Risk
6/17/2013
12:51 PM
50%
50%

Google Launches Attack On Online Child Pornography

Google pledges millions to charities and software developers to help it eliminate online material that endangers children.

Google announced several programs to make it more difficult to use its algorithms to access child pornography. The news comes on the heels of what some U.K. commentators claim is the U.S. search giant's indifference to the problem, which has been linked to child abductions and attacks in the U.K.

The issue has gotten so far up the national debate that Prime Minister David Cameron said over the weekend that he fears such content could "harm" his own children, and that he worries when any of his three children "grab hold of the iPad" because they risk seeing obscene images.

[ Google criticism runs deep. See British MPs Attack Google On Taxes. ]

In what cynics say is mere PR, but others see as genuine moves to make access to extreme content more difficult, Google claims it has set up several initiatives to help address the problem.

The company will make available a £1.27 million ($2 million) Child Protection Technology Fund to help ISVs and software developers produce new tools to help fight the problem of child pornography on the Web.

Google also said it's building a new database that will let concerned agencies better share information about online child pornography.

The announcements come on top of a separate, four-year, £1 million ($1.6 million) donation the vendor made last week to the Internet Watch Foundation, a nonprofit organization that works to stop child pornography on the Internet. The donation was welcomed by the charity as demonstrating Google's "moral leadership in the field."

Google director of communications and public affairs Scott Rubin said: "This grant is part of a broader package of measures we are putting in place with other international agencies to help tackle this problem at a global scale."

Jacquelline Fuller, director of Google Giving, blogged Saturday that, "We're in the business of making information widely available, but there's certain 'information' that should never be created or found. We can do a lot to ensure it's not available online -- and that when people try to share this disgusting content they are caught and prosecuted."

Fuller also noted that since 2008 Google has been tagging known child sexual abuse images, which makes it easier to identify similar or duplicate images. She said that her company is now extending that approach to support more accurate tracking of outlawed images across the Internet.

This will enable companies, law enforcement and charities to better collaborate on detecting and removing child abuse images, said Google.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2208
Published: 2014-12-28
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string.

CVE-2014-2209
Published: 2014-12-28
Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote attackers to bypass intended access restrictions by leveraging group permissions for a file or directory.

CVE-2014-5386
Published: 2014-12-28
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initial...

CVE-2014-6123
Published: 2014-12-28
IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading installation logs.

CVE-2014-6160
Published: 2014-12-28
IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.