Slashdot Mirror
Profile of the Mind of a Virus Writer
zdburke writes "Clive Thompson, writing for the NY Times, has profiled several young computer virus writers around the world. A young Austrian wrote a Batch Trojan Generator which has simple options for constructing your next virus: fomat drive C? Overwrite every file? It's very well written by an author who clearly knows his stuff."
...they're pretty proficient in VB.
...US Slashdot editors get tricked once again by the "news media" to post another dupe.
Or do the pictures of these guys remind you of the Calvin Cline ads awhile back that bordered on kiddie porn? These kids look like they are wearing makeup and exude a bit of homo-erotic teasing.
It just gave me the creeps, knowing that this is an article for nerds.
On the down side this is a duplicate article, on the plus side this version has a link to the Google partner version of the article. (So no login required).
I guess this means that I can't gain karma by posting a mirror. Do you think I'm in with a chance of anything else? ;)
But it says right there... "Please write the online editor at daddypants@slashdot.org for any corrections.".
I decide to write that it was a dupe. Sure enough, the thing gets posted anyway.
I mean, that's partly what subscribers are for. And that's also why subscribers can't do comments early. Right?
It's silly. Not only should the editors actually read slashdot, they should more importantly look at email from subscribers saying "It's a dupe!" before posting the thing.
But maybe it's just me thinking in a perfect world. Forget it.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
This has been around for something like 12 years, IIRC, Nowhere Man of that funny group of happy guys at [NuKE] wrote the VCL (Virus Creation Lab) in 92 (maybe 93?). Basically it was a text based GUI app with windows and drop downs that let you design a virus and produced a working one ready for distribution.
Today's viruses are absolutely pathetic compared to some of the older stuff.
--- I do not moderate.
Why it's so easy for us to accept the typical cracker/hacker defense ("I am just exposing vulnerabilities in this computer system or data encryption scheme") and reject similar defense of a virus writer ("I am just teaching computer users to handle binary attachments with care")?
Downstairs, his mother is cleaning up after dinner. She isn't thrilled these days, either. But what bothers her isn't Mario's poster. It's his hobby. When Mario is bored -- and out here in the countryside, surrounded by soaring snowcapped mountains and little else, he's bored a lot -- he likes to sit at his laptop and create computer viruses and worms.
Maybe this is just crazy talk, but couldn't this woman just take his computer away from him? She knows that he's upstairs doing illegal stuff...he's 16, take away his laptop. "Oh, well little Billy's just upstairs making pipe-bombs...I'll leave him alone."
Parents are there to be...parents.
slashdot, news for crazed liberal socialist zealots
I think I've been here before... I've been told this usually happens because of a glitch in The Slashdot...
Aspiring young hackers?! Aspiring young hackers don't cut and paste other people's code.
People say I'm crazy, I got diamonds on the soles of my shoes...
"Throw these antisocial delinquents in the slammer for 10 years for each offense."
I believe the average sentence for murder in America is about eight years. Are you really suggesting that writing a virus is a more serious crime than murder?
(Ok, I'd agree, if that virus caused infrastructure damage that killed people... but then they should be jailed for manslaughter, not virus writing)
Our virus detector has just been triggered by a message you sent:-
To: editor@slashdot.org
Subject: Profile of the Mind of a Virus Writer
Date: Mon Feb 9 6:00:55 2004
Any infected parts of the message have not been delivered.This message is simply to warn you that your computer system may have a virus present and should be checked. The virus detector said this about the message:
Report: message.zip contains Worm.MyDupe.Slashdot
God is imaginary
It has pictures, name and locations.
Now the sysadmins have someone to beat up and the legal department can take some potshots at them for paying damages caused by virusses.
Hate me!
This one is a dupe, yet again. Christ, man, use the fucking search feature or hand over the moderator status to someone who will. And yes, you are definitely the worst one when it comes to duplicating stories.
This article is about as ill-informed as that BBC article that was posted last week. From the article:
MyDoom's ultimate target was an obscure software company named SCO. Champions of the open Net have portrayed SCO as the Antichrist since it sued to establish part-ownership of a popular and free computer operating system called Linux. Linux has become an icon of the so-called open-source movement, which is seeking to limit the influence of companies like SCO and the industry giant, Microsoft, which closely guard their software.
People say I'm crazy, I got diamonds on the soles of my shoes...
"Stephen Mathieson, Detroit. The 16-year-old virus writer is dismissive of hackers who release other people's viruses: "The kids just cut and paste.""
So, we have a 16 year old virus writer accusing other hackers of being childish. Doesn't that seem just a tad ironic?
In this world nothing is certain but death, taxes and flawed car analogies.
Michelangelo was a master. A spray-can toting kid is just a vandal. These aren't "masters" either, no matter how much they label themselves as such. Want to show off your elite skills, kids? Want to show how much better than Microsoft you are? Write a self-replicating program that patches holes instead of exploiting them.
Nope. They're vandals posing as artists.
Been using sigs for 20 years. Nothing funny left to say.
Tha Riot Be Tha Rhyme of The Unheard -jediman1138-
As it happens a very appropriate sig to the matter at hand.
I'd point out, however, that the rioter is often expressing a generalized anger, often against the innocent, indeed often against the very supporters of his own cause. It reduces the cause to an act of thuggery in way no different than any other act of violence.
A thoughtful and directly relevant resistence is more fruitful, just and likely to draw further support.
John Brown's taking of the Harper's Ferry Armory is still the stuff of legend. Tim McVeigh's bombing of the Murrah Federal Building is, and shall remain, an act of infamy.
Some virus writers are angry young men with legitimate cause for their anger.
Wiping Grandma's C drive as part of an act of generalized vandalism is a poor way to express that anger and does nothing to actually relieve it's cause. It does not even leave one with an idea what the virus writer percieves that cause as being.
John Brown is considered a terrorist by a good many to this day, but at least we know what the hell he was mad as heaven about.
If one has a distaste, or even an anger, about certain aspects of society or orginizations within that society, well and good. Oppose them. Oppose them with your words, your actions and even your very life if need be, but please, leave my mom and my grandmom out if it unless they are directly involved.
As to the issue of punishing minors as adults, I will accept this only at such time as the legally defined as adults. To deny a person of youth the franchise as a full citizen because he is too young, ignorant and immature, but hold him responsible, without the proper rights and benfits of full citizenship and representation, because he "is old enough to know the difference between right and wrong" is hypocritical, unjust and undemocratic.
This issue came to a head in the 60s when teenagers were being drafted for the Vietnam war, and yet those same teenagers were denied the right to vote on representation or other issues which had obvious life or death consequences to them.
That is why the age of majority was lowered from 21 to 18.
Rights and responsibilites should always, always, always march hand in hand.
KFG
Call me cynical but I think this story is a well-constructed lie.
First, the accurate but uncheckable details: name of some guy in Austria, his 15-year old girlfriend.
Secondly, as has been remarked, the photos. They are just too well shot, and I can't for a second believe that a virus author would sit still while the makeup girls did their thing, lighting got the shadows right... no frigging way!
Thirdly, the technical details are obviously wrong. Formatting hard drives? Deleting files? That is so 1980's. Today's virus writers are obsessed with the social interface: how to confuse people into clicking the attachment.
Forthly, the timing. A long, detailed investigation into youthful virus writers just as the worst ever virus hits the Internet, with no mention of mafia connections, of zombie spam engines, of "sorry, andy, but this was just my job",...? WTF?
Conclusion: it's a set-up. These young dudes don't exist as described, the shots are of actors, and the story was invented behind a desk. Someone wants to create a convincing enemy for new legislation which will paint uncontrolled hacker youthdom as the enemy of all that is right and proper. Long prison sentences for simply creating the wrong kind of software ("because it could be released and do harm"). Rapid implementation across the globe ("cause these guys are in, like, Austra!").
Now, allow me to get really cynical and ask this question: why is no-one bothering with profiles of the organized criminals behind most of the damage done to people's computers? Could it be because misdirecting the blame at youth hackerdom means the problem will not be solved, and so the hand of oppressive government can become stronger and stronger...
Of course, I could be wrong, and really viruses like mydoom could just be the work of guys like this.
Ceci n'est pas une signature
Who's us? I find both of those excuses unconvincing.
Come on! Get it together /.! You guys had this article on Friday! Don't you read your own site?
"The best laid plans of mice and men gang oft agley..." - ROBERT BURNS
On the creator of the Sobig.F virus...
''The F.B.I. is out for the Sobig guy with both
claws, and they want to make an example
of him,'' David Perry.
Women don't write viruses?
Women don't read slashdot?
I feel so pigeonholed!!
- these are not the droids you are looking for -
Just sit back and laugh. Journalists can't cover this stuff. It's a joke.
Now, think about how off-center computer-related articles are. Anything that deals with technology.
Have you ever had first-hand experience with a story your local paper covered? And while reading the story, you think to yourself, "Where the hell did they get their (mis)information??"
Apply that to EVERY story in the news. Scary, isn't it?
How can you criticize Microsoft for this? There have been only 60 extremely serious vulnerabilities in Internet Explorer in two years.
The real source of the problem is..., well yes, Microsoft. One would think that Microsoft would be better at coding than someone who taught himself programming and writes programs on the weekends.
Visual Basic is a computer language popular among malware authors for its simplicity; Philet0ast3r has used it to create several of the two dozen viruses he's written.
Jeez...VB? Real virus hax0rz work in assembly, it's smaller, neater, and faster. These guys are a bunch of script kiddie punks. No wonder they were hip to being interviewed, they had no talent and wanted a name for themselves.
Perhaps we should kill them.
I think that what virus writers do is to some degree helpful and harmless, the idiots that distribute the viruses are the people that should be drawn-and-quartered. Writing something is not the same as doing something with it. These 'programmers' have every right to produce and publish their programs. But the fact that these programs are destructive is why it's illegal to distribute/release/run them. I have no problem with these folks writing these things and publishing them, it allows me to see what they are up to and at least keep up with them when I can't get ahead of them security wise.
The article paints an interesting contrast between the writers and the 'script kiddies' we all loathe who are the real evil dolts behind most virus and worm activity.
Of course I use a Mac desktop and GNU/Linux servers so until these guys start using something other than VB I am not too terribly worried about them trying to exploit any hidden flaws in my systems, but it is helpful to know what they are up to, same reason I subscribe to 2600.
Even if I knew that tomorrow the world would go to pieces, I would still plant my apple tree. -Martin Luther
What's worse is, that under certain circumstances, premeditated murder carries a *maximum* penalty of 2 years in jail (basically for environmental crimes. I studied several cases in detail)
Food for thought.
So rise up, all ye lost ones, as one, we'll claw the clouds.
As a subscriber, you got to see the dupe before the rest of us!
There ought not be a draft at all. If the cause is so unpopular you can't get a volunteer militia, you really shouldn't be fighting it at all. Besides, conscripts make terrible warriors.
Give me Classic Slashdot or give me death!
First, that sort of thing is in numerous articles.. so it's a useless starting point.
Second, the photos aren't very good. It's easier to tell if you look at the pictures in the NYTimes magazine. One's blurry and grainy, another is heavily dodged (darkened) everywhere except where that "Benny" guy is, and the detroit kid does seem to have on makeup, but the picture is just slow shutter with soft focus and a light flare.
Third, when I read the article.. it talked about how formatting hard drives was old and boring. The writers were interested in odd, creative payloads like flashing images or stupid messages. The guy who wrote the virus generator added the "format harddrive" option to his program.. but that's the main mention of modern hdd formatting. To quote the article: "the prevalence of hard-drive-destroying viruses has steadily declined to almost zero."
Fourth, it is explicitly stated in the article that the main fear is from for-profit or organized virus writing (spammers, mafia, terrorists). It goes on to mention how Sobig is being tested and, so far, has been released six separate times with a built in expiration. They can't profile organized criminals because they don't want to be profiled or found.
anyway, so what's the deal? why troll get food from mods?
p