Computer Hash

sabadabadasabadabada 5,966 Posts
edited May 2009 in Strut Central
http://arstechnica.com/security/news/200...ment-search.arsThis is some really interesting stuff. Albeit, a little off topic from our usual fare, but most people here are into computers and privacy issues and the like. My understanding is that where an individual uses a bit torrent or similar connection, the search can take place, unknown to the user, through that connection.Here is another short article on the subject.http://www.harvardlawreview.org/forum/issues/119/dec05/salgado.pdfKVH, thoughts, Any engineers in the house?

  Comments

  • GrandfatherGrandfather 2,303 Posts
    i never knew the forensic programs did that, its pretty brilliant in the sense it makes finding illegal stuff easier, especially if they can search for known hash values of illegal shit.

    the harvard article is way too long to read right now but the ARS article doesn't mention anything about bit torrents, what are you referring to dude?
  • GrandfatherGrandfather 2,303 Posts
    Also, not that I support CP or the like in any kind of way, but I fail to believe that the kind of idiots searching and downloading that kind of horrid shit off the internet wouldn't look into some kind of encryption software or something.
  • twoplytwoply Only Built 4 Manzanita Links 2,914 Posts
    I think the drug-sniffing dog analogy has its merits, but ultimately it's just an analogy, and an imperfect one at that. The dog is not able to directly identify individual items and label them pertinent or non-pertinent. The potential for abuse with the dog seems extremely low, as it simply does what it is trained to do and nothing more. The potential for abuse with analyzing hash values seems much higher. It's hard to argue against exposing those who possess child pornography (which is precisely why that example is being used in the argument against hash analysis being considered a form of "search"), but if a legal precedent is set to allow law enforcement or other agencies to search hard drives at will, how long will it be before the practice is used to identify suspected "terrorist" activity. I know I'm teetering on the brink of a slippery slope fallacy, but without any clearly defined set of rules regarding what files constitute probable cause, agencies could go after anyone with files that might be considered subversive, which can be a very subjective label.
  • keithvanhornkeithvanhorn 3,855 Posts
    http://arstechnica.com/security/news/200...ment-search.ars

    This is some really interesting stuff. Albeit, a little off topic from our usual fare, but most people here are into computers and privacy issues and the like. My understanding is that where an individual uses a bit torrent or similar connection, the search can take place, unknown to the user, through that connection.

    Here is another short article on the subject.

    http://www.harvardlawreview.org/forum/issues/119/dec05/salgado.pdf

    KVH, thoughts,
    Any engineers in the house?

    i'm for a broader view of the 4th amendment than already exists, so i definitely support the district court's holding. a person's expectation of privacy, as defined by the courts, should be logical and fair. without a warrant, i don't buy into the idea that there's no expectation of privacy for someone's private files on a personal computer.

    if this were a work computer it would be a no-brainer, but were talking about a comp in a dude's house, that was only seen after a neighbor basically stole it off of his yard. i disagree with the author of the article about the precedential value of an appeal to the 3rd circuit. the circuit court can easily sidestep the "hash issue" by finding that the analogy of these facts to the "found briefcase" situation is misplaced. while i disagree that someone should lose their expectation of privacy in the briefcase situation, going through someone's personal files is far different than simply opening a briefcase.

    anyone else feel more annoyed at the snooping neighbor than the child-porn loving defendant?
  • DORDOR Two Ron Toe 9,903 Posts
    Here's another interesting warrantless search discussion.


    http://www.wired.com/threatlevel/2009/05/fcc-raid/
  • sabadabadasabadabada 5,966 Posts
    I think the drug-sniffing dog analogy has its merits, but ultimately it's just an analogy, and an imperfect one at that. The dog is not able to directly identify individual items and label them pertinent or non-pertinent. The potential for abuse with the dog seems extremely low, as it simply does what it is trained to do and nothing more. The potential for abuse with analyzing hash values seems much higher. It's hard to argue against exposing those who possess child pornography (which is precisely why that example is being used in the argument against hash analysis being considered a form of "search"), but if a legal precedent is set to allow law enforcement or other agencies to search hard drives at will, how long will it be before the practice is used to identify suspected "terrorist" activity. I know I'm teetering on the brink of a slippery slope fallacy, but without any clearly defined set of rules regarding what files constitute probable cause, agencies could go after anyone with files that might be considered subversive, which can be a very subjective label.


    Outside the CP context, the more practical application is searching for pirated software or even movies and music in trademark actions. Regardless of what you name the file (say trying to hide it by changing the name or say changing .jpg to .doc) the hash program is not fooled. It looks beyond the metadata.

    I think the dog sniffing analogy is closer than you. The dog is trained to indicate the presence of a known substance, just the way the hash program is limited to only electronic material known to be illicit.

    KVH I think the facts of the PA case muddy the issue enough to leave the central issue undecided at this point.

    The bit torrent aspect is discussed in this article. Its long, but you can isolate the technical discussion of hash from the main theme of the article, using hash as a substitute for document identification.

    http://ralphlosey.files.wordpress.com/2007/09/hasharticlelosey.pdf
  • twoplytwoply Only Built 4 Manzanita Links 2,914 Posts


    I think the dog sniffing analogy is closer than you. The dog is trained to indicate the presence of a known substance, just the way the hash program is limited to only electronic material known to be illicit.


    So any use other than for known illicit materials will be inadmissible?
  • DORDOR Two Ron Toe 9,903 Posts
    I think the drug-sniffing dog analogy has its merits, but ultimately it's just an analogy, and an imperfect one at that. The dog is not able to directly identify individual items and label them pertinent or non-pertinent. The potential for abuse with the dog seems extremely low, as it simply does what it is trained to do and nothing more. The potential for abuse with analyzing hash values seems much higher. It's hard to argue against exposing those who possess child pornography (which is precisely why that example is being used in the argument against hash analysis being considered a form of "search"), but if a legal precedent is set to allow law enforcement or other agencies to search hard drives at will, how long will it be before the practice is used to identify suspected "terrorist" activity. I know I'm teetering on the brink of a slippery slope fallacy, but without any clearly defined set of rules regarding what files constitute probable cause, agencies could go after anyone with files that might be considered subversive, which can be a very subjective label.


    Outside the CP context, the more practical application is searching for pirated software or even movies and music in trademark actions. Regardless of what you name the file (say trying to hide it by changing the name or say changing .jpg to .doc) the hash program is not fooled. It looks beyond the metadata.

    I think the dog sniffing analogy is closer than you. The dog is trained to indicate the presence of a known substance, just the way the hash program is limited to only electronic material known to be illicit.

    KVH I think the facts of the PA case muddy the issue enough to leave the central issue undecided at this point.

    The bit torrent aspect is discussed in this article. Its long, but you can isolate the technical discussion of hash from the main theme of the article, using hash as a substitute for document identification.

    http://ralphlosey.files.wordpress.com/2007/09/hasharticlelosey.pdf



    On the topic of a digital file, it could be rendered useless by taking 2 seconds to encrypt the file or folder. That's where everyone is headed... Be it these sick child pron people or people trading music & movies online. So, this idea the hash can't be somehow fooled is moot.


    Does the law not take into account in any way that the laptop was sitting on the lawn where anyone had access? Or that his landlord had access to his premises at anytime (Which I thought it was illegal for a landlord to gain access to a renters place without an eviction notice?) and could have placed the illegal material onto his laptop in vengeance for not paying his rent?

    I mean, shit... When I jump onto a network, you wouldn't believe the access one can have to someone's computer when they are on the same network.

    In any case, if the guy was trading child porn I hope he makes "friends" in jail.
  • SaracenusSaracenus 671 Posts
    Also, not that I support CP or the like in any kind of way, but I fail to believe that the kind of idiots searching and downloading that kind of horrid shit off the internet wouldn't look into some kind of encryption software or something.

    I can completely believe people will do stupid stuff on a computer thinking they are safe. I mean think about it, how many clowns show up on To Catch A Predator? Those guys aren't exactly a brain trust.

    Having worked in tech I can't tell you how many times people would call me up and ask how to delete histories, cookies, temp files, etc. And this is on work machines. One good packet sniffer and you are done. Hell, unless you take a hammer to the drive, there really isn't any way to stop someone with the right tools from recovering stuff from your hard drive.

    Email? In a business environment the IT departments are required to keep a record of every single email coming or going on the network for legal reasons. Yet I know people that would send Pr0n to each other on their work accounts. Idiots.

    As for home, even if mask your IP and are super careful where you download from, a virus or malware could hit your system and suddenly all your dirty laundry is now public.

    I know of people that had their email forwarded to all the people on their mailing lists, you know the ones with the image attachments. Yeah, you know you want to explain to Grandma why she got sent pictures of horse Pr0n from your email address.

    Basically I operate under the assumption that if I am out on the net, what I am doing could become public. There are ways to make it very unlikely but if you don't want it to get out... don't do it on the web.
Sign In or Register to comment.