US District Court Says Calculating a Hash Value = Search 623
bfwebster writes "Orin Kerr over at The Volokh Conspiracy (a great legal blog, BTW) reports on a US District Court ruling issued just last week which finds that doing hash calculations on a hard drive is a form of search and thus subject to 4th Amendment limitations. In this particular case, the US District Court suppressed evidence of child pornography on a hard drive because proper warrants were not obtained before imaging the hard drive and calculating MD5 hash values for the individual files on the drive, some of which ended up matching known MD5 hash values for known child pornography image and video files. More details at Kerr's posting." Update: 10/28 16:23 GMT by T : Headline updated to reflect that this is a Federal District Court located in Pennsylvania, rather than a court of the Commonwealth itself.
It's good to see. (Score:5, Informative)
The courts are finally getting up to speed on technology.
Re:It's good to see. (Score:5, Funny)
Re:It's good to see. (Score:5, Informative)
It's not that child pornographers shouldn't be prosecuted, but like it or not, they're still entitled to the same due process as normal, "non-pervert" criminals. This "it's for the children" stuff shouldn't fly when we claim to follow the rule of law.
Re:It's good to see. (Score:5, Insightful)
It's not that child pornographers shouldn't be prosecuted, but like it or not, they're still entitled to the same due process as normal, "non-pervert" criminals. This "it's for the children" stuff shouldn't fly when we claim to follow the rule of law.
And anything we can do to deflate the "think of the children" hysteria will help protect our society. It's not that protecting children is a bad thing, it's that turning people into frothing flesh-rending mobs at the drop of a hat is a bad thing. If I were a nasty sort of black-hatted individual, the quickest way I can think of for destroying an enemy would be planting kiddie porn on his computer and dropping a dime to the authorities. Kiddie porn will be the new "baggie of drugs to plant on a perp." I wouldn't be surprised to see cops dropping usb drives on accidentally shot guys. "No, don't worry, I just planted kiddie porn on the guy. Disciplinary action? We'll probably get a medal for this."
Incidentally, your tagline: "Ein Volk, Ein Reich, Ein Messiah." Is that an inept slam against Obama?
Re:It's good to see. (Score:4, Interesting)
Or, a good excuse to turn a neighbor or family member in to the party. It wouldn't be hard for private citizens to plant evidence in that manner, either.
Incidentally, your tagline: "Ein Volk, Ein Reich, Ein Messiah." Is that an inept slam against Obama?
Actually, given that the Nazi's brand of national socialism was ideologically very similar to Soviet Communism in many ways, I think I prefer this [youtube.com].
Re:It's good to see. (Score:5, Insightful)
>>>>>The man was clearly guilty
A lot of you are missing the point, so let me put it in bold:
Without the requirement for search warrants (obtained from an impartial judge), the police, FBI, or other government officials/politicians can go from house-to-house-to-house taking PCs simply because they feel like it. Do YOU want to be a victim of these random, harassing, and very inconvenient confiscations. I certainly Do Not! The Constitution was written because that's precisely what was happened in the 1760 and 1770s, and the American people were stick and tired of the bullshit.
"[Our government] has erected a multitude of new offices by a self-assumed power, & sent hither swarms of officers to harrass our people" - Declaration of Independence, 1776
So they setup a Supreme Law of the Land that would prevent this from ever happening again.
Hate to rain on your parade... (Score:4, Interesting)
But the recent civil forfeiture provisions for copyright infringement they're trying to get signed (maybe already signed?) into law will allow them to do the same thing. The Feds can already seize your property on the mere suspicion that it is being used for illegal drug activity, and are not required to even file charges. When said seizure happens, the burden of proof is on the owner prove that it wasn't used for illegal activity.
Re: (Score:3, Insightful)
This sort of thing is all part of the move to the "New World Order" that presidents like Bush have spoken about fondly in several speeches in the last decade.
The majority in the USA apparently haven't learned from history, so now we're doomed to repeat it.
I predict a quick slide towards Socialism in U.S. govt. over the next 4-8 years. Our Constitution doesn't sound ALL that different from the ones written for countries like the U.S.S.R. Like them, we'll reduce it to a piece of paper that is only paid lip
Re:It's good to see. (Score:5, Funny)
Without the requirement for search warrants (obtained from an impartial judge), the police, FBI, or other government officials/politicians can go from house-to-house-to-house taking PCs simply because they feel like it. Do YOU want to be a victim of these random, harassing, and very inconvenient confiscations. I certainly Do Not! The Constitution was written because that's precisely what was happened in the 1760 and 1770s, and the American people were stick and tired of the bullshit.
Who cared if the Brits were confiscating PCs, with no electricity to run them anyhow?
Re:It's good to see. (Score:5, Insightful)
Speaking of frothing.... This wasn't an "active choice" to free a child molester it was a judge using common sense and realizing that this was a search without a proper warrant and throwing it out just as he would\should if an officer kicked your door down without a proper warrant.
Troll indeed!
Re:It's good to see. (Score:5, Informative)
also, wouldn't this type of search be pretty useless for identifying kiddy porn images?
md5 hashes are useful for verifying a binary package is in fact what it is supposed to be because it's hard to create a fake or altered program that produces the same md5 hash number as the authentic copy. so it's useful for verifying a "good" file, because presumably a good file won't try to deceive you, and a bad file can't reproduce the same md5 hash.
however, with something like a digital photo, all a user has to do is make a few very minor alterations (like a small watermark) to the image and it would produce a different md5 hash--essentially exploiting the inherent design of the md5 hash algorithm--and be missed by the md5 scan. these small changes could be as simple as flipping a single bit in the file, but with a standard 24-bit RGB bitmap image, each pixel is stored as three 8 bit values representing the red, green, and blue color channels. by flipping the least significant bit in each channel, you can alter up to 1/8th (12.5%) of the file without creating any perceptible changes (to human eyes at least) to the displayed image.
another method would be to employ lossy compression schemes like JPEG image compression. convert all your images to JPEG (or if they are already JPG, just compress it again at minimal compression strength) and the MD5 hashes will be completely altered. yet another method is to resize the image by a small amount--say reduce both width and height by just 1 pixel--using bicubic interpolation to scale the image up or down would preserve the image quality while completely changing the md5 signature of the file.
all of these methods would be simple to automate and allow you to easily hide known child porn images from detection using md5 comparisons.
Re:It's good to see. (Score:5, Interesting)
Actually, it looks like a pretty good search technique. It's fast, easy to automate, probably a low percentage of false positives, and can be used to link perps together through shared files. As you note, it would be easy for the pervs to block, by dropping a few bits, but I suspect it would be effective for a while.
It's still a search, with all that goes along with that. But it's probably better than having Officer O'Reilly deciding that your picture of your daughter playing at the beach sans diaper is porn.
Re: (Score:3, Interesting)
In addition is should be noted that almost by definition, the smart ones aren't caught. Thus making the assumption that most criminals are !smart, it would follow that they do not alter the exif field to create false MD5 sigs.
On a flip side, would it be possible to get the known "bad" MD5's then using a rainbow table, create innocuous files that equate to the "bad" hash, similar to the self recursive web page that pretends to host madonna.mp3 to trap RIAA spiders?
-nB
Re:It's good to see. (Score:5, Insightful)
Actually, it looks like a pretty good search technique.
No, it's a pretty shitty one. Here's why:
Re:It's good to see. (Score:5, Insightful)
It's preposterous to assume that any lawyer defending a client accused of possessing child porn would throw up his hands in the face of the authorities only identification being based on a hash. Any non-retarded person would ask the next logical question: did you actually look at the image/video and verify?
This method is a convenience search. The authorities still have to go through all the other steps to identify and verify child porn. If anything this search method is more likely to make authorities lax and catch less people with child porn.
Re:It's good to see. (Score:5, Interesting)
Yes, easy, but many of the porn collectors aren't going to be bothered with actually doing the edit...
So, go out and make a program that will automatically change a few bits in each file in a directory. Make it a TSR, and watch for all files in a directory. Sell it, profit.
Then the fbi will be after your list of customers (child porn collectors) because it's more complete than theirs.
Shit, the FBI should write this program and sell it from a fake company.
Re:It's good to see. (Score:5, Funny)
Make it a TSR, and watch for all files in a directory. Sell it, profit.
TSR? What?! Are you still using DOS as your main OS in 2008?
Today we call stuff that run in the background while you do other stuff "Programs", "Services" or "Daemons". Get with the times, man.
Re:It's good to see. (Score:5, Funny)
TSR? What?! Are you still using DOS as your main OS in 2008?
Today we call stuff that run in the background while you do other stuff "Programs", "Services" or "Daemons". Get with the times, man.
Note the user ID of 1263. I believe you're on his lawn.
Re:It's good to see. (Score:4, Funny)
I'm posting this as text at 300baud. TSR takes 10 seconds less time to tx than "programs", "services" or "Daemons" ;)
Beside, you knew what I was talking about, and so did eveyone else here worth a damn ;)
Re:It's good to see. (Score:4, Funny)
If he shot you from his porch and no one came to pick up your body, would it be a case of Terminate and Stay Resident?
Re:It's good to see. (Score:4, Informative)
I used to work in an australian court. And I remember a judge in tears throwing out a paedophile case where the guy was *clearly* guilty as hell, but the prosecution had bungled it so badly it couldn't' possibly be presented to the jury in that state. Afterwards she practically broke glass screaming at the prosecutor.
Afterwards I asked her about the case and she told me that although she was bitter , even the worst of scumbags deserve a fair trial, and that fair trial wasnt it.
Later that year they retried the case properly and the guy got 20 years.
Re:It's good to see. (Score:5, Insightful)
Those who deal in child pornography and prey on children are, to my mind, some of the worst exxamples of humanity out there. I wouldn't bat an eye if they increased the prison sentences for them to life or allowed capital punishment. But it still has to remain within the bounds of our laws, the core of which is the Constitution.
Re:It's good to see. (Score:5, Insightful)
Those who deal in child pornography and prey on children are, to my mind, some of the worst exxamples of humanity out there. I wouldn't bat an eye if they increased the prison sentences for them to life or allowed capital punishment. But it still has to remain within the bounds of our laws, the core of which is the Constitution.
Granted. Those who take advantage of, say, 5-year-old kids should be flayed and burned where they stand.
It's the grey areas that concern me, though. The difference between a naked 17-yo and a naked 18-yo is 15 years in jail vs. perfectly legal. If you have a picture of a kid a day before his 18th birthday and a day after, what's the huge difference that makes you a heinous pervert vs. just another horney guy?
Re:It's good to see. (Score:5, Interesting)
You have to set the bar somewhere, and then stick to it. Sure, you can be more lenient on edge cases, but you still need to say "the limit is X", or the whole legal system is a farce made out of "fuzzy rules we're kind of supposed to follow".
In particular, when we get to the 17-yo case, it's as simple as this: did you think, in good faith, that she was of age? If yes, you should be home free. We're talking reasonable doubt here. It's reasonable to think a 17-yo is 18 or 19. If it was publicized as kiddie porn in any way, I don't care if she's 15 or day shy of 18. You had the information available, you're screwed.
Re:It's good to see. (Score:4, Insightful)
You have to set the bar somewhere, and then stick to it.
Begging the question.
Sure, you can be more lenient on edge cases, but you still need to say "the limit is X", or the whole legal system is a farce made out of "fuzzy rules we're kind of supposed to follow".
Many legal rules are not clear cut, that's why judges are not computers.
First of all, penal law is immoral, only the victims should have a claim against their aggressor. The victim should present the damage in front of a judge, establish the lack of consent, and the verdict set accordingly.
Child molesters cause terrible harm, and should be punished accordingly. It is however less obvious that the average pedophile pervert who consumes the product of these crimes commits a real crime himself. While they deserve contempt it is unclear if they deserve jail.
Re:It's good to see. (Score:5, Insightful)
First of all, penal law is immoral, only the victims should have a claim against their aggressor. The victim should present the damage in front of a judge, establish the lack of consent, and the verdict set accordingly.
Be careful with absolutes like that. You just legalized murder, beating somebody to the point of brain damage, racketeering where victims are too afraid for their own safety or that of their loved ones to take people to court, etc.
Perhaps you were only referring to the kiddie porn issue and suggesting that 5 year olds should file charges against their exploiters (often their parents), but even then it's a stance that's kind of hard to understand.
Re:It's good to see. (Score:4, Interesting)
Or, just replace "victim" with "victim or legal representative of victim".
I don't think his point was that the victim needed to necessarily be present, just that the consequences should be compensatory, not punitive.
(Note: I am not endorsing his point of view, just trying to clarify his position.)
Re:It's good to see. (Score:5, Insightful)
In particular, when we get to the 17-yo case, it's as simple as this: did you think, in good faith, that she was of age? If yes, you should be home free. We're talking reasonable doubt here. It's reasonable to think a 17-yo is 18 or 19. If it was publicized as kiddie porn in any way, I don't care if she's 15 or day shy of 18. You had the information available, you're screwed.
We're living in a world where a daycare center was razed to the ground and then the ground was dug up to a depth of several feet looking for 'tunnels' where satanic abuse was supposed to have happened (in addition to many other plainly fanciful events). Also, one where a minor girl was tried fro child pornography because she was found in possession of a nude picture of (drum roll please) HERSELF!
It's all too necessary to replace a smudgy grey line with finer gradations to prevent some of the crazier 'for the children' police and court actions.
Re: (Score:3, Insightful)
Your attitude scares me. Nobody should be flayed and burned at all, much less where they stand.
Everybody deserves a trial. And everybody who is found guilty at a trial deserves punishment which is not cruel or unusual.
At the risk of Godwinning the thread, they didn't flay or burn the top Nazi leadership. They gave them trials, then hanged or imprisoned them. These people were responsible for far worse crimes than "taking advantage" of a single five-year-old child, but we didn't think that their punishment s
Re:It's good to see. (Score:5, Insightful)
And the hell of it is, the 22 year old that accidentally slept with a 17 year old; well, he's still going to be forbidden to see his 12 year old sister until she grows up. He's still going to have to find some place to live that's not within ten miles of schools.
These sorts of liminal states are just going to come up more and more, and to be bigger and bigger problems, partly due to the utterly awful sexualization of girls' clothing. At this point, the difference between a 15 year old's clothing and an 18 year old's is likely that the 15 year old's clothing is skimpier and sluttier.
We need to do two things; we need to make some judgments that are currently just binary, i.e. either you're sex offender registry or you're not, into more gradated judgments. And we need to work to reverse the societal trends that are driving people to consider banging people at the edge of consent (and beyond) optimal.
Re:It's good to see. (Score:5, Insightful)
Well, to my mind, they are still fellow human beings and fellow citizens who deserve every moral and legal right as to the rest of us.
I would shed a tear for each such measure as yet another branch was torn from the tree of liberty. I would mourn the needless waste of human life.
The law, and even constitutions, are ultimately subject to the will of the people. People like you and others in this thread who would rather join a rabid mob than go against one and stand up for what is right. If you're too afraid of unpopularity, or condemnation, or guilt by association, to defend the rights of others, then you don't deserve a single one of those right yourself.
You, and every poster in this thread panders to hysteria by sycophantically declaring your own inflated revulsion at these crimes. Every time you do so, you further strengthen the forces that are eating away at the foundations of law and freedom in the western world. No reasonable person need declare their revulsion for these crimes. Yet everyone insists on doing so, loudly and explicitly at the earliest opportunity.
Because they are afraid.
"Find out just what a people will submit to, and you have found out the exact amount of injustice and wrong which will be imposed upon them" - Frederick Douglass [wikiquote.org]. The west has submitted to the howls, intimidation and demagoguery of the Outrage Brigade. We will suffer whatever injustice or wrong they now choose to impose upon us, and it seems, will do so indefinitely. Please read the rest of the Douglass quote, and think next time before you obediently proclaim your moral standing.
Re:It's good to see. (Score:5, Insightful)
I also find this "hang 'em high" attitude troubling.
Those who used and abused real children for porn or any other purpose are the ones who should be in trouble. Think Oliver Twist. I have heard that in Africa, some have used children as soldiers, training them to commit atrocities, and even occasionally using them on suicide bombing missions. Next to that, the transgression of merely having data seems pretty mild. That crime may be on the order of buying diamonds from murderous regimes. I have heard of some countries (Indonesia) imposing the death penalty not only for dealing drugs but simply for using them, so desperate were they to stop the damage drugs were doing to their society. I can't see child porn reaching quite that level of danger to society.
The data may not even have been purposely collected or known about by the holder, and that person is therefore just as much a victim if railroaded into jail over it. Many have pointed out this possibility.
There are many other possibilities. Suppose the data is actually pediatric medical records? We might have a respected children's doctor behind bars or even shot before anyone realizes it's a mistake.
Suppose the possessor of the data really is into child porn. But what if the pictures are all generated, and no children were involved in any way in the making? Then what? Or, what if we discover a way to "cure" pedophilia? I would guess many pedophiles hate themselves, and wish they didn't find children attractive, and would jump on such a cure if it existed. Alcoholics have similar feelings about their cravings. But of course impossible to cure someone if they've already been hastily executed in a fit of righteous indignation.
Re:It's good to see. (Score:5, Insightful)
And now we see exactly what your protestations of outrage are really all about. You would force the rest of us to stand to attention behind you or risk having the vilest of accusations thrown directly against us. You are a pitbull of social reactionaries who will use any weapon, no matter how odious, to chip away at the foundations of our free society and who will without conscience pass within a hair's breath of libel so as to cut most deeply without risk to yourself.
You, and people like you, are destroying the western world, one pointing finger at a time.
Re:It's good to see. (Score:4, Insightful)
And now we see exactly what your protestations of outrage are really all about. You would force the rest of us to stand to attention behind you or risk having the vilest of accusations thrown directly against us. You are a pitbull of social reactionaries who will use any weapon, no matter how odious, to chip away at the foundations of our free society and who will without conscience pass within a hair's breath of libel so as to cut most deeply without risk to yourself.
You, and people like you, are destroying the western world, one pointing finger at a time.
You seem to forget that the less outrage you use against such a thing, the more likely people are likely to see you as one of THEM.
And when being even thought of as "one of THEM" can lead to harassment and even being killed, it's easy to see why people are so rabid to call for the deaths of "them" so they can spare themselves.
Re:It's good to see. (Score:5, Insightful)
You misunderstand the parent post. He's not saying, "it's only children, who cares," he's saying, "whether or not it's children has nothing to do with whether a suspect's constitutional rights should be violated."
The thing is that you don't have perfect knowledge of whether the suspect is a child pornographer or not. Lacking perfect knowledge, you should seek it out by following the appropriate channels.
If you are sure that someone is involved in any crime (whether or not it involves children), you should be sure enough that you can convince a judge to issue a search warrant. If you don't have enough evidence to convince a judge to set aside this person's rights, then you shouldn't just go ahead and set aside those rights even if you're really, really sure.
That's due process. That's how we protect the rights of innocent citizens from being abused by the power granted to police and other government agents. It completely doesn't matter what the nature of the crime you're investigating is. I'll say that again. It is wholly immaterial what crime you suspect someone has participated in; if you don't have enough evidence to convince a judge to issue a search warrant, you should not take the law into your own hands anyway.
The only time you might convince me otherwise is if there was an imminent threat - such as in the case of kidnappings or (since you're talking about child porn), a live feed of a child being abused, and the only as far as is necessary to secure the immediate safety of that child. This again has nothing to do with it being children though - this is just as true in my mind for securing the immediate safety of adults.
Re:It's good to see. (Score:5, Insightful)
They didn't know that when they violated his constitutional rights. I'm not talking about whether or not he was guilty... I'm talking about whether or not they had a right to look at all - and without a warrant, they didn't.
The 4th amendment doesn't get suspended just because you incant the word, "children."
Re:It's good to see. (Score:4, Insightful)
No, just terrorism and border security.
Cheers
Re:It's good to see. (Score:5, Insightful)
You're speaking in the past-perfect tense. You're speaking only with perfect knowledge of what transpired.
The problem is that is not how decisions are made. Decisions are made with imperfect future knowledge. When they decided to search this guy's computer, the did not know if they would find evidence of child pornography. Whether or not they found anything, once again, is completely irrelevant to whether they should have looked at all, because you cannot know before hand if you will find anything; you can only suspect you will.
I agree, there is a balancing act, and we should balance the rights of victims with the rights of criminals, but also with the rights of non-criminals. Fortunately exactly how we balance that is very clearly defined for us by the legal system. When you suspect someone has committed a crime, and you need to violate their 4th amendment rights to prove it, we have this excellent system already set up to facilitate it. It's called the warrant system, and its whole purpose is to balance the rights of victims with the rights of citizens which we do not yet know to be a criminal or not.
You're completely ignoring an entire class of citizen. There's victims, criminals, but most significantly there are people who are neither. THAT is the purpose of the 4th amendment.
I'm not saying, "4th amendment, therefore you can never search," I'm saying, "4th amendment, therefore you need to follow the procedures we have in place which provide checks and balances to protect innocent citizens from abuse by people in authority."
If this guy wasn't a criminal, he still would have had people searching his stuff. Or maybe you don't believe in privacy for innocent citizens at all. If that's the case, then you and the 4th amendment are incompatible, and you should return to Tudor England and stop taking advantage of the freedoms the blood of patriots have purchased for you.
Re:It's good to see. (Score:5, Insightful)
>>>the guy had the pictures on his computers. guilty... it's pretty cut and dry.
I agree. In fact I think the police should continue their search for child porn, and start searching all 110 million homes in America, confiscating PCs without search warrant, and comparing hash values on the drives.
We'll start with your house first.
What's that? You don't want the inconvenience of warrantless searches and losing your PC for a month while its scanned? WELL NEITHER DOES ANYONE ELSE YOU DURNED FOOL! That's why the requirement for a judge-issued warrant exists; to stop the government from going house-to-house-to-house harassing citizens!
DUH.
The government is the People's Servant, not the other way round.
Re:It's good to see. (Score:5, Insightful)
I could hack into your computer and plant pictures. Then you would have the pictures on your computer. Are you then guilty? Is that situation cut and dry?
It seems to me that most people, on this site and elsewhere, don't really believe in evidence, due process, or innocent until proven guilty. They think that suspects are guilty, period. The rest of the stuff is just a formality meant to please the judges. According to this attitude, if the crime is heinous enough and the publicly-available evidence damning enough, the trial becomes redundant and pointless.
This attitude, quite frankly, scares the everliving shit out of me. Everyone deserves a fair trial, and that means properly obtained evidence. You can't simply throw this out because you think a particular crime is really extra special bad.
Re: (Score:3, Insightful)
But how do you know the guy had pictures on his hard drive? How did they get there? (Some else mentioned that planting Child Porn on someone's computer would be a great way to ruin their life.) Can the photos be admissible as evidence in a court of law?
Plus, there's the risk to the person's reputation if you are mistaken. Suppose the police didn't need a warrant to seize and search personal belongings. A police officer might arrest me and seize my belongings based on some flimsy connection (say, one of
Re:It's good to see. (Score:5, Insightful)
And nowhere in the post you quoted was the inference that you applied to it, you're one of the "frothing flesh rending mob" if you believe what you state about the post in question.
No one, not even the leftiest lefty on the left of a leftie is arguing that crimes against children are not abhorrent (maybe my grammar is though - double negatives aside).
The issue here is "do the ends justify the means?" While you may agree that anything should be permitted to catch and convict child molesters and kiddie porn collectors, you have to watch the slippery slope.
If a law enforcement agency can scan your drive and compare MD5 sums without a warrant, you have removed due process from the equation - one of the things that you are entitled to in the US justice system, regardless of your suspected crime, because like it or not, you are innocent until proven guilty.
This whole bollocks of "if you have nothing to hide, you won't mind" is bullshit. If they come to scan your drive with no proof to justify a warrant then they might as well just say that everyone's drives need to be scanned when the law asks, and if they find anything that flags you, you then have the burden of proof on yourself to assert your innocence.
It just doesn't (or shouldn't) work that way.
Do I want child molesters arrested and put away? Absolutely. Do I want them to be arrested through an illegal search of their property? Absolutely not.
It's a hot button issue, much the same as terrorism - we're in danger of severely crippling our society if we stoop to "prove you're not a terrorist/child molester/communist or we'll lock you up!"
Re:It's good to see. (Score:5, Insightful)
These children will have to one day live with the mess that we have created for them in their name.
Re:It's good to see. (Score:5, Insightful)
They are the hopes and dreams of the parents who raised them, the future of our society, innocent and worthy of our very best efforts to protect them.
Everyone agrees children need to be protected. But that's not the least bit topical given the context. Just the same, no child in inherently innocent; and that is not a sexual reference. That's a flawed Western-Christian philosophy. I've known far too many children that were far from innocent and far too many parents dismiss their actions simply because they are "innocent children." That child then grows up to be a monster of an adult.
So please stop with the "innocent child" bullshit. Ignorance is not heavenly innocence. A child is well behaved and "good", very poorly behaved and "bad", or fits somewhere in between. Many children have at least some understanding of their actions at very early ages and that doesn't suddenly change at age 18. Even if a child doesn't fully understand the ramifications of their actions (example, pull trigger = death), many do understand it is not something they should be doing - assuming the parents were doing their job in the first place.
Re:It's good to see. (Score:5, Insightful)
You know, you're right. And I think *you* are a child molester. So much so that I'll report you to the police. Under the new Think of the Children Act, the police I tipped off will be at your door to kick it in, drag you out of your house, and shoot you dead at the side of the road. What, you don't like this idea? Then you support child molesters!
You see how it works? Due process is needed for everyone, no matter how vile.
Re: (Score:3, Informative)
Not to feed the trolls, but Mumia Abu Jamal was arrested and held under the authority of the Commonwealth of Pennsylvania, Obama, as President of the United States, cannot pardon him for a State offense, only a federal one:
Re: (Score:3, Insightful)
Honestly, I'd have to question the humanity of someone who is NOT outraged by any crime against a child, and least we can understand now that, that, given the active choice to let child molestors walk, that, all this other so-called liberal talk about children is a lie.
I agree completely, but with the caveat that due process trumps every other concern. We can't protect children - or anyone/anything else - unless we ensure fair trials for everyone. This guy is probably a creep who should be taken out back and beat down, but we don't know that, largely because the prosecution screwed up while gathering evidence. And since tainted evidence is the same as no evidence, we can't prove that he actually did anything.
If you want to get angry, aim at the police and prosecutors w
Re:It's good to see. (Score:4, Interesting)
Indeed. There can be people with child porn on their machines who are totally innocent. ... and a myriad of other possibilities.
I can envision at least a dozen scenarios, including (but not limited to):
- Irate ex-wife planting the stuff.
- Refurbished drive which had only been deleted, not reformatted. Old stuff still (invisibly) in the \RECYCLER directory.
- Someone running a transparent proxy for their open wi-fi, to increase speeds and minimize the impact of sharing.
- Browser cache, where a remote site has put child porn in a sprite sheet or similar used to display ads. The user has never seen it, and thus not deleted it either.
- The user might be the rightful owner of the material, which is illegal only in other people's possession. A father having a picture of his own children, nude, will usually not be child porn. If someone copies the images and uploads them somewhere, they become child porn. But the original images aren't.
But that, or whether the guy is guilty or not is all besides the point, which is that without a warrant based on reasonable suspicion, no-one should have a right to inspect anything. The heinousness of the crime must never be allowed as an excuse to bend rules, or innocents will suffer.
Re:It's good to see. (Score:4, Interesting)
As a parent, I disagree. What's in the best interest of my daughter is growing up in a society that is free from the type of madness and baseless hysteria that forms the remainder of your post.
They are the hopes and dreams of the parents who raised them, the future of our society, innocent and worthy of our very best efforts to protect them.
Absolutely, and that includes remaining a society and not a festering mob. It includes not throwing out civil liberties and due process of law just to punish people we don't like. I don't like presidents that spy on Americans, and feel that it's in my best interest that Bush be brought to trial, but I don't see any slavering "conservative" mobs backing me up. It's much more likely that she'll live in a police state than she'll be molested by a stranger.
Honestly, I'd have to question the humanity of someone who is NOT outraged by any crime against a child
Who isn't outraged by this crime? But, that doesn't mean I can't be outraged if the perp's civil rights were violated, especially in this case. There are other shades than just black and white. How often have we read stories of people who went through "the system" for child porn that they could provide reasonable explanations for being there, such as malware? The law's priority IS to ensure the innocent aren't harmed...even if they've been falsely accused of having child porn.
That being said, pedophilia is a mental disorder that needs to be treated, not punished. I question the humanity of any person that can't see that some things can't just be wished, or locked, away and forgotten about.
and least we can understand now that, that, given the active choice to let child molestors walk, that, all this other so-called liberal talk about children is a lie.
Actually, it's the conservative churchies who are more likely to scream "think about the children" than the liberals. Despite what the Ministry of Truth (Fox News) tells you, "liberal" is not a dirty word. Liberals gave women and blacks equal rights. Liberals ensure that you, as a citizen, get a fair day in court. If, however, you're stinking rich, the 'pubs will be happy to bail you out...even if you ARE a child molester as lot of them have been found to be of late.
They aren't interested in trying to save anyone, not the working man or the children. They are a cancer who deliberately brings countries down and ruins cultures in order to secure power for themselves.
I thought you were talking about liberals here? This description matches the actions of the "conservative" party over the last decade and a half.
You just wait until Obama pardons Mumia
Having grown up in Philadelphia and having a fair number of relatives who serve on the Philadelphia police force, and the police forces of neighboring areas of New Jersey...well, I'm not going to defend Mumia...but I can tell you first hand that brutal racism is rampant in the people who are sworn to serve and protect in that area. My own family members and their friends on the force are sufficient proof to me. I know we like to live in a fantasyland where that's not true, but until you see it firsthand, you have no idea what you're talking about. But, given your other statements, that's not a hard argument to make.
Re:That's a terrible argument (Score:5, Insightful)
Or maybe get a proper warrant and follow procedures properly? Sorry, I am no fan of kiddie abusers but if we bent the rules the way you'd like them for this instance then what comes next? I break down your door as an officer, find nothing, and suffer a fine for having made a mistake? Sorry, the officers must follow rules same as you and I or they will become simple bullies. Oh wait....
Better a few guilty men go free on a technicality than allow officers to become a law unto themselves.
Re: (Score:3, Informative)
Better a few guilty men go free on a technicality than allow officers to become a law unto themselves.
The largest US gang [thinblueline.org] has a well documented [aclu.org] record [nytimes.com] that would seem to indicate your statement is out of date.
As another everyday example, here's a big surprise [georgia-sp...t-blog.com], no?
I'm not intending to troll/flamebait here, but MY perception is there is very little accountability for the 'on the job' crew in blue amongst themselves. It is also my perspective that there is very little integrity once one subscribes to the original meaning of the thin blue line [wikipedia.org].
Re:That's a terrible argument (Score:5, Insightful)
Quite honestly, the judicial tradition of suppressing evidence entirely because it was produced without a proper warrant is absurd.
So you're saying you have no problem with warrentless searches? Shall we continue this thought to it's logical extreme conclusion?
There's a reason the judicial system has the structure it does: so there's a strong trail of evidence, to ensure the rights of everyone involved have not been broken by law enforcement, to ensure nothing has been tampered with.
The law HAS to follow the law, otherwise what authority does it really have to enforce it?
Re:That's a terrible argument (Score:5, Insightful)
I apologize for interrupting the false dilemma here, but would it be a reasonable option to prosecute both the criminal who was caught and the cop who violated the Constitution to catch him? I know, I know, we've got two guilty people on our hands, and our natural, rational instinct is "let them both go unpunished, then set fire to our own hair"... but perhaps there's a way to disincentivize police excesses without giving criminals a get-out-of-jail-free card.
I suppose there's an argument that anyone who would violate the Fourth Amendment can't be trusted as part of a chain of evidence... but in that case, shouldn't the guilty cop be kicked off the force entirely, not just distrusted regarding a single case?
Those are just thoughts in general, though, not necessarily a recommendation for this particular case. Even if it was admissible, I'm not sure I'd want to prosecute someone with evidence like "Look at what we found on his computer, thanks to the help of some guys who felt cheated by him, took his computer, reported incriminating files to us, and totally pinky swear that neither of them put them there themselves."
Re:That's a terrible argument (Score:5, Insightful)
How would you feel about this man if it was your child's photograph on this man's notebook.
How would you feel if it was your laptop that was seized without a warrant? "Oh I don't have child porn" you say. Sure...but without that warrant the cops may just plant the evidence. Now what say you?
Or, that friend you let borrow your machine last week, remember him? Yeah, he's not the church going fun loving person you thought. On that USB key with all of his work related stuff was a nice folder of child porn. Its a good thing he copied everything to your machine so you could work together on that big project that boss is asking about.
Or, that teenager in your house, yeah dirty young man. He's out browsing the internet looking for pictures. He accidently clicks on a link with under age "actors". Fortunately, he's a good kid and backs out of the site right away. Didn't look at anything, didn't mean to go there. Hell, you've even trained him well enough to erase cookies and temporary files. Hear that knocking? Yeah, that's the police showing up without a warrent and taking your machine. Oh look, they just found deleted child porn images on your computer. You sick bastard.
Without the warrant you have one more leg to stand on to fight these charges. Its there to protect the innocent.
Re:That's a terrible argument (Score:5, Insightful)
>>>"Oh I don't have child porn" you say. Sure...but without that warrant the cops may just plant the evidence. Now what say you?
Even if they don't plant evidence, who wants to go through the hassle of losing their PC for one or two months while the cops scan it for hidden porn (or even stashed drugs). It's not about dishonesty by police, but stopping harassment of citizens. Nobody wants one or two months of their lives wasted just because the government agents have nothing better to do than grab private property.
"[the British government] has erected a multitude of new offices by a self-assumed power, & sent hither swarms of officers to harrass our people & eat out their substance;" - Declaration of Independence, 1776
Re:That's a terrible argument (Score:4, Insightful)
I'd like to just add on to your post, because I think otherwise part of your point may be missed. The reason this judgement is good is not because it protects people who have child pornography, but because it protects people who don't have it.
If you make an exception and say that it's ok to do otherwise illegal searches so long as you're looking for child pornography, then you've opened a back door for police to search *any* computer under the guise of looking for child porn. So then, some day in the future, some police officer would be able to take your computer without a warrant, scan your hard drive, and then say, "Well, we were looking for child pornography, so what we did was legal, but we found instead this other information. Since the search was completely legal, we can use that information against you."
In effect, it would mean that they wouldn't need a warrant to search computers anymore.
Re:That's a terrible argument (Score:4, Insightful)
How would you feel if it was your notebook I said had a picture of a child in it?
If our judicial system doesn't work right, we should fix it; I'm not taking a position on whether it works right in general. But let's assume we carefully figure out a set of rules and get our judicial system to work right for all manner of crimes from shoplifting to murder; rules that properly balance the rights of the (possibly innocent) accused. Turning around and throwing those rules aside for certain crimes is madness. That's what we mean by "think of the children" stuff: it doesn't help children any to do an intentionally bad job running the justice system for crimes related to children.
Re:That's a terrible argument (Score:5, Insightful)
"The law exists to serve the public good"
No, it doesn't. Government exists to uphold rights, and the law exists to provide government one of the tools to do that. Rights belong to individuals, not "the public".
What makes a child pornographer a criminal is the concrete harm he does to an individual -- not some abstract harm to "the public good".
The system is designed around that. The bill of rights gives weight to the rights of the accused for two reasons. First, it is the job of the justice system to protect everyone's rights -- to defeind the rights of the victim while still respecting the rights of the accused. Second, when we don't respect the rights of the accused, we tend to conflate "accused" with "guilty", and then nobody's rights (including the victim) are protected.
If you dont respect the rules of the system even when they make it harder to catch the bad guy, then you're really asking for a rule-less system that enforces your will. But watch out -- yours isn't the will that's going to prevail if the system heads that way.
"With this decision, the courts have just given license to all of those who kidnap or exploit children to make this pornography"
No, they haven't. They have not made child porn legal; they have reminded the authorities that they still have to do their job according to the rules even when it's a job that really needs to be done.
"How would you feel about this man if it was your child's photograph on this man's notebook."
If we left 'justice' in the hands of how those harmed by the crime feel, it would be revenge (which is not the same thing -- and which incidentally doesn't serve the "public good", either).
"the judicial tradition of suppressing evidence entirely because it was produced without a proper warrant is absurd. The man was clearly guilty and the evidence was there. Instead, fine the police for doing the wrong thing"
Here, I agree -- to a point. It doesn't change the fact that in the context of the system as it exists, the court's action is correct, though; today the remedy for illegal search is suppression of evidence.
But yes, I think holding law enforcement personally responsible when they violate the rights of the accused would be more just than penalizing the victim (and any potential future victims) by preventing a conviction when the accused really is guilty -- if such a system can be made to work.
There are two problems with that, though, which I don't know how to resolve:
1) Having performed an illegal search, which results in the conviction of a child pornographer, a police officer goes on trial. What jury will convict him? If the answer is none and that's ok with you, then you're really saying that the accused shouldn't have had rights in the first place.
2) Being personally liable for mistakes can create an incentive to do less work. I'm not saying this justifies a lack of personal accountability in general, but you do have to have a system in which the police are confident "if I do the right thing, I won't be punished". That's harder than it sounds.
No/few warrants is conceivable (Score:3, Interesting)
Re: (Score:3, Insightful)
How would you feel about this man if it was your child's photograph on this man's notebook
If you're going to bring emotion, kicking and screaming, into a discussion on legal procedure, let's go all the way: How would you feel if it was your Constitution being ignored?
Re:That's a terrible argument (Score:5, Informative)
What evidence? Some md5 hashes that happen to match hashes from a select number of images? Odds are if we hash out every file on your hard drive we will also find matches to that same list.
Actually, odds are the hashes will not match...
Re:That's a terrible argument (Score:5, Informative)
Odds yes.
But no guarantee.
A better check is hash and file size, since it is more difficult for two files of the same size to have the same hash by chance. Especially using compression due to images or videos of the same dimensions reducing to different sizes.
Hash and file size checks are useful for checking if a file is intact and possibly not altered. They are great for lookups.
But, in the end, you still need the file to validate the correct item is found. Hashmaps store both the key and hash for this very reason. The hash is a quick lookup, but the key is needed to verify the right element has been found.
Unless the hash is the same size as the key.....
Re:That's a terrible argument (Score:4, Interesting)
Odds of one innocent file's md5 hash matching one identified file's hash md5 is insignificant. But in this case we are talking about and entire hard drive's worth of files compared to a database of all known digital kiddie porn.
Take a PC that has been in heavy use for a few years, you might have a couple hundred thousand files, each of which could collide with any of the hundreds of thousands (millions?) of hashes for every known kiddie porn related file on the internet.
Think of it like rolling dice. Rolling a double 6 on a pair of 6 sided dice is a 1/36 chance, but rolling any doubles is a 1/6 chance.
The odds of any single file on your hard drive matching any single file they have on record is significantly better than a specific file on your hard drive matching a specific file they have on record.
-Rick
Re:That's a terrible argument (Score:5, Informative)
Yes, that's the birthday paradox. I'm not sure offhand how big the NCMEC database is, which is usually what they're comparing against, but let's try some math.
Let's say your hard drive has N files and the database has M items (so, comparing a list of N to another list of M hashes). Your hard drive doesn't actually contain any of the files used to generate the "bad" hash list. The probability of a hash collision is approximately P = 1 - exp( -N*M / (2 * 2^128) ). Assuming the value in the exponent is small, this is approximately P = N*M/2^129. 2^129 is in the rough vicinity of 10^43. In order for you to have a one in a billion (10^9) chance of a false positive, the product N*M would have to be ~10^34. If the hash list has a billion items (I think it's smaller than that, by quite a lot), you'd need 10^25 files on your disk -- well beyond the capacity of readily-available desktop storage.
MD5 hashes are useful because they're resilient to even birthday collisions. What they're not resilient to, it turns out, is intentionally creating two files with the same MD5 hash. (Even then, it is infeasible to generate two files with the same MD5 hash and the same size.)
Re:That's a terrible argument (Score:5, Insightful)
To exceed a .1% chance of finding a match with MD5 (a 128-bit hash) you would need to compare
n(p;H) ~ sqrt( 2*H*ln (1/(1-p)) )
n(.001;2^(32-1)) ~ 2^60
pictures. So to have a .1% of finding a collision of a legitimate picture and malicious picture in the FBI database one would have to compare about 830,000,000,000,000,000 pictures (8.3*10^17). You don't understand what it means to say that "MD5 is broken." Please leave the cryptography to the cryptographers.
Re:It doesn't matter. (Score:5, Insightful)
so you mean youre scared of living in an environment that everyone not on the right has been living in from 2000-2006?
that's basically what they were doing. (Score:5, Informative)
Re: (Score:3, Insightful)
Re: (Score:3, Informative)
"We got this guy, but let's get a warrant before we scan his hard drive."
The odd thing is that the computer was in the landlord's friend's friend's (brother's dogwalker's sister-in-law's... whoops, got carried away) possession having been seized during the eviction. The vast majority of precedent (used whenever the government wants data from phone companies and mail servers, etc) says that if the guy with the data freely gives it to the cops, they don't need no steenkin warrant.
While the overall decision is
Re: (Score:3, Interesting)
In either case, I at least like the idea that they say calculating MD5s is considered protected by the 4th.
Re:that's basically what they were doing. (Score:5, Insightful)
The landlord's friend's friend didn't own the laptop. He can no more authorize a search of it than your landlord can authorize a search of the apartment he rents to you.
Re: (Score:3, Insightful)
Very true. It's almost like simply taking a picture of evidence in a residence after busting down the door, even though there's no search warrant to search the residence.
Re: (Score:3, Insightful)
Which stage was the search - the creating the duplicate? The running of the hash? It's not really clear.
I would say creating the image counts as a search, since you have to actually go in and read the data from his hard drive.
Re: (Score:3, Funny)
But you only took a peek, and just jotted down the jist of it! Come on! Don't let a goddamn piece of paper stand in the way of a good wholesome lynching!
Re:that's basically what they were doing. (Score:4, Insightful)
I wouldn't rely on that argument to keep this from happening in the future. They could have some private third party generate the hashes and then the government could look through the hash list. Or it's not hard to imagine a filesystem with some high-level call that returns the hash given an inode, so that they aren't looking at the file; the system is. Such a call could even return a stored answer that was calculated when the file was written instead of when they call it, so that no actual file reading happens at the time the government looks at the computer.
Instead of looking at it as "they have to read the file to generate the hash," I'd look at it as "the hash is a form of representation of the file." If they're picking through your hashes, they're picking through your hashes.
Bad way to search for kiddie porn (Score:5, Interesting)
Re:Bad way to search for kiddie porn (Score:4, Interesting)
More than likely the hashes are generated against the picture not the file data, and are 'fuzzy' enough that minute changes in the image are ignored. That was many 'Usenet duplicate image detectors' do. For instance, one of the old programs I used to use did this:
* Render image and convert it to grayscale.
* Resize image to 128x128 or some other 'thumbnail' size.
* Create a hash based on the thumbnail.
You'd have to mangle a picture a good amount for it not to show up as a positive match. The problem is you'd have a good number of false positives. On the other hand, if you are using this as a fishing expedition to find an excuse for a more through search, that really isn't a problem... is it?
Re:Bad way to search for kiddie porn (Score:4, Insightful)
Or they can just look at the pictures. At least, that's the way it used to be done.
That's kind of the point. For some reason the courts used to think that looking at the pictures would count as search w/o a warrant, but comparing files against known md5 hashes wouldn't. By running the md5 hashes, the detective had a way to prosecute this guy w/o getting a search warrant. This ruling effectively puts a stop to that.
RE It's good to see (Score:4, Funny)
Re: (Score:3, Funny)
I dont see how the 4th amendment applies here (Score:5, Interesting)
Comment removed (Score:5, Informative)
Re:good point (Score:4, Interesting)
The problem I have here is I would think that this would come under reasonable cause.
Someone calling the police and saying "Hey I found kiddie porn on this computer." seems to be reasonable cause to me.
Re: (Score:3, Informative)
The problem I have here is I would think that this would come under reasonable cause.
Someone calling the police and saying "Hey I found kiddie porn on this computer." seems to be reasonable cause to me.
It seems that way to me as well, and had they tried to get a warrant based on probable cause, it probably would have succeeded.
Conducting the search without a warrant, however, isn't going to fly unless their are also "exigent circumstances". Which in this case would mean the police have reason to believe th
Re: (Score:3, Informative)
Chain of custody. Very important in forensics.
The landlord and his friend might have had a motive to lie about the guy that was behind on his rent payments. From the blurb from the article, it doesn't seem that his landlord had completed the eviction procedure yet, and was anxious to get Crist out of his house and a new tenant in. The eviction process is not immediate. So he gives Crist's computer to his friend, his friend backdates the clock, and his friend puts kiddie porn on there and turns it over t
Re: (Score:3, Informative)
According to the article, the computer was removed from the defendant's residence by his landlord's friend because the landlord was in the process of evicting the defendant for non-payment of rent. This computer was not found abandoned on the side of the road with the trash. There's no clear indicator that the defendant gave the computer to the landlord's friend, which means the computer is the defendant's property. Therefore, the landlord's friend does not have the right to consent to a search of the co
Re: (Score:3, Informative)
search = search (Score:4, Insightful)
Calculating hash values isn't search. Calculating them and comparing them to a database is. Not only is it quite clearly search (searching for files that match known MD5 signatures), it's hard to imagine another way to describe it without being deliberately obfuscatory.
Re:search = search (Score:5, Insightful)
To calculate the hash values they had to read the contents of the drive. That is a search of a person's effects without a warrant.
Re: (Score:3, Insightful)
Law Enforcement Storage of Naughty Things (Score:4, Interesting)
Re: (Score:3, Interesting)
Actually, it's a terrible job. There's a guy out there who has to look at all the child porn and verify that it is in fact child porn. There's also a guy out there who has to look at videos of brutal murders to try and figure out who did what. I'm sure these guys aren't too happy about their jobs but realize it's a necessary evil if you want to hunt down those who commit these crimes.
I know a guy who works for Google. His job is to look at porn all the time. He has to verify that SafeSearch has accurately c
Error made by Slashdot in headline (Score:5, Informative)
When I submitted this story, I gave it the headline "US Court:...". Someone changed that to "PA Court Says...". That's wrong. This is a ruling from a US District (Federal) court, not a Pennsylvania state court, and so carries much more weight. ..bruce..
Cops blow it again (Score:5, Informative)
Not only did they search the drive without a warrant, but they also got the defendant to confess to putting the files there by questioning him without reading his rights and telling him that he didn't need an attorney. Genius.
Even dumber: Based on the testimony of the guy who originally found the child porn, they could have gone to a magistrate and gotten a warrant. Then there would have been no issue of a warrantless search.
BTW, for those considering the abandoned-property angle -- the court goes into that. It wasn't a legal eviction and the defendant hadn't abandoned his stuff; he merely hadn't removed it all yet.
Comment removed (Score:4, Informative)
Re:MD5 Collisions... (Score:4, Interesting)
Re: (Score:3, Insightful)
Re: (Score:3, Informative)
False. MD5 has the property that if you can find two bytestreams that collide, appending identical data to the end will continue to produce two different files that collide. Furthermore, the collision-finders are able to take an arbitrary prefix, and then append random data to that prefix until a collision is found.
What does this mean? It means you can take a file with a blob of random data in the middle, then generate two files with identical hashes but different random blobs of data in the middle.
This, in
Re:I love how... (Score:5, Insightful)
Bad police work is bad police work, no matter the criminal.
Here's a clue: be upset with the stupid officers that could've followed procedure and actually nabbed the guy instead of being lazy and screwing up the case instead of the judge for enforcing the law.
These are YOUR freedoms too.
Re: (Score:3, Insightful)
It's also impossible to prove that anything found on the computer is anything to do with the defendant. The rent dispute is an obvious motive for the former landlord to take all sorts of malicious actions.