malware

Lessons to be Learned

This morning I overheard GMA making reference to the case of Julie Amero which was the subject of my blog in December titled “Unsavory Justice - Julie Amero vs Connecticut“.  The ABC News story “Wrong Computer Click Ruined My Life” doesn’t present any new facts in the case, but does present the case before perhaps a much different audience than it might have received previously.  The aforementioned links provide the background which I will not expand upon.

However, what I do want to suggest is that there are lessons to be learned from this:

• The need for training (…over and over again I see training as the number one need!)  Those of us who are computer literate make many false assumptions regarding users — we need to rid ourselves of those assumptions.  I’ve always told users that I was training that “You’re trainable”, but that doesn’t mean they’re trained!  The training MUST be on-going.
• The IT department perhaps was not well enough trained either – OR – the proper precautions that would have prevented the site accesses would have been in place.  (NOTE that this does make the assumption that IF they knew what to do they would have done it - which assumption could be erroneous since there is a cost associated with doing the “right” thing!).
• Leaving a system unattended can lead to mischief or mishaps - whether it’s a school classroom or a business environment, whether it’s a “dumb” use, or an intentional misuse.  If you leave a computer that you’re responsible for, log off!

I’m sure that there are other lessons to gain from this as well, and certainly a variety of actions that can be taken.  I just couldn’t let this sit today, even though I’ve blogged on it before!  The case is unsettling to me!

Unsavory Justice - Julie Amero vs Connecticut

Perhaps I’ve had my head buried too deeply into code over the past 4 years or so, but it wasn’t until this morning that I became aware of this unfortunate event playing out less than 100 miles from my home.  Since I blog only here, don’t have a MySpace, rarely purchase on-line and seldom visit anything other than a site immediately related either to a project I may be involved with or might become involved with, I guess one could say that I lead a sheltered life!

The case came to my attention as the result of reading the latest Sunbelt Security News  - a newsletter which I follow with some regularity, and my generally inquisitive nature.  Anyway, in case you have also had your head into too much code, the case in short (very short) is this - Julie Amero was a middle school substitute teacher who had the unfortunate experience of having the computer she was on begin showing pornographic pictures.  She was charged and convicted with felony charges of impairing the morals of a child, with sentencing delayed (…since it appeared that perhaps not all aspects of the case were solid).  Her conviction was thrown out and she was granted a new trial.  On November 21, 2008 her saga ended with a guilty plea to disorderly conduct .  She lost her teaching credentials, her health has been compromised, and paid a $100 fine.

What happened to her in that classroom reminded me of an incident I experienced a few years back when I got a frantic call from a woman on her workstation who just couldn’t get rid of pornographic popups that just kept coming at her.  She was frantic!  She was not a “knowledgeable” computer user, she had no idea what to do!  In her case, what was discovered was that some member of the nightime cleaning company had decided to make use of the company high speed connection and to access porn sites, the result was a compromised PC - left ready for its next user to experience.

Now, clearly I do not know all the facts related to the Amero case, but that this happened surely is tragedy, as well as another example of the need to remain constantly vigilant regarding keeping anti-virus and malware under control and updated.