|Home » Resources » Rants
The Emperor's New Clothes
Week of 28 November 2004
But he has nothing on at all!
- HC Andersen
Magnus Eriksson, a Fullbright scholar and researcher at the University of Lund Sweden, lives today with his wife in Alicante, Spain. He's been there five years. He was approached by a Swedish newspaper this weekend with word of a trial that ended only Friday. A verdict came down in a case against him. He was acquitted.
What was Eriksson to have done? Downloaded megatons of porn to his box - whereof 3,500 pictures were to have been child porn. With no trial and with only the word on the street he was driven from the university, from his home, from his country.
Anders Lindahl, the university official who reported the case to the police, still insists he acted correctly. 'I did what I had to do', he said. 'We are duty bound before the law to file a police complaint if there is reason to suspect a felony has been committed.'
When asked if the findings of the court would have any effect on his security policy, Lindahl replied:
'No, not as far as I know - after all, we have 6,500 computers here!'
Forensics expert Joakim von Braun was called in to investigate the computer of Magnus Eriksson and testify before the court. He worked from a copy of the hard drive in the suspect machine.
'As soon as I saw the drive I knew what happened', said von Braun. 'Someone installed Netbus on it.'
'The University of Lund had extremely poor security', added von Braun, noting that anyone with a minimum of skills could have broken into Eriksson's computer from a remote location.
'Actually Magnus Eriksson was the last person to be suspected: he had no authentication whatsoever to install new programs. Others at the university did have this authentication, and too many people knew their usernames and passwords.'
Unfortunately - 'inexplicably' - the system activity logs that could have revealed who broke into the computer were destroyed by the university. But von Braun found more: a program called FreeAgent that did the actual child porn retrieval.
'The data retrieval took place without the user of the computer being aware of it, and furthermore a majority of the pictures had not even been opened - no one even looked at them', reported von Braun, who concludes:
'It is extremely important to have anti-virus software and so-called firewalls to protect against interlopers.'