Why Worm Writers Stay Free

savaget writes "There is an interesting Wired article explaining why worm writers are getting scott free despite their destructive deeds." Nothing really new: overworked law officials, bragging worm writers, you do the math ;) I still find it amazing. The bandwidth wasted by a successful worm is gigantic. To say nothing of time and disk space.

Hilarious part

[ergo98]

SirCam contains this text in its code: "SirCam Version 1.0 Copyright 2001 2rP Made in / Hecho en - Cuitzeo, Michoacan Mexico."
Smith has a hunch that the author of SirCam is or was in Cuitzeo, and is probably a student. Cuitzeo is located 16 miles from Morelia City, which boasts a large university.

Talk about a blinding flash of the glaringly obvious...

Why do worm writers stay free?

[Hatechall]

Because all the spare law enforcement officials are giving me traffic tickets.

Rolling stop my ass.

Re:Why do worm writers stay free?

[JWhitlock]

Because all the spare law enforcement officials are giving me traffic tickets.

Yeah, cause that will get ya out of a ticket...

"Hey Barney, why aren't you on the Internet stopping the real criminals! Boy, I'm glad I buy from Amazon, or else my sales tax would pay for your salary!"

They aren't terrorists!

[Christianfreak]

"Forget that it may be problematic to extradite the individual, or that they may be young, or claim to be doing 'research.' We need to catch them, and place them in a position whereby they are seen for what they are -- a terrorist," Cooper said. "The cost to our businesses, not to mention our way of life, is simply too high to not pursue these individuals."

This is the sort of thing that really pisses me off. Not to say that virus writers don't do damage or even that they are not criminals but how can you compare a computer glitch to killing 3000+ people? These virus writers are kids with too much time on their hands, they aren't terrorists! The solution isn't to toss them in jail or throw away the key, the solution is to get them to do something useful with their skills and then to use products that don't have so many security problems. </rant>

Re:They aren't terrorists!

[metlin]

Well said. Just my thoughts...

As one reader in an earlier post, people who write bad and insecure code have an equal hand in security compromises.

Most of the worms and virii are being coded by teenagers or kids who just do not have an idea as to what they are doing.

Think of this, why are people allowing their systems to be compromised again and again? A hack is a different thing, a worm/virus is a different thing. When there are so many different worms/virii, it cannot all be squarely blamed on the creators. The makers of the softwares should own up responsibility for writing bad code.

Why aren't other operating systems as vulnerable as the Win* platform? It is not like there are not enough people willing to write worms in Linux or FreeBSD. It is just that it is not that easy to.

Most of these people are kids, for God's sake!

Writing a computer worm to show off to your friends is akin to showing off your driving skills. It is just a means of getting recognized by the peers. These people should just be taught that writing bad code is harmful. To compare it to heinous crimes and huge losses is just plain stupid.

If it also causes harm, that is largely because of the immaturity of the technologies. If sysadmins regularly patched up their softwares, and if programmers wrote secure code, the effect of these worms will steadily decline.

But how many admins bother to administer the latest patch? And how many software companies bother to get out good code? It is plain stupidity to blame it all one some poor nerd out there.

Re:They aren't terrorists!

[geophile]

Your posting says that virus writers aren't terrorists because what they do doesn't compare to killing 3000+ people. Then your sig compares Bill Gates to Hitler.

Re:They aren't terrorists!

[dillon_rinker]

Terrorism doesn't necessarily imply killing people. The classical terrorist (ie, the one that exists mainly in poli-sci courses) blows up generators, water plants, radio towers, etc in an effort to destroy the public's trust in the government's ability to protect them. Someone who targets civilian infrastructure meets the threshold for being a terrorists. There's obviously a gradation; those who target large numbers of civilians are also terrorists (duh) but that doesn't mean that someone who blows up an empty building isn't a terrorist.

Furthermore, I would argue that you don't need to have political objectives to be classified as a terrorist. If I blew up a generator station because I think it'd be cool to see, I think it would be valid to classify me as a terrorist. This gets kind of tricky, because it'd be easy to categorize an arsonist as a terrorist, or a vandal, but I digress.

Anyway, the obvious analogy is that someone who targets information infrastructure (ie worm writers targeting email servers) is a terrorist. And don't argue that the analogy doesn't hold simply because there's no no permanent damage simply because it can be repaired. That's like arguing pulverizing every cubic inch of a building isn't permanent damage because it can be rebuilt. Don't argue that there's no real costs associated with worm attacks - do you think net admins work for free? (If so, I've got a job for you :) I'll grant that most costs are overrated.

Counterpoint - if blowing up a building is terrorism, why not burning it down? Should arson be considered terrorism? What about insurance fraud - if I burn down my old barn for the insurance money am I a terrorist? What about vandals? There's a continuum of crimes against property, as well as crimes against people; where do we put "terrorism" on that continuum? We must be cautious in verbiage used to define "terrorism"
in the law, lest the crime be placed further down the continuum than we want.

Counter-counter-point - arsonists rarely burn down every building on the internet; worm-writers at the very least have in their minds the idea that they could take out every email server on the internet (basically a DOS attack) or every workstation with the targeted OS(s) by wiping their drives after re-launching.

C

Re:They aren't terrorists!

[ConceptJunkie]

OK, I'll bite, Troll.

A criminal is, by definition, someone who commits a crime. Speeding is a crime. It doesn't compare to murder in severity.

Actions have consequences. We can (and should) blame Microsoft all day for their flippant disregard of security, but that doesn't mean these script kiddies aren't commiting serious crimes. What if a teenager broke into a factory and managed to shut it down for several hours. Would we be sitting around saying, "Oh, well, he's just a kid with too much time on his hands!" or would we be considering the fact that he cost the company thousands or millions of dollars. Well, Internet servers have reached the point where they can have as much impact on a business as the physical property and machinery.

We need to recall that consequences (and punishment) should fit the crime, not the criminal. A relatively harmless crime needs a small punishment (or possibly even just a warning), whereas a larger crime requires a larger punishment. Otherwise you end up with anarchy.

I don't want to see young kids pulling years of hard time for youthful indiscretions aided by bad security measures, but if there's no threat of punishment, then there will be no deterrent.

I wish it were possible to focus a little less on fuzzy IP issues (which are important, but the government is listening too much to the money and not enough to its own law, precedent, and common sense) and a little more on the fact that the entire global computer network is being bogged down by the actions of a small number of penny-ante vandals.

Re:They aren't terrorists!

[JWhitlock]

The solution isn't to toss them in jail or throw away the key, the solution is to get them to do something useful with their skills and then to use products that don't have so many security problems.

Great idea! Take a kid who obviously has no respect for other's property, and hand him the keys to your enterprise system! By the time he's done, all the backdoors, security holes, and other problems will be patched, except for your script kiddie's backdoors. Then, shoot the script kiddie. No known security holes, and one less 1337 haxor - everyone wins!

The one flaw in your plan is that the folks that make these worms are, for the most part, social backwards (no respect for others' property or lost time, and usually from a middle-class background, so they don't know how to really work for a living), and don't have a great set of computer skills, outside of those needed to find holes. It's a bit easier to find and exploit holes then it is to find and patch those holes, so the assholes will always have the advantage.

Personally, I like the Kevin Mitnick treatment - put 'em in jail for a while, away from computers, then put them on probation, again without access to computers. If you are too socially retarded to play the game right, then you'll have to sit on the sidelines. Too bad these kids are privileged enough that their parents could hire lawyers, and parents are brainwashed into thinking that computers are necessary for their kid's education...

Re:They aren't terrorists!

[alcmena]

An interesting conversation I had with my dad went on similar lines. Consider this:
You are in a car accident, your fault. The other guy was wearing a seat belt and suffers minor injuries. You are charged with failure to control. You pay a minor fine and maybe do some community service.

Now consider your same action:
You are in a car accident, your fault. The other guy was not wearing a seat belt and dies. You are charged with vehicular homiside. You spend a few years in jail.

Your same actions caused two different events based solely on someone else's choice. Is it truly fair that you should be punished more severely for the second result than the first? The same situation exists in your example. You wrote some stupid virus that spreads, but doesn't do much more. Clearly, you're not a saint. However, because some putz in charge of the airport control system left out the patch, your "innocent" virus spread through the airport control system, and unfortunately DOSed it offline. This brought down planes.

Should you really be charged with terrorism when the intent was not there? Where is the responsibility for the other person who allowed this to happen?

Re:They aren't terrorists!

[Afrosheen]

You must be magical because you keep getting mod points and I don't :( Oh well, blow me moderators.

Your point regarding giving skript kiddies jobs creating more skript kiddies isn't very realistic. It's a job, yes, but it's not a job they'd be proud to have. No convicts commit a crime hoping to be making license plates, there's just no incentive. But rather than a pointless punishment (i.e. imprisonment), make it productive. If you do a little research, you'll find that alot of IT security companies have real hackers on board. It makes perfect sense. Alot of insurance companies hire ex-burglars, to see how easy it was to break into someone's home/business. Security is always a 2 way street. It's the responsibility of both the individual and the company/service that provides them with security. Think if you get a 10 million dollar home and have gold bricks lying around in each room. A burglar discovers this from outside. Also you have a million dollar, state-of-the-art security system, but you don't arm it each time you leave the house. Who is at fault when you come home and all your gold bricks are gone?

Re:They aren't terrorists!

[ConceptJunkie]

You must be magical because you keep getting mod points and I don't :(

Think of it this way. I impress the typical /. reader. You decide if that's good or bad. A karma cap and 50 cents'll get you a cup of coffee.

I understand that a lot of IT security companies have hired ex-(h)|(cr)ackers and that's fine. But if getting caught means a good prospect for getting a job in computer security, then rooting someone's box becomes less of a crime and more of a resume builder. You see, there's a significant difference between making license plates, and working in high-tech security. I'm not saying it still couldn't be a deterrent, since many people won't want to deal with an ex-criminal, but people who are stupid enough to make things like nimda, might see it as a way to get ahead.

There are other kinds of useful community service that could be used, even jobs that take advantage of computer skills. I recall a friend got busted for some minor violation in college in the early 80's and ended up setting up a database for a local church as his community service.

I agree that alternatives to "pointless punishment" should be found, because there is an incredible waste of human resource when someone is sitting around sulking in striped sunlight for years on end. But we have to remember that punishment for crimes needs to be something that people want to avoid, not some kind of jobs program for troubled youths. That should happen before the legal system comes into play. We have to remember our first priority is trying to keep people from committing the crimes in the first place, even if we do still want to help them once they do.

That's all I'm trying to say.

Rick

p.s.

Who is at fault when you come home and all your gold bricks are gone?

The thief. You might be at fault for being careless or incompetent (and if it were your job to secure the gold, that's another issue), but the thief is still guilty of far worse. Maybe you shouldn't complain if your house is burglarized, but there is still a significant difference in the degree of moral fault here.

If I walk out and leave my gold bricks lying around unprotected, that in no way mitigates the degree of guilt of anyone who might happen to steal them.

No money in catching them.

[saint10]

A multi-billion dollar industry was created by writers of malware; anti-virus, tripwire, IDSes. Why would any large security company want malware authors to be caught?

Re:No money in catching them.

[ackthpt]

Ages ago, there was something of a scandal in the news when a prominent anti-virus company CEO warned of a doomsday of a new virus or worm making the rounds. Of course, sheep bought the software, but nothing much materialized and the CEO resigned in disgrace after being accused of trying to create a market by scaring people, some people went so far as to suggest the particular company was actually the orgin of virii and worms. Wish I could remember who that was, maybe this is article alludes to it (the Michelangelo virus)

*gulp*

[hiryuu]

"We need to catch them, and place them in a position whereby they are seen for what they are -- a terrorist," Cooper said. "The cost to our businesses, not to mention our way of life, is simply too high to not pursue these individuals."

Terrorists? Virus writers are terrorists? Keep it up, boys, and the word will lose all meaning and everyone will be desensitized to what it really means. Sheesh.

Obviously the legal system doesn't see them as such, yet, from the details of the article.

Re:*gulp*

[Silver222]

Everyone is a terroist now. The meaning of the word has been so diluted because everyone with an agenda to push labels people they don't like as a terrorists.

Pretty soon you won't be able to sneeze in a subway car without someone accusing you of biological warfare.

Wasted bandwidth from SirCam

[Adversive]

I answer Webmaster e-mail for Velocitus Internet Services and I typically receive about 150-200 SirCam virus e-mails every day.

As SirCam virus e-mails average 250kb per message, each month we pass over a gigabyte of bandwidth on this crap.

I wonder if its possible to approximate how many dollars worth of bandwidth and lost productivity have been lost to these kinds of worms. I don't see why the authors shouldn't be prosecuted more harshly. This is just large-scale vandalism that raises the prices for everyone else to make up for it.

Re:Constructive Uses?

[arrow]

It has been done. I can't remember off the top of my head which one, but I cleaned up a virus infection about a year ago that installed the distributed.net client.

Its gotten bad enough that Symantec has posted a KB article on it, here.

Distributed.net also has a trojans page here.

---
www.symetrix.net

Form a posse?

[Nikau]

OK, maybe "posse" isn't the correct term. But in the article it says that most of the information leading to an arrest of worm writers comes from people who happen to see the worm writers bragging, etc.

So what I'm wondering is if anyone has bothered to form an organization to do exactly that, maybe along the line of CyberAngels. Let's face it, the people who write these useless things, although they definitely aren't terrorists, are wasting other peoples' bandwidth, resources, and precious time. And they do deserve to be punished. But what's stopping the slew of arrests is a lack of manpower. Law enforcement officials can't be everywhere, they have their limits.

So what I'm suggesting is something based off of CyberAngels. The people volunteering there track down stalkers, harassers, child pornographers, and other "cybercrimes" that go beyond the Internet and into your personal life. They do good work. My idea then, is much the same. Get people with the necessary skills, who understand the net, understand the technology, and make use of those skills to help track down all those worm writers, script kiddies, and the like.

Personally, I think it may work. Anyone have any thoughts?

Riddler?

[Monkey-Man]

"Cyber criminals are like idiot Hansel and Gretels, scattering electronic breadcrumbs that lead straight to them," said retired New York City detective Pete Angonasta. "You just don't see this sort of behavior in other criminals. I've never seen a burglar leaving cute notes crediting the crime to himself. "

This detective must have never watched the old Batman shows.

Punishment?

[Darth+RadaR]

But even when writers are caught and brought to trial, the legal system often doesn't know what to do with them.

Pah! I know what to do with them. Charge the writer of a virus/worm for time the Admin puts in to fix or block their poisoned program. If the virus/worm writer doesn't have the money, then the Admin will charge through violence to where one hit upside the virus/worm writer's skull with a 2"x4" will be exchangable to 15 minutes of the Admin's time that could have been better spent.

Sorry to rant, but virus/worm copycats^Wwriters really get on my nerves, especially when I could be spending that time doing something with my friends, instead of telling sendmail to block out the latest "Melissa" clones.

Time for a better metaphor

[drew_kime]

"If someone left their front door unlocked ... " Gah, I am so sick of hearing that analogy every time someone talks about computer security. Phisical theft and defacement is not the same as digital. So what would be a better analogy?

Imagine if someone went to a photographer and had some "personal" photos taken for their spouse. And that the photographer made poster-size prints and put them in the front window with a sign saying, "Please don't look at these."

Would you prosecute the 13-year-old kid who came by and looked at them? How about if he took picutres of the posters and put them up on his web site? The originals are still "secure" in the studio's safe. How can you blame the photographer?

If current computer law (UCITA, DMCA) were applied to this situation, the 13-year-old would be in jail and the photographer would be suing me for telling you that the posters were available.

Re:Time for a better metaphor

[Winged+Cat]

Actually, there is a relevant legal theory for this kind of insecurity. Take, for example, a swimming pool with no fence around it, in a neighborhood with lots of young kids. The pool tempts some kids to try to swim - but, for those who don't know how to swim, it can drown them. The legalese name is "attractive nuisance", and the owner of the pool can be held criminally negligent for not putting up even minimal security (say, a solid wood fence to obscure the pool from public view, or a chain link fence with a locked gate that at least prevents kids from getting at it without nontrivial effort).

Now imagine if, instead of being posted in the windows, the photos were in a drawer with a big-lettered sign - big enough to be readable from the street, through the open door the sign faces - that says "Nude pix! Do not open!". I suspect the same legal theory could apply, especially if the kid were to sustain any injury as a result. (The way the world is going, forever destroying one's ability to blindly trust big institutions might almost count as "injury". ^_-)

I know this applies in California, USA, at the least; does anyone know if it applies elsewhere?

Misplaced blame

[ryanvm]

I really liked the analogy a previous poster in a different thread had come up with:

Virus/worm authors are like cockroaches. Sure it sucks to have to deal with them, but it's your own damn fault. And prosecuting is pointless - there's a million more where the last one came from.

Most current viruses are NOT very sophisticated. They exploit wide-open security holes in unpatched operating systems that were produced by careless vendors. It's like getting pissed at people walking into your house at all hours of the night. Yes, they shouldn't be doing it - but if you were locking your doors it wouldn't be a problem.

My point is that the blame should not fall entirely on the virus/worm authors. It should be evenly distributed between the vendor (for being negligent with regard to security); the system admin (for the same); and the virus author.

Bad Examples

[overunderunderdone]

Economic damages, bandwidth loss, destroyed data, and wasted time are harder for a cop to take seriously than, for instance, a body on the ground... It is an interesting thought experiment to consider what will happen when a teenager playing in an advanced biology course cultures a virulent bacteria or virus.

I'm all for considering computer crimes as "real" crimes. The damages you mention are real, the crime is real. The motivation whether it's greed, political activism, or just being a "prankster" is irrelevant. Such attacks on computer systems and networks can do enormous economic damage and should be treated as serious crimes.

But you undermine the argument by overstating it and picking examples of even more serious crimes to compare them to. A cop takes a body on the ground more seriously than economic damage, bandwidth loss, destroyed data and lost time because it IS much much more serious. A microbiology student infecting people with a real virus would be a far more serious crime than even the most damaging computer virus.

...Or consider if "goner" had been tracked to the other side of the tanks... to a group a Palestinians.

That is a very interesting thought experiment. I'm a little torn on this since in general I think the act is what should be considered illegal not the motivation behind it. The "not guilty by reason of sincerity" defense (if we approve of your cause) as well as "EXTRA guilty by reason of sincerity" (if we don't approve of your cause) are abhorant to me. They raise the specter of state sanctioned lawlessness and "thought crimes" - It is a mix I associate with tyranny, think of the mutually reinforcing state sponsored lawlessness of kristalnacht and the totalitarian state control of everything else.

On the other hand being blind to considerations of motivation and association could be taken too far. Society, if only to protect itself must take them into account. A lone hacker causing massive economic damage as a prank is a different kind of *threat* than an ideologically driven organization with a stated goal of destroying the society - even if the *crime* is identical. The organization is treated more seriously not because the crime is more serious but because the threat is more serious.

We need to define the crime a worm writer commits

[Philbert+Desenex]

First, the "WiReD" article confuses worm - a program or process that propagates itself to a different computer, usually via some networking protocol, and chainmail - an email message that requires human intervention to automatically send out more email messages, usually containing the same or slightly evolved chainmail. WiReD should straighten up its vocabulary on this issue, they do no service to anyone confusing the two.

Second, the techniques used by both chainmail and worms are all used by legitimate scripts, programs and emails. How does law enforcement propose to declare one email message a crime, and another legitimate? And I don't mean "Let's ask some expert like Graham Cluely."

Sure an IIS worm like Code Red usually uses some initial exploit, like overflowing a buffer in an IIS module or service or plug-in or whatever the MSFT lingo is, but Nimda used a variety of techniques built in to IIS, "shares" and Outlook. The variety of Outlook worms (Anna Kournikova, Nude Housewife, etc etc) and even the CHRISTMA EXE chainmail of 1987 used entirely legitimate techniques built in to Outlook and other email viewers. The 1988 Internet Worm used both legitimate techniques (BSD "r" commands that didn't require a password) and exploits like "fingerd" buffer overflows. How do we define the crime - "I didn't authorize this use of Outlook" really doesn't amount to a way to decide whether or not a particular program committed a crime. Similary, worms like x.c get telnet servers to crash in particular ways when they spread. Gee whiz, a network server process crashes! That's news, for sure. I guess that hasn't happened to me since yesterday. How do we make one instance of a crashed program a crime, and another instance into a bug report?

Let's define "terrorist," shall we?

[tswinzig]

"We need to catch them, and place them in a position whereby they are seen for what they are -- a terrorist," Cooper said.

Since some people are confused, let's look it up in the dictionary.

terrorist
n. One that engages in acts or an act of terrorism.

terrorism
n. The unlawful use or threatened use of force or violence by a person or an organized group against people or property with the intention of intimidating or coercing societies or governments, often for ideological or political reasons.

Now, I do agree that a skilled person could use computer viruses for the purposes of terrorism, as defined above. But clearly 99% of viruses do not fall into the category of terrorism, and therefore calling their creators terrorists is quite a stretch. Most of them are smart young people with no common sense, no direction, and a distorted sense of right and wrong ... a.k.a. criminals.

I'm sure Russ Cooper is more interested in getting his site linked from wired, and knows mentioning the buzzword 'terrorist' is sure to get a soundbyte.

Re:crimes?

[Pig+Hogger]

So if I leave a window unlocked, it is ok to break into my house? If a woman is wearing a short skirt, it is ok to rape her? You have cash on you, it is ok to mug you? You have a nice car, it is ok to car-jack you?

If your appartment/house has an Abloy high-security lock, it is far less likely to be picked than the neighbour who only has a el-cheapo generic tin-metal lock...

Terrorist no longer means anything...

[Ami+Ganguli]

Over the last few months the word "terrorist" has lost all meaning. I also heard the other day that child pornographers were being called terrorists. And of course the Isrealis, Palestinians, and Americans are terrorists, depending on who you ask. I'm sure the people who set fires around Sydney were terrorists too. Nowadays a terrorist is anybody you don't like.

The old definition of terrorist was somebody who used terror as a tool to some political ends. Basically, if you can't defeat your enemy in a head-on attack, you choose an easy target calculated to demoralize the enemy.

It's too bad, because 'terrorist' really was a useful word. Now that it's being used so broadly there's no concise way to talk about 'classic' terrorists.

Illegal software

[CaptainSuperBoy]

I am of the belief that there is practically no piece of software that should be illegal. This includes viruses, worms, spamware and other software with no redeeming qualities. It's one of those slippery slope problems where you're banning certain types of speech, but it could easily get murky as to what was a worm or a virus. Some security software has just as much legitimate use as it has potential for misuse.

The only rational solution, as is the case with other "banning the tool vs. banning the act" problems, is to ban the act of dissemminating virii or worms maliciously. Banning certain types of software is an ill-conceived notion, just like banning certain guns.

Those who believe that software (in the US at least) is constitutionally protected speech may want to think twice if they believe virus writers should be prosecuted. Judging software based on its purpose is probably impossible - is deCSS a tool for piracy or for interoperability? Depending on who you ask, you will get 2 different answers. Is back orifice a security tool or a hacking tool? Is it a virus? Should the writers be prosecuted?

Virus/worm software does have redeeming educational value, however little.. it's useful for exposing vulnerabilities, even if it only shows that the end user is stupid.

So even though virii, worms, spamware etc. are a pain in the ass, I do support your right to create any type of software you like. The other alternative, banning classes of software, is actually more dangerous.

Note this has nothing to do with my view on copyright. Of course if you infringe someone else's copyright in your software you are breaking the law.

Re:This is the way I learned comuters!

[Restil]

Somewhat off topic...

But a few months ago, a system I maintained got hit by a cracker. Completely my fault, had a rather obvious security hole. So, I shrugged my shoulders and went about the task of reloading the system. Only I didn't patch up the new load right away, and he got back in, playing exactly the same games. Removing log files and setting up irc bouncers. Sure, I could have spent another hour and done a reload correctly at this point, but I decided to play with this guy for a while. Since the machine wasn't vital to any operations, I simply quarantined it on its own network, and set another system on that network strand to sniff all data going to and from the telnet and ftp ports.

Then I let the guy have fun. I'd hate to make assumptions as to his age, because I never did find out exactly, but judging by his rather brazen messages I'd place him in the sub-20 crowd. So after obtaining logs from more than five ip addresses from an ISP, I called the ISP and after they figured out which customer of theirs it was, I had them call the customer and mention that I'd be pressing charges if it didn't stop. It stopped. Completely. Never even tried again.

Now, I know as well as most poeple, that even if law enforcment even paid attention to me, it probably wouldn't go anywhere. I figure it was probably the parents of that kid that got the phone call from the ISP and while they may not be completely aware of what their son was doing, they were pretty damn well aware of what the scare word "hacker" meant and probably started to monitor the activities of their son a little more closely, as they realize they'd be legally liable if someone actually DID press charges.

I'm sure this cocky guy didn't stop of his own free will just because he realized someone was on to him. He knew I was on to him before that and was making quite a scene when he thought he had thwarted my sneaky logging techniques (he wasn't aware of the sniffing). If he was smart he would have stopped then, but no, he kept on trudging. But a single phone call stopped him.

I almost have to assume it was the parents.

-Restil

If you don't call everyone a terrorist....

[MadAhab]

... then the terrorists have already won.

D'oh.

Re:About the bandwith...

[ellem]

how much bandwith is used up during a worm attack such as nimbda

7

New kind of free?

[ansonyumo]

Free as in beer
Free as in software
Free as in worm author

TERRORrism

[markj02]

Terrorism implies creating terror. I'm sorry, but most people are simply not scared by the prospect of finding a virus attachment in their E-mail: it is both common and easily dealt with.

Re:Constructive Uses?

[Sly+Mongoose]

If you want to write a "constructive" virus, let me make a suggestion:

Target the mail-spamers. Go looking for the popular spam-blaster software and alter it to send 100,000 e-mails an hour to the Whitehouse. Locate 10,000,000 e-mail addresses in a file and randomize the domain and username. Alter the body-text of the out-going message to delete all telephone numbers, e-mail addresses, URLs, etc, and add a message including the senders real e-mail address, phone number, and whatever else personal info can be gleaned from their system configuration. Send pro-terrorism rants instead of adverts and make sure the FBI is on the list of recipients.

I mean, if you are going to cobble together a few dozen lines of VBS, why not make it do something USEFUL?

Put a price on their head

[FreeUser]

OK, several points:

• Virus, Trojan, and Work authors (who disseminate their software into the open net) are criminals. The are not terrorists, as nothing they do comes anywhere close to instilling terror. They are vandals, perhaps even "mass vandals" if there is such a word, but terrorists they are only in Newspeak.
• They should be punished for their crimes, and the punishment should fit the severity of the crime. For the record, no amount of monetary damage comes anywhere close to equalling the atrocity of a single act of violent rape or murder. Keep that in mind when pondering sentences.
• If these worm authors really are doing billions and billions of dollars of damage here in the cosmic fugue, then perhaps the corporations so affected should put a few thousandths of a cent on the dollar where their mouths are, and put a bounty on the perps head. Say, oh, I dunno, $25,000,000 US?
• Of course, the real damage done isn't anywhere close to the same order of magnitude as that which is claimed, which is probably one reason why a $25M bounty is seen as exhorbitantly expensive, rather than a bargain. Go figure.
• If one more person equates terrorism with blatently non-terroristic acts, such as voicing a dissenting, perhaps unpopular opinion or committing acts of vandalism (electronic or otherwise) which clearly do not instill "terror" in their victims (except perhaps the terror of one incompetent system administrator about to loose their job and, I'm sorry, that doesn't count as widespread terror by any sane definition) I will personally bitchslap their ass to kingdom come.