Posted by
CmdrTaco
on from the no-surprise-there dept.
quakeslut writes "It's Feb. 1st everyone... and all of you who have been reading Slashdot know that today MyDoom.A begins it's attack... according to Reuters, SCO has already been hit hard. Stay tuned for Tuesday when MyDoom.B hits Microsoft..."
Re:Why today...
by
87C751
·
· Score: 5, Insightful
This is akin to blaming Smith and Wesson for injuries to the neighbors when you fire your gun in random directions.
Nit: It's more akin to blaming Smith & Wesson when mayhem results from you firing your Glock in random directions.
-- Mail? Put "slashdot" in the subject to pass the spam filters.
Re:Why today...
by
Suidae
·
· Score: 2, Insightful
I would expect that deliberately setting a domain that you knew was under attack to point at anyone would make you just as guilty of the attack as whomever set it up to begin with.
Re:Why today...
by
gad_zuki!
·
· Score: 2, Insightful
>The person who wrote the worm is not very good anyways.
Actually the guy/people who wrote this virus are very, very good. While the media and geeks go crazy over "attacks" on sco and microsoft, the authors are quietly collecting email addresses to sell and usernames/passwords from the keystroke logger. They have been very successful in this digital sleight of hand. Right now the current guesses focus on Russian criminals putting this whole thing together.
every rose has its thorn
by
victorvodka
·
· Score: 3, Insightful
A DDOS like this will have a trivial effect on a company like SCO, whose business model does not depend on its web site. For Microsoft, though, it really might cut into their bottom line and esteem as a company. Let's hope something good comes out of this idiocy.
--
The flag just makes more sense than the constitution. - Judas Gutenberg
Re:every rose has its thorn
by
Anonymous Coward
·
· Score: 1, Insightful
Their business model depends on their lawyers. We should flood their legal representatives with snail mails.
Remember, don't make any jokes.. These comments are obviously the voice of the open source community and may be quoted as such in wired.com articles as fact...
Telling people not to voice their opionions because of fear of what other people might think of you is an asinine way to excersice your right to free speech.
Yes, free speech is something we believe in at slashdot as well. We can and should make jokes. Why? Because we always make jokes about things! I would make a joke right now, but (1) I'm not that funny, and (2) I'm just too shocked that I am being told in a +5 comment not to say something.
Let the media report what they will. The fact is, some part of the community that you posted to can find humour in this. We are for sure a community that finds humour in everything.
Actually, now that I read your comment again, I am not sure you are serious. Perhaps it was just a joke and our mods have modded you insightfull?
Unfortunately, this is really the media's fault. There were several high profile articles that quoted posts modded +5, Funny on Slashdot's original article about MyDoom and cited them as the voice of the Open Source community, taking glee at this new virus. It was essentially cited as evidence that the "nefarious" Open Source community was somehow behind this virus or honestly approved of it. Basically these people don't understand how Slashdot works, that we find humor in even the most macabre topics, and that one person's comment doesn't mean anything more than that one random person thought something. As another poster said, it's like quoting a guy in a bar in LA and saying "people in LA think this...".
Anyway, I know and you know how to spot a troll/humorous post/etc. on Slashdot. And we know that people's opinions go all over the map on many issues discussed on Slashdot. Joe Reporter doesn't get this and there is a real risk of them printing more smear-stories about a community that like-it-or-not you will be perceived as part of by virtue of posting here. It's reasonable for us to try not to make that community look bad - not saying not to speak your mind, but to keep in mind that in a high profile story like this, even though you may be Joe Nobody, your words could be used against you and lots of other people.
Re:I'm Doing My Part
by
borgheron
·
· Score: 4, Insightful
This is not helping. Why would you even want to do this??
Please stop as you're injuring the community you're trying to help.
GJC
-- Gregory Casamento
## Chief Maintainer for GNUstep
I wish it wouldn't happen. This virus is painting the Linux community as a bunch of petulant adolescents - regardless of who's doing it.
I'm trying to remember who in the Linux community was quoted in the Wall Street Journal as saying "Let's take the high road." We should do just that. We all know that SCO doesn't have a leg to stand on. Let's let them sink themsleves.
--
There is no spoon or sig.
Re:Finally!
by
JustDisGuy
·
· Score: 2, Insightful
SCO may be making spurious claims to IP they don't actually own, but the moron that coded this deserves nothing less than the utter disdain of proponents of the Open Source movement.
-- Hanlon's Razor: Never attribute to malice that which is adequately explained by stupidity.
-- "Never attribute to malice that which is adequately explained by stupidity." - Hanlon's Razor
Helps SCO and Microsoft
by
Mysteray
·
· Score: 4, Insightful
Does anyone believe that this will do anything except help SCO? It associates their enemies (IBM, Linux), with worm/virus creators and spammers. If this sort of thing keeps up, the US Legislative and Executive branches will actively take the side of SCO and MS against Linux and it's "hackers".
What do they need a website for anyway? Their only business is lawsuits and press releases.
Re:Helps SCO and Microsoft
by
dreamchaser
·
· Score: 4, Insightful
YOU might not assume those things, but Joe Public will. It's all about perception. And if they catch the perp and he DOES turn out to be a linux zealot, it will taint the whole community.
Just because YOU have some sense and intelligence doesn't mean the press or the public does.
Re:Helps SCO and Microsoft
by
dreamchaser
·
· Score: 2, Insightful
Ah, and that is exactly the attitude that is holding Linux and OSS in general back.
Public perception DOES matter, dimwit. Unless you want Linux to forever be a niche OS on the desktop that is. Maybe you do, and you're entitled to that opinion.
Re:How stupid do you have to be?
by
ardiri
·
· Score: 4, Insightful
> SCO had plenty of time to prepare for this
makes you wonder if they had anything to do with the virus itself? if someone was going to make a blatent attempt at SCO - why not make it a surprise. publicity stunt it may be, all being run on feb 1 (sunday, non business day) - its obviously worked. news all over the world has picked this up.
Re:It shouldn't have happened yet
by
CrackedButter
·
· Score: 3, Insightful
wasn't it mentioned that some clocks gas the incorrect time, magify this over a million plus pc's and this makes a difference. Yes?
Re:Finally!
by
Anonymous Coward
·
· Score: 5, Insightful
This virus is painting the Linux community as a bunch of petulant adolescents - regardless of who's doing it.
No, it's not. The media (and SCO, et al for obvious reasons) is painting the F/OSS community as adolescents
Re:Slashdotted Reuters?
by
Vlad_the_Inhaler
·
· Score: 2, Insightful
Did someone write a variant that went for www.reuters.com? Although they claim Sco.com was the only discernible victim on Sunday. There were no other reports of outages or slowdowns elsewhere online due to the worm..
Does anyone remember the article about Distributed Reflection Denial of Service from around 2 years ago? Quotating that one: I imagine that anyone reading this page is already well aware of my feelings regarding the deliberate and unnecessary inclusion of the raw socket API in a mass market consumer desktop PC. I am referring, of course, to the absolute insanity of Microsoft's inclusion -- and subsequent defense of -- the raw socket API in Windows XP.
While pedantic network experts, and Microsoft themselves, correctly argue that there are other ways to produce malicious Internet traffic, there is no easier way than through the use of raw sockets. The best way to earn users' trust is to deserve it. But deliberately incorporating this unnecessary facility into every Windows XP machine -- and essentially enabling it, by design, to become a malicious reflection attack generator -- makes a mockery of Microsoft's recent "Trustworthy Computing" rhetoric. We can always hope, as I fervently do, that Microsoft will recognize that it is not too late, and will remove raw sockets from XP during one of the product's continuous flow of patches and Windows Updates.
Microsoft really have brought this upon themselves. Sorry, but they were warned and deserve all they get. What this is about is: before XP, it was possible to recognise (and block) this sort of traffic at the routers.
Re:Finally!
by
drooling-dog
·
· Score: 2, Insightful
I wish it wouldn't happen. This virus is painting the Linux community as a bunch of petulant adolescents - regardless of who's doing it.
I've been concerned about exactly the same thing. Regardless of where the virus really came from, the fact that SCO and MS were targeted may well have an impact on coming legal and public relations struggles that are important to the Open Source community. Don't think for a minute that this isn't understood completely by strategists at those two companies (as well as others that are threatened by the OS model). There is a lot at stake.
SCO running Apache?
by
salmonz
·
· Score: 2, Insightful
I just visited sco.com to see if I can get through, but apparently the Apache default page is coming up.
Why is SCO using free software when they claim teh GPL is void and invalid?
What they didn't include in the article
by
marsu_k
·
· Score: 5, Insightful
Curiously, this article seems to imply that there was a political agenda behind DDoSing SCO - but to quote Mikko Hypponen of F-secure a bit more:
"It's also possible the attack against SCO is just a smokescreen to misdirect attention away from the backdoor component in the virus - which is most likely included in order to facilitate sending of spam email messages."
Similiar, albeit longer, quote from him asserting that indeed spammers were behind this worm was in the local newspaper on Friday, but it's in Finnish and I'm too lazy to translate it. But the above quote can be found here.
Re:What they didn't include in the article
by
theCat
·
· Score: 2, Insightful
There is general agreement that this is the work of spammers/scammers and not, say, the GNU/Linux community. But there have been eleventy-hundred identical virus/worms/exploits emailed around for months/years/eons now, and they didn't bother adding a DDoS subroutine to attack SCO, or Microsoft, or anyone else except the anti-spam outfits (may they RIP).
So why all the sudden the "oh-we-need-a-smoke-screen" noise?
It is not a smoke screen. It's a fscking plot and it's well timed.
The spammers DO care how this whole SCO things turns out, as they care what happens to Windows on the desktop. Keeping the SCO plot up and running keeps Linux off the desktop (perhaps forever if the US court system really is as lame as it seems lately) and they really really need to keep Linux off the desktop and the pressure off Microsoft to change their product. They need Windows to be dominant, unchanged, wide open, and devoid of competition. Otherwise the spammers at least have to rewrite all their nice tools, and at worst they lose a ton of existing zombies and can't replace them; wave bye-bye to one most excellent business model if that happens.
Interesting how the dominant monoculture is playing a central role, isn't it? And Bill tells us Microsoft will end spam in three years, when clearly Microsoft products are the major portal for Internet spam and probably Internet crime. Will Microsoft ever guess how badly they've been played for fools? Or perhaps more alarming...do they even care?
"I wish it wouldn't happen. This virus is painting the Linux community as a bunch of petulant adolescents"
In case anyone still thinks this virus is related to linux people, let's put it as bluntly as we can:
Spammers have created yet another virus to send their emails, not caring about the cost to you, your computer, the law, or the internet in general
If you believed the spammer lies about how you've opted in to something, or how this is their freedom of speech, or how you can just press delete, then this should be the evidence you need: spammers are prepared to take down the entire internet for their own personal gain.
If anybody has bought anything advertised by email, or is considering doing so, or knows anybody who buys from email advertisements, then please be aware: you are supporting the criminals who are deliberately and maliciously attacking your computer, and the computers of your friends. Their programs are constantly bombarding your computer, where any mistake you make could lead to your computer becoming unusable by you, and being used to send illegal emails in vast quantities to the computers of others.
If any newspaper editor is reading this, and thinks "it's attacking SCO, it must be programmed by a Linux advocate", wake up and smell the misdirection. The DDOS in this virus was added as an afterthought. "Virus creation wizard step 6: you are nearly finished creating your virus. now type the name of a website you want it to attack"
Yes, it's a classic trick, and it's worked for thousands of years. I'ts worked for politicians and armies. It's worked for the con-artist and the cult leader. What is this trick? Miss-direction. If you think that this virus has anything at all to do with the open source community or SCO then your not keeping your eye on the ball sparky!
1. This virus makes a machine an open relay. Considering recent legislation and other anti-spam techniques I smell spammer bovine feces here.
3. The open source community is coming up with various anti-spam measures. Don't you think the spammers would love painting their enemy as petulant child - as they have proven themselves to be?
MyDOOM isn't the open source community pissing on on SCO, it's spammers pissing on all of us.
-- "Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
It's not really a bad thing
by
smartin
·
· Score: 3, Insightful
I know some people think this virus makes the linux community look bad, but that's not really the case. It's just another windows virus in a long line of windows viruses, written somewhere by some asshole for whatever reason they see fit. Even if it turns out that the writter is a Linux fanatic, you can't hold the whole community responsibe for the actions of one individual. Personally i think it's a good thing because it does serve three useful functions (no i did not write it:)).
It forces somes asshole companies of the net for a while.
It raises awareness of the whole SCO fiasco and I'm not seeing much in the way if sympathy for them in the press.
It shows once again that windows is a virus ridden insecure platform.
Whats not to like.
-- The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
SCO website just a symbol...
by
bangular
·
· Score: 5, Insightful
Realistically, who the hell even goes to the SCO website. They've got so few new potential customers anyway (I would put the number at zero). Current UnixWare users doubtfully visit their website very much anyway.
Their website being down is more of a symbol. A symbol to them of "Look at what they are doing to us". It's obviously not very important to them anyway seeing as how in the past they've taken it down for hours to days at a time for "server upgrades". If it were that critical to them, they wouldn't have had downtime. But it was cheaper to take it down and do what they needed to do to spend the money to keep it up during upgrades.
Anyway, SCO can eat apple sauce out of my ass with a spoon.
Re:How did this virus spread so easily?
by
unborn
·
· Score: 4, Insightful
An infection where the user knowledgeably accepts a substance ( even if considered harmless at the moment of acceptance ) should be called "a poison", not "a virus".
If you are given a drink that will kill you, but you drink it without knowing - that's a poison. If someone sneezes a few feets away and an airplane passes by you at the same exact moment of the other person sneezing and you can't hear the sneeze, and you get infected - then it's a virus.
Hence, opening an executable is subjecting yourself to the possibility of poisoning. Reading your email while a flaw is exploited in your email client is a virus.
Re:How did this virus spread so easily?
by
prandal
·
· Score: 2, Insightful
Re:How did this virus spread so easily?
by
drinkypoo
·
· Score: 3, Insightful
Never underestimate the power of human stupidity. I spent a whole working day doing nothing but cleaning this virus (with stinger) in the process of which I found a couple other worms as well. You ask people, why did you even look at that attachment? What made you think it was a good idea to run it? And half of them say, I didn't open an attachment! Well, bollocks to you, obviously they're clicking things without realizing what they're clicking. People need more computer training, plain and simple. I wonder if the situation would be analogous to driver training. Germany has much much driver training than the USA and consequently they can have highways where you can drive as fast as you can manage without doing anything stupid (besides drive really fast in the first place.) Of course, there, if you get caught without your reflective triangle on the autobahn, kiss your license good bye; Same if you're hogging the left lane and someone flashes their brights at you, and you don't get over.
I wonder if more computer training would reduce the number of "accidents" like this that we have here. It seems even most persons who use the computer as a key part of their job every day have no idea what the hell they're doing. I'm not expecting them to know (much about) how it works, just to sort of get an idea of what's a good idea, and what isn't.
-- "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Re:How did this virus spread so easily?
by
glesga_kiss
·
· Score: 5, Insightful
For the past 4 versions of Windows Microsoft has refused to remove a huge security hole called file extension hiding.
Bollocks. The people commonly infected with viruses wouldn't even know what a file extension was, let alone the difference between an exe and a txt file.
"The one with the W is a word file, the portrait is a graphic file etc". Give a file "virus.exe" the same icon graphic as a word file, and most users wouldn't know the difference.
On the other hand, if you don't hide the extension, then each of us here would be constantly dealing with dumb users who have renamed "Document1.doc" to "Report" (no extension). For 99% of users, hiding extensions is a good idea.
"What bullshit. Just make up a fucking target, all it "evidence", and viola! Better than actually finding out, ain't it?"
Newspapers are already publishing their accusations, based on much slimmer evidence than that, that Free Software programmers were beind this virus.
Nope, it's not evidence, and we don't know who wrote the virus. We do know, however, that its primary purpose is to enable the sending of bulk email. We do know that this type of virus became popular after spammers became unable to purchase their own internet connectivity. We do know that this type of virus conveniently bypasses the IP-address based spamfilters that had been working so well to stop spam. We do know that the first instance of this type of virus was designed to attack anti-spam groups, which it did very successfully. We don't know exactly who wrote which virus, but we can make some guesses. It's possible that the usefulness of this type of virus for doing exactly what the spammers want to do may just be an inintended side-effect. It's possible that someone spent many hours perfecting their distributed spam-sending virus by accident, for a different purpose, or to give spammers a bad name (now that's a redundant idea if ever I heard one). But whatever their intentions, their creation is now being used to deliver bulk email.
When someone writes a virus, and that virus is designed to send spam, why should we not conclude that the virus-writer is a spammer? The best you could say about them is that they might only be an unintentional accessory to spammers
www A 127.0.0.1
by
Stephen+Samuel
·
· Score: 4, Insightful
Given that they knew this was coming, and knew that they didn't have the bandwidth/CPU to handle the masssive overload, why didn't SCO Just set the A record for their website to 127.0.0.1 for a couple of days?? Either that or 192.168.42.42... With the former, a virus infected machine would simply attack itself. With the later, it would try to contact a well known address which would allow sysadmins to find any infected machine (and remove the virus) by simply looking for references to the address.
-- Free Software: Like love, it grows best when given away.
Ignoramous equally disturbing
by
bstadil
·
· Score: 3, Insightful
Before you spout more junk maybe you want to avail yourselves of some information.
The virus is written in Russia as a mail relay vehichle. They are just using the SCO issues as a foil, and indeed it worked on you. There even is an apology inside the virus from the author stating that he is just doing his "job"
Now Hang your head in shame.
-- Help fight continental drift.
Re:I'm Doing My Part
by
heliocentric
·
· Score: 2, Insightful
not all people understand geek humor
Listen, strange women lying in ponds distributing swords is no basis for a system of government. Supreme executive power derives from a mandate from the masses, not from some farcical aquatic ceremony.
Well you can't expect to wield supreme executive power just 'cause some watery tart threw a sword at you!
I mean, if I went around sayin' I was an emperor just because some moistened bint had lobbed a scimitar at me they'd put me away!
-- Wheeeee
Lawyer think...
by
LinuxGeek
·
· Score: 3, Insightful
Yeah, I read that and knew that couldn't be the mindset of a technology company. It must be true that SCO has completed the transition into a litigious entity. I mean, who is going to buy or trust OS software from people that had 5 days notice of this event and couldn't think of a single thing to do to protect their site?
Registrar: DOTSTER
Domain Name: SCO.COM
Created on: 03-SEP-87
Expires on: 02-SEP-04
Last Updated on: 22-JAN-03
Take note that the last change of their domain record was a year ago last sunday,. No one even bothered to do something as simple as change www.sco.com to a place holder on another subnet and then use their massive free publicity to announce their alternate name for the duration of the virus DDOS attack.
When the response boils down to nothing more than a promise to make more announcements, well, I think they are sacrificing what is left of their technical reputation.
--
Kindness is the language which the deaf can hear and the blind can see. - Mark Twain
Re:Lawyer think...
by
LinuxGeek
·
· Score: 4, Insightful
My point is that sevaeral SCO folks ( and Darl specifically) are blaming the actual traffic flood, even todays PR release.
LINDON, Utah, Feb. 1/PRNewswire-FirstCall/ -- The SCO Group, Inc. (Nasdaq: SCOX), the owner of the UNIX(R) operating system and a leading provider of UNIX-based solutions, has confirmed that a large scale, Denial of Service attack has started that has made the company's Web site, www.sco.com, completely unavailable. Internet traffic began building momentum on Saturday evening and by midnight Eastern Time the SCO Web site was flooded with requests beyond its capacity. The company expects these attacks to continue through Feb. 12.
SCO has made their website completely unavailable by removing the www.sco.com name record, not a flood of packets. They have mentioned nothing about packet filtering at the router level or any alternative method of keeping their main site online. When the attacks start flooding Microsoft, do you think they will just take their main site down or look at a solution that keeps them up?
I'm only pointing out that SCO is not being honest about the reason for their web sites complete unavailablity. They could still be online with several alternative options that they aren't exploring and want to act like they have no choice in the matter. It looks like they are taking the 'poor me' attitude when things could have been made much better with a little effort.
Maybe their site isn't as important to the operation of their new business model. It may be an even bigger asset to them as a publicity tool while it is down ( due to their lack of name record). When I see them admit that they took it down themselves, then they will have a bit more credibility. With no name record, thus no actual attack on their site, they can't know when the attack would have ended or how severe the flood would have been. They can't really track the attack via DNS lookup operations because that can't give an accurate picture of the potential flood, only the number of participating machines.
They've removed the means to gather statistics about the attack and devise means to counter a defense. The opposite of what I would expect of Microsoft, IBM, Symantec, RedHat, Slashdot or thousands of other sites on the internet.
--
Kindness is the language which the deaf can hear and the blind can see. - Mark Twain
Microsoft won't get hit.
by
Anonymous Coward
·
· Score: 1, Insightful
MSFT already changed their DNS entries. (do a host www.microsoft.com) Akamai's caching service will handle all the requests. They already used this technique before. Check netcraft for more details.
Re:How did this virus spread so easily?
by
kalidasa
·
· Score: 2, Insightful
So explain to me why I've had this conversation several times with my users:
Well, of course I opened it. It says it's a JPG, and you can't get a virus from a JPG.
I don't understand - I thought you couldn't get a virus from a text file?
It's just a web page, it can't possibly be a virus.
Answer: a little knowledge is a dangerous thing. Especially if you're dealing with people who have file extensions turned on at work, but off at home, or vice versa.
Can you blame Paul Thurrott?
by
Anonymous Coward
·
· Score: 1, Insightful
The guy has invested his CAREER as a Microsoft marketing shrill. Maybe they require this kind of service from him, so he stays in favor and gets free CD's. Maybe this is the only level he can compete at, so he considers trickery and manipulation to be fair tools for a journalist.
We have a WINDOWS virus spreading over the net. You'd think he would just SHUT UP about UNIX for one day...
Stuff you write on the Internet lasts FOREVER. I don't even wish this on him, but someday he'll be interviewing for work and he will be asked about this. When presented with a question if he knew UNIX mail servers to be implicated in this massive DDOS... I don't see how either a "yes" or "no" answer could yielding a favorable impression.
It's one thing to be wrong, but to twist words in an information-related profession is just plain *damning*! If he was afraid of UNIX taking over before, he better worry more because now his future is compromised. Perhaps Paul should re-consider his career, and work for Fox News.
I must say,/. readers dissapoint me more and more. Incitement of harrassment is exactly the sort of thing Bruce Perens was trying to get away from.
The response to the mydoom virus and the sco case in general on here and other forums might well have put the advance of Linux back 5 years in terms of it's corporate image.
This should not be a personal battle against one individual (and now by your actions and that of others direct harrassment of his family) it should be a legal and economic battle. Whatever moral high ground the linux community might have about the sco case is effectively undermined by childish actions such as these.
I could see some point in publishing the company address and his corporate number. But publishing his personal contact details is reprehensible. Encouraging harrassment is not big, clever or funny.
Slashdot Mirror
Sunday isn't even a business day? How much money will they not lose?
Jonathanjk.com
A DDOS like this will have a trivial effect on a company like SCO, whose business model does not depend on its web site. For Microsoft, though, it really might cut into their bottom line and esteem as a company. Let's hope something good comes out of this idiocy.
The flag just makes more sense than the constitution. - Judas Gutenberg
Remember, don't make any jokes..
These comments are obviously the voice of the open source community and may be quoted as such in wired.com articles as fact...
This is not helping. Why would you even want to do this??
Please stop as you're injuring the community you're trying to help.
GJC
Gregory Casamento
## Chief Maintainer for GNUstep
I'm trying to remember who in the Linux community was quoted in the Wall Street Journal as saying "Let's take the high road." We should do just that. We all know that SCO doesn't have a leg to stand on. Let's let them sink themsleves.
There is no spoon or sig.
SCO may be making spurious claims to IP they don't actually own, but the moron that coded this deserves nothing less than the utter disdain of proponents of the Open Source movement.
--
Hanlon's Razor: Never attribute to malice that which is adequately explained by stupidity.
"Never attribute to malice that which is adequately explained by stupidity." - Hanlon's Razor
Does anyone believe that this will do anything except help SCO? It associates their enemies (IBM, Linux), with worm/virus creators and spammers. If this sort of thing keeps up, the US Legislative and Executive branches will actively take the side of SCO and MS against Linux and it's "hackers".
What do they need a website for anyway? Their only business is lawsuits and press releases.
> SCO had plenty of time to prepare for this
makes you wonder if they had anything to do with the virus itself? if someone was going to make a blatent attempt at SCO - why not make it a surprise. publicity stunt it may be, all being run on feb 1 (sunday, non business day) - its obviously worked. news all over the world has picked this up.
wasn't it mentioned that some clocks gas the incorrect time, magify this over a million plus pc's and this makes a difference. Yes?
Jonathanjk.com
This virus is painting the Linux community as a bunch of petulant adolescents - regardless of who's doing it.
No, it's not. The media (and SCO, et al for obvious reasons) is painting the F/OSS community as adolescents
Did someone write a variant that went for www.reuters.com? Although they claim Sco.com was the only discernible victim on Sunday. There were no other reports of outages or slowdowns elsewhere online due to the worm..
Does anyone remember the article about Distributed Reflection Denial of Service from around 2 years ago? Quotating that one: I imagine that anyone reading this page is already well aware of my feelings regarding the deliberate and unnecessary inclusion of the raw socket API in a mass market consumer desktop PC. I am referring, of course, to the absolute insanity of Microsoft's inclusion -- and subsequent defense of -- the raw socket API in Windows XP.
While pedantic network experts, and Microsoft themselves, correctly argue that there are other ways to produce malicious Internet traffic, there is no easier way than through the use of raw sockets. The best way to earn users' trust is to deserve it. But deliberately incorporating this unnecessary facility into every Windows XP machine -- and essentially enabling it, by design, to become a malicious reflection attack generator -- makes a mockery of Microsoft's recent "Trustworthy Computing" rhetoric. We can always hope, as I fervently do, that Microsoft will recognize that it is not too late, and will remove raw sockets from XP during one of the product's continuous flow of patches and Windows Updates.
Microsoft really have brought this upon themselves. Sorry, but they were warned and deserve all they get. What this is about is: before XP, it was possible to recognise (and block) this sort of traffic at the routers.
Mielipiteet omiani - Opinions personal, facts suspect.
I've been concerned about exactly the same thing. Regardless of where the virus really came from, the fact that SCO and MS were targeted may well have an impact on coming legal and public relations struggles that are important to the Open Source community. Don't think for a minute that this isn't understood completely by strategists at those two companies (as well as others that are threatened by the OS model). There is a lot at stake.
I just visited sco.com to see if I can get through, but apparently the Apache default page is coming up. Why is SCO using free software when they claim teh GPL is void and invalid?
Curiously, this article seems to imply that there was a political agenda behind DDoSing SCO - but to quote Mikko Hypponen of F-secure a bit more:
"It's also possible the attack against SCO is just a smokescreen to misdirect attention away from the backdoor component in the virus - which is most likely included in order to facilitate sending of spam email messages."
Similiar, albeit longer, quote from him asserting that indeed spammers were behind this worm was in the local newspaper on Friday, but it's in Finnish and I'm too lazy to translate it. But the above quote can be found here.
"I wish it wouldn't happen. This virus is painting the Linux community as a bunch of petulant adolescents"
In case anyone still thinks this virus is related to linux people, let's put it as bluntly as we can:
Spammers have created yet another virus to send their emails, not caring about the cost to you, your computer, the law, or the internet in general
If you believed the spammer lies about how you've opted in to something, or how this is their freedom of speech, or how you can just press delete, then this should be the evidence you need: spammers are prepared to take down the entire internet for their own personal gain.
If anybody has bought anything advertised by email, or is considering doing so, or knows anybody who buys from email advertisements, then please be aware: you are supporting the criminals who are deliberately and maliciously attacking your computer, and the computers of your friends. Their programs are constantly bombarding your computer, where any mistake you make could lead to your computer becoming unusable by you, and being used to send illegal emails in vast quantities to the computers of others.
If any newspaper editor is reading this, and thinks "it's attacking SCO, it must be programmed by a Linux advocate", wake up and smell the misdirection. The DDOS in this virus was added as an afterthought. "Virus creation wizard step 6: you are nearly finished creating your virus. now type the name of a website you want it to attack"
1. This virus makes a machine an open relay. Considering recent legislation and other anti-spam techniques I smell spammer bovine feces here.
2. More and more spammers used high jacked machines for DNS, web service as well as relaying their crap. spammers Check out the nanae news group for more examples
3. The open source community is coming up with various anti-spam measures. Don't you think the spammers would love painting their enemy as petulant child - as they have proven themselves to be?
MyDOOM isn't the open source community pissing on on SCO, it's spammers pissing on all of us.
AngryPeopleRule
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
Whats not to like.
The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
Realistically, who the hell even goes to the SCO website. They've got so few new potential customers anyway (I would put the number at zero). Current UnixWare users doubtfully visit their website very much anyway.
Their website being down is more of a symbol. A symbol to them of "Look at what they are doing to us". It's obviously not very important to them anyway seeing as how in the past they've taken it down for hours to days at a time for "server upgrades". If it were that critical to them, they wouldn't have had downtime. But it was cheaper to take it down and do what they needed to do to spend the money to keep it up during upgrades.
Anyway, SCO can eat apple sauce out of my ass with a spoon.
An infection where the user knowledgeably accepts a substance ( even if considered harmless at the moment of acceptance ) should be called "a poison", not "a virus".
If you are given a drink that will kill you, but you drink it without knowing - that's a poison. If someone sneezes a few feets away and an airplane passes by you at the same exact moment of the other person sneezing and you can't hear the sneeze, and you get infected - then it's a virus.
Hence, opening an executable is subjecting yourself to the possibility of poisoning. Reading your email while a flaw is exploited in your email client is a virus.
This is continually raised, for example here, here, and why it's a bad idea anyway
And so on...
I wonder if more computer training would reduce the number of "accidents" like this that we have here. It seems even most persons who use the computer as a key part of their job every day have no idea what the hell they're doing. I'm not expecting them to know (much about) how it works, just to sort of get an idea of what's a good idea, and what isn't.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Bollocks. The people commonly infected with viruses wouldn't even know what a file extension was, let alone the difference between an exe and a txt file.
"The one with the W is a word file, the portrait is a graphic file etc". Give a file "virus.exe" the same icon graphic as a word file, and most users wouldn't know the difference.
On the other hand, if you don't hide the extension, then each of us here would be constantly dealing with dumb users who have renamed "Document1.doc" to "Report" (no extension). For 99% of users, hiding extensions is a good idea.
"What bullshit. Just make up a fucking target, all it "evidence", and viola! Better than actually finding out, ain't it?"
Newspapers are already publishing their accusations, based on much slimmer evidence than that, that Free Software programmers were beind this virus.
Nope, it's not evidence, and we don't know who wrote the virus. We do know, however, that its primary purpose is to enable the sending of bulk email. We do know that this type of virus became popular after spammers became unable to purchase their own internet connectivity. We do know that this type of virus conveniently bypasses the IP-address based spamfilters that had been working so well to stop spam. We do know that the first instance of this type of virus was designed to attack anti-spam groups, which it did very successfully. We don't know exactly who wrote which virus, but we can make some guesses. It's possible that the usefulness of this type of virus for doing exactly what the spammers want to do may just be an inintended side-effect. It's possible that someone spent many hours perfecting their distributed spam-sending virus by accident, for a different purpose, or to give spammers a bad name (now that's a redundant idea if ever I heard one). But whatever their intentions, their creation is now being used to deliver bulk email.
When someone writes a virus, and that virus is designed to send spam, why should we not conclude that the virus-writer is a spammer? The best you could say about them is that they might only be an unintentional accessory to spammers
Given that they knew this was coming, and knew that they didn't have the bandwidth/CPU to handle the masssive overload, why didn't SCO Just set the A record for their website to 127.0.0.1 for a couple of days?? Either that or 192.168.42.42... With the former, a virus infected machine would simply attack itself. With the later, it would try to contact a well known address which would allow sysadmins to find any infected machine (and remove the virus) by simply looking for references to the address.
Free Software: Like love, it grows best when given away.
The virus is written in Russia as a mail relay vehichle. They are just using the SCO issues as a foil, and indeed it worked on you. There even is an apology inside the virus from the author stating that he is just doing his "job"
Now Hang your head in shame.
Help fight continental drift.
not all people understand geek humor
Listen, strange women lying in ponds distributing swords is no basis for a system of government. Supreme executive power derives from a mandate from the masses, not from some farcical aquatic ceremony.
Well you can't expect to wield supreme executive power just 'cause some watery tart threw a sword at you!
I mean, if I went around sayin' I was an emperor just because some moistened bint had lobbed a scimitar at me they'd put me away!
Wheeeee
Yeah, I read that and knew that couldn't be the mindset of a technology company. It must be true that SCO has completed the transition into a litigious entity. I mean, who is going to buy or trust OS software from people that had 5 days notice of this event and couldn't think of a single thing to do to protect their site?
Registrar: DOTSTER
Domain Name: SCO.COM
Created on: 03-SEP-87
Expires on: 02-SEP-04
Last Updated on: 22-JAN-03
Take note that the last change of their domain record was a year ago last sunday,. No one even bothered to do something as simple as change www.sco.com to a place holder on another subnet and then use their massive free publicity to announce their alternate name for the duration of the virus DDOS attack.
When the response boils down to nothing more than a promise to make more announcements, well, I think they are sacrificing what is left of their technical reputation.
Kindness is the language which the deaf can hear and the blind can see. - Mark Twain
MSFT already changed their DNS entries.
(do a host www.microsoft.com)
Akamai's caching service will handle all the requests.
They already used this technique before. Check netcraft for more details.
So explain to me why I've had this conversation several times with my users:
Well, of course I opened it. It says it's a JPG, and you can't get a virus from a JPG.
I don't understand - I thought you couldn't get a virus from a text file?
It's just a web page, it can't possibly be a virus.
Answer: a little knowledge is a dangerous thing. Especially if you're dealing with people who have file extensions turned on at work, but off at home, or vice versa.
The guy has invested his CAREER as a Microsoft marketing shrill. Maybe they require this kind of service from him, so he stays in favor and gets free CD's. Maybe this is the only level he can compete at, so he considers trickery and manipulation to be fair tools for a journalist.
We have a WINDOWS virus spreading over the net. You'd think he would just SHUT UP about UNIX for one day...
Stuff you write on the Internet lasts FOREVER. I don't even wish this on him, but someday he'll be interviewing for work and he will be asked about this. When presented with a question if he knew UNIX mail servers to be implicated in this massive DDOS... I don't see how either a "yes" or "no" answer could yielding a favorable impression.
It's one thing to be wrong, but to twist words in an information-related profession is just plain *damning*! If he was afraid of UNIX taking over before, he better worry more because now his future is compromised. Perhaps Paul should re-consider his career, and work for Fox News.
I must say, /. readers dissapoint me more and more. Incitement of harrassment is exactly the sort of thing Bruce Perens was trying to get away from.
The response to the mydoom virus and the sco case in general on here and other forums might well have put the advance of Linux back 5 years in terms of it's corporate image.
This should not be a personal battle against one individual (and now by your actions and that of others direct harrassment of his family) it should be a legal and economic battle. Whatever moral high ground the linux community might have about the sco case is effectively undermined by childish actions such as these.
I could see some point in publishing the company address and his corporate number. But publishing his personal contact details is reprehensible. Encouraging harrassment is not big, clever or funny.
Working for the (other) man