Framed for child porn — by a PC virus

Joined
26 February 2007
Messages
10,180
Location
37°22′17″N 122°8′15″W
Of all the sinister things that Internet viruses do, this might be the worst: They can make you an unsuspecting collector of child pornography.

Heinous pictures and videos can be deposited on computers by viruses — the malicious programs better known for swiping your credit card numbers. In this twist, it's your reputation that's stolen.

Pedophiles can exploit virus-infected PCs to remotely store and view their stash without fear they'll get caught. Pranksters or someone trying to frame you can tap viruses to make it appear that you surf illegal Web sites.

7971c2e5-3d71-4e82-95f5-458c3ae0eb6e.hmedium.jpg


Whatever the motivation, you get child porn on your computer — and might not realize it until police knock at your door.

An Associated Press investigation found cases in which innocent people have been branded as pedophiles after their co-workers or loved ones stumbled upon child porn placed on a PC through a virus. It can cost victims hundreds of thousands of dollars to prove their innocence.

Their situations are complicated by the fact that actual pedophiles often blame viruses — a defense rightfully viewed with skepticism by law enforcement.

"It's an example of the old 'dog ate my homework' excuse," says Phil Malone, director of the Cyberlaw Clinic at Harvard's Berkman Center for Internet & Society. "The problem is, sometimes the dog does eat your homework."

The AP's investigation included interviewing people who had been found with child porn on their computers. The AP reviewed court records and spoke to prosecutors, police and computer examiners.

'It ruined my life'
One case involved Michael Fiola, a former investigator with the Massachusetts agency that oversees workers' compensation.

In 2007, Fiola's bosses became suspicious after the Internet bill for his state-issued laptop showed that he used 4 1/2 times more data than his colleagues. A technician found child porn in the PC folder that stores images viewed online.

Fiola was fired and charged with possession of child pornography, which carries up to five years in prison. He endured death threats, his car tires were slashed and he was shunned by friends.

Fiola and his wife fought the case, spending $250,000 on legal fees. They liquidated their savings, took a second mortgage and sold their car.

An inspection for his defense revealed the laptop was severely infected. It was programmed to visit as many as 40 child porn sites per minute — an inhuman feat. While Fiola and his wife were out to dinner one night, someone logged on to the computer and porn flowed in for an hour and a half.

Prosecutors performed another test and confirmed the defense findings. The charge was dropped — 11 months after it was filed.

The Fiolas say they have health problems from the stress of the case. They say they've talked to dozens of lawyers but can't get one to sue the state, because of a cap on the amount they can recover.

"It ruined my life, my wife's life and my family's life," he says.

The Massachusetts attorney general's office, which charged Fiola, declined interview requests.

Tapping viruses
At any moment, about 20 million of the estimated 1 billion Internet-connected PCs worldwide are infected with viruses that could give hackers full control, according to security software maker F-Secure Corp. Computers often get infected when people open e-mail attachments from unknown sources or visit a malicious Web page.

Pedophiles can tap viruses in several ways. The simplest is to force someone else's computer to surf child porn sites, collecting images along the way. Or a computer can be made into a warehouse for pictures and videos that can be viewed remotely when the PC is online.

"They're kind of like locusts that descend on a cornfield: They eat up everything in sight and they move on to the next cornfield," says Eric Goldman, academic director of the High Tech Law Institute at Santa Clara University. Goldman has represented Web companies that discovered child pornographers were abusing their legitimate services.

But pedophiles need not be involved: Child porn can land on a computer in a sick prank or an attempt to frame the PC's owner.

In the first publicly known cases of individuals being victimized, two men in the United Kingdom were cleared in 2003 after viruses were shown to have been responsible for the child porn on their PCs.

In one case, an infected e-mail or pop-up ad poisoned a defense contractor's PC and downloaded the offensive pictures.

In the other, a virus changed the home page on a man's Web browser to display child porn, a discovery made by his 7-year-old daughter. The man spent more than a week in jail and three months in a halfway house, and lost custody of his daughter.

Chris Watts, a computer examiner in Britain, says he helped clear a hotel manager whose co-workers found child porn on the PC they shared with him.

Watts found that while surfing the Internet for ways to play computer games without paying for them, the manager had visited a site for pirated software. It redirected visitors to child porn sites if they were inactive for a certain period.

'SODDI defense'
In all these cases, the central evidence wasn't in dispute: Pornography was on a computer. But proving how it got there was difficult.

Tami Loehrs, who inspected Fiola's computer, recalls a case in Arizona in which a computer was so "extensively infected" that it would be "virtually impossible" to prove what an indictment alleged: that a 16-year-old who used the PC had uploaded child pornography to a Yahoo group.

Prosecutors dropped the charge and let the boy plead guilty to a separate crime that kept him out of jail, though they say they did it only because of his age and lack of a criminal record.

Many prosecutors say blaming a computer virus for child porn is a new version of an old ploy.

"We call it the SODDI defense: Some Other Dude Did It," says James Anderson, a federal prosecutor in Wyoming.

However, forensic examiners say it would be hard for a pedophile to get away with his crime by using a bogus virus defense.

"I personally would feel more comfortable investing my retirement in the lottery before trying to defend myself with that," says forensics specialist Jeff Fischbach.

Even careful child porn collectors tend to leave incriminating e-mails, DVDs or other clues. Virus defenses are no match for such evidence, says Damon King, trial attorney for the U.S. Justice Department's Child Exploitation and Obscenity Section.

Legitmate claims not aired
But while the virus defense does not appear to be letting real pedophiles out of trouble, there have been cases in which forensic examiners insist that legitimate claims did not get completely aired.

Loehrs points to Ned Solon of Casper, Wyo., who is serving six years for child porn found in a folder used by a file-sharing program on his computer.

Solon admits he used the program to download video games and adult porn — but not child porn. So what could explain that material?

Loehrs testified that Solon's antivirus software wasn't working properly and appeared to have shut off for long stretches, a sign of an infection. She found no evidence the five child porn videos on Solon's computer had been viewed or downloaded fully. The porn was in a folder the file-sharing program labeled as "incomplete" because the downloads were canceled or generated an error.

This defense was curtailed, however, when Loehrs ended her investigation in a dispute with the judge over her fees. Computer exams can cost tens of thousands of dollars. Defendants can ask the courts to pay, but sometimes judges balk at the price. Although Loehrs stopped working for Solon, she argues he is innocent.

"I don't think it was him, I really don't," Loehrs says. "There was too much evidence that it wasn't him."

The prosecution's forensics expert, Randy Huff, maintains that Solon's antivirus software was working properly. And he says he ran other antivirus programs on the computer and didn't find an infection — although security experts say antivirus scans frequently miss things.

"He actually had a very clean computer compared to some of the other cases I do," Huff says.

The jury took two hours to convict Solon.

"Everybody feels they're innocent in prison. Nobody believes me because that's what everybody says," says Solon, whose case is being appealed. "All I know is I did not do it. I never put the stuff on there. I never saw the stuff on there. I can only hope that someday the truth will come out."

But can it? It can be impossible to tell with certainty how a file got onto a PC.

"Computers are not to be trusted," says Jeremiah Grossman, founder of WhiteHat Security Inc. He describes it as "painfully simple" to get a computer to download something the owner doesn't want — whether it's a program that displays ads or one that stores illegal pictures.

It's possible, Grossman says, that more illicit material is waiting to be discovered.

"Just because it's there doesn't mean the person intended for it to be there — whatever it is, child porn included."
 
Pretty scary. Similar thing can happen with being accused of down loading software or music illegally. To clear your name, you will have to erase your bank account.
 
When will a international team of internet snoops form to stop these things. To me this is internet terrorism and there is no one to stop it right now
 
When will a international team of internet snoops form to stop these things. To me this is internet terrorism and there is no one to stop it right now


America has no $$$$$.

Freedom of speech has it's costs.

Perhaps USA should adopt China's best practices. It's at least making China richer by a Billion $ everyday........ unlike the USA.
 
Everyone reading this should do two things, regularly:

1) Download and run a cache cleaning tool like CCleaner. Clear out all your cache and temp files.

2) Download and ran a malware scanner like MalwareBytes. Clean off anything it finds.

Macs aren't immune to this kind of thing, either. I've received spam emails that contained inappropriate pictures, and Macs get spam.

Even if you have an antispam program, the spam still had to make it to your computer in order to be scanned, and therefore if there was an embedded picture it exists on your computer somewhere.
 
Everyone reading this should do two things, regularly:

1) Download and run a cache cleaning tool like CCleaner. Clear out all your cache and temp files.

2) Download and ran a malware scanner like MalwareBytes. Clean off anything it finds.

Macs aren't immune to this kind of thing, either. I've received spam emails that contained inappropriate pictures, and Macs get spam.

Even if you have an antispam program, the spam still had to make it to your computer in order to be scanned, and therefore if there was an embedded picture it exists on your computer somewhere.

How valid are those programs?

I've heard that there are alot of these anti virus/malware programs which really are just that, but disguised as something that would help ya........
 
America has no $$$$$.

Freedom of speech has it's costs.

Perhaps USA should adopt China's best practices. It's at least making China richer by a Billion $ everyday........ unlike the USA.

While this might appear crude on its surface, it has some merit. How great would the ability to drive anywhere in the USA at anytime for any reason be if at any time someone could claim you were responsible for running over school children in Nebraska, and without proof consider you guilty until proven innocent.
 
Take them to the bank. I do IT for a living, and those are programs I literally use every day of my work life.
on your recommendation some time ago, i began using these every day. never so much as a hiccup, although i now filter all email through gmail.
 
Anything from Symantic?

Symantec sucks more than any sucky suck has ever sucked. It's practically a virus unto itself. I can't tell you how many machines I've had to clean that had SAV running on them -- it did nothing to prevent the infection, and the SAV bloatware only serves to slow your system to a crawl.

Plus, it's damn near impossible to remove. PM me and I'll link you some sooper sekrit tools for killing Symantec products off your computer once and for all, if you like.

You know what I'm finding works really well these days? The new free product from Microsoft -- Microsoft Security Essentials (MSE). It's sort of a Windows Defender on steroids. It runs smooth and quiet, and appears to do a good job keeping your system clean. Plus, it's free.
 
You know what I'm finding works really well these days? The new free product from Microsoft -- Microsoft Security Essentials (MSE). It's sort of a Windows Defender on steroids. It runs smooth and quiet, and appears to do a good job keeping your system clean. Plus, it's free.

I will give that a shot. I have been using "Vipre" on my machines but have been running into some problems as of late.
 
What about Norton Antivirus? I have been using AVG.....is that ok?
 
AVG's OK. They just came out with a version 9.0 of their product, which I haven't tried yet.
i've used avg for a few years (many devs i know have relied on it for years) and it seems to work well; installed 9 the other day and so far, nothing's blown up. i'm curious to see how avg9 & mse work in the same environment.

thx again for the ref on mse.
 
Thank you for the references also....appreciate it....by the way back to Batmans post....

That would totally suck to get framed for child porn and you have nothing to do with it....I think there should be some recourse that if you win against the allegations, then all your legal fees should be repaid by the state. That is only fair....if they are going to accuse you and then drain your pocket book, they should man up and say sorry publicly and repay you for any expenses occured plus loss wages and try hard to reinstate your good name.
 
Last edited:
Thank you for the references also....appreciate it....by the way back to Batmans post....

That would totally suck to get framed for child porn and you have nothing to do with it....I think there should be some recourse that if you win against the allegations, then all your legal fees should be repaid by the state. That is only fair....if they are going to accuse you and then drain your pocket book, they should man up and say sorry publicly and repay you for any expenses occured plus loss wages and try hard to reinstate your good name.

Why should taxpayers be held responsible for careless users' computer habits, and software maker's (Microshaft) lack of security in their products?

If anything users need to learn secure computer habits, and software makers need to be more accountable for their operating systems being so easy to exploit.
 
Why should taxpayers be held responsible for careless users' computer habits, and software maker's (Microshaft) lack of security in their products?

If anything users need to learn secure computer habits, and software makers need to be more accountable for their operating systems being so easy to exploit.

I am not talking about careless users......I am talking about good people who get ruined by someone.....You can be cautious and still get frauded.......

I am just saying there should be something middle ground that helps good people get back on their feet who get accused of things they didn't do.....that get ruined financially and reputably.....if you were in the guys shoes I am sure you would feel different. Its always easier to say things like that when its not you.

I do agree with the Microsoft comment and how people should be more careful......but nothing is perfect and the system always needs adjustments......the problem is that we don't adjust things quickly or soon enough.....the constitution is a good base of where we started, but its not perfect and needs adding or editing to it.......
 
Last edited:
I am not talking about careless users......I am talking about good people who get ruined by someone.....You can be cautious and still get frauded.......

I am just saying there should be something middle ground that helps good people get back on their feet who get accused of things they didn't do.....that get ruined financially and reputably.....if you were in the guys shoes I am sure you would feel different. Its always easier to say things like that when its not you.

I do agree with the Microsoft comment and how people should be more careful......but nothing is perfect and the system always needs adjustments......the problem is that we don't adjust things quickly or soon enough.....the constitution is a good base of where we started, but its not perfect and needs adding or editing to it.......
I do feel sorry for the folks in the story, and it is attributed to the "witch hunt" mentality we have for this stuff. I'm not sure making taxpayers pay for it is the best answer, maybe taking the money out of the prosecuter's personal paycheck for being overzealous? That will make prosecuters more cautious when they charge ahead with stuff like that.

What astounds me is that there was no concern by anyone in the story about the computer security habits of the users, nor of any concern about the inherent vulnerabilities of the operating systems of the users. Seems like everyone just accepts it as if it's okay and focus more on the end result which is the child porn.

If anything the story should have been centered around the users' computer habits, and the swiss cheese operating system that made this possible.

This is why I run Linux and I refuse to be held hostage by Windows viruses that target the weak security of the platform.
 
How valid are those programs?

I've heard that there are alot of these anti virus/malware programs which really are just that, but disguised as something that would help ya........

Malwarebytes is okay, not perfect. A friend's computer got infected with a security malware, and Malwarebytes removed only 70% of the infection, even after 6-7 repeated scans in safe mode and normal mode.

I had to go through the user profile directories to manually clean out the rest of the gunk, as well as edit the Windows registry to remove some of the remnants. I don't rely on Malwarebyes or 3rd party tools as the sole mechanism to keep computers clean. Many computers deemed "clean" by Malwarebytes probably still have residual infections remaining.
 
Malwarebytes is okay, not perfect. A friend's computer got infected with a security malware, and Malwarebytes removed only 70% of the infection, even after 6-7 repeated scans in safe mode and normal mode.

True. In my opinion, MWB is the best of the "end-user" level tools. There are some malwares, however, that MWB can't cure -- indeed, some malwares will actively block MWB from running, or even installing.

I have a whole bag of tricks that I use for systems that MWB can't clean, but it's a bit beyond the scope of this thread.
 
Back
Top