Lawful access and kiddie porn
p2pnet news view Freedom | P2P:- How might DPI integrate into the discussion of lawful access and catching child pornographers?
The question was asked of Christopher Parsons (right) during a recent interview with a Toronto student radio station, and it related to deep packet inspection (DPI) in Canada.
A PhD student at the University of Victoria on Vancouver Island in BC, p2pnet.net’s home base, he’s particularly interested in Deep Packet Inspection and he gets into the kiddie porn question on his Technology, Thoughts, and Trinkets blog.
“I honestly hadn’t thought about this, but I’ll recount here what my response was (put together on the fly) in the interests of (hopefully) generating some discussion on the matter,” he says, continuing »»»
I’ll preface this by noting what I’ve found exceptional in the new legislation that was recently presented by the Canadian conservative government (full details on bill C-47 available here, and C-46 here) is that police can require ISPs to hold onto particular information, whereas they now typically required a judicial warrant to compel ISPs to hold onto particular data. Further, some information such as subscriber details can immediately be turned over to police, though there is a process of notification that must immediately followed by the officers making the request. With this (incredibly brief!) bits of the bills in mind, it’s important for this post to note that some DPI appliances are marketed as being able to detect content that is under copyright as it is transferred. Allot, Narus, ipoque, and more claim that this capacity is built into many of the devices that they manufacture; a hash code, which can be metaphorically thought of like a digital fingerprint, can be generated for known files under copyright and when that fingerprint is detected rules applied to the packet transfer in question.
The challenge (as always!) is finding the processor power to actually scan packets as they scream across the ‘net and properly identify their originating application, application-type, or (in the case of files under copyright) the actual file(s) in question.
Let’s assume for the purposes of detecting particular files that inspections of packets is largely done offline (i.e. you can copy packets to a separate processing unit, and not worry about examining the packet in absolute real-time) or the devices are quick enough to massively do these analyses on the fly in the relatively near (24 months) future. (As a note: I see the former, rather than the latter, as a more effective technique as the technology stands today, at least in terms of mass surveillance of data traffic.
This is just based on my understanding of the computational power available to DPI appliances, and is subject to change as I learn more about the technology/there are advances in processor technologies.) Shouldn’t it be a relatively easy process then for authorities, working in conjunction with network administrators, to develop a hash-list of illegal files, where any time that these files are suspected of crossing the network authorities are automatically notified (DPI is predictive, and thus cannot be relied on to have 100% accuracy rates)?
I’m not talking about stuff like files guarded by copyright – the RCMP has noted that they don’t see file sharing as one of their priorities – but stuff that Canadian society deems particularly nasty, such as illicit images of naked children.
With a detailed hash-list of known illegal images/text/movies, then shouldn’t it be a relatively simple process to both limit much of the sharing of these images (when a match is detected, stop the flow of packets ‘tagged’ with that ‘fingerprint’) and notify authorities?
Law enforcement could set up an automated system that issues demands to the ISP(s) in question, and then establish procedures to gain access to subscriber information in an effort to quickly find and question those suspected of peddling kiddie porn.
This notion of mass surveillance for law enforcement purposes leads us to ask what we, as a society, want these devices used for, or what drivers should motivate the technology; do we want to limit these appliances to balancing network congestion/network load, or go further and try and identify ‘clearly’ criminal actions? I worry about the long-term effects of using DPI for automated surveillance for detecting criminal behaviour, but my willingness to accept a bit more messiness in this world at the expense of increasingly efficient detection of deviance isn’t necessarily a commonly held position…
Chris says he ended the interview by leaving listeners with the questions; “what degree or level of surveillance do we, as a Canadian people, see as ‘good’ on ISP networks – what discrimination (in reference to packet discrimination) is permissible, and what is not ? How do we actually go about developing a consensus on surveillance, and what processes should we engage in to codify said consensus?”
“I actually don’t have responses to these queries. There are people who know both surveillance and discrimination literature far better than I likely ever will – my aim (at the moment) is just to puzzle through how this technology might intersect with privacy, surveillance, and discrimination literature, and gradually develop insights from which others can pursue far more nuanced, far more profound ethical thinking about DPI and similar network appliances.”
Stay tuned.
First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi
July, 2009
Use free p2pnet newsfeeds for your site. It’s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
July 4th, 2009 at 11:28 am
My argument on this stuff has yet to change.
There is no “balance point” with DPI at the provider level.
Once you allow this kind of prying into the picture, you immediately throw away the idea of a WARRANT PROCESS.
EVERYONE will abuse it, and, once installed, it will be FURTHER DEVELOPED to have even more capabilities that will be abused.
As more capabilities develop, MORE SPECIAL INTERESTS will demand access to stuff that a judge would previously have refused to grant a warrant for.
We need to keep DPI away from the providers.
(We already know we can’t trust any of the major ones.)
July 4th, 2009 at 12:43 pm
I totally agree with Devil’s Advocate. DPI is a very steep, very slippery slope. This type of prying is akin to putting a wire tap on every single telephone in Canada with the hope that you MIGHT catch one single criminal. I’m all for going after anyone having anything to do with kiddie porn, but not if it means throwing our liberties out the window. We dishonor all the brave people who have paid in blood to protect those liberties if we do. Sadly it really does seem like we’re slowly moving towards a guilty until proven innocent type of society and it makes me sick just thinking about it. Power over others, no matter how small and seemingly insignificant, is very very addictive. Like the saying goes, absolute power corrupts absolutely. I have personal experience with that axiom and have learned that it doesn’t matter how good your intentions are starting out. Sooner or later you WILL be corrupted and you WILL abuse the trust you’ve been given.
July 4th, 2009 at 4:24 pm
So you want to protect paeodophiels just so you can carry on downloading warez and not get caught ? and people like you are the reason freedom of free speech is sometimes a bad thing
July 4th, 2009 at 6:05 pm
“asre”…”paeodophiels”
(??)
“warez”
What?! You’re not gonna throw in “terrorists” as well??
LMFAO!
July 4th, 2009 at 6:40 pm
“Let’s assume for the purposes of detecting particular files that inspections of packets is largely done offline (i.e. you can copy packets to a separate processing unit, and not worry about examining the packet in absolute real-time)”
That would never work and here’s why; If you can’t keep up with the packets in real time, you have no hope of keeping up while scanning them offline. As the devices are working through the first batch, two more batches will arrive and be buffered. As it’s scanning the second batch, two more batches will arrive. Now it’s still scanning batch #2 and it has three more waiting. While scanning batch #3, another two arrive and now you have four waiting, and so on. If it can’t scan the data in real-time, it will just keep getting more and more behind.
“I’m not talking about stuff like files guarded by copyright – the RCMP has noted that they don’t see file sharing as one of their priorities – but stuff that Canadian society deems particularly nasty, such as illicit images of naked children.
With a detailed hash-list of known illegal images/text/movies, then shouldn’t it be a relatively simple process to both limit much of the sharing of these images (when a match is detected, stop the flow of packets ‘tagged’ with that ‘fingerprint’) and notify authorities?
Law enforcement could set up an automated system that issues demands to the ISP(s) in question, and then establish procedures to gain access to subscriber information in an effort to quickly find and question those suspected of peddling kiddie porn.”
That is a spectacularly bad idea. Why? well…
Who decides what qualifies as child porn? There are many legal adult actresses who look underage, which is usually their main claim to fame. People have been mistenly arrested for having pictures and videos of them. For example; People have been arrested for having pictures of porn star Melissa-Ashley. In one case, the FBI held up one of her photos and testified that the girl in the photo was no older than 14. Even once she was identified and it was confirmed that the man had no child porn on his computer, the FBI tried to make the case that he probably THOUGHT she was underage, and so should be prosecuted as if the photos were real child porn. Not to mention that the age of consent isn’t consistant around the world.
What about mistakes? Someone looking for legal porn can easily follow a small, blurry thumbnail on a search site or one of those picture-post sites and end up on a site that the authorities have classified as child porn. Without DPI, the person would simple close that site and not go back. With DPI, they’re likely to get arrested and have their life ruined over a simple mistake. Or what if a person uses someone else’s WiFi to trade child porn? Sure, the person will probably be cleared eventually when/if a search of their hard drive, home, relatives homes, etc, all turn up negative, but by then the person will probably have lost their job, their friends and quite possibly their family. Even if they’re cleared, people will forever have doubts about them
Is catching some people who are trading these files worth all the lives it would mistakenly destroy in the process? According to what I’ve read (I wasn’t old enough to be knowledgable about porn back then), child porn wasn’t even illegal to own in the 1970s. Companies produced it, stores sold it and people bought it. I can find no evidence that child molesting was a global epidemic back then, so why is it now the 21st century’s witchhunt? Even cartoons and CGI/photoshopped images of children are being treated as child porn. It’s like anyone even suspected of having looked at child porn must be dragged into the street and burned alive.
July 5th, 2009 at 8:08 am
mistenly – mistakenly
July 6th, 2009 at 5:34 pm
“So you want to protect paeodophiels just so you can carry on downloading warez and not get caught ? and people like you are the reason freedom of free speech is sometimes a bad thing”
It sounds like you’re saying that you wouldn’t mind having all of your freedoms and liberties taken away all for the sake of what would most likely amount to as a fruitless witch hunt. Yeah, that sounds like a really good idea to me. Once you’ve given up your rights, good luck getting them back. Child pornography is bad, it’s true and I won’t debate that. Since concepts such as freedom, liberty and human rights don’t seem to hold any value for you, how about we put it in more material terms that someone even as dense as you should be able to grasp. How much of your lifestyle are you willing to give away on the mere gamble that a pedophile may or may not be caught? Are you willing to give up your car? Your house? All of you belongings? How about your livelihood? Fear makes people do and say the stupidest things. You should find the documentary called “Witch Hunt” and watch it if you don’t believe me. Morons like you are why witch hunts happen in the first place. Next post you’ll be trying to justify how the government spying on everyone is perfectly ok if people have nothing to hide. Idiot.
July 6th, 2009 at 9:54 pm
” It sounds like you’re saying that you wouldn’t mind having all of your freedoms and liberties taken away all for the sake of what would most likely amount to as a fruitless witch hunt. ”
No worries.
This is just DA’s own personal stalker. Whatever stance DA takes, his stalker will take the opposite.
Looks like he gave up on embedding Ad links while faking DA’s name.
Make like he’s invisible.