Google Spots Explicit Images of a Child In Man's Email, Tips Off Police 790
mrspoonsi writes with this story about a tip sent to police by Google after scanning a users email. A Houston man has been arrested after Google sent a tip to the National Center for Missing and Exploited Children saying the man had explicit images of a child in his email, according to Houston police. The man was a registered sex offender, convicted of sexually assaulting a child in 1994, reports Tim Wetzel at KHOU Channel 11 News in Houston. "He was keeping it inside of his email. I can't see that information, I can't see that photo, but Google can," Detective David Nettles of the Houston Metro Internet Crimes Against Children Taskforce told Channel 11. After Google reportedly tipped off the National Center for Missing and Exploited Children, the Center alerted police, which used the information to get a warrant.
Re:Well at least they saved the children! (Score:4, Informative)
You're kidding, right? Ever heard of Google Image Search or TinEye? You give it a URL, or upload a photo, and it'll give you a list of identical and highly-similar images...
From there, it's a no-brainer to feed the system with URLs of known pedo sites... either ones Google employees have identified, or those they've gotten law-enforcement requests to take-down.
And even without the TinEye type system, it's still a no-brainer to checksum/hash all those images, and see if an exactly identical one shows up on your servers, somewhere, somehow.
Re:Best secure email? (Score:4, Informative)
email your friend encrypted pdf files and tell him the pdf file password over the telephone.
Re:Best secure email? (Score:4, Informative)
Re:Its all in the gmail terms of use ... (Score:5, Informative)
An automated tool probably flagged the image, hopeful it wasn't simply probable nudity but probable nudity combined with some other alert, maybe something in the body of the text. Humans probably only review flagged images. The system is working as google has always intended, go read the terms of use. Working with local law enforcement when google deems it appropriate or legally required probably falls under what you refer to as "etc".
Read the full article. There's an agency ("National Center for Missing & Exploited Children") that provides hashes of known child porn images and videos to companies like Google. I don't think it's outside Google's purview to ensure files with hashes appearing on that list don't reside on their servers. Contrary to what the peanut gallery here has to say, Google aren't opening up individual mailboxes for a quick squiz. Not to mention that even if they aren't looking inside mailboxes for these images, they probably do scan messages traversing their network (i.e. incoming/outgoing) for files with known hashes.
Re:Snooping or running hashes? (Score:2, Informative)
The article says specifically that they are comparing email attachments against a list of known hashes of child porn.
Re:Are the *sure* they got the right guy? (Score:5, Informative)
Gmail allows for dot address matching. This is a *huge* problem that has never been addressed.
It hasn't been addressed because there is no such problem. All of the incidents described in the link you provided, as well as your own experience, seem to be explained by user stupidity. No need to invent some mysterious google-bug in order to explain it.
I had a similar experience; some idiot used my google email address, with a dot in the middle (no dot in mine), as his recovery e-mail for a bunch of his other accounts. So I kept getting periodic emails letting me know when he's signed in from a new location. Confused the shit out of me at first. After I contacted him to let him know about it, it turned out he was misspelling his own e-mail address.
When the choice is between user stupidity and a systemic problem, always pick user stupidity.
Stories like this scare the shit out of me because, at any time, if one of those people I happen to receive email for suddenly decides to go into full-creep mode, I could be put in prison for a very, very long time.
Nonsense. If this were true, any pissed off person who knows your e-mail address could get your arrested by spamming you with kiddie-porn from an anonymous e-mail provider. You're not going to go to jail just for receiving e-mail.
Re:This is chilling (Score:4, Informative)
not for pedophiles, fuck them
Pedophiles are simply people who have a sexual attraction towards children. Being a pedophile does not mean you molest children or even look at child porn.
The term "pedophile" is being misused by people who don't even know what it means, to the detriment of many people who have never harmed anyone.
While, I absolutely believe it's google's job to report illegal activity
Not all laws are just, so don't pretend that they are.
Re:Well at least they saved the children! (Score:5, Informative)
Why wouldn't you convict if a server admin presented a file, with logs, timestamps, and permissions that demonstrate the owner, creator, and time which that person had it?
Because, as an occasional server admin, I'm perfectly aware that it's easy to change the logs, timestamps, and permissions. Do you not know what a computer is? It's a tool for manipulating data. This is not reliable forensic evidence, it's something that anyone with fairly modest skills could fake up in fifteen minutes.
Comment removed (Score:3, Informative)
Comment removed (Score:5, Informative)
the ARTICLE states (Score:5, Informative)
that this was discovered via a known hash of known child pornagraphy images.
it seems to me that google must keep a hash table of alot of things sitting around on it's drives,
using hashes to reduce redundant storage requirements means that this very well have been discovered AUTOMAGICALLY, and thus required google to act on it.
i don't think the spin being placed here as it being an 'invasion' of privacy is accurate here considering my prior statement
you should thank google for helping to stop people invading the child's privacy by putting a stop to sharing of images like this
the methods potentionally employed in the discovery of this image are both automated and reasonable
and the reaction of google is not only reasonable and actionable, it's also commendable.
we all can keep our privacy if all they're doing is storage reduction through hash comparison.
fin.
compared to hash database, with antivirus (Score:5, Informative)
It seems National Center for Missing and Exploited Children has a database of hashes, or "fingerprints" of known child porn images. When you use Gmail, it checks attachments against a database of viruses and also apparently against this CP database.
A distinction can be made here. What the database does NOT do is any kind of image analysis to see if the picture LOOKS like child porn. It checks only against known, reported child porn, apparently.
Re: Well at least they saved the children! (Score:5, Informative)
Re:Well at least they saved the children! (Score:5, Informative)
What if someone at Google suddenly doesn't like you and they forward the contents of Mr. Convict to your e-mail address? Oh, and then the police get an "anonymous" call.
Except, in this case, the call was not anonymous. Furthermore, the police used the email as evidence to get a warrant to search his devices, and found other images. So, he is not being charged based on just one email.
Who believes you now, mate?
Most likely, no one will believe him. Why should they?
Re:Its all in the gmail terms of use ... (Score:5, Informative)
The smart implementations probably hash the image payload excluding EXIF, for exactly that reason - maybe downsample and reduce the colorspace too, so trivial tweaks won't have that effect any more.
(In fact, the implementation I'm working with right now for exactly this purpose - I have a small research project underway with the police in Scotland as part of their Offender Management work - just hashes HTTP payloads for the moment - although refining this is on the drawing board for later.)
I do find this very disturbing in principle though. Is absolutely everything in your mailbox entirely innocent? I have, for example, a list of various Microsoft product keys in mine. As it happens, those are legitimate - all issued to me by Microsoft via MSDN subscription, then I stuck them all in a spreadsheet to keep track of which key was in use for what - but would Google or the police know that just from looking at the list? They might turn up with a warrant looking for the piracy ring I'm obviously running, just because Google got nosy and went vigilante!
This isn't the first time, though; I recall a malware researcher getting rather upset after Google started eating samples from his Inbox [ghettoforensics.com] - even when they were inside password-protected ZIP files. I can see that they mean well, but to me that crosses a line.
Re:Well at least they saved the children! (Score:5, Informative)
He is either well informed or (more likely) simply able to point out the obvious in a world where most don't dare. It is proven beyond doubt that brain tumours can cause paedophilia [newscientist.com]. That article is a summary of one well known and notorious case, but note that he checked himself into the hospital just one day before he was going to prison. The chances are great that there are more people like him rotting inside the prison system.
Given that the sex drive is an inherently biological thing that evolution has given tremendous influence over people's behaviour, the fact that a malfunctioning sex drive might have a biological root cause should not surprise anyone. And yes, it's absolutely a malfunction and obviously so - the purpose of sex is to reproduce and create offspring that survive to adulthood. The chances of having a child that grows up to be a strong adult by having sex with another child is massively reduced or close to zero, so from an evolutionary perspective it makes little sense.
Yes, some people do say that, and for all we know they might be right. Homosexuality is another biological dead end that doesn't lead to offspring. However this kind of deviation from the sexual norm is something most enlightened societies have got over because it doesn't harm anyone. OK, those people will not have kids. So be it. They aren't hurting anyone so it's unreasonable and unjustified to cause them problems.
Child abuse is a more complicated area. People tend to think of the "we know it when we see it" type cases, you know, 40 year old men trying to have sex with 8 year olds. Unfortunately the laws are badly written enough that all kinds of other basically harmless behaviour gets tangled up with it. For example, I know for a fact that the NCMEC database contains cartoons. Having a racy cartoon in your Gmail account is now enough to get busted by the police. Other cases of idiocy around these laws include the UK where the legal age of consent is 16 but the age to be considered not child porn is 18, meaning two people can legally have sex but can go to jail if they take a photo of themselves doing it. Cases where two teenagers have a relationship and the older one ends up being busted for child abuse have been reported in the USA. The harm in these cases is hard to see but it all gets dumped into the same bucket, legally.
Re:Hash Collision (Score:5, Informative)
Finding an "incidental collision" (that is a collision that happened in a case other than people deliberately setting out to construct a collision). is most certainly noteworthy. Lets run some ballpark numbers.
There are less than 2^33 people in the world. Most of them probablly don't use google but lets assume that they do. Further lets make a wild ass guess that each one has 2^17 files in googles database (from some googling i'm pretty sure this is an overestimate). That would mean a total of 2^40 files.
Lets further assume that the hash functions are ideal "random oracles".
With 2^40 files there are approximately 2^79 pairs of files. With a 128 bit hash (like md5) then assuming it's ideal the probability of a pair of files having colliding hashes is 1 in 2^128 so with our 2^40 files the probability of a collision anywhere in the set is approximately 1 in 2^49.
For comparison the chance of winning the lottery in the UK is about 1 in 2^24 so 1 in 2^49 is like winning the lottery every week for 2^25 weeks
An incidental collision even in MD5 either means something incrediblly unlikely happened or (far more likely) there is a serious flaw in the uniformity of the hash function's output. That is certainly newsworthy.
In SHA1 and higher any collision even a deliberately constructed one would be noteworthy (the MD5 ones certainy were when they were first found, they are old news now of course).
Re:Well at least they saved the children! (Score:4, Informative)
Kind of like all the systems, procedures, and protections that prevent this type of thing at the NSA.