Saturday, February 17, 2007

School Lesson F Minus

Internet users who experience undesirable and seemingly neverending adware and spyware popups are heavily discussing the case of substitute teacher Julie Amero and her January conviction for reportedly putting children at risk by enabling popups on a school computer that showed pornographic images.

On Jan. 5, 2007, a Norwich jury found Amero guilty of four felony counts of "injury or risk of injury to, or impairing morals of, children." Each count carries a maximum sentence of 10 years and while it is unlikely that Amero will receive the maximum penalty, incarceration remains a very real possibility. Even if Amero avoids jail, she will be stripped of her teaching credentials unless the convictions are reversed...

What happened? Even with a wide array of second-hand information, articles direct from the substitute teacher's home state of Connecticut, tech-blogs and others focusing on the case, the full story is still unclear.

Make no mistake, this issue could turn out to be as massive an activist movement as computer experts questioning the integrity and security of electronic voting machines.

The blog.washingtonpost.com site references a request by George Danziger, noted as former technology coordinator for a Massachusetts school district, for the Governor, M. Jodi Rell, to issue a pardon for Julia Amero.

http://norwichbulletin.com/apps/pbcs.dll/article?AID=/20070116/OPINION03/701160316/1014/OPINION

Meanwhile, technology experts are mounting an attempt to prove how malware could have caused the havoc.

Security pros work to undo teacher's conviction
Robert Lemos, SecurityFocus 2007-02-02


Researchers led by the head of a Florida anti-spyware firm aim to recreate what caused a Connecticut school's classroom computer to start displaying pornographic pop-ups in October 2004, an incident that recently led to four felony convictions for the substitute teacher involved...

Alex Eckelberry, president of anti-spyware firm Sunbelt Software, hopes to put the case to rest. Armed with an image of the disk from the Windows 98 SE computer, the technology expert put out a call to interested security researchers and assigned his own workers to the case.

"We have had huge offerings of support from the security community," Eckelberry said this week. "Other experts in the forensics community--and these are not small players--have come to us and offered to help."...

http://www.securityfocus.com/news/11440


See Eckelberry's letter-to-the-editor

Column: Teacher in porn case victim of own ignorance
By ALEX ECKELBERRY
For the Norwich Bulletin


In response to your editorial "Reason needed in teacher porn case sentencing," I can only say I am shocked and dismayed at what is such a clear miscarriage of justice.

There is no question in my mind, and those of many other experts in the computing community, Julie Amero is innocent of the charges, and should not be imprisoned for one day, much less 40 years...

http://www.norwichbulletin.com/apps/pbcs.dll/article?AID=/20070120/OPINION/701200303/1014

Back and forths on blogs are somewhat helpful in piecing together details, such as this article and responses to it: More Details Emerge in the Julie Amero Case

http://www.pbs.org/teachersource/learning.now/2007/02/more_details_emerge_in_the_jul.html#comment-7476

Still, what we need are the actual transcripts and a timeline of what specific websites were accessed by "somebody" as yet unclear, that morning, and for how long?

According to Landesman's articles, Amero's defense team originally suggested the students had access to the computer, then the team altered their approach, suggesting existing spyware and adware.

In another article, the defense's expert witness, Horner, implies students were involved because one of the visited sites was Crayola.

We all know the only object of the defense is to cast doubt, as the jury must convict unless there is reasonable doubt, and whatever doubt - no matter how tiny or bizarre - that sticks in the minds of the jury is enough.

As we've pieced together, Julie Amero admitted to asking permission to use the school computer to email her husband. That raises questions. Was Amero only going to use the computer for five-minutes or so? How long did Amero take to email? Was there an investigation of the family home computer or the husband's office computer to determine whether an email had been sent and received? What time was the email sent? What were the contents of the email?

AP article references the email request by Amero.

http://news.aol.com/topnews/articles/_a/teachers-porn-conviction-sparks-debate/n20070213160009990009

Questions remain: What has an investigation of Amero's home computer shown? Did Amero ever visit the sites shown as visited on the school computer on her personal computer at home?

Remaining as questions: What time did the class actually start? Did the user continue to surf after the popups occurred? Was the computer used during class-time? How long was the computer used? How long did an email take to draft and send?

Supporters of Amero relay the woman was unfamiliar with computers. That may be so. If it was, however, why did she have a seemingly emergency need to use the school computer for emailing her husband? Why not just call him on the phone in a shorter amount of time than it would take to fumble with accessing an email account?

We have a suspicious mind all around.

It may be that Julie Amero is innocent. Questions remain about how the prosecution conducted the case. That is always a bad thing when a citizen's rights and privileges, possibly even their life, is taken away from them. If there is exculpatory evidence in the Julie Amero case that should be revealed before her sentence is carried out, not 20 years later.

For instance, why didn't the police investigation include a review of the computer for adware, spyware, malware which may have already existed on the computer?

If it is as the AlterNet article states, the issue of malware attack wasn't raised by the defense during pretrial... that doesn't bode well for the prosecution.

Why didn't the police check for malicious software? According to prosecutor David Smith, the police didn't check for malware because the defense didn't raise the possibility of a malware attack during the pretrial phase, as required by law. Defense attorney Cocheo could not be reached for comment as of press time...

AlterNet blogger does a followup:

Porno popup case makes national news
Posted by Lindsay Beyerstein on February 14, 2007 at 11:07 AM.


On January 19, AlterNet brought you the story of Julie Amero, a substitute teacher from Norwich, Connecticut who faces up to 40 years in jail because a malware-infested PC in her classroom spewed pornographic popups at her 7th grade language arts class.

Defense experts who analyzed the hard drive found that the computer had been automatically redirected to the pornographic websites because a user had inadvertently downloaded a piece of malicious software from an innocent hairdressing site. Because of a variety of procedural missteps the jury never heard the evidence that exculpated Amero...

http://alternet.org/bloggers/lindsay/archive/?y=2007&m=2


Detective Mark Lounsbury is reported as responding on other websites, in part, but not in full until sentencing of Julia Amero.

The Strange Case of Ms. Julie Amero: Commentary by Detective Mark Lounsbury

http://www.networkperformancedaily.com/2007/01/the_strange_case_of_ms_julie_a_3.html

Friday, February 16, 2007 8:27 AM PT Posted by Steve Bass
Detective Speaks Out in Teacher Porn Case


http://blogs.pcworld.com/tipsandtweaks/archives/003745.html

According to Teacher's Porn Conviction Sparks Debate By JOHN CHRISTOFFERSEN AP

Julie Amero says that before her class started, a teacher allowed her to e-mail her husband. She says she used the computer and went to the bathroom, returning to find the permanent teacher gone and two students viewing a Web site on hair styles.

Amero says she chased the students away and started class. But later, she says, pornographic images started popping up on the computer screen by themselves. She says she tried to click the images off, but they kept returning, and she was under strict orders not to shut the computer off...

http://news.aol.com/topnews/articles/_a/teachers-porn-conviction-sparks-debate/n20070213160009990009


On Oct. 19, someone did an online job search shortly after 8:00 a.m., activating several different malware apps. At approximately 8:15 a.m., someone accessed www.hair-styles.org, Horner suspects student involvement, in part because the next visit was to Crayola's homepage. Over the next several minutes, still more malware came alive, most likely triggered by the hair site.

The user kept surfing, and by this point, "crap was pouring into the computer at the speed of electricity," Horner said. The real point of no return was when the computer received a huge porn-filled Java file. From that point on, the machine was locked in an endless porn loop.

Note that Amero's class started around 9 a.m. Neither the prosecutor nor detective Lounsbury was able to tell AlterNet whether the room had been locked before class, or exactly what time Amero sat down at her desk...

http://www.alternet.org/rights/46925/


Horner alleges the sites were visited by a student or students, and part of his backing for this is that a Crayola site was also visited.

Meanwhile, one commentator Landesman poses that Amero's defense originally suggested the students had access to the computer then the defense presented the case for the adware and spyware...

From Mary Landesman,
Your Guide to Antivirus Software.
FREE Newsletter. Sign Up Now!
Julie Amero: Adware Victim or Porn Surfer?


http://antivirus.about.com/b/a/257791.htm

Julie Amero Case About Law, Not Adware
From Mary Landesman,
Your Guide to Antivirus Software.
FREE Newsletter. Sign Up Now!
January 16, 2006


http://antivirus.about.com/od/spywareandadware/a/julieamero.htm

Norwich forum discussions

http://forums.norwichbulletin.com/viewtopic.php?t=4474&postdays=0&postorder=asc&start=15&sid=3314272454732863209394ff23e88087

http://forums.norwichbulletin.com/viewtopic.php?p=11048&sid=4070d27e8e93810329f4a7a3b5858ca0

According to AlterNet's Questionable Conviction of Connecticut Teacher in Pop-up Porn Case By Lindsay Beyerstein and AOL'sand the machine was never scanned for spyware by the investigating authorities.

Teacher Faces Jail Over Pornography on Class Computer

Last month, Ms. Amero was convicted in Norwich Superior Court of four counts of risking injury to a child and faces up to 40 years in prison at a sentencing hearing scheduled for March 2. She has insisted on her innocence, refusing to accept a plea bargain that would have allowed her to walk free. She portrays herself as a hapless technophobe too clueless to unplug a wayward computer.

Ms. Amero, 40, a longtime substitute, contends that when she arrived that day in October 2004, she asked the regular seventh-grade language arts teacher at Kelly Middle School if she could use his computer to e-mail her husband. But first, she says, she went to the bathroom, and when she returned, the teacher was gone and students were gathered around the screen, watching a hairstyle Web site.

When she tried to close the site, what she got was an endless barrage of pop-up ads for pornography sites. The images continued all day, since “I absolutely have no clue about computers,” she said in an interview...

http://www.nytimes.com/2007/02/14/nyregion/14teacher.html?bl=&ei=5087%0A&en=2da1ff6773152612&ex=1171688400&pagewanted=all

Updated:2007-02-13 17:06:42
Teacher's Porn Conviction Sparks Debate
By JOHN CHRISTOFFERSEN


...Amero and her supporters say the old computer lacked firewall or antispyware protections to prevent inappropriate pop-ups.

"What is extraordinary is the prosecution admitted there was no search made for spyware - an incredible blunder akin to not checking for fingerprints at a crime scene," Alex Eckelberry, president of a Florida software company, wrote recently in the local newspaper. "When a pop-up occurs on a computer, it will get shown as a visited Web site, and no 'physical click' is necessary." ...

http://news.aol.com/topnews/articles/_a/teachers-porn-conviction-sparks-debate/n20070213160009990009



Porn-surfing teacher: Spyware made me do it!
By Preston Gralla on Fri, 01/12/2007 - 12:30pm


http://www.computerworld.com/blogs/node/4346

Was porn-surfing teacher wrongly found guilty?
By Preston Gralla on Mon, 01/15/2007 - 9:46pm

I wrote last week about a teacher found guilty of surfing porn sites in the front of a class of seventh graders -- and I said that justice was served. But based on the many dozens of comments I got, it looks as if I may have been wrong, and her PC may have been infested with spyware. If that's true, she was railroaded, and she should not have been found guilty.

http://www.computerworld.com/blogs/node/4358


Substitute teacher convicted in school computer porn case
January 9, 2007


NORWICH, Conn. --A substitute teacher in the Norwich school system is facing up to 40 years in prison after being convicted of exposing students to pornography on a computer at the school.

http://www.boston.com/news/local/connecticut/articles/2007/01/09/substitute_teacher_convicted_in_school_computer_porn_case/

Teacher guilty in Norwich porn case
By GREG SMITH
Norwich Bulletin


NORWICH -- State Prosecutor David Smith said he wondered why Julie Amero didn't just pull the plug on her classroom computer.

The six-person jury Friday may have been wondering the same thing when they convicted Amero, 40, of Windham of four counts of risk of injury to a minor, or impairing the morals of a child. It took them less than two hours to decide the verdict. She faces a sentence of up to 40 years in prison.

http://www.norwichbulletin.com/apps/pbcs.dll/article?AID=/20070106/NEWS01/701060312/1002/NEWS17

Questionable Conviction of Connecticut Teacher in Pop-up Porn Case
By Lindsay Beyerstein, AlterNet. Posted January 19, 2007.


When lax cybersecurity meets anti-porn hysteria, an innocent computer infection can land you in jail. Just ask Julie Amero, a 40-year old substitute teacher who maintains she's a victim of a malicious software infestation that caused her computer to spawn porn uncontrollably.

Julie Amero, a 40-year-old substitute teacher from Connecticut is facing up to 40 years in prison for exposing her seventh grade class to a cascade of pornographic imagery. Amero maintains that she is a victim of a malicious software infestation that caused her computer to spawn porn uncontrollably.

Adware, spyware and other infectious software are known hazards to security and privacy -- and when lax cybersecurity meets anti-porn hysteria, a mailware infection can even land you in jail. Malicious coders are getting more sophisticated all the time, but law enforcement and the criminal justice system aren't keeping up. A criminal conviction can hang on the difference between a deliberate mouse click and an involuntary redirect on an infested computer. Too often, even so-called experts can't tell the difference.

On the morning of Oct. 19, 2004, Julie Amero's life changed forever when pornographic ads flooded her web browser during a class. According to the prosecuting attorney, David Smith, Amero's computer began displaying images of naked men and women, couples performing sexual acts, and "bodily fluids."

Chances are, these kids had seen porn pop-ups before. Family Safe Media estimates that boys 12 to 17 consume more internet porn than any other group. The adults at Kelly Middle School, however, were shocked and scandalized. The next week, the school sent home a notice telling parents why Amero would never teach in the district again. She was arrested shortly thereafter and charged with multiple felonies.

At trial, six of Amero's former students testified that they saw pornographic images on her monitor, either from their seats, or when they came up to her desk. One student told the court that Amero pushed his face away from the screen when she saw him looking at the racy ads...

...Lounsbury told the court that Amero musts have "physically clicked" on pornographic links during class time in order to unleash the pornographic pictures. However, he admitted under cross-examination that the prosecution never even checked the computer for malware.

Why didn't the police check for malicious software? According to prosecutor David Smith, the police didn't check for malware because the defense didn't raise the possibility of a malware attack during the pretrial phase, as required by law. Defense attorney Cocheo could not be reached for comment as of press time.

Herb Horner, the proprietor of the consulting firm Contemporary Computing Consultants, testified as an expert witness for the defense. His exhaustive independent forensic analysis of Amero's hard drive showed that the machine had been infected with multiple pieces of malicious software before she arrived at the school, and that these hidden programs were responsible for the pornographic deluge.

Horner arrived in court with two laptops filled with the voluminous records of his investigation. However, the judge only let him present two slides. Prosecutor Smith objected because his team hadn't been previously informed about the malware defense.

On Jan. 5, 2007, a Norwich jury found Amero guilty of four felony counts of "injury or risk of injury to, or impairing morals of, children." Each count carries a maximum sentence of 10 years and while it is unlikely that Amero will receive the maximum penalty, incarceration remains a very real possibility. Even if Amero avoids jail, she will be stripped of her teaching credentials unless the convictions are reversed.

News of the guilty verdict sparked widespread outrage, particularly in the IT community. How could a 40-year-old woman with no prior criminal record be facing such serious charges over a few pop-up ads?

"The fact that the machine was never scanned for spyware by the investigating authorities is outrageous. In fact, this alone should have resulted in the case being dismissed, as the defense found a major spyware infection by their expert forensic evidence," wrote Alex Eckelberry, the president of Sunbelt Software, a Florida-based firm that makes anti-spyware products...

http://www.alternet.org/rights/46925/


Guilty: The School or the Teacher?
Friday, January 26, 2007 6:07 AM PT Posted by Steve Bass


http://blogs.pcworld.com/tipsandtweaks/archives/003623.html

40 Years for Porn Infected PC


http://blogs.pcworld.com/tipsandtweaks/archives/003623.html

Julie Amero’s “Twinkie Defense?”
by Lockergnome on February 1, 2007 at 12:45 pm

http://www.lockergnome.com/nexus/news/category/feedback/


An investigation worth noting:

http://authentium.blogspot.com/2007/01/connecticuts-pursuit-of-folly.html

More Details Emerge in the Julie Amero Case
by Andy Carvin, 3:51PM


Ever since substitute teacher Julie Amero was convicted last month of exposing her students to pornography on her classroom computer, bloggers have been debating who’s to blame, with most siding with her. Now, a published interview with a tech consultant who analyzed the Internet user logs for the day of the incident raises some difficult questions about potential failures of the school’s IT department.

http://www.pbs.org/teachersource/learning.now/2007/02/more_details_emerge_in_the_jul.html

February 1st, 2007
report written by computer forensic specialist W. Herbert Horner, the expert witness who testified in Amero’s defense


http://thegreatfaisal.wordpress.com/

Discussion

http://www.pbs.org/teachersource/learning.now/2007/02/more_details_emerge_in_the_jul.html

Existing law addresses current requirements schools must comply with concerning filtering unwanted material.

Site discusses schools and federal legislation regarding computers and internet.

http://www.pbs.org/teachersource/learning.now/2006/05/new_federal_legislation_would_1.html


Technorati Cosmos: other blogs commenting on this post

2 comments:

Tag(Carpet)Bagger said...

What a bizzare blog

Net the Truth Online said...

Implying all is not as it appears to be?