TrustyFiles - Bogus child pornography reporting
CROWD: A witch! A witch! A witch! We've got a witch! A witch!
VILLAGER #1: We have found a witch, might we burn her?
CROWD: Burn her! Burn!
BEDEVERE: How do you know she is a witch?
VILLAGER #2: She looks like one!
Fans of Monty Python will remember this exchange from the Quest for the Holy Grail movie and it's parody of the "burning times". Accusations of witchcraft were levelled against people with warts, long hair, strange clothes or a penchant for running around naked (among other things). This type of "evidence" was responsible for countless "trials" and the subsequent torture and execution of those unlucky enough to suffer with witch-like symptoms, like sneezing too much. Ah, how times have changed! Or have they?
RazorPop, developers of P2P application TrustyFiles, recently announced the inclusion of a "Report Child Exploitation command" in the latest release of the program. "With the addition of the child pornography file report, RazorPop continues to lead the fight to protect our children," said Razor Pop CEO Marc Freedman in the press release.
Well intentioned indeed, so how can such a revolutionary feature be effective in the online fight against child pornography?
It can't.
If you accidentally download a file containing child pornography (a misnamed file for example) and on playing it you discover it contains content which is clearly or possibly an offence against children, you can simply right-click, select the Report option and the file's name, hash(es) will be sent to the P2P PATROL along with the IP address of the person you downloaded it from and a timestamp. All well and good so far.
The real problem with the TrustyFiles reporting system is: you don't actually have to have the file in your possession to report it - you can report it directly from a search result.
While it sounds attractive to would-be paedophile hunters who don't want to get their hands dirty by downloading the file in question, this option would have to be one of the most easily abused systems ever devised.
Most filesharers have probably come across files with an endless string of keywords in the file name where the original releaser wants the file to receive as many search hits as possible. If you've ever wondered how a three minute .mpeg movie can contain everything from anal sex with horses to the entire Paris Hilton sex tape and actually downloaded one of these files, you'll have probably found that the actual video stream contains few or none of the advertised acts.
It could just as easily be a home movie of someone testing their new remote control car.
Taking the little-old-lady-with-too-much-time-on-her-hands scenario, any self-styled vigilante can now send the details of the RC car file to P2P PATROL for "independent analysis", who will then have to manually verify the contents. The problem is of course that our little old lady is capable of sending hundreds or possibly thousands of reports every day, all of which have to be verified.
Does anyone else see the problem?
Not RazorPop.
"We're a technology provider. We only provide a means of reporting. Whether or not someone wants to report it is their choice. We hope that if they use it, they use it responsibly", said Freedman in a heated exchange on the Slyck.com forums.
Nice in theory, but is the TrustyFiles reporting system too easy to irresponsibly?
Even those with the best of intentions could cause serious damage. Anyone sharing Vladimir Nabokov's "Lolita" (one of the 20th century's most important novels) can soon expect to be reported by anyone trying to bust those sharing "lolita" (child pornography).
"Gee wiz! There sure are a lot of sickos sharing this Nabokov type kiddie porn. I'd better report the lot of 'em!" are the kind of actions this system will encourage. And pity the poor souls at P2P PATROL and the FBI screaming in frustration as ANOTHER few hundred Nabokov novels arrive for checking. And they probably will be checked - who will take responsibility for rejecting a file because it has "Nabokov" in the title? It could be incorrectly named, remember?
And guess what? All reports are sent anonymously, so nobody can find the little old lady to ask her to "please, please stop sending us rubbish!"
So...who wants to DoS the anti-kiddie porn organizations? You can imagine the type of people who would want to do that. The tech savvy paedophile in question writes a few simple scripts to send EVERY search result to P2P PATROL, who then passes the aggregated results to the Child Pornography Hotline for further checking. A few million files to check should keep them busy for the next few decades and all while the paedophiles continue trading their special brand of content. The chance of getting caught could easily be on par with your chance of winning the lottery...or being sued by the RIAA. Or perhaps the paedophiles will simply die of old age before the reports containing their sharing habits are examined.
History has show us that bad practices are multiplied and made significantly worse by efficient automation. Ask a holocaust survivor why "convenient" and "efficient" aren't always desirable qualities in a social context.
Whether or not Razor Pop decides to remove the "Report from search result" function in TrustyFiles is obviously up to them. One can only surmise that, by choosing to keep such an irresponsible "feature" in their software, Razor Pop are more interested in promoting themselves as crusaders against child pornography than actually doing anything about it.
Marketing a product by playing on a parent's fear that their children could be exploited in such a horrible way would have to be the most morally reprehensible sales pitches ever devised.
We can now only wait for some action by Razor Pop.
Oh, and the "Report Child Exploitation" feature is only really useful if you live in the United States.
By Alex H
Marc Freedman responds:
You would prefer to do nothing?
Alex,
A report based on seeing the file obviously has more value than one based on a file name in a search result. Abuse, worthless reports, and incomplete data are all standard and expected, whether it’s a phone tip, a NCMEC Internet submission, or TrustyFiles P2P report.
You miss the point of the press release. This isn’t some half-baked idea that RazorPop hatched alone. We are one tiny part of the reporting and investigation process. We closely work with the P2P Patrol, the CP Hotline, the FBI, and other law enforcement. This process was designed by them, not by us.
They receive and filter thousands of reports day. They have computer, Internet, and forensics experts. They conduct the investigations. They put the pedophiles in jail.
We will continue to work with these groups to aid their efforts. Indeed I will be happy to delete the file reporting capability if they so desire.
Marc Freedman
RazorPop, developer of TrustyFiles
My response to Marc:
Yes, if your actions do more harm than good
Marc,
What I am trying to impress upon you is that the P2P PATROL/CPH system for reporting child pornography is MANUAL - it requires someone to actually spend time and effort writing and sending an email to these organizations.
Your system on the other hand is AUTOMATED - quicker, easier and not much thought required to send a report. The problem of course is that P2P PATROL et al are only set up to handel MANUAL reporting.
I'm sure that those organizations are staffed by dedicated and resourceful people, but they have not said anything about whether THEY are upgrading THEIR systems to cope with a sudden increase in reports. I'm not even sure they have thought about the consequences of, for instance, a ten-fold increase.
What communications have you had with these organizations to satisfy yourself that they can afford the rate of "false positives" to climb, perhaps dramatically to say, 99 fakes to one real offending file? Did THEY suggest reporting anything and everything that MIGHT be child porn, even if the number of those reports run into the millions?
I understand your concerns in this area - I am concerned about child abuse too, but to answer you question: Yes I would prefer you did nothing if your actions cause more harm than good.
By all means, keep the reporting features for files a user has already downloaded and checked. But please, please ditch the ability to "report from search result". I am not confident that the potential abuses of this feature (both deliberate and accidental) have been studied enough to implement it safely.
Alex H
Marc writes back:
We let the experts tell us what they need
Alex,
You are correct, and we are well aware, that a report generated from a search result is significantly different in multiple ways from a report generated by a download. The reports sent by our TrustyFiles software indicate this difference and the other parties in the reporting and investigation channel handle it appropriately.
About 10% of TrustyFiles reports now appear to be likely child porn, 40% involve nudity or sex but are not child porn, and 50% are bogus or invalid. The quality of these reports is in fact better than we expected.
This is our initial offering in child porn reporting and will only improve. No one expects it to be perfect right out of the gate. As I wrote earlier, if the various parties decide the search result-generated reports, or indeed all reports, are not useful, productive, or worthwhile to process, or that more information from the user is required, then we’ll update TrustyFiles accordingly. They’re the experts in how the reports are used, not me. So that is their call.
Marc
RazorPop, developer of TrustyFiles
I wasn't exactly thrilled by his response:
You call these people...
Marc,
The "We're only following orders" defence holds no weight in this situation at all. Please forgive my cynicism regarding the "experts" you have been consulting with, but are you sure they are actually competant to advise you on these matters?
The FBI for example, must sanction the work of the Child Protection Hotline, who in turn enjoys the support of P2P PATROL. Unfortunatly, the people at the end of the chain (the FBI) are notorious for their ineptitude in systems design. I'm sure you have read the p2pnet article "FBI's p2p problem" describing "the FBI’s inability to share information with other law enforcers". It is quite clear that after four years and half a billion dollars the FBI has no idea about P2P networks.
(See this article for a full description of the debarcle).
You could almost say they don't know what they are talking about.
The Association of Sites Advocating Child Protection (ASACP) "receives over 60,000 reports of suspect child pornography annually and forwards over 2500 confirmed CP reports to the National Center for Missing and Exploited Children (NCMEC.org), to the FBI, to state Attorney General's Office, and to relevant international hotlines".
So they have about a 20:1 fake to real ratio at just over sixty thousand reports working full time processing the data. What happens when TrustyFiles users report six MILLION reports next year? How will that "private non-profit organization" come up with enough cash to enlarge their operation by TEN THOUSAND PERCENT? Even with your 10:1 ratio they will still be overloaded.
Consider that file sharing accounts for anywhere from 50% - 70% of all internet traffic. That's a LOT of data being transfered, so the 6 million reports per year that I mentioned doesn't seem like an exaggeration. Do you think that there are six million files out there that MIGHT contain child pornography? Sure - ALL the files out there MIGHT contain child pornography and ALL the files sitting on someone's Hard Drive somewhere in the world are able to be reported at the click of a mouse.
Perhaps nobody at the ASACP is expecting to be really sucessful in the fight against child porn so they havn't bothered to work out where on earth they're going to get that much money to fund ther operation. Will RazorPop be chipping in to pay for the infastructure upgrade?
Moving to P2P PATROL, firstly could you perhaps suggest to them next time you speak that they might be able to get a bit more credibility if their website was written with something other than NOTEPAD? Some people would say that an organization with such an important cause to defend should make themselves a bit more professional looking if they expect the P2P community to give them their help and respect. Every bit of information I could find on P2P PATROL screams "amatures" to me and I find it really hard to take them or their "advice" seriously when their website is called "Untitled Document".
As RazorPop is a member of the DCIA (the group who formed P2P PATROL) perhaps you guys could give their website a makeover? Once you've done that, perhaps you could make their policies understandable too.
In response to your "child porn reporting will only improve" comment: How? Either you can report any file you see in a search result or you can't. Perhaps if you threw this topic open for public debate you would be able to get some meaningful feedback and be able to consider the community's sugestions rather than being defensive and telling us you're only following advice.
Your advisers certainly have questionable credentials in this area, so perhaps some consultation with the people who actually built the networks TrustyFiles taps into wold be in order. If you're feeling generous, the rest of the P2P community has opinions on this too, least of all me.
Alex H
At this point, Freedman started getting a bit defensive:
What are your credentials in investigating child pornography?
Alex,
You say “Your advisers certainly have questionable credentials in this area.” That's like saying Carly Fiorina of HP was fired for incompetence. So anyone who works at HP is similarly inept.
We work with agents who do actual field work and investigation, very different from the computer networks systems fiasco. What are your credentials in investigating and prosecuting child pornography?
Your concern about TrustyFiles generating “six million reports” is unfounded. The actual volume is very low at this time. People can abuse any submission process, whether it’s from our software, the existing NCMEC web report forms, or calls to your local FBI office. If we get an abusive hacker, we’ll handle it.
The P2P PATROL web site is in preliminary form and built through volunteer work. As a non-profit group they would be happy to take your donation in cash or services to improve it.
You ask for public discussion. That’s exactly what we’re doing by providing a press release and my personally responding in forums like this. You’re absolutely right that “Either you can report any file you see in a search result or you can't.” The P2P end of this is simple. The protocols are basic. What is there to debate on the P2P end?
When I say "child porn reporting will only improve" I don’t refer to P2P networks, I refer to how CP reports are being processed and used by the CP Hotline, NCMEC, and law enforcement.
Let’s not lose sight of the objective – protecting children and fighting child porn. That will only happen when law enforcement gets the data they need and can run effective investigations. I can’t provide this feedback. You and the P2P community cannot. Only the FBI and other law enforcement agencies can.
Marc
RazorPop, developer of TrustyFiles
I still wasn't satisfied:
I have no more credentials than RazorPop does
Marc,
To take your Carly Fiorina metaphor, yes she was fired for incompetence. That is to say, the person at the top was responsible for the policies carried out by all her subordinates. You can’t say everyone else at HP is inept, but like RazorPop they were just doing what they were told. So I stand by my comments that your advisers in this area are either misinformed or simply have not done enough research.
I’m sure your conversations with the actual field agents revealed that they would like as many reports as they can get – it’s just logical that they want to do their jobs. Did you inform them or did they tell you that the “report from search result” feature was open to wide-scale, or possibly crippling misuse? Again you will have to forgive my cynicism, but it is my experience that if the department responsible for communications and information gathering is inept (the FBI network systems people) then everybody else’s ability to act is stifled. Are the actual field agents geared up to cope effectively?
You ask about my credentials in investigating and prosecuting child pornography distributors. I have none, but I will tell you why I take exception to your methods of reporting.
As you probably saw in my by-line I work for an ATM supplier. If one of my programmers writes an OS program for an ATM and I don’t make sure it is checked properly it is possible that the Australian banking network could crash or be opened up for fraud or other malicious attacks. If you can imagine what would happen to a country’s economy if it’s financial networks were compromised in any way, you will understand why I take this part of my job VERY seriously. Luckily for me this is such an important issue to my country that our Reserve Bank has extremely strict testing requirements and a virtually unlimited amount of money available to ensure the network integrity isn’t breached.
So no, I do not have any experience in investigating child pornography, but please don’t get the impression that I only write “How To Secure And Maintain International Financial Networks…For Dummies” books. I am well aware of how automated systems work and how small problems can create bigger ones.
Yes, you are right that that the “six million reports” was pulled out of thin air, but I would still appreciate your assurance that it won’t happen. You will also note that I said “next year”. If TrustyFiles is lucky enough to get two hundred thousand users by the end of 2006, these users would only have to be filing an average of two and a half reports per month to achieve the six million total reports per year. Obviously the actual volume will currently be very low and hopefully you’ll be able to stop mass abuse of the system quickly. The problem however is that all the other types of system abuse you mentioned require the malicious individual to put time and effort into their attempts. The TrustyFiles system on the other hand is automated and is open to a much higher level of attack. A mass reporting worm for instance could generate millions of reports in a few hours, and the damage will be done before someone works out how to stop it. If you and the other organizations believe you can provide such high security on a minute by minute basis, good luck. You’ll need it.
On the topic of P2P PATROL’s website, I am led to understand that P2P PATROL was formed by members of the DCIA. Surely there is at least one person from the member companies with a few hours to spare knocking up a decent website? Or do DCIA members have no skills in this area? Thank you for your offer but I would prefer to donate my time and money to a worthy cause. I have seen nothing to indicate that P2P PATROL meets this criterion.
Perhaps you could tell the readers of this exchange a bit more about how these reports are aggregated and processed? Perhaps the community could come up with some improvements for the CP Hotline, NCMEC and the authorities. For instance, is it possible to report the same file over and over again, or is a “fake” recorded as such and incoming reports are checked against some type of fake database? Once a file is examined and found to be a Nabokov novel for instance, are all other files with Nabokov in the title checked against it? That would only be a very basic file name matching technique which would be checked against the file’s hash values for verification, but is there a database to save people from examining the same file twice?
Actually, perhaps you would like to invite your partners in this endeavor to join the discussion? This would certainly give them some much needed publicity for their efforts.
Again, I understand the importance of the objective – I believe very strongly in it myself and so do many others. That’s why we are concerned that the problem may not be being addressed in an appropriate way.
Alex H
Freedman then decided that RazorPop was involved in a "collaborative process", and was not just following directions:
Improving the process
Alex,
As I wrote previously, your concerns are ones that are known and we’re following to improve the process. RazorPop is not “doing what we’re told.” This is a collaborative process with several different groups involved. Like any good process, it needs to serve the customer, which in this case is law enforcement.
You and other readers are welcome to contact the DCIA and participate in the P2P Patrol, including attending meetings where these and many other issues are discussed.
Marc
I started to wonder who this guy was pitching his product to:
...is your job, not mine.
Marc,
You are essentially saying "play it our way or get lost". It is NOT my job to fix mistakes in your program or in the "collaborative process".
Every company should be able to justify it's products to the consumer, especially when it involves turning a simple file sharing application into a tool for reporting illegal activities. It aslo sounds like RazorPop needs to think about who you consider your "customers" are: law enforcement or file sharers.
I am not satisfied with your answers or explainations in this exchange and I will continue to question the methods being used.
Alex H
Freedman stopped posting after my last response. I still thought the whole idea was stupid and insensitive.
0 Comments:
Post a Comment
<< Home