Slashdot Mirror
BBC Links Linux To MyDoom
minus_273 writes "It seems the BBC has a story on their front page titled 'Linux cyber-battle turns nasty', very specifically linking Linux users to the MyDoom virus. Some lines to note: 'If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source). So, it seems likely that the perpetrators of the MyDoom virus and its variants are internet vandals with a specific grudge.'"
That the BBC is being criticized worldwide for making unfounded claims.
who believe that code should be free to all
We just believe that GPL code should STAY free for all like it was when it was published under the GPL. I know such an idea could come only from a zealot... but hey....
Click 'feedback' at the bottom of the page, fill in the article URL, and explain why this really isn't on.
Keep it civil, folks, and with any luck we can get an apology or at least a retraction.
It has attacked a company based in Utah called SCO, bringing down its website with a barrage of emails sent from countless computers into which the worm had been insinuated, unbeknownst to the users.
It was HTTP GET requests. Problem is most PHB listen to people like him but they can't even get the freaking details right on small shit like that. Yes they were probably hit bad with MyDoom email viruses but so my 6 user server. HTTP GET DDOS was targeted at them but that has been zero proof of a Linux Zealot targeting them. Let me know when you get evidence not just some speculation.
As soon as I saw the story - Please, for the love of whichever god you happen to believe in and/or live in fear of, be polite and give them references - the guy that wrote this article is obviously living stateside and Darl must have corrupted him.
An infinite number of monkeys will eventually come up with the complete works of
There's not much one can do about stuff like this. The media wants a story, they'll be happy to distort reality in order to get one.
The most important thing is to let people know we don't approve of the actions taken by creators of these viree. Not by shouting about it, but telling people, calmly, whenever given the chance. Tell your neighbour's dog walker if he/she will listen.
Fortunately popular belief does not rule (most) legal systems.
.: Max Romantschuk
Don't they know what happens when you incur the wrath of linux users?
I am one of many. My idea is not unique, nor do I expect my voice alone to sway you. I speak in a chorus of opinion.
If the virus were written by Linux coders it woulndn't have failed so badly when it triggered. The poorly written code has to have been written by someone with intimite knowledge of poor coding skills and Microsoft vulnerabilities... Humm... Do I smell a disgruntled MS employee?
However, there's also the matter of a modus operandi. While the Linux community certainly doesn't like SCO or Microsoft, its members aren't particularly known for writing virus code. In fact, writing Windows virus code would probably require greater... intimacy with Windows than most users of other operating systems would ever want to have.
My guess is that it's either a rogue coder or a coder in the employ of somebody (spammers are "the usual suspects" for employing virus writers lately, but why attack Microsoft and SCO, then?) who's probably using, and used to coding for, Windows. That's far more logical.
there are two elements of understanding any issue in the news
there is an informed, fair and balanced view
then there is the 15 second layman appraisal from viewing bits of media coverage
clearly, mydoom is an attack by linux zealots in the mind of the average layman
clearly, the truth is linux advocates are horrified at what this script kiddie has done
however, the court of public opinion is 99% of the population and the court of computer scientists is 1% of the population
if we have learned anything about wmd and iraq, the court of public opion matters alot, while the microscopic court of the informed matters very little
so what is mydoom all about? angry linux zealots
scream about how it is not so on slashdot, the turth is mydoom is the work of script kiddies, we all know that, but you are preaching to the choir
in the court of public opinion what mydoom is is very clear, and the informed on the issue can do very little about it
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
MoFscker
Here's what immediately follows that last quote...
So, it seems likely that the perpetrators of the MyDoom virus and its variants are internet vandals with a specific grudge. SCO is the big, bad company that violates one of their sacred principles, as they would see it.
There's no proof, of course, but it must be one of the theories at the top of any investigator's list.
And this is from a organization which allegedly deals in "news" ?
<grrr>
A new version of MyDoom has been found that is targetting bbc.co.uk
I would argue that this violent reactionism is one sign that OSS is on the verge of mainstream acceptance. Throughout history, as new ideas have supplanted older, closely held ones, the group that holds fast to those practices and principles becomes more and more marginalized and reacts by lashing out viciously. Could this be the case here? I think it is. Hopefully these opposing voices will continue to get smaller and more violent, alienating even more people from their cause. Besides, who can argue with free publicity?
Also, I, being a 'run-of-the-mill geek', am quite flattered that I now have the ability to gleefully (and apparently psychotically) 'wreak damage' on people's computers. Guess I picked that up and didn't even realize...
[BBC: "Deep in the darkness of the psyche, vandals and arsonists no doubt have their reasons - and so, presumably, do the run-of-the-mill geeks who wreak damage on the unsuspecting computer user."]
So, the BBC aren't actually saying that Linux users are behind it. They're saying that it is a theory that many people give weight to!
"For good measure, SCO is seeking at least a billion dollars from IBM....
SCO is the big, bad company that violates one of their sacred principles, as they would see it."
I don't think this article sees very much of the issue. Why didn't they do a more serious analysis of SCO and the fact that many top executives are dumping stock? Why didn't they look at it from a legal standpoint focusing on the etymology of the code supposedly in question? Why didn't they point out keenly that SCO has not produced any real evidence?
Regardless of what side you're on, you have to look at these things. These facts at least are concrete, vs. the complete lack of evidence specifically implicating a linux user as the author of MyDoom. For all we know, it could be SCO spreading FUD over linux and painting themselves as the victim when they in fact are responsible. We don't know now, do we?
http://news.bbc.co.uk/1/hi/help/3281777.stm
The bbc accepts feedback on stories. It is worth letting them know that there is no evidence to suggest the involvement of members of the linux community, they may be involved or they may be a handy group to frame. If this wasn't 'scary computers viruses' the media would be be more sceptical of the obvious conclusion.
0daymeme.com: Great stuff.
I have linked MyDoom to SCO and Microsoft as well.
I have also linked Saddam Hussein to Iraq and the BBC to Great Britain.
I am very good at linking.
Since there is no source code published under the GPL yet I don't believe that Mydoom was created by Linux programmers. It looks more like a closed source work.
Not a troll, but try to remember the inverse of the statement "All Linux Users are responsible for the MyDoom virus" is not "No Linux User is responsible for the MyDoom virus". The validity of the statement "The MyDoom virus author is a Linux User" is not verified -- but drawing any sort of Universal conclusion (affirmatively or negatively) is not valid reasoning.
slashdot is not a news organization, despite its byline. There are no crack investigative journalists working for slashdot and no one pretends that there are. The BBC is a widely respected news source accorded respect by its viewers/listeners, who will tend to accept its pronouncements based on its reputation (recently tarnished anyway) for journalistic integrity. They have a responsibility to check their facts and not spin conspiracy theories for the heck of it.
Reality of course is different.
The Mongrel Dogs Who Teach
I'm a little confused. The BBC website has this in the news section. Now I've always understood news to be the (hopefully) unbiased reporting of facts. The "article" seems little more than the rambling musings of someone who clearly doesn't understand the situation at all - which ordinarily would put it under "editorials".
This sort of baseless conjecture should always be clearly marked as such. To pass this off as "news" smacks of the kind of wild sensationalism the BBC is world famous for.
"And then I visited Wikipedia
/. is not a news site. We are not journalists. We are not paid to give an informative unbaised opinion. The BBC however are,we (brits) pay them to give us the facts, the truth.
Bill Thompson (BBC Technology Guy) spins conspiricy stories that suit /. frequently... they generally appear on the front page and are applauded by the posting community.
Over at Userfriendly.org
0 5
http://ars.userfriendly.org/cartoons/?id=200402
The unfounded and baseless claims about Microsoft on Slashdot get written by *users*. This is a not a media site but the comments page of one! An official website of the BBC is just a little bit higher up on the "I trust this for my information" ladder than random, anonymous user comments!!!
A deep unwavering belief is a sure sign you're missing something...
There are no crack investigative journalists working for slashdot
There are, however, "investigative" journalists on crack working for slashdot.
MYDOOM found on MOON
A group of internet "Hackers" have discovered that the MyDoom Virus was, conceived, compiled and unleashed from a small crater, just five minutes walk from the Tyco Monolith!
Well, it's just as believable...
I've never shoed a horse, but I once told a donkey to piss off!
As a linux "devotee" (as your article would have it), I feel your article misrepresents the sentiment of the vast majority of the Linux community on the matter of the MyDoom virus.
While it is true that the Linux community in general despise SCO for their actions, it is not a widely-held opinion that the illegal and destructive actions of the MyDoom author are justified, as your article tries to suggest. Rather, the Linux community would prefer to see SCO challenged and beaten in a court of law, as their tactics are based on intimidation and assertion without evidence to back up their claims.
The fact that one maladjusted virus-author, seeking an outlet for his destructive actions, has picked SCO as a target which he, erroneously, assumes will generate him respect from "geeks" does not imply that the majority support his actions.
Your article, while paying lip-service to the fact that "There's no proof, of course, but it must be one of the theories at the top of any investigator's list", tries to paint the Linux community with a broad brush as unprincipled "hackers", which is, in reality, far from the truth.
You are not doing the BBC's reputation as an unbiased reporter of news any good. I expect better from the BBC.
Note the "Business" part. The guy has absolutley zero techno savvy and is just parroting the most juicy rumours.
Although, after the Hutton reporty, I am suprised that the BBC would let him get away with statements such as "There's no proof, of course". But I guess as Linux users aren't a particularly organised bunch the BBC feels it can get away with shoddy journalism and unsupported inuendo in this case.
----------------------------------- My Other Sig Is Hilarious -----------------------------------
I am writing concerning the article written by Stephen Evans entitled 'Linux cyber-battle turns nasty.'
While I agree with the author that the MyDoom virus is a sophisticated way of attacking companies, I find that his links to any 'preservation [of] the open-source Linux operating system' to be rather lacking (if not downright non-existant.
Let's get facts straight first:
Sco is not seeking at least 1 Billion dollars. Initially this was true, but it has increased its litigation to 3 Billion dollars.
There is no court case between linux users and SCO. The court case is between SCO and IBM. The actual litigation is to decide whether IBM breached their contract with SCO and allowed SCO code into the Linux Source Tree.
Now let's look at his theory that should be 'at the top of any investigator's list'.
A grudged Linux user writes a virus to attack a company that is attacking the very foundation of his/her own business...Linux.
I concur that this is a possible reasoning, especially in the mindset of SCO and any other corporate software (especially Operating Systems) makers. To enforce this idea, let's look at SCO claiming that the GPL (General Public License) is unconstituional:
http://www.technewsworld.com/perl/story/31975.html
Bear in mind that we know that SCO refuses to allow us access (albeit under a re-inforced Non-disclosure agreement that prevents us from working on linux afterwards) to the code that they are complaining about. Also remember that SCO wasn't always SCO. In fact it was Caldera (a linux distributor) and that original SCO is now Tarantula (spelling???).
Now, how about this for a theory:
SCO knows that they're attacking Linux users. They know that their site is currently redundant. They realise they can black the name of all Linux users quite easily by attacking themselves. After which, they can claim, possibly, that Linux users are terrorists against the proper functioning or corporate America and therefore should be prevented from distribution and/or continuation. Considering Miscrosoft is the biggest contributor to SCO currently this would not be too far from reality, especially considering that Microsoft have already been found guilty of law in California. If they can abuse their monopoly in one way it is only natural that they could do it in another. They also have the perfect access to their code that allows them to exploit their opertating systems.
Now, this is also a theory based on 'non-facts' but just as valid a one. Print it, if you so wish because it is just as valid as the above mentioned article.
So my complaint is that while it is all well and good to print articles based on non-facts, please look at the whole range of possibilities rather than just the one that, unsurprisingly, supports the corporations.
Yours sincerely,
When all is said and done, nothing changes...
Wow, what an article, it brings journalistic research and factual accuracy to new lows with some baseless assertions thrown in for good measure. I thought the BBC just got spanked over poor journalism.
Factual Errors:-
1. "bringing down its website with a barrage of emails"
The MyDoom virus used a barrage of HTTP requests to bring the www.sco.com website down. Websites and mail systems are different, they use different protocols, ports and servers. The virus spread by email, it *did not* use email to perform a DDOS on www.sco.com.
2. "Two years ago, SCO claimed that it owned more than 800,000 lines of the system which had always been available for free and to anyone since its invention in 1991."
This is actually a few errors in one, bravo!
"Two years ago" - This is incorrect, SCO first claimed that Linux contained improperly contributed Unix code in early 2003, this is not two years ago! At that time it did not claim "more than 800,000 lines" that came later.
"...claimed 800,000" - SCO expanded its PR claims in mid 2003 to include the "more than 800,000 lines" quote. This is only 6-7 months ago, not two years ago.
"since 1991" - SCO has claimed that contributions to the Linux kernel post v2.4 impinge on its rights - this is not the code from 1991. It has not yet claimed rights to any of the 1991 code!
3. "On top of that, SCO has sued IBM, accusing it of using SCO property because it too uses Linux."
SCO has sued IBM over a contract dispute, it has not sued IBM because it uses Linux! SCO has claimed that IBM has used Unix methods and trade secrets improperly in its contributions to Linux (SCO claims it is a succesor in interest to Unix copyrights, methods and trade secrets which Novell sold to Tarantella - this is also in dispute).
4. "Despite the law-suits against users by SCO,"
SCO has not sued any Linux users. It has sued IBM, it has been counter sued by IBM, Red Hat has sued SCO, SCO has sued Novell. At no time has SCO sued a Linux user.
5. "Meanwhile the court dispute between SCO and Linux users (rather than the cyberspace war between SCO and the hackers) is scheduled for next year in a court in Utah."
There is no court dispute between SCO and Linux users (see above).
So most of the article is factually incorrect, and then he casts baseless assertions with a follow up disclaimer.
"There seems little doubt that SCO was targeted - illegally and unacceptably, lest anyone be in any doubt - because it has enraged many people devoted to the Linux operating system"
"There's no proof, of course, but it must be one of the theories at the top of any investigator's list."
What sort of journalism is this? This should be in a crappy tabloid not a government owned and respected news service.
>> The BBC write biased pro Linux stories, nobody here attacks them when they do, they applaud them.
This is NOT just a biased story. This is actually equating a community with criminals without any proof or fact to back up. Its far more serious than just being biased in one's opinion. I dont think many slashdotter would applaud when somebody is unjustifiably treated as criminals.
http://www.nasirudheen.blogspot/
If you don't like their reporting, use the feedback form:m
http://news.bbc.co.uk/2/hi/help/3281777.st
"Linux cyber-battle turns nasty"
Is your reporter Stephen Evans aware that MyDoom is a virus that is perpetrated by MS Windows machines? Meaning the virus was written to run ON windows BY a windows programmer...
Could Mr. Evans please next time indicate where on earth he finds the factual evidence to support his amazing theory that mydoom is the "wrath of internet zealots who believe that code should be free to all", or are we now to believe the BBC supports baseless ranting against a group as diverse as those who support open source software? Couldn't it easily have been caused by disgruntled shareholders, maglignant ex employees or al quaeda for that matter?
Thank god you didn't have a luminary such as Mr. Evans sexing up Iraqi WMD stories.
Of those to whom much is given, much is required.
I don't think you can really justify pathetic journalism because of a few funny jibes on slashdot. SCO is trying to commandeer the work of others. Why shouldn't people make fun of them and hope them harm? Its not like they haven't tried their hardest to piss people off.
If ill informed idiots in the press choose to write articles riddled with errors and specious claims, that is their problem. They'll get their "facts" from somewhere else, at least funny comments on slashdot are entertaining to lots of people - more power to someonehasmyname, Anonymous Coward and Geek of Tech - love your work guys.
Sadly this will get modded to Troll.
I can't count the number of times I've wished for a "(-1, Martyr)" moderation option.
TheFrood
If you say "I'll probably get modded down for this..." then I will mod you down.
You might be interested in another UK news outlet's take on the story, here.
The BBC, although trusted and mostly accurate, is becoming more and more tabloidy. Just look at how many of their main stories are 'in quotes like this'; a sure sign they are reporting second hand news, press releases and suppositions.
The Guardian has always offered a fairly good view of issues, and I would happily recommend it to those in the US who are keen for an outsider's view of the US.
The Slashdot Paradox: "100% Overrated"
Trolling using another account since 2005.
I have never seen claims like "Windows is a cancer" or "Windows is illegal" or "Windows threatens our way of life" here.
Linux cyber-battle turns nasty
By Stephen Evans
BBC North America Business Correspondent
The MyDoom virus has triggered a new wave of attacks from lazy business journalists. It is also looks like a new front [sic] in a war waged by those who want to argue from facts and those who just make up anything that comes into their heads.
It's usually no easier to fathom the motives of virus creators than it is of any other perpetrator of damage for damage's sake. But I'm going to be clever and subtly equate their motives with normal geeks in the first paragraph just to prepare the ground for you. There - done.
In the case of the MyDoom computer worm, the motivation seems clearer. This is a good point and I'll ignore the alarm bells it rings, since I've just said how most virus writers' work is baffling to explain. Then I'll introduce SCO as the victim and assert that the perpetrator was someone devoted to the Linux operating system.
The a quick paragraph on the history of the case which gets almost all major facts wrong followed by an entire section drawn on the very shaky premise that it must have been a geek Linux internet zealot who believes that code should be free to all. A few pointed jabs at Linux users later and I'll quickly admit that there is no proof of any of this, but that my (and of course your) conclusions should be clear.
My conclusion is just as lazy. A nice section of speculation and poor research to finish off - with all the usual trigger phrases like "experts are pondering", "possibility", "might", and "internet blackmail."
By now you can guess that I am an utter moron, with no more qualifications to be a business correspondent than a piece of cheese.
--- Hot Shot City is particularly good.
I had the page loaded in the browser and blindly reloaded the page (not sure why), something changed!
I'm not sure how much changed but the line you quoted is now
The MyDoom virus has triggered a new wave of attacks on company websites.
Apparently, it was last updated 10 hours ago, which is wrong by about 9 hours.
The attack also raises the possibility of internet blackmail, with companies threatened by individuals or even an individual who might be anywhere.
Say what now?
BB
Windows is a cancer and the EU found it illegal. Cancer theatens life. Windows therefore threatens our way of life. Oh dear... why do people write "I've never seen a comment on /. claiming X" :)
Rich
Dear Sir Or Madam
As a license payer, I have always been happy that the BBC, to the best of its ability, maintains a high quality, unbiased news service.
However, as a Linux user, I am thoroughly appalled at the comments made by Stephen Evans in his article "Linux cyber-battle turns nasty" (URL below).
Mr Evans seems to imply that anyone who chooses to maintain his right to open Internet protocols and open data standards by using the free Linux operating system is, in fact, a malicious criminal.
While I accept that there are possibly a very small percentage of "cracker" activists within the Linux community who might be extreme enough to launch DDoS (Distributed Denial Of Service) attacks against SCO and Microsoft via the MyDoom virus, Mr Evans has demonstrated how little he knows about the topic he has chosen to discuss in his article.
Firstly, writing a virus is no easy task and an irresponsible programmer that chooses to create a new virus needs to have a very deep understanding of the inherent weaknesses in the application or operating system that the virus is intended to propagate through. Since the MyDoom virus spreads via Microsoft Windows & Outlook, it is therefore safe to assume that the creator is an expert Windows programmer.
Secondly, the Linux community is made of knowledgeable computer users who have chosen to use a free operating system rather than the majority choice, Microsoft Windows. Each member of the community has his/her own reasons for making this choice but, essentially, those reasons are encompassed in the following list:
1) Microsoft and other commercial vendors have quite clearly demonstrated support for a rental license model for their software such that, in future, their userbase will be forced to make regular payments to those vendors for continued use of their operating systems and applications.
The Open Source movement, which incorporates Linux as one of its "flagship" products (others being free Unix-type operating systems of the BSD family) believes that software can be created freely and handed out to the community to use and improve freely. This movement has grown despite Microsoft and continues to do so, thus demonstrating there is no need to wage some (non-existent) "war" against commercial software vendors.
2) Some commercial hardware and software vendors (including Intel and Microsoft) are keen to implement DRM (Digital Rights Management) technologies in their existing and future platforms. The purpose of DRM is to create hardware and operating system combination platforms that "decide" whether or not a particular application or piece of data can be run or used on that platform. These vendors have chosen to do this not for any concerns of security of their users but because this allows them to license this technology, at cost, to other vendors and their userbase while, at the same time, allowing them to cover up security weaknesses in their own products. The only people that will lose out with DRM are the users who will find that they no longer have the "fair use" of music CDs, DVDs and software that they previously enjoyed to create MP3s/MPEGs of CDs/DVDs they own for portable players, personal backups, etc.
The Linux community defends the right of any commercial enterprise to combat piracy and loss of revenue but not through DRM technologies that restrict the basic rights of all users, not just the criminals, from having fair use of products they legitimately own. Linux will never support DRM technology and Linux users can therefore guarantee themselves a future whereby they maintain responsibility for their dats, not some commercial enterprise.
3) Virus attacks via Microsoft Windows are reported in the media on a weekly basis yet I do not recall a Linux virus ever gaining media attention.
Whilst I would not define Linux as totally secure, the open source model and regular peer code review of open source applications means that security bugs are detected & fixed very quickly. Added to this tha
Gentoo Linux - another day, another USE flag.
That's because it's Slashdot - note a forward slash then a dot. If it was a Microsoft-biased site it would be \. - Backslashdot.org. Slashdot is shamelessly biased towards *nix style operating systems - the title says it all. If you're expecting fair and balanced reporting on Windows issues, well, there's plenty of other websites you can go to instead.
Oolite: Elite-like game. For Mac, Linux and Windows
- SCO website down - does it hurt their business? I guess not much, however, it does give them good publicity - that of a victim; Link #1 for Linux (Linuxoid SCO haters).
- Microsoft website targeted but not down -- good publicity for Microsoft; Link #2 for Linux (Linuxoid MS haters).
- Millions of losses and aggravated users - extremely bad publicity for the virus and people associated with it, of course;
So, the net effect of the virus has certainly hurt the reputation of Linux/OpSrc world, because its targets can try to link the virus to L/OS by its choice of targets.Based on the current knowledge of the virus and the above, I would say there are 3 basic motivations for the virus creator(s):
- Spammers testing their tools, as indicated in the above
/. comments. In that case SCO/MS attack would simply be a way to have publicity for checking to see how their virus is doing.
- A zealot trying to hurt SCO/MS. In that case he was very dumb -- of course it is not impossible though, so we can't rule this possibility out.
- It was a publicity stunt by Microsoft. Could be linked to first motivation too. Note that the net effect of the virus for Microsoft has been beneficial PR wise. After all, their systems withstood the attack -- never mind it was said that the attack on MS was much weaker.
Noting also that the virus creator has had considerable Windows programming skills (which is not the experience generally associated with OpenSource programmers), I believe that the 3d motivation is not entirely impossible either. Especially if it was linked with first.Bill Thompson takes pot shots at what ever's current, and doesn't hesatate to start a raveing debate on his blog about it afterwoulds if you're so inclined.
/. croud, he just say's what he thinks.
And he isn't anymore pro linux than pro windows (actually, on average, quite a bit less). But so far I've only found one of his articles that couldn't be backed up, and he clarified his position alot later on the 'BillBlog' (linked to from his articles).
He's also one of the few BBC journalists who links to his e-mail address from his storys.
So no, Bill hasn't sided with the
Ask 8 slackers a question, get 10 awnsers (a citation, but I can't remember from who)
It only takes *one* person out of millions of developers to write a destructive virus.
The article, however, paints a picture of an organised effort by the "open source community", despite the fact that *all* the leaders of said community have come out to condemn the virus, indeed pointing out that it would damage the community through stories such as this. I'll look forward to the articles on how "the entire Muslim world" is at war with the west; how the Republic of Ireland has once again, and with a single mind, bombed London.
I think the story can best be summed up in it's own words: "There's no proof, of course".
I dont know about the new york times, but the BBC has a world wide reputation for unbiased news reporting. The fact that both the Chairman and Chief Executive both resigned because of a couple of unverifiable sentances that turned out to be wrong uttered by Andrew Gilligan tends to suggest that they take this seriously. I can assure you that your jibe will be recognised as the result of small minded childishness by most readers.
Facts are history now plebs have politics for religion on social media.
While this is not a clear indication that the spammers sent Mydoom and other viri around the same time, it is mighty curious.
A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
That fact seems to have escaped a lot of the posters so far.
Sure, it was riddled with inconsistancies and I'm by no means excusing the author but don't criticise the beeb, criticise the author of this piece of editorial.
I would like to make a rather strong complaint regarding Stephen Evans's article "Linux cyber battle turns nasty", as featured as a front-page article on the 5th of Feburary.
/ 28worm.html
This article is presented as a factual piece, not an opinion column, and draws patently incorrect conclusions. Whilst the MyDoom virus does indeed target SCO and (in it's -B varient) Microsoft, the main payload of this virus is a spam gateway.
As someone whos main source of income deeply involves computer security, I find it insulting that Mr. Evans has apparantly made no attempt to research the history of these forms of virii, nor has he apparantly contacted any reputable anti-virus company regarding it. Meanwhile he postulates claims such as "it [revenge] must be one of the theories at the top of any investigator's list", and "in the case of the MyDoom computer worm, the motivation seems clearer". I find it very bad reporting that these claims are made WITHOUT actually asking any of the investigators opinion of the virus. It is a widely expressed opinion (see 'references' at the end of this message) by these security professionals that the Denial of Service attack is the SECONDARY function of the virus, and not at all related to it's true purpose. A simple search on Google, let alone contacting even local London-based security firms such as mi2g, would easily prove how factually incorrect this article is. In fact, to be harsh, it is a downright lie against common knowledge and opinion.
It is current common understanding in the anti-virus community that this virus is indeed designed specifically to facilitate commercial spammers, and that the inbuilt Denial of Service attack against SCO and Microsoft are a secondary effect and not intended as part of the original design.
Current monitoring of activity through infected machines indicate that the spamming functionality appears to be used by a very organised group of individuals, indicating the virus was possibly contract-coded. Current belief holds that the Denial of Service payload was added by said contracted coder.
As such, I do not belief it fair, nor good reporting, to use a proproted factual article to attribute the secondary (and in my opinion far easily avoidable!) of the virus as it's "purpose". The secondary effects may indeed by the result of a Linux user seeking revenge, but is currently understood to be more of a diversion from the viruses demonstratable true intent. There is a long tradition of this type of 'smoke screen' in many viruses intended for commercial benefit, as Mr. Evans would no doubt have discovered if he had researched the article more instead of using it as a pure propeganda platform and drawing unconfirmed conclusions.
I request that the article either be re-labeled as an OPINION piece, removed, or an more factually correct article be posted.
References:
These other news sites, containing articles by researchers willing to do actual research, contain quotes from reputable security and virus research firms confirming the opinion above:
http://thewhir.com/marketwatch/myd012704.cfm
- Contains opinion by London-based firm mi2g
http://www.msnbc.msn.com/id/4113278/
- Contains quotes from researchers at well-known antivirus developer F-Secure and Symantec
http://www.ajc.com/business/content/business/0104
- Contains quotes from various other computer security researchers
I'm not surprised to read that this piece was written by Stephen Evans, the BBC's North America correspondent. Evans has been for some time a shill on behalf of big business - anyone in Britain who has had to endure his relentlessly pro-MPAA and RIAA pieces will be aware of this.
Take for example this piece where Mr Evans comments: "Many students seem to think, apparently, that the internet is a law free zone." Oh yeah?
>>
/.
If you don't want viruses to spread, don't...
Viruses don't appear spontaneously. They are spread, not created, by bad security. Someone has to write them and release them That's where to aim your wrath. Otherwise, you're blaming a shooting victim for not wearing a protective vest.
All the BBC commentary (it isn't a news report) did was to make the rather obvious connection between a DoS attack on SCO and the more rabid zealots in the Linux community. This possibility occurred to everyone about 5 minutes after the story broke. Certainly, threats to DoS SCO are not uncommon here on
Association of Linux and viruses in the public eye will spell its end.
-- Slashdot: When Public Access TV Says "No"
There. I filled out the BBC News feedback form to let them know their columnist needs some adjusting:
http://news.bbc.co.uk/2/hi/help/3281777.stm
[my feedback to BBC news]
I have just finished reading the article on your website which is entitled "Linux cyber-battle turns nasty", written by Stephen Evans. I am perplexed at the biased content of this article.
The writer of the article has applied the actions of a (possibly) single individual to an entire group of people. I don't see how that is fair, or responsible reporting. As a Linux user, this article has now portrayed me as fraudulent, unprincipled, and deceitful.
I should note also that the content of this article paints the BBC News with the same fraudulent, unprincipled and deceitful brush that Stephan has attempted to paint the Linux community with. It is cheap and irresponsible reporting.
boycott slashdot February 10th - 17th check out: altSlashdot.org
Unfortunately, while not coming from the main stream OSS community, acts like the MyDoom virus or publishing Darl McBride's phone number on slashdot slander the OSS movement. It just looks bad. It's also not right.
Whatever you think of Darl McBride and SCO, they are proceeding down a *legal* path of action. Sure, it's irritating, and the claims are as unsettling as much as they appear patently false, but it is the standard form of dispute resolution that we have set up in this country.
Stepping outside of the standard approach to engage in personal, vicious, and sometimes illegal attacks is simply not right. It also leads to the whole OSS movement being tarred with a brush of hot-headedness.
The OSS movement should loudly disavow activities such as MyDoom and publishing McBride's home address. Slashdot moderators should mod down laughing comments about how inconvenienced Mr. McBride is. OSS notables should emphasize the positive nature of the community.
This is all happening to some extent, but needs to continue in a stepped up fashion without cease.
The text of my letter:
I take issue with the broad association between the linux community and the childish and destructive internet worm myDoom made in the article by Stephen Evans titled "Linux cyber-battle turns nasty".
As a long time linux user and advocate I want to point out that while the worm writer may also turn out to be a linux zealot it is important to note that linux users in general condem the destructive impulse that causes someone to write a virus as much as the next person. What causes someone to become enamored with Linux and open source software in general is at it's core the constructive impulse to admire and improve on something that was built by many hands and works extrordinarily well.
It is true that we are almost all disgusted by the shameless and groundless way that SCO is attempting to profit from the sweat of thousands of volunteer programmers. If you look at what SCO is doing you will see that they are claiming as their own and attempting to charge for code that was written in the worlds most open and transparent development process by thousands of individual developers and users who added a bug report here and a line of code there. The community quite rightly has a collective feeling of ownership for the work that we have donated our time to assemble and are indignant to have an insignificant company attempt to steal from us.
We are offended -- but we don't feel the need to express ourselves through vandalism. I know that I speak for the vast majority when I say that I am confident that once SCO stops bluffing and stalling and finally lays down whatever cards they have it will all prove to be a huge farce. The only ones who will have suffered will be those who were taken in by the SCO's executives pathetic stock-pumping ploy and bought the overvalued stock of a failed tech company with nothing to it's name but a pack of ambitious lawyers.
...the same BBC that helped drive a man to suicide with their ill sourced, inaccurate, ill founded, politically motivated claims?
The same BBC that has in recent years showed a steady decline of journalistic integrity?
The same BBC that has had a string of resignations at high levels because of the fallout for such things?
I never would have guessed....
2) On the WEB, the top of the page, does not clearly state, "OPIONION" or "EDITORIAL" - but the author, Stephen Evans, is an editorial columnist.
Thus our complains will go to the bit-bucket, and those whom are mis-led to believe that Linux Zealots are responsible, will have no way of knowing the difference between a news story, and an editorial column.
Great comments. Unfortunately, you made at least one error in punctuation and one error in spelling, just from my quick reading. I hate to be pedantic, but in this case and others it is worthwhile. Note to the community: When you write to the media, your audience is journalism/English majors who live in fear of the editor. They will pick out your stray incorrect use of its/it's and the occasional spelling/dyslexic typo, because those will stand out like beacons to them - like a clumsy line of code would stand out to you. So use spellcheck and reread what you have written carefully before hitting submit. In the end, your submission will carry more weight.
If Slashdot were chemistry it would look like this:Cadaverine
That journalists are pedophiles.
One bad turn deserves another.
-Peter
Dear Sir
Thanks for your e-mail.
I have noted the points you made - as well as the vigorous debate on Slashdot.org about this article.
Well, Stephen Evan's weekly "stateside" column is not a news story, but an analytical look at major events and business trends in the United States.
It is, of course, debatable whether MyDoom/Novarg/Shimgapi was written just to bring down the SCO website, or whether the installation of spamming tools on numerous computers was an additional - or even the main - motive.
That was not the point of Stephen's article.
In his piece he wanted to draw the attention of BBC News Online's audience - many of whom are unlikely to know the ins and outs of the Open Source debate - to the rapid spread of Linux as a commercial application, SCO's attempts to cash in on this fact, and the deep anger that SCO has caused within the Linux community through its legal actions.
Stephen is not the first to draw the link between MyDoom and SCO's actions over Linux - plenty of others have done that before, including virus experts.
Regards,
Tim Weber
Business Editor
BBC News Interactive - www.bbc.co.uk/businessnews
"It seems the BBC has a story on their front page titled 'Linux cyber-battle turns nasty', very specifically linking Linux users to the MyDoom virus. Some lines to note: 'If anyone's anger has no measure, it is the wrath of internet zealots who believe that code should be free to all (open source).
:)
If it really were a bunch of Linux/Open Source zealots, they'd have shared the MyDoom source code.
/*drunk.. fix later*/
It is my perception that many people who use and advocate Linux are also in favor of eliminating spam. It's perhaps one of the major reasons they prefer Linux. We know that virus/trojan horse/worm writers prefer to attack Windows-based systems because of the multitude of security holes it has.
What's happening with the MyDoom trojan sounds like spammers are trying to use the attacks against SCO and Microsoft (and maybe more targets) as a diversion for what they really want to do: send spam and discredit the groups that seek to eliminate spam. In their perception, Linux and the anti-spam movement are closely related. Discrediting one side of the pairing will eventually weaken the other.
Ask yourself this: If SCO wins and starts charging $699.00 per copy for Linux, what's the average user of Linux going to do? Probably switch to a Microsoft product and give spammers another system to use for a DDOE (Distributed Denial of E-mail) zombie.
If "disco" means "I learn" in Latin, does "discothèque" mean "I learn technology"?
When I was in grade school I left a note on the teacher's desk that said "Randy is dumb, from Bill". The teacher was so stupid that Bill got paddled for it. (I'm not Bill).
This writer is as stupid as that teacher was. Believing the obvious is easy. Thinking is the hard part.
--Guns don't kill people, abortion clinics kill people.
When I got home from work I sent the BBC the following complaint:
At a time when the is reeling from the aftermath of the Hutton report, and needs to demonstrate its journalistic and editorial integrity how does one of the most scurrilous and dishonest reports I have ever had the misfortune to read come to be published on the BBC's website. I refer to Stephen Evans's piece entitled "Linux cyber-battle turns nasty". This one sided and nasty piece of polemic is a far cry from the type of objective comment that should be expected from a BBC correspondent.
Firstly I would object to the way that Mr. Stephens denigrates and stereotypes computer programmers. In his third paragraph he states:
"Deep in the darkness of the psyche, vandals and arsonists no doubt have their reasons - and so, presumably, do the run-of-the-mill geeks who wreak damage on the unsuspecting computer user."
The run of the mill geek is the person who writes the software and maintains the systems upon which computer user depends. It is the run of the mill geek who has to clear up the mess created by the individuals who write and propagate trojans such as MyDoom. If Mr. Evans had the gumption to research his piece he would have known this, all he would have had to do is talk to a few of the technical support staff at the BBC. He would have found that the average geek detests such behaviour, and is heartily sick of dealing with the mess created by it.
While it is true that the creators of such malicious code are geeks is does not follow that the run of the mill geek creates such destruction. Vandals and arsonists are members of the public but they are hardly representative of the average member of the public. Mr. Evans is a journalist but I would hope and expect that the run of the mill journalist shows more integrity than Mr. Evans.
The article goes on to claim that the motive for 'seems clear', I wish that I had Mr. Evans powers of divination. It is certainly possible that MyDoom was created by a misguided proponent of the Free Software movement, but there are two other equally plausible theories. MyDoom also carries a payload that allows it to be used by spammers to use infected machines as gateways for unsolicited bulk email, and has been linked to Russian spammers. It also neatly coincides with SCO's Darl McBride's agenda of demonising the creators and advocates of fee software as a criminal and 'unamerican' threat to the right to profit. An agenda which lazy and biased reports like that Mr. Evans parrot.
Until those responsible for MyDoom are caught their motives can only remain a matter for speculation, and any objective reporter should not favour any one plausible theory over another.
The article goes on to portray open source advocates as zealots and extremists, Mr. Evans is entitled to this viewpoint, but he should not allow it to colour his reporting. Nor should he allow it to stand in the way of his reporting of facts the contempt for SCO is not because of it being a 'big bad company' it is because SCO has demanded money from other companies, and individuals, for property it claims without providing any evidence to back up these claims. It appears to many that SCO's actions amount to little more than an attempt at extortion. There is already a court order in Germany prohibiting SCO from making such demands until such time that they can prove ownership of the code in question.
Mr. Evans finishes his article by raising the specter of individuals blackmailing companies through denial of service attacks. Such blackmail is already part of the internet experience for millions of ordinary computer users. They are subjected to a barrage of pop-ad's for software to block these self same pop-ups (http://news.com.com/2100-1023-975298.html?tag=prn tfr). Unfortunately because these attacks are made by companies on individuals the legal authorities seem to be blind to the criminality of such behaviour. The problem of internet blackmail is a real one and it precede