Anti-Terrorism Hypothetical: Bulk Scanning of Hosted Files?

An anonymous reader writes: The tech community has spoken: we don't want the NSA or any other government agency running bulk surveillance on us, and we don't want tech companies to help them. But Bruce Schneier points out an interesting hypothetical raised by Harvard Law School professor Jonathan Zittrain: "Suppose a laptop were found at the apartment of one of the perpetrators of last year's Paris attacks. It's searched by the authorities pursuant to a warrant, and they find a file on the laptop that's a set of instructions for carrying out the attacks. ... The private document was likely shared among other conspirators, some of whom are still on the run or unknown entirely. Surely Google has the ability to run a search of all Gmail inboxes, outboxes, and message drafts folders, plus Google Drive cloud storage, to see if any of its 900 million users are currently in possession of that exact document.

If Google could be persuaded or ordered to run the search, it could generate a list of only those Google accounts possessing the precise file — and all other Google users would remain undisturbed, except for the briefest of computerized 'touches' on their accounts to see if the file reposed there." Zittrain asks: would you run the search? He then walks us through some of the possible complications to the situation, and the pros and cons of granting permission. His personal conclusion is this: "At least in theory, and with some real trepidation, I'd run the search in that instance, and along with it publicly establish a policy for exactly how clear cut the circumstances have to be (answer: very) for future cases to justify pressing the enter key on a similar search." What would you do?

And what about false positives?

[Z00L00K]

What about false positives - like if a document has been mass-mailed or put as a part of a story etc.?

I an imagine that we would end up into a situation of "guilty unless proven innocent".

Re:And what about false positives?

If scanning the files wouldn't help to make things worse like, infecting everything with a zombie virus, the just go super clueter scanning all that personal stuff... And all of that are just stuff about cats, random life (and the comedy about everything that exists, that is, 50%).

Re:And what about false positives?

[DaHat]

Nice conclusion jumping you've got there, you missed something though...

Possession of such a document is little different than having a digital or dead tree version of the Anarchist Cookbook (the buyers of which I'm sure Amazon could be compelled to release to investigators).

It would simply mean that such owners might get a second or third look to see if they are up to anything else that seems fishy, maybe even get a few extra screenings at the airport and digital checks to see if you've been chatting with any suspected/known terrorists... if so, then things could difficult for you.

I'm sure the RIAA/MPAA would also like the tech companies to use such an ability for themselves, do a search for all copies Let_It_Go.mp3 with a given hash that was known to have been on a file sharing site and send them each bills... however neither means you are criminally or civilly liable.

Re:And what about false positives?

I wouldn't do it. But if it was gonna be done:
Make the whole thing as public as possible.

Have an tech-literate person, who is not a public official and not an employee of the Google or whomever the network belongs to. Print as much of the results as possible, without revealing private info. I don't know what, but make it as TRANSPARENT as possible.

And then don't do it again.

captch: righting

Re:And what about false positives?

The feds don't care about that book. Most everything in there is dangerous to ones self or out-right bullshit.

Re:And what about false positives?

Nice conclusion jumping you've got there, you missed something though...

Possession of such a document is little different than having a digital or dead tree version of the Anarchist Cookbook (the buyers of which I'm sure Amazon could be compelled to release to investigators).

It would simply mean that such owners might get a second or third look to see if they are up to anything else that seems fishy, maybe even get a few extra screenings at the airport and digital checks to see if you've been chatting with any suspected/known terrorists... if so, then things could difficult for you.

I'm sure the RIAA/MPAA would also like the tech companies to use such an ability for themselves, do a search for all copies Let_It_Go.mp3 with a given hash that was known to have been on a file sharing site and send them each bills... however neither means you are criminally or civilly liable.

Were you to have a copy of the plans for conducting an actual terrorist attack that happened, you had the copy before the attacks happened, and that document had limited circulation of say 50 people or so - that'd be pretty damning evidence.

Captcha: implicit, quite apropos

Re:And what about false positives?

As far as I have observed, there are 2 cases:
1. Document is open to everyone. Nobody gives a sh!t. Until something happens.
2. Instructions are never shared by documents via Google.
  a. There is a story about muslim woman, who entered US with USB stick, she wanted to hide.
  b. Other case I've read is about documents encoded in other files, like porn video. It might even be possible to share a link to that video - no google is needed.
From what I gather, since most advanced muslim terrorists are not using Google to share instructions, or use encoded messages, most probably NSA already has access to search Gmail messages. I have embraced that possibility, so hypothetical or not but if you are Google, you can do that easily - at least that's the way how their advertisement scripts should work... ;)

Re:And what about false positives?

[l0n3s0m3phr34k]

I'll second that; a friend of mine bought a copy at a gun show back in the late 80's. When even THAT book says "be careful", what it really means is "this substance is so unstable if you sneeze near it it will go off, your amazingly lucky that you managed to finish this without blowing yourself up".

Re:And what about false positives?

[DaHat]

Were you to have a copy of the plans for conducting an actual terrorist attack that happened, you had the copy before the attacks happened, and that document had limited circulation of say 50 people or so - that'd be pretty damning evidence.

"Sure I knew Ahmad, good guy, our families hung out. I remember him talking about these things but never thought him serious, I thought it was all just a joke. When it finally happened I was scared that I would get blamed so didn't tell anyone."

What are you going to charge with now? Remember that the burden of proof falls on the prosecution.

Re:And what about false positives?

The Fourth Amendment was written precisely because we didn't want people trawling through our lives looking for things to hang us for.

That we seriously consider "hmm, maybe it's not so bad to search millions of innocent people for criminal tendencies" is a condemnation of our society.

Re:And what about false positives?

[ihtoit]

when someone is charged with something (England) what it usually means is that the State has enough to convict. This is one way to save money - the State won't waste it charging someone without evidence. This decision is on the AG, not the police and not on any judge. Assurance of conviction is also their way of fudging the conviction rate. It's only when something unexpected happens - surprise witness for the defence, or sudden and confirmed alibi - that the accused is cleared. ~When a conviction for eg murder is quashed on appeal or when "new" evidence comes to light provving the innocence of the person convicted, it hits the headlines because well, the system isn't perfect. The truth of the matter is, no the system isn't perfect because it's designed that way. It doesn't follow the maxim "innocent until proven guilty*", it follows the one that says "We'll hold you until we get enough on you or you confess, then we'll humiliate you then we'll jail you."

*Magna Carta carries within it the guarantee that every man accused of a crime shall be tried by a panel of his peers. A police investigation isn't a trial by your peers, that's the State making to ruin you. The punishment is already happening right there, whether or not a crime has been proven.

Re:And what about false positives?

[ihtoit]

yes, it describes the circumstances in which a search may be performed: a search must be for a certain thing in a certain place (a gun that's been recently fired the police have reason to believe you're in possession of because they have a registry that shows you do, that they think might be hidden under the floorboards?). Otherwise, says the 4th, "leave we free people the fuck alone!".

Hence to the Fifth: no man shall be compelled to testify against himself. *Unless on a presentment or indictment of a grand jury*.

Re: And what about false positives?

[Entrope]

That isn't what the Fifth Amendment says. At all.

Re: And what about false positives?

You should have stopped at the first sentence. It should never be done. Nothing makes that kind of intrusiveness worth it.

Re:And what about false positives?

[sumdumass]

Damning evidence of what? That I was writing a book and something in real life happened that looks strikingly similar?

Here is the problem. If you can think of it, I can think of it. We may be motivated to think of it differently like I may be intending to write the plot line of a book or movie and you may be interested in taking everyone's freedom away.

Now I have seen all sorts of things like tools modified for specific tasks that someone has been using for years and find out later that some company noticed the same concept and is actually marketing the same thing. In high school, there were several literature projects we had to do where we created fictional stories around specific real life events and give presentations on them. Several of the presentations were near identical to rough drafts I had made and after chatting with people, we all had thought of the same basic things but chose to go in different directions for whatever reason. I mean there are more then one ways to skin a cat but in the end, anyone trying to skin a cat will either fail or pick one of the methods that work.

Re:And what about false positives?

Doesn't mean that the book has not been used like a black cat at a witch trial.

Re:And what about false positives?

[shubus]

One can easily imagine a new form of terror--the creation of mass "false positives" - which get you on a list which you can never get off--just like the "no-fly list".

Re:And what about false positives?

[khallow]

Damning evidence of what? That I was writing a book and something in real life happened that looks strikingly similar?

If your book matches word for word instructions for carrying out a criminal act and you pulled out that story, there's a good chance you could get convicted on that basis alone.

But if they're just as you say searching for stuff that is just similar then there's going to be a lot of false positives.

Or maybe they don't even do that and just scoop up everyone who has documents with particular keywords or sentiment. This global searching opens up a huge can of worms.

Re:And what about false positives?

[vux984]

Damning evidence of what? That I was writing a book and something in real life happened that looks strikingly similar?

No... that you actually had a copy of *the* Word document the terrorist cell had circulated within its members prior to the attack. The one that said what to wear that day, the reminder to remain calm, how to react if the police stopped you, whatever and etc. A word for word document with a particular hash, that was searched for by the hash.

Unless the book you are writing is LITERALLY the blueprint document used by the terrorist cell to commit its attack your name isn't going to come up.

Several of the presentations were near identical to rough drafts

Even just the paragraphs being off, is going to make it a different document. Hell, if it was a Word document, even if two people created a blank document in the same version of word, typed the exact same things, and closed the file, they'd be different due to differing meta data that Word records by default. (Modification dates, username, etc.) The premise is to identify people who have the EXACT same file. As in person A sent it to person B,C,D,E via an email attachment or file sharing site.

Re:And what about false positives?

[sumdumass]

Exactly. And it is wrong.

A lot of people who commit crimes search the interweb for directions on how to commit at least parts of their crimes. Most high profile crimes have "their computer search history" as an element of evidence against them.

So lets say I put up a short story on how to rob a bank. I imagine every possible way and come up with something that sounds fool proof. So some terrorist wannabe finds it online or through some infection leaking documents from my computer and thinks it is fool proof also. He takes a copy and uses it as a blue print to rob a bank in order to pay arms dealers for his biological weapons (who turn out to be FBI agents pawning mycelium spores).

It will server more trouble than any security and it will likely do it to innocent people. It will likely carry a bunch of false positives and because people like to brag about how cool their special police work is, it is likely to ruin the reputation of anyone investigated beyond repair. I mean would you hire, date, or let your kids socialize with someone (or even relatives of them) who was arrested in connection to some terrorist organization?

Re:And what about false positives?

[martin-boundary]

Yes, exactly. That's what guilty unless proven innocent means. A presumed innocent party wouldn't be taken in for a second or third look. The second and third look are needed to prove their innocence. If they don't pass the criteria for the second and thirds, then they are considered guilty.

Re: And what about false positives?

Hold on, extra checking is only warrented if posession (digital or dead tree) is itself a criminal offense.
Juat because I happen to have the same doc (legal because not criminal) shouldn't permit extra-legal digging through my trash. Ask me questions like a traffic stop, sure. Cops don't get 'extra' rights because I happen to have a file that Google reported (unless possession itself is a crime, like child porn).

Re:And what about false positives?

The drivers who helped one of the terrorists has been asked to be released by his lawyer because it was a false positive. He just was a driver 'after' the attacks and didn't even know about the attacks. Since there is no proof these guys should be set free, so currently my country is doing something illegal. Lawyers are already preparing a case where they don't only demand the release of members of this terrorist organization, but even ask a compensation for emotional damage that runs into the millions.

These guys who helped killing those innocent people are now held in prison unguilty but they can't be proven to be guilty. There is no law against picking up friends. But what should you do in such a case? Are they really just innocent young people who just happened to be in Paris and happened to come along their friend with a weird belt and than just decided to drive him home, but not his home, but his hide out, of which they didn't know anything?

We live in strange times, and have never had to face trigger happy terrorists. The liberal laws that exists since the 50's/60's didn't know about this kind of threat. We were a pure European society, but have since those laws were set in stone been importing massive amounts of people from a completely different culture. These liberal laws have no effect on some expats of this new culture. Tens of thousands of woman have been raped over the last 20 years, and most of the time (9/10) nobody got arrested because of this 'false positive' that protects perpetrators instead of victims. When a gang has raped a woman and passerby's just claim that it is the fault of the woman (because of course she isn't covered from top to toe), than all the suspects have to be set free.

Just look at the problems in India. People don't know how to handle the waves of rapes and just take justice in their own hand. Our society has no weapons against this kind of violence (just look at recent attacks in Cologne), and perpetrators are even protected by the Political Correctness Squad (again look at Cologne and Sweden, where police, media and politicians covered up the stories).

What has been happening lately is that many acts of violence go unsolved because some expats of a minority misuse the liberal laws of the 60's and feed a growing beast: Extreme right. Unfortunately in my country extreme right is at 28% (despite being banned from joining a coalition). Our media and politics is still in a state of denial, even today we had to hear that it was just the average man (like me) who rapes woman and not some of the man of a non integrated group of a particular culture. Now we have to endure all those how to handle a woman messages who go unseen by the real perpetrators because they don't even speak the language and only watch Arabian television. And the Political Correct monster is feeding an even greater threat by this denial: Extreme Right. The biggest victims of extreme right will be the majority of immigrants who are well integrated who respect our laws, who don't even think about raping woman or joining gangs. Political Correctness tried to protect these immigrants, but are instead their greatest treat...

Re:And what about false positives?

[squiggleslash]

They're not looking for evidence to convict, they're looking for evidence to investigate. Possession of a limited circulation file would be a reason for {Anti-Terrorist Agency} to suspect a person and investigate them, and possibly evidence enough for warrants and court orders to obtain more evidence.

Re:And what about false positives?

[Z00L00K]

Unfortunately when the 4th was written it was at a time when electronic records and similar things didn't exist and electricity was just a curiosity.

Re:And what about false positives?

[davester666]

nope. with terrorism, the tables are flipped, you have to prove you are innocent.

As a bonus, you get to do it by yourself, in a cell in another country, because the President or some adviser of his believes you are an imminent threat to life on Earth.

Re:And what about false positives?

[davester666]

Thankfully, the gov't is ignoring the Magna Carta even more than it is ignoring the Constitution.

Re:And what about false positives?

[davester666]

Just an easy way to find more people for the watch lists.

Re:And what about false positives?

[khallow]

What's the point of a watch list when you're going to watch everyone anyway?

Re:And what about false positives?

[davester666]

Easier to sell "we're only watching people on the list", instead of "we're watching everybody".

Re: And what about false positives?

[ihtoit]

yes, it is.

I quote:
"No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a grand jury..."

When you "take the Fifth" you are refusing to answer on the grounds that to do so would incriminate yourself.

Re: And what about false positives?

[Entrope]

Yes, but the privilege to not testify against oneself in a criminal trial is unconditional. You originally wrote that it was lost "on a presentment or indictment of a grand jury". It is not, and the Fifth Amendment is clear about that.

Re:And what about false positives?

[KGIII]

I don't know where you live but I live in the US. I also, currently have a safe with six-figures in it. It's usually in my trunk but it's safe in my house here in Florida right now. If caught, and if they've probable cause, they can find and open that safe - with or without my permission. If they find that cash they will take it.

To prevent this, in that same safe are two .22 pistols, a CWP, and a back statement which one fills out if they withdraw that much money. The excuse on my paper (there's a reason section) is that I'm on wanderlust and may with to buy something along the way or need emergency funds. I learned this the hardware after a journey into Kansas. Money, it seems, is guilty until proven innocent. I can only imagine the trouble I'd have been in when I paid for a huge bunch of land using a couple of credit union issued suitcases.

Re:And what about false positives?

[Agripa]

What about false positives - like if a document has been mass-mailed or put as a part of a story etc.?

I an imagine that we would end up into a situation of "guilty unless proven innocent".

People who find themselves on the Terrorist Watch List which denies them various rights can always spend a decade in court getting themselves removed like with the current No Fly List. Then the government can add them again.

Re: And what about false positives?

[ihtoit]

I repeated myself, and yes it is. You cannot refuse to answer a question when on Oath, even if to do so incriminates you. At any other time you can refuse, as is your Constitutionally protected right.

You seem to have a problem with that.

Re: And what about false positives?

[Entrope]

The verbiage about being "held to answer" lays out the prerequisites for being tried for a felony, not for being obligated to testify. The bit about self-incrimination is towards the middle of the Fifth Amendment: "nor shall be compelled in any criminal case to be a witness against himself". A defendant or witness can waive his right to self-incrimination, for example by testifying about some sufficiently related fact, but if he has not waived that right, can refuse to answer questions that would incriminate him even if he is under oath. See, for example, https://www.law.cornell.edu/we... for an elaboration of these points.

Why just Gmail? How far do you want to go today?

[duguk]

Other email providers exist, which ones do we force or ask to scan all their documents?
Do we force companies to scan theirs too?
Get developers to add backdoors scanners to all their software?

This isn't a new problem.
Even though it's hypothetical, it's still dumb.

What else is searched for

[joe_frisch]

Once the government has the ability to scan files belonging to hundreds of millions of users for a specific document, it might be easy to broaden that. Searches for similar documents. Searches for a standard set of illegal materials - say known child porn images. Searches for copyrighted materials like movies and audio.

Specifically searching for a specific document with a known like to terrorism doesn't bother me, but the extensions do. I absolutely do not want to give the government the right to search for anything illegal - and I don't see a clear way to enforce the distinction.

The innocent have nothing to fear, but there are few absolutely innocent people

Re:What else is searched for

[WoOS]

Yes, just imagine an alternate relaity in which Donald Trump becomes president, enforces his "Scare the Muslims away" policy by requiring them to wear clearly visible marks on their clothing and the document being a call for civil disobedience telling among other things how to produce markers which look OK but will not be visible for automatic surveillance cameras.
Obviously everyone forwarding such a document is not a law-abiding citizen but a prospective terrorist and needs to be found and detained.

Re:What else is searched for

Child porn is already searched for in this way. The major companies are given lists of hashes and anything matching those hashes are blocked and reported to the government. It would be illegal for the government to do this itself, as it would need a warrant, but private companies can do whatever they want with their data and they get paid for it. Why do you approve privacy for child porn and not terrorism? Surely some child porn is terrorizing to the kids.

Being innocent means nothing. It protects you from nothing.

Re:What else is searched for

[DaHat]

Searches for a standard set of illegal materials - say known child porn images.

Some services already do that to try to uphold their terms of service: http://venturebeat.com/2012/08...

Re:What else is searched for

Muslims already wear clearly visible indications of their religion in the manner they dress (religiously dictated) -- you don't need an alternate reality or Donald Trump for that.

Islam is a Religion-State -- their goal is wold domination by any means -- this is the critical difference between Islam and other religions:

Christianity: domination of the entire globe by word-of-mouth, example and metaphysical enlightenment.

Judaism: domination of a 300 x 50 mile piece of desert by any means necessary

Islam: domination of the entire globe by any means necessary.

Re:What else is searched for

[Alwin+Henseler]

Once the government has the ability to scan files belonging to hundreds of millions of users (..)

Depends on who does the searching, read: who determines how exactly that search is done. Compare with the situation where somebody wants your help in looking up something on the internet. There is a significant difference between:

a) You being handed a clue on what to look for, followed by you using your own computer / software / internet connection to look for answers, and hand back results. Versus

b) You stepping aside, and letting the other person use your computer / software / internet connection to look for answers. Possibly with little supervision if any.

In the case of a), you have full control over how the search is done, where files go etc, and you see what's happening. In the case of b), you don't. While you're not looking, the other party may do something you wouldn't approve of, quickly save other/unrelated files on an USB stick etc. You'd either have to permanently look over that person's shoulder to watch what is being typed or clicked, or you'd have to trust that person but -in the end- simply not know what (s)he did.

As user/client of a number of internet companies, I have few problems with governments submitting requests for assistance to a company, company judging those request(s) for their merit and legal standing, and providing answers to such requests where deemed necessary or 'the right thing to do'. After all, as user/client of that company you place -some- trust in them. Likewise, you choose what company you trust in which way, and what data you hand to each.

But I have a lot of problems with governments being provided uncontrolled access, backdoors / data taps etc (both for stored data and communication lines), with little/no supervision on what is being looked for, how, where results go, or how long that's stored in 3-letter agency's archives.

Re:What else is searched for

[Sique]

As I have several muslim acquaintances, I can tell you: You are wrong. Just because there are some muslim who wear certain dresses, it does not mean all of them do. None of my acquaintances does. And certainly none of the muslim classmates of my children does, just the mother of one of them.

Christianity dominated the entire globe by means of conquest and colonialism and killing everyone not wanting to convert.

So in general, you have a strong opinion about muslims, but a weak knowledge.

Re:What else is searched for

[eth1]

Once the government has the ability to scan files belonging to hundreds of millions of users for a specific document, it might be easy to broaden that. Searches for similar documents. Searches for a standard set of illegal materials - say known child porn images. Searches for copyrighted materials like movies and audio.

Specifically searching for a specific document with a known like to terrorism doesn't bother me, but the extensions do. I absolutely do not want to give the government the right to search for anything illegal - and I don't see a clear way to enforce the distinction.

The innocent have nothing to fear, but there are few absolutely innocent people

Use of public/private key crypto could make it possible for the authorities to do this kind of search without being able to see the contents of files, or look for "similar" stuff.

If the files stored are encrypted with your public key, only you can see the actual contents; however, the authorities can take a specific file, encrypt it to your public key, and THEN see if any of the files in your account match. They can't go on a fishing expedition to see if something "suspicious" is there.

Unfortunately, a single bit difference in the file would render this technique useless...

Re:What else is searched for

Christianity dominated the entire globe by means of conquest and colonialism and killing everyone not wanting to convert.

Really? Killing everyone not wanting to convert!?!?! That is SUCH a load of RUBBISH. (How did Christianity spread in the Roman empire? How is it spreading now in China? How is it spreading now in Africa?)

You have a strong opinion about Christianity, but weak knowledge.

Re:What else is searched for

Exactly right; terrorism just provides a foot in the door, and the large scale abuse of such a system is inevitable. At this point, the NSA has capabilities and resources far beyond what is reasonable, and is a much greater threat to citizens than any number of terrorists. Furthermore, there are too many laws criminalizing mere possession, and these can be combined to efficiently frame people that are troublesome to those in power, or anyone else so inclined.

Possession laws invite abuse and should not even exist. Criminalizing the relevant acts should be more than sufficient. (ie. Making and distributing child porn, rather than possession of a photograph of such. Consider that any image link on the web or message in your inbox could make you a felon, before you even have a chance to confirm the contents.)

Re: What else is searched for

[guruevi]

It should bother you though. This is akin to a house-to-house search by the government. Your documents are your documents regardless of where you store them. Just because it is digital and therefore easier doesn't mean it's legal, if the cops came by your house everyday or several times per day to search your house for "terrorism", even if they didn't disturb anything and put everything back where they found it would you let them?

Re: What else is searched for

[guruevi]

Both Judaism and Christianity thought the patch of desert they had and later the Roman Empire was the whole world. Both New and Old Testament make reference to "the whole world" being their respectively rightful inheritance and the final war.

Re:What else is searched for

The majority of Nazis were moderate. Most of them did not participate in the war. Very few elites Nazi even knew about the top secret concentration camp. Why do you hate Germans you racist pig!

The "moderate" majority in Islam is irrelevant because there are still millions of them who want us dead. If the "moderate" majority can't grow out of silly cult and reject this abject ideology then they are just as bad as the extremist they are cheering for.

Stop being a Islam apologist. Your 'but but christianity' argument is invalid because they are not doing this NOW, Islam is doing this NOW. Islam is the problem NOW. Fuck off.

Re:What else is searched for

[cavreader]

"Christianity dominated the entire globe by means of conquest and colonialism and killing everyone not wanting to convert. " So this justifies the actions of a small number of Muslims trying to impose their views and lifestyles on the masses? Just how far are you willing to go back in history to weave a chain of cause and effect? The violence and atrocities committed in the name of spreading Islam and the inevitable military reprisals will continue unabated until the people actually committing the violence are blamed for their actions. A bomb goes of in Paris and a sizeable number of people blame French foreign policy instead of those pulling the triggers and setting off the bombs. For every atrocity being committed today the only people not being held responsible for their actions are the actual perpetrators.

Re:What else is searched for

[dsmatthews9379]

" I don't see a clear way to enforce the distinction."
With those skills you should be an IT project manager.
Ever heard of a checksum?

Re:What else is searched for

[currently_awake]

Islam doesn't specify how to dress, there is a huge range of "acceptable" clothing. Their goal might be a global state, but they have shown repeatedly they can't get along. Ex. Iran and Saudi Arabia are both hard core Islamic countries. Christianity did not become the dominant religion of South America by word of mouth.

Re:What else is searched for

[jareth-0205]

Bollocks. And also anyone who modded you up, go fuck yourself.

You are the worst people I can imagine, spreading utter bullshit from no position of knowledge that incites distrust and violence. Try learning about things from a source that isn't full of hatred - maybe if you have opinions about Islam then you should talk to an actual Muslim person. No, I suppose you wouldn't risk that, you probably believe they have lasers in their eyes and can crush your skull with a single swipe of their robotic hands.

Re:What else is searched for

I've got great news for you, you're a racist. Go fuck Trump.

Re:What else is searched for

"As I have several muslim acquaintances, I can tell you: You are wrong. Just because there are some muslim who wear certain dresses, it does not mean all of them do."

You're using a false argument. The original claim was:

the manner they dress (religiously dictated)

Just because N adherents of $religion do not fully follow the religious dictates, doesn't mean that $religion is not actually dictating X (in this particular case, that would mean a specific dress code).

Re:What else is searched for

[sumdumass]

burning at the stake, killing of nonbelievers .

I sure am glad you pointed out that this is happening today and always has happened in the entire history of Christianity. Otherwise people might think that people in power used Christianity to otherwise enact their evil agenda in the way that the road to hell is paved with good intentions (or they were just sadistic tyrants who enjoyed watching people die)...

BTW, can you refresh me on the passages in the new testament that say to go fourth and kill? I lost my list decades ago and have been burned at the stake 3 times now so finding it will be unlikely.

Re:What else is searched for

[dgatwood]

I would hope that they report a hash plus the file size, to reduce the risk of false positives.

Re:What else is searched for

The State of Britain dominated the entire globe -- justifying its actions on religious grounds -- even undertaking crusades to "free" the holy-land.

They were able to do this because the common man was not allowed to read the Bible -- and if they were they might have read "love they neighbor as thyself" or "pray for your enemies" and then wonder why their church was asking them to kill their Turkish neighbors.

Essentially, the State of Britain co-opted Christianity to fulfill some globalist ambitions of their own.

Islam is different, in that while it may be co-opted, it nevertheless advises to "fight until persecution is no more". So while the Crusades were unjustified by the religion used to promote them, Islamic war in all its paths are supported by its source documents if its followers take the time to understand them.

Re: What else is searched for

[sumdumass]

What? lol..

They knew there was more out there than what they were in. In the old testament, the jews were only supposed to be given a small portion of the world and had rules for dealing with gentiles that did not involve in killing or converting any of them. In fact, the jews of the old testament thought they were the chosen people and you needed to be of ancestry so conversion wasn't really a factor.

The Christians in the new testament also knew about the rest of the world (maybe not the Americas) but the roman empire certainly was not the entire world. And again, nothing in the christian bible says kill non believers or anything. In fact, it hints that evil will spread around the world, there will be an Antichrist and all hell will break loose, there will be war and then Jesus will come back and kill everything and take everyone to heaven.

I'm not sure if you even know what you are trying to say but it doesn't come out like anything truthful in reality.

Re: What else is searched for

The difference is (apart from the limited land of Israel and only with Judaism) there is no call to militarize to carry this out. In fact, self-defense takes some very awkward contortions in Christianity to be enacted, having more resemblance to Buddhism regarding pacifism.

The whole world (actually the entire Universe) is the end game for Christianity: but nothing's suppose to be done about that by Christians themselves. The return of the Messiah with angelic warriors en mass is expected to carry that out -- and that's only after everyone on the planet has had the opportunity to hear the Christian message -- and the core of that message is free-choice -- annoying perhaps, but somewhat different from "convert or die".

Re:What else is searched for

Indeed. It doesn't matter what fringe hypothetical case you come up with. Any special access or data collection inevitable creates a desire to use it by more and more institutions.

Re:What else is searched for

That's the problem with people like you. You ASSUME that the more others get to know you, the better they will like you. That is not the only possible outcome. My opinions of several people got worse the more I knew about them.

Re:What else is searched for

The clothing thing was an over-generalization since it only applies to women following Sharia-law. Men would have to keep their beards, but that's a little harder to cite as something entirely exclusive.

Challenging Islamic ideas could get your head removed from your body. From what I have heard they prefer using dull knives: but decapitation using lasers may be a good sign they are moderating.

Re:What else is searched for

[joe_frisch]

Its a legal / political issue, not a technical one. I agree that you could apply technical limits, but I worry that the government could change the rules easily and continuously.

Re:What else is searched for

As a christian I believe you may have a fairly one sided view of our history. Our ancestors (or even or contemporaries) have had little standing between them and the muck you describe as owing only to Muslims. Lest you forget that whole civilizations have been wiped out in the name of Jesus or acting with violence against "the other".

If anything is fair it is safe to say that all religion historically has cause as much if not more violence and harm then benefited humans. There tends to be a scale of belief for any religion that allows certain people to base horrible behavior to those beliefs.

Re: What else is searched for

In fact, it hints that evil will spread around the world, there will be an Antichrist and all hell will break loose, there will be war and then Jesus will come back and kill everything and take everyone to heaven.

I'm not sure if you even know what you are trying to say but it doesn't come out like anything truthful in reality.

I kind of laughed that you wrote those two sentences so close together, tell me more of this "truthful" "reality", perhaps a story about a big fish or a large boat.

Re: What else is searched for

[sumdumass]

Do you have some problem with comprehension? The bible says things and if you or anyone else wants to claim it says something, it actually needs to say it. If what is claimed is actually in there, it is truthful in reality (it really does say that).

And yes, the bible does contain a story about a big fish. It also contains stories about a lot of fish and a little amount of fish. Those are all statements that are truthful in reality. The bible doesn't say anything about fish is not something that is truthful in reality.

Re:What else is searched for

Oh go fuck yourself. There are factions of Islam that have sworn Jihad against all modern civilization. Until such time where you can determine who is or isn't a participant in that Jihad, the motherfuckers can all stay as far the fuck away from normal society as possible as far as I'm concerned. Call me racist or a piece of shit or whatever helps you sleep at night you disingenuous bastard.

Re:What else is searched for

The majority of Nazis were moderate. Most of them did not participate in the war. Very few elites Nazi even knew about the top secret concentration camp. Why do you hate Germans you racist pig!

The "moderate" majority in Islam is irrelevant because there are still millions of them who want us dead. If the "moderate" majority can't grow out of silly cult and reject this abject ideology then they are just as bad as the extremist they are cheering for.

This makes some Germans sad, because they know that nothing could be further from the truth. In fact it tells us that you are a racist.

Re:What else is searched for

Now try it with some Muslims and do some calculations.

Re:What else is searched for

http://www.alternet.org/30-most-violent-exhortations-bible-torah-and-quran

Don't know, not interested and didn't read. But you seem to be a liar.

[You] must be put to death.

Re:What else is searched for

[dryeo]

The residential schools were shut down in the 1990's here in Canada. Ran by Christians, they practiced torture, often just for fun, sexual molestation, medical experiments and all kinds of horrible stuff,as related by living witnesses. You were safer being sent to the western front in WWI and WWII then letting the Christians get hold of you.
That's Christians practicing their evil agenda of converting or killing savages (and being sadistic tyrants) as recently as 25 years ago in a first world country.
Then there are the horrible stories that come out of Africa.

Re:What else is searched for

[sumdumass]

It's obvious you don't know. Only one quote on that page came from the new testament and would be considered a practice of Christianity and even then it was taken out of context. It's a fucking parable.

I guess there are a lot of liars in that world of yours where you cannot be assed to find out the truth and just go with anything you think sounds good.

Re:What else is searched for

[sumdumass]

I see you can offer uncited allegations but skirt around the actual question. I'm sure what you say happened is possible and could have happened, but you failed to show any passages in the new testament making it part of the christian ideology.

There are horrible stories all over the place involving all sorts of people. Until you can show the passages in the new testament calling for it, all you are doing is showing that you are not intelligent enough to understand your own bigotry. None of what you mentioned is part of Christianity or referenced in any part of the new testament. If it was, you could easily find passages showing the calling for it.

Re:What else is searched for

[Falconhell]

How ignorant can you be, the worst child abusers by far are the Catholic Church, even someone as obviously uninformed as you are should have noticed that.

Re:What else is searched for

[dryeo]

Sorry for the lack of citations, this 26.4 dial-up connection makes it hard to load the average 2MB web page. Googling "residential school" or "truth and reconciliation commission" will give a lot of citations.
As for what the New Testament actually says, it doesn't matter as most Christians use a book called the Bible which includes the Old Testament and they have no problem citing passages from that part of the Bible to justify their actions. And lets be honest, the Old Testament is about a crazy fucked up sadistic God who demanded that his chosen people do all kinds of evil things and every religion based on the Old Testament seems to be full of crazies who love fighting amongst each other about who has the correct interpretation. Not that the other major religions are better, seems to be a survival of the craziest sects thing. Truly peaceful religions get wiped out.

Re:What else is searched for

Christian America in pursuit of ots real god, profit is the biggest killer by far and the cause of the hatred by Muslims. 9/11 was you comeuppance for arrogance greed and hubris, take your bigoted bullshit and fuck off back to Fox News page where the other brainless fucktard a hang out.

Re:What else is searched for

[sumdumass]

The catholic church is not all Christians and nothing in the new testament or publicly available catholic dogma allows any abuse of children. What you say is not untrue but it doesn't address the topic or the question asked. It's like saying black people robbed a store so all black people are criminals therefore we do not need to find anything that makes them criminal.

Really, how ignorant can you be?

Re: What else is searched for

[Falconhell]

Right, so the bit about slaying every man woman and child when capturing a city didn't happen in the Old Testament then.
If you're going to lie, at least try and not make it so obvious. Still an uniformed lying American Christian is no surprise.

Re: What else is searched for

[Falconhell]

Nope, you're the one with a comprehension issue, and let's not start on the stupidity of adults believing in imaginary sky fairies.

Re: What else is searched for

Go look up the Jews instructions re the Amalakites asshole.

Re:What else is searched for

[sumdumass]

The old testament is nothing but a history lesson that describes the history of the covenants made between the people and God. It doesn't matter what people pull up, the new testament is what makes people christian- the covenant with Jesus. BTW, before the new testament, the Christians were Jews. Jesus was a Jew. Anything you can say about the old testament includes Jews and not just Christians.

What you are really saying is that people use all sorts of things to justify their evil and abhorrent behavior and it is possible they will take either out of misunderstanding or purposeful distortion, religious texts out of context to justify their actions and hate. For some reason you seem to be fixated on the ones calling themselves christian and attributing it to the entire class of people identifying themselves to be christian and claiming the fault is in the old testament which if anything should make the Jews the same way. Somehow it doesn't even though the old testament is virtually identical to Jewish cannon interpretations.

Re:What else is searched for

[dryeo]

Well Christians have affected my life the most, including my Mother-in-law being a victim of the residential schools and my wife being part of the great snatch. The news is full of Muslims, another off-shoot from the Old Testament who worship Christ, doing evil things though I have to admit the worst terrorist I've ever personally met was a Sikh, another warrior religion.

Re:What else is searched for

So what are you hiding sicko?

Re: What else is searched for

[sumdumass]

Sure did happen. But it still doesn't say you are to go fourth and kill or convert people.

I guess you do have that comprehension problem after all.

Re:What else is searched for

known child porn images. Searches for copyrighted materials like movies and audio.

But don't they do this very thing already? Anything stored to the public cloud is subject to automatic and specific searches, as the Good Book of TOS dictates.

Re: What else is searched for

As any true scotsman could tell you....

Re:What else is searched for

[WoOS]

Uups, there must be a hornet's nest somewhere. And all because I wanted to avoid invoking Godwin by using Jews as an example?

Re:What else is searched for

[squiggleslash]

So this justifies the actions of a small number of Muslims trying to impose their views and lifestyles on the masses?

I don't see anything whatsoever in the GP's comment that can be interpreted that way. He's trying to make you understand a situation by comparing it to (your's) as a likely Christian or descendant of Western Christian lineage.

You're not to blame, and nobody has the right to hate you, because of the crusades. You're not to blame, and nobody has the right to hate you, for the killing of innocents due to the conflict in Northern Ireland (as a relatively recent example.) You're not to blame, and nobody has the right to hate you, for the excesses of groups like the KKK, no matter how much they wrap their violence and hate filled rhetoric in the cloak of Christianity.

Few Muslims even consider Al Qaeda or IS* (or whatever we call the latter these days) true Muslims. Yet many insist on holding ordinary Muslims accountable in some way - be it guilt by association, or actual punishment through the withdrawal of basic human rights and equal treatment - for the behavior of those groups.

There are plenty of things to criticize Islam, the religion, for, and for the behavior of many individual Muslims. But the guilt by association thing has to end. We're already seeing politicians in the US so extreme they're willing to aid ISIL if it means "sticking it" to Muslims - witness the attempts to force Syrian refugees to go back to the ISIL controlled territories they're fleeing, for example. Terrorists and extremists should have the control over discourse and our humanity that they do.

Re:What else is searched for

[jmac_the_man]

Donald Trump becomes president, enforces his "Scare the Muslims away" policy by requiring them to wear clearly visible marks on their clothing

This isn't a Trump proposal. Organizations in favor of terrorism committed by Muslims* are sending protesters to Trump rallies to disrupt the rallies, get kicked out, and claim Trump wants to force Muslims to wear identifying clothing to a credulous media. But that's just trolling and not something Trump is actually saying.

*CAIR, the organization which puts a lot of the protesters up to this, was an unindicted co-conspiritor in the Holy Land Foundation's support to Hamas. While of course not all Muslims are pro-terrorism, CAIR certainly is.

Re:What else is searched for

But I found one quote in 2 minutes, what is the truth I should find? That all bad passages of the bible are in fact good while you have to take all bad passages of all other books literally?

You mean a true Christ would know the context and that it's a parable?

True Dingos exist too.

Re:What else is searched for

No true Christian would be sumdumass.

Re:What else is searched for

[cavreader]

Religion has always been a means of controlling the masses for the past 6000 years. No matter the religion those at the top use religion as a means to increase their wealth and expand their power. And the GP statement could be interpreted several different ways depending on your viewpoint. It can be interpreted as you said but it can also be used by terrorists as justification for their actions.

Re:What else is searched for

Islam doesn't specify how to dress, there is a huge range of "acceptable" clothing.

A range of acceptable clothing however HUGE is specifying how to dress.

I read Objectivism: The Philosophy of Ayn Rand cover to cover. It never tells you how to dress nor does it give indications of acceptable clothing. Had it, my opinion of it would lessen.

Re: What else is searched for

[ihtoit]

Leviticus 26:14-46 describes all sorts of punishments for not converting. Including forced cannibalism.

There are many parallel passages (Deuteronomy 28, for one: "If the children of Israel are obedient, they will be blessed temporally and spiritually—If they are disobedient, they will be cursed, smitten, and destroyed; diseases, plagues, and oppression will come upon them; they will serve false gods and become a byword among all nations; fierce nations will enslave them; and they will eat their own children and be scattered among all nations.").

(not a theologist - my actual Bible knowledge comes from Kevin Smith and Charlton Heston movies).

Re:What else is searched for

[david_thornley]

Actually, Catholic priests are not more likely to molest children than other groups that deal with children. (You may find that frightening. I do.) The problem with the Catholic Church was the lengths they'd go to to protect the molesters, often including moving them to another position with lots of contact with children and no warning to the new place.

It's true that Jesus never said anything encouraging molesting children, but people often don't do what their religion tells them to, and in fact pay good money to get reassurance from people pretending to interpret God's will.

The ideology really doesn't matter. I want children not being molested, and I'll rate groups by molestation rate rather than their stated policies.

Re:What else is searched for

[david_thornley]

Guess what. There's LOTS of Christians around here, and what Christians do is usually more important than what Muslims or Hindus or Taoists do around here. Given the demographics, what Christians do with sacred literature is more significant than what Jews do with it.

Most Christian denominations consider the Old Testament holy, and lots of Christians cherry-pick through it to justify their actions. There's a quote from Jesus that the Law will be valid forever. You can't just eject the Old Testament from the Bible and claim it doesn't apply to Christians.

As long as we blame people for what evil they do, I can't see accusing Christians or Muslims as a whole. Once we start assigning group responsibility, I see no reason to stop with Islam.

Re:What else is searched for

[david_thornley]

How familiar are you with forms of dress required by the Koran? I'm not familiar with those at all. One issue with religions is that it's convenient for some people to attach certain things they approve of to the local religion, asserting their own opinions with the force of divine law. I know a guy from Pakistan who said he never knew what Islam was until he came to the US, since the local Pakistani imams or whatever made crap up and attributed it to Mohammed or other source of divine revelation.

In any case, since my friend dressed like an ordinary US resident, you couldn't tell his religion from his clothes, no matter what reason you had to expect it.

Re:What else is searched for

[SuiteSisterMary]

Christianity: domination of the entire globe by word-of-mouth, example and metaphysical enlightenment.

This would explain why 'Christian' countries and polities have been, for centuries, invading the Middle East. Including the US, under self-identified Christian governments.

Q: Why is Iran an Islamic theocracy? A: Because the US of A deposed the democratically elected government, and installed a monarchy, whom the people then replaced with a theocracy.

Re: What else is searched for

[Agripa]

The Stored Communications Act already makes a distinction between documents which you store yourself versus documents which you store on a third party server with the later having less protection from search and seizure.

Re:What else is searched for

I see you can offer uncited allegations but skirt around the actual question. I'm sure what you say happened is possible and could have happened, but you failed to show any passages in the new testament making it part of the christian ideology.

Maybe what he said is "uncited" but ask an Native American over the age of 50 about boarding schools and you will get you citation. Torture, sexual molestation, medical experiments did happen. Young women were sterilized without their knowledge and yes this was done by the Christians running the schools. This not only happened in Canada but here in the US. This isn't some tale from a 100 years ago but in my life time. Maybe there isn't a reference in their good book for this behaviour but it happens and is still happening. To a Christian it is still better to kill the savage if he cannot be converted. With the history of these acts it makes me ask "Who really is the savage here?" IT IS! part of Christianity through their actions. Maybe not referenced but it is the way they act and we are all responsible for our actions and you can't depend on Jesus to save you from these acts. Maybe Jesus forgives you for your actions. I don't.

Easier Idea

Instead of asking everyone else to find your boogey-men, how about modifying your foreign policy a bit ?

Yanno, quit acting like the World Police, quit the regime changes when leader X doesn't want to play your games, quit all the drone attacks, etc.

Focus on the problems at home and quit adding to them.

You might find that by not pissing off the Islamists, you'll have less bullshit to contend with.

Just a thought.

Re:Easier Idea

Instead of asking everyone else to find your boogey-men, how about modifying your foreign policy a bit ?

Yanno, quit acting like the World Police, quit the regime changes when leader X doesn't want to play your games, quit all the drone attacks, etc.

Focus on the problems at home and quit adding to them.

You might find that by not pissing off the Islamists, you'll have less bullshit to contend with.

Just a thought.

Yeah, that worked so well for the Persian Empire.

And the Byzantine Empire.

And the residents of the Levant.

And the Egyptians.

The rest of North Africa.

The Balkans.

And the Spanish.

The Merovingians.

Should I continue?

Re:Easier Idea

Sure, they agree not to use IED's and we agree not to use drones. Q.E.D?

Re:Easier Idea

"Just a thought"? You didn't put any thought into that. If you knew THE FIRST DAMN THING about ISIS, al Qaida, and all the rest you would know that their ultimate goal is to control the world. That means every country, all the people. That includes where you live now!!

Your crack about "modifying your foreign policy a bit" is the first sign you are clueless. They think your society has to change. They demand you convert is Islam. That is their goal! They want your society to convert to Islam, give up its laws, use Islamic Sharia law, kill gays, ban alcohol and drugs completely, kill people for adultery, no more loans with interest. It is a long list.

Do you know what bin Laden's demand was to the US after 9/11 in his letter to America? Covert to Islam! We're going to keep attacking until you do. Give up your constitution and use Sharia law.

(Q2) As for the second question that we want to answer: What are we calling you to, and what do we want from you?

(1) The first thing that we are calling you to is Islam.

(a) The religion of the Unification of God; of freedom from associating partners with Him, and rejection of this; of complete love of Him, the Exalted; of complete submission to His Laws; and of the discarding of all the opinions, orders, theories and religions which contradict with the religion He sent down to His Prophet Muhammad (peace be upon him). Islam is the religion of all the prophets, and makes no distinction between them - peace be upon them all.

Really, this shouldn't be news after 15 years! Try looking into this some time.

Re:Easier Idea

It's not like the christians (or countless other religions/group ever did anything bad, right ?

Do I really need to list what the christians did ? Are you that ignorant ?

Not that I agree with the guy you were replying to, but fuck you're way worse.

Re:Easier Idea

ISIS' expressly stated goal is to trigger a world war, they don't give a shit about control.

Re:Easier Idea

I find my inner demon to be far scarier than anything ISIS could ever do. If ISIS wants to tangle with the likes of me here, more power to them. They would be better off staying home. I'm not amused by what you are trying to do either. Do I want to give government lackeys the right to ruffle through everyone's effects (like they've been doing illegally for some time now)? No. Eventually, I want this issue to come to a head and some accountability on the part of the officers giving these illegal orders. As far as the terrorist cells, I think we can find many of them easily by simply forcing CIA to sign off in a non-repudible way for any passports they give out. Since the FBI showed their true colors before 9/11, and continue to show their colors with every lame terrorism plot they put together, we could do the same thing with them.

This isn't about protecting anyone from terrorism. This is about trying to put together a police state, which would be far worse than the worst case terrorism scenario.

Re:Easier Idea

That is not quite the goal of ISIS. ISIS is more of a Islamic doomsday cult that believes the final days will occur near Dabiq. It believes that a war of non-muslims and muslims will occur there and that islam will control the world after the battle.

Re:Easier Idea

[dryeo]

"Just a thought"? You didn't put any thought into that. If you knew THE FIRST DAMN THING about ISIS, al Qaida, and all the rest you would know that their ultimate goal is to control the world. That means every country, all the people. That includes where you live now!!

So not much different then the Americans currently, with lots of previous contenders. The big difference is capability, the Americans have a good PR team and can act nice and can show up with an aircraft carrier and suggest signing this treaty, or better just threaten to isolate you. But as their vendetta against Saddam showed, they're willing to kill 100,000ths or more innocents to gain control.

What if they were printed documents

Just the briefest of touches of everyones personal papers would not be acceptable. Why would it be different for electronic documents? Because you can without being noticed is not acceptable. You cannot just search everyone.

Look at it a different way

Now imagine if it were someone like Snowden and the NSA was seeking others he had shared the docs with.

The key problem is that no can trust gov to be honest about 'why' they are searching...

Gov is corrupt...until that changes, don't give them the time of day.

Donald J Trump is a nazi

His grandparents immigrated from germany to the USA. Back then every german was a nazi. His nazi theories survived denazification that was done in germany. He is a nazi. He likes the mexican people, he does alot of business with him. He thinks they better live in the ghetto called mexico like back then in warsaw.

Re:Donald J Trump is a nazi

1. "Back then every german was a nazi" You are a racist moron
2. Just because your ancestors were nazi doesn't mean you are a nazi
3. Just because they were not, doesn't mean you are not.
4. Yes Trump is megalomaniac moronic racist, nazi I don't know, but it's not like it changes anything to what people should think of Trump

This already happens

[Kjella]

Send or receive a known kiddie porn image through GMail and they will tip the authorities. That hash check can be used for anything the government wants to find people in possession of, just hand them a hash and a NSL.

Re:This already happens

I'm surprised someone hasn't bulk sent these files to hundreds of thousands of gmail accounts per day!

Re:This already happens

Or to all the members of Congress.

Re:This already happens

Google would just delete it as spam if you did that...

Re:This already happens

Might get caught. But sending files which just happen to have the same hashes...

Re:This already happens

Slashdot is made in the US. Can we talk you into leaving now?

Re:This already happens

[ArylAkamov]

People actually send child porn through Gmail?

Not just Gmail, but their own personal Gmail account? Without using a VPN, Tor, etc.?

I've got no words.

Re:This already happens

[dinfinity]

That should be the main response to this idea. It hinges on this completely retarded statement: "The private document was likely shared among other conspirators [via or stored using sharing services of big (US-based) companies]"

Honestly, which serious bad guy would be stupid enough to share or store 'Instructions.for.Executing.Terror.Attack.docx' using Google fucking Drive?
Additionally, the point of using email drafts is that they are never sent, which means that they only ever exist in a single account and which renders the proposal completely ineffective.

Even if this is implemented (if it isn't already in some form) and (some of) the bad guys are not already operating in a way that circumvents it, it would be absolutely trivial to start circumventing it for them. Private torrents, Bittorrent sync and the like, private FTP servers, private email servers, OwnCloud, some random small webhoster in Bumblefuckland, etc. The list of 'ways to share files securely, privately and easily' is pretty much endless. Only if you think along the lines of "Wow, everybody is using cloud based file sharing nowadays, surely the bad guys will too. File sharing == Google Drive/iCloud sharing; there is no other way" does this harebrained idea make sense.

Re:This already happens

[AHuxley]

Yes for key words ie the text used and any details about any file any national or international police force, federal agency or cleared NGO has listed as needing to be tracked.
Cloud-based antivirus would be another sector to think about.
Been secure in a persons own papers has gone years ago. The way some email was stored long term made it a free for all years ago.

I think thats how they do it now...

[Yew2]

Ever notice we foil some real doozies? Probably a few kinks to work out.

Hypothetical BS

No, I don't want bulk scanning of info. Google cloud provide a list of Tea Party supporters, which the IRS could use to target. Get over this terrorist thing, I'm more concerned about racist cops, the cost of health care, Apple Computer not paying enough taxes and more.

Re:Why just Gmail? How far do you want to go today

[khasim]

How about searching the account of the one person they've identified to find out which other accounts he had mailed that to?

Then the government can get warrants to search those accounts as well.

As long as they are not in another country or otherwise protected or delete all records after a certain time.

Google is a private company

[140Mandak262Jamuna]

It can do whatever it wants. It can choose to cooperate with this search at whatever level it wants to. I suggest you do not use gmail and google docs to share bomb making recipes.

Re:Google is a private company

[quenda]

This "Its a private company, it can do what it wants" attitude is an odd idea. Are you American? Can a private citizen do whatever he wants?
And BTW, Google is a public company, not private.

Re:Google is a private company

Wtf are you talking about? Google is a public company owned by its shareholders. It's listed on the Nasdaq right here, you ignorant hunk of cuntcheese: http://www.nasdaq.com/symbol/goog

Re:Google is a private company

[jmac_the_man]

A public company is one owned by the government. A private company is one owned by private citizens who invest in it. Google is a publicly traded company, which means it's a private company with a specific way for investors to invest in it. But Google is not owned by the government and is not obliged to help the government in ways not required by law.

Too complicated

[Hognoxious]

Too complicated for me. We should refer this one to Bennett Haselton.

Re:Too complicated

[ihtoit]

APK has the answer.

(cue the twat in 3... 2... 1...)

Re:Too complicated

Still butthurt over apk making you eat your words 3 times ihtoit http://slashdot.org/comments.p... , http://slashdot.org/comments.p... , http://slashdot.org/comments.p... ? You did it to yourself twat lips. Quit flappin them and apk won't bitchslap them shut again. All the downmods on the planet you use with sockpuppetry don't hide it from people and that's why you're so bitter. You know that's true.

Re:Too complicated

Hahahahaha ihtoit aka twatlips!

Three words : content addressible storage

[Dr_Barnowl]

They *already* do this, not because they're scanning things, but because they index files on their hashes in the first place.

Remember "Dropship"? If you knew the hash of a file on Dropbox, you could "teleport" it into your Dropbox storage by using the API to tell Dropbox that you had a file with that hash locally. Since it got used for file-sharing, that was shut down - but it reveals that for de-duping purposes, Dropbox hashes all your files anyway.

It's a trivial matter to take that file, hash it, do a lookup in the table of files that belong to each user, and produce a list of the accounts. It's probably already been done for copyright-infringement suits.

No bulk scanning required. Just a lookup.

Re: Three words : content addressible storage

It's known that dropbox does this at least for reducing duplicates they have to store. If a hundred a thousand people have some copy of a random file, why store a hundred thousand copies?

Re:Three words : content addressible storage

[quenda]

They *already* do this, not because they're scanning things, but because they index files on their hashes in the first place.

Yes, I thought that was obvious. Do people think Google really stores a million copies of that cat video that has been emailed around?
At the very least, they must index hashes on whole files.

The hypothetical sounds a bit like "if you could strangle Hitler as a baby". Sure we would, but the precedent is of concern.

Briefest touch? It's still a search.

[QuietLagoon]

...except for the briefest of computerized 'touches' on their accounts to see if the file reposed there....

A search is a search, no matter how innocent you try to make it sound.

Re:Briefest touch? It's still a search.

Your terrorism-supporting rhetoric has been logged. The next time you plan to fly, please be sure to show up at the airport at least three hours early to give our highly skilled TSA agents adequate time to gently 'touch' the inside of your anal cavity. Thank you.

No.

[Todd+Knarr]

I wouldn't run it without the authorities being able to meet the requirements for a search warrant. Otherwise you have the problem of copies of the document in the inboxes of people with no involvement whatsoever who were sent the document in a deliberate attempt by the terrorists to bury their tracks in a crowd of false leads. Given that the sender, not the recipient, determines to whom a message is sent, merely receiving a message without anything more doesn't indicate any involvement or intent on the part of the recipient and can't reasonably be construed as any indication of probable cause to search. How about they first search the known terrorist's mailbox for the names and addresses he's corresponded with looking for who's replied to him about the plan? Then the authorities can target the searches of specifically those accounts and there isn't this problem.

Re:No.

[laurencetux]

and i would put the following restrictions

1 the warrant must be one of the original three copies printed by the officer (no photocopies no fax physical originals)

2 the signing judge must sign in blue or black ink with his own hand ON EACH COPY

3 each warrant should be limited to 15 documents

don't forget that your setup may miss somebody that received a file originally on a thumbdrive

I have a better idea

[epyT-R]

Lets deal with threats like ISIS at their source rather than playing wack-a-mole with our liberties here at home.

Re:I have a better idea

I agree, there is just a tiny little problem with your plan: noway in hell there will be agreement on what that source actually is, let alone on how to 'deal' with it.

Re:I have a better idea

[ScentCone]

Lets deal with threats like ISIS at their source rather than playing wack-a-mole with our liberties here at home.

The problem is that the source of ISIS is a medieval-minded culture comprised of billions of people, hundreds of millions of which at the least happily applaud ISIS-like and Taliban-esque behavior. What did you have in mind in terms of solving that problem? Were you proposing to go into those countries and change how they mal-educate their citizens? Just conduct a little cultural imperialism to fix how they think? Hint: that's exactly what they're complaining about: the fundamentalists among them (who comprise and finance groups like ISIS) are using violence to establish a geographical zone that they hope will be completely impervious to such western taint. And then they want to spread that zone everywhere, to get rid of the taint. Please be more specific about your "deal with" plan.

Re:I have a better idea

[epyT-R]

Maybe it's time to declare war on the countries harboring and funding these organizations instead of making 'peace' deals with them. Targeting our own citizens with 'not all muslims are like that' shaming language propaganda to placate these radical idiots doesn't seem to be doing the job. Are our leaders just spineless or do they think that 'infinite consensus' solves everything? I'm not sure, but it's obvious it is not working.

We no longer tolerate fundamentalist christians teaching 'creation' in place of science, nor allow them to trample women's reproductive rights. Why should irrational muslim belief be given any more quarter, especially if it is violent and has clear intention to bring down western civilization?

Re:I have a better idea

[epyT-R]

Maybe it's time for less 'compromise' and more action? If these groups are truly the threat indicated by western governments, then the last thing they should be doing is shaming their own populations with 'tolerance' propaganda, especially while attacks and radicalization of western citizens continue. Why do you think Trump is so popular? People are tired of talk and 'compromise' that gets nowhere.

No, I'm not suggesting 'reeducation'. I'm talking doing whatever is necessary, including war, if that's what it takes. Send the countries harboring them a clear message. If what you say is true, then leaving them alone might solve it as well, but somehow I doubt pulling out would change much. Many of these groups want a worldwide muslim caliphate. They're 'imperialist' as well.

Re:I have a better idea

[khasim]

Watch some of our political rallies. And the calls for war. No matter what the cost. We even have politicians talking about nuclear attacks against "them".

It's not an "ISIS" thing. It's a human thing. ISIS is just getting the media attention right now.

And that is the core problem with this "Anti-Terrorism Hypothetical". There will always be a new "terrorist" out there. Or some other "enemy".

It is more about spying on people with less power so that the people with more power can keep that power.

Re:I have a better idea

[Kohath]

And then what? Keep troops in the region for the next hundred years to deal with ISIS/Al Queda 3.0 and 4.0 and 5.0?

Which country is going to do that? We've learned from Bush/Obama that the American people don't have what it takes to do this.

Re:I have a better idea

[currently_awake]

If the UN had a standing army, you could make them do the job. All those third world expendable half trained troops would keep the country under our iron fisted rule forever. It would require coordination with Russia and China, however.

Re:I have a better idea

[techno-vampire]

We no longer tolerate fundamentalist christians...

I don't know where you live, or what you think the laws are there, but here in the USA we still have something called "Freedom of Religion."

Re:I have a better idea

[Kjella]

Some perspective: There's 1.6 billion muslims in the world. Looking at the PEW research there's on the order of 10% or 160 million of those I consider to have a world view fundamentally opposed to modern society. The number of IS jihadists is on the order of 160,000 or 0.1% of that, it's damn fucking few and damn fucking many. And the kind of people that blow themselves up in 9/11, the Paris attacks and such are maybe 0.01% of that again, five and ten and twenty here and there don't really add up to much. Fighting for something is quite different than killing yourself for it.

What it means is the problem is escalation. If you start hitting on muslims indiscriminately, there'll be more radicals and more terror and more revenge attacks and... you really don't want to see what a WWIII with 2 billion Christians vs 1.6 billion Muslims looks like. It's not like IS is "der Führer" of Islam, they're just as much about pushing their fundamentalist views on other muslims that are too western and liberal and casually religious. Not to mention on one side of a sectarian war within Islam, like Catholic vs Protestant some 500 years ago.

They have been trying with their acts of provcation against the US, against Russia to turn this into a "us against them" war and it's dangerous. Far from all Germans were Nazis, but when you're dragged along and it's "you" = the muslims against "them" = the ones attacking the muslims you are likely to end up with a lot of people on the wrong side of this conflict. It's exactly what IS wants and to be the spearhead of this kind of total conflict. Basically it just has to run its course until either:

a) The muslim world realizes they have to march on Raqqa and topple this regime on their own, because they're a threat to everyone that doesn't follow their funamentalist views.
or
b) The muslim world will accept the western world using the heavy weapons to take them out, collateral damage be damned. Think WWII conquest of Nazi Germany and Japan, gloves off.

Re:I have a better idea

[Lotana]

Maybe it's time to declare war on the countries harboring and funding these organizations instead of making 'peace' deals with them.

Unfortunately it is not that simple. I believe that out of all the states in that region Saudi Arabia is the most likely candidate for being the source of funds. Reasons why I suspect that:

1. Their interpretation of Islam is quite strict and extreme: Wahhabism

2. They are by order of magnitude the richest in the region.

3. They have a history of supporting extremist groups in the past: wikipedia

However, US and Saudi Arabia are VERY close allies ever since World War 2: wikipedia.

According to the above link Saudi Arabia had supported 9/11 attacks. Osama was Saudi Arabian. 15 of the 19 hijackers were Saudi nationals and US were prevented from any investigation into them. One of the stated reasons behind the attack was the presence of US troops in Saudi Arabia and at the time of the attack it was reported that 95% of the surveyed Saudis supported bin Laden's cause.

Yet, despite all that, there was no action or reprimand by the US against Saudi Arabia. None. Afghanistan got invaded instead. I can't find a link, but I remember hearing that some families of the victims of 9/11 tried to sue Saudi Arabian government, but were barred due to diplomatic immunity. The US withdrawn the troops stationed there in 2003, thus bowing to one of the stated Osama's demands.

Given such extremely close ties, chances are slim that US will do anything if it is ever confirmed that Saudi Arabia is a financial source for Daesh. Perhaps Russia or France will.

I am very curious what US would do if Russia will launch strikes/declares war on Saudi Arabia...

Re:I have a better idea

[forand]

Not sure where to start. I assume, given the current news, you are referring to the Iranian 'peace' deal when you say:

Maybe it's time to declare war on the countries harboring and funding these organizations instead of making 'peace' deals with them.

Iran is not supporting ISIS and is, in fact, urging their allies to fight them.

You go on to say:

We no longer tolerate fundamentalist christians teaching 'creation' in place of science, nor allow them to trample women's reproductive rights.

Again I must assume (you didn't specify) that you are referring to the USA which still has many states where creationism is taught in public schools and recently made exceptions for FOR PROFIT self described (not legally associated with any religion) corporations to deny woman coverage to basic reproductive health treatments at the insistence of their employer.

I do not believe people are supporting giving "irrational muslim belief" any quarter. Are you implying that all muslim belief is irrational? What action do you believe would solve the current world issues? It seems that having a bunch of American soldiers on the ground does not generally result in a stable nation appearing. This is not a simple problem assuming you have the answers or even all the information without having dedicated your life to it is ignorant at best.

Re: I have a better idea

[Claus-DieterOhl]

Yeah go and start another war you great country. When are you war hungry idiots learning from your killing spree just a few years back. Yes, lets have another war.... Wait who is your alley and who your friend out there... Right the US messed up big and should the shut up and build up instead of starting another fire

Re:I have a better idea

[hackertourist]

More action, including war, is exactly what the US did after 9/11. Guess what? This strategy has had no success whatsoever in reducing the terrorism problem. The world has gained various hellholes (Iraq, Afghanistan) which have become fertile breeding grounds for new terrorists. Bombing a country into the Stone Age because a few of its citizens went apeshit is not the answer.

Re:I have a better idea

[jmac_the_man]

This is a lot of misinformation packed into one post. For example, Hobby Lobby is NOT preventing their employees from using any kind of contraception the employee wishes (subject to the advice of the employee's doctor in cases that require a prescription.) Hobby Lobby won't PAY FOR certain contraception methods via their corporate insurance plan, but employees can use their own money (or their spouse's insurance or whatever) to buy the other contraception methods, and Hobby Lobby won't fire them or anything.

Re:I have a better idea

I like it. Aztec on a global scale. eugenically engineer a superior fighting machine and lay back and get soft while they risk their third-world necks for our first-world luxury. nothing could possibly go wrong.

Re:I have a better idea

Nice reading comprehension there. The full sentence actually has a completely different meaning:

We no longer tolerate fundamentalist christians teaching 'creation' in place of science, nor allow them to trample women's reproductive rights.

Re:I have a better idea

[Alsee]

We no longer tolerate fundamentalist christians teaching 'creation' in place of science, nor allow them to trample women's reproductive rights.

That's right, we no longer tolerate them. Instead we elect them to congress, which (mostly) ensures they never accomplish anything.

-

Re:I have a better idea

I am very curious what US would do if Russia will launch strikes/declares war on Saudi Arabia...

Saudis already launched their first strike by dragging oil prices down, thus neutering Putin. He's slowly having to start to face problems on the home front, and won't be able to launch and maintain any kind of offensive against the Saudis.

Although, [tinfoilhat] I suspect the US may have used their influence over the Saudis in the matter. [/tinfoilhat]

Government is too big and too unaccountable

[Kohath]

The problem with this search is that government is too big and too unaccountable to be allowed that capability. Governments and law enforcement agencies routinely act unjustly. They use violence and threats needlessly, acting as bullies rather than public servants. And they are almost never punished when they commit crimes.

If governments showed humility and served the public, maybe you'd consider letting them search something occasionally. But that sort of government seems like an impossible fantasy these days. So no. Not until they prove they can be trusted -- which unfortunately means probably never.

Re:Government is too big and too unaccountable

The problem with this search is that government is too big and too unaccountable to be allowed that capability.

I agree, it's just like civil forfeiture (a good idea that, once implemented, became one of the most heavily abused laws in America). If the US government is asking for it then they have already thought of a way to abuse it to make money.

Who the hell uses Gmail?

There's no privacy in Gmail. We all know that. I sincerely don't understand why anyone uses it, but seems to be bery common. I blame the Bell curve...

Terrorists surely are wiser than that...

What would you do?

The question implies you have the power to make that decision and control how/when it happens. Most people would probably do it then, because most people consider themselves moral people and trust themselves to make the right decision.

Allowing someone else to have such power, and make such decisions, is quite a different question altogether, for obvious reasons.
So:
1. no, we should not do this.
2. don't put anything on hosted services that you did not encrypt first. Not for nefarious purposes but to make such scanning actions pointless and to keep each other from the temptation.

That's not a problem

[cyber-vandal]

Get a warrant and search away. It's the illegal searches and bulk collection of personal information that's the problem.

To me, it seems unconstitutional

[93+Escort+Wagon]

In the U.S. (where Paris is not, I realize - but neither is Harvard) we ostensibly are innocent until proven guilty. No, no, quit laughing... I'm trying to make a point. The searcher has no foreknowledge that I might be guilty, so they shouldn't be able to look through my "stuff" for evidence of guilt.

I don't see how this is materially different from, say, having permanent access to my home surveillance camera footage and routinely using bots to review them for the image of a rocket launcher. If you have no reason to suspect me of involvement with a crime, you can't just randomly search my house, stop me on the street to frisk me, or search my personal papers.

Re:To me, it seems unconstitutional

[Alumoi]

Innocent until proven guilty?
How about being a 'person of interest'? You're not guilty, no siree, we'll just harass, search, detain and otherwise make your life miserable until we're convinced you've got nothing to hide. Yeap, innocent.

Re:To me, it seems unconstitutional

Luckily, we can search innocent people given the right conditions, because if we wouldn't go very far by only being able to search "proven guilty" people.

Re:To me, it seems unconstitutional

[93+Escort+Wagon]

Police don't have a right to just walk into random houses and look around. That's clearly unconstitutional - and it is specifically prohibited because Colonial Americans had to allow British soldiers to do exactly that, whenever those soldiers felt like it. No, police need some evidence that a reasonable observer would conclude may indicate involvement with criminal activity. THEN they can get a warrant and can search a person's property, including going into their house and looking around.

Scanning all files belonging to all users, without any existing evidence of potential guilt, is equivalent to the Redcoats randomly walking into a Colonist's house and looking for contraband.

Re:To me, it seems unconstitutional

[shawn2772]

Luckily, we can search innocent people given the right conditions, because if we wouldn't go very far by only being able to search "proven guilty" people.

True. The standard for getting a search warrant is considerably lower than proof of guilt... but it's also a lot more than nothing. Specifically, police have to have "probable cause", which basically means some significant evidence of guilt, though not enough to prove guilt (else they'd have no need to search).

In the hypothetical, police have no evidence of guilt of any of the billion or so Gmail users, but want to search through their stuff anyway. That's a clear violation of the fourth amendment.

Re:To me, it seems unconstitutional

[SuiteSisterMary]

It is literally the equivalent of finding a printout of a nefarious plan, and deciding 'whelp, he could have sent these copies to ANYBODY IN THE COUNTRY so now we have probable cause to SEARCH EVERYBODY IN THE COUNTRY for these documents.

Yes, it's ever so slightly different in that, by digitally searching for exact matches, there's no real way to stumble upon other things. Doesn't matter.

Maybe we can use it to do something about...

the gun and rape culture in the US. Finding files that contain gun-related terms could help with confiscation techniques.

Re: Maybe we can use it to do something about...

After those Repukians gang raped my sister to death, I gave up on life. Maybe this scanning system will catch those rapists in the planning stages.

Re: Maybe we can use it to do something about...

They rapes us so much

Oh No!

[Mister+Liberty]

I was just about to inform my cells where the nuke is located!

Re:Oh No!

[Voyager529]

Oh No! (Score:1)
by Mister Liberty (769145) Alter Relationship on Saturday January 16, 2016 @02:30PM (#51314895)
I was just about to inform my cells where the nuke is located!

Username checks out.

Re:Oh No!

Eh, you can't be the real Mister Liberty until you've proven yourself to be a bad enough president to save the dudes>

Make it public and do it

Have a simple site that chronologically lists every user-global search made with all the details of who requested the search and why.

With that I see no problem with it, now if you do it behind closed doors it's a completely different story.

I would run the search if I could, but...

if I offered mail and personal file hosting services, then I would make sure that I couldn't run the search. That's what backdoorless encryption is about from the perspective of service providers: Not putting yourself in a position where your only choice is to violate the trust of your users and thereby lose it and the business which requires that trust.

Different hypothesis

[sunderland56]

Obviously you wouldn't do an actual byte-by-byte search of every file; you'd first compare some metadata - like the file size, or the file hash/MD5sum/etc.

So, say that Google gives whoever is asking a list of files that match the metadata. They haven't actually looked at anyone's contents; no file has actually been opened or read. The list doesn't need to include the people's accounts or other details; it can just be a list of inodes. The people asking could then get a court order to look at those specific files to see if they actually match. Would that be acceptable?

Re:Different hypothesis

[NormalVisual]

They haven't actually looked at anyone's contents; no file has actually been opened or read.

If the files haven't been read, how were the hashes generated?

Re: Different hypothesis

Well, as well quite many systems an devices scan for viruses, malware and do dedup, why stop just asking Google et. other cloud services finding interesting hashes?

You know, even MPAA and RIAA would be interested about the capability built already.

Re:Different hypothesis

[sunderland56]

A hash could be generated when the file is written. It would be generated by the file writer - if they're writing the file they know the contents, since they own the file.

Re:Different hypothesis

[Agripa]

If the person writing the file generates the hash as well, that makes things easy and no hash is needed. Just attach an evil bit and description of the file as metadata and select based on that.

https://en.wikipedia.org/wiki/...

New concept there...

[Groo+Wanderer]

Gee, almost like the government would have a legal and legitimate (search) warrant that Google et al would likely be happy to comply with. If the government uses it's powers correctly and within the letter of the law, not to mention the spirit, why shouldn't Google et al comply? It is only when they overstep and do BLATANTLY illegal things is when they tech companies push back.

My reading of this would be the government getting a search warrant for the provider in question, and a fully legal one at that. Legal warrants override privacy concerns, that is the point, no? If the laws won't allow a search of users, a warrant naming 'does 1-x' could do the same, at least from my limited legal knowledge.

                -Charlie

Deduplication anyone

[ramriot]

As was pointed out by a commenter earlier when Bruce Schneier posted this.

This whole hypothetical is moot and has already been attempted for DMCA and Child Porn cases. This is because Deduplication is a feature of any large file sharing entity gmail included as drive space is not free.

Because of deduplication there will only ever be one copy of the relevant file clusters in existence and a table of assignments for which messages and or accounts to apply it too. Thus given an example of the file or the list of cluster hashes and a simple court order a company can expunge the one copy and/or return the list of holders with their association / upload / download dates.

Now one key issue would be that even a single bit changed in the file (mentioned in the article) would change the file hash and probably 50% of the bits in the specific cluster would flip. But for larger files >10MB it may be sufficient to match a percentage of cluster hashes and then inspect the misses further.

That said a savvy antagonist would recognise the above and suggest ways to defeat deduplication, even without using anything fancy. For a text file, simply running it through a compression algorithm would change it sufficiently and if you use one that does encryption correctly then each encipherment, even with the same key, would result in a different file. Plus since you are not actually interested in securing the file you could include the password as the filename.

Re:Deduplication anyone

This ^ disappointed to hear Bruce is suggesting such wide sweeping violations of peoples rights for such a limited technique.

Re:Deduplication anyone

[Groo+Wanderer]

Dedupe is usually done at a block level, no a file level for this specific reason. Encryption, compression, and the like will cause headaches for the hypothetical one byte changes, but that is probably a solved problem by now. I have not kept up with the minutia of dedupe lately but for an outfit the size of Google, it would probably be worth it to decompress the files for dedupe. No clue if they do though, but it is not a huge technical challenge.

Already done by google

They routinely scan all uploaded documents for child pornography, so I guess they would also do it hopefully for other crimes.

http://techcrunch.com/2014/08/06/why-the-gmail-scan-that-led-to-a-mans-arrest-for-child-porn-was-not-a-privacy-violation/

Hash

[JesseEnjaian]

Google already hashes known criminal-images-which-shall-not-be-named-by-name and scans for it. This isn't really intrusive because there can't be a SHA-256 false positive. Having Google do this versus banning encryption and having AT&T sniff the wire is preferable. Google already scans your crap for ads anyway :P

Re:Hash

This isn't really intrusive because there can't be a SHA-256 false positive.

Shirley, you forgot the sarcasm-tags?

Re:Hash

[swilver]

Yes, calculating a 16 byte number over files that are all >17 bytes in size will never result in a false positive...

BRB - Door

[Hognoxious]

We get round that by either changing the payload itself (while rendering it still usable) e.g. by transcoding videos, adding filler pages to .pdfs and/or by zipping it together with a randomly gener

The issue is way bigger

[Solandri]

And why I dislike framing the argument against this sort of thing as a right to privacy like the EU does. I tried bringing this up way back in the 1990s when rumors of Carnivore began circulating. If you frame this in terms of privacy, then this type of surveillance becomes legal. It's not a person searching your files (or sniffing network traffic) for pattern matches, it's a machine. Only matches are turned over, and the data of innocents remain private despite having been searched.

It's not privacy which is sacrosanct here; it's the right to be free from government searches without sufficient suspicion. The way this needs to be framed is in terms of the limits of government power. If the government has this type of surveillance power, you may joke about the word "bomb" in your post triggering the FBI's monitoring software, but the chilling effect it has on free speech is the same whether the search was carried out by software or by an authoritarian government trying to control the populace.

To put it another way if we've decided that individual freedom is more important than government control, then this is one of the tools we simply cannot allow government to have. It is incompatible with the notion of government for the people, by the people, of the people. If that leads to the downfall of democracy, then so be it. The sole reason for democracy's existence is as a bulwark against authoritarian government control. If democracy self-implodes in this fashion - because people are too scared of terrorism they democratically choose to give government that authoritative control - then we'll either just have to accept that democracy is conceptually a failure, or we'll have to come up with a new idea for a system of government which respects and protects individual liberty.

Re:The issue is way bigger

[ScentCone]

If the government has this type of surveillance power, you may joke about the word "bomb" in your post triggering the FBI's monitoring software, but the chilling effect it has on free speech is the same whether the search was carried out by software or by an authoritarian government trying to control the populace.

Except in the thought experiment being discussed here, it's not the presence of a key word in your files or communication on a private system like Google's ... it's the presence of a file that would be an exact match for one found in connection to a mass murder (like Paris) in the hands of the murderers, detailing specifics related to that terrorist attack. This isn't you saying "bomb" in an email, this is you sharing a specific document with someone who just slaughtered a bunch of people in a Parisian concert hall.

The sole reason for democracy's existence is as a bulwark against authoritarian government control.

It's not democracy that is the bulwark (in fact, democracy is often how tyrants get their power - through mob rule). It's constitutional republicanism that braces itself against such things. Straight democracy is almost always a very bad idea, and the people who chartered our country knew that (whew!).

Re:The issue is way bigger

But, I would rather that they stop them before the attack takes place.

It's only the small government libertarians that are against this in the tech community. Most of the country doesn't care, and a lot of them would rather the government catch them before they act, even if it means monitoring suspected people and communication.

My device, my email... they work for me

It doesn't matter if i am or not a terrorist. My devices, my email account, my data... they have to work for me, not against me. If google/microsoft/... begins to use these disturbing tactics i'll just switch to a different, non USA-controlled, provider and i'll switch to a non USA-controlled technology. The fact that the search is done by an algorithm instead than a human doesn't change a thing. Mass surveillance is exactly this, and it has to be stopped now, without any possible exception.

Exceptions are a trojan horse, you allow one exception and tomorrow you will have to allow for more. If you can search through all your users data "because of the terrorism" tomorrow someone will scream and demand that the same is done "because of the children" and the day after it someone will scream and demand the same against "copyright piracy" and so on. This has to be killed now, before it erodes more of our privacy. We have already given up more than enough... now it is time to say NO. I don't care if this can save one thousand of lives, i don't care if it can save my life or the lifes of my family... i don't want to live in an invisible jail, and i don't want to prepare this horrible future for my children.

I repeat, if the USA wants to fuck itself more than what it already did with the NSA's dirty tricks... i'll just stop using ANYTHING made in USA, because i simply can't trust you guys. And it is your fucking fault for not standing up against this bullshit and letting idiots take the decisions in your place.

No exceptions, not even for terrorism, not even in life endangering situations. Freedom comes at a (high) price, and i'm fully ready to pay for it if that's what i need to do.

Re: Why just Gmail? How far do you want to go toda

[TheMeuge]

The problem is that this is the precise definition of slippery slope. As attractive as it would be to scan for such content legally, this is not the kind of toys we want the government to have. Would the government as with a foreign enemy, we should be discussing capabilities, not intentions. The one inescapable truth is that any capabilities of a bureaucratic entity are going to be abused. If you don't want the abuse, don't give them these capabilities took begin with.

Re:Why just Gmail? How far do you want to go today

You're thinking too small. They can do draft messages via Tor, mass mail via a temporary account to other use-once-discard emails that are accessed via proxies.

Google is probably doing hashing on a filesystem level, alongside whatever technology mentioned in the Child Porn article someone posted here. It will always be faster to get Google to do your work for you. And when the stakes get higher and we start to sell out more of our freedom for safety, you can be sure these massive companies will be pressured into compliance. One way or another.

Let 'em die

Too many people in the world already

No way

[drolli]

that terrorists figure out how to intentionally create misleading files on their computers and send out such files to 10000 random people in order to jam the system.

so Bruce started working with the DHS a while back

This didn't make the DHS smarter. It only made Bruce dumber.

Let's start with his example: the Paris attacks. The Paris attackers plotted everything using... wait for it... SMS. Just about the least-secure communications system ever devised. About the only way they could have fucked up worse would be if they planned the attacks inside a police station, talking to each other with bullhorns. That's not surprising, of course; the criminal geniuses whose masterplan was "get guns and shoot people with them" aren't going to think of using encryption, decentralized communication, or anything else that even the average slashtard knows how to do.

Now let's move on to Bruce's example. So the police capture or kill a suspect, find his place of residence, find his laptop, his laptop is unencrypted, the terrorist masterplan is just sitting there in plaintext, and... that's it? There aren't any other or better investigative leads? Their best and fastest strategy is to ask Google or whoever to scan all the data of 900+ million users? There's no other evidence on the laptop, no "electronic paper trail" from his online communications, nothing useful in his apartment, they couldn't recover his phone, they can't track the gun he used, they've got *nothing* except a mass surveillance dragnet? The cops just gotta twiddle their thumbs for several hours while Google/Apple/Microsoft/Yahoo/whoever process their request and get back to them? The same terrorist who was so smart he covered all of his tracks was also so dumb he left this vital, identifying, incriminating piece of evidence just waiting for the cops to find it?

It took me as long to read about this idea as it did for me to invent a countermeasure to it. Take some JPEG of a stupid meme, append the terrorist masterplan to the end of the file (or just stick it somewhere in the EXIF data), attach it to an email with the subject line "ch34p V14Gr4!!!!," and use a compromised webserver to bulkmail it your co-conspirators (and a few hundred thousand other people). I'm pretty sure even the dumbest terrorist can manage to download a JPEG, open it with Notepad, and scroll past the gibberish until he finds something he can actually read, and meanwhile the counterterrorism geniuses are working their way through a pool of suspects big enough to populate San Francisco.

This is fucking stupid, Bruce. You're asking me to buy some hypothetical scenario where the perpetrators are so dumb that this strategy would work and yet so smart that this is the best strategy that would work.

Here it is

... a set of instructions for ...

The Japanese attack on Pearl Harbour wasn't unusual; the US Navy imagined exactly that scenario. Similarly, bin Laden didn't predict the damage from flying a plane into a building; recently published novels did that. Also, the US DHS spent a few years discussing every kooky attack vector there was. What exactly qualifies as "instructions" in this description?

It gets worse: The FBI profile for a terrorist includes possessing a Casio digital watch, or a pocket reference to the US constitution. The slippery slope here, is the government can use any criteria to scream "look, terrorist". Everyone forgets the US government has a lot of difficulty dealing with slippery slopes, instead choosing an all-or-nothing policy.

... clear-cut the circumstances have to be ...

These are weasel words like "suspicious people" justifying mass surveillance. How many times has a government stopped every car on a highway and searched it? How many times have the police done a house-to-house search of a neighbourhood? Yet, when that personal 'space' is stored on the hard drive of some corporation, ransacking the 'neighbourhood' is encouraged, which sets a precedent: The corporation is responsible for national security; the hard drive can be searched at any time the government has a problem; plus, the government can push the cost of such ransacking onto the corporation.

Re:Here it is

How many times has a government stopped every car on a highway and searched it?

More often then people think, they call them "sobriety checkpoints"... It's still a warrantless, suspicionless search. And they're fairly common, especially around big party holidays such as New Years or July 4'th.

DHS also runs similar immigration checkpoints on various highways well inside the US, most commonly in the southwest border states of Arizona, New Mexico, Texas, and California, but have been known to set up in other states as well, such as Tennessee...

I remember a couple years ago, a group of us was coming back from lunch and police were set up on the ramp to get onto the highway... stopping every vehicle checking/enforcing seatbelt compliance.

Now, I'm not saying that any of this is legal, in fact I would maintain that despite what the Supreme Court has said (They said that the "substantial government interest" overrode the "negligible impact" on Constitutional protections - Michigan Department of State Police v. Sitz), these actions are all gross violations of the 4'th Amendment. In fact, several states have banned checkpoints on the grounds that it does violate protections against unreasonable, suspicionless searches, and that the benefits are negligible at best.

How many times have the police done a house-to-house search of a neighbourhood?

After the Boston Marathon bombing, SWAT locked down Waterton, MA and went door to door searching for Dzhokhar Tsarnaev. You know what, they didn't find him. The at-large bomber was found after they lifted the lockdown when a resident noticed the cover to his boat had been disturbed and found him hiding inside. Oddly enough, I'm having difficulty finding information on any sort of lawsuits resulting from the search, though there is a lot of discussion about legal precedent, both in what was set then, and previously. Even the ACLU seems to begrudgingly say it was technically legal based on the "exigent circumstances" of the manhunt even though they did not track/chase the suspect to the houses they were searching and thus were casting a very wide, warrantless, net.

Yet, when that personal 'space' is stored on the hard drive of some corporation, ransacking the 'neighbourhood' is encouraged, which sets a precedent: The corporation is responsible for national security; the hard drive can be searched at any time the government has a problem; plus, the government can push the cost of such ransacking onto the corporation.

Precedents have already been set, things like this are just the next step. People sadly seem willing to accept ever growing invasions both digital and physical (TSA Checkpoints), especially if it's either A) for the children, or B) to fight terrorists.

On the flip side, if it's "generate a report of all links to deduped file/blocks with provided hashes" then it can be reasonably argued that they're not actually reaching into peoples accounts, but querying the dedup database. Law Enforcement could then use that as probable cause for proper search warrants. Of course being the SPAM recipient of suspicious files shouldn't be enough by itself. The thing is, providers are already using similar hash matching techniques for things like child porn and DMCA enforcement. So, anyone who keeps a copy of something like the Anarchist Cookbook up on Dropbox for whatever reason, is probably already under suspicion.

Re:Here it is

[SuiteSisterMary]

a pocket reference to the US constitution

Who would want to give the government the power to search through millions and millions of citizen's digital archives in the name of 'stopping terrorism' when they can't be bothered to do a damn thing about a terrorist organization having occupied, by force of arms, Federal facilities?

Bulk scanning of HOSTS file

No APK is safe!

NO WAY IN HELL.

[kheldan]

First and foremost: You think the 'bad guys' haven't already thought of something like this? You really think they're sending out their most secret plans out in the clear, or even sending them out at all? Anyone with half a brain would either encrypt them somehow (either digitally or by more traditional methods), or use stegonography, or hand-carry them, or commit them to memory, not leave a trail of breadcrumbs that any armchair detective could follow.

Second: This would set the precedent to bring about the absolute and total end of even a pretense of privacy for everyone. It would become leveraged for seaches of anything and everything; everyone's lives would in essence be laid bare for any government agency with a half-assed reason for a search. Not much longer after that the private sector would find a way in, and I wouldn't at all be surprised if not long after that, it would be used outright for marketing datamining.

This is a dangerous, stupid idea, and no way in Hell should it ever be allowed to even be so much as discussed as actual legislation.

Re:NO WAY IN HELL.

Not much longer after that the private sector would find a way in, and I wouldn't at all be surprised if not long after that, it would be used outright for marketing datamining.

Not much longer? Stupid me, thought we were there already.

Re:NO WAY IN HELL.

First and foremost: You think the 'bad guys' haven't already thought of something like this?

You'd be surprised at how many of the most impressive criminals got caught by stupid things. Nobody's perfect.

Re:NO WAY IN HELL.

Your second point is by far the more important issue.

Once this methodology is established, in any way shape, or form, then the Three Letter Agencies will demand to have it, except without any of the bothersome 'privacy' or 'human rights' or 'probable cause' aspects. They will demand that and get it, namely the ability to search for anything, at any time, for any reason. And it won't only be done my machines, though machine scanning will probably be the dominant method, purely for practical reasons.

Then the IRS will demand to have it to track down tax cheats, because no one can be in favour of tax cheats, right?

Then the police will demand to have it to track sexual predators and child abusers, because no one supports perverts and abusers, right?

Then Motor Vehicles will demand to have it to hunt down people who drive without a license, because you aren't trying to protect unlicensed drivers, right?

Then the ATF will demand to have it to crack down on illegal hooch, or guns, or cigarettes, because it's illegal and we can't be ignoring such a valuable weapon against such law breakers...

Then...

Meanwhile no one is defending the rights of citizens to live their lives unmolested by power-happy organizations, who are convinced that if only they are allowed just this one trespass against the citizens' lives, the annual report of the bureaucracy will show a 5.3% annual increase in right thinking and clean living.

Already done with Child porn MD5 search

[slashkitty]

http://www.missingkids.com/Exp... and many providers are complying with that. I wouldn't be surprised if google and them would do this to avert more searches.

No - there's no relgiously required clothing

[Bruce66423]

At least not in the practice of many Muslims. Living near a mosque, the range of clothing on the men coming to it ranges from standard Western to obviously ethnic. If they aren't dressing by that standard for attending the mosque, it's clear that they won't at other times.

Re:No - there's no relgiously required clothing

And the women? I know that some sects of Islam allow a woman to not cover her head but those are the more moderate interpretations. My current impression is that the majority, and please correct me if I'm wrong, require a woman to have some form of basic head cover at minimum.

No warrant possible

[Bruce66423]

As the full article mentioned, the Federal prosecutors asked informally about this were uncertain of the legality, And certainly the constraints on warrants of the 4th Amendment - requiring a warrant for each search, i.e. each email address - make it unconstitutional. So it's down to the companies.

Google already does this anyway

[l0n3s0m3phr34k]

It's an established fact that Google already does this for child pornography. This became public back in 2014. So it's not much of a stretch to move into scanning for this. Some would call it a "slippery slope", but that's the world we find ourselves in.

A slippery slope but one we will need to traverse

[mm4902]

As the world gets bigger and bigger and certain nooks and crannies of the Internet concentrate and amplify violent ideologies I think this kind of bulk scanning will be necessary, Google already does it for business so maybe we should allow them to do it for public safety. I think regardless of what we do this will happen and we can either jump on the bandwagon and try to steer it in the right direction or let it careen down the hill in the control of the corrupt and elite. The biggest problem with the NSA in my opinion is transparency, yes they definitely crossed some lines but their biggest transgression against the American people and the entire world was hiding what they were doing which allowed gross misuse of the power they had. I've always said that technology is going in a dangerous direction and the reason is because only a few people understand it and fewer care that it is. We need a greater conversation with the general public. This idea applies to politics, privacy, technology, and society as a whole.

What if it was printed

Or there was evidence it was printed 20 times. Do we search all homes in the country to see if anyone is in possession of the document.
In my mind each of these hypothetical searches is what they call in the US (or used to) unreasonable search and seizure.

These hypothetical situations are the tools that the over-zealous government security technocrats use to attain power. Power for mass surveillance, power to detain without warrant, power to torture, power to kill. They have done them all, because we let them. They are nearly as bad as the terrorists, and their legacy will be longer lasting.

Only after the government proves it's not corrupt

[schwit1]

Hillary and wall street bankers in jail would be a start.

Threshold - reasonable grounds to believe vs suspe

This is a reasonable approach. This could be done by hashing the files and comparing the hash values. Have a judge approve the hash value match search and you are good to go. The process could be automated with a e signature signature by the Federal court. It would withstand a legal test. It is not a general search, it is specific. Nice idea Bruce.

Search without warrant is still bogus

"Surely Google has the ability to run a search of all Gmail inboxes, outboxes, and message drafts folders, plus Google Drive cloud storage, to see if any of its 900 million users are currently in possession of that exact document. "

Sure, they probably do. However, before you search an individual's files, you still must have probable cause to believe that specific individual is involved in criminal activity, at least so says the 4th Amendment, in theory.

Key Factor

[ZPO]

The huge key factor in the linked article is "warrants."

Rather than a mass collection of data on the off chance some number of things in the data might be useful sometime, this is a very targeted search for a very specific document discovered via a search with a properly issued warrant. There are checks and balances in the system for reasons. Currently, things have swung to far to "collect everything in case we need it!" On the other side of the spectrum is "Collect nothing. Privacy is absolute." Somewhere in the middle is the appropriate area that balances the needs of societal protection against individual privacy rights. That pendulum will always swing. Wherever it happens to be, some group will always be unhappy.

For once, the T&Cs are useful

On its face I still see it as a search -- the government going through your belongings to see if you have something they think you have. In real-world cases (e.g. a case where the authorities are trying to find a physical possession, like the murder weapon), asking to search an overly broad scope (e.g. search every apartment in a complex to see if the weapon is in one of them) would be considered a fishing expedition. If the vast, vast majority of Gmail inboxes don't contain the information they're looking for, it's a fishing expedition, and it doesn't make one difference 1) how easy it is to do or 2) who actually performs it. ...but here's the catch. What do the T&Cs of service say? If Google had/has a clause in the agreement stating that they can go through your inbox whenever they please and for any reason, well, then the "search" becomes a lot easier to justify. It would no doubt cause some loss of trust, but legally Google would be in the clear. The worrying part, and the *real* slippery slope, is not the scope of the searches in that scenario, but the venue. Competing services may not have such clauses, but what if the government leans on them to add them? What if other services, even non-Internet based ones, start to become complicit as well?

Terms of the Hypothetical

To be sure you did a meaningful search you would have to search all the titles of all the documents but also all the contents using deep packet inspection. If anything was encrypted the encryption would have to be broken. As a hypothetical it raises interesting questions but can it be done in a meaningful time frame. Also all the other data created by such a search could and probably would violate the privacy of tens or hundreds of millions of people.

Re:Terms of the Hypothetical

Probably a smaller time-frame than you think. Do you have any idea why quantum computer and higher CPU frequencies have not been available to the general public for several decades now?

Mod parent up.

[khasim]

Would the government as with a foreign enemy, we should be discussing capabilities, not intentions.

To be clear on this ... while you may trust President A not to abuse this, that means that you must also trust Presidents B, C, D, etc. Eventually there will be someone elected that you really do not agree with.

And that person will have all the authority you supported for the people you did agree with.

And none of the inhibitions on abusing that authority.

Re:Mod parent up.

To go further, the issues we have with NSA taking steps to obliterate any privacy of citizens today is already proof that even small steps in this direction over time lead to large cliffs. The rationalizations they are using today would have never flown 30 years ago, but after layering crack after crack in the system it is now to the point where it is hard to shut them down.

Is to OP working for the NSA?

Hell no!

Once that ability exists, and you set the precedence that A government can order such a search, then ANY government can order such a search. Arguments such as this are always based on the benevolence of the government, and the clear evil of the persons to be searched. In real life, the situation is likely to be much different. Think China, or Saudi Arabia. Think any government that argues it is not torture unless it causes actual lasting injury.

USSA

[quintessencesluglord]

Supposedly the USSR had copy machines etched so that it was possible to track down the source of aberrant materials. A means of tracking is also done with consumer copiers in the name of reducing fraud, but there is no law restricting it solely to that use.The Federalist Papers would be an anathema today.

Exactly how much further down this rabbit hole do we want to go? Yes, it is fine and good that these measures will only be used with the best of intentions, but if the difference between a police state and your liberal democracy is intentions, you are already fucked.

Re:USSA

[Groo+Wanderer]

This is done in the US with all printers, copiers, and just about anything else that can produce digital output. They are all watermarked with the printer info, time and date, plus likely other stuff encoded in (usually) yellow dots all over the page. The EFF had a decryption project for it, not sure how it ended up but the landing page is here:

https://www.eff.org/issues/pri...

Re:USSA

How's that work for a b&w printer?

Re:USSA

[shione]

You have to find a color blind person to take your cash.

Re:USSA

yellow dots all over the page

Ha! That explains the Hollywood color tint!

Re:USSA

[shione]

They actually do do this with Hollywood movies too. They put dots in the prescreenings that they give to reviewers so if someone records it with a camera etc, the MPAA or whoever can id the source of the leak.

It wouldn't work anyhow

[msobkow]

Such a search only "works" in the minds of a few people because they have a navel-gazing mindset that presumes all data is managed by a select group of companies they know about, and which are hosted by one country (usually the US in these narrow-minded viewpoints.)

In reality there are hundreds of thousands of service providers around the world, and you'd have to scan them all. Even Google mail is a drop in the bucket compared to the oceans of emails floating around the world.

false question

[sribe]

The entire point of this is to first convince many people to say "why yes, that does seem reasonable" then advance to "but we can't do it if service providers use secure encryption, and that's why we must be provided back doors"! Granted, most email is not stored encrypted with the account owners' public keys, but that's what this "hypothetical" is about, require back doors, then apply that to all stored communications, not just email.

Slippery slope

In theory, I'd be OK with the example search. A search that's limited to an extremely specific document done on an emergency basis and for an immediate, exigent purpose. Possessing a document can only be one piece of evidence to garner a warrant, however, and can't be the only thing you have against someone (so easy to troll and name people in imagined plots)...

It's an incredibly slippery slope to get to things deemed immoral, relatively petty infringements... I'd love to believe setting a prohibitively expensive cost would deter some abuse, but the people / systems most likely to abuse them have the most to burn.

No because it would be illegal

And for good reason. That's searching private property.

no

would you run the search?
No.

But then some people might in theory maybe die right?
Yes.

Does that bother you?
No, freedoms aren't free.

Re:Why just Gmail? How far do you want to go today

[KiloByte]

Which is a strong reason to never use gmail or the likes.

Some file systems checksum files anyway.

[dsmatthews9379]

No need to go into accounts if the files are in a form that is protected by a checksum you just need to flag all the owners of files that have that checksum in their file-system metadata. No innocent accounts are ever looked at. However it would be appropriate to get a warrant for every single account that got flagged before conducting a more direct investigation. So how is this a bad thing, the innocent are protected and their privacy is never compromised.

Humans and Risk

If it's okay to search for one document that is related to a crime because many people died, then why would it not be okay to search for many documents related to many crimes that kill far more people? Further, what about rape? Or jay walking?

To bend to the will of the notion that terrorist attacks are spectacular events that require spectacular policies misses the point of our justice system. It's meant to try individuals, not groups. There's clearly nothing that a search could lead to which would lead to justice for individuals.

PS - If you care to bring up the point that Google and others already scan for child porn, that rather proves the point. 99% of said child porn is not of abuse where the perpetrator is unknown but a means to try to root out others who see/trade known child porn to find new, unrelated abuses. Yet nine times out of ten, they find people who ONLY view child porn and aren't abusers. Could it be that (1) those who abuse infrequently record their abuse, (2) even fewer share their abuse pictures/videos, and (3) those who are actively abusing have little want to seek pictures/videos when clearly they're willing and able to find and abuse children? Yet if we cast a big enough net, we'll find a few abusers and we consider all people involved to be subhuman, so who cares if justice isn't served. The same way with the drug war. Unless you're famous (for both) or rich. Justice.

Re:Why just Gmail? How far do you want to go today

[currently_awake]

It is reasonable to assume the NSA monitors all email traffic, so they would know who got copies already. The US Constitution requirements for a search warrant appear to exclude searching "everyone's mailbox" as a viable warrant, so your proposed search can't be legal. Would the police have to prove the file was important to their investigation or would you take their word for it? The US government has worked hard to destroy their credibility, but I don't know about the government of France.

So if I commit a crime

[future+assassin]

and write about it on my lap top surely because Google can do what they can do, they should let the gov/police access to all Google services that are used by my family, friends, co workers and neighbors? Crack pot much?

Terrorism is a crime just like any other and authorities should only have enough power to investigate it like any other crime.

"Suppose" -- is key

[jopsen]

"Suppose a laptop were found ..... a file on the laptop that's a set of instructions for carrying out the attacks."

This is a hypothetical.

It's pretty easy to encrypt your way around this. You can use a different IV for every co-conspirator...

The likelihood of this being useful, cost of implementing something like this, and ease of subverting it; all brings me to the conclusion that it won't be worth it.

The money is better spent saving lives by other means.

It's kind of like the DRM discussion: You can't distribute videos without people copying them (you can make copying harder, but really you just make your product more error-prone).
Similar here, you can't stop two trusting parties from talking in secret (you can make it harder, but really you're just making your product more complex and error-prone.. Not to mention the enormous risk of making your product less secure).

In both cases you put in a lot of engineering effort into making a product that is defect by design.

Re:A slippery slope but one we will need to traver

[currently_awake]

The biggest problem with the NSA is transparency? How about they are not doing their job? They intercept and record all emails and sms messages, but they couldn't catch the Paris attackers. Even though several of them were on watch lists, and they openly planned their attack over (plain text) text messages.

Re:so Bruce started working with the DHS a while b

It always amazes me how stupid can people be. The terrorists sent one final "go" by sms, which magically becomes "plotted everything using [...] SMS".
But by all means continue, don't let facts get in the way of a nice demonstration.

1st Ammendment

I would put free speech and privacy ahead of all other concerns. You know, so that I'm not "terrorized" and so that the terrorists aren't winning.

Never go full Retard!

Those that are smart enough to use online drives / file sharing / e-mails, etc, are more than likely smart enough to compress in different ways, use different encrpytion keys, and otherwise obfuscate the files so that the "fingerprint" doesn't match anything else.

Seems these folks ignored long standing advice and gone full retard.

Re:Adult opinion

Sorry there bub, but you're an idiot.

The Constitutional amendments are "not up for debate".

They are absolutes with absolutely zero lee-way, zero tolerance, zero loopholes.

Anyone trying to say / cajole / convince otherwise is a fucking traitor to this country and is a Constitutional Terrorist that needs to be put down hard and permanently.

Why is this a hypothetical???

These types of searches happen all the time. Google even publishes statistics about how many requests it gets each year or whatever.

Make it impossible

If I ran such an email system, I would modify it to make sure such a search was not actually possible.

get a warrant. meet the minimum test.

[swschrad]

all kinds of searches are possible when a judge grants a search warrant. over the phone.

"hotel search" on a computer

[martin-boundary]

If a criminal is apprehended in a hotel room, do the police have the right to search all other rooms in the hotel as a result?

NO

Let me be perfectly clear. Clinton / state department was collaborating with ISIS and Al Qaeda in Benghazi, which ultimately got that diplomat killed. Everything those guys have ever said over the last few decades has been one big pile of lies. Since "terrorism" is one of their key claims to power, and since they are so willing to use these key words to undermine our civil liberties and everything we've got going for us (including conspiring with enemies of the people), I'm not willing to help them on any claims. I'll deal with any terrorists when they show up.

Pointless Question

This is a rather stupid hypothetical debate. Google and others already scan our files and check databases. How the hell do people think they get copyright notices from files in Dropbox, 4shared, etc? Microsoft even created an amazing program essentially creates the digital equivalent of STR analysis in forensics. It breaks up a file and hashes the parts. By doing so even if a person changes the file in parts there is likely to be enough unchanged to be sure that the files are basically identical. This is how Microsoft helps catch pedophiles. It makes it where changing a single pixel will not make the file appear innocent.

Suck it

[roman_mir]

I would tell the government to suck it. Governments created terrorists, AFAIC governments are terrorists. ISIS and such are nothing at all until governments (mostly western) create them.

Re:Why just Gmail? How far do you want to go today

This is just government types looking for more ways to get into civilian networks. If you give them an inch, they will take miles.

They can't even defend their own networks - they don't know what they are doing. They will be more trouble than they are worth. They will increase expenses and disturb business routines. They will demand your time doing questionable and mostly useless searches. They will demand administration rights to your servers. They will threaten you with prison time for not cooperating or just about anything else they feel like.

In the end, it's not about protecting anyone. It's about making them secure in their jobs. Just look at what they keep saying now about the constitution - for the love of all that is holy, they view anyone mentioning the constitution as a terrorist. If you can't trust what they are saying when they swear an oath, when can you trust them?

Re:A slippery slope but one we will need to traver

Is Paris in the America? And guess what, now that Snowden and the media know that they are being watched, they are taking steps to avoid detection now.

Thanks.

Regular mail

[CanadianMacFan]

Would they be able to check everybody's regular mail at a sorting facility if they found that the document had been printed out, a box of envelopes with some missing, and a pack of stamps with some of those missing too and the investigators assumed that the suspect mailed any copies so that they would be at the facility at the time of the search?

"Briefest touch" search is still a search

[shawn2772]

It doesn't matter if the search is only "the briefest of computerized 'touches' on their accounts", it's still a search of the modern equivalent of the "papers" of nearly a billion people. The government may not rifle through the papers of a billion people because they suspect that a handful of them may possess an incriminating document. Absolutely not. And neither can they compel a private company to do the rifling for them.

No.

It is NEVER appropriate to search without cause. Period.

This is some John Bauer "but there's a bomb!" bullshit here. We spent so much effort getting rights drafted and protected, and we throw them out for special cases?

It's never right to perform an evil act, even in defense of evil acts. But, I suppose, we lost sight of that somewhere in 2001, didn't we? Patriots don't act this way.

Re:Why just Gmail? How far do you want to go today

Perhaps because gmail 1) forces all Android phone users to sign up, 2) sneakily copies all your email from other accounts if you decide to read mail on your Android phone (gmail consolidates your email for your convenience) 3) Even if you have nothing to do with gmail, but you send an email to a friend who does use gmail, then *your* email will be searched by gmail without your permission.

Google is one of the worst offenders when it comes to spying on people without those people realizing it or being easily able to do anything about it.

Get a warrant first.

without a warrant, there is no oversight.

Defeats the purpose?

[skaag]

Wouldn't publicly establishing such a policy mean that real terrorists will know to avoid such detection techniques?!
I mean wouldn't that defeat the purpose?

Re:Why just Gmail? How far do you want to go today

[KiloByte]

Up to recently, SMTP traffic had only opportunistic encryption, ie, was trivially readable by any attacker. But fortunately, most server software gained support for DNSSEC/DANE, which, while not perfect, is _massively_ more secure. Unlike breaching CA-cartel certificates, breaching DANE pretty much requires suborning the TLD the target uses. Thus, as competent admins configure their MXes for DANE, bulk monitoring of email traffic shuts down.

On the other hand, any government with some clout has warrantless access to big email providers. So for now, we need to use small or individual mail servers.

What do speed and ease have to do with it?

There seems to be tremendous weight given how quickly and easily such electronic searches can be carried out, and whether the subject of the search is inconvenienced or even aware of the search. But does the fact that Google can do this search with a "light touch" matter in the slightest? Say the hypothetical was about a locating physical terroristic devices which communicate, say, via NFC or Bluetooth. Would it be OK for the government to perform a broad, indiscriminate search for these devices by sending robots into everyone's home and office to locate these devices? Let's say they can do this in a way that nobody is inconvenienced. It feels much more like an invasion of privacy, yet it's really exactly the same scenario as Zittrain proposed, only impractical and likely to be noticed. But neither of the latter factors should come into play when judging whether an action is an invasion of privacy.

Re:so Bruce started working with the DHS a while b

"The Paris attackers plotted everything using... wait for it... SMS."

Communication medium doesn't matter much, they were probably using coded phrases or words.

"Puppy ready for pickup, appt at 10"
"Puppy ill, will reschedule"

Could be a go code and the corresponding abort. As long as you phrase it to be similar to common usage, you can't pick this stuff out from the noise.

Practicalities...

[lythander]

Aside from the abominable intrusion of privacy this amounts to (because an action is a crime, not a belief of a sympathy)...

I work in security for a large company that uses gmail as its corporate email.

When we receive phishing or malware-containing emails, along with a robust response, we work with our admins to have the emails removed from the mailboxes of the recipients (better safe than relying on every user to not be an idiot.) This is enormously time-consuming, difficult, and all this on what one can only assume is a tiny fraction of over-all gmail. So let's call it impractical.

So where do we go from there? Well, naturally if you'd like better searching capabilities, we should index all the email, all the files. "Pre-search," as it were. I'm sure we'd all be happier with that.

Wait. That's what the NSA was already tasked to do by the US government. And we all lost our shit about it. And for good reason. (And BTW, the NSA, who has a ton of experience and lots of very smart people in this area, never managed to make this terribly illuminating.)

Simple principles show the way...

[bobwyman]

A warrant to search cloud files should only be issued if a similar warrant could be issued for the homes and offices of all those who files will be searched.

Given that few governments would be able to issue warrants to search all the homes and offices in their territory, cloud warrants should not issue.

One's right to privacy should be independent of the location of private data.

This isn't hypothetical

The FBI already distributes hashes of child porn files because virtually everyone agrees that no one should have them, and all major ISPs and hosting providers check their customer data against those hashes.

Or..

Don't forget the old standby: secret police.

This is why...

We have judges and warrants. Let a judge decide.

Re:Why just Gmail? How far do you want to go today

It is reasonable to assume the NSA monitors all email traffic, so they would know who got copies already.

I'm pretty sure you don't have to make any assumptions about that -- that's exactly what's been going on for some time.

You're an NSA shill

Oh and let's say we widen the search parameters, you know, just in case the original document was edited (presumably by the co-conspirators) to update the attack plan.
And then let's say we weren't sure that the document wasn't also uploaded to yahoo, hotmail (yes it's still around), dropbox or any other number of websites.
And then let's say that perhaps the document was split into sections relevant only to each co-conspirator and then SMS'd to them, so let's scan every mobile phone in the world, you know, just in case.

Fuck off you NSA shill

CAPTCHA: sanction

Nothing on the internet is private.

[darkfuture]

Where did anyone get the idea that information located somewhere on the internet is private? All the people commenting here are acting as if their data, help by a third party, is private and protected; it is not. Anything that you do on the internet can be easily viewed by various people. If you send plain text or images on the internet, someone can see it if they wish to. If you want privacy, you encrypt your message or use an application with, end to end encryption, that you trust. However, if a message could put you in jail, would you trust it to a third party?

The privacy that you think that you have now is only privacy by obscurity. The perception that you have of privacy is only that, so far, nothing that you have done has been shown to people other than the intended audience.

I have been using computers for a lot longer than the internet has been public. In the BBS days, anything that you do is visible to the BBS owner, they could watch you in real time. When I first started to use email, I knew that anyone at my isp or webhost could easily read my messages. Other people could, with greater effort, see my data if they really wanted to. If I want fair privacy, I use the phone, if I want more privacy, I speak in person.

I don't see the big deal about searching data help by third parties. Terrorist plots will not be found this way, except for very stupid terrorists. When I see law enforcement calling for spying on everyone as if it was the holy grail of police work, I just think that they must be incompetent.

Re:Why just Gmail? How far do you want to go today

[david_thornley]

What constitutes a search? Does it require consequences or an actual human? The idea here is that email accounts and the like will be automatically scanned for a certain document, which is going to be considered grounds to investigate and which may help make up probable cause for a warrant. Also, this wouldn't be a scan of email on individual users' machines, and the law is at best unclear on what can be searched on system A because person B is suspected.

We're not going to know how this works legally in the US until we have some legal interpretations making up case law.

This may be happening already ...

[RockDoctor]

Firstly, the discovery of such an incriminating file would be kept EXTREMELY quiet by the investigation team. Possession of the file would then be "guilty knowledge," and action for further investigation.

Then, you ant to look for copies of the file in circulation. This is what virus scanners - at both individual computer AND at the gateways of large service providers are for, and do. So, either through a tame person at major virus vendors, or by crafting a version of the file that contains a piece of malware, you "inform" the virus industry of this particular file, with this particular fingerprint / set of heuristics, etc. Get those into the regular updates of the major anti-virus providers, and you should get alerts from the existing systems if the file is passing around.

And you still don't announce it. This information comes out at trial, if then.

Third Party Doctrine

[Agripa]

The data was voluntarily handed over to the service provider so it can be seized and searched at any time. As a practical manner, the government is going to do this anyway whether they say so or not making "should" and "legal" irrelevant despite laws like the Electronics Communications Privacy Act. If you want anything sent over the internet to remain private, encrypt it.

https://en.wikipedia.org/wiki/...
https://en.wikipedia.org/wiki/...

Note that encryption does *not* create an expectation of privacy. If the government can seize the data, then there is nothing to prevent them from decrypting it if they can.

http://papers.ssrn.com/sol3/pa...