Futaba _ Webs πΈπΈππΈπΈ
Danger! E2E Encourages CSAM πΈπΈππΈπΈ
Today, Iβm going to dive into a super sensitive topic, one that I don't recommend if itβs not your cup of tea. Iβm going to be talking about CSAM, which is short for βChild Sexual Abuse Materialβ. Iβm going to talk about what it is, as well as recent activities by various social media platforms that encourage the spawn of it, and how our very own Cyber Security practices can be used to help aid Cyber criminals and other illegal activity on the internet.
π Article π Glossary π Catalog π Home π Search Modeπ Article Glossary
πΈ Synopsis πΈ
Today, Iβm going to dive into a super sensitive topic, one that I don't recommend if itβs not your cup of tea. Iβm going to be talking about CSAM, which is short for βChild Sexual Abuse Materialβ. Iβm going to talk about what it is, as well as recent activities by various social media platforms that encourage the spawn of it, and how our very own Cyber Security practices can be used to help aid Cyber criminals and other illegal activity on the internet.
πΈ Article Topics πΈ
I'll be discussing the following topics in order: π Premise π What is CSAM? π What is End to End (E2E) Encryption? π E2E and social media You can click on any of the topics to simply check that one out if it interests you! NOTE: Articles are read from LEFT to RIGHT via 2 columns! Read the first column all the way down and then move to the next one!
πΈ Key Links πΈ
Here's a quick run down on all the main links that are in the article in case you want to check them out first. π LinkedIn Version π Patreon Version
π Danger! E2E Encourages CSAM
Premise πΈπΈππΈπΈ
The main goal for today is to talk about how data encryption and secure communications aid CSAM on various social media and communications platforms: Facebook(Meta), WhatsApp, Telegram, etc etc.
Data encryption and secure communication methods such as SSL and TLS, although it can be used to protect end users and prevent interceptions via man in the middle attacks, as well as render data infeasible, it can also aid threat actors and CSAM criminals, enabling them to go undetected and remain anonymous(depending on how smart they are on the internet).
Iβm also going to talk a bit about how our privacy laws and policies can also aid threat actors as well.
We often forget that laws not only protect the innocent, but also criminals at the same time. Itβs one of the biggest reasons in the event of a real situation where there is a threat to the safety of others concerning certain forms of data, business infrastructures refuse to disclose it unless there is a certain process they undergo to safely do so.
This article is a part of the Danger! Series, which is where I raise more Cyber Security awareness about critical flaws and vulnerabilities that exist within various system infrastructures, including any protocols and data communication methods, and the Dangers of what could happen should they be exploited to the fullest extent. I also go over various mitigation strategies that can be used to prevent them as well. If by chance there is an exploit video for me showing the full potential risk, it will be included in the advanced version of this article for PAID patreon members only!
What is CSAM? πΈπΈππΈπΈ
CSAM is βChild Sexual Abuse Material '', which is any form of sexually explicit inappropriate content regarding adolescents and kids overall. Think (DONβT ACTUALLY THINK!!) of it like βpornβ but for pedophiles. It can be collected and fabricated in various ways.
This form of content is HIGHLY illegal, where often times itβs fabrication results in the sexual assault and abuse of actual children to make it. There are even human trafficking operations where children are explicitly kidnapped for these purposes on top of other things.
Due to its nature, a lot of underground activity for it occurs on the dark net in order to serve it to its ahemβ¦ βhighβ following fanbase.
There have also been other means to fabricate it such as A.I for example, which can turn pictures of children into sexually inappropriate content, or even create said content out of whatever data is available to them even if it doesn't involve actual pictures of children.
CSAM has also gotten to the point where Kids are being harassed and extored online into sending this type of content to predators, which has lead to the deaths of many via suicide.
What is End to End (E2E) Encryption? πΈπΈππΈπΈ
One of the main topics for today is to talk about the dangers of E2E encryption, and how itβs being used by companies to βturn a blind eyeβ to CSAM cases.
This form of encryption, although it sounds good on paper, has LOTS of fatal flaws depending on WHERE and HOW itβs used. In the event of something basic like PGP for emails or a PKI system, where public and private crypto keys are being used to exchange data for business infrastructures, this is harmless. There are also means to strip the network traffic should it be necessary for security within the infrastructure.
In the event of how certain social media platforms implement it: Meta, WhatsApp, Telegram, etc. it can be a deadly tool to allow platforms that CHILDREN operate on to be vulnerable to sex extortion cases and can be a means for servicing CSAM material.
End to End encryption's biggest enabler for CSAM, is that NO THIRD PARTIES are able to intercept and view ANY of the traffic that is being sent between various main parties, including THE COMPANY THEMSELVES.
E2E allows social media platforms to turn a blind eye to CSAM! πΈπΈππΈπΈ
Ever noticed what the ruckus was when platforms like meta implemented end to end data encryption?
Itβs not due to the fact itβs being used to secure end user text messages and data, which would be a good thing if only the case.
The PROBLEM is these types of platforms cater to both adults and CHILDREN! They can coexist and interact with each other at the same time. Even with stuff like messenger for kids, itβs still possible to make a dummy account and interact with children.
With end to end encryption, pedophiles and other forms of cyber criminal activity can go left unnoticed, or to better phrase it, βindecipherableβ
If you like to see the more advanced version of this article that talks about methods that can be used to mitigate, as well as any videos included, SUBSCRIBE TO MY PATREON CYBER SECURITY TIER!
If you enjoyed this post give it a thumbs up! Iβll be keeping track of whose reacting from now on as there is a βspecialβ reason for it. Just know the more you support my content the more there is in stored!
- The Hacker Who Laughs πΈπΈππΈπΈ
