Explicit Pop-Up Debacle Leads to Teacher's Guilty Plea

The unbelievable story of Julie Amero, the substitute teacher who became the scapegoat of the Norwich school system when a computer riddled with spyware was inundated with pop-up "nasties" that were viewed by children in her class, has finally come to an end -- albeit, what many consider an unjust end.

Amero was originally charged with four felonies for letting impressionable students see pornographic pictures as she browsed the web in her classroom. According to the Hartford Courant, Amero, who has been hospitalized and suffers from declining health, agreed to plead guilty to a single misdemeanor charge, pay $100 and to surrender her state teaching credentials. (Source: courant.com)

But according to Wired.com, a soon-to-be released forensic report shows that Amero's conviction is anything but just. Apparently, the school computer was infected with adware, the anti-virus software on the computer had been discontinued, and the technical testimony at her trial was amateurish and flawed. (Source: wired.com)

Computer forensics experts, including Alex Eckelberry of Sunbelt Software, examined the computer for Amero's defense on a pro-bono basis after hearing about the case.

Based on their examination, the judge in Amero's case set aside the four felony convictions which resulted in a new trial and hopes that the prosecution would drop the case.

Among the findings in the report, which hasn't been publicly released yet:

• The school's IT manager told the jury that the anti-virus software had been updated with new virus definitions in early October, just days before the incident. But according to the system's antivirus update log, signatures were last updated on August 31, 2004 . Those signatures were from June 30, 2004, which was the last update Computer Associates ever made for that product.
   
• The computer had no anti-spyware or firewall software. It also lacked any pop-up blocking technology. On October 12, 2004, an adware program, newdotnet, was installed onto the system, likely at the same time someone installed a "free" Halloween screen saver.
   
• The IT manager told the jury he didn't know if adware or spyware was on the computer, and the forensic investigator falsely reported that there was no evidence of uncontrollable pop-ups.
   
• The forensic report found pages that reloaded more than 20 times in a second -- which suggests that a program and not a human being was responsible for the pages being refreshed.
   
• The jury was told that one adult web page had a red link on it, indicating that Amero had clicked on it.
   
• The computer Amero was using turned visited links a green color, but HTML on the web page specified that link be red for every visitor. This suggests that a rogue program (adware) likely modified page results.

Prosecutors argued that Amero should have shut the computer off -- which is not unusual in cases like this -- and failing to do so endangered her students. Local officials, police and state prosecutors were unwilling to admit that they made a mistake. The state of Connecticut still believes Amero was guilty and was prepared to go to trial again.

According to the Hartford Courant, the state never conducted a forensic examination of the hard drive, relying instead on the 'expertise' of a Norwich detective with limited computer experience.

Visit Bill's Links and More for more great tips, just like this one!