Google, Facebook and Twitter To Block "Hash Lists" of Child Abuse

← Back to Stories (view on slashdot.org)

Google, Facebook and Twitter To Block "Hash Lists" of Child Abuse

Posted by samzenpus on Monday August 10, 2015 @07:09AM from the making-it-stop dept.

An anonymous reader writes: Facebook, Google, and Twitter are teaming up with the UK's Internet Watch Foundation (IWF) to share hash lists of blocked indecent images. The move is intended to ensure that a picture pulled from one site can't show up again elsewhere. The BBC reports: "Online security specialists welcomed the move as a positive step, but said it would not block content on the 'darknet' — a network with restricted access — where abusers often posted images."

177 comments

Min score:

Reason:

Sort:

keep honest people safe by digsbo · 2015-08-10 07:15 · Score: 1

This probably isn't a bad idea even though it won't stop the perverts. It greatly lessens the chance someone will come across something they didn't want to see.
1. Re:keep honest people safe by gstoddart · 2015-08-10 07:27 · Score: 2
  
  Well ... this is great if no two things can have the same hash.
  But as soon as it starts blocking my picture of my dinner as kiddie porn, having Facebook and Twitter block it becomes fairly meaningless.
  I mean, are people using Google, Twitter, and Facebook for this stuff?
  
  --
  Lost at C:>. Found at C.
2. Re:keep honest people safe by cdrudge · 2015-08-10 07:28 · Score: 2
  
  I see stuff I don't want to see all the time. That doesn't mean that other people don't have a right to post it. I can't recall a time where I ever came across an illegal image on Facebook or Twitter. Against TOS/AUP, sure. Trashy or tasteless? Definitely. But not illegal.
  And such a policy would be easily be circumvented. Flip the image horizontally. Crop it. Change the resolution slightly. Add more jpeg. Write a meme on it. Change the color balance slightly. It might stop the exact same image from spreading, which isn't a bad thing, but I don't know how much of a benefit it really will be in the end.
3. Re:keep honest people safe by Anonymous Coward · 2015-08-10 07:30 · Score: 0
  
  Just blocking? You'll have your house surrounded by heavily armed cops for uploading a picture with a matching hash.
4. Re:keep honest people safe by gstoddart · 2015-08-10 07:32 · Score: 1
  
  Of course none of this will work.
  But it gives the appearance of doing something, even if it doesn't have a hope in hell of doing anything.
  I'm sure this is considered largely a PR move to show you're tackling the issue. But if anybody believes this will have any impact, they're kidding themselves.
  
  --
  Lost at C:>. Found at C.
5. Re:keep honest people safe by digsbo · 2015-08-10 07:41 · Score: 4, Informative
  
  Image recognition is straightforward enough today to quickly find almost identical matches and generate the new hash. TinEye is really good for this kind of thing, and I'm sure Google's image match also works sufficiently well to keep an updated list of all the one-offs. Pretty easy to update it just like AdBlock or an SSL cert blacklist.
6. Re:keep honest people safe by lgw · 2015-08-10 07:57 · Score: 5, Insightful
  
  This probably isn't a bad idea even though it won't stop the perverts. It greatly lessens the chance someone will come across something they didn't want to see.
  When they cam for the perverts, I said nothing, for I was not a pervert?
  This exact technology will allow governments to exercise very powerful censorship across the internet (or at least the part of the internet most people see). Want all pictures from that protest rally to vanish? Just twist the arm of any of these companies into adding a few hashes, or just slip them into a list the FBI no doubt routinely provides, and, just like that, down the memory hole. Plus, as you say, this won't stop the perverts. The only thing this actually accomplishes is empowering the totalitarian state.
  We seen a couple of stories here on /. already where IP blocklists were abused by governments to slip in websites of opposing political parties. It's a bit hard to believe this won't be abused similarly.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
7. Re:keep honest people safe by Anonymous Coward · 2015-08-10 07:58 · Score: 0
  
  You're kidding, right? You can't actually think it's possible for these two types of pictures to have a hash collision.
8. Re:keep honest people safe by Anonymous Coward · 2015-08-10 08:09 · Score: 0
  
  Hell yeah it's possible. You just have to be eating the right things for dinner!
9. Re:keep honest people safe by AmiMoJo · 2015-08-10 08:21 · Score: 2
  
  False positives will be hell. It's bad enough that the content might be blocked or de-indexed, but imagine if perfectly innocent photos were tagged as child pornography. It's also worth noting that the IWF is not regulated or overseen in any meaningful way, and once broke Wikipedia with it's overzealous blocking of an album cover that had been on sale in the UK for decades.
  I'm just astounded that this is even worth doing. How dumb do you have to be to post child pornography to Twitter or Facebook?
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
10. Re:keep honest people safe by phantomcircuit · 2015-08-10 08:23 · Score: 1
  
  Possession of child pornography is illegal in itself.
  
  Given that how would they have the original image to match against?
11. Re:keep honest people safe by Anonymous Coward · 2015-08-10 08:24 · Score: 0
  
  If it blocks people from posting pictures of their food I might actually donate some money to this cause.
12. Re:keep honest people safe by chipschap · 2015-08-10 08:31 · Score: 1
  
  It's a bit hard to believe this won't be abused similarly.
  Unfortunately you're right. History shows that any and all technology has been used repressively, and this won't be different. The problem is not technology but human nature.
  I'm all for preventing abuse of children or for that matter abuse of anyone. But if someone thinks they have a simple answer that isn't a two-edged sword, they're dreaming.
13. Re:keep honest people safe by Anonymous Coward · 2015-08-10 08:35 · Score: 0
  
  This probably isn't a bad idea even though it won't stop the perverts. It greatly lessens the chance someone will come across something they didn't want to see.
  And the best thing is that they don't even need to be aware they didn't want to see it. The government will handle that issue for them.
14. Re:keep honest people safe by SuricouRaven · 2015-08-10 08:40 · Score: 4, Insightful
  
  No. I use a similar algorithm to deduplicate my obscenely large stash of furry pornography*. It works, but there's a problem.
  Let's say that the chance of two unrelated images matching is, say, one in million. Great. That sounds amazing - and it is, that's ridiculously optimistic for phash alone, but we can assume they have something better involving composite hashes.
  Now feed into that a sizable database of child abuse imagery - say, ten thousand images. And a copy of the facebook photo library for one day, which is 350 million photos. Yes, that's facebooks claim, do not underestimate the number of compulsive photographers. That's 3,500,000,000,000 comparisons, and at your optimistic one-in-a-million error rate, 3,500,000 false positives to investigate every day.
  It can be done, but it's going to need a bit more than just perceptual hash comparisons.
  *Thus posting as AC.
15. Re:keep honest people safe by SuricouRaven · 2015-08-10 08:41 · Score: 4, Funny
  
  Got to caught up in checking the math I forgot to tick the box. Bah. Well, no-one cares anyway.
16. Re:keep honest people safe by SuricouRaven · 2015-08-10 08:44 · Score: 1
  
  They'll be using a perceptual hash. I recall Microsoft has one that's already in use in law enforcement for this purpose.
  If it's a perceptual hash, changing resolution will achieve nothing. Nor will color balance, or jpeg compression. Meme might. Cropping or flipping certainly will though, at least for the phash algorithm I'm familiar with.
17. Re:keep honest people safe by digsbo · 2015-08-10 08:45 · Score: 1
  
  Law enforcement agencies are allowed to hold this stuff for training and evidence. If it's for enforcement purposes, they can do it.
18. Re:keep honest people safe by BitterOak · 2015-08-10 08:47 · Score: 1
  
  But as soon as it starts blocking my picture of my dinner as kiddie porn, having Facebook and Twitter block it becomes fairly meaningless.
  The question you need to ask yourself is "Why am I uploading pictures of my dinner?" Seriously. People do that all the time, and I have to wonder why. Does anyone really enjoy seeing other people's dinner? What's next? People posting pictures of their poop?
  
  --
  If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
19. Re:keep honest people safe by BitterOak · 2015-08-10 08:49 · Score: 3, Informative
  
  Possession of child pornography is illegal in itself. Given that how would they have the original image to match against?
  Almost every child pornography possession statute that I've seen has an exception for law enforcement activities. For example, a jury examining photos in a jury room wouldn't be guilty of possession if those photos are evidence presented at trial.
  
  --
  If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
20. Re:keep honest people safe by digsbo · 2015-08-10 08:50 · Score: 1
  
  A couple of simple methods to avoid false positives include including a couple other generated or inherent values (image size, a few pixel colors, etc.). Hash lookup does five-nines of sorting through that, then a quick set of comparisons like those narrows it to one or two images, which can be compared using image recognition. Do the cheap comparisons first, and only do more expensive false-positive checks for the positive matches.
21. Re:keep honest people safe by digsbo · 2015-08-10 08:52 · Score: 1
  
  How dumb do you have to be to post child pornography to Twitter or Facebook?
  Think of the 17 yo girl who sends her boob pic to her boyfriend. This protects her against her own bad judgment, or against the bad judgment of her boyfriend, or the many, many "friends" who will see and re-share that pic, which to the casual observer could just as easily be an 18yo.
22. Re:keep honest people safe by compro01 · 2015-08-10 08:54 · Score: 1
  
  What exactly would lead you believe that the IWF is competent enough to do that?
  
  --
  upon the advice of my lawyer, i have no sig at this time
23. Re:keep honest people safe by digsbo · 2015-08-10 08:57 · Score: 2
  
  The only thing this actually accomplishes is empowering the totalitarian state.
  Since I'm usually on your side of that argument, I will respond by saying that there are already plenty of filtering/sifting technologies in place. I think you're getting to the point in your argument where "anything that can be used by the totalitarian state is a bad thing", which almost sounds like insisting we don't build or implement anything new that's useful to deal with large amounts of information.
24. Re:keep honest people safe by digsbo · 2015-08-10 09:01 · Score: 1
  
  Well, execution of any implementation plan is going to be limited by the competence of the implementors, huh? Doesn't mean the idea itself is unrealistic.
25. Re:keep honest people safe by TWX · 2015-08-10 09:14 · Score: 1
  
  I'm guessing that the album was from Blind Faith...
  
  I've always wondered how society will react over time as perspectives shift, and things that were previously acceptable become taboo.
  
  --
  Do not look into laser with remaining eye.
26. Re:keep honest people safe by TWX · 2015-08-10 09:15 · Score: 1
  
  Until other sites mirror it and add a watermark, or change the resolution, or crop the image, or color-shift the image to be artsy...
  
  --
  Do not look into laser with remaining eye.
27. Re:keep honest people safe by darkain · 2015-08-10 10:03 · Score: 1
  
  I guess you've never heard of Google Reverse Image Search then? It searches based on the contents of the image, not a direct binary comparison. It is quite awesome, in fact.
  https://www.google.com/search?...
28. Re:keep honest people safe by Anonymous Coward · 2015-08-10 10:13 · Score: 0
  
  Think of the 17 yo girl who sends her boob pic to her boyfriend.
  Done.
  
  This protects her against her own bad judgment, or against the bad judgment of her boyfriend, or the many, many "friends" who will see and re-share that pic, which to the casual observer could just as easily be an 18yo.
  Oh...so that's where you were going with that. No, nevermind, that's probably better.
29. Re:keep honest people safe by Garridan · 2015-08-10 10:23 · Score: 2
  
  I, for one, will be generating trillions of copies of the Virgin Killer cover art, to cover as much of the hash space as possible.
30. Re:keep honest people safe by phantomcircuit · 2015-08-10 10:42 · Score: 0
  
  I'm thinking that's probably a violation of federal law and like most of the us legal system they are entirely reliant on prosecutorial discretion to avoid prison time.
31. Re:keep honest people safe by Anonymous Coward · 2015-08-10 10:55 · Score: 1
  
  But as soon as it starts blocking my picture of my dinner as kiddie porn, having Facebook and Twitter block it becomes fairly meaningless.
  The question you need to ask yourself is "Why am I uploading pictures of my dinner?" Seriously. People do that all the time, and I have to wonder why. Does anyone really enjoy seeing other people's dinner? What's next? People posting pictures of their poop?
  Please, I've been instragramming pictures of my poop ever since they had that old-timey sepia filter. It lends an air of class to the subject and encapsulates the very essence of today's social media.
32. Re:keep honest people safe by fche · 2015-08-10 11:01 · Score: 2
  
  Bravo on your stoicism!
33. Re:keep honest people safe by fche · 2015-08-10 11:02 · Score: 1
  
  An idea that relies on unrealistically competent (or benevolent) implementers is itself unrealistic.
34. Re:keep honest people safe by Cito · 2015-08-10 11:04 · Score: 1
  
  But... But...But...
  How are folks supposed to find r@ygold, hussyfan, kingvid, pthc, babyshivid ???!?!?!? :P
35. Re:keep honest people safe by jrumney · 2015-08-10 11:43 · Score: 2
  
  When they cam for the perverts, I said nothing, for I was not a pervert?
  If I catch my daughter camming for the perverts, I certainly am not saying nothing.
36. Re:keep honest people safe by digsbo · 2015-08-10 11:46 · Score: 1
  
  You mean like towards homosexuals, or transgendered people?
37. Re:keep honest people safe by hairyfeet · 2015-08-10 11:51 · Score: 1
  
  It was Scorpions "Virgin Killer" IIRC.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
38. Re:keep honest people safe by blueg3 · 2015-08-10 11:53 · Score: 2
  
  Let's say that the chance of two unrelated images matching is, say, one in million. Great. That sounds amazing - and it is, that's ridiculously optimistic for phash alone, but we can assume they have something better involving composite hashes.
  For the reasons you outline, a hash with a one-in-a-million collision rate (one in 2^20) is worthless for this purpose and for many purposes. Maybe this is an accurate rate for phash. That's because it's a fuzzy hashing algorithm. Typically, all of these law enforcement applications use MD5 or SHA-1, which have collision rates around 2^128 to 2^160 (not including manufactured hash collisions).
  
  Now feed into that a sizable database of child abuse imagery - say, ten thousand images. And a copy of the facebook photo library for one day, which is 350 million photos. Yes, that's facebooks claim, do not underestimate the number of compulsive photographers. That's 3,500,000,000,000 comparisons, and at your optimistic one-in-a-million error rate, 3,500,000 false positives to investigate every day.
  It can be done, but it's going to need a bit more than just perceptual hash comparisons.
  The numbers are, of course, much different when your hash has collision rate that's many, many orders of magnitude lower.
  The interesting thing is that your hash mechanism really is untrustworthy if any two images in your total pool (Facebook photos + child abuse photos) have a collision. Since the Facebook photos dominate that set, you really can just look at the probability of a collision within the Facebook set. MD5 hashes are good up to about a trillion different items, which is much larger than even years of Facebook photo data.
  IWF, incidentally, claims they will be publishing MD5, SHA-1, and PhotoDNA hash lists. I can't comment on the collision rate of PhotoDNA hashes.
39. Re:keep honest people safe by blueg3 · 2015-08-10 11:54 · Score: 1
  
  They almost exclusively use binary hashes (MD5, SHA-1).
40. Re:keep honest people safe by blueg3 · 2015-08-10 11:56 · Score: 1
  
  Well ... this is great if no two things can have the same hash.
  With even the worse of the acceptable cryptographic hashes, it is essentially true that no two things can have the same hash*.
  * Barring manufactured collisions, which are best avoided but may or may not be a problem depending on your application.
41. Re:keep honest people safe by cpuffer_hammer · 2015-08-10 18:15 · Score: 1
  
  There have to be collisions or else it would be a encryption or compression system.
42. Re:keep honest people safe by SuricouRaven · 2015-08-10 19:09 · Score: 1
  
  PhotoDNA is a perceptual hash. It's functionality is similar to phash - it might be a bit better, but I wouldn't expect it to be much better. Neither are going to come close to one-in-a-million: I picked a number that was intentionally optimistic.
  Cryptographic hashes would eliminate the false positive problem, but are trivial to alter. Beyond trivial: It happens frequently without even intending to do so.
  You don't need to look at collisions within the facebook sex - only those involving an image from each set, facebook and child abuse.
43. Re:keep honest people safe by SuricouRaven · 2015-08-10 19:10 · Score: 1
  
  True, but a cryptographic hash gets the collision rate down to the point it can be considered negligible.
44. Re:keep honest people safe by Anonymous Coward · 2015-08-10 20:51 · Score: 0
  
  Cryptographic hashes are too sensitive to trivial changes to the image file.
45. Re:keep honest people safe by Anonymous Coward · 2015-08-10 21:23 · Score: 0
  
  No they don't. The likelihood of collisions depends only on the effective number of bits in the hash. If you have a 32 bit hash, and more than 2^32 images, you are guaranteed to have collisions.
  The only thing a cryptographic hash gets you is that people have worked hard to verify that the effective bits are the same as the actual number of bits, i.e. an equal distribution over all possible hash values.
46. Re:keep honest people safe by digsbo · 2015-08-11 01:53 · Score: 1
  
  Who? TinEye does not almost exclusively use binary hashes. I've tested their stuff. It deals with flipping, overlap/underlap, and is even good at picking things up from different angles and partial image matching.
47. Re:keep honest people safe by blueg3 · 2015-08-11 02:20 · Score: 1
  
  IWF, the organization named in the summary who is providing "hash lists" to Google, Facebook, and Twitter.
48. Re:keep honest people safe by blueg3 · 2015-08-11 02:24 · Score: 1
  
  I didn't say there weren't.
49. Re:keep honest people safe by blueg3 · 2015-08-11 02:26 · Score: 1
  
  No they don't. The likelihood of collisions depends only on the effective number of bits in the hash. If you have a 32 bit hash, and more than 2^32 images, you are guaranteed to have collisions.
  Yes, they do, because the shortest available cryptographic hash has a 128-bit output.
50. Re:keep honest people safe by sociocapitalist · 2015-08-11 03:21 · Score: 1
  
  *Thus posting as AC.
  Oops?
  Re:keep honest people safe (Score:5, Insightful)
  by SuricouRaven (1897204)
  Get some help.
  
  --
  blindly antisocialist = antisocial
51. Re:keep honest people safe by Anonymous Coward · 2015-08-11 03:34 · Score: 0
  
  A better system is hashing grayscale thumbnails of images.
  This not only gets around minor changes to images, it is easier to compare the images since they are smaller.
  Image collision?
  Do a blurry edge detection comparison, or color detection, or any number of other comparison methods on a much smaller image.
  They already have several thumbnails generated from your uploaded images.
  And as always, do it in segments. 3x3 group of tiles from the image and hash and scan for shape/color/etc in each segment separately.
  This should cut down most of those collisions to something barely worth considering.
  In the case that something does get flagged through the secondary scans, then you check it to see if it is indeed an abuse image.
  Also a better hashing method can't hurt. Most generic hashes are horrible for uses like this.
52. Re:keep honest people safe by SuricouRaven · 2015-08-11 04:37 · Score: 1
  
  "The likelihood of collisions depends only on the effective number of bits in the hash."
  True for cryptographic hashes. Perceptual hashes are another thing entirely. You don't compare them for identical values, you look for similar values, usually defined by low hamming distance.
53. Re:keep honest people safe by SuricouRaven · 2015-08-11 04:39 · Score: 1
  
  Congratulations, you have invented the perceptual hash. That is exactly how they work.
54. Re:keep honest people safe by SuricouRaven · 2015-08-11 04:42 · Score: 1
  
  I got too caught up counting zeros to make sure the math was correct, and forgot to tick the box.
55. Re:keep honest people safe by kmoser · 2015-08-11 06:38 · Score: 1
  
  How would Twitter or Facebook know in advance what the hash of that photo would be so they could block it proactively?
56. Re:keep honest people safe by digsbo · 2015-08-11 08:57 · Score: 1
  
  Ah, I wasn't clear. Poorly worded on my part. After it was taken down and added to the list, it couldn't be reposted.
Oh no, the darknet! by Anonymous Coward · 2015-08-10 07:16 · Score: 1

Why is the darknet Google's responsibility, again?
First porn, and then... by Anonymous Coward · 2015-08-10 07:18 · Score: 0

"As the Americans learned so painfully in Earth's final century, free flow of information is the only safeguard against tyranny. The once-chained people whose leaders at last lose their grip on information flow will soon burst with freedom and vitality, but the free nation gradually constricting its grip on public discourse has begun its rapid slide into despotism. Beware of he who would deny you access to information, for in his heart he dreams himself your master."
1. Re:First porn, and then... by Anonymous Coward · 2015-08-10 07:24 · Score: 0
  
  CP isn't "information", it is abusive and criminal to create, view, or distribute.
2. Re:First porn, and then... by Anonymous Coward · 2015-08-10 07:29 · Score: 0
  
  I think OP was implying that hash lists will eventually be used for other media, which they obviously will.
3. Re:First porn, and then... by bluefoxlucid · 2015-08-10 07:34 · Score: 4, Insightful
  
  Wait, is it abusive to view and distribute? It's abusive to create, for certain; I'm not sure I buy the line about viewing and distributing.
  OIG explained to our entire department one day that, each time a person views a child pornography image, the person in the image is victimized again. I've not yet wrapped my head around the idea of someone suddenly stopping somewhere as the finger of God touches them inappropriately, collapsing to their knees and gasping for breath in distress as some dude in Korea looks at their naked 12-year-old body.
  Many in the last decade held the opinion that the greater crackdown on child pornography possession was an excuse to draw attention away from the lack of action against child pornography production. What happened? Do we now all accept producers and care most about consumers? That sounds like a by-the-numbers approach confounding two very different things: 10 producers and 990 consumers are not 1000 child abusers, but 10 child abusers. Eliminate 900 of the consumers and you still have exactly as many children being abused exactly as frequently--and my own sense of doing it by the numbers tells me the numbers aren't any better in that case. I'll be the first to push 100,000 kids off a cliff in a bus to save 1,000,000 people from terrible death, but methinks you've simply avoided saving anyone and, perhaps, saved yourself dirtying your hands with the bus.
  It's not that I disagree with what you're doing, Mr. Anderson; I just want to ensure you're going about it in the most efficient way.
  
  --
  Support my political activism on Patreon.
4. Re:First porn, and then... by Anonymous Coward · 2015-08-10 07:39 · Score: 0
  
  You're ignoring social feedback as motivation for criminal behavior. Try again.
5. Re:First porn, and then... by Anonymous Coward · 2015-08-10 07:42 · Score: 1
  
  Take away the consumers and the producers will have fewer reasons to produce. It isn't a perfect system, but they do go hand in hand.
6. Re:First porn, and then... by Anonymous Coward · 2015-08-10 07:45 · Score: 0
  
  Follow the money. If they don't pay, they're not consumers.
7. Re:First porn, and then... by Anonymous Coward · 2015-08-10 07:54 · Score: 0
  
  I've not yet wrapped my head around the idea of someone suddenly stopping somewhere as the finger of God touches them inappropriately, collapsing to their knees and gasping for breath in distress as some dude in Korea stabs a needle into a straw doll
  
  FTFY. The idea that psychic powers cause injury to a subject is voodoo either way.
  There are good reasons to stem demand for child porn, this isn't one of them.
8. Re:First porn, and then... by Anonymous Coward · 2015-08-10 07:58 · Score: 2, Insightful
  
  That would work if most CP was created for profit instead of for the joy of molesting a 12 year old and sharing that with others of the same mindset.
9. Re:First porn, and then... by Anonymous Coward · 2015-08-10 08:00 · Score: 0
  
  You decide to create amateur pornography with your mate. You upload it to the web, but it gets a pitiful amount of views. Which activities do you stop: sex with your mate, recording sex with your mate, and/or uploading the recordings?
10. Re:First porn, and then... by Anonymous Coward · 2015-08-10 08:10 · Score: 0
  
  How about just not sexually abusing children?
11. Re:First porn, and then... by Anonymous Coward · 2015-08-10 08:17 · Score: 5, Insightful
  
  How about recognizing that these feelgood solutions are more for getting it outta sight outta mind than for actually stopping the abuse of children?
12. Re:First porn, and then... by SuricouRaven · 2015-08-10 08:45 · Score: 1
  
  You are suggesting legalising the possession of child pornography. Only a child abuser would want that!
  BURN THE EVIL ONE!
13. Re:First porn, and then... by Serpent+33 · 2015-08-10 08:52 · Score: 1
  
  Only thing I can see with this, is that you can't get rid of pedophilia... It's something in the brain, we can't get rid of it completely, so the "consumers" you are talking about will never go away. You get rid of one, another is born to take their place. That's the problem with that solution.
14. Re:First porn, and then... by narcc · 2015-08-10 09:03 · Score: 1
  
  It seems like the wrong approach. If the war on drugs has shown us anything, it's that targeting the larger pool of users isn't terribly effective. Unlike the war on drugs, however, we wouldn't be fighting a hydra. I would doubt that there's a huge hierarchy, with a host of lieutenants ready to step in to the lead role. Targeting producers, then, is likely to have a far greater impact.
  
  --
  Required reading for internet skeptics
15. Re:First porn, and then... by narcc · 2015-08-10 09:08 · Score: 1
  
  How about recognizing that these feelgood solutions are more for getting it outta sight outta mind than for actually stopping the abuse of children?
  I had not considered that. A shame you posted AC, as this is well-deserving of a +5 insightful.
  More than just the high potential for abuse, it's worse-than-useless.
  
  --
  Required reading for internet skeptics
16. Re:First porn, and then... by Anonymous Coward · 2015-08-10 09:59 · Score: 0
  
  Yes, it is abusive to have people viewing illicitly taken photos of you being abused as a child. They're haunted by shame, even though they were simply victims.
  It's not so much that they magically know and feel pain whenever someone sees them, but the infamy of being part of that horrible collection of abusive images is hurtful to the victims. Imagine those getting passed around your workplace or school, for example... it's not a pretty thought.
17. Re:First porn, and then... by Anonymous Coward · 2015-08-10 16:36 · Score: 0
  
  It's not so much that they magically know and feel pain whenever someone sees them, but the infamy of being part of that horrible collection of abusive images is hurtful to the victims.
  Which leads to the question, how would you be aware of having infamy of being part of that horrible collection of abusive images? It seems that if anything the law being written to simply make it so people couldn't talk about such images would do more than, you know, prosecutors going out of their way to loudly announce when, where, and how infamous certain series of images are. I mean, the whole argument just screams about putting things in the closet to not be known. It says nothing of actually ending the actual viewing of the images or even general distribution. The last part would only effect a person if they were to explicitly seek out those images, and at that point it's really hard to blame anyone but said victim for seeking to be informed to be hurt.
  
  Imagine those getting passed around your workplace or school, for example... it's not a pretty thought.
  Which leads to the second point: if it happens, it happens. Making laws against it, be they anti-child pornography laws or simply anti-harassment laws don't change whether there are those who would be assholes and distribute such photos. It doesn't take a specific law to make such activities illegal and it shouldn't really be the issue of legality that should reflect upon how people act towards such assholes. Ie, you should be fired from work and/or shunned at school for such horrid behavior. The victim, meanwhile, should be treated as blameless and any shame should be levied at said asshole.
  The real problem is that people, generally, are assholes and there's not near enough social cohesion on something so reprehensible. Speaking out does nothing because too many people are too cowardly to shun assholes and risk being a target themselves. Yes, that does seem like an unfair transference to say being cowards of assholes makes people assholes, but I think it's a fair assessment of why there are so many issues in societies. This isn't a strain of respect for individualism or individualism against some group-think against supposed assholes. This is a persistent apathetic behavior towards others and lots of hand waving about freedom or liberty or other bullshit to pretend that social behavior cannot be without law.
  So, in the end, I can't say I entirely disagree with you on one level. To make a drum beat about illegal child porn has done more to social cohesion than most other more obvious, straight forward, yet not so clearly cohesively binding reasons to mostly nullify such abusive behavior. In the end, though, it's the drum beat and not the law that prevents those images from being passed around workplaces and schools. And yet, not enough that people aren't still called whores and sluts and shamed for consensual sex.
18. Re:First porn, and then... by Anonymous Coward · 2015-08-10 21:59 · Score: 0
  
  Have you considered that these data sets are a by-product of the investigations and evidence gathering of law enforcement?
  i.e. they are working on stopping the abuse, this project is just a bonus side-effect?
19. Re:First porn, and then... by gweihir · 2015-08-11 00:20 · Score: 1
  
  This is simple economics: If they stop 10 producers of CP, they have arrested 10 people. If they stop 1000 consumers, the still have the 10 producers out there, creating new consumers and they can claim 100x the "success". Add to that that in many countries no-victim CP (drawings, comics, texts, etc.) are illegal as well, they can present their huge successes in "fighting CP" to get more power and funding, while at the same time they can make sure the sources do not dry up. Of course this means not fighting actual child abuse, because if they went after those that hurt children and document it, they would slaughter the goose that lays golden eggs for them. And in addition, finding and stopping those that abuse children is much, much harder, as very likely only a tiny part of actual child abuse ends up on the Internet.
  Hence, overall, there is no real interest in rescuing or protecting any children here. The incentives have gotten entirely perverted, to the detriment of any and all children that get abused.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
20. Re:First porn, and then... by gweihir · 2015-08-11 00:26 · Score: 1
  
  There is something inherently wrong in making the possession of any specific configuration of bits illegal. Sure, selling them, creating them is different, but criminalizing possession is just a cop-out by law enforcement to make their job easy so they do not have to prove intent. Hence it has become so easy to kill people socially, just hack their computers and put some CP on then and then give an anonymous tip to law enforcement. In many countries, drawings are already enough to get the desired effect. This is really not helping the problem at all.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
21. Re:First porn, and then... by Half-pint+HAL · 2015-08-11 00:57 · Score: 1
  
  To the people involved in this iniciative, indecent material filtering is no "goose that lays golden eggs" -- it's an ingoing cost which generates no profit. But they don't have the power to take any action more meaningful than simply improving the efficiency of their filtering. Cooperation with rivals makes perfect sense, as there's no "commercial advantage" to be gained.
  
  --
  Got them moderator blues I blieve I walk out the do', With these mod-points I been gettin', I 'most never post no mo'
22. Re:First porn, and then... by bluefoxlucid · 2015-08-11 01:57 · Score: 1
  
  So you're saying the whole system is taking ineffective measures on purpose because it's corrupt? That wastes my money. That behavior is an economic drain, creating more poverty and slowing wealth growth by engaging in cost-producing services with no productive output.
  The goose that lays golden eggs eats entire grain silos of food. You can trade a hundred golden eggs for that food. They're stealing my food and getting an inefficient return. Kill the damn goose so I can eat it.
  
  --
  Support my political activism on Patreon.
Will this work? by MobyDisk · 2015-08-10 07:21 · Score: 1

This isn't too different from our approaches to spam emails. But are these services actually used to share those kinds of images? I wonder who curates the list of hashes, and how long before someone starts adding pictures of stuff they don't like to the list.
1. Re:Will this work? by UnknownSoldier · 2015-08-10 07:29 · Score: 1
  
  Hit the nail on the head.
  Who watches the watchers?
  What accountability will there be?
2. Re:Will this work? by bluefoxlucid · 2015-08-10 07:36 · Score: 1
  
  The lists are never reviewed I'm certain.
  
  --
  Support my political activism on Patreon.
3. Re:Will this work? by Anonymous Coward · 2015-08-10 07:38 · Score: 0
  
  No it will not work. It will just hide the problem better for the average person, allowing them to ignore the unpleasant issue. (Although I doubt there is much Child Porn on Twitter/Facebook anyway)
  It will not safe a single child from abuse. If anything the contrary, because if problems are less visible there is usually less motivation to fix he real problem.
4. Re:Will this work? by cdrudge · 2015-08-10 08:25 · Score: 1
  
  From the wording of the article, I would imagine Internet Watch Foundation (IWF) would be the party that is responsible for curating/publishing the list of hashes. Here in the states, the National Center for Missing and Exploited Children, FBI, and Justice Department maintain a similar database.
5. Re:Will this work? by SuricouRaven · 2015-08-10 08:50 · Score: 1
  
  We have to take it on trust that the lists are accurate and contain no false entries, because there is no independent confirmation and, given the contents of the lists, just possessing a copy without proper authorisation from law enforcement is a crime in most of the world.
6. Re:Will this work? by bluefoxlucid · 2015-08-10 09:26 · Score: 1
  
  Actually, the lists contain a type of image hash that contains no actual image data. You would need the original images to compare.
  
  --
  Support my political activism on Patreon.
7. Re:Will this work? by Anonymous Coward · 2015-08-10 11:44 · Score: 0
  
  IWF? Aren't they the ones who claimed a mass produced Scorpions album cover was illegal porn and had that censored too? I wonder what else is in their hash list - pictures from Ukip's website, etc.
8. Re:Will this work? by Anonymous Coward · 2015-08-10 20:22 · Score: 0
  
  In this particular instance, the list/database is owned by the Home Office, and is built up of evidence seized by police.
  Better link than the one in the summary: http://www.bbc.co.uk/news/technology-33847308
Re:Criticism Inappropriate by Anonymous Coward · 2015-08-10 07:24 · Score: 3, Insightful

Your comment matches a hash submitted to the block list. Please report to the authorities for mandatory castration. Have a nice day.
Image hash too simple to bypass... by Fallen+Kell · 2015-08-10 07:29 · Score: 1

While it is an interesting concept, it is doomed to fail as a simple single pixel edit or hidden attribute edit will change the file's hash.

--
We were all warned a long time ago that MS products sucked, remember the Magic 8 Ball said, "Outlook not so good"
1. Re:Image hash too simple to bypass... by Anonymous Coward · 2015-08-10 07:38 · Score: 2, Informative
  
  While it is an interesting concept, it is doomed to fail as a simple single pixel edit or hidden attribute edit will change the file's hash.
  Its not a hash in the sense of MD5/SHA etc that hashes the file contents at the byte level. Its a perceptual image hash, a well studied technique.
  A image will have the same hash even if a few pixels change or e.g its rotated/mirrored etc.. and resized of course
2. Re:Image hash too simple to bypass... by Fallen+Kell · 2015-08-10 08:05 · Score: 1
  
  To which I give to you Gmask....
  
  --
  We were all warned a long time ago that MS products sucked, remember the Magic 8 Ball said, "Outlook not so good"
3. Re:Image hash too simple to bypass... by SuricouRaven · 2015-08-10 08:46 · Score: 1
  
  A few pixels change yes. Resistance to the others depends upon algorithm. Flipping or rotating work on the basic form of the phash algorithm. I expect they'll be using something more complicated, probably a composite hash incorporating several functions.
4. Re:Image hash too simple to bypass... by Serpent+33 · 2015-08-10 08:55 · Score: 1
  
  Even though that is correct, the problem with hashes of any sort is that they are not exclusive to one single file. Multiple files have the same hash no matter what hash function you use. There is also always a way to change that hash, so you flag a "kiddie porn picture" and you'll get grandma's picture of dinner last night and the "kiddie porn picture" you were targeting in the first place has a different hash because the people who made the pic figured out they were on a hash list...
5. Re:Image hash too simple to bypass... by Anonymous Coward · 2015-08-10 09:07 · Score: 0
  
  Uh... Can you elaborate on this "well studied technique"? Feature Detectors/"Bag of Words" Based Image Matching are the technologies I'm familiar with other than Deep Neural Networks/CNNs(LeNet/AlexNet/GoogLeNet/ZFNet/etc.)
  In the above cases, It's far from an exact science and the false positive rates can be anywhere between 10% all the way down to 1% (depending on how frequently you are willing to tolerate false negatives). I see probably around 1000 images on my computer per day. If they were at .1% false positive rate that would still be 365 unjustifiably blocked images a year(naive estimate assuming the probability of false detection is invariant of the image contents).
  Further, I can't even get a 700mhz raspberry pi to do this sort of number crunching at 10fps. If we start burning coal to run the data centers for this sort of mass image analysis undertaking: how many children will die from the pollution created in the process of hunting witches?
  There's a lot of money to be made in selling people snake oil. It's the responsibility of those informed enough to recognize the folly of these endeavors to point out when they cannot be justified.
  BTW, I just googled "Perceptual Image Hash" and was less than impressed. Same sort of DFT/DCT/Histogram based analysis techniques which are generally considered to be "old-hat" in the vision processing field. They never worked that well for robotics, so I don't imagine they would work much better for this application. Sounds like a case of lipstick on a pig IMHO.
  On the bright side, I learned something today: When Machine Vision research outcomes are disappointing, you can always dust them off, label it "Perceptual Image Hashing", and create a secondary waste stream for otherwise useless algorithms.
  TLDR:
  They all appear to be nothing more than n-dimensional linear classifiers with hard coded thresholds. Very SVM! Such Wow!
6. Re:Image hash too simple to bypass... by blueg3 · 2015-08-10 12:41 · Score: 1
  
  Its not a hash in the sense of MD5/SHA etc that hashes the file contents at the byte level.
  It's MD5, SHA1, and PhotoDNA hashes.
  The standard in most law enforcement forensic applications is MD5 / SHA1, despite the obvious limitations.
  Sadly, it still is reasonably common to encounter byte-identical images that are on the relatively small "known-bad image" hash lists.
7. Re:Image hash too simple to bypass... by Dwedit · 2015-08-10 14:35 · Score: 1
  
  Fortunately, people are idiots and often don't alter the files in any way before re-sharing them. Sometimes even the EXIF tags are intact.
8. Re:Image hash too simple to bypass... by gweihir · 2015-08-11 00:31 · Score: 2
  
  There are "robust" image hashes out there, so that is not the real problem here. The real problem is the huge opportunity to do censorship this way. And anybody even trying to find out whether this is real or a complete abuse of the law will see some illegal pixels and will have searched for them, and hence can be easily removed to jail for a long, long time. Basically, doing it this way removes any legal possibility for ordinary citizens to evaluate what is going on and complain about abuses (except for very specific cases). The chilling effect is staggering. If that is not hugely dangerous, I do not know what is.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
9. Re:Image hash too simple to bypass... by Half-pint+HAL · 2015-08-11 01:03 · Score: 1
  
  Of course the hash won't be bulletproof, but if nothing else, the picture will degrade with every kludge to get it to fail the hashing. But if the hash list is kept among the filterers, how do you know that you need to kludge it? And even if you do, how do you know what's enough to cheat the filter?
  
  --
  Got them moderator blues I blieve I walk out the do', With these mod-points I been gettin', I 'most never post no mo'
10. Re:Image hash too simple to bypass... by SuricouRaven · 2015-08-11 03:02 · Score: 1
  
  I wouldn't even bother.
  I'd stick it inside an encrypted rar or 7z file.
  You'd have to be a real idiot to upload child abuse images in the clear.
11. Re:Image hash too simple to bypass... by Half-pint+HAL · 2015-08-11 05:05 · Score: 1
  
  Most people don't understand encryption. That doesn't make them idiots -- just ill-informed.
  
  --
  Got them moderator blues I blieve I walk out the do', With these mod-points I been gettin', I 'most never post no mo'
12. Re:Image hash too simple to bypass... by SuricouRaven · 2015-08-11 19:46 · Score: 1
  
  If you're dealing with the type of data that major police agencies are actively hunting for, you'd have to be an idiot not to inform yourself on how to get away with it.
Google Photos by Anonymous Coward · 2015-08-10 07:30 · Score: 0

Since Google searches and archives all the photos on your computer, I wonder if they run your pictures through their
hash list. If they find one, bam, you could be in prison for child porn.
Don't they do this already? by Impy+the+Impiuos+Imp · 2015-08-10 07:30 · Score: 1

I'm surprised it took this long. Google must have such a hash list already, better yet an MD5 list, built from their human reviewers of their robot webcrawled image search, so they won't show up in customer searches.
The real question is who keeps a database of pictures to review the list itself. Police? Google? Any normal prosecutor would happily prosecute Google for it just to add a notch to their belt (of asshole behavior).

--
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
1. Re:Don't they do this already? by Anonymous Coward · 2015-08-10 07:49 · Score: 0
  
  a hash list already, better yet an MD5 list
  Can a pedant come along and explain how MD5 is not a hash?
2. Re:Don't they do this already? by Anonymous Coward · 2015-08-10 08:17 · Score: 1
  
  Hello, Impy, yes, they have been doing this (openly) for several years. The illegal images are stored at NCMEC, which has permission. Other places just get the hash values. And it's a sophisticated image-based hash, not a normal math-based one. Search "PhotoDNA" for info, or: https://en.wikipedia.org/wiki/PhotoDNA
3. Re:Don't they do this already? by Anonymous Coward · 2015-08-10 09:09 · Score: 0
  
  If that pedant wants to be wrong, then yes, why not?
4. Re:Don't they do this already? by plover · 2015-08-11 11:50 · Score: 1
  
  a hash list already, better yet an MD5 list
  Can a pedant come along
  Of course.
  
  and explain how MD5 is not a hash?
  No, because that would not be right. MD5 is a member of the family of hash algorithms, so all MD5s digests are hash algorithm digests, but not all digests are MD5 digests. The GP is requesting a list of hashes, but would prefer the subset of that list that consists only of MD5 hashes.
  
  --
  John
Censorship by penguinoid · 2015-08-10 07:39 · Score: 1

Whenever you start itching to censor content you don't like, just keep in mind that some countries consider pictures of women not in a burka to be illegal pornography.

--
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
1. Re:Censorship by Anonymous Coward · 2015-08-10 08:00 · Score: 0
  
  Lets flag this too.
2. Re:Censorship by brantondaveperson · 2015-08-11 08:31 · Score: 0
  
  I'll keep that in mind, so long as you in turn keep in mind that much child pornography is the product of childhood sexual abuse and ruins the victim's entire lives.
  k?
This shit again? by Anonymous Coward · 2015-08-10 07:48 · Score: 0

It doesn't work. We all know that already.
Edit one pixel - different hashtag? by Anonymous Coward · 2015-08-10 07:50 · Score: 0

Doesn't the hashtag of a picture change by editing one pixel? Or by removing one line of pixels?
1. Re:Edit one pixel - different hashtag? by Minwee · 2015-08-10 08:10 · Score: 1
  
  Doesn't the hashtag of a picture change by editing one pixel? Or by removing one line of pixels?
  I'm pretty sure that posting an image with the comment "#thisischildporn" is going to raise some eyebrows no matter what how much you change the image.
  The cryptographic hash of a file, on the other hand, is usually a little more sensitive.
  When dealing with image recognition you really want to account for things like the image being resized, colours adjusted, or borders being added and removed. In this case you would want to do something like take the image, rescale it to a fixed size, reduce the colour palette and then create a hash of the resulting image. This allows you to spot matches even if the image has been scaled down, blurred or watermarked, or, in some rare cases, replaced with a photograph of a giant watermelon.
  We're still working on that last part and Her Majesty regrets the unfortunate incident involving the torch bearing mob at the farmers' market.
2. Re:Edit one pixel - different hashtag? by Serpent+33 · 2015-08-10 08:57 · Score: 1
  
  Even if we get to that point, though, there will always be ways around a hash. Always. It's the nature of the beast with digital data. When you try to block certain combinations of ones and zeroes, there's always other ways to put those ones and zeroes together to get the same result.
Re:Criticism Inappropriate by Anonymous Coward · 2015-08-10 07:50 · Score: 0

bravo on another successful kafkatrap (parody?)
This totally won't be abused. by Anonymous Coward · 2015-08-10 07:50 · Score: 0

Lol. The second thing added to the list will be all the Gamergate image memes making fun of Brianna Wu.
Can't or won't? by sims+2 · 2015-08-10 07:52 · Score: 1

It should have said they can't censor things on the darknet not won't.
If won't is correct are they running the darknet sites in question?

--
Minimum threshold fixed. Thanks!
1. Re:Can't or won't? by KGIII · 2015-08-10 14:50 · Score: 1
  
  Google has nothing to do with the darknet. They do not even crawl it. While there is some unsavory content on the darknet it is really what the internet was supposed to be like. Hell, in a way it is what the internet was.
  
  --
  "So long and thanks for all the fish."
This is an attack on speech; Utterly futile for CP by Anonymous Coward · 2015-08-10 08:02 · Score: 5, Informative

Hate crime (also known as bias-motivated crime) is a usually violent (lock em up, kidnapping, sex offender lists, etc), prejudice motivated crime that occurs when a perpetrator (social justice warriors) targets a victim because of his or her perceived membership in a certain social group (paedophilia).
This fight against paedophiles is really just unjustified homophobia in disguise, a form of racism, etc. The Internet Watch Foundation is not attacking child abuse, they are attacking paedophiles. The very article describes this as a " fight against paedophiles". There is no reason to think the vast majority of paedophiles are harming kids. This is why they're attacking child pornography. It's an easy target that won't go away and they can't possibly eliminate.
It shares so many similarities with the war on drugs. If there is one group of people you can attack and generally get agreement on this is it. It's too small, unorganizable, spread out, etc, and nobody would dare defend it out of fear for there lives. This gives the social justice warriors ample room to do what they want. They are really nothing but a misguided group of racists spreading hatred and fear. You wouldn't attack homosexuals because some are sexually abusing little children. It's no different with paedophiles. The entire war on paedophilia is identical to the war on drugs. It's utterly illogical. The idea that porn leads to sexual abuse was disproved long ago. It's just like violent video games leading to violence in the real world. The reality is studies have shown the exact opposite to be true.
This is doing nothing other than implementing a system of censorship and giving people the perception something is being done to stop child abuse. It's not. The article even says they're not able to stop the spread. It's not even illegal to be a paedophile, and yet they have no aversion to expressing there hatred for this group. They accuse an entire group of wrongdoing when there is zero evidence of that. There isn't any means to even produce such evidence because all the studies that back up paedophiles being bad were done on an imprisoned population which wouldn't represent paedophiles as a whole. It only represents violent paedophiles. It's no different than doing a study on homosexuals after locking up homosexuals. There is going to be a disproportionate number of violent homosexuals in custody.
They're not attacking people who abuse children. They're attacking a group of people who are hated for no logical reason. It's no different than attacking homosexuals for what a minority have done.
Go watch the 1950's Anti-Homosexual PSA - Boys Beware to see exactly what I'm talking about:
https://www.youtube.com/watch?v=17u01_sWjRE
They imply all homosexual are evil-doers that want to harm little children. It's utter nonsense.
One Bit by Jodka · 2015-08-10 08:04 · Score: 1

from the ./summary:

...but said it would not block content on the 'darknet' — a network with restricted access — where abusers often posted images."
Well that is one way to defeat the blocking. Or you could flip just one bit in the entire image and that would change the hash. Pick an LSB anywhere and nobody will notice that it is a different image. Assuming it's a hash of the entire image, and not a subsample. And assuming that image compression does not swallow your LSB flip. Even without those assumptions, there will be many trivial and, to the eye, undetectable, transformations which would defeat the hash.
But something tells me that the sort of people trading in this stuff would not be looking to defeat the blocking anyway. They probably want to keep their nasty viewing habits as private as possible, and the fewer people who stumble across that stuff and report it the better off they are.
So FaceBook, Google et. al. are not fighting child abuse, they are covering it up, walling it off from the decent, respectable part of the internet so that we upstanding citizens are not accidentally exposed to it, In a doing so, they facilitate the interests of those who trade in that stuff.

--
Ceci n'est pas une signature.
under the carpet by X10 · 2015-08-10 08:04 · Score: 1

Blocking pictures of child abuse is like sweeping them under the carpet: we don't see them, but pedophiles can still download them. I fail to see how this prevents further abuse of the children in the pictures. And just to be clear: we are talking about adult men, sometimes elderly men, having sex with todlers. Penetration sex that is. And yes, that too.

--
no, I don't have a sig
cradle to... by r-diddly · 2015-08-10 08:04 · Score: 1

If you're a child, Google is looking out for you. If you're over 50 and Google's own employee, you can suck it unless you want to sue them for 6 years to get fair treatment.
So if they can do this with pictures by Anonymous Coward · 2015-08-10 08:05 · Score: 0

they certainly can do that with copyright violations, can't they? Because you know... that's illegal too... and if Google, Facebook, Microsoft, etc CAN do this to stop CP, then why don't they do it for movies, books, music, etc? Are they willingly partecipating to a crime because they don't believe it is serious enough? Isn't the law equal for everyone or do we have here some people more "equal" than others?
1. Re:So if they can do this with pictures by KGIII · 2015-08-10 14:54 · Score: 1
  
  I would not be willing to do bit flipping and image manipulation for child pornography but I'd start ripping everything I own and sharing it if they did it with music and movies. Then again, I do not own any child porn.
  
  --
  "So long and thanks for all the fish."
Convenient excuse for blocking media? by Anonymous Coward · 2015-08-10 08:08 · Score: 0

Let's not forget that the MPAA has long wanted Google to block access to their copyrighted media. Implementing hash-based blocking for purposes of "Save the children" just happens to give Google the mechanism which MPAA needs to enforce media blocking as well.
The biggest hurdle for net-wide MPAA censorship may have just vanished. Getting their media hashes into the hash lists will be comparatively easy, by a large variety of means.
Telecoms, ISPs and the hash list by BrookHarty · 2015-08-10 08:11 · Score: 1

Worked at AT&T and T-Mobile and they ran the hash list along with a virus scan on emails, mms messages and photo albums. I'm sure other image hosting services run the same checks. If any photo popped, you had to notify this third party company who acted with the cops. If a cop had a warrant, you would call the telcom to have an engineer to drop a dvd in the admin server, run a collect script that zips everything up, and then have the police department show up and pick up the dvd outta the dvd-rom drive. Nobody is allowed to touch the DVD. Maintains the chain of custody.
1. Re:Telecoms, ISPs and the hash list by Serpent+33 · 2015-08-10 08:59 · Score: 1
  
  Just because something has the same hash as the "target" picture, in no way means that that thing is the "target". Hashes are not exclusive to the file they are on. By the very nature of a hash function, it is impossible to have one file = one hash.
2. Re:Telecoms, ISPs and the hash list by Anonymous Coward · 2015-08-10 20:26 · Score: 0
  
  That might be why the evidence gets handed to the police...
  So they can, you know, investigate it....
3. Re:Telecoms, ISPs and the hash list by gweihir · 2015-08-11 01:17 · Score: 1
  
  There is also no legal way for any ordinary citizen or company to verify the hashes are actually hashes of CP. They could be hashes for something else entirely. This is obviously an intended thing.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
4. Re:Telecoms, ISPs and the hash list by plover · 2015-08-11 13:31 · Score: 1
  
  The courts won't convict you of having a file that hashes to a known bad number. They will convict you of having an actual image of child porn. The hash digests are just a way for ISPs and law enforcement to perform a comparison without needing the actual thing to compare against.
  There's a lot more to this than just saying "child porn". Once an automated system discovers a file that matches a hash, they involve an investigator. The investigator first views the image in question, and if it's a false positive, discards it, case closed.
  If the data in question is or could be child porn, they investigate further, obtaining logs from the parties involved, finding out who else this person communicates with, online forums they frequent, etc., and compares the images they've already recovered to other cases involving child pornography. They document every finding. Once they've built up a case, they present their evidence to a judge and request a warrant. During the exercise of the warrant, they'll try to monitor the suspect to determine the exact moment he is online, then execute the warrant without warning in hopes of catching the suspect in the act of viewing child porn, or at least of having the files decrypted at the time they execute it. They'll bring a "mouse wiggler", which is a USB stick that emulates a mouse moving up/left/down/right every few seconds in order to prevent the activation of any screen savers or auto-locking mechanisms. They use a UPS to keep the device powered up in order to bring it to the digital forensic investigator, who will take an image of the computer's memory and image all the writable storage they find. They may have only once chance to recover the encryption keys used by the suspect, and it's possible if they're still in memory. And they will confiscate every digital device in the suspect's home. The forensic investigator will then trawl through the drive image, looking at any image files. There are forensic investigation programs such as Encase and Autopsy that provide a quick way to display any files it can encounter. These programs include knowledge of the various file systems in common use, and can find images in ZIP files, images inside nested ZIP files, image files in the recycle bins, and any deleted files in unallocated disk space that they can still recover. They have specific capabilities of searching for many various things including cached IP addresses, browser histories, password managers, and pretty much any regexp the investigator can come up with. Perhaps there's a password reset message still lurking in the Trash mailbox. Or there might be record of an online payment to a co-conspirator. It's surprising how few people have good enough operational security to erase all their tracks.
  Once they've found evidence, anything the investigator can do to help identify the scene of the crime and/or the identities of the parties involved is top priority. This might include obvious things like EXIF tags in the images, or a hotel room service menu in the corner of an image, or they may check out clothing, decor, monogrammed towels, etc. There have been cases where the child's face was distorted with a paint tool but was recovered by the investigator.
  If any usable data comes of this, the police will contact child services to see if the victim(s) can be identified, located, and helped.
  Investigating these is a really awful job, and it takes someone with an iron stomach to do it, but it comes with the occasional reward that you've helped put away someone who is involved in the rape and torture of little children, and sometimes even helped rescue a child from a horrific situation. I have a friend who's been doing it for over a decade, and I still don't know how he can go home and sleep some nights. Most of his co-workers burn out after just a year or two on the job, because it really is heart wrenching. Sickening as it can be at times, it is a truly necessary job.
  
  --
  John
5. Re:Telecoms, ISPs and the hash list by gweihir · 2015-08-11 20:52 · Score: 1
  
  You misunderstand. These hashes can be used to find and identify people that are sending entirely different, and possibly legal, pictures around. That allows them to do things that would require a specific warrant. But as nobody can verify what they are hashing, there is zero possibility for legal action to stop this.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
6. Re:Telecoms, ISPs and the hash list by plover · 2015-08-12 16:39 · Score: 1
  
  Ah, so you're saying they would follow people sharing a picture of the "Secret Seal of the Anonymous Collective", and since they're the evil bad guys of the month, let's track them down too. Good point.
  
  --
  John
Re:This is an attack on speech; Utterly futile for by Anonymous Coward · 2015-08-10 08:12 · Score: 1

I absolutely agree with you.
finding producers by Anonymous Coward · 2015-08-10 08:14 · Score: 0

my idea that i cannot fund but should be used is facial recognition for children/ the child abuse picture is ran against a database of school pictures to find which school the child goes to. Then with the address a follow up investigation can be run.
Quote by Anonymous Coward · 2015-08-10 08:18 · Score: 1

The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all.
H. L. Mencken
Being very, very honest... by pruedz · 2015-08-10 08:41 · Score: 0

I would not team up with anything called "Internet Watch Foundation". I mean, this just sound like an excellent excuse to spy on people and anyone against this is probably a pedo, right? Maybe I'm just that boy in the crowd yelling that the King is naked... The only thing that this can (maybe) avoid is sharing of such (unencrypted) images, but do not stop abuses at all...
I see a problem. by SuricouRaven · 2015-08-10 08:48 · Score: 1

What utter moron of a child abuser would upload their pictures to facebook?
They might not be the brightest of criminals, but seriously... they'd have to be pretty dumb to do that.
1. Re:I see a problem. by Greyfox · 2015-08-10 11:57 · Score: 1
  
  This isn't about this. This is about the governments and their corporate cronies (Or the corporations and their government cronies) ramping up their efforts against the darknets. As DMCA enforcement gets more draconian, more people are starting to turn to the likes of Tor to get their Game of Thrones videos. The corporations are out ahead of it for a change. Look for innocuous legislation to be introduced in 2016, perhaps as a rider to a funding bill, that will quietly make running darknet nodes illegal. President Trump will quickly rubber-stamp the legislation. We'll probably be none the wiser for a couple of years, until the DOJ conducts a number of rapid-fire raids and dismantles the network in the USA.
  
  --
  I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
2. Re:I see a problem. by gweihir · 2015-08-11 01:22 · Score: 1
  
  Right on the mark. And that is why the stated goals are rather obvious lies.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
ah, the moronic slippery slope argument by circletimessquare · 2015-08-10 08:57 · Score: 1, Insightful

because we take enforcement action {X} against {Y}, then enforcement action {W} against {Z} in inevitable
try these on:
"we can't legalize marijuana, because then we have to legalize methamphetamine and heroin"
"we can't legalize gay marriage, because then we have to legalize marrying the dead and marrying animals"
do you see the problem? good, then know yourself: the slippery slope argument is failure, appeal to emotion, fear
the slippery slope only works if you are dealing with people who never actually think about different topics involved
but we do think, and we can tell the difference, and the difference matters
i don't understand how people like you get to sleep knowing police stations exist. of course police have problems that need fixing, but without police you have chaos. but the way fear addled slippery slope thinkers think, it's as if the existence of police stations means extreme autocratic martial law is inevitable
actually the police station is a good analogy to your "complaint." that someone with access to the hashlist puts pictures of his ex girlfriend on it is simply an individual abuse, meaning that individual needs to be punished. it isn't a valid argument against the existence of the list. much as with the police: the existence of bad apples doesn't mean the entire existence of police is in question, it simply means we have to do a better job of kicking out the bad apples
the simple truth is the the slippery slope argument is a logical fallacy that depends upon appeal to emotion: irrational fear, rather than reason and coherent thought
anyone who ever makes a slippery slope argument is simply identifying themselves as someone who wants to lose an argument, and strongly suggests their opinion is derived from fear rather than logic, and is therefore invalid and can be discarded

--
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
THE DARKNET by Gliscameria · 2015-08-10 08:58 · Score: 2

The media really makes it seem like nothing happens on the darknet other than child porn and terrorism. It's fitting that they really push this at a time when a more usable darknet should be very attractive to most people. Your IP address, cookies, device ID, browswer ID, OS ID, various logins are all being cross referenced. Your professional work 'searches' are going to be put in a pile with the rest of 'it'.

--
X
Justice system by Anonymous Coward · 2015-08-10 09:06 · Score: 0

They are victimized again when someone views it. Imagine if you were abused and had those photos spread around. How would you feel? Even if production were made illegal if it weren't already so, someone would just have to make it once, perhaps in a country with looser laws.
Because it's sexual in nature, it makes it worse. We don't find people filming murders for sexual gratification. If that were the case, then that could very well become illegal too.
If that argument isn't good enough, consider if the copyright were held solely by the victim. Then at the very least, it could be illegal in the same way someone has a bootlegged video of a movie.
The only contention we should have is what kind of punishment it should be. I don't think lengthy prison sentences does anyone good assuming it's not a deterrent for pedophiles seeking child abuse images. Voluntary treatment in exchange for a shorter sentence or probation for possession of child pornography should be considered. The same thing could probably be said for the war on drugs.
Treating Pedophiles: Therapy Can Work, But It's a Challenge
It's time to reconsider how we treat pedophiles
Pessimism about pedophilia
1. Re:Justice system by AJWM · 2015-08-10 12:32 · Score: 4, Interesting
  
  We don't find people filming murders for sexual gratification. If that were the case, then that could very well become illegal too.
  Although fake kiddie porn is just as illegal as the real thing, filming fake murders for others' gratification (hopefully not sexual, but who knows) is big business. Hollywood makes billions on it. Ditto first-person shooter games.
  Something is screwed up somewhere.
  
  --
  -- Alastair
2. Re:Justice system by kaur · 2015-08-10 22:12 · Score: 1
  
  Broadcasting about real murders is also big business. What are cnn.com or fox news about? Wars and crime. Humans ENJOY watching or reading about the distress of other humans. Taking one particular piece of distress and making it illegal seems... illogical.
3. Re:Justice system by Anonymous Coward · 2015-08-11 01:10 · Score: 0
  
  Although fake kiddie porn is just as illegal as the real thing,
  Child pornography laws in the United States - Wikipedia, the free encyclopedia
  Legal status of cartoon pornography depicting minors - Wikipedia, the free encyclopedia
  
  However, in the 2008 Christopher Handley case, a judge overturned parts of the PROTECT Act as unconstitutional while charging Handley with a lesser obscenity charge.
  
  Currently, such depictions are in a legal grey area due to parts of the PROTECT Act being ruled unconstitutional on a federal level; however, laws regulating lolicon and shotacon differs between states; several states have laws that explicitly prohibit cartoon pornography and similar depictions (such as video games in the state of New Jersey), while others usually have only vague laws on such content; in some states, such as California, such depictions specifically do not fall under state child pornography laws,[58] while the state of Utah explicitly bans it.[59]
  
  Due to the fact that the definition of obscenity differs between states, the legality of lolicon and shotacon depends on the community; in several states, there are clauses that state that for something to be deemed obscene, real harm must be done or the child depicted must be someone that exists in real life, while other areas may specifically allow unrealistic "cartoon" depictions but prohibit more "life-like" depictions. Some states may have heavy penalties on such material but only ban depictions of minors under 16 years of age (Arizona and New Jersey), while others may decide to ban it altogether.
  Iowa Collector Charged for Allegedly Obscene Manga (Update 2) - News - Anime News Network
  I was going to blockquote some stuff, but just read the above. It's short enough.
  Appeals Court Backs Prison for E-Mail Obscenity | WIRED
  
  Whorley was convicted in 2006 and sentenced to 20 years in prison, in part for possessing genuine child pornography. But the Justice Department — perhaps sensing a chance to smuggle bad law onto the back of an unsympathetic defendant — also charged Whorley for having unsavory manga under the recently-enacted Protect Act, which outlaws obscene cartoons depicting minors engaging in sexually explicit conduct.
  
  More surprisingly, prosecutors charged him under an older statute outlawing the possession of “any obscene, lewd, lascivious or filthy book, pamphlet, picture, motion-picture film, paper, letter, writing, print or other matter of indecent character” as defined by a jury. That violation was for writing out his sexual fantasies involving children, and e-mailing them to like-minded internet friends. Though Whorely is apparently a pedophile, the law applies to any obscene content.
  
  In 1969, the Supreme Court ruled that Americans have the right to possess obscene material in the privacy of their own homes. But trafficking in such goods through interstate commerce — which today includes the internet — is illegal under that ruling.
  Notice the ones which mention a plea bargain.
  PROTECT Act of 2003 - Wikipedia, the free encyclopedia
  
  The first conviction of a person found to have violated th
Links by Anonymous Coward · 2015-08-10 09:08 · Score: 1

Sorry about that. I didn't format them correctly.
Treating Pedophiles: Therapy Can Work, But It's a Challenge
It's time to reconsider how we treat pedophiles
Pessimism about pedophilia
1. Re:Links by Anonymous Coward · 2015-08-10 22:12 · Score: 0
  
  And don't forget the more satirical take on the issue:
  Brass Eye Episode 07 - Paedogeddon! (Special)
I have to agree in part... by pruedz · 2015-08-10 09:11 · Score: 0

As I posted here a while ago I find this just an excuse. Just like the tale "The King's new Clothes", the tale where two weavers trick a King saying that they made a suit that only intelligent people can see. The king's wife, counselors and ministries, that can't see a thing, all pretend to see just to not look stupid. The King then parades around the town, where the townsmen all praise how beautiful the new clothes are, just for a kid in the crowd yell that the King is naked. That is exact the same situation, this is just an ineffective way to fight child abuse, but anyone want to disagree to not look like a pedophile...
1. Re:I have to agree in part... by Anonymous Coward · 2015-08-10 09:17 · Score: 0
  
  Is it government mandated?
  Will other online companies have to follow suit?
  Could it be that they just want to make it harder to find for those seeking it out?
2. Re:I have to agree in part... by Anonymous Coward · 2015-08-10 22:45 · Score: 0
  
  >Is it government mandated?
  No, it's from an "independent" party that want regulate the Internet.
  >Will other online companies have to follow suit?
  No. And I hope not.
  >Could it be that they just want to make it harder to find for those seeking it out?
  No. No one looks for CP on twitter or facebook. Those companies just want to give you the impression that they are doing something about, while spying on you.
  >It helps fight child abuse?
  No.
  >It servers as an excuse to spy at people?
  Yes.
  "Hey, let me check all you traffic data, just to be safe that you are not sharing CP, ok?"
Old News by Anonymous Coward · 2015-08-10 09:24 · Score: 0

Facebook, Google, and others have been doing this for a number of years now. It's nothing new, but it's still a bad idea.
Of course, it doesn't seem like a bad idea until you take gray areas into account: Subjects that look like they're under 18 aren't always minors, and minors don't always look like they're under 18. Unless the database is based on images of confirmed minors being abused, the database is certain to contain legal images among the illegal ones. There's also the question of what, exactly, constitutes pornography. Nudity involving minors is generally not illegal unless it meets certain criteria, but those are often in the eyes of the beholder. It's likely that a lot of images in the database will fall under the category of "I know it when I see it", which is a terrible standard for automatic blocking of potentially legal content.
This is going to....omg by TheCarp · 2015-08-10 09:31 · Score: 1

I have trouble poking technical holes here since, fundamentally the idea of using a hash table is somewhat sound, its used all the time for UUIDs, theres plenty of uniqueness right? I guess maybe we can rule out collisions for the most part....hell maybe pair the hash with a file size?
If we are talking such tried and true technology and not some recently invented "photo hash" that I wouldn't have any faith in the uniqueness of....
but then the implications of just having such a system means things can be injected into it. What do you do when the file you search for comes up blocked as CP? Do you investigate further or do you run away screaming? What happens when a hash gets added that shouldn't be there? Will they keep a library of original files to really check against?
Drop a key, and the internet is effectively censored.....is not how I envision the net I want to live on.

--
"I opened my eyes, and everything went dark again"
1. Re:This is going to....omg by KermodeBear · 2015-08-10 12:09 · Score: 1
  
  Not to mention that if they're just storing hashes, that a tiny change will generate a completely different hash. Change one pixel, by a single bit, and you have a different hash. Change the resolution, change meta-data, crop out a row or column, etc., etc., a service that serves up the images could do this automatically every time it displays an image.
  There's lots of ways around this, including only sharing content with trusted people via sneakernet if it comes to that.
  It sounds spiffy to the average person, I'm sure, but when you get into the ability to enforce this kind of a thing, the target will adapt and adapt quickly.
  Then there's issues of false positives. The keyspace of hashes is not infinite. There will be collisions. The probability of a collision may be small but it is not zero. Even GUIDs are not unique.
  
  --
  Love sees no species.
2. Re:This is going to....omg by KGIII · 2015-08-10 15:00 · Score: 1
  
  These are, and correct me if I am mistaken, hashes of the images as seen by image recognition software and takes other values into account. Changing a little bit of the image will not change what the image looks like, in general, and the image recognition software will have the same hash value. Even if you add borders, crop some out, and resize it - the image still looks the same and that is what the hash is based on (as well as other things - I assume). This is not like a MD5 where you can just unzip, change a date, compress, and have a new checksum.
  
  --
  "So long and thanks for all the fish."
3. Re:This is going to....omg by Anonymous Coward · 2015-08-10 20:32 · Score: 0
  
  That's why there are a lot of techniques and tools to pick up these similar images...
  It's not just MD5 and SHA-1 hashes, there are also PhotoDNA hashes, and these folk also use various digital image forensics tools that correlate images for similarities. Like 'this similar architectural feature appears in these 60 images' similarities, like trying to identify and locate a crime scene.
  I know cops are usually portrayed as dump donut eating fatties, but they're not always like that ;)
4. Re:This is going to....omg by TheCarp · 2015-08-11 02:02 · Score: 1
  
  So maybe you missed it but....that doesn't make me feel better, in fact, I find the idea of the mass application of something so new as a pretty frightening prospect.
  
  --
  "I opened my eyes, and everything went dark again"
5. Re:This is going to....omg by KermodeBear · 2015-08-11 10:43 · Score: 1
  
  That doesn't make me feel better either. So instead of matching on exactly the same image, it is going to flag "yeah, it's kind of like that"? Not a fan.
  
  --
  Love sees no species.
False positives and work-arounds by davidwr · 2015-08-10 10:15 · Score: 1

If there are more than a few isolated false positives Google will have to backtrack.
Also, if this hits the file-traders where it hurts - and it probably won't because if the file-traders are smart they don't care about Google etc. - then they will find a work-around. I can think of any number of work-arounds that would be very hard to counter without greatly increasing the number of false positives.

--
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
getting paid to watch child pornography by BradMajors · 2015-08-10 11:55 · Score: 1

Who are these people who get paid to watch child pornography all day? (i.e. The people who classify the images.)
There are some experts in this area who would be willing to offer their services for free to help Google out.
1. Re:getting paid to watch child pornography by Anonymous Coward · 2015-08-10 14:40 · Score: 0
  
  It's a horrible job where you shift through images as fast as you can for pennies. You get all reported media. Extreme gore, shit play, death videos, etc...
  The FBI and police are the ones who get the time to look at the images. So go join law enforcement as another corrupt cop.
Who writes headlines at Slashdot?! Monkeys? by wwalker · 2015-08-10 13:01 · Score: 1

It says Google etc. to block "Hash Lists". That means they are against it, right? What did "hash lists" do anything to anybody?
Bogus rationale against slippery slopes by Anonymous Coward · 2015-08-10 14:26 · Score: 0

You're confusing logical arguments based on slippery slope as a fallacious logical form with slippery slope predictions based on observation and assigned probability.
"Give X an inch and they'll take a mile" is a rule derived through repeated observation of X followed by assignment of probability about what is likely to happen when the same conditions arise again. It's a perfectly rational probabilistic prediction, and it has absolutely nothing to do with using logic of the same syntactic form in a vacuum, devoid of any prior observations and accumulated experience.
You might want to ponder the fact that you've tried to make an argument against use of a fallacious logical form, but sadly your own argument is based on a flawed premise because you didn't understand the argument that you are criticizing. In the circumstances, here's another rule derived by observation which you should learn: "People in glass houses should not throw stones."
1. Re:Bogus rationale against slippery slopes by circletimessquare · 2015-08-10 15:26 · Score: 1
  
  The only thing I learned from your comment is that random italics reads as douchey as people who randomly emphasize in their speech, attempting to sound authoritative but winding up seeming pedantic and pretentious.
  That's an emotional argument. Which is the only thing your comment requires, as you didn't even touch the substance of my comment.
  
  --
  intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
2. Re:Bogus rationale against slippery slopes by Anonymous Coward · 2015-08-10 23:24 · Score: 0
  
  The parent called you out for a false premise in your argument.
  Your counter was to criticise the use of italics (a red herring founded on an unsubstantiated assertion, containing strong appeals to emotion but entirely empty of reasoning) while leaving the actual argument untouched, which is a logical fallacy in your counter.
  It seems that the parent was being generous with you. You have a very poor command of logic altogether.
Re:This is an attack on speech; Utterly futile for by Anonymous Coward · 2015-08-11 01:13 · Score: 0

Well said. Unfortunately, this evil and underhanded tactics still work well on the general population.
I always question this... by Anonymous Coward · 2015-08-11 02:24 · Score: 0

We sadly live in a time when drawings classify as "child abuse," which is borderline retarded.
Assuming they're talking about photos of children involved in sexual situations, that's fine.
But I can't help question how far this would erode freedom of artistic expression. (Esp. since the British hate that.)
Stop abusing hash algorithms by Anonymous Coward · 2015-08-11 04:12 · Score: 0

Hashes do not, and were never intended to, uniquely identify a file. Particularly when the file is much larger than the hash.
A hash has one purpose, and one purpose only. For a given file with a particular hash, it should be very difficult to generate a modified file with the same hash.
In particular it should be exceedingly difficult to generate a modified file with desirable characteristics for the attacker (eg: modified account number) that matches the same hash.
From a security point of view, it's OK to generate a completely random, but useless, file that matches the same hash. But disastrous if an attacker can substitute another text message that benefits the attacker.
With that in mind, realise that hashes are not necessarily designed to stop random collisions, but designed to stop almost the same but slightly different collisions. From the point of view of image matching, that's the opposite of what you want. (ie: you don't care about completely different images, but care about images with a single pixel difference)
1. Re:Stop abusing hash algorithms by plover · 2015-08-11 14:17 · Score: 1
  
  You're missing the purpose of the digest as it is being used by Google. They are not being given cryptographic hashes, and they are not trying to assure anyone of the integrity of the file. These hash digests are being used only as an index to perform comparisons without needing to keep the original files around. Think "java HashMap", not SHA-1.
  When they find a matching value, Google doesn't try to do any other comparisons or investigations. They blindly zip up the file and log information, then turn it over to a qualified investigator. The investigator determines if it's a false positive, at which point the evidence is deleted, or if it warrants further investigation.
  
  --
  John