How does Verizon discover child pornography in its own cloud?


ByCoolbite 1 / Erickson Ocampo

The cloud storage service can store backups of personal data, etc. Even if your computer crashes, you can continue working without losing the data you used by accessing the cloud from a different computer Although it is a very convenient service, all data such as images and movies we uploaded are inspected to prevent uploading illegal files. Among them, it is especially toughChild pornis about.

Updated: How Verizon found child pornography in its cloud | Ars Technica

In Congress in the United States "Child Protection Act 2008Since it was enacted, Internet provider companies registered with NCMEC (a center for missing and persecuted children) institution called Cyber ​​Tipline, and upon discovering that the user accessed or uploaded child pornographic data, We were obligated to report. As a result, there were 11,3009 reports on child pornography on the Internet in late 2012.

For example, in Baltimore, Maryland, the Catholic ChurchdeaconA 67 - year - old man was uploading child pornographic images and videos to his own cloud storage. At this time, Verizon discovered the image by the technology which automatically detects the victim child contained in the file.

ByThomasheylen

Verizon's Linda Laughlin spokesperson said, "We are doing image checks in compliance with the law," we have declined to explain how we detected, but generated by NCMEC I was using a database that stores the data of the children reflected in child pornography that has already been circulated.

This database is based on the joint management of NCMEC and Judicial Ministry's child labor exploitation and obscene conduct divisionNational Sacrifice Child Identification Program"Some of them are" the worst image in the worst case ", that is, what is the source of the image currently being circulated, what has already been circulated extensively, providers The image of 16,000 images provided from you is saved. There are things by the provider as databases which do not duplicate images with this nationwide victim automatic identification program, and as of 2011, more than 17.3 million files are stored.

ByThomas Hawk

The one used as a hash is that the first oneMD5. The other is called "Photo DNA".

PhotoDNA is a technology developed by Microsoft's research department in collaboration with Dartmouth University that allows you to generate hashes from biometric information in images and movies. Using PhotoDNA, theoretically illegal images are resizedtrimmingEven if it was done it is possible to distinguish.

According to Ms. Sinan, only providers who have signed contracts specified by NCMEC are providers offering these hashes, only 12 companies. When using MD5 or PhotoDNA, only two companies are open to the public in general, Microsoft and Facebook.

Verizon does not offer cloud service on its own, and Laughlin, a spokesperson, commented that it is impossible to speak from a security point of view which vendor has provided cloud services to Verizon and is scanning the uploaded data. However, Verizon's terms of service are in Bloomfield, ColoradoDigi-DataAs it states that Verizon is offering Verizon's online backup and sharing service, Digi-Data will report to Verizon's security team files that may be illegal and Verizon will pass the details to NCMEC It seems to be in flow.

ByMarsmet 481

In the case of Baltimore mentioned above, when a man uploads a file saved on his PC to the cloud, the file is transferred to the data center via the Verizon network, but at this moment it is said that "illegal child pornography It is detected that there is ". As a result, Verizon contacted NCMEC and a report to the Baltimore police was held. The man has been arrested for possession of child pornography.

ByIwishmynamewasmarsha

Verizon's Terms of Service include Verizon's right to access the user's account without prior notice and have the right to terminate the account, deleted the content deemed illegal, It is stated that it is obliged to notify the information judged that there is a possibility of violating the report or the child protection law, and that you have the right to report any and all information such as user ID to the judiciary.

Naturally, checking uploaded files is not limited to Verizon, but "DropboxEven if you do not allow "to share illegal pornographic materials" in the terms of use, if you try to violate, you can delete accounts or do it further, and from the uploaded / downloaded file " It is clearly stated that there is a possibility of collecting ".

ByRyan Mahoney

Announced that Photo DNA was introduced even at FC2 blog, And from now on it may be that deletion and reporting of child pornography progresses in Japan.

in Web Service, Posted by darkhorse_log