The New York Times has an article about Julian Green, 45, of the UK who was recently acquitted on a charge of child pornography by using a virus as a defense.
Apparently, the man's computer started "acting up" due to a virus and became unstable. However, not only was it unstable, but it also began making connections to the internet on its own and was, unbeknownst to the owner, downloading illegal child pornography.
Now, there are two very real concerns:
- Will people who are trafficking in illegal material start using viruses as a defense?
- Will people who know nothing of the material downloaded by the viruses on their computers start going to jail because they can't prove their innocence?
Considering the relatively sophisticated state of forensic computation these days, from the ability to resurrect deleted files weeks after they've been deleted, to the ability to scan for files containing illegal content even if their file names have been changed.
Over the last few years, internet-savvy traders in all sorts of illegal materials have been in a growing battle with authorities to create, distribute, store, and catalog illicit materials without being caught by the authorities.
Techniques have included using privacy technologies, such as file encryption, private encrypted storage units (like the little USB "key drives"), encrypted logical drives (using tools such as Apple's Disk Image program) to protect their data from the prying eyes of the authorities. They have also used sophisticated deletion routines to cover up their deleted files from detection by authorities after they are caught. Other, more advanced techniques include setting up networks of file servers where the files are constantly moving from place to place, such that at any given time a file may be located someplace almost impossible to detect, made all the more sneaky by using computers that they don't own through hacking or by taking advantage of "open" sites. Then, of course, there is the peer-to-peer networking.
All of this has spelled hard work for the law enforcement agencies that attempt to track down and bring to justice these perpetrators. The law enforcement industry has responded in kind, developing forensic software and hardware to recover deleted files, sophisticated search programs to find data hidden amongst otherwise innocent files on a disk, surveillance software to monitor large streams of data in order to determine if their content is legal, and code breaking software akin to that used by hackers to break into commercial systems that are used to defeat some of the encryption used by the perpetrators.
This is all well and good, but this case brings to the attention of the public the possibility that some of these techniques have become so sophisticated (both for exploitation by the bad guys and detection by the good guys) that it is rapidly becoming difficult for somebody to make sure that their own system is free of illegal content.
If you have an always-on Internet connection, you should seriously consider using a good (and up to date) firewall and antivirus package (or packages) and make sure that your operating system is kept up to date in terms of its security patches.