Slashdot Mirror
Man Fired When Laptop Malware Downloaded Porn
Geoffrey.landis writes "The Massachusetts Department of Industrial Accidents fired worker Michael Fiola and initiated procedures to prosecute him for child pornography when they determined that internet temporary files on his laptop computer contained child porn. According to Fiola, 'My boss called me into his office at 9 a.m. The director of the Department of Industrial Accidents, my immediate supervisor, and the personnel director were there. They handed me a letter and said, "You are being fired for a violation of the computer usage policy. You have pornography on your computer. You're fired. Clean out your desk. Let's go."' Fiola said, 'They wouldn't talk to me. They said, "We've been advised by our attorney not to talk to you."' However, prosecutors dropped the case when a state investigation of his computer determined there was insufficient evidence to prove he had downloaded the files. Computer forensic analyst Tami Loehrs, who spent a month dissecting the computer for the defense, explained in a 30-page report that the laptop was running corrupted virus-protection software, and Fiola was hit by spammers and crackers bombarding its memory with images of incest and pre-teen porn not visible to the naked eye. The virus protection and software update functions on the laptop had been disabled, and apparently the laptop was 'crippled' by malware. According to Loehrs, 'When they gave him this laptop, it had belonged to another user, and they changed the user name for him, but forgot to change the SMS user name, so SMS was trying to connect to a user that no longer existed ... It was set up to do all of its security updates via the server, and none of that was happening because he was out in the field.' A malware script on the machine surfed foreign sites at a rate of up to 40 per minute whenever the machine was within range of a wireless site."
Good to know they researched heavily before firing him. At my company when re-deploying hardware like a laptop it is standard to wipe it completely and load a ghosted image. Who WOULDN'T do at least as much?
case where you can't help but think "this can't be right".. making certain types of information illegal to possess just doesn't make practical sense in the context of the Internet, no matter how morally objectionable we find it.
If people hadn't jumped to conclusions and had done a more thorough investigation, this man would not have lost his job and reputation.
I've heard of people getting screwed by their bosses before but this is ridiculous.
If he hadn't had the resources to hire his own expert, he would be in prison and branded a sex offender for life, all because his boss didn't practice safe hex.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Not that Linux (or OSX, or any of 'em for that matter) are 100% crack-proof, but putting one's career at the mercy of common malware and the only safety net is a sharp eye at the IT department?
OTOH, I suspect this guy (if he plays his cards right and has a sharp lawyer on retainer) may never have to work another day in his life.
Quo usque tandem abutere, Nimbus, patientia nostra?
The real crime here is that the charges were dropped thru "insufficient evidence".... Why is this loophole allowed to prosecutors? How about. "We are sorry we should never have arrested you, fired you and will will formally erradicate all your arrest process so it never happened and give you backed dated pay and legal expenses".
And how does the average corporate employee even know whether he/she has a "clean build" when issued a new laptop. Most times a laptop arrives pre-imaged with an OS and a standard suite of software tools. Unless you go poking around the filesystem you can't really tell how "clean" the machine is.
If libertarians are so opposed to effective government, why don't they all move to Somalia?
DIA spokeswoman Linnea Walsh confirmed Fiola "was terminated," but declined to say if any internal discipline has been meted out as a result of his name being cleared in court.
"We stand by our decision," she said. So now the DIA is trying cover it's own ass for giving him "a ticking time bomb" and then firing him for it and ruining any social life he had.
The worst part is that the assholes at DIA responsible for the horrible "roll-out" of a replacement laptop, and the PHB's responsible for firing him w/o doing proper research into the issue will not be punished in any way. THEIR lives won't be ruined. Even if he wins a lawsuit. It'll be money from the DIA, but no real punishment to the people involved.
Somebody find all their names and contact info (I'm too lazy) and post it. Let's send the info to Russia with requests for Viagra and child porn.
Seriously though, The Office is funny on TV, but tragic in real life. These people should be arrested for harassment and criminal negligence at the least.
What kind of laws can we enforce (and/or pass) to truly punish the individuals responsible for shit like this? Lawsuit money from the organization isn't even close to justice.
Operator, give me the number for 911!
* to disrupt society
* to provide a plausible alibi for any of his perverted friends
* to drive up the cost of prosecuting this type of crime so prosecutors will have less money to prosecute his brother-in-law who runs an organized crime family
* kicks/jollies/juvenile reasons
* someone paid him to do it
* Why ask why
* He wanted his work to get on CowboyNealBoard, er, I mean Slashdot
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Because the sites the malware connects through pay via click through.
What that bit of malware probably did was go around to a bunch of sites that the author gets fees from and makes it look like someone is browsing them.
Get a botnet of 1,000 computers going and it looks like hacker X convinced 1,000 people to view the site over and over.
Personally, I'm skeptical about the idea of malware that secretly downloads and hides kiddie porn--why would the malware developer do that?
I've actually seen this sort of thing a couple times... not for kiddie porn luckily. Just movies (hollywood) and warez back before p2p.
As you can imagine finding servers to host and distribute this sort of stuff can be difficult. So why not compromise some random persons laptop, setup an ftp server, irc, dynamic dns, and whatever else... and then use it as a free and 'anonymous' remote host and storage.
It wouldn't surprise me in the least that this could be in use for kiddie porn distribution.
I really can't fault the emploeyr for not considering such an idea and investigating it.
When dealing with any case of child abuse including kiddie porn, one should ALWAYS be extremely cautious. Because whether he is innocent or not, people will never look at him the same way again.
zero tolerance laws produce an extreme disincentive to properly and discretely investigate such things before slinging around an accusation which will ruin somebody's life.
"Megan's law"s punish people after the official debt to society has been paid. If you are so sure pedophilia is an incurable, life-long disease, than imprison them for life or develop a house arrest program, but you can't simply toss these sex offenders out, put a big neon "child molester" sign over their head, and pretend they have the same rights, or are not in danger of vigilantism.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
Amendment 8 - Cruel and Unusual Punishment. Ratified 12/15/1791.
Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted.
Frankly, zero-tolerance doesn't seem like what the Founders had in mind, nor does torturing people you don't like for the rest of their natural (and now probably shortened) lives. Granted, I suppose this depends upon your interpretation of "cruel and unusual", but if this can be applied to sex offenders it can be applied to any group of people if you can manage to vilify them sufficiently.
The higher the technology, the sharper that two-edged sword.
Not having a skill you might happen (I assume) to have shouldn't be cause for derision or ridicule. As for the "nerve", you've obviously never had a job at a company of any significant size. And we'll leave it at that.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
I've noticed from having kids that when kids think they're getting away with something, it's just that the whole thing sucks (embarrassing for both or just annoying) so you let the kid think he got away with it. One day, if you have any kids, you'll figure this out.
Yes, Megan's law is obviously intended to incite mob 'justice'. Executions are expensive and socially messy. It is much simpler to 'think of the children', publish the addresses of sex offenders, and hope that some other sicko takes care of the problem for you.
4) You own him until he leaves the company.
How about stop going around being so trigger happy about sacking and prosecuting people for such "crimes"?
How about actually following the money trail? Are the malware authors and people putting those images up really doing such stuff for free? Someone must be paying for those ads, the creation of child porn sites etc.
There are more serious crimes than possession of some image file, especially an image file that is likely to be downloaded by malware.
Lastly, Linux isn't going to help. The real problem is mass hysteria - lots of people suddenly turning their brains off when they hear a trigger phrase. Sure child porn is bad, but if you really want to fix it, follow the money to the bitter end. Not go around starting stupid witch hunts. The way they do things, I figure it's just a tool for cynical manipulation of a mindless populace.