In order to monitor the sex offender’s allowable computer activity, the parole officer had installed a piece of “spyware” software on the computer. Spyware is a type of malware or software that is installed on a computer to collect information about a user’s computer activity.

In this case, the particular monitoring software is a program that records every detail of what the sex offender does on the computer — chats, instant messages, e-mails, the Web sites visited, what he searches for, what he does on social networking sites, the pictures he posts and views, the keystrokes he types, the programs he runs and much more.

The software can be programmed by a parole officer to send daily computer activity reports complete with screen snapshots back to the parole officer to review for violations of the parole order. Typically, many of the states require that the computer belonging to sex offender parolees and registered sex offenders be monitored for Internet activity.

The polygraph examination was required as the sex offender claimed he had “accidentally” uninstalled or removed the monitoring from his computer. Once the “accidental deletion” was identified by the parole officer on a home visit to the sex offender’s residence, the parole officer requested that the sex offender be polygraphed to determine other possible parole violations. The polygraph operator contacted me to ask for some technological insight into sex offender computer activity.

The issues

Child molesters are extremely talented, not with only utilizing technology in the sexual exploitation of children, but they also have the interpersonal skills to justify or explain almost anything. A child sex offender would predictably explain the deletion of monitoring software as an “accident.” In fact, I have many sex offenders confess to having sex with a child explaining, with a straight face, that it was an “accident.”

First, one cannot accidentally uninstall a program like the one referenced in this case study. One may accidentally delete the desktop shortcut, but the program will still be installed and running. To uninstall any program completely from your computer requires a multi-step process with warnings. The most common removal tactic to uninstall such monitoring software is by using the “Add/Remove Programs” Windows utility. However, because there may still be hidden files, it is possible that the monitoring software will actually reappear on the computer after the reboot process.

More importantly, as I reviewed the sex offender’s computer activity report, I noticed that in addition to obvious porn sites with addresses such as “dirty angels” and “girl models,” there were several Web site addresses on the report such as “proxyjoy.com” and “proxyboost.info” that utilized anonymous proxy servers in order to access the Internet.

A proxy server is an application process or a relay that goes between Internet requests from a user’s computer and various Internet sites. The sex offender connects first to a free or pay proxy server before connecting to a parole-prohibited Web site. The reason one uses a proxy server is that when one surfs the Internet one leaves a record of the Internet protocol (IP) address. By utilizing a proxy, the proxy server’s IP address is visible while the sex offenders IP is kept invisible and private.

An anonymous proxy server, sometimes called a Web proxy, typically allows one to surreptitiously surf prohibited Internet sites. One of the more common variations is the open proxy. Because the open proxies are typically difficult to track, they are especially useful to child molesters and registered sex offenders who are seeking online anonymity and wish to conceal their IP address. When one is using a proxy server, the Web site requests are not anonymous to the proxy server itself. Because of that, some degree of trust must be involved between the proxy server and the anonymous user.

Protecting young people

Just as child molesters can use proxy servers to surf the Web, knowledgeable adults, teens and children can do the same thing. What this means is that if one examined the Internet history on a computer that was using an anonymous proxy server one would only see the address for the proxy server Web site and not prohibited Web sites.

Proxy servers are also able to get beyond firewalls. Oftentimes, schools have blocking programs in place that will block social networking or chat Web sites. Students are blocked from these sites because the school computer server has placed bans on the uniform resource locator (URL) or Web addresses of those specific sites.

Unfortunately, these bans can be easily circumvented. When one goes to these sites using a proxy server, the school computer server only sees repeated visits to the proxy Web site and not to the blocked sites. A student is able to go to a proxy server site, and surf all of the sites he or she wishes regardless that the school has censored them. In some cases, the server administrator or a teacher may still be able to monitor what the student has been doing, but there is a good chance the student will not be caught. For this reason, schools and workplaces must have a written Internet policy in place that bans the use of anonymous proxy servers in order to surf the Web.