Slashdot Mirror
Four Kids Confess to Goner Worm
imrdkl writes: "4 kids in Israel have confessed to writing and distributing the Goner worm, according to Fox."
Yet another annoying worm comes and goes, wasting countless IT hours, to say nothing of bandwidth. The kids face up to five years -- of course since they aren't in the U.S., they might actually be punished.
I guess they will be "goner"s real soon.
give em the chair! oh wait, just make them use microsoft products for the rest of their lives.
>> The kids face up to five years, of course since they aren't in the US, they might actually be punished.
Huh? The US seems to be the most "punishment-friendly" towards kids. The US is one of the only countries in the world that has put someone under 18 to death in recent years, for example.
yep, you are right on the spot. *snicker* *snicker*
I guess that Microsoft cannot pretend to be the victim of sophisticated terrorists, so no special governmental aid for them.
After myself being called to fix a customer's sExchange (Yes, NT, I'm young and I need the money) server that barfed its guts on the floor because of this, you can hand them over to my IT dept, we really wanted to take them out back and flog them repeatedly last week.
Objects in the blog are closer then they ap
These worms are great as it allows us who work in the office (of companies that use microsoft exclusively) to have a break... Can't do much when the networks going up and down all day.
leave the boys alone. the only people who were hurt were the people who us the defective product windows. i got the gonner a couple of times on my Linux box, big whoop. the people who opened it and spred it should be the ones getting the cops on their ass. how about M$ for making a defective product... wait, or is that a FEATURE now?
What joy do they get out of wasting sys admins' time? Do they think that this makes them cool? What motivates these "l33t hax0rs"?
I'm a repairman in an imperfect world.
"Yet another annoying worm comes and goes, wasting countless IT hours, "
This is total BS.
I contend that these nusance worms are good for IT workers, not a waste of time:
Worms/virusi like goner cause little actual damage, BUT they force us (and esp MS) to fix gaping security holes and enhance security policies industry wide.
It won't make much difference whatever the punishment. Anonymity is very easy with viruses and finding out who wrote and/or released is the exception rather than the rule. There are some notable cases - Christopher Pile and David Smith for example - but they don't act as a detererent and the amount of damage (real or perceived) is greater than can be recovered from the defendent if found guilty.
http://www.thehungersite.com
At work, we got it about 1100 EST. One user got it and ran it, and it cascaded. Our servers groaned for about 30 seconds, by that time, the mail admin had run into the server room and yanked the network cable to them. Honestly, I don't think the fault rests on these kids at all. Sure, I guess they should face punishment if they broke the law, but that's their country's problem. I don't blame them.
If our users had listened to the rules, this wouldn't have been a problem. But within 30 seconds of the attachment entering our network, over 50 users had run it. Why can't someone hold the irresponsible user at fault? The instructions are easy - don't run attachments you weren't expecting. Instead of blaming some kids for playing around with code, why can't we find fault in the people that don't follow their instructions?
Yeah, I'm ranting, but to make something constructive out of my waste of bandwidth, how can we get the users to listen? Anyone have effective tools? Yeah, I'm all for firing the ones that can't observe policy, but that would mean firing my boss too. And she's actually pretty decent, as far as managers go.
funny munging
Comment removed based on user account deletion
Children do what children do; push buttons to establish limits. That's their job. Punish the managers and complacent sysadmins at the companies impacted, that allowed themselves to get a year behind on maintenance. There will always be children. We don't always have to be cheap/lazy about security. At least not if we're going to bitch and moan about stuff that's completely preventable.
Can You Say Linux? I Knew That You Could.
Ok heres the basic cycle:
script kiddie/cracker/whatever create worm
worm gets out, spreading by point and click method
IT goes on about how bad this one is
Eventually worm dies and kids are caught
Big deal made over last worm causes more copycat type worms
Cycle restarts
Ok I mean thats pretty general, but goddamn if I'm not sick of all this. How about instead of going after the worm writers (they are not innocent but hear me out), why don't we try to at least educate the public into not opening things they don't know about. I mean what good does blackice and zonealarm do if someone opens a file and turns them off? The technology isn't the problem (except with IIS but thats whole different beast), its the people. Maybe someone (I know I'll be flamed as a bastard for this) should create a worm that actually fucks over the people that open it. Instead of making it so they download some roll-back registry fix, how about you just wipe out the registry? Why not make it so IE and Outlook have popup-adds with every page and email they view. What if the worm steals their emails and sends them to spammers list automatically? I mean obviously people aren't learning, or this crap wouldn't be happening over and over again. Yeah the people are victims blah blah blah... cry me a river. I've never had a worm, and never will. I'm not claming i'm smart or anything, but its common sense that an emailing "I'm asking for your advice" with a document that ends in scr or vbs is something that joe45@aol.com probably didn't mean to send me.
can't sleep slashdot will eat me
Do you guys really think virus writers should be punished? I hate to sound old (I'm only 23), but we've had viruses for years before the internet was as commonplace as it is now and no one cared. You just restored from backup and went on. Am I wrong here? I see jailtime for virus writers as being a little too extreme. Yes i know of the Robert Morris worm back in the day and yes, he ended up getting probation, etc, but for the most part, no one payed viruses the attention they are getting now.
I, for one, think that they've already suffered enough.
After all, judging by the virus code, it is almost certain that they had to use Microsoft software to create it.
Tarsnap: Online backups for the truly paranoid
You'd be way better off filtering any attachments that have a .scr or .vbs extension-- right at the mail server.
Another front emerges on the war on terrorism, lawyers expect the military tribunal to start shortly. The defendants are believed to live a stones (or missile guided bombs) throw of Afghanistan, which gives us a tolerance of 1200 miles.
How many worms/viruses/etc has that been that have been dropping servers like flies across the world in the last 6 months? The last year? Why don't we do something about it? It isn't like the technology isn't there, but at the very least, the technology exists to filter almost all this, if it's known. And they become known pretty fast, as we've seen. Why not an RBL-type authority, where it can be automatic? Provide a database of traits of known bad emails, and just drop them. We keep having our servers hammered by this, but it's entirely unnecessary. But no one seems to LEARN! How many times before little teenie-boppers have to whack you over the head with the anvil that these damned worms is before something is done? This is insane: we can fix it, but no one has done a damned thing to date.
actually, since they arnt in the us, their punsihment will probably be lighter. Remember the kid in canida who took out ebay, yahoo, and various other e-retailers? he only got a couple months. If the us is involved, they classify it as terrarisom and hunt his little behind down. --theKiyote
I'm a kid (Senior in High School...) and I've seen kids to stupid things (I've done some stupid things myself too). These things should NOT be punishable by 5 years (unless they are violent). Kids are kids, and then they grow. Putting them in jail for years on end isn't going to make them grow up any faster.
In the US, these same kids can just as easily steal a car, get drunk, and run you over while running a red light. Guess what? With a good plea-bargain, they'll get off in 5 years too.
What's more important, 5 years in the slammer for stupidity or 5 years in the slammer for killing someone? Get your priorities straight people...
Instead of being punished (in the usual way) for this annoying act of internet vandalism the Israeli government should make them pay for their crimes in a way that will harness their talents. Maybe some form of Internet good will, like 2 years doing mindless computer support for a charity organisation. :)
These kids are to young to go to gaol and the outcome of confining the kids to a cell for up to five years will only make them criminals.
I just think the punishment should fit the crime and actually make a difference to the outcome of such young and talented delinquents lives
All speling, factual, tact, and/or grametical errers be the result of netwerk interpherance or# transmition ererrs.
if it's for INTERNAL use only. why would you have to give the source out? and to WHO? you're not DISTRIBUTING anything to ANYONE outside your company. what am i missing?
i hate to start calling names, but sometimes you just gotta call names.
you're stupid, and you should stick to M$ windows.
have these morons not learned anything from current events around the world? it just isn't cool to do damage to others. it seems that because networks are "soft" targets, where the damage isn't measured in human terms, that people like this are allowed to get off pretty easy. time to toughen up a bit and help them understand that the rest of us have the right to NOT be f'd with.
Well, we all know that most organizations' security is so pathetic that any teenager can write a worm to penetrate it. Once again, we have the living proof of that. Once again, everyone blames "evil hackers" instead of addressing the real problem or even so much as hinting that sysadmins, or beter yet, PHBs should take part of the blame. So, what else is new?
BTW, I've read that in Israel white-collar crimes are punished more harshly than normal crimes. For example, if you commit copyright infringment you stand to spend more time in jail than a rapist. Can somebody confirm/deny this? (But then again, it looks like this is the way things are going in the US too with "hackers" being declared terrorists and all...).
___
If you think big enough, you'll never have to do it.
It's like that TV Commercial that's been playing in the States here:
*Woman peeks her head into IT Manager's office*
"Oh, and Bob, I opened that e-mail virus -- just like you told me not to!"
Amazing... A troll account, and just about every single one of your posts is rated -1. If I didn't know better, I'd bet you were one of the Slashcoders testing the moderation concept.
buy using ms
I don't agree entirely with what you write, since I assign the blame for things like this almost entirely to those who write the stuff in the first place. I'm sure you'll get plenty of other replies saying the same.
OTOH, you make a fair point about employee training. The small company where I work, a software development house, has had a few e-mail viruses mailed to it over the past year or two. It's interesting to note that these often get forwarded around the office, but invariably by non-technical staff. The developers and tech support guys and gals generally have the sense not to run blind attachments; the admin and management guys and gals are more trusting, and bite the bullet.
Our IT support guys have long had a record kept of exactly when everyone runs the anti-virus update they mail round every month. Recently, they've instituted a "leader board", which is mailed to everyone, showing who ran it fastest. It's an amusing little game for those of us who are sitting in front of our PCs anyway, but the really telling thing is the people who don't appear on the list at all (which is typically mailed around the afternoon after the update), i.e., those people who still haven't updated their systems several hours later. Guess who they are...
So, we have established that certain types of users are more vulnerable to this than others, and we know who they are. The next question, of course, is what to do about it. You can come up with any number of penalties, but how are you going to turn around and slap them on, say, the MD of your company (a repeated offender in our case)?
Personally, I always liked the "drill" approach. The IT guys occasionally create a Hotmail account or some such, and mail something cool-looking to a few random accounts at the company. If you run the attachment, it pops up a simple message on your screen informing you that if this had been real, you'd just have cost everyone in the company a day's work/sent abusive mail to your most profitable client/whatever. This isn't publicly embarassing, and it makes the point. It's certainly proven very successful in a couple of cases I know of.
You could complement that with a "three strikes" sort of rule. Anyone who falls for it gets a couple more spams shortly thereafter. Anyone who falls for it repeatedly has maximum security settings imposed on their machine thereafter. It will cause them hassle if, for example, they have to send or receive a genuine executable attachment, but such is the price you pay for keeping your systems secure from your own users as well as people outside. Better that than watching offensive mail go to those top five clients...
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
This virus wasted about 5 minutes of my time. I read an article about what it did, then the next day I deleted about 150 copies of this that got quarantined on our company's Exchange server.
, ht a,inf,ins,isp,js,jse,lnk,mdb,mde,msc,msi,msp,mst,p cd,pif,reg,scr,sct,shs,url,vb,vbe,vbs,wsc,wsf,wsh
:)
I use a virus scanner on the Exchange server capable of blocking attachments based on extension (Scanmail by TrendMicro works nicely for me). I always block:
ade,adp,asx,bas,bat,chm,cmd,com,cpl,crt,exe,hlp
Bingo - no e-mail virus problems
I figure if my users really need them and the person sending the message is smart enough (and meant to send it) then they can zip it. If the sender wasn't smart enough to zip it, then I can always pull it out of the quarantine folder.
I hope that someday we will be able to put away our fears and prejudices and just laugh at people. - Jack Handey
before someone decides to punish morons
who publish libelous incorrect information
on a 'news' site.
I wish I had mod points. (+1, insightful)
My Karma was at 49, then they switched to words. All that work for nothing!
The kids face up to five years, of course since they aren't in the US, they might actually be punished.
Computer crimes are MORE than sufficiently punished in the US, thank you very much. I don't know where you get off implying that the US goes easy on computer "crime". I had a little incident during my freshman year of college. The FBI was very determined to get me jail time for a ridiculously minor offense. It was only through sheer wit and creativity of my laywers that we got the offense down to a misdemeanor and a lousy 600$US fine. That was the most hellish time of my entire life and could have ruined my career forever. All over a tiny little deal (no damage was done).
Imagine what these kids would get in the US for writing such a worm. It'd be a helluva lot worse than 5 years in prison. So put your pro-punishment attitudes away and get real. Remember what our government does to computer criminals.
Why bother.
We all know what happens to terrorists, check out bin laden hiding in the cave!
If you use Linux, please help development of Autopac
These kids should be made an example of. Please turn them over to the Hammas organization in Palestine. They are quite effective in coming up with appropriate punishments for errant Israeli jews.
WE have kids in the USA who think its cool to be a gangster, who think being an outlaw is cool, and become criminals.
When you tell someon they CANT do something, it makes it COOL for them to do it.
Think about it.
If you use Linux, please help development of Autopac
I'd like to see them and every other person caught for virus authoring to be held prosecuted to the farthest possible extreme. The newsgroup Hip Crime flooding is a good example of that. My newsgroups noise is so high that I can hardly find legit postings anymore, the goal of the flooding. I'd love to meet the bastard responsible for that in a dark alley with one of my old Sparc keyboards w/ the metal sub-structure so I can show him how us country geeks deal with problems like him.
Why does outlook allow a script/program to access the address book without the user's permission? I think we've seen how costly this bug/feature is, why isn't there more pressure on M$ to fix this problem, or provide the option to turn it off?
These kids are essentially going to go to juvi/jail for swimming in a pool, when the sign clearly says, "no swimming."
No fault to the pool owner for not putting a fence around his pool, right? Ah, justice.
My Karma was at 49, then they switched to words. All that work for nothing!
How about this.
You set up a simple script that by default, turns off accepting email with attachments on it. When a person in the company NEEDS to view an attachment, the script allows one email with an attachment through to his computer after he fills out a form and submits it to the script (the form is never actually read, but hmph).
This way, anyone who needs to see an attachment does and must know about it before hand. At the same time, it blocks attachment-outlook-stupidity viruses by disallowing them to shoot through the system on a normal basis.
Furthermore, any person IN THE COMPANY who sends an attachment to another person in the company that's rejected by the mail server because the recipient hadn't filled in the form has his or her email account locked for 24 hours to stop the virus from spreading.
Done. Finished. My thoughts.
cmon fucker, spill yer guts.
After reading throug 30 odd messages that a) slammed Exchange/Outlook/Microsoft or b) said 'Hey, NBD, they're just kids!'
Here's a little bit of the flipside:
Our Exchange server weathered it just fine. Why? Because it's running Trend Micro's scanner, and it punts everything but TXT and ZIP files.
The last three virii that ran through the net DIDN'T affect us. We've got 1200 workstations, 60 odd servers, and _6_ admins. (and a 6 member Help Desk)
A Microsoft shop CAN be protected, it CAN avoid this crap, and you CAN run an enterprise on these products with a small staff.
CRIPES!
Further, the poor little kid is just playing around. Bullshit. There are a bunch of businesses having a hard enough time STAYING IN BUSINESS. They SHOULDN'T HAVE to deal with the financial burden of bouncing and disinfecting their infrastructure.
"Draco dormiens nunquam titillandus."
Why the hell are we blaming them? They're kids. Blame the Microsoft managers pushing constantly for production without accountability.
If you can't find Dr Pepper in Canada you need to remove your head from your ass. It's in the cooler of every variety/grocery store from coast to coast.
How about implementing a no attachment policy? Seriously, how many attachments are jokes and/or vaguely amusing pictures or multiple copies of Word docs that can be found on a corporate fileserver anyway?
Now that web browsers can handle FTP sites, it's easy to show most people how to upload/download content and it's also easy to set up a low level of security (blind directories etc.) that is comparable to sending stuff over email (if it's confidential, it shouldn't be going out over email anyway).
Xix.
"Everything is adjustable, provided you have the right tools"
any person IN THE COMPANY who sends an attachment to another person in the company that's rejected by the mail server because the recipient hadn't filled in the form has his or her email account locked for 24 hours to stop the virus from spreading.
Well, I know that if I told Stan from accounting I was going to send him a file, and in his normal scatterbrain manner, completely forgot about it, and subsequently had the attachment bounced and my account locked, Stan from accounting would lose his legs. But otherwise, this plan is good, if a little draconian. Maybe just filters against certain executable file types would be a better idea.
How are you is common to the sircom virus, The effect of these virii is basically like giving someone a bomb, which replicates itself to other people, but this bomb doesn't go off by itself, you have to be using a rediculous email program, and set the bomb off.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Are trojan horses that rely on user ignorance limited exclusively to products created by Microsoft? I don't think so. Idiot users are idiot users no matter what software they use.
For grown up security mistakes...
Part of the process of being a kid is learning... While I do not approve destruction or paralizing IT infrastructures, this seriously bugs me depending on the seriousness of the punishment.
Meanwhile, LOADS of spammers are still clugging my Hotmail inbox at a rate of at least 20 spam a day, my ISP email account receives at *LEAST* 5 spams a day, multiply that by X amount of users, THERE'S a big bandwidth waste. These people are still running free and going stronger than ever!
Those lame virus lasts for about a week. If after that, anyone else gets caught, they need to *LEARN* the HARD WAY like "doing backup is a good idea because you never know when your system might fail", well the same should go with "Update that antivirus file, because you never know what might hit you". Heck, the antivirus programs offers to do it automatically, there's no excuses.
--- Metamoderating abusive downgraders since my 300th post.
Comment removed based on user account deletion
I believe these kids are guilty of hate crimes against stupid people.
--Mizerai
Geez, how many times do companies have to be hit with the same types of trojans, before they get clue and start blocking .scr and .pif attachments.
Companies getting smacked by such things as Goner, for hiring mail admins who haven't learned after putting their hand on the burner over a dozen times.
How about this for an easy fix for any more worms... Have a "word of the day" that a user would have to prepend to the subject line of any message they send out. If it isn't in the subject line, the server just trashes the message. Maybe you could even strip the word out when the message gets sent (I don't know if exchange can do this or not).
Its cheap, I think it would be effective, and it only requires the user to type an extra word on the subject line. The best part is, if the users don't want to play along, they don't have too, and noone gets their mail anymore.!
Casca
Good thing they weren't ripping disney movies, the bad mouse would send them up the river for 15 years.
Now if they were Palestianians they could be executed as terrorists without any trial, or even arrest. Shame.
Heck, how about a timer that prevents more than a message every minute from being sent from any single user? If the system receives more than three emails from the same user in less than a minute it locks their account.
Kind of like how you can't submit a comment to slashdot unless it takes you at least 30 seconds or something to compose it.
Casca
Why most scanners still need constant definition updates and can not do good heuristic scanning is beyond me.
Oh wait...that's right most companies charge for yearly updates.
Why make a better product that wouldn't require constant updates when you can make an inferior product and charge yearly for the ability to perform updates?
I guess AV companies also follow the Microsoft model.
I hope that someday we will be able to put away our fears and prejudices and just laugh at people. - Jack Handey
Maybe I use MS products because I like skipping standard "compile->read manpages->2 hour configuration because no one uses standard configs" process. But, unlike you I don't need to hide behind Linux, I can figure out which attachments to open and which not to open.
heh, you must work in an Outlook environment. I must say that last week wasn't that busy for me.. only one reported case of the goner virus (approx 200 users using NS4 messenger). The extent of the damage on the infected computer was the virus wiping out the AV software (and twenty minutes of my time I'll never get back). It didn't even do any mass mailings...
What do you do IF no one will use anything else?
And they don't have to because there are no consequences....and there is no training and there
are two hundred hosts , 7 servers and one admin.
Hint:
You suck it up, and wish virus writers worked there.
Are you for real?
Whenever I release a new version of the product I'm working on, I prepare all anouncement mails beforehand. For reasons that are irrelevant here, these usually are not all identical. So I can't simply send one mail to an single list address. When all of them are ready (usually there are about 5), I manually send them out one right after the other. This will easily make me send more than 3 in less than a minute.
If I ever need to automate this procedure, my rate will be even higher.
Linux user since early January 1992.
Whining about worms is about as productive as whining about stupid people. If you give stupid people the power to take down your network, they will. Either take away that power, or live with it, but either way, don't let something like this make you sick.
I am willing to bet on the fact that these "scriptkiddies" have no complete knowledge of what they have done(if they actually had in fact done ANYTHING). I'm also willing to bet that 90% of these "l33t" teenagers download the viruses from the latest crack-n-hack site. A 15 year old who understands the intricacies of computer programming enough to write an original hack is a rare thing. The fact that any of these viruses actually spread is just dumb luck. Send a downloaded email hack to the right person and it will infest a company network, which will infest the rest of the web. Its given far more credit than deserved to suggest this dumb luck and ignorance, these "talents", can be harnessed. I say slap their hands and cut their connection. Either that or actually teach them how to do it RIGHT, and weasel in some hacker ethics.
I have no desire to reach nirvana.
because if not, then the law in israel would treat them differently and therefore severely punish them. does anybody know whether they are?
As with everything, there is always an exception. So you send an email to the server telling it to exclude you from the timer for the next X emails. Then send away.
Nice people skills btw.
Casca
For the kid who DoSed yahoo and cnn a while back. They put him a government reform school for 8 months.
.doc files were not executable.)
.doc, .vbs, or .exe onto the network.
That is enough punishment for a silly prank.
And I can't simpathize with the people who blame the users for openning the attachments. Teaching users not to open emails that have "Hi" as the subject line is only a short term solution. Trying to get users to remember which types of files are executable is not an option either. (Until a year ago, I assumed that
A better solution is to not allow executable attachments which end in
An even better solution is for Microsoft to fix their programs or for people to not use Microsoft products.
I can't believe I'm reading this. And even less that someone moderated this up as being interesting. Sarcastic would have been more appropriate. Except that it likely wasn't meant to be that.
Have you guys ever worked in a real company?
Besides the idea ain't safe either: it's full of race conditions.
Linux user since early January 1992.
Say goodbye to your customers trying to send you orders over email.
There is a nice procmail filter (ftp://ftp.rubyriver.com/pub/jhardin/antispam/proc mail-security.html) that renames incoming attachments and makes them non-double clickable as well as pseudo scans office dcuments for dangerous macros.
The extra level of 'abstraction' (the user having to rename the file to run it) has saved us from every major email born virus in the past two years while still allowing people to get there precious attachments if they are expecting them.
--"Karma is justice without the satisfaction"
Five *years* because people can't listen to SIMPLE DAMNED INSTRUCTIONS ON WHAT NOT TO DO WHEN CHECKING THEIR E-MAIL?
I think we should turn the US into a police state, and start executing people who, in ignorance, open up mails stating, "I ask your advice!"
..Sorry. A bit bitter today. Not that I condone hosers spreading virii, but mad props to these kids - they've taught me to never underestimate the stupidity of people.
"Oh! I got that e-mail you warned me about and opened it! Just like you said to!"
"I said not to. *NOT* to."
"No you didn't! You said to open it!"
...In the server room, no one can hear you scream.
man, get with it! =) virsu writers are now terrorists, and we should do everything in out power to destroy them. we should even go so far as to harm innocent users in the quest to kill viruses. /sarcasm
however, i agree, jail time is a shame. they were only doing their job. think of how many people might have learned somethign from that one, and how many more didn't learn a damn thing. perhaps companies could use such information in a useful manner...
all because we do not understand simple policy. it's funny how people who don't follow the rules (virus writers) get punished, while people who don't follow the rules (retard's who cliked) don't get punished. I couldn't care less, as I will be neither one.
yeah, when i was a younger coder i figured writing viruses would be cool, and even now i toy with the idea simply because i really don't like microsoft products and find that breaking into 'secure' systems thru simple measures is amusing, but that isn't useful as a future, and im more of a white hat anyways. if some average joe let bob gang banger into his living room, and joe gets shot, joe wouldn't be held responsible. thats how they work. =(
They're first time offenders who confessed. They're high school students who would otherwise be preparing to be drafted to the Israeli army soon, and the government will not want to disrupt that if it isn't necessary. Finally, they are from a town that is notorious for inducing boredom for its teenagers. They may get a few months, but I wouldn't count on it, and they'll get assigned to the Ma'asiahu prison, where conditions are very good (it's Israel's prison for first time offenders, and it's probably the only place in the world you could call a re-education camp without irony.)
Of course, I run Linux on 2/3 of them, and Eudora or Opera on the rest. Outhouse isn't welcome at my place.
After the events of the last year, the so-called "victims" of Goner share at least part of the blame. The Microsoft Monoculture strikes again! And to top it off, it's lousy as far as security goes!
many call me before opening strange attachments. Most will call me if they did open one they thought was odd. That's a very good thing. I had one person get goner that day. I cleaned it off by hand, and the worst part was his computer is a pos p100 running 95 and very slow.
I saw people talking about having users upgrade virus software on their own. I never considered that because it'd never happen. Since most computers are NT, I just have the login script call a batchfile that stops the virus scan service, copies the upgrade files, and then start the service again (net stop/start is your friend). It does this everytime they log in. Since they're using ms products, I know that the virus signatures won't be more than 2 weeks old.
Don't have to open it to read it. Just leave Outlook's preview feature enabled.
What you REALLY need is a new lawyer, Preferably one who can actually read and comprehend. Virtually all of the statements you quoted from your lawyer are incorrect.
Token ring is uberleet.
What would we think if real damage had been done? The hack was made easy by M$'s complete lack of security, and it did not do much damage because no one really trusts an M$ platform. But what if this had been a super new BIND attack with a nasty payload? Suppose it had installed backdoors in bank accounts that had been used to funnel money out of accounts?
At the very least, they should be held liable for the monetary damage. What they did was as deliberate and damaging as arson. Why not put a lien on their paychecks for years to come, payable to anyone who can prove damages?
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
How very clever of you. Too bad the 800,000 people passing these worms around don't know as well as you which attachments to open, and which not to.
"If he thinks he can hide and run from the United States and our allies, he's sorely mistaken." Bush on bin Laden
Does anyone know what Language they used to program it?
python >>>
reduce(lambda x,y:x+y,map(lambda x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b')))
"Using products that suck is your own fault".
For what it's worth, Microsoft is the biggest fish out there. In a large business with many users that aren't technically proficient, learning to use another program is difficult. So, Outlook is what they use and Outlook is what you'll find.
Blaming the users will not solve anything. It's nice to turn up your nose at their technical inferiority, but I fail to the how that helps anyone.
>How many 15 year olds do you know that can rob >a bank?
I know this is offtopic, but.. thousands? you certainly dont live in a third world country!
It's not about the age, really.
How very clever of you. Too bad the 800,000 people passing these worms around don't know as well as you which attachments to open, and which not to.
if those same 800,000 people were using linux, they would STILL have spread the worm.
This after all the usual emails after a virus and instructions on updating DAT files (click here, click there, if it says to reboot, do so, and that was it).
As much as we'd all like it to happen, non-IT people will not turn on their brains and apply logic & critical thinking to computer situations.
"The kids face up to five years -- of course since they aren't in the U.S., they might actually be punished."
What kind of stupid statement is that??? The U.S. shares the honor of being a country which will execute people for crimes committed in childhood with only one other country in the world -- Libya. Great company there.
Your statement implies that our government is soft on the law-breaking young -- HARDLY! Rather, it's attitude towards (non-white, anyway) children is nothing short of bloodthirst.
Only if you've never heard of Arcnet. Beeotch.
Only a dum ass would say something like that.
I got BSC in Comp Sci and I do not use shit windows product.
Get a life man.
The kids face up to five years -- of course since they aren't in the U.S., they might actually be punished.
Ok, I know I'll probably get marked as troll, but oh well.
The way I see, is these kids are kinda like Big Tobacco. They make something that's harmful, and the people that use it do so of their own free will, despite the countless warnings given out that they should not. It seems funny to me that the same people who think Big Tobacco shouldn't be punished, also think that any mischeivous kids should be severely punished. Well, that is unless it's their own kid.
Linux wouldn't let a 'user' cripple the system, only r00t could do that.
Get your Unix fortune now!
Many 15 year olds I know own cars, when it is illegal to drive at 15 [here].
Many have stolen huge ticket items, sell drugs and one even stopped traffic [by directing one car into another].
Get your head out of the sand people... inner cities of america [white kids too [mostly]] are worse than many third world countries.
Get your Unix fortune now!
These virus writers are doing a public service. Serious problems with our communications infrastructure might not be fixed if it weren't for them.
Imagine what could happen if the first exploits of these security flaws came, not piecemeal from a scattering of amateurs, but rather from some adversary who could call on the services of numbers of technically proficient individuals. A hostile government say, or a terrorist movement that drew in disaffected persons in many countries. What if the vast majority of business users had no idea of how vulnerable they were until the system suffered a massive failure?
There is an enormous learning process going. People are finding out the hard way, what they would never otherwise have the time to focus on: computers can fail, for very subtle reasons, and we are more dependent on them every day.
Of the attachments I receive at work (no, I do not flip burgers):
- About a third are irrelevant to work
- About a third could have been done as text
- About a third already exist on fileservers
Then think about the amount of effort in building an insanely large Exchange server to host all this junk and, and compare it to the *very* modest box we used to use for mail. I used to accumilate maybe 20 Mb of mail a *year*, now I accumilate much more than that per month. On average, each of our users have about 200 Mb of "vital" correspondence in PST files clagging their homes (and the PST files starts to spontaneously combust when they top 70Mb or so). After all this, I think we have gone backwards in terms of investment/utility. We are paying a lot of money so people can use Word as their email editor and ignore good file management practises.
Yes, I'd agree that convincing PHBs they don't want floral pattern wallpaper on their email is a lost struggle, but the 1% of attachments people actually need would be far more effectively sent through other means and our mail infrastructure would be a tenth its current size.
Attachments are a PITA.
Xix.
"Everything is adjustable, provided you have the right tools"
Comment removed based on user account deletion
Comment removed based on user account deletion
I'm a little confused by this:
of course since they aren't in the U.S., they might actually be punished.
The US has the toughest Anti-hacking laws of almost anywhere, other then china of course, where you can be exicuted for it (actualy, that's pretty much the way things are with any crimes these days, the US punishes harder then any country other then china). And, our laws have only been made tougher by the new anti-terrorism bills. In fact, had these kids been in the US they could have been tried as terrorists. (and I mean they must be terrorists, they're from the middle east!)
autopr0n is like, down and stuff.
Comment removed based on user account deletion
M$ outlook allows you to disable all exicutable content from being sent through the mail. You also could easily have setup Exchange to filter out those messages.
In other words, its your own damn fault, and that of your users.
autopr0n is like, down and stuff.
No, but it would let them 'rm -rf ~'. This is all a virus has to do to a user to bugger them up good and proper. They can still use all the apps, they just lost all the stuff they did with them.
And don't lecture me about backups, what about that top-priority email you got from a client 30 mins. after the backup was done and 30 minutes before that 'bugfix' from 'Admin'?
Oops.
Chris
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
We run Sophos antivirus on the mail gateway. Sure it doesn't stop them all, but most anything that is a single click fatality is screened out. It happily killed all 120+ attempts of the Goner-A worm to arrive on one of my customer service rep's desktops.
I really have little sympathy for IT admins who get killed by this stuff, there are a million tools out there to stop this stuff from doing damage way before idiot humans get their hands on it.
I personally would like to see more ISPs use this stuff, after all they're not obliged to carry any traffic they deem high risk to their users. They already block dodgy ports so windows shares aren't wide open, why not a complimentary virus scan on mail?
Since serving in the military is mandatory for israeli citizens, why not put them to work for the military, either in improving the network or attacking enemy resources?
you do that
Comment removed based on user account deletion
take a look at the username before replying next time...
I've never gone through this phase and I have several certifications to date.
I'm not aware of any certs for actual coding out there. Anyway, having Certs doesn't make you any kind of a programmer (not to say your aren't, but there isn't any evidence that you are)
perhaps if you had a degree or something.
autopr0n is like, down and stuff.
Comment removed based on user account deletion
But script kiddies have no skills...why do you think the hacking and cracking community calls them script kiddies?
They do one thing, take other peoples work and run it. They know nothing, zip zero zilch...now if we turned around and made them work in an IT dept. where the servers were constantly over run by virii/trojans/ect run by other script kiddies, maybe that would get though to them.
Om, nomnomnom...
> [...] - of course since they aren't in the U.S., they might actually be punished.
./ has a long history of being), the reality is that most successfully prosecuted computer crime cases use a time-line prosecution method that does not presupose any technical competency by jurors. A good hacker (and I'm not talking about highschool kids joyriding on the Internet), can work the average shmuck (and that includes most of the people who work at ./; wasn't ./ hacked not too long ago?) in such a manner that the average computer crime investigator at even the Federal level will take the shmuck down. The harvesting of low hanging fruit, after all, is a government speciality and to be fair, if I were a cog in the government/civil service wheel, I'd be taking the fast path of least resistance to a GS13 billet as well... rememeber, when you retire, your pension is less than *half* your final pay grade... what's the big deal if you crush a few people, who may or may not be innocent, on the way to making sure your reitrement is comfortable? The Answer? After having been exposed to *years* of the mind-numbingly empty, ethically-void, morally neutral environement of government work: Nothing.
As somone who's personally had their life crapped upon by an OSI *investigation*, I can tell you that punishment doesn't always come in the form of a "conviction" in the good old USA.
Beyond that, the comment in and of itself is *extremely* ignorant. I'd suggest that you actually find out what the state of affiars is with respect to the prosecution of computer crime before running your trap in such a manner.
...and just in case you're too lazy (which
Treat them like the Palestinians Sharon is attacking. No need to bother with a trial or judge or lawyers, it is much faster to just bomb them with an AH-64 Apache helicopter and then say to TV "they were terrorists". It's not like Palestinians peoples deserve the right to a fair trial or something...
I'm sorry, doing something stupid when you're 18 does not justify academic and professional murder nor is it suicide in those respects. You're going way too far overboard in your idea of what consitutes punishment for my offenses.
First of all, I was a paying student. The money I put into the university system there made those machines run. I had vested interest, so that lessens the severity of the intrusion. If you trespass somewhere on a college campus, as a student, they don't convict you of a felony. They realize you're a college student and you're not only stupid, you're probably just goofing around. They slap you on the wrist, send you home. End of story. They do not kick you out then tell the rest of the world what you did so that no other schools accept you.
Your opinion here is so utterly absurd that it baffles me how someone so intelligent would believe that it makes sense to destroy a person's entire life over a minor offense. Punishment is supposed to correct someone's way to conforming their behavior within the laws. Punishment is not supposed to ruin a person. I suppose your parent's never said "it's for your own good" when they administered a spanking?
The FBI was poised to destroy my life in countless conceivable ways. If I cannot acquire an education and hence live a professional career as a computer scientist, there's not much else I could do at this point. The life I have always wanted would be unreachable. So I cost the university a few man hours patching a few systems that had obvious security holes. I'm sure they made some student do the patching (which I informed the admins needed to be done, which is how I got caught - go benevolence) for free.
The justice system is supposed to balance the punishment with the offense because it is supposed to (as I previously mention) help offenders correct their ways. You do not execute someone for stealing a loaf of bread.
Maybe if you had the experiences I had in the whole situation, you would not hold this silly right-wing extremist viewpoint that believes punishment for every crime is death by sodomy. What I ended up getting was still too much to fit the crime, in not only my opinion, but in the opinions of people much more rational than yourself. (One of my laywers included, who managed to get one of the guys the university to admit, over the phone, that they wanted to make an example out of me by going overboard.)
Oh well... there's just too much I can say here and I know this is a lost cause. I should quit before I fall too far behind in the face of ignorance. Since you show me the discourtesy of defending injustice, I can only respond with the hope that one day you find yourself on the wrong end of an FBI prosecution. Maybe then you'll understand.
Why bother.
The new US Patriot Act (HR 3162) makes creating and spreading virus and worms an act of terrorism. As such King George must require extradition of the offending youths and hold a military tribulan. If israel refuses to give up these kids, then we must bomb Israel at a cost of $1 billion dollars per month to US taxpayers as punishment for harboring terrorists. We must make sure to hit any buildings with big red crosses on them and then deny it. We must kill many civilians and deny it and when US soldiers get killed, we muist blame it on friendly fire.
i havn't seen anyone looking at the bright side of this. The script kiddies/worm writters exploit vulnerabilities in the software, plus through social engineering.
Like other people here, I once thought it would be cool to write a virus. The trouble is that I *still* think it would be cool.
Now before you get all uppity, I should tell you that the effects of my virus would be something like hooking all the text output apis and doing the equiv. of s/icrosoft/icro$oft/g.
The reason I think it would feel good is an expansion of the reason programming is good. Programming is good because you are creating something and feeling ubercool because you had an effect on the computer (at its most basic). Now imagine having that effect on *lots* of computers all over the world. You see?
Also when I say "write a virus" I mean old-school style, written in x86 asm. It's lame trick getting users to spread the code through email- you should write some little app that is so cool people will actually spread it for you.
The reason I have never done this is because the authors of viruses and worms always seem to get caught. But how? Is it because they put messages in their vbscript source which can be traced to handles of known people ? I don't see how working out where the virus was first uploaded to is any help, especially if someone anonymously ftpd it somewhere while using a spoofed ip...
These kids apparently confessed- a foolish move but one that can be blamed on the intimidation they faced while still young.
graspee
give five years of prison to every stupid user who clicked on the attachment. OK, the prisons would be overcrowded, but this is the only real solution to the problem: once all idiots are in prison, no worm can ever spread again.
If the message is not getting through to your users then it's time to change the message.
My guess is that, in the main, the people where you work are bright, professional people who have proven themselves well capable of learning. So why do they have a blind spot around this lesson? Same reason anyone has a learning blind spot - poor teaching.
5 years for a virus!
Take that in perspektive to what happens every
day in Israel, and never even goes to court.
you're right you would lose lots of personal data, but the system would still be there.
me.. lecture about backups?
my idea of a backup is moving it to my second drive... which is no protection at all.
Get your Unix fortune now!
ph34r.
I didn't read the details about this one too carefully, but I was under the impression that the Goner virus had a great thing going for it: just by _previewing_ the message, the virus would launch. I also believe (i.e. foot in mouth comment forthcoming) that there was another virus previously that worked just by previewing. This means that not even opening the message, but just by clicking on it, so that it would go to the preview pane was sufficient.
If this were all the case, then I think we're in for a whole new round of education. Think about it -- not only can you not open attachments, but you can't even preview the message! Seriously, I think I'm a pretty email-virus savvy kind of guy -- I don't open attachments (period), but if it means that I can't even read the message, then things are going to be bad for me.
Is this the case, or am I just smoking dope?
The question that never gets asked is why all these companies were vulnerable to these attacks. I've worked for several Fortune 500 companies and I've yet to see one with good security. You'd think they'd be going out and hiring a bunch of security professionals after Sept 11 but I'm not seeing a whole lot for infosec or security on the job boards.
Until some CIOs and CTOs start losing their jobs over this crap, the cycle will persist.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Write an E-mail that explains why not to open atachments like you normaly tell them, then put an attachment on it which says i_am_not_a_virus.exe or something which does something like the following, open a popupbox which reads: when you press 'OK' your computer will forward this email to all the people in the adress book and then trash your computer... ( and dont add a cancel box....ofcourse )
Loads of people will press OK, and there computer
will be dead, all their information gone...some will learn and some wont....
Quazion.
software PROSTITUTION ?
... :)
I knew I shouldn't get the patch from that woman
and on another note, prostitution is not illeagal in israel, but women-slavery (yes, thats SLAVERY, including kidnapping, being raped serially ten times a day, beating and sometimes murder) certainly is.
but like you said, the police is streched out as it is trying to protect us from those maniacs exploding in our streets, it usually doesn't have enough time to handle women-slavery.
Working for necessity's mother.
Once more unto the breach, dear friends, once more, Or close the wall up with our American dead!
Did you ever hear of Joan of Arc? She was only 16 when she managed to rally France to defeat the English. Sure, not 15, but 15 year olds are no more powerful now than they ever were.
mogorific carpentry experiments
Five Palestinian police stations were destroyed by helicopter rocket fire in a retaliatory attack.
Shame of Slashdot
The maximum penalty for rape in Israel is, I think,
20 years. But I haven't heard of any rapist who spent a net time of more than a year and a half in jail.
most get a few months or community work.
It's so bad because this is really a bad offense,
much worse than white collar.
Besides, police are hunting down white collar criminals in a crusade manner. A lot of politicians are under a close inspection of the police (and that is certainly a good thing, though I think my country should get it's priorities straight...)
How do you know the motive? Did they say that themselves? If they did a judge should have spanked them. If they did it because they lacked the time or competence to asses the damages themselves, the cost should be passed on. I can't tell from here.
That's why we have courts and civil law. An unbiased third party is supposed to take care of things like this. Abuses of the system do not make the system evil any more than computer abuses make programing evil.
With that in mind, those four should be made to pay. It does not matter that they can not afford it. They can suffer for their the wrong they did. This happens all the time. Losers are often reduced to poverty for thinking like this. "Duh, I don't have nothing to lose, so what?" Wrong, you always have something to lose.
All of that is beside the point, however. I'm just wondering where all the John Ashcoft fans are.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
But for some reason noone updates their virus definitions. I work for a Networking Company and we install Antigen AV on every Exchange server that we sell (It uses 5 different scanners + a worm list). Automatically updates the virus defs. Voila, no problem anymore. Did those clients have any problems, nope. Anyway, enough ranting.
I personally beleave that they should get the full sentence for their crime. Although I laugh everytime a virus hits the Net becuase I am usising a Unix system so it is genereally virus protected and free. But the fact that you can make a damaging program dosent give you the permission to. So what if a company has a hole in their security. It dosent give people permission to break in to their computer and change things around. The Excuse of These people should have better security dosent make their act any less wrong. The Goner virus dose a lot of damage. How much Money and time was lost Fixing and backing up the system? This money may have gone onto better things possibly more charatable or into someting that can save lives. I have met a lot of thse Script Kiddies and they just make me want to kick them hard (although I dont because I know it is wrong to hurt people), they think they are the greatest programers in the world and that can do do anything. They are in to make themselfs look like a person with super powers which people would fear and respect. These are people who think that have more power then they actually do and NEED to be humbled.
That's why I wrote batemail. It does exactly what you describe only it works on *nix based hosts. Any attachment that has one of the "taboo" extensions is automagically removed from the email and a notice put in its place.
You'd be amazed how many of these attachments we're stripping out on a daily basis where I work.
Oh come on you guys this was funnier then hell. I read this over here I laughed my ass off when I read it.
Yet another annoying worm comes and goes, wasting countless IT hours
Follow me
Yet another annoying worm comes and goes, wasting countless IT hours
If the Admins secured their systems properly, nobody would be wasting any time fixing problems they allowed to happen through their own incompetence.
I'm saying that as an admin of a small network. I would be ashamed of myself if I was having to spend lots of time fixing things that were messed up by a worm.
Perhaps the admins involved in things like this should be subject to the opposite of Christmas Bonuses. They should loose out on part of their pay packet at the end of the year for not doing their job properly.
When will people learn to use secure systems and to apply all the latest patches and use all the latest virus detection, both server (eg. Mail server, etc) and client side (if it's Windows clients). I could recommend QMail as a mail server that is very good at checking for viruses - or use one of the many hacks for sendmail that filter out nasty looking things. If you must use Exchange, use it as an *INTERNAL* server, and have all mail coming in from outside be filtered by a more secure system first. It's common sense really.
Follow me
here is what i do... every few months, make a hotmail account or something unrecognized by your staff. Mail them your own 'virus' that simply says 'You shouldn't open unknown attachments. If this was a real virus, your IT staff would be punching you in the face right now"
Time for some tasty Shiner Bock!
I agree with most of what you say - that blame cannot be placed squarely on the shoulders of those who run these worms and virii, but with a minor caveat: If you work in IT, and are responsible for cleaning up the mess when something like this goes around, instruct and train. I geek for a 30 person office. While we do have trouble, occasionally, with a worm being passed around through Outlook, it is not much. The 'Code Red' nonsense helped a great deal with this... the users saw _on the evening news_ what horrible things could be done to their box, and how much time they would lose. At that point, the mantra I went on about - "Save and scan attachments. Don't open attachments unless you are expecting them. 'Cool' forwards are not cool." - sunk home for many. They preach to each other.
Likewise, my mother at her office - she being the typical Joe Schmo computer user smirked at here in slashdot - has slowly trained those working with her. If they want her to open an attachment sent through email, they'll send warning. Else it gets deleted.
Train and teach instead of ranting.
--Recluse
Look ma, I'm a
At the company I work for we've had very little trouble in terms of viruses and worms. Then again, they banned Outlook long ago. Whenever someone does manage to get hit, IT sends out a broadcast email warning everyone and telling everyone that this user was using banned software. A guy a couple cubes away ran Outlook and got hit with one of the worms. IT was there within minutes and immediately uninstalled Outlook, pulled the network connection, and left a nice note for the guy when he returned the next day.
It's too bad other companies don't wake up and just fix the problem to begin with... ban Outlook.
This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
IMHO the software and OS that allow these things to bring down email servers and allow dumb users to cause havok are at fault. The issue is that Outlook and Windows are full of "features" which are designed with no thought to security at all.
"If you only knew the POWER of the DARK SIDE!"
Under existing Israeli anti-terror laws, they can be held for 6 months without trial. Administrative Detention can be renewed for a further 6 months with the signature of a judge. Though as they aren't Arabs the police probably will be lenient.
I hope the Israelis string them up and flog their genitals. Nothing like a good gential flogging to straighten out pesky individuals.
Look at how great it has worked on the Slashdot crew!
Some of the folks at my previous employer would receive suspicious trojan horse attachments in the mail and purposely forward them to people in the office they didn't like. When interrogated they would play dumb, saying their computer was infected but they found an antiviral on the internet and ran it so that's why their computer is completely clean. After work around beers they'd fess up and we'd all laugh-- except for the poor admin, who, if he was sober, would plan a little personal sporadic-workstation sabotage.
I am usually opposed to pointing people out in public, but this is kind of a special case.
The idea would be simple:
Keep a track on who clicks on the files, sending out the virus.
First time, talk with them thouroughly, explaining why this is a bad idea.
Second time, tell everyone who did it, make them feel really stupid. Yes, you are sacrificing a few, but all of them will learn.
I wish I had a better method, but withoud going total nazi on the employees, I don't know what else would work.
Thank you for that insightful, yet totally meaningless argument.
Why is it the kids fault that MS continues to distrubute broken security/software models?
Well, if you run a kids OS, then you can expect to get burned by kids playing with viruses, can't you?
executable content?
does that include Word macros in *.doc files?
Comment removed based on user account deletion
Comment removed based on user account deletion
Comment removed based on user account deletion
Somebody doesn't understand moderating. I posted that when the parent was (Score:1). It wasn't a post to the main story, it was a post to the comment. His comment was insightful, so I don't see how it's offtopic to tell him that, if he's checking for replies on his comment.
Not that the Karma is the issue, it's not. But I'm going to go metamoderate now and I hope I see a stupid mod like yours so I can call it unfair.
Why waste your time modding down stuff that's within a thread when you could be using your mod points modding up stuff that's it's own comment? And please, it was one line, it's not like it takes up that much space on the screen.
In my real life, I service refrigeration equipment. It comes with a whole lot of different control packages, components etc. It is somewhat fussy in operation. But, I will not use products that will not withstand abuse. Why?
Let me explain. Even a well designed system will eventually run into situations outside of it's design parameters. If everything is built on the edge, any slight mistake, change in environment, or whatever will cause the thing to stop working. And that means lost time, product, or whatever. So I use stuff, and design system with plenty of slop.
Those complaining about users are being ridiculous. I am an experienced mechanic, and I know very well how many mistakes I have made. I know how to fix them, so they don't become well known. I also know that when it is very hot, or very busy, I cannot be expected to be 100% all the time. I will make stupid mistakes. OPERATOR ERROR IS A DESIGN PARAMETER.
For example, digital controls. I have run into products that require field service (this in filthy environments, lying on your back in the dark) with static free environments. They work on the bench, but not in the field. I don't use them because other products are available that are tough and work in these environments. They can be hot plugged, screwed up, abused, and still work. The manufacturer can say operator error all they want, but I say stuff it, and will tear their garbage out and use something else.
Those on this list that are blameing users for the problems are really missing the point. If a 15 yr old can bring down a software infrastructure so easily, the software infrastructure is seriously broken.
These are not internet virii, or worms, these are Microsoft software bugs.
Derek
Comment removed based on user account deletion
My Evolution client, which I've used since the first beta appeared, is designed to prevent such irritating things from happening. Images embedded in HTML mail do not show automatically, preventing spam-fuckers from knowing that I just opened their mail, and it contains no backdoor to my OS like VB-script. The fact is that all Unix mail clients treat attachments as text files, and not an executable, saving even stupid users from themselves.
The problem with Microsoft is that it designs its shitware for CxO morons who think that the business community requires immediate play access to boring flash jokes ridden with sexism , racism and homophobia.
Anybody that buys or uses pirated Microsoft products from OS to browser to mail client deserves what they get, including their IT department. IT expenses fixing the weekly virus/trojan horse attacks should have been figured in advance when the CxO made the stupid decision to use them.
If anything Microsoft should be liable for any expenditures related to their pathetic software. If you release a faulty product you should be made to pay for that decision.
!
If your 'company' was smart they'd have a firewall up that prevented Goner from EVER GETTING INSIDE THE NETWORK IN THE FIRST PLACE YOU MORONS.
Any company with a large enough network that gets Goner through email attachments is a laughing stock. The IT dept of that company would have to be grossly negligent in their duties to keep the network secure before Goner could EVER GET PAST THE FIREWALL.
So I read all these people talking about "when goner hit" or whatever. I laugh at you, you pitiful fools.
I do not respond to cowards. Especially anonymous ones.
These don't cripple entire systems, either. (yet)
.addressbook. Or whatever.
But on Linux, you could still send someone an email starting with "I thought you'd like this new game I found... please run it." And people would run it. And it would email itself to everyone in
It's not as easy to do -- but it's those same usability issues that keep most people from Linux in the first place. (Make anything easy to use, it will probably make it easier to screw up, too.)
Just more evidence that Israel is a terrorist state itself, raising and harbouring youth who commit such atrocisties against the world! But I bet Israel PM Sharon is wishing the four script kiddies were of Palestine blood so he can have another excuse to carry out his personal terrorist attacks on the people of Palestine and their land!
Comment removed based on user account deletion
and should he be punished, their culture is dangerous!
Just for the record, that's a CDW commercial (they sell computer stuff, natch).
Can't seem to get to AdCritic today to see if it's there. But it's a great ad, the point being, "Our account managers are experienced in normal IT problems, blah, blah, blah."
It does include other gems like:
"Bob, I sent an email about the email being down."
"Well, Bob, looks like you're going to have to pull another all-nighter."
"What's the matter, Bob, we're only asking the impossible!!"
(I have no affiliation with CDW, I just think it's a decent commercial.)
Glenn
Rough deal. But hey, you've had two girlfriends. That's two more than me.
I'm tired of people making apologies for not working as linux administrators or open source programmers. There are a goodly number of people in this world who make a living writing code for whichever system the managers deem fit, and a goodly number of administrators who administer a network full of whatever operating systems the business deems fit for survival. Why don't you wear your job with pride and be thankful that you are employed. There are others who aren't so lucky.
I agree with a lot of what you're saying, but the fact remains that this worm DID carry a payload which was totally unnecessary. If they wanted to play with code and see how propagated they could get something, or whatever the hell they were thinking, they shouldn't have put anything malicious in there. But they did. As far as the analogous rantings of slackergod goes, the email included with the attachment (yeah, that's backasswards, but don't blame me) didn't say "DON'T OPEN THIS, IT'S A VIRUS!" It's more analogous to, for example, your mother telling you to not jump in puddles, but the puddle is right THERE.
I listened to my mom like a good kid. Besides, puddles make you wet, and I don't like being wet.
[insert witty comment here]
Unfortunately, that assumes your IT dept actually has the power to do something about stupid lusers.
I work on a U.S. military base, and while some of these viruses are caught by the filters on the Exchange server[*], they pose enough of a risk that once, the base IT folks sent out a "drill" email. This one sent the user to an internal webpage which threw out some technical-sounding gibberish -- NOBODY in the whole damn WORLD is as good as the U.S. military at generating technical-sounding gibberish -- and asked the user for their username/password.
Which they've been told repeatedly not to do. Those who entered it got a huge flashing warning sign, their username was recorded in a "morons" list, and an announcement went out the next week saying that the morons in question would have to submit a 100-word essay on why they should be allowed to continue to have access to the computer network, given that they're (apparently) willing to hand out access to any random webpage.
Cool, huh? 'Cept that some of the N-star generals with more stars than neurons were on that moron list, and of course they have way too much pride to be explaining to anybody why they should be permitted to do whatever they want. So a few days after the first announcement, another announcement went out, "Never mind."
And the morons continue to wreak havoc on the network.
[*] Those filters are fucking stupid, I might add. Frex, the word "funny" in the subject line triggers them. We found out about this one the hard way when a user mailed us with, "The secondary RAID is acting funny."
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
Make them part of the Government IT workforce. Protecting the rest of us from their ever younger brethren...
-- Improve Windows - Buy a Mac!
Hahah...check out the latest article on 3pm.ca , i guess they've picked up this thread and talked about it a bit. The funny thing is, that a message like this would probably work!
Windoze XP, 2000 and ME do not have add/remove for Outlook. The default install will put Outlook back if you remove it.
Most of the home users in Israel do pirate software, but businesses do not, as they are afraid of BSA raids.
Dunno were you lived in Israel, but I personally knew only person who pirated cable television, until his parents caught him (that was 8 years ago).
-- The ballad of arrivederci
The policy should be: not runnable attachments are allowed in any email. Summary elimination with a polite communication to the offender.
If you need a legit document or attachment of any kind you either get it as plain text in the body of the email or you request that the document is sent to a company email address were somebody that knows what he/she is doing deals with attachments.
If all of the above is not possible, immediate deinstallation of Outlook should follow (there are many email programs that are not stupid, failing all run Pine. Yes, Pine) or being kind to MS, upgrade to their latest offering that seems to have some common sense security default settings (I don't know about this, I stopped to use their crapware email programs long time ago)..
IANAL but write like a drunk one.
In the days before seat belts we should have blamed reckless drivers for crashing their cars and breaking their neck while driving their cars at 10mph....
We should also blame the idiots that die in buildings without fire exits (they should have known it was dangerous to work there, right?)
Or perhaps those people in Chernobyl should be blamed for the horrific birth defects of their children. They should have known that to live in proximitity (all of Ukraine in this case) to a nuclear plant was dangerous and avoided by all means.
IANAL but write like a drunk one.
If your users can open unchecked attachments with a double click of the mouse then your policies are lax and need fixing. Insulting the very people that you are suppossed to help is the worst policy I can imagine.
The IT professional is there to serve other people, not to make fun at their expense. Users should be able to do damage to themselves only after they go through enough steps to ensure it was done completely and knowingky in purpose.
IANAL but write like a drunk one.
Have you ever heard of ANTIGEN??? put it on your exchage servers and you will NEVER have another virus outbreak!! Atleast not if you have your file filters set properly!!!! LINUX is not the freakin answer to all the damn worlds problems you fucking morons....common damn sense is by far better!! fuckin linux loving cock suckers... I get so goddamn tired of hearing and reading your bullshit. the only way linux will ever be worth a shit is if Microsoft releases their own version of it!
yup. and this time it's not the arabs that are spreading terror.
would include jail time and at least some attempt at repayment for losses. Unfortunately, they are in a hacker-friendly country who just happens to be one of our "allies" in the "war on terror".
More than likely, it will just go away and they will get a slap on the wrist.
A pity, really.
To celebrate the occasion of my 1000th post, I will post no more forever on Slashdot. Goodbye.
wtf are you talking about? Outlook doesn't "transform" anything. What, it turns non-executable, attachments into executables?
no, it doesn't. jeez, think before you post...
All outlook provides is an easy method of transport.
The situation is no different than if you were mailed a package with a piece of candy in it, ate the candy, got sick, and then blamed the USPS.
I knew I wasn't responsible.
Trend's viruswall sofware also runs on unix, like Solaris and linux.
Yes, it does. Everything from .doc to .htm to photoCD files.
autopr0n is like, down and stuff.
What I would like to see is some form of capability added to Linux (et. al) such that "tainted" executables can only run in a "sandbox" environment (ie. like BSD jail() ), and thus, be unable to delete my home (since it would lose write ability to all but a virtual home filesystem when run).
Then, all files that were sent through email could be marked as "tainted" until and unless the user untaints them. Thus, even running such a file after it has been saved from an attachment would be safe.
Obviously, there would have to be some safeguards to prevent trojans that run one way when tainted, and then delete everything when they are not. But if most things worked fine when tainted, it might be an effective strategy... Does the idea have merit?
"It's overkill, of course. But you can never have too much overkill." - Anonymous Slashdot Coward
exchange 5.5 and exchange 2000 cannot natively filter things like attachments, you need a 3rd party product for that.
I know that's a popular viewpoint around here and one that I hold myself. But in this case, I'm not sure that viewpoint is being represented. Instead, people are discussing the degree to which these kids should be punished for their acts of lameness. A virus is just code. You can write it on a napkin as Haiku. You can print it on a t-shirt. You can represent it as a prime number. And without a vulnerable system, the virus would have no meaning, except as a random code fragment that doesn't work. In some cases, a perfectly legitimate binary (or heck, any data) for one system can be detected as a virus for another. If these kids had not initiated harmful distribution this virus, but rather published the code on a webpage along with documentation of the vulnerability, and yet somebody else turned it loose, should they still be held accountable? Or what about a good virus/worm that can be used by administrators to quickly and controllably patch up a network, but which may be harmful if released "into the wild." (I can name no examples, but it's a theoretical possibility). Kinda different way of looking at it, eh?