Slashdot Mirror
Police Could Charge Data Center Operators In the Largest Child Porn Bust Ever
sarahnaomi sends this report from Motherboard:
Canadian police say they've uncovered a massive online file sharing network for exploitative material that could involve up to 7,500 users in nearly 100 countries worldwide. But unlike past investigations into the distribution of child porn, which typically involve targeting suspects individually, police have instead seized over 1.2 petabytes of data ... from a data center responsible for storing the material, and may even attempt to lay criminal charges against its operators, too.
"What we are alleging is occurring is that there are individuals and organizations that are profiting from the storage and the exchange of child sexual exploitation material," Scott Tod, Deputy Commissioner of the Ontario Provincial Police (OPP), told Motherboard at a conference late last month, after speaking to a crowd of defense specialists. "They store it and they provide a secure website that you can log into, much like people do with illegal online gaming sites."
"What we are alleging is occurring is that there are individuals and organizations that are profiting from the storage and the exchange of child sexual exploitation material," Scott Tod, Deputy Commissioner of the Ontario Provincial Police (OPP), told Motherboard at a conference late last month, after speaking to a crowd of defense specialists. "They store it and they provide a secure website that you can log into, much like people do with illegal online gaming sites."
1.2 pedobytes.
Charge Intel for making CPU's!
Charge Microsoft for making computer software!
Charge Alexander Graham Bell for inventing the telephone!
So they are guilty for providing secure online storage. Apparently you aren't allowed to supply secure storage, you have to snoop through your users content to make sure its not illegal... Also land lords much search all apartments, banks must search safety deposit boxes, storage rental owners must search their units.
No privacy! Every file upload must be monitored and scrutinized and reported to the authorities! This is how we will defeat terror and keep the children safe!
Because Republicans snuck a ban into a completely unrelated port security bill that they knew nobody could vote against right before an election.
http://en.wikipedia.org/wiki/Unlawful_Internet_Gambling_Enforcement_Act_of_2006#Legislative_history
“There's no proactive obligation to investigate what happens on your service," said Tamir Israel, a staff lawyer at the Canadian Internet Policy & Public Interest Clinic (CIPPIC). “If you do become aware that something is there, there's a reporting obligation. But usually data centers aren't actively looking through their stuff, so it's reasonable to say that they wouldn't have come across that." Nobody's got time for that!
Not stupid. Just clickbait.
If you actually read the article, it says "charges will likely hinge on the degree to which employees knew such activity was taking place." Nobody is going to get charged unless there's evidence that they knew they were hosting child porn and did nothing about it.
at least that should fix the beta.
In this case, shouldn't that be "pedobytes"?
I'll see myself out...
Koans and fables for the software engineer
don't for get google for linking to sites as well.
why not also go after EACH ISP as well.
Start reading your
TOSes because you are going to see clauses saying they will scan your shares.
Something isnt adding up. That's the kind of volume I would expect for an aspiring XHampster and a much wider legit audience, petabytes of child porn just doesn't seem possible. That's what, a couple of hundred gigabytes for each of the accused? Potentially hundreds of thousands of hours of video? Who the hell could have produced that much????
This sounds like BS to force datacentres to give backdoors to the feds.
How does that make a difference in Canada?
In other news, because criminals use roads, all roads are now subject to stop/search at every intersection for all traffic. This is to ensure that the government is not directly liable for criminal's use of public roads.
http://www.boston.com/news/nation/washington/articles/2010/07/23/pentagon_workers_tied_to_child_porn/
Nothing ever came of this. I guess if you work for the Pentagon it's perfectly fine?
I hate articles like this.
They say "To access the files, many of which are password protected, the cops developed password-cracking software in-house that is slowly sifting through the mountain of information."
Uh... I'll translate this to, the files are all protected with easy to remember, dictionary based passwords and they wrote a script which uses a rainbow list to try each one which is why it's so damn slow.
When you read shit statements made by whoever provided the interview to whoever actually performed it and realize they're both clueless, it becomes really hard to take the rest of the article seriously. It's like when you read a CV from a fry boy at McDonalds who writes "Food preparation technician", you just can't expect everything else to be embellished in order to sound more important.
Another example of "STUPID!!!" is :
"The volume of information is so expansive that in order to store and analyze the data safely and securely, police had to purchase storage hardware similar to what was used by Canadian military forces in Afghanistan."
Computer crimes forensics has to be handled very carefully. If you alter the data, it's inadmissible in most courts as it's tampering with evidence. The FBI paid millions to write data handling procedures following the public beating they took on the gloves in the OJ case. So, it's important to have a backup and some way to read the data without altering it... or they need to keep a copy.
A 1.2 petabyte SAN can be done in 16U for analysis using 6TB drives and Cisco 3160 servers. For unaltered storage, there are tape drives. They're slow and they're inefficient, but they're an accepted medium for evidence.
So, making dumb ass statements like "we needed 1.2TB of hard drives and a workstation" as making some idiotic remark like how they've gone war zone grade was just LAME!
Nailing the data center is a great idea EXCEPT!!! they probably run almost all that crap through Tor and use BitCoin now. So, if there is actually any real traceable information to be had, they just passed up their best opportunity to planting a proper honeypot and actually busting the people using the site. They could have put "dating sites" like "find an anonymous live show in your area" and the pervs who are using telephones can provide their locations via GPS. Then they can track and bust them.
Instead, they've just done what the police have found so successful with the Pirate Bay and the site will be moved somewhere else next week or month and they won't have a clue what to do about it.
Let's be honest, these fool cops probably just secured the safety of the pedophiles for a while longer.
Is there a second source for this? I can't find anything outside of the linked article. E.g. In Google I can't find anything about OPP child porn busts since Sept 2014; I can't find anything about this on the OPP home page; nor in the last month or so on EFF blog (EFF provided a quote for the article).
If the cops give a $#%@, the real question is: how many kids did they save / rescue?
My guess is none.
My guess is they are claiming the entire data center is CAI, while trying to get a warrant-less search of one user's files.
It is sad.
in Canada, lotteries and gambling are typically run by government institutions.
I'm god, but it's a bit of a drag really...
hey wiggam.... this is canada we are talking about. I know its slashdot and noone RTFA, but at LEAST try and read the first word ITFS FFS
have you seen my sig? there are many others like it but none that are the same
Will this help any of the victims in any way? As good as throwing people in jail is, I'm more interested in the freeing of people from their captors. If this isn't helping that, maybe its time to take a different approach.
From TFA: "Experts say that targeting the infrastructure used to distribute child pornography, rather than going after the individuals who download it, is a recent change in tactics for police."
How about the next step, going after the producers and uploaders? How about saving the children? Or is our surveillance system not actually useful enough to accomplish that?
might as well take it to the next logical step.
its on the internet....
you are on the internet.....
therefore you are guilty for possessing illegal materials!
have you seen my sig? there are many others like it but none that are the same
And that makes US laws matter, because?
"They store it and they provide a secure website that you can log into, much like people do with illegal online gaming sites."
Or even like legal online gaming sites as they are known elsewhere in the non-US world.
Fran
:):):)
1st 1st Poster of the new Millennium!
I interpreted the question as independent of the article.
These are the same fucking retards that can't even properly secure evidence when Wynns government decided to violate the data protection laws and deleted not only primary, but backup data when there was a standing warrant regarding to the massive scandal relating to the gas plants. You'll have to excuse me if I don't have any faith in the information provided at all. Hell, their general force is in 80/90's era computer technology.
What's gonna get good is that they pulled a blanket seizure with a warrant that was for specific data. That's a no-no guys, the judge stated one thing you stupid idjits did something else. I'm going to hazard it'll get to court and the entire thing will be thrown out because they overstepped the bounds of the original seizure warrant.
Om, nomnomnom...
So they are guilty for providing secure online storage. Apparently you aren't allowed to supply secure storage, you have to snoop through your users content to make sure its not illegal... Also land lords much search all apartments, banks must search safety deposit boxes, storage rental owners must search their units.
If they provided secure online storage, they shouldn't be guilty. If they were providing secure online storage to people whom they knew or should have known were hosting porn of underage people, they should suffer a significant legal penalty. If they were providing secure online storage to people whom they knew or should have known were hosting child porn of preteens then they should be burned at the stake.
There is such a thing as willful blindness. The sheer quantity of data involved is going to make it really tempting for someone to infer knowledge, but network management practices may or may not show it. Maybe the hosting company was just told it was a porn site, but it is entirely possible that they knew. In a good system a responsible prosecutor or cop should try to figure out whether they knew, and then a jury will decide the outcome.
(Plea bargaining is the problem with this scenario--there's a factual determination which should really determine the outcome of the case, but at least in the US the plea bargain system would make going to trial a very, very risky process for the innocent.)
Interestingly, this may be one of those few examples of a case where Snowden-esque monitoring did some good. Didn't news that Canada was trying to monitor all transmitted video on the web hit the news a little while ago? The timing of this suggests that this could stem from that.
because wires don't follow political boundaries
your fiber is our fiber and visa versa. it's all bound up. a message you send from Vancouver to Halifax may/ probably crosses the border into the USA
and If i am in Chicago and i send a message to Anchorage, that goes through Canada
Canadian and American data is intertwined
and our authorities coordinate and cooperate in managing that in ways that would make both Americans and Canadians uncomfortable if you don't want eyes from another jurisdiction seeing our data
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
This is a file sharing site, it almost certainly is 1.2 petabytes of regular porn, movies and music. But its encrypted so they don't know.
How do you force decryption? You play the "think of the children" card.
So they threaten the file host to get them to install some sort of webbugs and remove the decryption. Presumably they're threatening lots of the file hosts in a similar fashion.. "remove the encryption or well find one pedo file on there and claim its all pedo and bust you with screams of 'military grade hardware' and 1.2 TB drives.. blah blah blah.
What this means is that a file host refused to comply with their mass surveillance demands and so they're playing their pedo panic card. Perhaps the terrorist card will be played after that.
And people like you will do your marketing (and it is clearly marketing) for this. You even talk like one " If they were providing secure online storage to people whom they knew or should have known". Right.
Julie Amero did almost did time due to pop up pron, the school being late in paying for the web filtering software, and the a sub being told do not trun off the system.
I've always wondered... when one thinks of child porn they imagine ugly, balding guys taking advantage of little girls. Do these people ever make stuff like older women taking advantage of younger boys? You'd think there would be some interest in that sort of thing among those kinds of people.
For the record I have no interesting in "researching" this and landing in jail for it, hence the question.
That doesn't make a hill of brans anyways. The answer is US law does not matter in canada unless a treaty makes it matter or a US citizen in US jurisdiction is involved in violating a US law. And the later is only to the extent the US can convince Canada to enforce a warrant or extradite someone to the US or otherwise lawfully brkng the people or companies into US jurisdiction (nab them at the airport or something).
The reason it was brought up is because organized democrate trolls were marshalled to trash the republicans online in an attemp to manipulate sentiment against them in the event of a shutdown of DHS over defunding Obama's executive action on immigration. We see it rise up here every time the republicans seem to be getting into a standoff with Obama. I suspect they haven't quite called the dogs off because of israel's priminister speaking to congress without asking Obama first.
They will try to use anything even if it is absurd because it advances the narritive that X is evil. Soundbytes sell ideas even if they cannot sell products. This can be seen in the recent Oracle story where they insisted the corupt governor involved was a DINO and really a republican.
man you alex jones herp derps are fucking retarded
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
If it's a file-sharing site, there's always the possibility the child porn was just an excuse - the real reason being that you can't bust the doors down so easily for copyright infringement. If pressure was applied politically to get the company closed down, a search to find something illegal follows. That would explain the huge volume of siezed data: Police grabbing every server in the building in order to force the datacenter to cease operations and drive them out of business.
man you alex jones herp derps are fucking retarded
We'll start worrying about their mental capacities if they show signs of degrading to your level.
Partisan fucktards of either major US political party, here's a clue.
They're 2 wings of one "Party".
The 'elites'.
You are useful idiots dancing their choreographed dance straight into slavery while arguing over virtual Kangs vs Kodos's and if the government cameras in your home should be visible or hidden.
Unplug your damned emotional knee-jerk reactions they use to play you like a tin whistle and for God's sake try using that lump of gristle 3 feet above your ass for something besides a hat rack.
It never ceases to amaze me how so many otherwise quite intelligent people here who in other contexts could analyze the problem lose their fucking minds as soon as the proper emotion-based appeal to some issue/belief that, often as not, is nothing but a convenient and often fictitious heavily-propagandized issue designed for this purpose, is applied.
Remember, the US invented the concept of propaganda, and due to recent changes in law, are now legally able to use the full power and range of their propaganda machinery domestically.
But go ahead and keep playing Red vs Blue.
Sleep
Obey
Consume
Conform
Because Republicans snuck a ban into a completely unrelated port security bill that they knew nobody could vote against right before an election.
http://en.wikipedia.org/wiki/Unlawful_Internet_Gambling_Enforcement_Act_of_2006#Legislative_history
How is that even a legal thing that they can do that?
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
because wires don't follow political boundaries
your fiber is our fiber and visa versa. it's all bound up. a message you send from Vancouver to Halifax may/ probably crosses the border into the USA
Regardless of the physical path the 1's and 0's take the US can't arbitrarily declare things illegal and expect the rest of the world to follow suit.
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
And how much of it is real?
Or are we talking 1.2PB of drawings?
It does. Whether it can or not hasn't deterred our elected officials yet. But Don't worry: They aren't deterred by whether or not the laws they pass are within their power under US law either.
What this means is that a file host refused to comply with their mass surveillance demands and so they're playing their pedo panic card. Perhaps the terrorist card will be played after that.
And people like you will do your marketing (and it is clearly marketing) for this. You even talk like one " If they were providing secure online storage to people whom they knew or should have known". Right.
They reported a hosted site where you sign on to exchange child porn. If accurate, that's a good thing for them to go after.
Obviously if it's done with ulterior motives, like in response to a failure to comply with the NSL equivalent up there, it is a bad thing.
As to how I talk, you have to talk that way if you want to establish the boundaries of someone's liability, civil or criminal. You need to have the possibility to prosecute someone who deliberately looks the other way while crime is happening, or else everybody can look the other way.
They reported a hosted site where you sign on to exchange child porn. If accurate, that's a good thing for them to go after.
"Hosted" still doesn't mean "knew it existed". It just means that it happened to live on their servers.
For a rare non-car analogy, my GMail account "hosts" thousands of attachments I've received over the years, many encrypted (I don't send personal info through any third party in cleartext). Anyone who "knows the password" can get in and view them. Some of them, I've even shared from my GDrive, so someone doesn't even need to know my password, just have a valid GMail account.
How does that materially differ from the situation in TFA, other than in the nature of the content (which Google has no way to check)?
They aren't deterred by whether or not the laws they pass are within their power under US law either.
I guess that would be un-American ;)
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
Good point. Going cloud is inconceivable when an entirely unrelated police action can destroy all of your servers and data.
I'm usually not one to defend this, however as you more or less say, the devil is really in the details. The Courts really rely on wording such as "Knowingly" and "Reasonable" and "For the Purposes of". I don't know the details, but there are plenty of excuses of commercial enterprises that are really illegal operations with a thin veneer of legality.
The crux is if they can prove that they knowingly did anything illegal, and if it was reasonable for them not to know, and if the services provided were for the purposes of... All of which can be pretty difficult to prove, unless they got some pretty damning evidence (which they may have given their actions). They may also have decided that while they con't win, they can at least shut it down or cause disruption or it may lead to other leads etc...
One of my favorite examples of this from my college days, are houses having "Keg Parties". Some idiot would always make the "legal argument" that they were not selling beer, but glasses, and the beer was free. That is utter bullshit, and wouldn't hold up for 5 seconds (Not that they ever bother to change people for this really). Same thing with Secure Encrypted Storage Service. You may say that you are simply offering a service, and what people use it for is not your concern, or that it is being used for business purposes etc... However if your site name is PedoStor and 95% of your users use the service for illegally storing that kind of material, a case could be made regarding the fact that everyone knows about it, and the purposes of the service are actually illegal, etc... Or they may have insiders, or documents, or emails, communication to that effect, etc...
Anyway the summary has lots of stats, but little in the way of actual details, which in a case like this are what really matters. They even mention Megaupload... Can you honestly tell me that most of the stuff on there isn't illegal, what it's actual purpose is and used for, and if you can't, you might want to check in on Kim Dotcom and see how he is doing lately if you think this is unreasonable...
This comment thread is so much funnier with the cloudtobutt extension.
What we are alleging is occurring is that there are individuals and organizations that are profiting from the storage and the exchange of child sexual exploitation material
Well if you are going to charge the data center provider, you might as well go for everyone else who is merely providing a service. Find everyone who downloaded the material and charge their ISPs and their electric utility companies, because if the people weren't downloading underaged-p0rn they would presumably have a lower electric bill and would choose a cheaper plan from their ISP. Or so the logic goes.
Seriously, unless this business was specifically "in the business" of turning a blind eye to or even facilitating activity that reputable hosting companies don't do and providing services which have no practical value to legal businesses, then leave the hosting company alone.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.