2007-03-01
Abstract
'As things currently stand, anyone who has pornographic images appearing on their screen as a result of malware on their PC, or being trapped in a continuous pop-up loop, is at risk of conviction if there are minors in the vicinity.' Alex Shipp, MessageLabs.
Copyright © 2007 Virus Bulletin
In January I heard that a 40-year-old female substitute teacher, had been convicted in a US court on four counts of risking injury to minors.
The prosecution argued that Julie Amero had been surfing porn while in charge of a class of seventh-grade pupils. Julie maintained that the pornographic material kept appearing on the screen, and that whenever she tried to get rid of it, more would appear.
Reading about the case, it did not seem believable that a 40-year-old pregnant woman would spend the whole day surfing porn in front of a class of 12-year-olds. To me, the symptoms Julie described were the classic signs of a ‘pornado’ attack, so I started digging further.
I found many things that worried me.
The school’s investigation consisted of checking the browser history and firewall logs, and then firing her. There was no chance for Julie to tell her side of the story, and no help was given to her.
The police investigation consisted of running a program to see which sites were visited. There was no search for malware or spyware, no examination of the pages visited for Javascript, no attempt to piece together the sequence of events, and no analysis of the firewall logs to discern browsing patterns.
In court, several incorrect technical arguments were made by the prosecution, including the assertion that if a link is a different colour, then it must have been clicked on deliberately.
Some of the other arguments were highly technical, yet the process continues at such a speed that there is no time during the trial to pick up on inconsistencies.
In short, as things currently stand, anyone who has pornographic images appearing on their screen as a result of malware on their PC, or being trapped in a continuous pop-up loop, is at risk of conviction if there are minors in the vicinity.
Hopefully a lot of lessons will be learned from this case, and hopefully they will be learned in time to help Julie.
The next significant date in this case is sentencing, which is currently scheduled for 2 March – by the time you read this it may already have happened.
Alex Shipp, MessageLabs, UK
[Sentencing in Julie Amero's case has been postponed until 29 March 2007. More information and updates on the case can be found at http://julieamer.blogspot.com/ - Ed.]
If you have opinions to express or simply want to comment on the state of the industry - send your letters to: [email protected].
