Discussions

Ethics of illegal hacking

+
0 Votes
Locked

Ethics of illegal hacking

axg
Sorry if this has been discussed before, but my searches didn't turn up any references. So my mini-rant...

I see in the news that "Ronald C Kline, a former senior judge from California, was sentenced following a lengthy case involving evidence gathered by illegal hacking".

Now I agree that jail is where this pervert should be, but I am concerned about the illegal hacking. Some of the evidence used was gathered by a trojan horse hack.

Surely there is enough support in the current surveillance laws to enable legal electronic watching. The s/w may involve trojan horse algorithms but it should be placed there legally with a warrant.

I would hate for a far worse offender than Kline to get off because of illegal surveillance.

And I hate the idea that some hackers may be able to justify their illegal activities because it "may" catch child abuser.

When I was young it was "acceptable" for police to extract a confession by beating a suspect. It has taken 30 years to overcome this "end justifies the means" physical assault excuse, why should we tolerate it in the virtual world?

Your comments please, regards Annette
  • +
    0 Votes
    HAL 9000 Moderator

    So the evidence gathered by it's use should never have been accepted by the court as it is Tainted Evidence.

    At a higher court it should be possible to get all the evidence presented thrown out because of the admitted Illegal Activity used to gather the evidence. Because some of the evidence gathered was tainted it will be up to the court to decide if this Tainted Evidence played a big enough role to allow any other follow up investigation if it does then everything gathered as evidence should be considered as inadmissible and the offender walks away free because there is nothing to present as evidence not even the sized computer will be admissible.

    The only way around this is if the offender was prosecuted under some of the new laws enacted since 9-11 and charged under Anti Terror Related Laws then it's my understanding that there is no need for Legally obtained evidence to be used as the authorities can claim that they where protecting the society so their methods justify the ends.

    Col

    +
    0 Votes
    deepsand

    Said citizen subsequently gave it to law enforcement.

    The court of 1st instance did in fact throw out the evidence; but, on appeal, it was ruled admissible owing to the fact that, as said citizen was not acting as an agent of the State, the State had committed no illegal act. At this point, the defendant plead guilty.

    Barring a successful arguing of the guilty plea having been elicited by way of duress at the hands of the State, the defendant is bound by his plea agreement, leaving him with a civil action against the hacker as his only recourse.

    +
    0 Votes
    wmlundine

    ...who recorded the cell phone conversation of Newt Gingrich, which resulted in a Gingrich conviction on tax evasion charges, was prosecuted by the state under criminal law. I guess it depends on who you hack.

    +
    0 Votes
    deepsand

    In this case the "hacker" is Canadian, so that there is no legal nexus by which he can be charged for any criminal offenses.

    +
    0 Votes
    wmlundine

    ...puts me in mind of the "NASA" hacker who resides in England I think. Are Canadian and GB laws so different?

    +
    0 Votes

    No

    HAL 9000 Moderator

    So I wonder what the difference actually is here.

    Col

    +
    0 Votes
    deepsand

    The U.S. authorities developed their own evidence, based on information that originated with a non-citizen acting in a foreign nation. In this instance, the Canadian authorities would need to be persuaded to prosecute under Canadian law.

    +
    0 Votes
    HAL 9000 Moderator

    To charge with Terror Related Activities like they seem to be doing to anyone caught Hacking a Computer System lately?

    It would be interesting to see this happen as the citizen in question deserves this I certainly don't support Child Abuse of any kind but by the same token I don't see how one Illegal Activity justifies the other unless of course it's the Government doing the Illegal things under the protection of Federal LAW!

    Besides it will no doubt be argued that when the Appeal Court Accepted the Illegal Evidence Gathered this was sufficient grounds for a Duress Plea anyway as the Court in question was unwilling to support the LAW.

    God I hate it I'm working with Legal WHORES way too much and am beginning to think like them.

    Col

    +
    0 Votes
    deepsand

    In this case the "hacker" is Canadian, so that there is no legal nexus by which he can be charged for any criminal offenses.

    +
    0 Votes
    HAL 9000 Moderator

    As the system was hacked just how did the Court Accept The Chain Of Evidence? And allow a conviction to be recorded as the State didn't initially Hack the System there is no possibility of knowing what was originally on the system and what had been added after the Original Hack that was not known about by the Systems Owner.

    This to me sounds like a great way of some pay back against someone you don't like who has made a decision that has adversely affected you in some manner.

    From a strictly Legal Prospective as the system was broken into from outside it's far more likely the the outside influence added the images and could have continued to do this over time to get a successful outcome to suit their own ends.

    I work with the high end professionals and they all know Bugger All about their systems just last week I scanned a Surgeons system and the AV product was only 3 months out of date and the Spy Ware Products came up with a message that the last update was 481 days ago and I was asked why this was Important.

    Col

    +
    0 Votes
    deepsand

    The Canadian "hacker" passed the information to a U.S. advocacy group, who then brought it to the attention of local law enforcement.

    Under "probable cause," based on said information, local law enforcement then obtained a search warrant, whereby they themselves obtained physical evidence from the accused's computer.

    +
    0 Votes
    HAL 9000 Moderator

    With no positive proof that the owner was responsible for downloading the images in question.

    I can not see how the Appeal Court ruled that the Images on the Computer where admissible particularly after they already knew that the Security of the system had been breached. So they would not be able to say positively that the images actually belonged to the owner of the machine. They could have been inserted onto the computer over a period of time by someone with a grudge against the person or they could have just been a complete Hoax.

    Personally I think that the Lower Court got it right in Ruling the Evidence as Inadmissible, because of the security breach.

    If I was placed in a position like that I would save my money for a defence and not try to have the case heard by a Court who wasn't applying the Law Correctly.

    Anyway the US is currently trying to Extradite a British Guy for Hacking in the US so what's stopping them doing the same thing here with Canada. As the two countries are so close they would stand a far better chance of getting a Positive Result in Extraditing the Hacker to the US from Canada for Trial. It would even improve their chances of doing this again in the future when they get a successful outcome on the first attempt.

    The problem with the British Guy who was a complete ID10T is that there is no way to prove Intent to do Damage where as with the Hacker in Canada there is a clear Intent to do damage and no proof that the images existed prior to the Trojan being activated.

    Col

    +
    0 Votes
    deepsand

    However, I'm not all that hopeful, given that our Supreme Court recently effectively gutted the "knock and announce" requirement, which has its basis in old English Common Law, prior to serving search warrants; now it's more like "bust in and announce."

    In the case at hand, I see the hacker's actions as being nothing but unlawfull trespass. Unfortunately, the courts here have given law enforcement increasingly greater latitude with regards to using evidence collected in "good faith." That may have been the case here, were it that the police did not know that the information provided them by the local advocacy group originated with the hacker.

    +
    0 Votes
    stephen_maloy

    I read an article two days ago which said federal authorities were able to use evidence from a non-American hacking from another country. Out of a few thousand that the hacker reported, two had been convicted. Hacker utilized a backdoor Trojan to gather evidence. I would think the evidence would be considered tainted if it was given by an anonymous hacker. However, if the feds launched their own investigation based on the hacker?s allegations and got the proper warrants, then I could see it being legitimate.

    +
    0 Votes
    Tig2

    So that we can follow your arguments based on same information.

    I may easily read another position that does not support your conclusion.

    +
    0 Votes
    axg

    Here is the first article I noticed
    http://www.latimes.com/news/local/la-ex-judge20feb21,0,546099.story?coll=la-home-local

    and here is a brief discussion of the legality of the evidence
    http://www.metnews.com/articles/2005/klei121405.htm

    The case has been going on for a few years

    regards

    +
    0 Votes
    Tig2

    I have learned that if I read the same information as everyone else, I sound much more intelligent.

    I appreciate the links!

    +
    0 Votes
    Why Me Worry?

    in this, but who is to decide what methods of hacking is ethical or unethical? If a company hires you to perform a penetration test on their network and then secure it against similar attacks, then that can be deemed as ethical hacking because (1) you are being hired and paid to perform a service and (2), the company's network you are targeting is aware of it and expecting it. Unethical hacking falls in the realm of extracting or stealing data without expressed permission of the party or parties the hacker is targeting. Although I agree that this judge should be convicted if he was engaging in illegal acts using his PC, but the method by which this evidence was gathered is by law "illegal" if it was obtained without a warrant, even though the judge is clearly guilty.

    +
    0 Votes
    apotheon

    "When I was young it was 'acceptable' for police to extract a confession by beating a suspect. It has taken 30 years to overcome this 'end justifies the means' physical assault excuse, why should we tolerate it in the virtual world?"
    If you think we, as a society, have really "overcome" that approach to law enforcement, you haven't been paying enough attention. I recommend you do some google searches for two things in particular: "no-nock raids" and "military commissions act". Both are current problems. No-knock raids are epidemic, and innocent people are being killed in them regularly -- but the "ends justify means" approach of modern law enforcement mandates that sort of approach, in case someone might flush a few ounces of heroin down a toilet. The Military Commissions Act of 2006, meanwhile, gives the DOJ the opportunity to circumvent the power of the courts to issue a Writ of Habeas Corpus any time the DOJ so desires, and significantly expands the power of law enforcement and military personnel to employ torture as an interrogation technique.

    +
    0 Votes
    Dr_Zinj

    Quote
    The number of no-knock raids has increased from 3,000 in 1981 to more than 50,000 last year, according to Peter Kraska, a criminologist at Eastern Kentucky University in Richmond.
    Botched raids are relatively rare, but since the early 1980s, 40 bystanders have been killed, according to the Cato Institute, a libertarian think tank in Washington.
    Unquote

    People have a Constitutional right to defend their lives, liberty and property. A no-knock raid precludes the possibility of serving a warrant to search a place. Failure to produce a warrant and identify the officers means that the person who's abode is being raided has full, legal, right to resist the invasion of his or her home, including the use of deadly force.
    Pray for the people if they are ever foolish enough to toss a flash-band grenade into my home and breakdown the door in the middle of the night; I'm a gun owner, former military, and an expert marksman. It'd be safer if they just blew up the house and sifted through the wreckage.

    +
    0 Votes
    HAL 9000 Moderator

    A No Knock Raid and then when the Feds got their A$$ whooped good they called in reinforcements and by that time both sides where driven into a position where neither could give in and allow Common Sense to prevail?

    Col

    +
    0 Votes
    axg

    umm I live in NZ and the gov't here has not enacted laws as radical as the "anti-terrorist" laws now in place in the US or the UK or some EU countries.

    There have been some changes made so that we can keep on trading with or visiting the USA. The worst of our police forces may take advantage in time, I suppose.

    regards, Annette

    +
    0 Votes
    apotheon

    The increasingly frequent practice of no-knock raids is not actually much linked to the so-called "war on terror". Instead, it's an outgrowth of the equally ludicrous "war on drugs".

    +
    0 Votes
    Mr L

    Aside from the obvious issue of using the results of an illegal act to try someone else, there is equally obvious issue of whether the evidence existed on the PC prior to the hack at all.

    It would have been/is trivial to plant the images/history/electronic trails allegedly left by the defendant...once the system was hacked. It can be reasonably argued that once the box is back-doored succesfully, nothing on it can be safely assumed to be the work or property of the owner of the system.

    This is not about how reprehensible this meat-sack may or may not be...it's about the "ends justifying the means" mentaility that has us just a step away from "Wellllllll, if you aren't doing anything wrong, Mr Smith, why can't we a) come into your home without a warrant whether you are here or not and look around b) read your mail whenever we feel like it c) tap your phone d) tap your internet connect e) install these little cameras around the interior of your house? Pick one, pick 'em all, they are all mearly extensions of the logic that allows "evidence" like this into our courts.

    Cheers.

    +
    0 Votes
    BALTHOR

    In America it has always been a crime for police to physically beat anyone to obtain a confession.A Trojan Horse is a computer virus.How does a Judge come upon a virus?Bad Judge or not really a Judge to begin with---

    +
    0 Votes
    axg

    My comment about excusable beatings by the police is not directly about American police. I have only ever visited the US for short periods of time.

    In all the countries that I have lived in, it has also been a crime for police to physically beat anyone, but 30 (and more) years ago, if a suspect "fell down" or "strongly resisted arrest" sometimes the instances were not investigated with as much vigour or public visibility as they are now.

    From what I have seen from the American media, a similar blind eye used to be turned in the US.

    Regards

    +
    0 Votes
    JimTheEngineer

    This is unrelated to the ethics question, but leaves me wondering about vulnerability. I'm not hiding porn, but I am wondering about pictures that are embedded in spam.

    Which picture viewing programs are vulnerable to something like a trojan horse embedded in the picture file? Microsoft Photo Editor? If a picture is embedded in an email, will opening the email trigger the hack? Will looking at the email preview do so? Which picture formats are vulnerable to such hacking?

    +
    0 Votes
    apotheon

    A "trojan horse" program is some program that looks innocuous and useful, and may actually be useful, but contains a malicious payload of some sort. Any type of program can contain such a thing, but it's highly unlikely that something like MS Paint will actually be a trojan horse program (unless Microsoft is giving us trojan horse programs -- I leave that conspiracy theory as an exercise for the reader).

    It's more likely that a trojan that finds its way onto your computer is something you downloaded from the Internet and installed, thinking it looked cool. You might be surprised by how much "freeware" actually conceals a malicious payload, sometimes in the form of some kind of virus "infection" capability or otherwise nasty, automated activity.

    More often, a trojan horse program is something that provides either automated or "manual" remote access to your computer. For instance, it may allow some remote security cracker to log into your system without having to have any "official" access permissions, or it may allow an automated process to connect to your system to perform some kind of unwanted activity like copying files or providing a proxy for malicious activity directed at others.

    The most common form of trojan horse program is one that makes your computer part of a "zombie network", which sends out spam to millions of hapless Internet users' email inboxes and spam comments (the current bane of my existence) to thousands of weblogs.

    At a guess, the security cracker in question created some innocuous-looking software that was downloaded and installed. At that point, it probably "phoned home" like ET, letting the security cracker know where to log in to the affected system remotely, bypassing the usual security precautions. Once there, he would likely be able to browse the filesystem, looking at anything he liked and using whatever programs he found on the machine. In the process of doing something like searching for credit card numbers, he probably stumbled across the kiddie porn, and the rest, as they say, is history.

    +
    0 Votes
    JimTheEngineer

    I knew nothing of Ronald C Kline or the case, so I googled and came up with this article:

    http://www.metnews.com/articles/2005/klei121405.htm

    That contained this paragraph:

    "Willman had attached a “Trojan Horse” virus to pornographic images of children on the Internet. The virus, which is downloaded onto an individual’s computer when that individual downloads an image to which the virus is attached, enabled Willman to open, alter, and download files on the infected computer."

    ...which led me to believe that one could alter a picture file (like ,jpg, .gif, etc.) by planting code inside the file such that viewing the file with Microsoft Photo Editor or something similar would take over the viewer program and cause it to download a trojan horse. I had never heard of that before and it left me wondering about which viewers could be so corrupted.

    I use Eudora for email and I have seen it "choke" on certain picture files attached to (usually spam) email messages ("Eudora has generated and error and will be shut down..."). I haven't traced it further, but the offending picture files all seem to start with the bytes "GIF87a" or GIF89" or something like that.

    Your post suggests that the article I read was not correct in suggesting that picture files could be so corrupted. Whew!

    Thank you for your reply.

    +
    0 Votes
    apotheon

    An image file can be "infected" with malware. It can even conceivably be "infected" with a trojan horse in some way.

    It's difficult to determine what you're talking about when you ask questions about the matter, because you're not using terms that relate clearly to the way various types of malware operate. Articles like the one cited are not very clear on the specifics of how the technology worked in this given case. It may be that the description given was technically accurate, even though it doesn't really describe the matter in precise terms -- you just have to interpret it in light of an understanding of how various types of malware work.

    By the way, the use of the term "virus" in that explanation is probably inaccurate. Trojans are very rarely distributed by the mechanism of a virus. It's far more likely that the term "virus" was used just because most nontechnical readers would not understand the term "trojan horse" as applied to software as a form of malware without the word "virus" attached.

    +
    0 Votes
    JimTheEngineer

    You're right - I'm probably misusing terms like "virus."

    Let me try a different approach. There are certain programs - usually supplied with a PC, like MS Photo Editor, or freeware, like irfanview - that will read a picture file (like a .jpg) and try to display a screen image. Is there any way of creating a picture file such that the display program changes from displaying a picture to executing an evil program, either on the PC or on the web?

    Is any of the available display programs vulnerable to being forced into that kind of operation?

    Note that this assumes the existence of a picture file (.jpg, etc.) somewhere, but no other program unwittingly (or wittingly) downloaded and/or executed.

    I'm quite careful to avoid executing - or even downloading - programs that are unknown to me, but I have been assuming that just viewing a picture file was not hazardous.

    Soooo - can I get bitten if I "view" a picture file?

    Come to think of it, would my "antivirus" program automatically scan a ".jpg" file, and would it detect an "evil" picture file?

    Thanks again for your help with this.

    +
    0 Votes
    apotheon

    . . . I probably came off more harshly than I intended. It happens from time to time. I don't expect everyone to know everything -- I just try to help others know what I know, and look for opportunity to learn from others as well. Hopefully this is helping at least a little.

    "Is there any way of creating a picture file such that the display program changes from displaying a picture to executing an evil program, either on the PC or on the web?"
    Possibly -- but it would most likely require either an extremely overblown image viewer/editor that includes some macro capability or other scripting capabilities, or something simpler that is far too closely integrated with the OS (I don't think that's even possible with any Microsoft-based image editors or viewers).

    It's more likely that something that isn't actually an image is "disguised" as one, possibly with a ".jpg.exe" filename extension so that double-clicking it will cause it to be executed directly rather than opened by an image viewer of some kind. This is especially effective on systems where one has ".exe" filename extensions hidden by default.

    "Is any of the available display programs vulnerable to being forced into that kind of operation?"
    Possibly any of them. A browser (especially IE through version 6, or version 7 on XP at least -- the jury's still out on Vista) or Photoshop is more likely exploitable than something like MS Paint, simply by virtue of overall complexity and the effects of featuritis (such as automatic handling of different filetypes regardless of what filetype you think it is). Almost any type of software is exploitable in some way, at least in theory -- you just have to take reasonable precautions, choose software wisely, check often (enough) for signs of being exploited, and hope for the best.

    "I'm quite careful to avoid executing - or even downloading - programs that are unknown to me, but I have been assuming that just viewing a picture file was not hazardous."
    It usually isn't. There isn't much in life that's certain, though.

    "Come to think of it, would my 'antivirus' program automatically scan a '.jpg' file, and would it detect an 'evil' picture file?"
    That depends on a number of factors, such as the antivirus software you use, its realtime scanning capabilities, whether it does a scheduled scan of the filesystem where the file is stored before the file's malicious payload is activated, how you actually acquired the file, and so on.

    "Thanks again for your help with this."
    Hopefully, I'm actually helpful.

    +
    0 Votes
    JimTheEngineer

    "Hopefully, I'm actually helpful."

    You are. The original article led me to believe that just viewing a picture could cause harm. It looks like that was not correct and I need not worry (much).

    (Of course, as my eyesight starts suffering from old age - any day now - viewing ANY picture might cause ME harm! :o)

    Thanks!

    +
    0 Votes
    mikemajor3

    steganography is the practice of embedding other files or small programs in pictures...there are several good programs in freeware. The pic usually looks like the original, except a bit wider or longer, and the color values don't change. You can look at it with anything, and its just a picture...but if you run the proper extraction program, the info is there.
    Really interesting stuff...

    +
    0 Votes
    ThirdWorldPatriot

    I was posting in a Forum in 2005 and handily proving that the Zionists always intended to seize the land of Palestine and ethnically cleanse the natives.

    Here's some of what turned up in my "private messaging":

    10:07 PM kellyrmc hi
    My grandma's b-day is May 16th she'll be 93 my uncle's b-day is May 21st
    he'll be 72 what are u doing for mother's day Kelly

    10:07 PM kellyrmc hi
    My grandma's b-day is May 16th she'll be 93 my uncle's b-day is May 21st
    he'll be 72 what are u doing for mother's day Kelly

    8:57 PM kellyrmc hi (Wednesday 20th April 2005)
    My cousin is getting engaged. my aunt is married for 50 years.my grandma is
    getting home health care. I went to a craft fair. also saw the Irish dancers
    at the library. Kelly

    8:31 PM kellyrmc hi (Friday 15th April 2005)
    my mom goes to a computer class on Wed Kelly

    Apr-14 kellyrmc Hello
    I'm going to the dr this month. Kelly

    Apr-13 kellyrmc Hello
    Dear Straighttalk, Did u hear that Britney Spears is pregnant? Also prince
    charles got married.My mom voted on the school taxes and a new mayor. I got a
    haircut my aunt took my grandma to the dr. Kelly

    Apr-13 kellyrmc Hello
    Dear Straighttalk, Did u hear that Britney Spears is pregnant? Also prince
    charles got married.My mom voted on the school taxes and a new mayor. I got a
    haircut my aunt took my grandma to the dr. Kelly

    (Needless to say, having failing to entrap me, the Zionists barred me from their Forum anyway!).

    +
    0 Votes
    deepsand

    You've lost me. What has this to do with the case under discussion?

    +
    0 Votes
    Pat Mckeon

    What has this got to do with the topic? What has it got to do with anything in fact? Did you mean to post this somewhere else? Why not post your shopping list next? Thanks

    +
    0 Votes
    ThirdWorldPatriot

    (Sorry, accidental duplicate!)

  • +
    0 Votes
    HAL 9000 Moderator

    So the evidence gathered by it's use should never have been accepted by the court as it is Tainted Evidence.

    At a higher court it should be possible to get all the evidence presented thrown out because of the admitted Illegal Activity used to gather the evidence. Because some of the evidence gathered was tainted it will be up to the court to decide if this Tainted Evidence played a big enough role to allow any other follow up investigation if it does then everything gathered as evidence should be considered as inadmissible and the offender walks away free because there is nothing to present as evidence not even the sized computer will be admissible.

    The only way around this is if the offender was prosecuted under some of the new laws enacted since 9-11 and charged under Anti Terror Related Laws then it's my understanding that there is no need for Legally obtained evidence to be used as the authorities can claim that they where protecting the society so their methods justify the ends.

    Col

    +
    0 Votes
    deepsand

    Said citizen subsequently gave it to law enforcement.

    The court of 1st instance did in fact throw out the evidence; but, on appeal, it was ruled admissible owing to the fact that, as said citizen was not acting as an agent of the State, the State had committed no illegal act. At this point, the defendant plead guilty.

    Barring a successful arguing of the guilty plea having been elicited by way of duress at the hands of the State, the defendant is bound by his plea agreement, leaving him with a civil action against the hacker as his only recourse.

    +
    0 Votes
    wmlundine

    ...who recorded the cell phone conversation of Newt Gingrich, which resulted in a Gingrich conviction on tax evasion charges, was prosecuted by the state under criminal law. I guess it depends on who you hack.

    +
    0 Votes
    deepsand

    In this case the "hacker" is Canadian, so that there is no legal nexus by which he can be charged for any criminal offenses.

    +
    0 Votes
    wmlundine

    ...puts me in mind of the "NASA" hacker who resides in England I think. Are Canadian and GB laws so different?

    +
    0 Votes

    No

    HAL 9000 Moderator

    So I wonder what the difference actually is here.

    Col

    +
    0 Votes
    deepsand

    The U.S. authorities developed their own evidence, based on information that originated with a non-citizen acting in a foreign nation. In this instance, the Canadian authorities would need to be persuaded to prosecute under Canadian law.

    +
    0 Votes
    HAL 9000 Moderator

    To charge with Terror Related Activities like they seem to be doing to anyone caught Hacking a Computer System lately?

    It would be interesting to see this happen as the citizen in question deserves this I certainly don't support Child Abuse of any kind but by the same token I don't see how one Illegal Activity justifies the other unless of course it's the Government doing the Illegal things under the protection of Federal LAW!

    Besides it will no doubt be argued that when the Appeal Court Accepted the Illegal Evidence Gathered this was sufficient grounds for a Duress Plea anyway as the Court in question was unwilling to support the LAW.

    God I hate it I'm working with Legal WHORES way too much and am beginning to think like them.

    Col

    +
    0 Votes
    deepsand

    In this case the "hacker" is Canadian, so that there is no legal nexus by which he can be charged for any criminal offenses.

    +
    0 Votes
    HAL 9000 Moderator

    As the system was hacked just how did the Court Accept The Chain Of Evidence? And allow a conviction to be recorded as the State didn't initially Hack the System there is no possibility of knowing what was originally on the system and what had been added after the Original Hack that was not known about by the Systems Owner.

    This to me sounds like a great way of some pay back against someone you don't like who has made a decision that has adversely affected you in some manner.

    From a strictly Legal Prospective as the system was broken into from outside it's far more likely the the outside influence added the images and could have continued to do this over time to get a successful outcome to suit their own ends.

    I work with the high end professionals and they all know Bugger All about their systems just last week I scanned a Surgeons system and the AV product was only 3 months out of date and the Spy Ware Products came up with a message that the last update was 481 days ago and I was asked why this was Important.

    Col

    +
    0 Votes
    deepsand

    The Canadian "hacker" passed the information to a U.S. advocacy group, who then brought it to the attention of local law enforcement.

    Under "probable cause," based on said information, local law enforcement then obtained a search warrant, whereby they themselves obtained physical evidence from the accused's computer.

    +
    0 Votes
    HAL 9000 Moderator

    With no positive proof that the owner was responsible for downloading the images in question.

    I can not see how the Appeal Court ruled that the Images on the Computer where admissible particularly after they already knew that the Security of the system had been breached. So they would not be able to say positively that the images actually belonged to the owner of the machine. They could have been inserted onto the computer over a period of time by someone with a grudge against the person or they could have just been a complete Hoax.

    Personally I think that the Lower Court got it right in Ruling the Evidence as Inadmissible, because of the security breach.

    If I was placed in a position like that I would save my money for a defence and not try to have the case heard by a Court who wasn't applying the Law Correctly.

    Anyway the US is currently trying to Extradite a British Guy for Hacking in the US so what's stopping them doing the same thing here with Canada. As the two countries are so close they would stand a far better chance of getting a Positive Result in Extraditing the Hacker to the US from Canada for Trial. It would even improve their chances of doing this again in the future when they get a successful outcome on the first attempt.

    The problem with the British Guy who was a complete ID10T is that there is no way to prove Intent to do Damage where as with the Hacker in Canada there is a clear Intent to do damage and no proof that the images existed prior to the Trojan being activated.

    Col

    +
    0 Votes
    deepsand

    However, I'm not all that hopeful, given that our Supreme Court recently effectively gutted the "knock and announce" requirement, which has its basis in old English Common Law, prior to serving search warrants; now it's more like "bust in and announce."

    In the case at hand, I see the hacker's actions as being nothing but unlawfull trespass. Unfortunately, the courts here have given law enforcement increasingly greater latitude with regards to using evidence collected in "good faith." That may have been the case here, were it that the police did not know that the information provided them by the local advocacy group originated with the hacker.

    +
    0 Votes
    stephen_maloy

    I read an article two days ago which said federal authorities were able to use evidence from a non-American hacking from another country. Out of a few thousand that the hacker reported, two had been convicted. Hacker utilized a backdoor Trojan to gather evidence. I would think the evidence would be considered tainted if it was given by an anonymous hacker. However, if the feds launched their own investigation based on the hacker?s allegations and got the proper warrants, then I could see it being legitimate.

    +
    0 Votes
    Tig2

    So that we can follow your arguments based on same information.

    I may easily read another position that does not support your conclusion.

    +
    0 Votes
    axg

    Here is the first article I noticed
    http://www.latimes.com/news/local/la-ex-judge20feb21,0,546099.story?coll=la-home-local

    and here is a brief discussion of the legality of the evidence
    http://www.metnews.com/articles/2005/klei121405.htm

    The case has been going on for a few years

    regards

    +
    0 Votes
    Tig2

    I have learned that if I read the same information as everyone else, I sound much more intelligent.

    I appreciate the links!

    +
    0 Votes
    Why Me Worry?

    in this, but who is to decide what methods of hacking is ethical or unethical? If a company hires you to perform a penetration test on their network and then secure it against similar attacks, then that can be deemed as ethical hacking because (1) you are being hired and paid to perform a service and (2), the company's network you are targeting is aware of it and expecting it. Unethical hacking falls in the realm of extracting or stealing data without expressed permission of the party or parties the hacker is targeting. Although I agree that this judge should be convicted if he was engaging in illegal acts using his PC, but the method by which this evidence was gathered is by law "illegal" if it was obtained without a warrant, even though the judge is clearly guilty.

    +
    0 Votes
    apotheon

    "When I was young it was 'acceptable' for police to extract a confession by beating a suspect. It has taken 30 years to overcome this 'end justifies the means' physical assault excuse, why should we tolerate it in the virtual world?"
    If you think we, as a society, have really "overcome" that approach to law enforcement, you haven't been paying enough attention. I recommend you do some google searches for two things in particular: "no-nock raids" and "military commissions act". Both are current problems. No-knock raids are epidemic, and innocent people are being killed in them regularly -- but the "ends justify means" approach of modern law enforcement mandates that sort of approach, in case someone might flush a few ounces of heroin down a toilet. The Military Commissions Act of 2006, meanwhile, gives the DOJ the opportunity to circumvent the power of the courts to issue a Writ of Habeas Corpus any time the DOJ so desires, and significantly expands the power of law enforcement and military personnel to employ torture as an interrogation technique.

    +
    0 Votes
    Dr_Zinj

    Quote
    The number of no-knock raids has increased from 3,000 in 1981 to more than 50,000 last year, according to Peter Kraska, a criminologist at Eastern Kentucky University in Richmond.
    Botched raids are relatively rare, but since the early 1980s, 40 bystanders have been killed, according to the Cato Institute, a libertarian think tank in Washington.
    Unquote

    People have a Constitutional right to defend their lives, liberty and property. A no-knock raid precludes the possibility of serving a warrant to search a place. Failure to produce a warrant and identify the officers means that the person who's abode is being raided has full, legal, right to resist the invasion of his or her home, including the use of deadly force.
    Pray for the people if they are ever foolish enough to toss a flash-band grenade into my home and breakdown the door in the middle of the night; I'm a gun owner, former military, and an expert marksman. It'd be safer if they just blew up the house and sifted through the wreckage.

    +
    0 Votes
    HAL 9000 Moderator

    A No Knock Raid and then when the Feds got their A$$ whooped good they called in reinforcements and by that time both sides where driven into a position where neither could give in and allow Common Sense to prevail?

    Col

    +
    0 Votes
    axg

    umm I live in NZ and the gov't here has not enacted laws as radical as the "anti-terrorist" laws now in place in the US or the UK or some EU countries.

    There have been some changes made so that we can keep on trading with or visiting the USA. The worst of our police forces may take advantage in time, I suppose.

    regards, Annette

    +
    0 Votes
    apotheon

    The increasingly frequent practice of no-knock raids is not actually much linked to the so-called "war on terror". Instead, it's an outgrowth of the equally ludicrous "war on drugs".

    +
    0 Votes
    Mr L

    Aside from the obvious issue of using the results of an illegal act to try someone else, there is equally obvious issue of whether the evidence existed on the PC prior to the hack at all.

    It would have been/is trivial to plant the images/history/electronic trails allegedly left by the defendant...once the system was hacked. It can be reasonably argued that once the box is back-doored succesfully, nothing on it can be safely assumed to be the work or property of the owner of the system.

    This is not about how reprehensible this meat-sack may or may not be...it's about the "ends justifying the means" mentaility that has us just a step away from "Wellllllll, if you aren't doing anything wrong, Mr Smith, why can't we a) come into your home without a warrant whether you are here or not and look around b) read your mail whenever we feel like it c) tap your phone d) tap your internet connect e) install these little cameras around the interior of your house? Pick one, pick 'em all, they are all mearly extensions of the logic that allows "evidence" like this into our courts.

    Cheers.

    +
    0 Votes
    BALTHOR

    In America it has always been a crime for police to physically beat anyone to obtain a confession.A Trojan Horse is a computer virus.How does a Judge come upon a virus?Bad Judge or not really a Judge to begin with---

    +
    0 Votes
    axg

    My comment about excusable beatings by the police is not directly about American police. I have only ever visited the US for short periods of time.

    In all the countries that I have lived in, it has also been a crime for police to physically beat anyone, but 30 (and more) years ago, if a suspect "fell down" or "strongly resisted arrest" sometimes the instances were not investigated with as much vigour or public visibility as they are now.

    From what I have seen from the American media, a similar blind eye used to be turned in the US.

    Regards

    +
    0 Votes
    JimTheEngineer

    This is unrelated to the ethics question, but leaves me wondering about vulnerability. I'm not hiding porn, but I am wondering about pictures that are embedded in spam.

    Which picture viewing programs are vulnerable to something like a trojan horse embedded in the picture file? Microsoft Photo Editor? If a picture is embedded in an email, will opening the email trigger the hack? Will looking at the email preview do so? Which picture formats are vulnerable to such hacking?

    +
    0 Votes
    apotheon

    A "trojan horse" program is some program that looks innocuous and useful, and may actually be useful, but contains a malicious payload of some sort. Any type of program can contain such a thing, but it's highly unlikely that something like MS Paint will actually be a trojan horse program (unless Microsoft is giving us trojan horse programs -- I leave that conspiracy theory as an exercise for the reader).

    It's more likely that a trojan that finds its way onto your computer is something you downloaded from the Internet and installed, thinking it looked cool. You might be surprised by how much "freeware" actually conceals a malicious payload, sometimes in the form of some kind of virus "infection" capability or otherwise nasty, automated activity.

    More often, a trojan horse program is something that provides either automated or "manual" remote access to your computer. For instance, it may allow some remote security cracker to log into your system without having to have any "official" access permissions, or it may allow an automated process to connect to your system to perform some kind of unwanted activity like copying files or providing a proxy for malicious activity directed at others.

    The most common form of trojan horse program is one that makes your computer part of a "zombie network", which sends out spam to millions of hapless Internet users' email inboxes and spam comments (the current bane of my existence) to thousands of weblogs.

    At a guess, the security cracker in question created some innocuous-looking software that was downloaded and installed. At that point, it probably "phoned home" like ET, letting the security cracker know where to log in to the affected system remotely, bypassing the usual security precautions. Once there, he would likely be able to browse the filesystem, looking at anything he liked and using whatever programs he found on the machine. In the process of doing something like searching for credit card numbers, he probably stumbled across the kiddie porn, and the rest, as they say, is history.

    +
    0 Votes
    JimTheEngineer

    I knew nothing of Ronald C Kline or the case, so I googled and came up with this article:

    http://www.metnews.com/articles/2005/klei121405.htm

    That contained this paragraph:

    "Willman had attached a “Trojan Horse” virus to pornographic images of children on the Internet. The virus, which is downloaded onto an individual’s computer when that individual downloads an image to which the virus is attached, enabled Willman to open, alter, and download files on the infected computer."

    ...which led me to believe that one could alter a picture file (like ,jpg, .gif, etc.) by planting code inside the file such that viewing the file with Microsoft Photo Editor or something similar would take over the viewer program and cause it to download a trojan horse. I had never heard of that before and it left me wondering about which viewers could be so corrupted.

    I use Eudora for email and I have seen it "choke" on certain picture files attached to (usually spam) email messages ("Eudora has generated and error and will be shut down..."). I haven't traced it further, but the offending picture files all seem to start with the bytes "GIF87a" or GIF89" or something like that.

    Your post suggests that the article I read was not correct in suggesting that picture files could be so corrupted. Whew!

    Thank you for your reply.

    +
    0 Votes
    apotheon

    An image file can be "infected" with malware. It can even conceivably be "infected" with a trojan horse in some way.

    It's difficult to determine what you're talking about when you ask questions about the matter, because you're not using terms that relate clearly to the way various types of malware operate. Articles like the one cited are not very clear on the specifics of how the technology worked in this given case. It may be that the description given was technically accurate, even though it doesn't really describe the matter in precise terms -- you just have to interpret it in light of an understanding of how various types of malware work.

    By the way, the use of the term "virus" in that explanation is probably inaccurate. Trojans are very rarely distributed by the mechanism of a virus. It's far more likely that the term "virus" was used just because most nontechnical readers would not understand the term "trojan horse" as applied to software as a form of malware without the word "virus" attached.

    +
    0 Votes
    JimTheEngineer

    You're right - I'm probably misusing terms like "virus."

    Let me try a different approach. There are certain programs - usually supplied with a PC, like MS Photo Editor, or freeware, like irfanview - that will read a picture file (like a .jpg) and try to display a screen image. Is there any way of creating a picture file such that the display program changes from displaying a picture to executing an evil program, either on the PC or on the web?

    Is any of the available display programs vulnerable to being forced into that kind of operation?

    Note that this assumes the existence of a picture file (.jpg, etc.) somewhere, but no other program unwittingly (or wittingly) downloaded and/or executed.

    I'm quite careful to avoid executing - or even downloading - programs that are unknown to me, but I have been assuming that just viewing a picture file was not hazardous.

    Soooo - can I get bitten if I "view" a picture file?

    Come to think of it, would my "antivirus" program automatically scan a ".jpg" file, and would it detect an "evil" picture file?

    Thanks again for your help with this.

    +
    0 Votes
    apotheon

    . . . I probably came off more harshly than I intended. It happens from time to time. I don't expect everyone to know everything -- I just try to help others know what I know, and look for opportunity to learn from others as well. Hopefully this is helping at least a little.

    "Is there any way of creating a picture file such that the display program changes from displaying a picture to executing an evil program, either on the PC or on the web?"
    Possibly -- but it would most likely require either an extremely overblown image viewer/editor that includes some macro capability or other scripting capabilities, or something simpler that is far too closely integrated with the OS (I don't think that's even possible with any Microsoft-based image editors or viewers).

    It's more likely that something that isn't actually an image is "disguised" as one, possibly with a ".jpg.exe" filename extension so that double-clicking it will cause it to be executed directly rather than opened by an image viewer of some kind. This is especially effective on systems where one has ".exe" filename extensions hidden by default.

    "Is any of the available display programs vulnerable to being forced into that kind of operation?"
    Possibly any of them. A browser (especially IE through version 6, or version 7 on XP at least -- the jury's still out on Vista) or Photoshop is more likely exploitable than something like MS Paint, simply by virtue of overall complexity and the effects of featuritis (such as automatic handling of different filetypes regardless of what filetype you think it is). Almost any type of software is exploitable in some way, at least in theory -- you just have to take reasonable precautions, choose software wisely, check often (enough) for signs of being exploited, and hope for the best.

    "I'm quite careful to avoid executing - or even downloading - programs that are unknown to me, but I have been assuming that just viewing a picture file was not hazardous."
    It usually isn't. There isn't much in life that's certain, though.

    "Come to think of it, would my 'antivirus' program automatically scan a '.jpg' file, and would it detect an 'evil' picture file?"
    That depends on a number of factors, such as the antivirus software you use, its realtime scanning capabilities, whether it does a scheduled scan of the filesystem where the file is stored before the file's malicious payload is activated, how you actually acquired the file, and so on.

    "Thanks again for your help with this."
    Hopefully, I'm actually helpful.

    +
    0 Votes
    JimTheEngineer

    "Hopefully, I'm actually helpful."

    You are. The original article led me to believe that just viewing a picture could cause harm. It looks like that was not correct and I need not worry (much).

    (Of course, as my eyesight starts suffering from old age - any day now - viewing ANY picture might cause ME harm! :o)

    Thanks!

    +
    0 Votes
    mikemajor3

    steganography is the practice of embedding other files or small programs in pictures...there are several good programs in freeware. The pic usually looks like the original, except a bit wider or longer, and the color values don't change. You can look at it with anything, and its just a picture...but if you run the proper extraction program, the info is there.
    Really interesting stuff...

    +
    0 Votes
    ThirdWorldPatriot

    I was posting in a Forum in 2005 and handily proving that the Zionists always intended to seize the land of Palestine and ethnically cleanse the natives.

    Here's some of what turned up in my "private messaging":

    10:07 PM kellyrmc hi
    My grandma's b-day is May 16th she'll be 93 my uncle's b-day is May 21st
    he'll be 72 what are u doing for mother's day Kelly

    10:07 PM kellyrmc hi
    My grandma's b-day is May 16th she'll be 93 my uncle's b-day is May 21st
    he'll be 72 what are u doing for mother's day Kelly

    8:57 PM kellyrmc hi (Wednesday 20th April 2005)
    My cousin is getting engaged. my aunt is married for 50 years.my grandma is
    getting home health care. I went to a craft fair. also saw the Irish dancers
    at the library. Kelly

    8:31 PM kellyrmc hi (Friday 15th April 2005)
    my mom goes to a computer class on Wed Kelly

    Apr-14 kellyrmc Hello
    I'm going to the dr this month. Kelly

    Apr-13 kellyrmc Hello
    Dear Straighttalk, Did u hear that Britney Spears is pregnant? Also prince
    charles got married.My mom voted on the school taxes and a new mayor. I got a
    haircut my aunt took my grandma to the dr. Kelly

    Apr-13 kellyrmc Hello
    Dear Straighttalk, Did u hear that Britney Spears is pregnant? Also prince
    charles got married.My mom voted on the school taxes and a new mayor. I got a
    haircut my aunt took my grandma to the dr. Kelly

    (Needless to say, having failing to entrap me, the Zionists barred me from their Forum anyway!).

    +
    0 Votes
    deepsand

    You've lost me. What has this to do with the case under discussion?

    +
    0 Votes
    Pat Mckeon

    What has this got to do with the topic? What has it got to do with anything in fact? Did you mean to post this somewhere else? Why not post your shopping list next? Thanks

    +
    0 Votes
    ThirdWorldPatriot

    (Sorry, accidental duplicate!)