Site icon IT World Canada

A sad story of legal flimflams

Everyone . . . lies! When we’re kids, we lie our heads off! “I didn’t do it! I didn’t do it! I was dead at the time! I was on the moon . . . with Steve.” And your dad’s going, “I haven’t even accused you of anything yet!” … Then when you’re more mature you do start telling the truth in odd situations: “I’m sorry, I’ve broken a glass. . . . I broke it. . . I’ll pay for that.” And you do that so that people in the room might go, “What a strong personality that person has.”

– Eddie Izzard from his stand-up show “Dress to Kill”

In what has to be the most intriguing examples of jurisprudence this year, British courts have now ruled three times that computer owners being prosecuted for various computer crimes were not guilty because they were dead at the time: that is to say, they didn’t do it, Trojan horse code did.

And in all cases the courts accepted the argument that because there was the possibility of a Trojan being resident on the accused’s PC, there could be no certainty that they committed the crimes or have any knowledge that something illegal had happened.

Well, in two of the cases involving the downloading of child pornography, forensic experts in fact found Trojan horse code on their PCs and the men were exonerated. Of course, in both cases the legal process took about two years, ruining both men’s lives.

But the latest case is different. It revolves around someone hacking into the systems of the Houston Pilots, an independent contractor for the Port of Houston. The result of the hacking was the crippling of a server used for scheduling ships entering the sixth-largest port in the world.

In this case it took a jury three hours to find by a unanimous verdict that the accused, Aaron Caffrey, 19, was innocent because it believed his story that a Trojan horse on his computer was to blame for the crime.

Now this decision was made despite the facts that Caffrey admitted being a member of the “Allied Haxor Elite” and that all sorts of evidence was found on his machine. This evidence included a list of 11,608 vulnerable servers and their IP addresses and a malicious script signed by someone called Aaron. None of this is illegal, but coincidence? Hmmm.

But more telling still, and yet apparently of no significance to the jury, was that all the computer forensics that were carried out on Caffrey’s PC failed to find any indications that a Trojan had been installed, let alone one capable of acting as a staging post for some remote ne’er-do-well.

In the case of Caffrey, this defense has to be one of the most brazen legal flimflams foisted on a gullible court in the history of computing, and it will be interesting to see how such a defense will go down in North American courts.

If it does hold up then where will it end? “That wasn’t me surfing porn for eight hours from my cubicle, it was a Trojan that has since disappeared leaving no trace after forcing the unwitting office colour laser printer to print out the entire contents of Whitehouse.com.” Or how about, “I never sent that letter to the CEO saying he was an idiot, it was …” or perhaps “I never leaked those secret government documents to the press, it was …”

Yes, my friends, all this and more are waiting to make us grind our teeth at the profound and intractable ignorance about computers that afflicts the non-IT world in general and the courts in particular. Of course we always can say this is nothing to do with us IT guys as we were dead at the time.

Tales from the grave to backspin@gibbs.com.

Exit mobile version