A UK teenager accused of launching a distributed denial of service (DDoS) attack on a major US port has said a flaw in Windows allowed hackers to take control of his machine and launch the attack without his knowledge.

In his interview with the police, which was read out in court on Tuesday, Aaron Caffrey said: "My OS supports remote admin and remote assistance. At that time, the patches were not available. Anyone could control it. Windows Media Player was also unpatched."

Caffrey added: "Someone has edited those log files. just because something says something, it doesn't mean it happened. My machine was hackable. They have planted it or added to it."

On Wednesday, the trial's second day, the defence counsel for Aaron Caffrey started questioning Detective Constable Stunt, a member of the Computer Crime Squad that forensically examined Caffery's computer in January 2002, which was around three months after the Port of Houston in Texas was attacked.

Southwark Crown Court heard that it was possible for someone to take control of the defendant's computer because of critical vulnerabilities in Microsoft's Windows operating system. Stunt said that although he was not aware of any specific vulnerability, he admitted that Microsoft does have security problems. "There are thousands of [security bulletins] and Microsoft issues numerous patches on a daily basis," he said.

ZDNet UK (source)


The wise make mistakes, the fools repeat them
----------------------------------------
When you have eliminated the impossible, that which remains, however improbable, must be the truth