
Anonymous publishes 3800 user names from #opPedoChat - DocFeind
http://pastebin.ca/2177612
======
nikcub
This can only go wrong, and it has in the past. Do you guys know about
Operation Ore? It is a case study of how things can get out of hand and go
wrong with the hysteria around child pornography. 4,283 homes were searched,
3,744 arrests were made and some 33 suspects committed suicide because of the
investigation.

Operation Ore was a British investigation that stemmed from a US investigation
called Operation Avalanche. Remember AVS sites? Back in the late 90s a lot of
porn sites required adult verification by way of credit card in order to
access the site. One of those sites was keyz.com.

keyz.com was the AVN provider for tens of thousands of porn sites. keyz would
handle the AVN procedure and then forward the user onto the porn host with a
secure token. keyz would take a 30% cut of the small fee and the porn provider
would get the rest.

The US Postal Inspector received a complaint about a website on the Internet
that was hosting child porn. The postal inspector engaged Microsoft to help
them in tracking down the site, and the company allocated engineers who were
volunteering on their own time as part of a charity contribution effort. The
Microsoft engineers found that the child porn site in question was hosted in
Indonesia, and there was nothing they could do about taking it down, but they
noticed that it was using the keyz.com AVN service to verify users and to
charge them for access.

keyz.com were based in Fort Worth, Texas, so they were within a jurisdiction
that the US Postal Inspector could investigate. The Postal Inspectors office
thus teamed up with the local Dallas Police Department and together with
Microsoft they investigated keyz.com.

keyz.com was a product from a company called Landslide Inc. which was run by a
husband and wife team based in the local area. The servers were collocated in
a local facility. The postal inspectors office, Dallas PD and Microsoft
presented everything they knew about keyz.com to the local DoD office and
received search warrants for all the servers and the offices and homes of
everybody associated with keyz.com/Landslide Inc.

The raids turned up internal evidence that the team at Landslide knew that
some of their affiliates were dealing with child pornography, but the husband
and wife refused to plead guilty (in exchange for 5 years in prison) on the
basis that they were in ready contact with the local FBI office reporting
affiliate sites they found that breached US laws. After a long and drawn out
court case, the husband received life in prison (100+ years on appeal, IIRC)
and the wife a similar long sentence, all for dealing in child pornography.

The authorities wrapped up all the server evidence they could find, customer
data, access logs, etc. and prepared more indicments for the users of the
service. It was ruled in an early court case that a name in a database alone
was not enough to convict a user in the USA on child pornography charges. The
Dallas PD then setup entrapment schemes using the old keyz.com database, where
with the servers under their control they would live monitor users based in
the USA accessing child pornography and only then arrest them. Around 100
people were arrested and sent to trial based on that investigation.

When all was done in the USA the investigators took all the data they had and
sent it to their colleagues in the UK. This is where things went really wrong.

Apparently the UK did not have the same stringent evidence requirements as the
USA for child pornography charges. What the UK operation did (this is
Operation Ore) was to take the entire database - customers and IP addresses,
and pull out anybody who was in the UK into a list. This included IP addresses
from access logs that simply viewed advertisements for the keyz.com AVS
system. It also included IP addresses in the logs for non-child porn sites.
This is how the UK police found themselves in possession of over 7,000 names
of 'suspected' child pornographers.

Since understand the technical details of how this system was setup we can see
where it went wrong. Instead of targeting the individual site that was serving
child porn, they instead gathered every single IP address and customer record
that had accessed any of the AVS ads or any of the AVS affiliates.

In early 2002 over 4000 homes were raided in the UK as part of Operation Ore,
all based on this flimsy US evidence. It destroyed lives all around the
country. In only a very very few cases were the arrests and charges backed up
with actual child pornography evidence. Celebrities were caught up, teachers,
scientists, doctors, you name it.

33 people who had been charged or arrested committed suicide in the time after
the raids. It was only found out a few years later, after a lawsuit was filed
by victims, that the data obtained from the USA was not only too broad, but
also contained a large number of stolen credit cards (there have been a
handful of verified cases now of suicides where the accused had his credit
card stolen). A lot of the cases were only settled in late 2008. Many of them
are still ongoing, as thousands of falsely accused have had to live their
lives under the shadow of being an accused or charged child pornographer.

In the civil trial on of the experts from the USA ended up testifying that the
UK police mishandled the data. The worse cases were those where an IP address
that had visited nothing more than a banner ad advertising the keyz.com site
on another website were raided, arrested and accused.

We shouldn't forget what happen in this case. There is an important lesson in
it for everybody. Child pornography is such a sensitive and provocative issue
that at times even the highest civil offices set aside their legal obligations
in order to pursuit accused child pornographers. If some of the most
sophisticated law enforcement in the world can get it wrong with all the
resources, subpoenas, warrants and wiretapping equipment they have on hand
then it isn't hard to imagine that a vigilante group of hackers on the
Internet could also get it wrong.

More info:

\+ <http://en.wikipedia.org/wiki/Operation_Ore>

\+
[http://en.wikipedia.org/wiki/Operation_Avalanche_(child_porn...](http://en.wikipedia.org/wiki/Operation_Avalanche_\(child_pornography_investigation\))

\+ "Operation Ore Exposed" - PCPRO -
[http://www.pcpro.co.uk/features/74690/operation-ore-
exposed/...](http://www.pcpro.co.uk/features/74690/operation-ore-
exposed/print)

\+ "Sex, Lies and No Videotape" (Part 2 of above, PC PRO) - [http://ore-
exposed.obu-investigators.com/PC%20Pro%20article%...](http://ore-exposed.obu-
investigators.com/PC%20Pro%20article%20June%202007%20.pdf) (1MB PDF)

------
mmagin
I don't understand why vigilante justice is perceived as necessary against
those who exchange child pornography. While it's something that most of
society finds disgusting, it seems like something that the proper law-
enforcement authorities are already very much interested in.

It feels as if it's the activity of a bunch of keyboard jockeys who want to
feel like "heros", but who don't want the more dangerous opponent of say,
organized crime or corrupt governments.

~~~
zxcdw
> I don't understand why vigilante justice is perceived as necessary against
> those who exchange child pornography.

What else do we have when it comes against Tor? Nothing, pretty much.

> It feels as if it's the activity of a bunch of keyboard jockeys who want to
> feel like "heros", but who don't want the more dangerous opponent of say,
> organized crime or corrupt governments.

It's far harder to actually expose corruption within a government in a way it
would produce any kind of results. I'd argue that in many cases even if you
would _know_ that something is corrupt, it's very hard to make it lead to
consequences. Look at corrupt countries and how much people can do about it.

------
chris_wot
Why were they posting 3,800 names of people with a foot fetish?

~~~
delinka
Pediatricians treat children. Podiatrists treat feet. Notice the first vowel
in each.

~~~
tzs
Yet a pedometer counts foot steps, not children. It's a weird language!

~~~
lovek323
This is what happens when we try to simplify the language. It should be
paedophile not pedophile and thus #opPaedoChat :)

------
jamescun
While I am on the fence about Anonymous going after darknet paedophiles, I
doubt this particular leak will come as any use. It's just a list of arbitrary
usernames which I highly doubt will be used in any other service by the same
person, making tying accounts to real identities difficult if not impossible.

~~~
ericb
If you look through, there are some moderately unique ones that are non-
perverse and so likely to be reused. As an experiment, I googled one of those,
and it looks like it was used in multiple services. There are always some
people who are lazy or careless. There are, unfortunately, also probably some
accidental name collisions, which will be unfortunate as vigilante justice is
fairly indiscriminate.

~~~
sbierwagen
Intentional name collisions ("mromney") and impossible-to-google names ("N",
"hat", "john") are fairly common on IRC for just this reason.

------
delinka
I guess it's time to take a random nick list from freenode and paste them
somewhere online with allusions to a nefarious channel.

I don't mean that's what has happened here, but that this event should be as
trustworthy as my proposition above.

------
samuel1604
i don't know if this list is real or not but that's remind me there is some
total sick people in this world...

------
drivebyacct2
This information is useless.

edit: Googling at least one of these brought up a Facebook account with the
exact same non-coincidental username. :/

