BBC Links Linux To MyDoom

minus_273 writes "It seems the BBC has a story on their front page titled 'Linux cyber-battle turns nasty', very specifically linking Linux users to the MyDoom virus. Some lines to note: 'If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source). So, it seems likely that the perpetrators of the MyDoom virus and its variants are internet vandals with a specific grudge.'"

Can't even get the details right

[rabbit994]

From the article:

It has attacked a company based in Utah called SCO, bringing down its website with a barrage of emails sent from countless computers into which the worm had been insinuated, unbeknownst to the users.

It was HTTP GET requests. Problem is most PHB listen to people like him but they can't even get the freaking details right on small shit like that. Yes they were probably hit bad with MyDoom email viruses but so my 6 user server. HTTP GET DDOS was targeted at them but that has been zero proof of a Linux Zealot targeting them. Let me know when you get evidence not just some speculation.

Read the article in full

[p_millipede]

Just after the quote given, the article goes on with:

There's no proof, of course, but it must be one of the theories at the top of any investigator's list.

So, the BBC aren't actually saying that Linux users are behind it. They're saying that it is a theory that many people give weight to!

This is the feedback I sent.

[Ndr_Amigo]

I would like to make a rather strong complaint regarding Stephen Evans's article "Linux cyber battle turns nasty", as featured as a front-page article on the 5th of Feburary.

This article is presented as a factual piece, not an opinion column, and draws patently incorrect conclusions. Whilst the MyDoom virus does indeed target SCO and (in it's -B varient) Microsoft, the main payload of this virus is a spam gateway.

As someone whos main source of income deeply involves computer security, I find it insulting that Mr. Evans has apparantly made no attempt to research the history of these forms of virii, nor has he apparantly contacted any reputable anti-virus company regarding it. Meanwhile he postulates claims such as "it [revenge] must be one of the theories at the top of any investigator's list", and "in the case of the MyDoom computer worm, the motivation seems clearer". I find it very bad reporting that these claims are made WITHOUT actually asking any of the investigators opinion of the virus. It is a widely expressed opinion (see 'references' at the end of this message) by these security professionals that the Denial of Service attack is the SECONDARY function of the virus, and not at all related to it's true purpose. A simple search on Google, let alone contacting even local London-based security firms such as mi2g, would easily prove how factually incorrect this article is. In fact, to be harsh, it is a downright lie against common knowledge and opinion.

It is current common understanding in the anti-virus community that this virus is indeed designed specifically to facilitate commercial spammers, and that the inbuilt Denial of Service attack against SCO and Microsoft are a secondary effect and not intended as part of the original design.

Current monitoring of activity through infected machines indicate that the spamming functionality appears to be used by a very organised group of individuals, indicating the virus was possibly contract-coded. Current belief holds that the Denial of Service payload was added by said contracted coder.

As such, I do not belief it fair, nor good reporting, to use a proproted factual article to attribute the secondary (and in my opinion far easily avoidable!) of the virus as it's "purpose". The secondary effects may indeed by the result of a Linux user seeking revenge, but is currently understood to be more of a diversion from the viruses demonstratable true intent. There is a long tradition of this type of 'smoke screen' in many viruses intended for commercial benefit, as Mr. Evans would no doubt have discovered if he had researched the article more instead of using it as a pure propeganda platform and drawing unconfirmed conclusions.

I request that the article either be re-labeled as an OPINION piece, removed, or an more factually correct article be posted.

References:
These other news sites, containing articles by researchers willing to do actual research, contain quotes from reputable security and virus research firms confirming the opinion above:

http://thewhir.com/marketwatch/myd012704.cfm
- Contains opinion by London-based firm mi2g

http://www.msnbc.msn.com/id/4113278/
- Contains quotes from researchers at well-known antivirus developer F-Secure and Symantec

http://www.ajc.com/business/content/business/0104/ 28worm.html
- Contains quotes from various other computer security researchers

Evans is a shill

[dipfan]

I'm not surprised to read that this piece was written by Stephen Evans, the BBC's North America correspondent. Evans has been for some time a shill on behalf of big business - anyone in Britain who has had to endure his relentlessly pro-MPAA and RIAA pieces will be aware of this.

Take for example this piece where Mr Evans comments: "Many students seem to think, apparently, that the internet is a law free zone." Oh yeah?