Wednesday, January 24, 2007

Is It Asking To Much That They Be Dragged ...

Through The Streets?

A substitute teacher from Connecticut is facing up to 40 years in prison because her malware-riddled computer displayed porno popups in class.

On October 19, 2004, Julie Amero arrived at Kelly Middle School to teach a 7th grade language arts class. Mr. Matthew Nett, the class's regular teacher, logged Amero into the classroom computer and left, warning her not to turn the machine off.

Amero let the students surf the web for a few minutes. The kids visited several innocuous sites including an innocent-looking page on hair styles. Suddenly, pornographic popups started to fill the screen. Soon, the machine was frozen in an endless porn loop.

Nobody in that classroom clicked on any porn that day. The popups were generated automatically by a piece of malicious code from the hair site.

Anybody who has a computer and actually uses it. And surfs the web at all with it knows about this. There is no way in FUCK you can be on the internet let alone have a job as a prosecutor. And most likely have a computer that at some point somebody who maintains it for your dumb ass would have upgraded it. And more than likely explained to him why.

It is impossible to think it some innocent on the people of Norwich law inforsement and the jury to come to such a conclusion. All of the last year it made the news every time you needed to upgrade your windows OS because of some exploit or another.

The lie that stands out is she would have to physically click the porn links. Um no, the web is like only 1% porn. Money is made off of terrestrial rather than cyberspace related porn. What pop ups are is impression advertising. Money is made on the number of IP addresses that come to a page. malware is used to redirect your browser to ad sites all the time. It is just that with porn promoters there is no sense of restrain. Period.

The vulnerability lies in the way IE 6 handles certain graphics. Malicious software can be loaded, unbeknownst to the user, onto a vulnerable Windows PC when the user clicks on a malicious link on a Web site or an e-mail message, several security companies said.

"Fully patched Internet Explorer browsers are vulnerable," Ken Dunham, director of the rapid response team at VeriSign's iDefense, said in an e-mailed statement. "This new zero-day attack is trivial to reproduce and has great potential for widespread Web-based attacks in the near future."

Security-monitoring companies Secunia and the French Security Incident Response Team have given the issue their most serious ratings.

Shady adult Web sites are among the first to exploit the IE vulnerability, Eric Sites, vice president of research and development at spyware specialist Sunbelt Software, wrote on a corporate blog. In one case, a malicious Web site used the exploit to install "epic loads of adware," according to Sunbelt.

Microsoft plans to fix the flaw as part of its monthly patching cycle on Oct. 10, the software giant said in a security advisory. The update might be released sooner, "depending on customer needs," Microsoft said. Typically, Microsoft only breaks its patch cycle when attacks are widespread.

There is noway this prosecutor could not just simply Google malware and find out everything he said was wrong.

Spyware used to worm its way into PCs when users tried to download a free utility, such as a screen saver, and wound up with an unexpected bonus after agreeing to the distributor's license agreement.

Today most spyware infiltrations follow a different course: Users browsing the Web unknowingly launch "drive-by" downloads as they peruse sites affiliated with spyware makers. What those spyware-dumping sites often have in common is pornographic content.

That school needs to have it's computers upgraded... to new ones with spyware and pop up blocker. And I think David Smith, the prosecutor, should be made to not only foot the bill but be there to help the tech' who installs them so he can learn something. Or just drag him and the jury through the streets of Norwich... Ignorance of computer tech is no excuse. Especially when in your job you my be called on to help go after some computer hijacker instead your dumb ass is prosecuting an hijackee.

No comments: