Tuesday, March 19, 2019

Father of three in England and substitute teacher in Connecticut have their lives upended by computer viruses that launch pornographic images onto screens


Consider a father of three in England and a female substitute teacher in Connecticut. How might their lives intersect? The answer, in one instance, is that their computers contracted viruses that led to pornography charges, turning their lives upside down.

The 2003 case of Julian Green in the UK received international news coverage and might be the best-known example of virus-borne child porn wreaking havoc on someone's life. In about the same time frame, Julie Amero was trying to fulfill the thankless task of being a substitute teacher, in Norwich CT, when students saw pornographic images popping up on her school-issued laptop. The images apparently were of adult porn, but Amero still faced criminal charges that took years to resolve.

Could a virus, pop-up ad, or spam be responsible for images that are central to the pending Missouri child-porn case of U.S. v. Scott J. Wells? It's too early to say, but if that proves to be the case, Wells will not have been the first person to be put through hell because of a computer virus linked to porn. From a New York Times piece on the Julian Green case:

One evening late in 2001, Julian Green's 7-year-old daughter came upstairs from the computer room of their home in the resort town of Torquay, in western England, and said, ''The home page has changed, and it's something not very nice.''

When Mr. Green checked the machine, he found that the family PC seemed almost possessed. The Internet home page had somehow been switched so that the computer displayed a child pornography site when the browser software started up. Even if he turned the machine off, it would turn itself back on and dial the Internet on its own.

Mr. Green called the computer maker and followed instructions to return his PC to a G-rated state. The pornography went away, but the computer still often crashed and kept connecting to the Internet even when ''there was no one in the blinking house,'' he said.

The call to customer service, it turned out, hardly was a solution:

But Mr. Green's problems were only beginning. Last October, local police knocked on his door, searched his home and seized his computer. They found no sign of pornography in his home but discovered 172 images of child pornography on the computer's hard drive. They arrested Mr. Green. This month, Mr. Green was acquitted in Exeter Crown Court after arguing that the material had been gathered without his knowledge by a rogue program created by hackers -- a so-called Trojan horse -- that had infected his PC, probably during innocent Internet surfing. Mr. Green, 45, is one of the first people to use this defense successfully.

While a case that played out in the British legal system sets no precedent in the United States, legal experts say the technical issues raise two troubling possibilities. For one, actual child pornographers could arm themselves with a new alibi that would be difficult to disprove. Or, unknowing Web surfers could find themselves charged with possessing illegal material that a lurking software program has acquired.

''The scary thing is not that the defense might work,'' said Mark Rasch, a former federal computer crime prosecutor. ''The scary thing is that the defense might be right,'' and that hijacked computers could be turned to an evil purpose without an owner's knowledge or consent.

''The nightmare scenario,'' Mr. Rasch said, ''is somebody might go to jail for something he didn't do because he was set up.''

How bad can this be for the wrongfully accused?

Mr. Green was eventually exonerated, but his life has been turned upside down by the accusations. His ex-wife went to court soon after his arrest and gained custody of their youngest child and his house. Mr. Green, who is disabled because of a degenerative disk disease, spent nine days in prison and three months in a ''bail hostel,'' or halfway house, and was allowed only supervised visits with his daughter.

''There's some little sicko out there who's doing this,'' Mr. Green said, ''and he's ruined my life. I've got to fight to get everything back.''

He said he had no clue how the rogue software showed up on his computer. ''I never download anything. and as far as I knew, no others had,'' he said.

While the Green case was resolved relatively quickly, the Amero case in Connecticut dragged on for about four years. From a report at Wired:

Accused of letting impressionable students see pornographic pictures as she browsed the web in her classroom, former Connecticut school teacher Julie Amero dodged felony charges last Friday by agreeing to plead guilty to a single misdemeanor charge and surrendering her state teaching credentials, according to the Hartford Courant.

But if a soon-to-be released forensic report about her hard drive is accurate, Amero's guilty plea is hardly justice – since the school computer had adware, the anti-virus software on the computer had been discontinued, and the technical testimony at her trial was amateurish and flawed.

Julie Amero
 Amero, a substitute teacher in Norwich, Connecticut, was arrested after students in her class reported that they'd seen pornographic images on her computer screen on Oct. 19, 2004. Amero said the computer wouldn't stop sending pop-ups and that she didn't know what to do with the computer.
In January 2007, she was convicted of four felony pornography charges and faced up to 40 years in prison.

Computer-forensics experts came to Amero's aid, attempting to correct what they feared a court had botched. From an article at the Hartford Courant:

The state of Connecticut spent two years investigating before it won a speedy conviction of Julie Amero -- the infamous Norwich porn teacher -- this January.

But it was never as tidy as the Norwich Public Schools, the Norwich police, the state of Connecticut and the Norwich Bulletin newspaper made it seem.

In truth, Amero, a clumsy computer novice, was the victim of malicious software that took over the PC in the classroom where she was substituting on Oct. 19, 2004. Since Amero's arrest, the state has refused to even consider this possibility.

Then, a few weeks ago, as Amero faced sentencing, Assistant State's Attorney David J. Smith filed a startling motion in Superior Court:

"The state has not completed a full examination of all the issues which may affect its position at the sentence hearing."

Translation: We were wrong. We are trying to figure a CYA way out of this mess.

How did the truth come out. The Courant explains:

Thankfully, a team of computer security experts from throughout the country, drawn to the case by outraged Internet bloggers and a handful of journalists, has presented Smith and his bosses with the truth.

Amero didn't click on the porn. Software that might have blocked the porn was months out of date. Critical evidence was mishandled. School and police computer "experts" who testified were woefully ignorant about computer security and porn spyware to the point that their testimony was blatantly false.

The state's case began unraveling soon after the hapless jury voted to convict. A firestorm of pressure -- from university professors and software executives to programmers -- forced repeated postponements of Amero's sentencing.

But never underestimate public officials when they are cornered. When Amero is finally sentenced, expect a deal that keeps the egg off the many faces behind this sham trial.

Inevitably, Amero will be exonerated. We all deserve an apology for this insulting case.

As the Courant predicted, the case ended with a whimper, as Amero pleaded guilty to a single misdemeanor count of disorderly conduct.

No comments: