eMusic Sold, Gives Up On Unlimited Downloads
Compromised Home Computers Used To Hide Spamvertised Sites

No Evidence That Hacker Was Hacked

Miscellaneous

from the tracks-covered-too-well dept

Thu, Oct 9th 2003 8:31amMike Masnick
It appears that the hacker who was accused of shutting down computers at the Port of Houston is trying to go with the "it wasn't me, it was someone else who hacked my computer" defense made popular by the guy who claimed that a trojan horse program filed his fraudulent tax returns. It appears that defense isn't working in this case, as the prosecution has brought up a witness who points out that there's absolutely no evidence that anyone hacked into the kids machine. Not sure about the details in this particular case, but I imagine we'll still be seeing a lot of people using just such a defense for any sort of computer related crime in the future.
4 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    aNonMooseCowherd, 9 Oct 2003 @ 4:43pm

    guess who else will use this ruse

    If RIAA sues the wrong people, they'll probably use this excuse as well.

    link to this | view in chronology ]

  • identicon
    LittleW0lf, 9 Oct 2003 @ 6:12pm

    Forensically sound???

    This guy's argument about blocks being out of order when logs are edited after the fact is fine, and as far as I can see it is correct. But there are definately ways around this argument though, such as a hacker moving the log, or the victim "defragging" their hard drive.

    Windows logs may be protected from defrags and movement of the files within the OS, but in this case, shouldn't they also be protected from modification after the fact? Seems to me that the defense lawyer might be able to shoot holes through this argument.

    The only way I could truely say something wasn't modified is if they took cryptographically locked checksums of the files and compared them, then they could argue that the attacker didn't modify the logs. Otherwise it is swiss cheese. Not that I don't think the hacker is guilty (ok, so maybe I don't, I do not have all the facts.) However this expert cannot believe that this evidence alone will convience a smart jury, nor will it stand up to ridicule by the competent defense lawyer.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Oct 2003 @ 5:21am

    As somebody that *has* been used and abused....

    ...I can't tell you how disconserting it is to hear the investigator say "but that's just a theoretical vulnerability in TCP/IP". Of course this was in the telnet to SSH transition period. Nobody uses telnet any more... still, 6 months after they were still trying to decide if they had a case, explits like hunt and jugernaught began to surface from the underground. Theoretical indeed...

    Computer "evidence" is *extremely* ephemeral and if the computer is connected to the Internet in any way, shape or form...

    Any good professional (and what I mean by "good professional" is that they don't have a record -- not even a FBI case file entry -- and they make a living from their efforts) cracker knows to get a patsy before doing anything that anyone will take any notice of.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 11 Oct 2003 @ 5:23am

      Re: As somebody that *has* been used and abused...

      > "but that's just a theoretical vulnerability in TCP/IP". Of course this was in the telnet to SSH transition period. Nobody uses telnet any more...< br>

      ...and nobody is even really sure SSH is completely safe these days either.

      link to this | view in chronology ]


eMusic Sold, Gives Up On Unlimited Downloads
Compromised Home Computers Used To Hide Spamvertised Sites
Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

Friday

19:39 Important Announcement: Techdirt Is Migrating To A New Platform (0)
More arrow

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.