This is not news or a secret: <a href="http://blogs.microsoft.com/blog/2011/05/19/500-million-friends-against-child-exploitation/" rel="nofollow">http://blogs.microsoft.com/blog/2011/05/19/500-million-frien...</a><p>You can learn more about the tech here: <a href="http://en.wikipedia.org/wiki/PhotoDNA" rel="nofollow">http://en.wikipedia.org/wiki/PhotoDNA</a>
How exactly does a private company generate the hashs/"PhotoDNA" of all these child porn images? Are they granted some sort of kiddie-porn-license? More importantly, where do they get a hold of all of these images? Is there some sort of government database that they are given access to?<p>If such a database exists, could you imagine the public outrage that would result if someone hacked/leaked it? I bet there are a bunch of images that only a handful of people ever had access to documented by our government...
Google also scans gmail attachments for it as well. This has been known for a while and the subject of quite a few public court cases. I wouldn't be surprised if Dropbox did it as well. Along with things of national security interest.<p>When local police get a warrant to do a forensic search of computers the judge often requires that they search harddrives using known image/file hashes - as opposed to looking through each file by hand - in order to protect that persons constitutional right to privacy.<p>This right primarily applies to personal computers and doesn't exist (as clearly) as defined by law when the files are stored on a remote cloud service. Although whether cloud services have a similar high threshold of assumed privacy is a recurring debate in criminal law, as storing your whole life in cloud services is a relatively new phenomenon.
1. Download illegal porn using Tor.<p>2. Rename the file .DS_Store and copy to victim's cloud folder<p>3. They go to jail and get killed by another inmate a year into their sentence. Justice prevails!
With our (semi) benevolent corporate overlords in mind, are there any safe and cross platform ways to keep an encrypted container on these services?<p>I remember (but can't find for the life of me) an article somewhere that stated you don't want to put something like a Truecrypt volume on a service that does versioning, since the changes in the encrypted data each time you change something can be used to leak data.