Slashdot Mirror
Sasser Author Under Arrest, Say German Police
Apogee writes "A number of german news websites, like n-tv, or the german yahoo news site (courtesy of the german press agency, lending this some credibility) (web sites in german) report that the programmer of the Sasser worm has been arrested by German police. The Sasser author is an 18-year-old man who was arrested on Friday in Rotenburg, Germany.
With the Sasser worm being the latest among worms that spread like wildfire among unpatched windows boxes, and apparently also caused serious computer outages and cost to the economy, how will this be transformed into an indictment?"
Update: 05/08 18:41 GMT by T : SexySas writes "As the German news site heise reports, the 18-year-old author of Sasser is responsible for Netsky, too. The German police is talking about 'a milestone in war against cybercrime'."
they shoulda waited until MS announced a reward for it first!
How can one make sure he was not framed?
Also what international terrorist law is he going to be tortured for?
http://www.channelnewsasia.com/stories/afp_world/v iew/83848/1/.html
The motives of the alleged Sasser author were still unclear, but Der Spiegel suggested the teen may have wanted to drum up business for his mother, who owns a company offering assistance to computer owners.
they were also arrested on Friday.
This is such a troll. There were worms that took down the Internet long before Bill Gates even knew wtf TCP/IP was. The sendmail worm didn't need Windows to effectively shut down most communications on the ARPANET, and Morris didn't use VBSCRIPT to write the worm.
Bottom line is that irresponsible writing of worms and viruses is a crime of indiscrimination and chaos, and deserves to be punished as such.
Here is Reuter's take on this and the news release at Biz Ink.
How did they find this guy? Was it that he was bragging like in the former MS worm cases, or was there a "higher technological power" involved?
Good programmers all around :-)
Score: Pandering Karma Whore -5
find it ironic that an ad for Microsoft security services accompanies this story?
There is no reasonable defense against an idiot with an agenda
:wq
IF that person is found to be guilty ( Remember kids, innocent until proven guilty! ) than that person wil be solely held responsible for all damages Sasser has caused, is causing and will cause in the future.
Hate me!
How, exactly, is he any more liable than the millions who run insecure, unpatched machines? It is the end user's responsibility to keep their machines secure. If you leave the doors to your house open, and a large neon sign over the threshold saying 'WELCOME', you'll be *damned* lucky if your insurer would pay up. If he hadn't exploited it, someone else would have, and the result would have been the same.
The reponsibility lies with microsoft, for creating shite software, with inherent vulnerabilities, and with the users, for not bothering to have any kind of protection.
Was just about to submit this story. I see my lins are different, so you may find them useful too (they are in English):
An 18 year old has been arrested in Germany, suspect of being the creator of the Sasser worm, as reported by Yahoo news and many others. Sophos believes he may also be the author of Netsky.
granted, im no microsoft lover, but im also kind of against punks like this guy... he has probably cost me almost $500 since this worm started in my PERSONAL services to my friends and family in order to get this all cleared up..
as for ms, they should be considered just as guilty, with such a large corporate juggernaught they have, they should be able to look for these vulnerabalities early, and maybe go through some more extensive testing.. or at the VERY LEAST spend a million or so and tell they public they messed up, and how to fix it... (run windows update) at least this way, you have a educated public... ignornance is NOT strength.
WARNING: This sig does not contain a joke
Anyone else get the feeling that this worm, was either a test, or a big mistake, someone wrote it (most prob this guy) and not beliving that it would work (like T33kid with blaster) set it free, or set it free in a closed network, not relising the effect that it would have? Still, just shows the problems with the world today.
- http://www.milkme.co.uk
Grow up.
In other countries? He did damage in more than one country, but with the tangled web of extradition treaties etc, how will other countries deal with his arrest? Will they demand justice?
I guess the fact that he was in Germany, a country with a modern justice system and extradition treaties, will help. They have had a hell of a time in the past getting police in places like Russia and the Phillipines to co-operate.
Just another interesting adventure in the globalized, internet-driven world I guess.
See here in german and the google translation. Official say, there is no connection. Well ...
* Smile. People will wonder what you think. *
Excellent, hopefully they can ask hima simple question and we can put another argument to rest - Was he aware of the exploit from his own hacking, or being told about it by someone, or did he just read the exploit advisory from Microsoft when they released the patch?
Realistically odds have to favour just reading the advisory, but there have been plenty of claims to the contrary.
The next question is, will any media actually bother to find out and publish the answer to that question. I'm guessing "absolutely no chance in hell".
Jedidiah.
Craft Beer Programming T-shirts
Two possibilities as I see them. First the kid was stupid enough to write and release the worm from his own machine leaving behind traces or was not careful enough hiding his tracks. Second, the kids' machine was hacked and used to hide the real creator of the worm while releasing the worm. I haven't RTA but I think these two conclusions are logical.
Does it go on forever?
The article also referred to Der Spiegel
As reported in Der Spiegel
ah, mod points
Make him explain to my mother what a worm is, what he made it, and how to enable a firewall. That'd be punishment enough.
Read reviews of shopping cart software
I only came here to do two things; kick some ass, and drink some beer...looks like we're almost out of beer.
The Sasser author is an 18 year old man who was arrested on Friday in Rotenburg, Germany.
There is no such thing as an 18 year old man. Only somewhat a slashdot would think such a thing. This is clearly an atempt to get someone to trip up and admit to it. It is a trap people, dont believe it!
> Bottom line is that irresponsible writing of worms and viruses is a crime of indiscrimination and chaos, and deserves to be punished as such.
And writing intentionally crappy operating systems isn't? Ask yourself: what would happen if they wrote something that was *perfect*?
The dangers of knowledge trigger emotional distress in human beings.
I hear this on BBC Radio news. A quick search of the BBC website gave me this link.
:D)
I also noticed this story from a while back, entitled "Hunt is on for Sasser worm writer".
(You've gotta love the BBCs use of Stock Graphics!
- Jax
A program exploits the extremely poor security track record of Microsoft products to spread itself. In my eyes, the provider of the broken software (=Microsoft) is just as much guilty as the person who made the self-disseminating program.
But history has shown that Microsoft cannot be sued while expecting to win. It's too big. In other words, Microsoft is above the law.
Didn't the creator of the Melissa virus get his sentence removed in exchange for helping the government with security stuff?
If so, the same thing could happen to this guy with the German government.
Vonal Declosion
We've got a few (3?) Rothenburg's in Germany. The one americans probably know the best is Rothenburg op der Tauber. :-)
Rothenburg a. d. Wümme is not the medival postcard town, it's just a small boring northern german town.
BTW: Wümme and Tauber are both rivers. German cities with same names ofter difference themselves by the rivers they lie at.
We suffer more in our imagination than in reality. - Seneca
Oh, by the way: after admitting the crime, he has been set free for now. Quote: "Keine Verdunkelungsgefahr" (Unlikely to disappear from the hands of police). See the Heise.de newsitem (german, use babelfish and the like to translate).
not really an important one, but still.
Sasser broke a new record in the time it took to find the worm, from the time the hole on which the worm was based was issued a public patch. Now that we, allegedly, have the worm's author, we can ask him whether it was rev-enged from the patch, or whether he had prior knowledge of the hole.
Shachar
P.S.
I would wager the former, but still interesting to get an authorative answer.
It is Microsoft that sold a bad product, so why don't they have to pay for all the damages their product have caused?
> And writing intentionally crappy operating systems isn't? Ask yourself: what would happen if they wrote something that was *perfect*?
Someone would complain the default colour scheme was crap.
The world would end. There is no such thing as a perfect system, in any engineering discipline. There is no perfect fuel, no perfect engine, no perfect joint, no perfect medical procedure, etc, etc, etc.
That you expect perfection only goes to show that you are an American.
However I am basing this on that fact he is 18 and on the assumption that he fits a profile of some kid who does n't have many friends and needs attention. I'm not saying I'm right, just my take as you'd be amazed on how many criminals get caught simply on the inability to keep their mouths shut.
First of all I would push you to the ground. Pee on you chanting "House on fire, house on fire, put it out, put it out." Then I would force you to drink antifreeze until you pass out. And Then you would wake up in excrutiating pain with a size 7 poop shoot.
What if his virus would have erased every jpeg on the computer, like iloveyou? It got everyone to patch without causing data loss - just temporary bandwidth wastage. Also, what happens when someone posts viruses anonymously on a public forum, but doesn't actually distribute them? (Say, base64'd as anonymous coward)
Much as I'm pissed off with Microsoft for putting out software with so many holes, I think virus writers still have a lot to answer for.
I reckon he should get 10 minutes of prison time for every machine his trojan infected, since this is the time it probably takes someone on average to clean up the mess.
1,000,000 * 10 minutes = 166,667 hours = 6944 days = 19 years.
Seems fair to me, anyways...
Timmy, have you taken out the trash yet? If Mom grounds you again, she'll not only take away your computer for a month, but she'll make you leave the basement!
Sure, these worms did cause a lot of inconvenience and downtime and such. But a (probably unintended) benefit of their outbreaks was that many vulnerable machines are now actually patched. Without these worms, if you hit a random 2K/XP machine on the net, there is a very good chance that you can take over the machine through either DCOM or LSASS (port 135 and 445 IIRC). Essentially, everyone can gain access to millions of machines, and the owners would probably be totally unaware. I'm not trying to defend the worm writer, but we all know that millions of people simply wouldn't patch until the machines keeps rebooting every few minutes.
My wife is forced to use XP at work. Her computer is set to auto-update, is firewalled, and has two up to date virus scanners. Despite taking all recommended precautions, her computer got sassered. Does anyone care to explain how she is in any way responsible?
Serial Meta Moderator
> That you expect perfection only goes to show that you are an American.
I -- Am -- Canadian!
> There is no such thing as a perfect system, in any engineering discipline.
By perfect, I meant: without bugs. I wasn't talking about features. Sorry for the confusion.
The dangers of knowledge trigger emotional distress in human beings.
I'm sorry, but any virus or worm writer that gets busted is just plain stupid. It's so simply to NOT get caught:
Step 1: Write virus/worm without your name, intials, alias, or any other identifying info.
Step 2: Release your virus/worm from an internet cafe, preferably one far from home, even a different city or country.
Step 3: Keep your mouth shut!!!
I mean, how hard can it be to avoid getting caught? I think most of these morons have the most trouble with steps 1 & 3, even if they're smart enough to manage step 2.
They would be what is commonly called "God". Nothing is perfect.
...I think he should be locked in a padded cell with a 486-SX and a copy of Windows v3.1 for company, I'd sooner have my left nut crushed in a vice rather than face that
I've noticed that everyone who is for abortion has already been born - Ronald Reagan
Sauer grapes, perhaps?
If it becomes that easy, and people don't get caught, then governments will have to react. Government might force an identification system where there will be no anonymity. They might have closed networks, where countries that don't agree with us are shut out. 1984 is going to happen because of these people. And givernment will use it as a legitimate reason to take away freedom from the rest of us. The .0001% of people who are anti-social criminals are going to cause the other 99% of us to lose freedom. That is why they should be punished harshly when they get caught.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
hmmm...dump M$...go the GNU way but is any system really safe ?? Check out this news link ::
http://story.news.yahoo.com/news?tmpl=story&ncid=1 817&e=9&u=/zd/20040506/tc_zd/126378&sid=961207 51
~~~~~ rudga ~~~~~
how some of these so-called "genius" worm authors always manage to get busted. If any of them had a brain in their head and assuming they're not bed-ridden, they would stop being so headstrong and arrogant, and release the worm from an internet café. They could even wear a disguise, dye/cut their hair, or walk funny just in case the place had surveillance cameras about. It just seems to me that it would be so simple not to get caught at all.
The oppertunity to do the crime does not lessen the caupability of the criminal.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
> My wife is forced to use XP at work. Her computer is set to auto-update, is firewalled, and has two up to date virus scanners. Despite taking all recommended precautions, her computer got sassered. Does anyone care to explain how she is in any way responsible?
;) How could it get through the firewall ?
She isn't, but my comment was about the trolling post at the top. Her network admins are
He should be punished to the maximum extent permitted by law - I don't care under which law. People who can't respect computers should not be allowed to (ab)use them. If he screws up his computer, it's his problem. But the moment he screws up boxes over internet, he's got to be punished hard. The punished should be harsh so that no other individual will ever attempt to write a virus. Microsoft users are already suffering with poor quality, tech-support and other stuff, guess they don't need viruses.
You must be a Windows sysadmin...
Slashdotters blaming someone other than Billy G or Stevie B for bad things.
In other news, Osama Bin Laden renounces Islam and donates his fortune to the James Randi organisation.
This would be great for a /. pol:
Favorite new mod option:
Karma Whore (neg)
Sarcasm (pos)
Stupid (neg)
.
.
.
You get the idea, I'm sure we could think up some better ones than that, if I get many (any?) replys, I might submit a poll suggestion afterwoods...
Ask 8 slackers a question, get 10 awnsers (a citation, but I can't remember from who)
According to one of thousands of corollaries to Murphy's Law, a spelling correction on the net is guaranteed to contain at least one spelling mistake as well.
:-)
Of course, it's not "medival" but "medieval"..
Hardly likely to have happened, since according to the Yahoo! Germany newswire, Microsoft gave the vital hint to the German police that led to the arrest. Which makes you wonder whether they scanned their Apache..erm..IIS server logfiles to see who was reading about certain security alerts.
...but this man is the suspected author of the worm. The authorities haven't released his identity, nor how they arrived at the determination that he is the author.
Btw, Here'a an english version of the story.
Yeah, dude deserves any respect... he's some punk kid that thinks he owns the internet. No better than punks who spew in usenet or spam email.
Tom
Someday, I'll have a real sig.
forgot, some more ideas:
Bad spelling
Grammar nazi
Cowboy Neal posted!!!
Ask 8 slackers a question, get 10 awnsers (a citation, but I can't remember from who)
Whoa!
I agree that worm writers are scum. They shouldn't be excused because someone else left a vulnerabilty for them to exploit.
But, especially at this point, I DO think that Microsoft deserves some blame too. SASSER follows in the wake of SQL Slammer and MSBlaster, arguably 2 of the most damaging buffer overflow exploits in many years. IIS has been repeatedly compromised by buffer overrun problems since its initial release.
It isn't hard to code an automated test for buffer overrun vulnerabilities. I have done it myself for embedded designs that I have done with TCP/IP capabilties. Admittedly, it was a much simpler task for my circumstances since my products support a very limited subset of TCP/IP, but then I don't have a legion of progranmmers at my disposal either.
Here' my point: given that you had a product that had suffered buffer overrun problems for yeras, wouldn't you test specifically for buffer overrun problems before release? Maybe I would give NT and win 2000 problems a pass but win2k3 and XP were both released after a long history of buffer overrun problems. Why didn't Microsoft test specifically for buffer overrun problems before releasing them?
And I hope we will not get the society that you want.
:w!q
That's your definition of Perfect.
....
My definition of perfect means I can plug in my new USB scanner and have it work immediately. I can goto a website and see those new SVG images, I can
All this "functionality" that is second thought to whiny little bitches like you *IS* what gives operating systems their complexity.
Not to mention keeping compability with so many years of prior operating systems. I'm sure if WinXP wouldn't run Win95/98/ME [heck even Win3.11] applications there would be a huge outcry of how evil MSFT is for limiting compability.
So basically people want a bloated featureful operating system and then expect it to be perfect.
Admitedly a lot of the bloat is self-induced by Microsoft subscribing to any new system [.NET, C#, ASP, etc...] just to sell more product. Why people go beyond the win32api in plain C is a mystery to me. GUI coding really ought to account for a minimum of the time not maximum...
Tom
Someday, I'll have a real sig.
If a 18 year old kid can write a small piece of code which can lament and trembel a large part of our society, who should we blame?
Robert
No details on how they caught him? Sounds fishy... Catching a virus writter has been proven as one of the most difficult things to do. I bet they just found some kid talking shit in a BBS, traced his IP, and nabbed his ass.
But you never know...
"Instant gratification takes too long." - Carrie Fisher
> All this "functionality" that is second thought to whiny little bitches like you *IS* what gives operating systems their complexity.
That's not what I meant. I mean that if you have bug-free systems, you can easily add features that are bug-free as well. Microsoft's problem is that they don't care. Why should they? They have never been financially forced to care.
The dangers of knowledge trigger emotional distress in human beings.
Cripes, he's 18 - he's barely out of school, and probably set to head off for a college. Much could be made of this kid, hopefully, if he's lightly punished and let on to do better things.
The way the press is attacking him and seems to be making a scapegoat (albeit guilty) out of him just seems like too much.
nt
Hey, tell that dude not only well done for apprehending the scoundrel, but his free OS rox, can't wait until the next release!
He's liable because he committed the criminal act that harmed others. Absent that, no damage and no crime. It may be unwise to run an insecure PC, but it isn't illegal.
Using your logic, we might as well arrest victims of drive-by-shootings for providing targets.
-- Slashdot: When Public Access TV Says "No"
What kind of world do we live in where people get off seeing others suffer. These comments make you no better a person than the worm writer. It is only when we recognize the futility of violence as a deterrrent, that society can move forward into a better age. Grow up.
I have this theory, it goes like this...
i s) a rt )
~~#executeVBscript->.mail_to_all_my_friends(*th
~~#executeVBscript->registry_add.onrestart(rest
Making boats out of cheese graters would be a bad idea. Fixing leaks with band aids is even worse.
"Microsoft signs security pact with Germany" http://news.com.com/2100-7343-5204643.html
That was on may 4th... Today THEY GOT HIM. Thats quite a remarkable effort from the Private Secret Police of Microsoft.
Robert
Hallo! Mein name ist Dieter. Entschuldigungen Sie, wo ist in der nähe ein Post, bitte?
*exhuasts my german skills I got from school*
Now tell me how they are supposed to download the M$ patches necessary.
Simply go here, give them your name and address, and the nice people at Microsoft will send you a CD with all of the current OS patches. Free of charge.
You do remember what snailmail is, right?
Your idea of an ideal society is, to say the least, immature. I hope you realize that your view is more of a problem for society than this alleged virus writer. In addition, I hope you are able to understand that people are *always* innocent until proven guilty.
You say "I hope we get back to a society where people have shame when they do wrong." Well, after reading your post I hope you are ashamed of what you wrote.
Someday, after the revolution, this will be remembered as something we should have taken more seriously...
The orignalgod is a Dog man. i fucked him in the ass yesterday.
Excellent. Quotes from the ultimate gasbag, the raging hypocrite, the chickenhawk pussy aka Rush Limbaugh is certainly making my day. :-(
And have you ever seen a single, functional piece of software without bugs?
He should have to pay for the time that was spent cleaning up his worm from all the machines. Alternatively perhaps he can do an hour in pound-me-in-the-ass federal prison for every hour spent getting rid of his creation. Even better, since Micro$oft with their lax security policies contributed to the spread of the worm, they should pay a $1000 for every hour spent cleaning the worm or send the windows developers in the same pound-me-in-the-ass federal prison.
Independently many functions are bug free. It's their *interaction* that can cause bugs.
Beside if you think MSFT is so bad look up "kernel vulnerabilities" in google. MSFT is not the only company/group that produces code with bugs in it.
Tom
Someday, I'll have a real sig.
So what, that doesn't mean that he is guilty in the official meaning of the word. He was arrested yesterday, with the help of all kinds of specialists, some of them work for Microsoft.
It's standard procedure for the police to work with external specialists.
The idiot who wrote that worm was released later that day and his trial will be in a couple of months where all kind of evidence is used to see if he is guilty or not.
Yes, most likely the statements of said specialists will be heard by the judge but what you are trying to imply is just pure bullshit.
You know, it was a worm written for for a Microsoft OS. I can hardly imagine a better source for information for the police.
Hendrik
Should the accused be found guilty, he should be handed into the custody of a randomly selected group of admins who were adversely affected by Sasser, and punished in whatever horribly painful way they see fit.
http://news.bbc.co.uk/1/hi/technology/3687583.stm
"According to anti-virus firms machines running Windows 95, 98 and Millennium Edition can help spread Sasser even though they cannot be infected by it."
The 18 year old kid, (his name is Sven?) really hit Microsoft windows at its weakest sweetspot: Federal ordered builtin hookups for "remote security management" and other "activities" as e.g. Spyware.
Robert
"These comments make you no better a person than the worm writer."
Apparently you have very poor comprehension and discrimination abilities. Making comments, regardless of how vile, does not in any way equal actually *DOING* something to harm others.
"...only when we recognize the futility of violence..."
Yep. Criminals first. *Then* you can carp on the rest.
So, even the Slashdot editors don't RTFA anymore?
In Soviet Washington the swamp drains you.
tell M$ to put their money where their mouth is and hold them liable for all the damages.
Any auto maker is liable for problems necessitating recalls, so why shouldn't M$ be too? You'd think the biggest company in the world could at least back their products.
Lobby to your congress-person to hold M$ responsible.
Interesting. We had a machine fall over last week during the height of the Sasser panic. Norton AV had caught an installation of a Windows rootkit, and when we got to it (holiday weekend, so took three days), it had an FTP server installed with 19Gb of German-subtitled Moviez. Kill Bill 2 et al.
.de of all places.
We found various infection scripts lying around, because Norton's quarantine seemed to have stopped the infection script in its tracks. One thing it did was to take the machine's details and upload them to an FTP server. A server in
We don't know if this invasion used the same exploit as Sasser, or if a small number of Sassered boxes get FTP status or what. But the German moviez + German FTP dropbox seems suspicious.
Luckily we had the IP-address, username, and password in the script, and were suprised to find we could login there and delete the info. Hopefully the hacker hadn't copied it, but the box has been re-installed from scratch.
And the user is now seriously contemplating Linux, after losing two days...
Baz
This might be offtopic but it's not really flamebait. A history teacher at my highschool had a Nazi flag on a table in his room, it was appropriate for the current lesson & had been being used for years. Well, a german exchange student, I believe his name was Tomas, we had visiting our school was walking by the classroom & happened to catch a glimpse of the flag (folded on a table) & he went apeshit. He busted into the classroom (between classes thankfully) and started raising hell, yelling what were surely german swear words and such at the teacher & the flag. It took about an hour to calm him down, the flag was put away for the remainder of the year.
Jaysyn
There is a war going on for your mind.
nothing worse for a nerd then no computer.
Sending him to prison only makes him meet the really bad guys.
Jail is not the solution to everything. It denies you normal live, far beyond the duration of incarceration.
No, never will a German citizen be extradited. This is forbidden by German law. (Would the U.S. extradit U.S. spammers or virus authors to other countries? Worth considering I guess.) He will be charged for computer sabotage and maybe some more things. IANAL but IMHO he's unlikely not to spend some time from home - BUT - him being 18, he may be handled according to the criminal law for minors, depending on the outcome of a psychological test that is usually conducted _before_ the trial itself starts. Which means a long time in jail is not very likely.
So - forget about the idea of meeting him in Guantanamo. We are a constitutional state which even acts after the old principle "in dubio pro reo" (I still wonder what Binalshibh could possibly know that other countries' officials should not know. Very strange if you ask me ).
open (SIG, "</dev/zero"); $sig = <SIG>; close SIG;
To complete your bullet proof vest analogy.
It is more like people are wearing T-shirts in a crowded shopping mall. now most of these T-shirts are made by microsoft and have some holes in them.
If you shoot a special bullet in that hole the T-shirt begins to magically fire the same kind of bullets all around, and you get a cascade effect where all the T-shirts begin to fire bullets.
Now microsoft offer pieces of cloth to patch up this particular hole in the T-shirt, and you could also have warn a jacket or even a bullet proved vest over this T-shirt which would have solved this particular problem.
There are even people with already firing T-shirts and they walk to an other crowded place and infect the T-shirts there. Granted if you are wearing a blindfold you may not have known your t-shirt is actauly firing bullets.
Now lots of people actually die from these bullets.
Now can you say that the people that wear these T-shirts with holes in them are completely free from blame?
Take
Damn you ROBOT HOUSE~~~~
no
Im not saying shes responsible but, I would assume that someone on her network has a laptop.
Chances are someone took it home, got infected, then came to work with it.
Voila.
As in "Sent to the U.S.A." ?
Human Right forbids,I really hope for him he's not...I mean, that would really be cruel...
I think to remember a Russian programmer being sent to prison when he came for a security speech, so all he have to do is postpone all travels in the US for the next years...
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
I wonder if international governments and Microsoft will try to make an example out of him?
Maybe give him the death penalty?
How about:
'Soviet Russia' joke
I agree with you that there is an international legal void that gets slowly filled when it comes to IT related crimes and severe penalties should apply to cases like Sasser for example.
But I think implementing this will not deter or reduce significantly the number of people that practice cracking/hacking/or-how-ever-you-call-it.
Same reason that the death penelty has not reduced homicides in US.
When was the last time that anybody precalculated the jail time he/she will get as a deterrent to a certain illegal activity?
In fact in this case I think it will act as a boost, since elite/defiant behavior to the law can be considered very c()()()()l!
Cheers!
Yam, yam, uga booga, yam, yam, yade, yade, uga booga, yam, yam, yade, yade
that person wil be solely held responsible for all damages Sasser has caused, is causing and will cause in the future.
That kinda got me thinking...
Let's use good ol' Diebold for an example. Let's say, hypothetically speaking, that Diebold makes a voting machine which just happens to have a flaw in the way it tallies the votes. Say someone actually goes to the voting booth and exploits that bug, someone wins by a landslide, and the exploit was found.
Sure, the guy would be found guilty of vote tampering and probably would be given jail time, but Diebold would hang as well for not producing a reliable voting machine which, in effect, ended up costing the state hundreds of thousands of dollars and plenty of man-hours finding out how to fix the bug or find another way to replace the Diebold machines.
But in this case, is Microsoft going to be held reliable for even a split-second? No. This kid's gonna fry, and everybody'll blame him. Why doesn't anyone every blame the product which allowed the virus to spread?
Doesn't anybody ever find it interesting that Windows has basically forced the world to accept its view of security, defined as "wait now, act later"?
Thanks, I've got my 8 now...
Ask 8 slackers a question, get 10 awnsers (a citation, but I can't remember from who)
You people are saying things like "kill him", "torture him", "do everything horrible I can imagine to him". I can't believe that! Personally I did nothing to "secure" my system other than run an up to date Anti virus, patch my system, and stay behind my firewall.
I wasn't affected in the least, maybe at work I had some extra calls but that was only after the news started scaring people and surely not when people became infected.
In all actuality he probably made us all a few extra dollars. I'm not sure why you all hate virus writers so much, personally I've never once had a virus and I once went 2 years without an anti-virus. If you all are so great, how were you so easily infected? I've done the bare minimum to be secure, and security wasn't even in my mind when I setup my systems. I think you all are just projecting your anger on someone else because you weren't bright enough to secure yourselves.
I'm probably going to be modded as flamebait but it's the truth, I don't see how you people were affected so much other than probably some extra free time at work.
Why invent new crimes when it's just the same old crime on a new medium?
This punk trespassed, stole services, and vandalized the effected machines. Prosecute him for that.
60 days in jail and $20 fine, for each instance, served consecutively. That should be sufficient.
Bob-
The Ludwig von Mises Institute. The reasoning individuals economics
We'd only haveto do it once to get the message across.
And while we are at it we should reexamine the whole legal system and introduce capital punishments to everything!
YEAH!!! You stepped on my foot... you should die by leathal injection!
Uga Buga (jumping up an down in my hairy hunched-down body and banging a large piece of wood on the ground sometime in 45,000 BC)
How about killing him and his family and his pets as well? How about you do that on public TV?
Yam, yam, uga booga, yam, yam, yade, yade, uga booga, yam, yam, yade, yade
"Locks keep out honest people."
Microsoft is certainly not to "blame" for the fact that someone chose to exploit holes in their software. What Microsoft is to blame for is their arrogance in both claiming they are secure *and* absolving themselves of all responsibility for not *being* secure.
No computer system that offers services can ever be totally secure. You know that, I know that, but the Microsoft marketing department will pretend it's not true.
Let this punk get prosecuted for simple trespass and theft of service. Simply paying back all the victims for their time and effort wasted dealing with the worm should keep him in forced labor for the rest of his life.
Bob-
The Ludwig von Mises Institute. The reasoning individuals economics
An 18 year old with enough skill to find a buffer overflow exploit in WIndows RPC, and then to write shell code (it's pure x86 asm) so that it can spread like wild fire...
this kid is either an experienced systems programmer,
a skript kiddie (just unleashed it through out the world),
or a scapegoat.
C'mon, I thought slashdotters were KNOWLEDGEABLE about this kinda shit. You people taking this at face value?
ugh.
My question is: How did Microsoft do that? How could Microsoft find a guy, merely by studying the executable that he had created?! This really has me stumped.
Does anyone care to speculate?
Yes, 18 is a legal adult in the US... kinda... but I think of nothing but "punk kid" instead.
Regardless, punish him like a man - hah!
Berto
"The Sasser author is an 18 year old man" Virus programmers should be referred to as boys. I think a certain maturity comes with the term man which is obviously not warranted here.
Make the kid write a fix for Sasser and let that loose on Internet?
http://efil.blogspot.com/
The simplest way to test any protocol is to send packets of random length with random data.
If the software can't handle this, something needs to be fixed.
What a joke Windows is, all the man-hours devoted to its development, all the programmers who write/maintain the code for it. And it only takes the mind of an 18 year old BOY to bring their system to its knees. Wasn't the last MAJOR worm problem attributed to an overweight 18 year old? M$ should hire more fat 18 yearolds.....
"There is no protocol for a system to advertise it's vulnerabilities."
Yes there is. If the package has a logo of a little box with four smaller coloured boxes inside it, its vulnerable.
Here you can find a (german) TV-Newsclip.
Windows XP has backdoors in it to allow Microsoft and other authorities to trace people.
If the file was compiled on XP, its fairly simple to see that and know a lot about the machine just by analyzing the file itself.
Microsoft most likely had a backdoor set up within XP. Next time they will write their viruses in Linux.
People don't exist to serve systems, systems exist to serve people.
It's really suprising that no one's put a destructive load on these worms. With the amount of pc's that have been infected, the damage would be catastrophic.
As far as security goes, NT 4.0 is the main culprit. Microsoft should have done some serious code checking on NT 4.0 before basing future OS's on it. As you've noticed, an exploit on NT 4.0 is also present across the spectrum of NT-based OS's. So Microsoft's priority should be to examine the NT 4.0 code that went into 2000, XP and 2003 and find potential problems before they're exploited.
For those who have no idea what is being talked about (for *years* I heard the term "fnord" being referenced and had no idea where people were getting it from), read the Illuminatus Trilogy.
Or don't. I found it to be confusing and bizarre. The authors like to switch between viewpoints of characters without warning (and a few times, in the middle of paragraphs). Some characters have viewpoints that are distorted by being wrong or doped up, one character is a dolphin (and has correspondingly un-human thoughts), the whole mess is added to by the fact that much of the book takes place in flashbacks and that it's very difficult to tell who is insane and who isn't, the fact that much of the content is complex uber-paranoid consipracy theory and religious or philosophical -- oh, and the fact that there are backreferences to all kinds of minor details throughout the books.
May we never see th
Once they know the MAC address they can find him by asking all the ISPs to co-operate. The MAC address is used in ARP routing for networking and is how each card is uniqely identified. His ISP would know his MAC address, then all they have to do is turn up and arrest him. Of course, he could have just shot his big mouth off on IRC too e.g. "m3 l337 H4x0r br1ng d0wN teh ev1l M$ c0rp0rat1on...pr41s3 b3 to m3!"
All those moments will be lost in time, like tears in rain.
Microsoft then called the German police.
I am sure the person who called Microsoft was doing this because s/he wanted the reward. Otherwise s/he would have gone directly to the police.
Translated quote from the article:
A good example of the man trying to keep us down.
-Imidazole2
Why doesn't someone write a virus that 'spreads like wildfire' and infects all unpatched pc's and then auto runs windows update or just patches the systems? It might still be illegal, but it's not like anyone could sue for damages... just violation of privacy and unauathorized system changes. But who would really go after them?
Reuters link
"We are absolutely certain that this really is the creator of the Internet worm because Microsoft experts were involved in the inquiry and confirmed our suspicions and because the suspect admitted to it," said Frank Federau from Lower Saxony police.
OF COURSE! If Microsoft says someone's guilty, of course they are. The fact that they admitted it doesn't mean shit.
"Police described the suspect as a highly intelligent "computer freak" living with his parents."
But OF COURSE he's a 'computer freak' living with his parents. What else COULD HE BE?
Most criminals, espically the non-organized ones, suffer from a problem of running-of-the-mouth. Almost all of us do, actually. We like to brag about the things we've achieved to friends. However, when you are braging about legal exploits like winning the pot at the last card game, it's fine. Thing it most crooks also brag about their illegal exploits too. This is fine, until one of their friends (or friends of friends) turns them in.
Also most script kiddies/crackers run their mouth when they get caught. We had one on campus, he was using some program (I forget the name) that tried to spoof itself as the default gateway so all traffic would go through him and he could sniff passwords. He couldn't get it working right and it kept bringing down a part of the network. Well when we caught him he instantly confessed everything to us, then to the police.
The thing is that he (and those like him) are so convinced of their invenurability because of their anaonymity, that they are just totally unprepared to get caught. So when it does happen, they usually just break down and confess everything.
My favorite part was when the 1337 dude they interviewed (complete with silouette and altered voice) said that it only takes 2 minutes to hack a Windows SCADA.
I'm in the hole of the broadband donut.
http://www.reuters.com/newsArticle.jhtml?type=inte rnetNews&storyID=5080701 sez:
"Federau said the man, who he described as a highly intelligent "computer freak" living with his parents, was arrested on Friday near the central German town of Rotenburg but was no longer in custody."
As a proud computer freak and a circus freak, I'm offended and demand a public apology. Damn you all "police freaks"!
Hmmm, you know, I haven't seen Helios release any more updates to his Helios Hook aimbot for Unreal Tournament and Tactical Ops since Thursday. And he was about due for another one already. And we all know he was making trojans already... Wouldn't it be nice if that were he?
Karma: Bad is the liberal way of saying this guy won't drink the kool aid here on slash dot. I wear my Karma with pride
Make him work for Microsoft... Oh, WAIT a minute... :)
Who moved my sig?
I wanna shake his hand, and hire him for my network security company.
Most locks ARE easy to bybass, amazingly so. The simple tumbler locks that 99.99% of houses have are nothing for a trained locksmith. My friend who has such training and tools (it's his profession) and can pick most standard locks in under 10 minutes, usually faster.
This is not an uncurable fault, however. On my front door there is a Medeco Maxum lock. This lock has a different kind of pin (they call it biaxial) and it is something that is very difficult to pick. My friend can't always do it successfully. It also has greater security with it's keys. A normal lock, you just grab someone's key and get a copy made at any Albertsons, then return the key, they are none to the wiser. Not so with Medeco locks, normal grinders can't dealw ith their keys, and Medeco dealers refuse to make copies without picture ID verifying that the person owns the lock.
Well then, should we be suing all these lock companies for selling these poor quality, easy to defeat locks? I mean they KNOW there is better technology right? Well yes, but there is a tradeoff: Cost. If you go to a hardware store, you'll find that locks are about $20-$30, no big deal. I paid about $200 for that Medeco lock. So if you want that kind of security, you need to be willing to drop about 10x the cash.
It doesn't end there either. Medeco locks are better than average locks, but they aren't invincible. They are still pickable, with effort, and they aren't invinvcible. For that matter, someone could just bash in your door, given enough time and force.
Just because better technology CAN be gotten doesn't mean there aren't tradeoffs in doing so.
Let's see, the guy's user ID is Adoph_Hitler and you're surprised he's a troll??? And you make disparaging implications about AOL and Linux users because of this guy? Just how reasonable is your flamebait?
Guns don't kill people -- people kill people.
But the guns seem to help a bit. (apologies to Eddie Izzard)
Sasser was only a new type of worm for him - the police found evidence (Google Translation here) that he is also responsible for the netsky virus.
* Smile. People will wonder what you think. *
Okay, I realize that cooperation with Microsoft may be useful, but this is a little nervousness-inducing:
Spokesman Frank Federau for the Lower Saxony police said the man was arrested Friday. Federau said the suspect admitted to programming the worm, but authorities did not know if he had created all the versions of it.
"He made a confession, and the experts at Microsoft have now confirmed that he was the cause of this worm," Federau said. He said he did not have any details of how the suspect was found.
So...while I realize that this is a black eye for Microsoft, and that it's to their benefit to assist in tracking the guy down, and I realize that police budgets may not allow for competent cybercrime investigators, it always makes me nervous to see police saying "investigators from <large global corporation> have confirmed that this guy is the culprit". Yes, he'll have his day in court, but still...damn.
May we never see th
even tho the sasser and blaster virii have been infecting loads and loads of machines, it still only seems like a pest. most virii just infect somebodys email or just annoy somebody to the point of formatting their box, and then getting some av protection. there hasnt really been a virus that will actually destroy a piece of hardware so that the machine is completly unusable (wiping the firmware of a harddrive, or overclock the processr for example), and if the people responsable for the viruses at the minute realise that this can be done the there is no telling what can happen in the near future. just think, a highly replicating virus (blaster or sasser) with the ability to destroy a hard drive, or any piece of hardware, as soon as the user restarts! just a thought, but things may turn nasty in the next few years for microsoft! (lets face it, who really likes windows??? :) )
Or a script kiddy who has been forced to put a sting on his contacts??
Texas is the death penalty capital of the world. By your logic that would also make it the safest place in the world, yet people are murdered here every day. A person can be imprisoned for years (years!) if caught with trace amounts of cocaine, yet the crack epidemic is as strong as ever.
I wouldn't complain about his logic when you've used 2 crimes to generalise across the whole of crime.
Believe it or not, crack is addictive. I worked with a crack addict who sold his mum's car. He really didn't care about anything apart from the next fix.
Most murders are spur-of-the-moment crimes of passion. The murderers do not think about the consequences in the 5 seconds it takes to kill someone in your gun-obsessed country.
OTOH, this 18-year old allegedly rationally planned, designed, coded & released Sasser & Netsky, which caused god knows how much in damages, caused as yet uncalculated amounts of stress, and the actual number of people directly killed has yet to be investigated (I bet it's >1). Not only should he receive the full punishment under the law, but it should be a cruel and unusual punishment, just to make sure his peers remember.
I think the authors of computer viruses should be treated as terrorists. They cause lots of damage to innocent people. George W. should include computer virus authors as "enemy combatants" in the "war on terror". Lock them up. Throw away the key.
I've often felt the need for a "-1, wrong" moderation option.
...I mean, getting caught - no problem: this person did a thing that only a serious de-'script kiddy'-programming (preferably by some hackers) can fix now.
What I do find very bad however, was that the person who caught him should have gone to Microsoft first instead of the proper authorities. Where will this go ?
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
Or have you not actually finished it? Don't worry, your mom will wait until you can pay her back. And I'm sure you can find a copy of 'TCP/IP for Dummies' in your school library someplace.
I didn't get hit with this, nor did anyone I know, but this kid should have his dick chopped off as an example. That'd be more deterrence than jail for most men.
...is that this zit-faced luser will become yet another Underground 1337 h4x0r Hero to all the other lusers and the media. Just another nobody in the right place at the right time who'll be the first person interviewed on national TV as a 'h4x0r Expert' everytime some other acne-covered virgin uses his older brother's virus-by-numbers VB toolkit...
What? The copy you donated after you determined the "Dummies" version of TCP/IP was too far above your skill level for you to use?
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
Fucking prick ruined my weekend.
If you want to blame MS for this (and on Slashdot it's a given), blame them for announcing the vulnerability. This guy wouldn't have been able to make SASSER without it.
Given that a properly configured firewall should prevent a SASSER invection, does anyone care to explain how this scenario is even possible?
I spent several years of my life as a locksmith. The unfortunate truth is, Schlage is just average. Not as bad as Kwikset (avoid like the plague), or Weiser (avoid like it's a Kwikset), and not as good as Master (formerly Dexter). Unfortunately a few years ago Schlage realized their locks weren't as good as Master, so they bought out Master's door hardware division (essentially the old Dexter that Master bought) and shut it down.
Schlage aren't bad locks, but they're not really as good as most people think they are. They're just kind of "okay". Not that you asked, but now you know. =)
-BK
Chemical Blog
I think I have fixed about 20 machines with the Sasser worm in it in the past week and more will, undoubtedly, be coming
Guys like this ensure I have a (horrible, below my ability and schooling) job...at least it pays the bills. More, more, more LOL
Sasser showed me which windows machines did not have their auto-patch routines working.
Since the PC support group had recently reported that all machines were now in the auto-patch system, we were quite suprised to see almost 1% (which is a lot of machines, around here) get sasser.
Incidentally, a crude way to scan your network for sasser (let's just say you've got a linux box handy with samba,nmap,bash, grep and gawk and that your network is composed of three class C segments numbered 10.0.1.0, 10.0.2.0, 10.0.3.0 for the sake of example) is:
nmap -p 5554 -oG '-' 10.0.1-3.1-254 |gawk '/^Host.+5554\/open\/tcp/{print "nmblookup -A " $2}'|bash |grep "<00>"|grep -v GROUP
If your machines have useful netbios names (such as their location, for instance) and/or you know the names of your users, that should give you all the info you need.
Thank you Mr. Sasser author! You the man! Your non-destructive code was a public service from where I'm sitting (yes I know others feel differently - the real universe is subjective, neh?).
Well, one can dream anyways
and look up "Irony." I'm guessing you're American.
Author, Shell Scripting : Expert Re
What does a system for secure legal transactions using XML have to do with a teenager who was ratted on by his mates? Either this was a joke or this guy is way past help. I suspect the first option.
I can't believe this has been modded up. Well, Funny may have been appropriate.
Jeez.
I'm sorry if I haven't offended anyone
Sorry for being the spelling idiot, but shouldn't it be "answers"??
It didn't stop alcohol , but started off the highly profitable boot-legging which gave birth to protectionist mafias ... and in short america's criminal class ..
:)
..... if guns were outlawed ... only outlaws would have guns ...
Considering that example , maybe education should be prohibited
Looks like the old saying's true
Quidquid latine dictum sit, altum videtur
Maybe we find out about the real names and versions of all the Sasser and Netsky variants now. The ones we know now are just made up by the anti virus guys after all.
heise.de today mentions that Microsoft will pay $250000 to the (less than five) informants.
And here I thought that it was the colour of the bikeshed that REALLY mattered...
tstt
"There is nothing more frightful than ignorance in action." Johann Wolfgang von Goethe
Of why trying to equate the physical world with the electronic world.
If I buy a DVD, and break the CSS, then that's my business. I haven't gone to somebody's house and broken the lock and stolen something. The analogy is so poor that even Jack Valenti would laugh at it.
Please try again, but without using the flawed analogy.
Intransigent? Recalcitrant?
http://www.microsoft.com/presspass/exec/bradsmith/ 05-08sasserarrest.asp