Slashdot Mirror
The Psychology of Virus Writers
securitas writes "BBC Technology reports on the psychology of virus writers and the work of security researcher Sarah Gordon, who has been studying this area for 20 years. ''The stereotype that virus writers are all young teenage boys with no social life, hiding in their basement is not accurate,' she said. In contrast, she said, most virus creators are typical for their age, are on good terms with friends and family and are often contributors to their local community.' The story is an interesting contrast to a previous BBC report about why people write viruses."
Do virus writers really go to virus conventions? I'd think you'd find people like Ms Gordon, undercover FBI, wannabe 133t teenagers, and maybe a couple former virus writers out of jail and trying to find admiration.
Do you even lift?
These aren't the 'roids you're looking for.
"The stereotype that virus writers are all young teenage boys with no social life, hiding in their basement is not accurate" It is quite normal for teenage boys with no social life(something they have no control over) to hide in their basement. I believe it was Linus Torvalds who said that we could alll breathe easier if all these poor people could just get some dates. (someone will probably redirect this to the NYT magazine interview)
10 Bits= $.25
100 Bits= $.50
110 Bits= $.75
1000 Bits= 1 byte
For your average email virus, slap on a SMTP engine, a searcher to grab email addresses, and a semi-interesting email so people will run the program, and bam, you're got yourself an email virus, preying upon people's stupidity.
/. lawyers and people who play one: virus writing is illegal, I know, but is writing a trojan illegal? And if it is, how do you define a trojan?
On the other hand, things that attack vulnerabilities such as buffer overruns, etc are harder because you actually have to do some research.
A question for
Stereotype is a word that seems thrown around an awful lot these days, and it's often used in a negative context. But aren't stereotypes a logical and efficient way of group things (in this case people)?
I'm not saying that every stereotype is right all the time, and some are downright wrong, and have been perpetuated, not out of a means of mentally sorting and grouping, but out of hate or fear.
Anyway, I'm gonna go hang out in the backyard of my white Protestant family's backyard and talk about golf while barbecuing.
Cloud City Digital: DVD Production at its cheapest/finest
Not to push your idea too far, but perhaps virus writing and slashdotting are somewhat related.
No, I'm not trolling...
Virus writers get a lot of attention and feedback regarding their work. They usually believe they are exposing some weakness or highlighting some security risk. They see their actions on the news and the internet.
Slashdot posting gives some similar stimuli. By posting an excellent message, the author receives moderation and more people start discussing the idea. Likewise, most slashdotters are posting to expose an idea or highlight something they think somebody else might appreciate.
Both activities give certain rewards. Just like trolling is a cheap (immoral?) way of getting good slashdot stimuli such as responses and emotion... virus writing is a cheap (immoral?) way of getting "rewarded" for programming.
I think the worship of Rand (Atlas Shrugged) is stupid... however, it serve to remind us that people do certain things for rewards--slashdot or virus writing included.
Davak
The artical was really nothing special except what one person thinks of people shes met, but you cant say with a straight face that a disastorous virus such as MSBlaster, code red or nimda, wasnt written to cause the problems they did.
"I use a Mac because I'm just better than you are."
Please get over this. I know that there are "white hat" "hackers" out there who want the meaning of hacker to be something different, but you lost that battle a LONG time ago. Ask anyone on the street these days, and they'll tell you a hacker is someone who maliciously breaks into people's computers. You can't change that, just come up with a different name to call yourself or live with the reaction most people will have when you tell them you are a hacker.
I would think today's virus writer would be described as a corporate employee who has read Sun Tzu, and is extremely ambitious at work. As such, the virus writer would wear a suit to work when that is what gets him the most money, or would wear Eddie Bauer when that is the outfit getting the most money.
I suspect the modern corporate virus writer would be the employee who spends the majority of time playing company politics, as opposed to the Dilbert type engineer that loathes politics.
I suspect that most virus writers work for fortune 500 companies, and work on viruses for stated business goals like selling virus protection software, or embarrassing their political enemies.
I suspect that most virus writers are on the management track...not on the technology track. They are the ones hoping to become Dilbert's pointy haired bosses.
My experience so far has been that the true technophiles are the ones least likely to want to write a virus or hack other's computers. The people more prone to writing viruses are those who are looking for insider information and lookign to play political games at work.
She didn't talk about MS lying about the security of their products. I think this is annother example of why we need ethics in the highschool curriculum. Corporate leaders and marketing droids have no qualms about deception, just as some claim to have no qualms about breaking other peoples' property to show them that security is bad.
One example I saw yesterday was a TV ad for a laser lever where the demonstrators wore no safety glasses while working with it at head level, then at the end saying there were glasses to help you see the line better in bright conditions!!!
If you find a vulnerability or danger in any product, please, report it both to the vendor, and to the appropriate public channels (ie a security mailing list) there is no need to break other peoples' property.
She is writing about computer issues without knowing the difference between a hacker and a cracker. Tell me again why I should consider this persons opinion as even vaguely in touch with the real situation if she can't do some basic research?
An infinite number of monkeys will eventually come up with the complete works of
Any hacker with sufficient knowledge of how to do this also knows that we live 3 meals from anarchy; if the accounting and shipping systems of a major food chain go down because of your virus and can't be brought back up again, the food won't get delivered. What happens to the inner cities and suburbs? The farms? Other countries?
Kid, critical shit isn't connected to the Internet. It's just not. Web servers don't count as mission critical. I don't think that anybody died because of "Blaster". Hackers are *not* that important.
They all come from varied backround but almost all have 2 things in common; they faced conflict at a young age that they overcame, and that they overcame our school system dumbing down intact enough that they still have a love for learning and playing.
Yeah, you're describing dorks in school that got beat up. Boo-fuckin'-hoo. If you read the article you'd realize that she said that this is NOT the stereotypical virus writer.
Writing viruses is a crucial part of our society, if it weren't for these smaller groups we wouldn't know how insecure everything is and if we didn't know how insecure everything is, we wouldn't be trying to secure it
Insecure from what? Oh yeah, script kiddies telling us how insecure our boxes are. It's a vicious cycle. Security wouldn't be a problem if not for these little spoiled shits with too much time on their hands.
Take Independance Day (Yea, the movie with all those aliens and ships nuking us). Why did we win? Because the aliens had bad computer security, that's why.
That was the most ridiculous movie I've ever seen. That doesn't prove anything. And yes, you are nuts. Fucking nuts if you think that the movie "Independence Day" proves anything.
Oh, so it's wrong for me to figure out what's wrong with a computer and fix it, but it's right for microsoft to lie to millions of people and advertise their OS as secure then bribe judges to be nice to them?
Last I checked, virus writers aren't fixing anything.
Kid, you're delusional. Get a job. Get a life. Get laid.
At the risk of responding to a -1 post...
Maybe it makes us feel good to educate these people, at the same time as we are installing a firewall for them and pointing them to lavasoftusa.com?
Every person posting on this site knows the difference, and for the most part, people that don't aren't likely to matter until you have explained it to them.
Doesn't it make sense to have an immediate reaction test like the word hacker to assess unknown people with?
I for one welcome our new "know the difference" underlords.
Do not meddle in the affairs of geeks for they are subtle and quick to anger
You fail it!
Most of the "Ethics" in organized religion is rule utilitarianism. Most religions do not discus why something is the right thing, or the wrong thing to do. They just say (The Lord, or YHVH, or Allah, or the Bobdivista etc) say do (or dont do) this (eat pork or eat beef or eat any animal or cover your head or cut your hair etc). A secular ethics course teaches students how to decide on their own if something is ethical. If the students decide that the contents of their holy book is to be a heavy factor in their decisions, it is their choice. There is a great deal though that is not discussed in many religions (like hacking or stem-cell research) because the issues were not forseen when the religion was formed.
Ahem. I believe you are referring to *WHITE COLLAR* criminals.
Last time I checked, most *criminal* convicts in the joint have a history of violent behavior, difficulty with anger management, and difficulty expressing strong emotions in a constructive fashion. Don't believe me? Check the type of crowd inhabiting your local county jail.
White-collar criminals, OTOH, often fit the above pattern you describe: these individuals typically have no problem being nice to the people they *know*. They also usually don't get caught, and when they do, sentencing is often light/lenient because of their reputation in the community, unless the crime is so heinous that it trumps their goodwill (example would be serial killers, pedophiles, and modern day robber-barons, like Kennuth Lay).
White collar criminals have a very wierd/multi-faceted sense of ethics/values. When their behavior applies to those outiside of what they care about (friends/family/community/kiwanis club, whatever) they're just as guilty as any other CRIMINAL out there: they just want their goods/serivices/cash and/or fame, and if other people get hurt in the process, they often have a perplexing (or just plain stupid/greedy) excuse to justify it.
uR iGn0ranc3, Their Power
Read about Scott Atran's Paper on the psychology of suicide bombers.
Unless we take the time to understand and remove preconceived moral notions we put ourselves at a disadvantage vis a vis solving the problem by fixing the underlaying issues
Help fight continental drift.
In her experience many malicious hackers have a borderline criminal view of the world and do not share mainstream ethical norms.
That's what I'd expect someone from Symantic to say. Because Symantic makes it's money protecting and promoting Microsoft junk, this lady is far from impartial. Good virus writers may be hackers, but blaming hackers for viruses is like blaming people for murder.
Her view of script kiddies is also simplistic and patronizing. I'd wager that most script kiddies' outside the "mainstream ethical" norm's thought process has more coherence and depth to it than her blather.
While I don't write viruses and I don't think they are a reasonable form of protest - the moral standpoint is correct. Microsoft is an evil company that produces and forces shoddy, invasive software on the world. They have screwed their business partners, employees, shareholders and customers. Their vision of computing makes TIAA look small and well behaved. Virus writers realize thses things and point them out to people . They exploit holes in Microsoft software to mail out personal information, drive people nuts with adverts and do other things that Microsoft does themselves. They seek to make the public aware of these practices and flaws and have to shout out and make the user notice. They, as most of us here, believe that the world would be better off without Microsoft. People are better off with free software that protects their privacy and control of their machine than they are with Microsoft. Virus writers are pointing out the flaws directly. In deed, these people go out of their way to do it and have no prospect of rewared other than a job well done. Criminal? Perhaps, but so is Microsoft, the convicted anti-trust and IP violator. Condeming the virus writer as criminal and unethical shows a poor understanding of the class.
Friends don't help friends install M$ junk.
Yeah, the usual fakery did show up, in your reply.
Ms. Gordon is not actually logical?
Hired for her looks?
Typical of the "culture of American women"?
One psychologist writes an article (intended for mass consumption, not an academic audience), and you forgo logic to assume all women are illogical.
Let me guess, women make their decisions based on emotions, you buy into the theory that PMS is behind most female crimes, etc.
At least TRY to be logical when attacking someone else for being illogical.
In terms of the actual article, keep her audience in mind. She has a purpose in writing what she did. This was not purely scientific, but a rhetorical performance, with a particular audience: the general public. She therefore catered her use of language (and how much depth she went into regarding her methods and results) to such an audience.
Had this been written for an academic journal of some repute, you'd be reading something very different.
I emailed Sarah godron for a article she wrote entitled Don't let your kids grow up to be hackers. I directed her to numurous url's with that more then explain the difference between a hacker a cracker and a virus wrtie. She basicly told me it was some one else's article. And the media twisted the articles word around. Then she also told me that consumers do not know the difference so they make the article as scary and apealing to the idiotic mind as they can.
/crackers and such, Every single one of them told me They did not write the original article it was the works of some one else basicly just using there name. And every single one of them also told me It's what the people want to here.
But my main point is here, Every single reporter that I have emailed about making false claims about hackers
So don't take these articles for what they are the media twists them and re writes them all to make them apear sexier, And non of the so claimed authors are truely the real author.
She is probably a psycologist by trainning.
So she may know for what she speaks in a general sense.
BUT... why hire her?
Quite simple even from the early days of anti-virus companys a certan amount of hype was needed to keep in business.
Macafie's early virus infection stats were so inflated some in the field were very scepitcal.
Unix experts were quick to point out that ANY secure operating system would resist virus infection and blamed viruses on Dos having primitive multitasking with out the precaution of security to prevent abuse.
It is possable some Mac users may have repeated this sentiment before the Macintosh had multitasking support of it's own is so it was incommen enough that I never heard of it. But with presure from the compeating Windows GUI the Mac added multitasking and not much later the first Mac virus was born.
Soon after antivirus companys leapped to clame this disproved the Mac clame that viruses were a Dos phonominon and that this proves that ALL systems may be infected.
However the long winded Unix rant on the subject did predict that other operating systems will fall to the same fate IF they folow Microsofts example. Apple did.
In short anti-virus companys used FUD to counter the clame that good os design would thwart viruses.
Years later....
A very dumb design flaw in an obscure Linux graphics libary encuraged users to disable the security of Linux to play games.
Repeating the Unix clame.. "Any SECURE operating system" Not any Unix.. not any good.. The key word is SECURE. With this bug Linux users were disabling the security of Linux just to play games.
A short time later a virus is born.
What happened here is simple. Like MacOs Linux folowed Microsofts example. Only this time Linux removed a feature instead of adding one but it's all to the same results.
Once the virus was discovered it took no time for the PR machine of anti-virus companys to jump on the bandwagon. They declaired the "No Unix virus myth" to be dead and prommised a line of anti-virus software for Linux to be available shortly.
Linux users no matter how stupid do learn. There were no more reports of infection and no anti-virus software was made avaiable.
Both cases prove the original Unix rant yet anti-virus companys chouse to see it diffrently.
Every so often anti-virus companys put out new press releaces clamming a "New Linux virus" when all that has been created was an opinion paper that can be summerised "I think Linux viruses are possable" usually assuming Linux is a Windows 95 clone.
However I think we've seen the last of those articals as sombody pointed out that viruses are obsolete and worms are the future. He has a point.
This makes the virus companys jobs even harder as Microsoft has started taking the issue reasonably sereously.
(They've taken it sereously back when Windows 95 was created. Sereously in the fact that they needed to con the public into believing Windows wasn't a security risk but not enough to actually make 95 not a security risk)
While viruses work fine on a typical insecure system with no actual defects to exploit worms can't infect with out a defect.
But worms spread faster and by the time antivirus software can do anything your already infected.
All antivirus companys can do is provide disinfection software however (ahem HINT HINT) open source software could easly do the same job.
Also worms need to attack a server with a defect so the flaw is not found in Windows itself but an application in most cases one included in the Windows install CD.
If the typical user would remove applications they were NOT using and install updates and keep an eye on the services they were using there wouldn't be an issue.
But as the typical Windows user dosn't do any of that worms are going to have plenty of opratunitys to attack and there isn't a single thing Microsoft can do about it.
Many users eather don't know or don't care. Those that do
I don't actually exist.
The parent post is not well written, but it does answer the question posed by the grandparent post.
Basically, he says that virus software is closely related to fraud, or is fraud itself. His argument is that there are 4 kinds of users:
- Those who are technically knowledgeable and care about their systems.
On windows, I use the ZoneAlarm firewall to supplement my hardware firewall. I
keep my system updated. I know that a new virus won't be detected by
anti-virus software, because to detect a new virus, there must be a new virus
definition, and that won't be available in the first few days. I don't click
on spam attachments. I don't use Outlook Express.
- Those who are technically knowledgeable and don't care. A friend of mine
said, "Install anything you like on that test system, I restore from a backup
every week.
- Those who are not technically knowledgeable and don't care about their
systems. These people just reformat their hard drives and reload their one or
two programs whenever they have problems.
- Those who are not technically knowledgeable and care about their systems.
This group includes technically knowledgeable people who have users in their
family, for example, who are not technically knowledgeable.
Anti-virus software manufacturers sell only to this last group. The people in the last group don't realize that anti-virus software that runs when starting the computer slows a system. Running the software just after a virus definition update provides some protection without slowing the system. However, the best protection is updating the Windows system, running a firewall, and educating the users. That's because anti-virus software cannot detect a virus if it doesn't have a virus definition, so there is the possibility of being infected by a new virus, even if you are running anti-virus software continuously.So, the parent poster says, hiring someone who may or may not be a psychologist is a public relations move to try to convince the people in group 4 to buy anti-virus software. For that purpose, it doesn't matter if the psychologist actually knows anything, because the lack of knowledge would not be detected by the user.
My experience has been that even poor quality articles show some evidence of the depth of thought of the researcher. Going by that indication, the Symantec researcher knows nothing useful.
It is interesting to note that the grandparent post was modded up to 5 and then back down to 1.