SoylentNews is people
SoylentNews
The BBC reports that the UK-based Internet Watch Foundation is sharing hash lists with Google, Facebook, and Twitter to prevent the upload of child abuse imagery:
Web giants Google, Facebook and Twitter have joined forces with a British charity in a bid to remove millions of indecent child images from the net. In a UK first, anti-abuse organisation Internet Watch Foundation (IWF) has begun sharing lists of indecent images, identified by unique "hash" codes. Wider use of the photo-tagging system could be a "game changer" in the fight against paedophiles, the charity said. Internet security experts said images on the "darknet" would not be detected.
The IWF, which works to take down indecent images of children, allocates to each picture it finds a "hash" - a unique code, sometimes referred to as a digital finger-print. By sharing "hash lists" of indecent pictures of children, Google, Facebook and Twitter will be able to stop those images from being uploaded to their sites.
(Score: 3, Interesting) by maxwell demon on Monday August 10 2015, @07:45PM
Black and white is not reversable. But imagine to put a single-pixel frame around the image. This would not bother any pedophile, but even with a single colour for the complete frame, this would give 224 "different" pictures, with 224 different hashes. Now imagine instead using a different colour for each pixel of that frame. You probably could completely fill the hash space with the possibilities; that is, no matter how many hashes are added, there will be another image that's not covered. Or think of image differences that you cannot see, as used for digital watermarking. Indeed, they could simply use a file format which contains data not normally displayed (like EXIF data in JPG), and modify that data as much as they like without changing the visual picture the slightest bit, and yet modify the hash for every little change.
In short: This will not really prevent anything, except for technically inept people. But then, the very fact that they try to upload those images to social networks, the last place you would put anything I'd not like to be associated with, probably implies they are not exactly the brightest people around, so maybe this will indeed have an effect.
Hopefully they used a good hash, so that the collateral damage due to hash collisions will be low. And in case they do more than just prevent the upload, hopefully they actually store the image instead of only storing that you tried to upload an image with a specific hash. It would certainly suck if one day the police raids your house because one of your holiday pictures happened to have a hash collision with one of the pictures on that list.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 3, Insightful) by wonkey_monkey on Monday August 10 2015, @10:24PM
This would not bother any pedophile, but even with a single colour for the complete frame, this would give 224 "different" pictures, with 224 different hashes.
There are ways of fingerprinting images which are robust against that kind of thing, along with rotation, scaling, etc. It's (probably) not like an MD5 checksum.
systemd is Roko's Basilisk
(Score: 3, Interesting) by lentilla on Tuesday August 11 2015, @12:10PM
I've played with creating an unique identifier for images and found it to be surprisingly effective.
This article [linux-mag.com] describes the strategy well. Basically one scales each image to a four-by-four pixel image which produces 48 bytes of "hash". (Being three bytes per pixel for Red/Green/Blue.) Candidate images are then compared with that hash, within a fuzz factor for each of those 48 values.
I was so surprised that such a tiny amount of data could so effectively encapsulate an entire image. It's a hash of course (a one-way mathematical function), so one can't reproduce the image from the hash... but one can certainly identify "identical" images with a very high degree of accuracy.
Putting a border around an image, transcoding into different formats, changing resolutions and modifying EXIF data all fail to escape this detection mechanism. So I don't believe you are correct when you say "this will not really prevent anything, except for technically inept people". The moment a new image is entered into that database it becomes poisoned.
As for hash collisions - yes - they will occur. I'd hope this simply raises a flag and a human goes and checks it out. (And how thankful I am that this is not my job.)