A Linux-Based "Breath Test" For Porn On PCs

Gwaihir the Windlord writes "A university in Western Australia has started beta testing a tool that's described as 'a random breath test' to scan computers for illicit images. According to this article it's a clean bootable Linux environment. Since it doesn't write to the hard drive, the evidence is acceptable in court, at least in Australia. They're also working on versions to search for financial documents in fraud squad cases, or to search for terrorist keywords. Other than skimming off the dumb ones, does anyone really expect this to make a difference?" The article offers no details on what means the software uses to identify suspicious files.

Here's how it works...

[nweaver (113078)]

It looks for files like "guyongirlonsheep37.jpg"

Re:Here's how it works...

[Killer Orca (1373645)]

It looks for files like "guyongirlonsheep37.jpg"

Then I'll be safe since I rename all my files as "Top Secret: Hot Japanese Satellite images".

Re:Here's how it works...

[LrdDimwit (1133419)]

guyongirlonsheep37.jpg would probably be OK. I wouldn't want to try to explain guyongirlonsheep17.jpg however ...

Re:Here's how it works...

[autocracy (192714)]

What makes you think that having 20 less photos in the collection helps your cause? ;)

Re:Here's how it works...

[ObsessiveMathsFreak (773371)]

The specific command:

#find / -name \*.jpg

Quick! Whats the...

[i.r.id10t (595143)]

Quick! Whats the RGB color value for "pink" ?

Re:Quick! Whats the...

[by Anonymous Coward]

For kiddie porn you want to scan for small swaths.

Re:Quick! Whats the...

[TerranFury (726743)]

Once upon a time, a company did this, and sold their product to another corporation so that they could monitor employees' email. If I recall correctly, it ended in tears when somebody got sent baby pictures.

Re:Quick! Whats the...

[Facegarden (967477)]

'Human skin tones' is a pretty wide range though. Even just restricting it to 'white' people gives you a big range of colours if you consider the various shades of tan / sunburn - anything from deep red to pale white through dull brown. If you want to find naked black- or yellow-skinned people then it's an even bigger range. If something is blue or green you could probably guess it's not naked skin (unless the person is bruised, or wearing body paint), but without factoring in shape as well it's pretty difficult to tell if something is human coloured or not.

Actually, human skin is pretty much all the same hue, it just has different saturation levels. If you convert each image to HSV from RGB, you can just look at the hue component and people all pretty much look the same. This is common in computer vision techniques for identifying skin.
-Taylor

Re:Quick! Whats the...

[d3ac0n (715594)]

Well technically, I think we've all been IN one at least once in our lives, females included. However I suspect that's not the point you were going for.

Re:Quick! Whats the...

[KeithJM (1024071)]

I was a C-Section baby, you insensitive clod!

Helix

[davrodg (889968)]

Helix can do most of the "breath test" functionality referred to, and is a great forensic Linux distro. Helix is also considered a viable method in which to capture data that is consistent with the chain of custody that is required for evidence to be presented to a Judge. Check it out... http://www.e-fense.com/helix/Download.html [e-fense.com]

forensics

[Lord Ender (156273)]

Computer forensics is hard, expensive, and time-consuming. I would guess this is just a tool for cops to save cash in criminal investigations compared to hiring an expert, or at least to triage which systems need to be investigated by an expert.

Also, if your friends are IT staff and your online watercooler is slashdot.org, you may think everyone but the "dumb ones" knows how to encrypt a drive. But the reality is that the vast majority of criminals have never heard of Truecrypt.

Re:forensics

[Jabbrwokk (1015725)]

I think you are correct. Most criminals are dumb. And I think you're right about this being a cash-saving tool. From the article:

The design concept is that any police person with adequate training could use the tool, so that when they go into a crime scene they can quickly review a computer for illicit images or videos.

Sounds like it relies more on officers' eyeballs than algorithms to do a quick scan for anything obvious. This tool will help them quickly move through the easy stuff, and allow them to focus time and resources on the more sophisticated criminals. [gulf-times.com]

Psych-Ops

[unlametheweak (1102159)]

The article offers no details on what means the software uses to identify suspicious files.

I highly suspect that the police don't want people to know the details of how sophisticated their technology is because they don't want to embarrass themselves. Keeping an aura of mystery and FUD around themselves and their techniques is also a form of psych-ops; it's the chrome facade of a lemon.

Re:Randoms searches, Yay.

[SupremoMan (912191)]

Now everybody in Australia is guilty until proven innocent!

I thought that was the founding principle of Australia :)

Re:Randoms searches, Yay.

[Maclir (33773)]

Remember, we were selected by the best judges in England...

The difference between the USA and Australia - first, England rounded up all of it's religious fanatics, and sent them to the American colonies, then they rounded up all of these criminals, and send those to the Australian colonies....

Re:Randoms searches, Yay.

[russ1337 (938915)]

on a flight from DFW to LAX, I was recently asked by the American in the seat next to me 'where New Zealand got it's heritage - because, you know, Australia was a criminal colony'.... my answer: oh, dont mess with New Zealand...

Australia rounded up its worst criminals and sent them there...

Re:Randoms searches, Yay.

[onkelonkel (560274)]

So the Australians won the coin toss and got to pick?

Based on this I propose the following test...

[syousef (465911)]

The difference between the USA and Australia - first, England rounded up all of it's religious fanatics, and sent them to the American colonies, then they rounded up all of these criminals, and send those to the Australian colonies....

In those grand traditions I propose the following test...

Turn the laptop on, tie a large weight to it. If it floats, it's a witch! Burn it! If it sinks it's innocent. Pity it didn't survive.

Re:Randoms searches, Yay.

[by Anonymous Coward]

What the parent poster is trying to illustrate is that when a particular type of humor that roughly fits the phenotype of a reductio ad absurdum, or farce, in modern parlance, and, further, is based upon the implication of knowledge, which creates the perception of an 'inside joke', magnifying said statement's entertainment potential, has the piece of knowledge, previously conveyed via implicit communication, explained explicitly the statement so doing actually assumes the full weight of the previously mentioned 'absurdum', leaving only a fact and a non sequitur.

In other words, it's not funny when you explain it, but thanks!

(Notes to subsequent posters: a formulaic representation where the function of the humorous statement is subsequently undermined by the explanation and proved untrue (or similar), while funny, would have taken a bit more time than today's actual work-a-day requirements would allow. I would however be pleased to enjoy another's attempts to compile such an argument.)

Disclaimer: This message is intended as humor and not flamebait, contrary to the anonymity assumed during the posting of said message. Furthermore, contrary to what is stated above, this post is the opinion and property of Slashdot. (Just kidding on that last part.) :)

-HH

Re:Australia seems to be a pretty repressed countr

[Spatial (1235392)]

Might want to avoid the US and the UK as well.

Re:A porn breath test?

[GameboyRMH (1153867)]

<horribleacting>
<cheesysoundtrack>

*WEEW*

"License and registration please...are you drunk ma'm?"

"No Ociffer, I swear to Drunk I'm not god"

"Step out of the car please. I'm giving you a breathalyzer test. I need you to blow on this"

"Wait...wut...come on I just want to go home"

"Well if you don't want to do the breathalyzer I can give you a balance and mental aptitude test..."

"Come on just cut me a break, I live just down the road, outside of these dark woods on this lonely country road"

"Well OK, but if you want me to skip the breathalyzer, I need you to blow on _this_"

</horribleacting>
</cheesysoundtrack>

Re:A porn breath test?

[mrchaotica (681592)]

Your post contains invalid markup: you can't interleave tags like that.

Re:Can't be challenged forensically?

[LrdDimwit (1133419)]

The minute you change the contents of that hard drive, you open the door to claims of tampering with evidence. "Your honor, the kiddy porn only showed up after the police 'inspected' it. They planted all of it." That's what 'chain of custody' means. Police have procedures to follow to ensure that evidence can't be tampered with.

Good meatspace analogies would be OJ Simpson's DNA showing up on evidence only after he gave a blood sample. More hypothetically, say the cops take your backpack as evidence. What happens to it? Well, it sits in a police warehouse storage facility somewhere, possibly for months. If any cop has access to that backpack on demand for this whole time, then there is effectively have no way to prevent someone from stuffing the bag full of drugs. No accountability. So for meatspace evidence, there are very strict rules that say you have to keep track of every person who has access to that piece of evidence. There can be no exceptions.

The equivalent in the computer forensics world is that you have to guarantee you didn't alter the original equipment's hard disk. Proper forensic analysis involves making a *copy* bit-for-bit and then analyzing this copy. The new thing here is a bootable CD that presumably has been rigorously tested and certified (by who, I couldn't say) that it literally cannot modify the hard disk.