Vikar i fængsel for spyware på skolens computer
Da den 40-årige Julie Amero fra Connecticut for et par år siden var vikar for en 7. klasse, begyndte noget spyware på computeren pludselig at smide popups med reklamer bl.a. for pornografiske sites i hovedet på hende og eleverne.
Det troede den lokale anklagemyndighed dog ikke på, og da retten afviste den tekniske analyse af den involverede PC, der beviser spywarens indflydelse og vikarens uskyld, er Amero nu kendt skyldig i at have bragt mindreårige i fare - en forbrydelse, hun står til fire gange ti års fængsel for.
Skal vi tage den én gang til, fra Washington Posts sikkerhedsskribent?
Amero described herself as the kind of person who can hardly find the power button on a computer, saying she often relies on written instructions from her husband explaining how to access e-mail, sign into instant messaging accounts and other relatively simple tasks.Eksperten W. Herbert Horner, der optrådte som vidne for Ameros forsvar, forklarer, at omdirigeringen til pornografiske sites foregik via kendte annonce-agenter, og at de pågældende billeder var fra 5-15 Kb store - ikke just sådanne, man savler over på et pornografisk site, men netop thumbnails som det sig hør og bør i en popup-reklame.
On the morning of Oct 19, 2004, Amero said she reported for duty at a seventh grade classroom at Kelly Middle School in Norwich, Conn. After stepping out into the hall for a moment, Amero returned to find two students hovering over the computer at the teacher's desk. As supported by an analysis of her computer during the court proceedings, the site the children were looking at was a seemingly innocuous hairstyling site called "new-hair-styles.com." Amero said that shortly thereafter, she noticed a series of new Web browser windows opening up displaying pornographic images, and that no matter how quickly she closed each one out, another would pop up in its place.
"I went back to computer and found a bunch of pop-ups," Amero said. "They wouldn't go away. I mean, some of the sites stayed on there no matter how many times I clicked the red X, and others would just pop back up" ...
Horner forklarer videre:
On October 19, 2004, around 8:00 A.M., Mr. Napp, the class' regular teacher logged on to the PC because Julie Amero being a substitute teacher did not have her own id and password. It makes sense that Mr. Napp told Julie not to logoff or shut the computer off, for if she did she and the students would not have access to the computer. The initial user continued use of the PC and accessed Tickle.com, cookie.monster.com, addynamics.com, and adrevolver.com all between 8:06:14 - 8:08:03 AM. During the next few moments Julie retrieved her email through AOL. http://www.hair-styles.org was accessed at 8:14:24 A.M., based upon the hair style images uploaded to the PC we were led to believe that there were students using the computer to search out hair styles. The user went to http://www.crayola.com at 8:35:27 A.M. The user continued accessing the original hair site and was directed to http://new-hair-styles.com. This site had pornographic links, pop-ups were then initiated by http://pagead2.googlesyndication.com. There were additional pop-ups by realmedia.com, cnentrport.net, and by 9:20:00 A.M., several java, aspx's and html scripts were uploaded. A click on the curlyhairstyles.htm icon on the http://www.new-hair-styles.com site led to the execution of the curlyhairstyle script along with others that contained pornographic links and pop-ups. Once the aforementioned started, it would be very difficult even for an experienced user to extricate themselves from this situation of porn pop-ups and loops.(Min fremhævelse).
All of the jpg's that we looked at in the internet cache folders were of the 5, 6 and 15 kB size, very small images indeed. Normally, when a person goes to a pornographic website they are interested in the larger pictures of greater resolution and those jpgs would be at least 35 kB and larger. We found no evidence where this kind of surfing was exercised on October 19, 2004.
(...)
This was one of the most frustrating experiences of my career, knowing full well that the person is innocent and not being allowed to provide logical proof.
If there is an appeal and the defense is allowed to show the entire results of the forensic examination in front of experienced computer people, including a computer literate judge and prosecutor, Julie Amero will walk out the court room as a free person.
Hvad kan man sige: Moderne teknologi møder middelalderlig puritanisme og himmelråbende juridisk inkompetence i den fundamentalistiske diktaturstat USA? Godt ser det i hvert fald ikke ud - men man kan håbe, en evt. appelsag kan sætte skik på sagen.
Horner har i øvrigt oprettet en indtil videre helt ny blog om sagen, hvor du kan gå ind og sige din mening, hvis du har lyst.
Update: Alternet har også en rimeligt god artikel om sagen: "When lax cybersecurity meets anti-porn hysteria, an innocent computer infection can land you in jail ..."