Man Fired When Laptop Malware Downloaded Porn 635
Geoffrey.landis writes "The Massachusetts Department of Industrial Accidents fired worker Michael Fiola and initiated procedures to prosecute him for child pornography when they determined that internet temporary files on his laptop computer contained child porn. According to Fiola, 'My boss called me into his office at 9 a.m. The director of the Department of Industrial Accidents, my immediate supervisor, and the personnel director were there. They handed me a letter and said, "You are being fired for a violation of the computer usage policy. You have pornography on your computer. You're fired. Clean out your desk. Let's go."' Fiola said, 'They wouldn't talk to me. They said, "We've been advised by our attorney not to talk to you."' However, prosecutors dropped the case when a state investigation of his computer determined there was insufficient evidence to prove he had downloaded the files. Computer forensic analyst Tami Loehrs, who spent a month dissecting the computer for the defense, explained in a 30-page report that the laptop was running corrupted virus-protection software, and Fiola was hit by spammers and crackers bombarding its memory with images of incest and pre-teen porn not visible to the naked eye. The virus protection and software update functions on the laptop had been disabled, and apparently the laptop was 'crippled' by malware. According to Loehrs, 'When they gave him this laptop, it had belonged to another user, and they changed the user name for him, but forgot to change the SMS user name, so SMS was trying to connect to a user that no longer existed ... It was set up to do all of its security updates via the server, and none of that was happening because he was out in the field.' A malware script on the machine surfed foreign sites at a rate of up to 40 per minute whenever the machine was within range of a wireless site."
This Is What Lawyers Are For... (Score:3, Informative)
Tough lesson learned... (Score:5, Informative)
Re:Certainly sounds fair... (Score:4, Informative)
Government employees in Massachusetts, the state that is so corrupt and dysfunctional it gives government all over the rest of the U.S. a black eye.
Seriously. I just escaped (to D.C., which, despite its warts is a million times better) from three years of living in that hellhole. I don't think I encountered a single effective or competently run state agency the whole time.
I expect the employee who would have been responsible for wiping this laptop is probably a relative of some high official, and probably doesn't know how to do anything except reinstall Windows from a factory CD.
Re:What is the real truth here? (Score:5, Informative)
Julie Amero ? (Score:5, Informative)
Re:Tough lesson learned... (Score:3, Informative)
Of course that is probably a better circumstance under which to be looking for a new job than the one he's in now...
Lawyer: This, boys and girls, is why . . . (Score:4, Informative)
This, in a nutshell, is why lawyer's represent guilty scum.
Sometimes, it turns out, they are neither . . .
Personally, I'm skeptical about the idea of malware that secretly downloads and hides kiddie porn--why would the malware developer do that? I really can't fault the emploeyr for not considering such an idea and investigating it.
The defense attorney, though, is to advocate for his client, even if the client claims seem far-fetched.
hawk, esq.
The majority of computer users are unaware... (Score:3, Informative)
Unlawful Termination (Score:2, Informative)
Actually even if he was guilty, they would have had to tell him before he went outside why he was fired, or he would have grounds for compensation.
Re:The real crime here... (Score:5, Informative)
Re:Certainly sounds fair... (Score:5, Informative)
There is no excuse for giving someone a used laptop or workstation that hasn't been cleaned. We don't concern ourselves much with our workstations since they never leave our network, but any laptops get a thorough cleansing before being re-issued to someone else.
Re:Certainly sounds fair... (Score:5, Informative)
Re:Lawyer: This, boys and girls, is why . . . (Score:4, Informative)
Re:Unlawful Termination (Score:1, Informative)
The flip side of the coin is that in "right to work" states, you can also quit your job at any time without giving your employer any notice or reason, and that your employer cannot force any kind of agreement on you that would prevent you from working for a different company.
Re:Lawyer: This, boys and girls, is why . . . (Score:5, Informative)
Re:Lawyer: This, boys and girls, is why . . . (Score:5, Informative)
There is more than one kind of malware.
One kind sends Phishing Spam / Viagra spam / etc.
Another performs DDoS attacks.
A third acts as a distributed FTP/Fileshare server so that the guilty have a place to hide & share their wares and not have a single point of being shut down by the authorities. Whether this be lists of CC numbers or kiddie porn is immaterial.
-nB
Re:Unlawful Termination (Score:3, Informative)
Re:Lawyer: This, boys and girls, is why . . . (Score:5, Informative)
Re:Certainly sounds fair... (Score:3, Informative)
Re:"We stand by our decision" (Score:1, Informative)
Refer to the entry for Mass, find Director of Department for Industrial Accidents. Unsure if info is accurate or current.
Re:Lawyer: This, boys and girls, is why . . . (Score:1, Informative)
So basically the system had no updates because the automatic updates were configured to work through an user that wasn't there anymore. Which leads a windows system to leaking like a sieve, explaining how he got the virus.
Re:Certainly sounds fair... (Score:3, Informative)
Re:Julie Amero ? (Score:5, Informative)
The forensic report is linked to on this page [csoonline.com] and is scathing about the IT staff.
They did the handover and didn't even notice that the antivirus wasn't working and that their SMS update system wasn't working.
It should be policy to handover computers with clean image and with updates.
Re:Certainly sounds fair... (Score:5, Informative)
He will, however, be suing them.
Re:Lawyer: This, boys and girls, is why . . . (Score:3, Informative)
That would really be insanely stupid considering the hysteria kiddie porn provokes. If he wanted to just store it, encrypt it and it's 100% safe. Stash it in a folder on a innocent DVDR; etc, etc. Anyone capable of creating malware certainly knows how to do this, and not risk having a FBI team break down his door next week.
I think the guys who do trade kiddie porn would be extremely paranoid and cautious.The dumb ones would have been caught by now. The idea that these guys are snickering while sending illegal porn to innocent people is as silly as those characterisations of terrorists as "they hate us because we're free". I believe the guy in this case was likely innocent, I think he was just collateral damage from some pay-per-click scam. The porn in his cache was just a side effect of sending his browser around in the background to earn a few cents.
Re:Not everybody is a slashdotter (Score:1, Informative)
Re:Lawyer: This, boys and girls, is why . . . (Score:3, Informative)
In old country, court used to mean you had no representation (lawyer), the prosecution made whatever wild claims it likes, and then they lock you up. End of story. Guilty or not, you get a fighting chance BECAUSE the alternative is we send men in black to your house and throw you in jail after a cute little show just because we don't like you.
Think Salem Witch Trials, nobody had any real defense, all accusations were absolute indications of guilt. This is what happens when you take away the right of the (presumed) guilty to defend themselves.
Re:Whats interesting in this story is.... (Score:1, Informative)
I ask because I have...err...my friend has not seen it since the early early days of the internet. Back then, you truly could stumble across it accidentally. It hasn't been that way for a long long time though, in my experience.
About two years ago I was trying out some search page I'd seen here on slashdot that displayed a cloud of very small thumbnails of what other people were browsing. Forget the name of it since I haven't used it since.
Anyhow... Seeing what all other folks were looking at was sort of novel. I was looking at this and that as new thumbnails popped up when I saw one that looked like a page with about a dozen images on it. Vaguely flesh colored images. I thought "That looks like porn. Wonder what they're looking at?" I figured the worst I might get was a page of naked guys and at best some hot, slutty girls. So I clicked the thumbnail.
It was clearly child porn. Naked young teens and pre-teens. Not "young looking 18 year olds with pigtails." Uh-uh. Quite clearly underaged kids.
Sort of an "oh shit" moment. Cleared the browser cache. Ran Eraser over the drive a time or two. That was the end of looking at what other people were browsing via graphical interface for me.
Re:Certainly sounds fair... (Score:2, Informative)
I dislike Massachusetts government enough that I'm actually going to respond to your post in detail. I can't speak for the whole state government, only those parts of it (and municipal subdivisions) that I ran into during my time there. Every one was problematic.
I've never applied for a job there, and would never do so for reasons that will shortly become obvious. To be blunt, the job I will start in DC in September is way better than *any* Massachusetts government job could be for a new lawyer.
My first experience was with the Mass RMV. On their website, they state [mass.gov] that you need a certain set of documents to convert an out-of-state license. I brought with me the printout of the linked page along with everything on it. After waiting two hours in line, I was informed by the employee that I needed an original birth certificate to prove my date of birth, despite the fact that my passport, which I had with me, had the date as required by the RMV. I showed her the list of documents, and checked off each item with a pen. No dice; she would not transfer my license. I asked to speak with the office manager and showed her the website printout. She accused me of making a fake printout and repeated what the employee had said.
I gave up, went home, and came back later with a file box full of documents. This time, after another two-hour wait (and presenting more documents than the RMV claims to require), I got my license.
My next experience was attempting to register to vote. It turned out that my apartment literally straddled the Cambridge and Somerville city lines. I first tried to register to vote with the Cambridge city clerk, as the street the apartment abutted was in Cambridge, as was my street address. I was denied because, according to the city of Cambridge, my apartment was in Somerville. So I went to the Somerville city clerk and was told my apartment was in Cambridge. Repeated letters to both cities failed to get me registered (actually, failed to elicit any response) and I was unable to vote in two elections that occurred before I moved one year later to an apartment that was unambiguously in Cambridge. Constitutional rights? Who gives a shit?
Then I experienced the fun of dealing with the Massachusetts Turnpike Authority. Silly me; I thought it would be handy to have an EZPass. So I tried to get one. Registering online was a cinch. But then I never received my EZPass transponder in the mail. They did take my money, and once again repeated contacts to various MTA officials resulted mostly in befuddlement. I eventually ate the $30 or so because it was just not worth my time to pursue the matter. I never saw an EZPass transponder before I moved out of the state. If you read the newspaper, none of this is a surprise. MTA officials are rarely in the news for turnpike-related decisions, but there has been a consistent stream of stories about their perks and inflated salaries.
And, of course, there's the Massachusetts Bay Transit Authority. Constant track fires, track infrastructure that is not as good as that in many Third World countries, speeds literally half those in either the New York or Washington subway systems, equipment that ages before its time due to neglect, a brand-new headhouse (Charles/MGH) with platforms so misaligned that wheelchair users can't get on the trains, an epic light-rail vehicle procurement fiasco (Google "type 8 chronology of events"), and buses that should be impounded and taken off the road for defects (5 bus fires in my 3 years there).
I've already mentioned the entertaining Department of Revenue tax procedure above, although, in fairness, they don't ever seem to have messed anything up for me, only designed a laughable procedure.
My last episode was with the RMV again; this time, they mistyped the VIN on my car registration. I should have known better than to try to fix it. No dice, and an indignant RMV official telling me that my lease contract (which matched my car) was w
Re:Lawyer: This, boys and girls, is why . . . (Score:5, Informative)
Why would it matter whether you believe someone might have a motive? I don't understand why people might commit all sorts of crimes, because I'd never do that. But some people commit those crimes anyway. Lots of people have motives to frame others for crimes.
In any case, on to methods. I have a demo on my web site of how to do "preloading" in javascript. Is javascript enabled in your browser? If so, my demo shows how I can create a web page that quietly downloads images from arbitrary URLs, without showing them to you. This may be used to load those images into your browser's cache. It has valid uses, such as to speed up subsequent downloading of other pages from my site which use those images. But I can just as easily fill your browser's cache with porn. Unless you know how to scan your browser's cache (or have the sense to purge it frequently), you'll never know what I've done to you. My code (actually my web server) also tells me your IP address, which I can use to send the authorities in to examine your browser's cache.
I'd be willing to testify in court how easy this is. And give the court a copy of my code (though they could easily download it from my web site
And yes, I usually do browse with scripting disabled. This was typed into a Firefox 3.0 window, which has the NoScripts extension installed. My demo code won't work against me.
Re:What is the real truth here? (Score:5, Informative)
"He'd have 40 Web sites hitting his computer in a minute -- who's the IT guy who looked at this and said, "Wow, this guy is pretty active on the Internet?'" Loehrs said. "It's physically impossible!"
Loehrs found a script file that was set to go out and run its own searches on foreign Web sites, she said. "And once you get into some of these foreign sites, you'll get all kinds of stuff you don't want to see.
"Actually, the child pornography was just a very small portion of it. The majority was just bizarre porn. He was being hit with everything," she added.
Re:Whats interesting in this story is.... (Score:3, Informative)
In my state child porn is pictures or video of person under the age of 18 involved in sexual acts or just unclothed. Also, anyone that looks like they are under the age of 18 according to the police inspector whether or not they actually are. Also , anyone that is obviously over the age of 18 but is dressed up to look like someone under the age of 18, also cartoon renderings of imaginary people who if they were not imaginary would be under the age of 18 or look like they would be in the opinion of the police investigator.
Re:Certainly sounds fair... (Score:3, Informative)
In fact, his attorney referred to his former employers as "buffoons". [pcworld.com]
From the article:
But he is unlikely to take his old job back, even if the DIA were to offer it, [attorney Timothy] Bradl said. "I would think that theoretically he'd be entitled to his job back with back-pay, however he would never want to go back to work with such buffoons," he said.
Comment removed (Score:5, Informative)
Legal "slam dunk"? (Score:2, Informative)
This whole case would seem to hinge on one forensic expert's testimony, so if I were a lawyer, I'd be a bit leery about considering this an open-and-shut case.
Still, I wish the guy a lot of luck in setting a precedent that you can't be held accountable in all situations for what your computer does.
I'm not sure if the guy wasn't lucky that the employer went immediately to start criminal proceedings --- that's the only reason he has a valid forensic analysis of the computer to show. In an ordinary instance of firing, the computer would almost certainly have been reimaged before he could sue to have it analyzed.
It seems there's room for a law that in cases like this, the employer has to get a forensic snapshot of the computer involved before reimaging it (or be responsible for destroying evidence in any subsequent discovery proceedings).
Re:"We stand by our decision" (Score:3, Informative)
I think it would be helpful for people to drop her a line asking how she lives with herself, and whether she can look her children in the eye now that she's helped ruined a man's reputation.
Re:Not everybody is a slashdotter (Score:3, Informative)
Re:Legal "slam dunk"? (Score:2, Informative)
Actually, this was backed up by two forensic examinations by the AG's office. FTA:
Loehrs, who spent a month dissecting the computer for the defense, explained in a 30-page report that the laptop was running corrupted virus-protection software, and Fiola was hit by spammers and crackers bombarding its memory with images of incest and pre-teen porn not visible to the naked eye.
Two forensic examinations conducted by the state Attorney General's Office for the prosecution concurred with that conclusion, Wark said.