Slashdot Mirror
Kiddie Porn - The Virus Did It
The New York Times reports on a British man who was accused of downloading child pornography, and who successfully convinced the court that a virus did it. This is at least the second time this has happened. These cases are extremely interesting since they bring together all sorts of issues of computerized agents - who is actually responsible when your computer does something?
One evening late in 2001, Julian Green's 7-year-old daughter came upstairs from the computer room of their house in the resort town of Torquay, in western England, and said, "The home page has changed, and it's something not very nice."
When Green checked the family PC, he found that it seemed almost possessed. The Internet home page had been switched so that the computer displayed a child pornography site when the browser software started up. Even if he turned the computer off, it would turn itself back on and dial the Internet on its own.
Green called the manufacturer and followed instructions to return his PC to a G-rated condition. The porn went away, but the computer still often crashed and kept connecting to the Internet even when "there was no one in the blinking house," he said.
But Green's problems were only beginning. Last October, police knocked on his door, searched his house and seized his computer. They found no sign of pornography in his house but discovered 172 images of child porn on the computer's hard drive. They arrested Green.
This month, Green was acquitted in Exeter Crown Court after arguing that the material had been gathered without his knowledge by a rogue program created by hackers -- a so-called Trojan horse -- that had infected his PC, probably during innocent Internet surfing. Green, 45, is one of the first people to use this defense successfully.
While a case that played out in the British legal system sets no precedent in the United States, legal experts say the technical issues raise two troubling possibilities. For one, actual child pornographers could arm themselves with a new alibi that would be difficult to disprove. Or, unknowing Web surfers could find themselves charged with possessing illegal material that a lurking software program has acquired.
"The scary thing is not that the defense might work," said Mark Rasch, a former federal computer crime prosecutor. "The scary thing is that the defense might be right," and that hijacked computers could be turned to an illegal purpose without the owner's knowledge or consent.
"The nightmare scenario," Rasch said, "is somebody might go to jail for something he didn't do because he was set up."
Green was eventually exonerated, and he said he had no clue how the rogue software showed up on his computer. "I never download anything, and as far as I knew, no others had," he said.
When his solicitor, Chris Bittlestone, hired a computer security consultant to examine the PC, nearly a dozen Trojan horse programs showed up on the hard drive.
"When the report came in, it was very much what you would call a eureka moment," Bittlestone said. But Green took the news differently.
"He was very quiet and said, 'See? I told you,' " Bittlestone recalled.
"There's some little sicko out there who's doing this," Green said, "and he's ruined my life. I've got to fight to get everything back."
Green's case could point the way to a new defense in U.S. courts , said Andrew Grosso, a lawyer and former federal prosecutor. The presence of a Trojan could mean that the computer is "not entirely under your control," he said, and a defendant could "legitimately point a finger elsewhere."
Many of the common adult newsgroups are polluted by paedophile images sent by hard-core porn sites. It's a serious problem because it means that the majority of newsnet-carrying ISPs and servers are actually carrying large amounts of kiddie porn.
Roughly twenty years ago it was hyperbole for the Dead Kennedys to "sing" about things like this. I forgot which song it was, and you have to remember the culture was more conservative in some ways twenty-odd years ago, but the words went like this:
Pissed at your neighbor?
Don't bother to nag.
Pick up the phone.
Turn in a fag.
Well add about a million times as many transistors and just a little bit extra effort on the part of the spiteful neighbor, and change the setup, and bingo--instant permanent damage to the private citizen you hate, for whatever reason!
Joe Average is an easy victim for the countless malicious trojans floating around. Visiting a straight porn site is no crime. Being deceived by messages like "Install browser enhancement (OK/Cancel)" is no crime. I have removed countless porn-related trojans from friends' PC's. If someone wants to put kiddie porn on unsuspecting victims' computers, this is no hard task. Removing a trojan when your anti virus software detects it would be the sensible thing to do. If the trojan has downloaded contraband to your PC, it will still be there, but you have removed the proof that you didn't dowload this intentionally. I would say proving intentional downloading of child porn should be pretty hard.
"And you are dying so slowly, you believe to be living" - Bertrand Besigye
I am not a lawyer (I still can't bring myself to write that abbreviation,) but if it is a valid defense in a criminal child pornography case to say I wasn't responsible for downloading it, could this not set a precedent for Civil copyright cases? Or are the RIAA's rights more compelling than that of the victims of Child pornography?
"I was hacked. You know, ever since all the Lawsuits started happening, there has been an increase of people hacking computers to download music."
I think a case could be made of that.
...I've seen this one before (by the description). When I was working on PCs for a living, an optomologist's secretary brought in her computer, which was acting "strangely" and all sorts of "foul things" were coming up on her screen. I figured something had just replaced her homepage on IE with a porn site or something like that, so I plugged the machine up and let it boot, explaining to her "well, there's some bad shit you have to look out for, but there's always worse". I was quite wrong. This was worse.
When I fired up IE on the system, it went straight to a child pornography site that was obviously a typoed URL (freecilpart.com or something like that...don't hold me to it since my memory's terrible), and the default homepage setting was being updated constantly (like kak). This program was listening on some oddball high-numbered port.
Since the box was inside a Novell network and wasn't exposed to the outside world (much) I figured it wasn't a normal compromise. I told her to contact the FBI over the site, and I went looking for the malware, but couldn't track it down (limited time on it, though) and wound up wiping the box clean and reinstalling Win98. She's very religious about keeping the a/v definitions updated now (:
I had an interesting experience helping my cousin with his computer a few hours ago. I've done this plenty of times before, and I'm sure every computer professional has served as volunteer tech support for family members at least occasionally. The difference this time is, instead of simply doing a few quick fixes for the things that were broken/nonfunctional (which is what I usually do, in the interests of time), I actually thought long and hard about what was broken, and more importantly, how and why it got that way.
I will state from the top that I don't intend for this to be a Windows bash session. Though it's plainly a software environment I try to avoid when it's practical to do so, I recognize that I'm a kook and that most of the rest of the world has decided otherwise. Since, like death and taxes, Win32 is omnipresent, unavoidable, and in the end always victorious, it's prudent to learn how to efficiently work with it.
My cousin purchased a basic home system earlier this year, a modest (but powerful enough) system with Windows XP Home Edition preinstalled. It also came with Microsoft Works (which he's just starting to use for his classes) and the various and sundry shovelware that no user ever bothers to either run, nor uninstall. We live very close to each other, so we both have the same network provider -- in this town it's basically Comcast for broadband or the highway (read: craptacular dialup). He uses Yahoo as a portal page, and occasionally uses Yahoo Messenger. He likes tuning in to streaming radio, so he has dozens of stations bookmarked. And that's pretty much it -- he uses his machine for web surfing, internet radio, and the occasional short word processing or IM session.
I stopped by today to help him with a project he's starting up and he went to log into his computer. My first clue that something was very wrong: it took forever. The interval between the time when he entered his password and when he gained full control of the machine (i.e. when the busy cursor went away and the machine finally became responsive enough for him to do anything as basic as using the cursor to launch a new application) was at least 90 seconds. This box isn't a server, he's not compiling code or serving pages or rendering frames or anything else that ought to be stealing major cycles from the foreground UI. After that eternity has passed and he finally gains control of the machine, he gets a dialog box advertising cheap university degrees. By this time, I'm all like "what the f___?!?" It seems that in my time away from mainstream (i.e. Win32) computing, something known as "Windows Messenger Service Spam" has become a serious nuisance. How goddamned evil can they get? You don't even have to open your mailbox before some lowlife jumps in your face trying to sell you merde? How fricking evil is that? I do wonder what kind of krakk kokane your software engineering staff has to be smoking for them ship an operating system that, in its default configuration, allows an unauthenticated tcp message from any random spot on the internet to display a dialog on a client workstation, but, as I mentioned earlier, that's not where I want to go today. I felt a sick feeling in my gut, realizing that there are probably millions of grandmothers out there getting these stupid things popping up in their faces all day, without the vaguest clue of how to stop them.
After closing the messenger spam, my cousin started his browser, which happens to be IE 6. This took an extroardinarily long time. Once it came up, I noticed that he had a Yahoo toolbar underneath the standard Explorer toolbar, bristling with gewgaws, animated crap, pulsing buttons and links to, erm, "synergistic content". In addition, there was a vertical pane along the left side of the window, also Yahoo branded, also full of pulsing, flashing, irrelevant happy crap. In the middle of trying to throw up (and I do mean "throw