Slashdot Mirror
Man Fired When Laptop Malware Downloaded Porn
Geoffrey.landis writes "The Massachusetts Department of Industrial Accidents fired worker Michael Fiola and initiated procedures to prosecute him for child pornography when they determined that internet temporary files on his laptop computer contained child porn. According to Fiola, 'My boss called me into his office at 9 a.m. The director of the Department of Industrial Accidents, my immediate supervisor, and the personnel director were there. They handed me a letter and said, "You are being fired for a violation of the computer usage policy. You have pornography on your computer. You're fired. Clean out your desk. Let's go."' Fiola said, 'They wouldn't talk to me. They said, "We've been advised by our attorney not to talk to you."' However, prosecutors dropped the case when a state investigation of his computer determined there was insufficient evidence to prove he had downloaded the files. Computer forensic analyst Tami Loehrs, who spent a month dissecting the computer for the defense, explained in a 30-page report that the laptop was running corrupted virus-protection software, and Fiola was hit by spammers and crackers bombarding its memory with images of incest and pre-teen porn not visible to the naked eye. The virus protection and software update functions on the laptop had been disabled, and apparently the laptop was 'crippled' by malware. According to Loehrs, 'When they gave him this laptop, it had belonged to another user, and they changed the user name for him, but forgot to change the SMS user name, so SMS was trying to connect to a user that no longer existed ... It was set up to do all of its security updates via the server, and none of that was happening because he was out in the field.' A malware script on the machine surfed foreign sites at a rate of up to 40 per minute whenever the machine was within range of a wireless site."
It just seems immensly more likely that he got infected by malware from surfing porn sites, than getting infected by porn from having malware.
Good to know they researched heavily before firing him. At my company when re-deploying hardware like a laptop it is standard to wipe it completely and load a ghosted image. Who WOULDN'T do at least as much?
case where you can't help but think "this can't be right".. making certain types of information illegal to possess just doesn't make practical sense in the context of the Internet, no matter how morally objectionable we find it.
This guy should get one. And, meanwhile, insure no one touchs that laptop.
-- Slashdot: When Public Access TV Says "No"
Why don't you try writing your submissions intelligently and professionally?
If people hadn't jumped to conclusions and had done a more thorough investigation, this man would not have lost his job and reputation.
That's a nice HUGE FREAKIN' BLOCK OF TEXT you've got there, buddy. Maybe you'd like some PARAGRAPH STRUCTURE to wash it down.
I've heard of people getting screwed by their bosses before but this is ridiculous.
If he hadn't had the resources to hire his own expert, he would be in prison and branded a sex offender for life, all because his boss didn't practice safe hex.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
This is a tough lesson learned for Mr. Fiola, but the lesson is, always request a clean build when receiving new equipment in the workplace. That would have eliminated the malware and given him a clean system to work on.
--I like turtles...
Not that Linux (or OSX, or any of 'em for that matter) are 100% crack-proof, but putting one's career at the mercy of common malware and the only safety net is a sharp eye at the IT department?
OTOH, I suspect this guy (if he plays his cards right and has a sharp lawyer on retainer) may never have to work another day in his life.
Quo usque tandem abutere, Nimbus, patientia nostra?
Pesky foreigners. Child porn peddlers, the lot of 'em.
"We live in a global world" - Harvey Pitt, former Securities and Exchange Commission Chairman
maybe their IT dept should be held liable for giving him a misconfigured laptop?
btw, why isn't this a YRO article?
Make sure everyone's vote counts: Verified Voting
Julie Amero and the Porn Pop-Ups all over again?
Um, nevermind, I don't want to know.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
The real crime here is that the charges were dropped thru "insufficient evidence".... Why is this loophole allowed to prosecutors? How about. "We are sorry we should never have arrested you, fired you and will will formally erradicate all your arrest process so it never happened and give you backed dated pay and legal expenses".
I am a lawyer, but this is not legal advice. If you need legal advice, the attorney in this story might be a good choice . . . (but I cannot endorse him).
This, in a nutshell, is why lawyer's represent guilty scum.
Sometimes, it turns out, they are neither . . .
Personally, I'm skeptical about the idea of malware that secretly downloads and hides kiddie porn--why would the malware developer do that? I really can't fault the emploeyr for not considering such an idea and investigating it.
The defense attorney, though, is to advocate for his client, even if the client claims seem far-fetched.
hawk, esq.
So expecting them to ask for a clean build is asking to much. Their IT department should have known better and done this automatically.
"As soon as you mention child pornography, everybody's senses go out the window, she [the computer forensics expert] said."
Sounds too familiar. What's really fucked up is that his former employers "stand by their decision", namely to fire the guy. The bare minimum would be a public excuse, an offer to let him work there again, and probably a hefty compensation if he refused. But that's not likely to happen since by definition, the government knows best.
The grass is always greener on the other side of the light cone.
In Canada that would be unlawful termination.
Actually even if he was guilty, they would have had to tell him before he went outside why he was fired, or he would have grounds for compensation.
Microsoft, Apple, Google, Amazon what's the difference? All steal money from devs and control with walled gardens.
DIA spokeswoman Linnea Walsh confirmed Fiola "was terminated," but declined to say if any internal discipline has been meted out as a result of his name being cleared in court.
"We stand by our decision," she said. So now the DIA is trying cover it's own ass for giving him "a ticking time bomb" and then firing him for it and ruining any social life he had.
The worst part is that the assholes at DIA responsible for the horrible "roll-out" of a replacement laptop, and the PHB's responsible for firing him w/o doing proper research into the issue will not be punished in any way. THEIR lives won't be ruined. Even if he wins a lawsuit. It'll be money from the DIA, but no real punishment to the people involved.
Somebody find all their names and contact info (I'm too lazy) and post it. Let's send the info to Russia with requests for Viagra and child porn.
Seriously though, The Office is funny on TV, but tragic in real life. These people should be arrested for harassment and criminal negligence at the least.
What kind of laws can we enforce (and/or pass) to truly punish the individuals responsible for shit like this? Lawsuit money from the organization isn't even close to justice.
Operator, give me the number for 911!
I was even fooled by it once. I found pr0n bookmarks under a cute girl's login and I was thinking "Daaamn this girl is a freaky.." for a few seconds until I realized what it was. I could easily see how people would jump the gun and over react when they find actual material on a computer and not just bookmarks however they should at least ASK the person if they're guilty and send it for investigation first.
Liberty.
Now I know how to explain all of those Jessica Alba pics on my machine.
* to disrupt society
* to provide a plausible alibi for any of his perverted friends
* to drive up the cost of prosecuting this type of crime so prosecutors will have less money to prosecute his brother-in-law who runs an organized crime family
* kicks/jollies/juvenile reasons
* someone paid him to do it
* Why ask why
* He wanted his work to get on CowboyNealBoard, er, I mean Slashdot
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I would sue, sue and, sue.
Because the sites the malware connects through pay via click through.
What that bit of malware probably did was go around to a bunch of sites that the author gets fees from and makes it look like someone is browsing them.
Get a botnet of 1,000 computers going and it looks like hacker X convinced 1,000 people to view the site over and over.
If the intersection of child porn distributors and malware authors is larger than 0, the malware author may have written the malware to distribute the child porn. Or to keep it in circulation to gain later access to it, etc.
Nerd rage is the funniest rage.
Live today, because you never know what tomorrow brings
I read a different article that said he wouldn't work for them again because of the way they treat their employees.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
I would say that the scripts surf a list of shady sites to get hits on banner ads. I imagine that, even though they don't stay up as long, kiddie porn sites may have ads too...
The fact the he was charged with child porn. I've been following this case in the news because it is such an odd case. As TFA says, they eventually figured out it was viruses and malware doing the downloading of images (over the web, BTW). Ok, fair enough.
...or did they find real kiddie porn on there?
However, another article (can't find the link, sorry) was interviewing one of the detectives involved with the case. What he said was something along the lines of "there was a LOT of porn on the computer. 99% of it was just gross stuff, not illegal. But we did find a few pics of young girls.". Which makes me wonder --- how, exactly, do they define child porn?
Are they just arresting people because pictures look young?
It just seems odd that all of a sudden there is all this kiddie porn out on the publicly available internet and it does not draw attention. I would presume, with Tor, Freenet, etc all of that activity would be driven underground (ie: encrypted). Is there really "spam" and popup based kiddie porn still going on in the WWW?
I ask because I have...err...my friend has not seen it since the early early days of the internet. Back then, you truly could stumble across it accidentally. It hasn't been that way for a long long time though, in my experience.
The man was also happy to receive a DVD with all the images on his computer, including a 500MB file named NSFW.pst
Many companies only have limited IT capability and many will just hand over a computer from an ex employee to a new employee with very minor changes. Saves a bunch of work reinstalling stuff.
Engineering is the art of compromise.
It's called Farm Sluts. Hilarious! Well not for the guy in real life.
"You'll get nothing, and you'll like it!"
I can believe it was malware. Sure, there are a lot of malware out there that do a lot of things.
What they're describing sounds like malware intended to run up the traffic rankings of a site. If so, why was it gathering pictures too? Poorly coded? It wastes more bandwidth to pull the entire rendering of the page, than just the HTML and JS. While conserving bandwidth isn't high on the priority list, to keep from being noticed, and to keep their efficiency up, the virus writer would do what they could to keep their impact low.
I find it interesting that they don't mention what the malware was. They gave a vauge description of it, but not a positive description. This eludes to me that it could be the mystery virus defense. Beyond that, it could have been installed accidentally (or intentionally) at some point between when he got the laptop and when it was discovered.
A possible scenario is this, including their facts.
1) The defendant was given a laptop from work
2) The laptop had it's antivirus disabled inadvertently by the IT staff.
3) The defendant browsed to web sites, which may or may not have contained illegal images.
4) The virus was accidentally or intentionally acquired through said sites.
5) The defendant viewed web sites containing illegal images, before or while the virus was running.
6) The virus would acquire web site content when near wireless access points.
7) The defendant's employer found said illegal content on said laptop.
8) The defendant was rightfully terminated, and the evidence given to law enforcement.
9) The defense lawyer drew upon their mighty google-ing ability, and found the "it was a virus" defense.
Serious? Seriousness is well above my pay grade.
Personally, I'm skeptical about the idea of malware that secretly downloads and hides kiddie porn--why would the malware developer do that?
I've actually seen this sort of thing a couple times... not for kiddie porn luckily. Just movies (hollywood) and warez back before p2p.
As you can imagine finding servers to host and distribute this sort of stuff can be difficult. So why not compromise some random persons laptop, setup an ftp server, irc, dynamic dns, and whatever else... and then use it as a free and 'anonymous' remote host and storage.
It wouldn't surprise me in the least that this could be in use for kiddie porn distribution.
I really can't fault the emploeyr for not considering such an idea and investigating it.
When dealing with any case of child abuse including kiddie porn, one should ALWAYS be extremely cautious. Because whether he is innocent or not, people will never look at him the same way again.
Teenaged Russians = "Child Porn!" or some such bullshit.
From my (admittedly cursory) read of the article, I gather they claim the malware was trying to pop up the images to a broken account. I.e., the malware downloaded the images (hence their being in the temp directory) and tried to display, but then failed. Thus, the user never saw that the laptop was doing this, or else he could've gone, 'uhm, something is very wrong with this machine.'
If this is true, though, the real question then becomes how they didn't notice the virus on the machine when reconfiguring things (poorly) for the new user. At that point, if the defense argument is accurate, the malware should have still been able to display this stuff, and you'd think the IT guys would have noticed...
--Rachel
* To create mirrored websites to ensure availability of the material.
It happens with malware spreading sites, why not illegal porn?
If the malware can run a distributed dynamic dns based site, it will achieve a highly distributed network that would be hard to shut down easily.
No sig
Get child porn on your enemy's computer as long as he runs Windows (or whatever else), total deniability because there's so much malware out there. This scares the bejeezus out of me.
Probably, the malware itself is a temporary webserver to help distribute the load of an illegal kiddie porn pay site. Look up Fast Flux (http://en.wikipedia.org/wiki/Fast_flux) spammers use it all the time and it is very simple to set up.
I, for one, welcome our new automatic-porn-downloading overlords.
Arrest those exploiting kids?
is brewing. Rawls: unfair / unjust / unreasonable. His termination fits all three. Now, how much will he rake these people for?
Shoes for Industry. Shoes for the Dead.
Geez, i was half-assed expecting some bullshit polemic such as "don't offend or insult" the readers outside of slashodot, bekauze after all, we're trying to look like a responsible journal that can be referenced by The New Yourk Tymes...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Your skepticism is mis-placed.
There is more than one kind of malware.
One kind sends Phishing Spam / Viagra spam / etc.
Another performs DDoS attacks.
A third acts as a distributed FTP/Fileshare server so that the guilty have a place to hide & share their wares and not have a single point of being shut down by the authorities. Whether this be lists of CC numbers or kiddie porn is immaterial.
-nB
whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
> why would the malware developer do that?
Perhaps the malware is part of a P2P network distributing porn? Why risk getting arrested for distributing porn when you can co-opt other (innocent) people's computers into a network that does your dirty work for you?
If we all contacted the DIA it might get things moving for this guy.
Department of Industrial Accidents
for questions related to Workers' Compensation
600 Washington Street; 7th Floor
Boston, MA 02111
Phone: 617-727-4900; 1-800-323-3249
Info2@dia.state.ma.us
OK, but you know the problem in this, right?
1. Create multiple copies of child porn all over infected computers.
2. ???
3. Profit
Malware is a for-profit biz.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Personally, I'm skeptical about the idea of malware that secretly downloads and hides kiddie porn--why would the malware developer do that? The malware wasn't downloading and hiding kiddie porn From the article: "Loehrs found a script file that was set to go out and run its own searches on foreign Web sites, she said. "And once you get into some of these foreign sites, you'll get all kinds of stuff you don't want to see. "Actually, the child pornography was just a very small portion of it. The majority was just bizarre porn. He was being hit with everything," she added." The malware author was probably running a pay per click scam by using his malware to visit a bunch of sites and making it seem a bunch of visitors were browsing the site.
criminal court is not the same as civil cort.
From a purely technical point of view, a clean install is good advice in this situation (and many others!) But it's not something an ordinary user can do. This guy certainly doesn't have the expertise, not if he was using such a thoroughly compromised system. So he has to turn it over to the IT department, which then charges his department $100 or more for the service. That's approaching the total value of the laptop if its been around for any length of time.
Seems one has to jeopardize one's livelihood over every small thing, like whether to accept a used PC or not. Hence I would have thought one could argue that accepting the PC as it was and using it for business was not a completely free choice. A man's gotta eat.
If Fiola's side of the story can be taken at face value, then presumably he can sue - not just for the loss of income, but for the damage to his reputation, emotional distress at the nature of the material etc.
Having said that - bandwagon rides are fun, so my gut feel is that Fiola was complicit in at least some way, even if he saw the computer behaving weirdly and did not report it. Perhaps this will help him establish that his reputation was tarnished by this whole episode.
Nullius in verba
zero tolerance laws produce an extreme disincentive to properly and discretely investigate such things before slinging around an accusation which will ruin somebody's life.
"Megan's law"s punish people after the official debt to society has been paid. If you are so sure pedophilia is an incurable, life-long disease, than imprison them for life or develop a house arrest program, but you can't simply toss these sex offenders out, put a big neon "child molester" sign over their head, and pretend they have the same rights, or are not in danger of vigilantism.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
I'm involved in investigating things like this in my line of work. The argument I've worked on the most was that X worker was on eBay at 6am, and then there is a record of X on at 12pm, so we fired X for waisting time spending 6 hours of their day on eBay. Everyone of the cases I've helped investigate the employee was a few months from reaching a big pay increase or increase in retirement benefits.
Their team also loves to hand us data that their forensic person has pulled from Windows without giving us access to the original drive. When questioned on how he obtained the data it was clear that their certified forensic expert didn't make a locked copy of the drive but logged in and poked around. The certification their contractor has is from IACIS http://www.cops.org/certifications
None of them so far has gone to a judge AFAIK but I know my PHB has testified for an arbitrator and the arbitrator ruled there was insufficient evidence for a dismissal.
Considering the series of screwups that led to this, I figure his next course of action is a lawsuit against the state - I'd sure as hell do it.
Giving him a laptop without re-initializing it? They got them some dimtwitty IT folks there in Taxachussetts.
--- Asking inconvenient questions for over 30 years...
because the porn was legal in another country, but not the USA. Sites in other countries are more likely to use malware and the age of consent is a year or two lower in most.
The only way to bust a doper--is when you yourself become a smoker!
Whenever I end up with a new (always used to me) computer or laptop, the first thing I do is install Google Desktop, and more recently Picasa, and I scour the hard drive for jpg and other image files, and then I delete them. I am absolutely freaking paranoid about something like this happening to me.
Whenever I have the opportunity, I like to wipe the hard drive completely and do a clean reinstall of all the software, but sometimes, you just can't do this, especially if you don't have the install disks. The reason I like to do this especially is because then I know what the machine acts and feels like under ideal conditions, and if the computer later slows down or acts sluggish, I can tell almost immediately if I've done some dumb cluck thing like downloaded some adware or freeware that turned out to be crapware.
As a direct result of reading Slashdot and TechDirt, I also have locked down my wi-fi with a highly encrypted password. It's too bad actually, as I like the idea of open wi-fi, but I can't take the risk that some joker might use my connection to download porn or music, tied back to me and my IP address. Knock knock from the FBI - no thanks.
How many IT guys would really do that? With all the other work they have to do? And that's assuming you have someone there that knows what they're doing.
Yep, and the snotty IT guy rolls his eyes, goes back to his office and does his work without doing anything to the laptop, and comes back later and says, "Yep, it's done. No problem" and takes off.
Then later on, the kiddie porn is found on the poor bastard's machine, the IT guy says it wasn't them. Poor bastard fired. Now, the poor bastard couldn't do it himself because he'd be fired for violating company IT policy.
Let's face it, you're fucked as an employee.
2. Have the infected computer serve copies of the child porn to the paying customers.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
actually it's correct.
he basically got infected with a trojan and backdoored. his laptop essentially got turned into an ftp server that became available at any wifi hotspot.
i have seen this personally quite a few times, and typically its used to courier very unsavoury material.
there is nothing here to be suspicious about in other words, its only suspicious if you don't understand enough about how this sort of thing works.
Sounds like the Department was aptly named.
As others have said, PPC.
... the company/state deserves it in this case whether it's good legal consul or not.
Also, consider that it's pretty much the employer's fault that his PC had all of this malware since they clearly don't have proper security procedures. Add to that the fact that they were pretty quick to BLAME HIM when in fact it's THEIR FAULT and I think he has a great countersuit. I'm not a lawyer in any state but
That part was about the System Management Server trying to update his laptop through a nonexistent user.
So basically the system had no updates because the automatic updates were configured to work through an user that wasn't there anymore. Which leads a windows system to leaking like a sieve, explaining how he got the virus.
Parent is a lying bastard. I read all articles linked to, including the second page of the first article. Linux in not in the text of any of them. Please mod accordingly.
Let us not become the evil that we deplore.
Indeed. they should extend the indictment requirement required by the constitution for capital offenses to these sorts of crimes. Being falsely accused of molestation is much worse than being falsely accused of murder in terms of social repurcusions. (assuming one was eventually declared innocent of both).
http://notanumber.net/
Not necessarily, I've seen malware that only opens popups when you open IE for instance. Maybe this one needed you to be connected to the internet to popup and the IT guys changed settings while off the network.
Amendment 8 - Cruel and Unusual Punishment. Ratified 12/15/1791.
Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted.
Frankly, zero-tolerance doesn't seem like what the Founders had in mind, nor does torturing people you don't like for the rest of their natural (and now probably shortened) lives. Granted, I suppose this depends upon your interpretation of "cruel and unusual", but if this can be applied to sex offenders it can be applied to any group of people if you can manage to vilify them sufficiently.
The higher the technology, the sharper that two-edged sword.
Sounds awefully complicated. I'd just rent a server in Malaysia or other countries with more pressing issues than shutting down servers, where someone like this already has a server collecting information for ID theft. I doubt they're more interested in shutting down CP servers than ID theft servers.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
As u38cg noted, "Google Zeitgeist is going to be raising a few eyebrows next month."
This happened to my aunt. She was promoted, and the guy she replaced was fired for loading porn onto his work computer. The company KNEW, but didn't clean it off, they just gave his computer to her. As soon as she hit the internet, it started moaning and screaming at her, she slammed it shut, tore out the battery, and took it right back where it came from with a lot of bitching and yelling at IT.
If it were me, I'd not just sue the organization for wrongful termination, but also sue the employees involved personally for slander and gross negligence.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Back in the early days of broadband, I had an anonymous ftp with upload access set up on a home server. I would not infrequently end up with a directory a dozen levels deep, with some random file, as some bot tested my server for what it was capable of.
Unless it's sealed or marked "actually innocent," he'll have a hard time getting any job in any position of trust.
Heck, he may even be barred from volunteering at his child's school as long as this information is public.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I find it informative and insightful.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Certainly the AC was trolling, since nowhere in the article was Linux mentioned. But Windows can be perfectly secure if you want it to, which means that your tired claims and bizarre tie-ins with unrelated conspiracy theories are as usual no more than empty "advocacy" that helps no one and just serves to bury more of your accounts in the appropriate karma holes.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
From reading TFA, it seems seems they weren't "hidden", but just not displayed. There were a bunch of programs that continuously surfed sites in the background, in the process leaving the incriminating images in the cache. Possibly some malware that earns money per click on given websites. If you've ever surfed porn, you know that you can get a flood of popups from "affiliate" sites. It's like spam, to earn the spammer a tiny fraction of a cent per person spammed they'll cheerfully use all your resources and make your life hell.
And we have no idea if it really was "kiddie porn". Lots of porn sites advertise "barely legal", "schoolgirl", and YOUNG!!! and have skinny girls in pigtails with teddy bears, but the small print all says they're over 18 (sure they could lie, but some are American or European based and would he raided in a moment if they were really displaying kiddie porn).
When you have non-tech morons in charge of the IT department? this just seems typical of Big business
That would really be insanely stupid considering the hysteria kiddie porn provokes. If he wanted to just store it, encrypt it and it's 100% safe. Stash it in a folder on a innocent DVDR; etc, etc. Anyone capable of creating malware certainly knows how to do this, and not risk having a FBI team break down his door next week.
I think the guys who do trade kiddie porn would be extremely paranoid and cautious.The dumb ones would have been caught by now. The idea that these guys are snickering while sending illegal porn to innocent people is as silly as those characterisations of terrorists as "they hate us because we're free". I believe the guy in this case was likely innocent, I think he was just collateral damage from some pay-per-click scam. The porn in his cache was just a side effect of sending his browser around in the background to earn a few cents.
Yes, Megan's law is obviously intended to incite mob 'justice'. Executions are expensive and socially messy. It is much simpler to 'think of the children', publish the addresses of sex offenders, and hope that some other sicko takes care of the problem for you.
Malware developer is not necessarily the malware user
Malware developer/user would rather store his incriminating files on someone else's computer (possibly many other computers for added redundancy/security) rather than storing the files on his own computer.
Malware user makes money from fake clickthroughs to porn sites from the victim's computer.
Malware user just wants to cause trouble for some random person for no real reason. Think "A Clockwork Orange".
etc.
What a loser downloading porn on his work computer.
Mr Show: http://www.youtube.com/watch?v=8DeikFMnHwU
It wouldn't surprise me. It would ASTONISH me that someone possessing images that could send them to jail for years would randomly distribute them, UNENCRYPTED to a GOVERNMENT EMPLOYEE'S LAPTOP.
The Internet is awash with Hollywood movies. Sure kids might stash copies of Indy 4 on any random server they can find. Will the FBI raise an eyebrow? Do that with kiddie porn, expect to be in custody by the end of the day.
If I wanted to distribute stuff that could get me in jail for years, I think I would find $5 per month to have my own server space in China, say, alongside the spammers.
Were this particular man guilty, you'd try getting him off anyway, whatever pain re-inflicted on the victims.
Lawyers represent guilty scum because they are guilty scum. Oh, and they also go to court on the behalf of other guilty scum as well.
Anonymous coward....whatever
....not a lawyer....
I am curious if the laptop came from dell?
I've actually encountered A laptop with the same sick content....It came from Dell. It was also "refurbished". It was actually quite difficult to remove all the obscene data, It had been saved to various temp locations within Vista. I am sure it was some type of malware program using lime-wire for distribution. Considering every filename was VERY long, with more than one extension, (NO ONE saves a file like that),and also that fact that the owner is nearly computer illiterate and could not have found these hidden temp folders on his own, I am convinced the current owner was not at fault.......As for the guy (in Massachusetts) who was fired, I believe he was mistreated horribly. Were as the content was offensive and against company policy, there is something called due process. If innocent, and it COULD be proven (either for or against him) He should be given his job back, with back pay. If the company wants to whine about that, I would suggest suing the company who "refurbished" the laptop.
p.s.
No, I think making things illegal does slow them down significantly. Sure, there's still crime, but that's hardly an excuse to do nothing.
People make a choice to do something. In this case, choosing to produce such materials suggests that they want to more than that it's a black-market, financial decision.
Hang on.
This was a laptop, right? Not a computer sitting in his office. There is no reason to suppose that any of the alleged porn-surfing was done on company time.
How is it misuse then? Looking at sexy pictures doesn't harm the computer or the company at all. Do they also fire people for using their company laptop, at home and on their own time, for browsing Slashdot or eBay?
You don't even need any malware on your machine to end up with erotic images in your temporary files. I have browsed sites looking for cracks for games, and had porn ads appear. Those images will have been cached somewhere.
The problem is not with failing to wipe the drives between users, or failing to use an anti-virus, or failing to use an ad-blocker, or failing to flush out your temporary files. Non-techie users can't be expected to do such things, and they shouldn't be necessary.
The problem is with companies who think that they can (ab)use the fact that the hardware belongs to them, in order to interfere with employees' private lives. If they do this as a pretext to rid themselves of an unwanted employee, then they are evil. If they do this and fire an employee whose work they were happy with, then they are utter morons.
Secondary problems include (a) the mistaken idea that files in the cache prove intent to view certain content; (b) the current hysteria about "kiddie porn".
If I wanted to distribute stuff that could get me in jail for years, I think I would find $5 per month to have my own server space in China, say, alongside the spammers.
But that would leave records...
Will the FBI raise an eyebrow? Do that with kiddie porn, expect to be in custody by the end of the day.
You have a much higher opinion of the FBI than is warranted.
Dear Massachusetts Department of Industrial Accidents,
As you can see, with your assistance, micro$oft has destroyed another family with their OS monopoly.
Did you ever study history and read about the complicit Germans who allowed the Nazis to murder millions of Jews or about the complicit southern citizens of the southern United States after the civil war that just stood by as the KKK murdered so many black citizens. This is YOU. You allowed your own employee to be tainted and tarnished by your accusal without even examining the evidence. Even though he was subsequently proven innocent, somehow beyond all audacity, you continue to "stand by your decision" as you were complicit in allowing flawed micro$oft software to paint an innocent man guilty.
As implicated by the forensic study, it was the responsibility of the IT department to "update" the micro$oft SMS server on the laptop so that the laptop would be get proper security updates.
But who is the real criminal here? The man now proven innocent? No. The irresponsible IT department? Maybe. The criminal extortion racket based in Redmond, WA who built an insecure OS that destroys families with its built in malware vulnerabilities? Yes, obviously.
This kind of problem where a computer is invaded by rogue malware is a window$ problem. This is exactly what happens when you use closed-source software that is designed by a criminal monopoly.
Had the IT department deployed secure Linux based laptops this would have never happened. This is exactly why I never allow micro$oft "crippleware" on any computer in my home or my personal system at work (I'm working on converting the rest). Congratulations,
Keep up the good work destroying families and lives just like the Nazis and the KKK.
1. Contact pornmonger running download-for-$ website
2. Contact black hat managing botnet
3. Pay black hat $ to instruct botnet to buy porn from website
4. Collect $$ from pornomonger
5. Profit!
Practice Kind Randomness and Beautiful Acts of Nonsense.
Yeah, I live in CA - an "At Will" state. It's like this, they can fire you any time they want without even telling you why, for any reason, even a made up one.
Oh, and you can quit without notice too. (wup)
OK, this is now starting to feel like bastardly smarmyism. Not one of da boyz so not gonna get posted... maybe after two days this little prick will forget he posted to the firehose, but he's got excellent karma on the panel, but script-blacklisted from getting published.
Hmmm....
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
If they were really thinking of the children and believed these guys to be in danger of re-offending then, as the original poster says, they should never let them out of prison. Vigilante "justice" may eventually take care of the problem but in the meantime you have someone likely to molest children running around. So why not 'think of the children' and not let back out into society, especially if you are going to completely prevent any possibility of them reintegrating.
Firing people based on things that happened on an infected PC is the modern equivalent of shouting burn the witch!
The truth is that this can happen. The truth is that so many corporate desktop and laptop systems are p0wn3d by th3m that it isn't even funny.
The truth is that event logging on these networks and systems are insufficiently detailed as to demonstrate conclusively which actually happened. Any logging that does take place on a system probably can't show you wether the user was responsible, or if an automated program pretending to be the user was responsible. Any corporation that gives a users a typical Windows system and then holds that user responsible when something untoward happens on that system ought to be opening themselves up to a lawsuit.
The truth is that even the the lawyers who advised not to talk about the reasons for dismissal don't recognize this. They prohibit discussion of the details regarding the dismissal of the employee for reasons entirely unrelated to the issue of being entirely unable to conclusively substantiate any accusations which would be made. (It's standard dismissal policy at all of the Fortune 500 to not give any reason). In general, employees, managers, lawyers and judges are completely unprepared to assess the details which would expose the fact that nobody can actually prove that this unfortunate person was probably the victim of some botmaster's prank. People should be surprised that this doesn't happen more often.
That said, there are things one can look at to determine what was *likely* to have happened on that box, and one can assess to some degree what things were relatively more likely than others. If the box was running malware, though, the most likely outcome is that one cannot demonstrate beyond a reasonable doubt that the user was guilty. However, one can, in some cases, demonstrate innocence, by showing, for example, that a given download occurred when the user was away from the keyboard.
It's important to note that the converse is not true. The malware can easily mimic user behavior by performing user style tasks only when the user is logged in. Malware may, for example, have incentive to operate only when a real user is logged in, because certain operations in certain environments are unlikely to succeed if the user is not logged in (being stopped, and identified as likely malware behavior by a 3rd party heuristic detection system, for example.) Malware often does change its behavior based on instructions from the outside, based on the day or the time, based on all sorts of things, and may not behave the same in an isolated test lab as it does "in the wild" so it can be difficult or impossible to demonstrate the full capability of a given strain, even if you have a copy of it.
If you mod me down, I shall become more powerful than you could possibly imagine.
As long hes a decent guy...
By bringing it to his attention
1) You save the company a competent employee
2) Discourage him from doing it again
3) You demonstrate your personal loyalty to an up and coming executive.
The question you have to answer, is did the employees actions harm the company
in a non-trivial manner? I assume the answer is no. There are many things users
do that waste time, most of which are trivial and do not actively cost the company money.
If the cost of stopping these trivial things exceeds the benefits then you tolerate it and move on.
I would be more concerned about the use of a "firewall/lan bypass device" than the content itself.
A lot of malware today is makes your machine a zombie. It makes your machine do things for the zombie master - like send spam, DDOS other computers or act as a part of a P2P network, carrying all kinds of stuff (including porn).
We had an earlier article about a guy who was listed as a sex offender for raping a 30-40 year old woman, and when he moved a crazy neighbor killed him in a week "because I want my daughter to be safe." Preemptive removal of potential child rapist.
Note his daughter was 11. He saw him on the sex offender list and thought "kiddy fucker" immediately, not "rape" or "mild sexual harassment" (which can get you there too, with a little work).
Support my political activism on Patreon.
But some lawyers are themselves scum who try to have innocent non-scum sent to prison, even after they've been shown that it's unlikely that a crime ever existed, let alone that the widow that they're going after like rabid attack dogs is no more likely to be guilty than anyone else (if, indeed, there ever was a crime).
The whole system is a mess
FGD 135
There's a porn flick called A Clockwork Orgy
Imaging a master disk is a very simple task that ensures machines are clean and up to date.
I am beginning to believe that you should re-imagine any laptop every 6 months or thereabouts as a matter of policy.
IANAL but write like a drunk one.
Maybe you could get away with it a few times. The risk and penalties are so extreme I wouldn't chance it for no reason (and there is no rational reason for doing so). Depositing evidence on a government computer is pretty foolish, no matter how incompetent you believe the FBI are.
This, in a nutshell, is why lawyer's represent guilty scum.
Sometimes, it turns out, they are neither . . .
Personally, I'm skeptical about the idea of malware that secretly downloads and hides kiddie porn--why would the malware developer do that? I really can't fault the emploeyr for not considering such an idea and investigating it.
The defense attorney, though, is to advocate for his client, even if the client claims seem far-fetched.
hawk, esq. If you are skeptical of such software, then you obviously have no experience in the computer industry.
There are all kinds of porn downloaders, viruses, and malware that load a computer with porn.
Lawyers represent the guilty because A) you may be guilty but we need to make sure your sentence is reasonable (a lot of people would like to hang a man for showing a kid his penis); and B) You might actually not be guilty.
In old country, court used to mean you had no representation (lawyer), the prosecution made whatever wild claims it likes, and then they lock you up. End of story. Guilty or not, you get a fighting chance BECAUSE the alternative is we send men in black to your house and throw you in jail after a cute little show just because we don't like you.
Think Salem Witch Trials, nobody had any real defense, all accusations were absolute indications of guilt. This is what happens when you take away the right of the (presumed) guilty to defend themselves.
Support my political activism on Patreon.
After that sentence, I have absolutely no doubt that you are, indeed, a lawyer.
Sue, sue sue. Sue. this was malfeasance on the part of the IT folks who were supposed to have sanitized the laptop (most shops reimage them) and a kangaroo court in all respects.
Sue the state for full re-employable reinstatement, back this and that, damage to reputation internationally, pain and suffering, cracks in the sidewalk, and anything else.
if this is supposed to be a new economy, how come they still want my old fashioned money?
The odds are good that the system in question was Windows based. However, that doesn't really change too much. Any p0wn3d box leads to the same situation. You really can't prove what happened on the box, to any high degree of confidence. The user could be innocent.
If you mod me down, I shall become more powerful than you could possibly imagine.
I've worked in two places where servers (which, despite being a sysadmin, weren't under my watch) were hacked. In both cases, the machines that were compromised has oodles of pirated software and porn uploaded. In the case of the first one, it wouldn't be a terribly bad guess that much of the latter was illegal as well.
So why would a "virus" plant these files? Well, it might not, but what it might do is make your machine into a convenient fileserver or open-proxy for those that wanted to download or view such material.
Malware is sometimes used to set up web sites. You might have heard the term "phishing". Sometimes these sites are fake bank sites used in scams to lure people to give up their credit card and other identity information. Long before phishing, compromised boxes were often used to host ftp or web servers to distribute pirated software or pornography.
If you mod me down, I shall become more powerful than you could possibly imagine.
Personally, I'm skeptical about the idea of malware that secretly downloads and hides kiddie porn--why would the malware developer do that? I really can't fault the employer for not considering such an idea and investigating it.
Your skepticism appears to be based on the intent of the malware to be doing this for the user of the computer, therefore if "hidden" (or rather, not obvious to the user and probably literally using the Windows hidden file attribute) then that would not be of any financial benefit to the porn source. In other words, makes no sense to set up malware to do that.
There are a few factors which need to be known for it make sense.
One is that child porn distribution can't be done from a web server account in one's name, otherwise as soon as its location is determined the account owner is arrested.
Sort of like having drugs smuggled by unsuspecting people, placing illegal content on someone else's computer gets the computer owner any trouble, example this guy.
How does a computer get chosen for this? When it becomes part of a botnet. How does it become part of a botnet? Well, for example, a recent SQL Server exploit alone infected half a million web pages over a weekend with malware which attempts to make the computer part of a botnet. Unknown how many computers were protected enough to keep from succumbing, but botnets grow into the millions of PC's with exploits like that.
I get automated attempts at registration on my website night and day from botnet PC's. Believe me, they run the gamut of home PC's on cable internet, schools, business, government, everything you can imagine everywhere. And more are added every day, all over the world. People have no clue what their PC's are doing.
Another factor little known and understood is that once the PC is taken over, communications is by sockets from the malware to their bot network controllers. It has nothing to do with what a person is doing with their browser, other than the malware logging keystrokes and sending off to the botnet owners to be analyzed for account logins, say to your bank, or credit card payments, etc. Not to mention logins to other networks which they now are able to compromise using the account authorities, say the government, research institutions, financial institutions, defense facilities, etc.
Sockets transmission is used to do whatever they want. How about using the computer as a child porn server?
Bingo. Problem now understood, but not solved.
rd
Well, modern malware is typically modular, and does all of these things, and more. If a new function desired by the botmaster comes along, it just fetches a new module or updates itself.
If you mod me down, I shall become more powerful than you could possibly imagine.
Personally, I'm skeptical about the idea of malware that secretly downloads and hides kiddie porn--why would the malware developer do that?
;-).
Why would it matter whether you believe someone might have a motive? I don't understand why people might commit all sorts of crimes, because I'd never do that. But some people commit those crimes anyway. Lots of people have motives to frame others for crimes.
In any case, on to methods. I have a demo on my web site of how to do "preloading" in javascript. Is javascript enabled in your browser? If so, my demo shows how I can create a web page that quietly downloads images from arbitrary URLs, without showing them to you. This may be used to load those images into your browser's cache. It has valid uses, such as to speed up subsequent downloading of other pages from my site which use those images. But I can just as easily fill your browser's cache with porn. Unless you know how to scan your browser's cache (or have the sense to purge it frequently), you'll never know what I've done to you. My code (actually my web server) also tells me your IP address, which I can use to send the authorities in to examine your browser's cache.
I'd be willing to testify in court how easy this is. And give the court a copy of my code (though they could easily download it from my web site
And yes, I usually do browse with scripting disabled. This was typed into a Firefox 3.0 window, which has the NoScripts extension installed. My demo code won't work against me.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
News of Mr. Sarcasm's death has been greatly exaggerated.
If you mod me down, I shall become more powerful than you could possibly imagine.
-1, Stoned.
In addition to the other comments, I would like to point out that a lot of malware will randomly open a users page to advertisements, which frequently advertise such things as porn and warez. After all, these guys can't advertise through standard venues. I didn't RTFA so I don't know if that's the kind of malware they found, but they DID say they found it in his temp files which is where it would be in that case.
I say castrate the pedophiles. Can't be cruel or unusual given the 5th amendment's clause on double jeopardy. It mentions life or limb. Which also brings up a side note, jeopardy of liberty is NOT relevant for double jeopardy. Why? Because the clause only mentions life or limb. Liberty is a separate issue. That is clear from the a later clause that mentions due process when life, liberty or property is at stake.
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
If you mod me down, I shall become more powerful than you could possibly imagine.
When information is power, privacy is freedom.
His employers can never be certain that it wasn't him, despite professional computer security experts testifying to the fact.
This is what happens when you assume your system is protected.
It certainly wasn't his job to ensure the machine had functioning anti-virus software. It was some other person's job, and they didn't do it.
They're using their grammar skills there.
I say castrate the pedophiles
Just to clarify, do you mean the dictionary definition of pedophile, ie, an adult that likes to molest children, or the legal definition of pedophile, ie, someone who is 18 or greater and is unfortunate enough that their sexual partner is only 18 minus iota and/or someone who likes their 30 year old wife to wear pigtails and short skirts.
If you are not allowed to question your government then the government has answered your question.
I was fired much like this (hence the anonymous posting). After four years of doing an exemplary job, going above and beyond, and saving my boss' ass (both in delivering when she promised the nearly-impossible without asking, and covering for her general incompetence as both a manager and a technical expert) on at least a monthly basis, I was summarily fired for no stated reason. Just "this is at-will employment, and we are terminating it". Sure, I took the occasional pad of paper home, and read /. on he job when I got bored and had time for it. But nothing deserving of more than a gentle "cut that out". I get all the porn I want at home; who'd need to download it at work, on a company machine? But somebody thought that I'd done something horrible, and I was fired. I got none of the basic rights that you get in a U.S. court of law: being informed of the charges, reviewing the evidence, an opportunity to challenge the assusation (let alone the accuser). I consulted an attorney, but he couldn't do anything for me. (I'm just barely old enough to file suit for age discrimination, but it obviously wasn't that. He couldn't find any other basis to challenge it.) In the U.S. employees have no rights except those spelled out in specific non-discrimination and workplace-safety laws... certainly not the right to justice.
I protested my innocence, and begged to be told what they thought I'd done. I was offered one chance: they'd tell me, but then they'd go public with it. Maybe they thought I stole something. Maybe they thought I'd sexually harassed someone. Maybe they thought I'd been surfing porn. Maybe my boss got scared that I was going to stop covering for her and made something up. Any of which I could mount a defense against. But some of them could have involved criminal charges as well, which scared the hell out of me, because I don't fully trust the criminal justice system. And maybe they were going to accuse me of downloading kiddie porn, and it's impossible to be exonerated of that: even if the court says "not guilty", your life as you knew it is over. I couldn't take that chance, so I passed.
Why write malware, they could sell that!
That's a cute way to get very deep into trouble, because they have accused him of being a child porn lover.
To sum up:
- slander
- entrapment
- sexual harassment by exposure to xxx material
That's quite a meal - any lawyer would have a filed day with that - like shooting fish in a barrel.
The lesson: archive a box, then re-image it. If data needs to be recycled, someone must be in charge of checking this first (and I pity the sod who has to do that if the company doesn't have clear data management strategies).
This could be very costly for the company.
Insert
The 'partimage' program is. You could also check out 'g4l' which is the same idea.
In any case where you have 80+ GB partitions that are mostly empty, which is most of the time, dd results in wait times (and space requirements on the destination) that are simply unacceptable and a huge waste IMO. The drives will also tend to become rather warm and stay that way for too long.
Interesting. I wonder what ports were open in his laptop, and if it was sending as well as receiving?
I feel fantastic, and I'm still alive.
Maybe the previous laptop user left his porn in the drive.
waiting for ad.doubleclick.net
Unfortunately, Leurs is an opportunist that argues every time that malware caused the child porn, the defendant did not know it was there and it was there previous to the user getting the computer. What a hack.
At this point, having child pornography on your computer is like being infected with a virus, only this virus is child porn. The only way to get it off is to basically reformat your drive. If you were smart your drive was encrypted and that reformat will be the end of it, and if you aren't so smart then there could be traces of child porn (invisible to the naked eye) which could still be on your machine.
The point is, this guy probably deleted whatever child porn the malware sent to him. Thus it was invisible to the naked eye. Yet that doesn't change the fact that his computer still legally contained the 1s and 0s in a form which is still illegal.
So while I do think there are pedophiles, I don't think this guy is one of them. And this is the sorta situation that our ridiculous child porn laws create.
Maybe it was not visible to the naked eye because he deleted it. I don't know, but I can easily see a situation where some script kiddie creates a bot which trolls chatrooms and which sends random users child porn and then sends the feds after them.
It probably would not take a lot of time to write such a bot, or to trick the typical horny middle aged male to accept a picture of what they think is an adult woman, only to find out later it's child porn. But whats he supposed to do? his computer has been infected.
So now he has to reformat his entire computer. I can see this being the new WinNuke.
It's not as simple as saying the system was compromised before he got it. The system could have been compromised while in his possession and it still might not be his fault.
Who's fault is it if some hacker deliberately sends him child porn labeled as regular porn? And what is he supposed to do?
Sure people like us, we know how to wipe the drive to the point where it's completely deleted and we know about drive encryption mechanisms and all that, but this guy probably does not know this.
It's easily possible that some evil hacker decided to infect him with CP on purpose as a way to get him fired from his job.
There's no such thing as a legal "slam dunk". The only person who will certainly make money from suing them is the lawyer himself (unless he takes the case on a percentage-of-settlement basis, of course).
This whole case would seem to hinge on one forensic expert's testimony, so if I were a lawyer, I'd be a bit leery about considering this an open-and-shut case.
Still, I wish the guy a lot of luck in setting a precedent that you can't be held accountable in all situations for what your computer does.
I'm not sure if the guy wasn't lucky that the employer went immediately to start criminal proceedings --- that's the only reason he has a valid forensic analysis of the computer to show. In an ordinary instance of firing, the computer would almost certainly have been reimaged before he could sue to have it analyzed.
It seems there's room for a law that in cases like this, the employer has to get a forensic snapshot of the computer involved before reimaging it (or be responsible for destroying evidence in any subsequent discovery proceedings).
Would you?
Shouldn't the moral of this story be, "Use Windows and risk losing your job."
There may be stories about viruses infecting Linux systems, but I've never had a problem (except with the random attempts from around the world trying to break into my telnet or ftp servers.) But so long as one keeps those locked down to specific IP addresses then the only problem one has to deal with is SPAM being routed through ones machine.
Look, we are here on slashdot discussing this as if we don't have the technical skill to use CP as a weapon to get people fired. It's really simple write a bot, and then upload your enemy list in encrypted form to that bot server in whatever location and have that bot send a bunch of child porn to all the people you dislike.
9 times out of 10, most men will accept any photograph of what they think is a hot chick, not knowing what it is before they open it, it could be child porn, it could be a virus, they don't know. The problem is once the child porn is on their computer then they get reported and their computer gets checked for child porn.
They then undelete everything and find that one photo was on the computer for a split second.
This alone is enough to get a person fired. Personally, in my opinion, unless a person has LOTS of child porn, I don't think it's right to report them over one image found somewhere on their drive.
If we go by those standards then only the most paranoid of internet users will be able to avoid being infected with child porn. The situation is messed up but I wont label pedophile so easily.
In my opinion you did the right thing. It's becoming way too easy to label someone a pedophile, at this point any hacker can get just about all of their enemies labeled a pedophile by simply hacking into their enemies computers, uploading the child porn, storing it in some secret hidden directory they can't see, and then alerting the proper authorities.
It's fucked up, but just like there were people writing viruses which would destroy computers, there will be people who spend all their time trying to destroy peoples lives using child porn as a weapon to get people mislabeled into a pedophile.
If all it takes to get labeled a pedophile is to be caught with child porn on your computer, how hard will it be to make you look like a pedophile?
You probably wont have to look for child porn or search for it or anything, I doubt the authorities check search records in these cases to see if the person was searching for child porn, they probably just see the pictures on the computer and scream pedophile.
Now the hackers run the corporations, how?
You fcuk with the hackers and they'll pedophile you.
Sounds awefully complicated. I'd just rent a server in Malaysia or other countries with more pressing issues than shutting down servers, where someone like this already has a server collecting information for ID theft. I doubt they're more interested in shutting down CP servers than ID theft servers.
A single server would be vulnerable to DDOS. A rival criminal gang would have such an ability as does the likes of "Media Defender". No doubt various governments can also do similar things. A distributed "server" is resistant to such attacks.
Also it probably makes more sense politically for law enforcement to go after CP.
The truth, well, it depends, when they decide who is or isn't a pedophile do they check search records, or do they just find a bunch of illegal images on a computer and scream PEDOPHILE!
"He'd have 40 Web sites hitting his computer in a minute -- who's the IT guy who looked at this and said, "Wow, this guy is pretty active on the Internet?'" Loehrs said. "It's physically impossible!"
Loehrs found a script file that was set to go out and run its own searches on foreign Web sites, she said. "And once you get into some of these foreign sites, you'll get all kinds of stuff you don't want to see.
"Actually, the child pornography was just a very small portion of it. The majority was just bizarre porn. He was being hit with everything," she added. Are you still so certain of your position? It's not enough that there are word macro viruses and viruses all over limeware and flash viruses, but now we have to worry about scripts which infect us with kiddie porn.
How to defend against this? Harddrive encryption.
And if you see anything illegal, reformat immediately.
zero tolerance laws produce an extreme disincentive to properly and discretely investigate such things before slinging around an accusation which will ruin somebody's life.
IIRC the term was originally applied to corrupt law enforcement. Where it actually makes sense... Maybe what's actually needed is "zero tolerance" towards poor investigation.
"Megan's law"s punish people after the official debt to society has been paid.
In the same way that barring people from voting, after they have served their sentence, is also morally questionable.
If you are so sure pedophilia is an incurable, life-long disease, than imprison them for life or develop a house arrest program, but you can't simply toss these sex offenders out, put a big neon "child molester" sign over their head, and pretend they have the same rights, or are not in danger of vigilantism.
Thing is that the term "sex offender" does not equate to "child molester". It's even possible for people to wind up on these lists for reasons which do not even involve any sort of sex act at all. There have even been cases of unconnected people being assaulted due to similar names and/or address.
Of course child rapists who havn't been caught won't be on any such lists. It's even possible that there are people who have been caught and convicted will not be listed due to some technicality (such as being a woman or having plea bargined to some other charge).
why would the malware developer do that?
Because in some cases the remote boxes serve the images onwards (acting as remote storage for the malware developer).
It's not the developer trying to get the person fire- it's the developer using the person's bandwidth, disk storage, and cpu to serve/restore the images.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
Unless the prosecutors have a pattern of pedophile like habits, such as search records or just some evidence besides the pictures, how can we ever be sure that the guy is a pedophile?
Anyone can download something by mistake, or be tricked into accepting a file. If thats all it takes to make someone a pedophile now, and if prosecutors are that desperate that they'll take these sorts of cases seriously, it's actually probably going to result in helping the REAL pedophiles.
One obvious question is:
So they noticed that the bandwidth usage was 4x the other users--- did that start after he got the new laptop?
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
The malware creators do not always create a malware with a definite motive.
It might also be their intention to hide paedophile images to get any person under trouble!
There should be thorough analysis of the malware on the disk and it should be verified whether the employee's story is true or not.
You may know everything about the law, but if you just were to buy a book on C, or C++, or Java script, or visual basic, you can easily learn how to write a virus which does exactly that.
Why did people write viruses to destroy peoples harddrives back in the day? Remember those viruses that would literally nuke a harddrive and ruin it?
Why do people continue to write viruses which destroy?
The simple reason is, if you hate someone and want to kill them physically but can't do it, sending them a virus and getting them labeled a pedophile is a punishment equal to killing them, and some would say it's a punishment worse than death itself.
I can imagine plenty of people who if they had the knowledge, would write viruses like this and send them to all the people they hate. And I can imagine these same people then reporting them to the prosecutor and having that person get labeled a pedophile.
Don't you realize that this could be you? Any hacker who is pissed off at you could wait for you to leave your wifi open on your lan, then sneak and upload a package to your network, or they could take the direct approach of just emailing you the virus or sending you a website which infects you through a flash video file.
Once infected the virus could create a child porn botnet. Why would they do this? There are many reasons, but I'll list a few that come to mind.
A. It's a way to hurt people you hate (obvious).
B. It's a way to protect the actual child pronographers by wasting police resources.
C. It''s a way into your machine.
While it's possible that yes some people are going around downloading child porn, it's equally technically possible and perhaps even more likely that a virus could infect them with child porn in the same way our email accounts are all infected by spam.
But we don't have anti spam laws which label those who posses the spam in their email account as pedophiles, here in the spam example somehow our laws are rational and we go after the distributors of spam, but somehow when it's pedophiles all reason and rationality is thrown out the window and suddenly its okay to have a witch hunt and just arrest anyone even remotely associated with child pornography to the point now where just looking at it by accident means prison time.
So yes, I can see some hateful destructive types of individuals using child porn as a weapon simply because they can do it and get away with it and the laws are so technologically ignorant in most cases that usually the person who has it on the harddrive goes to prison and is labeled a pedophile, and since that could be anyone it's equal to giving the script kiddie a pedophile gun from which they can take out all their enemies, political or imagined.
No, I think hackers have figured out that they can use CP as a weapon. If it were just about encryption and storage they'd keep encrypting it and storing it on newsgroups.
I think this is both going to be used as a weapon by sick pedophile hacker types who will be able to say "You fuck with us and we'll pedophile you", and in that case it's literally AND interesting the first cyber weapon of this sort that I've seen.
Usually we had to worry about viruses which destroy physical property, now we have to worry about viruses which can destroy our lives. In this case the hacker who controls the pedophile botnet now has the power to scan through the list of IP addresses and report certain individuals to the cops and ignore others, allowing them to both store the illegal porn, spy on random people, and literally destroy the lives of people who piss them off.
Suppose the hacker who wrote this is a Republican, and discovers a certain infected user is a Democrat, whats to stop this Republican botnet owner from deciding to upload a bunch of child porn and then sending a well placed phone call to the local prosecutors office?
Don't you see what could happen here or am I the only one who sees this? Encryption wont work because most people don't know how to properly use it, and when the authorities are at your door, or some thugs threaten to kill your family, you'll give up all your keys anyway, making encryption next to useless.
If you read the defense investigation report, it is revealed that the DIA (employer) spent about three hours investigating the laptop. All they did was copy the temporary internet files to another system for "analysis." It is not clear what took three hours with this folder full of illegal pornography.
The defense forensic investigator notes late in her report that when she copied everything but images from temporary internet files, her Avast AV went apeshit, and that the forensic machine experienced increasing ill-effects from viruses for the rest of the session. She expresses doubt that the anti virus program installed on the DIA investigator's machine was even functional.
FairTax baby!
This sort of system could easily be used as a political weapon as well. Simply call it the pedophile gun and anyone who votes in a way you dislike can have child porn uploaded to their computer.
There is no reason to believe that this couldn't be targeted to specific groups of internet users.
Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted. Except when one can add "think of the children" or "terrorism" anywhere in the accusation (Amendment 8 version 1.pre-1, released 2002).
Soon to be ratified.
May contain traces of nut.
Made from the freshest electrons.
May contain traces of nut.
Made from the freshest electrons.
Proof this has happned, ever? Proof that a "pedophile botnet" exists?
Pedophiles don't want MASS distribution of their porn. Thay want to share it with a small (perhaps a few hundred users at most) group. They have no interest in using spammer tools to spread the proof of their highly illegal activities over millions of PCs. It would be asking for trouble, and achieve nothing.
Don't you see what could happen here or am I the only one who sees this?
Yes, you're the only one.
The charges were dropped, deliberate point misser.
FairTax baby!
...uh, because they're malicious?
You're too lazy, just like they were, you want (yourself?) and others to act on someone elses information that you can't be bothered to confirm, and then have them harassed.
Thats the kind of behaviour that gets (got) the wrong person and ruins their life.
Sam
blog.sam.liddicott.com
Depends on the country, but in general you have insight in your personnel file. These things have a date. In the UK, if the company would leave this for a few weeks they would immediately hang themselves on a constructive dismissal charge.
The other problem is one of proof. Unless they have exceptionally good forensics there is a question how it got onto the machine, leading to lawyer sponsoring game of ping pong about slander.
Third issue: if it is indeed *illegal* material it becomes a criminal matter, and not reporting immediately can be seen as assisting in crime (sorry, forgot the term for it). So the moment this would be used you'd get the question why it wasn't reported before and it would all get very ugly again.
Insert
"We've been advised by our attorney not to talk to you."
When lawyers seems a safer medium for understanding between people than regular speech, there has to be a problem somewhere.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
I'm quite sure there are plenty of those old Sony Music CD's with those infamous rootkits floating around. What happens when one of these Music CD's are inserted in a computer? Can it still infect the computer and allow backdoor worms/viri get in and do to your computer essentially what happened to this guy? That's really frightening if true....
Lawyers don't understand the mind of computer hackers. Why do people break into systems? Because they can. Why do people crack and distribute commercial software for free? Because they can. Why do people write viruses? Because they can.
It very well may be the same in this case. To a hacker, there doesn't have to be any kind of payoff. Simply compromising a system is all that is sought.
... or truths.
Apparently someone thought this person was just fucking strange to begin with if they got with an attorney & fired their ass before they realized anything was going on.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
the basic aim of malware now is to do things which would are illegal and would be bad to have traced to your computer. Instead, the malware authors arrange to have them traced to someone else's computer (they don't mostly care about setting that person up; just misdirection) Several possibliitis in this case.
The reasons are unfortunately many.
Sounds like a great time to sue for huge bucks for wrongful termination.
How can they be sure? Did they include birth certificates to prove the performers were related? Even if the performs were related, are they over 18? If so, is there even a law against it? With apologies to Lee Emory, wouldn't that be like the military prosecuting a soldier for homosexuality and not having the common courtesy of giving a reach-around?
As far as the malware goes, it does seem more likely that the malware was contracted while surfing porn sites but I have heard of malware used for remote storage and distribution of porn. It's plausible, unlike the explanation that a Windows error sent a drunken, rambling email to your ex at 3am.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
I'm seeing a fascinating parallel with the old-time witch trials. People who didn't know much about anything, but were filled with fear and confusion, were always happy to find a scapegoat. Nothing cheers you up as much as kicking the shit out of Bad People. If you can hang them, or burn them alive, that's a bonus.
So these regular folks would notice that somebody (often a lonely old woman) acted a bit oddly. Instead of using a bit of imagination and charity to understand why, they leaped to the conclusion that she was consorting with the Devil. Just as some Native American tribes got their fun from torturing prisoners to death - life was DULL in those days - torturing and killing a witch just made their year. (Another possible parallel is that those who informed on "witches" often did a deal with the state whereby they split the victim's - often considerable - possessions between them).
Nowadays it's not quite respectable to torture people or burn them alive (unless they're foreign Bad People). But these here pedophiles... we should string 'em all up.
There seems to be a type of mentality that doesn't even want to understand how nasty pictures can wind up on someone's laptop, without the owner's knowledge or consent. It's just a great chance to get someone down and kick him, kick him, kick him...
I am sure that there are many other solipsists out there.
I challenge you to offer a shred of evidence that Tami Loehrs' work is in any way defective. (The state's army of prosecutors and "experts" doesn't seem to have been able to do so).
It seems far more likely to me that everything you say is ass-backward. How many innocent people are railroaded into plea bargains and prison sentences precisely because "the typical juror is... computer illiterate, and prosecutors know it"?
You assert that Loehrs "is making a living off of [sic] a few lucky shots where her unchallenged statements have helped [accused people] walk free". Yes, that's how the justice system works, all right. The police arrest someone and haul him off to jail, then a pack of prosecutors, police, and forensics experts carefully prepare a case... and then, when it comes to court, the case is dismissed because of "unchallenged statements" by a "one trick pony".
I am sure that there are many other solipsists out there.
Actually people did have rights are had to be proven guilty in most classic witch trials. The only issue was that the evidence was usually confessions extracted through torture. So it was not the legal system that was broken, but just that any information extracted from torture is completely useless. Unfortunately the new world seems bend on rediscovering that fact.
Maybe your dad is better at social engineering. He may not need to hack your computer to hack your head.
Shouldn't that be +1, Stoned? ;)
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
It's a corporate laptop. The chances that it had a publicly addressable IP address is pretty much zero.
It don't buy it anyway - the last thing a kiddie porn site wants to do is attract attention by wide distribution of its contents.
To form a distributed network to aggregate porn, as well as a delivery system for it. A bot in this network would gather and catalog all porn, including high quality versions behind paid accounts. It would not discriminate between illegal and legal; it would grab everything.
Why would this be done? What are the motives?
Camping on quad since 1996.
You are likely correct. Paranoia and rational don't always go hand in hand though.
Nerd rage is the funniest rage.
I guess we can call this Pornware or pr0nware from now on.
Also you'll need an internet connection to download this:
http://dban.sourceforge.net/
You can get a free wireless connection at a Starbucks and most airports. If you don't have any flash drives you can boot from, you'll need a blank CD as well, those usually run in the $1 range, but you can get them cheaper in bulk. Maybe you could arrange a group buy.
"When information is power, privacy is freedom" - Jah-Wren Ryel
And I must be getting too old, here. Ouch.
Thanks for the info. I guess I've really earned my Slashdot veteran's button today, now I can wear it in shame...
Well, at least I can be glad the guy got cleared of blame relatively effectively. Unfortunately, his life is still in shambles.
First thing I would like to know is if the company is even running any type of web washer than would block sites like this so that the porn sites couldn't be looked at in the first place. So that if they found the internet temp files they would look at the box for malware and what not. The next thing that puzzles me, is how the company's network security guy wouldn't catch all of that bad traffic going through the port, unless he like the person that re-imaged his laptop neglected to do their job. Lastly, the company must be running Altiris or a similar program to manage the desktops which also makes me wonder why they were able to catch the internet temp files, but not all the malware. Even if his laptop wasn't getting updates the network people should have known if they actually were doing their jobs. I would say that company will lose a pretty hefty lawsuit within the next year, for their brash actions and multiple technological screw ups.
Just because you are wrong and I called you out on it doesn't mean I am a Troll.
This has been my argument for years, but everyone I talk to seems to think it's worth the risk to our rights to reduce the risk to our children. I have a little girl and lose sleep at night over her safety, but I just don't think Megan's Law is the right way to go about it.
Honestly, I have no issue with putting profiles of these offenders online, but it has to happen at the point of conviction, not several years afterwards. If you want to start telling convicted sex offenders during sentencing that they will be listed online, so be it. But you can't post the dude who was convicted 30 years ago -- it's not part of his sentence.
And don't get me started on the one-size-fits-all designation of "sex offender" (insert size joke here (insert insertion joke here)). Chester Molester in the panel van by the school is NOT doing the same thing as 19-year-old John and his girlfriend, 17-year-old Mary. Oh, wait, I got myself started there
It is pitch black. You are likely to be eaten by a grue.
as a parent who live down the street from a pederast, a convinced pederast that seems harmless enough (visually he looks like someone's grandpa), I am glad that I have access to a list of sex offenders in my area. His victims were under 13.
This way I can tell my kids to ignore "that" man and not to talk to him, to let us know if he tries to talk to them etc. Sure there are definitely people that aren't on the list, but at least I know that a couple live in my area and I can at least look out for those ones.
oh, I agree about zero tolerance laws though, those and mandatory minimums should be thrown out as unConstitutional. Each case deserves individual circumstances need to be taken into consideration.
Yeah, seems to me that this would be an easy way to railroad somebody. What's to stop an angry coworker/spouse/girlfriend/etc with a grudge from taking 4-5 seconds to copy something from a USB key onto your machine (or just dropping the USB key full of control into your drawer), then calling in a tip to the cops?
I've had crazy ex-girlfriends before (and by crazy, I mean, police restraining order probably-should-be-visiting-a-ward crazy) and it's scary stuff. Heck, a man/women spurned in general is scary stuff... seems to me that it would be easy for somebody to use this stuff to put you over the rocks.
I've seen some banners which advertise as "young girls", usually with a disclaimer of 18+. I don't know how you really determine the age, but to me they could be anywhere between 15 and 21. How do you determine what's a young-looking 20-something'er, or an old looking mid-teen?
As per the banners themselves, they're fairly frequent on warez sites and other site places.
The point here is that an innocent man has been through hell because IT screwed up and didn't set up SMS correctly so his computer had numerous security holes. The summary doesn't convey this, of course, resulting in the stupid (and, actually, offensive) comments from those who assume that he was guilty based on the summary. Folks, this is a real story about a real person, not something from xkcd. You should not be so quick to judge, especially when you didn't RTFA.
The guy might be rotting the the slammer somewhere if it weren't for his wife who rounded up the competent resources to find out what really happened.
I am infuriated because of the occasional poor summary posting that Slashdot seems to be proud of. If I see another story about an air-powered car again, I am going to puke and stop reading.
If I used a sig over again, would anyone notice?
Natural Justice.
In Australia such a person would get a swift court win because the other side must offer a right to rebuttal. In this case, the advisor needs to be sacked.
The fact that the PC was not maintained by a non-negligent security policy, means their ICT area is not qualified, indicative of ignorant management.
"Sex offender" could also mean consentual sex with a 15 year 364 day old girl on his 18th birthday, or he got caught peeing in the bushes. Neither of which should be a capital offense.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
To have a right to do a thing is not at all the same as to be right in doing it
Why would the malware developer do this? Easy:
:)) But really, you can't imagine a bored, socially inept 15 year old thinking it would be funny to use his newfound VB "skills" to fuck with people like this?
To be a dick, at the minimum. In some cases, as a prelude to blackmail, but really, being a dick is the most probable situation.
Why do some people spraypaint graffiti on things? Why do some people key cars in parking lots? Why do some people throw rocks through windows? Because they're maladjusted assholes who want to fuck with people and see if they can get away from it. Sometimes they're not aware of the consequences to others, and sometimes they are and just don't give a fuck.
Having the (not necessarily advanced) technical abilities needed to create or deploy basic malware does not somehow suddenly make an individual morally incapable of doing such a thing. I'm going to guess you're not a litigator if you don't understand this very common human trait (and good for you - try to keep a little bit of innocence
And, I certainly can fault the employer. If the technical advice they were getting was so inept that some of the basic forensic stuff was missed (40 websites in a minute in the logs?) then that's really their fault for hiring inept people to do that job. Further, if those same technical people were so inept as to pass on a machine from one user to the next without at least reimaging it, that's on them. And, finally, there's the issue of the benefit of the doubt. Suspend the guy with pay while an investigation is done (by people who are clearly more skilled than whomever they had on staff) rather than fire him and submit charges on trafficking in child porn! I mean, jesus, even though the guy has been cleared, that kind of thing will *ruin* someone's life.
Think of the children, sure, and hang 'em high if someone's found to actually be involved in child porn, but don't go wrecking people's lives (and the lives of their loved ones) on a witch-hunt backed solely on the basis of obviously incompetent technical advice.
Since I can't tell them apart, I treat all ACs as the same person.
..which comes first?
Something similar happened to me at a previous workplace, although the downloaded content wasn't this extreme (at least I assume). I was pulled into a room and told I was being fired for porn. The IT department had logs of hundreds of images being downloaded to my machine. (First off, if I were stupid enough to browse porn at work, it would have been VIDEOS on the blazing connection they had.)
I asked to speak to someone in Human Resources and/or the IT department. Luckily, my boss agreed, and I was able to explain that I'd not done anything of the sort (with a big lump in my throat the entire time), and something else must have been going on. The Human Resources manager didn't believe me, but the IT guy agreed to inspect my machine before I was to be escorted out of the building and he found malware on it.
A couple months later, my boss that agreed to let me speak to someone had something similar happen on his home PC, only it was with explicit popups that would appear randomly, and he was worried his young child was going to see them. This was a result of some fake screensaver Web site distributing malware as a browser (IE) exploit (he didn't even have to download a "screensaver"). He came to me for advice for getting rid of his trouble. I think at that point he finally believed me (I had a feeling he thought I was lying before the same happened to him).
As a result of all that had transpired up to this point, the IT department started implementing more secure system settings, such as disabling all unsigned ActiveX and prompting for everything else. I'm amazed this hasn't happened where I am now, where everyone is set up as an Administrator on their own machine.
Have you driven a fnord... lately?
You must wait a little bit before using this resource; please try again later.
Sounds to me, like the company was just dying for any lame-ass excuse to fire him. If he was a valuable employee, it may have been overlooked.
Hi, I Boris. Hear fix bear, yes?
Ooh now my curiosity has been piqued. I wonder what I would find on the two company laptops that go into the field frequently, have wireless, are shared, and have the minimum protection installed. Yikes!
-- QED
Chances are high that this pedophile (pederast is not the correct term) is not going to physically force any child to do anything she doesn't want to do. He is very likely not a violent human being. It is fine for your kids or anyone else to talk to him, but you should tell them that if he asks for sexual contact they should politely decline the offer. That way nobody freaks out, nobody gets ostracized, and everyone feels empowered. Contrary to what the state says, children are fully capable of declining sexual activity.
In the same way that barring people from voting, after they have served their sentence, is also morally questionable.
They do that so they can have a population that will vote for the same laws and the same people.
"Loading the dice" so to speak.
Only anti-drug-law people will be excluded from voting because of drugs - people who support the laws won't break them.
Same with everything else.
Also, the rich are more likely to escape prosecution.
So it helps the rich get more votes than the poor, and the Republicans can will yet another election.
Perhaps there will be a widespread voter purge to get McCain elected.
Just because it CAN be done, doesn't mean it should!
"I hope to recover my reputation, but our friends all ran."
Real friends wouldn't assume someone is guilty and shun someone - especially on evidence so flimsy.
Real friends would try to assume someone was innocent.
Real friends don't run like than. (If he was convicted in a fair trial that would be different).
Bet if (when) he wins a multi-million dollar judgment his former "friends" will be back!!!
"Oh, we hate perverts, we were just being careful, didn't want our kids hurt, or our reputation harmed, etc, I'm sure you understand, but since a court has ruled in your favor we know this must be the very rare exception where someone isn't guilty...
Oh, and by the way, I need $80K for a downpayment, and you got $80M...."
Just because it CAN be done, doesn't mean it should!
you may be guilty but we need to make sure your sentence is reasonable (a lot of people would like to hang a man for showing a kid his penis)
I wouldn't want to implement such an unreasonable sentence either officially or as a vigilante.
Hanging is too damn good for those pervert sickos!
It is unreasonably lenient.
How about a lifetime of imprisonment in physical and mental pain? As opposed to a nearly painless hanging (they have their neck broken - not strangled).
The victim gets a life sentence.
You forgot that they wanted it faster. The more distributed it is, the faster it can be redistributed. Just look at any torrent...
He will, however, be suing them.
Good. Security is never cost effective if you can push off the costs of not doing it onto someone else. Heck, some companies like Visa base their entire business model on this kind of thinking.
If you're going to have an Employment Policy layered on a Porn Policy (gosh, what a bad idea in itself) layered upon a Security Policy, then your Security Policy ought to be pretty damn good, given the costs of a bad Employment Policy.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
1. Cops seize computer
2. Set machine time back to pre-seizure
3. Insert verboten pr0n.
4. Set time to current.
5. Accuse and prosecute.
Different variations can be used. Bad pr0n can be sent in a borderline spam message so it never hits the users inbox but instead goes to a spam review folder.
...but I doubt that this will really have THAT large an effect on his employability. He's already working in insurance, so he's not unemployed for life. As to applying for other jobs, it seems like virus / malware / trojans / etc are a quite sensible explanation to wrongful termination.
That said, he should get some form of compensation because this did effectively end his position and any retirement benefits / etc that would be associated with it.
Maybe you could get away with it a few times. The risk and penalties are so extreme I wouldn't chance it for no reason (and there is no rational reason for doing so). Depositing evidence on a government computer is pretty foolish, no matter how incompetent you believe the FBI are.
Firstly this isn't really about 'incompetence'. Its the reality of the internet.
If your hacked US governement computer is being remote controlled by a PC in China which is itself being remote controlled by a PC in England, which is itself being remote controlled by a PC in Mexico which is accepting IRC commands from a channel where they are being put there by a PC in Canada, which is remote controlled by a PC in Cuba. All of these links will be SSL of course.
Seriously, the FBI will be exceedingly lucky if they can push back one hop from China to England without Chinese help in real-time as it is happening. Tracing it back to the guy in Cuba is virtually impossible. And he's probably using his laptop at an internet cafe using a spoofed MAC address.
Secondly, even if he did get caught, he's in Cuba. The US doesn't exactly have full cooperation from Cuba.
Thirdly he's distributing child porn... clearly he's already accepted extreme risk and penalty.
Sounds like the movie "Untraceable" (2007 or 2008).
Any hoot, I'd think spreading this sort of "material" bot-wide would serve to (eventually) lessen to risk of prosecution for holding such content or at least increase the complexity of the process of discovery or incrimination.
People sometimes just do things for fun. And it's hard to understand other people's fun sometimes you know, just like you don't always understand other people's joke.
I couldn't agree more. Even if a person is guilty, I don't think they should, in effect, have a brand burned into their forehead. They should, depending on the offense and the discretion of the court, be placed under permanent surveillance as a condition of their release. (I'm talking about violent rapists or people who actually sexually assaulted children—not just watched child porn.) This has nothing to do with paying any alleged debt to society, but with protecting children and adult women from rapists or exploitation. But the surveillance shouldn't take the form of making life impossible for the convicted offender. If they're truly that dangerous, they should not be let out of jail. Ever.
The biggest problem I see with the treatment of "sex offenders" in the U.S. is that not only are our courts fallible, and sometimes convict the innocent, but the definition of what constitutes a "sex offense" is far broader than most people know. For example, if a teen-ager over a certain age has sex with a girl who is a year younger than he is, he may be classified as a "sex offender".
The U.S. is just hysterical on the whole topic of "the children". I once had a friend who was accused by his wife of molesting his two and three year old daughters as part of the divorce proceedings. I knew the individuals involved, and I am completely convinced that the guy was innocent. (The sum total of the charges was this: his ex caught him napping with the kids; she said his hand was resting in one daughter's groin...well sheesh, the guy was asleep.) He wasn't actually brought up on criminal charges—however, the mere threat of such charges meant that he automatically lost the right to all contact with his children (not to mention being financially screwed in every way possible by his ex.). I guess he was lucky...this was back in the eighties, and I think may "zero tolerance" hadn't set in yet.
Great men are almost always bad men--Lord Acton's Corollary
Judging from the article summary, the porn was found among the "internet temporary files" on the laptop. In other words, the images were cached by the browser. This could and would happen if there was some background program running that connects automatically to these sites, and the user would never see the images. (How often do you go look to see what's in your cache?
Here's a question for you: as I understand it, Firefox follows links on any page you're reading and loads them in the background. Suppose you hit a site that contains links to child porn—possibly even invisible links. Could Firefox pre-load these pages? If so, wouldn't they show up in your cache? —I'm not saying that Firefox does this; I'm asking.
Great men are almost always bad men--Lord Acton's Corollary
* To DDoS a competitor's web site
* To fake page views for advertisers on their own web site
* Someone paid them to do that
* Shits & giggles
to store the illegal files on his pc and act as a server host. Boy you lawyers might now your law but sure are dumb as bricks when it comes to PC's.
Who were using and administering... winbloze.
If "it's so easy", how come "professional" admins could not protect this guy and his company from downloading and storing kidde pr0n?
Exceeding the recommended torque is not recommended.
"My name is Chuck, and I'm here to --" "Wiggle your big toe."
All you have to prove is that the accused weighs the same as a duck. Bingo, there is your witch!
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Support my political activism on Patreon.
> But Windows can be perfectly secure if you want it to ...mebbe if you put it in a faraday cage.
...versus well thought out ease of use (MacOS) or paranioa (Unix).
It's not at all clear that this machine was used in a manner that would have allowed for that.
Windows is very much a "convenience is more important than security" sort of system.
That's why it's prone to this sort of BS. Poorly thought out notions of ease of use
take precedence over good sense.
A Pirate and a Puritan look the same on a balance sheet.
Agreed, especially when there are people out there swatting people just for fun. Swatting has a non-zero chance of getting someone killed.
On a similar note, I decided long ago that if I ever receive a large settlement or win the lottery I will give all the people I do not like $1000 in cash.
Than I shall laugh hysterically in their faces and, through my tears, say something like "Imagine how much I would have given you if you weren't such a douche!"
When the only tool you have is a claw hammer every problem starts to look like the back of someone's skull.
And if you have control of all these computers in other countries, why the hell would you use them to put illegal, unencrypted files on to the laptop of a government employee in the US? And good luck getting more than a few bytes a second through such a chain.
The question is not if it's possible, the question is WHY would anyone do that? Just use the PC in China if you have control of that.
Anyway, there was no suggestion (except here) that the files were being stored or served from the laptop (a laptop connected intermittently by wifi wouldn't be my choice as a server). People love to construct elaborate conspiracy theories. Most likely the files were simply left in the browser cache as a side effect of some penny-ante scheme that sent the PC around a bunch of websites and simulated clicks on banners.
I said that he would have been spared the trouble if he had the skill and nerve to use GNU/Linux. I then gave some solid reasons for being allowed to do so. Having the skill is useless if you can't use it. Finally, it takes courage to get it done in most places because people like you feel threatened by people like me and say bad things. In the end, your own set of tools will save you from a lot of problems the obviously inadequate tool the poor guy got.
linux, at least with the selinux security enhancements designed by the nsa, is extremely difficult to hack into via trojan. What makes it difficult are the file permissions.
I could get in for example, but unless you give my program root access it wont help me very much.
So I'd have to convince you to give my binary program root access, thats going to be fairly difficult when you could just compile the source code yourself.
executed as a pedophile,
or imprisoned for life without parole.
If they haven't the balls to do it to him, they WILL have the balls to do it to others.
Whether you "put" the kiddie-porn there or not is not relevant: possession == conviction.