On 19/07/2011 12:54, Damien Fleuriot wrote:
On 7/19/11 11:06 AM, C. P. Ghost wrote:
On Tue, Jul 19, 2011 at 8:55 AM, Damien Fleuriot<m...@my.gd> wrote:
On 19 Jul 2011, at 08:15, Frank Bonnet<f.bon...@esiee.fr> wrote:
In France it's illegal and I have my boss's instruction :
- find and delete the files that's all.
Bon courage then...
A file can not be illegal per se, so you won't be able to detect
these by looking up names or contents.
Even then, if a file is labeled as personal, privacy protection
applies and it is *unlawful* for you to process it.
(That is in the same way that your employer is strictly forbidden
from peeking inside your email messages clearly labeled as personal,
even if they were received on your work mailbox.)
Exactly!
Speaking with my university sysadmin hat on: you're NOT allowed to
peek inside personal files of your users, UNLESS the user has waived
his/her rights to privacy by explicitly agreeing to the TOS and
there's legal language in the TOS that allows staff to inspect files
(and then staff needs to abide by those rules in a very strict and
cautious manner). So unless the TOS are very explicit, a sysadmin or
an IT head can get in deep trouble w.r.t. privacy laws.
The poorly written IT TOS of a company can never bypass the law,
regardless of anything you agreed to in your company's TOS.
It *is* unlawful for them to even open your files as long as they are
clearly labeled as private.
Well in France it is even worst than that. All communications are to be
considered as private unless both end of the communication agree they
are not.
We have a nice judicial case, namely the "arret Nikon", that basically
states it in every possible way.
The case was such, an employee used the email address
"comerc...@nikon.fr" to send a virulent critic of his employer to a big
client. When caught he said that the recipient of the mail was a friend
and that the communication was private.
He won.
To open them, they would require a judge's injunction, for example in
cases of pedo pornography or the like.
Well you do not need such a high case, suspicion of misbehavior (fault,
fraud, bad publicity etc.) are sufficient.
You may want to look for files that are unusually large.
They could possibly be ISOs, dvdrips, HD movie dumps...
Not to forget encrypted RAR files (which btw. could contain anything,
including legitimate content, so be careful here).
It would be unlawful to try to brute force the files' password ;)
We have the same problem here with users sharing movies on the file
servers, and what makes it worse is some of their movie files are
legit because they're, for example, official trailers that are
reworked and redistributed to our customers.
You won't win this, tell your boss it can not be done.
What can technically be done is that the copyright owner provides a
list of hashes for his files, and requests that you traverse your
filesystems, looking for files that match those hashes. AND, even
then, all you can do is flag the files, and you'll have to check with
the user that he/she doesn't own a license permitting him/her to own
that file!
Not to mention that:
1/ you'll be doing the copyright protection company's job.
This is going to cost you time = money, while it's going to cost them
nothing and earn them the copyright holder's money.
2/ as you rightfully pointed out, hashes are exceedingly far from
foolproof, for example a downloaded movie could be gzipped, or just
tared, and that would completely change its md5/sha hashes.
Hell, even stripping 1 second from the ending credits would make the
hash fail.
Even though they are called hashes, files sent by media companies are
more like FFT spectrum analysis.
You can still fool them by changing the least important bits in pictures.
Better talk with your users and resolve the problem using
non-technical means. Inventive users WILL always outsmart any
technical solution that you implement: this is a race you absolutely
can't win.
Head CP's advice Frank, you can't win this, for real.
Today you try to find suspicious files, tomorrow your
inventive/tech-savvy users will rename their files so they look private,
they'll encrypt them with GPG, they'll pack them in a password-protected
rar, they'll embed their MP3s in powerpoint documents...
True you cannot win by guessing the content of files. But from my
experience downloaders are most of the time easy to catch. Basically
just get a disk usage by user and you have your culprits.
The best way to block illegal download before they happen. I found that
closing most ports and requiring a login and password before giving
access to unknown websites works wonder. (The access to the website is
not blocked in any way, but you have to login first).
You can not and will not win this, you'll only be wasting your time and
your company's money.
Again and still out of curiosity, are the files available on the internet ?
If not, you REALLY shouldn't be bothering.
Delete the files from your file server, next they'll swap them on
external drives and USB keys.
Even using DPI (deep packet inspection) technologies is a flawed
approach to this.
You can detect that a file matches a given pattern/hash, you will
*ABSOLUTELY NEVER* detect that the file is lawful or unlawful.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
