A U.K. teenager on trial for allegedly launching an Internet attack on a U.S. port on Friday admitted he had never met a key figure in the prosecution's case--namely, his then-girlfriend--in person.
The prosecution argues that Aaron Caffrey launched a distributed denial of service attack (DDoS) in reaction to what he perceived as criticisms of his girlfriend, Jessica. Prosecutors have produced records, or log files, of Internet chats that took place at the time of the attack, and which they say prove that Caffrey had a motive to carry out the attack.
Caffrey argues that the log files were altered or planted on his computer by hackers, who carried out the DDoS attack via his PC in order to cover their tracks.
According to evidence extracted from Caffrey's computer by the Computer Crime Squad at Scotland Yard, the teenager was in a South African chatroom nine days after the 11 September terrorist attacks when a chat participant named Bokkie made abusive remarks about the U.S. The court was told that because Jessica was from the U.S., Caffrey launched a revenge DDoS attack on Bokkie, which resulted in the Port of Houston's servers being knocked offline.
While giving evidence in Southwark Crown Court on Friday, Caffrey said that although Jessica was his girlfriend at the time, and he had known her for about a year, the relationship had been carried out solely over the Internet--the two had never met in person.
Caffrey also disputed evidence given earlier this week by expert witnesses, including Detective Constable Paul Stunt and Professor Neil Barrett. According to Caffrey, none of the experts had carried out a "thorough investigation" of his computer and they had not allowed him to examine the contents of his hard drive personally.
"They think they know what a Trojan is, but it could be any executable file," said Caffrey. "Did they look at every executable file on my computer? I am sure the answer is no."
Caffrey also disputed Barrett's testimony that if a Trojan had infected Caffrey's computer, it would have left a trace. "It could have had a self-destruct mechanism. After executing, the file could run an algorithm that would write completely random data over its original file," he said.
The case continues.
ZDNet UK's Munir Kotadia reported from London.