5 Comments

Ethical Malware & Ethical Hacking

Feb 27, 2007
by

A former California Judge, Ronald C. Kline, was sentenced this week to 27 months of federal prison for possession of child pornography, he had thousands of pictures of under-age boys on his computer, and he was first noticed because of a “hacktivist” named Brad Wilman, or the citizen tipster. Brad wrote a trojan, and embedded it in some child pornography, he then uploaded the pics to known newsgroup sites frequented by pedophiles, who became infected upon downloading the pictures . Brad then had access to their machines, so he would look around for pictures, and other evidence, and upon finding some, sent the information to groups that track pedophiles, Pedowatch, who then sent it on to the authorities.

Authorities had no idea that Judge Kline was a pedophile until this information first appeared, so, the hacktivist did his “job” in exposing a pedophile, but, because of the nature of what he does, it did not make the case easy for prosecutors. The case was originally dropped in 2003, with the Judge saying it amounted to an illegal search and seizure because Brad was acting as an agent for law enforcement. So, they had to prove he acted on his own, and since they had no records of Brad, and the fact that he performed the searches six months before they contacted him, they were able to get the previous ruling overturned. Authorities found over 1,500 images and 24 videos of child pornography, a personal diary that talked about his interest in young boys, and, after searching his work computer, realized that he had even visited the pedophile sites in his judicial chambers.

Chalk another win for the good guys, it’s always good to see another dirt bag in jail, the latimes reported that he collapsed after the sentencing, falling back into his lawyers arms. Makes your heart fell all warm inside, don’t it?

But, and there is always a but, this type of thing could end up doing more harm than good. This case was dropped once because of the way the information was obtained, and then, when you are talking about the computer forensics aspect of it, you introduce someone else who could’ve downloaded porn to his computer. Had he not admitted to being a pedophile, what kind of trouble could the defendant’s attorney introduced? Prove that this hacktivist did not download this porn himself, prove to us beyond a shadow of a doubt that Brad did not download the porn for personal use and set the Judge up by leaving it on his computer. Once someone has admin access to a computer, times and dates mean nothing, it could’ve been either one accessing those files, prove otherwise.

I think it’s great that they got this guy, he was a Judge, but more importantly, he was a Little League umpire, with access to hundreds of kids everyday that he was there, I just hope he did not get to take advantage of the situation. Brad helped them find this guy, but the means in which he found the info could’ve helped him get away as well, and he would be getting ready to start calling games again, as Little League baseball season is beginning to get underway, and he could be marking his next potential target. I say good job this time Brad, continue to seek them out, but leave the information gathering to the police, while this one turned out for the good, the next time you might not be so lucky, and you might help someone get away to hurt someone else.

Filed under: Adware, Spyware, Greynets, & Internet Fraud + Internet Technology
  • http://www.revenews.com/wayneporter/ Wayne Porter

    Jimmy,

    Thanks for the coverage of that story.

    I am always happy to see a bad guy go down, the child pron thugs are the worse, but yes this case does worry me. The whole concept of "extortionware" and computer forensics was something I touched upon before. Take for example the carder botnet or q8 army case Boyd and I talked about at RSA- in both cases these rogues had COMPLETE control of the machines, the Q8 rogues used mangled versions of BitTorrent to upload Mr. Bean movies- it made us chuckleat first, then the implications set in- if they could upload that- they can upload anything they want…and bot herders today are they are sophisticated enough to even patch the machine and cleanup behind them…I can see a pressing real need for ID management and SECURE machines in the future…especially when people's lives- their very freedom hang on the threads digital wires.

    -wayne

  • http://www.jimmydaniels.com Jimmy Daniels

    And that brings an even more worrysome case to mind, the Julie Amero case, with the "rail roading, I can tell typed in adresses" case against her, if it wasn't for the internet, she would probably go quietly to jail because her school district did not have filters in place, did not have good support or training in place, or even up to date anti-virus software. Boggles the mind, the school district should be on trial, not her.

  • http://www.cumbrowski.com Carsten Cumbrowski

    Brad Wilman engaged himself in illegal activities in order to hunt down other people that engage in illegal activities. Does a cause justify the means? How far is too far? Who determines what too far is?

    I agree with most that in this case the cause justified the means, but I can't just say hallelujah and forget about the underlying issue.

    The consolidated suffering and pain caused by "means" for a "good cause" is enormous, which questions if any just cause justifies the use of unjust methods to reach its goals.

  • http://www.spywareguide.com Wayne Porter

    "Brad Wilman engaged himself in illegal activities in order to hunt down other people that engage in illegal activities. Does a cause justify the means? How far is too far? Who determines what too far is?"

    There are limits. Even in our cases we rarely enter the grey- we will social engineer, we are not what we seem, we may setup fake sites, experiments, hang out in dark areas, we setup traps, but yes there is a line where we would be no better than they are.

    But we dont keep a diary like that or tons or any pics like that- ever. No researcher would. The site of it makes me ill. It is illegal to even have one on your machine- any researcher knows it- and if gets on there- you get rid of it immediately- when hunting malware- you do find it.

    In the teacher's case- I think she was railroaded. Until we get secure ID managment and physical site management in place- it is just too easy to railroad people…

    -wayne

  • smith

    Jimmy Daniels,
    You are SPOT ON!
    Thanks a lot for sharing such a nice and informative article.
    Ethical hackers or white hats are good guys who attack the networks by owners permission looking for vulnerable points and reports back the problems or weak points of system of which a hacker can take advantage of.
    Ethical hacking is for personal knowledge and information only not for doing any harm.This is one way of hacking ids and passwords.

    For example if i know u very well then probably i would be able to guess what your security question answer maybe and therefore hack your id.

    For more information check this link: http://www.eccouncil.org/certification/certified_ethical_hacker.aspx