Kiddie Porn - The Virus Did It

The New York Times reports on a British man who was accused of downloading child pornography, and who successfully convinced the court that a virus did it. This is at least the second time this has happened. These cases are extremely interesting since they bring together all sorts of issues of computerized agents - who is actually responsible when your computer does something?

Virus?

[Renraku]

"It wasn't my fault, Officer. Honest, the video said it was Terminator 3 when I downloaded it!"

"The evil hacker even took the time to arrange and sort those pictures by series!"

Re:Virus?

[glesga_kiss]

If I notice that my car's brakes aren't working that well, I can do one of three things. [snip] If I run over somebody because my brakes don't work, I'm pretty sure I can get sued because I'd be responsible for my car.

Yes, but common knowledge tells everyone what the brakes do in a car. You do a driving test that requires the use of the brake.

A lot of the people who use the internet these days know nothing about it. I'm sure that at least 90% of web users are oblivious to the fact that it's possible for a mallicious web page to crash your browser, install a trojan, and do all sorts of nasty stuff. How many click OK to Comet Cursor or "magical time sync software"? Who here hasn't been asked to help a friend with a troublesome system, that was found to contain all maner of trojans and ad-ware?

It's often said that ignorance isn't an excuse. I'd argue against that in many cases. Ignorance is an excuse where it would take 3-4 years of learning about IT to be aware of what's going on under that case.

Re:Virus?

[pantycrickets]

If I notice that my car's brakes aren't working that well, I can do one of three things. I can A: repair the brakes or B: take my car to someone who can to fix the brakes or C: drive around as if nothing's wrong. If I run over somebody because my brakes don't work, I'm pretty sure I can get sued because I'd be responsible for my car.

Once again, someone who tries to apply a metaphor from the real world, and fails.

You see, almost every day I get kiddie porn spam. Young russian girls, y.o.u.n.g BOYZ!, girls and horses, all kinds of crap. Sometimes they attach pictures, usually they don't. I always delete them. They're not actually deleted of course though, and the thought has crossed my mind: could something like this be used as a form of entrapment?

"Look, we found KIDDIE PORN in his TRASH FOLDER!!!"

So, if you wanted to make a little comparison with real life, in this case it would be more akin to someone cutting your brake lines and you driving into a crowd of people and then being held responsible then sent to prison.

Of course, since the moderation system on Slashdot was meant to censor anyone with an even slightly unpopular opinion.. this will be posted at 0. Oh well..

Re:Virus?

[another_henry]

Being a close friend of the the man's son, Alex Green, I can attest that his story is true - but there is more to it than that. Mr Green's older daughter (14 at the time, I think) had a vendetta against him for several years. She was the one who reported it to the police, and most of the Green family believe she put the porn on there to incriminate him. Of course Mr Green wouldn't testify against his own daughter, although he doesn't consider her a daughter any more...

Re:Virus?

[Hentai]

Yes.

And just like the Committee on Anti-Communist Activities, or the Salem witch trials, the answer will continue to be "yes" until a sufficient number of high-profile people have been inconvenienced by it. Right now, the witch-hunt is under control. But like all fires, it will quickly go wild, and the frenzy of the mob will take over - at which point, there will be a few nasty incidents until someone powerful and influential is damaged, at which point the tides will change and we'll all realize what a mess we've created.

Then we'll find a new name and a new face for it and start the whole process over again.

Re:Virus?

[0111+1110]

Are you saying that most people like to look at kiddie porn?

If you define kiddie porn as any sexually suggestive photo of a female under the age of 18 (the legal definition), then yes. If you define it as the same type of photo of a female under the age of 11 (the pre-pubescent, almost boyish look), then I would say no.

Everyone seems to have their own definition of "too young". Forget about how bad most guys are at actually being able to differentiate the photo of a 14 or 15 year old from on 18 year old in real life. Of course, some people are very good at guessing people's ages.

From Star Tribune

[2674]

One evening late in 2001, Julian Green's 7-year-old daughter came upstairs from the computer room of their house in the resort town of Torquay, in western England, and said, "The home page has changed, and it's something not very nice."

When Green checked the family PC, he found that it seemed almost possessed. The Internet home page had been switched so that the computer displayed a child pornography site when the browser software started up. Even if he turned the computer off, it would turn itself back on and dial the Internet on its own.

Green called the manufacturer and followed instructions to return his PC to a G-rated condition. The porn went away, but the computer still often crashed and kept connecting to the Internet even when "there was no one in the blinking house," he said.

But Green's problems were only beginning. Last October, police knocked on his door, searched his house and seized his computer. They found no sign of pornography in his house but discovered 172 images of child porn on the computer's hard drive. They arrested Green.

This month, Green was acquitted in Exeter Crown Court after arguing that the material had been gathered without his knowledge by a rogue program created by hackers -- a so-called Trojan horse -- that had infected his PC, probably during innocent Internet surfing. Green, 45, is one of the first people to use this defense successfully.

While a case that played out in the British legal system sets no precedent in the United States, legal experts say the technical issues raise two troubling possibilities. For one, actual child pornographers could arm themselves with a new alibi that would be difficult to disprove. Or, unknowing Web surfers could find themselves charged with possessing illegal material that a lurking software program has acquired.

"The scary thing is not that the defense might work," said Mark Rasch, a former federal computer crime prosecutor. "The scary thing is that the defense might be right," and that hijacked computers could be turned to an illegal purpose without the owner's knowledge or consent.

"The nightmare scenario," Rasch said, "is somebody might go to jail for something he didn't do because he was set up."

Green was eventually exonerated, and he said he had no clue how the rogue software showed up on his computer. "I never download anything, and as far as I knew, no others had," he said.

When his solicitor, Chris Bittlestone, hired a computer security consultant to examine the PC, nearly a dozen Trojan horse programs showed up on the hard drive.

"When the report came in, it was very much what you would call a eureka moment," Bittlestone said. But Green took the news differently.

"He was very quiet and said, 'See? I told you,' " Bittlestone recalled.

"There's some little sicko out there who's doing this," Green said, "and he's ruined my life. I've got to fight to get everything back."

Green's case could point the way to a new defense in U.S. courts , said Andrew Grosso, a lawyer and former federal prosecutor. The presence of a Trojan could mean that the computer is "not entirely under your control," he said, and a defendant could "legitimately point a finger elsewhere."

Re:From Star Tribune

[gujo-odori]

As a former abuse admin at an ISP, I actually find his story pretty plausible. It's been common for a couple of years now for Outlook/Outlook Express worms to have their own SMTP engine for propagating themselves. "Special viewers" from "free" pr0n sites that disconnect a dialup connection and dial back to a 900 number or similar in an offshore location have been around since the early days of the commercial Internet. They're apparently a huge problem in Japan, because Japanese long distance companies were for a long time (and could still be) including warnings about that scam along with their bills.

There are countless varieties of peer-to-peer networking programs out there. Lots of spyware, too.

In other words, all the technology to create a worm that will, upon installing itself, set up to dial the Internet, harvest child pornography, and make it available to other zombies with the same program, is already on the shelf. All some sicko has to do is assemble it and release it in the wild. I find it entirely plausible that someone already has. Very disturbing, but plausible.

Re:From Star Tribune

[Molina+the+Bofh]

Another possibility I see is that the cracker was using stolen credit cards to access these sites,or doing other risky operations.

The cracker would do it from a remote (hacked) machine to avoid being traced.

In this scenario, it was not a set up with the intent to fuck his life. Green would just be used.

Another question that comes to my mind. According to the article, it was a family's PC. Supposedly, mom, dad and their daughter would use it. So why did they choose Mr. Green to be arrested ?

What if it was their daughter ? Or even mommy ?

Just because most sexual offenders are male ?

Reg Free Link

[FannyMinstrel]

Here

Newsgroups...

Many of the common adult newsgroups are polluted by paedophile images sent by hard-core porn sites. It's a serious problem because it means that the majority of newsnet-carrying ISPs and servers are actually carrying large amounts of kiddie porn.

Pissed at your neighbor? Don't bother to nag...

Roughly twenty years ago it was hyperbole for the Dead Kennedys to "sing" about things like this. I forgot which song it was, and you have to remember the culture was more conservative in some ways twenty-odd years ago, but the words went like this:

Pissed at your neighbor?
Don't bother to nag.
Pick up the phone.
Turn in a fag.

Well add about a million times as many transistors and just a little bit extra effort on the part of the spiteful neighbor, and change the setup, and bingo--instant permanent damage to the private citizen you hate, for whatever reason!

Where I come from...

[Phekko]

the law in Finland (IANAL, but still) says "if you know or SHOULD know..." I believe this one falls under the "should know" category.

Now that we're on this topic, though, does anyone know where to get a virus that downloads high quality images of nubile women with scant clothing who are of legal age?

It has to be a conspiracy

[__aadhrk6380]

Did anyone check the name of the company that located the virus? Vogon International, LTD.

I suspect the Prostetnic Vogon Geltz.

Innocent until proven guilty

[RichLooker]

Joe Average is an easy victim for the countless malicious trojans floating around. Visiting a straight porn site is no crime. Being deceived by messages like "Install browser enhancement (OK/Cancel)" is no crime. I have removed countless porn-related trojans from friends' PC's. If someone wants to put kiddie porn on unsuspecting victims' computers, this is no hard task. Removing a trojan when your anti virus software detects it would be the sensible thing to do. If the trojan has downloaded contraband to your PC, it will still be there, but you have removed the proof that you didn't dowload this intentionally. I would say proving intentional downloading of child porn should be pretty hard.

Valid Defense?

[CB-in-Tokyo]

I am not a lawyer (I still can't bring myself to write that abbreviation,) but if it is a valid defense in a criminal child pornography case to say I wasn't responsible for downloading it, could this not set a precedent for Civil copyright cases? Or are the RIAA's rights more compelling than that of the victims of Child pornography?

"I was hacked. You know, ever since all the Lawsuits started happening, there has been an increase of people hacking computers to download music."

I think a case could be made of that.

Statistics

[heironymouscoward]

"those with pictures are statistically likely to go on to physical acts..."

Do you have figures to back up this claim?

The study of pornography and its impact on sex crimes is always highly charged, but there is a good basis for believing that free access to pornography actually reduces sexual offenses (not just against children, but of all kinds).

And yes, there are "wrong buttons" that will download images to your PC. Someone else here mentioned that Newsnet is regularly spammed with child porn.

Criminals should be punished, no doubt about it. But witch-hunts are never productive. You think you are catching the real crooks? You're not. In fact, you're driving the sale and distribution of child porn underground, causing it to become harder and more violent.

Pushing even an obnoxious trade into the hards of real criminal networks is not wise: you may get that rosy feeling of 'doing good', but the cost is paid by huge numbers of new victims in far-off places.

Come to think of it...

[Kronovohr]

...I've seen this one before (by the description). When I was working on PCs for a living, an optomologist's secretary brought in her computer, which was acting "strangely" and all sorts of "foul things" were coming up on her screen. I figured something had just replaced her homepage on IE with a porn site or something like that, so I plugged the machine up and let it boot, explaining to her "well, there's some bad shit you have to look out for, but there's always worse". I was quite wrong. This was worse.

When I fired up IE on the system, it went straight to a child pornography site that was obviously a typoed URL (freecilpart.com or something like that...don't hold me to it since my memory's terrible), and the default homepage setting was being updated constantly (like kak). This program was listening on some oddball high-numbered port.

Since the box was inside a Novell network and wasn't exposed to the outside world (much) I figured it wasn't a normal compromise. I told her to contact the FBI over the site, and I went looking for the malware, but couldn't track it down (limited time on it, though) and wound up wiping the box clean and reinstalling Win98. She's very religious about keeping the a/v definitions updated now (:

You are confusing two things

[heironymouscoward]

Possibly intentionally: child molesters, and people who download child pornography.

Uhm, I've a large collection of videos about cars crashing, but that does not make me a dangerous driver.

You are being somewhat wicked when you imply that everyone with a penchant for watching a kind of act is also likely to go out and commit it. This is a tired pseudo-psychology that has tried and failed to link TV to violence, games to violence, foreign-language films to political insurrection, what have you. Monkey see, monkey do? I don't think this argument has any provable basis.

You cannot save children from exploitation by making such falacious arguments. You must show a clear connection between the person in possession of pornography, and those committing the acts.

Imagine we're talking about rape videos. Now rape is a crime. Does this mean that someone luridly watching a rape video (real or faked) is actually a criminal too?

How about someone watching the film of a bank heist. Or the millions of viewers who watch 'cop reality shows'. Are they all likely to jump up and start stealing cars?

You can't stop using logic just because you're discussing an emotive subject - if anything you have to be more clear headed than usual.

Lurid interest in an illegal act is not (in the general sense) a crime, and is often a substitute for the real thing. Think clearly and you will see that there are better ways of preventing abuse of children.

One example: to recognise that most abuse of children actually happens in countries where children's rights are totally ignored, and often takes far worse forms than sexual exploitation.

Culpability

[The+Famous+Brett+Wat]

I didn't RTFNYTA. Even so, this is Slashdot, and I need not care much about that.

The question of culpability for the actions of a computer is going to become increasingly interesting. Spammers and other miscreants are getting more brazen about the use of third party computers by which to make mischief. I'm not saying that it's a new concept -- far from it -- only that the audacity factor is going up. Dealers in kiddie porn and other widely-considered-bad things may start to see third party computers as a safe medium for their wares; a good way to cover their tracks.

It seems unfair for a person with a virus-infected computer to be accountable (even in part) for the actions of a malicious third party who takes control of that computer without the owner's knowledge. On the other hand, it's risky to let them off the hook for it: genuinely culpable parties may install a virus on their own system as a legal defense measure! And if the owner of the computer were nailed for the actions of their computer, could they then sue some software or hardware vendor for enabling a malicious third party to use their computer without authorisation, thus exposing them to this risk? Presumably the end user doesn't haven't much of a case against the Internet Service Provider: I would expect the ISP to be offering a network service, leaving it up to you and your equipment as to what use is made of that service.

The real problem here, as I see it, is that we want to discourage systems which facilitate abuse by evading accountability. The real culprit -- the malicious third party who uses the computer as a zombie slave to get up to no good -- is safely hidden from accountability through anonymity. The owner of the equipment is deemed not culpable on the basis of inability to know or do anything about it. The owners of the network infrastructure are just providing the advertised service, and should be thought of as common carriers. The owner of the software which enables the virus, well, no software authors seem to want to be held accountable for their software either, and that's somewhat understandable.

But if we don't come up with some strategy for discouraging systems which facilitate abuse by third parties, the natural consequence will be an increase in unpolicable lawlessness. To complicate matters, insecure systems are already pervasive, so it's hard to know where to start. Who do we put the pressure on? I didn't RTFA, as I said (don't read NYT's website on principle), so I don't know what conclusions were drawn. It strikes me that perhaps we need to start holding the end user accountable for the mischief of their system if they don't take reasonable precautions to prevent it, such as using anti-virus software, or keeping modestly up to date with security patches. Maybe we can also hold commercial software/hardware sellers accountable to do their fair share in selling a merchantable product, with particular reference to reasonable standards of safety, and working as advertised. In the case of OEM-installed operating systems, it's probably the OEM that should foot the bill, as the seller of the product. Penalties should be relative to the cost of the product.

I'm not suggesting that these ideas ought to be implemented, but we ought to think about them. What seems fair and would have the desired impact? Most end users aren't aware how unsafe the Internet is, with regards to this kind of abuse, and they should be educated about it, or protected from it. Computer manufacturers are selling computers as internet-ready but by and large they are selling an unsafe product. Selling a machine bundled with anti-virus protection might be sufficient to make the product "safe", from a merchantability perspective. Removing (or not providing) Internet functionality would also protect the manufacturer from Internet-related issues. Providing clear warning material on the dangers of connecting to the Internet might also be sufficient ass-cover.

Stuff to ponder. And note that I didn't rant about Microsoft Windows, despite opportunity and motive.

Re:The problem is over-aggressive law enforcement

[JaredOfEuropa]

Firstly, there is a mass of evidence that photos are taken to order within groups of abusers

This is the argument often used by those that want to throw the book at buyers/downloaders of child pornography. Some of them would even agree that looking at such pictures in itself is not a bad thing, but going after 'users' of kiddy porn results in a diminished demand for such stuff, and as a result less children are abused. (Not my argument, but this is the line of reasoning often quoted). However, the fact that 'consumers' of child pornography create a market for such material, does not automatically make the act of looking at or posessing the material a crime.

those with pictures are statistically likely to go on to physical acts

That is a very dangerous statement for two reasons:
1) If people who look at these pictures are more likely to go on to physical acts... is that because of the pictures, or did they have the tendency anyway? In the latter case, giving them such pictures might actually help getting them their fix, so that they will not go on to the physical act.
2) If colored people are statistically more likely to commit crimes (disclaimer: this is just an example which I picked because it's a widely held stereotype). Does that mean we should pre-emptively go and arrest them all? Propensity to commit a criminal act is not a crime! Besides, just like in the example I gave, the propensity to commit the crime isn't even proven... it's just a statistical correlation.

Too right this sort of thing should be followed up. It will protect children.

It should be followed up, but it must not turn into a witchhunt. Too bad that these days it seems that when it comes to our rights and due process, anything goes when 'the safety of our children' might be involved.

Re:In Japan...

[glesga_kiss]

The Japanese goverment has been suspiciously lax in pursuing enactment of Child Porn laws

Yeah, but their culture see's it differently i.e. not so much of a problem. To them, it's like Saudi Arabia asking us to clamp down on alcohol, because their society doesn't tolerate our activies. A lot of Asian porn features school girl references there, and they really dig the whole cute china-doll thing. I'm sure many of the legal ones get made up to look as young as possible, jeez that even goes on in Western porn as well, 25 year-olds masquerading as 18 year-olds.

With different ages of consent around the world, policing this planet is not an easy task. I think I heard once that the age in Spain was 12, though that may have been years ago and it's probably standardised through the EU now. How exactly to you legislate based on widely differing laws and cultures?

Remember also that our society is very diffent to many others, and has only become that way recently. Several hundred years ago, most people were married and had had several children by 17-18 years old. You'd be lucky to reach 30 years old and have half of your children reach adulthood. Our ever extending life-span has lengthened the "age of innocence", but it's not "naturally human". If a boy/girl can conceive children, that's natures way of saying it's time to start having sex, regardless of what abstinence groups or abusive catholic priests regard the issue.

It's a very muddled issue. Where do you draw the line?

I posted this as a blog entry a few weeks ago...

[marmoset]

I had an interesting experience helping my cousin with his computer a few hours ago. I've done this plenty of times before, and I'm sure every computer professional has served as volunteer tech support for family members at least occasionally. The difference this time is, instead of simply doing a few quick fixes for the things that were broken/nonfunctional (which is what I usually do, in the interests of time), I actually thought long and hard about what was broken, and more importantly, how and why it got that way.

I will state from the top that I don't intend for this to be a Windows bash session. Though it's plainly a software environment I try to avoid when it's practical to do so, I recognize that I'm a kook and that most of the rest of the world has decided otherwise. Since, like death and taxes, Win32 is omnipresent, unavoidable, and in the end always victorious, it's prudent to learn how to efficiently work with it.

My cousin purchased a basic home system earlier this year, a modest (but powerful enough) system with Windows XP Home Edition preinstalled. It also came with Microsoft Works (which he's just starting to use for his classes) and the various and sundry shovelware that no user ever bothers to either run, nor uninstall. We live very close to each other, so we both have the same network provider -- in this town it's basically Comcast for broadband or the highway (read: craptacular dialup). He uses Yahoo as a portal page, and occasionally uses Yahoo Messenger. He likes tuning in to streaming radio, so he has dozens of stations bookmarked. And that's pretty much it -- he uses his machine for web surfing, internet radio, and the occasional short word processing or IM session.

I stopped by today to help him with a project he's starting up and he went to log into his computer. My first clue that something was very wrong: it took forever. The interval between the time when he entered his password and when he gained full control of the machine (i.e. when the busy cursor went away and the machine finally became responsive enough for him to do anything as basic as using the cursor to launch a new application) was at least 90 seconds. This box isn't a server, he's not compiling code or serving pages or rendering frames or anything else that ought to be stealing major cycles from the foreground UI. After that eternity has passed and he finally gains control of the machine, he gets a dialog box advertising cheap university degrees. By this time, I'm all like "what the f___?!?" It seems that in my time away from mainstream (i.e. Win32) computing, something known as "Windows Messenger Service Spam" has become a serious nuisance. How goddamned evil can they get? You don't even have to open your mailbox before some lowlife jumps in your face trying to sell you merde? How fricking evil is that? I do wonder what kind of krakk kokane your software engineering staff has to be smoking for them ship an operating system that, in its default configuration, allows an unauthenticated tcp message from any random spot on the internet to display a dialog on a client workstation, but, as I mentioned earlier, that's not where I want to go today. I felt a sick feeling in my gut, realizing that there are probably millions of grandmothers out there getting these stupid things popping up in their faces all day, without the vaguest clue of how to stop them.

After closing the messenger spam, my cousin started his browser, which happens to be IE 6. This took an extroardinarily long time. Once it came up, I noticed that he had a Yahoo toolbar underneath the standard Explorer toolbar, bristling with gewgaws, animated crap, pulsing buttons and links to, erm, "synergistic content". In addition, there was a vertical pane along the left side of the window, also Yahoo branded, also full of pulsing, flashing, irrelevant happy crap. In the middle of trying to throw up (and I do mean "throw

Considerable Issues

[virg_mattes]

> There are lots of issues to consider here, firstly the daughter claim... his daughter may have had a vendetta against him because he molested her, or she knew that he was commiting acts against children and just wanted him to get what was coming to him. Who knows...

To be blunt, who cares? If she was molested, she should accuse him of that. If she has reason to believe he's molesting other children, let her present that evidence. Framing him for a crime he didn't commit is never right, even if he committed some other crime.

> also the other thing to consider (and i have some experience in this) when i was getting started in computers and did some stupid things (bruteforcing passwords from my own system), i always ran a copy of BO on my own pc, so i could blame "the evil hackers" if it came down to it. Possibly he was doing the same thing with much more sinister acts.

Sorry, but "possibly" doesn't do in a court of law. Sure it's possible he set up an alibi, but if there's not sufficient evidence that he did it's not the court's right to assume guilt. That's how "beyond a reasonable doubt" works.

Virg