backtop

Internet Senator: Let’s Monitor All P2P
Tom Corelis (Blog) - April 17, 2008 4:25 PM
Print E-mail del.icio.us 103 comment(s) - last by Kaleid.. on Apr 23 at 8:47 PM
Comprehensive software monitors the internet for kiddie porn

Senator Joe Biden, a democrat from Delaware, has a new plan for combating kiddie porn on the internet: implement a nationwide P2P monitoring system.

It’s “pretty easy to pick out the person engaged in either transmitting or downloading violent scenes of rape, molestation,” said Biden, because all you have to do is look at the filenames. He cites a piece of software, known as “Operation Fairplay,” which currently sees use around the world and at regional Internet Crimes Against Children task forces in the U.S.

Operation Fairplay is a “comprehensive computer infrastructure” that gives law enforcement officers a view of the “big picture” of child pornography transfers around the country. Biden says Special Agent Flint Waters of the Wyoming Attorney General’s Office developed the program, and describes him as an expert in the field.

A description of the software as is witnessed by CNET says the software works similar to anti-P2P measures used by Hollywood enforcers: investigators patrol peer-to-peer networks for suspicious-looking for suspicious files, downloading anything they find of interest. Fairplay’s software retrieves the IP address for the investigator and is sometimes able to locate the offender’s computer on a map. Agents then track the offender on a “daily” basis, identifying them by their IP address and, in some cases, a “unique serial number” sourced from offender’s computer.

Special Agent Waters wouldn’t elaborate on what the serial number is comprised of, for fear of giving perpetrators information they could use to circumvent it. “It's unique to the computer, that's as far as I'll go,” he said, noting that “we're able to get it when they're transferring child pornography.”

Investigators have recorded almost 1.3 million of the unique serial numbers thus far, with about half of them residing in the United States – and that number is steadily increasing each month due to “extensive capturing” conducted since October 2005.

Fairplay is also capable of tracking the files themselves, monitoring where a file goes by its hashcode – often generated by the P2P client itself as a means of identifying identical files with different filenames.

According to Biden, the FBI’s “Innocent Images” unit only has 32 investigators working on the case – allowing the agency to tackle less than 2 percent of what he calls “known” cases of child pornography tracking on the internet. As a result, Biden is pushing the “Combating Child Exploitation Act,” which would authorize over $1 billion, spent over the next eight years, to hire an additional 250 agents for the child pornography unit and increase child pornography enforcement worldwide. “We can get our arms around it, the worst aspect of it,” said Biden, “if we provide the resources.”

Biden’s stance is unique in that he isn’t directly opposed to P2P as a whole, recognizing the technology’s use in legal situations. “Blaming this problem on peer-to-peer innovation,” he said, “is like blaming the interstate highway system when someone uses it to transport drugs.”

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Errmmm....
By ZaethDekar on 4/17/2008 6:22:26 PM , Rating: 5
quote:
It’s “pretty easy to pick out the person engaged in either transmitting or downloading violent scenes of rape, molestation,” said Biden, because all you have to do is look at the filenames.


Umm, and why can't you just change the filename? I mean I understand the part where they read the hash but if everything is named 'Hello World!' then they would pretty much have to download all of the different files to see what is good vs bad.




RE: Errmmm....
By KristopherKubicki (blog) on 4/17/2008 6:32:07 PM , Rating: 5
quote:
Umm, and why can't you just change the filename?

Shhhh... the first rule about changing filenames is you do not talk about changing filenames ...


RE: Errmmm....
By murphyslabrat on 4/17/2008 6:44:58 PM , Rating: 1
Then why are you still talking about changing filenames?


RE: Errmmm....
By GhandiInstinct on 4/17/2008 7:11:51 PM , Rating: 5
He's talking about the rule about changing filenames..


RE: Errmmm....
By walk2k on 4/17/2008 8:09:51 PM , Rating: 3
the hash won't change though


RE: Errmmm....
By afkrotch on 4/21/2008 3:00:52 PM , Rating: 2
It will if you zip it.


RE: Errmmm....
By murphyslabrat on 4/17/2008 9:20:03 PM , Rating: 4
You're breaking the rule too.


RE: Errmmm....
By Oregonian2 on 4/18/2008 6:23:54 PM , Rating: 2
You mean changing the filename of the Pope's photo (taken on his recent birthday talking to Pres. Bush) to something related to child porn?

Does that get the sender thrown into jail, or does the Pope get thrown into jail the next time he visits?


RE: Errmmm....
By CvP on 4/17/2008 8:15:53 PM , Rating: 3
...and the second rule about changing filenames is you do not talk about changing filenames.


RE: Errmmm....
By adam00 on 4/18/2008 11:26:51 AM , Rating: 5
If this is your first time here, you have to change a file name.


RE: Errmmm....
By mindless1 on 4/18/2008 7:14:20 AM , Rating: 4
I suspect the remark about filenames was just one example of a way to identify something that would warrant further scrutiny. You can be fairly suspicious of a file is named something suggesting child pron but it doesn't mean that other intel would be ignored.

Ultimately if these folks are looking to combat child pron, they are in the same boat as those trying to acquire and distribute it, that one way or the other it has to be described enough /somewhere/ that people aren't just downloading random files but instead are trying to acquire child pron. For example if you wanted to download a game demo, you wouldn't go to some unknown site with no mention of being related to gaming at all, click on an unlabled link and download a file named "download.zip", you somehow found out what, where, when to get it.


RE: Errmmm....
By DOSGuy on 4/18/2008 9:31:08 AM , Rating: 2
When you search for something on a P2P file server, the matches are going to be based on either filenames or tags, so the simple answer to your question is "because if you change the filename, no one will be able to find it".

Of course, the people who are creating and distributing the largest amount of child pornography aren't stupid enough to use descriptive filenames. My limited knowledge of the subject is that the worst offenders don't use P2P, but meet at secret websites that require payment by credit card, and sometimes require members to already have at least 1000 pieces of child pornography, presumably to prove that they aren't with law enforcement, or that they have something to trade. As for those who would risk distributing child pornography by P2P, they would invent code words that no one would be searching for to elude any system that searches for child pornography by filename. Only trusted members would know the secret word to search for.

My guess is that relying on filenames would catch the clueless and curious, but not the worst offenders. Either Biden doesn't know what he's talking about, or the system is more sophisticated than the filename example that he gave.


RE: Errmmm....
By Adonlude on 4/18/2008 4:44:02 PM , Rating: 2
Have you guys ever seen typical internet pron file names (no im not a sicko)?

Jennasomething13yrolddoesthiswiththathorseanddog@ #$#$ doingneighborsparakeet@#$*7kiddiepronlubelargehoote rs.mpg

I am predicting a few false positives.


RE: Errmmm....
By othercents on 4/18/2008 3:10:22 PM , Rating: 2
The reverse is true too. Why not flood the P2P system with crude vulgar claymation with file names that would get flagged. Actually it doesn't have to be crude or vulgar either. Then they will spending a ton of time just trying to find out what is good and bad. Right now there is definitely too much traffic to be able to parse through.

Other


As usual, Democrats miss the big picture.
By Reclaimer77 on 4/17/2008 7:11:32 PM , Rating: 5
quote:
“We can get our arms around it, the worst aspect of it,” said Biden, “if we provide the resources.”


Call me crazy, but isn't the worst aspect of the problem those who take children and violate them on film ? Apparently the worst aspect is P2P distribution. Huh.. who knew.

Not only will this bill NEVER stop a single child from being abused and violated, but its going to be yet another law put in the books by Democrats that is impossible to enforce !




By elpresidente2075 on 4/17/2008 11:08:21 PM , Rating: 3
The point is trying to find the source. If you find all the people who've downloaded it (despicable practice anyway), eventually you'll be able to find the first person who put it on the internet. You follow it up the chain, and hopefully a CP ring gets busted big time.

At least that's the point. Whether or not it'll actually happen is a different story, but I know they've got some really good programmers in the FBI, CIA, and NSA, along with dozens of other 3-letter departments and agencies.

As this process isn't about taking down individual users, but the sources on a macro level (presumably) there would be a success rate. However, I agree with the sentiment that it will ultimately be futile, simply because it will be enacted by the federal government, one of the least-efficient, least-organized (or perhaps over-organized?), and slowest moving entities I've ever seen.


By ebakke on 4/17/2008 11:16:25 PM , Rating: 2
It seems mighty difficult to go 'up the chain' as you say.


RE: As usual, Democrats miss the big picture.
By Visual on 4/18/2008 6:22:39 AM , Rating: 2
No... it is most likely impossible to find the source this way.
The goal is indeed to catch individual users, or at the very least scare them away. This can significantly decrease the market to such material, and so hopefully eliminate the reason it is being created in the first place.


RE: As usual, Democrats miss the big picture.
By Kenenniah on 4/18/2008 6:37:01 AM , Rating: 2
quote:
This can significantly decrease the market to such material, and so hopefully eliminate the reason it is being created in the first place.


The market? What you said would make sense if the article was talking about people paying for the data. Since it's talking about P2P there is no monetary incentive for people to post it, therefore I fail to see how it would affect the creators at all. They'd still make money selling it in their usual non P2P undergrounds.


RE: As usual, Democrats miss the big picture.
By Visual on 4/18/2008 7:20:11 AM , Rating: 2
Point.

Hmm... maybe it's to avoid all these people that are now getting it for free to become too interested in it, to the point of starting to pay for it or even ...*shiver*.. produce it themselves?
I still think such a move is an attempt at limiting the demand for such material, free or otherwise, which is a good thing.


By dever on 4/18/2008 1:19:43 PM