Re: Teenager cleared of hacking - Off Topic?

[Feher Tamas <etomcat () freemail hu>]

> All that tells me (and anyone else) is that the jury considered
> there wasn't enough evidence to convict him.

Or maybe this case it the first cyber-O.J.Simpson and the jury should be 
decimated for what they did. (Though the firing squad may have a 
slight difficulty shooting exactly 1.2 people)

There was motive: the guy wanted to attack a chatroom fellow after a 
rude online conversation, which has been preserved, but he mistyped 
the victim's IP address and ended up bombing the port's systems.

The experts gave very clear evidence that the attack was initiated 
locally and log files cannot be planted remotely the way they werew 
found on his computer.

BTW, I think the guy better keep in mind to keep away from USA as far 
as possible for the next 25 years to come. If US authorities ever lay 
their hands on him, he will be tried in the USA according to the 
Constitution, cause he comitted the crime in the USA (the port's 
systems are located there and he attacked THEM).

Considering that he cracked it mere weeks after 2001-9-11, he may 
even become an unlawful combattant in US's eye and get to see the 
sun in Cuba. He would have been better off serving the term in civilized 
England.

Regards: Tamas Feher.

*******************************

www.zdnet.co.uk/print/?TYPE=story&AT=39117033-39020330t-
10000025c

Expert undermines port hacking suspect's defence
by Munir Kotadia, ZDNet UK, 9 Oct 2003

An expert witness in the case of a teenager accused of accidentally
launching a distributed denial of service (DDoS) attack on a major US
port said on Thursday there was no indication that evidence had been
planted on the suspect's hard drive.

The defence counsel for Aaron Caffrey, who is on trial at Southwark
Crown Court, had said that his client's computer could have been
compromised by a hacker who had altered the system's log files -- which
record how the machine is being used -- and staged an attack from the
teenager's computer.

But Professor Neil Barrett, technical director at Information Risk
Management and an expert witness at the trial, told the court that
after examining the physical location of data blocks on Caffrey's
computer, there was no evidence that the log files had been altered at
a later date.

"If you edit a file after you finish writing it to disk, it results in
block fractures. The block that corresponds to the edited text would be
written elsewhere. The disk blocks that correspond to this file show no
evidence of fracturing and were sandwiched between files that were
created before and after it," Barrett told the court.

Barrett conceded that a hacker could, in theory, have planted a
different log file on Caffrey's computer, but said it would be obvious
that it was inserted later because of the physical position of the
file's data blocks. "There is obviously a way of introducing (the file)
on the computer, but not in the correct place," he said.

Caffrey's counsel questioned the validity of Barrett's evidence because
the witness had not physically examined the actual hard disk from
Caffrey's computer, but an image of it that was sent to him on CD-ROM.
Barrett argued that this did not make a difference because the image
was "forensically sound".


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html