Slashdot Mirror
Four Kids Confess to Goner Worm
imrdkl writes: "4 kids in Israel have confessed to writing and distributing the Goner worm, according to Fox."
Yet another annoying worm comes and goes, wasting countless IT hours, to say nothing of bandwidth. The kids face up to five years -- of course since they aren't in the U.S., they might actually be punished.
After myself being called to fix a customer's sExchange (Yes, NT, I'm young and I need the money) server that barfed its guts on the floor because of this, you can hand them over to my IT dept, we really wanted to take them out back and flog them repeatedly last week.
Objects in the blog are closer then they ap
At work, we got it about 1100 EST. One user got it and ran it, and it cascaded. Our servers groaned for about 30 seconds, by that time, the mail admin had run into the server room and yanked the network cable to them. Honestly, I don't think the fault rests on these kids at all. Sure, I guess they should face punishment if they broke the law, but that's their country's problem. I don't blame them.
If our users had listened to the rules, this wouldn't have been a problem. But within 30 seconds of the attachment entering our network, over 50 users had run it. Why can't someone hold the irresponsible user at fault? The instructions are easy - don't run attachments you weren't expecting. Instead of blaming some kids for playing around with code, why can't we find fault in the people that don't follow their instructions?
Yeah, I'm ranting, but to make something constructive out of my waste of bandwidth, how can we get the users to listen? Anyone have effective tools? Yeah, I'm all for firing the ones that can't observe policy, but that would mean firing my boss too. And she's actually pretty decent, as far as managers go.
funny munging
Comment removed based on user account deletion
Children do what children do; push buttons to establish limits. That's their job. Punish the managers and complacent sysadmins at the companies impacted, that allowed themselves to get a year behind on maintenance. There will always be children. We don't always have to be cheap/lazy about security. At least not if we're going to bitch and moan about stuff that's completely preventable.
Can You Say Linux? I Knew That You Could.
Ok heres the basic cycle:
script kiddie/cracker/whatever create worm
worm gets out, spreading by point and click method
IT goes on about how bad this one is
Eventually worm dies and kids are caught
Big deal made over last worm causes more copycat type worms
Cycle restarts
Ok I mean thats pretty general, but goddamn if I'm not sick of all this. How about instead of going after the worm writers (they are not innocent but hear me out), why don't we try to at least educate the public into not opening things they don't know about. I mean what good does blackice and zonealarm do if someone opens a file and turns them off? The technology isn't the problem (except with IIS but thats whole different beast), its the people. Maybe someone (I know I'll be flamed as a bastard for this) should create a worm that actually fucks over the people that open it. Instead of making it so they download some roll-back registry fix, how about you just wipe out the registry? Why not make it so IE and Outlook have popup-adds with every page and email they view. What if the worm steals their emails and sends them to spammers list automatically? I mean obviously people aren't learning, or this crap wouldn't be happening over and over again. Yeah the people are victims blah blah blah... cry me a river. I've never had a worm, and never will. I'm not claming i'm smart or anything, but its common sense that an emailing "I'm asking for your advice" with a document that ends in scr or vbs is something that joe45@aol.com probably didn't mean to send me.
can't sleep slashdot will eat me
Do you guys really think virus writers should be punished? I hate to sound old (I'm only 23), but we've had viruses for years before the internet was as commonplace as it is now and no one cared. You just restored from backup and went on. Am I wrong here? I see jailtime for virus writers as being a little too extreme. Yes i know of the Robert Morris worm back in the day and yes, he ended up getting probation, etc, but for the most part, no one payed viruses the attention they are getting now.
I, for one, think that they've already suffered enough.
After all, judging by the virus code, it is almost certain that they had to use Microsoft software to create it.
Tarsnap: Online backups for the truly paranoid
I think taco's making a specific allusion to MafiaBoy, who got off with probation for his DDOS attack last year.
One might ask the same about birds. What ARE birds? We just don't know.
I'm a kid (Senior in High School...) and I've seen kids to stupid things (I've done some stupid things myself too). These things should NOT be punishable by 5 years (unless they are violent). Kids are kids, and then they grow. Putting them in jail for years on end isn't going to make them grow up any faster.
In the US, these same kids can just as easily steal a car, get drunk, and run you over while running a red light. Guess what? With a good plea-bargain, they'll get off in 5 years too.
What's more important, 5 years in the slammer for stupidity or 5 years in the slammer for killing someone? Get your priorities straight people...
Instead of being punished (in the usual way) for this annoying act of internet vandalism the Israeli government should make them pay for their crimes in a way that will harness their talents. Maybe some form of Internet good will, like 2 years doing mindless computer support for a charity organisation. :)
These kids are to young to go to gaol and the outcome of confining the kids to a cell for up to five years will only make them criminals.
I just think the punishment should fit the crime and actually make a difference to the outcome of such young and talented delinquents lives
All speling, factual, tact, and/or grametical errers be the result of netwerk interpherance or# transmition ererrs.
When I was 15 I was like that. I really don't remember why I thought that stuff was cool, it just was. Thankfully I grew out of it.
Hmmm, maybe if there are more crackdowns on script kiddies and more slander against that kind of life these kids won't think it's 'cool' anymore. Just a thought
Same here... but I don't think crackdowns will help. I mean, they probably get enjoyment out of their creation growing (until they fully realized what they did). A better idea than crackdowns might be a controlled environment for kids to screw around in...
Of course, one result would be giving crackes experience / promoting it. But giving out free condoms could be viewed as promoting sex...
whatever. I can't see any especially good solution.
My server
Well, we all know that most organizations' security is so pathetic that any teenager can write a worm to penetrate it. Once again, we have the living proof of that. Once again, everyone blames "evil hackers" instead of addressing the real problem or even so much as hinting that sysadmins, or beter yet, PHBs should take part of the blame. So, what else is new?
BTW, I've read that in Israel white-collar crimes are punished more harshly than normal crimes. For example, if you commit copyright infringment you stand to spend more time in jail than a rapist. Can somebody confirm/deny this? (But then again, it looks like this is the way things are going in the US too with "hackers" being declared terrorists and all...).
___
If you think big enough, you'll never have to do it.
It's like that TV Commercial that's been playing in the States here:
*Woman peeks her head into IT Manager's office*
"Oh, and Bob, I opened that e-mail virus -- just like you told me not to!"
I disagree, these "crack downs" get media time for the kids who are writing the viruses. If anythign I think all of this media coverage glamourises the entire thing. If kids didn't see this as a way to rebel against everyone in the "mainstream" then this wouldn't be as rampant as it is. I am not saying that we should except it, and I am not saying that it wouldn't exist without the meida talking about it every 30 seconds. But what I am saying is that (Insert Anchor Man Name Here) says that this is the worst thing to ever happen, then some kid sitting there who like many of us (and I freely admit that I used to check all the boards) would look at this when they were younger just to understand it, is going to say to himself I can do better than THAT!
Just my 2 cents.
-OctaneZ
I don't agree entirely with what you write, since I assign the blame for things like this almost entirely to those who write the stuff in the first place. I'm sure you'll get plenty of other replies saying the same.
OTOH, you make a fair point about employee training. The small company where I work, a software development house, has had a few e-mail viruses mailed to it over the past year or two. It's interesting to note that these often get forwarded around the office, but invariably by non-technical staff. The developers and tech support guys and gals generally have the sense not to run blind attachments; the admin and management guys and gals are more trusting, and bite the bullet.
Our IT support guys have long had a record kept of exactly when everyone runs the anti-virus update they mail round every month. Recently, they've instituted a "leader board", which is mailed to everyone, showing who ran it fastest. It's an amusing little game for those of us who are sitting in front of our PCs anyway, but the really telling thing is the people who don't appear on the list at all (which is typically mailed around the afternoon after the update), i.e., those people who still haven't updated their systems several hours later. Guess who they are...
So, we have established that certain types of users are more vulnerable to this than others, and we know who they are. The next question, of course, is what to do about it. You can come up with any number of penalties, but how are you going to turn around and slap them on, say, the MD of your company (a repeated offender in our case)?
Personally, I always liked the "drill" approach. The IT guys occasionally create a Hotmail account or some such, and mail something cool-looking to a few random accounts at the company. If you run the attachment, it pops up a simple message on your screen informing you that if this had been real, you'd just have cost everyone in the company a day's work/sent abusive mail to your most profitable client/whatever. This isn't publicly embarassing, and it makes the point. It's certainly proven very successful in a couple of cases I know of.
You could complement that with a "three strikes" sort of rule. Anyone who falls for it gets a couple more spams shortly thereafter. Anyone who falls for it repeatedly has maximum security settings imposed on their machine thereafter. It will cause them hassle if, for example, they have to send or receive a genuine executable attachment, but such is the price you pay for keeping your systems secure from your own users as well as people outside. Better that than watching offensive mail go to those top five clients...
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
This virus wasted about 5 minutes of my time. I read an article about what it did, then the next day I deleted about 150 copies of this that got quarantined on our company's Exchange server.
, ht a,inf,ins,isp,js,jse,lnk,mdb,mde,msc,msi,msp,mst,p cd,pif,reg,scr,sct,shs,url,vb,vbe,vbs,wsc,wsf,wsh
:)
I use a virus scanner on the Exchange server capable of blocking attachments based on extension (Scanmail by TrendMicro works nicely for me). I always block:
ade,adp,asx,bas,bat,chm,cmd,com,cpl,crt,exe,hlp
Bingo - no e-mail virus problems
I figure if my users really need them and the person sending the message is smart enough (and meant to send it) then they can zip it. If the sender wasn't smart enough to zip it, then I can always pull it out of the quarantine folder.
I hope that someday we will be able to put away our fears and prejudices and just laugh at people. - Jack Handey
The kids face up to five years, of course since they aren't in the US, they might actually be punished.
Computer crimes are MORE than sufficiently punished in the US, thank you very much. I don't know where you get off implying that the US goes easy on computer "crime". I had a little incident during my freshman year of college. The FBI was very determined to get me jail time for a ridiculously minor offense. It was only through sheer wit and creativity of my laywers that we got the offense down to a misdemeanor and a lousy 600$US fine. That was the most hellish time of my entire life and could have ruined my career forever. All over a tiny little deal (no damage was done).
Imagine what these kids would get in the US for writing such a worm. It'd be a helluva lot worse than 5 years in prison. So put your pro-punishment attitudes away and get real. Remember what our government does to computer criminals.
Why bother.
We all know what happens to terrorists, check out bin laden hiding in the cave!
If you use Linux, please help development of Autopac
When I was 15 I was like that. I really don't remember why I thought that stuff was cool, it just was. Thankfully I grew out of it.
Maybe middle school/high school health classes will start having anti-lameness speeches. I can imagine it now: "Don't do worms..........mkay?" or "Don't give into the peer pressure to code worms... they might make you feel good temporarily but they're bad in the long run" or even "Just because one of your friends tells you that writing worms is cool don't listen". Lets not forget "Friends don't let friends write worms".
WE have kids in the USA who think its cool to be a gangster, who think being an outlaw is cool, and become criminals.
When you tell someon they CANT do something, it makes it COOL for them to do it.
Think about it.
If you use Linux, please help development of Autopac
I'd like to see them and every other person caught for virus authoring to be held prosecuted to the farthest possible extreme. The newsgroup Hip Crime flooding is a good example of that. My newsgroups noise is so high that I can hardly find legit postings anymore, the goal of the flooding. I'd love to meet the bastard responsible for that in a dark alley with one of my old Sparc keyboards w/ the metal sub-structure so I can show him how us country geeks deal with problems like him.
Why does outlook allow a script/program to access the address book without the user's permission? I think we've seen how costly this bug/feature is, why isn't there more pressure on M$ to fix this problem, or provide the option to turn it off?
These kids are essentially going to go to juvi/jail for swimming in a pool, when the sign clearly says, "no swimming."
No fault to the pool owner for not putting a fence around his pool, right? Ah, justice.
My Karma was at 49, then they switched to words. All that work for nothing!
How about this.
You set up a simple script that by default, turns off accepting email with attachments on it. When a person in the company NEEDS to view an attachment, the script allows one email with an attachment through to his computer after he fills out a form and submits it to the script (the form is never actually read, but hmph).
This way, anyone who needs to see an attachment does and must know about it before hand. At the same time, it blocks attachment-outlook-stupidity viruses by disallowing them to shoot through the system on a normal basis.
Furthermore, any person IN THE COMPANY who sends an attachment to another person in the company that's rejected by the mail server because the recipient hadn't filled in the form has his or her email account locked for 24 hours to stop the virus from spreading.
Done. Finished. My thoughts.
I guess you think the architects should have been held accountable for the twin towers not withstanding a plane hitting them. I hate M$'s practices as much as the next guy, but you can't hold them responsible when someone else knowingly takes advantage of a problem that they did address in hotfixes and patches! Sure it proved that there are still a lot of ignorant people out there who spread these worms, but the people who write them and send them out into the population are no better than the people stuffing Anthrax into envelopes and exploiting the U.S. postal service. These kids are electronic terrorists and we should take this offense seriously.
Sound waves should be free!
Yeah, I can just imagine that, considering the constant attempts of my school board to notify everyone that they shouldn't use the heavily-monitored, automatically-admin-cc'ed email service for spreading chain letters, porn, etc. because it wastes their precious bandwidth.
Then again, this is from the same school board that says kids can't use the comps for playing games that involve the keyboards, because they wear out quickly that way. They're only allowed to play "mouse games".
Technology has passed these people by. Actually, I don't think we'd ever see something like this because most people I talk to think worms are caused by the Internet or something and act completely stupified when I tell them it's actual people who write them.
After reading throug 30 odd messages that a) slammed Exchange/Outlook/Microsoft or b) said 'Hey, NBD, they're just kids!'
Here's a little bit of the flipside:
Our Exchange server weathered it just fine. Why? Because it's running Trend Micro's scanner, and it punts everything but TXT and ZIP files.
The last three virii that ran through the net DIDN'T affect us. We've got 1200 workstations, 60 odd servers, and _6_ admins. (and a 6 member Help Desk)
A Microsoft shop CAN be protected, it CAN avoid this crap, and you CAN run an enterprise on these products with a small staff.
CRIPES!
Further, the poor little kid is just playing around. Bullshit. There are a bunch of businesses having a hard enough time STAYING IN BUSINESS. They SHOULDN'T HAVE to deal with the financial burden of bouncing and disinfecting their infrastructure.
"Draco dormiens nunquam titillandus."
How about implementing a no attachment policy? Seriously, how many attachments are jokes and/or vaguely amusing pictures or multiple copies of Word docs that can be found on a corporate fileserver anyway?
Now that web browsers can handle FTP sites, it's easy to show most people how to upload/download content and it's also easy to set up a low level of security (blind directories etc.) that is comparable to sending stuff over email (if it's confidential, it shouldn't be going out over email anyway).
Xix.
"Everything is adjustable, provided you have the right tools"
If you do any kind of programming, you should have gone through that phase when stuff like that was cool. I remember a time when I thought it would be cool to write viruses or worms. Now, the reason that I thought it would be cool escapes me.
I believe that every programmer, at some point, goes through a phase when they want to try everything under the sun just to say that they can/could/did do it. I never actually wrote a virus myself, but I definitely remember wanting to just for the sake of getting into the guts of a computer and seeing what makes it tick.
Most programmers have also been/are sysadmins. I believe this along with growth/maturity eventually lead to the desire to produce something useful, not destructive, for the rest of the world.
Unfortunately, some never get past it, and some just use pre-fab virus creators. These people for whatever reason didn't move on to the next stage of evolution and probably never will, but at the same time, they keep sysadmins in business and antivirus writers employed.
any person IN THE COMPANY who sends an attachment to another person in the company that's rejected by the mail server because the recipient hadn't filled in the form has his or her email account locked for 24 hours to stop the virus from spreading.
Well, I know that if I told Stan from accounting I was going to send him a file, and in his normal scatterbrain manner, completely forgot about it, and subsequently had the attachment bounced and my account locked, Stan from accounting would lose his legs. But otherwise, this plan is good, if a little draconian. Maybe just filters against certain executable file types would be a better idea.
For grown up security mistakes...
Part of the process of being a kid is learning... While I do not approve destruction or paralizing IT infrastructures, this seriously bugs me depending on the seriousness of the punishment.
Meanwhile, LOADS of spammers are still clugging my Hotmail inbox at a rate of at least 20 spam a day, my ISP email account receives at *LEAST* 5 spams a day, multiply that by X amount of users, THERE'S a big bandwidth waste. These people are still running free and going stronger than ever!
Those lame virus lasts for about a week. If after that, anyone else gets caught, they need to *LEARN* the HARD WAY like "doing backup is a good idea because you never know when your system might fail", well the same should go with "Update that antivirus file, because you never know what might hit you". Heck, the antivirus programs offers to do it automatically, there's no excuses.
--- Metamoderating abusive downgraders since my 300th post.
At first sight, that sounds like a great solution. In fact, MS themselves tried it (blocking just about anything that might be executable, without any chance to circumvent the block) in the notorious Office security patch a few months ago. Unfortunately, that immediately caused chaos in offices across the globe, as people suddenly discovered that they couldn't send or receive attachments they actually needed to any more, either.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
I believe these kids are guilty of hate crimes against stupid people.
--Mizerai
For the kid who DoSed yahoo and cnn a while back. They put him a government reform school for 8 months.
.doc files were not executable.)
.doc, .vbs, or .exe onto the network.
That is enough punishment for a silly prank.
And I can't simpathize with the people who blame the users for openning the attachments. Teaching users not to open emails that have "Hi" as the subject line is only a short term solution. Trying to get users to remember which types of files are executable is not an option either. (Until a year ago, I assumed that
A better solution is to not allow executable attachments which end in
An even better solution is for Microsoft to fix their programs or for people to not use Microsoft products.
There is a nice procmail filter (ftp://ftp.rubyriver.com/pub/jhardin/antispam/proc mail-security.html) that renames incoming attachments and makes them non-double clickable as well as pseudo scans office dcuments for dangerous macros.
The extra level of 'abstraction' (the user having to rename the file to run it) has saved us from every major email born virus in the past two years while still allowing people to get there precious attachments if they are expecting them.
--"Karma is justice without the satisfaction"
They're first time offenders who confessed. They're high school students who would otherwise be preparing to be drafted to the Israeli army soon, and the government will not want to disrupt that if it isn't necessary. Finally, they are from a town that is notorious for inducing boredom for its teenagers. They may get a few months, but I wouldn't count on it, and they'll get assigned to the Ma'asiahu prison, where conditions are very good (it's Israel's prison for first time offenders, and it's probably the only place in the world you could call a re-education camp without irony.)
He was tried and in Montreal, Quebec. He pleaded guilty to 56 of 66 counts of Mischief before the Quebec Youth Court. Judge Gilles Ouellet of the Youth Court heard both the Crown and defence. The other 10 charges were withdrawn.
God save our Queen, and Heaven bless The Maple Leaf Forever!
How very clever of you. Too bad the 800,000 people passing these worms around don't know as well as you which attachments to open, and which not to.
"If he thinks he can hide and run from the United States and our allies, he's sorely mistaken." Bush on bin Laden
"Using products that suck is your own fault".
For what it's worth, Microsoft is the biggest fish out there. In a large business with many users that aren't technically proficient, learning to use another program is difficult. So, Outlook is what they use and Outlook is what you'll find.
Blaming the users will not solve anything. It's nice to turn up your nose at their technical inferiority, but I fail to the how that helps anyone.
This after all the usual emails after a virus and instructions on updating DAT files (click here, click there, if it says to reboot, do so, and that was it).
As much as we'd all like it to happen, non-IT people will not turn on their brains and apply logic & critical thinking to computer situations.
"The kids face up to five years -- of course since they aren't in the U.S., they might actually be punished."
What kind of stupid statement is that??? The U.S. shares the honor of being a country which will execute people for crimes committed in childhood with only one other country in the world -- Libya. Great company there.
Your statement implies that our government is soft on the law-breaking young -- HARDLY! Rather, it's attitude towards (non-white, anyway) children is nothing short of bloodthirst.
Wow. That's one heck of an analogy.
"An e-mail virus is like a bomb. Well, not really a bomb, but a bomb that's like an e-mail virus."
Win dain a lotica, en vai tu ri silota
According to Symantec.com, it was Visual Basic.
Oolite: Elite-like game. For Mac, Linux and Windows
The kids face up to five years -- of course since they aren't in the U.S., they might actually be punished.
Ok, I know I'll probably get marked as troll, but oh well.
The way I see, is these kids are kinda like Big Tobacco. They make something that's harmful, and the people that use it do so of their own free will, despite the countless warnings given out that they should not. It seems funny to me that the same people who think Big Tobacco shouldn't be punished, also think that any mischeivous kids should be severely punished. Well, that is unless it's their own kid.
These virus writers are doing a public service. Serious problems with our communications infrastructure might not be fixed if it weren't for them.
Imagine what could happen if the first exploits of these security flaws came, not piecemeal from a scattering of amateurs, but rather from some adversary who could call on the services of numbers of technically proficient individuals. A hostile government say, or a terrorist movement that drew in disaffected persons in many countries. What if the vast majority of business users had no idea of how vulnerable they were until the system suffered a massive failure?
There is an enormous learning process going. People are finding out the hard way, what they would never otherwise have the time to focus on: computers can fail, for very subtle reasons, and we are more dependent on them every day.
Of the attachments I receive at work (no, I do not flip burgers):
- About a third are irrelevant to work
- About a third could have been done as text
- About a third already exist on fileservers
Then think about the amount of effort in building an insanely large Exchange server to host all this junk and, and compare it to the *very* modest box we used to use for mail. I used to accumilate maybe 20 Mb of mail a *year*, now I accumilate much more than that per month. On average, each of our users have about 200 Mb of "vital" correspondence in PST files clagging their homes (and the PST files starts to spontaneously combust when they top 70Mb or so). After all this, I think we have gone backwards in terms of investment/utility. We are paying a lot of money so people can use Word as their email editor and ignore good file management practises.
Yes, I'd agree that convincing PHBs they don't want floral pattern wallpaper on their email is a lost struggle, but the 1% of attachments people actually need would be far more effectively sent through other means and our mail infrastructure would be a tenth its current size.
Attachments are a PITA.
Xix.
"Everything is adjustable, provided you have the right tools"
Comment removed based on user account deletion
Comment removed based on user account deletion
I'm a little confused by this:
of course since they aren't in the U.S., they might actually be punished.
The US has the toughest Anti-hacking laws of almost anywhere, other then china of course, where you can be exicuted for it (actualy, that's pretty much the way things are with any crimes these days, the US punishes harder then any country other then china). And, our laws have only been made tougher by the new anti-terrorism bills. In fact, had these kids been in the US they could have been tried as terrorists. (and I mean they must be terrorists, they're from the middle east!)
autopr0n is like, down and stuff.
We run Sophos antivirus on the mail gateway. Sure it doesn't stop them all, but most anything that is a single click fatality is screened out. It happily killed all 120+ attempts of the Goner-A worm to arrive on one of my customer service rep's desktops.
I really have little sympathy for IT admins who get killed by this stuff, there are a million tools out there to stop this stuff from doing damage way before idiot humans get their hands on it.
I personally would like to see more ISPs use this stuff, after all they're not obliged to carry any traffic they deem high risk to their users. They already block dodgy ports so windows shares aren't wide open, why not a complimentary virus scan on mail?
I guess you think the architects should have been held accountable for the twin towers not withstanding a plane hitting them
Actually the towers were designed to be able to withstand a collision with a 747 (witch is bigger then the a 767 or 757).
So they shouldn't have fallen, what happened was totally within their design specifications. (looks like the engineers didn't count on all the burning jet fuel)
autopr0n is like, down and stuff.
Oh I agree with you, I'm just saying that the media and hype around (I mean Code Red made the 6 o'clock news in the states the day it broke) creates a "competitive" climate for the virus hackers. It's a challenge. I wholey agree that they want to see if they can do it, what will happen, can they beat the last "worst virus ever" (tm), I just think that the coverage that it is given hypes it and creates a mystique.
I'm just waiting for the next rendition of D&D/Magic/Pokemon/Fighting game to be computer viruses...
-OZ
Comment removed based on user account deletion
Comment removed based on user account deletion
I'm sorry, doing something stupid when you're 18 does not justify academic and professional murder nor is it suicide in those respects. You're going way too far overboard in your idea of what consitutes punishment for my offenses.
First of all, I was a paying student. The money I put into the university system there made those machines run. I had vested interest, so that lessens the severity of the intrusion. If you trespass somewhere on a college campus, as a student, they don't convict you of a felony. They realize you're a college student and you're not only stupid, you're probably just goofing around. They slap you on the wrist, send you home. End of story. They do not kick you out then tell the rest of the world what you did so that no other schools accept you.
Your opinion here is so utterly absurd that it baffles me how someone so intelligent would believe that it makes sense to destroy a person's entire life over a minor offense. Punishment is supposed to correct someone's way to conforming their behavior within the laws. Punishment is not supposed to ruin a person. I suppose your parent's never said "it's for your own good" when they administered a spanking?
The FBI was poised to destroy my life in countless conceivable ways. If I cannot acquire an education and hence live a professional career as a computer scientist, there's not much else I could do at this point. The life I have always wanted would be unreachable. So I cost the university a few man hours patching a few systems that had obvious security holes. I'm sure they made some student do the patching (which I informed the admins needed to be done, which is how I got caught - go benevolence) for free.
The justice system is supposed to balance the punishment with the offense because it is supposed to (as I previously mention) help offenders correct their ways. You do not execute someone for stealing a loaf of bread.
Maybe if you had the experiences I had in the whole situation, you would not hold this silly right-wing extremist viewpoint that believes punishment for every crime is death by sodomy. What I ended up getting was still too much to fit the crime, in not only my opinion, but in the opinions of people much more rational than yourself. (One of my laywers included, who managed to get one of the guys the university to admit, over the phone, that they wanted to make an example out of me by going overboard.)
Oh well... there's just too much I can say here and I know this is a lost cause. I should quit before I fall too far behind in the face of ignorance. Since you show me the discourtesy of defending injustice, I can only respond with the hope that one day you find yourself on the wrong end of an FBI prosecution. Maybe then you'll understand.
Why bother.
That's a bad analogy. It's more like four kids pressed a button on the outside of the WTC at street level, causing the towers to explode due to an engineering flaw. In other words, there is no way for a mail message to directly cause harm to your computer. It must be interpreted by a program which you trust (a traitor, in other words) which is willing to harm your computer at the command of an outside party.
I absolutely can and do hold them responsible. Their decision to facilitate running programs that arrive in the mail without any kind of sandbox or access restrictions was an obviously dangerous one whose implications were immediately visible to people who understand computers. Microsoft spins their product as the omniscient gatekeeper to the internet and handholder to the clueless. They encourage the computer-illiterate to put their trust in Microsoft rather than learning how computers actually work. They created both the software and the culture that propogate malicious code. All of which means that they are greatly to blame for deliberately bringing into existence email viruses.
The new US Patriot Act (HR 3162) makes creating and spreading virus and worms an act of terrorism. As such King George must require extradition of the offending youths and hold a military tribulan. If israel refuses to give up these kids, then we must bomb Israel at a cost of $1 billion dollars per month to US taxpayers as punishment for harboring terrorists. We must make sure to hit any buildings with big red crosses on them and then deny it. We must kill many civilians and deny it and when US soldiers get killed, we muist blame it on friendly fire.
The question that never gets asked is why all these companies were vulnerable to these attacks. I've worked for several Fortune 500 companies and I've yet to see one with good security. You'd think they'd be going out and hiring a bunch of security professionals after Sept 11 but I'm not seeing a whole lot for infosec or security on the job boards.
Until some CIOs and CTOs start losing their jobs over this crap, the cycle will persist.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
After a number of these testosterone impaired virus writers share some time with a 6'6" 300 lb lifer that thinks that they are cute; writing viruses will no longer seem so funny. If you have the bandwidth to know how to write a virus, you have the bandwidth to know it is a virtual letter bomb that hurts people. It hurts people by taking away their productive time and denying them the use of the computer equipment that they bought.
To state the obvious, 'You f*** up, you pay up. You f*** with people, you get f***ed with.' What part of that simple truth you don't understand???
Well, that's kinda the point. People do need to send attachments, end of story. (OK, OK, that's not strictly true, but the hassle in using the alternatives would be too much for the average user.) All these people who run around saying "Competent sysadmins would disable it completely..." or other such rubbish have either never been a competent sysadmin or have been lucky enough to work in a company whose day-to-day business does not depend on these technologies. Most sysadmins are not that lucky.
OTOH, attachments are potentially dangerous. They are necessary, but caution is required also. The only solution to this is effective user education. As has been noted many times before, you cannot fix a sociological problem with a technological solution. To that end, I personally believe that blanket security restrictions and such are counterproductive; your users will simply learn to stop them, or complain until you are forced to remove them, because they can't do their jobs. Much better to illustrate, vividly but discreetly, the dangers they are ignoring, until they get the point. Restrict blanket bans to those who've demonstrated that no other way will suffice, and you'll keep more friends among your user base.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
How do you know the motive? Did they say that themselves? If they did a judge should have spanked them. If they did it because they lacked the time or competence to asses the damages themselves, the cost should be passed on. I can't tell from here.
That's why we have courts and civil law. An unbiased third party is supposed to take care of things like this. Abuses of the system do not make the system evil any more than computer abuses make programing evil.
With that in mind, those four should be made to pay. It does not matter that they can not afford it. They can suffer for their the wrong they did. This happens all the time. Losers are often reduced to poverty for thinking like this. "Duh, I don't have nothing to lose, so what?" Wrong, you always have something to lose.
All of that is beside the point, however. I'm just wondering where all the John Ashcoft fans are.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
That's why I wrote batemail. It does exactly what you describe only it works on *nix based hosts. Any attachment that has one of the "taboo" extensions is automagically removed from the email and a notice put in its place.
You'd be amazed how many of these attachments we're stripping out on a daily basis where I work.
Or use a managed antivirus software whereby the server component grabs the virus defs, and punts them down to the clients.
Vintage computer games and RPG books available. Email me if you're interested.
here is what i do... every few months, make a hotmail account or something unrecognized by your staff. Mail them your own 'virus' that simply says 'You shouldn't open unknown attachments. If this was a real virus, your IT staff would be punching you in the face right now"
Time for some tasty Shiner Bock!
At the company I work for we've had very little trouble in terms of viruses and worms. Then again, they banned Outlook long ago. Whenever someone does manage to get hit, IT sends out a broadcast email warning everyone and telling everyone that this user was using banned software. A guy a couple cubes away ran Outlook and got hit with one of the worms. IT was there within minutes and immediately uninstalled Outlook, pulled the network connection, and left a nice note for the guy when he returned the next day.
It's too bad other companies don't wake up and just fix the problem to begin with... ban Outlook.
This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
Comment removed based on user account deletion
Comment removed based on user account deletion
Comment removed based on user account deletion
Comment removed based on user account deletion
They were designed to withstand one hit from a 707. They were NEVER designed to withstand a hit in each tower
whats the diffrenc between one hit to one hit to each tower? I mean, its still one hit/tower.
autopr0n is like, down and stuff.
.vbs and .scr files are fair enough. The problem is, how long do you make the list? Will you also ban .exe? What about .zip, which could contain anything?
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Comment removed based on user account deletion
That's a bad analogy. It's more like four kids pressed a button on the outside of the WTC at street level, causing the towers to explode due to an engineering flaw. In other words, there is no way for a mail message to directly cause harm to your computer. It must be interpreted by a program which you trust (a traitor, in other words) which is willing to harm your computer at the command of an outside party.
Agreed, there should be absolutely NO REASON why a block of text and/or data sent to your machine should do anything you don't want it to. Since it does, and since these viruses get written over and over again, with no end in sight, the blame is with the software writers.
Now I'm not saying these kids should be let off the hook. They did something that was wrong and costly. But if we don't want to have this happen again, punishing the kids accomplishes nothing. Actually it makes the future virus writers want to learn how to be more stealthy.
The solution is sandboxes or code-checking with proofs. Or better yet, just displaying email messages as TEXT-ONLY, like they're supposed to be.
I'm tired of people making apologies for not working as linux administrators or open source programmers. There are a goodly number of people in this world who make a living writing code for whichever system the managers deem fit, and a goodly number of administrators who administer a network full of whatever operating systems the business deems fit for survival. Why don't you wear your job with pride and be thankful that you are employed. There are others who aren't so lucky.
Unfortunately, that assumes your IT dept actually has the power to do something about stupid lusers.
I work on a U.S. military base, and while some of these viruses are caught by the filters on the Exchange server[*], they pose enough of a risk that once, the base IT folks sent out a "drill" email. This one sent the user to an internal webpage which threw out some technical-sounding gibberish -- NOBODY in the whole damn WORLD is as good as the U.S. military at generating technical-sounding gibberish -- and asked the user for their username/password.
Which they've been told repeatedly not to do. Those who entered it got a huge flashing warning sign, their username was recorded in a "morons" list, and an announcement went out the next week saying that the morons in question would have to submit a 100-word essay on why they should be allowed to continue to have access to the computer network, given that they're (apparently) willing to hand out access to any random webpage.
Cool, huh? 'Cept that some of the N-star generals with more stars than neurons were on that moron list, and of course they have way too much pride to be explaining to anybody why they should be permitted to do whatever they want. So a few days after the first announcement, another announcement went out, "Never mind."
And the morons continue to wreak havoc on the network.
[*] Those filters are fucking stupid, I might add. Frex, the word "funny" in the subject line triggers them. We found out about this one the hard way when a user mailed us with, "The secondary RAID is acting funny."
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
How does that make them different from any perl, java or vb programmer?
Conformity is the jailer of freedom and enemy of growth. -JFK
"They encourage the computer-illiterate to put their trust in Microsoft rather than learning how computers actually work. They created both the software and the culture that propogate malicious code. All of which means that they are greatly to blame for deliberately bringing into existence email viruses."
Those people whom you despise are the ones who ultimately pay your salary.
There is nothing more obnoxious than a IT person who forgets that the computers are there to drive the business, not vice-versa.
Conformity is the jailer of freedom and enemy of growth. -JFK
Yes, it does. Everything from .doc to .htm to photoCD files.
autopr0n is like, down and stuff.
What I would like to see is some form of capability added to Linux (et. al) such that "tainted" executables can only run in a "sandbox" environment (ie. like BSD jail() ), and thus, be unable to delete my home (since it would lose write ability to all but a virtual home filesystem when run).
Then, all files that were sent through email could be marked as "tainted" until and unless the user untaints them. Thus, even running such a file after it has been saved from an attachment would be safe.
Obviously, there would have to be some safeguards to prevent trojans that run one way when tainted, and then delete everything when they are not. But if most things worked fine when tainted, it might be an effective strategy... Does the idea have merit?
"It's overkill, of course. But you can never have too much overkill." - Anonymous Slashdot Coward
Outlook doesn't "transform" anything. What, it turns non-executable, attachments into executables?
If I send someone a VBScript file by e-mail, someone using pine will only see the source of the file. Benign.
In Outlook, the file will be executed. This is how Outlook virii spread. Where have you been the last 18 months?
The situation is no different than if you were mailed a package with a piece of candy in it, ate the candy, got sick, and then blamed the USPS.
This analogy is wrong. A proper analogy would be if someone sent you a bomb in mail and when the postman brought it and you signed for it, the postman opens it and detonates it on your front porch. The USPS would be held accountable through their employee. Just like MS should be held accountable through their software.
Having hard drives erased, files deteled and bandwidth used up is not equivalent to 'getting sick', for a business it sometimes means nothing can get done for an entire day or more.
IMO, MS should protect against this and be accountable for what their software does.
----- rL
I know that's a popular viewpoint around here and one that I hold myself. But in this case, I'm not sure that viewpoint is being represented. Instead, people are discussing the degree to which these kids should be punished for their acts of lameness. A virus is just code. You can write it on a napkin as Haiku. You can print it on a t-shirt. You can represent it as a prime number. And without a vulnerable system, the virus would have no meaning, except as a random code fragment that doesn't work. In some cases, a perfectly legitimate binary (or heck, any data) for one system can be detected as a virus for another. If these kids had not initiated harmful distribution this virus, but rather published the code on a webpage along with documentation of the vulnerability, and yet somebody else turned it loose, should they still be held accountable? Or what about a good virus/worm that can be used by administrators to quickly and controllably patch up a network, but which may be harmful if released "into the wild." (I can name no examples, but it's a theoretical possibility). Kinda different way of looking at it, eh?