380 UK IP Addresses in Massive Darknet Seizure of Child Abuse Material

This story is from Naked Security [1] . A similar one is here [5]. Obviously the British Police need to treat this more seriously than they treated Project Spade which also originated in Canada, and upon which they failed to act with due diligence [2]. The public need convincing that police really do want to expose child due to examples like North Yorkshire [3] amongst many others, and the Shocking Truth about Police Corruption in Britain [4].

Police may charge data centre in largest ever child abuse images bust

Canadian police have seized over 1.2 petabytes of data from the dark net – more than four times the amount of data in the US Library of Congress – in what could be the largest child abuse image investigation ever.

In what would be a game-changing shift in prosecutorial tactics, police are considering going beyond the traditional method of prosecuting individuals and will potentially also press charges against the owner of the drives that hold that material – most likely, an Ontario data centre that houses the abusive images.

data-centre-

from Shutterstock

As Motherboard reports, police developed in-house password cracking software that’s slowly churning through the massive information trove.

Up to 7500 people – the number of unique IP addresses associated with the data seized – from nearly 100 countries could be implicated.

Scott Tod, Deputy Commissioner of the Ontario Provincial Police (OPP), spoke to Motherboard in late February following an address to a crowd of defence specialists.

Here’s what he had to say about the data centre, which investigators have refrained from naming:

What we are alleging is occurring is that there are individuals and organizations that are profiting from the storage and the exchange of child sexual exploitation material.

They store it and they provide a secure website that you can log into, much like people do with illegal online gaming sites.

Tamir Israel, a staff lawyer at the Canadian Internet Policy & Public Interest Clinic (CIPPIC), said that charges against the data centre will likely depend on whether employees were aware of the activity taking place on the file-sharing service the data centre hosts.

Such awareness isn’t the norm, he said:

There’s no proactive obligation to investigate what happens on your service. If you do become aware that something is there, there’s a reporting obligation.

But usually data centers aren’t actively looking through their stuff, so it’s reasonable to say that they wouldn’t have come across that.

Hanni Fakhoury, senior staff attorney at the Electronic Frontier Foundation, told Motherboard that going after a web hosting server is a novel approach:

What I’ve traditionally seen is very targeted investigations. Agents will go undercover on some peer-to-peer site and see files that are available for sharing, and they’ll engage a person and trade photos with them. Or they’ll see that the person is sharing child pornography files and take investigative steps to uncover that specific individual and arrest them. That’s very common, that’s bread and butter how these sorts of cases are done.

What is new is this approach that says, you know what, there’s a web hosting server out there that hosts a lot of child porn. It also hosts other stuff that we’re not interested in, but it hosts a lot of child porn, so we’re going to take down that whole host.

Police have developed password-cracking software that can cycle through 500,000 possibilities per second in order to sift through the seized data, which contains approximately 1.5 million compressed, password-protected RAR files, stored and analysed on the additional hardware they’ve had to purchase for the job.

Out of the 7500 IP addresses police have identified, 2200 of the users are in the US, 843 are in Germany, 534 are in Japan, 457 are in Russia, 394 in Canada, 380 in the UK and 374 in France.

Until all the files have been password-cracked, however, there’s no saying how many of those files actually contain child porn. In fact, it’s probably a mash-up of abusive images and more innocent material.

From Tod:

We’re not making any assumptions of how many are actually criminally guilty at this time, or criminally responsible. But we’re certainly a size of information that’s being traded that we know is illegal material of volumes that we’ve never seen before.

This is the first investigation of this scale, to my knowledge—in North America, if not worldwide.

Links

[1] 2015 Mar 4 Naked Security Police may charge data centre in largest ever child abuse images bust https://nakedsecurity.sophos.com/2015/03/04/police-may-charge-data-centre-in-largest-ever-child-abuse-images-bust/?utm_content=bufferfdd90&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

[2] Wikipedia Project Spade https://en.wikipedia.org/wiki/2013_International_child_pornography_investigation

[3] 2015 Feb 23 CathyFoxBlog Citizen Journalists Gagged by North Yorkshire Police Court Action https://cathyfox.wordpress.com/2015/02/23/citizen-journalists-gagged-by-north-yorkshire-police-court-action/

[4] 2015 Mar 7 Spectator Neil Darbyshire Shocking Truth about Police Corruption in Britain http://www.spectator.co.uk/features/9461322/the-shocking-truth-about-police-corruption-in-britain/?utm_content=bufferfc537&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

[5] 2015 Mar 2 Motherboard Police could charge datacentre in largest child porn bust ever http://motherboard.vice.com/read/police-could-charge-a-data-center-in-the-largest-child-porn-bust-ever?utm_source=mbtwitter

Advertisements

About cathy fox blog on Child Abuse

the truth will out, the truth will shout, the truth will set us free...
This entry was posted in #OpDeathEaters, Child Abuse, Child sexual abuse, Other bloggers, Police Operations and tagged , , , , , , , . Bookmark the permalink.

4 Responses to 380 UK IP Addresses in Massive Darknet Seizure of Child Abuse Material

  1. Pingback: 380 UK IP Addresses in Massive Darknet Seizure ...

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s