Thursday, June 19, 2008

Trojan Horse Defense . . . Works

A while back, I wrote a post on the Trojan horse defense. It could just as easily be called the “malware defense,” since it lays the blame for computer-facilitated activity on malicious software.

As I explained in that post, the Trojan horse defense came to public notice back in 2003, when UK citizen Aaron Caffrey was prosecuted in Britain for a hack attack that shut down the Port of Houston in the U.S.

Caffrey’s defense was that he was framed by other hackers, who installed Trojan horse programs on his laptop, used them to seize control of the laptop and launch the attack, thereby making it appear he was the one who was responsible, and them erasing the Trojans so no trace remained on the laptop. Caffery was acquitted. The jury bought his defense, even though there were no Trojan horses on the laptop (self-erasing) and many found the claims incredible.

I don’t know how old the notion of the Trojan horse defense is. I was watching (don’t ask why) a 1989 movie called She-Devil on TV, and was astonished to see that, at one point, a defense lawyer suggests blaming his client’s embezzlement of company funds on a computer virus. The idea has apparently been around for a long time.

The defense has been raised in the U.S. and, to my knowledge, has worked a few times, often to persuade the prosecution to negotiate a plea and a lesser sentence than it might otherwise have pursued. It has, I think often been raised frivolously, by people who are simply trying to persuade the jury that they didn’t do whatever it is they’re charged with. But there’s a recent case from Boston in which the defense was not only valid, but seems to have prevented a major miscarriage of justice.

The case is the prosecution of Michael Fiola for allegedly having child pornography on his “state-issued laptop.” I won’t go into the facts here. You can read about them in this article: Police Show Kiddie Porn Rap Was Bogus, Boston Herald (June 16, 2006).

I find two things about this case scary. The first is thinking about what might have happened to Mr. Fiola if his lawyers had not been savvy enough to hire a good computer forensics person to investigate the possibility that, indeed, Mr. Fiola was the victim of computer circumstance, a Trojan horse, viruses, combination of the above, etc. Had they not known to do that, and had they not been able to find a good forensics person, I hate to think what would have happened to an innocent man.

The other thing I find scary is that, unlike some of the cases in which the Trojan horse defense has been raised in the United Kingdom, the sad state of security on the laptop Mr. Fiola was using was not his fault (even though he apparently is not at all adept at using and protecting computers). No, Mr. Fiola got into trouble because of the poor state of security on the laptop his employer (the state of Massachusetts) gave him to use. As Mr. Fiola’s lawyer told the Boston Herald, “`Anybody who has a work laptop, this could happen to.’”


Anonymous said...

Trojan's computer harm virus.....trojan horse gave me so many problem...

Stephen said...

Great post thank you.

One thought, should this reference "Police Show Kiddie Porn Rap Was Bogus, Boston Herald (June 16, 2006)" be June 16, 2008 and not 2006?