Slashdot Mirror
Arrest In The ILOVEYOU Case
jacobm writes "All the news sources- CNN, ABC News, Security Focus, CNET news, and everyone else on the planet- are reporting that a man in the Phillipines has been arrested in the ILOVEYOU virus case. It appears that the virus had identifying information all over it, which makes me a bit suspicious that this could be a set-up, but on the other hand, you should never attribute to malice what can be explained by stupidity." Update: 05/08 12:50 by J : Because you haven't yet read enough about ILOVEYOU,
read this (Gates opines that breaking up MS will lead to more viruses).
when I heard computer periphenalia I immediately got this image of a 3 foot, smoked glass, water pipe with a serial connector and some really nice screensaver software. I haven't done that in years BTW.
:)
Oh, are you the guy that does the quake skins? Nice work, if so
Maybe I just think about sex too much, but when I see the word paraphenalia I think of sexual paraphenalia. Stumbling through the web I have seen pictures of various objects being inserted into various orifices. Thanks to your post about computer paraphenalia, remote controls, can openers, furbys, I now have various images floating around my head. I don't know whether to say "Ughh.." or "Thanks". :)
He has not been arrested yet, he is in custody. CNN is even reporting it correctly. Learn to read your sources more closely (unless you enjoy being sued).
shouldn't they be arresting someone at microsoft?
I recognize that this virus caused a lot of damage and that something should be done about it, but the course of action that was taken was definitely wrong.
What is the lesson here? That it's somehow wrong to spread a message of love and understanding throughout the world? A picture may be worth a thousand words, but what about a simple message of love? If all of my images and all of my music got replaced by messages from those who love me and care for me, I think my life would be much better.
In fact, these people did us a favor. They created something that let us know our loved ones that we care for them simply by having them in our address books - we didn't even have to do anything. Shouldn't all love be this simple and easy and straightforward?
But the true reason that I write this is that my eleven-year old daughter saw this story headline over my shoulder as I read it. She asked me if we can really be arrested just for loving people.
What am I supposed to tell her? I used to be able to tell her no, but what now? "No, unless you're in the Philippines?" "No, unless you say it over email?" "No, unless you have an internet connection?" All of these answers are inadequate. The only teaching that this brings to our children is that unconditional love cannot and will not be tolerated by our society. What kind of lesson is that?
> The virus may have caused some damage and
> shutdown time, but it did not *destroy* systems.
True enough, but it did eat up a lot of time containing it. For those of us who are already stupidly busy at work, stuff like this is more than a minor inconvenience. I've lost the best three working days to stopping this bloody worm spreading and trying to make sure our systems are protected against variants.
As a result I have no sympathy for whoever wrote it, regardless of their motivations. If someone smashed a window on your car just to show you how shitty your alarm system was, I doubt you'd want to write them a thank you note.
I can see Signal 11 stealing someones lunch, and eating it. After all, he steals our time, and wastes it with redundant garbage like the above post.
"Barok" as most of you do not know, is a Filipino (not Philippino!) primitive comic character patterned after the Flintstones circa 70s and 80's. I doubt some German studying in Australia would even be aware of such a character. On the other hand, it is probable that the *original* code came from him/her and it was only this guy who actually found the courage (or stupidity) to send it to a couple of "friends".
After reading this very nice paper, I would go to even greater lengths to destroy evidence. I would make a quick trip down to the local computer store and buy more RAM a new HD, and maybe a few floppies, then I would completely destroy my current RAM, HD, and any floppies with incriminating evidence on it. And I mean destroy it to the extent that even God himself would have trouble putting it back together. Then I would go to some lengths to make sure my system doesn't look like it has been completely replaced from the inside out in the last couple of days (which it has). If you have 2 or 3 days forewarning, there is no reason why you should have any incriminating evidence left on your system, unless you are dumb enough to write a virus with malicious intent in the first place.
The coding may have been poor, but naming the attachment ILOVEYOU was a stroke of pure brilliance. Mere hours passed between the first reports out of the UK and our company in Toronto being hit hard. Recipients double-clicked the attachment like wildfire, and it could only have been because of the name (pity the poor sys admins who can't depend on users knowing better than to open a .txt.vbs file.) Whoever it was that created it has a bright future in marketting.
Well, it was certainly malicious, but it could have been a great deal worse.
What were the 1st and 2nd stupidest ideas? :)
They say he was arrested and that his girlfriend is a possible accomplice.
Come on !! . . .SET UP . . or just a quick way of stopping the damage . . . what better way to say "We are on the ball" by arresting just SOMEONE very quickly to eliminate others from thinking they can get away with it . . . and do you really believe that they could track down where it originated (Hmmm . .did they write this or test this virus/t.h. on a Microsoft Machine ??) I wonder if Microsoft has a way of knowing this and giving authorities that information . .something to think about . .but it's toooooooo easy to spoof mail, fake mail and/or set someone up . . .and if they DID find the right person . . . HOW did they do it ? . . I think that would be MORE INTERESTING to know . . .I dunno . .something smells fishy . . I think this damage control . . . before you know it . . you'll have hackers around the world doing this easy Visual Basic Scripting Virus stuff . .and by the way . . .if you want REALLY scary stuff . . .get a copy of Tim Hill's Windows NT Shell Scripting book . . . *GASP* . .you mean I can create administrator accounts vi a script ! AAAAAAAGH !!!! PS . . the *Fnords* are REALLY out now !
I'm talking about the cheesy one with the heart on a computer. Unless I'm mistaken, that computer is something akin to a Macintosh Classic or Color Classic and isn't even affected by the virus. Do news graphics creators verify their image integrity?
Yes, you COULD send a Perl script as an attachment, but no Linux mail reader that I know of would automatically launch it when the message was opened or even PREVIEWED.
That is EXACTLY what happened at my employer's company. Most of the people who got hit with it did not even know how to turn off the damn preview pane that Outlook comes DEFAULT with.
We have had virii run through our network before. Most of our people know to NOT run anything called "LOVE-LETTER-FOR-YOU.vbs". Certainly not the 27 people who accidentally DID send it out when they received it from their supervisors / HR people / others who DO have incoming e-mail access.
Or did you not know of the embedding that comes STANDARD in Outlook now?
Improvise, adapt, and overcome.
Just ask former president Noriega.
this nonsense argument always bugs me. if there were choices between interfaces, most people would pick the one that's easiest to use. a company can easily say this is the interface we support while allowing other interfaces. which by the way, is exactly what i do now. the company has its standard but i use the products i work better with. since i can produce compatible files, they never know the difference.
--
J Perry Fecteau, 5-time Mr. Internet
Ejercisio Perfecto: from Geek to GOD in WEEKS!
--
And Justice for None
in preview mode, a word document could have run automatically. i'm not sure if ILOVEYOU could have but it's very easy to write code that will automatically execute embedded code. activex with the settings that microsoft wants you to have can also run system code!
--
J Perry Fecteau, 5-time Mr. Internet
Ejercisio Perfecto: from Geek to GOD in WEEKS!
--
And Justice for None
Watch me wonder about karma calculation errors in the parent post in the moderation paradiscussion.
__
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
Hmm, we all hear a slogan 'Total Cost of Ownership'. Just one question:
:-)
Is the cost of removal of virus infection included in Total Cost of Ownership?
The news in Germany talked about a cost of 10 billions US$ caused by that virus, divide that by the number of Microsoft-ware installations and multiply it with the number of viruses.
It's up to you to compute the value!
I really wait for the first Linux virus, but I am afraid of not getting old enough
The user is the victim here. Just because it is common sense to you and I not to run strange attachments does not mean that it should be expected of everyone else to have the same sense. The users were deceived by a malicious coder, and it does constitute fraud and is illegal. That's why just about every country has laws against fraud. It just isn't just to punish victims of deceit.
Sorry, but it had to be said.
One of the things that the LOVELETTER.TXT.vbs script did was to set the default home page in Internet Explorer to one of four pages at Sky Internet. They are an ISP that offers pre-paid access.
On each of the four pages was a file called WIN-BUGSFIX.exe. This was a password-stealing program.
Sky Internet was getting hammered by all the requests, was unreachable by ping. When another ISP alerted Sky Internet to the pages with the password-stealing program, Sky Internet yanked all of them. Within 15 minutes of notification, if I remember right from alt.comp.virus, and about 4 hours after the worm first appeared.
Now Sky Internet is using their logs to find who downloaded the program, to notify them.
You can argue that Sky Internet's pre-paid access model invites Net abuse, like the omnipresent AOHell coasters. They claim their system was cracked by a person who had been previously banned for abuse, FWIW. But you cannot (reasonably) blame them for knowingly distributing a virus.
Do you show your love by deleting files on stranger's PCs? Is that the lesson you want your children to learn? Did the headline "One Billion Dollars Damage" escape your attention?
I can't understand how Billy Boy can honestly tell people that breaking up Microsoft will there be more viruses like this one? Honestly the reason these "macro viruses" exist to begin with is Microsoft's fault to begin with.
If it wasn't for the VBS stuff in all of the office aps, the windows scripting host in win98 (and anything using IE 4.x +) these viruses just simply wouldn't exist. I used to remember telling users that viruses through e-mail were a hoax. Thanks M$ for making these hoaxes reality, and making me fire fight all day thursday and friday cause of this "innovation."
M$, do me and the world a favor, and "innovate" yourself out of existence.
"If you insist on using Windoze you're on your own."
Secondly, has anyone noticed how much more quickly our legal system moves when money'd interests get annoyed.. as opposed to the average person? Had my system been compromised by somebody in the phillipines, do you think I would have any recourse? Of course not! But, because it affected "e-commerce" companies.. *blamo* hundreds of agents are assigned to the case. Sigh. What happened to equal justice and protection under the law?
Your sense of smell must have got a hit on the
last skunk that you hit with the car.
What you must understand is that if criminals
were not stupid they would never get caught.
One case in point : One of my brothers was
in a store being robbed. He got stabbed with
a fishing knife (real sharp). The thief
got hot and took his mask while facing the TV
camera directly. There is no way anyone could
have linked the crime to him if he hadn't done
that.
In this case in particular you must realize that
there are two clues to stupidity
1-Basic was used
2-The platform was winblows.
I sympathize over your pet peeve, but I think it'll have a long a healthy life. Historical data shows that Americans and other users of English care little for correct Latin plurals. Isn't that [sic]? ;)
My
I think that this is a rather good idea. It has a problem, mainly that it is extortion, but what if we agreed to be hacked?
I agree to allow my machine(s) to be hacked on the basis that if you succeed, you will put everything back the way it was for an agreed upon fee and you will provide me the fix for the virus. After a certain period you will make the exploit and the fix public.
I believe this accomplishes your goals:
1) finding and fixing exploitable holes...
2) providing a living for those who look for them.
You really had me laughing on this one. I have to agree with the other replier, you are proposing to legalize extortion.
:)). Still extortion, but now it is making some lazy designers think about security.
On the other hand, the same crazy idea could work like that:
a) My machine catch a virus. The virus somehow make it absolutely clear it got in and could have done me harm.
b) The message in gotcha.txt reads like:
"THIS MACHINE HAS GOT VIRUS XYZ, FROM XYZ CORP. PLEASE SEND THE ATTACHED SIGNATURE TO XYZ@XYZ.COM TO RECEIVE A CLEANER. YOU ARE ALSO ENTITLED TO RECEIVE U$1 FROM THE MANUFACTURERS OF THE FOLLOWING SOFTWARE (WHOSE BUGS WERE USED TO ENTER YOUR SYSTEM): MS OUTLOOK EXPRESS, MS WINDOWS 2000....
[signature follows]
c) XYZ would also receive U$1 per system penetrated.
So now, instead of virus writers we are talking about "pervasive" security experts...
Heh... I've joked that it might have been the RIAA too as it went after mp3s ... it does though just set them 'hidden' (a quick change to 'show all files' will make things become clear) .. so all that's needed is to set them unhidden to reverse the 'damage' .. the .mp3.vbs files can be deleted .. jpeg files and many script types are beyond help though and need to be deleted.
... so everyone set your non-changing files read-only! :)
Basically deleting anything *.vbs seems like a safe idea.
I also found that jpeg files that happened to have been set read-only were not overwritten by the virus
--
Delphis
Arrested is detained. If you can walk away from the cops, you aren't arrested. It's a power thang. Whether it's the Philippines or the US or France, the definition is the same. Now I understand the cops like to make a distinction - but it's only for make-nice...
Sorry to hear about your experiences, but backups are a wise idea. One of my development machines in my home office runs NT workstation, and currently contains just over 30GB of applications and data. Installed into that machine is a 24GB DAT backup, which I faithfully run twice a week, wasting two tapes and many hours of an otherwide useful day. Am I wasting my time? About a month ago I had a client project due in two days. I come into my office, flip on the computer, and what do I see...the good old NT Bomb On Boot syndrome. The NTFS partition corrupted after two more attempts to boot the machine. What would I have done without backups? I'd have been f***ed, that's what. As it was, I just wiped the partitions, booted from my rescue disk, and was fully operational again within two hours. DAT rules :)
There is nothing so pathetic as seeing a beautiful young theory roughed up by a tough gang of facts.
Customers can avoid being affected by this virus by following standard best practices:
I got the file from a friend (or I was curious to see what fool sent ILOVEYOU to everyone).
MS what is an executable file?
and are we supposed to update our virus software twice a day?
More importantly. Why after 5 years does unsigned code still run in an unprotected space? The MS trust model with SIGNED code is failing misserably.
I don't see how breaking them up could detract at all from their virus-fighting abilities. After all, they didn't help fight this one at all even when given fair warning by Melissa, and I don't think you can really have less ability than that :)
Your right to not believe: Americans United for Separation of Church and
Even ILOVEYOU was not deliberately malicious
.vbs to the filename, presumably to get it to be run the next time the user double-clicked the file, thus helping to keep itself "alive").
You are joking, right?
This virus (and yes, I have seen the source code) deiberately sought out files of a variety of different types, including mp3s, html, gifs, etc, and wrote itself over the files (it also appended
If that isn't "deliberately malicious", then I don't know what is...
Cheers,
Tim
It's official. Most of you are morons.
The difference is that this is random and malicious, and causes the destruction of the user's own data, not just installed programs.
Also, the increase in email activity (as the virus mailed itself to the first 50 or 60 people in the victim's Outlook address book) caused the usual overloaded servers, crawling networks, etc. In addition to this, some companies simply shut down all operations in an effort to contain the virus and repair the damage it had done (one of our clients, for example, who run an mp3 website...)
I think that charges for similar cases in the past have included malicious damage and theft of computing resources, although I may be wrong on that. Here in the UK at least, unauthorised use of a computer system is a crime - it could be argued that this applies in this case, as the virus writer certainly didn't ask if his/her virus could use up all the resources it needed to propagate itself.
Cheers,
Tim
It's official. Most of you are morons.
Yeah. Ever read Fahrenheit 451 (Ray Bradbury)? I think this was the book this sceen is from. They needed to chase down a crimminal (in this case, one who owned a book) but got off the trail. Since the chase was televised (note, this predates OJ Simpson), they had to find someone else to catch, which the proceeded to do, so that all the viewers thought that the "villian" was caught. Meanwhile, the real guy who had the book watched it all on TV.
Four times? I found it *nine* times:
...drawing on each other's features and innovations...
...Windows can incorporate innovations that can then be further leveraged...
...sharing its innovative work among...
...benefits of innovative, user-friendly technologies...
...further drove innovation across the industry...
...great efficiency of innovation in platform software...
...such innovations might never have...
...Provisions like these would kill innovation in the OS...
...developers who depend on constant innovation in the OS...
Photos of bits of the past hiding in the present: afiler.com
reference: any late 20th century or newer intro to biology text.
In all seriousness:
In the Phillipines, being "invited to answer questions" involves a small, windowless room below the old fortress, a rubber hose, and several extremely unfriendly police investigators...
"...they may harpoon us, but they ain't gonna pick us up on no radar screen!"
Here here. I've been just saying to friends not to run emailed programs for ages. With some of the varients of ILOVEYOU that are possible, you can easily trick people into playing that sound bite/vbs worm. I think now we're going to have to add data to the forbidden email attachments. At this point people really need to examine every attachement to see if it is good or bad.
that it was Metallica.
- Kaatunut
i think it is pretty serious to delete porn and mp3z
It deleted the porn but copied the mp3s.
...
Clearly, a woman.
Corporate America/Europe/Asia/etc needs to stand up and tell Microsoft to fix their problem. -k
This DEMO VIRUS must bring into question the use of all Microsoft Office applications
within any government department or vital business areas.
IMHO(In My Humble Opinion) Microsoft Office applications are not secure
enough to use in any environment where email and documents are shared
over the internet.
Microsoft continues to distribute applications that will execute embedded
destructive scripts, macros and therefore trojans. Microsoft applications
and operating systems do not even provide a restrictive environment in
which a user can open,view and run untrusted documents.
To make matters even worse Microsoft have made Visual basic (VBS) the
default embedded scripting language within all its Office 2000 documents
and templates. Microsoft have sold large organizations on the use of visual
basic scripting within their templates and documents.
Turning off Windows Scripting Host is not a viable option for them.
Any teenager with half a brain can now grab a copy of a trojan love, melissa
or any number of new visual basic scripts. He can modifiy it by trial and
error until it passes the virus scanners. Then embed the trojan in any
type of Microsoft Office 2000 document. All he has to do to ensure the
spread of the worm is email them to known Microsoft Outlook email users.
To infect other computers the loveletter type script requires the Microsoft
MAPI mail interface. This is installed with Office Outlook and Outlook
express. We must blame Microsoft for allowing Visual basic scripts access
to this interface to send email without requiring a dialog/confirm
from the user. This is how the "worm" spread so fast.
Microsofts attempts to keep its applications vulnerabilities hidden
behind a proprietary veil of secrecy has failed.
Human nature being as it is, relying on users to follow a strict protocol
when dealing with incoming email other documents via the internet is
doomed to failure. Love letter from whom? The temptation to open the
attachments is too great even for the most security conscious person.
All attempts at providing retroactive firewall and Anti-virus defences
against viruses,trojans and other backdoors have failed and IMHO will allways
be vulnerable to new and modified forms of attack.
Just changing the client or server operating system to NT, win2000,
MacOS, or even a Unix based OS will not overcome the lack of security in
the client Microsoft Office suites.
If you are worried about security of your files and information stored
on your computers, then IMHO you should look to different applications and
systems than those currently provided by Microsoft.
You should look to companies and solutions that provide a proactive approach to
security, instead of just relying on a third party retroactive antivirus
defence.
The open source unix model may not be immune to attacks from determined
crackers and vandals, but at least making the source code available
forces programmers and other solution providers to take a proactive
approach to system security.
I KNOW it is a Visual basic script attached to an email, but it is no different to having a script embeded within a document.
That any email programs allow you to execute VBS script at all is a failing , however
If you do not install or use Microsoft Office or the Microsoft web servers there is not much use in having Windows Scripting Host enabled.
The Windows Scripting Host engine is there not to service the operating system but to service the
Microsoft applications and therefore should be considered as part of the Application side - Middleware not part of the operating system.
Just like the gnome/kde application interfaces are not an internal part of the Unix operating system.
If you used Microsoft Office 2000 you will lose a LOT of features if you disable Windows Scripting Host. Those same features Microsoft sells as enterprise solutions to large organizations.
.. and claimed that victims received the email virus largely from people they didn't know.
Since the virus propagates using Outlook's contact list, this seems a bit unlikely - I received over 100 copies, every one from cow-orkers.
This suggests that the journo didn't ever see one himself, and certainly didn't understand it.
If you used the same "file format" as outlook - i.e. embeddable VB script and fully supported that format, then you'd run the script and presumably suffer the bug.
The solution is really to avoid dumb software. If email is to allow scripting it should be under a very strict security model.
Amen to that my brother. That was my first thought too, and I'm not one to jump on the conspiracy theory bandwagon.
Either he is a complete and total idiot or he pissed off the wrong person and they set him up.
I have a hard time believing that anybody who sets out inflict this worm/virus on the world would put personal info in the header of the script. Makes no sense.
Of course it's only a matter of time until gene-hackers do spread real viruses for fun. Some little DNA sequencer-kiddie will kill millions one day , and I'm not sure there's a way to stop it.
Here.
My god! They found Telephone wiring in his home!
"Linux viruses don't spread, because" Pine and Elm don't execute random code.
Outlook warns you when you open any attachment,no matter what the extension is, which means that after a while you ignore the warning.
.txt file and clicked "OK" because I wouldn't have read the warning, cos I'd have seen it many times before. The warning should be given only when something nasty is being run, otherwise it gets to be an automatic response "Click attachment, click ok on warning box"
I'll admit that I wuld have got burned, because I would have looked, seen a
My point was, that even if you wanted to Elm and Pine cannot execute this code. And even then it would show the full filename and not chop off the final extension.
So you're saying that you shouldn't be able to execute programs that have been sent as email attachments?
If what you were trying to say was that email clients shouldn't automatically execute scripts contained in email, then I agree with you wholeheartedly. Trouble is you're several months late - that hole is long patched.
John Carney.
They want the credit with people they know. So, they put a few personal facts in it so their close friends will know that they really did do it. Besides, why elsedo soemthing like this than to be able to say "Hey I did it."
Some years back I was a games programmer and some of my colleagues were self-styled hackers (or "crackers" if you prefer - I sometimes get confused as to which is supposed to be which). As a breed they seemed to share a "lookit how high I can piss up the wall" mentality. A favourite trick was cracking the copy protection on games and attaching flashy scrolling banners to them telling everyone how good they were. They would then distribute the cracked version to their friends who would (I assume) be suitably impressed. While they felt secure behind their aliases, such self-aggrandising behaviour would surely have made them very easy to track down if anyone decided to get serious about stomping on software copyright violations.
They were also without exception appallingly bad programmers.
John Carney.
Two points:
.TXT attachement, because outlook doesn't show the .vbs
:-)
1. User sees the ILOVEYOU virus as a
ending. How on earth could Joe Average see the diffrence?
2. Win9x, NT and W2k assume, that the User needs to have adminstrative rights by default. Nt and it's descendant both have a Adminstrator account.
Why doeas the user account need adminstrative rights then?
Ofcourse, a clueful NT Admin won't give users Adminstravive rights, but we all now that "Clueful NT Admin" is a hoax
signatures pending - ansa@kos.to - (dont mail there)
Sounds plausible, might even be correct if taken exactly the right way, and the opposition is struck dumb by the audacity of it.
... claims that subsequent to a breakup new, more virus-proof versions of Office and Windows would be "much harder for comuter users to obtain."
The above is actually true, but fails to mention that without a breakup more virus-proof versions of Office and Windows would be even harder to obtain. Without the breakup, Microsoft has the ability to innovate an even richer ground for viruses.
Even Eudora gets confused enough to not want to run the virus automatically.
The prompts are wrong. Do not run emailed executables, especially from people you know and trust.
They bought Microsoft.
They ran virus.
Not new. Old. ....
And they ran it and they ran it and they ran it
One of the HUGE problems with all of this is MSFT ships products with the permission to low, wide open in fact. Do an Install of NT 4.0, and check it out. Same thing with Outlook wide open. While it is understandable why they did this, it is also the cause of all of these problems. I would wadger, that if they shiped products all locked down like some of the BSD's, you would have a smarter group of NT admins and MS enduses. They would have to go in and make the changes to their systems, and might in fact, understand the risk involved with that choice.
Sending out I LOVE YOU attachments is really the users fault, they and thier employers should be held accountable. I bet that would fix the problem real quick. This might sound extream, but
if you kill someone on accident, it is still manslaughter. So if you take out someone's mail server on accident, it is still a DOS attack.
I had to stop reading that about halfway down. I never realized shoving your own head so far up your own ass could be profitable.
--
+&x
He produces the equivalent of Mr. Ed's lifetime quantity of horeshit every single time he posts.
....and yet Friends is still popular...
Besides, horseshit is good for growing stuff.
--
+&x
Woo-hoo. And we didn't even have to flame you. I'm glad that Bill finally has enough rope to hang himself with, I wasn't sure if he could afford enough before, but now..now he has enough.
Jus wait until the "Enhanced Security Windows" come out...at $500 a pop. No one ever said he wasn't a good businessman, just not a good man.
--
+&x
If you want your children to grow up healthy and strong they must be exposed to viruses. Instead of clamping down on virus writers, we should reward them. Encourage a legalised virus industry.
This is where your analogy starts to break down, at least for me. Your body does not give any reward real viruses, it fights them all-out, tooth and nail.
You argue that legislation can never discourage all virus writers. You then argue that we must be exposed to viruses in order to learn how to better protect our systems. Somehow you conclude that we should encourage virus writers, even though your first argument makes it clear that no encouragement is required to expose us; we've got plenty of exposure without that.
Your system is one system. Thousands if not MILLIONS of computers were affected by this virus. Simple cost-analysis says getting the ILOVEYOU guy is more worth it than laboriously tracking down the person who hacked you.
So we should stop pursuing murders who only kill one person and devote our energies to only capturing serial killers because it is more cost effective? One law for all, or we may as well give up.
Fascism should more properly be called corporatism, since it is the merger of state and corporate power.
It's even easier than MS "fixing their security-deficient products" - Windows Scripting Host should not associate itself with .VBS files automatically. Windows 2000, for example, comes out of the box with this association enabled. If at some point during OS installation or WSH installation the user was prompted to enable the association, there might be less people with computers who have the association enabled. This default association combined with user ignorace is what enabled this virus.
It's disappointing that the same media covering the MS antitrust trial can't see (and report) this virus for what it is: hard proof that MS's OS monopoly, which has led them to at least some of their dominance in the desktop application (Outlook) and corporate services (Exchange) markets, isn't always advantageous for consumers.
---- Politics: Kissing ass and pointing blames.
Um, maybe it's just me, but it strikes me that that's a very poor solution. Rather than stopping untrusted scripts from being launched, without making it bloody clear that they could be malicuous (all it would take is a simple dialog box, defaulting to not bothering), you'd preffer a system that scans for virus signatures?
But that's a totally re-active solution. That is, there is nothing that you can do to prevent the damage - only stop it spreading.
Fixing the email client to have a clue might actually _stop_ the problem, rather than shoring up a holed dyke.
OK, pet peeve of mine. The correct plural form of "virus" is either "viruses" or "vira," NOT "virii."
Latin words ending in -us will frequently, though not always, form a plural by replacing the -us with -i, so I can understand why people might think the plural is "viri." The form "virii" has no basis in any sort of Latin; the corresponding singular would be "virius."
However, the Lewis & Short Latin Dictionary online at the Perseus Project, as well as my hardbound dictionary at home, indicates that this word is a little irregular:
Since it's second-declension neuter, the plural is "vira."We now return you to your regularly-scheduled Slashdot discussions....
Ofcourse any hacker worth his salt could put the blame on anyone. This is a witch hunt and must stop, now and in the future. On "new money" that i think are cool, but use M$, i give this warning:
Hi Webmaster,
Interesting sight, but you use Micro$oft. As a responsible 'hacker type'
it is my duty to inform you that you are using *dangerous* system and
server software.
You can run 10x faster, 100x cheaper and somewhere between that more sec-
urely if you use Apache and a strong Unix. (Suggest FreeBSD) Best of all,
it is all free, and i just want to see you use the best of your Internet
connection. The 100x reduction in cost *does not* include all the crashes
and downtime Micro$oft offers you! I am really too busy to set you up
with Un*x/Apache, but save big money making the smart switch. BSD goes up
and stays that way. Solaris is also very good and so is Linux, if it is a
'non-standard' install. *All* offer Apache.
<http://www.netcraft.com/survey/>
<http://www.attrition.org/>
Yours,
BillSF
Where is the Dr Watson, or Norton AntiVirus, or PC-Cillin for Linux ????
They don't exist. That does not mean Linux virii don't exist
Actually, there IS an anti-virus scanner for Linux. One of the major ones. The name escapes me at the moment.. Anyway, it doesn't scan for Linux viruses, it scans for Windows viruses, on a linux machine (i.e. you use the linux machine as a file server).
--- Where's my X.400 protocol decoder?
(sung to Blame Canada, SPBLU the movie)
I LOVE YOU
Is in everybody's mail
The nasty email virus
That circled twice around the world
It nuked my collection
Of Metallica tunes
It transformed my porno
Into a deadly harmful script
Should we blame the idiots
Who clicked the attachment
Should we blame the hacker
Who wrote the evil thing
NO!!!
Blame Microsoft!
Blame Microsoft!
For making Outlook a disaster waiting to happen
Blame Microsoft!
Blame Microsoft!
It's not even an open source company anyway.
---
The computer world can be compared to the natural world. You need a good gene pool. If all of us had the same genetic make-up, we would get wiped out by the first new disease to come along. So why does the entire world insist on using the same software?
Except that no computer virus actually kills a specific piece of software. Afterwards people just install the same software.
Actually, it was on the 11:00 news here in the Seattle area.
Darn curly quotes not getting stripped...
HA - ha! (sucker)
whether it's the real perp or not, it's pretty funny. I *did* like that 'computer periphenalia' line... yeah - watch out!!! he's got an old ISA hard drive controller and a 9600b modem! All VBA macro virus are due to that... sure...
"It's tough to be bilingual when you get hit in the head."
You don't learn do you? :P
All you need to do is send a simple email with a VBScript attachment that modifies the file associations and then forwards itself to everyone in the address book.
Make the message suffiently attractive for users to click and the problem is solved without you ever even having to get out of your chair...
~ppppppppö
So where have you been in the last 54 years - check your facts in any _old_ encyclopedia.
Say for an example you have 3 different Word Processors with the same file format.
If you had the same file format, you wouldn't need to support 3 different Word processors! Of course you need to make sure vendors stick to the rules of the file formats.
If you make a web page and only use the tags that are generic (No "extended" tags) then you don't have to worry too much about supporting the different types of browsers. At my site, we stick to the generic tags for that reason.
The problem with Microsoft is that it doesn't even stay compatible with itself. If you support Word, you need to support Word95, Word97 and Word2000. So I've been suggesting to my management NOT to support Word at all. But of course this is turned down since everyone knows you need to support it if you want to do business. But we keep getting in trouble with different versions. One of our projects has been spending the last three months trying to deliver a Word document with 6000 pages. Grant you, this has nothing to do with versioning, but it still is a problem.
Anyway, what I'm trying to say is we need an open standard. XML is probably a good start as long as no-one (especially MS) doesn't "patent" any tags, which I've been told that Microsoft has tried to do in the past. If you have a standard and open API then you can allow for more competition, and this is what Microsoft tries very hard to let you think they are doing, but destroy it in the process. Kerberos anyone?
The virus spread because all it took was for people with the same set up and same "defaults" to open a file. If you have a standard, then the default of that standard is NOT to execute files with a simple double click. MS stated that this is what customers have asked for (executing code from mail), but I know I have never wanted it. If I want to execute a file, I rather have a different way of doing it, then just a "OPEN".
Sorry for the rant
Steven Rostedt
Steven Rostedt
-- Nevermind
It matters what you are doing. Right now I support a project that people are using Word9X, Word Perfect, Interleaf and Frame Maker. The users have chosen the tool they prefer, but I have to be the one that does the file conversion. Mostly I try to convert everything into RTF since that seems to have the most common interface between those four tools. But you can imagine the pain I have, since none of them work well together.
Having everyone use just one tool is not an option, since these are different companies that are using them, and we don't have the pull to tell them to conform to one. It's in our contract that we will make the necessary conversions for each of the players. But it is understood that we are only converting content and not worrying too much about format (Thank God!).
So you can see, from my view point, why I would like to have a single file format and not care about the tools used to manipulate it. As long as they all work basically the same.
Steven Rostedt
Steven Rostedt
-- Nevermind
Hmm. I think I'll rob this store. On the way in I'll sign my name on thier catalog mailing list, then I'll pose for a photo with the owner's kid, and once I've robbed the place I'll leave my business card in the "get a free lunch" fish bowl on my way out.
I is a very clever thief, isn't I?
Well, that's really odd, considering everything I've heard and read in the last few days say the suspect was female and that it was a pain to get her arrested because she was "a moving target." Well, I guess if you can't trust the cops to tell what gender their suspect is, you can't expect them to arrest the right person either... so I guess it's probably a setup... *shrug*
A Quote from the MSNBC article...
"We have no law on this, so we are looking for a law" that can be used, said Federico Opinion, chief of the National Bureau of Investigation.
--Wow, we don't have a law. hey let's make one and prosecute somebody for breaking it --Now doesn't that sound just like our crappy US law system??--
I patented screwing your mom. But it got revoked for "prior art."
"I believe the only true solution to Microsoft's abusive monopoly is to have at least three independent companies each offering their own
/.ers don't want billys company broken up.
compatible version of Windows."
Everytime I've proposed that here, I've been flamed. Its seems that even
Look at the facts:
You can no longer get into the Word Processing or Spread Sheet software game because of the integration of MS Office. If you wrote a new spreadsheet today, there is no way you could get it to function as cleanly as excel because you don't have access to that info. That is a result of abusing power of being a monopoly. OS's are the same way. The current proposlas for breaking up MS are just plain stupid since they don't make of the new groupos compete agsint themselves. Keep in mind the Judge claimed this was the worst abuse since Standard Oil and that was broken up into about 20 companies.
Ummm... The Philippines didn't have billion dollars in losses. As far as I can tell the only place the losses ever amounted to much was in the US. Europe and Aisa didn't get hit nearly as bad as the US.
All this did was show the world that the Philippines has enough tech-savy to do billions of dollars worth of abuse to US companines computers.
What would have happened had this been an attack from a hostile country? It seems like it could have been quite effective.
'Is not just a lie - he's actually saying "you shouldn't break us up because we'll make less profit".'
What happened to AT&T's profit after their breakup? The resulting companies are making much more profit now than AT&T would have.
How about the profit of the Standard Oil breakup?
Breaking up M$ will be very, very good for its stockholders (except the one that wan't to "be in charge")
Is it just me, or does this have the same melody at Bill Clinton every time there is any kind of gun violence?
BC: Something bad happens, "We need more laws to protect the children."
BG: Something bad happens, "This will happen more if we're broken up. Don't break us up for the sake of the users."
Of course, as we all know, if MS had done something better than a half-assed job with separating the O/S from the application and the user's customizations (err Profile), most of the ILY virus mess couldn't have ever happened.
The difference between customers and users is customers have a choice, users don't. At the moment there are alot of MS users.
Is this guy actually guilty of anything? All he did was write a script (not illegal) and distribute the script (not illegal). It was (l)users who continued the distribute and *damaged* their own machines. No one is responsible accept the people who infected their own and other peoples machines. *That* is illegal. The script doesn't become a virus until its run.
Bother.
I went over to http://www.msn.com to read what was listed about the arrest that was made, and found it ironic that the story they have (asp generated page), has a vbs error at the bottom that causes it to not load in Netscape.
-= Xafloc =-
alinuxbox.com
N
1) The ILOVEYOU was, in fact, malicious. It doesn't just spread, it also overwrites files, intentionaly. And then there is the bit that emails passwords back to the mother ship. Yeah, it could have been worse. But if I just break your legs, when I could have killed you, that doesn't make me a nice guy.
2) There are two seperate propagation exploits, although I haven't heard that the mIRC one was all that effective. But it was there.
I agree that the law enforcement approach is unlikely to end the problem, but it didn't cause the problem, either. And legalizing extortion is an interesting idea to consider, but only in order to realize just how much worse things could be without laws. Think about it more.
Our secret is gamma-irradiated cow manure
Mitsubishi ad
We apologize for the inconvenience.
It is the crappy, crappy, crappy security of Outlook and Visual Basic that created the ecology that this virus used to propogate. As it has been pointed out (after Melissa), why didn't M$ issue a "critical security update" that switched Outlook's VBS run mode to "suspected at all times"? If anything, this stupid virus is one more reason to split M$ so that the idiots in charge of applications have to do a better job at security than on marketing.
The two most common things in the Universe are dark matter and stupidity.
First of all, we don't know how old this person is. The "I hate to go to school" phrase could be delibrately misleading.
Second, Microsoft is not completely at fault. Sure, one should take security seriously, but those that actually do the damage are the ones truly at fault. You're saying that if I leave my house unlocked and someone steals my VCR, I'm the culprit. Now, my negligence would mean that I am partially to blame. But that doesn't justify someone stealing my VCR.
Prune Whip
.css files usually contain Cascading Style Sheet code. Just so you know:-)
Prune Whip
Like paying the Fire Brigade not to set fire to your house.
Get a brain, get a virus checker and read up on the subject.
Either way you look at it, the proposal amounts to blackmail and extortion.
An Eye for an Eye will make the whole world blind - Gandhi
I agree to the extent that the writer of the trojan built a tool, and that tool in itself shouldn't be considered illegal, anymore than a kitchen knife which in the wrong hands could be used to kill someone.
I think it comes down to intent. From the CNN article, it appears the intent was (at least partly) to obtain passwords and userids. If the trojan was created and launched with that intent then I think a crime was committed. And at least in the US, with typically find anyone that commited a crime to also be responsible for the unintended damage that resulted from the crime being carried out (such as armed robbers being guilt of murder if they shoot someone while commiting the robbery).
Likewise, MS had to settle with Caldera because of the intent of making Windows incompatible with other versions of DOS.
Work for Change & GET PAID!
With enough money, you can make "arrested" and "detained" mean any number of things. (I'm being serious.)
The Philipines and Columbia choose to cooperate because they rely on support (Money, Military Aide, excemption from sanctions) from the US Governement and US-friendly corporations.
If these countries didn't comply with US wants, then the US might apply Sanction or withold funding or military support. These countries rely on aide from the US (Columbia wants serious help in fighting drug lords and various rebel groups).
But you are right, they do loose some of their soverignity every time they do this.
It's neocolonialism...
"Can of worms? The can is open... the worms are everywhere."
You're right about the read only files, but had he thought about it, it would've only taken one or two lines of code to unset that attribute. He could have used the same command he used to set the mp3s to hidden. What scares me the most is that this virus disrupted things so much, despite the fact that it isn't even good code (good being a relative term with VBS) I get the feeling that this virus wasn't intended to be distributed, and it seems like something written to prove a concept and the malicious code was added later... Either that, or this guy is very disorganized and not very bright.
But didnt you know? Your safety deposit box is a lot more enjoyable and easy to use if it doesn't come with a lock. You don't know what fun you're missing by not using Outlook.
NPR reported that the boyfriend's (arrested)
girlfriend (still at large) had agreed to come in Tues. but they also mentioned (just in passing, seemingly) that virus creation was NOT against any law in the Philippines.(!!) Any truth to that?
It amuses me that there is a possibility that someone who may have been dumb enough to leave traceable information within the comments of a virus (incuding the line 'I hate go to school'(sic), which makes me wonder about his age, too) is still able to exploit the even greater stupidity of whoever at Microsoft decided that Outlook being able to run VB attachments was a good idea.
They should be arresting the company that sells this Virus Enabled! (tm) software. Microsoft.
War crimes, torture, lies, illegal spying... Would someone give Bush a blowjob, already, so he can be impeached?
by default, windows hides the file extension of registered users. thus, the payload attachment "iloveyou.txt.vbs" appeared to the user as the attachemnt "iloveyou.txt" with the vbs icon. that little tweak, imo, helped to spread this virus. then, not only the truly moronic users spread the virus, but many of the usually-not-moronic ones as well.
and i agree with the sentiment that being able to execute vb scripts via email is fucking retarded. just one more reason not to use microsoft. oh, and that incessant ranting by bill actually made me laugh out loud. what's he gonna do next, beat his fists on the floor and cry in court? pussy.
Well the easist way to contain it would be to not use Outlook, which is horribly insecure mail client. After i heard about this virus, i also changed the default action for double clicking a .vbs to edit instead of open. See how easy it could have been to prevent this?
That is simple too. I'm assuming you image HDs, and don't have someone sitting there installing Winxx everytime you need a fresh computer. Put it n the image. And you don't need to be computer savvy to do what i did. After opening Explorer, it took 2 clicks, scrolling toward the bottom of a list box (i hope even joe blow in marketing can handle this...) A double click to open another windows, clicking on Edit, then clicking on Set As Default. So in all, 6 clicks max (counting the double click as 2). Wait i forgot the really hard part; clicking OK twice. Now, we we've had to do similar changes we sent a detailed email, including pictures of where and what to click. Anyone that couldn't follow those instructions were fired.
Well, IT depts are supposed to be masters of the tech. If they get blamed for an end user NOT following its instructions, well then something is really screwy with your company (no offense :) ). It also sounds like if your company gets hammered by something like this, well then they get what they deserve.
I showed the source to one of the PM's down the hall, after running it through a formatting filter. Didn't tell him it was the virus.. His response was; 'If one of my employees had written this, they wouldn't work here.. The code is muddled, there are variables that shouldn't exist, and he changes his mind about far too many things midstream. All in all, a pretty poor clone of that I-LUV-U virus. The only thing done correctly is the indentation.'
.sig: Now legally binding!
Well, about one thing anyway: The front line of defense against such sophisticated viruses is a continually evolving computer-operating system that attracts the efforts of eager software developers, Gates said. As that recent CBC article points out, an "eager software developer" constitutes a hacker, and what penguin-powered continually evolving hacker-maintained operating sytem do you know of? :) And yet somehow, despite the fact that we don't produce our OS and our software under the same roof, or even in the same country, or even have any communication with each other in many circumstances, Linux mysteriously remains free of the ravages of the I LOVE YOU virus. Shocking.
Yes, I think that breaking up Microsoft would increase the number of viruses. Many in this audience consider all Microsoft products -- Windows 95/98/NT, Word, Outlook, Explorer, etc. -- to be viruses. In truth, since they all work together *so well*, they can be classified as a single virus. Now if Microsoft were to be broken up, these programs would be separate entities developed by disparate teams, effectively mutating them each into a different virus. So yes, a breakup will increase the likelihood of a virus getting out there.
Give me my freedom, and I'll take care of my own security, thank you.
what's the difference between "due to a configuration error" and "due to double-clicking a
--
The shareholder is always right.
Well the easist way to contain it would be to not use Outlook, which is horribly insecure mail client. After i heard about this virus, i also changed the default action for double clicking a .vbs to edit instead of open. See how easy it could have been to prevent this?
yes, assuming that you're a moderately computer-savvy user (in which case you're less likely to be using Outlook anyway). but what if you're Joe Shmoe from Marketing who has no idea how to do this, and who will discard and ignore any emails he gets from IT (or, better yet, call the help desk and ask them to do it for him).
in a large corporation, it is a significant burden on the administrators to go around and touch every single user's machine just to change a default. even filtering the virus at the mail server comes with its own set of costs and problems.
the author of said virus should still burn in hell, even if only for a week or two.
-steve
--- "We also were guided by the unlikelihood that anyone would face supernatural evil armed only with technology."
I'm assuming you image HDs, and don't have someone sitting there installing Winxx everytime you need a fresh computer.
heh. it's kinda painful to admit that the IT department of a major tech company is in such bad shape... let's just say that Messrs. Bolt, Beranek, and Newman would be pretty unhappy if they saw the state of the department i work in (disclaimer: i'm just a contractor!)
however, while this would be a good plan, it won't work here. users tend to ignore messages from IT if they don't feel that they are necessary (and yes, i can think of a few people in the department who couldn't be bothered to do the change described above).
Anyone that couldn't follow those instructions were fired.
this is an excellent plan. unfortunately, we have nowhere near the authority to enforce this.
the obvious thing to do in this situation is to let the people who won't follow directions just get screwed next time a virus comes around. however, we (the IT department) still take shit when they get into trouble, and we still have to waste time fixing them, so it's a bittersweet victory.
in short, the only way to know for sure that the problem has been fixed properly is for us to do it ourselves, and i'm sure this company is not the only one for which that is true.
i reiterate: recovering from a virus like this one is not trivial. releasing viruses like this one is not a good way to "highlight security weaknesses" or whatever.
-steve
--- "We also were guided by the unlikelihood that anyone would face supernatural evil armed only with technology."
If they get blamed for an end user NOT following its instructions, well then something is really screwy with your company
words don't describe how true this statement is. that's why i'm so glad i'm a contractor.
-steve
--- "We also were guided by the unlikelihood that anyone would face supernatural evil armed only with technology."
"data darwinism" I like that term.
I wonder if there isn't parallel lessons to learn here about biological diversity. The reason for the rapid and quick spread was due to the proliferation (if not standardization) of Outlook. If other e-mail clients existed in larger numbers in the population they would have represented a resistance to the spread.
In animal populations that are endangered and then make a recovery the diversity of the DNA makeup of each indivual is low since they all closely related. As such they are very susceptable to a single illness wiping them out.
So to those companies and organizations who strive to standardized (typically on MS products) beware of the other edge of the sword.
I think this whole virus thing is a setup by the the FBI, Metallica and big companies.
- FBI get's credit for "tracking down" the virus writer, and it gets more funds for solving internet crime.
- Big companies can sell more anti virus software and at the same time they scare the employees who will not trust email anymore and use it less often
- Metallica has released the virus so all THEIR mp3 and scanned covers of cd's get deleted, since they can not shut down napster
(sorry about the spelling mistakes, but I'm not using a typerighter)
I think is the media that create the viruses on purpose because they want to have this story that people think are cool
Except the first thing the worm did was to change that timeout to 0 (which means no timeout). Your idea was forseen by the writer of the worm.
Limbaugh, it seems, is a Mac user and was utterly untroubled by the TH. Even he could see that if the only systems affected by it are running Windows, then Microsoft is the problem, not the solution.
And the brethren went away edified.
It'd be great to see someone other than MS benefit from MS's faults; and it'd also be great to see some genuinely useful (by anybody) Outlook alternatives.
(Thinks to self... "Now where did I put that spare time? I never can find it")
we're hiring! jobs@microsoft.com
I always wanted to be able to say that without being off topic! Obviously the way this virus propagates led authorities back to the correct server. Time stamps would quickly narrow the search down to victem number one. Since apparantly they have a list of all incoming calls to that server during the time period in question it may be easy to trace the perp. Of course if there are calls on the log from pay phones maybe not.
I used to think that until I read this article, but this:
Is not just a lie - he's actually saying "you shouldn't break us up because we'll make less profit". The whole point of breaking up the company so that they can't reap these benefits in the traditional microsoft way - by reaming everyone else.
I'm sick of people saying that Mr. Gates is naive and think's he's doing the right thing - he's an evil megalomaniac, and the sooner the world is rid of him the better.
Whomever wrote that mean little thing (I'm not saying the recent news about copyright infringement on MP3's is related, but ...) was not interested in really screwing up machines as they were in:
getting/increasing attention from the media
pissing off some guy in Manila
having a laugh at the rest of the world
my $0.02
Amen - can you believe that three of the eleven boneheads who executed the attachment at my company actually work in IT? I want to give the three of 'em a Stooges' slap.
The girl is this guy's girlfriend, its her computer but they think he did it. Read ZDnet
They also mention a 20-year old suspect from Germany studying in Australia.
someone e-mail me the virus as a file attachment so I can save it to disk and get even with some spammers of mine. Send it to dpalev@hotmail.com
poop.
I want to know where the obligatory poll is that usually accompinies articles covering "hot topics". You know, something like the following; short and sweet.
" Splitting MS up will cause more viruses. Do you aggree with Bill Gates?"
- Aggree, ILOVEYOU would have been worse without MS's great software.
- Disagree, this is just more MS fud from the master.
Most likely ol' Bill vetoed the poll, because even he knows that 99.8% of voters would have disagreed. I just cannot believe the audacity of Bill Gates, does he think that all computer users are MS lemmings?People are looking at this ILOVEYOU virus totally backwards. So someone sends a malicious script in an email, I admit that's not good, but why is the email client executing it?
Seems to me, if you're concerned about security in any way, you should simply avoid insecure programs like outlook. RPC can allow people to do nasty things to my linux box, so I disable it! I don't let people I don't know run programs on my machine. Seems simple enough.
Personally, I see this more as a revealed flaw (feature?) in outlook more than a virus!
Webmaster, City of Saint Paul
"The large print giveth, and the small print taketh away" -- "Step Right Up", Tom Waits
If we look at Java, we can use its secure sandbox and run our email program inside of it. Anything that comes from the outside world is going to have a very hard time hurting the user's machine. We can grant just enough permission to the program that it can store emails somewhere, and prevent it from doing anything else.
I think Windows comes with a QuickView application. Why does Word run when I open a document attachment? Why doesn't it run QuickView instead, which, as a read-only viewer package, would presumably not have the giant security holes that exist in the Office apps? So I think there are two very bad design decisions here -- the first is the idea of using the default "associated" program to view an attachment (or anything else that comes in from the internet, for that matter). The second is permitting any of this information to emerge from a sandbox-like environment without getting permission from the user, or a virus scan, or both.
There are already mail checking laboratories that people can use if they want (they've stopped non-techie friends of mine forwarding worms accidentally). But enforcing use of this sort of centralised facility would be a deeply Bad Thing, imho-- consider the possibilities for censorship.
GROGGS: alive and well and living in
IANAL so, I wonder how, the fact that these Windows Users elected to click the link would effect the Legal case, (in the World at large.)?
AIUI, in the UK with the Computer Misuse Act requires the prosecution to demonstrate that the suspect "caused" the Computer to perform the operations which compromised its security. This would seem to make Trojans legal ?
Can anybody add anything to this?
As far as I am aware, it has been reported that there is no law against writing or distributing a virus in the Philippines. One of the reasons they could not arrest him was that he had broken no laws. from the bbc http://news.bbc.co.uk/hi/english/sci/tech/newsid_7 40000/740623.stm But the Philippines authorities are unsure if anyone can be prosecuted, because there is no specific law in the Philippines making the dissemination of computer viruses illegal. The warrants for the search of the apartment were granted on the basis of a suspected breach of the banking laws.
Hmmm.... methinks 'twas because to make a really good virus, it used to be necessary to do some skillful assembly coding. But now a good (effective, fast-spreading) virus can be easily written in VBscript because of Microsoft "features."
Let the record show that I use the word "good" in terms of effectiveness as a virus. Let the record also show that I do not condone virii, and that anyone who writes them is abusing power and wasting a good brain, and should be beaten with a ruler. Let the record finally show that I am sick and tired of having to write disclaimers.
===
-J
Karma: T-rexcellent.
I dont buy it. Keeping the WP example, with multiple progs that interoperate well all a corporate IT dept has to do is support and train one of them. Whats needed to get the diversity in place is a policy that (1) allows users or departments to bring in any compatible tool if they dont happen to like the one thats being fully supported, (2) restricts the IT departments support of such tools to troubleshooting installation and issues that can be traced to a system-level rather than application-level problem, (3) reserves the IT depts right to add any such tool to a list of WP progs you may not use here "because we already know they cause problems on the network" and by that I mean problems for other users, not just for the guys using it - if they want to use it and are prepared to live with those problems or find workarounds thats fine. its only when you start causing other folks difficulty that it becomes an issue.
so long as every user can get access to the prog that IS trained and supported, and all the file formats are compatible then they always have a way to get at their data and work even if their favourite prog goes ti... er... toes up.
# human firmware exploit
# Word will insert into your optic buffer
# without bounds checking
I had a
Acording to MS Word, and it's nifty inovative thesuras (SP?) inovative is like a feature, or a higlight, specilatity is also an option.
I always thought innovation was comming up with some thing new and exciting but it seems I am wrong. This also means that MS new Media player really is innovative, one of it's featuers being the ability to look like an Apple quicktime player...
Also, running a VBscript in an email is highlight of outlook, yet another innovation. But I think the most innovative piece is surely outlooks specialtiy, running third party virus experiments...
Tokyo Joe
This case is most certainly not over :)
it's in my head
One problem with this - Napster searches your shared drives looking for
There may be ways to propagate the virus/worm/trojan thinking that it is an MP3, but Napster is not one of them.
~ I haven't lost my mind. It's backed up on tape somewhere.
I find this entire ILOVEYOU virus disaster to be sad. After reading the source to the virus, it seems to have some cute, if destructive code in it. If only the person who wrote it would put the time that he/she put into making the virus into doing something valuable for society, such as putting the time into your favorite open source project.
.....
Also, if mirco$oft would not be so prevalent, or would pay more attention to security with outlook, this virus would not have been as damaging as it was. I am just glad that my email client does not support macros, active x,
The list goes on with ms products.
and then get rid of my computer, everyone will think I was set up?
--
I personally got something like 47 copies of the virus. Good thing I run Linux...
-----
Vikhozhu odin ya na darogu;
Skvoz' tuman kremnisti put' blectit;
Noch' tikha. Pystinya vnemlet bogu,
Rhapsody in Numbers
You don't mention the best analogy for "monoculture = bad".
We need to make the mainstream media aware of the analogy with 19th century Ireland. Everyone used the same product - based their lives on uniformity.
Then the first disease that came along, wiped out everything. The entire country starved.
Uniformity provides horrific exposure to diseases whether blights or computer viruses.
Well, since you no longer use it, can I have your serial bong?
New Microsoft Lungbuster 2000... with integrated Visual Basic, getting 'e-mail bombed' will take on a whole new meaning.
Insanity is the last line of defence for the master diplomat. But you have to lay the groundwork early.
According to NPR this morning, when the local law enforcement entered the suspects house they found a wide assortment of computer periphenalia .
Who on earth doesn't have at least some form of computer periphenalia laying around the house? That remote control you use for the TV is pretty suspicious. Not to mention the fuzzy logic can opener. Hey, what about the kids furby?
Something else to note is that these very "innovations" are what's making it possible to create these viruses. If they weren't so quick to feature-bloat their software without checking their security, these viruses wouldn't be so easy to code. VBScript comes standard with IE5. Our workplace was largely unaffected due to the fact that most of our internet-enabled PCs are running IE4... well, that, and we use Lotus Notes on Domino for email instead of Outlook.
+++
+++
NO CARRIER
by our country's heroic, intelligent crime fighters. They singlehandedly outmastered and conquered the world's premiere virus writers in the space of a few days. The intelligence of the hacker virus writers is in question, since everyone knows that only morons and idiots would write virii or spread warez.
Extreme sarcasm intended. But, I swanny, there's more to it than people see. Why, in any stupid fashion, would someone pinpoint a virus to their city, when it could be anywhere in the world. And the whole Barok program last year, same identities on it; I'm not sure if this was a trial of ignorance, or a trial of just how much they can get away with before they're caught. Or maybe they just didn't think they could be prosecuted, since they're in the Phillipines.
"The front line of defense against such sophisticated viruses is a continually evolving computer-operating system that attracts the efforts of eager software developers, Gates said." Now, what OS does this description fit better: Windows, or anything open-sourced? Talk about shooting yourself in the foot. . .
Under its proposal, Microsoft would provide open, timely and complete access to the parts of the Windows operating system code used by independent software companies to design applications to run on Windows. Complete access to parts... WTF?? How can they expect people to get over joyed. That's like saying We're gonna let you have anything you want, except what we don't want you to have!!
The problem I see with your biological virus analogy is that I don't consciously learn anything from having been exposed to a virus; it is my immune system that learns how to make antibodies to fend off future exposures. What then, is the immune system of my computer? Probably some component of the operating system. So to belabor all of this . . . Windows has not gotten better and stronger at fighting off viruses based on previous encounters with computer viruses. Indeed, one could argue that it has been made weaker by the inclusion of such features as Windows Scripting Host - it is losing T-cells with each release.
I'll also have to respectfully disagree with your contention that ILOVEYOU was not "deliberately malicious." Certainly the "bugfix" program that it attempted to install on infected computers had the potential to wreak further havoc.
Slightly disreputable, albeit gregarious
The main downfall of Melissa or ILOVEYOU is the sheer speed at which it propagates.
.oO0Oo.
Spewing forth upon contraction is a bit silly for a virus. Much better to lie dormant for some time and then infect slowly.
Spewing leaves much evidence and lets people get a clue that there is a problem. Maybe there is a WSH virus that has infected many, many machines and is trickling their passwords out right now.
I might even try it myself.
Just a very dark thought
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
I guess we should thank Micro$oft for this world-wide disaster. We just had to have IE and Outlook integrated into the operating system didn't we?
What a bunch of jerks.
All so MS could thumb their nose at the judge and the Justice Department and say: "Why, it's integral to the operating system now, we can't change it! We don't make them install it!"
Well, now we see the big benefit of all that integration. They should have Bill pay for the damage done.
The Justice Department is right.
(from dictionary.com)
maybe you should double-check yourself before being snide to others?
--
"continually evolving computer-operating system that attracts the efforts of eager software developers"
Doesn't exist. Hmmm...I wonder if he can say Linux?
Lesee:
continually evolving?
many, many variants.
Attracts efforts of eager software developers?
Well since everyone has acess to the underlying parts of the OS it's possible to make decent programs...so it makes people eager.
I'm a little skeptical about MS's offer to release the Windows source in "timely" manner. Since all their other products come out on time I'm sure this won't be any different...And further it seems like the wording is a little abusive: something to the effect of portions of the OS that are useful for software developers. Who decides that anyway?
~i = an imaginary being~
~i = an imaginary being~
Hmm.. I'm with you until #4...but #5 I just can't agree with.. who on earth wants a VBScript programmer? And such a sloppy one at that? (did you look at the code?..quite amusing)
A man in the Philippines??? I thought it was a schoolboy, since somewhere on top of the file he said 'I hate going to school'...T XT.vbs.txt IIRC...)
(The source can be found at http://www.security.nl/files/LOVE-LETTER-FOR-YOU.
had a story on Saturday written by two `experts`, who declared that it was written in a language called `Virtual basic`.
The ignorance of journalists in this field ceased to suprise me years ago...
A.
So now we begin the fallout of the ILOVEYOU worm. Here's an important opinion that may have looked over.
Pay attention.
Note how this worm targets mp3's and jpg's. What is the most transported form of data over the net? Pornography and music. The most used graphics which everyone creates images with? jpg's. Napster - mp3's. Ok, now we have a good start. Let's get psycological. What would you do if your friend sent you a love letter through email? You'd be immediately confused and want to know what's up, and that love letter attachment has your answer. Whoops! You forgot to put your personal curiosity aside and remember the volitility in email attachments.
Next.
Let's think deeply now at situations at hand. Who would possibly want to wage war by putting little trojan horses on the backs of our beloved jpg's and mp3's? Maybe someone that dispises those file formats. Maybe someone trying to protect them. Remember from a short while ago how some people were considering flooding napster with bunk mp3's? So now you've downloaded Dre's new song and it turns out to be Garth Brooks. What's up with that? Who would do such an evil thing? And one more thing.. it's not just mp3's. It's mp*. Which means mp3s, mpgs, mpegs. Music....AND video. The RIAA is furious over Napster. They have also admitted that they now know that they are going to have a very difficult time winning this war in the courtroom, so they are looking for outside ways.. hmm. How about the MPAA? They're pretty pissed off about the cracking of DVD encryption. How about the strong backing for anti-online porn? Mattel and others have just had their databases cracked for other people to find out exactly who's blocking what. Let's have a little secret meeting and bump heads to see what can be done about this scurge on the internet. Let's hire a digital vigilante assassin. And not just any, they have to know how to do the job right, and they MUST be out of the United States juristiction. Out of other strong foriegn nations as well, but especially the U.S.
Experts looking at the code of the love bug worm even are finding it a little fishy. It may not even be from the Phillipines. That could easily be a hacked host from which to have spawned it from. Either way, someone appears they know what they were doing, and may easily get away with it. From digitalamusement.com
Somehow I don't think we will ever get the real story on this one, but the real culprits will remain unpunushed. Those persons are the corporate IS folk who blindly embraced the computer monoculture of Microsquish. By designing a corporate infostructure that allowed such a virus to spread like wildfire, they contributed almost as much as the person who did the origional deed. Proclamantions to the contrary are like that of the person who insists on not having safe sex and then becomes a vector for aids. A robust corporate operating enviroment these days must include a number of different machines, operating systems and application programs. To base ones corporate future (or national future even worse) on a single suite of stuff (be it Microsquish, Apple, Linux or whatever) is the equivalent of farming with only a certain strain of a certain crop. You may win, but if you get wiped out, please hold the whining down, the rest of us wish to get some constructive work done...
Why Blame a 15 kid when the real culprit is a multi-billion dollar software companies crappy software??
-Elendale (of course, this particular post is BS and deserves to be labeled: TROLL)
IANAT (I Am Not A Troll)
YES, there *is* a distinction between "arrested" and "detained" in the Philippines.
as an aside:
in the philippines, being "detained" can sometimes be worse than being "arrested"
if you're "arrested", it usually means there is a record kept somewhere that they *did* have you in their custody.
"detained" or "invited" may mean the authorities can go, "we only talked to him but we let him go, and we're not responsible anymore for what happened afterwards" (ie, they "disappear" your sorry ass...)
of course, being such a world-renowned case, there's too many observers watching what happens here, so they probably won't get "disappeared", unlike what they used (?) to do with trade union organisers or activists
-----------------------------------
okay, on another note:
is there any change that's going to come out of this - whether in the behaviour of users or in Microsoft "security" schemes?? given the fact that most users are too gullible and unwary, and are likely to click on ANYTHING that is clickable, what is to prevent this kind of incident from happening again? Microsoft will probably refuse to do anything ("hey, VBScript actually makes your life *better*!") unless they get hauled over the coals in court.
Thanks for the comments & clarifications /.'ers. They were much more informative than the CNN article.
Still interesting that they were hacked by someone whom they had banned. However I think one story said that he came in via another ISP which, obviously, had not banned him.
If you read the CNN story carefully you will learn:
.jpg files and sound .mp3 files. But a second part of the
1.) There was a more dangerous part of this virus which stole passwords.
2.) This part of the virus was removed by the ISP very early after being alerted by a European company.
What this implies, (but which is never stated) is that the ISP must have KNOWINGLY distributed the weaker version of the virus. Why didn't they remove the weak version as well? I find this hard to imagine....perhaps this suggests that some important info is being withheld.
-gnarly.
ps. Here's some quotes from CNN:
The virus also corrupted some files stored on hard drives, particular
picture
virus, disabled before it could do widespread damage, would have been
far more damaging.
[....]
Investigators now theorize the virus was actually a scam designed to
get the originator free Internet access. When the virus was activated,
in addition to destroying files and replicating itself, it accessed a
program that would search out login names and passwords, then mail
them back to the Love Bug author.
[....]
Ayre said a European ISP notified Sky Internet of the virus, and it
was quickly disabled. That portion of the virus affected only about
2,000 people worldwide, mostly in Europe and Asia, he said, and the
company is in the process of notifying all of those victims.
said that he didn't even have a computer in his home.
Anomalous: inconsistent with or deviating from what is usual, normal, or expected
Anomalous: deviating from what is usual, normal, or expected
Canard: a false or unfounded repor
It does have identifying information:
rem barok -loveletter(vbe)
rem by: spyder / ispyder@mail.com / @GRAMMERSoft Group
Whether this is a setup or not, is anybodies guess.
Nothing exists except atoms and empty space; everything else is opinion.
blah blah blah....
I have a hard time believing that anybody who sets out inflict this worm/virus on the world would put personal info in the header of the script. Makes no sense.
They want the credit with people they know. So, they put a few personal facts in it so their close friends will know that they really did do it. Besides, why elsedo soemthing like this than to be able to say "Hey I did it."
"I mean, All you can definately say about a fellow who thinks he's a poached egg, is; He's in the minority." James Burke
Why would you jump to that conclusion as opposed to the probability that the ratio of computers to population might be significantly lower in a 'third world country'? I don't suppose the fact that the virus practically came with a return address was a factor either. With that kind of rationale do you suppose that the DDOS investigation might have included the following exchange?
Fed 1: "(Sigh) Well, we just found out 'mafiaboy' is a white kid. Guess we'll have to look for another suspect."
Fed 2: "Yeah. But he's a Canadian white kid. For all we know he speaks French! Oui, mon ami?"
Fed 1: "Saaaayy... That's right! Let's go, and stop calling me Amy."
carlos
--
As a matter of fact, I am a lawyer. But I play an actor on TV.
This is absolutely true, so long as you read "benefits" as "benefits to Microsoft." Benefit for rest of us, on the other hand, would be much better with an operating system kernel being developed openly, and application writers competing fairly to write software for it
--
share and enjoy
so the girlfrien's sister, who secretly loves him, decides to make her feelings public. therefore she titles the virus "i love you" and plasters his name all over it.
If you don't know what AltaVista is (was), get off my lawn.
As I told a friend the other day, if I could write an ILOVEYOU variant that killed everyone who executed it I would solve 90% of the world's problems. :)
-Zane
This sig is worse than my last.
this guy/gal is most likely just stupid (he/she codes in vb, right?)
they tracked him not primarily by the dumb-ass comment at the top of the code, but by the *logs*
from the isp's where he had people downloading stages two and three of the virus, and the email accounts where it would have sent people's passwords...
i think this is more of a case of a rookie h/\xx0r whose badly written code went a lot further than he expected it to.
Man, you're mean! You're not too far wrong on the IRC bit though...
"Do you think there are answers to everything here? Is that true in the place you come from?" - Agia
IANAL, but I believe there is a difference. However, I'm in mortal fear of being in the custody of the police here for any reason.
"Do you think there are answers to everything here? Is that true in the place you come from?" - Agia
I do not think that something of this size would be that easy to trace. I smell a setup...
Actually, they'll have difficulty releasing him - he was never arrested. He was only asked to answer a few questions - mainly because the Phillipino laws don't cover virus writing.
Richy C.
--
Except 'ILOVEYOU' did 90% of its damage in the first 18hours....
and cleaned of old viruses weekly
Just don't say 'how old' the viruses have to be before they get taken off the list, you know somebody will be waiting to be putting in a virus that has been around since year X...
Richy C.
--
This vb script file had visible source, would it have been compatible with the GPL? would that make it easier or harder to prosecute the author? what if the copywrite was signed over to the FSF?
What scares me of late is how easy it is to create a mutation of this worm. I was chilled to see how many people are actually dumb enough to open something they have no knowledge of. Through media glorification this worm has captured the world's attention. It is a perfect opportunity for 'fame' for bored kids, script kiddies, etc.
how hard would it be? rename the email. rename the script. change a few lines in the script: add a new file extension to overwrite, add a new URL to visit (whatever). Anyone with limited computer knowledge can do this - and people will still open these file attachments.
"My mother never saw the irony in calling me a son-of-a-bitch." - Jack Nicholson
>Like him or not Sig11 is usually quite insightful, just post early, often, and on-topic and you too can benefit from massive flames by generating too much karma.
Sig11 is far too little appreciated. He is knowledgeable on any conceivable topic posted to slashdot. The depth of his insight, and the speed with which he can post a +5 comment on any topic awes me. He is truly a genius of the highest order. How he is able to continually post on slashdot while holding down 3 jobs a major IT companies and serving a research fellow to four different universities is a object of wonder and splendor.
Give me a break. He produces the equivalent of Mr. Ed's lifetime quantity of horeshit every single time he posts.
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
>....and yet Friends is still popular...
Well, ya really got me there! =D
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
geez, either you are too thick to recognize sarcasm or too dim to come up with a witty retort. Which is it? And where can I sign up for the signal 11 fan club?
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
Big Willy G seems to be trying to put a mighty odd spin on a topic that seems to be making headlines ONLY because of the inherent security weaknesses of VBScript. Melissa, ILOVEYOU...anyone running non MS networks have problems with these?
Bacause the FBI has said they'l extradite hime to the US, if the Philipines don't prosecute him to their satisfaction. Now then how can someone who's never been to the US, break US laws. As far as I can understand he would have been under Philipino law while in the Philipines. This is like the US puting warrents out for the arrest of Columbian Cartel leaders, even though none have ever been in the US, so have never been under US juristiction. Its about time the world says we've had enough, & stop the US trying to force their laws on the rest of the world. I don't see the Saudi's trying to arrest Americans who mail Scotch to their relatives working in Saudi Arabia. Which is no different from what the Columbians are doing.
In case anybody needs more, this certainly shows us that AOL & Time Warner shouldn't be joined, and that once they are we will have even worse news coverage then we do now.
If the Illuminati were a joke before, they aren't now. That Time would publish an article from Bill Gates as a place to spread his party line shows just how much these people are all in collusion.
Time Magazine acts as if it has the Mandate of Heaven to decide what is the truth and what is to report. I would like to see their certificate of authority to report the news. And now they've given their supposed authority to Bill Gates so he can spread his FUD, again, with absolutly no reasoning or proof behind his statement. How could a serious magazine allow one of the most biased people in the world (on this particular matter) give an opinion with no facts to back it up?
On a slightly more light note, did anyone notice that they used the word "Desktop" in quotation marks? c'mon people, get with the time.
I think I used up my $0.02 already.
Hopefully I didn't put any [] around my words.
I blame lax standards and poor foundations in the US educational system for this embarrassment. I can only hope that the next highly destructive computer virus is born and bred in the good ole US of A.
D
The first, last, and only tech news site on the net
Now they just have to arrest the millions who actually spreaded the virus by executing unknown programs. This is data darwinism at its finest.
Nah, we'll save that for Metallica to bother with.
--You will rephrase your request for me to go to hell. Goto statements are not acceptable programming constructs
[...]
It's worth reflecting that the AIDS virus achieved far more in protecting society from careless sex, junkies and Third World people than the FBI could possibly hope to achieve. So a would-be author gets blamed for "billions of dollars" worth of damage, and gets a longer jail sentence than the average rapist. There is no way of directly calculating how much more money would have been lost if AIDS had arrived on the scene before smallpox.
[...]
Yes! And your point is...?
Are you suggesting that if "Typhoid Mary" had been caught and thrown in jail that 25 million Mexican Indians would have lived to become customers of the Spanish entrepreneurs?
I'm sure the suspect being little brown fellow from a third world country has nothing to do with it.
:-)
Of course not.. the thing deleted mp3's..
It was the RIAA
A good way to stop these from running - go start/run - wscript - set it to 1 second :-)
If the vbs script is going to finish executing within a second, it's going to be either non threatening, or non destructive.
I did test this out with the ILOVEYOU one as well..
-P
I hate people who quote
I can't believe this previous comment wasn't moderated down. Your a fucking fag.
true. My mistake. correction may he fry in hell. Apologies to anyone to all the homosexuals for my previous comment.
This is _hilarious_!
I can't believe Bill saying that a breakup would cause more viruses. 'We need to "innovate" to prevent more viruses'... Hello? I think it was "innovation" (sarcastic quotes) that got us in to this mess. The fact you can embed VB scripts in E-mail is the stupidest "innovation" I've seen in a while. This feature seems to be used primarily for sending viruses. Folks like me who read E-mail with that "ancient" OS, UNIX, don't catch these viruses.
Microsoft has made it extremely easy for any idiot to write viruses these days. Back in the good ole DOS days at least it required a bit of intelligence: writing a TSR, assembly language, boot sector viruses, stealth viruses, etc. Nowadays, its just a silly little VB script. And having looked over the code for ILOVEYOU myself it is not the "sophisticated virus" that MS claims it was. I have a feeling that we'll see many more like it in the future, at least until people wisen up and stop using Outlook for E-mail!
I agree,but you're overlooking the obvious problem here...these are NOT tech savvy journalists who are reporting the story. It's all getting fed to them via A)"industry experts" or B)the college intern down the hall downloading MP3s in his/her spare time.
This is another view of the world.
The new rule of viruses in the Microsoft world:
"Be careful what you WSH for, everyone may get it!"
-L
It seems pretty obvious to me that the person they caught either was a civilian in the wrong place at the wrong time, or someone who has been framed. The author of the virus left a suspicious number of clues around. The second line of the virus reads like this:
rem by: spyder / ispyder@mail.com / @GRAMMERSoft Group / Manila, Philippines
Also, any of the pages that it sets your home page to are on http://www.skyinet.net, under four different account names. Whoever wrote the virus was either an idiot or somewhat intelligent enough to put the blame on someone else.
This site seems to have quite a few links. Not as up to date as /. but still.
This seems like a dumb question, but I have seen a lot of articles that point to words in the virus itself and point to where it must have come from.
Isn't it possible, that there are many public locations in the US that you don't have to log in to, that you can put a virus out undetected? Maybe even write up the virus so no associations are tied to yourself?
It just seems to me that it could be easily done, yet the "people responsible" are caught within a week.
Maybe this says something about the whole security of the internet, and the applications we currently use?
Unless of course you are on crack.
There are arguements both ways, but if Microsoft owns 90% of the desktops in the world, wouldn't people write things that effect 9 out of 10 users? If another OS were dominating like that, wouldn't people exploit it.
Just a question. (wasn't apache.org kindly hacked last week?)
No sides, I just want something that gets the job done.
a)write the virus, but disabled
b) then, send it to a dummy email account.
c) and in the end go to an internet cafe and spread the ENabled virus using another dummy email account.
Maybe i am wrong, but i think it covers up traces.
OK there is an EVEN better way: write ALL the code AT the internet cafe...AWESOME!
a signature
Does anyone else find it sucpiscious that no computer was found in this guys house? Maybe its just me but this makes me think its a setup. Moreover they arrested him after watching him for several days and finding no evidence.
Moreover why are they arresting both him and his girlfriend? is this normal?
If you liked this thought maybe you would find my blog nice too:
Maybe they can even save time and paper space by just asking all Outlook user to switch to something without MS!
I'm curious, could Microsoft be held legally liable for the obvious risk that Outlook holds for its customers? I think that this is similar to the recent lawsuits against cigarette companies.
IMO, I think MS should never have released Visual Basic, let alone documentation for it... :-)
But this is probably a topic best left for another day.
(Spudley Strikes Again!)
According to a swedish virus expert (the one who first found the author of the Melissa virus), it is german student living in Australia that is responsible the lovletter-virus.
/ The Arrow
/ The Arrow
"How lovely you are. So lovely in my straightjacket..." - Nny
It's to early to decide if this is actually the guy. What evidence to they really have yet? I want to wait and see before I decide anything. Why couldn't a black hat have just used his account to spread the trojan? They have been known to do that, ya know. ;) Smart baclk hats will never be caught...it is soooo easy to avoid being caught, but it seems that so many are careless or dumb. (I guess thankfully....so they get caught easier!)
Anyway, if it is him...I'm sure they will find out. I just prefer to wait and see.
<> Kat ^_^
"Never give up, for that is just the time and place when the tide will change." -Harriet Beecher Stowe ^_^
Why Micrsoft is at fault, apart from the incredibly stupid concept of WordBasic, is that Outlook allows something that by definition should be a piece of ascii text have effective root access to the entire system.
It's just lucky someone particularly malicious hasn't adapted this virus to something like the cih virus, or a nice firmware scrambler.
I've repeatedly thought of releasing a jscript virus that is only an explanation of why virii like this are stupid, not real hacking, and how MS should strike macros completely. At least in Outlook.
But that little aspiration was quickly squinched by my aversion to 6x4 rooms. I just don't like the geometry.
And that's my two cents. CNN will return after this short message. -A
-- In the city of angels, dark blood is currency, and the fire of heaven is the chosen light by which to prosper --
reality check in 5 seconds 5...4...3...2...1 NOT! whether this schmuck in the phillipines or his girlfriend is the perpetrator I don't know, but I do know that stupidity is just as likely (more likely in fact) to be the source of any of these attacks as anything else. the only intelligence required to pull off this stunt was to copy an idea that's been used already and expand on it maliciously to destroy some files. big deal -- no genius required.
face it - if i had outlined this scheme to you beforehand, you would have called me an idiot. "I'm gonna send an email with a script attached and millions of idiots will open it because it says it's from someone they know and it says I LOVE YOU." ROFLMAO! people in my dot-com opened this message -- the first source was the ceo (male) and a male opened it...did they really think the ceo was in love with them? could you have predicted this would work as a lure? no - only a moron would have expected it to work, which is exactly my point...
so before you go dredging up conspiracy theories think about it...i mean after all, the whole country is so stupid that they couldn't even get a search warrant for his apartment on a saturday. this guy, his girlfriend, his mother and everyone else they know could, and in fact probably ARE that stupid
It's not funny till someone gets hurt.
The human immune system needs to be trained. This is the current justification for vaccinations - especially at a youthful age. Viruses transferred through breast milk have a similar effect. Some studies have shown that living in a slightly filthier home (Kenny's house), leads to better immune protection. The body beats the little battles and is made stronger for the big ones.
Having had chicken pox at an early age, I'm safe from the adult version which is far more detrimental.
No offense, but calling a racist scumbucket a "fag" isn't improving matters. later
So at this point, considering the differing stories I've heard the past week, this would make the hacker a 15-23 year-old, teenager computer science major who is both male and female? :)
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
So News.com is reporting that Bloomberg is quoting Agence France-Press who is citing unidentified sources. Talk about getting your information third hand! And they wonder why I don't trust the media.
I'm not an actor, but I play one on tv.
...Phillipino laws don't cover virus writing.
Thank ghod for that. I think the best thing that could happen would be for this virus writer to get off scot free. Why? Because after the media's done pissing and moaning about it, people will realize that the only way to protect yourself is to give a rat's ass about security. Right now, I get the feeling that the law is a bit of a crutch for people.
Hell, I remember when most of the industry press denied such a thing as a "virus" could exist.
Yes it was. But if you had actually read how it was accomplished, you would have realised that it was due to a configuration error.
I beleive that the ftp root directory had been set to the same directory as the http root, and that one of the ftp directories (and hence a http directory) was writeable. It was a simple matter to upload a php script that would run programs with web server privileges.
I reckon most, if not all, web servers with a similar setup could be hacked [sic].
--
"You take a distribution! Rename! Stamp CD's! IPO!"
- CmdrTaco, Geeks in Space, Episode 2 from 6:18 to 6:23.
"Chiswick! Fresh horses!"
Sending off all of the machines cached passwords to an email address at an easily accessable and cloakable free email site would totally cloak my identity. I don't think anyone who would write something as malicious as this would even worry about people's passwords.
I really am starting to think along the lines that this I Love You Virus could be a cover-up for something else. Focusing everyone on a particularly malicious and (I think purposefully) poorly written script could have let something else thru the IS Security Fishing Net (full of holes). And I really don't think that people's behavior will change because of it (People rarely call the geek they know and question (How do i not get viruses). Since most of the focus on the net is on E-Com nowadays, security is also more focused on a particular tenant; privacy instead of including integrity.
'I hate go to school..
I think Mahir wrote this one..
The Face -= o_O
-.Shaun.-
From : http://news.bbc.co.uk/hi/english/sci/tech/newsid_7 40000/740558.stm " But no search warrant could be obtained until Monday because hacking is not a crime under Philippines law - one was eventually issued under the Access Device Act, governing codes, account numbers and passwords. " Sounds damn dubious to me. Also I don't like the way the FBI is the acting as the proverbial "L'Éminence Grise" in this matter. Conspiracy theorists are going to have a field day ...
One ring to rule them all, One ring to find them, One Ring to bring them all and in the darkness bind them.
Another evil person gets an idea, he is going to start an epidemy, copies 100% of the code and "kind" enough to leave the original author credits for it ;\
Maybe the first author never intended to do any harm, only explore security holes and code for fun.
Is the possession/authoring of virus code itself illegal or only the effects it can cause?
If someone writes a virus, which doens't manage to spread or do any harm, could he be prosecuted for that, writing malicios code. You see, an open source fdisk command can be malicious too. And what if that someone has access to that code...
So IMHO the one that spread this virus with intention to start an epidemic, is the one responsible not the one that wrote it.
If you got HIV, and spread it you are breaking the law, but you don't have to be executed or isolated just because you carry it.
My Virus of DEsinty wouldn't be stupid enough to give me away.
Adam's Preliminary Page of BANG~!
Adam's Preliminary Page of BANG~!
http://www.ualberta.ca/~engel
In a lawless environment (or in an environmen where law is not enforcable) everyone is responsible for his own security on the internet? If you are not secured, you cannot complain about being attacked.
Therefore, operating system should provide security as one of the basic functions.
While the US government let micro$oft be a monopoly for far too long they created a beast against their interest: a totally non-secure system running on 90% of computers.
Congratulations! It's now time to spend Bill's extra profit on remedying the situation.
Why dont they kill these things before they get to the users. ;) Richard Thomas Cyberlot Gaming Network
I have a idea for this, but have no were near the skills to get it done
Use a sendmail blacklist like idea, where a central server holds a list, but in this case it would be the basic sigs of the viruses
Mail servers would download this list daily and use it to create a filter to kill these emails before they even get through
This list would be updated as soon as a virus was found out, it wouldnt stop them all, but it would help prevent rampant outbreaks.
The list would be updated daily, and cleaned of old viruses weekly to keep it from getting to big and slowing down servers to much
Anyone interested in this idea, feel free to email me at cyberlotnet@hotmail.com and I will make a list and hook everyone up to get this going.. Anyone who chooses to run with this just mention me please
Personal Website
Does anyone know the difference between the Melissa virus and the ILOVEU virus??? Seems to me they pretty much do the same thing. Wasn't the hole plugged???
Microsoft ~ALTRUISTIC!?!? For this, we justify an environment in which sociopaths can readily craft world network-disrupting code with Visual Basic?
.edu network, that cr@p about the Slashdot world view of the inherently evil other side(s) don't sell that well! We KNOW the value of a multiple OS world!
Since we run NT servers (and Linux, BSD, and MacOs) in a multiplatform major
But face it: ILOVEYOU was just another in a string of worms/viruses (W9x-&c) made possible by Microsoft's tight coupling of OS, office apps, email, browser, Visual programming environments, etc. That Gates Viewpoint article is a blatant attempt in the trial context to divert any questioning of the peculiar VULNERABILITIES of Win&C to malicious trashing while keeping public focus on MS's 'creativity argument' defense for tightly linking proprietary apps and OS.
His claim of breakup 'effects' promoting more viruses, sounds like typical MS disinformation/scare tactics what would be familiar to readers of the Linux-bashing Halloween 'papers'.
Let's try to scope some data on the subject:
What's the current count of Win viruses and worms?
How many Mac and Linux and BSD systems were DIRECTLY infected by ILOVEYOU etc?
What's the current count of Linux (open source) viruses and worms?
(Multiply these numbers by some acceptable fractions for the proportions of Win installations vs. Linux installations...)
Oh, and what's the number of Mac-based viruses and worms that have been as widely distributed and network-disruptive as MELISSA?? (weighted for Mac % of total OS installations)
WELL?
Microsoft: Where do you want to infect today?
The really sad thing is that the hole MicroS.... doesn't have all the potential of the 15 year-old guys, who play with the system as you could play a game in a play-station. I thing that companies as this one in question must have people looking for hackers or crackers like this one and pay them for security work and not keep telling to the people that the next patch will really fix all the bugs.
elseif(ext="jpg") or ext="jpeg") then
*snip* bad script pup, no code...
change to ext="mdb", "xl", "xls"....
get the point? instend of targeting porn kiddies and napster fans, your targeting business... they got a whole lot more important data and $$ to lose..
Here's a thought.....if MickeySoft wrote their software right THE FIRST TIME....they wouldn't have to be paranoid about more viruses after the breakup!
It takes a village of idiots to build a kingdom of morons.
Huh?
Those of us who work with security and have done application work before, are doing a massive double-take on this syllogism (or at least its premises), since it seems 180 degrees opposite to reality: it was, after all the innovation of MicroSoft application developers that made Outlook so vulnerable to a VBS-based worm, and of course it was the innovation of the worm creator which caused all of this trouble in the first place. Lack of innovation isn't the problem here -- we already have innovation up to our eyeballs. Arguably, innovation caused, more than prevented Love Bug.
What's needed is not more innovation but accountability. Innovation without accountability is just reckless. Virus creators keep doing what they are doing because they don't have any accountability (or at least perceive this to be the case). Similarly, MicroSoft in its monopolistic perch apparently never perceived that they would be held accountable for their predatory, playground-bully practices. But now, thanks to the Justice Department et al they are. Accountability at last. Accountability for their sloppy software design decisions is yet to come.
So, as Our Friend Bill continues to push his "don't let the government stifle our innovation!" PR campaign, hopefully in the weeks and months ahead we'll all keep in mind how innovative the Love Bug worm was, and this will be a constant reminder that, as usual, Bill is only telling half of the story.
DC AirBag
My ancestors evolved from primordial ooze, and all I got was this lousy Existential Angst!
Wouldn't that void the warranty?
(sorry, couldn't resist)
2) Food for thought: If you go on CNN and do their little unscientific cyber-poll about ILOVEYOU, something like 50% of the respondents never received it (me, included). I keep on seeing this "43 million users affected" number popping up in news reports. I wonder what the real numbers are...
Hard to say. The company I work for, f'rinstance, someone got the ILOVEYOU message, ran it, and bang, everyone in the global address list (i.e., the entire company) got mailed. The mail server overloaded, it got shut down, and was down until IT had cleaned it out. But all this happened early Friday morning, so most people just got in to work and found email switched off.
So, one way of looking at it is that only a few people here received the virus. Another was is to say that 1000 people did.
Presumably all the large estimates (like the 43 million you mentioned) are based on how many people the virus was sent to, not how many people actually received it.
Are you being deliberately obtuse, or does it come naturally.
Government policies make the massive propogation of damaging viruses inevitable because they cause under exposure of the immune system. We don't need world wide policy changes, one country with reasonable technological sohphistication would be sufficient.
> It does absolutely nothing to address the real issue: preventing virii like this from affecting so many people in such a drastic way.
No, it does absolutely everything to prevent virii like this from effecting (look it up) people in such a drastic way. Within weeks of some variation of this policy being taken up, the number of exploitable holes left in computer systems would plummit. This way, the holes which are exploited will cause limited damage. It will soon be beyond the reach of lone nutters to cause any damage.
I'm saying that viruses are potentially damaging, and all we've seen so far is a tiny taster of what is to come. If people continue to bury their heads in the sand, we are going to see some real damage, and it won't be some script kiddie wiping out a few files, it will be some well funded fanatical group with an axe to grind indulging in cyber-warefare.
I'm not sure whether payment for fixing is necessary, it's the most secure, but it might be overkill.
http://rareformnewmedia.com/
Nice, but there are reasons why the argument is valid in one instance, but not in the other.
How likely is the production of nasty viruses without encouragement ?
computer viruses: inevitable
real viruses: unlikely (for the moment)
How much protection from similar exploits does one gain from an exposed exploit ?
computer viruses: substantial
real viruses: minimal
In the long run, your reductio ad absurdum argument might be less preposterous than you suppose.
http://rareformnewmedia.com/
Think of your anti-virus software as your immune system. Anti-virus companies would charge a fair bit, but would guarantee you against infection. Fees payable to virus companies could be paid by anti-virus companies if you were on maintenance. Virus companies would really start to compete with one another.
As for malicious, rm *.mp3 *.jpg is nasty, but
format f:
format e:
format d:
format c:
would be malicious. The author was going for maximum propogation, not maximum damage.
http://rareformnewmedia.com/
It's a question of responsiblity. People claim my scheme is legalized extortion. I see it more as a fine for irresponsible behaviour. There's this notion that if you get infected with a virus, you're the victim. The way I see it, if you're infected with a virus you are to blame. If your computer is performing illegal activities then I believe you are at least partially at fault. Certainly running stupid software (Outlook) makes this more likely, but ultimately it's your responsibility to run good software, and to use it sensibly.
/).
You own a computer which is connected to a worldwide network. In the wrong hands your computer could cause untold damage. As computers become ever more tightly integrated into the fabric of civilisation, the damage that can be caused grows. If you own a gun and leave it loaded and lying in a playground, you can blame the kid for stealing it and shooting someone, but you're also at fault for not exercising due dilligence. A malicious virus gaining control of as many computers as ILOVEYOU managed could cause more damage than a postal worker. Suppose the virus contained voice software and dialed in hoax messages to emergency services, etc etc.
If the network is to have any chance of robustness, then everybody has to take responsiblity for their part of the network. It's worse than useless to say "virus writing is illegal, so if I catch a virus I'm a victim". Unless we have some relatively harmless mechanism to continually stress test the network, we leave ourselves open to catastrophy.
PS, when I said ILOVEYOU was not malicious, I meant it. The author simply didn't give a damn how much damage he caused. Which is not the same as deliberately causing maximum damge (eg format c: | rm -rf
http://rareformnewmedia.com/
So, they think they've caught the person responsible for ILOVEYOU virus. No, they haven't, the best they can hope to do is shoot the messenger.
Who's really responsible for ILOVEYOU virus ? Conventional wisdom would blame one of these groups:
1. The virus author
2. Clueless users
3. Microsoft
4. System Administrators
these are all wrong.
1. It takes one person to create a virus, there are 6,000,000,000 people on the planet. A policy of trying to dissuade anyone from writing a virus is unlikely to be successful.
2. You can't really expect everybody to become a computer security expert, they're unaware of the dangers until they've been hit. Also, not all viruses propagate through user stupidity.
3. Microsoft is only partly to blame. Their main crime here is encouraging user ignorance.
4. System Administrators do what they can, but there will always be a trade-off between how much power the user has and how much damage they can cause through carelessness. Also, management won't pay for the extra security unless they know it's necessary, ie holes will only be plugged after they're exploited.
The real culprit is short-sited government policies, where as ever they believe that the best way to make a problem go away is to legislate against it. The stupidity of these policies is driven home by the fact that the more successful law enforcement is at pursuing virus writers, the more dangerous the situation becomes.
Suppose the FBI manages to catch and prosecute almost every 37337 loser who puts together a virus. A strong chance of getting caught will discourage legions of mostly harmless experimenters from trying out new viruses. This will certainly cut down on the number of exploits explored. User carelessness will steadily grow, security measures will become half hearted and forgotten, meanwhile reliance on computer/networked infrastructure will increase, backups will be ignored. However, someone sometime is going to put together a truly effective, malicious virus. Even ILOVEYOU was not deliberately malicious, and furthermore only relied on a single propogation exploit. Without a constant flow of new viruses a dedicated team will be able to exploit multiple unguarded exploits.
The role of the FBI here is that of an overprotective mother who tries to make sure that her precious (corporate America) never gets exposed to any germs. She does everything in her power to keep her baby out of harm's way and pumps it full of anti-biotics as soon it gets the sniffles.
So far, no great harm has come to her child, except for a recent nasty cold. This last outbreak has the FBI desperately searching for the nasty virus writer to seek out and punish him/her (more anti-biotics). The anxious mother wants more resources to keep those nasty bugs away from her baby (corporate America).
Trouble is, this policy has left her child sickly and pitifully devoid of natural defences. When a really nasty bug comes along it's going to hurt. Mummy's heart is in the right place, but her head is lodged deep in her anal cavity. If she had any sense, she would send her kid off to play at Kenny's house, he'll probably complain, but it's for his own good.
If you want your children to grow up healthy and strong they must be exposed to viruses. Instead of clamping down on virus writers, we should reward them. Encourage a legalised virus industry. The user periodically looks at a file called c:/gotcha which would occasionally pop into existence with a message along the lines of:
HI, THIS MACHINE HAS CAUGHT A VIRUS FROM VIRAL INFECTIONS CORPORATION A CURE FOR THIS VIRUS CAN BE PURCHASED FROM WWW.VIRALINFECTIONS.COM AT $2 PER MACHINE, THE ID FOR THIS MACHINE IS 239884623
Purchasing the official fix would repair any damage done by the virus, and also provide an explanation of the exploit used to gain access to the users machine. Viruses that caused data corruption without an available fix would still be illegal.
The scheme needs a little fine-tuning, like a maximum chargeable fix-up fee etc, but something like this is the only workable long term solution. The current approach is leading to a situation where a truly malicious virus will cause serious harm.
It's worth reflecting that the Mellisa author achieved far more in protecting society from harmful computer viruses than the FBI could possibly hope to achieve. So he gets blamed for "billions of dollars" worth of damage, and gets a longer jail sentence than the average rapist. There is no way of directly calculating how much more money would have been lost if ILOVEYOU had arrived on the scene before Mellisa.
Even ILOVEYOU has probably done more good than harm. Suppose ILOVEYOU had deliberately corrupted harddrives at random instead of just mp3/jpg/etc files. Suppose it had done something really nasty. For instance, searched for Quicken files and appended "Transfer-Balance" instructions to the end of your home banking todo list. This was a clever little exploit put together by some German hackers who wanted to demonstrate the dangers of ActiveX, another nutrious primordial soup Microsoft created for viruses. The beauty of this exploit was, you would go through all the security procedures, entering passwords, the bank calling your computer back, etc, and without knowing it you were escorting the rogue instructions past security. There's worse things that can happen than losing a few songs or images.
http://rareformnewmedia.com/
Hey, not fair, who beat me to the number 1 and 2 spots ?
I would prefer to have the option of paying not be shot, and buying a bullet proof jacket rather than just getting shot. If you had read fully you would see that I proposed a (fairly small) limit be set on maximum chargeable fee. Do you really think that professional teams of terrorist programmers would be deferred by the (minimal) danger of capture ? Is it really wise to leave vast amounts of infrastructure at the mercy of anybody anywhere ?
http://rareformnewmedia.com/
Every few monthes there is a huge flap over some new virus propagated through Outlook Express running on Windows. The press breathlessly covers the manhunt to capture the "hacker", then drops the story as soon as he is caught, as if everyones computer has been made more secure becasuse some moron is in jail. I understand that it is more glamourous to find a human being to scapegoat, but the media is complicit security problems by writing countless editorials calling for harsher punishment for "hackers" while staying silent on the real problems and issues, the things we can do something about: Microsoft and other companies are allowed to get away with shipping insecure software with no penalties to their balance sheet or reputation. If I ran a major corporation running Windows and Outlook Express, I'd be asking my legal department to look into suing Microsoft to recover revenue I'd lost when my employees were dealing with virii instead of making and selling stuff. Is there any other industry in the world in which the manufacturers are allowed to get away with selling products they know to be defective? Why isn't there a class action lawsuit against MS for the 1e9 dollers allegedly lost?
One difference between gene and code virusmakers is that it's easier to protect yourself against your own computer viruses than against medical ones.
Though, I just had the idea of targetting the virus aginst anybody who doesn't share some particular genetic trait of mine. E.g.: against males or females or younger people or people on a certain diet,... (shiver)
__
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
man, the boy is really clawing at reasons not to get nailed. sad really.
but in all seriousness there's a nugget of truth in there. keeping in mind that there *may* have been a backdoor in iis for about four years, and that w2k was released with thousands of bugs (demonstrating that no one person understands the whole rats nest), and that microsoft employees supposedly have a devotion of sorts to their leader... well, what might happen if ms gets broken up?
lets say some programmer there really wanted to work on the "kernel," even though she was slaving away on outlook or office, etc. ms splits and suddenly any hopes she has of going on the nt dev team vanish. she's stuck in the apps company, but she's very familiar with the kernel internals (the minus to closed s/w - black hats having access to it can be much more destructive) so she redirects her rage to the society that robbed her of her chance. "you destoyed microsoft! you've taken away our ability to innovate! you'll get yours now you ungrateful world!"
sounds a bit extreme but ms hires thousands of people, surely there are some that would follow that path. if i had nt servers, i'd be nervous about now - particularly since gates has given folks like that the seed of the idea.
US Citizen living abroad? Register to vote!
The virus did have some identity info - a comment and an email address. But they are not legal proof by any means.
Legal proof may be obtained from the person's machine, though one may argue it has not been hacked as well.
Just the fact that the virus list four different accounts at a phlippines ISP as sources for the additional payload and all of these are different from the account in the comments will make me highly suspicious.
Anyway, we will see. Though I have the gut feeling that someone will be convicted to a very high term on the basis of circumstantial or no evidence. Just another case of a witch hunt...
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Considering that this morning, the newswires were stating with some certainty that it was a woman that was responsible, how come it's a guy that has been arrested?
Or are they just stooges for the real culprit(The german student in Australia mentioned elsewhere)?
> Use anti-virus software, and be sure to regularly update the software from the vendor?s Web site.
Woo-hoo! Step right up, folks! We've got the cure to last week's pandemic!
> Don?t open files sent to you via e-mail from unfamiliar sources.
I'm sure "billions and billions" of people are congratulating themselves right now for doing exactly that last week.
> Check with colleagues and associates before opening files they send you without notification.
To: myboss@my.com
From: byzantine.general@my.com
Subject: That message you just sent.
Hey Boss,
I just got an e-message from you. Is it safe to read? Shouldn't you start sending a notification message first, so we'll know the next message is safe?
\me
> Be aware of how viruses operate, and watch for the telltale signs.
Hmmm. I sure do have a lot of free disk space now that I've read my mail. Maybe I'd better call tech support.
> Don?t download anything from unfamiliar Web sites.
Alas, we'll see an economic downturn if people quit p0rnsh0pping.
--
Sheesh, evil *and* a jerk. -- Jade
> Before we accuse someone of a crime, we have to define what that crime is?
That's really an interesting question.
He wrote a program, and users had the option of whether or not they wanted to run it.
Of course there was deception involved to lure people into running the program, and the deception led people to run it and get unwanted effects.
Of other-course, if we base a decision on that way of looking at it, does that also make it a crime when "legitimate" software makers include a back door, easter egg, or anything else that you didn't know you were buying, if you take them to court and claim that you were decieved into running something you didn't want? (As it stands, I suspect that this would result in lawsuits rather than criminal prosecution. But what is the fundamental difference?)
At any rate, is it even possible to write a law that makes "bad stuff" illegal, without loopholes? Or will we be saddled with the old "I know it when I see it" parody of law?
--
Sheesh, evil *and* a jerk. -- Jade
no, that would definitely be malice :-)
========
<sig>Guvf vf abg n frperg zrffntr
Okay.
/, and post it to usenet, am I guilty if some half-wit runs it?
From my ignorant techie point of view, and yes, I'm ignoringa luser psychology here....
This virus was a human-readable vbscript (.vbs), mailed as an attachment. It didn't run on it's own, it required the user to do that. It's not like it hid itself inside another program like virii of old, either.. really, it's a worm, not a virus. Viruses hide within something. This thing just exists on it's own.
So.. if I write a perl script that, when run, mails itself to every email address on the system, then does a rm -rf
He/she didn't ask if the virus could use those resources, but he/she didn't RUN the virus, and ditn' even ASK for it to be run. Of course, he did say 'please read the attached loveletter'.. but gee.. billy.. even the ICON is totally different!
Which opening is this? The one that let's users manually run a program that was mailed as an attachment? How is that something new?
...this really takes the cake.
/. "Down With Da Man" Kiddies up in arms by using "what if MY system had been compromised" argument. Your system is one system. Thousands if not MILLIONS of computers were affected by this virus. Simple cost-analysis says getting the ILOVEYOU guy is more worth it than laboriously tracking down the person who hacked you.
First you make the totally specious comparison between food poisoning and virus spreading. As if I could "accidentally" create a virus by leaving some code on my desk for a while the same way mayonaise can go bad.
Then you try to get the
Moderators: Please moderate based on post content, not name recognition.
CmdrTaco: Maybe there should be an additional restriction on moderators so they can't see the name of the poster.
--
Have Exchange users? Want to run Linux? Can't afford OpenMail?
Linux MAPI Server!
http://www.openone.com/software/MailOne/
(Exchange Migration HOWTO coming soon)
Does anyone still remember the time when "virus" (or "virii or whatever) meant skillfully coded peace of assembly code, not terribly written script that practically anyone can write after one hour of studying?
But on the other hand, these thingies seem to spread a bit faster than the good ol' viriis. Big thanks to Microsoft for that.
That relationship would suffer because the Justice Department's proposal for breaking up the company would result in fewer innovations of Windows programs, he said.
The breakup order also would end improvements to the Internet software in Windows and cripple company efforts to develop a write-on tablet that allows notes to be transferred seamlessly to a personal computer, Gates said.
"The benefits of developing operating systems and applications software under the same roof will increase as new intelligent devices emerge over the next few years," he said.
This solidifies something that has been in the back of my mind for a long time. From the eyes of Slashdot, MS and Gates are evil maurauders hell-bent on collecting their taxes and ruining life for all other software developers. But of course, we rarely see things the ways our adversaries do. I think that the above quotes help me understand why Gates and Microsoft behave the way they do. All below is my take on what Microsoft thinks of itself, not what I directly think of the company.
Microsoft is in it, altruistically, for the end user. Sure, they're not completely altruistic--after all, they have to make a profit like the rest of us. However, they are really trying to give something back to the customer, not screw them over.
To Microsoft, the end user is a computer illeterate whose definition of good software is easy software. They don't want to spend a lot of time understanding the alien machine, just using it.
Furthermore, Microsoft believes that the way to simplify is to homogenize the environment. That is, if you have three different vendors with three different software brands on your desktop, you have to learn three times the stuff.
Microsoft needs their monopoly because they have no other way to provide a homogenous user environment. Third party software pollutes the environment, and makes the machine harder to use. Therefore, Microsoft will do anything and everything in its power to prevent such pollution. This is why it works so hard to foil anyone else's attempt to make significant inroads.
This is what they mean by freedom to innovate. If everybody just left them alone, they could make a beautiful user experience without worrying about fighting off things like Java, Netscape, and Linux.
They're in it for the users.
(now my own takes).
This is completely opposite the Slashdot worldview. Each side thinks that the other is inherantly evil because we can't see eye to eye.
I used to think they were inherently evil. I'm not sure anymore, but I do believe that they are horribly wrongheaded.
--The basis of all love is respect
The front line of defense against such sophisticated viruses is a continually evolving computer-operating system that attracts the efforts of eager software developers, Gates said
Indeed :)
--- Hot Shot City is particularly good.
I am apalled at the free ride Microsoft is getting on this story. There is a lot of excitement that a manhunt necessarily creates, but I'm going to be pissed if they mainstream media lets them off the hook once the excitement dies down. The big story isn't that some poor shmuck was able to exploit the security hole, but that the hole has remained open for so long.
Microsoft's post-Melissa failure to deal with this particular security fiasco is reprehensible because there's a very simple solution to the problem exploited by the Melissa and ILOVEYOU trojans -- and no, it's not making the programs unscriptable.
Any system which excecutes scripts embedded in documents should require that scripts be cryptographically signed by an authorized party before running them.
Lotus Notes has been doing this for something like nigh on ten years now, even backin the salad days of the '386. This solution is not that different from the IE mechanism for granting trust to downloaded programs -- but now in the context of Office and Exchange, practically all downloaded documents are potentially programs.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Riiiiiiiight.
Kid: "Mommy, can I make a web page? Johnny showed me his -- it's really neato! It has all sorts of cool graphics and links and stuff!"
Mom: (flipping through file cabinet) "Oh, I'm sorry hon, you have to take your Internet Usage Authorization Test first! You'll get an Internet Authorization Learner's Permit, good until you turn 18. We'll call the Global Access International Association and ask them to send over the forms. You'll be up on the web in 8-10 years."
Please. If you're so concerned about what happens on the Internet, get yourself some software that blocks all sites except mainstream sources that you deem personally acceptable. After all, what you think is "racist hate" could be satire, research, or something else of value to others.
Besides, one of the principal reasons that the Internet has grown so quickly is that it is free and anonymous (for the most part, at least). People don't need to worry about things that social graces prevent in the real world. When's the last time you went to a store and were able to ask the salesperson for recommendations, features, and comparisons between hundreds of items without him/her getting pissed at you for not buying anything?
Regulating the 'Net always seems like a good idea, until you realize the sheer arrogance that its proponents always have.
For more information, click here.
The point isn't that he is not eligible for the death penalty under current law. The point is that with political forces as they are in the Philippines right now, we could see such eligibility being legislated in the future.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
He's quite right, of course. One of the worst things that can happen, from a virus writer's point of view, is a mass migration from DOS-based Win9X and Macro-happy Outlook to a platform with permissions which isn't controlled by a monopoly vendor who wants to force Outlook on everyone. Of course, I dunno if he had that OS in mind ...
perl -e 'fork||print for split//,"hahahaha"'
Now, a few big caveats: Technically, Outlook does run random code, but only random VBScript/JScript. VBScript and JScript are both designed with security in mind. The ILOVEYOU trojan could not have run as an embedded script in an email message. Do you browse the web with Javascript turned on? If so, your browser is "executing random code" too.
Caveat two: Yes, Outlook has had a few notorious bugs in its scripting security. A lot of programs have security bugs, even UN*X programs. Does Outlook have too many? Maybe, or maybe they're just more obvious, because more people use Outlook. Is Outlook more susceptible to bugs, because it tries to do too much? Quite possibly. But if that bothers you, just set your email security zone to "restricted" (which disables scripts in email, among other things.)
Caveat three: Win9x doesn't have any intra-system security, so any malicious code can do more damage on a Win9x machine than it could on a UN*X machine. But Win9x isn't supposed to have that sort of protection. If you need it, you can always run Windows 2000 (which, like UN*X systems, would not allow one user's carelessness to affect anyone else.)
But, again, none of these caveats has any bearing on ILOVEYOU, which would work just as well on any mail program that can handle attachments.
MSK
MSK
I've bitten my tongue so far, instead of responding to all the people ranting about how the ILOVEYOU "virus" is evidence of "security holes" in Outlook. (Inicidentally, ILOVEYOU is neither a virus nor a worm, but rather a trojan horse.)
You've got it right... there is a reason why attacks like these happen to Windows and not other OSs, but it's not security holes, it's just population. Linux viruses don't spread, because Linux machines are far less likely to communicate with other Linux machines than Windows machines are.
I hope you realize, though, that "inbreeding" of code is a much more difficult problem to solve than a simple security hole. In fact, multiple platforms might just cause more problems than they solve; I think it would be more effective to spend time educating users, and the media, and politicians, (and, hell, most Slashdot readers,) so they don't allow incidents like this to happen in the future.
MSK
(2) Did he send the virus to a US site or release it locally where it eventually spread worldwide and to the US (i.e., he himself did not attack a US computer directly).
(3) Why extradite? If this is deemed necessary, then so too must it be necessary to extradite hundreds of thousands of US based web site operators for transmitting porn to places in the world where it's highly illegal like Saudi Arabia. A double standard here?
The media remains silent on these issues.
Nobody wants to feel stupid (which is what you ought to do if you did not larn the lesson after Melissa)
Not only that, but everyone wants to feel safe. Like justice has been done. This is a prime example of the main theme of Arlington Road (if you haven't seen it, do.)
The film deals with the idea of a scapegoat being convicted for a crime that involved the arrested, but the conspirators were never found or caught.
Same thing here. People love to feel all good and like 'justice has been done'. People feel safe now that this person has been arrested. What's to say if they really did it? or more likely if they were the only person involved. Personally, I'm not going to bet 100% that this is the actual person who created it or distributed it. Even if they produce some kind of proof, what's to say that it's not just that, produced?
Remember the DDoS attacks of February? They arrested some kid in Montreal. Now everyone feels all safe because the 'bad guy' is in jail. Same thing.
It's hard to decide what to trust nowadays.
Further proof that Gates will spew forth absolutely any lie that suits his purposes. As we all know, what makes virus outbreaks like this possible is (1) the unbelievably shoddy security of Microsoft products, and (2) the fact that those products constitute 90% of the market. It's kinda like the potato monoculture of nineteenth-century Ireland that got wiped out by a single form of blight, causing incredible starvation.
I can't wait until Microsoft is broken into tiny little pieces. Only problem is that Gates is still going to come out of this a billionaire, unless the private antitrust litigants tear him apart. Which might happen.
- Have a picture
The difference between ten years ago and now is that these junky and unreliable systems are now ubiquitious in business and are connected to the internet; back then, there were commonly standalone database and word processing PCs. None of these systems were designed for the kind of use they're now getting. An insurance agency runs out and gets ten machines from Best Buy, gets internet access through AOL or a local ISP, and uses the freebie versions of Outlook, Word, and Excel that came with those machines.
This is a terrible situation. Machines that crash frequently and are difficult to configure have become commonplace and are being used for important work. The virus issue aside, look at some of the issues that have to be dealt with:
Most consumer level machines don't come with Zip drives or any way of making backups, other than 1.44M floppies. Yet these same machines come with 8 gigabyte hard drives. Even a Zip disk isn't going to make a dent in that. Linux is not any better than Windows in this regard.
When you get in a hole and have to reinstall Windows, you lose the registry. This means you have to reinstall every piece of software over again, even though it may already be on your hard drive and perfectly usable otherwise.
Shared libraries and DLLs are complete hell to maintain. Install a new program and watch one or some of your old ones stop working. Don't be smug; Gnome and KDE are just as bad as Windows in this regard.
Virii are just another kink in the system, maybe no worse than any of the above. If a hard drive crashed today on 95% of the computers in existence today, the information on it would be irretreivably lost. Heck, at every company I've worked at the usual followup to such a disaster is "The backup seems to be corrupted," and then "The safety backup is bad too." Would losing your system to a virus be any worse?
What this implies, (but which is never stated) is that the ISP must have KNOWINGLY distributed the weaker version of the virus.
.vbs trojan. The article refers to this second file when it says the trojan "accessed a program that would search out login names and passwords, then mail them back to the Love Bug author." When the article says "that portion of the virus" they mean the second file which only 2000 people downloaded from Sky Internet.
I think your interpretation is accurate given what is in the article, however, the article doesn't provide all the information.
What Sky Internet was (presumably unknowingly) distributing was copies of the file WIN-BUGFIX.EXE which the ILOVEYOU trojan downloaded to users harddrives AFTER they had run the ILOVEYOU
Once Sky Internet was aware someone was using their site to distribute this second piece of software, they yanked the accounts used to host the file.
I don't think Sky Internet wouldn't have had any access to the original trojan (other than anyone else that has received a copy) and wouldn't have edited it out part of it but then forwarded the rest.
Work for Change & GET PAID!
Doesn't that remind you of UCITA?
umm, that's not what was happening. people are double-clicking the attachments. yeah, it would be nice if the e-mail program had a good way to distingish among "harmless text", "mostly harmless text" (might force a ctrl-alt-del at most), "executable script", and "binary executable".
(striking the above-quoted part of your sentence wouldn't kill your main point, though, which is really good: but now Gates is using his own shitty programming as an excuse to keep the company together)
--
The shareholder is always right.
Summary:
innovative/innovation: used 4 times
protect the children: used once
janet reno is a nazi: zero
So I guess this debate isn't over yet...
numb
Unfortunately, it's just not that simple.
Say for an example you have 3 different Word Processors with the same file format. You've just trippled your training budget for Word processors. Your tech support staff now has to support 3 times as many products. You're also 3 times as likely to run into a bug that keeps you from setting up standard templates you're trying to develop, and now the people working on them need to know 3 different word processors and spend time testing on all of them to make sure it all works.
It doesn't take too long until managment and support figure out that this is just too costly. A virus can take them down for several days each quarter, and they're still better off. So they standardize on one of the word processors for their company. Other companies may standardize on a different word processor, but then you have to train people when you hire them from other companies. Soon enough a clear leader shows up, and you have a monopoly in the word processor world.
This is assuming they all have the same features. If one has better features (including stability) than the others, then it may win out sooner.
Diversity is a pretty costly solution to the problem. You always have to balance security against other benifits. The problem is that for a lot of companies, a system with poor security suits their needs pretty well. Managers can always hope that a virus won't take them down at a really bad time, but even if it does it may be less costly than some of the solutions.
coninually evolving?
Open source software is released early and released often. Not to mention it's free!
attracting eager software developers?
Since MSs stock price has gone down like a white house intern, open source it atracing more venture capitol and eager software developers.
___
The Hacker News Network is running a nice round-up of this "Catch that Spyder" clusterfuck. Funny.
Much Love,
"S"HM
*****
(I refuse to spellcheck out of contempt for your belief system)
- Use anti-virus software, and be sure to regularly update the software from the vendor's Web site.
- Don't open files sent to you via e-mail from unfamiliar sources. Check with colleagues and associates before opening files they send you without notification.
- Be aware of how viruses operate, and watch for the telltale signs.
- Don't download anything from unfamiliar Web sites.
Can't someone add the obvious:Don't give web pages and e-mail control over your computer!
Nobody gives Joe User good instructions how to shut off scripting in LookOut and Internet Exploiter. All media focus on how much damage has been done without really telling how to protect oneself. C'mon journalists. Simply tell your readers what to shut off!
All opinions are my own - until criticized
So focus on the virus maker (or a scapegoat) instead of the (l)users who really mostly have themselves to blame.
This loveletter had "VIRUS" written all over it. Nevertheless people who *knew* what a VBscript can do fell for it. I'm not surprised that they want to nail someone.
All opinions are my own - until criticized
I heard earlier on NPR that the guy who was arrested lives with his girlfriend and his girlfriends sister. Apparrently the sister just graduated from the computer college there. Hmmmm this makes sense, how many virus writing guys would be able to "think outside the box" and send a loveletter vs how many virus writing females would think "inside the box" and produce a loveletter??
Do they have the wrong person under suspicion/arrested?
no sig.
Now, the contractor may get sued. The people who got broken into may have learned a lesson about taking charge of their own security. But none of this reduces the legal repercussions on the person who actually went out and broke the law.
Thats the way it is in the real world. You leave your car unlocked, you may have trouble with the insurance company if it gets stolen, but the car thief doesn't get any lighter charges. A pickpocket isn't committing less of a crime if your wallet is in your back or front pocket, even if one makes it easier on him. And a person who writes and distributes a virus to cause damage to people's systems isn't going to get any less blame because it was an "easy" system to damage. That doesn't mean that the makers of the system have no responsibility to those financially injured, but it has no bearing on how activly the virus creator should be prosecuted.
-Kahuna Burger
...will work for Chick tracts...
a couple quick notes, first Microsoft is releasing a patch to all it's customers called "IHATEYOU" as the subject like, and the anti-virii fix is called "Microsoft_hates_all_it's_users.vbs", double click to install the fix.
Second, this is what will be an everyday thing if Microsoft relases more information on it's API. This is a total lack of security on Microsofts part, they never should have relased any documenation on visual basic.
"`Ford, you're turning into a penguin. Stop it.'" -THHGTTG
"By Double-clicking on this attachment you are taking full responsibility for the consequences of this program . . . Not valid in Idaho . . ."
This has been a test of the Slashdot Broadcast Network . . .
An Invisible Entity of Vast Power whose existence must be taken on faith alone: Liberal Media
Some thoughts...
1)Are the authorities going to investigate the folks who are so happily presenting new and improved permutations of the virus? (I especially liked the resume variation).
2) Food for thought: If you go on CNN and do their little unscientific cyber-poll about ILOVEYOU, something like 50% of the respondents never received it (me, included). I keep on seeing this "43 million users affected" number popping up in news reports. I wonder what the real numbers are...
3)Also, I am seeing signs that there is going to be a push for world wide cyberpolice (after this little incident). I happened to read this weekend somewhere that Canadian authorities are looking into creating some sort of world wide law enforcement cyber bureau. Interesting...
This is another view of the world.
Here is the Actual Time Article by Gates
http://www.time.com /time/magazine/articles/0,3266,44557,00.html
It's in Time But it belongs on Segfault
134340: I am not a number. I am a free planet!
I believe the only true solution to Microsoft's abusive monopoly is to have at least three independent companies each offering their own compatible version of Windows. Each company could choose its own priorities -- adding features, fixing bugs, improving security -- and the market would decide which version of Windows suited its needs best, instead of the current arrangement where the market is forced to accept whatever Microsoft chooses to release. Have a look at some of the Windows 2000 features listed at "http:/ /www.microsoft.com/windows2000/guide/professional/ features/default.asp"; wouldn't you readily give up some of those new features in return for not having to worry about the next macro virus trashing your company's computers again?
Skeptics claim this would overly complicate the market, but I don't think it would confuse matters any more than having so many different versions of Windows already out there. They also say that this would result in many incompatible versions of Windows running around, but to that I say that any company releasing a version of Windows with compatibility problems would suffer in the market, so they have an incentive to strive for simplicity and compatibility... and, besides, how many compatibility issues are there between Windows 95/98/NT/2000 already?
Meanwhile, Microsoft is making noise about trying to appease the government by offering a version of Windows which merely 'hides' browser access, thereby demonstrating that they have no interest in legally recognizing their illegal tie of two products. They've shown that they have no qualms about breaking the law as long as they can defer or escape punishment (by tying it up in drawn-out courtroom cases); it should be obvious by now that any further legal restrictions on the company would be pointless, and that any 'solution' which results in a single company still being responsible for the operating system isn't a solution at all.
[...]
Who's really responsible for genetically-engineered virus? Conventional wisdom would blame one of these groups:
1. The virus author
2. Clueless victims
3. Microsoft
4. Public health systems
[...]
these are all wrong.
1. It takes one mad scientist to create a virus, there are 6,000,000,000 people on the planet. A policy of trying to dissuade anyone from engineering a virus is unlikely to be successful.
2. You can't really expect everybody to become a medical expert, they're unaware of the dangers until they've been hit. Also, not all viruses propagate through people stupidity.
3. Microsoft is only partly to blame. Their main crime here is encouraging user ignorance (you get your medical information form Encarta?).
4. Public health systems do what they can, but there will always be a trade-off between how much power the patient has and how much damage they can cause through carelessness. Also, goverments won't pay for the extra care unless they know it's necessary, ie illnesses will only be cured after they're extended.
[...]
Suppose the FBI manages to catch and prosecute almost every mad scientist who puts together a virus. A strong chance of getting caught will discourage legions of mostly harmless experimenters from trying out new viruses. This will certainly cut down on the number of weaknesses explored. Patient carelessness will steadily grow, security measures will become half hearted and forgotten, meanwhile reliance on body health will increase, healthy habits will be ignored. However, someone sometime is going to put together a truly effective, malicious virus. Even AIDS was not deliberately malicious, and furthermore only relied on a single propogation exploit. Without a constant flow of new viruses a dedicated team will be able to exploit multiple unguarded vulnerabilities.
[...]
Trouble is, this policy has left her child sickly and pitifully devoid of natural defences.
[...]
If you want your children to grow up healthy and strong they must be exposed to viruses. Instead of clamping down on virus developers, we should reward them. Encourage a legalised virus industry. Everybody periodically gets injected which would occasionally pop into existence with symptoms along the lines of:
HI, YOUR LEFT KIDNEY HAS CAUGHT A VIRUS FROM VIRAL INFECTIONS CORPORATION A CURE FOR THIS VIRUS CAN BE PURCHASED FROM WWW.VIRALINFECTIONS.COM AT $2 PER PERSON, YOUR ID FOR THIS MACHINE IS 239884623. THANK YOU FOR GETTING CAUGHT. WE'RE OUT TO HELP YOU (tm)
[...]
It's worth reflecting that the AIDS virus achieved far more in protecting society from careless sex, junkies and Third World people than the FBI could possibly hope to achieve. So a would-be author gets blamed for "billions of dollars" worth of damage, and gets a longer jail sentence than the average rapist. There is no way of directly calculating how much more money would have been lost if AIDS had arrived on the scene before smallpox.
[...]
Isn't cut 'n' paste great?
__
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
OK, so he didn't endorse it BY NAME...;-)
DNA is a Turing machine. You, however, being dynamic and emergent, are not.
If I were inclined to destroy the information on a HD, I'd (1) remove the HD, (2) drive several nails through it, (3) drop it in the nearest reasonably deep body of water, and (4) install a new HD. This process can be performed in fifteen minutes or less, not counting travel time, and works with any version of PGPwipe.
Before we accuse someone of a crime, we have to define what that crime is?
What crime did the virus author commit? How does this crime differ from companies placing hidden functions within their software (ie, spy-ware and delete-the-competition's-dll-ware)?
What I'm getting at here is that any prosecution of this fellow would require dragging Steve Case and Bill Gates into court also.
Aah, change is good. -- Rafiki
Yeah, but it ain't easy. -- Simba
That relationship would suffer because the Justice Department's proposal for breaking up the company would result in fewer innovations of Windows programs, he said.
The breakup order also would end improvements to the Internet software in Windows and cripple company efforts to develop a write-on tablet that allows notes to be transferred seamlessly to a personal computer, Gates said.
"The benefits of developing operating systems and applications software under the same roof will increase as new intelligent devices emerge over the next few years," he said.
Having read that, I understand Microsoft a lot more. It is hard for a company to consistently spout the same lies and ignore reality as consistently as they have--unless they don't think they're lying.
Microsoft doesn't see themselves as megalomaniacs trying to take over the world. They are here to help us.
Microsoft believes that the single worst thing in software today is chaos and incompatibility. They are trying their best to save us from it, and these damned Government nincompoops are getting in the way!
My honest belief is that Microsoft truly believes that the way to provide the best user experience is for one company to provide a unified suite of products, untainted by those of other vendors. They, of course, are in the position to do just that, providing that the government get off their backs and pesky competitors such as Linux, Netscape, and Java stop polluting the computing environment.
They believe the Devo quote: "Freedom of choice is what you've got. Freedom from choice is what you want."
To Microsoft, this isn't about billions of dollars. This isn't about market share, though market share is the best measure of how they are doing. This is completely altruistic, and is about giving the end user the best possible computing experience.
This sounds patently ludicrous to the open source/free software crowd that hangs around Slashdot. Here, the general belief is that open standards is all you need, and that competing implementations of these standards will provide better software. Unity of software is less important than technical excellence among Slashdotters.
The above may explain Microsoft's near-religious bullheadedness, and why Bill simply can't understand why so many people think that he is the Antichrist. We're starting from absolutely different base assumptions, and have completely different goals, and we both think that we are doing what is best for computing as a whole.
Personally, I think that he is reaching for quite laudable goals with entirely the wrong tools.
--The basis of all love is respect
First slashdot spelled "Terrance" as "Terence" and "Philip" as "Phillip". Now extrapolating from the latter, we find "Philippines" spelled as "Phillipines". We can do better, guys.
As for what the Philippines will do with the guy, I'd hate to be in his shoes. Remember, the Philippines is the country that is most expanding its use of the death penalty (whereas most countries are banning it or continuing to enforce it for certain established crimes like murder). Legislators in the Philippines have recently called for the death penalty for negligent ferry operators (in response to the recent ferry disastors there). Perhaps we'll soon see calls for the death penalty for billion-dollar-in-losses virus writers?
Back when the Philippines were a US colony, they were bound by the equivalent of the US's constitution, including the right against cruel and unusual punishments. My understanding is that the modern Philippines have moved away from such standards. It's sad, really.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
This is super funny, you _could_ think it was posted on The Union...
Thimo
--
Avoid the Gates of Hell. Use Linux!
"Such as virus writers":
Bullshit:
Sounds like another attempt to ship an intentionally crippled and broken product for the sole purpose of then saying, "see, we told you so": Bust them up! Any company so fat and arrogant that they feel safe making threats at their customers, the economy and the justice system needs to be spanked and put in the corner
Honk if you hate Microsoft
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
HI, THIS MACHINE HAS CAUGHT A VIRUS FROM VIRAL INFECTIONS CORPORATION A CURE FOR THIS VIRUS CAN BE PURCHASED FROM WWW.VIRALINFECTIONS.COM AT $2 PER MACHINE, THE ID FOR THIS MACHINE IS 239884623
Umm so lets get this straight. I write a malicious virus that encrypts every file on the system so you can't access them without knowing the key. I distribute this around the world and 1,000,000 people use it. I then charge them $1000 dollars a time (hey I'm allowing the fix out and I can name my price as they're buggered if they don't) to send them the patch.
This has to be just about the 3rd stupidest idea I've heard so far this month.
There is a name for the above mentioned "legalised virus industry" its called "blackmail" or "extortion".
People who write this stuff deserve to be forced to pay the associated costs of the damage they cause, and if they can't they should be declare bankrupt and sent to prison. There is NO noble side to virus writing.
An Eye for an Eye will make the whole world blind - Gandhi
Tasty Bits Technology Front has an easy kludge fix to disable all VBscript by editing a single Registry key. You could also use a similar approach to disable the running of most "active content" attachments. .reg file and you can run it by double-clicking it (such as an attachment to an email). Which brings up the question, how much harm could be done just by changing registry keys. The .vbs trojans accomplish alot of their mischief by simply changing a bunch of registry keys, including changing the default IE start page to the WIN-BUGSFIX.exe secondary trojan. Should we disable Windows ability to automatically install .reg patches?
By saving the fix to a
Work for Change & GET PAID!
Either this is a setup, either the government needing a scaprgoat, or the real author misdirecting the authorities...
... or this guy is the king of all idiots and desperately deserves to be caught and removed from the gene pool.
Okay, for starters, it's worth repeating that the security experts who traced the melissia virus think the REAL author is some German kid living in Australia.
But, if this Phillipine guy *IS* the author of the "Love Bug", he is desprately in need of a good bludgeoning.
Think about it for a sec. The media (CNN, AP, and Fox at least) was reporting ALL WEEKEND that "authorities" suspected him, but they could NOT get a search or arrest warrant because the courts were closed over the weekend.
Now, if *I* had done the "love bug", and *I* had a whole weekend of warning that the cops were coming on monday, I would have spent most of the weekend shredding and burning any hard copy of the virus code; and, more importantly, PGPwipeing every related file AND free space on my hard drive. Then I'd move my swap file to a new partition and PGPwipe the old swap partition. Then, for good measure, I'd prolly pull out the HD and give it a good round with a bulk eraser or speaker magnent.
Reformat, reinstall, and restore. No evidence, no worries.
With two days warning, if he left enough evidence that they really DID arrest him today, he's too dumb to breed anyway, and deserves to be caught.
All of which assumes, of course, that the cops are right, and the computer guys who trackes Melessia are wrong; which is, amittedly, a rathar dubious assumption at best, but WTF.
john
Imagine all the people...
From ABCNews:
The suspect was tracked down by locating the phone line that may have been used to inject the virus into the Internet.
Am I the only one that gets a mental image of a lurking figure with a big syringe sticking a needle into a router in the middle of the night?
Question: If Irene has confessed to writing the Virus why is her husband being arrested as well?
Now they just have to arrest the millions who actually spreaded the virus by executing unknown programs. This is data darwinism at its finest.
Would this include using Exchange and Outlook as your corporate electronic mail standard?
Bill Gates complaining that a breakup of Microsoft would hinder fighting the I LOVE YOU-style email virus reeks of opportunism; instead of monoloplizing the industry, Microsoft should have been fixing their security-deficient products that are the root of the problem.
is there a real distinction between being detained and being arrested in the Philippines? i know there's a huge one here in the US, but i imagine the area might be a little grayer elsewhere. . .can anyone enlighten?
Well, I don't know enough about the facts of the case to even begin to judge whether this person is guilty or not, so I'll leave that whole hot-potato topic alone.
:-)
BUT I do know that this whole saga has proved a point that I've been shouting about for ages:
The computer world can be compared to the natural world. You need a good gene pool. If all of us had the same genetic make-up, we would get wiped out by the first new disease to come along. So why does the entire world insist on using the same software?
If everyone and his dog is using MS Windows and Outlook, then of course if a virus comes along which hits that combination, everyone and his dog will be affected.
The world is not a safe place if everyone uses the same thing. It doesn't matter if it's an MS app, or an open-source server, you have to have healthy competition. Diversity is the only way we can protect ourselves.
Usually, when I start off like this, people say "Oh, but I need to be compatible".
I say: "You don't need to run the same software to be compatible - just use compatible file formats".
Sorry if my ranting is straying off-topic; I needed to say it.
(Spudley Strikes Again!)