My Left Nutmeg interviews Julie Amero

Maura of My Left Nutmeg spoke with Julie Amero the Connecticut teacher who was convicted of four felonies because a malware-infected school computer with an expired content filter flashed pornographic popups at a seventh grade language arts class in 2004.

Maura's post is an example of the kind of coverage that make regional blogs like My Left Nutmeg so valuable.

Several people have asked if there were any kind of fund to help Julie in her ongoing struggle to clear her name. I'm happy to report that there is. Maura was able to confirm that all donations to the Julie Amero Fund go directly to help Julie.

AP finally picks up Amero story

The Associated Press has finally covered the Julie Amero story! Reporter John Christoffersen did a good job, too.

Amero is a substitute teacher in Connecticut who was convicted of four felonies earlier this month because a malware-infected computer in her classroom got locked in an irreversible cascade of pornographic popup ads in 2004.

Amero had been forbidden to turn off the computer by the teacher who signed her into the system using his password. The computer had no content filter because the responsible IT staff had forgotten to pay the vendor who supplied this protection. Forensic experts ascertained that the computer was infected with multiple adware and spyware programs, one of which automatically redirected the browser to a porn site on the morning in question.

I reported on the Amero story for AlterNet in late January. I'm thrilled to see that the news of this miscarriage of justice is getting more traction.

[HT: Raw Story.]

State v. Amero blog goes live

Mike Conwell of Austin, Texas is a computer consultant who's outraged over the conviction of Julie Amero, the CT substitute teacher who is facing jail time because a malware-riddled PC generated pornographic popups in class.

Conwell has started a blog dedicated the Amero case. It's called State v. Amero (http://blog.state-v-amero.com/). Check it out.

Washington Post blog tackles the Amero popup porn case

Brian Krebs tackled the Julie Amero case on the Washington Post's computer security blog.

He did a good job, too.

Check out the comments. As we've seen already, this story really hits home for IT professionals and public school teachers.

Detective Mark Lounsbury comments on the Amero case

Network Performance Daily gives Detective Mark Lounsbury the opportunity to comment on the evidence the prosecution presented against Julie Amero, the substitute teacher facing up to 40 years in prison for exposing her students to unsolicited internet porn.

Lounsbury's essay is very general discussion of how the police might go about investigating a suspect's computer. He doesn't address the central points of contention in the Amero case. Perhaps he is not at liberty to do so, as Julie has not yet been sentenced.

You can also read the commentary of the defense's expert witness here.

I hope to write more on these two commentaries later today. In the meantime I encourage readers to compare the two commentaries for themselves. Remember that Lounsbury testified that he did not check the computer Amero was using for malware.

Why didn't Julie Amero pull the plug?

A subtle shift is underway in the prosecution's strategy in the Amero porn popup case.

Now, the focus is on why Amero didn't turn off the computer after the porn freeze. Amero did try to keep the kids away from the monitor. One child testified that Amero physically turned his face away when she caught him looking at the monitor.

Tech journalist* John Dvorak says this kind of brain freeze is common:

The heartless State Attorney asked the question as to why she didn’t pull the plug on the computer during a porn storm. I would have testified that most people unfamiliar with computers would worry that this action would damage the machine or they would assume that the problem would continue when the machine was turned back on and they’d get in trouble later.

Furthermore, as I mention in my HuffPo piece, Amero was using the regular teacher's login. Before he left, he warned her not to turn off the machine.

It's important to remember that Amero is almost computer-illiterate. She probably didn't even know that it was possible to turn off the monitor without turning off the computer.

*[Correction: In an earlier draft of this post, I misidentified John C. Dvorak as an inventor, assuming he had invented the Dvorak keyboard. In fact, August Dvorak invented the Dvorak keyboard. John Dvorak is a tech journalist and blogger.]

Updates on the Amero popup porn case

Overview
My op/ed about Julie Amero is up at the Huffington Post. Amero is the CT teacher facing up to 40 years in prison because her malware-riddled PC generated a deluge of pornographic popups during class. Independent analyses of her computer show that her browser was involuntarily redirected to pornographic websites by malicious software.

Amero was eventually charged with four felonies in connection with the malware incident. She turned down a probation plea, knowing that she could face up to 40 years in prison if she were convicted.

Please see my earlier AlterNet article for more details on Julie Amero and her legal battle.

More Media Traction
The Amero story is starting to get traction outside the Norwich Bulletin and the blogosphere.

PC Magazine ran a special report called "Free the Norwich 1!" and calls Amero's case a miscarriage of justice. PC even calls overzealous prosecutors who go after users of malware-infested computers a Top Threat.

The Exculpatory Evidence Explained
Alex Eckelberry, President of Sunbelt Software, reviewed the data from Amero's hard drive with defense expert Herb Horner. In this blog post, Eckelberry gets down to the nitty gritty technical details that prove Amero is innocent. At Network Performance Daily, Horner outlines the painstaking digital post-mortem he performed on Amero's machine.

Local IT Guys Making Excuses
The Day sent a reporter to cover last night's Board of Ed meeting, where the Norwich school district's IT director tried to explain why he had allowed the school's content filtering software to lapse between August and October, 2004.

Information Services Director Bob Hartz went into full CYA mode on the Julie Amero case. Harris told attendees that it was "just a fluke" that Amero's computer displayed porn that day in 2004.

From August to October 2004, the district's filtering system didn't regularly add newly discovered pornographic sites to its restricted Web sites database.

Hartz said Norwich's filtering software generally worked in 2004, but new offensive sites weren't blocked partly because Symantec, creator of the school's WebNOT computer filter, failed to send him a licensing certificate to activate the software's updates feature.

"I don't think we've ever compromised on being able to fund our firewall ... and (other) filtering software," Norwich Superintendent Pam Aubin said. "We're very lucky to fund a full-time information systems director." [NB]

Symantec didn't send Hartz a licensing certificate? Perhaps, as Hartz suggested, because he didn't pay the bill.

Board of Ed member Frank Krasicki, a computer scientist and former teacher, told Ed-Tech Insider that Hartz's lapse was unacceptable:

It is inexcusable that no action was taken to upgrade the protective software at that time (they had the summer to do it). And it explains why nobody thought much of Amero's experience at the time, essentially telling her "not to worry about it." [ETI]

Krasicki also posted an interesting essay at Region 19 BOE Gazette: Why Julie Amero Matters--Computers and Society.

Startling Disclosure About the Police's Forensic Software
Interesting news from the Norwich Bulletin on ComputerCop Pro, the blackbox software the police used to examine Amero's computer:

David Jacobs, a former police officer and sales representative for the ComputerCop, which is based in Bohemia, N.Y., said Amero's case establishes a legal precedent for subsequent court cases.

"To my knowledge, this is the first conviction using ComputerCop software as an acceptable tool for police officers to conduct a computer forensic examination that is acceptable to the court," Jacobs said. [NB] (Emphasis added.)

Network Performance Daily interviewed Steve DelGiorno, CEO of ComputerCop:

Mr. DelGiorno stated in a phone conversation with us that while ComputerCOP can find all sorts of files and images, including deleted images or images in unallocated disk space, by keyword or by filetype, ComputerCOP does not determine the cause of those files being on the computer (whether caused by malware, intrusion, or direct and willful use), and that it is not the function of ComputerCOP to make that determination." [NPD]

NPD will run a commentary by prosecution expert witness Mark Lounsbury tomorrow. Lounsbury was the officer who testified that Amero must have "physically clicked" on pornographic links in order to generate the popup barrage.