Monitor P2P and Spend $1 Billion

By Jon Newton 4/18/08

It’s, “pretty easy to pick out the person engaged in either transmitting or downloading violent scenes of rape, molestation” simply by looking at file names.

So said US senator Joe Bidden during a Senate Judiciary subcommittee hearing about online child exploitation.

He now wants federal and local police to use, “custom software to monitor peer-to-peer networks for illegal activity, and he wants to spend $1 billion in tax dollars to help make that happen,” says CNET News.

Jon Newton

Biden was referring to an application developed by Flint Waters, an agent with the Wyoming attorney general, and used by police in Ontario, Canada, to uncover IP addresses in what was called the largest kiddie porn sweep in the province’s history.

“Waters’ software allows police forces to contribute information about the online porn trade to a centre in Wyoming where his team processes the data,” p2pnet posted, quoting detective sergeant Kim Scanlan, head of the Toronto police Child Exploitation Section.

In the US, “It’s able to help investigators conduct undercover operations involving peer-to-peer file-sharing applications, chat rooms, Web sites, and mobile telephones, Waters said,” according to CNET, which goes on:

Having cited P2P apps, “No one’s trying to demonize those technologies, Waters said. ‘Blaming this problem on peer-to-peer innovation is like blaming the interstate highway system when someone uses it to transport drugs,’ he said.

“But in 2008 alone, investigators using Fairplay have ’seen’ more than 1,400 IP addresses tied to swapping child pornography files on at least 100 different occasions, Waters said,” according to the story, which continues >>>

Based on Waters’ statements to the committee, the system appears to work like this: Investigators log onto peer-to-peer file-sharing networks as any other person would and search for files containing certain keywords that are likely to indicate child pornography is involved. Then they download the files–frequently videos, sometimes as long as 20 to 30 minutes, with names like “children kiddy underage illegal.mpg” and much more obscene–to their own machines. They’re able to use the Fairplay software to obtain the IP address of the file’s sender and, in some cases, display its geographic location in map form.

Once armed with an IP address and date and time of the download, investigators can subpoena the Internet service provider for more information, such as name and address of the subscriber who was assigned it at that moment. “It’s not necessarily the suspect but it tells us the physical location to start,” Waters said. (He didn’t say whether any wiretaps were conducted to monitor ongoing file swapping.)

“We can get our arms around it, the worst aspect of it, if we provide the resources.”

Investigators, “use the IP addresses to keep track of offenders on a ‘daily’ basis, Waters told CNET. But, “in about half its cases, for purposes of longer-term tracking, the software captures ‘unique serial numbers’ from the person’s computer and keeps a tally of how many allegedly illicit files that particular user is trading.

The story goes on >>>

Waters provided the committee with a chart that said, for example, law enforcement had “seen” one user in Pennsylvania exchanging those files 2,792 times, one New Jersey user swapping them 1,182 times, and so on. It wasn’t clear whether the so-called serial number corresponded to IP address, P2P username, or something else, and Waters wouldn’t elaborate.

“It’s unique to the computer, that’s as far as I’ll go,” Waters added, saying he didn’t want to divulge more details that suspects could use to circumvent detection. “We’re able to get it when they’re transferring child pornography.”

So far, investigators have recorded more than 642,000 “unique serial numbers” that can be traced to the United States and another 650,000 of them that cannot be traced to a particular country, with the number of unique serial numbers rising steadily each month since “widespread capturing” of the details began in October 2005, says the story, adding investigators also use Waters’ software, “to track the files themselves through their hash values or digital signatures. In one case, investigators found that an image of a toddler who’d been ‘horribly abused’ was available in more than 1 million places around the world, Waters said.”

CNET points out Waters hasn’t said how he identifies, “what he viewed as child pornography, which can include photographs of fully-clothed teenagers taken with their parents’ consent,” adding:

“In addition, as critiques of a 1995 law review article pointed out, trying to guess the contents of a file based on its name can be a problematic process.”

Jon Newton is the editor of and is a regular contributer to MP3 Newswire. Jon's site is devoted to the politics of digital music and his insights as well as those of his co-writers can be read there. We urge you to explore it.

Other MP3 stories:
Top P2P Applications: 1.6 Million PCs Rank Them

The 30GB iPod Video is available on Amazon


Back to