Everyone has had it happen to them: a "friend" sends you a link in IM or over IRC that purports to be something like a cat in an awkward position with a hilarious caption. Soon, however, you discover that the link wasn't to a lolcat at all; instead, you've been Rick Rolled—or even worse, sent to 2girls1cup (find it on your own, but be warned: it may scar you for life). These pranks are commonplace now, but be careful of what you click on and from whom. If that link points to anything even pretending to be child porn, that's enough evidence for the FBI of intent to download it. The authorities could then raid your home and possibly throw you in jail. No joke, it just takes one click and you're under intense suspicion.

Such is the case with Temple University doctoral student Roderick Vosburgh, who apparently clicked on an FBI-planted hyperlink somewhere on the Internet. The link pointed to a file on an FBI server that contained no porn, but logged the IP addresses of everyone attempting to access it. Vosburgh's IP was one of those, and the FBI came knockin' on his door early one morning, arrested him, and searched his home.

In fact, this didn't just happen to Vosburgh—the FBI has been using this click-and-be-owned tactic for a few years now, using logged IP addresses as a way to get warrants and charge people with intent to download child porn (a federal crime). The FBI has been planting links to these bogus files on message boards that are known to attract child predators, but even the log files don't take into account the referrer—any IP address that shows up is automatically assumed to be guilty, and assumed to be coming in from one of the FBI's planted links. This means that if your drunk friends think it's funny to IM you a link to something that turns out to be to the FBI's planted link, you could be in trouble.

Don't believe that's all it takes? The FBI admitted that there was apparently no evidence that Vosburgh had ever accessed the forum where the links were originally planted, according to court documents seen by Ars Technica. Vosburgh's attorney also pointed out that the affidavit that was used to charge Vosburgh provided no probable cause to believe that any criminal activity had taken place, that he was home at the time that the file was allegedly accessed, or even that there was a computer with an Internet connection in Vosburgh's apartment.

Vosburgh eventually went to trial and was convicted of clicking on an illegal link and possession of child porn due to two tiny thumbnails that the FBI believes depict underage females—this is despite the testimony from multiple computer experts saying that the cache was created automatically and Vosburgh had no idea how or where to find these thumbnails on his machine. He now faces sentencing on April 22 while his attorney attempts to have the verdict overturned. Vosburgh was caught trying to destroy a hard drive and a flash drive, however, and this surely didn't help his case.

Brilliant honey pot scheme or horribly flawed perversion of justice? The lack of other evidence pointing to this man's guilt places the onus of this man's conviction on the FBI's phishing practices, which from our point of view leave much to be desired.

Further reading: