Slashdot Mirror

← Back to Stories (view on slashdot.org)

Man Jailed After Using LimeWire For ID Theft

Posted by Soulskill on from the guess-his-making-available-defense-didn't-work-either dept.

angry tapir sends along this excerpt from PC World: "A Seattle man has been sentenced to more than three years in prison for using the LimeWire file-sharing service to lift personal information from computers across the US. The man, Frederick Wood, typed words like 'tax return' and 'account' into the LimeWire search box. That allowed him to find and access computers on the LimeWire network with shared folders that contained tax returns and bank account information. ... He used the information to open accounts, create identification cards and make purchases. 'Many of the victims are parents who don't realize that LimeWire is on their home computer,' [said Kathryn Warma of the US Attorney's Office]."

34 of 241 comments (clear)

  1. Remove the buzzwords by BadAnalogyGuy · · Score: 5, Insightful

    Man jailed for ID theft. This is a good outcome, I'd say.

    The Limewire connection is only interesting because it shows social vulnerabilities inherent in the filesharing mechanism. As long as you make it simple to share files and folders, people are going to be lazy and end up sharing files that they never meant to share.

    1. Re:Remove the buzzwords by pha7boy · · Score: 5, Insightful

      A small change in Limewire should take care of problems like that (for example asking you to select/confirm which folders you share every time you open it up). I don't find the idea that parents who don't know what their kids installed on their computer is an acceptable excuse. If you have a kid, you better know what's installed on that computer... It's called parental responsibility.

      --
      -- All this knowledge is giving me a raging brainer.
    2. Re:Remove the buzzwords by Lord+Ender · · Score: 4, Insightful

      If you have a kid, you should NEVER SHARE A COMPUTER with it. It is not practical to expect parents to monitor everything a kid does on a computer, or to ensure any level of security on a computer used by a kid.

      Get your kids their own computers and assume they are sharing that computer with a hacker and all of 4chan. Prohibit the use of the computer for any financial transaction. A kid's computer is only "safe" if there is nothing worth stealing on that computer.

      --
      A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
    3. Re:Remove the buzzwords by Joe+Snipe · · Score: 4, Insightful

      I believe thats what separate user accounts are for.

      --
      Sometimes, life itself is sarcasm...
  2. Re:how dumb by CannonballHead · · Score: 4, Informative
    Did you even read the summary, by any chance?

    'Many of the victims are parents who don't realize that LimeWire is on their home computer,' [said Kathryn Warma of the US Attorney's Office]."

  3. Another entrepreneur... by Wireless+Joe · · Score: 5, Funny

    ...shut down by The Man.

  4. Re:how dumb by orthancstone · · Score: 4, Insightful

    Do people not understand how file-sharing works?

    Correct

  5. Crime was not accessing the data by davidwr · · Score: 5, Insightful

    The crime was using it.

    Here's a moral equivalent:

    Imagine of lots of people left the same forms on their car dashboard for all to see and parked their cars on the public streets. Then I walk along and write that info down in my notebook. So far, I haven't done anything illegal. Or I should say, if I have broken a law, then the laws are broken.

    But once I use this information, particularly if I use it fraudulently, then I've committed a crime.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
    1. Re:Crime was not accessing the data by badboy_tw2002 · · Score: 4, Informative

      Apparently the prosecutor did not agree:

      * Wood was sentenced Tuesday to 39 months in prison and three years of supervised release for wire fraud, accessing a protected computer without authorization
      * to commit fraud, and aggravated identity theft. He was tried in the U.S. District Court for the Western District of Washington.

      Key word is "protected computer". Not sure how something sharing *.* on limewire is considered "protected". Guy needed a better lawyer.

    2. Re:Crime was not accessing the data by Aladrin · · Score: 5, Insightful

      But he -did- have permission. They have given permission by having limewire share their computer's contents.

      If I put a sign in my front yard next to my lawn chairs that says 'Free chairs', even if I can't read the sign myself, I can't blame anyone for taking the chairs. I did give them permission, even if I didn't know I was doing it.

      And as far as 'protected computer' ... Leaving filesharing open to the world is the opposite of 'protected'. Having a bulldog in your front yard and leaving your front door open does not mean your house is protected.

      --
      "If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
    3. Re:Crime was not accessing the data by DerekLyons · · Score: 3, Interesting

      If I put a sign in my front yard next to my lawn chairs that says 'Free chairs', even if I can't read the sign myself, I can't blame anyone for taking the chairs. I did give them permission, even if I didn't know I was doing it.

      Which is why we have age-of-consent laws, and laws regarding the validity of contracts, and laws concerning disclosures and waivers... Because the (US at least) legal system does not believe that one can give uninformed permission or consent. (Not to mention that what you are doing here is blaming the victim.)

    4. Re:Crime was not accessing the data by blackraven14250 · · Score: 3, Insightful

      Nope, not really. He took this information and conducted fraud. It doesn't matter whether they literally told it to him or he found it in their dumpster or whatever. Fraud is fraud, plain and simple. You don't get away with giving a false driver license to a cop even if the driver gave it to you to use.

      But, I totally agree on the protected computer part from the practical standpoint. It wasn't protected. However, if the law lets them in based on any loophole, it'll be exploited a massive amount. I don't want someone getting into my files because "Windows was already programmed to let them" or some shit like that, and being stuck with no recourse because of it.

    5. Re:Crime was not accessing the data by TheLink · · Score: 3, Interesting

      The Courts could rule that he didn't really have permission. After all a reasonable person seeing those files being shared would realize that it is far more likely that someone has made a mistake than someone has intentionally given permission to the world to access those files.

      Just because I leave my car unlocked with the keys in them doesn't mean you have been given permission to drive the car away. Now if someone naughty then puts a sign saying "free car" on it, and someone else drives it off, it should be a lesser charge (one should realize that to get the free car, some paperwork needs to done to transfer the ownership).

      If I give you my credit card info it doesn't mean you can go around using it to do your online shopping.

      I don't have the full details but another possibility is the "protected computer" is not necessarily the computer with limewire, it could be the _other_ computers (in banks etc) the guy accessed to commit fraud.

      --
    6. Re:Crime was not accessing the data by CastrTroy · · Score: 4, Insightful

      The protected computer thing is just an extra charge they have on the books so they can put you in jail for longer, or fine you more. I remember a few years ago on the news, they reported somebody getting charged with a robbery, and one of the charges was "wearing a disguise while committing a felony". There's a lot of extra laws on the books just to increase the number of charges you get when you break an important law. I imagine that had he not actually committed fraud using that data, that there is no way he would have gotten charged, simply for downloading the information from the computer.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    7. Re:Crime was not accessing the data by BenEnglishAtHome · · Score: 4, Interesting

      Just because I leave my car unlocked with the keys in them doesn't mean you have been given permission to drive the car away.

      Not always. Rural residents of the Dakotas will often winter in town. When they leave the country place, they may leave their house and cars unlocked and leave the keys in the car. The thought process is: Anybody who knocks on the door of this place in the middle of winter is in mortal danger. They certainly need shelter. They may need transportation.

      Of course, over the last couple of decades with the rise of the cell phone, this sort of behavior has become far more rare. But back in the day, it was pretty common.

      "And that concludes your trivia moment for today. Join us tomorrow for..."

  6. Outrageous! by wbren · · Score: 4, Insightful

    This is outrageous! Our rights have been trampled on for the last time! We must rise up and fi....

    Wait, wait, wait... are we /.ers for or against doing illegal stuff on P2P networks this week?

    Sorry, between defending one illegal P2P activity (music "sharing") and condemning another (ID theft), it's hard to know what's what...

    Tip: The mod point you're looking for is "-1 offtopic"

    --
    -William Brendel
    1. Re:Outrageous! by mcgrew · · Score: 5, Insightful

      Wait, wait, wait... are we /.ers for or against doing illegal stuff on P2P networks this week?

      Some perfectly moral actions are illegal (e.g. smoking marijuana). Some abhorently immoral actions are perfectly legal (e.g. adultery). Sharing copyright files is illegal, but its morality is debatable. Defrauding someone of their hard earned cash is illegal, and its immorality is not debatable.

      But I'm sure someone here will try to debate it anyway. :/

      --
      Free Martian Whores!
    2. Re:Outrageous! by mmaniaci · · Score: 4, Insightful

      The mod point I'm looking to give you is "-1 Flamebait." Since when is destorying someone's personal life akin to stealing an album? Get some perspective on life, please. Laws do not define right and wrong! Sorry for the flame, /., but people that are blind enough to believe laws are some sort of unchangeable and divine Truth need be burned.

    3. Re:Outrageous! by Anonymous Coward · · Score: 3, Funny

      Let's get our terminology straight. It's not identity theft, since nobody is being denied use of their own identity.

      How about calling it identity infringement, which may be legal in some countries...

  7. Good but not Great by Monkeedude1212 · · Score: 3, Insightful

    I mean the guy should go for jail for it, no doubts there - but the fact that it can happen is the real issue that needs to be addressed.

    I mean it's not the victim's fault, they probably don't even know what Limewire is, let alone how to use it or how it can be dangerous. It's not Limewire's fault, I mean any method they put in to prevent this will either detract from their service or will just spawn more problems.

    And little Billy Downloady just put My Docs as the shared folder so his music goes into the music folder and the movies go into the movies folder. Having no idea that his parents happened to keep sensitive info in there.

    I Guess the solution... Encrypt your Data regardless your situation?

  8. Re:how dumb by CannonballHead · · Score: 5, Informative

    Many people from older generations that have not had the time to learn how to use the computer aside from e-mail and online news have no clue. And computers aren't as static as we geeks like to think they are, and they slow down or speed up occasionally, install updates, etc.

    For someone who has really no clue how it works and isn't even used to using it, it's very easy to see how they could not notice.

  9. Protected!? by SendBot · · Score: 5, Insightful

    Wood was sentenced Tuesday to 39 months in prison and three years of supervised release for wire fraud, accessing a protected computer without authorization to commit fraud, and aggravated identity theft.

    What chain of idiocy determined the computers he accessed to be "protected"?

    Wood: Hey, do you have any files with names like this?
    Computer: Yeah, I do.
    Wood: Can I have them plz?
    Computer: No problem - here they are for you.

    1. Re:Protected!? by wbren · · Score: 4, Informative

      What chain of idiocy determined the computers he accessed to be "protected"?

      The U.S. Congress -- More specifically, the Identity Theft Enforcement and Restitution Act expanded the definition of "protected computer" to include basically any computer with a network connection. More information is available at:

      --
      -William Brendel
  10. Re:how dumb by CannonballHead · · Score: 4, Insightful

    Then why are these idiots letting their kids use their computer?.........No wait.......

    That would be a very large debate. But hey, if "parenting" consists of "taking kids to daycare" and when they are older "taking kids to school" and when they are older "buying kids a car," it's no wonder they let their kids use "their" computer.

  11. Got to agree by SmallFurryCreature · · Score: 3, Interesting

    the guy's sentence had nothing to do with limewire or even downloading. If he had downloaded said tax records for just a laugh, he would be free. He has been jailed for fraud pure and simple.

    Don't we hate "X but on the internet" patent claims? Then why are "X with a very loose connection the internet" stories okay?

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

  12. Re:how dumb by mcgrew · · Score: 4, Insightful

    You're confusing ignorance with stupidity. Everyone is ignorant, nobody knows everything. Anyone who assails the intelligence of someone because they don't posess a certain bit of knowledge that they do is stupid.

    --
    Free Martian Whores!
  13. Re:how dumb by rantingkitten · · Score: 4, Interesting

    Well, no, most people barely understand how their computer works at all. They can kind of drag their way through Windows, but only because they only need to access a few things and they've more or less memorised where to click for those things are. Move their icons around and suddenly it's a huge crisis for them.

    Additionally, many households only have one computer. Mom and Dad use the computer sometimes, then little Susie gets on and installs Limewire, accepts all the defaults, and next thing you know, Mom and Dad's files are being shared with the world.

    Or maybe the person is just clueless, and doesn't understand the concept of folders and directories. They want to share their music, their music is on the hard drive, they know the hard drive is C:, so that's what they share.

    Really there are any number of reasons this could happen, either from sheer idiocy, to ignorance, to total accident. Back in the the day, 2001 or so, I used to search for things like "resume.doc", or random Windows DLLs, in Kazaa, then I knew who was sharing things they probably shouldn't. Then you could do "More files from this user," or whatever the option was, and come up with all kinds of interesting stuff. Never occured to me to search for tax returns, but then, I wasn't really trying to do anything malicious either. The point is that people sharing practically their entire hard drive, without even realising it, has been going on a long, long time.

    --
    mirrorshades radio -- darkwave, industrial, futurepop, ebm.
  14. Not Surprising by Dekks · · Score: 3, Insightful

    I'm still amazed how many people think it's a great idea to have their resume on their personal website, along with their date of birth, address and believe it or not I've actually seen people put their SSN on their resumes.

  15. Re:how dumb by InlawBiker · · Score: 5, Insightful

    For a bunch of techies on Slashdot it's hard to understand. It's like a car mechanic saying, "How could you not know your valves needed adjusting by how the engine was running? Now your motor is destroyed" and the customer's answer is "What's a valve?" I bet the auto mechanic web forums are full of people laughing at the "dumb" end users of expensive, ruined machines.

    There are a whole combination of technical details to know with file sharing - Windows shares, file system permissions, why you shouldn't run applications as admin by default, IP, port address translation (if you have a typical NATing home router). Even if you think you understand the software, how can you be sure you're 100% safe when you install software that's DESIGNED to open up your computer to the world?

  16. Re:how dumb by clone53421 · · Score: 4, Interesting

    I've posted on here a few times on this very topic, although I'm probably preaching to the choir. People are stupid like you wouldn't believe.

    I've done this before, not for nefarious reasons but more as a proof-of-concept to convince myself that people really are this stupid.

    Obviously I never did anything illegal – merely downloading the sensitive files isn't illegal AFAIK, since they're publicly sharing them (even if unknowingly). Attempting to log into someone's PayPal account (to see if the password had been changed or the account locked out) was probably somewhat borderline; I never tried to log into any of the credit or banking accounts. Most of the login details were no good, but I was able to log into people's e-mail accounts, several different instant messenger accounts, even a couple of RapidShare Premium accounts. (One e-mail account even appeared to be actively used – recent dates on messages, which I didn't read although I saw the subjects. As a gesture of helpfulness I sent an e-mail from the account to itself in which I informed them that their login details were being shared on LimeWire!)

    So yes, this doesn't surprise me in the least.

    --
    Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
  17. Re:how dumb by mrsquid0 · · Score: 5, Insightful

    No, they do not. Many people think that they are searching some sort of repository of files that was set up specifically to be searched. They do not realize that they are searching other people's hard drives, and other people are searching theirs. Even when they realize that people are downloading from them many people think that the downloading is restricted to music files. The idea that their entire hard drive may be open for searching is alien to some people.

    --
    Just because you are paranoid does not mean that no-one is out to get you.
  18. Re:how dumb by Orion+Blastar · · Score: 3, Insightful

    Actually it is usually the children that install Limewire to get free music and video games. Most parents don't know what Limewire is, and share the computer with their children. When they notice a slow down on the Internet they think it is a virus or just Windows as usual. Not knowing that Limewire is sharing their "MyDocuments" folder including all of their personal documents and files in that folder.

    My son, for example, uses a PC different from mine. So mine does not get infected with viruses or get all of the files shared via Limewire or some other program. But then I am Tech Savvy enough to know what Limewire and other file sharing programs are, and take them off of my system.

    --
    Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
  19. Re:how dumb by KraftDinner · · Score: 4, Funny

    Thank you for putting it in a way I could understand. I had no idea what this discussion was all about until you came along with a car analogy.

  20. Re:how dumb by kdemetter · · Score: 3, Interesting

    You may have a point, but i still don't see how they could get their bank records , because , by default Limewire only shares the 'Shared folder' .

    So , they either put their bank records in the Shared folder , or they changed the settings to include other folders.

    What i mean to say is : Limewire already put effort into making sure you don't accidentally share files .

    That being said , considering the amount of junk you get when typing 'tax return' , i must admire the persistence of the identity thief.

    --
    Slipping shoelaces ?