Re: Eugene Watch: Volokh Conspiracy Slashdotted - Hewlett Packard

This is a discussion on Re: Eugene Watch: Volokh Conspiracy Slashdotted - Hewlett Packard ; I am shocked that I agree (mostly) with Mr Byrne on this matter. The same justification could be applied to warrentless wiretaps, etc. by contending they did not actually listen to the conversation, just submitted it to an AI for ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: Eugene Watch: Volokh Conspiracy Slashdotted

  1. Re: Eugene Watch: Volokh Conspiracy Slashdotted

    I am shocked that I agree (mostly) with Mr Byrne on this matter.

    The same justification could be applied to warrentless wiretaps, etc.
    by contending they did not actually listen to the conversation, just
    submitted it to an AI for analysis.

    On Wed, 29 Oct 2008 09:44:05 -0400, James B. Byrne LYNE.CA> wrote:

    >>
    >> Date: Tue, 28 Oct 2008 23:56:48 -0400
    >> From: "Johnson, Tracy"
    >> Subject: Eugene Watch: Volokh Conspiracy Slashdotted
    >>
    >> Actually on topic in a way, does that also cover TurboImage hashing?
    >>

    >
    >No. MD5 hashing in the sense presented is not a method of disc addressing
    >database entries but a method of (fairly) reliably identifying the
    >contents of one file by comparing its bit pattern "fingerprint" to the
    >"fingerprint" of another file having known contents. If the hash sums
    >match then, in the vast majority of cases (>99.99999...%), the contents do
    >too.
    >
    >The critical element in the issue at law is the purpose of said comparison
    >and whether of not agents of the state can execute a "search" for
    >"fingerprints" on private property without a warrant, for which they need
    >show "probable cause."
    >
    >The sophistry involved by the authorities in their attempted evasion of
    >the the warrant requirement lies in the meaning they attribute to the word
    >search. Their contention is that if they do not actually "view" the file
    >contents, whatever that means given that an MD5 hash must by its nature
    >consider every single bit in a file, then they have not "searched" the
    >file.
    >
    >This sort of self-justification, ascribing particular and self-serving
    >limits to the meanings of words, is quite common. I am both surprised and
    >pleased that the Justices saw through it.
    >
    >
    >--
    >*** E-Mail is NOT a SECURE channel ***
    >James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
    >Harte & Lyne Limited http://www.harte-lyne.ca
    >9 Brockley Drive vox: +1 905 561 1241
    >Hamilton, Ontario fax: +1 905 561 0757
    >Canada L8E 3C3
    >
    >* To join/leave the list, search archives, change list settings, *
    >* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *


    * To join/leave the list, search archives, change list settings, *
    * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *


  2. Re: Eugene Watch: Volokh Conspiracy Slashdotted

    Brice Yokem wrote:
    > I am shocked that I agree (mostly) with Mr Byrne on this matter.
    >
    > The same justification could be applied to warrentless wiretaps, etc.
    > by contending they did not actually listen to the conversation, just
    > submitted it to an AI for analysis.

    Legalities exist over whether or not the disk/computer/network was
    "public" or "private". And if there was an AUP/TOS presentation
    outlying any monitoring or remediation terms.

    Since the disk media would be "stored communications" it would be
    covered under ECPA.

    If it was "in transit" such as over a network, there are two options:
    the Wiretap statute (18 USC 2510-22) or the Pen/Trap statute (18 USC
    3121-27). The laws concerning acquisition and tracking are much more
    lenient with the latter, but such is only to consist of source,
    destination, time, and duration. It sounds like much of the fuss is to
    declare the MD5 sum to be a portion of the pen/trap data, rather than
    the explicit communications, and that has been overturned. Interesting.

    I don't know the current "exceptions list" for pen/trap data these days,
    given that stateful firewalls are [optionally capable of] logging more
    and more data (source, destination, duration, bytes transferred, URIs,
    completion codes).

    And yes, to argue the point from a security perspective, there is an
    organization now (not sure if public or still NDA) that keeps an MD5
    registry of all known "malware" - viruses, trojans, botnets, rootkits,
    etc. We're not "all that far" from a reputation score of an
    attachment. The debate here then becomes be what sort of reputation
    we're scoring, rather than the scoring itself (or at least the reference
    database).

    Compiling similar libraries isn't new, NIST has been doing it (NSRL) for
    years. http://www.nsrl.nist.gov/

    Jeff

    * To join/leave the list, search archives, change list settings, *
    * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *


+ Reply to Thread