Full Disclosure mailing list archives
Re: Teenager cleared of hacking - Off Topic?
From: Feher Tamas <etomcat () freemail hu>
Date: Mon, 20 Oct 2003 12:24:22 +0200 (CEST)
All that tells me (and anyone else) is that the jury considered there wasn't enough evidence to convict him.
Or maybe this case it the first cyber-O.J.Simpson and the jury should be decimated for what they did. (Though the firing squad may have a slight difficulty shooting exactly 1.2 people) There was motive: the guy wanted to attack a chatroom fellow after a rude online conversation, which has been preserved, but he mistyped the victim's IP address and ended up bombing the port's systems. The experts gave very clear evidence that the attack was initiated locally and log files cannot be planted remotely the way they werew found on his computer. BTW, I think the guy better keep in mind to keep away from USA as far as possible for the next 25 years to come. If US authorities ever lay their hands on him, he will be tried in the USA according to the Constitution, cause he comitted the crime in the USA (the port's systems are located there and he attacked THEM). Considering that he cracked it mere weeks after 2001-9-11, he may even become an unlawful combattant in US's eye and get to see the sun in Cuba. He would have been better off serving the term in civilized England. Regards: Tamas Feher. ******************************* www.zdnet.co.uk/print/?TYPE=story&AT=39117033-39020330t- 10000025c Expert undermines port hacking suspect's defence by Munir Kotadia, ZDNet UK, 9 Oct 2003 An expert witness in the case of a teenager accused of accidentally launching a distributed denial of service (DDoS) attack on a major US port said on Thursday there was no indication that evidence had been planted on the suspect's hard drive. The defence counsel for Aaron Caffrey, who is on trial at Southwark Crown Court, had said that his client's computer could have been compromised by a hacker who had altered the system's log files -- which record how the machine is being used -- and staged an attack from the teenager's computer. But Professor Neil Barrett, technical director at Information Risk Management and an expert witness at the trial, told the court that after examining the physical location of data blocks on Caffrey's computer, there was no evidence that the log files had been altered at a later date. "If you edit a file after you finish writing it to disk, it results in block fractures. The block that corresponds to the edited text would be written elsewhere. The disk blocks that correspond to this file show no evidence of fracturing and were sandwiched between files that were created before and after it," Barrett told the court. Barrett conceded that a hacker could, in theory, have planted a different log file on Caffrey's computer, but said it would be obvious that it was inserted later because of the physical position of the file's data blocks. "There is obviously a way of introducing (the file) on the computer, but not in the correct place," he said. Caffrey's counsel questioned the validity of Barrett's evidence because the witness had not physically examined the actual hard disk from Caffrey's computer, but an image of it that was sent to him on CD-ROM. Barrett argued that this did not make a difference because the image was "forensically sound". _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Teenager cleared of hacking - Off Topic? John . Airey (Oct 17)
- Re: Teenager cleared of hacking - Off Topic? Jonathan A. Zdziarski (Oct 17)
- Re: Teenager cleared of hacking - Off Topic? Randal L. Schwartz (Oct 17)
- Re: Teenager cleared of hacking - Off Topic? Jonathan A. Zdziarski (Oct 17)
- <Possible follow-ups>
- RE: Teenager cleared of hacking - Off Topic? John . Airey (Oct 17)
- RE: Teenager cleared of hacking - Off Topic? John . Airey (Oct 17)
- Re: Teenager cleared of hacking - Off Topic? Feher Tamas (Oct 20)
- Re: Re: Teenager cleared of hacking - Off Topic? David Howe (Oct 21)