Web Design Brisbane - Raycon Web Design Brisbane - Raycon


View full article list

Why computer security is important

Mark Edwards

If you ever thought that not scanning for adware, malware and viruses was not important, the story of Julie Amero will perhaps change your mind.

You may have heard something about Julie. She is a Connecticut substitute schoolteacher who was convicted of "child endangerment." She now faces a sentence of up to 40 years in prison because porn pop-ups appeared on a school computer.

It began in October 2004 when Amero was assigned to a class at Kelly Middle School in Norwich.

Amero says that before her class started, a teacher allowed her to e-mail her husband. She says she used the computer and went to the bathroom, returning to find the permanent teacher gone and two students viewing a Web site on hair styles.

Amero says she chased the students away and started class. But later, she says, pornographic images started popping up on the computer screen by themselves. She says she tried to click the images off, but they kept returning, and she was under strict orders not to shut the computer off.

During the class she kept the screen turned away from the students and chased away any who tried to sneak a peek.

Prosecutor David Smith contended at the three day trial that she actually clicked on graphic Web sites.

Computer consultant Herb Horner testified for the defense that the children had gone to an innocent Web site on hair styles and were redirected to another hairstyle site that had pornographic links.

So how did this happen?

The school district had allowed its Web-filtering software support contract to expire, preventing the software from receiving updates. The computer in question was running Windows 98, and the browser in use was IE 6.

According to evidence analysis performed by Alex Shipp, an independent malware researcher, the antivirus software was a trial version of Cheyenne Antivirus (CA). That product had been discontinued by Computer Associates on Mar. 17, 2004. It appears that CA issued a last courtesy update on June 30. Julie taught the class on Oct. 19. The computer had no antispyware software.

In other words, this computer had almost no protection and an unsecurable operating system. This is the machine Julie was given to use.

On the day in question, the regular teacher was there before class to log Julie into the computer. Substitutes didn't have their own accounts, and were ordered not to log out or shut down the computer. Julie left briefly and, when she returned, the regular teacher was gone. She found students, some of whom didn't even belong in the upcoming class, Web surfing on the teacher's computer.

Experts now analyzing the hard-drive image have confirmed that the computer had been infected with adware days before Julie's arrival. Unfortunately, in this case, that means that when a student tried to visit a hairstyle Web site, he or she was instead redirected to a different site that had adult products advertised. When Julie tried to close the site down, this started a pop-up cascade.

Julie is a total "computerphobe." She can perform basic computing functions, and not much more.

But how did it get so serious?

Surely one would think, once an investigation got started the truth would be revealed. Unfortunately, not.

The police who performed the computer forensic investigation will poorly trained and using innapropriate software for the task. The conclusions they drew from what they found were incorrect. Various IT experts have analysed the image of the hard drive to establish what happened and found that there was no deliberate attempt to find illicit images. They appeared as the result of spyware and malware redirecting the browser. The cascade of material which followed was unavoidable.

Additionally, the trial judge appears to have been less than interested in the case. She fell asleep at one point and was keen to see the trial over within a week.

So what is next?

Julie was to be sentenced early March and I could find no reference to what the sentence was if it has in fact been handed down.

An appeal will be lodged and several well recognised IT experts have offered their services as expert witnesses for no charge. It would appear that this case is far from over, however, good security would have prevented this horrible chain of events from occuring in the first place.

View full article list