Slashdot Mirror
Profile of the Mind of a Virus Writer
zdburke writes "Clive Thompson, writing for the NY Times, has profiled several young computer virus writers around the world. A young Austrian wrote a Batch Trojan Generator which has simple options for constructing your next virus: fomat drive C? Overwrite every file? It's very well written by an author who clearly knows his stuff."
Or do the pictures of these guys remind you of the Calvin Cline ads awhile back that bordered on kiddie porn? These kids look like they are wearing makeup and exude a bit of homo-erotic teasing.
It just gave me the creeps, knowing that this is an article for nerds.
But it says right there... "Please write the online editor at daddypants@slashdot.org for any corrections.".
I decide to write that it was a dupe. Sure enough, the thing gets posted anyway.
I mean, that's partly what subscribers are for. And that's also why subscribers can't do comments early. Right?
It's silly. Not only should the editors actually read slashdot, they should more importantly look at email from subscribers saying "It's a dupe!" before posting the thing.
But maybe it's just me thinking in a perfect world. Forget it.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
Why it's so easy for us to accept the typical cracker/hacker defense ("I am just exposing vulnerabilities in this computer system or data encryption scheme") and reject similar defense of a virus writer ("I am just teaching computer users to handle binary attachments with care")?
Downstairs, his mother is cleaning up after dinner. She isn't thrilled these days, either. But what bothers her isn't Mario's poster. It's his hobby. When Mario is bored -- and out here in the countryside, surrounded by soaring snowcapped mountains and little else, he's bored a lot -- he likes to sit at his laptop and create computer viruses and worms.
Maybe this is just crazy talk, but couldn't this woman just take his computer away from him? She knows that he's upstairs doing illegal stuff...he's 16, take away his laptop. "Oh, well little Billy's just upstairs making pipe-bombs...I'll leave him alone."
Parents are there to be...parents.
slashdot, news for crazed liberal socialist zealots
nothing.can.stop.me.now
Aspiring young hackers?! Aspiring young hackers don't cut and paste other people's code.
People say I'm crazy, I got diamonds on the soles of my shoes...
"Throw these antisocial delinquents in the slammer for 10 years for each offense."
I believe the average sentence for murder in America is about eight years. Are you really suggesting that writing a virus is a more serious crime than murder?
(Ok, I'd agree, if that virus caused infrastructure damage that killed people... but then they should be jailed for manslaughter, not virus writing)
It has pictures, name and locations.
Now the sysadmins have someone to beat up and the legal department can take some potshots at them for paying damages caused by virusses.
Hate me!
This one is a dupe, yet again. Christ, man, use the fucking search feature or hand over the moderator status to someone who will. And yes, you are definitely the worst one when it comes to duplicating stories.
This article is about as ill-informed as that BBC article that was posted last week. From the article:
MyDoom's ultimate target was an obscure software company named SCO. Champions of the open Net have portrayed SCO as the Antichrist since it sued to establish part-ownership of a popular and free computer operating system called Linux. Linux has become an icon of the so-called open-source movement, which is seeking to limit the influence of companies like SCO and the industry giant, Microsoft, which closely guard their software.
Is looking like a freak a requirement a requirement for a "malware" coder?
I don't need a compass to tell me which way the wind shines.
Tha Riot Be Tha Rhyme of The Unheard -jediman1138-
As it happens a very appropriate sig to the matter at hand.
I'd point out, however, that the rioter is often expressing a generalized anger, often against the innocent, indeed often against the very supporters of his own cause. It reduces the cause to an act of thuggery in way no different than any other act of violence.
A thoughtful and directly relevant resistence is more fruitful, just and likely to draw further support.
John Brown's taking of the Harper's Ferry Armory is still the stuff of legend. Tim McVeigh's bombing of the Murrah Federal Building is, and shall remain, an act of infamy.
Some virus writers are angry young men with legitimate cause for their anger.
Wiping Grandma's C drive as part of an act of generalized vandalism is a poor way to express that anger and does nothing to actually relieve it's cause. It does not even leave one with an idea what the virus writer percieves that cause as being.
John Brown is considered a terrorist by a good many to this day, but at least we know what the hell he was mad as heaven about.
If one has a distaste, or even an anger, about certain aspects of society or orginizations within that society, well and good. Oppose them. Oppose them with your words, your actions and even your very life if need be, but please, leave my mom and my grandmom out if it unless they are directly involved.
As to the issue of punishing minors as adults, I will accept this only at such time as the legally defined as adults. To deny a person of youth the franchise as a full citizen because he is too young, ignorant and immature, but hold him responsible, without the proper rights and benfits of full citizenship and representation, because he "is old enough to know the difference between right and wrong" is hypocritical, unjust and undemocratic.
This issue came to a head in the 60s when teenagers were being drafted for the Vietnam war, and yet those same teenagers were denied the right to vote on representation or other issues which had obvious life or death consequences to them.
That is why the age of majority was lowered from 21 to 18.
Rights and responsibilites should always, always, always march hand in hand.
KFG
Well if you ask me:
;)
/. -- You don't need to read the article.
:) -
Well I'm used to using tools which take care of that for you so sometimes I don't think about it. Besides, it's safer to copy and paste........
This is
Actually, what we need is a virus that, in the email headers, adds: X-Idiot-Who-Sent-This: (and variations thereof) to all the emails it sends. Fake the From: address, sure. But I'd like to know who the person is that I should LART for the 100,000 copies of MyDoom that I keep getting. Especially to addresses that I've given out or never even used.
Du-uh -- everyone knows worms live underground !
"The Virus Underground" sounds like a bad nightclub.
Well he _is_ listening to Iron Maiden.
"it takes a look at the world of malware scripters, virus writers and worm designers." I guess my initial reaction was fsck 'em. Fsck 'em all. However, it could be suggested that they have made corporations and governments aware of many intrinsic insecurities in certain popular operating systems which may have prevented some larger potential catastrophe. The problem for these guys, is that we will never know and they will continue to be reviled and hated as losers. (That is unless they are talented enough to score a job with Symantec, the NSA or some other organization dealing with comp. security.)
That may be a side effect in very few cases, but for the most part I think it's safe to say there is no redeeming factor to any virus or its author.
That sounds a lot like Bill Gates argument on why Windows is the most secure operating system available. Not that I agree with Bill about windows, but you make a pretty good point. I don't see how something can be very secure without some real-world testing. Now if I could just get my coworkers to stop opening up every attatchment in their inboxes.
It's true that virus writers are malevalent and don't have pure intentions when hacking their scripts and all, but in a general sense, where would our security be without virus writers?
If you consider computer security like the human immune system, then perhaps it may be seen that these people (while malicious) allow security to keep up with that hacks that can be done. If you kept a person in a bubble for twenty years and then promptly released him into the dirty, disease-ridden world he'd likely get sick and potentially die pretty quickly, as his body has no capacity to survive the world. However, with immunizations (i.e. intentional delivery of malicious agents in small doses, possibly on some schedule) and just general exposure to the germs in the world, most people have no problem surviving this world. Yes, MyDoom, and Trojans, and all the other viruses are more than nuisances and they cost people time, money, data, and other things, but these are in relatively small doses. If we had been in a bubble free of viruses for all this time, then whenever we're released into the "real world", anybody could take advantage of all these exploits (open sockets, DDoS, back doors, etc.) at once and perhaps bring the whole infrastructure down. It's the fact that virus writers are always developing viruses and releasing them that allows us to fix these problems individually, on a manageable time-scale. If they wanted to do some damage, maybe they should withhold all their viruses and unleash them all at once to cripple everything so much more.
If you make the biological systems analogy, you will also have to acknowledge that a diverse operating system ecosystem is critical to the health and well being of things, especially as the Internet becomes more widely available. We need Linux, IRIX, Solaris, Windows, OS X and embedded OS's to maintain the health of things.
Like really virulent biological virii, computer virii that work this way will limit the extent to which they can spread......unless of course.......they work out slightly more sophisticated methods of damage, or they delay the damage for a period of time before "expressing" themselves.
Ahh, so easy with a dupe
without being a lawyer: I think it is impossible to pin someone for manslauther if he has only written and spread the virus, but not actually ran it himself when it caused the damage. Reckless endangerment at best I would say. anyway, back to the point. In my opinion punishment in itself should never be considered a solution to crime. The fact that you could be jailed for it might even highten the stakes, and with that the kick, for some people. When I was a kid I would love to sneak in the garden of neighbours that would get really pissed if they found out... in fact i always snuk into /their/ garden.
It would be far more effective to make these kids understand that programming a virus is just not cool in the first place. If this approach works against smoking why not against hacking etc?
Show a man some news, distract him for an hour. Show a man some mod points, distract him for the rest of his life.
Who's us? I find both of those excuses unconvincing.
That doesn't really fall within IT training though, more like civics or ethics. These kids know exactly what they're doing, and they're doing it on purpose.
I'm suggesting that the standard sentence for murder is too weak. Murder's should be killed.
The fact is that far too many murder cases end up prosecuting the wrong person. Better that a murderer should merely spend several decades of his life rotting in a hell-hole, than that the criminal should go free and an innocent man die in his place.
And even if there is a 100% certainty that you have the right man, I do not support the death penalty: "Many that live deserve death. And some that die deserve life. Can you give it to them? Then do not be too eager to deal out death in judgement."
Come on! Get it together /.! You guys had this article on Friday! Don't you read your own site?
"The best laid plans of mice and men gang oft agley..." - ROBERT BURNS
On the creator of the Sobig.F virus...
''The F.B.I. is out for the Sobig guy with both
claws, and they want to make an example
of him,'' David Perry.
Women don't write viruses?
Women don't read slashdot?
I feel so pigeonholed!!
- these are not the droids you are looking for -
Just sit back and laugh. Journalists can't cover this stuff. It's a joke.
Now, think about how off-center computer-related articles are. Anything that deals with technology.
Have you ever had first-hand experience with a story your local paper covered? And while reading the story, you think to yourself, "Where the hell did they get their (mis)information??"
Apply that to EVERY story in the news. Scary, isn't it?
How can you criticize Microsoft for this? There have been only 60 extremely serious vulnerabilities in Internet Explorer in two years.
The real source of the problem is..., well yes, Microsoft. One would think that Microsoft would be better at coding than someone who taught himself programming and writes programs on the weekends.
"Rights and responsibilites should always, always, always march hand in hand."
Hear! Hear! Why is this simple concept so hard for people to get? Draft, drinking, and voting. The age for these need to match. Any others to add?
Society can look at all of the facts and peg the age where appropriate, but it is not cool to have different ages for these regardless of other reasons.
Let's jaw a bit:
"We need to raise the legal drinking age."
"Why?"
"Well, the incidence of DUI accidents and fatalities is way too high for the 18-2x segment."
"OK, I can give you that. Do these numbers hold for males and females, or just males? If just males, should we raise the age for males only and leave the age for females where it is?"
"Umm, umm, umm. I don't know, but we can't have two ages, one for males and one for females. I mean, how would that look?"
"OK, so we raise the age for drinking to 2x. (By the way, why don't we leave the age for drinking where it is and raise the age for driving to 2x? Just kidding!?) Now our reasoning seems to be that statistics show that people under the age of 2x have proven that they do not have the sense or judgement needed to to decide when they should drive after drinking. Is that about right?"
"Yes, that's about it."
"OK, so we can't trust them to make the decision as to drinking and driving, but we trust them to decide who gets to run the country and everyone else's lives? Does that add up, or should we raise the voting age to 2x while we are at it? Also, should we take the vote from anyone convicted of DUI the way we take it from felons now?"
"What you are saying makes some sense, but the voting age was lowered from 21 to 18 on account of the draft and how it was not right to send people to fight and die for their country if they had no say in who was sending them. I don't see how we can raise the voting age without also raising the draft age to match. Perhaps the age of majority to match."
(add some more if you like...)
I think that what virus writers do is to some degree helpful and harmless, the idiots that distribute the viruses are the people that should be drawn-and-quartered. Writing something is not the same as doing something with it. These 'programmers' have every right to produce and publish their programs. But the fact that these programs are destructive is why it's illegal to distribute/release/run them. I have no problem with these folks writing these things and publishing them, it allows me to see what they are up to and at least keep up with them when I can't get ahead of them security wise.
The article paints an interesting contrast between the writers and the 'script kiddies' we all loathe who are the real evil dolts behind most virus and worm activity.
Of course I use a Mac desktop and GNU/Linux servers so until these guys start using something other than VB I am not too terribly worried about them trying to exploit any hidden flaws in my systems, but it is helpful to know what they are up to, same reason I subscribe to 2600.
Even if I knew that tomorrow the world would go to pieces, I would still plant my apple tree. -Martin Luther
Relax das fuhrer, murderers and rapists sometimes don't get 10 years in jail. I think public flogging would be a good punishment for these people.
This asshole never vandalized another piece of property in Singapore.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
I don't necessarily buy either excuse but...
One might view a "benign" virus writer as someone who was writing viruses and NOT releasing them into the wild...and this might be likened to a hacker who finds security problems but does NOT exploit them.
Anyone that releases their virus/worm/trojan is no better than someone who breaks into a system with the intent to do harm.
Why it's so easy for us to accept the typical cracker/hacker defense ("I am just exposing vulnerabilities in this computer system or data encryption scheme")
Who accepts that? Just last year a man (I can not remember the name but the story made slashdot) almost went to jail for reporting a weaskness that could be exploited to a large corporation. e did not even exploit it, simply noticed it. If you think that in this post patriot act world you can hack using the above as an excuse, you are a bit out of touch.
I don't see what all the fuss is about. Most of these guys are just pranksters. I see some people here frothing at the mouth about how these guys should be locked into the slammer for months, even years. What a vicious and repellant sentiment. Ironically it seems to mirror the sad, mean outlook on life that drives the virus writers: I will make them pay for my misery!
Clearly some pranks are off-bounds. When the prank goes from mischief to outright malice, swift and appropriate punishment needs to be meted out. Viruses that spy on you, or turn your computer into a spam factory, or purposely destroy data, are completely unacceptable. But for the rest? Rule number one remains that people shouldn't open attachments that they don't trust. As responsible adults, we should know better.
First, that sort of thing is in numerous articles.. so it's a useless starting point.
Second, the photos aren't very good. It's easier to tell if you look at the pictures in the NYTimes magazine. One's blurry and grainy, another is heavily dodged (darkened) everywhere except where that "Benny" guy is, and the detroit kid does seem to have on makeup, but the picture is just slow shutter with soft focus and a light flare.
Third, when I read the article.. it talked about how formatting hard drives was old and boring. The writers were interested in odd, creative payloads like flashing images or stupid messages. The guy who wrote the virus generator added the "format harddrive" option to his program.. but that's the main mention of modern hdd formatting. To quote the article: "the prevalence of hard-drive-destroying viruses has steadily declined to almost zero."
Fourth, it is explicitly stated in the article that the main fear is from for-profit or organized virus writing (spammers, mafia, terrorists). It goes on to mention how Sobig is being tested and, so far, has been released six separate times with a built in expiration. They can't profile organized criminals because they don't want to be profiled or found.
anyway, so what's the deal? why troll get food from mods?
p
It's a sign of immaturity that you have to prove yourself and exercise your ability in every small way. For example, locksmiths don't go around opening people's doors and leaving strange notes just because they can. They have a job where these abilities are applied for a wage. Their capabilities are productive and non-intrusive.
Some hackers find problems with popular software, others create security schemes, some experiment with protocols, some reverse engineer drivers, etc. Some hackers are productive and non-intrusive.
I don't think you're cynical or paranoid for being suspicious or paranoid of this article, but...
Thirdly, the technical details are obviously wrong. Formatting hard drives? Deleting files? That is so 1980's. Today's virus writers are obsessed with the social interface: how to confuse people into clicking the attachment.
It's not uncommon for mainstream media writers to get the technical details wrong. However, your criticism suggests to me that you didn't read the article. The subjects of the story talk about how deleting files and formatting hard drives is no longer commonplace, and how they must become amateur psychologists to fool people into executing their code.
The bit about Visual Basic did make me laugh, though.
Forthly, the timing. A long, detailed investigation into youthful virus writers just as the worst ever virus hits the Internet, with no mention of mafia connections, of zombie spam engines, of "sorry, andy, but this was just my job",...? WTF?
Timeliness isn't coincidence in the world of journalism; it's almost always intentional. This story was probably written last year, when, as the story notes, a slew of email worms were in abundance, then held to be published (with some last-minute updating) after January's big email worm, when it would be timely.
Just my $0.02.