Netbooks are the way to go, apparently...
Thank goodness my Netbook doesn't have a CD drive - oh - wait - this is going to drive Netbook sales through the roof :)
Technology that claims to pick up traces of illicit images on PCs has attracted the interest of Australian cops. The software, developed in an Australian University, might eventually be used to screen PCs for pr0n during border inspections. Compared to breath test tools used by the police in a different context, the software …
When it mounts my ext3 filesystem which is over the mount count limit will it automatically run the e2fsck on it? If so, then could that not potentially modify my file system?
What about my encrypted partition? I mean all sensitive laptops should be using encryption for data anyway these days, we all know enough systems have been left on the bus/train etc. so this is the minimum a responsible user/admin would implement.
OK, while this may catch the very lowest common denominator of users, the seriously evil guys will still come out looking squeaky clean.
Utterly disgusting that authorities across the world feel the need to pry into our lives without any kind of reasonable suspicion first. I wonder if this software will be able to magically work out the difference between legal porn / child porn and of course digital copies of works of art (some of which today would be considered illegal by most)
Ahh yes but of course its the typical scenario of an IT provider decided to stick their snout into a gov's trough by lying and overstating how good and powerful their solutions are and damn all of us little people.
A stop&search culture for laptops / computing devices eh? can we all say 'over-reaction' or 'excessive powers' ?? Can we? I bloody well hope so!
/one ticket off this world, any passing craft will do. Species & destination irrelevant. Available to leave immediately
I had an experience in Ottawa airport (from NYC) where they asked to look at my laptop. I worked for a major security company and they recognised who we were. My stinkpad blue screened (too much pr0n?) and my colleague duly got his machine out and showed them the content we were delivering to the major telco partner there. I went through immigration, he was pulled to one side and they flipped through every photo on his laptop. I'm all for a paedophile cull, but allowing border control to "scan" the machine is too intrusive. What else can it "scan" for - the conspiracy theorist may also ask what it leaves behind on the machine... But as I'm not one, I'll leave it to someone else... :)
"The software runs off a Linux-bootable CD that can be put into the CD-ROM drive of a PC to load up a separate environment without affecting anything already on the PC. Copies of potentially interesting evidence are written to a DVD- writer attched to a computer."
So how are they going to use this on a netbook with no optical drive and its ports locked down eh ?
Another manifestation of the "epic fail by puritardism" syndrome ...
But I have set a BIOS password. I've disabled booting from the optical drive. I use an encrypted file system. As a rule, I don't keep confidential client data on my laptop - I connect to a VM on my server via a VPN using VNC - but it does happen occaisonally, for a short time.
What is Mr. Plod going to do with me? Oh, and my non-disclosure agreements?
Next time I go to Oz, I think I'll take a solictor with me.
2 things:
1 - Why Universal involved? Warner Bros owns the rights to Lets Go Crazy not Universal
2 - That little carpet rat isnt fit to dance to Prince (read the reviews from his shows in London this year) so why do i want to see that sort of dribble on Youtube
Can I sue her for making me think I was going to watch Prince dancing to Lets Go Crazy?
My laptop doesn't have a CDROM. The new laptop I recently ordered doesn't either. Does this mean that it's okay for me to have child pron on it down under? I have my BIOS set not to boot off USB, so they'd have to change a setting in order to boot off a USB CDROM. Once they've changed something, can they still prove that they didn't put the files there?
I foresee a rise in the use of 'plausible deniability' encryption software for any sales guys who take their collection with them for use in hotels around the world. Especially if this task is being delegated to front line guys with click&point interfaces - they're not going to know their breasts from their elbows.
Paris, because they'll have seen all her pics more often than they catch drugs.
This post has been deleted by its author
so say for example you have a laptop without a cd/dvd drive? or one thats set not to boot from it?
obviously if its a setting they can just be a typical pain, but if the machine hasn't got one (macbook air?) what then? do they outlaw them?
since then only outlaws will have macbook airs.
or will it be viewed like having encryption software as a sign of guilt int he eyes of the law?
If I fly and they use this at the border ... and I use bitlocker will I automatically be a suspect? I guess I will need to remember the heinous bitlocker key to provide to border control - this will make flying even more interesting – queues of geezers trying to remember their encryption keys.
If the wrongdoer has a non standard OS installed that is not made by apple or microsoft or of the many linux flavors.
These rare operating systems are rare and are so new or support dropped or just abandoned I doubt if a bootable CD could read anything off of the hard drive.
Even so they could also boot from a CD/DVD and use it as the main OS leaving the hard drive spotless and minty clean. So this bootable CD faire will only catch the lowly educated or stupid.
Given that I've never been able to boot from CD on any of my laptops, it appears I will be able to traffic filth down under with impunity. Another triumph for the IT pork barrel. If they add in a feature which searches text files for the word "bomb" they'll make millions out of us and the Yanks.
Lemme see... a dumb tool given to untrained coppers... what could go wrong?
Methink this tool is never going to catch any crim, because they probably encrypt their nasty KP snuff terrist vids. On the other hand, any punter with a few pics of their kids might be suspect. And dog knows what is going to happen when the untrained pigs will see the red light flashing...
Plausible deniability: "This is a corporate laptop with full-drive encryption set up by the IT department. I have not been told the pass code nor am I authorized to receive such a code until I am in my final destination." Not even a court order can force someone to divulge something one *never knew*.
On the surface, with the negative and fear here, it sounds like people expect this would "catch you".
I say go for it - I loathe kiddie-pron, and as a father of 2 daughters, would fully support all attempts to curb abuse of kids.
The program is a simple concept, and I feel a good balance. It creates a hash of each file, and compares that to a hash of *KNOWN* kiddie-pron pictures. No match, clean PC. No human looks at any files. If the file matches, it snapshots the area for a court order.
I, for one, would like to see a way for regular folks to run these programs - I do NOT want any kiddie stuff, but could imagine that with past years of copying files from people, there is a chance any of us *ACCIDENTALLY* have one or more. Give us a chance to say "delete all illegal stuff, please".
What happens when the software scans your machine and finds all the pictures of your small son or daughter playing semi-naked in the garden paddling pool - does it immediately raise the alarm and your entire personal photo album gets perused by a bunch of sweaty border control officials?
Do you then have to prove your innocence, that you are infact the mother/father of the depicted children (which could be hard if you're 1000s of miles away from home) at which point you get hauled off to a dark cell somewhere and strip searched...
For use in child porn checks it probably will - for the most part, paedos tend to be lazy and like everything to be easily at hand. I mean, seriously, some of them have rows of labelled CD's next to the PC (seriously - I unfortunately know).
For the rest of us, privacy is a ten minute job.
But it won't catch the IT savvy, just poor old Joes who know nothing about computers. Yep it's one of those stories.
I find the empasis on border controls to be somewhat laughable. If you want to get some hard porn into the country why not use that little thing we have called the internet. Surely nobody would be so silly as to carry a laptop loaded with illegal porn through customs? And since they've advertised this technology won't the idiots who do want to do so just start using mules like drug traffickers do?
Buy a laptop that has two HDDs, unscrew cover - remove the connection to one, install fresh OS on other - at customs sure officer, feel free to run scanner on laptop.
Get to where going and unscrew cover and plug in other disk and run from that disk
PH - well if she wants to search/be searched :)
if this is admissible as evidence then the police can lock up anyone they feel like.
Plod who knows nothing about computers attaches external device to a turned off pc and puts in a CD he has to hand....then claims that the files on the external device were from your computer and existed there before he tampered with it. I'm asusming that they'll just keep using the same bootable CD until it fails and of course you'd hope they use a sealed certified clean DVD in the external drive, not just pick one up from a pile.
Given someone wants to license this I'd have to assume it's copyrighted/patented or whatever code and not open source, which makes me wonder how you'd challenge it in court.
If it's simple to use it doesn't mean you don't still need good procedural methods for using it to meet the criteria for admissible evidence and dumb people are the flaw in the procedure.
So Johnny Peado-terrorist has a USB Flash drive, He has Truecrypt on his laptop, Given this program is "just" looking for images, and they aren't going to take a look at your flash drives then all he has to do is go through border control insert flash drive, apply his encryption key. It doesn't matter if they want to have a look at the Flash drive either, because this program won't find anything of suspicion on there either.
When will people learn.
I don't understand how it would read a HFS+ formatted hardrive on a Mac OS based machine. Apple's file system's proprietary and they do not licence it to third parties.
So, anything that uses it other than a mac, is effectively going to be breaching Apple intellectual property rights.
> On the surface, with the negative and fear here, it sounds like people expect this would "catch you".
Have you ever heard the words "False Positive"...?
More to the point, have you ever heard the words "Presumed innocent unless proven guilty"?
> I say go for it - I loathe kiddie-pron, and as a father of 2 daughters, would fully support all attempts to curb abuse of kids.
I doubt there is anyone posting on here who approves of child pornography, however might I remind you that the person most likely to abuse your two daughters is *YOU*!
Obviously, then, the best way to give your daughters protection against abuse is to remove them from your house since you cannot be trusted not to abuse them.
I'm sure you'd support this attempt to curb the abuse of kids...
Our company has all machines set to not boot from CD. The BIOS is password protected and employees (other than IT Security) do not know the password. When the machine is running the employees also only have access to their own user space. USB is also disabled. Would these employees through their inability to co-operate with Border Security automatically be labelled as terrorists and given the full once over?
To the person who instigated this lame project,
I hope you are reading this. Kudos on your intentions - stamping out child pr0n and abuse etc... These are all very noble. But you fail at thinking it thru'.
This is stupid, for the myriad reasons mentioned.
1. IMPLEMENTATION
Netbooks with no optical drives (do you think even if usb optical drives were supplied the overworked people at customs could figure out how to boot the machine or mount it in a reasonably decent practical timeframe).
machines with non-standard OS's - as above. Who's to say that linux live CD will work.
Encryption
Non x86 machines. as above. They do exist. I swear.
What happens if the scan process mucks up your hard drive?
These are all issues I believe that limit this invasive and potentially damaging (to your data) means of 'scanning'.
**** How slow do you expect queues at customs to go?
**** How much grief will it cause the average innocent Joe Q Public travelling with a laptop?
This is just it, dear sir, I hope you are reading this, I don't think you bloody well understand the situation.
Plus it really will not catch the people really smuggling stuff like that as I would expect they would not carry it on their hard drives in the first place.
2. PRIVACY
Your noble intentions are muddied by invasion into privacy of the individual
Where does one draw the line?
You travel, you get everything potentially private at risk of being copied by the customs. Journals, corporate data, personal information. Identity theft anyone?
The implications are staggering.
Slippery slope argument as this is, one could argue along the lines of the philosophy your approach entails, scanning HEADS (consciousnesses, souls whatever) were it technically feasible or possible, would not be beneath you.
So I suggest, dear sir, dear brilliant innovator, you go examine your own @#@$ head before you come up with some lame-brained scheme like this.
Do not con the unwitting powers-that-be ie Customs that this is a SOLUTION for all the above reasons.
Make no mistake.
This is a PROBLEM.
Border controls trump privacy (at least in the US). There is nothing preventing me from having a freely downloadable Nova documentary that is in fact a truecrypt partition containing a gig or so of anything I want.
However, most pedo's don't think they will be caught, and don't hide the stuff very well.
Errr. Guess again Mr Anonymous Mac Fanboi. Since 2.6.18 it's been in the kernel officially.
And stop talking crap about property rights. Did anyone go and steal the Apple implementation of the HFS+ support? No. They reverse engineered it, which is perfectly legal when done for compatibility reasons in most sane countries.
As for the article topic: What a load of bullcrap. Shady characters will encrypt their files, and regular people will be forced to wait while it scans. And what do they plan to do when they hit a device that can't be booted from external media? Network boot version?
> What about the micro SD card stuck up my ass !
You were lucky. All we had were Bernoulli cartridges.
And to all the encrytion freaks, WTF are you all on. If something is illegal in a country then they have the right to search for it, on entry to that country or while you are there. Or are you all seriously saying that customs officers can't search for cocaine or other hard drugs if it's stuck up your butt , hidden between the gaps of corrugated cardboard or impregnated into the pages of your copy of the geeks guide to bomb making all of which could be considered analgous to encryption.
And to the particular clever sods who say what are they going to do about my blah, blah, blah uber-protected laptop, I suspect they will give both you and your laptop a rather deeper and much more uncomfortable probing that the rest.
Get a life and stop whingeing.
Well, if I do not encrypt my laptop hardrive, or hand it over to a 3rd party I am liable to be prosecuted and fined under Irish Data Protection legislation. On top of that, my clients could sue me for failing to comply with non-disclosure agreements.
I can see this being a HUGE problem for business travellers to Australia.
Also, why do they think that laptops are suddenly an issue? Isn't this just some kind of extreme paranoia ? I mean, someone could have horrendous images of child porn on a USB key on their key ring, on their iPod, on a flash card, on a camera, a mobile or virtually any other electronic device none of which can boot a Linux CD.
So, basically all they're going to do is annoying the hell out of the 99.999999% of passengers who happen to be using their laptop for legitimate normal purposes i.e. business, checking emails, uploading photos of their holiday in Australia.
It's complete madness and will have zero impact on the problem they're supposedly trying to address. It's a waste of tax payers money too.
The most likely place to find porn is in the web browsers cache directory. Pretty easy to clean if you plan on crossing any borders. The other place is whereever you maually stash your porn, which ofcourse might not even be on your laptop.
I think the main purpose of this is to frighten the ordinary person. the police will believe they have a tool that can find any porn so empowering them. The traveler will try not to get searched because the chances are someone looked at some porn websites on the laptop at some stage. If the police do find some porn then they can harrass the traveller further.
This all creates a climate of fear, allowing anyone with a bit of authority to lord it over those who feel they might be guilty of something.
Encrypting your hard drive will make you look guilty. What will you say if they insist you have to open it? You really recon you will say 'no' when the alternative is you don't travel and your company has just wasted their time and money sending you on the trip?
This will probably work in most cases because a) most people don't password protect their bios and tend to leave everything bootable, b) most people don't clear their internet cache, and c) virtually nobody encrypts anything.
Just think, how many people do you know who would have the first clue of how to hide something on their computer?
Paris, because she probably thinks encryption is something she heard in Ibiza.
...all they need is to shove their pr0n on a large-capacity SD card (in a separate folder) then put the card into their camera. Switch the camera on, it will only show the pics in the normal DCIM folder. Sorted!
Or maybe they will just put it onto the latest USB-Memory-Stick-hidden-in-a-pen and pop that into their jacket pocket, right iunder the nose of the non-techie who is busy scanning their empty laptop!
Blimey these are incredibly simple yet will foil this scheme. What will the really clever ones do I wonder? Maybe they will burn it to DVD, stick a convincing label on it and hide it among some music CDs. Hey maybe Aussie Customs are reading this and getting free ideas for their next crackpot scheme......
Any serious data smuggler is going to use one of the new ultra-small formats. All the good this law can do is catch idiots.
But as others have mentioned, the negatives are massive. Proliferation of private data is no laughing matter and it appears that governments (especially ours) have been making a game of finding new places to leave people's details in huge numbers.
Add to this that governments (notably the US) have been complicit in corporate espionage in the past and you get a very uncomfortable picture.
It also does nothing to stem the flow of data into a country where people have access to the internet, from which they can, securely and easily, connect back to their pr0n server at home and transfer all the illegal filth they want.
This is yet another form of Security Theatre and ministers wanting more to put on their political CV.
"Look at me! I put anti-paedo measures in place! If you don't vote for me then what does that make you?"
IIRC, with it being based on Linux, they will need to provide the source code or they are breaking the license.
Awaiting the source code here.
Also, as for hiding any files, just use truecrypt, problem solved.
Also, people could just disable boot from CD and password the BIOS, that will prevent grunts from booting it from CD.
This software is a total waste of time as there are far too many variables to circumvent the software. such as encryption or just ship the had drive and have they never heared of online storage?
from what i know many are caught from police investigatiions of chat/social sites or as with gary glitter, who was caught from a pc health check in a store, just stupidty.
Perhaps if they spent more money in child welfare instead of projects like this they may just get somewhere.
As Graham Marsden already said, based on real evidence rather than media hype, the person most likely to abuse a female child is her father, closely followed by other close family members.
Elsewhere on El Reg there's someone seemingly from a school IT dept singing the praises of CEOPS. That's handy, because two of the other high risk categories are school staff and their pupils, and church people (vicars etc) and their choirs/congregations.
So let's close the Internet and all the schools and all the churches too until they've all proven that they're safe.
It seems that the Australian authorities are not disimilar to tabloid journalists.
All these "please, somebody think of the children stories" about our antipodean friends have something in common. We all know that pdf files^H^H^H^H^H^H^H^H^H paedophiles use the interenet to communicate and distribute material. As do many other criminal groups. The Aussie authorities seem to think that if they can stop this happening then they will stop paedophilia.
Errrr, no. By that reasoning, since we know that paedophiles use credit cards to pay for their jpegs and mpegs, wouldn't outlawing credit cards put an end to paedophilia?
Alright, so it's not just the Aussies, most politicians and civil servants the world over seem to think that the application of ridiculous blanket IT solutions can put an end to all crimes.
They need to be reminded that not much over a century ago many thought that fingerprinting would put an end to all crime. Yep, that worked, didn't it?