RSS

Tag Archives: Julie Amero

Twofer (yeah I made that up)

Another day another 2 for 1 article.  The past week brought up two interesting articles.  And for the second straight week CNN is in my radar.

In the words of Charlie Brown: “Ugh”

As another, in what is probably going to be an ongoing, update to my article on Julie Amero, comes the story of a new ransomware virus.   Ransomware viruses are the type that lock your computer down and usually pop up messages that you are infected by a virus or some other malware with the intent of getting you pay to remove it.  The problem is once you pay the virus remains still taunting you by asking for payment for removal.

This variation, called Reveton, lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer, says the U.S. Internet Crime Complaint Center (IC3). Once installed, the computer freezes and a screen is displayed warning the user they have violated United States Federal Law. The crimeware declares the user’s IP address was identified by the Computer Crime & Intellectual Property Section as visiting child pornography and other illegal content.
http://www.networkworld.com/news/2012/053112-citadel-259739.html?hpg1=bn

Scammers are now using threat of child pornography to steal money.  As I pointed out in the Julie Amar article, there needs to be protections for people in public from this type of scam and virus, but I also believe we need to extend that to the general public.

One thing I contemplated with the Julie story was how we have placed child pornography at the level of the Red Scare.  No one will argue that child pornography is not a serious crime, but it seems that one is guilty before trial with a simple accusation.  Too many times do I read a news story of someone accused of a crime towards children and see comments that from the public that have convicted the person from the start.  As was shown with Julie Aero it is easy to judge the story based on the cover, but very few were quick to read the pages.  It makes me wonder if crowds with pitchforks and torches still go around looking for witches.

And speaking of crowds with pitchforks, I was made aware of CNNs Andrew Keen article on Facebook.

Luddites are people who are “any opponent of industrial change or innovation” and I keep seeing these types of people pop up more and more.  Now I have to say if you want to be a luddite, it is your choice, don’t own a telephone or computer, to me it does not matter.  But when you want to take your tech-luddicity to the masses you first better understand your subject before you speak in an expert fashion.

I am in complete agreement that some in society have no clue what they are giving up when they give out personal details like they do on Facebook.  I agree that the cost of free online is putting us as a consumer but I can’t agree with a statement like this:

The social network is taking something much more important than money from its nearly one billion members. By sabotaging what it really means to be human, Facebook is stealing the innocence of our inner lives.

It may even be Zucking us up as a species.
http://www.cnn.com/2012/05/30/tech/keen-technology-facebook-privacy/index.html

The problem with an over the top statement like this is that it ignores the reality of a world where we give up freedoms every day.  Most people don’t think about when they go to a grocery store and sign up for the cards we are giving up data to be used for marketing.  There are many places in the “real” world where we are asked to trade our information for some benefit.  Moreover, if we choose the risk (and it always is a risk) we should know what we are giving up.  We will never live in a world where people think about every decision they make.  This in itself is good and bad.  But the worst is those that tell others how to live.

The issue with an article like this is that it only covers the negatives and not the positives.  And it also brands everyone as a person with lack of brain power to choose whether the information they give up is smart enough to make that choice.  The article for all its talk of narcissism the author likes to point out that he “smart” enough to choose to give up Facebook to save humanity.

But what it leaves out is how this type of phenomenon has existed throughout history and the type of people it can create never changes.  Again, we have an article that says this new form is wrong and the old is better.  The problem is not the mechanism that creates it is bad, but the root cause, the person who chooses to become narcissistic.  The mechanism can be music, books, movies, politics and schools.  Many things in life present us with opportunities to become what Andrew Keen points out, but for him it is easiest to eliminate that which has no bearing on his life.  One could make the argument that his writing a series of articles for a website is the same as what he describes Facebook to be, therefore according to his logic websites should be given up in this age.

Logic like this always makes me go bang my head.

This is not to say that I am the biggest fan of Facebook.  As with all platforms it is how you use the platform.  To simple brush the positives under the rug to prove the negatives is dishonest and unprofessional at best.  Most importantly, what is seen on Facebook is not unique to Facebook.  The Guinness Book of World Records proves that.

 
Leave a comment

Posted by on June 8, 2012 in Technology

 

Tags: , , ,

Julia: A new note

This is going to be short but it seems a very interesting aside to my story on Julie, came out:

Meanwhile, the federal government has made scant effort to enforce the requirement that companies give the preferential rate to schools. The Federal Communications Commission, which oversees the program, has yet to bring an enforcement action against any carrier for violating the low-price rule, according to interviews and documents, some obtained under the Freedom of Information Act. And the FCC, acting through the private company that administers the program, has provided little if any guidance to companies on how to apply the best-price rule. Indeed, in 2010, companies such as AT&T and Verizon sought clarification on the rule.

“Time and again, we find that schools are rarely advised by the telephone companies of their best available rates,” said Howard Rotto, whose New York consulting firm has represented dozens of schools in the Northeast for four decades. “When representatives of the carrier do not even know of the existence of their best pricing,” Rotto asked, “how can such a rate ever be offered or known?”
http://arstechnica.com/tech-policy/2012/05/att-feds-neglect-low-price-mandate-designed-to-help-schools/

I would recommend to read the article in it’s entirety.  It seems the E-Rate program, which requires CIPA (Children’s Internet Protection Act,) that provides school low rate telecommunications is not being followed by providers.

So the question I am left to wonder if the program is not being used properly, nor enforced, why are we as parents being forced to agree to terms and conditions apart of a program that is not being enforced?

More on this later after some more thought and reading.

 
Leave a comment

Posted by on May 21, 2012 in Technology

 

Tags: , ,

Julie continued…

This is a continuation of the topic I started on Wednesday that can be found here.

Acceptable Use…
As I said before what happened to Julie can happen to anyone in a public position.  Shortly after I discovered Julie’s story, I was presented with the Acceptable Use Policy for my children’s school district.  This document was the contract that I was to sign, acknowledging I understood what the school’s policy was on technology and Internet use in the school.  My first thought was to ponder why elementary school aged children would not be supervised, thus providing the need for signing of such a document.  Then I went through the process of reading the document thoroughly.

Now mind you, as tech savvy as I am, EULAs and licensing agreements on software are something I barely put thought to.  Nevertheless, this document had me curious, what did it contain and why did it need my signature as a parent?  So I went through the document to see what it contained.  In great detail it listed what would be provided, what would be the responsibility of the user and even tried to curtail my criticism of the school district.  It was troubling to say the least.

Moreover, protection for my children when they did wrong doing, was the shortest part of the document.  This was the most troubling aspect of the document for me.

I decided I needed to speak with someone at the school.

Bumbling, fumbling, mumbling…
Right up front, I must admit I am not the most elegant speaker.  My meeting with a school official did not go well.  I was passed on to the school’s IT Administrator.  This time I prepared myself much better and was able to communicate my concerns much clearer.  I was assured repeatedly that my children were in no danger from Internet threats like porn and malware.  Nevertheless, I pressed forth and expressed my call was not about the school offering these protections, but what would happen if my children were caught doing something wrong, what investigation would be done to make sure.  I was assured things would be investigated thoroughly and only if they did something then they would be in trouble.  It was then that I asked for that to be put into the writing of the document.  It was at this point that the conversation ended and I was told I would receive a call back to further discuss the matter.

I never received a call back, and I never called back.  I chose not to sign the agreement from that point on.

CIPA
I stepped back from the conversation realizing what situation I was stepping into fully.  First, I do not put blame on an IT Administrator reacting the way he did.  Understand first that as with any job, there is only so far anyone wants to take the job.  My asking for change of policy was something of monumental change and disruption to a system that was probably running smoothly for those in charge of it.  Secondly, and sadly, schools are running scared of parents and lawsuits.

This does not excuse their non-response, nor does it excuse my lack of follow up.  At the time I did not feel putting this issue out there was worth the fight and what it could mean for my family.  At the same time I was discovering and dealing with this issue, was the same time the Lower Merion Web Cam lawsuit was going on.  That was the lawsuit where Lower Merion School District was accused of spying on children through web cams on Laptops they provided to students.  In turn some local news outlets decided to drag the parents involved in the lawsuits through the mud, so to say.

I since then have learned why Acceptable Use Policies are distributed to parents to sign.  It is because of the Children’s Internet Protection Act (CIPA.)  CIPA required schools and libraries who received E-Rate discounts on telecommunication services and Internet, must in turn use Internet filters and other measures to protection children from harmful online content.  If memory serves me this was one of the hot button issues right before 9/11 attacks.  Libraries had been arguing filtering the Internet was un-constitutional; a lawsuit was brought and argued all the way to the Supreme Court where CIPA was upheld.

Acceptable Use Policies are fulfillment of CIPA.

Now that the cause is out of the way…
The main problem with the Acceptable Use Policies is that they do not go into much detail as far as protection goes.  As far I see it they do everything to protect the school itself, to a) ensure funding and b) protect from lawsuits, but little concern has gone into situation like Julie Ameros that can still happen.

What has to be understood, that anyone can be wrongly accused on accessing something illegal on the Internet, and right now, we do not have legal understanding of our current technology in relation to current society.  There is still argument as we speak about whether an IP (Internet Protocol) Address can lawfully identify an end user.  Judges are finding it difficult to understand the complexities this new age is bringing.   Just a few years back we were looking at the prospect of minors being charged with sex crimes for Sexting (Sex Texting.)  The problem with such prosecution was the rampant spread of such crimes, leading to a majority of future society being sexual predators as defined by current law.

Going forward…
One thing I do not understand is why elementary aged children cannot be introduced to technology in a controlled environment.  Intranets (that is an internal network) could serve controlled web pages that would be school controlled, thus forgoing the necessity of such Acceptable Use Policies for elementary children.

One thing that is apparent to me is that with CIPA we have another example of a law passed without proper research or thought.  CIPA does nothing to offer protection for neither children nor adults from unfounded accusations.  One thing I am finding in my research in multiple districts is this:

Due Process
a.  The School District will cooperate with the School District’s ISP rules, local, state, and federal officials to the extent legally required in investigations concerning or relating to any illegal activities conducted through the School District’s CIS systems.

b.  If students or employees possess due process rights for discipline resulting from the violation of this policy, they will be provided such rights.

c.  The School District may terminate the account privileges by providing notice to the user.

The problem is this is not strong enough language as it does not define what legal responsibility they are speaking of.  While the Acceptable Use Policy goes into great detail on other subjects about exactly what can be done and how it is done on their network, these are the words of protection being offered to the end user.  There is no word of what kind of investigation will be carried out and how it will be done.  Who covers the cost and what protections exactly will be offered during the investigation.

What needs to happen is for all concerned to have Due Process fully explained and exactly what legal protections are there for the end user.  How the investigation will be handled and carried out.

Final Thoughts
I save this for last because I feel it is most important. I have not named officials I have spoken with, or districts because their names and persecution of them is not needed.  My bringing to light this subject is out of concern for innocent people, such as Julie Amero, being prosecuted for crimes they are not guilty of.

One of the scenarios, I know is possible, is for a child in school at a library computer to walk away from their computer for a second and have another student go on their computer and do something illegal.  Now this is all logged under the login of the innocent child who made a mistake of walking away for a moment.  I know because this sort of thing happened while I was in college.  Someone would forget to log out of their computer and as a prank, other students would change the wallpaper to potentially offensive images.

Some might argue that children should know better than to leave a computer unattended.  But don’t we live in a society where we allow children to learn and grow from their mistakes?  As it is, we do not send minors to adult jail when they commit crimes, but choose to try to rehabilitate first in most cases through the Juvenile Court System.  We as adults should do our best to protect children and that means having laws that not only protect what they are viewing, but what happens when they are caught doing something illegal.  CIPA just does not go far enough in protection and our schools are doing no better.

Furthermore, we need to offer protections to all in public positions in society such as teaching.

A Final Lesson

The stigma of possessing child porn means that such allegations, even if later proven untrue, can be damning. And the allegation can indeed turn out to be untrue. In 2002, UK police accused over 7,000 people of purchasing child porn from a website, but it later turned out that hundreds of them were merely victims of credit card fraud. Their credit cards had been stolen and used to purchase child porn, so they ended up getting caught in the police dragnet. One of those victims was Simon Bunce, a UK resident whose identity was stolen by a pedophile. Bunce was caught up in the aforementioned pedophile sting, dubbed Operation Ore. Before being fully cleared by the police, Bunce lost his high-paying job, and his family members disowned him. He may never be able to repair the damage to his reputation.
http://arstechnica.com/tech-policy/2010/08/disgruntled-brit-plants-child-porn-on-bosss-computer-calls-cops/

 
1 Comment

Posted by on May 11, 2012 in Technology

 

Tags: , ,

Julie

It was a perfect storm of almost farcical proportions. Almost anything that could go wrong, did go wrong: Kids who exaggerated what they saw on Julie Amero’s screen. A school principal who overreacted and called the cops when an administrative rebuke would have been sufficient. An IT administrator who was dangerously out of touch. A DA who overreached in applying a felony charge to what was at worst a misdemeanor. A police computer forensics “expert” who was anything but, and a defense expert who was even worse. And Amero herself, more clueless about technology than the students she was supposed to teach.
http://www.pcworld.com/businesscenter/article/154768/the_julie_amero_case_a_dangerous_farce.html

As with many subjects, background is needed and this one needs as much as any.  Moreover, this is probably one of the most important issues for anyone who is involved in education.  If you are a Teacher, Administrator or have a child in a school, you need to understand this issue.  The issue is the application of the Internet in our classrooms and policies towards the use of technology in our schools.

I became aware of Julie Amero’s case and situation a few years ago actually after taking security courses at college.  It was jarring, to say the least, but not surprising.  It was a case of all parties involved not having a clue about technology, a clue about the Internet and fear.  It was a story of people in power, not understanding technology.  Moreover, it was a story of overreaction by those in power who did not understand what they were dealing with.

One day at school…
On October 19, 2004, Julie Amero was a substitute teacher who had just come to work, another teacher had logged her into the classroom computer, as she had no login id.  She left the room to use a bathroom, when she came back to her horror, pornography images had begun popping up and never stopped.  She tried to stop them but as she did more and more and more replaced each one.  Instead of doing what most would have done, which was power off the computer, she told the Vice Principle of the incident.  She did not turn off the computer, because she had no knowledge of computers, and it was against school policy.  She had sought out help during the day, but was told pop-ups were normal; No one ever came to her aid to help.  She also turned the monitor away from students eyes, but this was to no avail.  She would let the Principle know of the issue the next day.

Once students let their parents know of the issue the situation exploded.  Julie found herself charged and looking at real jail time.

What went wrong
In the beginning of the investigation no care was paid to what caused the porn pop-ups to start.  As far as investigators and the school were concerned, Julie had been surfing porn sites all day and exposed minors to pornographic material.  The truth was far from that simple.

Not because of the district, or investigator intervention, but outside of the school district the real truth came out.  The school IT Administrator never updated the anti-virus software, which was a trial version of the software.  The network also did not have a proper firewall.  The cause of the porn pop-ups was discovered to be the work of malware, which upon activation would non-stop flood the computer with porn images.

The school did not have the knowledge, nor had a qualified professional in their IT department.  The school was also looking to wash their hands of the matter.  The detective who investigated the case had little understanding of Browser technology and relied upon network security experts who could not prove Julie had intentionally caused the pop-ups.  In the end Julie was initially found guilty in her court case and facing a prison sentence of 40 years.  It wasn’t until an outside security expert stepped in and proved that the prosecution had overlooked a lot of facts in pursuit a conviction.

In the end Julie was granted a new trial, ending with a disorderly conduct guilty plea, $100 fine and had to forfeit her teaching credentials.

Lessons not learned
When I first discovered the case and read through all the opinions I was as outraged as many others were.  There was so many things that came together to create a perfect storm of fallacies in this case.  If it were not for an outside security expert doing voluntary work, the facts of the case would have never come to the light of day.  It also highlighted to me that we still have those in power who do not have the basic understanding on technology and what can be done to innocent people through malware.

Almost 15 years ago one of my friends went through a nearly similar incident.  Now his incident was not dealing with pornography, but something as serious.  His friend had hacked into the New Jersey State Police and proceeded to give all the police officers records.  The investigation led to the police interviewing my friend about software he gave his friend at the time.  This software could be used for illegal activity, but at the time its favored use was to ping computers to find out connection speeds for game servers.  Because my friend had given the software to his friend, police were interested in the software and what it was used for.  My friend co-operated and gave them all the information they needed.  At first the police told my friend that he was in no trouble being he had co-operated and did not do the hacking personally.  A week later the police decided the rules had changed and my friend was now an accessory to the crime.  Being a minor, he was given probation and community service.

What I learned then was that those in authority did not have a grasp on technology, nor how it worked.  A decade after my friends community service, the case of Julie Amero proved that those in power still didn’t understand the technology they were dealing with.  Not even Julie herself understood how a computer worked, or how to turn off the computer.

What prosecutors failed to see was that they were dealing with malware that was a Porn Trap.  That is malware that is intended to infect the computer with a Internet browsing history of porn websites.  For those that may ask why such malware would exist, this malware could be used to destroy someone’s career in any public position from educators to politicians.  As seen with Julie it almost did.  This is one of the reasons I am never quick to judgment when reading stories about people caught with child-porn or similar situations.  Unless there is substantial, concrete evidence, you can never be sure about guilt or innocence.

Still not getting it
On Friday I plan on going to into detail with what is happening in our own local schools with this issue and how it can possibly happen to any parent or educator in our schools today.

 
1 Comment

Posted by on May 9, 2012 in Technology

 

Tags: , , ,

 
%d bloggers like this: