Tools to find "unlegal" files ( videos , music etc )

C. P. Ghost cpghost at cordula.ws
Tue Jul 19 09:06:30 UTC 2011


On Tue, Jul 19, 2011 at 8:55 AM, Damien Fleuriot <ml at my.gd> wrote:
> On 19 Jul 2011, at 08:15, Frank Bonnet <f.bonnet at esiee.fr> wrote:
>> In France it's illegal and I have my boss's instruction :
>>
>> - find and delete the files that's all.
>
> Bon courage then...
>
> A file can not be illegal per se, so you won't be able to detect
> these by looking up names or contents.

> Even then, if a file is labeled as personal, privacy protection
> applies and it is *unlawful* for you to process it.

> (That is in the same way that your employer is strictly forbidden
> from peeking inside your email messages clearly labeled as personal,
> even if they were received on your work mailbox.)

Exactly!

Speaking with my university sysadmin hat on: you're NOT allowed to
peek inside personal files of your users, UNLESS the user has waived
his/her rights to privacy by explicitly agreeing to the TOS and
there's legal language in the TOS that allows staff to inspect files
(and then staff needs to abide by those rules in a very strict and
cautious manner). So unless the TOS are very explicit, a sysadmin or
an IT head can get in deep trouble w.r.t. privacy laws.

> You may want to look for files that are unusually large.
> They could possibly be ISOs, dvdrips, HD movie dumps...

Not to forget encrypted RAR files (which btw. could contain anything,
including legitimate content, so be careful here).

> We have the same problem here with users sharing movies on the file
> servers, and what makes it worse is some of their movie files are
> legit because they're, for example, official trailers that are
> reworked and redistributed to our customers.
>
> You won't win this, tell your boss it can not be done.

What can technically be done is that the copyright owner provides a
list of hashes for his files, and requests that you traverse your
filesystems, looking for files that match those hashes. AND, even
then, all you can do is flag the files, and you'll have to check with
the user that he/she doesn't own a license permitting him/her to own
that file!

However, even that isn't foolproof: nothing prevents a user from
flipping a bit or two, rescaling, resampling, splitting the files into
multiple files in a non-obvious manner, adding random bytes at the end
etc...: the result would still be infringing, but can't be detected
automatically (at least not in a reasonable amount of time).

Better talk with your users and resolve the problem using
non-technical means. Inventive users WILL always outsmart any
technical solution that you implement: this is a race you absolutely
can't win.

-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/


More information about the freebsd-questions mailing list