Framed for Child Porn
Inspired by the Story of Ned Solon
HomeNed's StoryNewspaper ArticlesLegal DocumentsAdam Walsh ActProtect YourselfSpecial ThanksContact Us
Investigator urges better computer crime analysis

Investigator urges better computer crime analysis

By TOM MORTON - Star-Tribune staff writer
Posted: Sunday, April 18, 2010 12:00 am

Comments

It's just a matter of time and numbers.

Walk to houses, turn the doorknobs, and eventually one will open.

Just like your computers, said Tami Loehrs of Tuscon, Ariz., who conducts forensic examinations of them to determine whether crimes have been committed on them or by them through the Internet.

"With wireless, the door's ajar," Loehrs added.

If computer hackers and viruses can break through the security of governments and major corporations that spend millions of dollars to secure their information technology, what happens to individuals?

When anti-virus software fails, individuals can find their identities stolen from or child pornography downloaded to their hard drives.

And sometimes innocent people have been charged, prosecuted and ruined, Loehrs said.

She examined the computer of Massachusetts government employee Michael Fiola, whose laptop was downloading 40 child pornography sites a minute.

A jury acquitted him, but not until after his life was ruined by the stigma of a crime involving the sexual assault of very young children, according to news reports.

Computer virus issues may have led to the conviction of Nathaniel "Ned" Solon of Casper, Loehrs said.

One method of investigating computer crime by law enforcement agencies has put many purveyors of child pornography behind bars, but it doesn't go far enough to determine how the images came to the computer, she said.

Affidavits of many child pornography cases explain the use of special software to identify files -- using a "Secure Hash Algorithm" value -- with known illegal images floating through cyberspace on peer-to-peer (P2P) networks, which directly link computers without a central server.

The software also seeks computers that can share those files.

Once the SHA value has been identified, investigators can make available a file of child pornography and identify computers that have downloaded the file.

In Solon's case, no one disputed the SHA numbers identifying files were on his computer.

The dispute concerned how they arrived.

Former Wyoming Division of Criminal Investigator Randy Huff worked the Solon case and said the computer had to be programmed to look for those images.

But Loehrs said it's not that simple.

If a file does not fully download, or is deleted, the SHA number and file name remain even though the file with the images is not there, she said.

During Solon's trial, Loehrs said payment problems with the court forced her to stop her research about the time she saw evidence that Solon's anti-virus software was failing, meaning the computer might not have been able to keep out child porn images.

Besides the computer activity, Loehrs questioned whether law enforcement agents took everything they needed from Solon's home to conduct an adequate investigation, an assertion disputed by prosecutors.

Likewise, Solon did not have the classic telltale signs of guilty child pornographers, such as spare hard drives to store images, Loehrs said.

Like the general public, the justice system will need time to fully grasp the huge scope of cybercrime, like the time it took to embrace DNA technology, she said.

"Unless you're immersed in it, you don't know what's out there," Loehrs said.

Comments

Reach Tom Morton at (307) 266-0592, or at tom.morton@trib.com.


Framed for child porn -- by a PC virus
Trojan horse found responsible for child porn
Wyoming crime unit busts Internet child predators
The Dark World of Child Porn
Child porn conviction of ex-airman vacated
Malware-Driven Child Porn Raises Red Flag
State worker cleared on child porn charges due to malware
Man cleared as child porn possession blamed on virus
Teenager confesses to being Nugache botnet mastermind
Hacker behind P2P botnet gets no jail time
P2P Botnet Pioneer Avoids Jail Time
LimeWire ID Theft Case Raises P2P Concerns
Highly Unlikely a Virus Would Place Images on Your Computer
Child Porn: Malware's ultimate evil
Child Pornography Virus
Multiple Cases of Viruses Downloading Child Pornography
Child porn-planting virus: Threat or bad defense?
Viruses
Why is Child Pornography on Your PC?
Viruses can lead to child porn on your computer
Frame-Up Virus Could Haunt Government Departments
Montpelier man charged in Internet child porn scam
Child porn task force arrests 44
Child Pornography Virus
The Importance of Aggressive Defense
Preventing Online Child Porn Viewing
Jury convicts man on child porn charges
Conviction Upheld Despite Judge's Exit
Court upholds Casper man's child porn conviction
Court upholds child porn conviction
Casper man will appeal child porn conviction
Attorney will appeal Casper man's case
Investigator urges better computer crime analysis
Solon Attorney asks U.S. Supreme Court to hear case
Child porn appeal now in the hands of high court
US Supreme Court denies Solon child porn appeal
Casper man makes final appeal
HomeNed's StoryNewspaper ArticlesLegal DocumentsAdam Walsh ActProtect YourselfSpecial ThanksContact Us