Slashdot Mirror
SCO Offers $250K Bounty for MyDoom Author's Arrest
Performer Guy writes "This SCO press release indicates that they are offering a $250,000 reward for information leading to the arrest & conviction of the MyDoom DDoS worm authors. Let's hope they catch them. Not merely because MyDoom is one of the most mindless attacks on our internet infrastructure in memory, but also when they pay up it'll be less cash for SCO's litigation engine."
Thanks to Tin Foil Hat and prostoalex for pointing out links at ComputerWorld and CNET, too. Related to this: stealth.c writes "Bruce Perens has written a letter to the Open Source community, discouraging us from cheering on the MyDOOM virus, as it would falsely implicate the FOSS communities and almost certainly cause the success of the virus writer's mission of discrediting these movements. This letter is also posted on NewsForge and on Groklaw." Unfortunately, with columns like this one blaming the worm on "some ticked-off Linux fan", it needs to be said.
Plus, also the likelyhood that whoever did this will be publicly revered and hated (not liked) by the Open Source community, and blacklisted from getting a programming job anywhere else in the world, most likely for life?
Also, there's the chance of being treated like Mitnick, and charged as a "terrorist." All for the sum of just under $32,000 a year.
No thanks. If I were the worm writer, I'd hope to God that the virus can't be traced back to me. Either that, or I'd move to Iran or North Korea.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
SCO brought it on themselves, they behaved immature and childish and now they're getting an immature and childish retaliation. Someone needs to take both SCO and the virus author out of the playground and give them a good spanking.
---
DRM is like antifreeze, to the MPAA/RIAA it's sweet, to the consumers it's poison.
And then you can go to jail for obstruction of justice. Paying people to not turn in evidance of a crime is a federal offence.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
... Yeah, right. I'm sure that's the first thing that will come into the person's mind when they get the $250k (which would turn out to be far less after taxes). Lets see, Viper or SCO defense fund? Tough choice!
When this first cropped up a number of people pointed out that the DDoS against SCO is probably just a red herring to hide the worm's real intent - to act as a backdoor into countless windows systems for the virus writer's real purpose. Given the last analysis I read on it, that purpose seems likely to be to leave Zombie Emil Gateways for spammers to use.
.
While it couldn't happen to a "nicer" company, it seems very likely this virus wasn't written by a "Pissed off Linux advocate" or even a "Rabid SCO hater." The DDoS is probably just incidental to the real payload, serving to deflect suspicion from the culprit.
Yet another Bottom Feeding spammer . .
Never attribute to malice what can as easily be the result of incompetence...
Shut the fuck up It's kind of obvious that this is a doing of a Linux user, so please stop writing your pointless letters, no one cares. Heed my advice, and once and for all Shut the fuck up
Seeing as Bruce is considered to be one of the leaders/spokesmen of the Free/Open Source Software Community, he has a responsibility to speak out on issues such as this. Since so many people, organizations, and companies pay heed to what he says, his silence would be considered tacit approval by some.
Additionally, this single worm has the potential to do more harm to the Free/Open Source Software Community than all of SCO's shenanigans combined. evereyone really needs to speak out against this.
They don't want to get DDoSed on the 1st, so they decide to give out a huge reward.
I bet they didn't think about the number of people (not just from Slashdot, but everywhere) that were going to DDoS them just by reading their press release...
Yet another showing of intelligence from SCO.
Jeremy Baumgartner
Which is what makes this press release so...so...strange. We all know that the FBI goes ballistic over this kind of thing. And unless the worm author was incredibly careful, he's probably got federal agents tramping around his bedroom and emptying out his dresser drawers even as I write this.
So why then, is SCO so eager to hand over $250,000 for an informant? SCO's moaning about how much this worm has cost them, but, really, can we take that seriously? I could see if this worm targeted Dell or IBM, or, you know, some company that actually has customers visit their website. But who is SCO selling anything to anymore? It's just a litigation house. What do they care if their site drops down for a day or two? The FBI is likely to be hot on the worm author's heels, so why is SCO so eager to hand over 250 thousand smackers without any clear reason?
When you see spending decisions like this, it's a pretty good sign that a company is being run by bozos. You get the sense this press release was rushed out the door in an effort to capitalize on media attention. But was there any real reason why SCO needs the attention, or why it's in their best interest to part with so much money given that the culprit will likely be found anyway?
So here's my crystal ball prediction: the worm author will be found. But SCO won't pay up. This is all about publicity, and for some reason I don't foresee Darl rushing to sign a check.
I'm generally "Interesting," "Insightful," and even "Funny" here. What the hell happens to me at parties?
Bruce
Bruce Perens.
Bullshit. It's possible, but unlikely that someone pulled this stunt to defame the community. It's likely that this shit was pulled by some dickhead who thought it would be cool - you know, the kind of dickhead who has been cheering this virus on Slashdot?
This "open letter" is nothing but transparent propaganda - trying to paint the Open Source world as perfect, free of idiots, fighting against all the evil forces in the world. Newsflash - there are idiots everywhere. Deal with it, and keep the bullshit to a minimum.
Sure, most of us aren't going to cry for SCO when they get DOSed, given that they have repeatedly threatened many of our livelihoods with lawsuits against our employers, and attempts to destroy the community we've built and undermine the legitimacy of the licenses we choose as individuals to use for our software. But most of us realize that the damage these DOS attacks do to the infrastructure and reliability of the Internet is more potentially damaging to our careers and livelihood in the long term than any childish glee you could get from watching a crappy company's website go down.
And I think it's pretty obvious that the SCO DDOS is probably just a cover for using compromised hosts as spam zombies.
So I guess the business model in all four situations looks like this:
- Do something awful.
- Claim you're looking for those responsible.
- Profit.
There's not even a "???" in there. Wow.*sigh*
Check out my sci-fi/humor trilogy at PatriotsBooks.
So how is it that SCO is supposedly already feeling the effects of the DDoS from the virus?
I thought this one was made by modifying an existing virus. The backdoor was already there, why go through the extra work to take it out, even if you are not going to use it?
My guess is that spammers did it. First, the virus sets up a backdoor, which would be very useful to spammers but contributes nothing to an attack on SCO. Second, the virus is a variant of previous viruses used to set up open relays. And third, spammers have the only clear motive - to put it in as a red herring. SCO, and most Linux fans, don't have the skill to do it. Most Linux fans would realize how stupid it would be. Spammers would have heard of the SCO v. IBM battle, but are not personally invested in it, and would think nothing of adding the DDoS payload out of curiosity.
Litigious bastards
Are you sure the virus is just meant to hurt SCO? Note that like previous variations of this virus, it installs a back door (specifically the ability to execute supplied code and port forwarding). This same functionality has been used by spammers in the past (and indeed, the DoS portions of previous versions have targeted anti-spam sites).
As the saying goes, "you must be new here." The Linux fanbase is not alone in its share of zealots and childish behavior.
Who said anything about MS? Bruce's comments mentioned SCO. And spammers. That's it.
Google for "gobbles". There are plenty of folks who would love to take a swipe at Open Source (or specific groups under that banner). And why not. They're just as tempting a target as anything else that gains notoriety. After all, what would an individual gain from attacking... say... Microsoft?
You're on the money on that last bit. This will hand SCO more ammo to fling at the OSS community. And SCO will undoubtedly do their best to get it in the press and in front of Congress (which in turn is fodder for the unlikely possibility that this is SCO's own doing - they'll skuttle their own company for a buck, why not their own site?).
So what if this is not the work of a ticked off kid? Who would do this?
Again - this is a variant of previous malware. It is possible that someone got mad and just did the basic changes needed to vent their frustration. Or it could be from the same source as other recent attacks. And that source is undoubtedly some part of the spammer "industry" / community.
So why attack SCO? Bruce touched on one possibility - discredit a community that's been working hard to make spammers' operations difficult to maintain. Others have suggested it is an attempt to distract people from the virus' real intention - providing another fleet of zombie proxy machines. I've toyed with the idea that attacking SCO may appeal to the very ones who are usually cleaning up malware and the virus author hopes that these individuals would just let this one slip by.
In short, there are plenty of possibilities. And while the lone malcontent is still a very valid one, it is by no means the only likely candidate.
You are an ass.
The bulk of the expense of dealing with this trojan will not be taken up by SCO. No, it will be taken up by the thousands and thousands of companies whose IT departments now have to deal with it.
This is like cheering the destruction of the two towers because you don't like things that are rectangle-shaped.