Police blotter: Open Wi-Fi blamed in child porn case

Police blotter is a weekly News.com report on the intersection of technology and the law.

What: A Texas man, whose home is raided in search of child porn, points to an open Wi-Fi connection that is not password-protected. He is convicted of possession of child pornography but appeals the decision, asserting an invalid search warrant.

When: 5th Circuit Court of Appeals rules on April 11.

Outcome: Conviction and prison sentence upheld.

What happened, according to court documents:
In early 2004, a woman in New York state told her local police that she had received an instant message with sexually explicit images of minors. The instant message allegedly came from the Yahoo ID "famcple."

The complaint was forwarded to the FBI's Buffalo, N.Y., field office, which then sent a subpoena to Yahoo for information about the owner of the "famcple" screen name.

Yahoo reported that the owner's name was "Mr. Rob Ram" and that he had been using the IP address 24.27.21.6, which was in turn traced back to Time Warner Cable. Through a second subpoena, the FBI learned from Time Warner that the IP address in use at that time was linked to Javier Perez, who lived on Scenic Brook Drive in Austin, Texas.

The usual steps followed: Perez's home was raided, and a special agent carted off his belongings.

What makes this case relevant to Police blotter is that Perez challenged the search warrant as unlawful. He claimed the open, unsecured wireless network in use meant that roommates or "neighbors would have been able to easily use (his) Internet access to make the transmissions."

Although the FBI didn't know it when they raided his home, one of Perez's housemates was named Robert Ramos--suspiciously similar to the Yahoo account owner's name of "Mr. Rob Ram."

Nevertheless, the FBI did say it discovered CDs with child porn in Perez's area of the house. He was arrested and charged with one count of possession of child pornography. After a federal judge denied his motion to suppress the evidence seized during the search, Perez entered a conditional guilty plea. He was sentenced to four years and 9 months in prison.

He appealed to the 5th Circuit Court of Appeals, which last week affirmed the lower court's ruling.

One can read an excerpt from the discussion below, but what deserves focus is the appeals court's statement that it was "likely" that the user of the IP address was inside Perez's home. That was a consideration that originally helped lead to the issuing of a search warrant.

It is possible that the user was inside Perez's home. But if there was, in fact, an open 802.11 Wi-Fi network, it's also possible that it was being used by anyone within a radius of a few hundred feet.

In a worst-case scenario, it isn't hard to imagine someone using another person's unsecured wireless connection to send child porn to the FBI, and then watch the agents show up and seize the target's computers and perhaps arrest the person in the process. Such a scenario will become even more of a possibility when future wireless networking technologies offer longer ranges.

This is not a new issue. A Washington Post article in February described the case of an elderly woman whose open wireless connection had apparently been used to distribute child porn.

Excerpts from the 5th Circuit's opinion:
Probable cause does not require proof beyond a reasonable doubt; a magistrate need only have a substantial basis for concluding that a search would uncover evidence of wrongdoing. A magistrate's determination is entitled to deference by reviewing courts.

In this case it is clear that there was a substantial basis to conclude that evidence of criminal activity would be found at 7608 Scenic Brook Drive. The affidavit presented to the magistrate included the information that the child pornography viewed by the witness in New York had been transmitted over the IP address 24.27.21.6, and that this IP address was assigned to Javier Perez, residing at 7608 Scenic Brook Drive, Austin, Texas, 78736.

Perez argues that the association of an IP address with a physical address does not give rise to probable cause to search that address. He argues that if he "used an unsecure wireless connection, then neighbors would have been able to easily use (Perez's) Internet access to make the transmissions." But though it was possible that the transmissions originated outside of the residence to which the IP address was assigned, it remained likely that the source of the transmissions was inside that residence.

Perez also argues that evidence that illicit transmissions were made does not give rise to probable cause that physical evidence would be located at the residence. However, the New York witness stated that the images she observed appeared to be videos played on a television screen transmitted via a Webcam. There was therefore a basis to believe that the suspect would have such videos in his residence.

Moreover, Britt stated in his affidavit that, in his experience, persons interested in child pornography typically retain numerous images of child pornography as well as "material documenting the arrangements, the introduction, and tasks to consummate the acquisition of child pornography." Based on this information, there was probable cause to believe that physical evidence of violations of the child pornography laws would be located at 7608 Scenic Brook Drive.

[SleeStaK911]

A rule of thumb

Just don't keep kiddie porn around, and this sort of thing won't be an issue...<br />Was the KP they found this Rob guys'?

[icccm08]

And the lesson is...

And the lesson is... secure your wi-fi network.

[thenet411]

No, it isn't

While securing your wireless is important, it is not the lesson to be learned here. The evidence points to an obvious attempt to use ignorance as a defense. In truth, this guy is obviously guilty. Even if his WiFi was unsecured (which in itself should be punishable by jail time) there is no physical way someone outside his house could have used his WiFi to burn CDs on the owners computer with child porn on them. Even if it was the roommate, why would they have ended up in the other guy's part of the house? <br /><br />I call BS on this one.

[knowles2]

Stupid of the FBI not check these scenerios in the first place

It is in fact more than possible, I have done it my self as a test to see if it was possible, and for fun on my next door neighbours computer, once you have access to computer from a remote source you can pretty much do anything, I have even manage to turn on a friend camera which was already plug into his computer and turn it on, over wifi.<br /><br />The real issue hear is did FBI explore these issues, scenerios before the case came to court and did they ask these questions and run a proper investigation to explore these options, and if they did not why did not they. Say checking computer to see out side access and who been using the wi-fi pretty sure that if they run these check they would of got a witness up on the stand dis crediting the defendent version of events.<br /><br />But from the story on this page it seem they did not do that which naive of the FBI, and could lead in to future, a lot of waste court time, , it they do not do these kind of investgations, it see people getting of on reasonable doubt, doing crime this way becomes more common and more known, which it will become.

[OneWithTech]

The EU is essentially...

...responsible for his/her wireless connection and the security <br />that goes along with it. <br /><br />If we let people like this hide behind the excuse that there <br />wireless network was open and unsecure; then I might as well <br />hack the **** out of people that anger me and then when I get <br />get caught I will just blame it on one of the 50 neighbors that <br />are within range of my wireless signal because I "left it un-<br />secure".<br /><br />You and only you, are responsible for the wireless networks that <br />you set up.<br /><br />Justin<br />Tech01<br />www.tech01.net

[d9930380]

Don't be a idiot

I'm all for personal responsibility but we have to keep in mind that someone is innocent till proven guilty.<br /><br />In the general sense I don't think you can say for certain that someone did anything based on an IP address. They can be spoofed, hi-jacked or in this case come from a Wi-Fi network that can be accessed from anywhere.<br /><br />However in this case where it was simply a means to obtain a search warrant then I don't see what the problem was. Offcourse this is enough to warrant a search warrant, it's the kiddie porn they found in his area that got him convicted.<br /><br />The thing I wonder is how do they stop hackers that break into banks from a public Wi-Fi hotspot?

[volterwd]

PRESUMED

It is a world of difference

[volterwd]

PRESUMED

It is a world of difference

[slaw05]

Housemate what?

"Although the FBI didn't know it when they raided his home, one of Perez's housemates was named Robert Ramos--suspiciously similar to the Yahoo account owner's name of "Mr. Rob Ram."<br /><br />"Nevertheless, the FBI did say it discovered CDs with child porn in Perez's area of the house."<br /><br />Lets see.. the CDs they found could have belonged to the housemate Robert Ramos whose name was linked to the Yahoo account. <br /><br />I guess the queston is what does "Perez's area of the house" mean. The roomy could have stashed the CDs in there.<br /><br />I think the wireless is a non-issue because they can trace the Yahoo account to a specific computer in the household.

[buffer_overflow]

Rules to live buy

As a systems admin and not just a "tech" I can't tell you how many times I have users ask me about securing their home network.<br /><br />Rule: Lock down your router/FW, use WEP with 128 bit encryption or use WPA personal it?s that simple... Also you must turn on logging, this helps to track any IP that may have breached your system and at least have their IP. Another action you can setup a secure network is to only grant or allow access via the machines unique MAC address.<br /><br />This does not stop someone from gaining access of their system if this was compromised because they were spoofed. If your not sure, contact a tech not the dime store want to be's that are basically weekend warriors, while some may have something decent to offer for information one may want to contact your local IT person if you work in a corporate environment.<br /><br />I know most would be happy to assist after hours especially if they get paid on the side; I usually get a nice diner out of it.

[Michael00360]

Once again The Law is 10 steps behind

It appears that the officers did not investigate the possibility of there being a user outside of the home using the open wi-fi network. Of course it does go without saying that it could be partially the defendant's fault for not securing his network. However, you would think that the police would have double checked before executing a raid based on the evidence they had.

[skeptik]

uh, they caught the guy(s)...

10 steps behind?<br />They suspected trafficing in child porn, they investigated, they found child porn.<br />Of course you could concoct some theory of how it wasn't his. And the drugs they found in his system were from coffee laced at Starbucks, and the money embezzled from his employer was actually stashed in his freezer by a vindictive co-worker at a party the weekend before...<br />But if it looks like a duck, walks like a duck, and quacks like a duck... it's probably a duck.<br /><br />This would be different if they searched his house and found no porn but were prosecuting. Or searched his house, found no porn but stumbled upon his personal pot stash. But they found what they expected to find. Which goes a long way to over-riding any crazy scenarios that would explain how it wasn't his.<br />It's not clear if he's taking the position that it isn't his, or if he's simply taking the position that he shouldn't be guilty because they shouldn't have had the right to search his house. If it's the latter, that's just silly. There is ALWAYS a possibility that evidence is not what it seems. That's why you get a trial, even after they catch you with damning evidence. That's your opportunity to explain your situation. But why should you get to avoid a trial just because there MIGHT be a possibility you're not guilty?

[Sniche]

Zune, could be the Porn Tool of choice

This has already happened not long after it launch. the way the <br />Zune works it would be hard to trace to the origin

[forgethis]

access provisioning is the answer

Hopefully, such incidents will drive the adoption of access and service provisioning solutions like Amazingports (<a class="jive-link-external" href="http://www.amazingports.com" target="_newWindow">http://www.amazingports.com</a>) and fon (<a class="jive-link-external" href="http://www.fon.com" target="_newWindow">http://www.fon.com</a>), which, while securing networks also go a step further and provide viable business models for hotspot owners.