Since I posted my screed last week about Julie Amero, the Connecticut middle school teacher who almost did hard time because a computer in her classroom was infected with malware, I heard from many Cringesters -- including a handful of people with intimate knowledge of the case. Whatever you thought of the Amero story before, the reality is far, far worse.
It was a perfect storm of almost farcical proportions. Almost anything that could go wrong, did go wrong: Kids who exaggerated what they saw on Julie Amero's screen. A school principal who overreacted and called the cops when an administrative rebuke would have been sufficient. An IT administrator who was dangerously out of touch. A DA who overreached in applying a felony charge to what was at worst a misdemeanor. A police computer forensics "expert" who was anything but, and a defense expert who was even worse. And Amero herself, more clueless about technology than the students she was supposed to teach.
Alex Shipp, a security researcher who volunteered to help Amero, says the school district's IT admin was:
...an ex-IBMer approaching retirement who appeared to know little about PCs and networks. He let his firewall subscription lapse. He was running a trial version of an anti-virus program (Cheyenne) which was bought out by Computer Associates and discontinued in favor of their product over 6 months earlier. He did not update signatures regularly anyway. From his trial comments, he know little about malware or adware. He knew nothing about pop-ups. To me, it looks like he threw Julie to the wolves to cover his failings.
Security wonks who volunteered to help Amero obtained a ghost image of the computer's hard drive but were inexplicably denied access to the full firewall logs. Still, that was enough to determine what images were on the PC (no hard-core porn, but a number of nude lesbian scenes) and the malware program that was delivering the pop-ups: NewDotNet. (The team published its findings here [PDF].)
On that fateful morning in October 2004, Amero was searching for new hairstyles on a Windows 98 PC described by another security wonk as a "pile of living dog **** with absolutely no protection on it" when the pop-up storm hit. Without the complete logs, it's impossible to know exactly what triggered the pop-ups. We do know she didn't turn off the machine, a point that was hammered home by the prosecutor throughout the case.