
How a federal spy case turned into a child pornography prosecution - hackuser
https://www.washingtonpost.com/world/national-security/how-national-security-powers-are-underpinning-some-ordinary-criminal-cases/2016/04/05/1a7685f4-fa36-11e5-80e4-c381214de1a3_story.html
======
SeanDav
If, during the entire history of the USA, some FBI agents had never been
proven to be corrupt, if judges had never been proven to be corrupt, if
evidence had never been proved to be planted by authorities, then maybe, just
maybe this would be justified.

In the real world, however, this is very, very scary and I consider myself
lucky I am not subject to this travesty.

Since there does not appear to be any proof that he downloaded the images, or
was involved in any way, other than pictures being found on various hard
drives, it is quite plausible to me that the FBI/NSA/CIA planted evidence in
order to blackmail him.

~~~
boosting7669
And yet a jury convicted him. This kind of thing is far beyond the
comprehension of the common juror. Knowing what I know about computer security
and how EASY it is to plant digital evidence without leaving a trace, even
from thousands of miles away, I'd have to see video evidence of the defendant
downloading the material as it happens before rendering such a verdict,
especially if it's going to mean decades in prison.

~~~
patcheudor
"Knowing what I know about computer security and how EASY it is to plant
digital evidence without leaving a trace."

This right here is the conversation which needs to happen around this
particular topic. In the security community the topic of forensic discovery of
child porn tends to get a hand-wave because child porn. It's there so someone
must be guilty. The fact is, it is trivial to plant such evidence on anyone's
computer and honestly, if a computer is connected to the Internet, define
ownership. Is your computer connected to the Internet? Then it's not your
computer. Ever used public WiFi? It's absolutely trivial for someone to inject
image requests which never get rendered, but which remain in the cache. This
can be done en-mass without anyone ever noticing until someone's computer gets
searched.

Based on digital evidence alone no one should ever be arrested, let alone
convicted on these charges, but the fact is, to catch someone who is guilty is
very difficult. Difficult to the degree that it should require video and/or
photographic evidence of the perp at the computer looking at the images.
Therefore it seems law enforcement and the justice system has decided that the
easy way out is to just go with what's on the hard-drive. If a few innocent
people get caught, no big deal, it's for the greater good.

~~~
agripa2
This is utterly terrifying. What are some common steps to prevent this kind of
"invisible" injection of images. If you're on private WiFi are you good to go?
Any common tips to stay secure?

~~~
maqr
You can tell your browser to not download images:
[https://support.mozilla.org/en-
US/questions/981640](https://support.mozilla.org/en-US/questions/981640)

This would disable all images, but that's what you want, because you can never
tell if a site you're going to has been compromised and what content they're
going to serve up until you've already downloaded it.

This doesn't completely solve the problem though, you'd also need to make sure
you don't have Flash or Java, and disable SVG and CSS now that I think about
it... plus an encoded text of an illegal image is still probably illegal, even
if it's text-encoded, so, uhh... I don't know, it depends how paranoid you
want to be.

If someone wanted to force you to have illegal data on your machine, there's
almost certainly a way to make it happen if you're connected to the internet
in any way. Hell, even gmail shows embedded images by default... and even if
you didn't open the email containing the illegal content, you still have it in
your inbox, so there's that...

~~~
patcheudor
This advice tends to be akin to the advise to disable JavaScript. Basically at
this point why are you even on the Internet? Also, as you mentioned Flash,
Java, and especially SVG. The only real mitigation here is full drive
encryption with a long passphrase which you'll never give up. Of course in the
eyes of the courts and public that's a serious double-edged sword because you
are assumed guilty at that point.

~~~
abyd
This is a good argument for Full disk encryption with a vpn and dns leak
protection. You're right about people using encryption too. They have a whole
playbook dedicated to targeting encryption(physical access is page one).

------
ekianjo
> In Gartenlaub’s case, the government made sealed filings, so neither the
> defense nor the public was able to see them. Based on the secret filings,
> the judge held that the government had shown probable cause that the house
> to be searched belonged to “an agent of a foreign power."

That's typically what you read about foreign police states.

~~~
tptacek
It is, but isn't it also the case that secret court filings are as old as the
US courts? How else would espionage prosecutions work? Similarly, how would
complicated organized crime investigations work without secrecy? Isn't the
alternative that prosecutors get exactly one bite at the apple, and if they're
wrong, the target of the investigation is tipped off?

The case that ultimately appears before the court, of course, needs to be
transparent. And the evidence collected by the prosecution must be made
available to the defendant. But this isn't that.

~~~
fiatmoney
"Secret court filings" that are hidden _from the defense during a trial_ are
ridiculously uncommon. Sealed filings for, eg, warrants are common. They are
typically made available to the defense & the public for the trial. Otherwise
the evidence amounts to "trust us, we're the government".

In counter-espionage cases, it is very common for the government to balance
concern about disclosing its methods with likelihood of a conviction. If they
fuck up the investigation and tip off the target before the trial, or tip off
other targets during the trial, it's not the court's job to give them a do-
over.

~~~
tptacek
Yes. Am I misreading this case? It seems like evidence was furnished, and that
the complaint here is that the original sealed warrant wasn't. The defense
objects because the original FISA warrant could have been flawed, and if it
was, the evidence deployed in the trial could have been excluded.

~~~
fiatmoney
"Evidence" isn't just "the parts of the evidence the prosecution wanted to
use".

How is the defense supposed to cross-examine the person who gathered the
evidence when they can't investigate the circumstances under which it was
gathered? How are they supposed to make a cogent argument that it was _not_ a
properly issued warrant unless they can see it? How are they supposed to argue
that even if the the warrant was proper, the evidence gathered was not under
the scope of the warrant? How are they supposed to get access to other
exculpatory evidence that would have been collected under the warrant, that
the prosecution declined to use?

~~~
tptacek
I understand the argument, but is that what actually happened here? My
understanding is that the one thing the defense doesn't have is the whole
justification for entering the defendant's personal space in the first place.

I could be misreading!

~~~
fiatmoney
It sure looks like you are. "Gartenlaub wants to see the warrant in his case
so he can challenge it as based on false information and therefore invalid."
According to the article the warrant itself and the filings in support of it
are unavailable to the defense. That is essential to making arguments on the
legality of the warrant in the first place, the scope of the evidence gathered
to the warrant, and factual arguments derived from the process of executing
the warrant.

(Example! The warrant included Device X, because Secret FBI Source Y said it
had classified information. The device was searched, but contained no such
information; in fact it had been completely wiped. This lets the defense argue
that the FBI knew the source was unreliable, or that the evidence found was
exculpatory (eg, evidence the target had been hacked to plant the child porn).
None of this is available to the defense.)

The government _says_ that the evidence gathered in the warrant has been made
available. They could very well be lying, or simply mistaken, and it's
impossible to investigate. Regardless, it is only part of the issue.

The process here is that the judge looked at it the government's arguments,
without involving the defense, and said "yeah, it looks good, trust me /
them".

(Which, incidentally, is completely contrary to the notion of the judge as a
neutral arbiter rather than an inquisitor working for the government. Not
surprising when the FISA court itself essentially operates in that capacity.)

~~~
tptacek
Sorry, I think I'm just being imprecise.

I understand the nature of his argument: he'd like to challenge the warrant to
get the CP evidence excluded. He can't, because the warrant is secret; his CP
criminal trial judge validated it, but in a normal case, he'd have the chance
to evaluate himself.

What I perceived you to have been claiming was that the defendant additionally
doesn't know the _actual provenance of the evidence_. Which computer did it
come from? How does he know the FBI didn't simply make it up?

It's that latter claim that I'm pushing back on.

~~~
fiatmoney
The warrant _establishes_ the provenance, it's the whole point!

~~~
tptacek
I feel like we're about to argue about the meaning of the word "provenance". I
meant it as "where the evidence came from". You mean it as "the legal
authority required to collect it". Both uses are valid, but I meant the
former.

~~~
fiatmoney
The _law_ is not being kept secret. The _facts supporting the issuance of the
warrant and the circumstances of its execution_ are. That is the causal
definition of "where the evidence came from". That in and of itself is
evidence.

"I first heard about the defendant's shenanigans when I was attending my
support group for compulsive liars, from Joe, the defendant's bitter ex-
husband. As I recall he was covered in blood at the time." That is a _factual
circumstance_ related to the issuance of the warrant that would be relevant to
the case, not _just_ the issuance of the warrant itself.

This is not a difficult distinction, it's one you're trying for whatever
reason to ignore.

------
mholt
The main problem I see is this:

> His attorney said his defense was hampered by an inability to obtain basic
> information about how the evidence was obtained and on what specific grounds
> the warrant was issued.

Authorities can obtain secret warrants and conduct ordinary criminal
investigations with it, conveniently withholding the evidence from the defense
attorney on the grounds that it was obtained under FISA. So now a man who is
innocent of the crime they got a warrant to investigate is unable to defend
himself for another, more ordinary, crime.

Not saying that crime is excusable and that jail time isn't justified for
child porn, but the inability to defend himself seems unfair.

~~~
tptacek
Was any evidence withheld here? Or is it instead the case that the original
FISA warrant was withheld (being part of a complicated counterespionage case),
and the defense feels that given the full warrant, they might be able to
defeat the search and have the CP evidence excluded?

~~~
tremon
That doesn't matter. If the government can't prove how it obtained the
evidence, it also can't prove that it didn't manufacture said "evidence".

~~~
tptacek
The government has explained how it obtained the evidence. That's not the
basis of the defense's complaint.

------
JumpCrisscross
> _Justice Department officials added that Congress has always intended that
> information obtained through intelligence authorities could be used in
> criminal prosecutions. 'It would be irresponsible for the government to
> ignore evidence of criminal wrongdoing when such evidence is lawfully
> collected,' said Justice Department spokesman Marc Raimondi._

Fair enough. Then on handover, from the intelligence community to domestic
prosecutors, lift any specialness the warrant was given for having been
granted through a FISA court.

------
rl3
> _Jeff Fischbach, a forensic technologist for the defense, said there is no
> evidence that the child pornography was ever seen by anyone who used the
> computer, much less Gartenlaub.

>The government’s own forensic expert, Bruce W. Pixley, said he could not find
any evidence of the material being downloaded onto any of the computers, the
defense noted. That means it had to have been copied onto the computer — but
by whom is unknown._

This guy was still convicted regardless, not to mention the fishy nature of
the case.

I've always thought that so-called "Advanced Persistent Threats" or state-
level actors—considering the ease and degree to which they can own most
targets—are very likely capable of planting incriminating evidence with such
precision so as to appear forensically sound in virtually every regard.

In reality though, it seems all that's required is removable media,
rudimentary technical skills, and a dumb jury.

------
appleflaxen
And the child porn charge doesn't really matter to the prosecutors. They
offered to drop it in return for espionage data.

The insidious part of all of this is that everybody is guilty of something.
And for a sufficiently connected person, you can find a sufficiently broad law
that you can charge them with a serious crime.

Combine that with selective enforcement (witness the absence of charges in the
wake of the subprime crisis), and you have an utterly arbitrary criminal
justice system that only functions to protect and advance the interests of the
1%.

~~~
lostgame
// I can handout a million vaccinations - // Or let 'em all die in
exasperation. // Have 'em all healed from their lacerations, // Or have 'em
all killed by assassination. // I can make anybody go to prison, // Just
because I don't like them.

// And I can do anything with no permission; // I have it all under my
command, because -

// I can guide a missile by satellite // By satellite

// And I can hit a target through a telescope // Through a telescope

// And I can end the planet in a holocaust // In a holocaust

\- 'flobots - handlebars'

[https://www.youtube.com/watch?v=HLUX0y4EptA](https://www.youtube.com/watch?v=HLUX0y4EptA)

------
noonespecial
So kiddie porn is just the new "drugs" is the new "he's a secret communist" is
the new "he's a secret loyalist" is the new "she's a witch in league with
satan". Par for the course.

I think American exceptionalism gets in our way here. Instead of asking _" how
could this happen in the land of the free?"_, the real question is _" You gave
some people limitless power and no oversight!? What the hell did you expect?
This is what always happens when you do that!"_

------
lasermike026
This is how democracies die. We must eliminate the secret court systems and
reintroduce the use of warrants from the publicly accessible courts. There is
no other alternative.

~~~
meric
The democracy is already dead. This is what death of a democracy looks like.

------
nobody_nowhere
Not even bothering with parallel construction in this one

------
matt_wulfeck
> The court also found that “there is no indication of any false statements
> having been included in the FISA materials.

Yes but how do we know that when it's kept a secret? We keep things like this
from being a secret so that this very question can be determined.

"Trust us. It's legit."

------
upofadown
> ... the prosecutors indicated a willingness to reduce or drop the child
> pornography charges if he would tell them about the C-17, ...

Doesn't the justice system have some sort of obligation to prosecute people
who they feel have committed serious crimes? How can a prosecutor just ignore
their clear duty in an attempt to extort cooperation from someone?

How is this sort of thing any more acceptable than just straight up torturing
the guy?

------
sneak
Tell me again why well-off American programmers continue living in that
country without the most basic of human rights?

It's time to go. You can still access us-east-1 from the civilized bits of
Europe, you know.

It has now been between 2 and 10 years since the time where it became totally
unreasonable to continue living there while other options are available to
you.

Don't wait until the trumped-up federal charges. Move now.

~~~
delinka
To where? What government on the planet doesn't have this kind of power over
its country's citizens? Of the governments you can list, how many of those
countries actually have civilization where a non-native wouldn't have to fear
for their lives?

~~~
cnfjdnncd
Iceland has a very good record with human rights and properly functioning
democratic representation.

Some of the Nordic states are trailing runners up.

~~~
webjprgm
Isn't Iceland going through a national financial crisis and also just booted
their president for lying to them? That doesn't sound much better.

~~~
tremon
Yes, they just booted their prime minister. Sounds like a politically healthy
country to me.

~~~
ptaipale
They also had their currency value cut to half in 2008, and that had a very
real impact on the purchasing power of people. The currency has recovered a
bit but the change is still there and its's big.

There are also currency controls for taking money out, etc. Iceland is still
in severe shock.

------
abyd
FbI traffics in child porn.
[http://www.usatoday.com/story/news/2016/01/21/fbi-ran-
websit...](http://www.usatoday.com/story/news/2016/01/21/fbi-ran-website-
sharing-thousands-child-porn-images/79108346/) They fabricate evidence when
they cannot make a case. [http://www.rollingstone.com/politics/news/how-fbi-
entrapment...](http://www.rollingstone.com/politics/news/how-fbi-entrapment-
is-inventing-terrorists-and-letting-bad-guys-off-the-hook-20120515) This is
obviously coercion. Connecting the porn files to one of their websites would
be very beneficial to the defense, and something I would love to see in the
court record.

------
sunstone
This case seems to have reasonable doubt all over it, if this is all they've
got.

------
notthegov
The irony is that the Clinton Administration was accused of deferring to
politics over intelligence warnings that Boeing was inadvertently or
carelessly leaking technology to China.

------
fweespee_ch
> In Gartenlaub’s case, the government made sealed filings, so neither the
> defense nor the public was able to see them. Based on the secret filings,
> the judge held that the government had shown probable cause that the house
> to be searched belonged to “an agent of a foreign power” or a spy.

> “The government is increasingly using national security tools to investigate
> domestic criminal ­cases, bypassing key constitutional protections,” said
> Patrick Toomey, a staff lawyer with the American Civil Liberties Union.
> “This problem is only compounded in the digital age, where the FBI is
> collecting vast amounts of our data for intelligence pur­poses but then goes
> sifting through all that information in unrelated criminal investigations.”

This is bullshit. You shouldn't be able to withhold evidence from the defense
when you are talking about throwing someone in jail.

They just want to get around the normal domestic constitutional protections
because it makes their job easier. Yeah, well, you make the prosecution's job
easier and you end up with prisons full of people because their key
performance indicators are convictions and their conviction rate.

> RIVERSIDE, Calif. — FBI agents entered Keith Gartenlaub’s home in Southern
> California while he and his wife were visiting her relatives in Shanghai.
> Agents wearing gloves went through boxes, snapped pictures of documents and
> made copies of three computer hard drives before leaving as quietly as they
> had entered.

> In Gartenlaub’s case, the defense unsuccessfully argued that he could not be
> linked to identical copies of child pornography videos found on four hard
> drives in his house. Two of the hard drives had been in a computer that was
> kept at a beach house where numerous people had access to it, Gartenlaub
> said.

> Jeff Fischbach, a forensic technologist for the defense, said there is no
> evidence that the child pornography was ever seen by anyone who used the
> computer, much less Gartenlaub.

> The government’s own forensic expert, Bruce W. Pixley, said he could not
> find any evidence of the material being downloaded onto any of the
> computers, the defense noted. That means it had to have been copied onto the
> computer — but by whom is unknown.

> Gartenlaub, 47, was fired in August 2014 and has been unemployed since. His
> attorney said his defense was hampered by an inability to obtain basic
> information about how the evidence was obtained and on what specific grounds
> the warrant was issued.

> During his initial appearance in a federal courthouse in Santa Ana, Calif.,
> the prosecutors indicated a willingness to reduce or drop the child
> pornography charges if he would tell them about the C-17, said Sara Naheedy,
> Gartenlaub’s attorney at the time.

This reads like, after failing to find proof he was a spy, the FBI "found
proof" he was a pedophile which given the sheer quantity of child porn the FBI
has control over seems oddly suspicious. It is extremely easy to plant the
information on the hard drives but it is much harder to create a chain of
events that links the specific user to the chain of events from acquiring it
to viewing it. [e.g. If you provide dates/times, what happens if he the guy
can prove he wasn't home at the time?]

So they went fishing with child porn charges in order to "encourage his
cooperation".

Admittedly, this could be a story the guy just tells to convince people he
isn't a pedo but honestly...it reads like they went with the one charge no one
would defend him on that was easy to fabricate. "We think he is a spy, we
think he is guilty, so let us create a situation that allows us to pressure
him to confessing what we really care about."

It isn't like the FBI hasn't done this before.

> According to two Boeing colleagues, who spoke on the condition of anonymity
> because they were not authorized to talk to the media, there is no such job
> at the company. And Gartenlaub was, in any case, an IT manager. Moreover,
> they said, the breached files were accessible through servers in the field,
> such as at Air Force ­bases. These were not servers that Gartenlaub or his
> team of engineers who supported the plane’s designers had access to, they
> said.

Wow. The guy didn't even have access to the stuff he was accused of leaking?!

~~~
Filligree
> During his initial appearance in a federal courthouse in Santa Ana, Calif.,
> the prosecutors indicated a willingness to reduce or drop the child
> pornography charges if he would tell them about the C-17, said Sara Naheedy,
> Gartenlaub’s attorney at the time.

Really? Really.

~~~
coffeedean
That is the key bit of the whole story. I can only imagine how many more cases
have been handled like this, with drug crimes or tax evasion charges used
instead of pornography.

~~~
CyberDildonics
The CEO of Quest went to jail for insider trading after refusing to bend to
the NSA.

~~~
jordanb
Downvoters: What the parent says is true:

[https://www.eff.org/deeplinks/2007/10/qwest-ceo-nsa-
punished...](https://www.eff.org/deeplinks/2007/10/qwest-ceo-nsa-punished-
qwest-refusing-participate-illegal-surveillance-pre-9-11)

------
ChiCommTroll
Here's some newspaper coverage from when Gartenlaub was originally arrested.

[http://www.ocregister.com/articles/gartenlaub-633671-fbi-
hom...](http://www.ocregister.com/articles/gartenlaub-633671-fbi-home.html)

------
ted12
Quotes in the linked article seem like lawyerly smokescreen to me. Assuming
that the government planted child porn on this guy is no more correct than
assuming he's guilty before a trial.

------
darawk
To be honest, nothing about this seems particularly bad. It seems like
circumstantially there was some evidence that he may have been a spy, the
government executed a FISA warrant on the basis of that belief, and then found
evidence of child porn.

I'm not generally a fan of secret warrants or broad search and seizure powers,
but this really doesn't strike me as a particularly bad case. This seems, by
and large, like an eminently reasonable and successful use of those powers.

~~~
kstenerud
Until you get to the money shot:

"During his initial appearance in a federal courthouse in Santa Ana, Calif.,
the prosecutors indicated a willingness to reduce or drop the child
pornography charges if he would tell them about the C-17, said Sara Naheedy,
Gartenlaub’s attorney at the time."

No evidence of downloading the porn. No evidence of viewing the porn. The only
way, according to their own experts, is if someone directly copied them on.

In other words, "Hey, look what nasty stuff we just happened to find on your
computer. Be a nice fella and tell us what we want to know, and we'll make
this go away."

~~~
darawk
> "During his initial appearance in a federal courthouse in Santa Ana, Calif.,
> the prosecutors indicated a willingness to reduce or drop the child
> pornography charges if he would tell them about the C-17, said Sara Naheedy,
> Gartenlaub’s attorney at the time."

While that does sound damning in a certain light, it's also consistent with
their primary mission, which is to counter espionage. I would hope that the
FBI would make exactly this kind of tradeoff in its pursuit of spies.

Now, of course, if your implication is that they fraudulently manufactured the
CP evidence in order to create leverage to extract this confession, that is
indeed reprehensible. But if they just happened to find CP and then used it as
leverage to pursue what is, IMO, a more important line of inquiry, then that
is just fine with me.

> No evidence of downloading the porn. No evidence of viewing the porn.

While the article does say that, let's be honest. What evidence can there be
of downloading porn? We all know how computers work, and this guy was a
sysadmin, so he does too. The fact that he didn't forget to clear his browser
history does not invalidate the presence of child porn on his computer.

That being said, of course it also doesn't eliminate the possibility that he
was framed or that he wasn't at fault for its presence there. But if the FBI
finds CP on someone's computer, I expect them to investigate and prosecute the
case in the absence of positive exculpatory evidence indicating that it wasn't
put there by that computer's owner.

~~~
kstenerud
The thing is, they also had no evidence of his even having viewed the files,
which means that the last access time was unset. Building a system to reset
the access time would be pretty involved; more involved, imo, than simply
hiding/encrypting a partition.

------
homero
Pedo or not, the govt is guilty scum

~~~
dang
Guilty scum or not, this is a bad HN comment. Please post civilly and
substantively, or not at all.

