Slashdot Mirror
Tracking Mafiaboy
Cruciform writes "The National Post has an article on the police effort to track Mafiaboy two years ago as the DoS attacks raged against Yahoo, E-trade and others. An interesting read."
Its a fairly lengthy story with lots of little bits in this tale of a script kiddie.
F1RST P0ST NIGGERS
choad
should be gaoled for life
What a chase the FBI lead us on. I remember that weird looking pokemon-wielding 'hacker' that graced a few big times newspapers. I wonder what ever happened to him. Anyway, anyone think its weird that the FBI took the all might 'we know everything' route, and managed to fail to the Royal Mounted Police. Anyone see some humor in this? Or should I say humour?
THIS R H4X0RMAN. U R H4X0R3D AND TIHS SI UR NOTICE. KTHXBYE
*cough*
the article showed something about a family's influence. Mafiaboy's father was a business type that cared little about his kids, resulting in some problems for them, as shown in Mafiaboy's DoS actions and problems in school (suspensions, expelled from one school, etc). During the investigations of the DoS attacks, they found that the father was trying to hire a hitman to kill a business associate for getting screwed on a deal.
If anything, it shows why good family life generally fosters good behavior in kids. I wouldnt be surprised if other 5r1p7 k1dd135 out there have similar family life to that of Mafiaboy.
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
no more war!!
The FBI, CIA, and NSA put up smoke and mirrors so you think they're actually doing something, but they aren't. They scam the stock markets, make us all fearful, then completely fail to assess threats to their nation.
Why is this? Because it is utterly impossible to keep tabs on what everyone,everywhere is doing. Unfortunately, they have convinced the citizens of the United States that they are all seeing and all knowing.
Which is a shame, because it means that the work of real police forces is downplayed in the press, because it's not as sexy as Big Brother. Even though Big Brother is useless.
By using words like these in the wrong context, we're linguistically painting orselves into a corner.
This reminds me of something C. S. Lewis once wrote:
The word gentleman 'originally meant something recognisable; one who had a coat of arms and some landed property. When you called someone 'a gentleman' you were not paying him a compliment, but merely stating a fact. If you said he was not 'a gentleman' you were not insulting him, but giving information. There was no contradiction in saying that John was a liar and a gentleman; any more than there now is in saying that James is a fool and an M.A. But then there came people who said - so rightly, charitably, spiritually, sensitively, so anything but usefully - 'Ah but surely the important thing about a gentleman is not the coat of arms and the land, but the behaviour? Surely he is the true gentleman who behaves as a gentleman should? Surely in that sense Edward is far more truly a gentleman than John?' They meant well.
The lesson is that 'MafiaBoy' was just stupid. He went and hacked sites and publicly bragged about it. He even asked people to dictate his next target.
If you go and rob a store and then brag about how you did it at the bar, you're gonna get caught.
Stupid stupid stupid...
Here is a mirror.
Alan Thicke's Journal
My Slashdot ads say "
Dear Recipe Troll:
I enjoy pancakes quite a bit! About a
month ago, I came across a 'Swedish
Pancakes' recipe (the text is still
legible) but when I try to follow the
recipe I generally end up with lumpy
pancakes. I'm nearly 100% certain
that the lumps contain either baking
soda or flour.
I was hoping you could suggest a fix
for the problem, or better yet, a
recipe for fluffy-yet-rich pancakes
that work well with a topping of
butter and blueberry syrup.
Should be required reading for all script kiddies and wanna-bes.
It's damn difficult to totally cover your tracks. Unless you're truely elite, if the FBI wants you badly enough, they'll find you and you'll be making some hairy-backed felon a very happy man.
Don't anthropomorphize computers, they don't like it.
I'd like to point out as someone who knew of mafia boy in person, he was deffinately a loser. Only people with no life DDOS people and think they can get away with it.
When people beat up this little punk, nobody cries.
where he is not allowed to use any software that is not commercially available as part of his sentance. What does free software have to do with this?
The funny part is that there was nothing new about the attacks. They were not especially large even, he just targeted e-commerce sites instead of IRC servers.
Attacks of gigabit magnitude happen very often. The tricky part is actually concentrating that kind of bandwidth on a target without bringing down the links halfway to the target.
If you moderate it as a troll than you are a FUCKING GOATSEX LOVING FREAK!
From what i got from the artcile the moral of the story (beyond not being a script kiddie) Is to only attack one site then totaly change your methods/location. Even after they knew it was mafiaboy, they still had to wait tell he did another attack to capture real-time evidence..
Just so people know the definitions of certain words (although I do presume that most of the slashdot community are familiar with these):
script kiddies
hacker
cracker
I read this article in the paper version on Saturday, and it immediately made me think of a person I know. "Mike" is really big on trading "warez" and playing "gamez" (in fact, that is all he is doing these days).
Having known "Mike" for over 5 years, I can attest that he is not lacking for brains, especially with computers, but he just can't be bothered to apply himself to some productive end.
He is not especially interested in doing any worthwhile computer training now that he's finished high school. Strangely, his parents complain about this but can't be bothered with doing anything about it.
"Mike" seems to be typical of the script kiddies I've encountered... generally smart, but can't be bothered to put in the effort to do anything. Is this the experience of everyone/anyone else?
I'm also wondering if anyone has any tips for weaning people off the "warez d00d" "l33t" trip, ie. actually putting their brains to some productive use. Perhaps an AA style "five step plan"?
"The 14-year-old boy who liked basketball and girls would soon capture the attention of the entire online world"
Surely an interest in basketball and girls would make him ineligable as a hardcore cracker? I mean such wholesome interests, how could this possibly happen?!?
Back in the days were men were men and hackers were coders,
What a pity this term has been lost to us - and all we seem to have lest is a picking up of 'geek' - something I occasionally call myself when I have to, but I'd rather 'hacker'.
I shall have to make do with just enjoying what I do.
a grrl & her server
Good to know he's going to jail! I mean, now he will reform after spending countless hours locked in a room recieving nothing but negative attention. The reign of chaos he was about to bring upon us was narrowly avoided. He must be one of those terrorists. *End sarcasm* This kid is another fine example of the product our society is producing.
_____ "If liberty means anything at all, it means the right to tell people what they do not want to hear." -- Orwell
It is crap, its so crap infact, that the OpenBsd website runs on Solaris!
Netcraft tells it all!
BSD IS DYING! Linux rules!
Does anyone seriously care about this story?
What is commercially available software?? Do GPL products only available for free download count?
Also, how do you ban someone from talking with hackers??? I think the true definition of what a hacker is was lost on the judge.
Lastly, why ban someone from doing something which is illegal anyway... hacking into other websites? The ruling should be modded down to -5 reduntant. :-)
Live today. Tomorrow will cost a lot more!
By the time it was over, the Yahoo! attack alone would involve enough data to fill 630 pickup trucks with paper.
But what font size did they use?
Hey Mario, the boss says your time is up, now you gotta' pay the man. Its not personal to me, you know?
Headlines
.Net deprecates MFC - World rewrites code bases - in STL
Windows XP requires dll hack to reload OS without Evil Empire approval - Lord Gates: "I have altered the deal, pray I don't alter it again!"
Send money to M$ every few years - or else no soup for you!
What's next, late fees?
Just goes to show you what any kid with a high-speed line can do. Too bad this kid wasn't smart/experienced enough to cover his tracks the first time.
He let his ego get in the way after the Yahoo and Amazon attacks... he deserved to get caught. If he had just layed low he probably coulda got away with it.
There are only 10 kinds of people in this world... those who understand binary and those who don't
Microsoft, like Enron, now pays zero federal income tax, even though Microsoft's earnings for the two years ending June 2001 exceeded $15 billion. This nonpayment of federal income tax is indeed the largest source of Microsoft's massive $40 billion cash balance. http://www.portlandtribune.com/archview.cgi?id=972 6 The fundamental problem is that Microsoft is incurring massive losses and only by accounting illusions are they able to show a profit. Specifically, Microsoft is granting excessive amounts of stock options that are allowing the company to understate its costs. You might ask yourself, what would happen to Microsoft's stock price if the public suddenly realized that they lost $10 billion in 1999 rather than earning the reported $7.8 billion? If 80 percent of its stock value or roughly $400 billion is the result of a pyramid scheme, one might also ask what kind of effect this could have on the retirement system. It is also important to note that this is a relatively new situation that did not occur before 1995. The Economist noted that a proper accounting at Microsoft would result in a loss of $18 billion for 1998 rather than the reported earnings of $4.5 billion. If you are not an accountant, don't waste the time pretending you are, trust The Economist, the earnings are not real. Don't let yourself be intimidated or deceived by financial analysts, TV commentators, bullies on Internet forums or Microsoft's elaborate public relations campaign. http://www.billparish.com/msftfraudfacts.html
I agree, the intent was likely to have only "real" software like games and applications. Stuff that you could buy.
Not the exploit of the day.
Somone else noted that most free software is commercially available, the judge didn't state he must obtain it through commercial channels.
Everybody knows that it's the fault of subversive artists like Marilyn Manson and Rage Against the Machine, coupled with violent games like Quake and lewd games like The Sims. Hell, if they dig deep enough, they'd probably find a few Al Qaida operatives in the mix.
Dirty pinko communist.
--------
Bleah! Heh heh heh... BLEAH BLEAH!!! Ha ha ha ha...
where he could play with junius and the commode
the f**ing little sh**t
This all happen around the same time as the US was pushing Canada for hasher laws on Cyrpto, other sofware, and other offensive media (books, films, music). There is much more to this story, and the reasons why he pledge gulity. The real infomation is out there, but due US/Canada relations (not being very good at this time), no one has the acces to the truth. I have even try to go though the access to information act, but still have yet to see any thing back from the Cdn Gov.
-- Cindy
Just what we need - more ego stroking for Mafiaboy. Doesn't anybody understand that articles like this are what drives these assholes into making these attacks? They do this for the egobo - "Look at me! All these major news outlets are talking about me! Aren't I wonderful?"
I think one of the single best ways we could discourage this crap would be to take anybody we catch doing this, and cane them on national TV. Show the piss running down their legs, show them crying for their mommies. Then follow up on them in prison - ask them how many times they've been the woman. Make sure they look as uncool as possible. That way, when the other would-be script kiddies see this, they won't think it's cool - they will think it's most uncool.
(/me continues to whack hornets' nest known as Slashdot)
There was a good reason for punishments like the stocks - it made everyone in the community see that breaking the rules was BAD, and that BAD things happened to those who broke the rules. Yes, it was cruel to the individuals in the stocks. News flash - IT WAS SUPPOSED TO BE! It tended to make even the lowest miscreant reconsider his actions. I'm sorry if it offends you, but who better to suffer the consequences of negative actions but the moron who committed them!
Look - if somebody makes an honest mistake, cut them some slack - I'm not for throwing somebody into the stocks because they missed a stop sign, or because they accidentally didn't secure their computer. But if somebody with malice aforethought commits an act against the community, I say "Nuke them 'till they glow, shoot them in the dark, and let $deity sort 'em out".
www.eFax.com are spammers
1) Internal Revenue Service cannot collect taxes from interest because there is 0% interest
2) Pay bills online and having access to ATMs through-out the State
eTrade is FDIC insured and must obey Codified Federal Regulations and Unitest States Code, so it should be possible under 18 USC Sec. 242
And I quote 18 USC Sec. 242, but I digress who at a bank wants to give me their services unlimited in return for holding my money without having to pay me a high interest rate (*grins*).
"Whoever, under color of any law, statute, ordinance, regulation, or custom, willfully subjects ay person in any State, Territory, or District to the deprivation of any rights, privileges, or immunities secured or protected by the Constitution of laws of the United Sates, ... shall be fined under this title or imprisoned not more than one year, or both"
This script kiddie could have been a cool hacker if he attacked spamhaus or other spam related companies instead. Now he is just a stupid teenager that annoyed us for an hour or two.
There's a ''critical'' security flaw in a Microsoft debugging app. Microsoft says the debugging app found in Windows NT 4 Server and Windows 2000 contains a "critical" flaw. Under certain circumstances, the flaw could enable a hacker to circumvent the authentication system used by the debugger, take control of an app and possibly launch others, according to a Microsoft security bulletin. Attackers could take any action on the system, including deleting data, adding administration accounts, or reconfiguring the hijacked system. More details, including an available patch to fix the flaw, are available athttp://www.microsoft.com/technet/treeview/defaul t.asp?url=/technet/security/bulletin/ms02-024.asp The company should have responded sooner to the debugging issue, which was discovered in mid-March. They were aware of it quite a while ago and didn't acknowledge it.
*I*, 4 years ago, in a story about ESR, posted a comment that everybody should : Nuke the dumb fucka. It was the age of winnuke, teardrop, etc.
/. that know nothing important except running scripts with winnuke+teardrop+etc".
Then the term "script kiddie" was invented to refer to "script kiddies of
Funny. If you find ONE "script kiddie" i will be amazed.
This is the truth whether you want to believe it or not. Get your facts together.
Posting AC for obvious reasons...
Comment removed based on user account deletion
1) Earnings Management: The first and most important tool Microsoft uses is the manipulation of earnings to ensure analysts' expectations are met. According to an ABC News 1/22/99 article by Michael Martinez, Microsoft's own internal auditor, a respected 30 year veteran and former partner of Deloitte and Touche, was fired in 1996 after informing management that their earnings manipulations were illegal and violations of the SEC and FASB laws. He was given the option to resign or be fired and later settled for $4 million after suing under the Federal Whistle Blowers Act. 2) Speculating on Their Own Stock: Microsoft issues a massive amount of put options. During the same quarter ended 3/31/99, Microsoft sold put contracts on their own stock for $400 million, basically betting that the stock will not decline. They need not worry because they are allowed to "cook the books." Of Microsoft's significant cash balance, it is also a financial fact that more than 65 percent of that cash did not originate from product sales but rather from tax benefits associated with the exercise of stock options, employees prepaying their own wages, and the sale of put contracts on its own stock. Microsoft's financial innovation is making a mockery of financial integrity, ethics, and the securities laws, just as Insull did in the 1920's. 3) Convincing Employees to Take Less Real Wages: Microsoft aggressively markets stock options to new employees in an effort to take wage expenses off the books. They also know that they can pocket the exercise price employees will be required to pay to take ownership of the stock. What also seems clear is that Microsoft is still aggressively marketing its stock option program to new recruits. To quote an email received, "I am about to begin employment at Microsoft and the stock option was the selling factor. Does your article overall state that it will be bad for me and will fail me in my retirement planning?" Is Microsoft fulfilling its disclosure obligations to its own employees, especially those that have put their entire 401K balance in Microsoft stock? This explains how 22 percent of Microsoft's massive cash balance has actually come from its own employees in the form of them prepaying their own wages through stock option exercise prices. 4) Publicly touting the stock: In a recent earnings release, CFO Greg Maffei jokingly cited 10 reasons why Microsoft is a $1 trillion company. A common strategy here is to have top executives issue conflicting statements, one talking up the stock and the other talking it down and then within a few days financial analysts all come out with buy recommendations on the stock due to a small decline. They are making a mockery of financial integrity, ethics, and the securities laws. 5) Controlling the media. After issuing several press releases on PR Newswire, Microsoft told the service to stop issuing my press releases. Microsoft is PR Newswire's largest client. PR Newswire is owned by Miller Freeman of the UK, a large media company that publishes many computer related publications including Information Week in addition to Microsoft focused journals such as the Windows System Developer. Miller Freeman does indeed function as if it were a department of Microsoft itself. 6) Stock Option Accounting: It is important to note that any discussion of stock option accounting must address two completely different and independent situations. The first is to analyze the impact of options exercised and already retired and the second is to analyze the remaining options debt outstanding. This study focused on both whereas most media coverage only focuses on the remaining options debt outstanding. Options Exercised and Retired: When stock options are exercised, the options are retired as the employee takes ownership of the stock. The value of these "retired" options should not be a subject of debate. Upon exercise, the options are valued at the market price of the stock less the exercise price and the employee pays W-2 taxes on this gain, even if the stock is not sold. The company then takes a tax deduction for wage expense for the same amount. What is surprising is that not a dime of this expense is charged to earnings at Microsoft, which they could voluntarily do. This amount alone for 1999 should exceed $9 billion even though net income is only $7.8 billion. Remaining Options Debt Outstanding: The remaining unexercised stock option liability is a completely separate issue and a debt just as real as the current stock quote, especially if half of the options are currently vested and exercisable. We all know that stocks can be over and under valued yet the market gives us a price on any given day and that is the price. The Black Scholes and related footnote disclosure is a great mathematical model yet has become nothing but a Trojan Horse for plundering the retirement system. What the Treasury Department and Federal Reserve might concern itself with is that this debt, $60 billion at Microsoft, has no interest cost that hits the income statement and increases $800 million with each $1 increase in the stock price. Simply put, Microsoft is somewhat immune to Federal Reserve interest rate hikes, which explains why the stock is increasing as the Fed raises rates and continues creating a Long Term Capital like debt pyramid. 7) Purchasing future sales via equity investments: Another earnings management tool being used by Microsoft is the purchase of future sales via equity investments in other companies. Here is my understanding of how that works. I could be wrong on this and therefore the best thing to do would be confirm these claims with their CFO, Greg Maffei. First of all, Microsoft makes a $250 million investment in WebMD for an 11 percent equity stake and part of the deal is that WebMD commits to $100 million of advertising on MSN network. At the same time, Microsoft agrees to subsidize an equal amount in medical prescriptions for people using WebMD. Of course there are a few other interesting aspects of this transaction which won't be addresed in this report. You have basically bartered a purely paper transaction and current accounting rules will allow you to recognize the entire $100 million as revenues for MSN network, even though you are just "trading checks." That is, you are trading subscription subsidies for advertising revenues. Advertising revenues are indeed the political currency of the 1990's. Keating spent his dollars buying influence in Washington, D.C. Microsoft is buying influence on Madison Avenue. 8) Managing the financial analyst community. Another excellent earnings management technique is the management of the analyst community. This can be done by directing investment banking business associated with acquisitions to a variety of firms based upon their opinion of the stock. Microsoft purchased more than 33 companies in 1998. A good example here might be Rick Sherlund of Goldman Sachs, often noted as the guy who can move tech stocks. One might ask why Mr. Sherlund refers to Microsoft as a company with no debt when they clearly have a contractual obligation, just as real as today's stock price, of $60 billion to their employees. Fidelity Investments, one of Microsoft's largest shareholders and also provider of their 401K retirement plan, has been silent on this issue. 9) Trying to Discredit Those Seeking to Expose the Scheme: Microsoft fired its internal auditor, regularly bullies reporters and has told numerous publications that I am an extremist. This might explain why reporters are afraid to print the facts, for instance that Microsoft took a $9 billion tax deduction for wages in 1999 and didn't charge a dime of this amount against earnings. 10) Money Laundering: Microsoft has been aggressively investing cash pilfered from the retirement system in a variety of new businesses, many outside the U.S., including cable investments in Brazil and England. We read about the Russian government robbing its citizens of $10 billion in IMF loans. What about the impact of the retirement system being pilfered and being set up for a Savings and Loan like debacle? 11) Corruption of Higher Education: Microsoft is making massive cash infusions to leading Universities and impairing the system's independence. In the last year alone Microsoft has given MIT more than $50 million in grants, focusing on key growth areas including storage services and software to provide course instruction over the Internet. In the past we were able to rely on these Universities to stimulate key debates yet now they are silent on this pyramid issue. Two Universities that should be ashamed of themselves for not only not disclosing this situation yet also fostering its development are Harvard and Stanford. They are contributing greatly to the complete corruption of our financial markets. 12) Manipulating Investors Who Use a Passive Approach Relying on Indexes Such as the S&P 500. In an effort to reduce investment fees and provide solid diversification, investment based upon mirroring the S&P 500 has become the most significant component of large public pension plans. Since Microsoft represents more than 4 percent of the S&P 500, Microsoft knows that four cents of every dollar going to stock purchases will go toward the purchase of Microsoft stock. Again, this situation has developed because Microsoft has inflated its earnings to such an extent that it looks much more profitable than it really is, fueling interest in the stock and resulting in a market value of close to half a trillion dollars. It is admirable to stick to an investment strategy using passive indexes based upon the S&P 500, yet this is not about investment strategy but rather fraud management. For this reason a letter was sent to the top 100 teachers unions in the country, encouraging them to effect a policy change designed to combat this fraud and have Microsoft removed from their portfolios. California State Controller Kathleen Connell, who sits on the board of the California Teachers Pension, has also been sent a summary of findings in the hope that she will help address this issue. Another good question might be, why haven't the State Teachers fund advisors initiated this effort on their own, that is, to modify the index in order to protect participants and meet their fiduciary responsibility? Is it not also ironic that Judge Penfield Jackson is trying to determine whether or not Microsoft has monopoly power and meanwhile his pension is most likely being plundered by Microsoft in the most significant financial fraud this century? Federal Pensions rely heavily on an S&P 500 index fund. In October the Dow Jones Corporation decided to add Microsoft to the Dow Index. On a market cap basis, Microsoft will now account for more than 15 percent of the entire index given that its market capitalization and stock option debt exceed $540 billion. Microsoft now also has 5.2 billion shares outstanding, not including an additional 800 million shares committed and outstanding to employees for stock options. This means that a $1 change in the stock price creates a change in their market cap of $6 billion. Gross annual sales are only $20 billion, an amount on which significant losses occurred. Sadly, the Dow Jones Corporation, parent to Barons and the Wall Street Journal, has also unknowingly become a key contributor to this massive financial fraud at Microsoft. In the last 6 months the Dow Jones Corporation, which earns licensing fees from these indexes, has initiated two new indexes which will allow Microsoft to accelerate its plundering of the retirement system. These are the Global Titan Index and secondly the revised Dow Index. Both could result in significant new demand for Microsoft stock and leave investors holding inflated paper just as Savings and Loan investors were left holding junk bonds. Given that Microsoft may be the largest advertiser to the Wall Street Journal, perhaps they should make an outright offer to purchase the Dow Jones Corporation. This would provide more clarity regarding constituencies and the Wall Street Journal could be added to the MSN lineup. Rather than disclose this situation, the Wall Street Journal has instead focused on trivial items regarding Microsoft's financial practices, most recently how deferred revenue is recognized. It is astonishing that the Wall Street Journal refuses to report this story. Several Impacts from Microsoft's Financial Pyramid Scheme Include the Following: 1) Government Will Be Defunded. Beginning next year, education, defense and other key programs will have to fight over a sudden and sharp drop in tax receipts. Corporate tax receipts are already down 6 percent while individual receipts are up 6 percent. Since these bogus deductions are able to be carried over and offset against future quarters' earnings, this difference will accelerate in the future and leave various government agencies fighting for a smaller pool of resources. This was forecast in the study. Also to consider are massive AMT tax credits that individuals who paid tax upon exercising options will be carrying forward into next year and offsetting ordinary income tax. Analyzing this situation should be a top priority for both the Federal Reserve and Treasury given the upcoming budget negotiations. There is a unique irony that Bill Gates recently dedicated $1.5 billion to minority student scholarships and at the same time is leading a massive fraud that will effectively defund public education in many states. 2) The Retirement System Is Being Plundered. Most new investment in Microsoft is coming from the 401K, 403B and public pension participants through large funds such as Fidelity, State Street, Barclays and Janus. These fund families will make their fees whether the stock goes up or down and they are clearly not meeting their fiduciary responsibility to plan participants. Their consultants and advisors including Buck, Callan and William Mercer might do a risk assessment based upon the 404C fiduciary requirements. The Savings and Loan debacle took down not only many banks but also their consultants, accountants and law firms. 3) Business Owners Are Exposing Their Personal Assets By Not Paying Enough Attention To Their 401K. ERISA 404C has severe sanctions against employers who are not adequate stewards of their 401K plans, specifically those that do not meet the prudent fiduciary expectation. Such lawsuits are already beginning, the corporate veil is no protection and the law also allows for treble damages. Most CFO's put 401K plans on their "to do" list, check them off once set up and move on to the next thing. Many seem not to grasp that these are, for the most part, non-company assets. 4) The Dollar Is Being Devalued In Relation to the Yen. The Japanese have struggled for 10 years to recover from their own version of accounting fraud and they know that now is not the time to accommodate our monetary desires without first forcing us to face up to the corruption in our own markets. Simply put, Japan is becoming our own personal IMF and will devalue our currency until reforms are initiated. As noted before, what caused the Japanese banking crisis was not plunging real estate values nor bad monetary policy, but rather accounting fraud in which companies put phony assets on the books, in particular software research and development costs. These costs should have been charged to earnings. Loans were made off these bogus assets which helped bank stock values increase, leading to margin lending by consumers to buy the stock, often borrowing off real estate values to get the shares. When the loans could not be repaid and it was realized that there were no real assets backing them, the system collapsed. It was a startling public display of Alan Greenspan's need to brush up on accounting when he actually said in his Jackson Hole speech that corporate profits were understated due to not capitalizing software costs. Those of us familiar with this industry know software is subject to rapidly becoming obsolete with most products requiring constant upgrades to stay competitive. Due to this obvious need for the Federal Reserve to better understand key issues in determining share values, Parish & Company is recommending that the Federal Reserve Board be expanded by one non-voting member from the mutual fund industry. This recommendation includes nominating John Bogle, founder of the Vanguard family of mutual funds, to be considered for this role. 5) False Inflation is Emerging. This paper wealth, rooted in a bogus tax deduction that grossly overstates earnings, is driving Microsoft's stock price which in turn greatly expands the purchasing power for luxury goods and services. Most inflation is now in services and luxury goods and not reflected in the CPI. This is false inflation because it is a result of a scheme, not economic fundamentals. Given the capacity to increase supply due to more efficient production and heightened global competition, it is tough to raise prices. Only monopolies are indeed able to even keep prices at current levels. We therefore have a reality of low inflation competing with a pyramid scheme creating an illusion of inflation. This is not good for any of us, especially the investment industry. 6) The Integrity Of The Markets Is Being Destroyed. This is perhaps the greatest risk and again what led to the Great Depression in the 1930's. It is a fact that Roosevelt wanted to nationalize the accounting profession and make all auditors government employees due to a complete loss of confidence in the accounting profession. 7) The Fraud Is Accelerating. Microsoft reported earnings of $2.2 billion for the quarter ending 9/30/99 although they actually incurred a significant net loss. Company press releases imply that they took a tax deduction for stock option wages of between $2.5-4 billion and none of this amount was charged to earnings. Many investors believe that option wages are charged to earnings when the options are exercised, yet that is false. Employees pay ordinary income tax when the options are exercised, even if the stock is not sold, and the company does take a tax deduction, yet this amount is not charged to earnings. As previously discussed, stock option wages are indirectly considered in the earnings per share calculation due to more shares being outstanding but they are never charged to earnings. These are two completely separate things, that is, charges to earnings and the number of shares outstanding used to calculate earnings per share. In basic fractions we call this the difference between a numerator and denominator. 8) Microsoft auditor, Deloitte and Touche, issued a "clean" audit opinion. This appears to be a clear violation of the SAS auditing standards given that there was no mention in the opinion of several significant items, including the massive contingent liability for stock options. Deloitte has sadly identified itself as a key enabler of this scheme, which is remarkable given that they also function as the auditor for many large pension plans. Fidelity investments is now in the process of gaining approval for Deloitte to audit more plans and does also manage Microsoft's 401K plan. 9) Parish & Company formally requested that the Federal Reserve expand its scope to include more focus on mutual funds and add John Bogle, retired founder of the Vanguard family of funds, as a non-voting member. Mutual funds are to the Federal Reserve what the Internet has been to communications and it is time the Federal Reserve respond. Fidelity Investments alone is now managing more than $600 billion that is completely outside the traditional banking system. This is particularly important given the speed of change in the financial markets. The Federal Reserve needs to be more responsive to breakdowns in the overall system as clearly evidenced by this massive fraud and corruption occurring at Microsoft. Bogle was chosen for his deep knowledge of the mutual fund system and his integrity. A close review of the backgrounds of the federal reserve economists and staff clearly indicate the need for this type of outside influence. More than 75 percent of the Federal Reserve's technical staff appear to come from no more than five universities. 10) Significant one day stock value declines at major corporations that pay more in cash wages than stock options are accelerating. Examples in October include Hewlett Packard, Xerox and IBM. Even though Hewlett Packard is much more profitable than Microsoft, their stock will suffer unless they either join the fraud in an aggressive way or expose it. Let's hope they do the latter. Should we really reward such financial fraud at Microsoft by making its earnings look much better than others when it will result in significant job losses in companies that choose to pay real wages that are charged to earnings? Maintaining a strong stock value is key to competitiveness given the need to purchase outside technology with stock and forge key partnerships. If unable to keep up, these companies will lose market share and be forced to curtail benefits and ultimately lay off significant numbers of employees. These types of layoffs are now accelerating, further destabilizing the economy. Stock options are an excellent benefit yet like all benefits they have a real cost that should be charged to earnings to maintain the integrity of our free market system. 11) Microsoft organized a lobbying effort to defund the Department of Justice, using supposedly non-partisan groups like the Citizens for a Sound Economy. Imagine how difficult it would be for someone like myself, if a government employee, to discuss this situation. I would probably be transferred to a filing job at the North Pole. Strange, how similar to Jakarta we are becoming. Again, the issue is not about stock market valuation but rather corruption and financial fraud. An inside joke among many top Japanese businessmen is that the only place easier to buy influence than Jakarta is Washington, D.C. Now is the time to send a message of integrity and prove them wrong. 12) Conversions to cash balance pension plans are increasing. This is another pyramid impact. What IBM employees still don't seem to realize is that their lost pension benefits are resulting from fraud at Microsoft. Microsoft is pilfering these cash balance plans into its pyramid scheme by overstating its earnings, thereby drawing a larger percent of the index based investment on the S&P 500 and correspondingly making it more difficult for companies like IBM to compete. This forces these companies to cut back on real benefits in an effort to keep its earnings and stock price up. This was also clearly identified in the original study. The Department of Labor has begun reviewing the activities of actuaries with respect to these conversions. Is it not amazing that in many cases these same actuaries are advising public pensions whose assets are being plundered by this massive fraud at Microsoft. In the late 1980's pension raids were very popular and easy to implement. You basically hire an actuary to put forth a new set of assumptions indicating fewer assets are needed to meet pension obligations, and skim off the top. Cash balance plans are a sham and nothing more than a creative way to do what was outlawed in the 1980's. The Department of Labor should aggressively investigate this area. http://billparish.com/msftfraudfacts.html
Hmm, where do I start citing studies that show the negative effects of negative reinforcement (read: punishment). Maybe
Bonnie, R.J. (1985). The efficacy of law as a paternalistic instrument. Nebraska Symposium on Motivation, 29, 131-211.
Wilde, G.J.S. (1981). A critical view of countermeasure development and evaluation. In L. Goldberg, Alcohol, drugs and traffic safety. Stockholm: Almqvist and Wiksell, pp. 1145-1159.
In short, punishment generally causes people to be more anti-social, resentful, angry, vindictive, and prone to committing acts of sabotage. (Hundreds of years of increasingly punitive laws certainly haven't eliminated crime.)
Pillorying someone never stopped anyone else from doing the same thing (ever read The Scarlet Letter?); it only drove them deeper underground.
Now enough with this ridiculous "mild punishments don't work, so let's punish them more!" attitude. (That poison made me sick; I'm gonna eat more to see if it'll make me better!) In order to stop someone from behaving in a certain way, you have to stop the causes, not the symptoms. People in occupational safety and health have known about this one for years, and I'm not even going to get into the politics behind prisons...
I'm not a geek, I'm just a clever script.
Dont really see any reason it was 'censored', but anyway.
In terms of the script-kiddie charge people are making, it seems hard to tell from this article. They did say that he mistyped some commands, and received accounts from others, but they also said that the tool used to take over the boxes seemed to be written by him and contained his alias in the warning. I'd say he was a little bit of both, but then again what malicious hacker isnt?
Have his parents kick him out. That should do it. Nothing like food and shelter to provide motivation. It makes me get up every morning and go to work. I'd rather sit at home and warez and play games too...but that's life.
BRUSSELS, Belgium (AP) -- The European Union's head office said Monday Microsoft Corp. could face new fines for possible violations of European data protection laws. EU spokesman Jonathan Todd said the charges against Microsoft related to its free-of-charge .NET Passport service on the Internet, which is used for purchases, playing games and banking transactions. Todd said EU governments and consumer groups expressed concern about the service to the European Commission, which then passed them on to national regulators. He added that several EU governments had launched a probe into the service, and said each of the EU's 15 member nations could impose separate fines against Microsoft in this case. Microsoft already faces another, unrelated EU antitrust investigation into its product line, focussing primarily on Microsoft's Windows program. The EU said last August that it believed Microsoft was abusing its dominant position in desktop software to horn in on the market for servers, which link personal computers in networks. EU privacy rules have been in force since 1995 and oblige companies to ask for consent on using personal information and how it will be used. EU officials refused to say exactly what parts of the EU privacy rules Microsoft was violating nor would they comment on how large any fine could be if the U.S. software giant was found guilty. The commission's role in privacy investigations is limited unlike antitrust probes and can only advise member governments on how to interpret privacy rules. ``Only the national data protection regulators can go to the company and say we think you've been up to some monkey business,'' Todd said. The privacy investigation became public after a member of the European Parliament questioned EU Internal Market Commissioner Frits Bolkestein, who said he was looking into the concerns ``as a matter of priority.''
OK this has got to be the most confusing post ever made on /., and that's against some stiff competition:
- you dirty pinko fascist communist liberal.
Someone with a remarkably broad mind then!
(and yes, I know it's sarcasm.)
Ok, I spend a lot of time on IRC, and used to use efnet (before I got fed up with the people like this kiddie and left). I somewhat knew MafiaBoy's little 'l33t irc group', and learned his modivation for this particular attack.
Are you curious? Do you want to know WHY he did it? After all, maybe he had a good reason. Well, here it is:
Someone else in his 'l33t irc group' said "hey I bet you can't take down yahoo". There you are, folks, the modivations of a script kiddie. These people will do anything if their peers dare them to. Truely deserving of the title 'kiddie' which they've been given.
--
grep "xercist"
Mafiaboy was just script-kiddie s0ss. Anyone who uses the scripts and tools without understanding what the hell they are doing is lame.
I don't condone hacking, nor participate it but these people shouldn't be so ignorant as to icmp yourself and call yourself "l33t".
After all, many firewalls are designed by highschool students who don't show up to class with books/homework, who hate math, can't type ("agents watched him in real time as he attempted hacks and had to retype commands three, four, or five times before he got them right"), and download their tools from the Internet rather than programming them themselves.
This kid is a serious dimwit.
Okay, obviously this was big news but honestly not many people were exactly surprised where they? The tools that allowd this kid to pull this off had been identified already, the theory was pretty well established. Was knocking out Yahoo for 12 hours really a disruption of the "Internet Economy"?
The article was interesting, a good read. There was really any surpising information in there, punk toublemaker kid out to cause shit, surprise. THe fact that the author went to great length trying to paint this as some super mega massive disruption or something was very anoying. Yes this was an important event because of the new level of media attention but it was not an especially shocking event in a technical sense. Nobody was surprised it happened.
Read the FAQ dumbass. Its running on a server donated by the university.
Only the State obtains its revenue by coercion. - Murray Rothbard
Just so other people know... anyway, I disagree.
Having not read the article, and going from memory, Mafiaboy was sentenced to 8 months in juvy in Quebec. I think this is fair, he's getting an education, and punishment at the same time.
God save our Queen, and Heaven bless The Maple Leaf Forever!
From the article - "The judge also prohibited him from possessing any software not commercially available"
What ramifications might this have for OSS in Canada? How often is this broad of a judgement made?
Did he really throw his HDD in the lake? What a waste! Several times
/dev/random > /dev/hdb
/. comments to moderate.
cat
should be more than enough.
---
I'd love to take you out tonight, honey, but I've got some
It's not dangerous in Canadian law, it's atually quite popular with government.
The judge probably knows that Windows is brain dead, and hard to program, especially if one must buy the commercial developer tools.
No free stuff + no developer tools == no scripts for the kiddy to use.
I don't know how often this sort of judgement is made, but you can check CANLII (www.canlii.org).
Canada does make some stupid judgements, though. I do know of one case that is going to the Supreme Court of Canada soon, in which the convected murderer was convicted of either killing his wife, or paying somebody else to do it for him. That was the actual verdict returned in the Saskatchewan Court of Queen's Bench -- "We the jury find the defendant guilty of murder in the first degree, for either murdering his wife or hiring somebody to do it for him"
God save our Queen, and Heaven bless The Maple Leaf Forever!
The way that this 14 year old boy can cripple many different websites definitely shows that he is not a script kiddie. While im sure that he would use those programs from time to time, im sure he had some skills for computing. It sure is sad to hear such skills being squandered on illegal hacking.
Where the hell are these statistics coming from?
"The initial flood of data packets overwhelmed one of Yahoo!'s main routers at speeds higher than 1 gigabit per second, the equivalent of more than 3.5 million average e-mail messages every minute."
What's an average e-mail message?
1 gigabit = ~125 MB
When I archive (yes... outlook) my older emails I can barely fit a month on a CD... and I'm nowhere near 3.5 million emails. I guess this would make sense if a person never received any images or Pr0n.... err ya right.
"By the time it was over, the Yahoo! attack alone would involve enough data to fill 630 pickup trucks with paper."
Pickup trucks? What happened to dump trucks? I don't know about you but my step side pickup box is not a best way of expressing filesize.
Customer: So, how much can this new Zip disk hold?
Computer Store Guy: About 6 or 7 Miata trunks, but more like 5 if you have a boombox.
Why use demented, obscure layman terms that only serve to confuse the public and endorse automotive storage space as an acceptable means of descriping data storage capacity?
I'd continue, but I hear you can only post 3 gloveboxes at a time.
Every time there is a virus attack the press rushes to report that the culprit likely "will never be found". Yet quite often, they are found.
Anybody care to explain the discrepancy?
Maslow's Hierarchy of Needs. This is his theory of human growth based on needs being met. If you keep on with your theory, you may have your own triangle one day.
Ya Sure! You Betcha!, The_THOMAS
The RCMP officers mentionned in the article once busted a scammer operating from Canada; when they seized the computers and server, they brought them to the supplier to "fix them". Thing is, they swapped hard-disks, and the server hard-disk ended-up in a workstation. Needless to say, the tech was really surprised to see a server come up on that workstation...
So, it only shows that the RCMP are royal-class fumblers and it's a miracle that their evidence was able to stand-up in court... (Or the scammers' defense was totally inept - or the court stupid).
FBI GUY #1: BILL!! BILL WE GOT A PACKET!
FBI 2: A what?
FBI 1: It says a "packet", HAHAHAHA. We rule.
FBI 2: Open it!
FBI 1: Let's get wendy to open it. She's got some sort of packet diploma from the community college
FBI 2: HEY WENDY!
WENDY: What?
FBI 1: Is this an email?
WENDY: Uh, yeah. What the hell are you using for packet collection anyway?
FBI 2: THAT'S ALL PLEASE MRS. COMMUNITY COLLEGE
FBI 2: Yeah, I think the Yale Boys can take it from here.
FBI 1: It's an email!
FBI 2: What do you think it says?
FBI 1: Why aren't there any letters past F?
FBI 2: It's haxor speak!
FBI 1: I'm sleepy.
FBI 2: Have you got that Jargon book?
FBI 1: Yeah.
FBI 2: Do you think the RCMP get to name their own horses?
FBI 1: No.
Even if he hadn't bragged, there's little doubt in my mind that he would have been tracked down and punished, and rightly so.
According to what I've learned on TV about "1337 h4x0r5", this kid got caught because he didn't have roller blades and a backpack full of satellite equipment. Pretty simple. If you're going to be a good hacker, you better get some roller blades.
Skiers and Riders -- http://www.snowjournal.com
The FBI released a trace of Mafiaboy's hacking session... I've pasted it below
--
C:/> hack yahoo.com
Select hack type:
1) Denial of Service
2) Packet Trace
3) Steal Accounts
4) Get Root
Selection: 1
Enter Name: MafiaBoy
Proceed with hack #1 by MafiaBoy? [y/n]: Y
Hacking yahoo.com... please wait
...................FBI trace detected!
*abort*
C:\> cd 1337
C:\1337>
--
Thats pretty much all of the trace that the FBI released. I wasn't sure about the syntax of the hack command, but I guess this helps.
Skiers and Riders -- http://www.snowjournal.com
can you explain to me exactly how your car works? every part of it? no, but you use it, cause it's a tool. As long as you understand the input and output, there is no need to know exactly how it works to use it.
I just love the thought of FBI agents on IRC day-and-night monitoring channels. By all accounts there are probably dozens of FBI agents whose job consists of monitoring IRC and setting up channels to bait people. That job must make them go mad, for every legitimate hacker or pedophile there are thousands of horny teenage boys asking a/s/l over and over and over and over. Man...where do our tax dollars go.
Yup, a DoS attack with enough punch to take down Yahoo. Originating from ... erm ... a dialup line. Hmmmm, sounds plausible to me.
Ok, sarcasm over.
The kind of tools s'kiddies use are made to be installed on compromised systems with a lot of bandwith. However, they can be triggered with very little traffic from the cracker (often via IRC since then the s'kiddie only has to make one connection.)
They knew when he was surfing a web page because they could see the HTML tags? Although it was 'more difficult' they could tell if it was an e-mail? They thought game traffic might be a DoS?
ffs! Have they not heard of port numbers?
It would be the first thing I would check! Kinda narrows down the options doesn't it - knowing what kinda traffic you would expect it to be.
It sounds from the article like they were literally just watching just raw body data from the packets.
Perhaps they could do with a touch more expertise and some better tools? Then again, maybe it was due to misunderstanding and/or inaccuracy by the journalist - the writer doesn't sound like they quite know what they're talking about.
Julian
it bugs me when i see people such as the kid who went by 'mafiaboy' attacked so harshly. sure, he took down some of the most major sites on the internet...but he was 14. i think it's pretty impressive for someone that age to know nearly that much about computers. i doubt the majority of slashdotters know much about the things he did. it's so easy to join the bandwagon and trash this kid and 'those like him', but i wish people would stop referring to anyone that has 'hacked' or 'cracked' as a script kiddie. the term is thrown around way too much today. in a previous post i saw that someone referred to someone who traded warez/played games as a 'script kiddie'. how does that make them a script kiddie? my understanding of someone who's a script kiddie is that they use the (malicious) software made by someone else, but they've not the slightest how it works. why is it so easy to jump on him as being a 'kiddie'? is it because of his age? because he conducted denial of service attacks? i think that people forget to realize the skill and potential of someone who is capable of doing such things at the young age of 14. i think that this misinformed and ignorant media are the ones who cause such ideas to be spread, as well as the cluebies who buy into such garbage.
There is a very thin line between a "script kiddie" and a hacker. Don't most professional software development books preach reusing as opposed to reinventing? Didn't we get as far as we have today technology-wise, due to each generation being able to build on the accomplishments of the previous one?
...it's an ad, an excerpt from dan verton's book. I can't figure out if it's called the hacker diaries or confessions of teenage hackers. The mafiaboy chapter is one of the more interesting pieces, especially the wiretaps that revealed that his father was going to have someone "dealt with" to protect a big CDN$ deal he was working. The other really interesting stuff (in the book) is the kid who hacks for satan. hehehe.
It's all Hood
>Each day's capture was reconstructed using
>proprietary software developed by the FBI
god forbid that they used anything publicly available, It's not my tax $$ (UK resident) they are spending on developing their own code, but are they really gonna better the Free stuff? If so, why not release? Oh, yeah, cos secrecy is good, especially for security software
http://milkshake.dexy.org
How about resticting any story about raising children to people who actually are/have raising children.
I have seen many "They should do that" posts from people that are 13-17 years old. The whole idea is to try and gleam knowledge from your elders. [And here is the eternal problem- young people ALWAYS know better than every elder; regardless if the elder went through the exact same thing]
I know that both the eld and young both will ignore me, but I post this in the hope that maybe one, just one, person will actually think about the morality of the stories they convey to their children. Maybe stories of lore, where honor actually meant something? (For the young here, the word "honor" meant that what you said is what you would do, no matter what. If you said you would heal your mortal enemy, you would, and then send him home to his family.) Because "honor" is now second place to "winning".
And our world shudders.
Vote monkeys into Congress. They are cheaper and more trustworthy.
Ahh...that's good to hear.
I don't know how much weight the Canadian courts put on case law, but any time I hear of judgements that might concern OSS in the US I get a little edgy - there's very little precedent set for open source software here, and Microsoft is always lobbying to maintain their advantage.
Regardless of whether he was a script kiddie or he was somebody who totally understood what he was doing, like a guru, he should be punished.
Rules are rules. You break a rule, you break a rule.
Just a thought.
PayPal $$ if you sign up for free offers (eBay, cred cards, e
In addition, the hacking tool he had downloaded and used came with an explicit warning that it was illegal to use the tool against another computer network and that it was not designed to collect statistics or information that could be used to build a new firewall.
If a 12 years old says he can build a rocket, he can. If he uses wood, it will work. Maybe a DoS-tool doesn't look like a tool for grown-ups, but for a kid it might.
Oh. And what do you use to test a bullet-proof vest with? That isn't sold al 'bullet proof vest-testingdevice' either.
I believe him when he says he was 'only testing'.
Privacy is terrorism.
For those with short attention spans the article says:
- he was a script kiddie
- he started to get cocky with his new 1337 5k1llz
- he got busted
Cult of the Dead Cow he is not.
My money is on the article. The whole thing was more a lowbrow detective story than it was a technology piece. Note how the author explained how it was possible to tell html packets but email was harder. Huh? plain text email hard to sniff? OK. Seems like the detective had a better grip on things than the author, but really the whole set up was not too sophisticated. The RCMP just happened to overhear this scrpt kiddie in the IRC nest set up to spy on people.
We can hope the judgement was more sensible. In general, your rights end on conviction. In the US, felons are not alowed to own firearms or vote and can legally be kept from positions of trust and influence. The idea is that a felon has proved untrustworthy. Maphia boy may very well have been banned from owning or using computers at all. Then again, there would be some justice to forcing him to view the world though MS internet exploder and AOL for the rest of his life. No telnet, ftp or compilers for you, kiddie! Ha ha ha!
Friends don't help friends install M$ junk.
Well, you know that his bots were M$ boxes. Rember this highly informative areticle? Nothing else has as many or uniformly available exploits as the pool of M$ junk that litters the world. The article would have done better to point that out instead of refering to "computers", then smearing "non comercial" software by inserting it into the unquoted ruling.
Friends don't help friends install M$ junk.
who cares? Who gives a fuck? The only one who knows that for sure is Mafiaboy. Slashdot seems obsessed with who's got skills and who's got 'skilz'. Seeing as you're really not gonna know his skill level unless you meet him in person, it's all an exercise in futility. You shouldn't care about the skills of every loudmouth braggard on the internet, AND, if you do, then I pity you.
Move on with your lives, folks.
When you get to the bottom of all the media hype and bullshit you find one pathetic screwed up 14 year old kid. What a waste of time and man power. Rather than all the effort to 'get' this kid wouldn't it have been better to invest it in improving the basic infra structure of the internet so that simplistic DDOS attacks like this were simply no longer possible.
1f j00 r lE3T ENOU9h, CR4Ck mE: 127.0.0.1
"The judge also prohibited him from possessing any software not commercially available"... Poor kid, he was banned from using linux
The GNU is _NOT_ viral because no one ever forced you to read the source code to begin with. It was your choice to read another author's work, therefore you must respect his or her wishes.
Sunny Dubey
Agreed. The article says that the kid had obviously researched his targets rather thoroughly. This takes time, planning, understanding, and an extreme desire for attention.
He was a script kiddie, though. He took the scripts and apps of other people and used them for what he did. He did not seem to have a thorough understanding of the things he was doing, the article says he had to type commands several times before they'd work. I don't know about you, but even things I use casually are embedded in my fingertips, and having to retype a command isn't a very common occurence. Having to retype it 3-4 times is a non-occurence.
If the kid had been a real hacker (using the geek-culture definition of the word...) He would have taken that time and desire for recognition and learned new OSes thoroughly, written a program or ten, or taken up a more positive pursuit. Or at the very least, I believe that he would have been too afraid of doing what he did--because he'd know of the limitations he'd face in the future. Being shackled in the computer world would be far too painful a thing for someone who was really into it.
If you want to play in the Pros, you stay away from drugs. If you want to have your freedom on the internet, you stay away from illegal activities.
Or you become so damned good at covering your tracks that no one could ever find you.
-Sara
This is not quite true. The so-called smurf attack did lend substantial leverage, but nothing in the realm of thousand-fold leverage, never mind tens of thousands. For one, few people configured their networks this way (with >1k hosts on a single broadcast address) even before smurf attacks came into vogue. For another, empirically speaking, I can tell you that the best addresses that you could normally expect to find, even in its hay day, is in the realm of 500 or so, and many of these hosts would easily saturate their own upstream (e.g., T1) links, so you'd need a lot of other equally leveraged addresses to take advantage of it. In other words, it's unrealistic to say that a 56k modem or what have you could take down something like Yahoo using its own bandwidth to originate the attack. A T1 or T3 perhaps, but much more is just unrealistic.
I also assert that a smurf attack is not "easy" to trace. It's actually very time consuming and troublesome, especially if the person does something like launch an attack from a machine that is set up, cleaned of all evidence, and abandoned (permanently) and uses a diverse list of broadcasts so that each broadcast address is only used a couple times. Almost every person that has gotten in trouble for such attacks has been detected by their own upstream usage (i.e., highly aberrantbehavior that invites further investigation by their own provider or upstream provider(s)) and/or a result of bragging about their exploits, ala mafiaboy and company. That said, it is a stupid and highly unoriginal attack (but just because it's stupid and foolish doesn't mean it can't be used to great effect) Anyone that launches an attack from their OWN modem or similar traceable equipment is both especially stupid and doomed.
"We the jury find the defendant guilty of murder in the first degree, for either murdering his wife or hiring somebody to do it for him"
So he should have been let go because it was unclear which he did?
(sigh, it figures the people id like to talk to over email dont give their email out)
;-)
/my/ point is that you should be careful to not make such broad generalizations (i.e. stereotype).
I am a high school student myself. I designed my schools firewall (no joke), show up often to class with books (okay, so i suck at homework, but i get it in most of the time), love math, can type at 60wpm.
Though to be honest, im not the script kiddie type, im more of the sysadmin type. Which brings me to your last point, it doesnt make much sense to recode ipf
I guess
Patrick
A small point, but negative reinforcement is *not* the same thing as punishment. This is a very common misconception. Negative reinforcement is a concept relating to operant conditioning and learning theory.
Examples?
Positive reinforcement: If a mother gives her child candy for being good, this is positive reinforcement. By rewarding the child, she is reinforceing the child behaving well.
Negative reinforcement: Your car is filthy and it drives you crazy. You decide to clean it out, and it feels great to have a clean car. Cleaning the car removed the adversive stimulus, making you more likely to clean it next time. This mechanism is theorized to be involved in many forms of drug addiction. (Life is difficult, drugs remove anxiety, more likely to use drugs later.)
See the following pages for more details:
What is Negative Reinforcement
Negative Reinforcement, Escape, and Advoidance Learning
Having a front row seat to the whole ordeal, I can say that mafiaboy is only a small part of the overall story, which is far more interesting and would make for a much better book. I'd be glad to tell it in detail if someone offered a book deal.
The real people involved are probably too incapable of doing it themselves, so I figure it'd be better to write it myself and give them a cut of whatever I make.
Perhaps it's just the FBI's history, from it's weirdo patriarch J. Edgar Hoover, which bugged Martin Luther King's bedroom, launched COINTELPRO to investigate Americans it didn't like, had agents send *death threats* to Americans it didn't like, then after supposedly getting cleaned up in the 1980's paid a guy to try and seduce a nun working for CISPES, then mishandled Waco and Ruby Ridge and now is trying to cover up some 9/11 stuff. I have a very bad impression of the FBI, and I think they are more dangerous than useful. Their means are kind of strange - for left-wing type people there is massive surveillance, and for right-wing or religious type people there is little surveillance, but quite a body count.
Bearing all this in mind, I find it disturbing that their are FBI agents acting as ops all over IRC trying to catch people up to no good. I mean, any kid who DOS's people continually from their house is eventually going to be caught and locked up. Personally, I am less frightened by the random script kiddie who will wind up in juvey for DOS's, and more frightened by the extent of the FBI on IRC, Magic Lantern, the NSA, all these new PATRIOT act measures and so forth. I *DO NOT* trust the FBI.
First of all, this entire thing was over a channel (that I will not name) on efnet. The opers of a certain efnet server had enough of him and his DoS attacks and turned him in. The cops were handed this one on a silver platter. If the opers had not decided to take this action law enforcement probably would not have found him. The article states that they had collected less than 8 gigs of data in 43 days. This is just not that much data to go through. With snort and dsniff it could have been done in real time. Here's another choice quote: "If you know what to look for, you can learn a lot from the raw data packets. If it's HTML, or Web traffic, you can tell that. And although it's more difficult, you can also tell if it's e-mail." Please...
I'm actually kind of annoyed that the police (both RCMP and FBI) have taken so much credit here. I've spoken to a some law enforcement and there seems to be this impression that the mafiaboy case somehow shows that they are capable of working effectively on the Internet. This is simply not the case. Both agencies are too slow and incompetent with this medium to police it. I come by a fair amount of illegal things happening online. These are things that are damaging and degrading the quality of the whole network. I would like these things to stop, however I am not willing to deal with the RCMP or the FBI until they show that they are ready. As it stands now they are worse for the network than the criminals. The public is the eyes and ears of the police. There could be a million police online but without the cooperation of the general public (and most importantly the technical community that actually runs all of the devices that actually make up the Internet) their effectiveness is severely limited. Agents for the FBI/RCMP/DOJ/Whatever should be participting in forums like this. They should act as members of the Internet community in good standing. When that happens I will cooperate. Until then, I am under no obligation to help unless I am handed the appropriate paperwork signed by a judge. I'm sure *someone* from at least one of the agencies I have mentioned is online. Too bad they are too arrogant or scared of saying the wrong thing and getting fired to engage in open discussion with the very people they claim to protect.
...trying to do many things at once leads to mistakes.
This article screams that it was dumbed down for the masses. Nothing quite like some overly dramatic journalism.
"Mafiaboy preferred to dress in baggy pants, baggy jacket and Nike tennis shoes and he was often seen wearing a baseball cap in the backward punk style of many teenagers." Wow! Tell me more about it...
I kind of figured that they would sensationalize the whole situation, and place this immature little skript kiddie into the category of hackers. I hate it when anytime there's a computer attack reported the media likes to jump on the "they're all evil hackers!!" bandwagon, which gives people like me a bad name and reputation.
The only things I do are testing the security of my networks and firewalls to make sure they are secure, and that no unwanted people can gain access to my systems.
Something I would like to say to all the stupid kids out there who think they're 31337 h4><0r5 because they got their hands on dumb-ass script, but first I'll have to translate it to a language they can understand:
411 j00 3l337 h4><0r5 j00 5u><0r5!!!!!1111!!!!11!
...So the kid is getting off with just a year in juvie? Here's a slap on the wrist, boy. Do a better job at hiding your tracks next time. Though honestly, what are they going to do with this kid? Military school seems like a good place to start. Send him to one of those civilian boot camps. Who knows... Maybe some good did come out of this... Maybe he got an anal raping while serving time.
You need a FREE iPod Nano
This just in:
It has been personally confirmed by Taco and company that Mafiaboy is really the goatsex guy.
According to the law, Yes. Presumption of innocence, a founding principle of Canadian (and US) law. There was doubt as to whether he killed his wife. There was also doubt that he hired somebody to kill his wife.
He was either the principle or another party to the offence, but since we don't know which one, he can't be convicted.
See Regina v. Thatcher (Saskatchewan Court of Queen's Bench) It was a high profile case in the province involving a provincial politician.
God save our Queen, and Heaven bless The Maple Leaf Forever!
...as many as 75 computers around the world. The intruder had planted malicious software on these systems that had turned them into autonomous launching pads for denial-of-service attacks.
Only 75? I would think it would take much more than that.
----
All of whose base are belong to the what-now?
This is easy.
Mussolini used to be a journalist. He proved that you can directly contradict yourself in different articles and noone would ever notice. Well, not enough people to matter, anyway.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
wow. talk about futile causes...no one's going to defend the distinction between those who are attracted to children sexually (pedophile) and those who act on the attraction (child molester). definetly a moot point.
Yes, ShwaheelyAsian is a car-kiddy.
He described a Hugo: spit gas in cylinder, burp...
My bonified Chevy purrs like a sex kitten. In fact, my Chevy acts like a horny woman every time I start it. I lather the ignition key with lubricant, slip it up and down the key hole, insert the key slowly half-way, lather the key with some more lube, re-insert it all the way again, and turn the ignition for 0.5 seconds. The engine turns and it idles, waiting for me to push harder, harder, HARDER on the gas pedal. My Chevy loves humming. Whenever it is in neutral, I push the pedal harder to tease the engine and it purrs at me for more, more, more, YESSSS, OH YESSSS!!! I don't obey traffic laws, but when I have a full tank of gas, it is safer for me to hook on my seatbelt. I turn on the radio really loud and roll down my windows so everyone won't understand the noises that I and my car make in our ride of love. My Chevy is oh so hot on the beach. It loves the sea foam frothing on its hardened hubcaps and washing through its smooth American rubber rally wheels. She is such a hot ride, 1970 was a good hot year... I yell out the window as she switches gears each time
OH YES, COME ONE BABY,
OH COME ON YES HOT REALLY HOT
YOU LIKE IT, YOU LIKE IT,
OH YEAH, OH YEAH
EAT AT JOE'S
Those Chinese cars are just plain ol' sucky fish. You chinese scrape them off the bottom with your gill nets. And along with scum-sucking fish, you happen to hoist upon your deck a rare crappy car made in China. You stupid people.
I am the nightmare of nightmares.
the last few paragraphs seemed like repeats of earlier parts of the article too
Though it was possible for hackers to fool another computer into thinking a message came from an authorized IP address -- a tactic known as spoofing -- the FBI agents knew if they acted fast enough, they would eventually find a link that would lead them to the real culprit.
The article seems a little vague on this point. Why was it a question of time before the trace of Mafiaboy would have been lost?
The RCMP officers mentionned in the article once busted a scammer operating from Canada; when they seized the computers and server, they brought them to the supplier to "fix them". Thing is, they swapped hard-disks, and the server hard-disk ended-up in a workstation. Needless to say, the tech was really surprised to see a server come up on that workstation...
So, it only shows that the RCMP are royal-class fumblers and it's a miracle that their evidence was able to stand-up in court... (Or the scammers' defense was totally inept - or the court stupid).
im 14 and my family is just fine and although ive never really done anything malicious, ive played around with a few hacking tools and perused the source of a few virii. Then there are kids that come from dysfunctional families (well maybe not as screwed up as the article describe's mafiaboy's family) who come out great - even nicer than everyone else.
Conservative views like yours seem to be the exact subject of the satirical "Is your son a computer hacker" http://www.adequacy.org/?op=displaystory;sid=2001/ 12/2/42056/2147
It's got nothing to do with OSS. It's intended to ban him from things like exploit scripts and crack generators and the like. Banning him from sharp objects isn't an underhanded shot at Gilette, and banning him from non-commercial software isn't an underhanded shot at OSS.
Vintage computer games and RPG books available. Email me if you're interested.
The U. S. has a culture with more trust and honesty than many others. Until now I had guessed that it was a combination of luck and the culture being established mostly by people with a Christian religious background. If instead it was brought into being by effective law enforcement in the early 20th century, that holds out more hope for the countries that don't have a high-trust culture. China comes to mind.
I guess this only proves that Mafiaboy was a kid, and a newbie even further. For one, he is using DOS, an OS that I regard as useless and unusable, compared to BASH, or TCSH, or even the Bourne SHell in UNIX. Secondly, I doubt that hacking software has a feature to detect traces, as it would be very hard (impossible?) Thirdly, this hacking program is extremely simple, and does not look like what the article was describing. He used a DDoS attack, where many machines were used in a single operation, and the term 'hack' is used incorrectly. DoS is NOT a hack, it is a simple attack (known as phreaking, I think) that anyone, and I mean ANYONE with either good tools, or a good connection, can do.
Is this the guy who made news in quebec, canada, called Pierre-Guy Lavoie?