Slashdot Mirror
The Psychology of Virus Writers
securitas writes "BBC Technology reports on the psychology of virus writers and the work of security researcher Sarah Gordon, who has been studying this area for 20 years. ''The stereotype that virus writers are all young teenage boys with no social life, hiding in their basement is not accurate,' she said. In contrast, she said, most virus creators are typical for their age, are on good terms with friends and family and are often contributors to their local community.' The story is an interesting contrast to a previous BBC report about why people write viruses."
Do virus writers really go to virus conventions? I'd think you'd find people like Ms Gordon, undercover FBI, wannabe 133t teenagers, and maybe a couple former virus writers out of jail and trying to find admiration.
Do you even lift?
These aren't the 'roids you're looking for.
How about running a similar investigation on /. folk?
The owls are not what they seem
"The stereotype that virus writers are all young teenage boys with no social life, hiding in their basement is not accurate" It is quite normal for teenage boys with no social life(something they have no control over) to hide in their basement. I believe it was Linus Torvalds who said that we could alll breathe easier if all these poor people could just get some dates. (someone will probably redirect this to the NYT magazine interview)
10 Bits= $.25
100 Bits= $.50
110 Bits= $.75
1000 Bits= 1 byte
Because it's good business, when you're being paid by spammers to create huge networks of compliant computers.
The kids who learnt how to do this 5-10 years ago are now living off it. For the really good virus writers, it's become a career.
Ceci n'est pas une signature
"Mua ha ha."
The coolest voice ever.
Many of the people writing newer viruses (those that relate to spam) are of a different breed entirely. I personally believe the people responsible for modern Internet spamming worms are more malicious than teenage hackers would ever want to be. These menaces to society consider themselves businessmen. You wish we were dealing with teenage hackers. Read up on Internet spam and viruses, and see this less technical article along the same lines.
For your average email virus, slap on a SMTP engine, a searcher to grab email addresses, and a semi-interesting email so people will run the program, and bam, you're got yourself an email virus, preying upon people's stupidity.
/. lawyers and people who play one: virus writing is illegal, I know, but is writing a trojan illegal? And if it is, how do you define a trojan?
On the other hand, things that attack vulnerabilities such as buffer overruns, etc are harder because you actually have to do some research.
A question for
Stereotype is a word that seems thrown around an awful lot these days, and it's often used in a negative context. But aren't stereotypes a logical and efficient way of group things (in this case people)?
I'm not saying that every stereotype is right all the time, and some are downright wrong, and have been perpetuated, not out of a means of mentally sorting and grouping, but out of hate or fear.
Anyway, I'm gonna go hang out in the backyard of my white Protestant family's backyard and talk about golf while barbecuing.
Cloud City Digital: DVD Production at its cheapest/finest
I have never used antivirus program for the last 4 or 5 years and my computer has never be infected with a virus. Actually it is a mistery for me why people execute apparently infected file on their computers and then blame others for their stupidity.
I remember the times when viruses spread around with floppies. It got written into boot sector and loaded into memory when floppy was inserted into drive. Then antivirus programms were necessary. Nowadays, however, it is not a technical issue to write a virus but purely human engineering. Those virus writters have better understanding of average human psychology than I have and they know that average Joe will download untrusted file, or will run the attachment, regardless how suspicious it may look.
Why care about virus writers? They will always be arrond like those who draw grafiti on walls which is a nuisance but not something that any sane man would seriously believe to. Better educate people how to use their computers and whom to trust online.
It's true, I'm on the second floor not in the basement.
-Tim Louden
For corporations, all it takes is one guy with a laptop to get infected and bypass the firewalls. You might not be affected, but IT depts are.
Do you even lift?
These aren't the 'roids you're looking for.
If I had some mod points, you'd get Insightful easy.
(start rant)
Fact is, people, most users are idiots. People run attachments and expect geeks to fix it, all the time blaming someone else for their stupidity.. Seriously, you will not believe the number of times I have been called over by a computer illiterate person, asking whether the Windows prompt boxes on their screens are real (it's really the web page ads that masquerade as prompt boxes). I wish there was some kind of mandatory license to use the Internet; if you know what the hell you're doing, fine, you get to use the internet with no restrictions. But if you fail, a Special Ops Geek Force will invade your home, and lockdown your computers (e.g. firewall, popup blockers, antivirus, etc, that all work automatically). And maybe we can have some fun educating some chicks about computers.
Firstly, virus writers are people who find challenges in their work; they do it for fun or money; rarely if ever is there a hacker who was motivated to gain their knowledge from feelings of intense hate or greed. It takes a lot of time, talent, and work to learn to hack, and usually somewhere along the line you get a political and social education that, due to the inherently high intellegence you recive, learn to cherish and use.
Case in point, why hasn't the doomsday virus been released? Think blaster accept it turns your computer into a spam machine and deletes everything accept windows and the virus, for example. Any hacker with sufficient knowledge of how to do this also knows that we live 3 meals from anarchy; if the accounting and shipping systems of a major food chain go down because of your virus and can't be brought back up again, the food won't get delivered. What happens to the inner cities and suburbs? The farms? Other countries?
They know if they do this that they are indirectly fucking themselves, and many infact fear other hackers doing this. This is the reason for blaster; to show everyone how insecure the system is and all it takes is one person with sufficient knowledge to start ww3.
Additionally, hackers are extremly social beings. They all come from varied backround but almost all have 2 things in common; they faced conflict at a young age that they overcame, and that they overcame our school system dumbing down intact enough that they still have a love for learning and playing. They love to be social, infact, some 2600 meetings involve people bringing their boxen, and trying to hack eachother to kingdom com, this is the basis of social virus writing she is talking about although some groups may be more militant than others. Some hacker cons also feature this but wherever there's a major con, there is also feds and police but the smaller meetings are unpoliced and patrons (such as stores, becuase face it, they don't hold these at houses that often) usually welcome the groups as they bring buisness. The more friendly groups welcome newbies to learn so long as they don't come too often (even the best of us will go on a homicidal rampage if people ask questions too often, too repeditvly).
What bothers me is how she ends the article "There are much better ways to use your time online." which shows she knows nothing about the subject she's writing about. Do what else online? But crap? Play games? Watch pr0n and jack off, pirate music and movies, get angry about stuff help political movements? Join a irc group circle jerk where everyone else calls everyone else l33t?
Writing viruses is a crucial part of our society, if it weren't for these smaller groups we wouldn't know how insecure everything is and if we didn't know how insecure everything is, we wouldn't be trying to secure it. Take Independance Day (Yea, the movie with all those aliens and ships nuking us). Why did we win? Because the aliens had bad computer security, that's why. People call me nuts, but when it boils down to it, do you want to be safe from the pain or do you want to take the pain full on and if you survive it, will you then learn?
I also had a big problem with this part;
"I believe that with correctly designed curriculum, talking about ethics can really reduce these behaviours," she said, "they need to learn from the first time they use a computer what is appropriate and what is not." .
Oh, so it's wrong for me to figure out what's wrong with a computer and fix it, but it's right for microsoft to lie to millions of people and advertise their OS as secure then bribe judges to be nice to them? This bitch has no idea what she's talking about and BBC by publishing her bullshit has further done damage to the reputation of hackers everywhere.
Finally, to end this on a constructive note, If you want to have a good understanding of hackers and their nature, listen to radio freek america. They do all sorts of hacking on air th
Candy-Coated Knowledge
Please get over this. I know that there are "white hat" "hackers" out there who want the meaning of hacker to be something different, but you lost that battle a LONG time ago. Ask anyone on the street these days, and they'll tell you a hacker is someone who maliciously breaks into people's computers. You can't change that, just come up with a different name to call yourself or live with the reaction most people will have when you tell them you are a hacker.
Any hacker with sufficient knowledge of how to do this also knows that we live 3 meals from anarchy; if the accounting and shipping systems of a major food chain go down because of your virus and can't be brought back up again, the food won't get delivered. What happens to the inner cities and suburbs? The farms? Other countries?
Kid, critical shit isn't connected to the Internet. It's just not. Web servers don't count as mission critical. I don't think that anybody died because of "Blaster". Hackers are *not* that important.
They all come from varied backround but almost all have 2 things in common; they faced conflict at a young age that they overcame, and that they overcame our school system dumbing down intact enough that they still have a love for learning and playing.
Yeah, you're describing dorks in school that got beat up. Boo-fuckin'-hoo. If you read the article you'd realize that she said that this is NOT the stereotypical virus writer.
Writing viruses is a crucial part of our society, if it weren't for these smaller groups we wouldn't know how insecure everything is and if we didn't know how insecure everything is, we wouldn't be trying to secure it
Insecure from what? Oh yeah, script kiddies telling us how insecure our boxes are. It's a vicious cycle. Security wouldn't be a problem if not for these little spoiled shits with too much time on their hands.
Take Independance Day (Yea, the movie with all those aliens and ships nuking us). Why did we win? Because the aliens had bad computer security, that's why.
That was the most ridiculous movie I've ever seen. That doesn't prove anything. And yes, you are nuts. Fucking nuts if you think that the movie "Independence Day" proves anything.
Oh, so it's wrong for me to figure out what's wrong with a computer and fix it, but it's right for microsoft to lie to millions of people and advertise their OS as secure then bribe judges to be nice to them?
Last I checked, virus writers aren't fixing anything.
Kid, you're delusional. Get a job. Get a life. Get laid.
At the risk of responding to a -1 post...
Maybe it makes us feel good to educate these people, at the same time as we are installing a firewall for them and pointing them to lavasoftusa.com?
Every person posting on this site knows the difference, and for the most part, people that don't aren't likely to matter until you have explained it to them.
Doesn't it make sense to have an immediate reaction test like the word hacker to assess unknown people with?
I for one welcome our new "know the difference" underlords.
Do not meddle in the affairs of geeks for they are subtle and quick to anger
Anyway, I'm gonna go hang out in the backyard of my white Protestant family's backyard and talk about golf while barbecuing.
1) Your backyard has a backyard? Cool!
2) Golf while barbecuing? Do you have a grill hitched to the back of the golf cart? 'Cause that would be neat, but the greenskeeper might get mad. Oh, you meant ((talk about golf) while barbecuing), not (talk about (golf while barbecuing)). Gotcha.
Bet you thought these would be at least somewhat relevant questions about stereotypes. In the words of Dark Helmet: "Fooled you!"
I want to drag this out as long as possible. Bring me my protractor.
Yeah, the usual fakery did show up, in your reply.
Ms. Gordon is not actually logical?
Hired for her looks?
Typical of the "culture of American women"?
One psychologist writes an article (intended for mass consumption, not an academic audience), and you forgo logic to assume all women are illogical.
Let me guess, women make their decisions based on emotions, you buy into the theory that PMS is behind most female crimes, etc.
At least TRY to be logical when attacking someone else for being illogical.
In terms of the actual article, keep her audience in mind. She has a purpose in writing what she did. This was not purely scientific, but a rhetorical performance, with a particular audience: the general public. She therefore catered her use of language (and how much depth she went into regarding her methods and results) to such an audience.
Had this been written for an academic journal of some repute, you'd be reading something very different.
I emailed Sarah godron for a article she wrote entitled Don't let your kids grow up to be hackers. I directed her to numurous url's with that more then explain the difference between a hacker a cracker and a virus wrtie. She basicly told me it was some one else's article. And the media twisted the articles word around. Then she also told me that consumers do not know the difference so they make the article as scary and apealing to the idiotic mind as they can.
/crackers and such, Every single one of them told me They did not write the original article it was the works of some one else basicly just using there name. And every single one of them also told me It's what the people want to here.
But my main point is here, Every single reporter that I have emailed about making false claims about hackers
So don't take these articles for what they are the media twists them and re writes them all to make them apear sexier, And non of the so claimed authors are truely the real author.