Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Thought Crime. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Thought Crime
by Decius at 10:02 am EST, Feb 19, 2007

Christopher Soghoian posted the following simple idea in response to one of a myriad of proposals floating in Government this year to turn the Internet into an architecture of control.

Declan reports that Senators McCain and Schumer have proposed the SAFE act, which would create a national database of child porn images - or I'm guessing, simply require that the FBI make their own database public. ISPs would be given access to this database, and would be required to screen traffic and alert the authorities of any user who transmits/hosts an image that matches a fingerprint in this database.

Once the infrastructure is in place for them to compare hashes of child porn, it won't be too difficult for them to start comparing hashes of music, copies of dissident literature, photographs of dead soldiers in Iraq, anti-Scientology documentation, or anything else that someone with their hand in a Senator's pocket doesn't like.

To combat against this evil intrusion into our private Internet behavior, I now introduce 'broken glass'. It is a perl script that when given an image file, will change 1 pixel's red component by /- 1. It's not enough for the human eye to see, but it will make the MD5/SHA1 hash fingerprint of the image be completely different.

Then he pulled the code, fearing that he'll be accused of aiding and abetting child pornographers.

Source code pulled until I chat with a couple legal minds.

Its worth noting that the law doesn't require ISPs to screen traffic. It merely authorizes the sharing of child porn images for this purpose. Presumably there are ISPs lined up who want to do this but presently its illegal. Soghoian's perl script is a simple example of a myriad different things that can be done to data to make it invisible to this sort of screen. But Soghoian, having already had the FBI break into his house in the middle of the night for pointing out naked emperors, thought better of publishing the code.

Consider this in light of the recent Mooninite fiasco. What is deterred by the fact that the people who were hired to hang the signs are facing years in prison? Certainly not terrorism of any sort, or any kind of behavior that might reasonably be considered malicious, but a great deal is deterred. Are those things valuable? Of course. Are they worth the cost of not throwing the book at anything you mistake for an attack after it becomes clear that its not an attack? Of course. Do I expect authority to get that? No, I don't.

Neither Terrorism nor Child Porn need create these fissures in our society. It is our failure to avoid embracing fear and sensationalism that will be our undoing. We're still our own greatest threat.


 
RE: Thought Crime
by Acidus at 11:06 am EST, Feb 19, 2007

Declan reports that Senators McCain and Schumer have proposed the SAFE act, which would create a national database of child porn images - or I'm guessing, simply require that the FBI make their own database public. ISPs would be given access to this database, and would be required to screen traffic and alert the authorities of any user who transmits/hosts an image that matches a fingerprint in this database.

Once the infrastructure is in place for them to compare hashes of child porn, it won't be too difficult for them to start comparing hashes of music, copies of dissident literature, photographs of dead soldiers in Iraq, anti-Scientology documentation, or anything else that someone with their hand in a Senator's pocket doesn't like.

To combat against this evil intrusion into our private Internet behavior, I now introduce 'broken glass'. It is a perl script that when given an image file, will change 1 pixel's red component by /- 1. It's not enough for the human eye to see, but it will make the MD5/SHA1 hash fingerprint of the image be completely different.

This is an interesting idea. The counter attack to this would be break a file into many small pieces and hash each one. Then, for every image that comes across the wire, break it into pieces, hash them, and if a certain threshold of them match, its child porn.

Of course the counter-counter attack would be to randomly select some ratio of pixel locations based on the resolution of the image and toggle the red component on them.

I'm not trying to enable child porn. Those people should all be shot. However, its interesting to think about how data can be modified to survive a hostile network that is looking for certain traffic, and yet still be readable on the other side.

You can randomly toggle image pixels, what about plain text? Well, Spam has shown that the human brain can "correct" misspellings, repeated letters, or words in 1337 speak while reading. And then you have whitespace...


  
RE: Thought Crime
by k at 1:57 pm EST, Feb 19, 2007

Acidus wrote:
...
Of course the counter-counter attack would be to randomly select some ratio of pixel locations based on the resolution of the image and toggle the red component on them.
...

I don't mean to sound like an asshole, but it seems to me that spending time working through the logistics of circumventing a bad piece of legislation that hasn't even passed yet to be a little like putting the cart before the horse.

This is still a political concern and the solution seems like it ought to be likewise. E.g. write your senator and congressperson, raise awareness (i recognize this is happening to some degree organically, since i just found out about it, but nonetheless), etc.

Have we become so cynical about the likelihood of being listened to that we assume bullshit laws will be passed and jump straight to figuring out how to get around them?

Decius wrote:
...
Its worth noting that the law doesn't require ISPs to screen traffic. It merely authorizes the sharing of child porn images for this purpose. Presumably there are ISPs lined up who want to do this but presently its illegal.
...

Oh? I'm not saying you're wrong, but what motivation do ISP's have for this kind of self regulation? Are they presently liable in some way for child pornography that crosses their networks? Do they want to engage in PR to say that they throw child pornographers in jail?

I don't assume any business wants to do anything that would require a large investment with no clear return besides some social benefit (recognizing that business don't do things just because it's the "right" thing to do). This sounds rather more like setting the stage for privacy intrusion that the ISP's have little interest in, to me.


   
RE: Thought Crime
by Acidus at 2:04 pm EST, Feb 19, 2007

k wrote:

Acidus wrote:
...
Of course the counter-counter attack would be to randomly select some ratio of pixel locations based on the resolution of the image and toggle the red component on them.
...

I don't mean to sound like an asshole, but it seems to me that spending time working through the logistics of circumventing a bad piece of legislation that hasn't even passed yet to be a little like putting the cart before the horse.

This is still a political concern and the solution seems like it ought to be likewise. E.g. write your senator and congressperson, raise awareness (i recognize this is happening to some degree organically, since i just found out about it, but nonetheless), etc.

Have we become so cynical about the likelihood of being listened to that we assume bullshit laws will be passed and jump straight to figuring out how to get around them?

I'm not even thinking about the political side of all of this (and maybe I should). I just like to think about solving cool problems, such as how to detect these images if software that modifies pixels is used.


    
On Hash Functions
by noteworthy at 2:59 pm EST, Feb 19, 2007

Acidus wrote:

... Of course the counter-counter attack would be ...

I'm not even thinking about the political side of all of this (and maybe I should). I just like to think about solving cool problems, such as how to detect these images if software that modifies pixels is used.

Thus far the discussion has been about one-way hash functions designed primarily for cryptographic applications.

You're making it unnecessarily hard on the detector, who, after all, gets to design the detection system.

The more likely candidate would be a hash function designed for the purpose, such as a geometric hash: "Used in visual recognition for classifying parameter objects within an associative container such as a hash-table."

This class of functions has been defined in the DRM context; see: Efficient Near-duplicate Detection and Sub-image Retrieval


   
RE: Thought Crime
by Decius at 12:29 pm EST, Dec 7, 2007

k wrote:
I don't mean to sound like an asshole, but it seems to me that spending time working through the logistics of circumventing a bad piece of legislation that hasn't even passed yet to be a little like putting the cart before the horse.

This is still a political concern and the solution seems like it ought to be likewise. E.g. write your senator and congressperson, raise awareness (i recognize this is happening to some degree organically, since i just found out about it, but nonetheless), etc.

Have we become so cynical about the likelihood of being listened to that we assume bullshit laws will be passed and jump straight to figuring out how to get around them?

Apparently we ought to be. A version of this bill was rushed through the house Wednesday without following the usual processes. It presents a potentially unintended consequence that individual people who run wifi or other networks are now legally obligated to report child pornography. Because the definition of child pornography is so vauge you are better off reporting than not reporting if you see anything remotely suspicious.

Whats even more frustrating is that this bill seems to have apologists. George Ou says:

The bill in question... would enact huge fines for any... home users with open Access Points who fails to report child pornography users.

I must admit after reading that story I was pretty furious...

Then he turns around and says:

So as you can see, no one is going to be required to monitor their infrastructure.

You are right George. No one is required to monitor anything. However, if you have a wifi network at home and you have a bunch of friends over and you notice that one of them has hentai videos on their laptop, you could face hundreds of thousands of dollars in fines if you fail to report them to the police. Thats probably not what the people who crafted this bill intended, but thats the law they passed, because they aren't paying attention and they basically don't know what they are doing.

Child Pornography is a serious problem, but when Congress continually passes poorly crafted legislation with overbroad definitions and seeks to compell the entire country to enlist in a stazi like network they aren't taking the problem seriously. They are taking advantage of the problem to promote themselves, and they are doing violence to our Constitution in the process.


    
RE: Thought Crime
by k at 1:37 pm EST, Dec 7, 2007

Decius wrote:

k wrote:
Have we become so cynical about the likelihood of being listened to that we assume bullshit laws will be passed and jump straight to figuring out how to get around them?

Apparently we ought to be. A version of this bill was rushed through the house Wednesday without following the usual processes.

I guess you're right... we should be that cynical. I still think that if more tech minded people would bitch up a storm to their congresspeople rather than than bitching up a storm on the internet and then returning to a cave to hack some code, some progress might be made.

Nonetheless, it's fundamentally true that, by the nature of the system, elected officials, particularly in the House, are neither particularly progressive or particularly educated about science or technology. I'm only a half a shade away from sharing the view of some of my friends that the people in congress are flat out stupid. Nonetheless, I'm sure I'm more capable than a lot of them at all of the things that I think matter, which is to say, none of the things that *actually* get a person elected. Reason number 100000 why representative government is hard.

You are right George. No one is required to monitor anything. However, if you have a wifi network at home and you have a bunch of friends over and you notice that one of them has hentai videos on their laptop, you could face hundreds of thousands of dollars in fines if you fail to report them to the police. Thats probably not what the people who crafted this bill intended, but thats the law they passed, because they aren't paying attention and they basically don't know what they are doing.

Starting last point first, as stated above, totally agreed... they're out of their depth.

Moving on to the first part, I'm not so sure. Perhaps not the sponsors, but a lot of the supporters almost certainly understood and support that specific outcome. Narcing on your friends is encouraged by a large subset of America these days (especially if they aren't held to the same standard, one must assume).

As to the way the bill was brought, I agree it was fast tracked in a disturbing way, but per the article : "the Democratic leadership rushed the SAFE Act to the floor under a procedure that's supposed to be reserved for noncontroversial legislation." I'm not sure if they're using some kind of official Congress-defined usage of "noncontroversial" or not, but if I may apply, post facto, the results of the vote (that'd be only 2 Nays), it would appear to at least meet the dictionary definition of the term, provided you accept that our representatives do actually represent our voices. I don't, of course, believe that for a second, and it's one of my biggest concerns with our form of government. Nonetheless, I'm vaguely curious if there's really more reason for me to be upset at the "rushed" aspect of this specifically (as opposed to a general distaste for the obscurity of governmental processes). If the sponsors knew in advance (as they likely did) that they were going to get 99% of the vote, why wouldn't they rush it through?

The fact that it's shitty legislation wouldn't have entered their mind, because they don't know it's shitty. This merely argues in favor of more open processes and more direct involvement in our democracy, i think.


     
RE: Thought Crime
by Decius at 2:03 pm EST, Dec 7, 2007

k wrote:
I still think that if more tech minded people would bitch up a storm to their congresspeople rather than than bitching up a storm on the internet and then returning to a cave to hack some code, some progress might be made.

Advice to congress is either useful because it helps them understand the issue or useful because it represents political power or useful because it represents money. In this case there aren't enough people who run wifi access points and are going to vote based on this legislation to represent polticial power and these people don't have lots of money to donate to candidates. So only the first point is relevent and with the EFF and other organizations I think the public internet user is pretty well represented there. So, basically, I don't think lack of action is the problem.

I think the problem here is structural.

The news media makes money by praying on people's fears.
Politicians get elected by pandering to those fears.
Politicians like to pander to fears in cost free ways.

In this case there really isn't much else that Congress can easily do to help fight child pornography. They could raise taxes and fund more law enforcement, but thats not easy. This policy change is easy because it doesn't cost them much money and it throws a bone to the child porn fighters. So Congress proceeds in spite of the fact that there are some legitimate objections. Those objections stand in the way of the interests of Congress, and so they are ignored.

The real problem is that this same issue keeps coming up over and over again, and Congress keeps selecting these cost free solutions, and keeps ignoring the objections. Overtime a body of bad policy accumulates to the point where you're fining a coffee shop owner $300,000 for failing to report the otaku kids to the center for missing and exploited children. You have to pull together a bunch of bad law to get there.

The same thing is going on with copyright. It is astounding to me that the exact same politicians are still ratcheting up penalties year after year. Its become completely insane. But they are still at it, because bit by bit the IP industries get what they want, and they pay for it.

I'm not sure what its going to take to break these cycles. I thought the internet might help... might help people focus on other things than the fear the mass media constantly seeks to breed... I'm not sure anymore...

As to the way the bill was brought, I agree it was fast tracked in a disturbing way, but per the article : "the Democratic leadership rushed the SAFE Act to the floor under a procedure that's supposed to be reserved for noncontroversial legislation." I'm not sure if they're using some kind of official Congress-defined usage of "noncontroversial" or not, but if I may apply, post facto, the results of the vote (that'd be only 2 Nays), it would appear to at least meet the dictionary definition of the term, provided you accept that our representatives do actually represent our voices.

I think he means non-controversial among policy wonks rather than non-controversial among politicians. He is arguing that the political vote occured before the wonks had time to reach concensus about the details. Oh well, I guess there is always the conference committee...


      
RE: Thought Crime
by k at 5:18 pm EST, Dec 7, 2007

Decius wrote:
I think the problem here is structural.

Well, yeah, as I tried to note, I basically agree. Congress doesn't work as well as I'd like it to, and I'm somewhat surprised that it even works as well as it does given how much a) stupidity, b) corruption and c) self-interest is involved.

The real problem is that this same issue keeps coming up over and over again, and Congress keeps selecting these cost free solutions, and keeps ignoring the objections.

True... it's election season and it's time to be "Protecting the children" or "Working for freedom" or whatever, so we get silly nonsense bills designed more to make voters feel a warm fuzzy than actually accomplish anything. And I agree that IP has been following the same trend (albeit for money rather than votes... not that they're not linked)... the PRO-IP bill I memed is a fat load of shite for that reason.

I'm not sure what its going to take to break these cycles. I thought the internet might help... might help people focus on other things than the fear the mass media constantly seeks to breed... I'm not sure anymore...

I'm not either... the futurist/technophile in me wants to believe in direct democracy, that we're approaching the technological capability to make that possible for everyone, and reasonable. Whether it's possible in fact, well, that's complicated, of course. For one thing, the effects of money would be at least as relevant, since votes would become even more about marketing. But I can't shake the fact that we're asked for too much compromise in selecting our voices, and that affecting that voice is only possible en masse (either a large quantity of humans or of dollars), and only sometimes even then. I'm not enough of a scholar governmental theory to assess all of it, or to conjure a lot of other alternatives and work through thought experiments, so it's not that productive maybe.

Still, I agree with you that the fundamental situation here is broken. Maybe this is a growing pain, or just a bad stretch, and things will equalize again. As I've argued, I think the media (specifically the emphasis on shareholder return on investment in media companies) is a large part of the problem, because it de-emphasizes hard truth over attention grabbing or entertaining "content".

Maybe the internet will help eventually. It's still young too. For all the bullshit, it's a pretty exciting time to be considering possibilities.

-k


 
RE: Thought Crime
by Hijexx at 12:53 am EST, Feb 20, 2007

Decius wrote:

Its worth noting that the law doesn't require ISPs to screen traffic. It merely authorizes the sharing of child porn images for this purpose. Presumably there are ISPs lined up who want to do this but presently its illegal. Soghoian's perl script is a simple example of a myriad different things that can be done to data to make it invisible to this sort of screen. But Soghoian, having already had the FBI break into his house in the middle of the night for pointing out naked emperors, thought better of publishing the code.

If, by some fluke, such a system as this is implemented, they should at least force ISPs to disclose whether they use the service. Would make ISP shopping easier.

I don't see the system as particularly effective in doing what it sets out to do. It may have a chilling effect on the casual runner, but someone dedicated will just circumvent and take further precautions.

What it puts in place is, as noted in the discussion, a technical means to enforce flagging the passage of any "interesting" combination of bits. Definately seems like there would be potential to cast the net wider than the original intention, unless specific language is put into the legislation that prohibits the use of the system for anything except catching child porn. Stipulations would need to be put in that in the event it is abused to catch copyright violators (or someone circulating subersive lit for example) that the evidence cannot be admissable in a court.

Also don't see how the system would scale. How will it handle video? Thing about the IDS signature problem times n.


 
RE: Thought Crime
by dc0de at 9:14 pm EST, Dec 7, 2007

Decius wrote:
Neither Terrorism nor Child Porn need create these fissures in our society. It is our failure to avoid embracing fear and sensationalism that will be our undoing. We're still our own greatest threat.

BUT BUT Everything that is wrong with America is because of Terrorism and Child Pornography! Come on!!!

If we rid the world of these two evils, then the drug problem will be solved, all crime will end, and peace snd freedom will reign for a million-trillion years!


 
RE: Thought Crime
by skullaria at 1:30 pm EST, Dec 8, 2007

Decius wrote:
Neither Terrorism nor Child Porn need create these fissures in our society. It is our failure to avoid embracing fear and sensationalism that will be our undoing. We're still our own greatest threat.

BUT BUT Everything that is wrong with America is because of Terrorism and Child Pornography! Come on!!!

If we rid the world of these two evils, then the drug problem will be solved, all crime will end, and peace snd freedom will reign for a million-trillion years!

Amen bro!
Here is something to rally around as the world goes to hell in a handbasket.


 
 
Powered By Industrial Memetics