Have you ever faced a pop-up that wouldn't go away? You try clicking it closed and another pops up in less than a nanosecond. You reboot the system, annoyed that your anti-spyware program let something slip through.
That's a hassle, sure--but chances are, your experience won't land you in jail.
A Teacher's Worst Nightmare
Julie Amero, a substitute teacher in Norwich, Connecticut, has been convicted of impairing the morals of a child and risking injury to a minor by exposing as many as ten seventh-grade students to porn sites.
It's a short story: On October, 19, 2004, Amero was a substitute teacher for a seventh-grade language class at Kelly Middle School. A few students were crowded around a PC; some were giggling. She investigated and saw the kids looking at a barrage of graphic, hard-core pornographic pop-ups.
The prosecution contended that she had used the computer to visit porn sites.
The defense said that wasn't true and argued that the machine was infested with spyware and malware, and that opening the browser caused the computer to go into an endless loop of pop-ups leading to porn sites.
Amero maintains her innocence. She refused offers of a plea bargain and now faces an astounding 40 years in prison (her sentencing is on March 2).
Just the Facts
I'll admit all my don't haves right away: I don't have access to court records; I don't have first-hand evidence of what occurred; and I haven't examined the computer's hard drive myself.
What I do have is a working knowledge of spyware and plenty of experience cleaning infected PCs.
I also have a copy of the report written by computer forensic specialist W. Herbert Horner, the expert witness who testified in Amero's defense. You can read it, too; it's on the NetQos site.
Proof, Speculation, and a Not-Very-Good Defense
Horner made an image of the computer's hard drive. He saw that there was no firewall and that the antivirus program was outdated. He also found 42 active "spyware/adware tracking cookie/programs." Most important, Horner said that 27 of the spyware apps were accessed before Amero had access to the computer.
To me, the implication is clear that Amero hadn't used the PC for browse for porn, as the prosecution claimed.
The defense wanted Horner to have Internet access at the trial in order to re-create what happened to Amero in the classroom. The prosecution objected, claiming they hadn't had ?full disclosure? of Horner's examination.
In my opinion, had the defense attorney been on his toes, and had the jury seen the demonstration, Amero would have been found innocent.
Guilty: The School or the Teacher?
The question is, Who should be held responsible? After reading articles in the Norwich Bulletin, the area's local newspaper, and a chat with someone familiar with the case, I've come to some conclusions. (And if you've ever helped a computer novice deal with a PC loaded with spyware, I think you know who I'm siding with.)
First, it would be a good idea to take a look at newspaper articles covering the trial. Read the January 5, 2007 article, the next on January 7, and the January 11 editorial supporting the conviction.
Now, back to our story. To begin with, the prosecutor pointed his finger at Amero because she didn't turn off the computer right away.
If I faced the same situation, I'd probably panic, just as Amero did--shield the kids from seeing the monitor and move them away from the computer. Then I'd reach over to an unfamiliar system, fumble around looking for the Off switch, and turn off the monitor, or computer, or both.
I imagine Amero was also flustered because she was told by the class's regular teacher, quite adamantly, not to turn off the computer. That's a lame excuse, I agree, because questioning authority is sometimes the right thing to do.
But I've learned from my source that Amero is a rank novice. About the most she can do is check e-mail on AOL using her husband's home computer. That says lots, no?
For instance, when faced with the classroom PC's pop-ups, her reaction was to click the red "x" in the corner of each box--which, as anyone who's faced spyware knows, often results in another pop-up.
More important, though, if the school had done its part in protecting its students, it would have up-to-date anti-spyware and antivirus programs installed on every PC.
On January 24 the Norwich Bulletin reported that the school district's technology administrator, Information Services Director Bob Hartz, said, "from August to October 2004, the district's filtering system didn't regularly add newly discovered pornographic sites to its restricted Web sites database." Oddly enough, they upgraded the software just after Amero's incident.
In my opinion, Amero is the victim here.
The blogsphere has been following the story carefully, though the mainstream media hasn't picked it up yet. My guess is when it does, the bits will hit the fan.
Malware: How It Happens
Have you ever clicked on a browser message that looks legit and offers to, say, block spam or remove spyware? According to Sunbelt Software's spyware expert Alex Eckelberry, if you click on an innocent looking dialog, you could inadvertently install malware on your machine and end up with a PC that's infested with annoying pop-up ads that appear whenever you open your browser. Watch this YouTube video to see exactly how it happens.
To protect yourself from spyware, you need protection and advice--like you can get from PC World's Spyware & Security Info Center. But you may just want to cut to the chase. In that case, read "Spyware Fighters," "Disarm Net Threats," and "First Look: SiteAdvisor Plus vs. Norton Confidential."