Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wired To Publish Slammer Source Code

Posted by CowboyNeal on from the here-take-two-copies dept.

Juan Carlos writes "Wired Magazine is going to publish the source code to the SQL Slammer worm in its next issue, due Tuesday, along with some kind of play-by-play of the worm's rapid spread. I actually think this is a neat idea for an article. But the fact is, the disassembly of Slammer (aka Sapphire) has been available on the Net since late January -- just hours after the worm started to spread."

14 of 158 comments (clear)

  1. Good idea by powerline22 · · Score: 5, Interesting

    While the code has been available for a while on the internet, Wired is probably doing this to make an example of what Windows users are facing, and are probably going to explain as much as they can with the code.

    1. Re:Good idea by jj_johny · · Score: 4, Interesting

      More to the point, most of the press and incident reports talk about the infection from the single machine point of view and then jump up to the total numbers of infected machines without mapping out what happens in between the two. I hope they talk about percent of machines left vulnerable (idiots that have their SQL on the internet), how the jump from one host to another works, how effective the jump is... In other words, I would like to see the epidemiology of a computer virus.

  2. Re:But the fact is..? by Anonymous Coward · · Score: 1, Interesting

    Maybe Wired could do a better job of explaining it to their readers?

    Better than eeye? Nope, that analysis is probably what Wired has based their analysis on.

  3. in other news by lingqi · · Score: 3, Interesting
    Ashcroft wants a tougher Patriot Act .

    wonderful world, isn't it? How many years before we can't publish this kind of stuff on magzines?

    --

    My life in the land of the rising sun.

    1. Re:in other news by erikdotla · · Score: 1, Interesting

      Answer: 0

      I'll bet that the gub'ment comes down on Wired for doing this, even though we all know it's widely available source already. The gub'ment does not look at things so deep. They'll attack Wired for what they appear to be doing on the surface - disseminating hostile source - hell, they could be considered Terra-rists after this issue.

      --
      # Erik
  4. Re:Good publicity by evilviper · · Score: 2, Interesting

    I'm not too sure it was free... The article says it's already available, yet the editors posted it.

    Hmm, I can't help but wonder who's hand got greased.

    --
    Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
  5. hmmmm by Cackmobile · · Score: 2, Interesting

    Dunno about this. I am no uber-master programmer but I could get this working from the article probably. While it has been available on the net for a while most people don't know that. This brings it to a wider audience. But then again hopefully most sys admins will ahve fixed the hole.

    --
    -- Karma Karma Karma Karma, Karma Chameleon - Boy George
    1. Re:hmmmm by damiam · · Score: 2, Interesting

      The worm has already spread. The only thing you could do with the source is assemble it and infect yourself, creating just one more node spewing random junk everywhere.

      --
      It's hard to be religious when certain people are never incinerated by bolts of lightning.
  6. Re:unfortunatly... by Chatterton · · Score: 2, Interesting

    Some years ago 2 book have been on the shelves "naissance d'un virus" (born of a virus?) and "mutation d'un virus" (mutation of a virus?) with all the source codes with the complete polymophic mutation engine (TPE). All wannabe h4x0r can take from these book all is needed to write viruses. Did you see rampant virus propagation when they have been out? not me. And second point: From this source they can write worm who work like slammer and then detectable like slammer by antivirus...

  7. Re:Symantec isn't impartial here by Surak · · Score: 5, Interesting

    After all, a lot of viruses/worms can be avoided if users had sane computer habits, such as never opening executables from an email, but your average computer user doesn't know and Symantec doesn't want him/her to know.

    Nor are they likely ever to know, honestly. My aunt, whom I characterize as a typical computer user, ran Windows 95 on her box for a long time. One day she was cleaning out her hard drive (because she's insane about organization) and saw two folders named 'Windows' and 'Program Files' on her C: drive, decided she didn't need any folders called 'Windows' or 'Program Files' and proceeded to delete them both.

    Needless to say she called me and said <whine>"my computer doesn't work"</whine;> and when she explained what she did I had a very hard time keeping myself from ROFLMAOing. ;)

    Anyways, my point is that the average computer user is REALLY *that* dumb and that's the thing that's going to keep worms and viruses around for quite sometime to come, regardless of how well operating systems are built, regardless of what Symantec or McAfee do, etc.

    --
    My journal has hot /. gossip.
  8. Legal Issue? by nurb432 · · Score: 4, Interesting

    Isn't publishing things like this now considered illegal under the Patriot act ( and related laws )?

    The 'reverse-engineer' issue aside, ( from the DMCA ) this would be considered a product for cyber terrorism, and last I heard we cant discuss details on anything related to terrorism.. be it cyber or 'real' ( such as bomb making )

    Not that I agree that information or knowledge should be squelched just because the people in power don't approve, ( remember the 1st amendment still exists, for now ) but wired might be opening themselves up for a legal battle they CANT win..

    --
    ---- Booth was a patriot ----
  9. from the author by Paul+Boutin · · Score: 5, Interesting
    What Juan Carlos probably meant was: Why is it supposedly controversial to publish something that's already all over the Net? I wrote the story, and I would agree with him. Yes, I've explained how Slammer works in a way non-programmers can hopefully understand. Just as important, we have new data that show how fast it really spread. Is that going to turn teenagers into evil crackers, or is it going to get the kind of people who read Wired - executives, Congress, other journalists - to look at network security more seriously? We think the latter, and we also think it's just a good story that hasn't been told from this angle before.

    I plead guilty to the "wannabe" charge, though. Those who can, do. Those who can't, write magazine articles.

    --
    Paul Boutin | writer for Slate, Wired, etc
  10. Follow the money by mobileskimo · · Score: 5, Interesting

    Wired is obviously publishing this to sell magazines. That's what they do. Did you think they needed any other ulterior motive? The question is who is their audience?

    This benefits none of the hackers. Those that are savvy enough to make use of the code, have no need for the code being published in the magazine. They've already seen it, they may have even toyed with it, might have done so back in January. More than likely, they may read it at their magshop or borrow it from someone for amusement purposes. Perhaps they may purchase it. Certainly the creater of the worm will. Clipped and saved in some album.

    This benefits none of the lay technology folks, the larger band of their customers. They don't have enough background on assembly and how it works, and they haven't the tools. The motivation is there though. If they could get it to work, they could call their friends up and brag about how much a hacker s/he is.

    Completely lay person as someone pointed out will look at it like hieroglyphics. Raise an eyebrow and move on.

    Corporations in the industry. Here's a mixed bag. Raising awareness and de-mystifying can work in both ways. AV companies may benefit, they may not. Raising awareness may result in more sales of AV products by confirming in the public's eye that such things do exist, and with higher frequency, with more substantial impacts. It may lower the sales if the information is provided in a certain manner (for example, you don't run SQL, therefore you don't need AV for this).

    IMHO, I think it will increase business in the industry as a whole. That's what advertising is all about, isn't it? Raising awareness for products? I mean, how could you know you needed a spring-loaded-nose-picker, if you didn't see the commercial warning you about the possible dangers of snot-clog-respiratory syndrome?

    --
    "Last one in is a rotten goblin!" - Kepp
  11. Re:But the fact is..? by los+furtive · · Score: 2, Interesting

    Wired is a wannabe rag. ;)

    No, its readers are. But I think the real point is that Wired is doing something atypical and more akin to 2600: The Hacker Quarterly.

    --

    I'm a writer, a poet, a genius, I know it. I don't buy software, I grow it.