If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
40 years for SPYWARE
http://sunbeltblog.blogspot.com/2007...ulie-amero-is-
guilty.html Friday, January 12, 2007 Computerworld: Julie Amero is guilty, guilty, guilty! Justice prevails! You'll recall the case of Julie Amero, the hapless substitute teacher who has been convicted for a porn spyware infestation on a classroom computer and is now facing up to 40 years in prison (sentencing is on March 2). The tech community has, for the most part, been quite supportive of Ms. Amero (some comment storms here and here). It's deservedly become a cause celebre. However, ComputerWorld blogger Preston Gralla feels quite differently. In a posting today, he crows that "justice prevails": Lawyers have come up with some novel defenses over the years, including the "Twinkie defense" in which a lawyer argued that defendant Dan White's eating of Twinkies and drinking Coca-Cola proved that he was depressed, and so not responsible for his actions in murdering San Francisco Mayor George Moscone and Supervisor Harvey Milk in 1978. The defense was partially successful; White was convicted of voluntary manslaughter rather than murder. Luckily, it seems as if the spyware-made-me-do-it defense doesn't cut it in court. For once, justice prevails. Link here. http://www.computerworld.com/blogs/node/4346 Preston makes a clever twist, mixing an obvious abuse of the court system (the twinkie defense) with an arguably legitimate defense (spyware), an argument ignored by an apparently computer-illiterate court (and the defense lawyer admitted to me today that he also is computer illiterate). There is abuse in our justice system, with incessant victimization which attempt to remove responsibility from the perpetrator. However, we also suffer from a system of mores where armchair jurisprudence creates instant "conclusions" and damnation of the convicted, often based on emotional reaction, rather than a review of the evidence. Having personally witnessed first-hand a genuine miscarriage of justice, I tend to be a bit more cautious in my conclusions. As surprising as it may sound to some, not everyone indicted or convicted is guilty. Some are actually innocent. In fact, this case shows that the evidence is not in favor of the "justice prevails" argument, but quite the opposite. My response to Preston: Justice? No, the evidence to hand actually points to a miscarriage of justice. This case is so wrong on so many levels. Julie Amero is looking at 40 YEARS in prison. For a spyware infestation. Every available piece of evidence known to the public indicates that that Ms. Amero is quite likely _innocent_ of the charges. The defense contends this was a case of spyware on the school machine - a barrage of popups. And from what we know of the case, it certainly looks like it was (if you want to see what a porn spyware infestation actually looks like, Ben Edelman shows it he http:// www.benedelman.org/news/062206-1.html -- it's quite a real problem). According to one article, "Computer expert W. Herbert Horner, who performed a forensic examination of the computer for the defense, said Amero may have been redirected to the sexually-oriented sites through a hairstyling site accessed from the computer. He said the site allowed spyware to be downloaded onto the computer which allowed the pop-ups." The detective in the investigation "admitted there was no search made for adware, which can generate pop-up advertisements". It's incredible that they never even _checked_ for spyware. The court actions of the case were flawed as well. For example, one source reports that the Trial Judge, Hillary Strackbein, "was seen falling asleep during proceedings and made comments to the jury that she wanted the case over by the end of the week. It was also reported that Judge Strackbein attempted to pressure the defense into an unwanted plea deal, in place of a trial. The defense attorney for Amero, moved for a mistrial shortly before closing arguments Friday, based on reports that jurors had discussed the case at a local restaurant." Finally, note that the school didn't even have active content filtering in place (not that it would have probably made a difference). The fact that there were pornographic images on the computer means nothing, because whenever a popup launches, the images in the popup are stored on the computer. The fact that the logs indicated that she "visited" the sites also means nothing, since when the porn popups come through, they get logged as well. The fact that the machine was never scanned for spyware by the investigating authorities is outrageous. In fact, this alone should have resulted in the case being dismissed, as the defense found a major spyware infection by their expert forensic evidence. Was justice done here? A bad spyware infestation can splatter a machine full of porn popups and it's a bit unnerving to think that a teacher could get hard prison time for something that was likely to have been completely innocent. We need far more evidence than what is available to come to the conclusion that "justice was done". In fact, all the available evidence shows quite the opposite -- that this might just be a grave miscarriage of justice. If you feel the same, post a comment on Preston's blog. And, if you're wondering what a porno-spawning spyware infestation looks like, here's some examples from Harvard researcher Ben Edelman: http://www.benedelman.org/news/062206-1.html I also should note that in a conversation with the defense attorney today, he did tell me that his computer experts were not able to provide all the evidence in court. For the appeals process, we have made our own experts available to the defense on a pro-bono basis for any analysis of the infected machine. Alex Eckelberry http://sunbeltblog.blogspot.com/2007...n-julie-amero- case.html Friday, January 19, 2007 Update on Julie Amero case More information is coming out about the trial, and it's clear that we have a miscarriage of justice here. I hope to write more today or over the weekend as to some of the new information (short on time right now). However, Altnernet just posted an article which explains a lot more about this case. It's generally accurate, based on the research I've been doing: When lax cybersecurity meets anti-porn hysteria, an innocent computer infection can land you in jail. Just ask Julie Amero, a 40-year old substitute teacher who maintains she's a victim of a malicious software infestation that caused her computer to spawn porn uncontrollably. Alternet also spoke to the defense's forensic expert, Herb Horner. I've spoken with Herb as well, and he's a good guy and is absolutely devastated by what happened. He's quoted in the article: "This whole trial was so unfair," Horner said. "When Julie was convicted, I went home that night. I was eating dinner, and I started crying. I just cried my eyes out. This was a total travesty of justice." He's right. Alternet link here. http://www.alternet.org/rights/46925/ Alex Eckelberry http://www.alternet.org/rights/46925/ Questionable Conviction of Connecticut Teacher in Pop-up Porn Case By Lindsay Beyerstein, AlterNet Posted on January 19, 2007, Printed on January 28, 2007 http://www.alternet.org/story/46925/ Julie Amero, a 40-year-old substitute teacher from Connecticut is facing up to 40 years in prison for exposing her seventh grade class to a cascade of pornographic imagery. Amero maintains that she is a victim of a malicious software infestation that caused her computer to spawn porn uncontrollably. Adware, spyware and other infectious software are known hazards to security and privacy -- and when lax cybersecurity meets anti-porn hysteria, a mailware infection can even land you in jail. Malicious coders are getting more sophisticated all the time, but law enforcement and the criminal justice system aren't keeping up. A criminal conviction can hang on the difference between a deliberate mouse click and an involuntary redirect on an infested computer. Too often, even so-called experts can't tell the difference. On the morning of Oct. 19, 2004, Julie Amero's life changed forever when pornographic ads flooded her web browser during a class. According to the prosecuting attorney, David Smith, Amero's computer began displaying images of naked men and women, couples performing sexual acts, and "bodily fluids." Chances are, these kids had seen porn pop-ups before. Family Safe Media estimates that boys 12 to 17 consume more internet porn than any other group. The adults at Kelly Middle School, however, were shocked and scandalized. The next week, the school sent home a notice telling parents why Amero would never teach in the district again. She was arrested shortly thereafter and charged with multiple felonies. At trial, six of Amero's former students testified that they saw pornographic images on her monitor, either from their seats, or when they came up to her desk. One student told the court that Amero pushed his face away from the screen when she saw him looking at the racy ads. Millions of PCs worldwide are infected with some form of malicious software. An internal Microsoft report found that four million Windows machines were infected with some form of malicious software ("malware") in mid-2006. Spyware, adware, worms and viruses are parasitic programs that can hijack web browsers, launch unsolicited pornographic ads, and even report the inner workings of a computer to a remote observer. Users routinely download these programs without realizing they've been infected. Amero's attorney, John F. Cocheo, argued that malware was responsible for the pornographic images, not his client. Detective Mark Lounsbury, a computer crimes officer at the Norwich Police Department testified as an expert witness for the prosecution. He maintained that Amero was intentionally surfing for pornography while her seventh grade class busied itself with language arts. Lounsbury told the court that Amero musts have "physically clicked" on pornographic links during class time in order to unleash the pornographic pictures. However, he admitted under cross-examination that the prosecution never even checked the computer for malware. Why didn't the police check for malicious software? According to prosecutor David Smith, the police didn't check for malware because the defense didn't raise the possibility of a malware attack during the pretrial phase, as required by law. Defense attorney Cocheo could not be reached for comment as of press time. Herb Horner, the proprietor of the consulting firm Contemporary Computing Consultants, testified as an expert witness for the defense. His exhaustive independent forensic analysis of Amero's hard drive showed that the machine had been infected with multiple pieces of malicious software before she arrived at the school, and that these hidden programs were responsible for the pornographic deluge. Horner arrived in court with two laptops filled with the voluminous records of his investigation. However, the judge only let him present two slides. Prosecutor Smith objected because his team hadn't been previously informed about the malware defense. On Jan. 5, 2007, a Norwich jury found Amero guilty of four felony counts of "injury or risk of injury to, or impairing morals of, children." Each count carries a maximum sentence of 10 years and while it is unlikely that Amero will receive the maximum penalty, incarceration remains a very real possibility. Even if Amero avoids jail, she will be stripped of her teaching credentials unless the convictions are reversed. News of the guilty verdict sparked widespread outrage, particularly in the IT community. How could a 40-year-old woman with no prior criminal record be facing such serious charges over a few pop-up ads? "The fact that the machine was never scanned for spyware by the investigating authorities is outrageous. In fact, this alone should have resulted in the case being dismissed, as the defense found a major spyware infection by their expert forensic evidence," wrote Alex Eckelberry, the president of Sunbelt Software, a Florida-based firm that makes anti-spyware products. In fairness, nobody involved with the case seems happy about the outcome, either. Since the verdict, the Norwich Police Department has been bombarded with irate calls and emails from readers who accusing them of railroading an innocent person. "We're getting pretty much everything short of death threats," detective Lounsbury said. "I'm getting thrashed," People read a news article, and they think they know what's going on, but they're missing 99 percent of it." According to Lounsbury, some of parents whose children were exposed to the porn demanded an aggressive police response. "You know what people need to understand?" Lounsbury continued. "These were 12-year-olds. They reported [the porn] to their teachers, the teachers went to the administrators who brought the complaints to the network administrators. Of course, the kids told their parents. Complaints were lodged with the police. This isn't China. This isn't North Korea ... we're not Big Brother." In the end, Amero's fate hinged on the dueling opinions of the two expert witnesses. Unfortunately, the legal system was ill-equipped to weigh their respective opinions. The witness for the prosecution is a police officer who has to follow a very simple investigative algorithm. By all accounts, he executed his duties faithfully. Unfortunately, those responsible for evaluating his reports weren't sufficiently tech-savvy to place his findings in the proper context. ComputerCOP Pro, the software the police used to audit Amero's computer, is an automated user-friendly tool search tool designed for routine monitoring. It is not designed to definitively distinguish between user-generated clicks and the effects of malware. Furthermore, the defense's expert witness was not allowed to share with the jury more of the evidence he had amassed. Herb Horner has 40 years of experience as a software engineer and an IT consultant. Over the past few decades, Horner has traveled the world to investigate computer glitches. His clients include a Swiss bank, a major airline and a national chain of hardware stores. "I like to get to the bottom of things," Horner told AlterNet. "If there's a plane crash, I say don't just bury the bodies and take the trash to the dump. Find out what happened." If the defense had told the prosecution about Horner's findings earlier, the prosecution might have been able to forestall problems by choosing an expert witness who was qualified to address Horner's testimony. Instead, the prosecution moved to suppress evidence that it wasn't prepared to handle. Compared to Horner, the prosecution's expert witness has little formal IT training. Detective Lounsbury has completed two two-week FBI training seminars on computer security and other continuing education programs. He is also a certified user of the computer monitoring software ComputerCOP Pro. Allison Whitney, ComputerCOP's director of communications, explained how her company certifies police officers to use the softwa "They get a full hour of training, and then they're tested," Whitney said. "A lot of these people don't have any kind of training. Their [superior] officers may give them some kind of low-level training. Most of the time we do the training over the phone." ComputerCOP scans the hard drive and reports on when each file was created or modified. Lounsbury says he is satisfied that Amero intentionally viewed porn in class because the logs show that her computer accessed various inappropriate sites while she was sitting at the computer. "I take that at face value," Lounsbury told Alternet. "It's evidence. It speaks for itself. The pop-up defense is a Twinkie defense." Lounsbury said that Amero must have navigated to pornographic sites in order to have infected her computer with obscene popups. "You've got to get that ball rolling," he said. Horner's analysis of Amero's hard drive cast doubt on Lounsbury's conclusions. Horner found that the computer had been infected with malware before she arrived. "She was set up days or weeks before she ever sat down," Horner said. Here are just a few of the red flags Horner discovered in course of his laborious forensic reconstruction: Anti-virus software triggered security alerts as soon as he started copying the hard disk for testing. The computer's Norton activity log showed that by the time Amero came to Kelly, her computer was already infected with spyware from notorious websites including marketscore.com and new.net. One piece of spyware had been already been tracking the computer for about a month. Horner also discovered that someone, presumably the computer's regular user, had been accessing eHarmony.com before Amero's visit. As he noted, dating sites are notorious for spreading porn-related adware. Another program called Pasco showed that malware had automatically redirected Amero's browser. Horner stressed that this particular form of hijacking is invisible to ComputerCOP Pro. On Oct. 19, someone did an online job search shortly after 8:00 a.m., activating several different malware apps. At approximately 8:15 a.m., someone accessed www.hair-styles.org, Horner suspects student involvement, in part because the next visit was to Crayola's homepage. Over the next several minutes, still more malware came alive, most likely triggered by the hair site. The user kept surfing, and by this point, "crap was pouring into the computer at the speed of electricity," Horner said. The real point of no return was when the computer received a huge porn-filled Java file. From that point on, the machine was locked in an endless porn loop. Note that Amero's class started around 9 a.m. Neither the prosecutor nor detective Lounsbury was able to tell AlterNet whether the room had been locked before class, or exactly what time Amero sat down at her desk. At trial, it emerged that the school IT department offered no protection against obscene content or invasive software. The Kelly Middle School's firewall license had expired, leaving the whole system unguarded. To make matters worse, Amero was working on a very old Gateway PC running Windows 98, an extremely vulnerable setup. "Anyone could send anything they wanted to any computer on the site," Horner said. In the course of his investigation, Horner became convinced of Amero's innocence. After she was convicted, he sent a letter to her attorney offering his services pro bono for her upcoming appeal. "This whole trial was so unfair," Horner said. "When Julie was convicted, I went home that night. I was eating dinner, and I started crying. I just cried my eyes out. This was a total travesty of justice." Lindsay Beyerstein is a New York writer blogging at majikthise.typepad.com © 2007 Independent Media Institute. All rights reserved. View this story online at: http://www.alternet.org/story/46925/ http://antivirus.about.com/od/spywar...julieamero.htm Julie Amero Case About Law, Not Adware From Mary Landesman, January 16, 2006 Adware is at the center of debates over the Julie Amero case, in which a 40-year old substitute teacher was convicted of four counts of risk of injury to a minor, or impairing the morals of a child. More specifically, Amero did not turn off a computer which was serving up pornographic images in the classroom. Or, as she herself described it, "The pop-ups never went away. They were continuous. The computer was completely covered with pornography." Supporters of Amero claim the computer was infested with adware. And that's entirely plausible. The head of the school's IT department admits the content filtering software wasn't functioning because the school had failed to maintain the license. And the year was 2004 - a period in which adware and spyware infestations were particularly prevalent. But whether the computer was or wasn't infested with adware is beside the point. The fact remains that Amero did not turn off the computer. Under Section 53-21 of Connecticut law, "Any person who . . . wilfully or unlawfully causes or permits any child under the age of sixteen years to be placed in such a situation that the life or limb of such child is endangered, the health of such child is likely to be injured or the morals of such child are likely to be impaired . . . shall be punished. The intent of the statute is to protect the physical health, morals and well-being of children." The law also provides that "the state must prove the following elements beyond a reasonable doubt: (1) that at the time of the incident, the alleged victim was under the age of sixteen years; and (2) that the defendant wilfully or unlawfully caused or permitted the victim to be placed in a situation that endangered the child's life or limb, or was likely to injure his health or impair his morals." The kids in this case were 7th graders, so there is no doubt as to the 'under the age of sixteen years' mandate. And the law further clarifies willful or unlawful behavior as "the conduct of a person that is deliberately indifferent to, acquiesces in, or creates a situation inimical to the child's moral or physical welfare". The legal documents further define that "'Wilfully' means intentionally or deliberately. 'Unlawfully' means without legal right or justification. Causing or permitting a situation to arise within the meaning of this statute requires conduct on the part of the defendant that brings about or permits that situation to arise when the defendant had such control or right of control over the child that the defendant might have reasonably prevented it." That last bit is pretty explicit: "conduct on the part of the defendant that brings about or permits that situation to arise when the defendant had such control or right of control over the child that the defendant might have reasonably prevented it." Remember, Amero did not make any attempt to turn off the computer, even knowing that "the computer was completely covered with pornography" and even knowing that the kids in the classroom could see it. As for the "likely to injure his health or impair his morals" part of the law, this is further defined within the legal statute as "'Likely'' means in all probability or probably. As used here, ''morals'' means good morals, living, acting and thinking in accordance with those principles and precepts that are commonly accepted among us as right and decent." Amero did not respond in court when asked why she didn't turn off the computer. But allegedly she had been told during substitute training or at some other point prior to the incident that she was not to turn off any equipment in the classroom. If a librarian had been told not to remove books from the library, and then subsequently Larry Flint dropped a truckload of Hustler magazines in the children's center, shouldn't the librarian's good judgment prevail and the magazines be removed? I think yes. The Amero case isn't about adware. It's about poor judgement and doing nothing when minors under her care were placed in harm's way. And in Connecticut, that's against the law. |
#2
|
|||
|
|||
40 years for SPYWARE
Sending a message, Greg?
Or an admission that our concern about attempted security attacks on your system should not be taken as lightly as you were claiming. 0:-] Greegor wrote: http://sunbeltblog.blogspot.com/2007...ulie-amero-is- guilty.html Friday, January 12, 2007 Computerworld: Julie Amero is guilty, guilty, guilty! Justice prevails! You'll recall the case of Julie Amero, the hapless substitute teacher who has been convicted for a porn spyware infestation on a classroom computer and is now facing up to 40 years in prison (sentencing is on March 2). The tech community has, for the most part, been quite supportive of Ms. Amero (some comment storms here and here). It's deservedly become a cause celebre. However, ComputerWorld blogger Preston Gralla feels quite differently. In a posting today, he crows that "justice prevails": Lawyers have come up with some novel defenses over the years, including the "Twinkie defense" in which a lawyer argued that defendant Dan White's eating of Twinkies and drinking Coca-Cola proved that he was depressed, and so not responsible for his actions in murdering San Francisco Mayor George Moscone and Supervisor Harvey Milk in 1978. The defense was partially successful; White was convicted of voluntary manslaughter rather than murder. Luckily, it seems as if the spyware-made-me-do-it defense doesn't cut it in court. For once, justice prevails. Link here. http://www.computerworld.com/blogs/node/4346 Preston makes a clever twist, mixing an obvious abuse of the court system (the twinkie defense) with an arguably legitimate defense (spyware), an argument ignored by an apparently computer-illiterate court (and the defense lawyer admitted to me today that he also is computer illiterate). There is abuse in our justice system, with incessant victimization which attempt to remove responsibility from the perpetrator. However, we also suffer from a system of mores where armchair jurisprudence creates instant "conclusions" and damnation of the convicted, often based on emotional reaction, rather than a review of the evidence. Having personally witnessed first-hand a genuine miscarriage of justice, I tend to be a bit more cautious in my conclusions. As surprising as it may sound to some, not everyone indicted or convicted is guilty. Some are actually innocent. In fact, this case shows that the evidence is not in favor of the "justice prevails" argument, but quite the opposite. My response to Preston: Justice? No, the evidence to hand actually points to a miscarriage of justice. This case is so wrong on so many levels. Julie Amero is looking at 40 YEARS in prison. For a spyware infestation. Every available piece of evidence known to the public indicates that that Ms. Amero is quite likely _innocent_ of the charges. The defense contends this was a case of spyware on the school machine - a barrage of popups. And from what we know of the case, it certainly looks like it was (if you want to see what a porn spyware infestation actually looks like, Ben Edelman shows it he http:// www.benedelman.org/news/062206-1.html -- it's quite a real problem). According to one article, "Computer expert W. Herbert Horner, who performed a forensic examination of the computer for the defense, said Amero may have been redirected to the sexually-oriented sites through a hairstyling site accessed from the computer. He said the site allowed spyware to be downloaded onto the computer which allowed the pop-ups." The detective in the investigation "admitted there was no search made for adware, which can generate pop-up advertisements". It's incredible that they never even _checked_ for spyware. The court actions of the case were flawed as well. For example, one source reports that the Trial Judge, Hillary Strackbein, "was seen falling asleep during proceedings and made comments to the jury that she wanted the case over by the end of the week. It was also reported that Judge Strackbein attempted to pressure the defense into an unwanted plea deal, in place of a trial. The defense attorney for Amero, moved for a mistrial shortly before closing arguments Friday, based on reports that jurors had discussed the case at a local restaurant." Finally, note that the school didn't even have active content filtering in place (not that it would have probably made a difference). The fact that there were pornographic images on the computer means nothing, because whenever a popup launches, the images in the popup are stored on the computer. The fact that the logs indicated that she "visited" the sites also means nothing, since when the porn popups come through, they get logged as well. The fact that the machine was never scanned for spyware by the investigating authorities is outrageous. In fact, this alone should have resulted in the case being dismissed, as the defense found a major spyware infection by their expert forensic evidence. Was justice done here? A bad spyware infestation can splatter a machine full of porn popups and it's a bit unnerving to think that a teacher could get hard prison time for something that was likely to have been completely innocent. We need far more evidence than what is available to come to the conclusion that "justice was done". In fact, all the available evidence shows quite the opposite -- that this might just be a grave miscarriage of justice. If you feel the same, post a comment on Preston's blog. And, if you're wondering what a porno-spawning spyware infestation looks like, here's some examples from Harvard researcher Ben Edelman: http://www.benedelman.org/news/062206-1.html I also should note that in a conversation with the defense attorney today, he did tell me that his computer experts were not able to provide all the evidence in court. For the appeals process, we have made our own experts available to the defense on a pro-bono basis for any analysis of the infected machine. Alex Eckelberry http://sunbeltblog.blogspot.com/2007...n-julie-amero- case.html Friday, January 19, 2007 Update on Julie Amero case More information is coming out about the trial, and it's clear that we have a miscarriage of justice here. I hope to write more today or over the weekend as to some of the new information (short on time right now). However, Altnernet just posted an article which explains a lot more about this case. It's generally accurate, based on the research I've been doing: When lax cybersecurity meets anti-porn hysteria, an innocent computer infection can land you in jail. Just ask Julie Amero, a 40-year old substitute teacher who maintains she's a victim of a malicious software infestation that caused her computer to spawn porn uncontrollably. Alternet also spoke to the defense's forensic expert, Herb Horner. I've spoken with Herb as well, and he's a good guy and is absolutely devastated by what happened. He's quoted in the article: "This whole trial was so unfair," Horner said. "When Julie was convicted, I went home that night. I was eating dinner, and I started crying. I just cried my eyes out. This was a total travesty of justice." He's right. Alternet link here. http://www.alternet.org/rights/46925/ Alex Eckelberry http://www.alternet.org/rights/46925/ Questionable Conviction of Connecticut Teacher in Pop-up Porn Case By Lindsay Beyerstein, AlterNet Posted on January 19, 2007, Printed on January 28, 2007 http://www.alternet.org/story/46925/ Julie Amero, a 40-year-old substitute teacher from Connecticut is facing up to 40 years in prison for exposing her seventh grade class to a cascade of pornographic imagery. Amero maintains that she is a victim of a malicious software infestation that caused her computer to spawn porn uncontrollably. Adware, spyware and other infectious software are known hazards to security and privacy -- and when lax cybersecurity meets anti-porn hysteria, a mailware infection can even land you in jail. Malicious coders are getting more sophisticated all the time, but law enforcement and the criminal justice system aren't keeping up. A criminal conviction can hang on the difference between a deliberate mouse click and an involuntary redirect on an infested computer. Too often, even so-called experts can't tell the difference. On the morning of Oct. 19, 2004, Julie Amero's life changed forever when pornographic ads flooded her web browser during a class. According to the prosecuting attorney, David Smith, Amero's computer began displaying images of naked men and women, couples performing sexual acts, and "bodily fluids." Chances are, these kids had seen porn pop-ups before. Family Safe Media estimates that boys 12 to 17 consume more internet porn than any other group. The adults at Kelly Middle School, however, were shocked and scandalized. The next week, the school sent home a notice telling parents why Amero would never teach in the district again. She was arrested shortly thereafter and charged with multiple felonies. At trial, six of Amero's former students testified that they saw pornographic images on her monitor, either from their seats, or when they came up to her desk. One student told the court that Amero pushed his face away from the screen when she saw him looking at the racy ads. Millions of PCs worldwide are infected with some form of malicious software. An internal Microsoft report found that four million Windows machines were infected with some form of malicious software ("malware") in mid-2006. Spyware, adware, worms and viruses are parasitic programs that can hijack web browsers, launch unsolicited pornographic ads, and even report the inner workings of a computer to a remote observer. Users routinely download these programs without realizing they've been infected. Amero's attorney, John F. Cocheo, argued that malware was responsible for the pornographic images, not his client. Detective Mark Lounsbury, a computer crimes officer at the Norwich Police Department testified as an expert witness for the prosecution. He maintained that Amero was intentionally surfing for pornography while her seventh grade class busied itself with language arts. Lounsbury told the court that Amero musts have "physically clicked" on pornographic links during class time in order to unleash the pornographic pictures. However, he admitted under cross-examination that the prosecution never even checked the computer for malware. Why didn't the police check for malicious software? According to prosecutor David Smith, the police didn't check for malware because the defense didn't raise the possibility of a malware attack during the pretrial phase, as required by law. Defense attorney Cocheo could not be reached for comment as of press time. Herb Horner, the proprietor of the consulting firm Contemporary Computing Consultants, testified as an expert witness for the defense. His exhaustive independent forensic analysis of Amero's hard drive showed that the machine had been infected with multiple pieces of malicious software before she arrived at the school, and that these hidden programs were responsible for the pornographic deluge. Horner arrived in court with two laptops filled with the voluminous records of his investigation. However, the judge only let him present two slides. Prosecutor Smith objected because his team hadn't been previously informed about the malware defense. On Jan. 5, 2007, a Norwich jury found Amero guilty of four felony counts of "injury or risk of injury to, or impairing morals of, children." Each count carries a maximum sentence of 10 years and while it is unlikely that Amero will receive the maximum penalty, incarceration remains a very real possibility. Even if Amero avoids jail, she will be stripped of her teaching credentials unless the convictions are reversed. News of the guilty verdict sparked widespread outrage, particularly in the IT community. How could a 40-year-old woman with no prior criminal record be facing such serious charges over a few pop-up ads? "The fact that the machine was never scanned for spyware by the investigating authorities is outrageous. In fact, this alone should have resulted in the case being dismissed, as the defense found a major spyware infection by their expert forensic evidence," wrote Alex Eckelberry, the president of Sunbelt Software, a Florida-based firm that makes anti-spyware products. In fairness, nobody involved with the case seems happy about the outcome, either. Since the verdict, the Norwich Police Department has been bombarded with irate calls and emails from readers who accusing them of railroading an innocent person. "We're getting pretty much everything short of death threats," detective Lounsbury said. "I'm getting thrashed," People read a news article, and they think they know what's going on, but they're missing 99 percent of it." According to Lounsbury, some of parents whose children were exposed to the porn demanded an aggressive police response. "You know what people need to understand?" Lounsbury continued. "These were 12-year-olds. They reported [the porn] to their teachers, the teachers went to the administrators who brought the complaints to the network administrators. Of course, the kids told their parents. Complaints were lodged with the police. This isn't China. This isn't North Korea ... we're not Big Brother." In the end, Amero's fate hinged on the dueling opinions of the two expert witnesses. Unfortunately, the legal system was ill-equipped to weigh their respective opinions. The witness for the prosecution is a police officer who has to follow a very simple investigative algorithm. By all accounts, he executed his duties faithfully. Unfortunately, those responsible for evaluating his reports weren't sufficiently tech-savvy to place his findings in the proper context. ComputerCOP Pro, the software the police used to audit Amero's computer, is an automated user-friendly tool search tool designed for routine monitoring. It is not designed to definitively distinguish between user-generated clicks and the effects of malware. Furthermore, the defense's expert witness was not allowed to share with the jury more of the evidence he had amassed. Herb Horner has 40 years of experience as a software engineer and an IT consultant. Over the past few decades, Horner has traveled the world to investigate computer glitches. His clients include a Swiss bank, a major airline and a national chain of hardware stores. "I like to get to the bottom of things," Horner told AlterNet. "If there's a plane crash, I say don't just bury the bodies and take the trash to the dump. Find out what happened." If the defense had told the prosecution about Horner's findings earlier, the prosecution might have been able to forestall problems by choosing an expert witness who was qualified to address Horner's testimony. Instead, the prosecution moved to suppress evidence that it wasn't prepared to handle. Compared to Horner, the prosecution's expert witness has little formal IT training. Detective Lounsbury has completed two two-week FBI training seminars on computer security and other continuing education programs. He is also a certified user of the computer monitoring software ComputerCOP Pro. Allison Whitney, ComputerCOP's director of communications, explained how her company certifies police officers to use the softwa "They get a full hour of training, and then they're tested," Whitney said. "A lot of these people don't have any kind of training. Their [superior] officers may give them some kind of low-level training. Most of the time we do the training over the phone." ComputerCOP scans the hard drive and reports on when each file was created or modified. Lounsbury says he is satisfied that Amero intentionally viewed porn in class because the logs show that her computer accessed various inappropriate sites while she was sitting at the computer. "I take that at face value," Lounsbury told Alternet. "It's evidence. It speaks for itself. The pop-up defense is a Twinkie defense." Lounsbury said that Amero must have navigated to pornographic sites in order to have infected her computer with obscene popups. "You've got to get that ball rolling," he said. Horner's analysis of Amero's hard drive cast doubt on Lounsbury's conclusions. Horner found that the computer had been infected with malware before she arrived. "She was set up days or weeks before she ever sat down," Horner said. Here are just a few of the red flags Horner discovered in course of his laborious forensic reconstruction: Anti-virus software triggered security alerts as soon as he started copying the hard disk for testing. The computer's Norton activity log showed that by the time Amero came to Kelly, her computer was already infected with spyware from notorious websites including marketscore.com and new.net. One piece of spyware had been already been tracking the computer for about a month. Horner also discovered that someone, presumably the computer's regular user, had been accessing eHarmony.com before Amero's visit. As he noted, dating sites are notorious for spreading porn-related adware. Another program called Pasco showed that malware had automatically redirected Amero's browser. Horner stressed that this particular form of hijacking is invisible to ComputerCOP Pro. On Oct. 19, someone did an online job search shortly after 8:00 a.m., activating several different malware apps. At approximately 8:15 a.m., someone accessed www.hair-styles.org, Horner suspects student involvement, in part because the next visit was to Crayola's homepage. Over the next several minutes, still more malware came alive, most likely triggered by the hair site. The user kept surfing, and by this point, "crap was pouring into the computer at the speed of electricity," Horner said. The real point of no return was when the computer received a huge porn-filled Java file. From that point on, the machine was locked in an endless porn loop. Note that Amero's class started around 9 a.m. Neither the prosecutor nor detective Lounsbury was able to tell AlterNet whether the room had been locked before class, or exactly what time Amero sat down at her desk. At trial, it emerged that the school IT department offered no protection against obscene content or invasive software. The Kelly Middle School's firewall license had expired, leaving the whole system unguarded. To make matters worse, Amero was working on a very old Gateway PC running Windows 98, an extremely vulnerable setup. "Anyone could send anything they wanted to any computer on the site," Horner said. In the course of his investigation, Horner became convinced of Amero's innocence. After she was convicted, he sent a letter to her attorney offering his services pro bono for her upcoming appeal. "This whole trial was so unfair," Horner said. "When Julie was convicted, I went home that night. I was eating dinner, and I started crying. I just cried my eyes out. This was a total travesty of justice." Lindsay Beyerstein is a New York writer blogging at majikthise.typepad.com © 2007 Independent Media Institute. All rights reserved. View this story online at: http://www.alternet.org/story/46925/ http://antivirus.about.com/od/spywar...julieamero.htm Julie Amero Case About Law, Not Adware From Mary Landesman, January 16, 2006 Adware is at the center of debates over the Julie Amero case, in which a 40-year old substitute teacher was convicted of four counts of risk of injury to a minor, or impairing the morals of a child. More specifically, Amero did not turn off a computer which was serving up pornographic images in the classroom. Or, as she herself described it, "The pop-ups never went away. They were continuous. The computer was completely covered with pornography." Supporters of Amero claim the computer was infested with adware. And that's entirely plausible. The head of the school's IT department admits the content filtering software wasn't functioning because the school had failed to maintain the license. And the year was 2004 - a period in which adware and spyware infestations were particularly prevalent. But whether the computer was or wasn't infested with adware is beside the point. The fact remains that Amero did not turn off the computer. Under Section 53-21 of Connecticut law, "Any person who . . . wilfully or unlawfully causes or permits any child under the age of sixteen years to be placed in such a situation that the life or limb of such child is endangered, the health of such child is likely to be injured or the morals of such child are likely to be impaired . . . shall be punished. The intent of the statute is to protect the physical health, morals and well-being of children." The law also provides that "the state must prove the following elements beyond a reasonable doubt: (1) that at the time of the incident, the alleged victim was under the age of sixteen years; and (2) that the defendant wilfully or unlawfully caused or permitted the victim to be placed in a situation that endangered the child's life or limb, or was likely to injure his health or impair his morals." The kids in this case were 7th graders, so there is no doubt as to the 'under the age of sixteen years' mandate. And the law further clarifies willful or unlawful behavior as "the conduct of a person that is deliberately indifferent to, acquiesces in, or creates a situation inimical to the child's moral or physical welfare". The legal documents further define that "'Wilfully' means intentionally or deliberately. 'Unlawfully' means without legal right or justification. Causing or permitting a situation to arise within the meaning of this statute requires conduct on the part of the defendant that brings about or permits that situation to arise when the defendant had such control or right of control over the child that the defendant might have reasonably prevented it." That last bit is pretty explicit: "conduct on the part of the defendant that brings about or permits that situation to arise when the defendant had such control or right of control over the child that the defendant might have reasonably prevented it." Remember, Amero did not make any attempt to turn off the computer, even knowing that "the computer was completely covered with pornography" and even knowing that the kids in the classroom could see it. As for the "likely to injure his health or impair his morals" part of the law, this is further defined within the legal statute as "'Likely'' means in all probability or probably. As used here, ''morals'' means good morals, living, acting and thinking in accordance with those principles and precepts that are commonly accepted among us as right and decent." Amero did not respond in court when asked why she didn't turn off the computer. But allegedly she had been told during substitute training or at some other point prior to the incident that she was not to turn off any equipment in the classroom. If a librarian had been told not to remove books from the library, and then subsequently Larry Flint dropped a truckload of Hustler magazines in the children's center, shouldn't the librarian's good judgment prevail and the magazines be removed? I think yes. The Amero case isn't about adware. It's about poor judgement and doing nothing when minors under her care were placed in harm's way. And in Connecticut, that's against the law. |
#3
|
|||
|
|||
40 years for SPYWARE
freedom wrote:
-----BEGIN PGP SIGNED MESSAGE----- On 28 Jan 2007, "Greegor" wrote: http://sunbeltblog.blogspot.com/2007...ulie-amero-is- guilty.html Friday, January 12, 2007 Computerworld: Julie Amero is guilty, guilty, guilty! Justice=20 prevails! You'll recall the case of Julie Amero, the hapless substitute teacher=20 who has been convicted for a porn spyware infestation on a classroom=20 computer and is now facing up to 40 years in prison (sentencing is on=20 March 2). LOL...for some reason, when I saw this title I thought spyware was celebrating its 40th anniversary, or something. ROFL! Ah, then you understand Greg well. By the way, did you see my withdrawal of the questions brought up about Ken's posting history with hacker addies in the from fields? It came from three posts up from him. Because the poster and did an x no archive on it it wasn't available in google. Noting that I checked another Usenet archive and found the top of the thread and the original poster. Other than possibly leaving them for effect, which I do not accuse him of, it was a blind alley. Now, of course, comes the other question that has plagued us. None of us have reported the kind of concerned attacking going on before that happened since Ken came aboard this newsgroup, ascps, and aps. Some people are just unfortunate, I guess. Such things follow them because that's the way it goes. Poor Ken. He won one sort of, with you and the "I was in Cuba and could not post" argument. It was an impasse, and you said so and it appeared so to me from all the evidence and lack of same to conclusively settle the matter. Is there something askew that he doesn't recognize a win? If I said to you I don't know if you were in New York, would come back at me with NO proof that can be verified and insist that I was claiming you weren't there and I had to admit you were? You'd have won at least a reprieve by default. I can't prove one way or the other. So I won't make claims to admit to or deny. I just want to know why you couldn't get to New Jersey? R R R R R RR R R R RR R Or Santiago, and log on to the Internet. http://www.aboutkenpangborn.com -----BEGIN PGP SIGNATURE----- Version: N/A iQA/AwUBRb1U4gu6zDezw650EQL6nACfW9kw1hhI9WOBpZVT4xzLy4 N5AbYAn3FU qbAOjBY82VN+ixHApJjTtxHC =Naha -----END PGP SIGNATURE----- |
#4
|
|||
|
|||
40 years for SPYWARE
And yet you boast that you have tracked down the perp.
WHY don't you exhonerate people you FALSELY ACCUSED then? You made some public accusations about who sent you a virus. One lead went to SHAW CABLE of Canada. But you implied (falsely I expect) that your virus was different. You claimed that you had a special, tailored virus. Now that you know WHO sent it to you, Why are you keeping that a secret? So far you have only implied that it's not the people you accused at all, saying you want the culprit to sweat. Don't you have an obligation to retract your paranoid mental case accusations? On Jan 29, 7:35 pm, "0:-" wrote: Greegor wrote: I know what state, what town, and what computer...by IT's IP addy. And I see that it brings you SO MUCH JOY that you're announcing it!What indicated joy? Oh...of course. The perp, if he's here, has to sweat just how close I might be. Why yes, Greg, that gives me joy. What does it give you, whiny? I'm finding ISPs more and more willing to put staff on connecting with other ISPs to run down perps who abuse the ISP customers. Every time they catch one, there PR goes up. Used to be they didn't care much. Not today. They see what's coming and that's the possibility of legal entanglements for them. Then of course, there are those ISPs that are just honest and responsible for their own sakes. You wouldn't understand that. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
misc.kids FAQ on Breastfeeding Past the First Year | [email protected] | Info and FAQ's | 0 | November 18th 05 05:35 AM |
misc.kids FAQ on Breastfeeding Past the First Year | [email protected] | Info and FAQ's | 0 | October 19th 05 05:36 AM |
misc.kids FAQ on Breastfeeding Past the First Year | [email protected] | Info and FAQ's | 0 | December 29th 04 05:26 AM |
misc.kids FAQ on Breastfeeding Past the First Year | [email protected] | Info and FAQ's | 0 | August 29th 04 05:28 AM |
PPAC, vaccinations and chiro bouncer Bob (Bob Dubin, Diplomate, American Board of Chiropractic Censorship) | Todd Gastaldo | Pregnancy | 1 | September 6th 03 08:55 PM |