Forgot your password?
typodupeerror
Privacy Wireless Networking Your Rights Online

Bizarre Porn Raid Underscores Wi-Fi Privacy Risks 964

Posted by CmdrTaco
from the stranger-than-fiction dept.
alphadogg writes "Lying on his family room floor with assault weapons trained on him, shouts of 'pedophile!' and 'pornographer!' stinging like his fresh cuts and bruises, the Buffalo homeowner didn't need long to figure out the reason for the early morning wake-up call from a swarm of federal agents. That new wireless router. He'd gotten fed up trying to set a password. Someone must have used his Internet connection, he thought. Sure enough, that was the case. Law enforcement officials say the case is a cautionary tale. Their advice: Password-protect your wireless router."
This discussion has been archived. No new comments can be posted.

Bizarre Porn Raid Underscores Wi-Fi Privacy Risks

Comments Filter:
  • guilty eh? (Score:5, Insightful)

    by rainmouse (1784278) on Monday April 25, 2011 @11:08AM (#35929408)
    Guilty until proven innocent.
    • Re:guilty eh? (Score:5, Insightful)

      by bobdawonderweasel (941828) on Monday April 25, 2011 @11:20AM (#35929562)
      Indeed. This case has far more to do with the actions of police state than a criminal investigation. When will these morons in law enforcement learn: IP Address != Identity.
      • by Samalie (1016193)

        Part of the problem is the downright fucking shoddy reporting in the mainstream media, especially in tech matters...FTA...

        The agent identified the IP address, or unique identification number, of the router, then got the service provider to identify the subscriber.

        They're teaching the average moron that IP Address = Identity. And as we all know, these morons are the "jury of our peers" when some fucking perv uses (y)our internet connections and we get busted for it.

        • Re:guilty eh? (Score:5, Interesting)

          by MickyTheIdiot (1032226) on Monday April 25, 2011 @11:39AM (#35929808) Homepage Journal

          When I was younger I worked as a tech in a major metro newspaper.

          Reporters seem to have a overblown sense of self worth. They can't be bothered to go down the hall and talk to lowly "technical" people to find out if what they are saying even makes sense. This seems to happen with reporters at every level. They go on air regularly and make asses of themselves because they are sure they know everything.

          You can complain to the paper, but it will just go to a jackass editor that even has a MORE overblown sense of self-worth.

        • Re:guilty eh? (Score:4, Informative)

          by Paul Jakma (2677) <paul+slashdot@jakma.org> on Monday April 25, 2011 @12:04PM (#35930198) Homepage Journal

          What is wrong with that description exactly? It says IP == "unique identification number, of the router", which is quite precise, particularly for a layman's description, and not at all inaccurate. There's plenty to criticise in OTT policing in raids of houses (WTF do they need assault rifles to arrest a suspect paedophile; why do they fail to consider the chance the person who did the downloading may not be in the house?( - but you've gone awry in picking on that quote.

          • Re: (Score:3, Informative)

            by _Sprocket_ (42527)

            What is wrong with that description exactly? It says IP == "unique identification number, of the router", which is quite precise, particularly for a layman's description, and not at all inaccurate.

            For something to be a "unique identification number, of the router" that identification number would have to be applied only to that particular router and remain consistent. Think about that for a minute. Is there ever a scenario where your home router ends up with more than one IP address? Can you assign it an arbitrary address? Can it automatically be assigned a new address via DHCP? Will it get a different IP address if you move it to another location / plug it in to a different network?

          • Re:guilty eh? (Score:5, Insightful)

            by wordsnyc (956034) on Monday April 25, 2011 @01:04PM (#35931154) Homepage

            WTF do they need assault rifles to arrest a suspect paedophile; why do they fail to consider the chance the person who did the downloading may not be in the house?

            They need the whole SWAT routine because they know there's no real threat. Believe me, if they thought the guy inside was armed, they'd set up a perimeter and start lobbing tear gas in there. It's all theater. Good for the local TV and it's like dog treats to the cops themselves -- they get to play Rambo in a safe sandbox.

        • This is it exactly. IP's addresses aren't people especially with IPv4 addresses. I don't know about the average slashdotter, but on my single IP address are 4 people, with 9 different computers.

          If one person fails to update one computer with a zero day patch, and that machine gets comprised and can then download whatever they want, and leave behind incriminating evidence getting someone else in trouble for your dirty deeds.

          NAT's are good at such things. Heck I am now tempted to leave an unsecured compute

      • Re: (Score:3, Insightful)

        by kenshin33 (1694322)
        IP != identity but it's a start. The person becomes a suspect and the investigation continues ...
    • Re: (Score:3, Insightful)

      by PingSpike (947548)

      That's not true. He'll probably still be assumed to be guilty by a large percentage of people even after he is proven innocent.

    • Re:guilty eh? (Score:5, Insightful)

      by DanTheStone (1212500) on Monday April 25, 2011 @11:25AM (#35929624)
      I saw this story first on Yahoo! News and, surprisingly, the comments seemed to understand this. The highly-rated comments all said this is insane, that it's not the guy's fault for not securing his wireless network, it's the police being crazy. I was somewhat proud of my fellow countrymen for seeing through the attempted spin.

      The horrible thing, to me, is that they're trying to use it to push securing your home internet. Breaking home wireless encryption isn't that hard, and it would have made it far more difficult for him to prove his own innocence. It's a bit of a double-edged sword.
  • Search Warrant? (Score:5, Insightful)

    by wsxyz (543068) on Monday April 25, 2011 @11:08AM (#35929412)
    So maybe... just maybe, this is a clue that it's not quite right to break down people's doors because of an ip address?
    • Re:Search Warrant? (Score:4, Insightful)

      by Anonymous Coward on Monday April 25, 2011 @11:11AM (#35929442)

      What? Dude, no. Cops are NEVER in the wrong. If a mistake was made, it's obviously on the part of the WiFi router owner.

      Really, I'm surprised that the cops haven't charged him with wasting police resources-- those SWAT raids aren't cheap...

      • Re:Search Warrant? (Score:5, Insightful)

        by rbollinger (1922546) on Monday April 25, 2011 @11:21AM (#35929572)
        First Point: ICE raided the house not the police.

        Second Point: ICE needs to have a federally issued warrant in order to raid a house.

        Honestly it is the Judges that need the wake-up call. Too many just don't understand the intricacies of technology and internet crime. A Judge would have been shown how ICE had tracked the IP back to a specific person, and he should have known that that IP address doesn't necessarily identify that person as the perpetrator, and denied the warrant. Furthermore, he should realize that by authorizing a raid like that he reduced the chance of actually catching the real criminal. If the neighbor wasn't such a bone-head, he would have realized what was going on, and fled after he saw the raid on his neighbor's apartment. Instead he probably though he had successfully pinned the blame on someone else.
        • by Hatta (162192)

          Honestly it is the Judges that need the wake-up call.

          Never going to happen. They have far too much discretion, and are even immune to being sued or prosecuted for abuses of power.

    • Re:Search Warrant? (Score:5, Insightful)

      by Anonymous Coward on Monday April 25, 2011 @11:14AM (#35929484)

      Even if he was guilty, there wasn't a good reason to attack him with a military unit of the police because his proclivities are abhorrent. Why couldn't regular cops handle the warrant? He wasn't accused of buying machine guns after all.

  • by Frosty Piss (770223) * on Monday April 25, 2011 @11:09AM (#35929414)
    ...to set up a password? I've never had much of a problem, and I'm a Luddite.

    But, yes, this is an area inhabited by much hysteria, mostly generated from "Think Of The Children" LE Nazis and - yes - the News Media looking for the sensational story...
    • Guest Wi-Fi (Score:5, Insightful)

      by tepples (727027) <{tepples} {at} {gmail.com}> on Monday April 25, 2011 @11:13AM (#35929464) Homepage Journal

      ...to set up a password?

      If you run a business that offers WLAN Internet service to its guests, how do you reliably communicate the password to legitimate guests without also communicating it to those who deal in child pornography and unlicensed controlled substances?

      • Run your users through a "Captive Gateway" to authenticate them an agree to your Acceptable Terms of Use. Here [smallnetbuilder.com] is a guide I found for some open source solutions using a quick google search:
      • You don't worry about that, and instead focus on securing your guest WiFi through some kind of walled garden or forced proxy setting to prevent people from abusing the service. It's actually quite trivial to force all traffic through a silent proxy without having to configure client PC's for it at all. If you don't want to go to that much effort, you can also simply block everything that isn't on HTTP or HTTPS default ports, and just force those ports through a proxy.

        Just because you're providing wireless s

      • Re:Guest Wi-Fi (Score:4, Insightful)

        by Overzeetop (214511) on Monday April 25, 2011 @12:14PM (#35930352) Journal

        I'm curious: If I sing a note, can you sing a perfect fifth in just tuning to it, and create an overtone? I didn't think so. It's actually very, very easy to do, and I can teach nearly anybody who can sing along in church or with the radio in about half an hour. It's all about perspective. I'm not even a professional musician - in fact, not even close.

    • by MoonBuggy (611105)

      Not difficult, but as the article (briefly) points out, there are plenty of people who are quite happy to share a little of their bandwidth in exchange for the knowledge that others will do the same for them. There are even businesses [fon.com] based on that very premise.

      Sure, pointing at an open hotspot as if it exonerates one from any suspicion would be foolish, but I'm inclined to think that so is smashing down someone's door and throwing them down the stairs based on an IP address.

    • by The Archon V2.0 (782634) on Monday April 25, 2011 @12:07PM (#35930236)

      Well, there was that time I changed ISPs. Couldn't be home for the changeover but the nontechnical roomie was. I left him with two instructions:
      1) They DO NOT TOUCH my stuff. Not even to hook it to the ISP's router.
      2) If they can't give me a router without wireless, they disable the wireless. Neither of us uses it.

      The installation guy wanted to install their "home security suite" (a rebadged McAfee or something) on my PC. He got rebuffed, so instruction #1 went off without a hitch.

      The roomie specifically requested the wireless be disabled. The ISP guy said he disabled it. When I got home, turned on my laptop's wireless and checked. And found a wide-open access point that wasn't there that morning. Its name? MY PHONE NUMBER.

      And the router was passworded. I couldn't turn it off short of yanking it out. I had to go online (via my laptop because like hell I was plugging my LAN into an open access point), find a list of default passwords the ISP uses, and try them until I hit the right one. I changed the network name to gibberish and then disabled it.

      I was later informed that they'd have been more than happy to tell me the password if I just phoned them. The next morning, when the phone lines were open, because I got home too late.

      Oh, and wait an hour on hold.

      And hope the call center monkey I got didn't think he wasn't allowed to give that info. And knew where to find it.

      Sure, it's EASY to change a wireless setting!

  • by Anonymous Coward on Monday April 25, 2011 @11:10AM (#35929426)

    If someone is sitting outside my house, where there is no mobile phone service, and they really desperately need to make a quick Skype call or check their e-mail, it is a neighbourly thing to do to let them use my wifi, just as if their car broke down, it would be a nice thing to offer them a glass of water and a quick phone call to their car breakdown company.

    Child pornography trading was not a strict liability offence last time I checked. You have to show some intent, damnit. And until that happens, I'm going to say fuck you to fear and be a good neighbour.

  • So rather than (Score:5, Insightful)

    by Stargoat (658863) * <stargoat@gmail.com> on Monday April 25, 2011 @11:11AM (#35929438) Journal

    So rather than two Federal Marshalls in ties having a discussion with the gentleman, the Feds come in Police State style, tossing American citizens around like ragdolls and trampling the Constitution and the natural rights of man.

    What is wrong with this country?

    • Re:So rather than (Score:5, Insightful)

      by characterZer0 (138196) on Monday April 25, 2011 @11:18AM (#35929518)

      What is wrong with this country?

      The voters, even if they remember the incident come November, will still vote for the same politicians they have been voting for their whole lives.

  • Wrong Damn Point (Score:5, Insightful)

    by dcollins (135727) on Monday April 25, 2011 @11:12AM (#35929462) Homepage

    "Law enforcement officials say the case is a cautionary tale."

    The summary is a perfectly accurate representation of how the police/statist spokespeople are spinning this, and of course the mass media just regurgitates it verbatim. But that is totally the wrong point to take from this. It's a cautionary tale, all right -- of the horrifying real-life consequences of our brain-addled priorities towards pornography. And the result is they'll want to make it illegal to share our Internet and information access with fellow citizens. Pretty outrageous.

  • by Anonymous Coward on Monday April 25, 2011 @11:13AM (#35929468)

    ... but it's the police who need to learn.

    Maybe we don't need to send SWAT teams in to arrest people unless there is specific evidence that the person being arrested is armed and violent?

    Maybe what passes for "probable cause" is a joke these days?

  • by spikenerd (642677) on Monday April 25, 2011 @11:13AM (#35929474)

    Law enforcement officials say the case is a cautionary tale

    Indeed, this should be a cautionary tale: obtain better evidence before you make an arrest. Surely there is some kind of penalty in our well-designed system for such sloppiness on the part of law-enforcement. Surely our freedoms have built-in protections. Surely we do not need to respond to attempts by law-enforcement to try to scare us into using encryption if we don't want to ...right?

    • by dcollins (135727) on Monday April 25, 2011 @11:25AM (#35929628) Homepage

      "Surely there is some kind of penalty in our well-designed system for such sloppiness on the part of law-enforcement."

      Almost exactly the opposite. Thee days, there's quite a bit of aggravation aimed at (a) partial immunity for law enforcement, and (b) complete immunity for prosecutors. (Of which the latter often blankets and protects the former.)

      • by Skidborg (1585365)
        Sometimes it makes one wish for the biblical days when a false prosecution would get the prosecutor punished for the crime that the accused was charged with...
    • I think the actual title to this story should be "Bizarre Porn Raid Underscores Utter Lack of Investigative Work".
  • How ridiculous. (Score:4, Insightful)

    by ErikZ (55491) * on Monday April 25, 2011 @11:15AM (#35929494)

    My advice would be "No one password protect your router"

    Then all your concerns about the federal government snooping in on your internet traffic become moot.

    Having everyone password protect their router gives the state more power over you.

  • by fak3r (917687) on Monday April 25, 2011 @11:16AM (#35929498) Homepage
    Why don't you have a seat over there? ... What were you thinking?
  • by PlusFiveTroll (754249) on Monday April 25, 2011 @11:19AM (#35929540) Homepage

    Just using a password isn't safe either. I 'cracked' my own home router that was running WEP encryption in about 5 minutes using a live-cd distribution for that purpose. I've made sure that everything is on WPA2 now, but very few home users are going to know the difference between encryption types.

    It's not just wireless that presents problems like this. If your computer or router gets cracked and starts routing illicit traffic for third parties the exact same thing in the article can occur.

  • by Super Dave Osbourne (688888) on Monday April 25, 2011 @11:20AM (#35929554)
    you will be cited for not locking your door, on your car, house or modem/router. The problem is all will be penalized in this stupid police state called America, the home of the 'free' where that means free to take the liberties of the huddled stupid masses. Dumb the population down via poor education and what do you get, a bunch of sheaple willing to be taxed to death and afraid to do anything about it. Get what you deserve here, sadly this country is hopeless until a very blood revolution and a system pride by education occurs.
  • Remember... (Score:5, Insightful)

    by Anonymous Coward on Monday April 25, 2011 @11:22AM (#35929578)

    Remember when SWAT teams were only used on violent offenders in situations that were expected to get excessively violent?

    Unfortunately, I don't, I was only born in the 80s. I know SWAT teams as being used for everyday arrests and serving warrants, most often by busting down doors of family homes in the dark and shooting people's pets (like the DC area mayor who's dog was shot in the back as it ran away from police during a raid for a crime police had strong evidence he didn't commit but set him up for anyway). No police force needs APCs. Nor should the first line of investigation involve Afghanistan-style street warfare. And where's the police force policing these out of control police forces?

  • by MarkvW (1037596) on Monday April 25, 2011 @11:38AM (#35929796)

    The Feds could readily determine that the router was unsecured. That means that anybody within a certain radius of the computer could have downloaded the picture.

    Probable cause means facts and circumstances that would cause a person of reasonable prudence to believe that the computer in the house that was searched was used to download criminal material or used to store criminal material.

    The router is evidence of a crime. It is the device used to get the criminal material. The feds had a legit reason for the search and seizure of the router.

    The problem that I have is that the ICE agents behaved like pigs--complete pigs--with respect to the man whose home they invaded. They had facts sufficient to know that they had no probable cause to believe that the man they threw on the ground had done anything wrong. They were under no threat, yet they assaulted him for no good reason.

  • If securing wifi becomes mainstream and hackers start producing tools to crack common wifi entry points, it would be much harder to explain away an intrusion if your network is password protected than if it is not.

    My only real concern would be with bandwidth consumption and there are a lot of teens in my neighborhood I could see streaming like fiends.

  • by SoTerrified (660807) on Monday April 25, 2011 @11:47AM (#35929914)

    I have lived in my neighborhood for several years. Within my home detection range, I have access to nearly a dozen wireless hotspots. A few are open. A few use WEP. Two use WPA. A few use WPA2. In the course of my experimenting with wireless security and man in the middle attacks, I have gained access to all of them. The hardest one to crack forced me to set up a dedicated laptop for a week. Now, I'm just a computer guy with an interest in security. I tried just to see what could be done and to gain a better understanding. But the tools I used and the knowledge I have are available to virtually anyone. I'm far from some 'super-hacker'. My point is that if I were a pornographer, none of these would be secure enough to stop me. And yet the police are trying to spin this that somehow the homeowner who was wrongfully arrested was at fault for some security lack on his part. Ridiculous. It's obvious that the police didn't have enough information to justify the raid, and they are just covering that up. Can you imagine the police doing a major raid on your house, doing property damage, seizing your assets, etc. then being told "Hey, you have the same initials as the guy we're really after. We really didn't know enough to figure out if it was you or not, but we figured what the heck, we'd raid you anyway."

    • You better be careful doing that kind of thing. People have been convicted for that kind of experimentation, even when they caused no harm. It is illegal to 'access without permission' someone else's computer. That's how it is, as unfortunate as it may be.
  • by nedlohs (1335013) on Monday April 25, 2011 @11:51AM (#35929984)

    Downloading child pornography doesn't seem to be a violent crime to me. Why did they need to send a SWAT style raid rather than knocking on the door with a warrant? Did the guy have a history of violent crime?

    Aggresive raids get people killed - both the people being raided (e.g. http://www.washingtonpost.com/wp-dyn/content/article/2006/01/26/AR2006012602136.html [washingtonpost.com]) and the police doing the raid (e.g. http://amarillo.com/stories/112201/tex_firedfor.shtml [amarillo.com] - note that was a raid of someone who owned a lot of guns, but the police did manage to fire 369 shots killing one of their own while the guy being raided did not touch a gun let alone fire a single shot).

    For suspects of non-violent crimes (and downloading/viewing child pornography is not more violent than downloading/viewing videos of an assault - that the production of the pornography involves violence is irrelevant) and even for convicted non-violent criminals "kicck the door down and point guns at everyone" raids are only going to increase the risk of death and injury.

  • by hoggoth (414195) on Monday April 25, 2011 @12:09PM (#35930262) Journal

    > Lying on his family room floor with assault weapons trained on him...
    > Law enforcement officials say the case is a cautionary tale. Their advice: Password-protect your wireless router.

    I have some advice for law enforcement. Don't treat someone suspected of a non-violent crime as an excuse to play with all the new weapons you just got budget for. Things go wrong. People end up dead. Read http://reason.com/archives/2007/07/02/our-militarized-police-departm [reason.com] or http://www.cato.org/pub_display.php?pub_id=6476 [cato.org] or Google for "Paramilitary raids", "militarized police".

"If I do not want others to quote me, I do not speak." -- Phil Wayne

Working...