Senator: Let's monitor P2P for illegal files

WASHINGTON--A prominent Senate Democrat on Wednesday said federal and local police should use custom software to monitor peer-to-peer networks for illegal activity, and he wants to spend $1 billion in tax dollars to help make that happen.

Sen. Joe Biden (D-Del.)

(Credit: Biden.senate.gov)

At an afternoon Senate Judiciary subcommittee hearing about child exploitation on the Internet, Sen. Joe Biden (D-Del.) said he was under the impression it's "pretty easy to pick out the person engaged in either transmitting or downloading violent scenes of rape, molestation" simply by looking at file names. He urged use of those techniques by investigators to help nab the most egregious offenders.

The software, dubbed "Operation Fairplay," was developed two years ago by Special Agent Flint Waters in the Wyoming Attorney General's Office, who, by Biden's description, is considered an expert in the field. The application is currently being used by all of the regional Internet Crimes Against Children (ICAC) task forces nationwide and internationally, Waters told the panel.

Waters describes the system as a "comprehensive computer infrastructure," housed in Wyoming, that grants law enforcement officers a "big picture" of what sort of child pornography file transfers are going on across the country. It's able to help investigators conduct undercover operations involving peer-to-peer file-sharing applications, chat rooms, Web sites, and mobile telephones, Waters said.

No one's trying to demonize those technologies, Waters said. "Blaming this problem on peer-to-peer innovation is like blaming the interstate highway system when someone uses it to transport drugs," he said.

But in 2008 alone, investigators using Fairplay have "seen" more than 1,400 IP addresses tied to swapping child pornography files on at least 100 different occasions, Waters said. He didn't say how he identified what he viewed as child pornography, which can include photographs of fully-clothed teenagers taken with their parents' consent. In addition, as critiques of a 1995 law review article pointed out, trying to guess the contents of a file based on its name can be a problematic process.

Based on Waters' statements to the committee, the system appears to work like this: Investigators log onto peer-to-peer file-sharing networks as any other person would and search for files containing certain keywords that are likely to indicate child pornography is involved. Then they download the files--frequently videos, sometimes as long as 20 to 30 minutes, with names like "children kiddy underage illegal.mpg" and much more obscene--to their own machines. They're able to use the Fairplay software to obtain the IP address of the file's sender and, in some cases, display its geographic location in map form.

Once armed with an IP address and date and time of the download, investigators can subpoena the Internet service provider for more information, such as name and address of the subscriber who was assigned it at that moment. "It's not necessarily the suspect but it tells us the physical location to start," Waters said. (He didn't say whether any wiretaps were conducted to monitor ongoing file swapping.)

"We can get our arms around it, the worst aspect of it, if we provide the resources."

--Sen. Joe Biden

Investigators use the IP addresses to keep track of offenders on a "daily" basis, Waters told CNET News.com during a break at the hearing. But in about half its cases, for purposes of longer-term tracking, the software captures "unique serial numbers" from the person's computer and keeps a tally of how many allegedly illicit files that particular user is trading.

Waters provided the committee with a chart that said, for example, law enforcement had "seen" one user in Pennsylvania exchanging those files 2,792 times, one New Jersey user swapping them 1,182 times, and so on. It wasn't clear whether the so-called serial number corresponded to IP address, P2P username, or something else, and Waters wouldn't elaborate.

"It's unique to the computer, that's as far as I'll go," Waters added, saying he didn't want to divulge more details that suspects could use to circumvent detection. "We're able to get it when they're transferring child pornography."

So far, investigators have recorded more than 642,000 "unique serial numbers" that can be traced to the United States and another 650,000 of them that cannot be traced to a particular country, with the number of unique serial numbers rising steadily each month since "widespread capturing" of the details began in October 2005.

In addition to tracking the senders of the files, investigators use Fairplay to track the files themselves through their hash values or digital signatures. In one case, investigators found that an image of a toddler who'd been "horribly abused" was available in more than 1 million places around the world, Waters said.

Lt. Robert Moses, unit commander of the Delaware State Police High Technology Crimes Unit, told the committee that the software has been instrumental in allowing law enforcement to "proactively" identify criminals who possess and distribute child pornography, helping lead to arrests and prosecutions.

Grier Weeks, executive director of an anticrime nonprofit association known as the National Association to Protect Children, said the system has "revolutionized law enforcement" in the child pornography area.

Biden and Sen. Jeff Sessions (R-Ala.), the committee's ranking member, said they were troubled that because of limited resources, investigators are able to take on less than 2 percent of what they called "known" cases of child-pornography trafficking via the Internet. Biden said he also isn't pleased to see that the FBI currently has only 32 agents working in its "Innocent Images" unit, which focuses on child pornography. Still, Biden said he isn't out to "exaggerate" the problem and acknowledged that some of those cases may involve "accidental" exchanges of illicit material.

Biden pushed for passage of a bill known as the Combating Child Exploitation Act. It would authorize more than $1 billion over the next eight years to hire 250 new federal agents devoted to Internet crimes against children, provide additional funding to regional computer forensics labs, and give out more federal grants to the regional Internet Crimes Against Children (ICAC) task forces. The House of Representatives passed a companion bill in October.

"We can get our arms around it, the worst aspect of it," he said, "if we provide the resources."

Sessions cautioned the law enforcement officials to be smart about obtaining search warrants in such investigations. "You can't just go peruse everybody's computer," he said. "You train the officers in what is legal and established and approved and how to get warrants when they need a warrant?"

Waters said he "didn't know of any cases where (requests for warrants) had been overturned."

News.com's Declan McCullagh contributed to this report

[Penguinisto]

Joe Biden = Idiot.

[i]"Sen. Joe Biden (D-Del.) said he was under the impression it's "pretty easy to pick out the person engaged in either transmitting or downloading violent scenes of rape, molestation" simply by looking at file names. He urged use of those techniques by investigators to help nab the most egregious offenders."[/i]<br /><br />So if I were a child predator, wouldn't it stand to reason that pushing files out with innocuous-sounding names would be a quick and ready countermeasure?<br /><br />I mean, the paedoes may be sick and disgusting, but assuming they're stupid isn't exactly going to stop them.<br /><br />/P

[SlimDan22]

Great Idea!

Lets spend money we don't have!!<br /><br />1 Billion Can Go A Long Way To Other Not So Important Things Like....Healthcare, Schools, Maybe Our Economyyy<br /><br />I can see spending the money on protecting children from pervs but really how much is going to be devoted to stopping Joe Smoe from downloading MC Hammers Greatest Hits<br /><br /><br />Common...

[Solaris_User]

How much?

I don't know, if you were the RIAA how much would you pay Joe Biden.<br /><br />This wont protect people from pervs.. any more than drug laws protect drug users. The reason is the people who are seeking this stuff (like willing drug users) already believe it's illegal and do it anyway. The fact that its illegal does not stop them. You think *extra* laws will make any difference to pedo's who are already harshly punished if caught?<br /><br />Everyone knows all the scary **** is not out on p2p anyhow but on Tor's .onion network. The real creeps will just fine a way around the system leaving legitimate people using P2P to be the subject of these serial numbers and investigations.<br /><br />Joe Biden is a moron.. no worse.. a very powerful moron.

[Nicholas Buenk]

This is crazy

First of all, it's very difficult to determine what the contents of a file is merely from <br />it's name, files are commonly mislabelled.<br />Secondly, just because someone downloads such a file doesn't mean they had any <br />interest in it's content. They might have made a mistake, been after something else, <br />or downloaded something poorly labelled. Also is the problem of identifying <br />someone by an IP address, these days with NAT multiple people can share an IP <br />address. In addition if someone has a wireless network.., if hacked or unsecured, that <br />would be the preferred way of a clever pedophile to try and get child porn.<br />Thirdly, and most importantly. It is absurd in a democracy that someone can be <br />arrested merely for watching a video or a picture. They should go after the people <br />making the videos, they are committing the child abuse. Even child abuse doesn't <br />give the government an excuse to act like a totalitarian state and decide it has a right <br />to censor things on the internet!

[fuzionloungmd]

"unique seial number"?

the uniqee serial number they are refering to is your computers MAC address. and a simple search on google will tell you what it is and how to change it or clone another persons computers mac address

[unknown unknown]

unlikely

MAC addresses stripped off by routers, they're usually don't leave the LAN.<br /> <br />There are several possibilities. Gnutella for example, assigns a unique id to each packet and uses a numerical id called the file index for file requests. It could also be a hash, which are in use by several p2p protocols.

[hawkeyeaz1]

Possible, or

It could also be the user(s) have Intel chips with the serial# enabled (foolish on their part, but goor for police). That "can't" be cloned. Of course anything can be spoofed.

[mrcoder]

guard the guards with it

Let's do use custom software to monitor peer-to-peer networks for illegal activity by government workers.<br /><br />And it does not require a warrant.<br /><br />Oh, that's right, no government workers have committed crimes.<br /><br />bwahahaha

[JRude667]

Get it over with!

Just have a compulsory cam and mike and keylogger in every home and get it over with. Who really wants Privacy anyway? Ben Laden doesn't log my Google searches...but EVERYBODY ELSE does!

[Wookiee-1138]

Wouldn't politicians be shooting themeselves in the foot?

At any rate, a pedo who's stupid enough to use such descriptive filenames gets what he deserves.

[kieranmullen]

Less Goverment Waste

Let private business take care of this issue.<br /><br />The government can't even find a balanced budget, how can they find illegal files?<br /><br />Oh but that is an issue not politician wants to address...<br /><br />KieranMullen<br /><a class="jive-link-external" href="http://360Oregon.com" target="_newWindow">http://360Oregon.com</a>

[RainCaster]

"I want to see this internet porno for myself"

What a wanker. He has no idea how intrusive this is on our civil liberties, and certainly doesn't care how much this will cost us.

[basraw]

let's monitor your call girls activity 24x7

Keep an eye on U

[dj_erik]

Blanket monitoring is no different than saying we support massive wiretaps.

I'm all for catching pedophiles, but some sort of balance needs <br />to be created. This to me sounds no different than the NSA <br />spying program. Basically stating that they review every <br />communication on the internet/fiber network, and selectively prosecuting individuals is not constitutionally acceptable in my <br />opinion. And take the case were they find other incriminating <br />evidence on something like insider trading, would they than <br />prosecute that case as well. I guess Joe Biden is in league with <br />the Bush Administration at least on the issue of questionable <br />federal actions as of late.

[jrjones1982]

DHS Neighborhood Network Watch

Pedophiles are always the easy subject to drop in order to <br />authorize any sort of domestic eavesdropping it seems. It's all <br />back to ATT v Hepting which is bs. The DHS has their little pet <br />project for the community to spy on each other's networks with <br />the Neighborhood Network Watch (www.dhsnnw.org/hnap.html). <br />The pretense for the existence of this group is of course <br />"terrorism". Yeah, that's the other sure fire winner for any type <br />of broad sweeping sweeping eavesdropping. Biden's thing just <br />seems like another on a long list of moves to just surveil all <br />network traffic.

[Imalittleteapot]

Finally

Someone almost gets it. I don't know why people would trade child porn though. Especially on a public P2P network. I just don't understand what's wrong with some people.<br /><br />However, I'm glad that it seems like he gets that MAC addresses, IP numbers, and things like that can be faked. You can't just barge in on someone based on an IP numbers alone. I'm also glad he understands the technology isn't the problem. It's the criminals using it in the wrong way that is the problem.<br /><br />I don't know what this "serial number" is, but it can probably be faked too. We just don't know which number he's talking about.<br /><br />However, the smartest thing they're doing is monitoring the connection over time to collect the evidence they need. They're not just saying oh this IP was being used this must be our guy. A little caution can go a long way.<br /><br />I highly doubt their method is fool proof though. I wouldn't want to be the one that gets falsely accused of having child porn. Life as you know it would be over from simply being accused.<br /><br />Without knowing all the details I have to say I'm still not sure they should be tracking people through P2P since it is possible to fake your ID on the net. I know they can't track most spammers down so I have to wonder how accurate their methods really are.<br /><br />But how I can judge the risks if I'm not being told everything about their methods? I can't I have no way to form an absolute opinion.<br /><br />However, if there is some unique number that your computer generates such as the ID number that Pentium III chips generated their for a bit then I bet there are a whole bunch of privacy advocates that would love to jump down somebody's throat about it.<br /><br />While it could be used for good, such a thing could be used to uniquely identify you amongst spammers, scammers, and phishers too. I'm against child porn, but aren't they a minority? Shouldn't our main concern be protecting the privacy of the majority? Like I said, can't say without knowing the details. I don't like the people being left in the dark, but I don't like child abusers either. So, what to do?<br /><br />I wonder if they'll have to reveal their methods at trial as a part of discovery.

[Mercury23]

How about...

We start monitoring our senators, congressmen and police... why stop at P2P? Let's watch those who watch us and see what we can find out!

[Imalittleteapot]

My idea.

Was to put them on camera all the time. Like a reality show for politicians. Everything they do on national TV.<br /><br />Then make them all hand write any legislation they wish to vote for. That's the end of those ten thousand pages bills that nobody understands.<br /><br />Of course we live in a world where the government taps your phone lines, but if we tap their phone lines we're going to prison for a long, long, long, long long time.<br /><br />Strange huh?

[umbrae]

Look out...

All they would catch would be people infected by virus and malware. Consolidating investigations would just mean people would use something like Peer Guardian to block the whole outfit. All that is left is people that don't know their machines are propagating.

[rk2469]

Joe Biden

There are many other Joe Biden Photos, including a picture while he was making a comment about Obama is a clean black.<br /><br />C|NET placed a smiling photo of Joe Biden for what? This picture isn't neutral, it's a positive picture. I tell you, C|NET places a lot of pictures to fit into the stories that it spins.<br /><br />This is a journalistic malpractice.

[xpda]

Cash

How much money does the RIAA pay Biden per year, anyway?

[rcguy]

Me genius - you bads guys

I think we can all agree that public monitoring of all politicians phone calls, credit card expenditures, Internet use, bathroom use and thoughts and conversations would be an excellent trial, before planting chips and cameras on the general population.

[Dr_Zinj]

Biden is a Politician

Follow the money. Who gets paid this $1,000,000,000 for building and running this "service"? Dollars to doughnuts it's either some buddy of Biden's, someone who's contributed all kinds of cash to his elections, or someone he has a monetary relationship with (i.e. stocks, profit sharing, etc)<br /><br />Biden is a crook dressed in a white suit.

[krosavcheg]

The Senator doesn't know all the facts.

This could be a very very bad thing. There is no universal serial number. IPs change. Macs can be spoofed. VERY EASILY. There are a billion other ways to hide your traffic regardless of these things. The chance of a false positive is VERY great. On the internet filenames mean absolutely nothing. Say I name my photo of me and my son Jimmy_so_cute_last_may.jpg. What are the chances it'll get picked up? Or 13yrb_loves_his_dad.jpg. Or even better, everyone loves brevity, what about 13ymfuck if it's abbreviated, you may unintentionally make something innocent sound horrific. my 2cents

[joebloe3000]

what is it with comp fact illiterates making decisions?

Seriously... What is it with senators who most likely don't know anything about technology and their need to find issues and go to town on em.<br /><br />The idea is not wrong, but the inability to understand that you simply can't control online activity like that is wrong.<br /><br />File names? Seriously... Encrypted files, hashes, private networks etc etc. You're catching a few idiots, you're not catching anyone that knows anything, if at all.<br /><br />There will be another revolution soon and it'll have to do with the fact that knowledge is power and now knowledge can be duplicated and shared for free instantly without boundaries. The same thing happened with the press, same will happen with copyright and the net and everything relating to the net.<br /><br />The idea isn't wrong (protecting kids) but the way they want to go at it so totally wrong. 1 billion to get a bunch of people to infiltrate p2p networks is a waste of tax payers money.

[johnsunvalley]

http://www.babatek.com