Sophos, a global leader in anti-virus protection for businesses,
warns that last week's verdict from a US federal appeal panel could
have far reaching implications for the IT security industry. During
a child pornography case, evidence supplied by an anonymous hacker
was deemed submissible.
Reports on US news site CNET News.com explain that an
anonymous hacker, known only as Unknownuser, planted a malicious
Trojan horse, Subseven, on the
computer of William Jarrett, a visitor to an internet message
board. The hacker then used this Trojan to remotely search
Jarrett's computer for pornographic downloads and followed up by
sending tip offs to the FBI.
"Some people might think it's a good idea to let Trojan horses
which are being used to trap criminals to slip through the net. In
the future law enforcement agencies may even try to apply pressure
on vendors to deliberately not detect certain Trojan horses. The
reality is there's no way of knowing whether code is being used for
good or bad, so we have no choice other than to flush it all out,"
said Graham Cluley, senior technology consultant, Sophos
Anti-Virus. "The Subseven Trojan has been used for subversive
purposes in the past; this decision to turn a blind eye to it in
some instances but not in others is completely unworkable for IT
The US District Court of Virginia originally ruled that the
hacker's evidence could not be considered as it was in breach of
the Fourth Amendment (which forbids US Government officials from
undertaking unreasonable searches or seizures). However, under
appeal, it was ruled that the hacker was acting independently of
the Government, so the Fourth Amendment did not apply. This was
found even though a string of email correspondence between the
hacker and the FBI was uncovered.
Indeed, an email from FBI agent Faulkner to Unknownuser,
described in the Appeal Court as "the proverbial 'wink and a nod'",
explained: "I can not [sic] ask you to search out cases such as the
one you have sent us. That would make you an agent of the Federal
Government and make how you obtain your information illegal...but
if you should happen across such pictures as the ones you have sent
to us...please feel free to send them to us."
The emails between the FBI and the hacker were described by the
Appeal Court as a "'pen-pal' type correspondence". At no time did
the FBI tell the hacker to halt activity, which the Judge described
as "discomforting". However, in summing up, it was ruled that the
anonymous hacker's evidence should stand.
The full appeal judgement can be found on the court's website.
It can also be downloaded in PDF format.