Hello fellow examiners,
Steve Whalen, Sumuri, LLC is looking to protect children by offering this online service for free to everyone. He needs support to set it up and run it. If you don't know who Steve is well he is the one that developed and continues to fund Paladin, offering it as a free tool to all of us.
In return could you please at least get the word out via social networks, other means of support, or consider making a donation. For more information please check out the website.
Here is the link
https://
I work as a contract instructor for Steve and know that he is here to help all of us and now help protect children by reaching out to not just law enforcement, but everyone.
Thank you,
Chris Currier
I'm not so sure about this. I mean, in theory I'm all for it - but some aspects of it don't really sit right with me.
From the "Impact" part of the indiegogo page, it states the software will do the following
Acting as a deterrent to those involved in viewing or paying for Child Pornography
Identifying those who are victimizing children by viewing Child Pornography and assist in bringing them to justice
Reducing the Sexual Exploitation and Victimization of Children worldwide by lessening the demand for Child Pornography
How will it do this? By asking people to voluntarily run this software and submit the results to LE? Is it a realistic expectation that this will occur frequently, if at all?
And if someone isn't voluntarily asking for this software to be run, i.e, if is run by a third party, then we run into all sorts of computer misuse issues.
And the money.. it will be free, and yet $30,000 is required for the maintenance and hosting. If the author genuinely feels that software will mark a sea change in the downloading of child abuse material, why not make it open source and host it on sourceforge (or something)? No upkeep costs, and you could in theory get many contributors to help make a better product.
Finally, the name. "No More Victims" is extremely emotive. Perhaps call the campaign "No More Victims", but the software should perhaps be something a bit softer or more ambiguous.
Anyway. I'm a big fan of Paladin, but No More Victims.. hmmm..
If I may, there is also some hype in the sales (or non-sales, doesn't matter) pitch
My name is Steve Whalen and I am the founder and CEO of SUMURI. I am also a retired State Trooper from the United States. As a Trooper, I spent up to 50% of my time investigating cases related to Child Pornography and the Sexual Exploitation of Children. During this time I saw millions of horrific images and videos of Child Pornography and children being victimized sexually.
In the 15 years as a trooper, Steve must have worked a lot roll , as 50% of a "normal" 2000 hours/year work means about 15,000 hours dedicated to investigating CP cases, and even if all the time was spent looking at images or videos (excluding collection, imaging, etc.), he should have at the very least an average of 2,000,001 (minimum amount to use "millions") on 15,000 hours, i.e. 2,000,001/15,000=133,3334 examined pictures/video per hour or a little more than 2 per minute 😯
Seriously, now, I see it not as a good idea. (
I mean, someone actually dealing with this terrible, revolting material would have a sort of access to a database holding "known signatures" and could abuse it by altering the detected files on the PC, thus changing the signatures of them, and making them "unknown".
jaclaz.
I have some reservations about the project as well, but I'd like to chime in as well.
"why not make it open source and host it on sourceforge (or something)? No upkeep costs, and you could in theory get many contributors to help make a better product."
When I heard Steve present it at MN-HTCIA, it isn't a program to download and install. It is an online application, kind of like pages you can visit to conduct a anti-virus scan of your computer.
"I mean, someone actually dealing with this terrible, revolting material would have a sort of access to a database holding "known signatures" and could abuse it by altering the detected files on the PC, thus changing the signatures of them, and making them "unknown". "
People have been saying this for a long time, particularly in defense of not releasing NCMEC's identified children hash set. I am not convinced. For one, perpetrators don't even know what hash values are. Some are, obviously, but your typical suspect has about the same technological knowledge as the average citizen - not much. Second, for those who do know about hash values, there is nothing stopping them from altering the hash value anyways. Whether the hash list is publicly available or not doesn't figure into it. This is where PhotoDNA is a powerful tool for LE. But, beyond that, even if traditional hashing fails, and PhotoDNA fails, we are still talking about a picture with the same content. If, after hashing, you have 1,000 unknown images, you're going to review them and still find the content there.
As I said, I am on the fence. I don't think this will change the world, and I don't think there will be a large number of submissions to our lab from this tool. But, every ally in this fight against child exploitation is welcome. At worst, if it does more harm than good, Steve will take it down.
Terry
People have been saying this for a long time, particularly in defense of not releasing NCMEC's identified children hash set. I am not convinced. For one, perpetrators don't even know what hash values are. Some are, obviously, but your typical suspect has about the same technological knowledge as the average citizen - not much. Second, for those who do know about hash values, there is nothing stopping them from altering the hash value anyways. Whether the hash list is publicly available or not doesn't figure into it.
Well, allow me to disagree.
You might be right about the average pedopornographer not knowing now much about the concept of hashes and "known hashes", but IF the Indiegogo initiative has success, at least for the first part
What We Need
We've done the hard part in developing the tools and solutions. We now need your help in spreading the word about our software to help identify those responsible for the Sexual Exploitation of Children.
Additionally, we need your financial support to help fund MISSION NO MORE VICTIMS.
this won't soon be anymore accurate.
And, in this period of worries about the three (or more) letters US (but not only US) government agencies respecting (or actually failing to respect) people's privacy, the idea of an online tool that "phones home" results of a scan of the contents of one's PC is not IMHO something that will be graciously approved by the masses, notwithstanding the good will and good faith of the Authors and the noble cause it is designed to fight for.
jaclaz
"You might be right about the average pedopornographer not knowing now much about the concept of hashes and "known hashes", but IF the Indiegogo initiative has success, at least for the first part"
I can agree to that. But, it will also depend on how it is presented. If it is a simple "Click here to scan", with no explanation of how it is identifying child sexual exploitation media, then the public will likely remain ignorant, even if it is a success. Think about online virus scans. Did that cause a great revelation on how anti-virus programs work? No, the average citizen just clicks the button and waits for the report. Of course, if Whalen goes into great detail on hashing and NCMEC's identified hashes, then yea, awareness is going to go up and a few of the more crafty suspects will become wise. But again, it will still come down to manual review - which I do anyways.
The other factor is that suspects are lazy, and assume that police will never come knocking on their door. Generally speaking.
"the idea of an online tool that "phones home" results of a scan of the contents of one's PC is not IMHO something that will be graciously approved by the masses"
I agree. Even if they know the tool is unaffiliated with LE, I don't see many clicking the scan button for fear that it will find something and report it without the user's knowledge.
But, it will also depend on how it is presented. If it is a simple "Click here to scan", with no explanation of how it is identifying child sexual exploitation media, then the public will likely remain ignorant, even if it is a success. Think about online virus scans. Did that cause a great revelation on how anti-virus programs work? No, the average citizen just clicks the button and waits for the report. Of course, if Whalen goes into great detail on hashing and NCMEC's identified hashes, then yea, awareness is going to go up and a few of the more crafty suspects will become wise.
In my simplicity, this snippet already gives away enough
The signatures used in our software represent files that have been previously identified as known or suspected Child Pornography.
If a file or files are found which match this signature or "digital fingerprint" the user will be given the option of generating a PDF or email report of the findings. The illicit files will not be transferred to the report; just the identifying information.
The user then has the option of submitting the report to the appropriate agency or agencies.
But again, it will still come down to manual review - which I do anyways.
Sure ) , but that would be "Post-Analysis Phase" wink
http//www.forensicfocus.com/Forums/viewtopic/p=6571336/#6571336
The real issue, as I see it, is that even the most simple person has nowadays (without actually knowing what really happens) a Big Brother fear (whether this fear is justified or not would be matter for another discussion) and they have been bombarded (rightfully or not is yet another matter) about security, privacy, never trust anything, have antivirus and antimalware scanners and what not.
I agree. Even if they know the tool is unaffiliated with LE, I don't see many clicking the scan button for fear that it will find something and report it without the user's knowledge.
Exactly.
And there may be possible issues with the localization of the thingy (maybe it could do for the US only).
jaclaz
Hi Everyone,
Sorry for the delay in this reply. I had to wait for my account to get approved so I can post.
Let me see if can explain my train of thought on this project and hopefully you'll understand and possibly accept my point of view. I'll also try to respond to some of the concerns previously stated.
1.) I have over 15 years investigative experience in LE. More than half of that time was as a full-time examiner for digital evidence and more than half of those cases involved the sexual exploitation of children. Several of those cases contained over 100,000 illicit images and videos in a single case. I will stand by my statement of seeing quite a lot of horrific illicit images involving victimization of children.
2.) Regarding the campaign and request for support. I have used my own finances to produce and continue to develop PALADIN throughout the years and RAPTOR before PALADIN when I was with my old company Forward Discovery. PALADIN alone costs quite a lot of money to keep going but we do it for the sake of supporting the forensic community as we always have done.
I did not want to ask for help with MISSION NO MORE VICTIMS, however, in speaking with our current hosting company (and others) this project will force us to move to a dedicated server (at a minimum) due to the traffic. Feel free to look up the monthly costs of an adequate dedicated server and you will see how quickly this budget will disappear.
3.) The concept of the tool is simple, however, you have to take off your LE hat and think outside your cubicle and then you will start to see better.
Our goal as LE (and humans) is and should be to protect children from being victimized. Every LE officer I know around the world will agree. However, there are not enough LE to "proactively" make any dents in the real problem. Ask yourself, how many LE officers are around the world that everyday proactively try to stop, end or make a serious dent in the the identification of those who victimize children.
Once you have that number compare that to 2.4 billion Internet users worldwide. If even a fraction decide to use this tool it will do more than anything that has been done in history.
4.) Use of the tool - completely voluntary. Reporting - completely voluntary. Legality of Use - all on the user. There will be a EULA/Terms and Conditions that explains exactly what the tool does and where the responsibility lies when the tool is used - on the user.
No different than using an anti-virus tool to scan a computer.
5.) Will people use it. In my opinion and experience, yes. In many cases I've worked other members of the family or friends had a suspicion that something was wrong or not right. Many convinced themselves not to believe it, however, they knew it deep down.
We have all heard the expression "curiosity killed the cat". I believe curiosity here will identify the child pornographer. Once discovered, I am hoping that the identifying individual will seek the appropriate remedy either domestically, legally or both.
6.) LE responsibility - I'm counting on all of you to do what you would normally do when someone reports suspected child pornography. Do an investigation and move forward as necessary.
If a user decides on their own to turn over a report it will contain unique identifying information about the computer scanned, dates and times, the illicit files identified with their unique signature, the path to the file and any other information that the user wants to add. Totally up to the user, totally voluntary and no illicit images will be included in the report (just the identifying info).
7.) Signatures being used - Suspected and known child pornography that the majority of you use everyday in your forensic tools. Where did they come from? - publicly available signatures (available since 2008 or earlier) and my personal collection of signatures from when I was active LE.
8.) Use of signatures for anti-forensic purposes. Again, signatures have been available publicly since 2008. Has anyone heard of a case where a suspect used publicly available signatures to avoid detection? I haven't in over 22 years of investigation and training LE officers from all over the world.
I hope that this clears things up and that you may consider supporting our mission. Obviously, I will not post any details that will circumvent the success of this project. If you need more information feel free to contact me directly at anytime.
Stay safe and best wishes,
Steve
Steve,
Is the voluntary reporting going to go to NCMEC as a cybertip, or some other method?
Terry
@Steve
No doubts whatsoever about your initiative being taken in perfect good faith, at a non-trivial cost (of time and money) and for a noble cause. )
Re #1, I still stand - even if it was just a kidding remark - by the math of the number of minutes existing in 50% of 15 years, in 7.5 years, 10 hours a day 220 working days a year there are 60*10*220*7.5=990.000 minutes.
Re #2, I do understand the costs and personally I even think that you asked for too little money.
Re #3, as well, no doubts about the fact that not enough is done currently
Re #4, since you compared the thingy with an antivirus scan, here there is IMHO an issue, which is obviously about "false positives" (whether actually "false", in the sense of a "collision" of some kind with the database/hash/whatever, in the sense of an image wrongly categorized on the server side or in the detection of an image that is actually CP but that was "accidentally" downloaded for *whatever* reasons, doesn't matter).
I mean
a) What are the consequences of a false detection of a virus by an antivirus?
b) What are the consequences of a false detection of CP (in case the report is not generated/sent)?
c) What are the consequences of a false detection of CP (in case the report is actually generated and sent?
If you could comment on the above, then we'll be able to talk of the other points.
jaclaz