, 2007-02-12
Substitute teacher Julie Amero faces up to 40 years in prison for exposing kids to porn using a classroom computer, but the facts strongly suggest that she was wrongfully convicted. Many issues remain, from the need for an independent computer forensics investigation and the presence of spyware and adware on the machine, to bad or incomplete legal work on both sides of this criminal case.
Expand all |
Post comment
Mouse-Trapped
2007-02-13
Anonymous (6 replies)
Anonymous (6 replies)
Mouse-Trapped
2007-02-21
FreewheelinFrank (2 replies)
FreewheelinFrank (2 replies)
Mouse-Trapped - A lesson to be learned
2007-02-22
MikeP (1 replies)
MikeP (1 replies)
Quote:
"and the log data indicates that Amero had continued to use the computer for the rest of the day ? browsing lots of other sites, unrelated to porn. Oh yeah, and unrelated to her work as a substitute teacher. In fact, it appears that Julie continued to browse the web all day ? even after the pop-up incident."
First of all I think the article states that this information was taken from the inexperienced forensic investigator?s testimony regarding the analysis of the software used to obtain the data.
Excerpt:
Norwich Police Detective Mark Lounsbury testified? the computer logged entries into websites like meetlovers.com and femalesexual.com, and other graphic sites. [The]?Detective?explained that his forensic procedure is that:
"Physical evidence and electronic evidence is collected. . . . This evidence includes internet history, content, and registry data, including 'typed URLs'. It's these 'typed URLs,' gleaned from the registry, which are identified - not pop ups. I use a simple tool to search for the evidence. The tool provides me with an audit trail, evidence log, the evidence, web content log, and visited sites log."
I can?t really tell from this but I?m willing to bet the Detective broke about every rule within the chain of custody. Meaning that he probably used the exact computer and hard drive to perform his examination. This all by itself would throw the evidence right out the courtroom window via the narcoleptic judge?s bench.
As Mark mentions in his article, a forensic analysis should determine the time stamp of urls should be able to identify the characteristic of a pop up. And that no analysis was performed to eliminate the possibility of malicious binaries loaded in system memory or on the drive itself indicates that this Judge allowed a precedence to be set. Anyone within the ?law enforcement? community who can say they are computer forensic analysis will be allowed unquestionable testimony.
Personally this is the same one-sided myopic vision that the VAOIG has had in the past. I only pick on them because I used to work there and became the target of one of their personal witch-hunts. It?s not any sweeter when you hear that their lack of security keeps slipping due to employee mistakes but it?s not just their fault. Information Security starts at the top and they just don?t get it.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/434/34348#34348