Slashdot Mirror

← Back to Stories (view on slashdot.org)

Virus Writers - The Enemy Within

Posted by CmdrTaco on from the vandals-and-visigoths dept.

Slob Nerd writes "An interesting read from todays Observer "He's 21, he's got dreadlocks, likes punk bands... and his hobby could wreck your computer in seconds. Clive Thompson infiltrates the secret world of the virus writers who see their work as art - while others fear that it is cyber-terrorism.""

23 of 380 comments (clear)

  1. My Hero by DarkHelmet · · Score: 5, Informative

    I think this is the third time this story has been posted.

    Googled version to NY Times story

    Of course, does it really count if the same story appears on a *different* page? Or a different website.

    Maybe it's time that slashdot subscribers get a cached version of the story hosted on slashdot. That way, when an editor is about to submit a duplicate story, it'll check for similar articles cached on the site. That way this kind of thing doesn't keep happening. Hell... Slashdot editors won't even have to read slashdot anymore!

    Thank you CmdrTaco for rejecting the story I just submitted in favor of this one. And I *know* the story I submitted wasn't a duplicate, or else my web server would have felt it. ;)

    You really are my hero.

    --
    /^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
    1. Re:My Hero by AndroidCat · · Score: 5, Interesting
      Clive Thompson has been shopping this story around. The two-parter in the Toronto Star was billed as "SPECIAL TO THE STAR". Special reformating of the same article as far as I can tell.

      I'm always skeptical of stories like this. Everytime there was a story where I knew the people and facts directly, the story was usually a mish-mash mixed or invented to sex up the story.

      --
      One line blog. I hear that they're called Twitters now.
    2. Re:My Hero by squiggleslash · · Score: 5, Informative
      Worst of it is that this in The Observer, a British Sunday newspaper that hasn't had any credibility in the tech community since the infamous "Peddlars of Paedophile Porn" episode back in '97.

      For those who missed it: That paper printed photographs on its front page of the chairman of a large British ISP and the owner of a famous anonymous remailer in Finland that was the target of a campaign by the Scientologists, under the above headline. Their logic? For the former individual: there's paedophile porn on the Internet, so if you're running an ISP you must be selling such pornography. Kind of like the Queen is a child pornographer, after all she was head of the Royal Mail at the time (Britain's post office), and child porn often gets sent by mail...

      The allegation against the anonymous remailer was, in many ways, even worse. The service was free and had been crippled so it couldn't be used to send binaries in any practical way, so in no sense could he have been described as "peddling" that kind of material. The allegation came at a time when the service - used by a variety of groups from abuse victims who wanted to discuss issues anonymously on Usenet to Amnesty International and dissidents who needed privacy - badly needed help as the CoS had various lawsuits against it citing copyright infringement. Attackers of the CoS had used the service to publish, anonymously, various CoS tracts. The service shut down one week after the Observer article was published.

      The Observer ran this campaign for two weeks and finally went silent over it, never issuing an public apology or a retraction. During this time Britain's fledgling Internet community went, to put it mildly, pretty much ape-shit.

      For me it was a bit of an epithany, I suspect it was for many others too, as it demonstrated how low the press can get when they're trying to get readers. This wasn't some third rate tabloid, it was a newspaper famous for its supposed high-minded liberalism and commitment to truth - it was an article in The Observer that lead to the founding of Amnesty International, another that lead to Britain's withdrawl from Suez.

      Do I take seriously an article published in it about virus writers? You bet I don't. I don't think anyone in their right mind can take that newspaper seriously.

      --
      You are not alone. This is not normal. None of this is normal.
  2. Virus Writers by ThisNukes4u · · Score: 5, Insightful

    Virus writers, while technically skilled, are complete dumb butts for using their skills in ways that are harmful to society and businesses, even if it's not their fault that it is easy to do thanks to Microsoft. They'd be better off using their skills for something more productive.

    --
    thisnukes4u.net
    1. Re:Virus Writers by flatt · · Score: 5, Insightful

      I doubt you'll get much opposition to your point but are you going to pay them? It's the same reason kids get involved in gangs and whatnot: boredom and lack of belonging/recognition.

      Easy problem to find, harder problem to solve.

    2. Re:Virus Writers by gustgr · · Score: 5, Interesting

      I don't belive they are completelly skilled. I would pay to see one of these VB virus writers to build an application which can improve our OS's or Networks.

      Like the elders say it takes 10 years to a three grow but only 10 minutos to take it down. It's the same with computer virus.

  3. Deftones aren't a punk band by Anonymous Coward · · Score: 5, Insightful

    And the technical side of the article is a pile of shit as well. Virii don't "reprogram parts of your computer". Script kiddies generally don't download virii, but trojan clients.

  4. "from the dept." by PollGuy · · Score: 5, Funny

    Think that's code for "From the >/dev/null dept."?

  5. Anyone seen a good written virus? by Anonymous Coward · · Score: 5, Interesting

    Whenever I disassembled viruses or worms, I had to scream. Even in the good old DOS-times and even with bootsector viruses, where size was an important factor, they were simply horrible written. (i.e. unnecassary bloated)

    While some may imply in their posts, that virus writers are technically skilled, I've yet to see a single example of beeing better than the avarage bad programmer...

  6. Complete Bullshit by ktanmay · · Score: 5, Interesting

    It's not like I don't have appreciation for the fine arts, but this is taking it too far, it is almost to the extent of patronizing virus writers.

    Ok fine, what if someday, a student doing research in microbiology decides, just for the sake or fine arts, I'll release a mutant plague bacteria...

  7. Dupe, or no dupe... by nordicfrost · · Score: 5, Insightful


    With quotes like this: 'This guy,' he proclaimed, 'is the best at Visual Basic.' I really understand the level of these guys... Show me an 1 k, auto-replicating, ASM-written worm spreading like the lightening through an undocumented hole and I'll be impressed. These are nothing more than wannebe punks.

  8. From the all-mouth-and-no-meat department by tagishsimon · · Score: 5, Interesting

    Umm. Slight absence of any mention of virus writing for profit: there's enough evidence that a number of recent virii were mainly about installing SMTP Relays on infected machines to propogate spam, or leaving a backdoor open so that this could later be done.

    Or else installing DDOS software aimed at Spamhaus servers, or leaving backdoors open for same.

    So. Art: Check. Vandalism: Check. Profit Motive: Check. Insubstantial "infiltration" by journalist: Check.

    Ferinstance

    http://yro.slashdot.org/article.pl?sid=03/12/03/14 23258&mode=nested

    - Oops. There goes Spamhaus

    http://securityresponse.symantec.com/

    - most of this week's crop install backdoors.

    http://www.groklaw.net/article.php?story=200402210 51056136

    - Your IP Addy for sale to a spam-merchant near you...

  9. Embellishment by `Sean · · Score: 5, Interesting

    I'm always skeptical of stories like this. Everytime there was a story where I knew the people and facts directly, the story was usually a mish-mash mixed or invented to sex up the story.

    That's usually the case with any subject! Every movie, documentary, or article that I've seen or read and have had personal experience with has been a load of bunk. I've been interviewed for numerous newspaper and magazine articles and they very rarely use any of my quotes in context. They'll usually intentionally remove the context to twist words to mean whatever agenda they're trying to push.

    My personal experiences with the media have basically ruined my ability to enjoy anything anymore. Since I know for a fact that virtually every story I've contributed to has been embellished by the authors to increase its entertainment value, I assume that any story that's been done about a subject I'm not personally familiar with has been tainted as well. And, most of the time, I'm correct. A simple five minute Google or encyclopedic search on the subject gives me more accurate data than the story that I'm following up on.

    --
    PepperHacks - Hacking the Pepper Pad
    1. Re:Embellishment by AndroidCat · · Score: 5, Funny
      Allow me my rose coloured glasses. I might suspect that all news stories are equally flawed, but it's only the "teenage haxor angst" ones that I know are flawed. :^)

      News stories are definitely like sausages and laws--never ever watch any of them being made.

      --
      One line blog. I hear that they're called Twitters now.
    2. Re:Embellishment by AndroidCat · · Score: 5, Interesting
      I got enrolled into a fictitious hacker group called "Top 40" in Montreal in 1983. Not by name, just by association. The reporter of that story crashed a Hudson Yacht-Club Get-Together looking for the scoop on this infamous group, and was unpleasant enough at the door ("What are you trying to hide?") that they let him in so he could see that we were just harmless computer enthusiasts. Some of us were starting small companies at the time. Oddly enough, he never put that in his story, which was mainly about a vast underground network of eevil hackers. (I guess a social gathering at a yacht club didn't fit his fable.)

      I wonder if that reporter was Clive in his early years?

      The actual story was that 4 teenagers got busted by Bell-cops for using their Applecat modems to phreak. Woo!

      --
      One line blog. I hear that they're called Twitters now.
  10. ... and his homepage ... by bdejong · · Score: 5, Informative

    http://www.spth.de.vu/

    - bram

  11. cannot kick-start? by bo0ork · · Score: 5, Insightful
    "A virus cannot kick-start itself; a human needs to be fooled into clicking on it."
    What, the author never heard of floppy disks, autostart.ini or malformed html?
    --
    Does everything include nothing?
  12. Re:Anyone ever seen well written english? by Shisha · · Score: 5, Funny

    Oh dear, this thread really exposes the state of the Slashdot community: Grand-grandparent can't use adverbs properly, grandparent makes a typo, while correcting someone's grammer and finally the parent:

    I assume it's not a typographical error.

    shows that he has little clue about the fact, that typography is about designing thing containg text in such a way, that makes them aesthetically pleasing.

    The question now is, of course, what have I screwed up? :-)

  13. Some other hobbies... by Robo+Dojo · · Score: 5, Insightful

    1. Cooking*
    2. Cars
    3. Boats
    4. Trains
    5. Swords
    6. Guns

    Just because you do them, doesn't mean you test them out on innocent people. How are these virus writers any different?

    *Applies to slashdot readers, only.

  14. Karma penalty ? by S3D · · Score: 5, Insightful

    Sholdn't be there Karma penalty for posting dup...triplicate article ? Isn't it amount to trolling ?

  15. Why don't mailers auto-zip and block executables? by gad_zuki! · · Score: 5, Interesting

    Let look at a lot of these exploits, they generally are .scr, .vbs, .bat, etc files. By blocking these attachments by default you're going to avoid most attempts at compromising your machine.

    Sure, this is old hat to slashdotters, but I think it would behoove all email client writers to do this by default as MS does now. Now, that leaves us with macro word/excel viruses, other exploits, and the zip files themselves. The first two can be taken care of by a competent virus scanner or system patching and the latter forces the user to open the zip archive thus revealing the true extension (most compression utilities do this) and copies the file(s) to some location thus giving the virus scanner more of a chance to check the thing for viruses.

    Its far from a perfect solution, but it will make people sensitive to file extensions and file types. It will also save disk space and bandwidth by compressing attachments (or even the message itself). Added functionality can be added like signed zip archives, AV hooks into zip programs, etc. Heck, the zip format already provides a cross-platform encryption scheme. Sure its not 3DES/RSA or anything, but it sure beats nothing (especially for those worried about sniffing).

    This is essentially the setup many of the companies I work with have. You get your pdf, doc, xls, etc but anything executable is either deleted or quarantined. I don't see why email clients written for residential customers can't do the same.

    Data loss isn't even an issue, the worst case scenario is asking the guy who sent you that .exe to zip it because your mailer doesn't support executable extensions. If you get a bounce back or a message saying "I didnt send you an .exe" then you can safely assume the file is no good and just delete it or set your mailer to auto-delete.

    This can be done in three steps:

    1. Implement auto-zipping. Geeks and security sensitive people will probably enable this by default. Or it should be default with newer version of mailers.

    2. Once a significant amount of traffic is in the zip format set your mailer to reject all executables. It also could auto-remail the person sending you executables. (this may be exploited by spammers looking for live email addresses).

    3. Watch zip vendors work closer with AV vendors to provide better protection from viruses in zip archives.

  16. Au contraire, viruses already affect medical care! by ccmay · · Score: 5, Informative
    Virus writers are just lucky computers haven't advanced far enough where medical machines can be remote controlled via the internet.

    The PACS system (digital X-ray reading monitors) at the hospital where I work caught Code Red last year, and was down for a day or two. X-rays were being read on printed films just like the old days. Slowed everything down significantly. I don't know that it directly affected any patient's health, but it certainly could have.

    -ccm

    --
    Too much Law; not enough Order.
  17. +1 Interesting by eugene+ts+wong · · Score: 5, Funny

    You really do have an interesting point. If sending a virus to my computer can be called art or intelligence or cleverness, then can kicking in the virus writer's knees be considered art or cleverness? After all, the kicker is just exploiting a the weakness of the kickee, in the same manner that the virus writer is exploiting a weakness of someone else. It would be artistic because it would be sending a message, & it would displaying the human body in a way that isn't usually done. It would certainly get the kickee to think.

    --
    testing out my trending skills