Net companies pledge child porn crackdown

In an attempt to forestall potentially intrusive new federal laws, a coalition of Internet companies has launched a campaign against child pornography that they say will tip off police to illegal images.

The Internet companies--AOL, EarthLink, Microsoft, United Online and Yahoo--are pledging $1 million in cash and technical assistance to develop technology that can "detect and disrupt the distribution of known images of child exploitation" on the Internet. The coalition's effort will take place under the auspices of the National Center for Missing & Exploited Children.

Tuesday's announcement comes just hours before the beginning of a two-day U.S. House of Representatives hearing that will explore enacting new laws to require Internet providers to store records on what Americans are doing online, a concept called data retention.

Because Internet providers are loath to see new laws that could raise privacy and security concerns--and cost them millions of dollars in the process--they hope that their own, self-regulatory proposal will reduce Congress' willingness to impose a mandatory one. That may be a tough task: Attorney General Alberto Gonzales has been pressing for data retention laws as a way to aid in child porn investigations, and some politicians have already drafted legislation.

"There's always a concern that regulations are adopted that are overly expansive or difficult to implement," said Fred Randall, general counsel to United Online, which provides Internet access through its NetZero brand and operates social networking Web sites such as Classmates.com. Randall said that United Online has a history of working with law enforcement and already reports child pornography images and videos that its employees encounter.

One proposal that politicians are expected to present during Tuesday's hearing, according to one industry representative who spoke on condition of anonymity, is the creation of a national list of Web sites featuring illegal sex-themed images. Internet providers could be either encouraged or required to block access to them. (That's being done in the U.K. and was the law in Pennsylvania until a federal judge struck it down as unconstitutional.)

Borrowing from computer science
While the Internet companies say they have reached no firm decision about what standardized detection mechanism to use and are planning a meeting in July to work out details, one leading candidate can be found in any basic computer science textbook: a hash function.

Hash functions are methods used by programmers to generate a relatively small digital fingerprint from any type of data--including music, videos and photographs. Checksums, for instance, typically rely on hash functions. What makes them useful are two properties: first, they're often unique (though there's no guarantee), and second, changing even one byte is supposed to result in a completely different fingerprint.

For instance, the popular MD5 hash function yields the value fa145076b2c4d025fc7b7b4cf6bd256c for "CNET News.com" and the noticeably different result 643bc47634c1b834f36623fdb120d565 for the text "CNET News..com".

AOL has used hash functions in its internal efforts against child pornography since early 2004, said spokesman Andrew Weinstein.

[lingsun]

Yahoo and Google should just stop linking to child porn sites

Yahoo and Google should just stop linking to child porn sites. They are making money from crimes against children. If you doubt this, do a search for "incest" if you have the stomach for it. But what do you expect? Their motos should be "Do as much evil as possible." How else do you explain how they prostituted themselves to the Communist Chinese and helped oppress a 1.2 billion people? And how else do you explain their lack of cooperation with the U.S. government?

[MisterFlibble]

Welcome to 1984, everybody!!!

Oh, boy, looks like the far right conservatives had really latched onto this new meme of abusing power "for the children." Once, they used another meme, terrorsits, to envoke people's emotions and to ram through bad legislation an dpolicies, but they can now see that dog don't hunt no more, so now they have to come up with another "boogeyman" to justify more abuse of power and encroachment on privacy. Here, they found it. They are exploiting children by using them as an agruement for power grabs.

Yes, some responcibilty of abuse of power should also be on the ISPs, but I feel more that they are doing what they can to stave off data retention laws, the SOBing congress is forcing/tipping their hand to do this.

I can see so much possibilites of abuse of these new policies. AOL or any ISP shouldn't be scanning my e-mails for ANY purpose. At least with virus scanning, you the end-user can turn that off, can you turn this off? They are not analogous, then.

What if people get sent these images by people unsolicted? What if someone in a foreign country with a beef with a CNET editor, for example, in a country that doesn't do this, so therefore they don't get caught, sends an e-mail to a CNET editor's email address, and that editor uses AOL, AOL scans the e-mail, the hash checks determine their is child porn it in, and before you know it, the swat team are rushing on that CNET editor house for recieving an e-mail he didn't want it the first place and had nothing to do with. See, this is making ANYONE who enounters child porn in any way, including by accident, guilty of be a child pred. This is a violation of the Fourth and Fifth amendments. This really is not much different than the abuses that could come from Gonzales's data retention and could even be worse, and has me again rethinking if I'll continue to use the internet at all, and more specifically, my POS ISP.

And like the guy from EFF pointed out, what to stop them from stopping traffic of legit porn?

What's to stop them from giving info to the RIAA and MPAA and creating hash checks for P2Ps?

The answer... nothing. The internet is dead, my friends.

[MisterFlibble]

Welcome to 1984, everybody!!

Oh, boy, looks like the far right conservatives had really latched onto this new meme of abusing power "for the children." Once, they used another meme, terrorsits, to envoke people's emotions and to ram through bad legislation an dpolicies, but they can now see that dog don't hunt no more, so now they have to come up with another "boogeyman" to justify more abuse of power and encroachment on privacy. Here, they found it. They are exploiting children by using them as an agruement for power grabs.

Yes, some responcibilty of abuse of power should also be on the ISPs, but I feel more that they are doing what they can to stave off data retention laws, the SOBing congress is forcing/tipping their hand to do this.

I can see so much possibilites of abuse of these new policies. AOL or any ISP shouldn't be scanning my e-mails for ANY purpose. At least with virus scanning, you the end-user can turn that off, can you turn this off? They are not analogous, then.

What if people get sent these images by people unsolicted? What if someone in a foreign country with a beef with a CNET editor, for example, in a country that doesn't do this, so therefore they don't get caught, sends an e-mail to a CNET editor's email address, and that editor uses AOL, AOL scans the e-mail, the hash checks determine their is child porn it in, and before you know it, the swat team are rushing on that CNET editor house for recieving an e-mail he didn't want it the first place and had nothing to do with. See, this is making ANYONE who enounters child porn in any way, including by accident, guilty of be a child pred. This is a violation of the Fourth and Fifth amendments. This really is not much different than the abuses that could come from Gonzales's data retention and could even be worse, and has me again rethinking if I'll continue to use the internet at all, and more specifically, my POS ISP.

And like the guy from EFF pointed out, what to stop them from stopping traffic of legit porn?

What's to stop them from giving info to the RIAA and MPAA and creating hash checks for P2Ps?

The answer... nothing. The internet is dead, my friends.

[kamwmail-cnet1]

Child Porn - the new Boogie Man

First it was Communism. Than it was Terrorism. Now it's Child Porn. Somehow the McCarthy's of the world keep finding excuses to invade your privacy and restrict your freedom.

Did anybody ever bothered to do a study of this "pervasive" child porn problem? Like how many convictions of child porn that actually occured? Or is this one of those mystical "everybody knows" thingie?

[gerhard_schroeder]

Google hiding under their desks

Google has a soft-spot in their heart for child pornographers. As do many on the left.

At least this shows them for who they really are.

I don't buy the argument that you have to let child porn be available otherwise its 1984. That is a sick definition of freedom. The constitution is not a suicide pact, and it is not a protector of child pornographers.

[MisterFlibble]

Looks like they we have voluntary data retention.

According to Earthlink, they will be storing IP info for seven years on carts.

The Houses's website has a link for streaming video.

[baswwe]

What if your image matches the hash? What if they encrypt files?

And you are not guilty? YOu have to prove your innocence or because the hash matches you are guilty?

What file formats? JPEG/GIF/TIFF/BMP? any other obscure ones?

What if they encrypt their files? How can the HASH ever match.

[paper28]

how is hash checking really going to work?

they get a picture and record it's hash in a datebase. If one bit gets changed it's entirely a new hash and that can happen just by file getting curpted in the transfer that happens all the time. When you open and just resave a file without making any changes you get a all new hash value.

[spl68]

MD5 makes mistakes

It's known that different files can yield the same MD5 sum. There's even a program out there that can voluntarily generate multiple files with a given MD5 sum. I'll be really happy when I find out that I'm being jailed because my letter to Aunt Martha was MD5-identical to a picture of a kid suspended to a tree by his genitalia.

[Screwedin615]

If AOL really wanted to prevent Child Porn, they would warn their members of the consequences. I certainly had no idea there were mandatory sentences involved when I traded with an FBI agent sitting in an AOL chatroom. Had I known, I can assure you I would have never done such a thing. I believed by trading for old images, that you were not really doing anything harmful, and the FBI only wanted those in Porn Rings or those that paid for images. It's like shooting fish in a barrel, and AOL is mostly to blame. Even the smallest of items carry warning labels, but something that can get you 10 years or more in jail is not even addressed by them. Cowards.