HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Microsoft Is Also Scanning For Illicit Images
- Thread starter HardOCP News
- Start date
temujin987
[H]ard|Gawd
- Joined
- Jun 24, 2008
- Messages
- 1,351
this makes it so easy to get rid of inconvenient people. just mail them some illegal pic and wait until he gets 400 years prison time.
Doing such a thing is just going to get you put in jail for possession, distribution, and attempting to frame someone.
Technically if you have pre-crime where you tell a person privately well before hand that you better not do that or else with no consequences provided they don't commit the crime. It would probably be a good deterrent and if you make it a crime to leak said pre-crime information then pre-crime systems can tell pre-crime leakers before they leak anything that it is bad to leak pre-crime information before a crime actually occurs. The privacy of the privacy invading system can be maintained in such a loopy way.
In all realism though determining who is going to commit a crime before it happens is basically impossible. Matching images against known child abuse images though is trivial.
Image hashing is just the same as malware hashes no amount of hashing is going to detect discontent or angry emails. Google Adsense and Facebook's content aware advertising systems are more along the lines of reading what your typing/clicking on.
Targeted advertising and mass internet tracking is a totally different subject from matching identical copies of a child abuse image.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
Yeah soon you can't store kiddie rape porn anywhere without being scared. No wait, that's a good thing isn't it?
Careless computing has a purpose, if you don't care about what happens to the data your using in the "cloud" then it is a good fit. I like the on premise + cloud solution as it offers the best of both and lets you keep control of the important stuff so that when the cloud vanishes sometimes or forever your not screwed.
Yeah soon you can't store kiddie rape porn anywhere without being scared. No wait, that's a good thing isn't it?
Not to mention if they ever tried to extend it to more normal, political, public images it would never work because they would start flagging countless internal users and generate so many hits it would never work to catch anyone. Anyone making unique images of anything is going to be able to send them without fear either as hash based images require them to already have the image in question to generate a hash value off it.
I doubt it. They will just blame the account owner, and he will have an uphill battle trying to prove he's "innocent" while rotting in jail. So much for innocent until proven guilty.
NastyNative
Gawd
- Joined
- Jan 28, 2009
- Messages
- 522
VPN
if you don't have one get one!
if you don't have one get one!
How does a hybrid help your privacy? You are still sending your private data over to someone who cannot be trusted.
Why if Google/Microsoft/Yahoo can all see where things go they are going to find you first using the same digital crime techniques they use for spammers and you are guilty of all three actions so tough luck defending yourself in saying it was all a joke. So much for framing people because you are going to get labeled as the source of the pictures (Tor exit node monitoring also makes that moot if you try that, and your ISP is watching too, google won't encrypt your email in flight unless your working with another trusted site so your going to leave a massive trail in your wake).
If you really want to frame someone get illegal materials and kidnap them to make them look suspicious and then use their accounts to make it look like they were the source and fake a bunch of physical evidence and the such to get rid of someone. Get them caught and release them and since they have no evidence to prove they were kidnapped they are screwed. With enough resources you can easily frame them for murder too. That being said its not going to happen because there are too many risks involved in pulling it off and if some criminal gang wanted to do it to someone it isn't going to be random.
In the simple case of you trying to frame someone by sending CP images to them your going to get in trouble real fast because of the logs which they keep and no amount of blind prosecution isn't going to see that your the juicy target because that would be an open shut case.
You still have to worry about your ISP's logs.
No you don't store private or critical data in the cloud you use it for stuff you don't care about the non-critical/non-private information which is just marketing, customer facing type stuff. While things like actual customer data, medical information, critical documents get handled internally and never touch anything but your own systems. Why do you even need to store ultra-sensitive stuff in the cloud no one should be accessing it other than on site. And measures should be taken to keep it from walking out the door as well because that obviously something the NSA didn't even bother with.
I think you are overthinking this. Most of this is automated, and at least Google won't share logs without a court order forcing them to do so (as they have said in the past). Idk about MS & Yahoo, maybe they do share more than others.
I can totally see someone using a VPN or something going into someone else's account, and even if you are eventually found innocent, by then the damage is already done. But a lot of people don't have the funds for a good legal defense, in which case it is more likely than not that you would get steamrolled by the govt. just for the "PR" factor.
I mean shit, what good does sending that one guy to jail does? That's just as bad as the guy who bought $20 worth of weed going to jail for years due to "possession". But I digress. Oh and Think of the Children!
I can totally see someone getting steamrolled for something they are innocent of. If it happens for things such as murder, it will totally happen for this too.
UrielDagda
2[H]4U
- Joined
- Nov 16, 2004
- Messages
- 2,844
When will all the child porn addicts learn-- the best way to amass your collection and never worry about having the cops on your ass is to use other people's WiFi. The cops can get warrants for the person that owns that IP address but can't search any computer that isn't connected to the network at the time they serve it.
Easy peasy.
Easy peasy.
Unsecured wifi is basically the way to go for private online activities coupled with non-logging VPN and another VPN it would be basically untracable. Especially if the person your communicating with is in another unsecured wifi.
Google reported it and they got a search warrant so the logs would be made available. They went through the courts to get a warrant to seize his computers, emails, and likely the full logs as well. Google also said they have a department, just like Microsoft's Digital Crime Unit that handles online crimes. (That also involves finding out if someone is trying to frame people with CP spam)
It is automated at the first level and isn't an automatic release of logs to the cops. They court's did "force" Google to give all the relevant details and took his physical devices as well. He was arrested far away from his registered sex offender residence and took a job at a local restaurant and was found with secret recordings of children and their families eating there which he took while working there likely looking for another target so it isn't "what good does sending that one guy to jail" and isn't like a minor drug offense.
In order to get into someone else's account you have to know the credentials which is why securing your online identity is important. All my critical accounts use two factor authentication an extremely long and only in my memory password and regular checks on where access occurs from. You cannot just "VPN" into another person's email without first compromising the person which is in itself another illegal action which is just one of the few required to carry out a successful frame for a crime.
Google can detect abnormal logins as well and many services I use for management send audit logs of account access as well. Unless you also compromised the person's local computer which is another crime which would help make it look like they were committing the act. But the ISP could still see this so it is best you break in secretly by duplicating their keys or non-evidently breaking into their house and physically use their own computer without leaving any trace evidence. That way no logs would make it appear as if another party could have done it but you have to ensure they have no physical excuse which is where the kidnapping steps in. All in all framing someone properly isn't easy or legal.
We get are emails scanned for viruses and malware and typing too much into Google makes them ask me to complete a I'm not a robot challenge so why are people surprised that the malware/spam signature list includes far more illegal child abuse imagery. Most people are not spammers,malware authors, or CP image distributors by gmail, and hash based matching can't slip down a slope to catching political dissidents unless their sending tons of spam. The hash matching literally only matches exact copies.
Google adsense, targeted advertising in general is the "evil" thing that enables total internet tracking via all those countless extra domains you see on many sites. Even HardOCP has amazon + google's platform while other news sites have like 30+ trackers all at once. I block them because sometimes it just slows down the page too much.
Ur_Mom
Fully [H]
- Joined
- May 15, 2006
- Messages
- 20,689
For me, I know they scan and I will complain. But, it's not that they do it without people knowing. We know. We just don't like it and will complain. I see nothing wrong with that. We're not going to just take it in the @$$ and go with it. Now, there are some people that are pissed that it's going on and act like they were in the dark about it. Those people you can make the meme about.
I just don't like them scanning it in the first place. But, that is how they make money. Targeted advertising and information selling. The email service isn't "free", really. Neither is the "free" cloud storage.
I guess this Meme wouldn't be targeted at people like you then!
Ur_Mom
Fully [H]
- Joined
- May 15, 2006
- Messages
- 20,689
Starcrossed
2[H]4U
- Joined
- Sep 27, 2008
- Messages
- 2,160
Privacy laws now.
You don't need Tor. Just go to a public library make a new web based e-mail account and e-mail away. Anonymity achieved.
And you don't need a conviction. You just need the police to pull up and walk out with computers and if the purpose of the confiscation leaks to the neighbors, if they just don't flat out tell them when asked, that person's life is ruined. No conviction necessary.
I'd like to set pedos on fire as much as the next guy. But the lack of reservation on whether this is acceptable is exactly why politicians won't reign in the NSA. I guess the politicians have a closer pulse on the public than I thought.
I live in a little cul de sac with a bunch of older people and apparently none of them are tech savvy. I've been going around to my neighbor's houses explaining that their open networks are going to get them in trouble, as every kid in the neighborhood as a laptop (with webcam) supplied by the school and know how to find open networks. It's only a matter of time before one of these kids sends a video to a bf/gf via someone elses wireless and gets that person in trouble. Even though my network is locked down and kids do not get stored passkeys on their machines, I still keep a log of everything that accesses my network just in the case something like that were to happen. Kids will be kids, but I'm not doing jailtime for them.
hope this doesn't set some kind of precedent. maybe they'll start scanning tags of the mp3's you put on google play music (some have marking ids). as "good" as it is that they catch the criminals, just thing about how far this can go if we start thinking it's ok to scan our files.
time to move everything back to local drives, private cloud,and hosting my own mail server.
time to move everything back to local drives, private cloud,and hosting my own mail server.
Ur_Mom
Fully [H]
- Joined
- May 15, 2006
- Messages
- 20,689
It's in their TOS, and it's legal. But, it's definitely not cool. Sure, they can sell it as a good thing as catching some POS pedophiles. Nobody sides with those fuckers. But, like someone else said - it could set a precedent. Soon, every file you have will be scrutinized and searched and compared to a DB looking for anything. Terrorist words, music files, videos, etc.. That memo you wrote talking about Jager Bombs? Well, bombs just got you on the list. Yes, that list. Santa is PISSED.
Its already been discussed that to avoid such a scan from Google or similar, you pretty much have to abstain from e-mail entirely.
And of course it was to set a precedent.
BladeVenom
Supreme [H]ardness
- Joined
- Jun 29, 2005
- Messages
- 7,707
What happens in the case of a hash collision?
Red Squirrel
[H]F Junkie
- Joined
- Nov 29, 2009
- Messages
- 9,211
I suppose one good thing about the cloud is it makes the people who host their own stuff even less vulnerable because the cloud is just such a big easy target for hackers, the NSA, etc. Heck, in this particular case they're just handing information left and right like it was free coffee and donuts at a board meeting. I wonder how easy it would be to get such info through social engineering.
Where does the email come from before it enters your mail server, and where does the email go when it leaves your mail server? Do you think there aren't privately owned companies that own the lines that your emails flow through? Why would they not have the right to know what their equipment is being used for?
Why did you ever think you had the slightest bit of privacy on the Internet? Do you actually think that files on the Internet haven't been getting scanned from the very beginning?
temujin987
[H]ard|Gawd
- Joined
- Jun 24, 2008
- Messages
- 1,351
you make a russian temp e-mail address from behind over 9000 proxies and write something like "thank you for your order, here is the promised teaser pic". that's enough to ruin anyone's credibility even if that person turns out to be not guilty, the damage is already done after he lost his job and friends. no way this will not happen, it's just too easy.