Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
The Courts Government Censorship News Your Rights Online

Kiddie Porn - The Virus Did It 610

The New York Times reports on a British man who was accused of downloading child pornography, and who successfully convinced the court that a virus did it. This is at least the second time this has happened. These cases are extremely interesting since they bring together all sorts of issues of computerized agents - who is actually responsible when your computer does something?
This discussion has been archived. No new comments can be posted.

Kiddie Porn - The Virus Did It

Comments Filter:
  • Virus? (Score:5, Funny)

    by Renraku ( 518261 ) on Monday August 11, 2003 @06:07AM (#6664119) Homepage
    "It wasn't my fault, Officer. Honest, the video said it was Terminator 3 when I downloaded it!"

    "The evil hacker even took the time to arrange and sort those pictures by series!"
    • Re:Virus? (Score:5, Informative)

      by another_henry ( 570767 ) <slashdot&henryhallam,cjb,net> on Monday August 11, 2003 @08:11AM (#6664748) Homepage
      Being a close friend of the the man's son, Alex Green, I can attest that his story is true - but there is more to it than that. Mr Green's older daughter (14 at the time, I think) had a vendetta against him for several years. She was the one who reported it to the police, and most of the Green family believe she put the porn on there to incriminate him. Of course Mr Green wouldn't testify against his own daughter, although he doesn't consider her a daughter any more...
      • Re:Virus? (Score:3, Interesting)

        by KronicD ( 568558 )

        There are lots of issues to consider here, firstly the daughter claim... his daughter may have had a vendetta against him because he molested her, or she knew that he was commiting acts against children and just wanted him to get what was coming to him. Who knows...

        also the other thing to consider (and i have some experience in this) when i was getting started in computers and did some stupid things (bruteforcing passwords from my own system), i always ran a copy of BO on my own pc, so i could blame "the

        • by virg_mattes ( 230616 ) on Monday August 11, 2003 @08:50AM (#6664986)
          > There are lots of issues to consider here, firstly the daughter claim... his daughter may have had a vendetta against him because he molested her, or she knew that he was commiting acts against children and just wanted him to get what was coming to him. Who knows...

          To be blunt, who cares? If she was molested, she should accuse him of that. If she has reason to believe he's molesting other children, let her present that evidence. Framing him for a crime he didn't commit is never right, even if he committed some other crime.

          > also the other thing to consider (and i have some experience in this) when i was getting started in computers and did some stupid things (bruteforcing passwords from my own system), i always ran a copy of BO on my own pc, so i could blame "the evil hackers" if it came down to it. Possibly he was doing the same thing with much more sinister acts.

          Sorry, but "possibly" doesn't do in a court of law. Sure it's possible he set up an alibi, but if there's not sufficient evidence that he did it's not the court's right to assume guilt. That's how "beyond a reasonable doubt" works.

          Virg
        • Re:Virus? (Score:4, Insightful)

          by Alsee ( 515537 ) on Monday August 11, 2003 @06:24PM (#6670742) Homepage
          his daughter may have had a vendetta against him because he molested her

          Maybe he molested his daughter?? Maybe he was commiting acts against children?? You just pulled those MAYBEs out of your ass! There wasn't a single word in the article to suggest any such thing.

          You're on a fucking Which Hunt!

          Pardon my languge. I don't generally write gratutious profanity on my posts, but I am completely flabberghasted that someone would just make up such things and essentially call the prosecution negligent for not locking him up.

          so i could blame "the evil hackers" if it came down to it. Possibly he was doing the same thing with much more sinister acts.

          POSSIBLY. Yeah, we better convict him because it's POSSIBLE he's guilty! Why waste time trying to proove he's guilty? We Must Protect the Children! KIDDY PORN! KIDDY PORN! We must convict this pervert! Even if he's innocent! Yeah, that's it! We need to convict him especially if he's innocent! We need to send a message to those perverts!

          -
  • From Star Tribune (Score:5, Interesting)

    by 2674 ( 661934 ) on Monday August 11, 2003 @06:09AM (#6664126)
    One evening late in 2001, Julian Green's 7-year-old daughter came upstairs from the computer room of their house in the resort town of Torquay, in western England, and said, "The home page has changed, and it's something not very nice."

    When Green checked the family PC, he found that it seemed almost possessed. The Internet home page had been switched so that the computer displayed a child pornography site when the browser software started up. Even if he turned the computer off, it would turn itself back on and dial the Internet on its own.

    Green called the manufacturer and followed instructions to return his PC to a G-rated condition. The porn went away, but the computer still often crashed and kept connecting to the Internet even when "there was no one in the blinking house," he said.

    But Green's problems were only beginning. Last October, police knocked on his door, searched his house and seized his computer. They found no sign of pornography in his house but discovered 172 images of child porn on the computer's hard drive. They arrested Green.

    This month, Green was acquitted in Exeter Crown Court after arguing that the material had been gathered without his knowledge by a rogue program created by hackers -- a so-called Trojan horse -- that had infected his PC, probably during innocent Internet surfing. Green, 45, is one of the first people to use this defense successfully.

    While a case that played out in the British legal system sets no precedent in the United States, legal experts say the technical issues raise two troubling possibilities. For one, actual child pornographers could arm themselves with a new alibi that would be difficult to disprove. Or, unknowing Web surfers could find themselves charged with possessing illegal material that a lurking software program has acquired.

    "The scary thing is not that the defense might work," said Mark Rasch, a former federal computer crime prosecutor. "The scary thing is that the defense might be right," and that hijacked computers could be turned to an illegal purpose without the owner's knowledge or consent.

    "The nightmare scenario," Rasch said, "is somebody might go to jail for something he didn't do because he was set up."

    Green was eventually exonerated, and he said he had no clue how the rogue software showed up on his computer. "I never download anything, and as far as I knew, no others had," he said.

    When his solicitor, Chris Bittlestone, hired a computer security consultant to examine the PC, nearly a dozen Trojan horse programs showed up on the hard drive.

    "When the report came in, it was very much what you would call a eureka moment," Bittlestone said. But Green took the news differently.

    "He was very quiet and said, 'See? I told you,' " Bittlestone recalled.

    "There's some little sicko out there who's doing this," Green said, "and he's ruined my life. I've got to fight to get everything back."

    Green's case could point the way to a new defense in U.S. courts , said Andrew Grosso, a lawyer and former federal prosecutor. The presence of a Trojan could mean that the computer is "not entirely under your control," he said, and a defendant could "legitimately point a finger elsewhere."

    • Re:From Star Tribune (Score:5, Informative)

      by gujo-odori ( 473191 ) on Monday August 11, 2003 @06:25AM (#6664201)
      As a former abuse admin at an ISP, I actually find his story pretty plausible. It's been common for a couple of years now for Outlook/Outlook Express worms to have their own SMTP engine for propagating themselves. "Special viewers" from "free" pr0n sites that disconnect a dialup connection and dial back to a 900 number or similar in an offshore location have been around since the early days of the commercial Internet. They're apparently a huge problem in Japan, because Japanese long distance companies were for a long time (and could still be) including warnings about that scam along with their bills.

      There are countless varieties of peer-to-peer networking programs out there. Lots of spyware, too.

      In other words, all the technology to create a worm that will, upon installing itself, set up to dial the Internet, harvest child pornography, and make it available to other zombies with the same program, is already on the shelf. All some sicko has to do is assemble it and release it in the wild. I find it entirely plausible that someone already has. Very disturbing, but plausible.
      • Re:From Star Tribune (Score:5, Interesting)

        by Molina the Bofh ( 99621 ) on Monday August 11, 2003 @09:44AM (#6665437) Homepage
        Another possibility I see is that the cracker was using stolen credit cards to access these sites,or doing other risky operations.

        The cracker would do it from a remote (hacked) machine to avoid being traced.

        In this scenario, it was not a set up with the intent to fuck his life. Green would just be used.

        Another question that comes to my mind. According to the article, it was a family's PC. Supposedly, mom, dad and their daughter would use it. So why did they choose Mr. Green to be arrested ?

        What if it was their daughter ? Or even mommy ?

        Just because most sexual offenders are male ?

  • Whoever caused it to (Score:3, Interesting)

    by PyroMosh ( 287149 ) on Monday August 11, 2003 @06:10AM (#6664130) Homepage
    I would think that whoever caused the computer to act would be ultimatly responsable. If that someone wrote the OS with malicious code, then whoever wrote the OS. If that someone was a malicious remote user, than the remote user, and if that someone is the PC's owner, then the owner.

    The trick is prooving who caused the effect. It's not as simple as prooving who was behind the wheel of a car.
    • and, for sure, that's an old concept: "nihil esse sine ratione" (Leibniz), nothing exists without a cause/reason behind it. If a trojan opens your box to the general public, and you do not have the ressources to locate that problem, then it's NOT your fault. Others did bad things with your property. It's like strangers having a orgy in your house while you're not there...of course, remembering to lock the door on your house is probably easier than to knowing how to secure your PC.
    • by Kjella ( 173770 )
      The driver rams into someone because his brakes don't work. Did

      A) The repairman screw up on last check-up
      B) Someone rig the brakes
      C) He did it himself

      However, going back to the "motive, means and opportunity", a car driver would hardly have much incentive to be in an accident. In this case however, you would because it would be a "get out of jail free" card. It's as if you happened to ram down a pedestrian that you had a motive to kill. Is that any evidence of who rigged the brakes? Nope, it could be just
    • From the article:

      "I know my son had a look at some iffy sites," he said. "He's a teenager."

      I know who I'd question first.

  • Reg Free Link (Score:5, Informative)

    by FannyMinstrel ( 656700 ) <windminstrel@@@mainecoon...net> on Monday August 11, 2003 @06:10AM (#6664132)
    Here [nytimes.com]
  • responsibility (Score:4, Interesting)

    by mirko ( 198274 ) on Monday August 11, 2003 @06:11AM (#6664136) Journal
    who is actually responsible when your computer does something?

    If it's passively, this could either be the user's or the software architect's fault (if some OS's security hole allow one to get into trouble).
    This could also be due to the ISP's neglect.

    if it's actively, the answer should be the same but now, the problem is that we (as in "the consumers") would have to argue about this against some ISP's or worse, against a software editor's lawyer, in which case, we don't weight enough not to be in trouble.

    concerning the present situation, I'd be somehow concerned if I learnt that like my ISP, my OS was actually logging whichever off my actions in order to prove the Law how bad I am actually behaving...
    • Re:responsibility (Score:4, Insightful)

      by Renraku ( 518261 ) on Monday August 11, 2003 @06:16AM (#6664164) Homepage
      ISPs aren't at fault because they provide the connection. Upstream and downstream. They do not guarentee that its contents will be safe. That's what firewalls are for. Microsft or some OS company might/should be partially liable (maybe aiding/abetting?) if there's a well-known software hole that allowed the attackers to gain access to a computer even while the user is taking precautions to prevent that kind of thing. Especially since the user was hassled this much. People are probably going to say it was his fault for installing the trojans, but going to jail for a kiddie-pr0n charge isn't quite the acceptable punishment for computer illiteracy.. Maybe having his HDD formated, but not prison time.
    • The problem is, it's all to easy to fake any of your situations. You could create an equivalent of a "honey-pot" PC, knowing that any actions that take place on it can be explained away.
  • Newsgroups... (Score:5, Interesting)

    by Anonymous Coward on Monday August 11, 2003 @06:11AM (#6664138)
    Many of the common adult newsgroups are polluted by paedophile images sent by hard-core porn sites. It's a serious problem because it means that the majority of newsnet-carrying ISPs and servers are actually carrying large amounts of kiddie porn.
    • Re:Newsgroups... (Score:5, Interesting)

      by glesga_kiss ( 596639 ) on Monday August 11, 2003 @06:36AM (#6664245)
      Many of the common adult newsgroups are polluted by paedophile images sent by hard-core porn sites.

      It's reassuring to me that someone else has noticed this. A friend suggested to me that I checked out the pr0n on usenet, which I did (and found some good stuff). However, I combined & decoded several series of files, one of which turned out to be kiddie filth. In my 10+ years of internet use, I've never actually stumbled across any before.

      In a panic (kiddie crap is a serious mess-up-your-life thing here in the UK, the media love the sales it produces), I deleted the images and removed the newsgroup cache file, never to get filth from usenet again. I was still paranoid that night at every knock of the door though. It's not too much to think that the police might be monitoring the ISP's newsserver, logging IPs against post viewing.

      The same problem could exist in any net technology, where you might not get a preview prior to download.

      This is a truly serious issue. Most of the folk here could fake this either way, to set someone up, or cover your own tracks. I was once asked by a lawyer to brief him on what is possible regarding date-stamps on files. My advice was that anyone who knows what they are doing can create any "evidence" they want in the digital realm. This will become a serious problem for many of our court systems, as they focus on hard evidence. Soon, digital evidence may be regarded as weak as eyewitness reports.

      • Re:Newsgroups... (Score:5, Interesting)

        by gillbates ( 106458 ) on Monday August 11, 2003 @08:17AM (#6664789) Homepage Journal
        My advice was that anyone who knows what they are doing can create any "evidence" they want in the digital realm. This will become a serious problem for many of our court systems, as they focus on hard evidence. Soon, digital evidence may be regarded as weak as eyewitness reports. [emphasis mine]

        Hopefully, this will happen sooner, rather later. By far, the biggest problem I see with our society's dependence on computers is that they believe that computers are infallible. Most people are unaware of the ease with which a hacker could frame a person, leaving behind no evidence of his activities.

        IIRC, several years ago a man was almost convicted of embezzling based on a series of computer printouts in which the framer had altered the date and time stamps on the printed reports in order to show "evidence" of embezzlement. Fortunately for the defendant, the police had ripped the printouts out of the printer in a roughshod manner, and managed to pick up the first page of a subsequent report, which showed the correct date and time in the header. Had this not happened, this man would have been sent to jail for a crime that someone else committed.

  • Head cold? (Score:3, Funny)

    by danormsby ( 529805 ) on Monday August 11, 2003 @06:12AM (#6664141) Homepage
    So the tissues by the keyboard were because you had a virus?
  • by Anonymous Coward on Monday August 11, 2003 @06:13AM (#6664151)
    Roughly twenty years ago it was hyperbole for the Dead Kennedys to "sing" about things like this. I forgot which song it was, and you have to remember the culture was more conservative in some ways twenty-odd years ago, but the words went like this:

    Pissed at your neighbor?
    Don't bother to nag.
    Pick up the phone.
    Turn in a fag.


    Well add about a million times as many transistors and just a little bit extra effort on the part of the spiteful neighbor, and change the setup, and bingo--instant permanent damage to the private citizen you hate, for whatever reason!
    • by Kjella ( 173770 ) on Monday August 11, 2003 @07:57AM (#6664669) Homepage
      If I was seriously out to get someone I could do a much better job than this, and so could you.

      1. Get him infected with a trojan. Just send him shit on email (from free accounts), icq, irc, latest windows exploits and whatever until you find something his antivirus doesn't bite on.
      2. Drop him a shitload of illegal stuff. As techies, I'm sure you'd be able to find it, it's just that we don't *want* to. Maybe even download it directly to him through the trojan, keeping yourself completely clean. If he gets logged downloading it, all the better.
      3. Jerryrig the dates, to make it seem as if they've been collected over extended period of time, accessed repeatedly etc.
      4. Uninstall the trojan. Give him a total clean-up and remove any over shit he might have happened to have too.
      5. Tip the cops. Payphone, anonymous note, whatever. Anything untracable.

      OTOH, his life is pretty damn screwed already (even if you get aquitted, everyone will still wonder... did he *really* do it or not). This is if you want someone really thrown in jail and lose the key. Maybe I shouldn't give anyone the idea, but at the same time it might also get people to actually *care* about their security.

      Kjella
  • by Phekko ( 619272 ) on Monday August 11, 2003 @06:14AM (#6664155)
    the law in Finland (IANAL, but still) says "if you know or SHOULD know..." I believe this one falls under the "should know" category.

    Now that we're on this topic, though, does anyone know where to get a virus that downloads high quality images of nubile women with scant clothing who are of legal age?
    • Clearly having intent to do something makes you responsible.

      Knowing also makes you responsible, depending on what you knew.

      Ought to have known, or what a reasonable person knows is different.
      Reasonable people may have a very limited understanding of a computer, which means they could possibly not have any understanding of what it does, as opposed to a computer geek who probaly does. This is why it is a jury of your peers, so they can form an opinion as to what you should and should not be aware of.

      I reme
  • by AndroidCat ( 229562 ) on Monday August 11, 2003 @06:16AM (#6664165) Homepage
    There are spammers/pr0no pages that try to get you to install a "porn downloader" ActiveX control. (If the security settings in IE are really bad [default?] IE might just suck it down for you.) Then it changes your Internet connection to a dial-up via an expensive (900-type or long-distance) connection. No doubt it installs various backdoors too.
  • This is probably an unfashionable idea, but the problem appears to be more that law enforcement agencies are treating child porn as an easy way to increase their scores. In truth there is probably little basis for treating downloading of child porn as "criminal behaviour", although the making and selling of it is most definitely so. I'm not defending child porn, but it's entirely possible that it represents for many would-be child molesters, an alternative way of satisfying their unhealthy sexual tendencies.
    Aggressive policing against people who have (for whatever reason, and there may be many, both innocent and less so) child porn on their computers is counter-productive. It does not protect children, it does not prevent child abuse, it does not catch the real exploiters, but it does create grief for many people who have done little more than click on the wrong button.
    Crime and punishment must be based on some kind of real moral injustice and the redressment of this. I don't think this is what we're seeing in these cases.
    • In truth there is probably little basis for treating downloading of child porn as "criminal behaviour", although the making and selling of it is most definitely so.

      This is an old and dangerous canard. Firstly, there is a mass of evidence that photos are taken to order within groups of abusers, and secondly (for sex crimes in general) those with pictures are statistically likely to go on to physical acts.

      Further, your statement that:

      It does not protect children, it does not prevent child abuse, it do

      • Statistics (Score:5, Insightful)

        by heironymouscoward ( 683461 ) <heironymouscowardNO@SPAMyahoo.com> on Monday August 11, 2003 @06:47AM (#6664298) Journal
        "those with pictures are statistically likely to go on to physical acts..."

        Do you have figures to back up this claim?

        The study of pornography and its impact on sex crimes is always highly charged, but there is a good basis for believing that free access to pornography actually reduces sexual offenses (not just against children, but of all kinds).

        And yes, there are "wrong buttons" that will download images to your PC. Someone else here mentioned that Newsnet is regularly spammed with child porn.

        Criminals should be punished, no doubt about it. But witch-hunts are never productive. You think you are catching the real crooks? You're not. In fact, you're driving the sale and distribution of child porn underground, causing it to become harder and more violent.

        Pushing even an obnoxious trade into the hards of real criminal networks is not wise: you may get that rosy feeling of 'doing good', but the cost is paid by huge numbers of new victims in far-off places.
        • by Kjella ( 173770 ) on Monday August 11, 2003 @09:01AM (#6665069) Homepage
          "those with pictures are statistically likely to go on to physical acts..."

          Do you have figures to back up this claim?


          In other news, people looking at gay porn tend to have gay sex, and people looking at straight porn tend to have straight sex. Scientists are shocked.

          The statistical question is: "Would there be more or less people commit child abuse if child porn was freely available?" This decomposes into two questions:

          A-1. How many current abusers would be sufficently satisfied with only looking at child porn, had it been easy available in great quantity (reducing abuse)?

          A-2. How many people that otherwise wouldn't have abused children get so inspired by child porn that they choose to abuse children (increasing abuse)?

          Note that there are two groups that are simply irrelevant to this question:

          B-1. Those who would abuse children, porn or no porn
          B-2. Those who wouldn't abuse children, porn or no porn.

          Due to the

          a) total inability to measure this (child abuse records show A-1 and B-1, child porn arrests don't really say anything because you don't know if they're abusers or not (could be any of the four categories), or how this affects the statistical likelyhood of being arrested and so on and so on).
          b) the incentives to not answer truthfully (Me? Commit child abuse? Never! Never, I tell you!)
          c) the inability to answer truthfully (no I wouldn't do that even if I looked at child porn... would I?)

          I don't think we'll ever get a solid statistical answer to this question out of police records, censuses and other second-hand data. It would require an "Eye of God" view to get the real data.

          And running a controlled experiment? Yeah right. For one it'd have to ensure that those that shouldn't have porn don't have it, which would require detailed personal surveilance. And at the same time, if they wanted to abuse children they'd have the opportunity to do so (and if they were abstaining from it because they were being surveilanced, the entire experiment is down the shitter. OTOH, if they knew they would get away with it for the same reason, it'd also wreck the correctness). Not to mention the idea of letting children knowingly be abused in the first place.

          To summarize, you simply won't get a good statistical answer to this. Ever.

          Kjella
          • "people looking at gay porn tend to have gay sex, and people looking at straight porn tend to have straight sex."

            You surely meant to say: people who have straight sex prefer straight porn, and people who have gay sex prefer gay porn. People are simply not "converted" by porn. Sorry.

            By the way, you might be interested to learn that lesbians prefer gay male porn. This pretty much answers the question of whether the porn is a cause or an effect. (Clue: it's not a cause.)
          • An interesting point this brings up. Do we convict people based on statistics now (well, yeah, of course, but let's play dumb for a bit and pretend the system is perfect)?

            Are KKK ideals wrong?

            One might say, "Yes, they foster hatred which in turn causes action in many people." But is the idea wrong or the action?

            Kiddie porn is made by real people. These people should be reformed, or just locked up or otherwise restricted if necessary (notice I didn't use the word punish -- personal belief system at wor
      • by G-funk ( 22712 ) <josh@gfunk007.com> on Monday August 11, 2003 @07:28AM (#6664490) Homepage Journal
        Finally, do you really think that there is a 'wrong button' out there that will dl large numbers of images on to your machine? If so, imo, you're some kind of fool.

        You're an idiot. I've downloaded tons of kiddie pr0n by accident because some fucker mislabels his posts, or posts to newsgroups meant strictly for over 18 models. You never know what it is till you download it these days. Not to mention the dickheads on P2P networks who get their jollies by mislabeling anything from trojans to viruses to child / animal porno as something somebody would actually download.
      • by JaredOfEuropa ( 526365 ) on Monday August 11, 2003 @07:32AM (#6664516) Journal
        Firstly, there is a mass of evidence that photos are taken to order within groups of abusers

        This is the argument often used by those that want to throw the book at buyers/downloaders of child pornography. Some of them would even agree that looking at such pictures in itself is not a bad thing, but going after 'users' of kiddy porn results in a diminished demand for such stuff, and as a result less children are abused. (Not my argument, but this is the line of reasoning often quoted). However, the fact that 'consumers' of child pornography create a market for such material, does not automatically make the act of looking at or posessing the material a crime.

        those with pictures are statistically likely to go on to physical acts

        That is a very dangerous statement for two reasons:
        1) If people who look at these pictures are more likely to go on to physical acts... is that because of the pictures, or did they have the tendency anyway? In the latter case, giving them such pictures might actually help getting them their fix, so that they will not go on to the physical act.
        2) If colored people are statistically more likely to commit crimes (disclaimer: this is just an example which I picked because it's a widely held stereotype). Does that mean we should pre-emptively go and arrest them all? Propensity to commit a criminal act is not a crime! Besides, just like in the example I gave, the propensity to commit the crime isn't even proven... it's just a statistical correlation.
        Too right this sort of thing should be followed up. It will protect children.

        It should be followed up, but it must not turn into a witchhunt. Too bad that these days it seems that when it comes to our rights and due process, anything goes when 'the safety of our children' might be involved.
      • ...deliberately dled kid porn - which is clearly the majority of people with kp on their machines

        This is a serious issue. It does absolutely no one any good when people like you make up bullshit facts to prop up your dubious point of view.

        Lots of people who enjoy legitimate porn view it offline. E.G. - they suck entire newsgroups to their local computer. Only later do they peruse what they have. Perhaps much later. Perhaps never. What if someone injected some kiddie porn into the newsgroup? How do
      • by Hoi Polloi ( 522990 ) on Monday August 11, 2003 @10:29AM (#6665947) Journal
        "It will protect children."

        If kids never got molested before the invention of photgraphy I'd believe you. Also, most kids are molested by relatives or friends of the family who don't need pictures to see little kids in bathing suits, etc.
    • You are wrong for one very important reason.

      You are presuming that downloading/buying child porn is a victimless crime like say growing weed. Quite how you seem to arrive at this conclusion is a bit of a mysterie to me.

      Anyway there recently was a case against an american who run a huge hosting network for the purpose of selling childporn. I forgot the names involved and googling for "child porn" is not that enjoyable. He was sentened to over a 1000 years. What however apperently a lot of people saw was th

      • There are now a great number of sites hosted and created in russia that make and sell child porn to western customers (since they are the ones who got the money). Childeren are being molested raped and killed to generate these images. This is being done because people are willing to pay for them. Wipe out the customers and the suppliers will go away.

        I'm not sure, but by "downloading" the parent poster might have meant getting the porn from IRC, FTP, newsgroups, or P2P networks. These are all known to be
    • I pretty much agree.

      Possession of an illegal copy of something does not encourage its production. Just ask the RIAA. ;-)

      Seriously, though. If enforcement eliminated the sources of revenue for child porn (actually paying for it and placing ads with it) then there wouldn't be money to exploit the childen with.

      The problem with trying to enforce on the basis of possession is that a typical desktop owner can easily be shown to be unaware of vast portions of their hard drives. I'm sure expert testimony

  • by __aadhrk6380 ( 585073 ) on Monday August 11, 2003 @06:21AM (#6664186) Journal
    Did anyone check the name of the company that located the virus? Vogon International, LTD.

    I suspect the Prostetnic Vogon Geltz.
    • by laughing_badger ( 628416 ) on Monday August 11, 2003 @06:32AM (#6664232) Homepage
      Vogon are a kick-ass data recovery firm in the UK. I've used them to recover data from a couple of HVD scsi drives from an old HP workstation and they wrote code to extract the data and shipped it back on a bunch of DVD's in a couple of days. I guess that they were founded by an Adams fan.

      Didn't know that they did computer forensic work as well. Sensible, considering their other talents.

  • by RichLooker ( 556121 ) <<richard> <at> <disputable.org>> on Monday August 11, 2003 @06:22AM (#6664190)
    Joe Average is an easy victim for the countless malicious trojans floating around. Visiting a straight porn site is no crime. Being deceived by messages like "Install browser enhancement (OK/Cancel)" is no crime. I have removed countless porn-related trojans from friends' PC's. If someone wants to put kiddie porn on unsuspecting victims' computers, this is no hard task. Removing a trojan when your anti virus software detects it would be the sensible thing to do. If the trojan has downloaded contraband to your PC, it will still be there, but you have removed the proof that you didn't dowload this intentionally. I would say proving intentional downloading of child porn should be pretty hard.
  • The question is (Score:3, Insightful)

    by AbstracTus ( 576474 ) <einar@NoSpaM.binary.is> on Monday August 11, 2003 @06:28AM (#6664211) Homepage
    Can we demand that regular Joe's take responsibility for their computer, and their computers security? That is to say, should we be responsible for ensuring that others cannot access our computers and do illegal deeds with it? Now, that would require way more knowledge IT security than the regular Joe has, however it might cause the public to demand a more secure OS etc.
  • Excuse me, are we talking real child pornography here or images from those so called lolita and nymphets popups out there.

  • Valid Defense? (Score:5, Interesting)

    by CB-in-Tokyo ( 692617 ) on Monday August 11, 2003 @06:46AM (#6664295) Homepage
    I am not a lawyer (I still can't bring myself to write that abbreviation,) but if it is a valid defense in a criminal child pornography case to say I wasn't responsible for downloading it, could this not set a precedent for Civil copyright cases? Or are the RIAA's rights more compelling than that of the victims of Child pornography?

    "I was hacked. You know, ever since all the Lawsuits started happening, there has been an increase of people hacking computers to download music."

    I think a case could be made of that.
    • Re:Valid Defense? (Score:3, Insightful)

      by Jerf ( 17166 )
      could this not set a precedent for Civil copyright cases?

      There shouldn't be a precedent to be set! If somebody else uses a computer to do something, it's 100% their responsibility if that's a legal thing to do. (If they don't have permission to use that computer, they're already starting out on the wrong foot legally.) The fact that it happens to be your computer should be mostly meaningless; you didn't do anything.

      Maybe someday, when it's possible to reliably say "This computer is 100% secure", then we
  • by Kronovohr ( 145646 ) <kronovohr@@@gmail...com> on Monday August 11, 2003 @06:50AM (#6664310)
    ...I've seen this one before (by the description). When I was working on PCs for a living, an optomologist's secretary brought in her computer, which was acting "strangely" and all sorts of "foul things" were coming up on her screen. I figured something had just replaced her homepage on IE with a porn site or something like that, so I plugged the machine up and let it boot, explaining to her "well, there's some bad shit you have to look out for, but there's always worse". I was quite wrong. This was worse.

    When I fired up IE on the system, it went straight to a child pornography site that was obviously a typoed URL (freecilpart.com or something like that...don't hold me to it since my memory's terrible), and the default homepage setting was being updated constantly (like kak). This program was listening on some oddball high-numbered port.

    Since the box was inside a Novell network and wasn't exposed to the outside world (much) I figured it wasn't a normal compromise. I told her to contact the FBI over the site, and I went looking for the malware, but couldn't track it down (limited time on it, though) and wound up wiping the box clean and reinstalling Win98. She's very religious about keeping the a/v definitions updated now (:
    • A crappy situation to be in, for sure...but I wonder if you should have wiped the box? I'd have contacted the FBI, and then locked the box up until they could send for it. It's possible that the malware could've been traced to a childporn ring, or, at the very least, lead to the breakup/shutdown of some childporn sites.

      Sure, it may have inconvenienced the office, but I think a higher purpose could've been served here.

      At the very least, you could make a disk image to give them, instead of the full computer
  • by banana fiend ( 611664 ) on Monday August 11, 2003 @06:54AM (#6664324)
    If people can throw their hands in the air and say "The trojan did it", then the law will change to catch the paedophiles who are using it as an excuse.

    If it becomes popular to do so, and easy to get off if that is the case (and it seems like it might be, I'd hate to have a court disbelieve me if a trojan downloaded kiddie porn to my computer) - then who gets the blame?

    This might lend some power to the palladium protocol (nothing's impregnable, but the guff is pretty air-tight) - "get rid of all viruses and trojans" - can now be replaced with "protect your children from being brutalized and their pictures sold to sickos all over the world while you rot in jail forever"?

  • by WalterSobchak ( 193686 ) on Monday August 11, 2003 @07:01AM (#6664348) Homepage Journal
    Technical issues aside, there can only be one advice: If confronted with any kind of child pornography, or even being offered such - inform the cops.
    This kind of stuff is illegal in almost any jurisdiction worldwide, and it is immoral by all but the sickest standards. There is also no argument that children are exploitet for this, and suffering from it.
    Chase spammers for fun all day, more power to you! But do not collect evidence on child porn, leave that to professionals.
    And again, in most jurisdictions, law enforcement _will_ act on your tip.

    Alex

    • And just what is Joe Schmoe cop suppoesed to do? Write down the internet address? They are more apt to arrest you for having kiddie porn on computer. They are mostly a technology handicaped bunch. If you were to inform someone, inform your ISP's abuse department or if you must inform the authorities contact the FBI. But remember that you are taking your freedom into your own hands. It seems like the "law enforcement" agencies are always on a witch hunt and don't care who they hurt in order to further their
  • by SmallFurryCreature ( 593017 ) on Monday August 11, 2003 @07:06AM (#6664369) Journal
    So, anyone here skilled enough to write a trojan that
    1. automatically installs kazaa
    2. Generates semi randomly a list of music to download.
    3. Sorts the music into directorys sorta like most of us do by default.
    4. Set all file creation times and accesstimes to a random date
    5. Hides itself a bit so you can claim "I didn't know it was there"

    Anyone then faced with an RIAA lawsuit can just accidently install it and claim that the virus did it. Am I missing something here? And why isn't there any mention of wich virus did it?

    • Anyone then faced with an RIAA lawsuit can just accidently install it and claim that the virus did it. Am I missing something here?

      Yes you are. In criminal cases, the prosecution must prove their case beyond the shadow of doubt. In civil cases, like the RIAA's lawsuits, the plaintiff must only prove their case "based on a balance of probabilities", which means that they only need to prove their case to a 50.1% certainty.

      It is unlikely that a jury will find that it was 50.1% likely that a virus downl

  • Next defence? (Score:3, Interesting)

    by little1973 ( 467075 ) on Monday August 11, 2003 @07:06AM (#6664370)
    The computers of the future will be capable of rendering a picture indistinguishable from a real one. In this case no real harm is done to anybody by making such a picture. So, the defendant will claim he/she just rendered those pictures. Can anyone be arrested for rendering a picture?
  • Culpability (Score:5, Insightful)

    by The Famous Brett Wat ( 12688 ) on Monday August 11, 2003 @07:17AM (#6664433) Homepage Journal
    I didn't RTFNYTA. Even so, this is Slashdot, and I need not care much about that.

    The question of culpability for the actions of a computer is going to become increasingly interesting. Spammers and other miscreants are getting more brazen about the use of third party computers by which to make mischief. I'm not saying that it's a new concept -- far from it -- only that the audacity factor is going up. Dealers in kiddie porn and other widely-considered-bad things may start to see third party computers as a safe medium for their wares; a good way to cover their tracks.

    It seems unfair for a person with a virus-infected computer to be accountable (even in part) for the actions of a malicious third party who takes control of that computer without the owner's knowledge. On the other hand, it's risky to let them off the hook for it: genuinely culpable parties may install a virus on their own system as a legal defense measure! And if the owner of the computer were nailed for the actions of their computer, could they then sue some software or hardware vendor for enabling a malicious third party to use their computer without authorisation, thus exposing them to this risk? Presumably the end user doesn't haven't much of a case against the Internet Service Provider: I would expect the ISP to be offering a network service, leaving it up to you and your equipment as to what use is made of that service.

    The real problem here, as I see it, is that we want to discourage systems which facilitate abuse by evading accountability. The real culprit -- the malicious third party who uses the computer as a zombie slave to get up to no good -- is safely hidden from accountability through anonymity. The owner of the equipment is deemed not culpable on the basis of inability to know or do anything about it. The owners of the network infrastructure are just providing the advertised service, and should be thought of as common carriers. The owner of the software which enables the virus, well, no software authors seem to want to be held accountable for their software either, and that's somewhat understandable.

    But if we don't come up with some strategy for discouraging systems which facilitate abuse by third parties, the natural consequence will be an increase in unpolicable lawlessness. To complicate matters, insecure systems are already pervasive, so it's hard to know where to start. Who do we put the pressure on? I didn't RTFA, as I said (don't read NYT's website on principle), so I don't know what conclusions were drawn. It strikes me that perhaps we need to start holding the end user accountable for the mischief of their system if they don't take reasonable precautions to prevent it, such as using anti-virus software, or keeping modestly up to date with security patches. Maybe we can also hold commercial software/hardware sellers accountable to do their fair share in selling a merchantable product, with particular reference to reasonable standards of safety, and working as advertised. In the case of OEM-installed operating systems, it's probably the OEM that should foot the bill, as the seller of the product. Penalties should be relative to the cost of the product.

    I'm not suggesting that these ideas ought to be implemented, but we ought to think about them. What seems fair and would have the desired impact? Most end users aren't aware how unsafe the Internet is, with regards to this kind of abuse, and they should be educated about it, or protected from it. Computer manufacturers are selling computers as internet-ready but by and large they are selling an unsafe product. Selling a machine bundled with anti-virus protection might be sufficient to make the product "safe", from a merchantability perspective. Removing (or not providing) Internet functionality would also protect the manufacturer from Internet-related issues. Providing clear warning material on the dangers of connecting to the Internet might also be sufficient ass-cover.

    Stuff to ponder. And note that I didn't rant about Microsoft Windows, despite opportunity and motive.

  • by mabhatter654 ( 561290 ) on Monday August 11, 2003 @07:25AM (#6664478)
    If it's the case that you are responsible for your PC contents, then shouldn't programs like the famous Gator be considered illegal. It stands as the best example of a program that is downloaded to your computer under false pretenses and basicly "hacks" windows without the user's ability to easily turn it off. Downloading countless AntiVirus and AdWare software isn't the answer...someone's always finding a way around it.

    With the wild DAs making accusations, perhaps it is time to finally delcare any software that acts without the user's knowlage to be illegal hacking...whether it be Windows "phone-homes", Gator advertizing, or of course malicious virii!

    Of course I wouldn't condone hacking Gator to put inapproperate pictures on unsuspecting users' computers in any way...

  • by njan ( 606186 ) on Monday August 11, 2003 @07:49AM (#6664616) Homepage
    When I was sharing a house, we had a P-233mmx which was shared between several of the occupants, running windows 9x. After using the thing for some time, the machine began to slow down, behave oddly, and then a few other odd things started to occur; the mouse moved strangely - and then the machine started to type things. By itself. It was fairly obviously some sort of remote control program (either trojan or maliciously stuck on there by one of my housemates) - which started to do other odd things.

    Including displaying child pornography on the screen.

    The first time this happened, I had the willies scared out of me as my 14 inch monitor was suddenly filled with an image of a girl of a similar age to the size of my monitor, barely dressed, obviously looking up at a taller photographer. It petrified and disgusted me so much that for a moment I didn't move - before I promptly turned the machine off at the mains and gutted it. I couldn't work out what had caused it - and no virus software picked the thing up. Thank god it was a shared computer, or I'd have never used the net again, I think - in the following months the above happened on a monthly basis, and every now and then the bootup screen changed to an image of a fly on windows background, with the label "ISpyFly Windows {something I forget}".

    To this day, I have NO idea what the software was that caused it, but of one thing I'm certain - child pornography *can* get onto your computer without your consent or knowledge. No-one knows better than I how much paedophilia goes on online - I worked in computer forensics - but all the same, there are *two* sides to this coin, in whatever proportions they occur.

    Incidentally, if anyone's heard of the software or has any idea what it was, let me know. And no, I don't still have access to the machine. It wasn't mine anyway.
  • by marmoset ( 3738 ) on Monday August 11, 2003 @08:22AM (#6664812) Homepage Journal

    I had an interesting experience helping my cousin with his computer a few hours ago. I've done this plenty of times before, and I'm sure every computer professional has served as volunteer tech support for family members at least occasionally. The difference this time is, instead of simply doing a few quick fixes for the things that were broken/nonfunctional (which is what I usually do, in the interests of time), I actually thought long and hard about what was broken, and more importantly, how and why it got that way.

    I will state from the top that I don't intend for this to be a Windows bash session. Though it's plainly a software environment I try to avoid when it's practical to do so, I recognize that I'm a kook and that most of the rest of the world has decided otherwise. Since, like death and taxes, Win32 is omnipresent, unavoidable, and in the end always victorious, it's prudent to learn how to efficiently work with it.

    My cousin purchased a basic home system earlier this year, a modest (but powerful enough) system with Windows XP Home Edition preinstalled. It also came with Microsoft Works (which he's just starting to use for his classes) and the various and sundry shovelware that no user ever bothers to either run, nor uninstall. We live very close to each other, so we both have the same network provider -- in this town it's basically Comcast for broadband or the highway (read: craptacular dialup). He uses Yahoo as a portal page, and occasionally uses Yahoo Messenger. He likes tuning in to streaming radio, so he has dozens of stations bookmarked. And that's pretty much it -- he uses his machine for web surfing, internet radio, and the occasional short word processing or IM session.

    I stopped by today to help him with a project he's starting up and he went to log into his computer. My first clue that something was very wrong: it took forever. The interval between the time when he entered his password and when he gained full control of the machine (i.e. when the busy cursor went away and the machine finally became responsive enough for him to do anything as basic as using the cursor to launch a new application) was at least 90 seconds. This box isn't a server, he's not compiling code or serving pages or rendering frames or anything else that ought to be stealing major cycles from the foreground UI. After that eternity has passed and he finally gains control of the machine, he gets a dialog box advertising cheap university degrees. By this time, I'm all like "what the f___?!?" It seems that in my time away from mainstream (i.e. Win32) computing, something known as "Windows Messenger Service Spam [microsoft.com]" has become a serious nuisance. How goddamned evil can they get? You don't even have to open your mailbox before some lowlife jumps in your face trying to sell you merde? How fricking evil is that? I do wonder what kind of krakk kokane your software engineering staff has to be smoking for them ship an operating system that, in its default configuration, allows an unauthenticated tcp message from any random spot on the internet to display a dialog on a client workstation, but, as I mentioned earlier, that's not where I want to go today. I felt a sick feeling in my gut, realizing that there are probably millions of grandmothers out there getting these stupid things popping up in their faces all day, without the vaguest clue of how to stop them.

    After closing the messenger spam, my cousin started his browser, which happens to be IE 6. This took an extroardinarily long time. Once it came up, I noticed that he had a Yahoo toolbar underneath the standard Explorer toolbar, bristling with gewgaws, animated crap, pulsing buttons and links to, erm, "synergistic content". In addition, there was a vertical pane along the left side of the window, also Yahoo branded, also full of pulsing, flashing, irrelevant happy crap. In the middle of trying to throw up (and I do mean "throw

    • by pr0ntab ( 632466 )
      is a service that runs on top of windows rpc. That (ports 135-137) should have been blocked by your ISP! Why they are letting windows RPC traffic through to residential customers is beyond me. Don't tell me people are sharing their drives over the internet, because that's fucking retarded. Some broadband ISPs are such complete idiot farms.

      The messenger service is actually useful if all the machines on your protected net are under your control. You can send popups to people in a controlled fashion without I
    • I do wonder what kind of krakk kokane your software engineering staff has to be smoking for them ship an operating system that, in its default configuration, allows an unauthenticated tcp message from any random spot on the internet to display a dialog on a client workstation, but, as I mentioned earlier, that's not where I want to go today.

      Probably the same stuff that was being smoked near any place shipping a unix operating system - remember "talk"? The internet used to be a much calmer place. (Actuall

  • by Nucleon500 ( 628631 ) <tcfelker@example.com> on Monday August 11, 2003 @10:45AM (#6666086) Homepage
    Your computer (except at work) is your property, and you get to decide what runs on it. If someone does something bad on your property, and you didn't give them permission to do so, it's their fault. Storing kiddie porn on an infected computer isn't different from storing it in someone's garage: it's still your fault, even if they didn't lock their garage or secure their computer. So if this guy's telling the truth, he's innocent.

    The reason so many computers are so insecure is that most computer users are completely unqualified. But the solution isn't to legislate them off the net. I think computer vendors should administer a test, and if you pass, you get a discount.

    When you get auto insurance, they offer to give you a video and CD-ROM (Windows, ugh) training course, and if you pass it, you get lower premiums. Dell could do this: after all, competent users cost them less in tech support time. So all of us nerds would get cheaper hardware, and everyone else would have an incentive to learn the basics of computer use and security.

  • It's a good thing. (Score:3, Insightful)

    by neema ( 170845 ) on Monday August 11, 2003 @11:52AM (#6666840) Homepage
    I'm happy courts give leighway on arguments like this, even with the potential for abuse in mind. It's like the idea of pleading insanity, or temporary insanity. Most people don't like the idea because what they've seen on TV, but in actual statistics, as far as the US is concerned, the plea is rarely used and it's even more rare for it to be accepted.

    Same idea with computers. While an insanity plea means you couldn't control your mind, the virus plea means you couldn't control your computer, and it's totally plausible. I just bought a new laptop and was browsing through some sites, being bombarded with pop-ups. I was going to click a button, but the pop-ups kept... well, popping up, and just as I went to click the button, a pop-up sprung up and I clicked yes on that instead. (This was before I could install Mozilla or anything else to get around that kind of situation.) Almost immediately, there was all this porn-ware and spyware installed on my machine. I used ad-aware and spybot but, still not satisfied with the clean-up job, just formatted and reinstalled. The average user would not have even heard of ad-aware or spybot or thing that it was that big of a deal.

    Use the computer of a friend of yours who is an average computer user. Downloads music, checks e-mail, chats... that kind of thing. Run ad-aware or spybot on their computers. When I do this to help clean up friends computers and improve performance, the programs find something like a thousand files that are in suspicion. Sure, it'd be great if they could be more educated about the situation, but the education isn't readily avalible unless you're looking for it. To compare the use of a computer to driving a car is absurd. The system for licenses is very organized and infractions can clearly be observed, and then punished, as they're in public. You drive outside so it's relatively easy to make sure you're doing the right thing and even then, not everyone who doesn't signal as they change lanes or stop at red lights gets caught. Now image trying to apply such a thing to people while they're in the privacy of their own home.

    A solution (maybe it's temporary) will be to hear these exceptions in court and I could only hope that further courts will follow such examples.
  • by xyvimur ( 268026 ) <koo3ahzi@hulb[ ]org ['oj.' in gap]> on Monday August 11, 2003 @12:15PM (#6667071) Homepage
    This case tainted him forever. He'd lost his personal life, probably most of relatives turned away from him. It doesn't matter that he wasn't guilty. At least two types of crimes you can be accused and that will ruin your life whatever the outcome is. I mean peadophilia and rape. For many it will be enough that he was accused, no matter what was the decision of court. It's worse than shit under your shoe...
    On the other hand he should be grateful that case ended this way, if he would gone to prison - many `nice' people there would take `care of him'.

IOT trap -- core dumped

Working...