The World of Virus Writers

No_Weak_Heart writes "Looking for a little weekend reading? You might try the cover story from this week's NY Times Magazine. It's titled The Virus Underground, and it takes a look at the world of malware scripters, virus writers and worm designers."

Losers

[BWJones]

it takes a look at the world of malware scripters, virus writers and worm designers.

I guess my initial reaction was fsck 'em. Fsck 'em all. However, it could be suggested that they have made corporations and governments aware of many intrinsic insecurities in certain popular operating systems which may have prevented some larger potential catastrophe. The problem for these guys, is that we will never know and they will continue to be reviled and hated as losers. (That is unless they are talented enough to score a job with Symantec, the NSA or some other organization dealing with comp. security.)

Re:Losers

[Rand+Al'Thor]

That may be a side effect in very few cases, but for the most part I think it's safe to say there is no redeeming factor to any virus or its author.

Re:Losers

[Dukael_Mikakis]

It's true that virus writers are malevalent and don't have pure intentions when hacking their scripts and all, but in a general sense, where would our security be without virus writers?

If you consider computer security like the human immune system, then perhaps it may be seen that these people (while malicious) allow security to keep up with that hacks that can be done. If you kept a person in a bubble for twenty years and then promptly released him into the dirty, disease-ridden world he'd likely get sick and potentially die pretty quickly, as his body has no capacity to survive the world. However, with immunizations (i.e. intentional delivery of malicious agents in small doses, possibly on some schedule) and just general exposure to the germs in the world, most people have no problem surviving this world. Yes, MyDoom, and Trojans, and all the other viruses are more than nuisances and they cost people time, money, data, and other things, but these are in relatively small doses. If we had been in a bubble free of viruses for all this time, then whenever we're released into the "real world", anybody could take advantage of all these exploits (open sockets, DDoS, back doors, etc.) at once and perhaps bring the whole infrastructure down.

It's the fact that virus writers are always developing viruses and releasing them that allows us to fix these problems individually, on a manageable time-scale. If they wanted to do some damage, maybe they should withhold all their viruses and unleash them all at once to cripple everything so much more.

Re:Losers

[BWJones]

If you consider computer security like the human immune system, then perhaps it may be seen that these people (while malicious) allow security to keep up with that hacks that can be done.

If you make the biological systems analogy, you will also have to acknowledge that a diverse operating system ecosystem is critical to the health and well being of things, especially as the Internet becomes more widely available. We need Linux, IRIX, Solaris, Windows, OS X and embedded OS's to maintain the health of things.

Re:Losers

[BWJones]

What confounds me is that there hasn't been a major virus with a real nasty payload, say a virus that spreads like MyDoom, but after sending itself out to all the email contacts found, it proceeds to nuke the drive by writing random junk through it all (preventing any way of recovering the data).

Like really virulent biological virii, computer virii that work this way will limit the extent to which they can spread......unless of course.......they work out slightly more sophisticated methods of damage, or they delay the damage for a period of time before "expressing" themselves.

Re:Losers

Well, if you consider the analogy of disease/immunity, you could try to make the argument that humans would be much better off if diseases didn't exist. And perhaps you'd be correct. However, our immune systems would also not exist; which would leave completely vulnerable to infection.

My point is, that maybe having a few minor (depending on your definition of minor) viruses floating around causes us to increase our security awareness (our immune sytem) so that we are less vulnerable to a really big nasty attack.

Re:Losers

[GoodNicsTken]

That's where I think your completely wrong. I'm actually surprised more of the /. crowd doesn't agree with the following viewpoint:

Software flaws exist PERIOD. They always have and always will. What would you rather have:

1. A small group of 100 or so people (Govenrment, individuals, organized crime, etc) with the ability to log into your machine, do whatever they want to with it (Set up a kiddie porn ring, steal your identity, etc.)

2. A virus that exploits the flaw, disrupts computer networks forcing people to patch the flaw. (Many still don't, as Code Red is alive and well)

I'm all for #2. The flaws exist. Without viruses, then people would NOT patch there systems. When somebody relases a virus, they are saying, hey there's a problem here that needs immediate attention or just about anyone can take over your computer. These guys should be rewarded not punished. IMO they are performing a service letting everyone know of a flaw they discovered, and providing incentive to correct the flaw.

As computers become a bigger part of our everyday life, they are trusted more and more. I would be a lot more concerned in a world with no viruses, and computers that are generally considered "Secure." That puts the power to ruin someones life in the hands of a few.

Re:Losers

[AvitarX]

These people?

The typical Virus writer is not the typical malicious hacker.

Viirus writers let us say dumbasses when the Half Life 2 source code was stolen, and also let Valve have fair warning that they were being retards and should use a more secure system.

Virus writers let me know to avoid outlook like the plague and protect myself from someone malicious who may want to install a keystroke recorder on my computer to steal my credit card and social security number.

Crime for proffit will exist even if the crime for fun group did not. I am not defending virus writers though. We new about email worms for a while, we don't need to be pelted by them. Social engineering viruses are old hat too.

But the people who write the first widly propogating virus to exploit a particular thing to alert a lot of people to it that just would not care otherwise. And it probably does protect a lot of bad administrators from far worse.

Re:Losers

[IthnkImParanoid]

If the virus nukes the drive, the DDoS and/or backdoor is suddenly no longer effective. Computer viruses, unlike the biological kind, have a goal in mind in addition to mindless reproduction. If the point is to open a backdoor to allow spammers to use it, why kill off your host?

Re:Losers

This "nothing is perfectly secure so it doesn't matter" idea is one of the most foolish concepts I see spouted on Slashdot. It's like saying "any house can be eventually be broken into, so there no point in locking your doors or having police". Just because it may still be possible, doesn't mean we should make it easy, and for all their sliminess, viruses do force vendors to close many of the more gaping security holes.

Otherwise hey, why not post all your personal passwords here on Slashdot - none of them are perfectly secure anyway right?

Re:Losers

[PsychoSlashDot]

If you consider computer security like the human immune system, then perhaps it may be seen that these people (while malicious) allow security to keep up with that hacks that can be done. If you kept a person in a bubble for twenty years and then promptly released him into the dirty, disease-ridden world he'd likely get sick and potentially die pretty quickly, as his body has no capacity to survive the world. However, with immunizations (i.e. intentional delivery of malicious agents in small doses, possibly on some schedule) and just general exposure to the germs in the world, most people have no problem surviving this world.

There's a simple problem with your viewpoint. Without the security-challenging input of these malware creators, there would be a corresponding reduction of the need for security efforts.

What you're really suggesting is that biochemists should be to some degree appreciated, because significant numbers of new, previously non-existing diseases and sicknesses will force us to spend more money and effort on immunology and cure-finding efforts. Um. Sorry, but I have to disagree with the wisdom of this.

Further, the assumption that good virus-prevention and reaction policies have significant impact on intrusion-detection and hijacking counter-efforts is... overzealous.

I do understand that many virii exploit one security flaw or another and that a good whack of MSBlaster has a decent likelihood of encouraging CompanyCo to patch their SQL server. What I don't understand is the suggestion that more relatively non-destructive virii result in less real-life data-compromising acts.

Final thought. With these worms and virii, a "hacker" doesn't have to do anything special to find a list of vulnerable sites/services. Log accesses to a web server of your choice... instant list of vulnerable web servers, each trying to hack YOU. With a simple firewall, it's EASY to find victims and exploit them. Without a virus out there, a port/IP scan would be required, which would leave traces.

Re:Losers

[Zeinfeld]

1. A small group of 100 or so people (Govenrment, individuals, organized crime, etc) with the ability to log into your machine, do whatever they want to with it (Set up a kiddie porn ring, steal your identity, etc.)

That is the sort of thing that black hat hackers tend to do anyway.

If you read the article you will see that the major source of exploits is the full disclosure type security forums. I am not saying full disclosure is entirely bad, just that the people writing viruses and worms are not telling the world it did not know anyway.

The guys (and they were mostly guys) in the article were describing using Visual Basic as the cutting edge of programming. One became recognized as elite because he worked out how to use multithreading. Like don't over-estimate the skills of these guys here.

The point about monoculture is made, but it is a crock. The original Moriss worm attacked multiple host types. There have been several cross platform worms. Microsoft is 90% of the machines out there, so if you write for any other platform you guarantee that your attacks will be an order of magnitude likely to succeed at each link.

x^y tends to infinity with increasing y if x>1 and to zero if x1.

Re:Losers

[SideShow_BLOB]

If I could break into my next door neighbor's house - on the premise that a flaw exists within his home security - should I be rewarded for it? Do not be so quick to glorify criminal behavior. Software flaws exist, yes. But to reveal them by breaching network security, unleashing mass-mailing worms, and exploiting buffer overflows in target systems is NOT a service to the community. On the other hand, creating and releasing the virus in a lab environment for the purpose of failure analysis is a worthy endeavor. But to cripple public systems? And implore that the writers of such crippling software be rewarded? Please, don't be such a dolt.

Re:Losers

[radish]

They did, back in the old days. I'm thinking of the bootsector viruses, and exe-infectors. These frequently had payloads to format c: on Davinci's birthday or some such thing. The thing is, now most "infections" aren't from true viruses, but trojans or worms. They also usually have a purpose, which is often backdooring a box to use it as a spamrelay or something. So kill the box, you kill the reason for writing the worm in the first place. In fact, not only that, but if you do anything which looks interesting, you increase your chances of getting discovered, and removed. The best worms get in, stay quiet, and attempt to spread. I like to think of them less as viruses and more as parasites - organisms which depend on their host for their own existence, and so have it in their best interest to preserve it not kill it.

Reporters..

[grub]

Whenever I read of a new virus or hear of one on the radio, I wish they'd start to hammer home the fact that 99.99% (wild number I pulled from my arse) of these affect Windows machines only. The ignorant masses just assume that viruses and worms are a way of life, they don't know that it's a way of life only if you use a certain OS.

Re:Reporters..

[1gkn1ght]

The problem is, how many people actually know that there is something out there other than a Mac and Windows? Once that word gets out, and more and more programs run on Linux, BSD, or another platform, people will start to notice that they can get away from the malware and the BSOD.

Re:Reporters..

[shamilton]

I have two Windows XP boxes which I use near continuously, and neither have ever had any sort of virus, trojan, worm, etc. One of those is completely without a firewall.

Not that I'm any sort of Windows zealot -- my two windows boxes are eclipsed by a dozen or so BSDs between home, work, and server room, which seem to require far more frequent security maintainence.

Re:Reporters..

[metlin]

You're right, most of these are kids who have just learnt programming on Windows. I'll quote from the article --


''This guy,'' he proclaimed, ''is the best at Visual Basic.''

In the virus underground, that's love. Visual Basic is a computer language popular among malware authors for its simplicity; Philet0ast3r has used it to create several of the two dozen viruses he's written.


This is the problem - back when I was a kid, I used to mess around with things like TSRs and assembly code to create things that had virus like behaviour to scare the crap out of my teachers in school.

These days, these kids just pick up an odd scripting language or two, or some easy language like VB and just do malicious code simply because its easy.

This is not programming or 'crazy skills' - its sheer adoloscence being shown in another way.

Instead, if they spent their time tinkering with the internals of a Linux Kernel or coding other cool stuff (like, Scene graphics programs, for instance!) it would be a much better use of their time and enthusiasm.

Re:Reporters..

apache is 2/3s of the webservers last i heard, and according to port 80 requests, i would guess code red and nimda each have more machines still then any linux virus i've heard of peak at.

could you explain how that fits into the MS is the major OS, MS is the major desktop OS, but even in the OS server arena it still has more viruses.

Re:Reporters..

[Deitheres]

I think what it ultimately comes down to is lack of knowledge-- this mainly affects windows users at this point, although the more "user friendly" and mainstream alternative OSes (which may soon become a misnomer) become they too will have to deal with incompetent users. I am over at my uncles house bare minimum once a month wiping a virus from his system. Runs WinXP and has Norton AV... BUT he does not keep things updated. His virus defs are always old and god-forbid if he installed a windows update every now and then.

Tell someone to disable a windows service, and they will look at you cross-eyed. I will admit, I run WinXP on my PC because of my wife, and I am pretty adept at system maintenance (not quite so much with Linux anymore unfortunately) but I would feel insecure (pardon the wording) about securing a Linux box at this point. Can you imagine Joe User trying to disable services on a Linux PC? With the GUIs, it's about as easy now as it is for XP, but that is exactly my point-- your average user is completely clueless even with Windows.

The problem of the OS being used is a secondary problem, the main problem lies (or sits in this case) between the chair and the keyboard.

Re:Reporters..

Sure, if Linux had the market share that Windows has, there'd be more viruses for it. But they wouldn't be as prevelant or destructive.

Why? Because nearly everyone reading their mail on a Windows box is doing it with the equiv of root permission.

Click on a linux virus attachment (one, it won't execute since that an Outlook feature) and the worst you can do is delete your home directory.

Re:Reporters..

[npsimons]

if one was used as much as Windows is, I could be sure there would be many more viruses than currently exist, for say, Linux, currently.

That, sir, is a fallacy. There is no hard evidence to support that claim, and there probably never will be. As a counterpoint, however, consider how many web servers run Linux and Apache versus how many run Windows and IIS. Then consider how many worms and security holes there are for those respective platforms.

Re:Reporters..

What's to prevent a Linux user running as *cough*Lindows*cough* root from being affected the same way?

Easy. There are no Linux email clients that I know of that allow you to execute a binary or script directly from the client. You have to save it, then set the executable bit, then run it. In Windows, there's no separation because an executable and a document. You interact with both the same way (double-click), there is no executable bit, and even a Word document can contain a macro virus.

a Windows box properly configured wouldn't have this problem, either

Really? How easy is it to disallow running an arbitrary executable on a Windows box? If it's so easy to configure a Windows machine to give immunity to any such virus, how come more admins haven't done so? It's impossible to lock down a Windows machine enough to prevent a virus like this while still allowing users enough admin rights to do daily work.

In short, yes, it is a social-engineering problem, but good computer-engineering can and does reduce vulnerability to user behavior.

this helps prove...

[tsunamifirestorm]

my theory that the most dangerous people are people who are bored.

We have enough problems with street crimes

[MonkeysKickAss]

I just cant see why people need hurt others using computers we alreadyt have enough drime on the streets, and we can't even deal with all of it. So why do people just destroy other people's computers with viruses and things of that sorce in the future we are going to need internet police that just track where viruses started out and charge these people with malicious destruction of property, or that crackers should be charged with breaking and entering. I just cant see why they have to hurt people and why they cant create things to hack into or have a hacking pparty where they can have people build up secure networks and see who can hack into it first and things like that.

Master?

[sperling]

But thanks to a teenager in Austria, it took me less than a minute to master the art.

The author's obviously as clueless as any nontechie trying to explain or master anything technical. Such a trojan creator could be created in an hour by any competent programmer. The existing virus underground would fall over laughing if anyone dared claiming knowledge or skill after using or creating this tool.

Here's the Key....

[BlueEyes_Austin]

"Most of the virus writers I visited live in Europe; there have been very few active in the United States since 9/11, because of fears of prosecution." Hunt them down and throw them in jail.

Re:Why underground?

[clnelson]

underground=cool

and of ocurse they do have a magazine/club/organization. It's just "underground" ie. hidden from the view of those who don't use computers or google.

It just isn't any fun if you can't have the pretense of an elite insiders club.

All been said before

[lambent]

I managed to read the first of 10(?!) pages before I decided it was just another alarmist (altho slitely journalistically poetic) piece of trash.

They're trojans, not viruses. I haven't seen a respectable virus in like 5 years. Viruses are self replicating. Trojans require lusers to activate. (britney--spears--wedding--clip.mpeg, indeed). What pisses me off is this reporter's beliefe that all this terminology is synonymous (virus, trojan, worm).

After reading the next few pages, i was surprised that the author bothered to extrapolate on the terminology "script-kiddie". (Nice job, Clive) But then he goes on about dreadlocks being the hairstyle of choice .... buh.

After that it degenerates into political commentary.

What the hell ever happened to ASM viruses? What happened to TINY?

My favourite quote: "This guy is the best at Visual Basic". That's not a compliment, dude. That's like being the best at tying your shoelace.

Re:All been said before

Agreed. No decent virus has been created in a very long time. Almost all virus's are email based and as the article points out written in VB. The last decent virus released was CIH which prompted fucked your bios. Not that I want more talented virus writers to create more deadly virus's, but I wish for once people had some originality. The only thing close to 'skill' are some of the unix virus writers creating binary infectors, and binary encryption tools.

Re:Article Text

[DR+SoB]

Thanks for posting the full article! So it's a BATCH FILE generator they are getting worked up about? LOL! Try running a search for "Virus Creation Laboratories" or "VCL", and you will see a tool that has been around since the EARLY 1990's that does a MUCH better job then a batch file creator. You can actually pick from a variety of languages and it will auto-generate the code. (is it really good to post this stuff on /. anyways? I shudder thinking of how many script kiddies are probably reading this!). A batch file Trojan, btw, is NOT a computer virus.

Oh, please

[bonch]

Oh, please. Bullshit. If Linux were the 98%-used desktop OS, it'd be the one hit with all the viruses.

All these viruses, including MyDoom, are user-ran executable attachments. Nothing to do with Windows other than it's the dominant operating system the dumb users are using.

Re:Oh, please

[theCoder]

I agree in part, but disagree in part as well. Certainly, if Linux had 98% of the market, there would be more worms (especially stupid user worms like MyDoom) targetting Linux. However, there is a substantial design difference between Linux (and other UNIX variants) and Windows. Linux only executes files whose execute bit is set. Windows only executes files with the right extension. Basically, what this means is that it is harder on Linux to accidently execute a file sent to you. And any mail client that automatically set the execute bit would be considered insecure. Thus it would be harder, especially for stupid users, to propogate these worms.

At least this would force worm writers to exploit actual vulerabilities in software, which can be fixed. It's much harder to fix stupid (or careless) users.

I hate the press...

[Awptimus+Prime]

"Looking for a little weekend reading? You might try the cover story from this week's NY Times Magazine. It's titled The Virus Underground, and it takes a look at the world of malware scripters, virus writers and worm designers."

It's not a "world". It's something someone does when they sit down at a desk. I really wish the things some geeks do would quit being portrayed with such silly words.

Over-dramatized, to portray an image that is very rarely accurate. It's, most often, some boring person with a bone to pick with the system or a company. Yeah, so they used code instead of throwing a brick through a window. That doesn't make them any more interesting than a teenager bashing a mailbox.

Clive Thompson knows his stuff...

[nweaver]

You can quibble a little bit about details and terms, but Clive Thompson is a pretty good technical reporter, and he did a very through job on this story (as do the NYTimes magazine fact-checkers).

The "Scene"?

[officepotato]

I have to wonder, when reading articles like this, how closely does the "scene" the article's author has discovered relate to the larger population in general. I've read a few articles that seem to be essentially interviews of some random, anonymous, highschooler, that supposedly represents the general population of computer-savvy evildoers.

Are there actual, functioning, hacker groups, of a scale larger than Joe and his friends? It seems that the social attitude that accompanies black-hats (at least from the article that I'm questioning) doesn't lend itself to large organizations or control structures.

On the other hand, it is kinda cool to imagine that there's a huge organized computer-crime secretly flourishing across the country. You could make a movie about that sorta thing, maybe call it "Hackers". Oh, wait...

Re:Metamorphic Viruses

[selderrr]

When we start seeing more of these, AV companies will have a hard time keeping up. the fact that we do not see them, tells something about the relation between virus-witers and anti-virus writers...

Re:Reporters..WRONG!!!

[stratjakt]

Whats being discussed in the articles, though, are stupid little trojans that rely on an idiot user clicking them.

Those idiots run windows. There's no big differnce between a clueless windows user running with full admin priveledges clicking HotNakedChick.vbs or a clueless linux user running as root clicking HotNakedChick.pl.

There are few viruses out there that actually exploit anything. Slammer was, SoBig was, but most are just "10 print "I AM L337"".

I agree

[dsci]

For the sheer intellectual challenge, Philet0ast3r replied, the fun of producing something ''really cool.'' For the top worm writers, the goal is to make something that's brand-new, never seen before. Replicating an existing virus is ''lame,'' the worst of all possible insults.

and

Philet0ast3r said he isn't interested in producing a network worm, but he said it wouldn't be hard if he wanted to do it. He would scour the Web sites where computer-security professionals report any new software vulnerabilities they discover. Often, these security white papers will explain the flaw in such detail that they practically provide a road map on how to write a worm that exploits it. ''Then I would use it,'' he concluded. ''It's that simple.''

So these *expert* programmers (of Visual Basic) read of security vulnerabilities that describe the exploit, then code it, and call *that* new and creative.

This NYT article completely overrated the skill of these 'worms.'

If a Virus writer want to be a real pain...

[Ghengis]

And get some script kiddies in trouble, he'd just post the executable, and not tell anyone that it also emails authorities around the world information about the computer you run it from. While this may "brown-out" some servers as the article says, it would leave a nice trail to the luser who started the whole mess.

Naive

[hackrobat]

The Slammer worm would find an unprotected SQL server, then would fire bursts of information at it, flooding the server's data ''buffer,'' like a cup filled to the brim with water. Once its buffer was full, the server could be tricked into sending out thousands of new copies of the worm to other servers. Normally, a server should not allow an outside agent to control it that way, but Microsoft had neglected to defend against such an attack. [emphasis added]

It's funny. Which software company will deliberately, knowingly leave out holes in its software? "Microsoft had neglected..." Look, every program, small and big, has bugs. When you're talking of one of the leading database products in the market, you're talking of a very complex piece of software that's bound to have holes here and there. That statement is naive.

Even Microsoft admits that there are flaws the company doesn't yet know about.

Really? Which company knows of all the flaws in its software?

Re:The real question is....

[maxwell+demon]

Clothes would burn in hell.

Re:Metamorphic Viruses

[Vellmont]

Typical journalist with a little bit of knowledge gone too far. (If you truly do work for PC Magazine).

Polymorphic/Metamorphic viruses have been around for 10 years at least, and the dumb journalists were just as scared then. I'm still waiting for the dire predictions to come true "when we start seeing more of these". As others have pointed out there's always part of the code that you can't mask, so there's always something to identify the virus with. I'm sure it takes a bit more work to identify the viruses, but the sky hasn't fallen yet.

You should know better if your bio is true, being a grad student of computer science.. but then again grad student quality has dipped pretty low in recent years in CSCI. There's also the journalist taint factor to consider. I'm guessing the magazines/newspapers/TV networks must put lead in the watercooler.

If you can't get a job, it may be your own fault

[Reziac]

That quote illustrates exactly WHY such people get turned down for jobs which then go to an "inferior" programmer. Good HR people recognise the type, and know enough to avoid the trouble they can bring.

After all, would you rather hire the world's best programmer, but then have to worry about (or hire another coder to vet his work for) backdoors, or hire one pretty good but not brilliant programmer whose attitude doesn't make you question the integrity of his work?

(I've worked with the brilliant-but-untrustworthy type. Never, ever again.)

Let's continue with this thought process...

[That's+Unpossible!]

So someone takes my code I have put on my webpage and described as capable of virus activity, and that person spreads it, and now I am guilty of 2nd-degree something or another.

So this means if I am a chemist, and I describe in detail how to create dynamite, and someone makes the dynamite and blows something up, I am 2nd-degree guilty for that as well?

I believe ultimately that information should not be restricted in any way whatsoever, so I disagree with this idea completely.

Re:Why the rag on VB?

[dsci]

Actually, I agree that VB *CAN* be used in very expert ways to accomplish useful tasks. As far as I am concerned, VB is a useful tool for generating small utilities very fast; you know, things that don't require a lot of horsepower (but there are ways to optimize VB to some good performance in some algorithms).

My main issue with the point made in this article is that it seemed *assumed* that because this kid was fairly proficient in VB, that de facto made him an expert programmer. You can be nearly low-level illiterate and still generate some useful stuff with VB. Truthfully, that is what I think of these particular kids from the tone of the article (and the fact that they don't FIND the vulnerabilities and engineer an exploit, they simply apply what is published in security bulletins).

I'd be willing to bet that if you ask them to write a driver for a custom one-off process control board, their eyes would glass over. There are probably virus writers out there who *ARE* expert programmers, even at the low level, but they were not the ones represented in this article. All of them were relatively young, and with the exception of one guy who was an unemployed dude with a CS degree, had no substantial credentials.

I got the impression the author of the article was trying to show these kids as geniuses or computer wiz kids....when you don't have to be a wiz to throw together some VB that opens a socket and listens on a port (for example).

One could argue

That the NY Times is helping to spread viruses by writing a detailed article about them. For anyone who wants to get into the scene, they now have a list of names, handles, and things to go Googlin' or IRC'ing for...

Curious about what language to write it in? Well VB is named as being a good language (I'd prefer assembly myself, but I digress).

Should we now publicly flog the NYTimes for publishing some info?

Most people would have a problem with that... So why would they think it's OK to flog people who write viruses?

I enjoy challenges - I write viruses occasionally and never release them. I explore cryptographic algorithms purely for my own enlightenment. However if I decide to share my information with someone, I don't know what they're going to do with it. Unless they say "yo dude man, I want to TOOOOOTALLY fuck those dudes over with your rockin' codez", I don't care if they have a copy of it or not... It's not like they're not going to figure it out anyway or get a copy so why should I waste my time worrying about it... I'd rather be coding...

Think about it - every technological advance since time immemorial has had some "dark side" to it. Did that mean we prevented the development of the knife, fork, spoon, sword, car, wheel, gasoline, oil, insecticide, flour, water, rockets, TV, baseball bats, baseballs, basketballs, potatoes (potato launchers), and whatever else you can think of?

Trying to prohibit the sharing of information won't protect any of us from anything - quite the contrary in fact...