When Alex Eckelberry heard of Julie Amero, the substitute teacher found guilty of exposing children to porn pop-ups in class, he did more than just write about it on his blog. Eckelberry, the head of a Florida-based computer security firm, put together a forensic team and produced a report to be used in her defense.
Stressed by the ordeal of the case and in declining health, last week Amero agreed to plead guilty to a single misdemeanor charge of disorderly conduct and give up her teacher’s license. Last night Eckelberry made the defense report public for the first time :
At some point, I may find the time to chronicle all the events. There are all kinds of stories from the time. I met some wonderful people — some of the most decent, just and hard-working folks I’ve ever met. It was an extraordinary experience, shadowed only by Julie’s terrible predicament. But for now, I have something to post: the analysis that our group of security and forensic experts performed of the evidence available
Ryan Singel of Wired’s Threat Level summarizes the report:
Among its findings:
- The school’s IT manager told the jury that the anti-virus software had been updated with new virus definitions in early October, just days before the incident. But according to the system’s antivirus update log, signatures were last updated on Aug. 31, 2004 . Those signatures were from June 30, 2004, which was the last update Computer Associates ever made for that product.
- The computer had no anti-spyware or firewall software. It also lacked any pop-up blocking technology.
- On Oct. 12, 2004, an adware program, newdotnet, was installed onto the system, likely at the same time someone installed a ‘free’ Halloween screen saver. The IT manager told the jury he didn’t know if adware or spyware was on the computer, and the police’s forensic investigator falsely told them that there was no evidence of uncontrollable pop-ups. In fact, the forensic report found pages that reloaded more than 20 times in a second.
- The jury was told that one adult web page had a red link on it, indicating that Amero had clicked on it. In fact, the computer she was using turned visited links a green color and the HTML on the web page specified that link be red for every visitor.
Ars Technica spoke with Eckelberry who has launched The Julie Group, “a gang of techies who draw attention to cases in which confusion about computers yields bad law.” I hope Eckelberry might one day write a book! Or someone writes it for him. The case — in which officials still stand by what they did and refuse to admit mistakes — deserves wide and continued examination.
Photo credit: the Hartford Courant.