Google Spots Explicit Images of a Child In Man's Email, Tips Off Police 790
mrspoonsi writes with this story about a tip sent to police by Google after scanning a users email. A Houston man has been arrested after Google sent a tip to the National Center for Missing and Exploited Children saying the man had explicit images of a child in his email, according to Houston police. The man was a registered sex offender, convicted of sexually assaulting a child in 1994, reports Tim Wetzel at KHOU Channel 11 News in Houston. "He was keeping it inside of his email. I can't see that information, I can't see that photo, but Google can," Detective David Nettles of the Houston Metro Internet Crimes Against Children Taskforce told Channel 11. After Google reportedly tipped off the National Center for Missing and Exploited Children, the Center alerted police, which used the information to get a warrant.
Well at least they saved the children! (Score:5, Insightful)
The great things google can offer, 1984 saves the children!
(Yes it's good that pedophiles get hurt - But there is a very very bad precedent here...)
Re:Well at least they saved the children! (Score:5, Insightful)
Agreed. Even good outcomes do not justify bad behaviour. We should not be happy that Google is perusing the content of our E-mail with anything but automated tools (for advertising, etc.)
Re: (Score:3, Insightful)
Agreed. Even good outcomes do not justify bad behaviour. We should not be happy that Google is perusing the content of our E-mail with anything
FYP
Re:Well at least they saved the children! (Score:5, Insightful)
Would you be surprised when a warehouse reports you for storing illegal postcards there? Just because it's google doing the reporting doesn't automatically make it bad.
Re: (Score:3, Insightful)
Which is why I don't use gmail and I find it rather alarming just how many people are/have switched to gmail. This is not to say Hotmail and Yahoo are any better at minding our privacy but I don't use them anymore either - for the same reason.
Re:Well at least they saved the children! (Score:5, Insightful)
Guess what, even if you are not using gmail, chances ae people that you communicate with regularly ARE using e-mail, therefore, some of your email still passes through google's servers.
Cheer up!
Re:Well at least they saved the children! (Score:5, Insightful)
Benjamin Mako Hill did an analysis of his inbox. He found Google has about HALF of this personal email - and he runs his own mail server and everything. See http://www.slate.com/blogs/fut... [slate.com]
Anyhow, the interesting thing is that Google has a bunch of file hashes, and they actually matched the image. I mean considering how easy it is to change the file hash, they seemed to just collect and send the same image over and over again?
You'd think by now they'd alter the images slightly to keep changing the file hash.
Re:Well at least they saved the children! (Score:5, Insightful)
I've found it funny when I've made arguments about Google's ad scanning being something I didn't like, and people always came back with "but it's 100% automated and completely anonymous - no human ever looks at your mail".
I think that argument just got settled with this story - and I won.
No, you did not. This does not condradict Google's claim that no human ever looks at your email. The only thing that has changed is that in addition to being scanned for spam and viruses, attachements are now also being checked against a database of known child porn.
Re:Well at least they saved the children! (Score:5, Insightful)
No you didn't. If you had bothered to read the article, you would have seen that they detect things like this by using image hashing. It's an automatic process - unless you happen to be passing around images that are identical to known images of child pornography, at which point of course humans will get involved.
Well, if you really need to know, then you could always read the article. It specifically states that he was arrested after police found other suspicious images on his computer (after obtaining a search warrant), and that he's a registered sex offender. Chances of this being a mistake are practically nil. All indications are that both Google and the police did their job properly, with judicial oversight.
Re:Well at least they saved the children! (Score:4, Interesting)
It is in the ToS, which at least 1 party (the account-owner) has agreed to.
We can try all we want to compare this to 1984 and what-nut, but if we explicitly allows a company to rummage through our email, we have no basis for complaining when it happens.
(Note: I can think of at least 1 country where this part of the ToS would be invalid)
Re:Well at least they saved the children! (Score:5, Interesting)
We should not be happy that Google is perusing the content of our E-mail with anything but automated tools
It is an automated tool. They look for hashes of known illegal images.
That in itself is worrying because recipients can't control what email appears in their inbox. There are sites out there that offer illegal imagery for download specifically for sending to victims to get them in trouble, or for posting to forums as a kind of trolling.
Re:Its all in the gmail terms of use ... (Score:5, Informative)
An automated tool probably flagged the image, hopeful it wasn't simply probable nudity but probable nudity combined with some other alert, maybe something in the body of the text. Humans probably only review flagged images. The system is working as google has always intended, go read the terms of use. Working with local law enforcement when google deems it appropriate or legally required probably falls under what you refer to as "etc".
Read the full article. There's an agency ("National Center for Missing & Exploited Children") that provides hashes of known child porn images and videos to companies like Google. I don't think it's outside Google's purview to ensure files with hashes appearing on that list don't reside on their servers. Contrary to what the peanut gallery here has to say, Google aren't opening up individual mailboxes for a quick squiz. Not to mention that even if they aren't looking inside mailboxes for these images, they probably do scan messages traversing their network (i.e. incoming/outgoing) for files with known hashes.
Re: (Score:3)
I am more worried about the risk of this being used for framing someone. Perhaps especially those who have served their sentence and are in public registers.
A prior conviction for which a person has served the sentence should never be enough justification on its own to warrant a search, whether it's done by a person or by software. There must be probable cause, or we've made a farce out of the 4th amendment. What's next? Are algorithms listening in through your phone and PCs microphone okay?
Re: (Score:3)
Easily worked out. The list has been around for a long time, so it may well be using an obsolete hash like MD5 rather than a newer SHA. So let's assume it's a 128-bit hash. That's 2^128 possibilities. I don't know how many files go through google, but let's go for something huge - say, a trillion per year. That's a massive overestimate, i expect, but that's fine.
Which comes up to... no idea. I've tried three different ways to work it out. The math itsself isn't really hard, it's evaluating that's the proble
Re: (Score:3)
This isn't true. Finding an incidental collision is not newsworthy. But giving an algorithm which constructs an image for a given hash would be worthy of publication.
Re:Hash Collision (Score:5, Informative)
Finding an "incidental collision" (that is a collision that happened in a case other than people deliberately setting out to construct a collision). is most certainly noteworthy. Lets run some ballpark numbers.
There are less than 2^33 people in the world. Most of them probablly don't use google but lets assume that they do. Further lets make a wild ass guess that each one has 2^17 files in googles database (from some googling i'm pretty sure this is an overestimate). That would mean a total of 2^40 files.
Lets further assume that the hash functions are ideal "random oracles".
With 2^40 files there are approximately 2^79 pairs of files. With a 128 bit hash (like md5) then assuming it's ideal the probability of a pair of files having colliding hashes is 1 in 2^128 so with our 2^40 files the probability of a collision anywhere in the set is approximately 1 in 2^49.
For comparison the chance of winning the lottery in the UK is about 1 in 2^24 so 1 in 2^49 is like winning the lottery every week for 2^25 weeks
An incidental collision even in MD5 either means something incrediblly unlikely happened or (far more likely) there is a serious flaw in the uniformity of the hash function's output. That is certainly newsworthy.
In SHA1 and higher any collision even a deliberately constructed one would be noteworthy (the MD5 ones certainy were when they were first found, they are old news now of course).
Re:Its all in the gmail terms of use ... (Score:5, Informative)
The smart implementations probably hash the image payload excluding EXIF, for exactly that reason - maybe downsample and reduce the colorspace too, so trivial tweaks won't have that effect any more.
(In fact, the implementation I'm working with right now for exactly this purpose - I have a small research project underway with the police in Scotland as part of their Offender Management work - just hashes HTTP payloads for the moment - although refining this is on the drawing board for later.)
I do find this very disturbing in principle though. Is absolutely everything in your mailbox entirely innocent? I have, for example, a list of various Microsoft product keys in mine. As it happens, those are legitimate - all issued to me by Microsoft via MSDN subscription, then I stuck them all in a spreadsheet to keep track of which key was in use for what - but would Google or the police know that just from looking at the list? They might turn up with a warrant looking for the piracy ring I'm obviously running, just because Google got nosy and went vigilante!
This isn't the first time, though; I recall a malware researcher getting rather upset after Google started eating samples from his Inbox [ghettoforensics.com] - even when they were inside password-protected ZIP files. I can see that they mean well, but to me that crosses a line.
Re:Its all in the gmail terms of use ... (Score:4, Interesting)
The smart implementations probably hash the image payload excluding EXIF, for exactly that reason - maybe downsample and reduce the colorspace too, so trivial tweaks won't have that effect any more.
This isn't definitive research, but in the early days of G+, some friends posted a lot of porn to see how quickly Google caught and deleted the pictures. What they found was that Google's algorithms, once trained with a picture, could find that picture if it had been resized, flipped along the vertical axis, and cropped. (one was cropped to the point where it was no longer technically porn, since it was just a person's face, and it still disappeared.)
Re:Well at least they saved the children! (Score:5, Insightful)
Re:Well at least they saved the children! (Score:5, Insightful)
Remember, some people classify "potential terrorist" as those who cite the Constitution in online article comments.
Everyone is a potential terrorist.
Chief Justice John G. Roberts, CIA director John Brennan, actress Julia Roberts, you and I are all potential terrorists. And potential child molesters too.
It goes without saying that I feel no sympathy for a child molester.
It shouldn't go without saying. That's groupthink.
What distinguishes a mensch from a barbarian is the ability to have sympathy for even those you despise the most. If someone is a child molester, I would think it highly likely that they suffer from a mental illness, and need our help. I don't think there are many who decided to become a child molester.
The more heinous the crime, the more important it is that we do not let base feelings take control. If we do, we are no better than the child molesters who let their base feelings take control of what they do.
Re:Well at least they saved the children! (Score:5, Insightful)
True. But for saying that openly, you will be branded as a supporter of child molesters.
Brand away. I do support child molestors. And murderers. And swindlers. And racists. And slavers. I do not support child molestation, murder, swindle, racism, or slavery. But that is no reason not to care about the people, and wishing that they can be rehabilitated and become productive and respected members of society for the rest of their lives.
If there is evil in a person, it's a mental illness that needs a cure, not a carte blanche to do evil to the person in return.
The Abrahamic religious nonsense about "an eye for an eye and a tooth for a tooth" needs to stop, or we'll never progress into a peaceful society.
Re:Well at least they saved the children! (Score:5, Informative)
He is either well informed or (more likely) simply able to point out the obvious in a world where most don't dare. It is proven beyond doubt that brain tumours can cause paedophilia [newscientist.com]. That article is a summary of one well known and notorious case, but note that he checked himself into the hospital just one day before he was going to prison. The chances are great that there are more people like him rotting inside the prison system.
Given that the sex drive is an inherently biological thing that evolution has given tremendous influence over people's behaviour, the fact that a malfunctioning sex drive might have a biological root cause should not surprise anyone. And yes, it's absolutely a malfunction and obviously so - the purpose of sex is to reproduce and create offspring that survive to adulthood. The chances of having a child that grows up to be a strong adult by having sex with another child is massively reduced or close to zero, so from an evolutionary perspective it makes little sense.
Yes, some people do say that, and for all we know they might be right. Homosexuality is another biological dead end that doesn't lead to offspring. However this kind of deviation from the sexual norm is something most enlightened societies have got over because it doesn't harm anyone. OK, those people will not have kids. So be it. They aren't hurting anyone so it's unreasonable and unjustified to cause them problems.
Child abuse is a more complicated area. People tend to think of the "we know it when we see it" type cases, you know, 40 year old men trying to have sex with 8 year olds. Unfortunately the laws are badly written enough that all kinds of other basically harmless behaviour gets tangled up with it. For example, I know for a fact that the NCMEC database contains cartoons. Having a racy cartoon in your Gmail account is now enough to get busted by the police. Other cases of idiocy around these laws include the UK where the legal age of consent is 16 but the age to be considered not child porn is 18, meaning two people can legally have sex but can go to jail if they take a photo of themselves doing it. Cases where two teenagers have a relationship and the older one ends up being busted for child abuse have been reported in the USA. The harm in these cases is hard to see but it all gets dumped into the same bucket, legally.
Re:Well at least they saved the children! (Score:5, Insightful)
The "success" here is completely insignificant in comparison to the huge costs to society. That you even feel the need to qualify your statement just shows that the artificial demonization of this material in order to justify a surveillance state has worked very well. It seems that by now people have completely forgotten that the actual problem is children getting hurt, not pictures of it or teenagers "sexting" each other. For all we know this person has a picture of a nude teenager, which does not even qualify as pornography in most countries. There is a reason this material does not get shown to the public. With the strong focus on digital material, the police gets easy "successes", and can justify any and all surveillance, but does not actually prevent any child from getting hurt. While it is difficult to get information (what a surprise), it seems that most acts of child abuse do not actually end up documented on the Internet and that commercial production is basically non-existent, as following money-trails is very, very easy.
At the same time, the police-state and the fascism that universally follows it get more and more established.
Re:Well at least they saved the children! (Score:5, Insightful)
Yes it's good that pedophiles get hurt
Why, exactly, is it good that pedophiles get hurt?
Pedophilia is a perverse sexual orientation, like zoophilia, coprophilia and many others, but does not imply that the afflicted has or will abuse children. There's a greater risk, but we do not wish to punish people for being a greater risk, do we? If so, it would be good if we hurt all male relatives, who by far pose the greatest risk for a child being molested.
If we want to stop child molestations, I think what we need to do is look at why some people do the heinous deeds, and figure out how to stop people from flipping over.
Somehow I get the feeling that many would be sad if that happened, because then they wouldn't have anyone to string up and exact revenge on.
But in my opinion, one child molested is one too many, and no matter how much you flog pedophiles, it won't reduce the problem.
Re:Well at least they saved the children! (Score:5, Interesting)
It's obvious why these things happen, it's just that society is powerless to do anything constructive about it.
There are basically two types of people who rape children. Some are just normal, otherwise healthy people who have a natural attraction to pubescent children below the age of consent. Like it or not human beings are driven to breed well below the age of consent, it's just our genetic make-up. Most adults understand why this is a bad thing to do and restrain themselves, and those who don't are incorrectly labelled paedophiles (paedophile refers to someone attracted to pre-pubescent children). It doesn't matter if they actually harmed anyone, the mere fact that they were unable to repress their natural urges and looked at a child with feelings of lust is enough.
The other group are those with a mental illness who are attracted to pre-pubescent children. They have mental health problems that need to be addressed. Unfortunately society makes it very difficult for them to get treatment because of the extreme stigma attached to their condition. The media tends to pain paedophiles as monsters, so extremely disgusting that people with that illness do not want to associate themselves with that image in the early stages when treatment would be most effective and prevent any actual crimes taking place.
Obviously we need to protect children and punish criminals, but the way we go about it now we actually create an environment where people can't get treatment before they become criminals.
Re:Well at least they saved the children! (Score:4, Insightful)
Until relatively recently in human history it was normal for children to marry and have children soon after entering puberty. My own grandmother had 7 children by the time she was 21. You can do the maths.
From a purely genetic point of view it makes sense for men to be attracted to the youngest fertile girls available, since they can give that man the greatest number of healthy children and look after them for the longest time before dying of old age. Remember that 30 used to be old age for most people.
Of course this is not a particularly good thing for modern girls who will probably live into their 70s and 80s, and who can get a good education and be a productive member of society rather than just a baby factory. We quite rightly seek to help girls avoid pregnancy at an early age, and encourage them to wait until they are in a good position to raise children. The problem is that it runs counter to natural instinct, and we punish people extremely harshly for even suggesting that under-age people might be attractive. Clearly children do not suddenly become attractive the day they turn 16, it's a gradual process.
In fact the law is completely schizophrenic. It accepts that a 16 year old can be desirable enough to have sex with legally, but criminalizes looking at naked 16 year old bodies or watching them have sex.
Re:Well at least they saved the children! (Score:5, Insightful)
but if Google messed up the chain of evidence then he may get off.
child porn is bad and this guy seems to be guilty but some needs to stand up for the rights and prove that the IP they have is going to right place.
Re: Well at least they saved the children! (Score:5, Insightful)
Re: Well at least they saved the children! (Score:4, Insightful)
Which is pretty nonsensical, and an end run around the constitution. If the police cover their tracks well enough, all they have to do is pay some people off to gather the evidence.
Re: Well at least they saved the children! (Score:5, Informative)
Re: Well at least they saved the children! (Score:5, Interesting)
Google messing up the evidence chain doesn't have to be about the 4th amendment and the police.
It could go to the legitimacy of the ebidrmce altogether. What assurances can be offered thst the photos were not planted by an employee of google who has a beef with pedophilles. After all, google did happen to look in this man's private email that people think is as private as snsil mail even though they gave google access knowingly or unknowingly, find a pictue, and alert the proper people to make sure something comes of it. Even if it was discovered automatically by software, the question of how it got there still comes about.
Re: Well at least they saved the children! (Score:5, Insightful)
Replace "Child Porn" with "Subversive Material" and suddenly it doesn't see like such a good thing, does it?
Or, for you folks who like to "share", copyrighted movies, music, etc.
Re:Well at least they saved the children! (Score:5, Insightful)
And thats the catch no one seems to be talking about. An influenced chain of evidence can break entire cases simply because the police cannot prove beyond a reasonable doubt that the evidence was not tampered with/planted.
Someone at Google blew the whistle? If 'someone at Google' was able to look inside, how do we know they didn't put it inside in the first place? If you rent an apartment and your landlord has the master key, the police are going to have a VERY hard time convincing the court that you are the guilty party when the only reason they investigated you in the first place was because your landlord tipped off the police.
Re: (Score:3, Insightful)
Re:Well at least they saved the children! (Score:5, Insightful)
Re:Well at least they saved the children! (Score:5, Informative)
What if someone at Google suddenly doesn't like you and they forward the contents of Mr. Convict to your e-mail address? Oh, and then the police get an "anonymous" call.
Except, in this case, the call was not anonymous. Furthermore, the police used the email as evidence to get a warrant to search his devices, and found other images. So, he is not being charged based on just one email.
Who believes you now, mate?
Most likely, no one will believe him. Why should they?
Re:Well at least they saved the children! (Score:5, Insightful)
One of the issues with many in the anti-'think of the children' camp is that sometime what is going on seems reasonable in those circumstances. They should be willing to say "Yes I can see why people would be glad that this happened but..." and then point out that having private companies searching through your mail and reporting anything they like to law enforcement isn't a good precedent. Do they really want Google telling the government who owns guns, who visits anti-government websites, what they say on their hangouts about campaigning against the president etc? Sometimes the price we need to pay for keeping a healthy distance from totalitarianism is to not do certain things that might let us catch a few more bad people in the short term.
Re:Well at least they saved the children! (Score:5, Insightful)
How is this any different from you going to the police right now and saying you watched your neighbour murder someone?
A tip off isn't singly admissible court evidence, it only spurs an investigation. Someone with access to information forwarded information to police, police investigated using all the correct legal channels and found hard incriminating evidence and busted the guy.
This is exactly how a civilised society should work. You don't like it, don't send information unencrypted through the internet passing through the hands of others. Or do you honestly think I wouldn't report you if you handed me a photo of a child be raped and asked me to give it to someone else for you?
Re:Well at least they saved the children! (Score:5, Insightful)
How is this any different from you going to the police right now and saying you watched your neighbour murder someone?
...on a web cam you secretly installed in her bedroom?
Re: (Score:3)
I believe parent poster is generally why you have a right to face your accuser and his witnesses. Sure if the Google informant wishes to stay anonymous then by all means be suspicious. But you are suggesting that the informant formed a bias against the defendant without the defendant knowing who he is and being able to say "hey I know this guy, this is a setup". It's possible (the informant might not have liked the defendants political positions or whatever), but it is not the kind of thing that you can
Re:Well at least they saved the children! (Score:5, Informative)
Why wouldn't you convict if a server admin presented a file, with logs, timestamps, and permissions that demonstrate the owner, creator, and time which that person had it?
Because, as an occasional server admin, I'm perfectly aware that it's easy to change the logs, timestamps, and permissions. Do you not know what a computer is? It's a tool for manipulating data. This is not reliable forensic evidence, it's something that anyone with fairly modest skills could fake up in fifteen minutes.
Re: (Score:3)
Because, as an occasional server admin, I'm perfectly aware that it's easy to change the logs, timestamps, and permissions. Do you not know what a computer is? It's a tool for manipulating data. This is not reliable forensic evidence, it's something that anyone with fairly modest skills could fake up in fifteen minutes.
Sure, but it's no different than most other physical evidence, in that it's dependent upon the trustworthiness of the person presenting the information. That's why there are strict procedures dealing with evidence. It sets up a chain of trust which is used to gauge the validity of the evidence. You're making the mistake of trying to apply black and white rules in a matter that is, by it's very nature a very grey area.
Note that a conviction of a crime doesn't require "100% proof", because there's no such
Re: (Score:3)
The threshold is "beyond a reasonable doubt", which means that we have to weight the possibility of a conspiracy to fake evidence by some random employee at Google and police who found evidence at his house, versus the probability that this person was guilty of a crime - one he was convicted of previously, incidentally
If there's a Google employee or outside hacker with a wish to see this person go back to jail does not imply there has to be a conspiracy. That the person is formerly convicted would, I believe, make it more likely that the person is framed, not less. There are enough people who think anything less than life sentence is too mild, and some of those are more than willing to "do what it takes".
Re:Well at least they saved the children! (Score:5, Insightful)
The threshold is "beyond a reasonable doubt", which means that we have to weight the possibility of a conspiracy to fake evidence by some random employee at Google and police who found evidence at his house, versus the probability that this person was guilty of a crime - one he was convicted of previously, incidentally
If there's a Google employee or outside hacker with a wish to see this person go back to jail does not imply there has to be a conspiracy. That the person is formerly convicted would, I believe, make it more likely that the person is framed, not less. There are enough people who think anything less than life sentence is too mild, and some of those are more than willing to "do what it takes".
Well, if the Google evidence was the sole evidence used to try to convict someone, I'd hope that the accused would walk free. One would hope that a case wouldn't depend on a single piece of ANY evidence, because that brings up the obvious reasonable doubt. If the Google evidence is used in conjunction with evidence also found at a local residence by law enforcement, that obviously makes for a much stronger case.
I don't think it's unreasonable to apply Occam's razor to these scenarios. It's perhaps entertaining to imagine all sorts of crazy conspiracy theories that *might* occur, but the reality is that these sorts of things are undoubtedly *extremely unlikely* to actually occur. If we dismissed every case because of improbable scenarios that could theoretically punch holes in a case, we'd never convict anyone.
We have to draw a line somewhere so that innocent people wrongly accused are protected, yet standards aren't so impossible that we can never actually convict anyone who has actually committed a crime.
Re:Well at least they saved the children! (Score:4, Informative)
Kind of like all the systems, procedures, and protections that prevent this type of thing at the NSA.
Re: (Score:3, Informative)
What? (Score:5, Insightful)
No, you don't have to prove innocence! The prosecution needs to prove guilt beyond a reasonable doubt. The fact that Google snooped brings up questions, so if this is the only evidence they have the guy will walk (assuming he goes to Jury trial and does not accept a plea).
The intent to distribute you just make up out of thin air, stop with the hand waiving and stick to the case.
Based on the arresting officers comments, they were tracking this guy because he was previously convicted. They were not able to catch him doing anything wrong, which should bring up even more questions about Google finding something when investigators could not. I don't believe it would have been difficult for a cop to get a warrant on the guy if there was actually suspicion.
If this was a random Google employee that was accidentally mailed the photo I may feel differently. I have been working on Servers for over 25 years, and I have never gone though people's mailboxes or files. I have complied with warrants and provided copies of data, but never gone though someone's crap. With no warrant, I think Google did wrong. I'm not biased, I think any company that volunteers your data to law enforcement without a warrant is at least violating the trust of their customers.
Before you "but but.. murder" how would you like to be arrested because you sent a still image from Saw2 to a friend (or any of the millions of murders depicted on tv or in movies, and a measurable percentage of those are children being murdered)? I personally am not into movies so don't worry too much about that one, but I know people that are.
Anyone that trusts a Government known for parallel construction (framing people) or Google (a company known to be handing 3 letter agencies private data) should have their head examined. On this site, I should not have to mention how easy it is to forge file ownership, date stamps on files, email, chat, and logs for the latter two. In case you are not a techie, it's pretty damn easy.
Re:Well at least they saved the children! (Score:5, Insightful)
The controversial Richard Stallman argument. We can watch videos of little kids getting shot up by American helicopters in Iraq. The act is illegal. It involves one person putting something inside another. It hurts the child, causes them PTSD and possibly death. Yet a video of a child getting shot is legal and child porn is illegal.
It is kinda weird we treat sexuality differently; very interesting social construct.
Also...congratulations. If you weren't on a watch list before, you probably are now.
Re:Well at least they saved the children! (Score:5, Insightful)
And then you go on to make the unfounded claim that a video magically made people rape children. I guess videos take control of people and cause them to rape.
GP wan't making that claim. What I see is a claim that the demand has a direct relation with THOSE(in the movie/picture) children being abused.
I find censorship disgusting.
How about on a live theatre? Won't be censorship too to make it illegal?
You're so intoxicated with your "no censorship" dogma that you failed to sense that people buying this movies/pictures are paying money to pedophiles to rape children.
Mere videos or pictures shouldn't be outlawed, even if they do sometimes encourage more to be made (That's the rapist's fault; videos or people buying them doesn't force them to make more.).
You're an idiot.
Re:Well at least they saved the children! (Score:4, Interesting)
What I see is a claim that the demand has a direct relation with THOSE(in the movie/picture) children being abused.
Demand forces no one to do anything. The fault lies with those who rape. It's like how if someone falsely screamed "fire" in a crowded theater and people panicked and harmed others in the panic, the ones at fault for causing the damage would be the ones who caused the damage, not the speaker. Our legal system obviously doesn't see it this way, but I disagree with the legal system.
How about on a live theatre? Won't be censorship too to make it illegal?
You are mistaking the action with outlawing the result. It's perfectly valid to break it up if real people are getting hurt, but unless they're taking down videos or images, that isn't happening.
What we are talking about now is censoring images/videos after they've been created, not live theater.
You're so intoxicated with your "no censorship" dogma that you failed to sense that people buying this movies/pictures are paying money to pedophiles to rape children.
Nope. I did not fail to consider that; it's just irrelevant to me. Go after the rapists, and stop trying to harass people who merely view or buy the content.
Also, you mean "rapists" or "child molesters"; not "pedophiles." Pedophiles simply have a sexual attraction to prepubescent children. They are not necessarily rapists, and do not necessarily even view child porn.
You're an idiot.
Nope. Just someone who despises censorship.
compared to hash database, with antivirus (Score:5, Informative)
It seems National Center for Missing and Exploited Children has a database of hashes, or "fingerprints" of known child porn images. When you use Gmail, it checks attachments against a database of viruses and also apparently against this CP database.
A distinction can be made here. What the database does NOT do is any kind of image analysis to see if the picture LOOKS like child porn. It checks only against known, reported child porn, apparently.
Re:compared to hash database, with antivirus (Score:5, Interesting)
Which seems like a great way to catch the minor offenders who are trading old pictures, but not the really serious offenders who are producing NEW child porn. One could even argue that it creates a market for new child porn that doesn't have known signatures.
I wonder if child porn is the only type of material that is checked against a known database?
Re:compared to hash database, with antivirus (Score:5, Insightful)
And? I am sure there are people out there who would send child porn to registered sex offenders in order to frame them.
When corporations have abilities beyond what the government has, and act on behalf of the law, in a way that could not be foreseen by the lawmakers of the past, I think the only way to honor the intent of the constitution would be to apply the 4th amendment protections there too. Whether a search and seizure is committed by an algorithm or a person is irrelevant - if there was not enough suspicion to justify a search warrant, the evidence should be admissible. No matter how guilty the person is.
Remember: We are all guilty of something. Today they may go after possible child porn recipients, tomorrow they may go after speeders and use tax evaders, and one day after those who may oppose status quo. The opportunities for abuse are endless.
Give the devil a finger, and he takes the whole hand.
Re: (Score:3)
and prove that the IP they have is going to right place.
Eh? It's gmail. The need is to associate a gmail account with a person, not with an IP address.
And doing that depends mainly on how much PII the person tells Google when he registers the account.
Re:Well at least they saved the children! (Score:4, Informative)
You're kidding, right? Ever heard of Google Image Search or TinEye? You give it a URL, or upload a photo, and it'll give you a list of identical and highly-similar images...
From there, it's a no-brainer to feed the system with URLs of known pedo sites... either ones Google employees have identified, or those they've gotten law-enforcement requests to take-down.
And even without the TinEye type system, it's still a no-brainer to checksum/hash all those images, and see if an exactly identical one shows up on your servers, somewhere, somehow.
Re:Well at least they saved the children! (Score:5, Interesting)
Not checksumming or hashing. It's called "feature extraction". I know about it. I made a video about a little software I made based on OpenCV which is able to identify a picture I show it, through my webcam, among 20,000 pictures stored in my computer. It's the only video in my youtube channel that actually has views.
Anyway, once you have the features, you can analyze an image and see if it contains any part of any of the images in your database. It doesn't matter if it's slighlty blurred, partially covered, rotated, and it doesn't matter if it takes the whole screen or just a fraction. In my demo I show how my program recognizes Magic: The Gathering cards in my hand (which is much more difficult than recognizing poker cards).
Oh, and it does this at several matches per second on a Core 2 duo class machine.
Re: (Score:3)
TFA specifically says that they use a database of known illegal image hashes.
Re: (Score:3)
This is somewhat over-simplified but Google can also zero in on human faces in street view in order to slightly blur them. It's all automated. I think it has something to do with scanning for skin tone hues and corrosponding shapes. We recognize that an object we see is a human because of how they are put together: arms, legs, a torso, chest, head. Yes, all varying in sizes and hues but not by much. Parental control engines scan images for what they consider to have excessive skin tones, especially when tho
Re: Well at least they saved the children! (Score:5, Interesting)
Re:Well at least they saved the children! (Score:5, Insightful)
Aehm, what children were saved here? The article does not mention anything about it, just about some illegal pixels.
Re:Well at least they saved the children! (Score:5, Insightful)
No child was saved, since the child porn was already made, and they're likely not going to do a damn thing to 'save' the child from their situation (if they're still in such a situation). They're just doing feel-good work by going after people who look at/possess images.
Re: (Score:3)
Not any different from how we treat the whole drug situation. Why the surprised look?
Re:Well at least they saved the children! (Score:4, Insightful)
I see a bigger problem with Google acting as unpaid law enforcement. It puts their own employees at risk. Criminals, particularly the sort we are now calling terrorists, will not see any sharp line between a company that acts to aid law enforcement, especially without even needing a subpoena, and the government itself, and the one big distinction they will see is that the company does not have heavily trained, firearms wielding personnel in large numbers.
It's only a matter of time before somebody attacks one of these companies and issues a statement that it was a blow against the hated government. A smart company realizes that a court order gives them plausible deniability when they are accused of starting a criminal investigation or being over zealous in making accusations. They can say they were only doing what the law required, and the investigation was already ongoing, neither of which makes any sense as an excuse if they become extremely and seriously proactive. A smart company realizes that making their typical employees into soft targets is not fair to the employees.
More simply, if you are an employee, and your company is asking you to do things that may leave a criminal wanting revenge against you, or a whole group of political nutcases targeting you, do you get the pay, equipment and training of an FBI agent or US Marshall? Does your workplace have the security of a federal office building? Does your health insurance have the same clauses a cops or soldiers does? Do you get paid to stay in shape on employer time in case your environment becomes a combat zone? Would the company use its legal department to protect you if the criminal sues you? Even if your management and you both really want to help catch the criminal, do they mean it enough they will back you up for your part, if that criminal is now carrying a grudge against you? Could you even expect your company to keep track of when a guy like this gets out of prison and warn you, or send a lawyer to his parole hearing?
It's easy to cooperate with anything law enforcement asks, and harder to think rationally about the whole concept of blowback. It's easy to feel good about helping catch a particularly scummy criminal such as a pedophile, and harder to allocate the resources to properly protect your people from that potential blowback. And what happens at your company if you helped catch some guy everyone agrees deserves it, and now the government wants you to help catch all sorts of other criminals, who may be doing something you don't think should be a crime at all?
Re: (Score:3)
They don't have to search for it... maybe.
On the other hand simply having possession is against the law. It could be construed (especially in the US where you can "get an indictment for a ham sandwich") that Google has possession of it while it resides on their servers. So IFF they have the means to ensure that they don't have it then pretending they can't check for it may not get them a pass.
They may not like having to check for it, but it may also be the safest thing for them to do.
This is chilling (Score:5, Insightful)
Re:This is chilling (Score:5, Insightful)
People seem to miss the opportunity for incredibly bad behaviour. What about if a company like Google starts reporting on who you want to vote for? There are a lot of reasons the post office doesn't open the mail -- and our electronic equivalents should respect that same privacy.
Re: (Score:3)
No, your email account password is the envelope. Nobody should be accessing your email account without either a warrant or you giving them the password.
Of course, emails can be read without your password by employees of the email provider who have access to the relevant servers. But your letters can also be easily opened by postal service employees who get their hands on your letters ... that doesn't mean you need to seal your letters in a titanium case welded shut (ie. the equivalent of strong encryption
Comment removed (Score:5, Informative)
Re:This is chilling (Score:5, Insightful)
There is no "accidental" here. They either are systematically scanning all email or they had (again) some system administrator looking at private email without authorization. That is extremely troubling. That they found somebody possessing illegal digital goods is besides the point. A police state is characterized by universal surveillance and the eradication of all privacy. Sure, in a police state, more people doing illegal things are caught initially (but only then), but that is in no way desirable at this huge price.
Re:This is chilling (Score:4, Informative)
not for pedophiles, fuck them
Pedophiles are simply people who have a sexual attraction towards children. Being a pedophile does not mean you molest children or even look at child porn.
The term "pedophile" is being misused by people who don't even know what it means, to the detriment of many people who have never harmed anyone.
While, I absolutely believe it's google's job to report illegal activity
Not all laws are just, so don't pretend that they are.
Re: (Score:3)
It really shouldn't be Google's job to report illegal activity. If a company is going to do cloud computing on the scale Google does, there should be privacy laws in place, similar to doctor/patient privilege, or lawyer/client privilege, or priest/confessioner privilege. Google might be put on the spot through a warrant or whatever, but should not volunteer any information of their own.
And before someone points out that I've
Re:This is chilling (Score:4, Interesting)
Hmm, I don't know. This is the first time I've heard of something like this from Google, so it could have been just an inquiry into a random technical problem, a Google employee suspicious of their neighbor, a Google employee who got a tip-off from his best friend, or anything, really.
All of those scenarios just go to show that, contrary to what Google has claimed in the past, their employees can and do view emails even without a court order.
Others?? (Score:5, Interesting)
Re:Others?? (Score:5, Insightful)
They probably found a few thousand by automated scanning, and then selected one that actually had abused children 20 years in the past (and paid for it), because that will kill all reason in the general public. The aim, is rather obviously, to slowly break it to the public that all email content gets scanned. Of course it is in a good cause, like fighting illegal pixels and imaginary terrorists! (Can't do anything about people that actually hurt children, that would be far too expensive. And while the FBI has done its best to create "terrorists", they just cannot deliver enough...) Next, they will be going after people without priors, then anything "inappropriate" and finally, even badmouthing some politician in a private email will get you a visit from your friendly neighborhood SWAT team, after all you could be planning mass-murder.
Re:Others?? (Score:4, Insightful)
Even though we are not ascribing values of good and bad to the Googliness, the argument for protection of the ffreedom of those most undeserving amongst us is often an easy moral conundrum to overcome.
That is why they begin the gentle eroding of citizen freedom there, at the lowest common denominator. It's difficult to object, if in doing so, you find yourself defending reprehensible behavior. It is horribly obvious and routinely acceptable manipulation...
Re: (Score:3)
But humans are pretty dumb, which implies something else. If you believe the media and occasional self-serving police press release, there's supposed to be a huge conspiracy trading in child porn, worth hundreds of millions of dollars a year, numbering in the hundreds of thousands. Yet only one of them was dumb enough to use gmail? Could it be that someone has been vastly overstating the scale of the problem, and the real scale of child pornography production and distribution is actually quite small? After
Good riddance (Score:5, Interesting)
Both to the pedophile and to the illusion of privacy people had when using Gmail.
(They have an obligation to report child porn if they find it, but they don't have an obligation to look. My suspicion is Google is not happy about what happened.)
Re:Good riddance (Score:5, Insightful)
Yeah, I have absolutely no problem with this article. You don't want RandomCompany looking at your emails? Don't send your emails through RandomCompany servers.
Don't want your ISP looking at your emails? Encrypt your emails.
Don't have the ability to understand how to encrypt your emails and want someone to manage it for you because technology is all so hard but you still want to use it? Suck it up and learn, or pay someone to do it for you and stop whining about your own ignorance.
Re:Good riddance (Score:5, Insightful)
They have an obligation to report child porn if they find it, but they don't have an obligation to look.
Actually, naive me was thinking that they have an obligation NOT TO LOOK.
I also have a storage room rental -- does that mean the owner is allowed to do random checks for stolen goods? Just in case?
Are the *sure* they got the right guy? (Score:4, Insightful)
Gmail allows for dot address matching. This is a *huge* problem that has never been addressed.
Apparently my first letter, last name gmail address happens to be pretty popular. So popular, I receive emails from at least 5 other people in my inbox. One from PA, another one in Florida, still another in New Zealand... I could go on and on, but you get the idea. Apparently, this seems to happen a bit to people [google.com].
Sadly, Google has no fix for it, no way to get it to stop. Their support address and site are useless, imho.
I have since moved all of my email off to my own domain and mail services not controlled by Google. I still keep the account open and forwarding to my new email address, so I still get their email, too. I do what I can to minimize problems by auto-deleting everything that hits my inbox that's obviously not for me.
Stories like this scare the shit out of me because, at any time, if one of those people I happen to receive email for suddenly decides to go into full-creep mode, I could be put in prison for a very, very long time. Not for anything that I have done, but for how gmail has been setup to allow for this.
Re:Are the *sure* they got the right guy? (Score:5, Informative)
Gmail allows for dot address matching. This is a *huge* problem that has never been addressed.
It hasn't been addressed because there is no such problem. All of the incidents described in the link you provided, as well as your own experience, seem to be explained by user stupidity. No need to invent some mysterious google-bug in order to explain it.
I had a similar experience; some idiot used my google email address, with a dot in the middle (no dot in mine), as his recovery e-mail for a bunch of his other accounts. So I kept getting periodic emails letting me know when he's signed in from a new location. Confused the shit out of me at first. After I contacted him to let him know about it, it turned out he was misspelling his own e-mail address.
When the choice is between user stupidity and a systemic problem, always pick user stupidity.
Stories like this scare the shit out of me because, at any time, if one of those people I happen to receive email for suddenly decides to go into full-creep mode, I could be put in prison for a very, very long time.
Nonsense. If this were true, any pissed off person who knows your e-mail address could get your arrested by spamming you with kiddie-porn from an anonymous e-mail provider. You're not going to go to jail just for receiving e-mail.
It's not just Google... (Score:3)
Lets try this.... (Score:5, Insightful)
With legal (or cracked) access to anyone's email account (sex offender or not) lets see how easy it is to plant evidence.
1. Access account, add a folder or label (preferably hidden buy being buried in default sort order or under another folder).
2. Set filter with obscure rule to automatically route certain emails to said folder.
3. Send "illicit" or "evidentiary" messages that match said filter. These can be sent from self or whatever generated entity seems appropriate.
4. Access account again from various public IP addresses (or from target's own wifi). Read already read email, plus messages in target folder.
5. Remove filter. Have Google 'find' the evidence. Arrest wrongdoer.
This is not that far fetched. The chain of evidence doe not prove that the target is guilty, but can be made to look enough like it to convince a judge or jury. From the vantage of Google or a jury, it looks as though the subject sent or had sent, expected, and read the messages.
Just about anyone here could do this with the creds to an account - which in most situations are not terribly hard to garner.
Before you say you would notice the folder in your account, think of this. I have over 100 folders in my email account, some rarely opened, and never all visible on the screen. I wouldn't have noticed - but I may have enough knowledge to fight - a little anyway. How about a novice, when a folder named 'Archived Messages' appears. Would he/she even think twice?
I did not RTFA, but I know google uses their image search algos for blocking known child porn sites. It is not a hard step to run that against email messages. How about when the NSA/CIA/FBI tells google (via a NSL) scan all messages for x terms. How about when said terms are sent to and from hacked accounts as a matter of course?
It is important to realize that absolutely no communication that is unencrypted is private, but how about whe forged open communications can make you a criminal?
Trust Google? (Score:3)
If they can do this for this cause, they can do this for any cause, or for no cause at all.
I can't say I am surprised.
Snooping or running hashes? (Score:5, Interesting)
Were they really snooping around this guy's email for no reason or do they check your attachments against a list of hashes of known child porn?
Comment removed (Score:4, Insightful)
the ARTICLE states (Score:5, Informative)
that this was discovered via a known hash of known child pornagraphy images.
it seems to me that google must keep a hash table of alot of things sitting around on it's drives,
using hashes to reduce redundant storage requirements means that this very well have been discovered AUTOMAGICALLY, and thus required google to act on it.
i don't think the spin being placed here as it being an 'invasion' of privacy is accurate here considering my prior statement
you should thank google for helping to stop people invading the child's privacy by putting a stop to sharing of images like this
the methods potentionally employed in the discovery of this image are both automated and reasonable
and the reaction of google is not only reasonable and actionable, it's also commendable.
we all can keep our privacy if all they're doing is storage reduction through hash comparison.
fin.
Re:the ARTICLE states (Score:4, Insightful)
Actually, I was thinking the perhaps we shouldn't jump the gun because maybe Google was troubleshooting something and discovered the image accidentally.
The hash table of a lot of things could be a problem. I have a relative who sends me political memes. How hard is it to hash those and get a list of known Conservatives/Liberals/etc. McCarthy wasn't that long ago. Not too long ago being gay got you kicked out of the military. Drug laws are in flux. The list of things which are good or bad depending on either time or your own opinion goes on and on. The post office doesn't get to open your mail and compare the contents to a list of known bad things. Why does Google?
Another reason to move away from Google (Score:3, Insightful)
Philadelphia is wrong on many levels. Thus, good on Google. However, there is a lot to think about here. Namely, what if some spammer sends me photos of minors and Google sees it? Will I be reported? Or more realistically, what if someone that I have a poor relationship with sends me illegal images and Google sees it? Will I be held accountable for my that person's actions too?
Re: (Score:3, Funny)
That's really funny. The idea that you can delete things.
Re:Best secure email? (Score:5, Insightful)
Then learn to accept that the NSA installed a hardware backdoor in your router and is reading your emails (and now they are monitoring your for suspected terrorist activities), and China installed one in your computer hardware and are doing the same.
Re:Best secure email? (Score:4, Informative)
email your friend encrypted pdf files and tell him the pdf file password over the telephone.
Re: (Score:3)
Re:Best secure email? (Score:4, Informative)
Re: (Score:3)
Just my thoughts. This person was carefully selected from a long list to make sure nobody has any sympathy with him. Of course the law-enforcement "success" here is completely insignificant in comparison to what was done to the public to achieve it.
Re: (Score:3)
I think they had a few 1000 candidates and very carefully selected the one least likely to get any sympathy in order to obscure the massive wrong they did to a few hundred million people in order to find him. But this is just the start. Once the public has gotten used to universal email surveillance in a "good" cause, the causes will slip. At the end, saying something bad about some politician in an email may cause all sorts of bad things to happen to you.
Re: (Score:3)
Great, so they ignore all fresh material where, you know, something could actually be done to continue it from going on and rescue some child? I am getting more and more convinced that this is not about harm done to children at all.
Re: (Score:3)
Now they've admitted then do this, how long before the RIAA sues to demand a list of known infringing MP3 files be added to the list?
Re: (Score:3)
Re:Brain surgery? (Score:4, Interesting)
Because there is no sexual area of the brain. It's a distributed function. You'd have to cut out so much brain they'd end up comatose or dead.
You can try to surpress sex drive hormonally, or even by castration. It's still not reliable. There's too much of a psychological element involved: Even if you remove the hormones, that doesn't mean they won't still want to look.