Posts Tagged ‘spyware’

Could a Spyware Ridden Machine Get you 40 Years in Jail?

As anyone who has ever read this blog knows, I always try to tie these spyware, adware posts back to my friends from Zango, those guys who never do anything wrong, it’s always an affiliate or another website. While Zango is not mentioned, I bet money one of their programs was installed, hehe. But I just read this article from Computer World by Preston Gralla, Porn-surfing teacher: Spyware made me do it!, who obviously should not be posting about spyware, as it appears he does not have a clue and his blog post is a complete joke.

A recent court case found a Connecticut substitute teacher guilty of surfing for pornographic sites in front of her seventh grade class, and now, she faces 40 years in prison. Wow, forty years, I was watching something on TV the other night where two guys killed someone and the max they could and did get was 15 years. But this teacher could get forty years? That is just plain wrong. Anyone who is involved in anyway with school systems know, most teachers aren’t prepared for something like this, the teacher was probably as overwhelmed and shocked as the students were when it happened and was just trying to get them to close down. And if it has happened to you, when you click the x to close a popup, one or many more can popup on you, making it look like you may have actually clicked on the popup itself.

Not only that, the prosecutor wanted to know, but if in fact spyware was on the PC, why didn’t the teacher merely turn off the computer or pull the plug on it?

Julie Amero had no answer.

Lawyers have come up with some novel defenses over the years, including the “Twinkie defense” in which a lawyer argued that defendant Dan White’s eating of Twinkies and drinking Coca-Cola proved that he was depressed, and so not responsible for his actions in murdering San Francisco Mayor George Moscone and Supervisor Harvey Milk in 1978. The defense was partially successful; White was convicted of voluntary manslaughter rather than murder.

Luckily, it seems as if the spyware-made-me-do-it defense doesn’t cut it in court. For once, justice prevails. Source: Porn-surfing teacher: Spyware made me do it!

A substitute teacher is just that a substitute, and has not been in similar situations, and probably had no idea unplugging the machine or turning off the projector would have been the best way out, plus, the school system has to have content filtering in place to be able to get E-rate money to help fund all of the computers, internet access, etc. The school systems filters should’ve prevented most porn sites from popping up to start with, so, why isn’t the school system on trial and not the teacher?

And according to a quote from Alex Eckelberry, who is President of Sunbelt Software, they didn’t even check for spyware.

The court actions of the case were flawed as well. For example, one source reports that the Trial Judge, Hillary Strackbein, was seen falling asleep during proceedings and made comments to the jury that she wanted the case over by the end of the week. It was also reported that Judge Strackbein attempted to pressure the defense into an unwanted plea deal, in place of a trial. The defense attorney for Amero, moved for a mistrial shortly before closing arguments Friday, based on reports that jurors had discussed the case at a local restaurant.?

Was justice done here? A bad spyware infestation can splatter a machine full of porn popups and it?s a bit unnerving to think that a teacher could get hard prison time for something that was likely to have been completely innocent.

We need far more evidence than what is available to come to the conclusion that “justice was done”. In fact, all the available evidence shows quite the opposite — that this might just be a grave miscarriage of justice. Source: Alex Eckelberry

I have recently had the chance to attend several classes on computer forensics, so sure, the police found evidence that those sites were visited, but ANY window that is opened on the computer will show up in the cache and list of websites visited. The fact that neither the defense nor the prosecution tried to show how it happened is incomprehensible to me. If it was one website that caused this to happen, it would be so easy for them to repeat what happened. This quote from computer crimes investigator in an article on the Norwhich Bulletin is very telling,

“You have to physically click on it to get to those sites,” Smith said. “I think the evidence is overwhelming that she did intend to access those Web sites.” Source: Teacher guilty in Norwich porn case

You do NOT have to click on any link, it can be loaded from spyware apps, malware, or other malicious websites, it can be loaded from a website, that was loaded in a popup, from a website that was loaded in another popup, from another website that was loaded in a popup, and as the saying goes, on and on and on. This is just a case of one investigator only having the tools to do forensic investigation and not the knowledge of how a computer works to go along with it. Anyone involved in the Julie Amero case feel free to leave me a message at 304-521-2582 or an email to webmaster at tipsdr.com with “Julie Amero case” as the subject and I will be happy to explain how this could happen with the teacher only opening one “innocent” webpage on her computer. The 40 years should go to the spyware makers or to the school system, not this substitute teacher.

2 comments - What do you think?  Posted by Jimmy Daniels - January 13, 2007 at 12:25 am

Categories: Computer Forensics, Education, Malware, Protect Children Online, Security, Spyware Info   Tags: , , , , , , , ,

Swiss Malware Experiments

A Swiss newspaper, Schweizer Sonntagszeitung is reporting that the Swiss Department of the Environment, Transport, Energy and Communications has conducted malware experiments with a spyware program that is only given to Swiss authorities and that it cannot be detected by any firewall or antivirus solution.

The department is clearly considering the use of spyware that has been specifically developed for tapping into encrypted Voice-over-IP connections (e.g. Skype). It is still unclear whether using such a tool could be made legal. In any event, a judge would have to approve each case in advance, similar to the procedure for monitoring normal telephone calls. Source: Viruslist.com via Schweizer Sonntagszeitung

Undetectable, I know a few people who would like to test that claim. Bring it on.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - October 12, 2006 at 5:33 pm

Categories: Malware, Security   Tags: , ,

AMD’s Forums Hacked and a WMF Exploit Added to thier pages

Apparently, someone hacked AMD’s forums and and added a link to a windows meta file image hosted at toolbarsdollars.biz, a well known distributor of adware and spyware, so whatever you do, don’t visit that site, that’s why I did not hyperlink it.

As typical with many webpages, AMD’s forum pages have external php scripts that are loaded with the iframe tag in the webpage. One of those scripts, in turn, calls up a 16 kilobyte image called xpladv586.wmf that was being hosted at toolbarsdollars.biz, which is a well-known adware site. Several users reported that their anti-virus and anti-adware programs detected the WMF as containing a Trojan horse and promptly sent the file into quarantine. They have also posted several pages worth of messages to other forum members detailing what they did to clean up their computers and stop future threats. Source: TGDaily.

This has since been fixed, according to AMD here, but they did not say how it happened to start with. To protect yourself, if you have not already updated your software, the patch can be grabbed from here or by using Windows Update from Microsoft.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - January 30, 2006 at 10:41 pm

Categories: Spyware Info, Tech News   Tags: , ,

John Thompson is no Complainer

In an article posted at news.com, John Thompson, CEO of Symantec, says we’re not going to whine about Microsoft competing with us in the security arena, and let’s face it, given Microsoft’s record with security, you can’t really blame him.

Microsoft is set to enter the security arena next year, but Symantec won’t compete by complaining to antitrust regulators or suing the software giant.

“We’re not looking to go whining to the EU or the DOJ for anything,” Symantec Chief Executive Officer John Thompson said Tuesday, referring to the European Union and the U.S. Department of Justice. Thompson was responding to questions from reporters after an event at the Commonwealth Club here.

Symantec, based in Cupertino, Calif., has responded to questions from EU competition authorities about its role in the security industry but has no intent to file a complaint about Microsoft, Thompson said.

“We’re not involved with anything with the EU,” Thompson said. “We don’t need competition in the courtrooms.” Instead, Thompson said Symantec will compete with its products, which he said are superior those Microsoft has yet to launch.

My experience with Symantec’s antivirus products has generally been good and a positive experience overall, although we did standardize on McAfee VirusScan, which I think is a better product. BUT, that does not be any stretch mean I wouldn’t dump them for a better product from Microsoft, especially if that product came already installed and ready to go. Microsoft may not do everything well, but they aren’t afraid to buy a company who does do it well and go from there. I like their anti spyware product and it’s ease of use, even though I don’t like some of the companies they mark as ignore, so there are tradeoff’s in almost every product. I’ll be cautiously pessimistic as always and try it out when they release it.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - October 12, 2005 at 1:04 pm

Categories: Microsoft News, Virus Info   Tags: , , , , ,