Have you ever been assaulted by adware? Have you ever had at least one window open up on your PC without your bidding, and show you an ad for something? Maybe you’ve gotten that fake dialog-box security-warning attack? The one where it looks like a real warning which says that your computer has porn, or your web surfing history can be compromised, or that your computer is open to attack–and if you click anywhere on the “dialog box,” it takes you to a commercial web page selling software of some sort. This fake dialog box may have even popped up when you weren’t web surfing, so it looks even more like a real warning from your OS.

If you’ve been exposed to such a low-key adware trick, then you have only a small taste of what a full-fledged adware attack feels like. A real attack is when your screen fills with browser windows bristling with graphic porn ads, and any attempt to close one window will bring an onslaught of even more ad-riddled windows, in hydra-like fashion. The program must be force-quit to silence the ads, using the task manager (Ctrl+Alt+Delete) to end the process–and then the machine must be cleaned of adware.

It’s bad enough to be attacked by spammers in this way. But then imagine being sent to prison for 40 years because you were the victim of such a spam attack.

No, I’m not kidding. If you have been following the case of Julie Amero, you’ll know what I’m talking about. Amero is a substitute teacher in Connecticut whose computer suffered a malicious adware attack in her seventh-grade classroom. It almost certainly was not her fault in any way, but she’s been prosecuted–and now convicted–for causing “injury or risk of injury to, or impairing morals of, children,” and could be sentenced to up to 40 years in prison. No joke.

Here’s what happened. Long before Amero even saw the computer, it was infected with adware. A month before the offending incident happened, there was spyware/adware installed on the machine that started tracking the computer’s activities. Before Amero’s visit, some other teacher or student used to classroom computer to visit a singles dating service, well-known for its porn adware. Several other pieces of adware had already infected the computer before Amero arrived on the scene. Furthermore, the school itself had allowed the computer’s parental filter software to lapse, and the machine was no longer protected against such material. The antivirus software was outdated and the firewall was not set up. In short, the school itself was negligent, and other teachers had caused the problems that eventually surfaced. Amero was simply the one present when the eventual attack came about.

On October 19, 2004, the day Amero was teaching, students were allowed access to the computer. The regular teacher logged Amero on to the system, told her that students could have access to it, and even warned her not to shut down the machine, else she and the students would lose access to it. One student visited a hairstyling site, and then 20 minutes later, the Crayola crayon site got visited. The hair style site was still active, however, and redirected to a different hairstyle site–one with porn advertising. The process that then led to the adware attack is laid out in detail here.

The screen filled up with porn windows, and the computer got locked in one of those endless porn loops. It’s not clear from the stories I read whether kids were at the computer when the windows came up or not, but it seems that they were not. Still, six kids reported seeing the porn, and even though Amero kept the kids from the computer, and even pushed one student’s face away from the screen, she still got into trouble–to put it mildly. The students told their parents, the parents complained loudly to the school–and the school not only fired the teacher, but had her arrested. The prosecutor pushed hard on the case, the police didn’t see fit to even check for adware, and the judge denied the defense the full ability to present the case on adware–apparently because the defense was late in bringing that particular defense up for some reason.

The prosecution put on an “expert witness” who claimed that the only way to get those windows would be to intentionally visit a porn site–which supports what my father has always told me about purported “experts”: that all too often, they’re full of crap. In fact, the software this “expert” claimed proved the teacher went to porn sites could not distinguish between someone typing in a URL and the browser automatically redirecting to one due to adware or a .htaccess exploit.

On the weight of the prosecution’s case, however, the jury convicted Amero. Of course, they got a very different view, like the one presented in this article, which claims it was intentional because Amero supposedly changed her claim from “students did it” to “adware attack,” and that Amero did not get rid of the attack. However, if Amero was no computer-savvy and students triggered the adware or were at the computer when it came on, then it would indeed look like they started it–just like the judge and jury assumed of Amero, and they were wrong as well. Amero may not have become aware of the adware angle until later; changing a defense strategy in this manner is not evidence of guilt, and it is asinine to suggest otherwise. That Amero did not turn off the computer may have been simply her not knowing how to deal with it, and not thinking of turning the computer off, while thinking the screen was hidden enough not to be a problem.

This is scary. Hell, I’ve experienced this kind of thing in my own classroom. I teach an introductory computer class, and I give my chapter tests on web pages. A few years back, a female student opened up Explorer to take the test, and her screen filled with porn ads. She called for help, and I went to help, but got the same problem: every window I closed brought up at least three more new ones. I sent the young woman to a free computer, force-quit Explorer, and shut down the machine, not allowing it to be used again until the IT guys could clear it of malware.

If I used a Windows PC (Macs don’t get adware, not that I’ve heard of at least), I might even have had such an attack when giving a demo. As it is, I use a virtual version of XP on which I put nothing but the basic software and use for nothing but teaching, so I’m clean and safe.

But I can fully sympathize with Amero. Unless you know the Ctrl+Alt+Delete trick, shutting down Explorer is near-impossible in that state. Sure, you could shut the whole machine down, but you could just as easily be attacked on startup again. And Amero may not have been computer-savvy enough to handle the situation, especially if it happened as she was teaching a class and could not sit down and troubleshoot a porn attack at the moment. Hell, I know a few teachers at my own school who would be at that much of a loss, at least. Most people would not even know what was hitting them, and so would not know how to handle it at all. Add to that the fact that in today’s world, virtually all 12-year-olds, especially boys, have visited porn sites on the Internet themselves.

So of course, we should send this teacher who got caught by an adware attack to prison for 40 years. Since the verdict was handed down, it hit the newswires, and virtually the entire technical world is shouting down the decision, decrying it for the outright miscarriage of justice it so clearly is. Sentencing has not yet taken place, and in light of the whole furor now taking place (Norwich police admit to being “thrashed” by complaints and criticism), the judge will hopefully not sentence Amero to any jail time at all, and Amero can hopefully then work as a free woman to have the conviction thrown out and erased from her record.

However, since the prosecution is insisting that Amero intentionally visited porn sites, she may be marked forever as some sort of unfit teacher, and not hired by schools again because they would not want to take the risk that the accusations, however questionable, might be true. And so a teacher may have her career trashed and her life derailed because of spam, paranoid and overprotective parents, overzealous prosecutors, and lay people who just don’t know enough about computers, who listen to legal “experts” who know almost as little themselves.