Slashdot Mirror
Google Spots Explicit Images of a Child In Man's Email, Tips Off Police
mrspoonsi writes with this story about a tip sent to police by Google after scanning a users email. A Houston man has been arrested after Google sent a tip to the National Center for Missing and Exploited Children saying the man had explicit images of a child in his email, according to Houston police. The man was a registered sex offender, convicted of sexually assaulting a child in 1994, reports Tim Wetzel at KHOU Channel 11 News in Houston. "He was keeping it inside of his email. I can't see that information, I can't see that photo, but Google can," Detective David Nettles of the Houston Metro Internet Crimes Against Children Taskforce told Channel 11. After Google reportedly tipped off the National Center for Missing and Exploited Children, the Center alerted police, which used the information to get a warrant.
The great things google can offer, 1984 saves the children!
(Yes it's good that pedophiles get hurt - But there is a very very bad precedent here...)
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
This is chilling, not for pedophiles, fuck them, but for the average citizen. While, I absolutely believe it's google's job to report illegal activity they accidentally uncover to the police, this appears google is actively searching your e-mails for things to forward to the police, and that's a chilling thought for free speech, freedom, and prevention of abuse of power.
How does Google do this for one person? If they suddenly started scanning images for this, you think they would uncover a few thousand people at a time. Are we supposed to believe that they specially targeted him, or that he is the only person to ever send naked pictures of children through gmail?
Troll is not a replacement for I disagree.
Both to the pedophile and to the illusion of privacy people had when using Gmail.
(They have an obligation to report child porn if they find it, but they don't have an obligation to look. My suspicion is Google is not happy about what happened.)
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
That's really funny. The idea that you can delete things.
Lay your own cable to all your friends houses, then run your own encrypted email server.
Then learn to accept that the NSA installed a hardware backdoor in your router and is reading your emails (and now they are monitoring your for suspected terrorist activities), and China installed one in your computer hardware and are doing the same.
Troll is not a replacement for I disagree.
email your friend encrypted pdf files and tell him the pdf file password over the telephone.
Gmail allows for dot address matching. This is a *huge* problem that has never been addressed.
Apparently my first letter, last name gmail address happens to be pretty popular. So popular, I receive emails from at least 5 other people in my inbox. One from PA, another one in Florida, still another in New Zealand... I could go on and on, but you get the idea. Apparently, this seems to happen a bit to people.
Sadly, Google has no fix for it, no way to get it to stop. Their support address and site are useless, imho.
I have since moved all of my email off to my own domain and mail services not controlled by Google. I still keep the account open and forwarding to my new email address, so I still get their email, too. I do what I can to minimize problems by auto-deleting everything that hits my inbox that's obviously not for me.
Stories like this scare the shit out of me because, at any time, if one of those people I happen to receive email for suddenly decides to go into full-creep mode, I could be put in prison for a very, very long time. Not for anything that I have done, but for how gmail has been setup to allow for this.
I use runbox. Secure email based out of Norway. https://runbox.com/why-runbox/...
Microsoft has something called PhotoDNA which scours Bing, Outlook, etc. for child porn. I believe they also make it available to other companies. In fact, given the difficulty of getting images to train on, I wouldn't be surprised if Google was using Microsoft's PhotoDNA technology.
With legal (or cracked) access to anyone's email account (sex offender or not) lets see how easy it is to plant evidence.
1. Access account, add a folder or label (preferably hidden buy being buried in default sort order or under another folder).
2. Set filter with obscure rule to automatically route certain emails to said folder.
3. Send "illicit" or "evidentiary" messages that match said filter. These can be sent from self or whatever generated entity seems appropriate.
4. Access account again from various public IP addresses (or from target's own wifi). Read already read email, plus messages in target folder.
5. Remove filter. Have Google 'find' the evidence. Arrest wrongdoer.
This is not that far fetched. The chain of evidence doe not prove that the target is guilty, but can be made to look enough like it to convince a judge or jury. From the vantage of Google or a jury, it looks as though the subject sent or had sent, expected, and read the messages.
Just about anyone here could do this with the creds to an account - which in most situations are not terribly hard to garner.
Before you say you would notice the folder in your account, think of this. I have over 100 folders in my email account, some rarely opened, and never all visible on the screen. I wouldn't have noticed - but I may have enough knowledge to fight - a little anyway. How about a novice, when a folder named 'Archived Messages' appears. Would he/she even think twice?
I did not RTFA, but I know google uses their image search algos for blocking known child porn sites. It is not a hard step to run that against email messages. How about when the NSA/CIA/FBI tells google (via a NSL) scan all messages for x terms. How about when said terms are sent to and from hacked accounts as a matter of course?
It is important to realize that absolutely no communication that is unencrypted is private, but how about whe forged open communications can make you a criminal?
Silence is a state of mime.
An automated tool probably flagged the image, hopeful it wasn't simply probable nudity but probable nudity combined with some other alert, maybe something in the body of the text. Humans probably only review flagged images. The system is working as google has always intended, go read the terms of use. Working with local law enforcement when google deems it appropriate or legally required probably falls under what you refer to as "etc".
Read the full article. There's an agency ("National Center for Missing & Exploited Children") that provides hashes of known child porn images and videos to companies like Google. I don't think it's outside Google's purview to ensure files with hashes appearing on that list don't reside on their servers. Contrary to what the peanut gallery here has to say, Google aren't opening up individual mailboxes for a quick squiz. Not to mention that even if they aren't looking inside mailboxes for these images, they probably do scan messages traversing their network (i.e. incoming/outgoing) for files with known hashes.
If they can do this for this cause, they can do this for any cause, or for no cause at all.
I can't say I am surprised.
Were they really snooping around this guy's email for no reason or do they check your attachments against a list of hashes of known child porn?
- You sir didn't mention your favourite meal in your emails for a while. What's changed? Don't you like steak any more? Would you like to see some adverts for burgers instead?
- Hey! You can't invade my privacy like that!
- Wait a minute! What did you say? Privacy? Boys! This guy hates children and he's probably a paedo too!
- No, no! Wait! That's not what I...
- And he probably hates charity! See? That's why we need those snooping laws! To stop pervs like this one! Who's with me? Who's with me?!
- This is madness! I know my rights and I...
- We cut off this man's internet access so that he can't spread his filthy evil lies any more. Freedom triumphs again! America! This is a real proof that democracy works! Now, go write about this in the papers for those who are not up to date with the latest propaganda dissemination services.
Just my thoughts. This person was carefully selected from a long list to make sure nobody has any sympathy with him. Of course the law-enforcement "success" here is completely insignificant in comparison to what was done to the public to achieve it.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Comment removed based on user account deletion
I think they had a few 1000 candidates and very carefully selected the one least likely to get any sympathy in order to obscure the massive wrong they did to a few hundred million people in order to find him. But this is just the start. Once the public has gotten used to universal email surveillance in a "good" cause, the causes will slip. At the end, saying something bad about some politician in an email may cause all sorts of bad things to happen to you.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Comment removed based on user account deletion
Comment removed based on user account deletion
that this was discovered via a known hash of known child pornagraphy images.
it seems to me that google must keep a hash table of alot of things sitting around on it's drives,
using hashes to reduce redundant storage requirements means that this very well have been discovered AUTOMAGICALLY, and thus required google to act on it.
i don't think the spin being placed here as it being an 'invasion' of privacy is accurate here considering my prior statement
you should thank google for helping to stop people invading the child's privacy by putting a stop to sharing of images like this
the methods potentionally employed in the discovery of this image are both automated and reasonable
and the reaction of google is not only reasonable and actionable, it's also commendable.
we all can keep our privacy if all they're doing is storage reduction through hash comparison.
fin.
It seems National Center for Missing and Exploited Children has a database of hashes, or "fingerprints" of known child porn images. When you use Gmail, it checks attachments against a database of viruses and also apparently against this CP database.
A distinction can be made here. What the database does NOT do is any kind of image analysis to see if the picture LOOKS like child porn. It checks only against known, reported child porn, apparently.
Great, so they ignore all fresh material where, you know, something could actually be done to continue it from going on and rescue some child? I am getting more and more convinced that this is not about harm done to children at all.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
No, you don't have to prove innocence! The prosecution needs to prove guilt beyond a reasonable doubt. The fact that Google snooped brings up questions, so if this is the only evidence they have the guy will walk (assuming he goes to Jury trial and does not accept a plea).
The intent to distribute you just make up out of thin air, stop with the hand waiving and stick to the case.
Based on the arresting officers comments, they were tracking this guy because he was previously convicted. They were not able to catch him doing anything wrong, which should bring up even more questions about Google finding something when investigators could not. I don't believe it would have been difficult for a cop to get a warrant on the guy if there was actually suspicion.
If this was a random Google employee that was accidentally mailed the photo I may feel differently. I have been working on Servers for over 25 years, and I have never gone though people's mailboxes or files. I have complied with warrants and provided copies of data, but never gone though someone's crap. With no warrant, I think Google did wrong. I'm not biased, I think any company that volunteers your data to law enforcement without a warrant is at least violating the trust of their customers.
Before you "but but.. murder" how would you like to be arrested because you sent a still image from Saw2 to a friend (or any of the millions of murders depicted on tv or in movies, and a measurable percentage of those are children being murdered)? I personally am not into movies so don't worry too much about that one, but I know people that are.
Anyone that trusts a Government known for parallel construction (framing people) or Google (a company known to be handing 3 letter agencies private data) should have their head examined. On this site, I should not have to mention how easy it is to forge file ownership, date stamps on files, email, chat, and logs for the latter two. In case you are not a techie, it's pretty damn easy.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
>> Not to mention that even if they aren't looking inside mailboxes for these images, they probably do scan messages traversing their network
Which is exactly the same than opening your mailbox.
aaaaaaa
Funny, when I'm searching youtube for boobs and penises, all I get is IT-related stuff!
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
I am more worried about the risk of this being used for framing someone. Perhaps especially those who have served their sentence and are in public registers.
A prior conviction for which a person has served the sentence should never be enough justification on its own to warrant a search, whether it's done by a person or by software. There must be probable cause, or we've made a farce out of the 4th amendment. What's next? Are algorithms listening in through your phone and PCs microphone okay?
Easily worked out. The list has been around for a long time, so it may well be using an obsolete hash like MD5 rather than a newer SHA. So let's assume it's a 128-bit hash. That's 2^128 possibilities. I don't know how many files go through google, but let's go for something huge - say, a trillion per year. That's a massive overestimate, i expect, but that's fine.
Which comes up to... no idea. I've tried three different ways to work it out. The math itsself isn't really hard, it's evaluating that's the problem: I keep hitting a need to raise something to the power of a trillion, and even dc chokes on that one. Pretty slim though.
Now they've admitted then do this, how long before the RIAA sues to demand a list of known infringing MP3 files be added to the list?
Because there is no sexual area of the brain. It's a distributed function. You'd have to cut out so much brain they'd end up comatose or dead.
You can try to surpress sex drive hormonally, or even by castration. It's still not reliable. There's too much of a psychological element involved: Even if you remove the hormones, that doesn't mean they won't still want to look.
If we are talking about SHA512, than simply finding two images with the same hash would probably a result worthy of an academic publication.
This isn't true. Finding an incidental collision is not newsworthy. But giving an algorithm which constructs an image for a given hash would be worthy of publication.
Philadelphia is wrong on many levels. Thus, good on Google. However, there is a lot to think about here. Namely, what if some spammer sends me photos of minors and Google sees it? Will I be reported? Or more realistically, what if someone that I have a poor relationship with sends me illegal images and Google sees it? Will I be held accountable for my that person's actions too?
for letting us know how Google check hashes for child porn image so that anyone can frame anyone who uses Gmail with child pronpgraphy. I'm sure no one will ever exploit this now.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Birthday attack. For 128 bits of hash, a trillion files (10^12) the probability of two files randomly matching is less than 10^-12 = 0.000000000001. If there's collision attacks you can create a false flag using a specially crafted file, but I assume either Google or the police will verify what it really is before proceeding. If you wanted someone framed that badly, I imagine It'd be easier to find a real image and send it to their gmail address. Make the sender, subject and body look like spam so they won't open the file and you could probably ruin somebody's life quite thoroughly.
Live today, because you never know what tomorrow brings
The smart implementations probably hash the image payload excluding EXIF, for exactly that reason - maybe downsample and reduce the colorspace too, so trivial tweaks won't have that effect any more.
(In fact, the implementation I'm working with right now for exactly this purpose - I have a small research project underway with the police in Scotland as part of their Offender Management work - just hashes HTTP payloads for the moment - although refining this is on the drawing board for later.)
I do find this very disturbing in principle though. Is absolutely everything in your mailbox entirely innocent? I have, for example, a list of various Microsoft product keys in mine. As it happens, those are legitimate - all issued to me by Microsoft via MSDN subscription, then I stuck them all in a spreadsheet to keep track of which key was in use for what - but would Google or the police know that just from looking at the list? They might turn up with a warrant looking for the piracy ring I'm obviously running, just because Google got nosy and went vigilante!
This isn't the first time, though; I recall a malware researcher getting rather upset after Google started eating samples from his Inbox - even when they were inside password-protected ZIP files. I can see that they mean well, but to me that crosses a line.
What's next? Are algorithms listening in through your phone and PCs microphone okay?
Yep, there is the slippery slope we're all worried about. And since most mobile devices are now listening to you talk by default, waiting for a keyword, they're certainly capable of doing that right now. Just add in some more keywords during an update, bing bang boom your phone is even more of a snitch.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I understand your concern about corporations breaching your 4th amendment rights, but your reasoning is misplaced. In fact, this case is a great example of the 4th amendment being followed, not circumvented.
The 4th amendment does not guarantee protection against search and seizure; it limits when and how searches and seizures can be exercised. Here's a portion of the 4th amendment for you: "...no Warrants shall [be] issue[d], but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” In this case, Google's tip was not used as evidence to convict this man of a crime. Google's tip was used by police to justify probable cause that a crime had been committed. (This does not mean he's guilty of the crime, only that there's a greater likelihood that he committed it than he didn't.) The police used this information to obtain a search warrant. I'm sure that the evidence they used to convict him was gathered through the exercise of that warrant.
Google's tip is no different than a tip coming from any other source. Say a bank teller (for association's sake, let's say the bank was incorporated) was just depositing some money for a customer who drove up to her window, and she saw in her security camera what she believed to be a missing child. She calls police and reports what she saw. The police go to the bank and look at the recorded camera footage and agree that the image captured does resemble a missing child. They grab the license plate number from the footage, trace the registration to its owner, obtain a search warrant, go to the owner's residence, search the premise, find the child, confirm it's the missing child, and convict the individual of kidnapping (and probably a host of other charges to boot). In this circumstance, private information (whether an e-mail sitting on Google-owned servers or a bank's CCTV DVR) shared with police is used to meet probable cause and obtain a warrant. And in both circumstances, a search and seizure is warranted.
If you want to minimize your risk of a warrant being issued against you, don't display evidence of a crime outside of your own home. (And when the police come knocking on your door and politely ask you, "May we come in?", unless they flash a warrant in your face, don't be polite back.) And while IANAL, for more information about the 4th amendment and warrants as written by one, I strongly recommend you read The Illustrated Guide to Law. Very, very informative.
Finding an "incidental collision" (that is a collision that happened in a case other than people deliberately setting out to construct a collision). is most certainly noteworthy. Lets run some ballpark numbers.
There are less than 2^33 people in the world. Most of them probablly don't use google but lets assume that they do. Further lets make a wild ass guess that each one has 2^17 files in googles database (from some googling i'm pretty sure this is an overestimate). That would mean a total of 2^40 files.
Lets further assume that the hash functions are ideal "random oracles".
With 2^40 files there are approximately 2^79 pairs of files. With a 128 bit hash (like md5) then assuming it's ideal the probability of a pair of files having colliding hashes is 1 in 2^128 so with our 2^40 files the probability of a collision anywhere in the set is approximately 1 in 2^49.
For comparison the chance of winning the lottery in the UK is about 1 in 2^24 so 1 in 2^49 is like winning the lottery every week for 2^25 weeks
An incidental collision even in MD5 either means something incrediblly unlikely happened or (far more likely) there is a serious flaw in the uniformity of the hash function's output. That is certainly newsworthy.
In SHA1 and higher any collision even a deliberately constructed one would be noteworthy (the MD5 ones certainy were when they were first found, they are old news now of course).
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
Even if the innocent recipient deletes it as irrelevant spam, the Great and Wize Google has already seen it and alerted police. It's well demonstrated that even an unfounded charge of pedophelia can destroy someone's career and relationships.
That's the last straw. Goodbye gmail.
If the person is a paedophile as reported then it is up to law enforcement to do what they get paid to do catch criminals. The trouble with Google Gmail is we know from the Guardian http://www.theguardian.com/wor... that GCHQ, and the NSA were attaching pictures to emails to discredit people by sending those emails with the pictures attached to the persons contact list. Homo pictures and child porn were the most popular sent by GCHQ, as they say in the document discredit and blackmail. I'm not a television type of person but I think there was a film with Arnold Schwarzenegger, called the running man? when they make it appear that he has killed people when he had not. Fantasy turned into reality in today's world. You cannot believe companies like Google or English speaking authorities. Add Russia, to that one as of yesterday they are threatening people but unlike the English speaking ones they are not threatening them with indefinite prison without trial yet.
The smart implementations probably hash the image payload excluding EXIF, for exactly that reason - maybe downsample and reduce the colorspace too, so trivial tweaks won't have that effect any more.
This isn't definitive research, but in the early days of G+, some friends posted a lot of porn to see how quickly Google caught and deleted the pictures. What they found was that Google's algorithms, once trained with a picture, could find that picture if it had been resized, flipped along the vertical axis, and cropped. (one was cropped to the point where it was no longer technically porn, since it was just a person's face, and it still disappeared.)
Nostalgia's not what it used to be.
It's probably not something like MD5 or SHA1 since they're dealing with images. More like http://research.microsoft.com/... which says:
The algorithm uses randomized signal processing strategies for a non-reversible compression of images into random binary strings, and is shown to be robust against image changes due to compression, geometric distortions, and other attacks.
or
http://www.hackerfactor.com/bl...
Every perceptual hash algorithm that I have come across has the same basic properties: images can be scaled larger or smaller, have different aspect ratios, and even minor coloring differences (contrast, brightness, etc.) and they will still match similar images.