Stories
Slash Boxes
Comments

SoylentNews is people

Federal Cybersecurity Director Found Guilty on Child Porn Charges

posted by LaminatorX on Saturday August 30 2014, @07:19AM   Printer-friendly
from the watching-the-watchmen dept.

Anonymous Coward writes:

http://www.wired.com/2014/08/federal-cybersecurity-director-guilty-child-porn-charges/

"...As the acting cybersecurity chief of a federal agency, Timothy DeFoggi should have been well versed in the digital footprints users leave behind online when they visit web sites and download images.

But DeFoggi—convicted today in Nebraska on three child porn charges including conspiracy to solicit and distribute child porn—must have believed his use of the Tor anonymizing network shielded him from federal investigators.

He’s the sixth suspect to make this mistake in Operation Torpedo, an FBI operation that targeted three Tor-based child porn sites and that used controversial methods to unmask anonymized users.

But DeFoggi’s conviction is perhaps more surprising than others owing to the fact that he worked at one time as the acting cybersecurity director of the U.S. Department of Health and Human Services. DeFoggi worked for the department from 2008 until January this year...."

 
This discussion has been archived. No new comments can be posted.
Federal Cybersecurity Director Found Guilty on Child Porn Charges | Log In/Create an Account | Top | 9 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Interesting) by kaszz on Saturday August 30 2014, @12:06PM

    by kaszz (4211) on Saturday August 30 2014, @12:06PM (#87535) Journal

    "in November 2012 continued to operate his child porn sites secretly from a federal facility in Omaha for several weeks before shutting them down. During this time, they monitored the private communications "

    "The malware that investigators installed remotely on the machines of visitors to PedoBook and McGrath’s other sites was designed to identify the computer’s IP address as well as its MAC address and other identifiers."

    Conclusions:
      * Booby trap servers (in the software sense)
      * Don't assume the server contents is safe, thus P2P encryption for chats etc
      * Avoid Microsoft software
      * Use virtual environments which has no leads to any real identity whatsoever
      * Assume the protected network is fully compromised at all times

    Did I miss anything?

    (I don't care for child porn but find this cat-and-mouse chess interesting from a security point of view)

    Starting Score:    1  point
    Moderation   +2  
       Interesting=2, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 2) by Lagg on Saturday August 30 2014, @02:10PM

    by Lagg (105) on Saturday August 30 2014, @02:10PM (#87554) Homepage Journal

    Let's be honest, no one cares for child porn and the ones that do aren't talking about it. We don't even know if this guy cares for it because of the sheer amount of "TEH CHILD PORN TERRORISTS THINK OF THE CHILDREN" crap being thrown around, and if he does then this is a very good example of what happens when you start doing this despicable hysteria creating. It dilutes real cases of abuse. But in any case by booby trap I would assume you mean run a honeypot on it. If that isn't what you mean then perhaps add it to the list. Not sure if honeyd is still maintained but if it is that would be a good candidate. Could give a bit more insight into what attack vectors their stuff looks for.

    --
    http://lagg.me [lagg.me] 🗿