Slashdot Mirror
The Virus Did It
scubacuda writes "The Inquirer and Get Reading report that a UK man accused of having pornographic pictures of kids on his computer was acquitted after a court heard that his machine was infected with a Trojan on his PC which probably auto-downloaded the images. (In light of moves like Operation Ore, we'll probably hear more defenses like this.)"
Human: I plead insanity! I wasn't aware of my actions at the time that I was doing them. I can't be held responsible.
Computer: I plead trojan. I wasn't aware of my actions at the time that I was doing them. I can't be held responsible.
Perhaps Mr. Schofield should be charged with the misdemeanor offense "Running Windows".
Some community service should put things aright, methinks.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
I guess you should have invested in some virus protection software. Could have saved a lot of money.
...of making a virus that downloads child pr0n onto a remote computer? I thought virii were created to wreak havoc, not frame random computer users... or am I wrong? And furthermore, if a jury can believe this defense, what's to keep all the imminent RIAA and MPAA suits from being defused by the same argument? FIRST POST! WOO!!
"Life in every breath... that is bushido"
- Bill
They've been downloading MP3s, porn, movies, all kinds of stuff I am not aware of!
- For the complete works of Shakespeare: cat
Now this is why you should always use protection? Don't know what you will catch
Rus
Cheap UK and US VPS
I doubt this type of defense will help people who used their credit card to sign up for child porn sites.
Himmler: My orders were not from Hitler but from a virus.
Tim McVeigh: A virus filled that truck with diesel and fertilizer.
Magic Johnson: I didn't get AIDS from a woman but from a virus.
well.. ok, you can scratch the last one.
Trolling is a art,
Yet another example of why the decision to allow defendants in criminal trials to be named was a bad decision *sigh*.
As to the story - sounds strange that a trojan would do that unless someone was using his machine as a proxy and in that case why would the images be cached on his system?
This bloke lived near me, he was hounded out of his home by ignorant fuckwits who presume that becuase somebody lives with their mother and father (after the age of 18) and is being done for paedophile images, the must be guilty.
It's a bit of a wake up call to the moronic masses that people can be innocent as well as guilty!
So that's how those pictures of mating llamas got on my hard drive!
Why haven't I deleted them?...
*shifts eyes, and flees*
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
The more it goes, the more I think that the main issue of online security is not the protocols (SSL, SET...) but the security of the endpoints, and particularly of the clients.
I would not be surprised if we found a virus that searches through the local (and even LAN-accessible) documents for interesting keywords or types of information, then somehow manages to send this information back to some spying agency. In fact, I think this has probably already been done.
Imagine the potential:Of course, most corporate networks are firewalled. Still, lots of binary data is exchanged. You just have to hide yours in the flux... Do you really think this would be noticed in the middle of a virus attack?. Traffic analysis would be thwarted by the viral attack sending information in many directions, with no obvious destination. Onion peel routing and distribution through Usenet or WWW bulletin boards could do the rest - untracable information.
When the crime is as insane as "possession of a picture" (a digital one, no less), the defenses to the crime will sound somewhat nutty as well. It's to be expected. The only solution is to eradicate due process entirely and just execute the acccused immediately. Considering we're talking about kiddie porn here, i'm sure a vast majority of people wouldn't mind doing so at all.
Stupid people make stupid things profitable.
The problem this guy is going to face is that, despite his conviction, the prevailing mood in the UK is such that he will still find himself stigmatised for a very long time.
As he found out from the vigilante attacks before his trial, the maxim "innocent until proven guilty" doesn't seem to apply for some people any more - the witch hunts led by certain newspapers mean that any slight suggestion of paedophilia turns the accused into an immediate fugitive.
Therefore, though it's very kind of the Crown Prosecution Service to accept this explanation at trial, why did they wait before it was up before a judge with all the attendant publicity before letting him off the hook?
In the minds of some people as well, there's going to be an attitude of "that's right, blame it on the computer - he would say that, wouldn't he?". Technology-based defences simply don't hold water for a lot of non-technical people - which with the increasing number of technological offences being put to juries is quite a worry.
So, this guy will still be stigmatised as a paedophile, all for the price of some virus checking software...
Very dubious indeed. I find it very hard to believe that he did not notice several image files appearing on his drive. Also such paedophiles are monitored very carefully, and not without reason.
This may have been a case where the jury and judge knew very little about the natures of trojan and computer.
I am a man, not a toy.
This case sounds interesting for a couple of reasons. The defendent's entire case is out the window, of course, if the prosecution shows that the virus was not responsible for downloading kiddie pr0n. Assume such a virus existed for the sake of argument.
First, there is negligence for allowing one's computer to become infected. A related precedent would be the owner of a condemned house allowing it to become a crack house. IANAL, but in a lot of ways it seems the cases are similar. One could claim that the software manufacturer (MS) was responsible for faulty software, or that the virus writer was responsible for letting loose his creation. In the same way, the crackhouse owner could claim that the lock manufacturer did a poor job, or that the addicts breaking into his house were at fault.
Second, if computers become more like personal extensions of ourselves, indispensible, parts of our consciousness in some far-fetched way, then the defendent might take the insanity route. That is, "God told me to take 7 wives and this girl is one of them." However, computers are subject to more detailed forensics that people's brains, so claiming an insane computer might not withstand much scrutiny in court.
"Provided by the management for your protection."
I am sorry Mr. President... my computer was infected with a virus and this trojan submitted comupter code to terrorist supporting open source projects. Particularily, OpenBSD...
"The large print giveth, and the small print taketh away" -Tom Waits
--
cheap website hosting
With that out of the way, I find it amazing the lengths people will go to to blame anybody or anything for their actions but themselves. "I didn't download pictures of naked children, the computer did it!" or "I didn't willingly throw myself upon a flaming mattress, that show on MTV made me do it! or "I didn't want to get pregnant, it was HIS fault!"
I apologize for this somewhat offtopic rant, but it's this kind of lack of personal responsibility that's eroding our society.
There's a Mercedes gap too. I want one and can't afford one, but it's not government's job to do anything about it.
I read this story about a week ago. It worried me a lot at the time for the precedent it sets. From the story, either someone was out to incriminate this guy by planting child porn on his computer or this guy really did download it and he is up against some really pathetic prosecutors. We read that he has been attacked in his neighbourhood, and that he is an all round family man. Fine. But that in itself doesn't make the story more credible... Either way, the guy responsible has got away free. Isn't that the most worrying thing...
I gotta keep this short 'cause I have to go uninstall Symantec Norton Antivirus Corporate Edition to make sure that my company lawyers have a good defense for some of our employees.... Hell, I might just turn off our firewall and load MS Backoffice for an OS as long as we're looking to give more people/programs easy access.
My brother called me one day to say that his new computer had run out of disk space and he didn't know why. I connected to his computer via Remote Desktop and browsed his folder and when I got to his My Music directory it was full of 7 gigs of movie files, none of which he had seen before. I deleted them and suggested he get a firewall program.
Sure enough, as soon as he got his firewall up he got a slew of alerts about people trying to connect to his computer. I make sure I keep my firewall up at all times now.
The articles don't mention why the authorities looked on his PC for kiddie porn. What tipped them off?
I suspect there's much more to this case than the articles mention.
Once again, sorry for bleating like a dying, clubbed baby seal, but I felt that I should add that although I don't have any links that I can think of right now DIRECTLY on the subject, I would like to direct you to a series of essays on kuro5hin.org, written by a man living with schizoaffective disorder. Although it probably won't change your viewpoints, perhaps upon reading about some of this guy's experiences, you'll have a building block to construct a more enlightened philosophy of justice and of mental disorder.
See, its not a problem that the odd inncent person has his life ruined by association with crimes that they did not commit, because we're dealing with kiddie porn! Sure, a few people will have their lives ruined, but it's kiddie porn!
I personally think that we should skip the trials altogether. Sure, some innocent people will end up in the nonce wing for life, but it's kiddie porn!
Won't somebody please think of the children!
O.K, I'll stop now. I don't even know if I'm being sarcastic any more...
Yes officer, the lock on my front door has been broken for a few weeks now. That body is in the basement because some bastard probably dropped it off there while I was at work
To make laws that man cannot, and will not obey, serves to bring all law into contempt.
--E.C. Stanton
Anyway, with P2P getting more sophisticated, efficient and private, I can easily see this happening a lot. Of course, I don't think anyone should be guilty in cases like these. Apparently, neither do the British courts.
2001-12-25 02:34:02 Porn trojan virus? (articles,security) (rejected)
I've seen and disinfected a laptop of a friend who was infected with a virus that downloaded porn pages in the background whenever he connected to the internet. I guess it was to collect link credits. His history and cache would fill up with porn crap and he claimed to not be visiting the sites. At first I didn't believe him (obviously) and was surprised when I saw the behavior for myself. Beware!
I see a lot of comments about - wink, wink - sure it was the virus, or dumb ass for executing a Trojan.
My first lesson with an improperly configured Linux box outside the firewall was when my ISP called asking about some insane bandwidth use. What? I checked the box and it seemed fine. Found out the traffic was on FTP, which I was not using. Sure enough, tons of porn and other files were getting uploaded and downloaded... all the files in a hidden directory. The box was owned, and I ended up rebuilding from scratch, this time leaving services off I did not actually use and patching some of the services I did. Than I discovered ssh and a few other key insights that were new to me.
I cannot believe I am the only one this kind of thing happened to...
+++ UGUCAUCGUAUUUCU
Need I say more?
If you keep throwing chairs, one day you'll break windows....
I didn't notice the folder named "Child Porn" and all the neatly arranged subfolders inside of "My Documents".
A couple of months ago CSO magazine ran an article about a similar problem, except it was coupled with the threat of blackmail.
Could it possible that this (or something similar) can get an innocent victim arrested? In a less technologically literate or a far more fundamentallist culture, the "virus did it" defense probably won't work . . .
In this case a crime was committed. Whether the crime was committed by the accused or some unknown third party is irrelevant. All that is relevant is known security holes and popular complacence allowed the criminal(s) to escape prosecution. Would the firewall banned by the ISP had helped this guy? Who knows. Will following the paranoid government route of building back doors and escrowed keys into every so-called secured system make the situation worse? Probably. The government will have great motivation to prove their protocols are one hundred percent secure, and will have no motivation to make sure justice is done by finding the real criminals.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
I was discussing this very notion with a co-worker not to long ago as a way to get around the RIAA. If someone writes a virus that connects to P2P networks would you be liable for songs downloaded onto your machine if it was discovered that you were infected?
And drinking is the interesting analogy because you generally begin sober and aware that drinking will lead to a lack of accountability. In many jurisdictions, this knowledge means you are still liable because the ultimate consequences are forseeable.
So now, what if I offered a site that wanted to distribute a banned kind of material (kiddie porn, secure encryption technology, that kind of thing) and it was known that anyone connecting could not legally ask for what they surely wanted. Isn't the obvious solution for me to make a virus that will "helpfully" download it for you? You'd just pay for "time at my site" browsing my fine HTML pages, not for the content. But, magically, the content would just get thrust upon you. Escort services use this dodge. Customer pays for time, not service. But customers get service, typically, or they don't come back. Still, legally, the transaction may be quite distinct from prostitution (so I'm told).
Then again, the escort service model obliges me to come to the issue of "victimless crime". Driving drunk and injuring someone has a victim, and we want to fix the legal system to minimize such cases. Escort services have no obvious victim, IMO, and so I'd argue the other way--that perhaps the simpler solution is just to legalize prostitution.
Child porn is caught in between these two scenarios, I think, with some parts of it falling into one scenario and some into the other. Certainly, if the pics are of real children, then that's bad. But it's within range of technology to make the entire industry based on fabricated images. Then who would be the victim? If no child was abused in the taking of the pictures, for all we know, the people in possession of them are sublimating urges they might otherwise carry out. Is taking the photos away going to cause them to not have the urge? Or just cause them to be out on the street seeking real children? We're so quick to make assumptions in this area, I just don't know why we don't just make a death penalty for anyone even suspected of child abuse or kiddie porn and be done with it mercifully, because nothing the person can do for the rest of their life after they're found in possession of something like this will ever be normal.
When I see a child being abused, it's not erotic to me. That it is to someone shouldn't make it a crime for me to see it--maybe I and all of us need to see that picture to understand someone's outrage about a crime. How do we know when someone is seeing something for a "legitimate" reason or not? There may be pictures of murders that arouse people, but we distinguish between "snuff films" (which are illegal because of their filming technique, not their content) and other films about murder, because murder is a fact of life we need to understand. I am alarmed at the concept that the mere possession of certain kinds of topic material, in and of itself, a crime. Who will study this crime if no one may possess its materials? Will images of murder, of feces, or other things that turn others on but not me one day also be illegal to possess? Where does it stop?
Sure--people are legitimately angry at people who harm children, and they want someone to punish. They can't catch the guy who makes it, so they find someone else to lash out at. (The drug war is the same way. Sometimes drugs cause problems, so we make all uses of drugs illegal whether they hurt anyone or not, just so there's always someone handy to punish when we're mad.) I just hope that in our rush to make it possible to punish people who too easily elude our present systems, we don't take away rights which are not causally related to any kind of harm. And I have to say, the idea of criminalizing the viewing a picture, any picture, in privacy, whether it's a field of daisies or a torture chamber somewhere, is
Kent M Pitman
Philosopher, Technologist, Writer
So, the day has come at last. I must say I'm surprised, as I've been expecting it for over 5 years.
The point is that the law has to decide how much responsibility a person has for what their computer decides to do.
Up till now, the assumption has been that whatever your computer does, is done at your request, and you are wholly responsible. This despite the fact that that has never been true, and is getting further from the truth every year.
There is no legal tradition to apply here. The nearest analogy to the relationship between a person and his computer is the relationship between a man and his dog.
People have kept dogs for thousands -- most likely tens of thousands -- of years, so everyone has a rough idea what the deal is. The general legal view is that you have a duty to keep your dog from causing harm under forseeable circumstances, but there is a distinction between what your dog does and what you do. If your dog attacks a child, you are not guilty of Grievous Bodily Harm, but you might be guilty of keeping a dangerous dog. If your dog craps on the street, that is different than if you crap on the street, but you might still be fined.
If you are found guilty of not properly controlling a dog, you can be banned from keeping one. If your dog causes harm and is considered not to be controllable, the court can order it to be destroyed.
(If you deliberately cause your dog to kill someone, that is still murder of course, but your intention is crucial)
This is the only rational legal framework for crimes committed by a computer without the intention of its owner.
When will computers that run MS-Windows be ordered to be put down?
Most people, if you kick their dog, won't kill someone.
What's the difference between someone with a mild 'illness' like a hair trigger temper and a true ilness (NGRI)?
Should I plead 'hair trigger temper' and get anger management counseling?
Seems like both make a person unable to function in normal society doesn't it?
Guy was accused of having pornographic pictures of kids on his computer, right? Well he did! It's purely mitigation that it wasn't his fault - but legally it was still his responsibility, if the law was written that way. Bit like receiving stolen goods law.
Now if the burden of proof becomes the presecutor's to PROVE the defendant knowingly downloaded the material (as opposed to reasonable likelyhood),then we're going to get a lot of ISP log requests to differentiate between an upload by nastyware and a download by user.
The guy is a sicko. No doubt about that. Second, I have a real problem with the way they seem to be handling kiddie porn prosecution. They are going, it seems, after the users and not the sick bastard who took pictures of the children in the first place, and put them up on the web. If the kiddie porn producers are taken care of, then the user end pretty much gets taken care of by itself. I ain't saying that these sickos should not be watched. If you download them, chances are, you will upload them. So, yeah they should monitor the guy. I never said that what they user does is right either, it's just if the picture does not exist to download, well, you get the idea. He'll just have to go somewhere else for his sick fantasy. Also, there are a ton of porn sites that ride the edge in my opinion. I mean have you ever gotten a e-mail (that was not filtered yet) and the girl in that porn spam looked like she was WAY too young. I have seen this time and time again (SPAMMERS! Got to hate them....).
Gorkman
I imagine many of you have used P2P apps like KaZaA. I'd bet money that almost all of you even downloaded some porn with it. Don't be bashful. There's nothing wrong with it. However I'm sure you too have noticed the overwhelming amount of BS crap files that get turned up in searches. Many of them say "underaged" or "pre-teens" or many other things that indicate a minor child. And many of them are pure junk and are simply pictures ripped from a Girls Gone Wild video. However some times you end up downloading a picture you just can't identify. You really can't tell if those are kids, flat-chested and baby-faced college seniors, or midgets. If you don't delete these files and leave them on your computer, are you now guilty of having child pornography if someone proves that the picture you downloaded 1 year ago and is still in you junk directory?
Lets say for example that your ex knows you have porn on your computer. Hell she and you used to watch it together. You break up with her and she's pissed. She makes an anonymous call to the police one night when drunk. The next day and overzealous police officer has a warrant from a judge looking for some good PR for the election coming up. They confiscate your computer and arrest you, even though all they have as proof is the anonymous tip. A lab goes through your hard drives and CDs while you're grilled by a cop with bad breath over how you abuse children. You don't want to call for a lawyer because you don't want to seem guilty. You think it's all a big mistake. The lab boys come back with the porn. The cops browse through it. A picture comes up of Devon in her early years. "Does she look like a minor to you, Bob?" "She sure looks like a minor to me, Chuck." They arrest you and charge you with child pornography, even though they have confirmed that the person in the photo is a minor. The PD and DAs office goes public to say how they've arrested a vile child pornographer. Media coverage. Citizen outrage at him. yadda yadda yadda. In the meantime he's arrained. This gives an assistant DA time to go through all the porn on the hard drive. Whoops. It turns out that the photo the cops thought was child porn wasn't. Hell it obviously wasn't. Damn overzealous cops. Nevertheless he goes through all the porn. He even enlists the help of a person in the pornography business who can recognize many of his fellow actors. Finally they come down to a small handful of pictures that no one can identify. Of these 3 could be of a minor. The DA picks the most child-like photo as proof and goes to trial. The prosecution paints the defendant as a vile, horrible child pornographer. A few of his ex-girlfriends step into the lime light to say how he was abusive or was obsessed with kids or some other bullshit like that. The defense lays out the facts of law and that the photo can't
I really can't see anything objectionable with just looking at pictures and jacking off. Frankly, if these people have to get their rocks off, isn't it better they do so into a box of Kleenex? If some nonce is at home having a w@nk then he's not out there doing any *real* damage; nor is he likely to be capable of any real damage for a few hours.
I say - decriminalise mere *possession* of images and concentrate resources on the *real* problems. For a start, find out what the real problems *are* instead of going around in denial (which is what the vigilante mobs are doing; they set out to attack suspected paedophiles to reinforce the idea that they themselves couldn't possibly entertain such a notion).
The amount of harm done to a child by the manufacture of one pornographic picture of them is the same whether one person or a million people look at it -- as long as looking is all they do. Remember the old rule of "innocent until proven guilty" - it used to be a principle of British justice.
Je fume. Tu fumes. Nous fûmes!
Caught in a loop
and I can't log out
I've been hacked on my port 80
Why can't I free
system memory
Why didn't McAffe's checker save me
I cant go online ever
with these malicious MIMEs
Now I know I should have never
clicked suspicious MIMEs...
Popup windows
that I can't ever close
Backspawn themselves and won't go away
My javascript's bad
I guess I've been had
by some script kiddie based in Bombay
My own ISP
is denying service to me
They say I hosted last night's ping storm
And I'm spamming the net
and people I've never met
Are questioning my taste in p0rn
I cant go online ever
with these malicious MIMEs
Now I know I should have never
clicked suspicious MIMEs...