A Linux-Based "Breath Test" For Porn On PCs 345
Gwaihir the Windlord writes "A university in Western Australia has started beta testing a tool that's described as 'a random breath test' to scan computers for illicit images. According to this article it's a clean bootable Linux environment. Since it doesn't write to the hard drive, the evidence is acceptable in court, at least in Australia. They're also working on versions to search for financial documents in fraud squad cases, or to search for terrorist keywords. Other than skimming off the dumb ones, does anyone really expect this to make a difference?" The article offers no details on what means the software uses to identify suspicious files.
Here's how it works... (Score:5, Funny)
It looks for files like "guyongirlonsheep37.jpg"
Re:Here's how it works... (Score:5, Funny)
It looks for files like "guyongirlonsheep37.jpg"
Then I'll be safe since I rename all my files as "Top Secret: Hot Japanese Satellite images".
Re:Here's how it works... (Score:5, Funny)
Re:Here's how it works... (Score:5, Funny)
Re:Here's how it works... (Score:4, Funny)
I think you missed the point [memeparty.com].
Re:Here's how it works... (Score:4, Funny)
guyongirlonsheep37.jpg would probably be OK. I wouldn't want to try to explain guyongirlonsheep17.jpg however ...
By an incredible coincidence, that happens to be the only username left untaken on yahoo! mail. I keep trying variations on my name and all I get is "That name is taken. May we suggest "guyongirlonsheep17.jpg@yahoo.com".
But I wish I hadn't told you my new email address. Now I'm going to get spam.
Re:Here's how it works... (Score:5, Funny)
Re:Here's how it works... (Score:5, Funny)
The specific command:
#find / -name \*.jpg
Re: (Score:2)
I renamed it guyongirlonsheep37.txt Ha! Fooled ya!
Re: (Score:3, Funny)
Maybe it works by checking the percentage of flesh-tone colors in the picture. That means those racy pictures of blue-man-group are safe for now.
Re: (Score:3, Funny)
Re:Any Aussies here? (Score:5, Funny)
Fixed that for you. (Score:5, Funny)
Quick! Whats the... (Score:5, Funny)
Quick! Whats the RGB color value for "pink" ?
Re:Quick! Whats the... (Score:5, Funny)
For kiddie porn you want to scan for small swaths.
Re: (Score:2)
Re:Quick! Whats the... (Score:5, Interesting)
'Human skin tones' is a pretty wide range though. Even just restricting it to 'white' people gives you a big range of colours if you consider the various shades of tan / sunburn - anything from deep red to pale white through dull brown. If you want to find naked black- or yellow-skinned people then it's an even bigger range. If something is blue or green you could probably guess it's not naked skin (unless the person is bruised, or wearing body paint), but without factoring in shape as well it's pretty difficult to tell if something is human coloured or not.
Actually, human skin is pretty much all the same hue, it just has different saturation levels. If you convert each image to HSV from RGB, you can just look at the hue component and people all pretty much look the same. This is common in computer vision techniques for identifying skin.
-Taylor
Re: (Score:3, Funny)
Re:Quick! Whats the... (Score:5, Funny)
The big question is -- can this program tell the difference between a porn photo and a photo of Fidel Castro eating a banana?
You just solved the CAPTCHA problem.
Re: (Score:2)
Re:Quick! Whats the... (Score:5, Funny)
Well technically, I think we've all been IN one at least once in our lives, females included. However I suspect that's not the point you were going for.
Re:Quick! Whats the... (Score:5, Funny)
Re: (Score:3, Funny)
Re: (Score:3, Funny)
Well, that and Orlando, FL.
Re:Quick! Whats the... (Score:5, Funny)
...oh, and your mom.
(Sorry, had to)
Re:Quick! Whats the... (Score:5, Interesting)
Re:Quick! Whats the... (Score:5, Interesting)
One of the environments I worked in had a sniffer that grabbed all the images (and associated session information) it could see on the wire for that organization (or at least a subset - there was a LOT of traffic involved). It would then process those images and generate a "skin folder" of suspect imagery. We could then sift through that skin folder looking for illicit browsing, etc.
Yeah - it caught porn. But it also contained a lot of imagery of furniture, mars landscapes, deserts (it really liked the time pictures of camel spiders in Sandland were the hot topic of emails) and other such not-skin-oriented imagery.
Re: (Score:3, Insightful)
Invert colour spectrum on porn images. Now all the skin is green or purple or some other decidedly un-skin colour.
Transmit images.
Re-invert colour spectrum. Skin is all skin-coloured again.
.
.
.
.
Okay, so this might not work so well if the images are from after a major S&M session ;)
Re:Quick! Whats the... (Score:4, Funny)
Now you will get a ton of Ubuntu backgrounds....
Re: (Score:2)
It isn't perfect yet, but this [ideeinc.com] is an interesting attempt at doing just that. It's not limited to skin tones however; you can search by any colour.
Randoms searches, Yay. (Score:3, Insightful)
Now everybody in Australia is guilty until proven innocent!
Re:Randoms searches, Yay. (Score:5, Funny)
Now everybody in Australia is guilty until proven innocent!
I thought that was the founding principle of Australia :)
Re:Randoms searches, Yay. (Score:5, Funny)
Remember, we were selected by the best judges in England...
The difference between the USA and Australia - first, England rounded up all of it's religious fanatics, and sent them to the American colonies, then they rounded up all of these criminals, and send those to the Australian colonies....
Re: (Score:2)
Now we just need to identify the criteria used when the rest of Europe sent people to the English colonies..
Re: (Score:2, Informative)
Re:Randoms searches, Yay. (Score:5, Funny)
Australia rounded up its worst criminals and sent them there...
Re:Randoms searches, Yay. (Score:5, Funny)
Re: (Score:3, Funny)
The mentally deficient, ruthless, and inbred of course remained safely at home (and in noble circles, more often than not).
Re:Randoms searches, Yay. (Score:4, Interesting)
It's not the folks descended from criminals that worry me. It's the folks who are descended from the prison wardens who cause all the trouble.
Based on this I propose the following test... (Score:5, Funny)
The difference between the USA and Australia - first, England rounded up all of it's religious fanatics, and sent them to the American colonies, then they rounded up all of these criminals, and send those to the Australian colonies....
In those grand traditions I propose the following test...
Turn the laptop on, tie a large weight to it. If it floats, it's a witch! Burn it! If it sinks it's innocent. Pity it didn't survive.
Re:Randoms searches, Yay. (Score:4, Funny)
Remember, we were selected by the best judges in England...
The difference between the USA and Australia - first, England rounded up all of it's religious fanatics, and sent them to the American colonies, then they rounded up all of these criminals, and send those to the Australian colonies....
So where did they send the dentists?
<ducks>
Re:Randoms searches, Yay. (Score:5, Funny)
In other words, it's not funny when you explain it, but thanks!
(Notes to subsequent posters: a formulaic representation where the function of the humorous statement is subsequently undermined by the explanation and proved untrue (or similar), while funny, would have taken a bit more time than today's actual work-a-day requirements would allow. I would however be pleased to enjoy another's attempts to compile such an argument.)
Disclaimer: This message is intended as humor and not flamebait, contrary to the anonymity assumed during the posting of said message. Furthermore, contrary to what is stated above, this post is the opinion and property of Slashdot. (Just kidding on that last part.)
-HH
Helix (Score:5, Informative)
About the only way it COULD work... (Score:3, Interesting)
Re:About the only way it COULD work... (Score:4, Interesting)
And trivial ways to get around it. An encrypted file system is the obvious solution, but hell if they're just checking hashes you could use ImageMagick and a very small shell script to very slightly alter the image, giving you an entirely new hash.
Re: (Score:3, Informative)
There was a slashdot story a few weeks back about a company claiming to be able to detect images inside encrypted drives.. http://yro.slashdot.org/article.pl?sid=08/07/17/2043248/ [slashdot.org]
If they're just checking hashes you could change the R,G, or B of a random pixel by 1 and change the has.. or even just add random text to the EXIF data.
Re:About the only way I it COULD work... (Score:5, Informative)
Actually, no. This method does not work - which is what I said at the time. Because this misinformation is apparently still around, I decided to run a test.
I took a large file (1600x1200 px) and then applied a basic red-eye reducing algorithm to various spots on the image. The result: visually, exactly the same image.
Then I turned to my trusty Apple Preview. I resized each photo to 9% of its original size (144x108 pixels), and the proceeded to turn the color saturation down to 0 (black and white). I then saved each file in a compressionless TIFF format. Lastly, I computed the md5 hash for each file.
Result?
MD5 (smlimg3.tiff) = d300d23ce0ca2d6dcc7188665b1e2ada
MD5 (smlimg4.tiff) = a1cf7d59f9bf4ccceb6651c5f08750dd
Let me say this once more, in case anyone else who blindly accepts anything they read on the internet has heard this: THIS TECHNIQUE DOES NOT WORK. To compare two SIMILAR images, one needs to use an image comparison algorithm - of which there are many. Hashing ONLY works on two images which are EXACTLY the same.
If you doubt the test or the results, I would be glad to email you all of my test pictures so you can see them and calculate their md5s for yourself.
Re:About the only way I it COULD work... (Score:5, Informative)
It seemed like the sort of thing that would work in theory, but I can see why it doesn't. Even changing a few pixels in the corner (I made a 10x10 white square) gave drastically different MD5s.
I'm a moron for blindly accepting a +5 post as fact, please mod down my original post.
Re:About the only way I it COULD work... (Score:5, Insightful)
The whole point of a hashing algorithm like MD5 is that even a single bit change should change lots of random bits in the resulting hash. If it was predictable it wouldn't be suitable for it's purpose.
Jason
Re:About the only way I it COULD work... (Score:4, Interesting)
As you demonstrate, the MD5 technique does not work. However there are other image "hashing" techniques that do work. For example, take the first three statistical moments of the histogram of the R, G and B intensities. To compare two images take a simple L1 distance between those moments. If it's below some threshold they are the same.
Disclaimer: The above algorithm works best for detecting differences between two video streams even when those video streams are distorted by color shifts. (I have personal experience with using it on production software.) For detecting similarities of images you may have to use slightly different techniques.
Re: (Score:3, Insightful)
An even better way is to get a machine that will boot off of a USB key, and put all the "interesting" pictures on such a key, perhaps encrypted. It is a lot easier to hide a USB key, and this gives you a computer that is itself completely clean so you don't have to deal with demands for encryption keys.
Re: (Score:3, Interesting)
I have an encrypted disk that is full of encrypted disks. They are labeled backup_date and important_documents_date, etc. I have a special one named long_term_storage that is for 'special' files I do not want the rest of the world to have access to but do not belong in a category I set up.
So not only do you need my encryption password to boot my notebook, but then you need to know the password of the individual containers to see what is inside them. That is of course assuming I don't have any hidden contain
Re: (Score:2)
Re: (Score:3, Insightful)
It looks like it's just a tool for previewing media on the drive while maintaining forensic integrity. Certainly something a person trained in computer forensics could do without the tool, but this is targeted at people with minimal training, it seems.
Of course there are plenty of easy anti-forensic measures, but the goal is probably to cut down the time spent per case on the low-hanging fruit (which is the majority of cases) to reduce backlog.
forensics (Score:5, Insightful)
Computer forensics is hard, expensive, and time-consuming. I would guess this is just a tool for cops to save cash in criminal investigations compared to hiring an expert, or at least to triage which systems need to be investigated by an expert.
Also, if your friends are IT staff and your online watercooler is slashdot.org, you may think everyone but the "dumb ones" knows how to encrypt a drive. But the reality is that the vast majority of criminals have never heard of Truecrypt.
Re:forensics (Score:5, Insightful)
The design concept is that any police person with adequate training could use the tool, so that when they go into a crime scene they can quickly review a computer for illicit images or videos.
Sounds like it relies more on officers' eyeballs than algorithms to do a quick scan for anything obvious. This tool will help them quickly move through the easy stuff, and allow them to focus time and resources on the more sophisticated criminals. [gulf-times.com]
Re: (Score:2)
Your example of a "more sophisticated criminal" is a man who uploaded photos of himself abusing children. He didn't even black out his face. He "swirled" it in such a way that it could be easily unswirled.
Yes. Encryption is rare. (Score:3, Interesting)
A local forensics expert says the same thing of his practice. In fact, last time I heard him speak about it, he said he'd never encountered encryption in a case he handled.
There's some sample bias going on there, because he refuses to handle some cases, and child pornography is one of the things he won't touch.
BitLocker may make encryption more mainstream.
Can't be challenged forensically? (Score:2)
Re:Can't be challenged forensically? (Score:4, Insightful)
Doing a thorough exam of an average drive can be time consuming, even if the user is kind enough to leave all their documents handily in the "My Documents" folder. Trying to examine several machines in a timely fashion would benefit greatly from a tool like this. If the disk flags something, and it's really illegitimate, the data just needs to get cataloged. Think of it as helping go for "low hanging fruit" that can be used to convict someone, without being as resource intensive as a full manual scan. I'm guessing that if the disk doesn't turn up anything, there will still be a long manual process involved to see if there's something there.
Re: (Score:2)
They mean that you can't challenge whether the data was acquired in a forensically-sound manner. If the software does any determination of if the image is illicit or not, that's undoubtedly not valid in court. However, the system is to write the illicit images to a removable medium (CD-R) and verify that they are illicit through standard procedures.
Re:Can't be challenged forensically? (Score:4, Interesting)
Re:Can't be challenged forensically? (Score:5, Informative)
Good meatspace analogies would be OJ Simpson's DNA showing up on evidence only after he gave a blood sample. More hypothetically, say the cops take your backpack as evidence. What happens to it? Well, it sits in a police warehouse storage facility somewhere, possibly for months. If any cop has access to that backpack on demand for this whole time, then there is effectively have no way to prevent someone from stuffing the bag full of drugs. No accountability. So for meatspace evidence, there are very strict rules that say you have to keep track of every person who has access to that piece of evidence. There can be no exceptions.
The equivalent in the computer forensics world is that you have to guarantee you didn't alter the original equipment's hard disk. Proper forensic analysis involves making a *copy* bit-for-bit and then analyzing this copy. The new thing here is a bootable CD that presumably has been rigorously tested and certified (by who, I couldn't say) that it literally cannot modify the hard disk.
Re: (Score:2)
It just copies the suspect files to external media.
Someone will still have to look at those files to see what they are.
This is just a tool to save them from groking the files.
The manner they use to find files on a system they already took in to evidence is not an issues
so long as the systems media remains unchanged.
The original evidence is preserved. Who can you challenge that?
Damn (Score:2)
There goes my secretledger.doc and terroristplottotakeovertheworld.doc!
Re: (Score:2)
rename them digdug.exe and pacman.exe
Oh crap, the penalty for software piracy is torturous death while terrorism gives you only life imprisonment.
sorry.... my bad.
Australia seems to be a pretty repressed country (Score:2)
It's always about censorship and blocking and denial. That's all I hear now coming out of Australia.
That's too bad. Was thinking of going there on vacation. Guess I'll go spend my money elsewhere.
Re:Australia seems to be a pretty repressed countr (Score:5, Insightful)
Aww, "freedom proof fence" isn't in use... (Score:2)
I like the term "freedom proof fence" but it doesn't seem to be in general use... looks like someone tried a bit of low-level astroturfing and got it temporarily into Wikipedia and a couple of twitters, but that's it.
misread the title (Score:2, Funny)
as breast test... would've been more appropriate, too.
Psych-Ops (Score:5, Interesting)
The article offers no details on what means the software uses to identify suspicious files.
I highly suspect that the police don't want people to know the details of how sophisticated their technology is because they don't want to embarrass themselves. Keeping an aura of mystery and FUD around themselves and their techniques is also a form of psych-ops; it's the chrome facade of a lemon.
This is why I keep my /b/ folder encrypted (Score:2)
Re: (Score:2)
Not in the US.
Illicit? (Score:3, Insightful)
Last time I checked, porn was not illegal.
Re: (Score:2)
Even then, it checks only the "available" files (not checking deleted, or encrypted drives). So hopefully police will use this, and if your computer passes the test, then you are free to go instead of taking your computer for months.
Funny thing is, all this "checks", is known hash values of child porn and means 3 things:
1: Edit a pixel on all your images
2: Encrypt/steganography your images
3: or Make your own and don't distribute
The only thing they are doing with these new systems
Re: (Score:2)
Re: (Score:3, Informative)
Re: (Score:3, Interesting)
Last time I checked, porn was not illegal.
While the summary says "porn", the article is referring to child pornography - which is illegal.
ugggh (Score:2)
after viewing where most pron actor and actresses' mouths go, i don't want to know anything about a "breath test"
A "random breath test" for computers? (Score:2)
Oh great, expect that in a few years they will be running this on international travellers as a standard part of customs.
Got to stop that kiddie porn. Everyone knows they are too stupid to traffic it via encrypted Internet traffic, or DVD's mailed in the post.
Re:A "random breath test" for computers? (Score:4, Insightful)
Sadly, this seems to be a part of a trend. Part of travel now means that you need to be subjected to complete search and inspection to make sure you haven't done anything wrong.
This includes fingerprinting, gathering of biometrics, and having all of your personal stuff exhaustively searched to ensure you have no porn, terrorist material, copyrighted material you can't prove you bought, or anything critical of the government of the country you're entering.
If you have probable cause that I'm smuggling something, maybe. But, in the case you point out where we scan everyone so they can prove themselves innocent ... well, modern society is pretty much hosed in that case. However, that seems to be where we're going lately.
Cheers
Terrorism is terciary to the police state (Score:2)
SECAU was also considering another purpose-built CD to search financial documents for use by a fraud squad or those hunting terrorists using keywords.
Another example of how the fight against privacy has little to do with terrorism. Perversion is of greater concern to the Right Wing than fighting violent crime.
The fear factor (Score:2)
It's all a game to them when you're being brought downtown on a trumped up charge to be leaned on by halfwits. (with excuses to Bryan Singer for the obvious Usual Suspects reference)
"Doesn't write" might not count (Score:2)
2009! (Score:2, Funny)
leaked source code (Score:4, Funny)
#include
#include
int main()
{
printf("Searching for stuff the user isn't supposed to have...\n");
sleep(30);
printf("Illegal material found! Seize computer and arrest owner!\n");
return 0;
}
Porn, Fraud, and Terrorism (Score:2)
Guess I better start deleting my wmv's of Bin Laden doing hot Enron executives.
USCBP (Score:2)
Border patrol using this on all laptops in 3... 2... 1...
How To Avoid (Score:2)
The real criminals can easily avoid (Score:3, Insightful)
Anyone serious enough can hide the data. As usual we all get hassled and only the stupid get caught.
1) install a game with huge data files
- Example World of Warcraft
2) make a dummy side directory off the game install
3) drop in a huge binary file with the same extension as the game data or patch
4) mount dummy file as encrypted file system
5) delete mount line before crossing the border
"No idea what that file is. Looks like part of the game to me."
No way they can have a database of all possible good binary files to ignore.
Breath Test (Score:3, Funny)
Re: (Score:2)
Not only that, but it's funny that they would name it after a device that is notorious for fallibility. Yes, reports show that breathalyzers are not as accurate as claimed. Perhaps they used that phrase because they are expecting 10-20% false positives?
Re: (Score:3, Interesting)
False negatives are something which gets less press but can still be funny.
Girl I worked with was being driven home by her boyfriend. They get stopped at a checkpoint. He's cold sober but she's had enough alcohol to knock out a bull elephant.
The officer taps on the window, window rolls down "could you blow on this please", "no problem", DING green light.
At this point my very drunk workmate leans across her boyfriend "CAN I HAVE A GO!TEHEHEHE! You don't have to change the mouthpiece!". The police officer rol
Re:A porn breath test? (Score:5, Funny)
<cheesysoundtrack>
*WEEW*
"License and registration please...are you drunk ma'm?"
"No Ociffer, I swear to Drunk I'm not god"
"Step out of the car please. I'm giving you a breathalyzer test. I need you to blow on this"
"Wait...wut...come on I just want to go home"
"Well if you don't want to do the breathalyzer I can give you a balance and mental aptitude test..."
"Come on just cut me a break, I live just down the road, outside of these dark woods on this lonely country road"
"Well OK, but if you want me to skip the breathalyzer, I need you to blow on _this_"
</horribleacting>
</cheesysoundtrack>
Re: (Score:2)
<horribleacting> <cheesysoundtrack> ...
</horribleacting>
</cheesysoundtrack>
Malformed markup encountered. Aborting.
Re: (Score:2)
Your PTML parser is too strict. Did you expect proper code on low production values?
Re:A porn breath test? (Score:5, Funny)
Your post contains invalid markup: you can't interleave tags like that.
Re:Illicit? (Score:4, Insightful)
Ah, but once crossing a border requires you to be scanned for any infractions, you won't have a choice.
Soon, it will be considered perfectly normal to subject yourself to full scrutiny in order to prove that you don't have anything they deem unacceptable.
Me, I find it appalling, as we throw away most forms of civil liberties in Western countries on the presumption that someone might have done something wrong, so we inspect everyone.
Cheers
Re: (Score:3, Funny)
Bzzzt. Correlation != Causation (Score:3, Insightful)
it seems fairly widely accepted and that people who regularly view pornography are more likely to be involved in sex-related crimes than people who don't (or that sex-offenders are more likely to have porn than non-sex-offenders, whichever way you want to spin it).
I'll keep the citation-needed tag to myself, and go to the heart of the matter: what's the causality relation here?
Is it that viewing porn makes you commit sexual offenses? Or that something (say, an ultra high sex drive and a lack of restraint) makes you commit sexual offenses and also view porn? Or is it that something causes you to commit sexual offenses, which causes you to look at porn [because you have to escape but are not satisfied].
This means that even if the computer is found to have pornographic content on it of people who are "of age", this still raises a red flag (and IMO rightly so).
It raises a red flag indicating what?
There's an urban legend that