Hacking for a good cause

Brad Willman was installing networking equipment out of an emergency van in British Columbia when a policeman showed up and asked for him. Willman knew the officer from a case he was involved with a couple of years earlier, so he didn't worry -- until he arrived at the police station and was introduced to a couple of U.S. cops.

The visit marked the end of Willman's version of vigilante justice.

A Trojan Horse Used For Good

It was 2000, and Willman was 19. He had spent the last few years surreptitiously distributing a Trojan horse program to more than 1,000 people to try to uncover child-porn activities. All told, Willman said his work sent around 70 people to prison.

But then Willman stumbled on a prominent California judge. He discovered that Ronald Kline, at the time a superior court judge in Orange County, had a big collection of child porn and a diary on his PC indicating he was planning to try to seduce young boys. The high-profile case put an end to Willman's career as a crime-fighter.

"Oh, I knew it was illegal," Willman said in a recent phone interview. "But I really didn't care. I felt if I'm helping a few people in the process, cool." Until Kline, Willman had managed to stay anonymous.

The Origins of the Program

Willman didn't initially set out to chase child pornographers. He started out developing a program designed to compete with pcAnywhere, Symantec's software that lets users access computers remotely.

But then, while discussing programming on various newsgroups, he had a conversation with a Canadian man who offered his six-year-old daughter to Willman.

"That was an awkward scenario," Willman says, putting it mildly.

Willman quickly contacted the police, who were able to prosecute the Edmonton man, he said.

"He's more or less what altered my mind from competing with pcAnywhere to making a Trojan to see who else is doing this," he said.

Willman used the work he'd already developed on the program to trick suspected pedophiles into unknowingly downloading the software so that he could get proof from their computers.

How Willman Used the Trojan Horse

Willman would visit child-porn newsgroups and post his program as a file that looked like it contained a photo. In order to avoid suspicion, Willman built in an additional feature. When the program launched without opening a photo, he designed it so that the first time it loaded it would display any photo from the directory to the user.

After someone downloaded the software, Willman could look through their files remotely for illicit documents or photos.Once he found damning information, he'd copy and share it with various child-porn watchdog groups, who could then pursue the perpetrators.

Everything changed when Kline downloaded the Trojan and Willman found damning evidence on the judge's computer.

Willman passed the information on to one of the watchdog groups as usual and figured that was that -- until the day the police showed up while he was at work.

The police from the U.S. told him that they found him through correspondence sent from his computer to one of the watchdog groups.