A substitute teacher from Connecticut is facing up to 40 years in
prison because her malware-riddled computer displayed porno popups in
class.
On October 19, 2004, Julie Amero arrived at Kelly Middle School to teach a 7th
grade language arts class. Mr. Matthew Nett, the class's regular
teacher, logged Amero into the classroom computer and left, warning
her not to turn the machine off.
Amero let the students surf the web
for a few minutes. The kids visited several innocuous sites
including an innocent-looking page on hair styles. Suddenly,
pornographic popups started to fill the screen. Soon, the machine was
frozen in an endless porn loop.
Nobody in that classroom clicked on any porn that day. The popups
were generated automatically by a piece of malicious code from the
hair site. Readers with a technical bent can learn exactly how the
malware hijacked Amero's computer from defense expert Herb Horner and security
consultant Alex Eckelberry.
Amero immediately got the students away from the computer. She even
pushed one student's face away when she caught him looking at the
monitor.
Amero had no idea that this computer was full of malicious software
(malware). Nor did she realize that the school's content filter license had
expired, leaving the computer completely unprotected from malware and
obscene content. All she knew was that she'd been told not to turn
the computer off. So, she did her best to keep the kids away from the
monitor.
A few weeks later, Amero was arrested and charge with multiple felonies.
At trial, a police witness for the prosecution claimed that Amero
must have "physically clicked" on porn links to generate the popup
storm. In fact the software that the police used to analyze Amero's
hard drive cannot distinguish between a user's clicks and automatic
redirects caused by malicious software. Under cross-examination the
officer admitted that he never even checked for malware.
The defense's expert witness performed an independent forensic
analysis of the computer and found that it was infected with multiple
pieces of malicious code, including the script from the hairdressing
site that spawned all those popups.
The jury didn't get to hear most of the defense expert's testimony
because Amero's attorney failed to bring up malware during the
discovery phase of the trial.
On January 5, 2007 a Norwich jury found her guilty on four counts of
"injury or risk of injury to, or impairing morals of, children." Each
count carries a maximum sentence of 10 years in prison. It seems
unlikely that Amero will get the maximum sentence, jail remains a
very real possibility. Felony convictions could also end Amero's
career as a teacher. She will be sentenced on March 2.
Amero will appeal her conviction.
If Julie Amero's conviction is not overturned, an innocent woman will
have been framed by a computer.