Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Tool To Allow ISPs To Scan Every File You Transmit

timothy posted more than 4 years ago | from the in-case-they-run-out-of-human-tools dept.

Privacy 370

timdogg writes "Brilliant Digital Entertainment, an Australian software company, has grabbed the attention of the NY attorney general's office with a tool they have designed that can scan every file that passes between an ISP and its customers. The tool can 'check every file passing through an Internet provider's network — every image, every movie, every document attached to an e-mail or found in a Web search — to see if it matches a list of illegal images.' As with the removal of the alt.binary newgroups, this is being promoted under the guise of preventing child porn. The privacy implications of this tool are staggering."

cancel ×

370 comments

Sorry! There are no comments related to the filter you selected.

Probably just for P2P (5, Informative)

clang_jangle (975789) | more than 4 years ago | (#25406045)

FTFA:

Here's how CopyRouter would work, according to the company's slide show: A law enforcement agency would make available a list of files known to contain child pornography. Such files are commonly discovered in law enforcement raids, in undercover operations and in Internet searches that start with certain keywords (such as "pre-teens hard core"). Police officers have looked at those files, making a judgment that the children are clearly under age and that the files are illegal in their jurisdiction, before adding them to the list. Each digital file has a unique digital signature, called a hash value, that can be recognized no matter what the file is named, and without having to open the file again. The company calls this list of hash values its Global File Registry.
Whenever an Internet user searched the Web, attached a file to an e-mail or examined a menu of files using file-sharing software on a peer-to-peer network, the software would compare the hash values of those files against the file registry. It wouldn't be "reading" the content of the files -- it couldn't tell a love note from a recipe -- but it would determine whether a file is digitally identical to one on the child-porn list. If there were no match, the file would be provided to the user who requested it. But if there were a match, transmission of the file would be blocked. The users would instead receive another image or movie or document, containing only a warning screen.
The makers of CopyRouter claim that it can even be used to defeat encryption and compression of files in the Internet's Wild West: the peer-to-peer file-sharing tools such as Gnutella and BitTorrent.

This will cause huge latency issues and cost beaucoup bandwidth. ISPs would be shooting themselves in the foot if they did this with all traffic. OTOH, I could see laws requiring such tools for P2P traffic -- in fact that may well be inevitable, with the **AA's "ruling class" status these days.

Re:Probably just for P2P (2, Insightful)

zoward (188110) | more than 4 years ago | (#25406069)

On the flip side, having this would in place could potentially make you liable for the material your customers are transmitting. So much for common carrier status. If I were an ISP I'd be fighting this thing tooth and nail.

Re:Probably just for P2P (4, Informative)

Anonymous Coward | more than 4 years ago | (#25406289)

The parent is an example of typical slashdot idiocy. ISPs aren't common carriers. Though my karama will end up a smoking crater for breaking with the established GroupThink, so I'm making this post anonymously.

The immunity ISPs currently enjoy in the US come from various other safe harbor laws (i.e. Â230; DMCA). The constant slashdot drone of "ohhh.. ISPs can't suppress my free speech: common carrier common carrier!" is both entirely incorrect and dangerous, since it causes the geek squad to under-estimate the risks and the importance of things like net neutrality.

Re:Probably just for P2P (4, Insightful)

negRo_slim (636783) | more than 4 years ago | (#25406123)

This will cause huge latency issues and cost beaucoup bandwidth.

A soft touch with this would yield far better results depending on your intent. I would imagine an ISP that is sick and tired of certain traffics could utilize a system like this to start taking a closer look. Catch a few token users and then you have a excuse to throttle/monitor/block at will. I mean think of the children! What worries me is that with so many computers doing the bidding of people other than their owners, who knows what kind of traffic is being exchanged. Seems like an easy way for law enforcement to take a closer look at an individual... I've come across very questionable images via Google from rather inane, yet obscure, search queries. You could be one Russian rickroll away from the authorities and those around you having some nasty suspicions in their head.

Re:Probably just for P2P (2, Insightful)

electrictroy (912290) | more than 4 years ago | (#25406395)

I can see one way this might be abused - to eliminate political enemies. "Well Mr. Smith's ISP reports he downloads copies of "Playboy's College Girls". Is this really the man you want to be your next state represenative???"

Re:Probably just for P2P (3, Insightful)

PunkOfLinux (870955) | more than 4 years ago | (#25406595)

If my ISP told my opponent what porn i watch, they'd be sued. To the GROUND.

Re:Probably just for P2P (5, Insightful)

dat cwazy wabbit (1147827) | more than 4 years ago | (#25406775)

You would still lose the election.

Re:Probably just for P2P (5, Funny)

Pax681 (1002592) | more than 4 years ago | (#25406843)

You would still lose the election.

but would he lose his erection?

Re:Probably just for P2P (1)

Ethanol-fueled (1125189) | more than 4 years ago | (#25406669)

Let 'em implement that system temporarily and let those greedy squabbling idiots known as the legislative branch congress swift-boat each other out of office.

Re:Probably just for P2P (1)

Threni (635302) | more than 4 years ago | (#25406717)

IMIANAL* but that sort of person could be a worse choice than some of the freaks we've currently got, and that's without even having to explain which country my brave and intelligent leaders lord over.

*I'm not into anal.

Re:Probably just for P2P (1)

retchdog (1319261) | more than 4 years ago | (#25406939)

Uh, I think you missed the first "N" for "not".

Or is this what they call a Freudian slip...?

Re:Probably just for P2P (4, Funny)

Fulcrum of Evil (560260) | more than 4 years ago | (#25406737)

"Well Mr. Smith's ISP reports he downloads copies of "Playboy's College Girls". Is this really the man you want to be your next state represenative???"

What, am I going to not vote for him because he watches boring porn?

Re:Probably just for P2P (2, Interesting)

Achromatic1978 (916097) | more than 4 years ago | (#25406885)

Could be worse, could be Girls Gone Wild a bunch of semi-consenting drunken teenagers showing their breasts. "Here's my boobs!" Daddy is proud, I am sure.

Re:Probably just for P2P (5, Interesting)

Hyppy (74366) | more than 4 years ago | (#25406483)

Even better... What happens if you send traffic to a user with one of the "bad files" in it? They don't need to have a connection open in order for you to send a jpeg to them. Even if the user's computer simply drops the unknown data, the ISP will pick it up in their scan. If all the software does is scan the hash values of images transferred over common protocols, I seriously doubt that it goes and checks to see if the user actually REQUESTED it before crying foul.

One step further: make a file that has the same hash value of a "bad" file. This is trivial, especially if the file doesn't need to be valid for any application. If all that is checked is a hash of the traffic, then the actual contents of the file are meaningless.

So, this software will allow law enforcement to ruin your life (any implication crime involving sex and/or kids will do that, guilty or not), by simply seeing an unknown party send you a block of unintelligible data that happens to have the same hash as "pr0n." Great.

Anyone up for making an automated hash-spoofing packet forger? I'm sure something similar has already been done. With the speed of current connections, one could probably get the entire human race indicted for child pornography in under a week.

Re:Probably just for P2P (0)

Anonymous Coward | more than 4 years ago | (#25406163)

I fucking e word beaucoup.

It literally makes me physically angry.

Re:Probably just for P2P (1)

pal3f (1094703) | more than 4 years ago | (#25406383)

IANAL, but it seems to that it would be a form of prior restraint (and therefore contrary to the 1st Amendment) for a law enforcement agency to declare that an image is illegal. They could charge someone for possession and/or transmission of it, but it seems to me that declaring something illegal like that at least requires a judicial determination. Of course, I'm assuming the Constitution is still in effect.

Re:Probably just for P2P (2, Insightful)

liquidpele (663430) | more than 4 years ago | (#25406397)

Actually you're wrong. It depends on how it does this. For instance, the file scanning capabilities of Fidelis appliances have no bandwidth slowdown because they simply copy the traffic to analyze but never hold packets. As for analyzing the files, most of the better products use signatures made from parts of files, so you don't need the whole file to analyze, you can do it part by part as it streams past.

There are a ton of possibilities in doing this type of thing, and I don't know how this company's software works, but believe me when I say it could definitely be done.

Re:Probably just for P2P (2, Insightful)

Anonymous Coward | more than 4 years ago | (#25406405)

"Each digital file has a unique digital signature, called a hash value, that can be recognized no matter what the file is named, and without having to open the file again. The company calls this list of hash values its Global File Registry."

Wait a second. Hash value? I sure hope the law enforcement people have been told about hash collisions [wikipedia.org] ! I know it's unlikely in a large binary file like images or videos, but, taking one example, md5 hash collisions and ways to find them do exist, and it's inevitable that this fact about hashes could be put to some pretty nefarious uses (e.g., poisoning traffic with legal files that happen to yield the same hash as illegal ones).

And then, of course, there's encryption or other techniques which could be used to obfuscate traffic to the point it wouldn't work.

Quite apart from the awful possibility of a tool that would monitor traffic for all images and other files, I'm not even sure it would work as intended to catch the bad guys. Once they know it exists it would be easy for them to avoid. Sounds like a big waste of money.

Re:Probably just for P2P (3, Informative)

Klaus_1250 (987230) | more than 4 years ago | (#25406585)

Hash Values are useless anyway; change 1 pixel in an image and voila, new hash. They could use loose hashes as used for Spam-filtering, but the chances for collisions are higher.

The other issue is of course, it won't work on encrypted connections. It might not even work for obfuscated connections. AFAIK, Authorities are seriously shooting themselves in the foot using these techniques. They will only drive CP and others further underground, to a point that finding and prosecuting the bastards becomes too difficult and expensive.

Re:Probably just for P2P (1)

Achromatic1978 (916097) | more than 4 years ago | (#25406905)

hash collisions! I know it's unlikely in a large binary file

I thought with the premise that MD5 and friends are based off, that hash collision possibility is not related to size of source.

Re:Probably just for P2P (1)

Firehed (942385) | more than 4 years ago | (#25406421)

Looks like this does nothing to address encrypted traffic, it's just matching files transmitted in plaintext to a database of MD5/SHA1 hashes. Actually knowing the level of incompetence demonstrated by most enforcement agencies, probably something that generates a 40-bit hash or so, just to ensure as many collisions as possible.

So bring on net-wide encryption.

change 1 bit and the comparison fails? (1)

petes_PoV (912422) | more than 4 years ago | (#25406473)

but it would determine whether a file is digitally identical to one on the child-porn list

So if this thing does perform a hash on a file, then changing one small part of it would completely alter the result. Presumably there's more to it than that - otherwise anyone wanting to post an image (that was on a list - there's nothing that limits this to kiddie porn) would make a near-identical copy and the whole detection system becomes worthless.

Re:Probably just for P2P (4, Insightful)

CodeBuster (516420) | more than 4 years ago | (#25406927)

The makers of CopyRouter claim that it can even be used to defeat encryption and compression of files in the Internet's Wild West: the peer-to-peer file-sharing tools such as Gnutella and BitTorrent.

What are they going to do? Detect and Man in the Middle [wikipedia.org] every single connection attempt that goes through their router? The file sharing tools will simply upgrade to stronger encryption, such as AES [wikipedia.org] , and harden the connection handshaking against MITM attacks (perhaps by introducing public key infrastructure with well known key server(s)). It was my understanding that the present crop of file sharing tools provide obfuscation (ROT13 and the like) and not real encryption to set the bar just high enough to prevent packet inspection. However, it would not be difficult to implement stronger encryption methods (if they haven't done so already), should that prove necessary. In fact, the CopyRouter folks are at a distinct disadvantage in any encryption arms race since MITM and other cryptanalysis techniques are much more computationally expensive than the encryption itself AND the users outnumber the routers by thousands or even tens of thousands to one. The NSA might more credibly claim to be able to do this, but they have acres of underground super computers consuming as much electrical power as a small country, so I am very skeptical when anyone claims to be able to "defeat encryption" and doubly so when a private company mentions it as a bullet point in their power point presentation. It is more likely that this is a private company trying to sell a pig in a poke to ISPs and governments who don't inspect the merchandise to carefully or don't know any better.

A possible demise of goatse? (1)

IMightB (533307) | more than 4 years ago | (#25406047)

This could have an upside....

Re:A possible demise of goatse? (2, Funny)

negRo_slim (636783) | more than 4 years ago | (#25406193)

Goatse? That might as well be a default Windows wallpaper once you've seen Mr. Hands [encyclopediaofstupid.com] .

Re:A possible demise of goatse? (0)

Anonymous Coward | more than 4 years ago | (#25406237)

But its so fun when someone who has never seen it before... see's it...

shockingly, this is still the case.

Re:A possible demise of goatse? (1)

interploy (1387145) | more than 4 years ago | (#25406499)

The thought of the goatse guy being the goatse kid just made it ten times more horrifying... I'm not sure whether to curse you or applaud you.

Welcome to Soviet Earth (0)

Anonymous Coward | more than 4 years ago | (#25406051)

Where Global Big Brother Watches YOU!

Scan This... (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#25406071)

Scan this... fuck you.

Starts with porn... (2, Informative)

Izabael_DaJinn (1231856) | more than 4 years ago | (#25406109)

ends with the MPAA and RIAA suing you for your mp3s and .mpgs.

Re:Starts with porn... (2, Funny)

Goldberg's Pants (139800) | more than 4 years ago | (#25406197)

MPG? Have you been in a coma for the last eight years or so? I honestly haven't come across an MPEG file of a movie since the late 90's!

Re:Starts with porn... (3, Informative)

KillerBob (217953) | more than 4 years ago | (#25406305)

You probably have, but they're usually encapsulated in a container format like AVI or MKV. :)

Re:Starts with porn... (2, Interesting)

travbrad (622986) | more than 4 years ago | (#25406445)

Or if you've watched a DVD. .VOB files are basically just MPEG2 with some extra data for menus, chapters, etc

Re:Starts with porn... (0)

Anonymous Coward | more than 4 years ago | (#25406449)

Or .ISO. You know, like DVDs.

Re:Starts with porn... (0, Troll)

Anonymous Coward | more than 4 years ago | (#25406547)

ISO is a filesystem file you dumbass.

Re:Starts with porn... (0)

Anonymous Coward | more than 4 years ago | (#25406479)

"I honestly haven't come across an MPEG file of a movie since the late 90's!"

Have you ever rented/purchased a DVD? Those VOB files are MPEG-2.

Re:Starts with porn... (0)

Anonymous Coward | more than 4 years ago | (#25406675)

Way to look cool, Poindexter. I enjoyed reading the board correct your stupid fucking ass.

Huh? (4, Insightful)

LoRdTAW (99712) | more than 4 years ago | (#25406113)

"The tool can 'check every file passing through an Internet provider's network -- every image, every movie, every document attached to an e-mail or found in a Web search -- to see if it matches a list of illegal images.' "

How exactly is this going to be accomplished? The equipment cost must be staggering and would consume allot of power. Way to conserve electricity, I thought we were trying to reduce the amount of power the Internet consumes. Does also this remove the common carrier status of ISP's?

I hope this never comes to fruition.

Re:Huh? (5, Interesting)

fred fleenblat (463628) | more than 4 years ago | (#25406277)

TFA says they're going to use hash values. This will take a stateful packet inspection filter to catch, but the amount of state is only enough do the hash, and they can throw it away if it doesn't match anything on the blacklist.

While hashing seems easy enough to get around, I think the real thing they're looking for is a repeated pattern of someone sending blacklisted images. If you send/receive thousands of images, there's a good chance that you'll screw up and maybe a dozen of them won't get resampled (or use some other trick) to change the hash value. you'll pop up on a screen someplace, they'll get a search warrant, and you are busted.

Re:Huh? (2, Interesting)

thogard (43403) | more than 4 years ago | (#25406593)

Did anyone do that "out of order packet" hack for the linux kernel yet? The idea is you send 99% of the packets in the correct order but 1% of the time you swap the order around. It does nasty things for programs like this. Also someone needs to look at claims of this software compared to what it does and let them know where they are in breach of local truth in advertising laws.

Re:Huh? (2, Insightful)

Anonymous Coward | more than 4 years ago | (#25406303)

Does also this remove the common carrier status of ISP's?

That's a myth. They don't have it.

Re:Huh? (-1, Troll)

Anonymous Coward | more than 4 years ago | (#25406327)

would consume allot of power

"Allot" of power?

Is that like a "murder" of crows? Or a "flange" of baboons? A "sault" of lions? A "smack" of jellyfish? A "warren" of wambats?

Seriously, there are "a lot" of "collective nouns," but "allot" is a new one on me.

Re:Huh? (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#25406403)

I would rate you "Grammar Nazi" if I could...

Re:Huh? (0)

Anonymous Coward | more than 4 years ago | (#25406699)

Yeah, you're prolly right. Most people could care less. Besides, noone's perfect.

Re:Huh? (4, Informative)

maugle (1369813) | more than 4 years ago | (#25406613)

Every time this topic comes up, someone posts something about how this could remove the common carrier status of ISPs.

Repeat after me: ISPs do not have common carrier status.

Brilliant Digital Entertainment? (4, Informative)

Anonymous Coward | more than 4 years ago | (#25406133)

Wasn't that the Aussie spyware company attached to Sharman Networks/KaZaA?

Before it got raided, I mean?

I call shenanigans.

One question (4, Insightful)

MathFox (686808) | more than 4 years ago | (#25406137)

Can it decrypt SSL/SSH in real time?

Re:One question (0)

Anonymous Coward | more than 4 years ago | (#25406273)

Yes. And it can read your thoughts too.

Re:One question (4, Informative)

whoever57 (658626) | more than 4 years ago | (#25406291)

Can it decrypt SSL/SSH in real time?

Exactly. They claim that the can search "every document attached to an e-mail .. -- to see if it matches a list of illegal images. Apparently, they have never heard of SMTP-TLS, POP3S, etc.. Or perhaps they have and they are just like many others -- selling snake oil.

One answer (4, Insightful)

Willbur (196916) | more than 4 years ago | (#25406533)

Can it decrypt SSL/SSH in real time?

According to the article they use man-in-the-middle attacks. This is probably quite easy if the server is using self-signed certs.

Re:One question (1)

Duncan Blackthorne (1095849) | more than 4 years ago | (#25406539)

If they can, then (all joking aside) it's time to go back to SneakerNet [wikipedia.org] because NOTHING on the Internet would be safe anymore. At that point you may as well remove the word "private" and all it's derivatives from human language.

useless (0)

Anonymous Coward | more than 4 years ago | (#25406141)

This would be useless against their number one traffic maker, bit torrent. The packets are random at best and completely disorganized at worst so this product would be especially useless when coming across say, packets from a torrent whos contents have been encrypted.

Not to mention the million other ways to get around this.

Re:useless (4, Funny)

Mr_Tulip (639140) | more than 4 years ago | (#25406185)

shhh.. don't tell the government..

Re:useless (3, Informative)

corsec67 (627446) | more than 4 years ago | (#25406243)

Not only that, but it says that it works against movies.

The ISP downloads the entire 1-5GB file, hashes it, compares the hash, and then if it passes sends the file on to the user?

I think that would break almost every kind of application, and could easily be used to swamp the downstream of the ISP by making requests and then dropping the connection.

And then what about hash collisions, or programs that aren't web browsers?

Re:useless (0)

Anonymous Coward | more than 4 years ago | (#25406423)

This would be useless against movies too! Want a different hash? Change ONE character in the metda data! transcode with a different codec! shave off a second or two of black screen in the credits! Instantly, different hash. If any ISP implements this they wont be able to scale with the number of hashes they would have to keep on records to verify every file let alone packet.

This is a totally stupid idea.

Not to mention I'll bet ISPs wouldn't share each other's hash databases.

Re:useless (1)

Walpurgiss (723989) | more than 4 years ago | (#25406703)

Even faster, rar the movie. Or if its already rarred/zipped/whatever, split it into parts. If already in parts, group them in an outer archive. Whatever really. Unless they're going to try and decompress any archive containers, you don't have to re encode or edit frames of videos.

Re:useless (2, Funny)

Snuhwolf (1105289) | more than 4 years ago | (#25406475)

Well I'll be damned! THATS why every time I try to listen to shoutcast my ISP (centurytel)
kicks me off. Maybe if I listened to a station they liked?

So what happens when... (2, Insightful)

Mobius Ring (1346871) | more than 4 years ago | (#25406145)

So what happens when the malware guys decide to have their malware fire off images that are on this list of banned files/images?

Suppose that their 'smart' and have the image embeded in the malware (or otherwise obscured). the malware sits there for a while and infects as many systems as possible... then the SPAM event happens. With this crap... I mean "wonderful, keep-our-kids-safe" software kicks in and drags even more of the internet down, who's gonna pick up the tab?

I know... have the **AA morons... I mean overlord masters, sign an iron-clad agreement to pick up that tab and I'll gladly get infected. :|

Except... I don't really feel like being arrested for having been infected by perverted malware. :(

Re:So what happens when... (1)

QuantumRiff (120817) | more than 4 years ago | (#25406821)

You don't have to actually have the "perverted" pictures to do this, just send out lots of data files that have the same hash. (depending on the lenght of the hashes, its really easy to do) Not to mention, changing just a bit in a file will mess with its hash, so the real kiddie porn traders will just randomly change a pixel or two. Might be fun to send out multiple 25MB files that have the same hash. That would drop their servers to their knees....

Re:So what happens when... (1)

Tubal-Cain (1289912) | more than 4 years ago | (#25406937)

Are there any programs currently available that will generate a file that matches a certain hash?

You know, it really makes me wonder... (5, Insightful)

genw3st (1373507) | more than 4 years ago | (#25406159)

... what is going to prevent this proverbial snowball from building into a full-blown avalanche? I guess it has already become one to some extent... I can't recall a time in history when the WORLDS rights and privacy were as stripped and neglected as it is now, and then everyone suddenly got their right to privacy and freedom back. Despite its amazing capabilities, technology sure has put us into an interesting position when in the hands of people like "Brilliant Digital Entertainment" ... yeah, real brilliant. Crackheads.

Re:You know, it really makes me wonder... (1)

Shados (741919) | more than 4 years ago | (#25406599)

Technology evolves faster than moral values and society, thus keeping people in a constant state of panic over it, and causing a mess in the short term (and benefits in the long term). That was always true throughout history, from the discovery of fire (at least according to the theories), to the internet. This will be the same. It may take a civil war, or a nuclear bomb going boom, but we'll either all die, or we'll be better of.

It worked *so* well when used to fight spam... (0)

Anonymous Coward | more than 4 years ago | (#25406173)

Because I'm *sure* that people wouldn't just find ways to add hash busters, right? Hell, even the idiot spammers solved this one. Do they really think that spending zillions on hardware will help anyone but the hardware vendors peddling this crap?

Won't work. (4, Informative)

Xtense (1075847) | more than 4 years ago | (#25406181)

Ok, on really simple protocols, like HTTP or FTP, maybe - but most, if not all, p2p traffic is safe, i think. This is of course because of the chunky nature of transmission - you can't really tell what part of the file went through your pipe just by looking at it, and since parts are sent at random, you cannot rebuild the file with your chunks without guiding information, be it a torrent file, a list of parts for emule, or whatever else there is. And you need the whole file to get your hash-check. That's one. Two: encryption totally kills the effort, as the ISP can in no way examine your file without interfering with your transfer, and SSL exists solely to protect you from this.

Even if my line of thinking is really misguided here, this would require lots and lots of processing power - i mean, on a routing line with a hundred users on one end, it's thousands of hash-checks to be made for every stupid rebuilt file - both processes of course painfully CPU-eating, unless you want false-positives, since you didn't bother to use a proper hashing algorithm.

All in all, this looks to me like a terrible waste of money.

Re:Won't work. (5, Interesting)

Anonymous Coward | more than 4 years ago | (#25406401)

They claim they can scan Gnutella and BitTorrent.

Gnutella I don't know, but BitTorrent, almost certainly.

The common forms of BitTorrent encryption uses a "shared secret". The shared secret for BitTorrent is a 20-byte key known as the "infohash". This infohash is ALSO used as the unique hash to uniquely identify a given set of files. So its ALWAYS given to the tracker, and if the tracker isn't using SSL, that means its in the clear.

Making the encryption in BitTorrent almost laughably insecure. It's good enough to block non-stateful packet filters. It's not good enough to prevent people from listening in.

As for getting a file hash with BitTorrent, that's even easier.

It does it for them.

The ".torrent" file contains a list of hashes. They don't even need to look at the file contents.

I dunno about other P2P systems, but BitTorrent is definitely not safe from this.

Re:Won't work. (1)

Cassius Corodes (1084513) | more than 4 years ago | (#25406779)

Very true - though this means that they actually are reading the contents of files, not just hashing them...

Re:Won't work. (0)

Anonymous Coward | more than 4 years ago | (#25406407)

Do p2p protocols typically use standard size chunks? If so, the ISP can check the hashes of passing chunks; there's no need to reassemble the whole file. But, as you say, encryption foils any sniffing effort.

Re:Won't work. (1)

itsybitsy (149808) | more than 4 years ago | (#25406425)

While the encryption will be more difficult to get around the file fragments won't be. Why? Well, you can always take hashes on portions of a file! It's also straight forward to find the byte sequences within a specially constructed file database.

The encryption is the issue... how to crack that?

Ok, when is enough enough? (1)

itsybitsy (149808) | more than 4 years ago | (#25406453)

When will people say NO to their overzealous pious government types?

When is too much invasion of privacy?

Re:Won't work. (2, Interesting)

caffeinemessiah (918089) | more than 4 years ago | (#25406451)

i mean, on a routing line with a hundred users on one end, it's thousands of hash-checks to be made for every stupid rebuilt file

Actually, it gets worse than that. Say that I have an "illegal" image that I want to transmit to you. All I would have to do is embed it in a random frame of some 700 MB DivX movie. Then, not only do files have to be checked, but every frame of every video too.

And the age-old question of "is this MP3 file legal"? That is an example of an uncomputable question.

More likely, this is intended for idiots who don't use encrypted connections. But people who don't have the brains to use encryption are probably going to be apprehended by law enforcement anyway before they can do too much law-breaking. So in other words, invest in massive infrastructure for pretty much nothing.

Re:Won't work. (1)

nobodylocalhost (1343981) | more than 4 years ago | (#25406455)

It can work, here is the run down: it doesn't really have to see the encrypted stream between you and thousands of peers. It can compare the sha hash in that torrent file you downloaded via http to those in their registry. So if you download the torrent files over unencrypted http, ftp, news group, etc... Then they would have a match. Now this doesn't mean you actually downloaded the illegal material via torrent, but it gives them a probable cause.

Re:Won't work. (1)

Chatterton (228704) | more than 4 years ago | (#25406549)

There is a method in cryptography hat is called packaging. The encryption key is stored within the file but you must have the complete file to get the key from it. Now you can send your last blue ray film. If they store it completely for uncrypting it they have a lot of money to drop by the windows :D

Easily gotten around (4, Insightful)

Anonymous Coward | more than 4 years ago | (#25406227)

Time to make a utility that puts a file into an encrypted 7Zip archive, with the password stored in some reversable encryption method (encrypt the password with all zeroes as a key 1 million to 2 million times), so it would take x CPU seconds on some hardware to decrypt it.

This would allow files to still go across the net without requiring passwords or keys, but prevent utilities like this from just passively obtaining traffic, just due to the CPU cycles involved.

Of course, just stuffing a password in the comments field works too, but with a decent text parser, it can be extracted.

Its just more of the same cat and mouse game. The real crooks will not be affected while Joe ISP User will lose his privacy even more.

Idiots in Charge (0)

Anonymous Coward | more than 4 years ago | (#25406489)

Its just more of the same cat and mouse game. The real crooks will not be affected while Joe ISP User will lose his privacy even more.

True. True. Sadly, true.

And the clueless policy makers, whose friends/relatives/business partners have hatched this scheme will forge ahead regardless because they are "doing something to stop illegal activities".

Evil (5, Informative)

Anonymous Coward | more than 4 years ago | (#25406231)

According to the Wikipedia entry on Australian copyright law [wikipedia.org] "[...]Brilliant Digital Entertainment in Australia were raided for copyright violations[...]" in 2004.
It looks like someone switched sides but taking a closer look they only seem to be in charge of the adware that came with Kazzaa, so I guess they were always evil.

Common Carrier? (-1, Redundant)

Anonymous Coward | more than 4 years ago | (#25406345)

ISPs examining files passed through their system? Kiss your Common Carrier protections goodbye.

Ways to abuse/defeat this... (3, Insightful)

straponego (521991) | more than 4 years ago | (#25406417)

You could easily joe-job specific or random people with this. You could make a million torrent users look like child molesters.

They're claiming they'll man-in-the-middle p2p users to disable encryption. Major problems there.

They're using a hash for the images/movies. Alter the image tags, or change a pixel, you've beat it. The more they ignore diffs, the more false positives they'll get.

There's my five seconds of thought on the efficacy/ethics of this. If you manage to solve all those problems, come back and I'll give it another five seconds. See you in ten years.

But hey, once it's in place they can use it for the *AA! Which is really what this is about, more free handouts to obsolete business models.

Re:Ways to abuse/defeat this... (1)

thogard (43403) | more than 4 years ago | (#25406911)

What if the masthead graphics for something like google had the wrong checksum? Then everyone would look guilty.

This is Fantastic (4, Insightful)

pnotequalsnp (1077279) | more than 4 years ago | (#25406427)

This is fantastic, since the amount of money required by an ISP to implement this will sink them. This will filter all "idiot" ISPs, who think they are rulers of the internet.

A better use for this technology... (4, Insightful)

thenewguy001 (1290738) | more than 4 years ago | (#25406447)

is to have ISPs scan all downloading files to make sure they do not contain malware or viruses so we don't have so many botnet zombies around the web from idiots opening britneysex.exe

Hash encyrpted rar? Google can't, who can? (1)

Eganicus (1374269) | more than 4 years ago | (#25406481)

Google can't figure out how to organize photos, asking us to help TAG them ( especially searching for kitty porn!) We can hack any software, website, no security can stop committed people... so once again we'll inconvenience EVERYONE except the people who DO trade kitty porn.

Kitty porn? (1)

mu51c10rd (187182) | more than 4 years ago | (#25406577)

so once again we'll inconvenience EVERYONE except the people who DO trade kitty porn.

"kitty porn"...won't anyone think of the cats?

yeah right (0)

Anonymous Coward | more than 4 years ago | (#25406501)

This from the guy you created Kaaza...P2P network.
Stole compute time from other people and sold the processing time.

Yeah, very trustworthy.
Ha, haaaa, bewaaaa ROFL.

Just another mouse trap (0)

Anonymous Coward | more than 4 years ago | (#25406505)

If they build a better mouse trap, we'll just build a better mouse. The Cycle goes on.

ngrep (1)

D_Gr8_BoB (136268) | more than 4 years ago | (#25406509)

So ngrep [sourceforge.net] , in other words? It's not as though this is particularly new or exciting technology.

Who Cares? (0)

Anonymous Coward | more than 4 years ago | (#25406529)

I still don't see the point in this.

If I was to be the leader of an International Child pornography ring;

a) I'm using https
b) I'm using POP3S/IMAPS
c) I'm using Pidgin + Off the Record Messaging Plugin
d) I'd be using Encrypted LVM

The article doesn't confirm it also breaks AES on the fly. So until then, I ask, why do we care?

Kitty porn @ humane society is illegal? (1)

Eganicus (1374269) | more than 4 years ago | (#25406531)

If so, I'm going to need tor or something! All day I've been looking for a cat to adopt.... am I sick? The security business preys on fear, and a false illusion of safety.... ridiculous...

Child porn is perfect for framing people (4, Insightful)

Jimmy_B (129296) | more than 4 years ago | (#25406545)

The problem with all the hysteria around child pornography is that it's too easy to frame someone. A little research, five minutes alone with your computer, and an anonymous phone call are all someone needs to ruin your life and reputation.

Let me be perfectly clear: Even if you're completely innocent, this is a serious threat to you. If someone decides to frame you, you won't be able to prove your innocence, and it won't matter even if you can. That's unacceptable. Yes, child porn is bad, but a society where anyone can anonymously destroy anyone else is much, much worse.

get to the root of the problem (-1, Troll)

ladydi89 (1159055) | more than 4 years ago | (#25406569)

Why not just prosecute the hell out of child molesters that are caught? What a novel concept. If we start executing these sickos I bet we would see a HUGE reduction in child porn without the phenominal costs to ISPs and users for a "solution" that will be easily defeated if you know what you are doing. But what am I saying? I don't need freedom and rights - that's way over rated. Search my bytes.

Random altering file server (1)

flyingfsck (986395) | more than 4 years ago | (#25406587)

This can be filed in the Really Dumb Idea bin. It would be so easy to make a server that always alters images/movies by a few random bits to defeat hash checks. However, if the RIAA would pay me M$10, then I'll gladly make them yet another copyright infraction detection scheme...

I wouldn't get too upset if I were you (1)

Duncan Blackthorne (1095849) | more than 4 years ago | (#25406623)

I'm categorizing this as "alarmist crap". Unless it's done clandestinely, there would be lawsuits, and as many have already stated in comments here, there's almost no chance that it could foil encrypted transfers, and there's a likelihood that it doesn't work at all. Not getting worried until I hear that it's actually being implemented.

Hash Collisions (1, Interesting)

Anonymous Coward | more than 4 years ago | (#25406633)

There are fundamental problems with this.

First the police database would grow.

All people wanting to bypass this would have to do is append a few characters to a file, or compress it. They could easily make a single file into a million files with there techniques alone. They can modify the files them selves by slightly changing color values. That creates a million more files. Now comes the nasty part.

They've flooded the police database, now the original file is a billion files, a billion hashes. What is the probability of many accidental hash collisions with innocent files. Soon you will have problems sending all kinds of stuff.

Not to mention the exponential growth of hardware requirements on everyones part.

Alternate need (1)

Dr.Who (146770) | more than 4 years ago | (#25406679)

What we really need is a tool to collect and monitor elected official's e-mail and attachments, even if they are submitted from a non-government e-mail account.

First for child porn, next for Video and music (1)

www.sorehands.com (142825) | more than 4 years ago | (#25406689)

How much would you bet that the MPAA and RIAA are going to try to get laws passed that require ISPs to install and use this software?

Corrupting the chinese (1)

pseudorand (603231) | more than 4 years ago | (#25406759)

They actually use an army of low-wage Chinese and Indian workers to scan all that data. It's cost effective, but the side effect is that in a few years millions of Asians, who might otherwise have become normal, productive, law-abiding citizens of their respective countries, will instead have become deranged pedophiles.

There are only so many hash values (0)

Anonymous Coward | more than 4 years ago | (#25406781)

Eventually we'll get a few files blocked a day, just because they match hash values.

Obviously we need to act... (1)

rickb928 (945187) | more than 4 years ago | (#25406859)

...and take up a collection to pay the spammers to send a regular smattering of these files in their usual spam loads. ...and both overwhelm the filter and crush the ISP NAPs. ...and express our displeasure at the rapidly coming destruction of probable cause on the Internet.

Because we know that shortly after the 'authorities' can do this, they will be asking to investigate the intended recipients, on the premise that they have 'probable cause'.

I can't hardly tell the difference between the NY Attorney General and the RIAA any more. No, kiddie pr0n is not good and I condemn it. But we give up a lot when we give up the rights granted so long ago. Stick to the stings, guys, and try to avoid deliberately incriminating innocent people, ok?

Damn, what political party can I be a member of now... They all suck.

Why stop here? (2)

Goliath (101288) | more than 4 years ago | (#25406869)

Why not snoop every phone call, open and scan every piece of snail mail, record every conversation?

Oh, because people realize that doing that would be contrary to our laws and ethics, but get some sort of paralysis every time somebody brings up child porn and the Internet?

Yeah... thought so. It's the same exact thing, but try convincing people of that.

My New Motto (0)

Anonymous Coward | more than 4 years ago | (#25406929)

Pirate EVERYTHING.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>