idea is you send 99% of the packets in the correct order but 1% of the time you swap the order around. It does nasty things for programs like this. Also someone needs to look at claims of this software compared to what it does and let them know where they are in breach of local truth in advertising laws.
4. Re:Huh? by maugle · 2008-10-16 10:59 · Score: 4, Informative
  
  Every time this topic comes up, someone posts something about how this could remove the common carrier status of ISPs.
  
  Repeat after me: ISPs do not have common carrier status.
5. Re:Huh? by fred+fleenblat · 2008-10-16 12:20 · Score: 2, Interesting
  
  your points are interesting but not convincing.
  first, out-of-order on 1% of the packets means that a lot of files that require less than 100 packets will still get through in order. and upping the percentage is a fool's game: (a) there's no reason a small image won't fit in one or two 1500 byte packets and (b) if enough people do this (or any other TCP-level hack) they can just add some smarts to the content filter, or choose a hash that doesn't depend (as much) on order.
  your second point about truth in advertising laws seems like a blind alley. you'd have to actually be a customer who bought the software, used it, and had major problems with it, in order to have standing to file suit. and it's going to be difficult to get a prosecutor to go after a company that's trying to stop the spread of c.p. so you'd have to pay the legal bills yourself. finally, once you get in front of the judge, what are you gonna do, complain that you were *able* to send c.p., admitting in open court that you've done something illegal?
Brilliant Digital Entertainment? by Anonymous Coward · 2008-10-16 10:13 · Score: 4, Informative

Wasn't that the Aussie spyware company attached to Sharman Networks/KaZaA?
Before it got raided, I mean?
I call shenanigans.
1. Re:Brilliant Digital Entertainment? by therufus · 2008-10-16 12:14 · Score: 3, Interesting
  
  I was about to bring up that point. KaZaA was linked to BDE (maybe a parent company or something). I'm not too sure of the exact relationship, but there definitely was one there.
  Now correct me if I'm wrong, but wasn't one of the defenses in the KaZaA court case the fact that they couldn't tell what files users were sharing, therefore they claim they weren't responsible for the distribution of copyrighted material? If this was the case, BDE's new "we can tell what you're sending/receiving" crap could land an A-Bomb worth of trouble in someone's lap.
  
  --
  You moved your mouse. Please restart Windows for changes to take effect.
2. Re:Brilliant Digital Entertainment? by petieAU · 2008-10-16 16:12 · Score: 2, Informative
  
  Yep they sure were, and Michael Speck, now head media whore for Brilliant Digital Entertainment, was the head of MIPI, the attack dog of ARIA (Aust RIAA) that took KaZaA to court http://www.crn.com.au/News/14179,kazaa-applies-for-anton-piller-order-to-be-set-aside.aspx. It looks like everyone has their price.
One question by MathFox · 2008-10-16 10:13 · Score: 4, Insightful

Can it decrypt SSL/SSH in real time?

--
extern warranty;
main()
{
(void)warranty;
}
1. Re:One question by whoever57 · 2008-10-16 10:26 · Score: 4, Informative
  
  Can it decrypt SSL/SSH in real time?
  Exactly. They claim that the can search "every document attached to an e-mail .. -- to see if it matches a list of illegal images. Apparently, they have never heard of SMTP-TLS, POP3S, etc.. Or perhaps they have and they are just like many others -- selling snake oil.
  
  --
  The real "Libtards" are the Libertarians!
2. Re:One question by unlametheweak · 2008-10-16 12:22 · Score: 4, Informative
  
  No. RTFA. CopyRouter merely pretends to be a server and tells the client the client to send data unencrypted. Bittorent just needs to upgrade it's encryption mechanisms.
3. Re:One question by jimicus · 2008-10-16 20:28 · Score: 2, Interesting
  
  Can it decrypt SSL/SSH in real time?
  Exactly. They claim that the can search "every document attached to an e-mail .. -- to see if it matches a list of illegal images. Apparently, they have never heard of SMTP-TLS, POP3S, etc.. Or perhaps they have and they are just like many others -- selling snake oil.
  SMTP-TLS and POP3S are pretty bad examples, because they secure the connection but you're still likely to be talking to a mail server that you don't control, and therefore can't guarantee isn't connected to such a thing.
  That being said, this is yet another case of "Product which doesn't need to exist and offers little to no real benefit being sold to idiots with some superficially-plausible benefit." Spend any length of time working as a systems manager and you'll see dozens of these.
  Right now my favourites are products which make it possible to manage a whole network full of computers at any level from "Make this change to every PC in the business" through "Make this change to this subset of PCs" down to "Just this specific PC". 90% of them require an Active Directory domain.
So what happens when... by Mobius+Ring · 2008-10-16 10:13 · Score: 2, Insightful

So what happens when the malware guys decide to have their malware fire off images that are on this list of banned files/images?
Suppose that their 'smart' and have the image embeded in the malware (or otherwise obscured). the malware sits there for a while and infects as many systems as possible... then the SPAM event happens. With this crap... I mean "wonderful, keep-our-kids-safe" software kicks in and drags even more of the internet down, who's gonna pick up the tab?
I know... have the **AA morons... I mean overlord masters, sign an iron-clad agreement to pick up that tab and I'll gladly get infected. :|
Except... I don't really feel like being arrested for having been infected by perverted malware. :(

--
When those around you are loosing their heads while you are keeping yours, maybe you've misunderstood the situatiuation.
You know, it really makes me wonder... by genw3st · 2008-10-16 10:15 · Score: 5, Insightful

... what is going to prevent this proverbial snowball from building into a full-blown avalanche? I guess it has already become one to some extent... I can't recall a time in history when the WORLDS rights and privacy were as stripped and neglected as it is now, and then everyone suddenly got their right to privacy and freedom back. Despite its amazing capabilities, technology sure has put us into an interesting position when in the hands of people like "Brilliant Digital Entertainment" ... yeah, real brilliant. Crackheads.
Won't work. by Xtense · 2008-10-16 10:16 · Score: 4, Informative

Ok, on really simple protocols, like HTTP or FTP, maybe - but most, if not all, p2p traffic is safe, i think. This is of course because of the chunky nature of transmission - you can't really tell what part of the file went through your pipe just by looking at it, and since parts are sent at random, you cannot rebuild the file with your chunks without guiding information, be it a torrent file, a list of parts for emule, or whatever else there is. And you need the whole file to get your hash-check. That's one. Two: encryption totally kills the effort, as the ISP can in no way examine your file without interfering with your transfer, and SSL exists solely to protect you from this.
Even if my line of thinking is really misguided here, this would require lots and lots of processing power - i mean, on a routing line with a hundred users on one end, it's thousands of hash-checks to be made for every stupid rebuilt file - both processes of course painfully CPU-eating, unless you want false-positives, since you didn't bother to use a proper hashing algorithm.
All in all, this looks to me like a terrible waste of money.

--
"We are the music makers, and we are the dreamers of dreams [...]."
1. Re:Won't work. by Anonymous Coward · 2008-10-16 10:42 · Score: 5, Interesting
  
  They claim they can scan Gnutella and BitTorrent.
  Gnutella I don't know, but BitTorrent, almost certainly.
  The common forms of BitTorrent encryption uses a "shared secret". The shared secret for BitTorrent is a 20-byte key known as the "infohash". This infohash is ALSO used as the unique hash to uniquely identify a given set of files. So its ALWAYS given to the tracker, and if the tracker isn't using SSL, that means its in the clear.
  Making the encryption in BitTorrent almost laughably insecure. It's good enough to block non-stateful packet filters. It's not good enough to prevent people from listening in.
  As for getting a file hash with BitTorrent, that's even easier.
  It does it for them.
  The ".torrent" file contains a list of hashes. They don't even need to look at the file contents.
  I dunno about other P2P systems, but BitTorrent is definitely not safe from this.
2. Re:Won't work. by caffeinemessiah · 2008-10-16 10:47 · Score: 2, Interesting
  
  i mean, on a routing line with a hundred users on one end, it's thousands of hash-checks to be made for every stupid rebuilt file
  Actually, it gets worse than that. Say that I have an "illegal" image that I want to transmit to you. All I would have to do is embed it in a random frame of some 700 MB DivX movie. Then, not only do files have to be checked, but every frame of every video too.
  And the age-old question of "is this MP3 file legal"? That is an example of an uncomputable question.
  More likely, this is intended for idiots who don't use encrypted connections. But people who don't have the brains to use encryption are probably going to be apprehended by law enforcement anyway before they can do too much law-breaking. So in other words, invest in massive infrastructure for pretty much nothing.
  
  --
  An old-timer with old-timey ideas.
Re:useless by Mr_Tulip · 2008-10-16 10:17 · Score: 4, Funny

shhh.. don't tell the government..
Re:A possible demise of goatse? by negRo_slim · 2008-10-16 10:17 · Score: 2, Funny

Goatse? That might as well be a default Windows wallpaper once you've seen Mr. Hands.

--
On the Oregon Cost born and raised, On the beach is where I spent most of my days
Easily gotten around by Anonymous Coward · 2008-10-16 10:19 · Score: 4, Insightful

Time to make a utility that puts a file into an encrypted 7Zip archive, with the password stored in some reversable encryption method (encrypt the password with all zeroes as a key 1 million to 2 million times), so it would take x CPU seconds on some hardware to decrypt it.
This would allow files to still go across the net without requiring passwords or keys, but prevent utilities like this from just passively obtaining traffic, just due to the CPU cycles involved.
Of course, just stuffing a password in the comments field works too, but with a decent text parser, it can be extracted.
Its just more of the same cat and mouse game. The real crooks will not be affected while Joe ISP User will lose his privacy even more.
Evil by Anonymous Coward · 2008-10-16 10:20 · Score: 5, Informative

According to the Wikipedia entry on Australian copyright law "[...]Brilliant Digital Entertainment in Australia were raided for copyright violations[...]" in 2004.
It looks like someone switched sides but taking a closer look they only seem to be in charge of the adware that came with Kazzaa, so I guess they were always evil.
Re:useless by corsec67 · 2008-10-16 10:20 · Score: 3, Informative

Not only that, but it says that it works against movies.
The ISP downloads the entire 1-5GB file, hashes it, compares the hash, and then if it passes sends the file on to the user?
I think that would break almost every kind of application, and could easily be used to swamp the downstream of the ISP by making requests and then dropping the connection.
And then what about hash collisions, or programs that aren't web browsers?

--
If I have nothing to hide, don't search me
Comment removed by account_deleted · 2008-10-16 10:41 · Score: 2, Insightful

Comment removed based on user account deletion
Ways to abuse/defeat this... by straponego · 2008-10-16 10:44 · Score: 3, Insightful

You could easily joe-job specific or random people with this. You could make a million torrent users look like child molesters.
They're claiming they'll man-in-the-middle p2p users to disable encryption. Major problems there.
They're using a hash for the images/movies. Alter the image tags, or change a pixel, you've beat it. The more they ignore diffs, the more false positives they'll get.
There's my five seconds of thought on the efficacy/ethics of this. If you manage to solve all those problems, come back and I'll give it another five seconds. See you in ten years.
But hey, once it's in place they can use it for the *AA! Which is really what this is about, more free handouts to obsolete business models.
This is Fantastic by pnotequalsnp · 2008-10-16 10:44 · Score: 4, Insightful

This is fantastic, since the amount of money required by an ISP to implement this will sink them. This will filter all "idiot" ISPs, who think they are rulers of the internet.
A better use for this technology... by thenewguy001 · 2008-10-16 10:46 · Score: 4, Insightful

is to have ISPs scan all downloading files to make sure they do not contain malware or viruses so we don't have so many botnet zombies around the web from idiots opening britneysex.exe
Re:useless by Snuhwolf · 2008-10-16 10:49 · Score: 2, Funny

Well I'll be damned! THATS why every time I try to listen to shoutcast my ISP (centurytel)
kicks me off. Maybe if I listened to a station they liked?
One answer by Willbur · 2008-10-16 10:52 · Score: 4, Insightful

Can it decrypt SSL/SSH in real time?
According to the article they use man-in-the-middle attacks. This is probably quite easy if the server is using self-signed certs.
Child porn is perfect for framing people by Jimmy_B · 2008-10-16 10:53 · Score: 4, Insightful

The problem with all the hysteria around child pornography is that it's too easy to frame someone. A little research, five minutes alone with your computer, and an anonymous phone call are all someone needs to ruin your life and reputation.
Let me be perfectly clear: Even if you're completely innocent, this is a serious threat to you. If someone decides to frame you, you won't be able to prove your innocence, and it won't matter even if you can. That's unacceptable. Yes, child porn is bad, but a society where anyone can anonymously destroy anyone else is much, much worse.
Big Daddy knows best by farbles · 2008-10-16 12:00 · Score: 4, Insightful

You know what? In a dozen years of actively surfing porn, I've never encountered kiddie porn in the wild. This great big threat to all mankind so severe that we all need to put woolly pullovers over all our electronic gear and filter all telecommunications is simply and plainly crap. It's a ruse.
There are some people who want to control everyone else. They want to control what you see, what you hear, and as much as is humanly possible, what you think. They want to monitor us all (but not themselves, of course) and make us all cookie-cutter little clones who all think the same harmless little thoughts and are all scared of their authority.
F * U * C * K them.
Anyone telling you this sort of "protection" is necessary is deluded or a liar. Either way, such people should be ignored or in extreme cases, put somewhere they cannot bring harm to others.
Re:Corrupting the chinese by couchslug · 2008-10-16 12:05 · Score: 3, Funny

"but the side effect is that in a few years millions of Asians, who might otherwise have become normal, productive, law-abiding citizens of their respective countries, will instead have become deranged pedophiles."
Japan is proof the two aren't mutually exclusive.

--
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
What about hash collisions? by LionMage · 2008-10-16 12:19 · Score: 2, Interesting

Seems to me that if a user attempts to download a file that happens to have the same hash as a "known bad" file, they could be in for a world of hurt unless the system does verification of some kind. And if the verification step is conducted manually rather than automatically -- in the interest of expediency, of course -- what do you bet the odds are that some law enforcement types aren't going to be bothered with niceties like actually checking that some file is indeed prohibited material?
Try mounting your own defense when you are systematically blocked from obtaining a copy of the file that you attempted to download in the first place. (Yes, surely our hypothetical user's attorney could find this file, even if they needed to use an ISP outside the country to do it. This assumes that Joe User has an attorney and can afford to mount a defense.)
A malicious actor could craft a file that will generate a hash collision with some known prohibited file, and if the sender/creator is suitably crafty and hides his tracks, such techniques could be easily used to grief our hypothetical user with virtually no chance of reprisal against the originator of the bogus file.
False positives? by Isao · 2008-10-16 12:26 · Score: 2, Informative

And good luck trying to teach a jury about hash collisions.
Comment removed by account_deleted · 2008-10-16 12:48 · Score: 2, Insightful

Comment removed based on user account deletion
Re:Why stop here? by unlametheweak · 2008-10-16 13:08 · Score: 2

Why not snoop every phone call, open and scan every piece of snail mail, record every conversation?
That's a good idea. If everybody was monitored then we'd likely catch somebody doing something wrong. Unfortunately your idea isn't very original as the British are ahead of you on this. It would be even better if we made it mandatory for computer manufacturers to have Webcams built into monitors and turned on by default so that we can actually see the individual and put his picture in a database in case they end up doing something bad. Also with IPv6 we can (have enough addresses) to assign static IPs to individual names and addresses that we can store in a government database. This isn't just convenient for law enforcement, it is for the good of the children.
Britain, China, North Korea, and the US seem to be leaders in protecting the children.
Electronic versus snail by advocate_one · 2008-10-16 17:29 · Score: 2, Interesting

OK, why are they being allowed to treat electronic content differently from sealed letters and packages? Do they steam open your letters and parcels to see if anything contentious is being sent? No, and I'll bet that's because it is unconstitutional... so why are they treating electronic delivery differently? There should be massive protests against this... no way should they be able to use the protecting you from child-porn line either... With snail mail, they have to get a warrant to intercept and open your mail and packages... the same should apply for electronic content...

--
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
The last page (4) of the article reveals the truth by mrpacmanjel · 2008-10-16 20:24 · Score: 4, Insightful

"...Internet service providers could easily be seen by the public as "overreaching," making it harder to get public support for efforts of law enforcement. What's needed, said the group's executive director, Grier Weeks, is for cops to investigate the leads they already have..."
and

"The Department of Justice and all 50 attorneys general are sitting on a mountain of evidence leading straight to the doors of child pornography traffickers," Weeks said. "We could rescue hundreds of thousands of child sexual assault victims tomorrow in America, without raising any constitutional issues whatsoever. But government simply won't spend the money to protect these children. Instead of arrests by the Federal Bureau of Investigation, the child exploitation industry now faces Internet pop-ups from the Friendly Bus Investigators. That was always the fundamental difference between the Biden bill and the McCain bill. Biden wanted to fund cops to rescue children. McCain wanted to outsource the job."

This my friends is about the money! The U.S. Government and Brilliant Digital (ironic business name!) both know this won't work. Brilliant Digital see this as a market to exploit and make millions of dollars. The U.S. Government get a "cheap" way of "dealing" with child pornography and a perception from the general public as "something being done".

I'm sure the Government know about Brilliant Digital's dubious past but the percieved "benefits" are too good to miss.

It's a win-win for both parties!

I have children myself and I find developments like this horrifying.

Someone does not become a paedophile by looking at images on the internet, it's deeper and more complex then this - blocking content will not cure the problem or reduce related crimes in any way.

The last quoted paragraph sends chills down my spine and really makes me angry.
Children can be rescued if the funding is available but a company like Brilliant Digital will recieve the funding instead and the problem is never solved - people are made richer instead.

I really mean Think of the children
Re:Probably just for P2P & he's probably right by 0p7imu5_P2im3 · 2008-10-17 03:18 · Score: 3, Funny

It's interesting to see you saying this, because it seems like every fifth post I see is someone saying the same type of thing... Wait, does that make complaints about "/. group-think" slashdot group-think?
*head explodes*

--
Resistance is futile. Your technological distinctiveness will be added to our own. You will become one with the morgue
Re:Semi-OT: International law. by TapeCutter · 2008-10-17 03:26 · Score: 2, Informative

Heh, you're right "common carrier" does not seem to be explicitly defined by treaty (ie: it's more of a tradition than a rule) - found this on the WIPO site...

"63 The concept of a "common carrier," dating from 16th century English common law, captures private entities that perform public functions. Since at least the middle ages, most significant carriers of communications and commerce have been regulated as common carriers. Common carrier rules have resolved the disputed issues of duty to serve, nondiscrimination, and interconnection. Facilities such as railroads, telegraphs and telephone companies were obliged either by common law or by legislation to implement an equal "duty to serve" regime. The history of common carrier duties illuminates three reasons supporting the imposition (and the occasional elimination) of those requirements. Common carrier duties have been imposed variously upon theories of de facto and de jure monopoly, on the theory that the enterprise had become "essential," and upon theories that the enterprise was publicly concerned in a particular manner (See James B. Speta, A Common Carrier Approach to Internet Interconnection, 54 Fed. Comm. L.J. 225 (2002) (surveying the history of common carriers and arguing that the same reason justify a general interconnection obligation for Internet carriers)."

--
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.