Slashdot Mirror
SCO Offers $250K Bounty for MyDoom Author's Arrest
Performer Guy writes "This SCO press release indicates that they are offering a $250,000 reward for information leading to the arrest & conviction of the MyDoom DDoS worm authors. Let's hope they catch them. Not merely because MyDoom is one of the most mindless attacks on our internet infrastructure in memory, but also when they pay up it'll be less cash for SCO's litigation engine."
Thanks to Tin Foil Hat and prostoalex for pointing out links at ComputerWorld and CNET, too. Related to this: stealth.c writes "Bruce Perens has written a letter to the Open Source community, discouraging us from cheering on the MyDOOM virus, as it would falsely implicate the FOSS communities and almost certainly cause the success of the virus writer's mission of discrediting these movements. This letter is also posted on NewsForge and on Groklaw." Unfortunately, with columns like this one blaming the worm on "some ticked-off Linux fan", it needs to be said.
It's that SCO thinks that MyDoom's source code is owned by them. :)
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
Come on, Darl, you HIRED someone to write it, didn't you? An open source Reichstag fire, right?
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
"Due to low cash flow at SCO, the reward will be paid upon successful judgements in the lawsuits against IBM, Redhat, Novell, et. al."
Someone needs to do the following:
1. Turn the culprit in.
2. Collect SCO's reward.
3. Give the money to the OSDL SCO defense fund.
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
...350 licenses to Linux.
Message to the Linux and Free Software Community Regarding the SCO Denial-of-Service Virus
Bruce Perens <bruce@perens.com> (U.S.) 510-526-1165
Version 2, January 27, 2004.
The master version of this notice is at http://perens.com/Articles/SCO/DOS/
Please check that location for a more recent version. You may re-publish this material. You may excerpt it, reformat it and translate it as necessary for your presentation. You may not edit it to deliberately misrepresent my opinion.
On January 26, 2004, a new virus became rampant. I have read reports that the virus payload has two purposes: to install a remote-execution back-end of a type commonly used by spammers to redistribute email, and to perform a denial-of-service attack on SCO's web site.
Denial-of-service attacks via virus have been a common trick of email spammers. They were first used to take out some of the anti-spam blacklist sites. Several of those sites had their (non-spam-related) business so heavily disrupted that they closed the doors of their anti-spam projects rather than be attacked again.
The Open Source developers are a target of spammers. We are the creators of most high-profile anti-spam technology. For example, SpamAssassin started out as, and remains today, an Open Source project. The predominant mail delivery programs of the Internet are Open Source projects such as Sendmail and Postfix, and thus most efforts to spam-proof those programs are Open Source as well. This is important, because it gives spammers a reason to defame us.
SCO also has a reason to defame us, as part of their stock-kiting scheme. We have assembled ample evidence that they have lied under oath in court. Such a company would not balk at attacking their own site in order to paint their opponents in a bad light.
Thus, it is likely that this virus has been assembled for the purpose of defaming the Linux developers by spammers, SCO, or others. Your behavior will influence whether or not it succeeds in this mission.
Thus, I urge all persons who have sympathy for Free Software, Open Source, and Linux:
Remember that your actions count. You are ambassadors of our community.
Bruce Perens.
Plus, also the likelyhood that whoever did this will be publicly revered and hated (not liked) by the Open Source community, and blacklisted from getting a programming job anywhere else in the world, most likely for life?
Also, there's the chance of being treated like Mitnick, and charged as a "terrorist." All for the sum of just under $32,000 a year.
No thanks. If I were the worm writer, I'd hope to God that the virus can't be traced back to me. Either that, or I'd move to Iran or North Korea.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
OT, but I just submitted the story below. Since this is an SCO thread, and -Taco probably isn't going to post 2 SCO stories in a row, here it is:
/. readers! The SCO "litigious bastards" linking campaign has succeeded! SCO is now the first link on a Google search for litigious bastards. (If you try a "I'm Feeling Lucky" search, it'll still go to SCO, but it looks like the SCO site is down.)
:-(, and mirror!
Thank you to all
Congratulations, everybody!
On a side note, simply searching for "bastards" brings up SCO). If Google happens to notice and block it (as in the past), a screenshot is here. Please be kind to my server
SCO Offers Reward for Arrest and Conviction of Mydoom Virus Author
LINDON, Utah, Jan 27, 2004 /PRNewswire-FirstCall via COMTEX/ -- The SCO Group, Inc. (Nasdaq: SCOX), the owner of the UNIX(R) operating system and a leading provider of UNIX-based solutions, today confirmed that it is experiencing a distributed Denial-of-Service (DDOS) attack. SCO announced that it is offering a reward of up to a total of $250,000 for information leading to the arrest and conviction of the individual or individuals responsible for creating the Mydoom virus.
(Logo: http://www.newscom.com/cgi-bin/prnh/19990421/SCOLO GO )
"During the past ten months SCO has been the target of several DDOS attacks," said Darl McBride, president and CEO, The SCO Group, Inc. "This one is different and much more troubling, since it harms not just our company, but also damages the systems and productivity of a large number of other companies and organizations around the world. The perpetrator of this virus is attacking SCO, but hurting many others at the same time. We do not know the origins or reasons for this attack, although we have our suspicions. This is criminal activity and it must be stopped. To this end, SCO is offering a total of $250,000 reward for information leading to the arrest and conviction of those responsible for this crime."
SCO is also working with U.S. law enforcement authorities including the U.S. Secret Service and Federal Bureau of Investigation (FBI) to determine the identity of the individual(s) involved. Anyone with this information may contact their local FBI office.
The Mydoom worm, also known as Novarg, is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip. When a user opens the attachment their computer becomes infected and uses their computer with the intention of connecting to the www.sco.com Web site on February 1, 2004. Network security firms including Network Associates and Symantec have already issued software updates to combat this particular worm.
About The SCO Group
The SCO Group, Inc. (Nasdaq: SCOX) helps millions of customers in more than 82 countries to grow their businesses with UNIX business solutions. Headquartered in Lindon, Utah, SCO has a worldwide network of more than 11,000 resellers and 4,000 developers. SCO Global Services provides reliable localized support and services to all partners and customers. For more information on SCO products and services visit http://www.sco.com .
SCO and the associated SCO logo are trademarks or registered trademarks of The SCO Group, Inc., in the U.S. and other countries. UNIX is a registered trademark of The Open Group in the United States and other countries. All other brand or product names are or may be trademarks of, and are used to identify products or services of, their respective owners.
SOURCE SCO Group
Blake Stowell of The SCO Group, +1-801-932-5703, bstowell@sco.com; or Payal Patel, or Avi Dines, both of Schwartz Communications, +1-781-684-0770, sco@schwartz-pr.com, for The SCO GroupCopyright (C) 2004 PR Newswire. All rights reserved.
News Provided by COMTEX
Robyn Peterson, robyn_peterson@ziffdavis.com, is probably pretty safe to ignore at this point.
From eWeek's (heh) "Online Jubilation About MyDoom's SCO Attack" article:Reactions on Slashdot, arguably the largest discussion board for technophiles, displayed a cathartic wave of pleasure, "Finally a worthwhile virus!" exclaims one poster. While another adds, "So, uh where can I download a copy?" (Robyn here included links to relevant /. comments)
While the person who gets paid to write this for a living (wtf?) ignores that the majority of the +4/5 comments that aren't rated "Funny" are
1) Reminding people that DDoSing is always stupid and silly2) Anticipating this kind of silly article
and 3) yelling at people who post unsupported theories about SCO.
But hold on, Robyn has more to say:
Another Slashdot poster goes as far as saying, "SCO has used past denial of service attacks as 'the dog ate my homework' type of excuses in court." It went on to suggest that "SCO's next court date is in early February, maybe they haven't done all their homework this time," implying that SCO itself released the worm. (Robyn will report next month on the inability of SCO to find evidence because IBM is being a big meanie.)
I know it's an advertising publication, but some people read eWeek and expect some of the things in it to be true. Rather than mention the tangible allegations against SCO with regards to insider trading, lying to stockholders, and inconsistent policies, Robyn reports what he's paid to. And that's fine - a half-truth is not quite libel - but it's kind of disturbing to read.
Bad Robyn Peterson, robyn_peterson@ziffdavis.com. Bad.
We recently had heard in the office over one of the Yellow Machine that's made by Anthology Solutions.
And then you can go to jail for obstruction of justice. Paying people to not turn in evidance of a crime is a federal offence.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
When this first cropped up a number of people pointed out that the DDoS against SCO is probably just a red herring to hide the worm's real intent - to act as a backdoor into countless windows systems for the virus writer's real purpose. Given the last analysis I read on it, that purpose seems likely to be to leave Zombie Emil Gateways for spammers to use.
.
While it couldn't happen to a "nicer" company, it seems very likely this virus wasn't written by a "Pissed off Linux advocate" or even a "Rabid SCO hater." The DDoS is probably just incidental to the real payload, serving to deflect suspicion from the culprit.
Yet another Bottom Feeding spammer . .
Never attribute to malice what can as easily be the result of incompetence...
cheer on attacks on the SCO site ... Our community believes in ... silencing our opponent's speech through net attacks. We will defeat SCO ... by gagging them.
No idea.
Shut the fuck up It's kind of obvious that this is a doing of a Linux user, so please stop writing your pointless letters, no one cares. Heed my advice, and once and for all Shut the fuck up
Seeing as Bruce is considered to be one of the leaders/spokesmen of the Free/Open Source Software Community, he has a responsibility to speak out on issues such as this. Since so many people, organizations, and companies pay heed to what he says, his silence would be considered tacit approval by some.
Additionally, this single worm has the potential to do more harm to the Free/Open Source Software Community than all of SCO's shenanigans combined. evereyone really needs to speak out against this.
They don't want to get DDoSed on the 1st, so they decide to give out a huge reward.
I bet they didn't think about the number of people (not just from Slashdot, but everywhere) that were going to DDoS them just by reading their press release...
Yet another showing of intelligence from SCO.
Jeremy Baumgartner
Website about Linux Stealing SCO Code, read the page very carefully, don't be too quick to hit your browsers back button (hint,hint) http://www.linuxstolescocode.com
I think it means very little that the worm launches an attack against SCO. The primary purpose of this worm, like the Mimails that preceded it, is the wide-spread distribution of a zombie network for the purpose of propagating spam. You see, spammers hire programmers to do this coding for them (read up a bit on Mimail and spam) in order to help their spam biz. While the hired programmer was at it, he probably threw in the SCO bit for shits and giggles. Or maybe he's a younger programmer and just kind of immature. Either way, the spammers (the people commissioning the construction of the worm) don't care.
To me this sounds like the most likely scenario -- remember that spam and viruses are linked. The SCO thing is just throwing people off track.
Scene - the virus writer's parents' basement
Script Kiddie #1: OK, dude, like, I got the, y'know, latest version of, like, Virus Creator, dude.
Script Kiddie #2: Swheeet! Dude, like, run it!
Script Kiddie #1: Fuxor! Like, I clicked on it, and, like, it didn't go!
SK2: Dude! You have to, like, double click! Lamer!
SK1: STFU! I know that! Fag!
SK1: Uhhh, like, it's doing sumthing. Oh - kewl! It's like, installing stuff.
SK2: Shweet! Man, this rox!
Virus Creator: Virus Creator Wizard - page 1 of 5 - Do you want to install a backdoor? [yes] [no] [help]
SK1: Shweet! Yeah, let's set up my army of zombies! Huh-huh-huh!
Virus Creator: Virus Creator Wizard - page 2 of 5 - Do you want to install a spam relay? [yes] [no] [help]
SK2: Dude! We can, like, make money! Do it, dude!
Virus Creator: Virus Creator Wizard - page 3 of 5 - Do you want to install an HTTP relay ? [yes] [no] [help]
SK1: WTF? (clicks help)
Virus Creator: This lets us serve PR0N through your zombies - click yes and we will let you have the password to see some of it.
SK1 and SK2 (together): DUDE! SHWEEET!
Virus Creator: Virus Creator Wizard - page 4 of 5 - Do you want to DDOS somebody ? [yes] [no] [help]
SK2: Yeah!
Virus Creator: Virus Creator Wizard - DDOS setup - Who do you want to DDOS? [enter URL here]
SK1: Who should we fuxor? School?
SK2: DUDE! If you fuxor school how can we look at pr0n during class? (dope-smacks SK1)
SK1: OW! Fag! OK, uhhh, dude, like, the RAII?
SK2: YEAH! Fuxoring with our MP3s!
Virus Creator: Virus Creator Wizard - URL "www.raii.com" not found - try again [enter URL here]
SK2: Fuxor!
SK1: Dude, like, what's something with less letters, man?
SK2: SCO?
SK1: Yeah! FUXOR JOO, SCO!
Virus Creator: Virus Creator Wizard - page 5 of 5 - Virus ready - click here to email [ok]
SK1 and SK2 (together): SHWEET!
In other words, I think the DDOS against SCO is incidental to the real purpose of this virus - which is to spread spam. Like as not the choice of SCO was just because they are in the news, and to shift the blame to somebody else.
www.eFax.com are spammers
So how is it that SCO is supposedly already feeling the effects of the DDoS from the virus?
Sadly, the reward is being offered in shares of SCOX stock.
Viv
Gmail invites for ip
I already have two Linux licenses for a whole lot less money. Hit the bookstore. Lots of Linux manuals have a publishers edition of Red Hat and Caldera in them. Since SCO is renamed Caldera, there should be no way they can get you for using it. Be sure to read and follow the EULA.
I have a 2 publishers editions, one of 2.3 kernel and one 2.4 kernel. There should be no way they can demand more money for using it the way they sold it.
There may be a legal challange for having the Red hat copy that came with the book. I guess I'm going to have to hide it until the SCO case is over.
One copy makes a great SAMBA server and the other one is a great desktop web tool.
The truth shall set you free!
No No No..
I did it.
I used a combination of Visual Basic and Commodore 64 Logo.
Deposit the $250,000 in my Swiss Bank Account and I'll be at your office first thing Monday morning with the source. You can check to see whether it has any of the Unix code that you 'own'.
I might have to spend a year in jail (maybe even a little more if they find out about the thing with the seeds in the parking lot of the Grateful Dead show back in 1978). But after that I'll be free with $250,000. I'll use the time to brush up on investment theory and derivatives and maybe even get in a little weight training.
Beats a year in a cubicle doing tech support on the phone for $8/hr.
Keep me posted!!!