You too can help catch a MySpace pedophile

[MrBishop]

By Kevin Poulsen| Also by this reporter
02:00 AM Oct, 20, 2006

Six months ago, Wired News launched an investigation of MySpace with the goal of comparing the company's 120 million user profiles against public sex offender registries to see how many matches we could find.

The project began when Wired News contributor Jenn Shreve found a handful of matches based on a random search. How many would you find with a software script that systematically went through those records and compared them all?

We decided to find out. I wrote a series of Perl scripts and began sifting the data.

The technique was crude, like searching for a needle in a haystack. When I began checking ostensible matches by hand, false positives registered in the thousands.

Nevertheless, after several weeks of part-time work on the project, I was led to one suspect whose behavior was so disturbing I contacted New York's Suffolk County Police Department for comment. The suspect, Andrew Lubrano, was arrested earlier this month on attempted child endangerment charges.

Some 700 other matches were also confirmed, though none of those individuals could be linked by public MySpace posts to actual evidence of wrongdoing.

Today, Wired News is releasing the code used in this investigation (click here to download the gzip file). Anyone is free to take the software, look at it, validate (or invalidate) the methodology, discuss, tinker and improve the code.

We're releasing this code completely and utterly unsupported, under a BSD license. We'll happily link to open-source development efforts that pick it up for adoption, if notified.

Warning: These scripts were developed for a one-off project and all admittedly could use a thorough scrubbing.

It's also worth noting what this code is not.

It's a long one...and even includes the code

 

[Professur]

And enter the privacy advocates, and the whiners about entrapment.

 

[MrBishop]

And enter the privacy advocates, and the whiners about entrapment.

MySpace is a 'public' board (anyone can read anything posted on there..including the police), and self-incrimination doesn't equal entrapment..much like a pedo hanging around a pre-school and being caught there. S/he didn't get dragged to the school.

Too bad, so sad...next time use a private medium like email.

 

[Professur]

Hey, don't shoot me. I'm all for using every dirty trick in the book to nail these bastards to the wall .... with big rusty spikes.


Just so long as you get the right guys.

false positives registered in the thousands.

And he just handed the code to anyone who wants to play vigilante this weekend.

 

[SouthernN'Proud]

And enter the privacy advocates, and the whiners about entrapment.

1. Anyone who posts anything on the internet with the expectation of anonymity/privacy is deluded. Deluded is no excuse under the law.

2. Posting information on the internet is voluntary. Hence, entrapment is not an applicable concern as the party in question freely and voluntarily acted of their own free will. Hardly entrapment by any definition.

3. What it IS, is personal responsibility, which seems to have died shortly after common sense died. Culpability for one's voluntary actions is a cornerstone of our judicial system. Ideally.

CONCLUSION: IF one is a perverted sick twisted baby raping scumbag, one should not expect pity from the populace if/when one decides to troll for minors online and gets busted.

 

[Professur]

And if you just happen to live in the same area as a pedo ... with a similar name ....?

 

[SouthernN'Proud]

It's called an IP address.

 

[Professur]

And? The code compiles names, and locals. From that ... it's a short step to the phone book and home addresses.

 

[SouthernN'Proud]

Assuming one is listed in the phone book of course.

I wouldn't worry one iota. Any law enforcement officer on the planet may scour my hard drive anytime they like. I've nothing to hide. I wager the neighborhood baby raper can't say the same.

 

[Professur]

You're not paying attention, SnP. That code isn't in the hands of law enforcement. It's in the wild, where any jerkoff can get it and use it.



Not to mention that the very same code can, by it's very nature, be reversed to search out the children the author initially set out to protect.

 

[SouthernN'Proud]

Perhaps. I never claimed to be a computer guru though, and the article itself plainly states that the code is NOT for weekend warriors.

And if said weekend vigilante did run the code, and did find a similar name to mine in the general vicinity, who is going to be responsible for making something happen...a computer hack or a cop? And once my machine is scoured, I'm off the hook. OTC is about the most adult site I ever visit after all. My web browsing consists of maybe a dozen sites these days, nothing more nefarious than ebay or dixie outfitters or youse guys. So no District Attorney is gonna prosecute me for this place.

Now, if said vigilante tries to also become a morality cop and begin harassing me, THEN I got their nuts nailed to the wall on a criminal charge, and THAT will be prosecuted, so again, negative perspiration from my end.

And while I readily admit my ignorance of technology stuff, I seem to recall various statements made to a former troll here who spread pedophillic horseshit on the forum about capturing IP addresses and reporting to local law enforcement. If I am not on MySpace, but some schmuck 10 miles away with a name similar to mine has been, again I ask why would I worry? It's his IP address, not mine. Either that shit is tracable or it ain't.

 

[Gonz]

MySpace is a pedophiles Wal-Mart...everything they want, cheap & easy.

 

[rrfield]

per ip addresses : home isp accounts - dialup, cable, dsl - have the potential to change at any given moment. if said child-fucker is using the same isp as "you", then there is a remote chance that during time period X child-fucker had ip address 1.2.3.4, then during time period Y, "you" had ip address 1.2.3.4. some isp's have shorter dhcp leases than others (when i was on cable, my ip address didnt change for 2 years once, on dsl mine changes weekly). with dial-up, the ip address is likely to be different every new session.

 

[Inkara1]

Doesn't the ISP have to keep track of which account had which IP at which time, though?

 

[rrfield]

this is off the top of my head - but i think they only HAVE to keep track of ip addresses when presented with a warrant. i could be wrong though.

 

[Inkara1]

So they don't have to keep track of them all the time so that they have them to hand over when presented with a warrant?

 

[rrfield]

remember, most of the laws dealing with this junk are from the analog telephone wiretapping days. phone companies didn't used to keep records of local calls since there was/is no toll, until a warrant was presented.