Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Virus Did It

Posted by michael on from the dangers-of-running-insecure-operating-systems dept.

scubacuda writes "The Inquirer and Get Reading report that a UK man accused of having pornographic pictures of kids on his computer was acquitted after a court heard that his machine was infected with a Trojan on his PC which probably auto-downloaded the images. (In light of moves like Operation Ore, we'll probably hear more defenses like this.)"

26 of 373 comments (clear)

  1. What's the Point... by Valthonis · · Score: 5, Interesting

    ...of making a virus that downloads child pr0n onto a remote computer? I thought virii were created to wreak havoc, not frame random computer users... or am I wrong? And furthermore, if a jury can believe this defense, what's to keep all the imminent RIAA and MPAA suits from being defused by the same argument? FIRST POST! WOO!!

    --
    "Life in every breath... that is bushido"
    1. Re:What's the Point... by kinnell · · Score: 2, Interesting

      Well, for the sake of argument, if someone had a grudge against the guy and wanted to cause him hell without being found out, they would have done an outstanding job.

      --
      If I seem short sighted, it is because I stand on the shoulders of midgets
    2. Re:What's the Point... by N1XIM · · Score: 4, Interesting

      Not only is it possible.......IT HAPPENS! I have worked on a friends machine where some guy from the ISP (RoadRunner) was using port 53 (yes, the nameserver) to force him to log onto the ISP's network--thus allowing the intrepid sikko to download kiddie porn through this guy's machine via a trojan horse + buffer overflow (use the buffer overflow to place the trojan) attack. This is on WinXP, WinME, and Win98. I know this because I did the packet trace & analysis of what happened when he booted the machine. When he switched to my local nameserver running on my laptop, mind you, he got spared.
      So, not only is it possible, it is being done.
      I now run UNIX as much as possible--especially since one of my idiot roommates just switched us to RoadRunner (even after I told her about this happening......). This guy whose machine I worked on was behind a firewall, and he still got hacked. UNIX it is for me, thank you.

  2. Sounded fishy at first... by Hee+Hee+Hee · · Score: 5, Interesting
    This sounded fishy at first, until I saw
    "The specialist found the day before the images were downloaded the program was implemented, so there's a direct correlation between them,"
    in the second article cited. Kinda makes you want to update your virus detection/bot detection/firewall/etc, doesn't it?
    --
    - Bill
  3. the largest security hole is the client machine by Submarine · · Score: 4, Interesting

    The more it goes, the more I think that the main issue of online security is not the protocols (SSL, SET...) but the security of the endpoints, and particularly of the clients.

    I would not be surprised if we found a virus that searches through the local (and even LAN-accessible) documents for interesting keywords or types of information, then somehow manages to send this information back to some spying agency. In fact, I think this has probably already been done.

    Imagine the potential:
    • economic espionage
    • blackmail (emails showing that he has a mistress / has taken illegal bribes...)

    Of course, most corporate networks are firewalled. Still, lots of binary data is exchanged. You just have to hide yours in the flux... Do you really think this would be noticed in the middle of a virus attack?. Traffic analysis would be thwarted by the viral attack sending information in many directions, with no obvious destination. Onion peel routing and distribution through Usenet or WWW bulletin boards could do the rest - untracable information.

  4. Dubious....... by Angleworm · · Score: 3, Interesting

    Very dubious indeed. I find it very hard to believe that he did not notice several image files appearing on his drive. Also such paedophiles are monitored very carefully, and not without reason.

    This may have been a case where the jury and judge knew very little about the natures of trojan and computer.

    --
    I am a man, not a toy.
    1. Re:Dubious....... by Obasan · · Score: 2, Interesting

      Do you live on the same planet? My computer has tens of thousands of "image" files on it - most of them are jpeg, bitmaps, pcx etc. etc. etc. associated with installed software or in various caches from web browsing. Most computers are like this. Do a search on any windows computer for common image formats and you'll get back hundreds if not thousands of results. Do you know what every single one of those images are? Didn't think so.

      If these things were saved to his desktop or something, thats one thing, but most likely they were stuffed away in some folder with a data-like name.

      You can bet the prosecution had experts on their side who would have ripped this guys defense to pieces if it was that easy to find a hole in it. The court found this guy innocent - we should respect the courts finding and drop the witch hunt.

    2. Re:Dubious....... by Anonymous Coward · · Score: 1, Interesting

      Without looking, what do you have in /tmp (s/tmp/C:\Temp) right now?

      How about /usr/local/lib? /opt/bin? /lib/X11/?

  5. Negligence Or Delusion by 4of12 · · Score: 3, Interesting

    This case sounds interesting for a couple of reasons. The defendent's entire case is out the window, of course, if the prosecution shows that the virus was not responsible for downloading kiddie pr0n. Assume such a virus existed for the sake of argument.

    First, there is negligence for allowing one's computer to become infected. A related precedent would be the owner of a condemned house allowing it to become a crack house. IANAL, but in a lot of ways it seems the cases are similar. One could claim that the software manufacturer (MS) was responsible for faulty software, or that the virus writer was responsible for letting loose his creation. In the same way, the crackhouse owner could claim that the lock manufacturer did a poor job, or that the addicts breaking into his house were at fault.

    Second, if computers become more like personal extensions of ourselves, indispensible, parts of our consciousness in some far-fetched way, then the defendent might take the insanity route. That is, "God told me to take 7 wives and this girl is one of them." However, computers are subject to more detailed forensics that people's brains, so claiming an insane computer might not withstand much scrutiny in court.

    --
    "Provided by the management for your protection."
  6. Personal Responsibility Today by TrollBridge · · Score: 3, Interesting
    OK first of all I'm not going to judge whether or not this guy's defense is valid. I guess they'll have to take a look at the supposed 'virus' to determine if that was in fact the cause of the porn downloads.

    With that out of the way, I find it amazing the lengths people will go to to blame anybody or anything for their actions but themselves. "I didn't download pictures of naked children, the computer did it!" or "I didn't willingly throw myself upon a flaming mattress, that show on MTV made me do it! or "I didn't want to get pregnant, it was HIS fault!"

    I apologize for this somewhat offtopic rant, but it's this kind of lack of personal responsibility that's eroding our society.

    --
    There's a Mercedes gap too. I want one and can't afford one, but it's not government's job to do anything about it.
  7. Re:Won't Work by NiteHaqr · · Score: 3, Interesting

    But maybe in the future it would.

    With all the programs that offer to manage your financial account details, all it would need is an app that automatically fills in those credit card numbers for you when you go to buy something.

    Then all you need is a Virus that can get at that data and bingo - a Virus that can sign you up to all sorts of things, and all in your name.

    Now imagine if that Virus ran, signed you for an annual subscription to a porn site (at a time you were logged in and browsing) before deleting itself without a trace. Try getting your money back then.

    This is why all kinds of automation should be rejected and our non techie friends educated.

    Basically if its on the machine, assume that someone else can get at it.

  8. Re:Won't Work by Skuto · · Score: 2, Interesting

    >No.. no... the virus not only downloaded the
    >porn, but also used his credit card information
    >to sign up for the site, confirmed his
    >subscription via email,

    If it got his credit card details, registering to a porn site would be no problem. You don't even need his email.

    This would be a viable defense IMHO.

    --
    GCP

  9. Not unheard of by DavidLeblond · · Score: 4, Interesting

    My brother called me one day to say that his new computer had run out of disk space and he didn't know why. I connected to his computer via Remote Desktop and browsed his folder and when I got to his My Music directory it was full of 7 gigs of movie files, none of which he had seen before. I deleted them and suggested he get a firewall program.

    Sure enough, as soon as he got his firewall up he got a slew of alerts about people trying to connect to his computer. I make sure I keep my firewall up at all times now.

  10. I wonder how they found the images by radio4fan · · Score: 2, Interesting

    The articles don't mention why the authorities looked on his PC for kiddie porn. What tipped them off?

    I suspect there's much more to this case than the articles mention.

  11. This isn't unrealistic with P2P by mdw162 · · Score: 2, Interesting
    I've seen a lot of jokes about Kaaza and other P2P networks doing this automatically, modded as funny. However, I think there's more to it than that. At least with eDonkey2000, I see files appear in my download section that aren't mine. I'm not all that clear on how it works but I think it's part of the caching mechanism to help your "peers" with their downloads as they do for you.

    Anyway, with P2P getting more sophisticated, efficient and private, I can easily see this happening a lot. Of course, I don't think anyone should be guilty in cases like these. Apparently, neither do the British courts.

  12. It's possible. I've seen it! by Anonymous Coward · · Score: 5, Interesting

    2001-12-25 02:34:02 Porn trojan virus? (articles,security) (rejected)

    I've seen and disinfected a laptop of a friend who was infected with a virus that downloaded porn pages in the background whenever he connected to the internet. I guess it was to collect link credits. His history and cache would fill up with porn crap and he claimed to not be visiting the sites. At first I didn't believe him (obviously) and was surprised when I saw the behavior for myself. Beware!

  13. My experience� by (H)elix1 · · Score: 5, Interesting

    I see a lot of comments about - wink, wink - sure it was the virus, or dumb ass for executing a Trojan.

    My first lesson with an improperly configured Linux box outside the firewall was when my ISP called asking about some insane bandwidth use. What? I checked the box and it seemed fine. Found out the traffic was on FTP, which I was not using. Sure enough, tons of porn and other files were getting uploaded and downloaded... all the files in a hidden directory. The box was owned, and I ended up rebuilding from scratch, this time leaving services off I did not actually use and patching some of the services I did. Than I discovered ssh and a few other key insights that were new to me.

    I cannot believe I am the only one this kind of thing happened to...

    --
    +++ UGUCAUCGUAUUUCU
    1. Re:My experience� by Greyfox · · Score: 4, Interesting
      Yeah well you can't prosecute someone for (just) being an idiot.

      Most new Linux folks (myself included) go through the "I don't see why I can't run as root; I know what I'm doing" phase of sysadminning. They also go through the "I'll give everyone I know accounts on my system" phase of sysadminning. Once they get owned a couple of times, most of them learn and don't do that anymore.

      --

      I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  14. It's not like this hasn't happened before by Anonymous Coward · · Score: 2, Interesting

    A couple of months ago CSO magazine ran an article about a similar problem, except it was coupled with the threat of blackmail.
    Could it possible that this (or something similar) can get an innocent victim arrested? In a less technologically literate or a far more fundamentallist culture, the "virus did it" defense probably won't work . . .

  15. Re:Insanity by nolife · · Score: 2, Interesting

    I agree to a certain extent but..

    What if you wake up in the middle of the night and find someone in your house hurting a family member. You approach the situation and the person starts running away. I do not know exactly what I would do but there is a chance that the average person would be inclined to chase him down and cause great harm with any weapon they could find. Does that mean you'd be a potential harm to society and should be locked up? You were never a treat to the general public, only someone that was causing harm to your family. Granted the person was running away so technically you may still be able to claim self defense. There is no cookie cutter answer for every situation.

    --
    Bad boys rape our young girls but Violet gives willingly.
  16. Computers are dogs. by amcguinn · · Score: 2, Interesting

    So, the day has come at last. I must say I'm surprised, as I've been expecting it for over 5 years.

    The point is that the law has to decide how much responsibility a person has for what their computer decides to do.

    Up till now, the assumption has been that whatever your computer does, is done at your request, and you are wholly responsible. This despite the fact that that has never been true, and is getting further from the truth every year.

    There is no legal tradition to apply here. The nearest analogy to the relationship between a person and his computer is the relationship between a man and his dog.

    People have kept dogs for thousands -- most likely tens of thousands -- of years, so everyone has a rough idea what the deal is. The general legal view is that you have a duty to keep your dog from causing harm under forseeable circumstances, but there is a distinction between what your dog does and what you do. If your dog attacks a child, you are not guilty of Grievous Bodily Harm, but you might be guilty of keeping a dangerous dog. If your dog craps on the street, that is different than if you crap on the street, but you might still be fined.

    If you are found guilty of not properly controlling a dog, you can be banned from keeping one. If your dog causes harm and is considered not to be controllable, the court can order it to be destroyed.

    (If you deliberately cause your dog to kill someone, that is still murder of course, but your intention is crucial)

    This is the only rational legal framework for crimes committed by a computer without the intention of its owner.

    When will computers that run MS-Windows be ordered to be put down?

  17. But... he was still guilty of the accusation! by bagofbeans · · Score: 2, Interesting

    Guy was accused of having pornographic pictures of kids on his computer, right? Well he did! It's purely mitigation that it wasn't his fault - but legally it was still his responsibility, if the law was written that way. Bit like receiving stolen goods law.

    Now if the burden of proof becomes the presecutor's to PROVE the defendant knowingly downloaded the material (as opposed to reasonable likelyhood),then we're going to get a lot of ISP log requests to differentiate between an upload by nastyware and a download by user.

  18. Re:UK Law... by BobDowling · · Score: 2, Interesting

    UK law regarding child pornography is so broken as to be seriously unfunny. The police are currently interpreting the law in such a way that if the police can find five images of child pornography on your hard drive, by any means, then you are guilty. Almost uniquely in non-negligence law there is no need to prove intent. As a result it is an easy means for them to get their statistics up so it is zealously persued.

    Now consider the "by any means" bit. As far as I can tell they do a block-by-block analysis of the hard drive. So deleted files, swap and linked files are all identified. So if you use your web browser to read your email and you are sent an email with five indecent images then you're toast. Deleting the mail message doesn't help because the downloaded images still live in your cache. Purging your cache or letting it time out doesn't help unless the blocks get overwritten by other data. If you try to explain this to the police man/woman you will be told that your questioner doesn't use the net so they can't understand what you're talking about.

    (Incidentally, none of this is hypothetical. I have a friend going through this hell right now.)

    As for the list of credit cards, the confusion within the British Parliament beggars belief. One rabid member of parliament was on TV describing how they could still prosecute paedophiles from the credit card trail even if no images could be found on their computers. At the same time a minister in the Department of Trade and Industry was describing how terrible a problem identity theft was!

    Incidentally, under UK law it appears that you are not allowed to challenge the alleged ages of children in pornographic images with a medical expert witness.

    Put bluntly, the UK law on child porn sucks. The law has all the hallmarks of legislation brought in in a state of panic.

    --
    Those who do not learn from Dilbert are doomed to repeat it.
  19. How to end a life without paying a hitman by Anonymous Coward · · Score: 1, Interesting

    Don't like the guy next door? Next time he's out, get into his house (where I live most people leave a door unlocked or window open, so this wouldn't be difficult) and download some KP to his computer.

    If you want to be really tricky, hide it somewhere he won't find it, and come back once in a while over the next couple o weeks and download some more, delete some of it, etc. -- make the activity look "real." Hell, use his CD burner to put some on CD and stick it in the mess he no doubt has on his desk.

    Then call the cops and leave an anonymous "tip." ... "But Your Honor, I swear I didn't even know it was on my computer! Someone must have planted it!"

    There's no chance anyone will ever believe him; even if you left fingerprints galore all over the computer there's no way the cops would waste their time checking -- why try to help that sick pervert?

    ___
    On a less hypothetical note, let me say you don't even need to waste time planting it. A friend of mine had a tussle with his roommate six months ago and ended up calling the cops on him (for legitimate reasons; his roommate has been arrested more times than I can count, he's a bit on the aggressively drunk side).

    The roommate decided to get even by telling the cops he'd seen KP on my friends computer. They took it away from him (he needs it to work) and told him he'd have it back in two weeks if they found nothing on it; it's been six months...

  20. Re:Won't Work by drinkypoo · · Score: 2, Interesting
    Basically if its on the machine, assume that someone else can get at it.

    Yeah, or if it passes through the machine in unencrypted form, even. This is why passwords and credit card numbers (and similar) suck, and why we need biometric identification instead. Credit card numbers are the worst, because you regularly show them to people at stores and whatnot.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  21. Re:How can they tell? by Anonymous Coward · · Score: 2, Interesting
    This is all to likely to happen. I like cops. I have to respect what they do. They're human though and all us humans make mistakes. Unfortunately the mistakes some humans make cost others their lives or at least their livelyhood. I watched a story on TLC last night about a guy convicted or rape and murder in the early 80s and sentenced to death. He maintained his innocence throughout. DNA testing a handful of years later couldn't eliminate him as a suspect. It couldn't say it was him at all though either. See the DNA was close but as close as a sibly, ie brother or sister. The murdered woman was his sister in law. Hmmm... The initial trial was a farse. His own representation was a joke. They really couldn't do much of anything. They didn't even attempt to refute the so-called experts. Years later better lawyers can look at that and say that those lawyers fucked up badly. IIRC correctly he had a fair alibi. I can't remember for sure though. Nevertheless he was convicted. In the following years he managed to get good lawyers and experts at the convicted innocent to help him. Unfortunately a filing error thanks to his initial elected representation fucked up everything. They files a day late. Too bad, so sad. In the end he was put to death. The experts that tried to save him are still fighting however. They are trying to get the initial semen samples analyzed by today's DNA technology which lays what they could do in 1990 in the shade. The state where he was convicted and put to death is fighting it though. They are afraid of the truth in essence. If they had nothing to hide than the DNA test would vindicate them if true. If not then an innocent man can be proven as such and they murdered the wrong man.

    This guy really got screwed. Unfortunately he had gotten screwed for years. The story started with a bright young senior in HS in a small town preparing to join the military. Unfortunately he was accused of something (I forget what). The woman described the person, police found this teen that fit the description, and arrested him. She said it was him and it went to trial. The problem however was that this boy had a rock solid undeniable alibi. He was with his HS principal at the time of the incident. There was no way he could have done this since we can't be in two places at the same time. The jury still convicted him though. That ruled out his military hopes and dreams. He went to work in the town's mines. Later another crime was committed. Police always suspect the previously convicted first. They brought him in. This person IDd him as well. Here comes another trial. Once again he had a rock solid alibi with a very credible person. Once again the jury ignored this and convicted him out of prejudice. This guy was screwed repeatedly by fuck ups. In a legal system such as that, has can any innocent person expect a fair trial?