In a case of what appears to unfortunately be "too little, too late" Techmeme points us to the news that Connecticut officials have finally agreed to drop felony charges against Julie Amero. As you may recall, Julie Amero was a substitute teacher who was randomly surfing some webpages on a classroom computer while students were working on some projects. On one webpage, the computer started opening a never ending series of windows showing pornographic pictures -- symptomatic of a computer infected with some malicious spyware. However, Connecticut police and prosecutors chose to try Amero on felony charges, threatening to put her in jail for 40 years, and getting a conviction.

After numerous security experts brought attention to the case, a judge finally granted a new trial, and Connecticut police and officials refused to admit a mistake and still intended to try Amero. However, as noted above, the state finally worked out an agreement with Amero, where the state dropped most of the charges, after Amero agreed to plead guilty to a single charge of disorderly conduct (a misdemeanor) and give up her teacher's license. The article also notes that, due in part to stress from the case, Amero has been hospitalized and is in declining health.

It's great that Connecticut finally decided to drop the charges, but the whole thing remains a travesty. It's unclear what Amero did that was "disorderly conduct" or why she deserves to lose her teacher's license. On top of that, the fact that the state still refuses to admit its mistakes in the case is a tremendous shame. A bunch of technically illiterate folks basically destroyed this woman's life and still stand by what they did.

We've pointed out for years the various questionable activities performed by adware firm Zango (or one of its earlier incarnations). The company has gone through so many changes it's tough to follow, but every time it insists that it has somehow "cleaned up" its act, it doesn't take long for researchers to find evidence to the contrary. For a while, the company was in hot water with the FTC for tricking people into downloading its adware. It eventually settled with the FTC, paying a hefty fine. These days, once again, the company insists that it's reinvented itself to focus on the "casual gaming market."

However, that doesn't appear to be the case. I recently saw a presentation from the company where it didn't mention casual gaming at all, but instead called itself a "publisher" of content -- though it was quite vague and evasive about just what kind of content. Perhaps that's because it doesn't want parties like the MPAA to know. As Ben Edelman had noticed a few months ago -- and now more and more security researchers are finding, Zango's software is being offered up by folks who are promising fully pirated movies.

It makes you wonder if Zango recognizes that dealing with the MPAA may be a lot less pleasant than fighting the FTC. Of course, maybe the MPAA recognizes that when pirated movies come with intrusive adware like Zango, it only gives pirated movies a bad name.

Spammers and scammers keep upping the game against security researchers, sometimes in creative ways. And, in fact, it would appear that the latest sneaky trick making the rounds is almost admirable in its sneakiness. For example, take a look at this latest hack, which hijacks your clipboard, and repeatedly places a link to a site for fake security software. The hijack takes place through flash advertisements (even those found on legit sites), which is all the more reason to use AdBlock or FlashBlock or NoScript or something to protect you. However, what it's banking on, is the fact that plenty of people quickly cut and paste links they want to send around or post in other blogs and forums. When done quickly, many people won't even notice that they're not pasting the link they thought they cut from elsewhere -- thus getting lots of folks to inadvertently spam links. This must be incredibly annoying for those who get hit with it, but that doesn't take away from the creativeness of the attack itself. Even security researchers, like Mikko Hypponen, are grudgingly tipping their hats on this hack: "It is a pretty clever technique. Our work would be so much easier if our enemy would be stupid."

Over five years ago, we wrote about a college that was starting to offer a new computer science class in writing computer viruses. And, of course, various anti-virus companies went ballistic, claiming how dangerous it was. Yet, as we pointed out at the time, anti-virus companies don't have the greatest track record in actually stopping viruses -- so it seemed only reasonable to teach people to better "think like the enemy." Anyway, it appears not much has changed. Theodp writes in to let us know about an article in Newsweek about a very similar course being taught at Sonoma State University by George Ledin, where students are tasked with creating their own malware.

Once again, various security companies are condemning the technique, even sinking so low as to compare Ledin to A.Q. Khan, the Pakistani scientist who sold nuclear technology to North Korea. They even insist they won't hire his students -- which seems particularly short-sighted. As Ledin points out, it appears that this is really more about the security companies wanting to keep the world more scared than they need to be of malware, so as to pretend that they're the only ones who can solve the "problem" -- when the truth is they're not very effective at it. He complains that anti-virus firms keep their code secret (thank you, DMCA). He points out that if they were willing to open it up, and let lots of folks work on improving it, it would get much, much better. All he's trying to do is help more people understand the enemy without first having to work at one of those companies that's been so ineffective in stopping malware -- in the hopes that maybe some of his students can actually come up with a better soltuion.

You may recall the case of Julie Amero, a substitute teacher in Connecticut who was found guilty of charges that she had showed pornography to children in her classroom, and who faced 40 years in jail. The problem was that the police and the prosecutors seemed unable to understand what had actually happened. The computer in the classroom had been infected by malware, which tossed up porn pop-up ads. It wasn't that she was surfing porn, but that the computer had malware. As news of this wrongful conviction got out, more and more security experts tried to explain to everyone involved why Amero was not the guilty party. Eventually, the judge agreed, and struck down the guilty verdict.

However, the state still has not dropped the case.

In fact, as reader Phil K lets us know, the state has no intention of dropping the case, and appears to want a new trial. No one involved in the case will explain why they won't drop it. In fact, they won't even apologize for what was clearly a wrongful prosecution in the first place. The prosecutors, the police and the school Amero worked for haven't said a word. The fact that they're planning to go through another trial over this matter suggests they still don't even realize what they did.

We all know about the "Great Firewall" of China that's designed both to keep certain website inaccessible from China, but which is also supposed to block certain content in China from reaching the outside world. While there already are some questions about how effective the Great Firewall really is, it does seem odd that the majority of "badware" sites are all hosted in China. Is it that China just doesn't care or is it that the Great Firewall isn't actually that effective? Perhaps the answer is somewhere in between. The Great Firewall definitely has some holes, and if the purpose of it is more focused on political speech than malware, perhaps it shouldn't be surprising that the powers that be ignore the malware and let it go through. Or, of course, you could take the conspiratorial viewpoint, and say perhaps China blocks malware within the country, but doesn't care if others get it. Given the various rumors and reports lately about Chinese hackers breaking into computers in other countries, that last possibility may not be so far-fetched.

Remember the ridiculous Julie Amero case in Connecticut? That was the one where a substitute teacher was facing jail time because the computer she used in a classroom had malware that displayed pornographic images. The local prosecutors wanted to send her to jail, despite the fact that it was the malware that put up the porn. It looks like a similar situation (luckily, without the jailtime) is playing itself out in Massachusetts. There, a "computer illiterate" state employee was fired for child porn found on his computer. After hiring a computer forensics expert, who pointed out that the state's IT department hadn't configured the machines securely and that it was chock full of malware, the guy has been cleared of child porn charges -- but that doesn't change the fact that he's been disgraced and out of work for over a year.

We've written about all sorts of crazy things that software companies do in their EULAs (End User License Agreement), but it really says something about how ingrained the concept of an EULA has become that malware companies are starting to offer such draconian EULAs on their products (found via Ars Technica). Among the more amusing features of the EULA is a guarantee to buy any future upgrades. How's that for lock-in? Of course, EULAs are barely enforceable as is, and when you're selling to scammers and crooks they become even less so. Most EULAs are backed up via the power of copyright law, but that obviously doesn't work in this case. So how are the malware authors enforcing it? In typical organized crime fashion: with threats to destroy everything else you've got. Specifically, if it catches anyone violating the terms, it promises to send their botnet code to various antispyware companies -- effectively handing over the location of their secret hideout to the malware police. Who knew that honor among thieves now has taken on an EULA angle? Of course, we already know that almost no one reads normal software EULAs, so I somehow doubt that the online scammers using this software are bothering with the fine print either.

Since it's fairly well known at this point that sketchy sites can try to trick users into installing malware, it appears that malware creators are increasingly looking for ways to make its malware available from more legitimate sites. Two recent stories highlight this trend. First is the news that some hackers successfully rigged Google to link to sites that installed malware on certain popular searches. It took a fairly elaborate scheme to get it to work -- and it only lasted for a few days -- but it does highlight that just because a site's found via Google, it doesn't mean that it's safe. The second one apparently involves the popular urban legend debunking (or confirming) website, Snopes.com. Apparently, a well-known purveyor of adware has been running questionable or misleading ads (via Slashdot) on the site for over six months. Snopes was apparently told about this ad, but still chose to leave it running.

While it's well known that less well known sites may have been set up to maliciously install malware on your computer, most people assume (reasonably so) that larger, more well known sites are most likely safe to visit. However, one security firm is out raising the alarm that the English-language website of the India Times, a popular newspaper in India (which we've linked to multiple times in the past), is apparently chock full of risky pages that exploit various security vulnerabilities to try to download hundreds of malware apps to your computer. The security firm apparently first noticed this a few weeks ago, but didn't realize the severity until now. What's unclear from the description is how this is actually happening. We've heard stories in the past of scammers hacking into ad servers and serving malicious code that way, but there's no real indication that that's what's happening in this case.