Slashdot Mirror
Microsoft Reward Leads to Arrest of Sasser Suspect
tritone writes "According to this article on CNET, it was a reward from Microsoft that led to the arrest of the perpertrator of the Sasser Windows Worm. This is the first success for Microsoft's Antivirus Award Program, a $5 million fund to reward people for coming forward with information about those who release major worms and viruses."
... Microsoft should have used the money to audit their code or something ...
Good. All anti-MS "They should have written more secure software" comments aside, I am glad they were able to catch this guy if it is him. I am glad the reward worked. In the end there is one person that is really, truly responsible for the virus and that is the virus writer. Now I wonder how much of the $5m pot the informer(s) will get.
Great ideas often receive violent opposition from mediocre minds. - Albert Einstein
...that MS would hand out those rewards to those who turned in people that used pirated versions of their software. Not that i care about Microsoft piracy at all, but I know a few assholes, and I could need the money.
this is probably the most boring sig in the world
I suppose throwing money at the problem is proactive, but hardly clever.
In this complex and often terrifying world, it's nice to know that some things never change.
Faster! Faster! Faster would be better!
Don't go bragging about your next virus release.
Sheesh, evil *and* a jerk. -- Jade
While I do agree that they need to do better (not more) auditing of code, I also think it is admirable that they are taking responsibility for the damage in some way. Props to Microsoft.
Suggestion, instead of suing security companies who find and point out vulnerabilities they should implement rewards there. For example, if xyz security found a vulnerability they could either
A: release it to the news/public and risk MS ire
or
B: Submit it confidentially to the MS bug track for a hefty reward
Yes, that lacks disclosure but it is a healthier system than now exists.
I wonder what kind of deals are being offered right now for him to turn in friends and information? I wonder what is on his computer? All it takes is one informant for the police to get warrents to search all his friends and known acquaintances computers, so I am thinking there will be a bigger fallout than just one guy. I just hope they don't let the big fish off the hook to get 10 smaller fish.
I wonder if this will be the start of the dominos falling. He turns in his friends, who in return turn in their friends. Then next thing you know the FBI is knocking on your door asking to look at your computer. In some ways, I welcome that. It gets to be exhausting fixing computers from all the viruses and spyware and crap.
I am just glad that with him in jail there will be more security. One less bad guy to worry about.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
This is the first success for Microsoft's Antivirus Award Program, a $5 million fund to reward people for coming forward with information about those who release major worms and viruses."
Reward Money: $5,000,000.00
Perps Pay: $5,000,000.00
Psychological Effect: Priceless!
-1 Uncomfortable Truth
The $5 Million reward is only payable in Vouchers for Microsoft Software.
... than at making good software.
Not that I think the virus maker is a cool guy but I think there will allways be a virus maker, isn't it in human nature ?
I think a so big program as Windows is should not be controlled by a so small group of people.
The top 20 most wanted.
I know you are psychotic, but please make an effort.
How much money does Microsoft have to spend making their operating system, and how perfect and secure does it have to be?
Maybe if it was not for the virus writers, the cost of Windows would be cheaper. Maybe beacuse of the virus writers Microsoft has to spend more money?
I think it is horrible for someone to defend a criminal because the criminal had oppertunity to commit a crime.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
How are they going to prove a specific person wrote the code ? Unless he confesses there can't be anything other than circumstantial evidence can there ?
Having said that, we *know* the poor kid's going down, which prompts the question, could anyone dump someone they don't like right in it, and then get a fat reward ?
Specifically: You can buy anything.
i think this is utter tosh. microsoft tried to make out the blaster worm was coded by some 17 year old last time.
they want us think 'oh all these viruses are caused by nieve kids with something to prove';
which is less scary than the truth that worms are coded to order by people with maths degrees for criminal gangs who want to use your pc as a conduit for illegal material.
i'm trying to give up sigs.
1. Write worm
2. Find someone in severe financial trouble
3. Have that person release the worm from home computer
4. Turn that person in and collect the reward
5. Place 75% in a high interest foreign account and keep the rest
6. After the guy gets out of jail, send him a key to a safety deposit with all the information he needs to start a new life
7. Profit
Sdelat' Ameriku velikoy Snova!
Make sure my next virus release gets traced back to Steve Ballmer instead.
I think Microsoft should invest in prisons. That way at "My Prison" you can actually use that wasted talent, and put it into making expensive software at sweatshop prices.
I know you are psychotic, but please make an effort.
MS pays to bust Virus writters and FOSS can't afford such a reward system... so MS hires (under the table) virus writers to attack Linux...
But FOSS doesn't pay me to turn in a virus writer.... so why should I...???
greed..... its been a constant in teh computer industry... no doubt about it.
Thank you for outsourcing my debugging job to Germany.
I ran a benchmark on my quantum computer, now I can't find it anywhere!
I wonder if MS can keep up this effort and if we'll eventually start to see sponsored virii added to the real TCO for windows OS'. Oh wait.
Let's keep in mind that patents are in place to keep lawyers employed and keep them litigating. -CatGrep
nope.
With him in Jail, you just have one (more) guy in Jail.
Educating users, making them patch regularly, etc + having a clean system will do the trick for more security.
Also, using worms to auto patch the damadged and damadging machines would be ultimately the nice, if illegal, solution...
I know this has been debated before, and that having another can of worms spreading could do some damages, but it would be faster than waiting for all the people in the world to patch their systems...and keep the initial infection at bay, a bit like your own body reacts to intrusion.
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
I wonder how many people will turn in thier friends, family etc.. for cash that they they may or may not get. Seems to me like microsoft will get a flood of calls from people that have friends and stuff that like programming. Whoes to say what they were programming. What about false accusations by the technically inept?
Got hosting
create the worm, giving all information about yourself to MS and get the cashhhhhhh, og wait they already have all information of me and all other windows users, fuckin spyware
even those virii and extend them to... what?
"A: release it to the news/public and risk MS ire
or
B: Submit it confidentially to the MS bug track for a hefty reward"
That system already exists.It is called "Black Mail."
Sdelat' Ameriku velikoy Snova!
a legit XP cd key so I can access windows update so i can download updates to avoid worms ;)
I always told M$ that their softwares are bloated and buggy, full of designing flaws...
Now, M$ should give me some money!
Silly Germans! If he had used that knowledge and effort at something constructive instead of destructive, I'm sure he could have gone quite far. On the other hand, he's got a reputation now, which would have been more complicated to build had he taken the non malicious route. No such thing as bad publicity, or so they say.
Oh, and MS should pay to keep up their reputation...puh-leez. Their reputation is already lower than a snake's belly in a gully. How can they go farther? Before any knee-jerk MS apologists start replying, go check out what I've said about rewards being paid off...you'll find the situation is just as depressing as I've described.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
OK, I want some of that dough.
The article mentions that Microsoft used some technical means to confirm the informants' information but the informants did not use technical means to identify the guy. This leads to some questions:
Does Microsoft somehow bug your code if you use MS products to produce it? If I remember correctly some of the Word macro viruses had an ID number somewhere inside them that let MS identify the copy of Word that originally produced the virus.
Is such a serial number/product ID what MS used to confirm the informant's information?
It would not necessarily need to be a number. Deliberate variations in the code produced by a compiler from one machine to the next could be used as a fingerprint.
Barring that, was there some other technical means that could have been used to locate the author?
If I wanted to be a Anti-Virus Bounty hunter is my best bet learning to decompile code or to hang around on IRC chat channels and either encourage other users to write viruses so I can turn them in later, or make friends with real virus writers so I can turn them in?
Maybe a piece of reference code can be made available on a website and people can compile it on a range of machines and MS compilers. The resulting code can be compared and to see if the machine/compiler pair can be identified from the executable. If two machines with the same OS and developement tools create code with slight differences I would begin to worry if I were a virus writer.
I am amazed, with the number of open access points, that someone ever gets caught.Guess they can't help bragging to their friends.
Any strategy contains the seeds of its own failure. In this case, bribing criminals to hand-over their own is a classic but short-term solution.
Firstly, it sets the stage for blackmail. If one isolated hacker is worth $5m, how much is an unreleased worm worth? Probably much, much more. I'd not be surprised if MS regularly get asked for money upfront before worms are released. Paying out will only make this worse.
Secondly, it is a Darwinian filter. Yes, you can pay to get hold of an isolated criminal. No, you cannot use this tactic against criminal gangs. $5m is not a lot when compared to the value of a large botnet. Setting bounties will eliminate the free-lancers and leave the stage open for more organized criminals who will probably be more agressive in using zombied PCs for criminal acts (child porn, DDoS, etc.)
Thirdly, it is prejudicial and likely to lead to the arrest of innocent people. Given that any zombied PC can be used to launch a worm attack, how can any evidence be trusted? Confessions, too, are unreliable. Bounties are rapidly turned into lynchings.
Lastly, it is a distraction from the real issue: Windows' fundamental security weaknesses. Microsoft must release a secure Windows within the next 12 months or risk permanent damage to their brand. Paying bounties for worm writers fools no-one: Windows remains insecure and there remain an unlimited supply of smart criminals happy to take advantage of that.
Sig for sale or rent. One previous user. Inquire within.
It has deterent value. It says if you become good at writing viruses you will get nailed. Maybe MS does not care about the young kid messing around who does not damage anything. Microsoft is showing good restraint.
It may deter kids but certainly not pros. Rewards rely on enough individuals knowing who commited a crime so that at least one betrays the criminal. With kids that's easy since they're publishing their exploits as part of a game. With pros, no way. When terrorists and organized criminals write and distribute viruses, expect the MS reward to have much less impact.
Prevention through proper security, OTOH, cuts against both kids and pros. Cut out the exploit and you cut out the damage. Of course, MS management knows this...
Naked Rayburn
Sasser worm suspect confesses to German police after arrest
Specifically: You can buy anything.
Except secure code, apparently.
This whole reward thing is nothing more than a PR move. Microsoft comes out looking like the hero for offering the reward which led to the capture of some kid, masking the fact that their crappy code allowed this to happen.
Two questions arise from this:
- What will be the fallout in terms of orgs moving to non-MS platforms (MacOS, Linux, etc)?
- By most accounts, this particular virus/worm was very poorly written. My understanding is that this is also true of most of the other recent viruses. How long will it be before someone writes a virus for win32s which is truly destructive, in terms of things like writing random data in random places (sector 0, anyone?) on the disk, or scrambling the BIOSes and firmware of things like HDDs making them completley unusable?
And before we suggest that the damage was limited to broadband home users who don't patch their machines, consider that orgs like these were taken down: a few banks, at least one coast guard station, St Luke's Hospital, Delta Airlines, and the list goes on.
There is very little future in being right when your boss is wrong.
if the guy who made the virus would release his code under the GPL...? You know, to support the open source virus community (OSVC).... Imagine what kind of havoc that could be released on windows if this was to happen, and not to mention how it could help linux...? Think about it.. If viri where released left and right, one after another, all ways improving, and causing enough down time. I imagine companies would be dropping windows as fast as shit flies out of my ass after eating some hot and spicy indian food. Don't get me wrong, I love Indian food, but it sure goes through me sometimes.
...is that the software system design, default behaviour, and security level is so poor that a 17 year old can easily exploit it and cause so much damage.
The Lifetime true-story, "My son hacked the world"
Look, if an anti-social 19 year old can create such a devasting worm, I am afraid the odds are against this strategy of fighting the problem. What, there must be a 100 MILLION other kids just like him, playing away on their windows computer, looking to be more than just a pimple faced teenager.
Let's see, ingredients to a killer windows worm:
1. Anti-social teenager
2. windows computer
3. internet connection
4. some free time (see 1.)
Sorry, this is just not the way to resolve the problem. It is just too easy, not even worth celebrating. No wonder MS is ONLY investing 5M in this method (what is 5M to MS?).
Sdelat' Ameriku velikoy Snova!
How do I mode you up without destroying the joke?
Sdelat' Ameriku velikoy Snova!
With this purported arrest there are a few questions that enter my mind.
(1) Do they have the right guy? I doubt it!
(2) What of a payload. Perhaps next time there will be a real payload. IMHO dumping a worm onto the net is about the same as a prank. I somehow doubt the "authorties" will see the humour. In which case perhaps the next worm will contain a payload worthy of the punishment that this young man will suffer.
This could be the beginning of a serious escalation.
What people need to realise is that with a billion plus people on the net, if there is a vulnerability then it will be found. It does not matter who does it - because SOMEONE will. Punshing the pranster is not a deterant. Fixing the broken software is the only solution and fat cat Mr. Moneybags Bill Gates should be able to accomplish the later... either that or withdraw the clearly faulty software from the market.
If we chose to attack and punish the pransters then it is we who escalate this and I would expect the reaction will be in the form of an escalation of the damages.
Well, first I think I said it in my previous post, so thanks for emphasis.
secondly, just to give more clarity, maybe someone with the right skills (Microsoft itself ?) could use this and program a nice, non destructive auto-patching worm.
Don't discard the solution because it has failed before...just learn from the errors and do it better this time....
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
... a VERY good hacker releasing a virus but making it look like it came from someone else, perhaps someone the hacker is at war with, or just some random victim? And tyhen joe victim would be stuck, trying to prove they didn't do it, with the evidence all over their computer.
sucks. It could be done JUST to get the reward for that matter, although that would be risky, but still possible.
microsoft got a mega buhzillion dollars in the bank from not hiring coders and not insisting on great code since forever and a day. I think what is more appropriate when money is being talked about is a class action lawsuit from thousands of joe MS users, not the government, joe users large and small who have been victimised by insecure OS that they got *suckered and conned* into running, and I mean suckered by their abusive monopoly tactics and vendor lockins for OS that happened over the past decade especially. Most people didn't "choose" to run microsoft, they got faked into it by it being installed on their boxes when they bought them. Then all of microsofts profits from not doing their job, combined with the ridiculous no warranty deal that profitable software gets, turned into the victimized end user's problems, where you get borken computers, anger, frustration, and in the case of businesses, millions of dollars in actual-for real damages, probably billions, I don't know. A big ole pile of cash, call it that. I bet in a lot of cases the constant and recurring damages exceed the cost of the software installed by many factors.
That sucks too. viruses and worms are BOTH the fault of evil hackers AND filthy rich monopolists who did NOT give a care about security until the past coupla of years, and even then it was half assed. MS as a total company gets it's corporate mindshare from william gates, always has, and he just don't and never has given a crap as long as he can rake in the dough, he's an extreme predator, and I don't care how "compassionate" and"giving" with his "foundation" some mafia don is with ill gotten gains, he's still a mafia chieftain, and made his loot by being a crook. Easy to give away free money you stole and conned people for.
Same with MS and gates, he needs to go to JAIL as far as I am concerned,he's a chronic serial crook, a repeat offender to boot, hidng behind the corporate wall of almost near immunity, and he shows no sign of stopping being a crook, although I will grant he's apparently trying to fix security in longhorn, but that's a long ways offf and doesn't address past crimes, and I think he's only doing it because he is being forced to by market pressures.
Hmm... so why have no recent worms done anything other than reboot systems? Any backdoor installed was NEVER USED. All they have done is caused damage by downtime, not data loss etc. If worms were written by gangs, they would DO SOMTHING WITH IT. Which they haven't. Thus the 17-year-old explanation.
Seriously, this is just the known "cost of doing business" mentality again. If it's cheaper to pay a reward than to develop a secure product in the first place, that's what MS will do.
This is the exact same way they treat regulation - if it's cheapter to break the law and pay some puny court-ordered fine here and there, so be it.
They're not the only ones who realize that criminals can be turned in in exchange for money.
And yes, anything can be bought. Anything.
Well, this is going to be just the beginning.
By raising the stake, M$ will start to get really nasty viruses to appear.
we can probably say good bye to the friendly annoyance viruses, and be prepared the ones that will put business on it's knees around the world...
Be prepared companies finally suing M$ for damages...
It's just a logical conclusion. I wish I was wrong on that.
Ah so now Microsoft literally hires bounty hunters to catch worm/virus writers? That's pretty silly. They should fix their insecure OS.
MS needs to shape up with the security of their operating systems and office products. If Longhorn becomes a fiasco in this regard, would that be the beginning of the end for MS? Perhaps. Open Source could provide more stable and secure products. My question is this, however: how do you earn money by writing open source? Btw, regarding MS and their poor security: the problem is the lack of competition in the OS and Office markets, I think that they slacked off somehow.
1 / I am Microsoft
/sarcasm Another solution would be a Windows Worm that automatically logs on the net, downloads then install Debian, OpenOffice and all free oss equivalent softwares to the ones the user had on his hdd, providing him with a superior OS, a better patching management and a litigation from SCO /sarcasm
2/ I build then host a worm with an IRC channel collator thingy, cauz it's leet
3/ the Worm has an automatic time-to-live that limits it's duration on any of the infected hosts, ie uninstalling itself after, say, the cleaning of the computer, a scan/cleaning of the local network and an additional limited scan of the open space IP adresses
4/ The worm @ Microsoft scan perpetually the net in search for new computers to heal for a certain lengh of time, then is removed because all the systems in the world are patched (lol) and is replaced by the new cure for the next problematic issue
5/Profit! (this IS slashdot) in term of decreased TCO and nice press releases.
Are you happy now, or do you also need proof of concept code ?
A worm doesn't HAVE to be perpetual, as we recently saw with self destructing worms.
Must I add another Profit! line somewhere ?
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
Don't go bragging about your next virus release.
Which is also why they're catching nothing but auttention-seeking teens. Professional people that have a commercial interest like spammers, indentity thieves, fraudsters, agents for industrial espionage etc. hardly ever get caught.
That is also why so many people believe they don't exist, that they're some kind of mythic legend and that the most dangerous thing out there is a bored teen. The truth of the matter is that in 99,9% of the cases, such a person would be able to accomplish his task unnoticed.
And in the remaining 0,01% of the time, it will have been written off as another virus/trojan going around the 'net, just like the literally thousands they receieve daily. Never in the history of mankind have so many had so fucking little clue what they (or their equipment) is doing.
Kjella
Live today, because you never know what tomorrow brings
The organisations who were taken down should have taken more precautions, then.
If worms and viruses actually did real damage, I would suspect that future attacks would be less successful because of the real shock value associated with it - people might start to be more proactive in securing their machines, or not letting potentially insecure machines on their network.
However, I suspect that viruses/worms are never going to be that destructive given that a nonfunctional computer cannot spread the infection further - there would be little incentive to release such a virus/worm.
Arresting a murderer doesn't bring dead victims back to life. Does this reduce the usefulness of the police initiative to arrest murderers?
(Your analogy is flawed in general. The same applies to "bank robbers or muggers" as you mentioned: Once a crime has been committed, the damage has been done; and if no damage is done, I'd have trouble calling it a "crime".)
Microsoft Windows is, fittingly, the official Desktop OS of Olig
Who is the person that decides if a worm/virus is serious? I'm just curious because I could imagine MS being the type that could say "We don't owe you any money because we don't consider this a serious problem."
Writing is not illegal.
Wiring the tool/bomb is not illegal.
Instantiating to cause damage is.
Its a grey area though.
One could think of Britney Spears
"Oops I did it again.." I meant no
harm sir... it wasn't good for you?
Microsoft, or anyone else, should make a reasonable attempt at making their product save and secure.
Personally i dont feel they are making a reasonable attempt as of yet. They are mostly making an attempt to calm bad press, and twart potential legal/govermental issues.
However, that doesnt mean its ok to take advantage of any security issues the software may have...
I.e. the lock should be secure and work as advertised, but if it doesnt, someone shoudlnt fell they are allowed to break into your house...
---- Booth was a patriot ----
The answer is simple: A virii or worm which destroys what it infects or otherwise makes itself known will have a very short life as it will easily be detected.
Destroying system post-infection would be as easy as running a format on the system. But it isn't done because that would greatly reduce the value of an infected system.
What is better? 1 million infected systems which keep trying to infect poeple or 1 million systems which have simple stopped working?
You can't abuse or use someone else's computer if it isn't working.
Why do you think they call comprimised systems ghost/zombies/etc?
People keep thinking their computer is so precious because it is their's while at the same time thinking that no one would bother for the same reason. The reason is that your computer is on the net and can be used. Period. Destruction of your system would preclude the ability to use your system.
It works the same way in the biological world of virii. If the infection kills the host, that limits the lifespan of the virii and the ability to spread. It is only if the host survives that the virii likewise survives.
Winged Power Photography
Can't buy me looo-ove...
(sic the Beatles)
--------
* Sigh *
How many scientific advances were due to people in their teens? You're assuming that programmers can't do their best work in their teens. Best not meaning 'best for mankind', but best meaning their most elegant, 'out of the box' or advanced work. Keith
Does it matter if posting a reward and catching someone is a deterrent?
If someone does a "prank" releasing a virus that costs people time, grief, and damages their system, it should not be taken lightly.
The person should be caught and punished. Sure, it would be nice if Windows did not have holes. It would also be nice if my car could not be broken into.
It's sad that so many people want to blame the government, schools, teachers, corporations, the man, the system, etc., rather than blame the individual or those that should be instilling decent values into the children, the parents.
German news reports claims that the Sasser author's peer group encouraged him to write the worm, make it more effective and spread it.
I wouldn't be surprised if one of his friends from this peer group is the one who reported him. After all, the whistleblower also sent source code as proof to Microsoft Germany before the authorities stepped in - he must have been in direct contact with the author and may even be a co-author.
I still don't know what to make of this. I don't like bad hackers writing worms, but I don't like the reward program, either.
------------------
You may like my a cappella music
MS now is embracing the hacker community. It already extended it.
It sounds great to have arrested the writer of several viruses. And the more they can get you to believe he was responsible for the better they'll look. But he's not alone. There are so many others who do this, the idea of arresting them after they've done stuff is really lame in terms of security. Necessary, and it's a good thing that microsoft is doing it, but it's still a drop in the bucket.
:-/
Apparently you don't need a high school diploma or good skills in speaking English to cripple half of the windows boxes in the world currently. Say what you want about the hackers being the bad guys and microsoft just being a victim, I say that microsoft has set the security bar on their systems way too low. They'll be raising it up with XP SP2, but they've successfully trained a legion of hackers who have better release turnaround time than microsoft does. They'll need to put the bar ridiculously high to stop this well honed security compromising subculture. Either that or employ them all and pay them to code commercial software.
In contrast, how many BSD hackers are there out there? Lower desirability to break in combined with greater difficulty. It's all you can do to make it work the way you want. There's no way in hell to break in to someone else's BSD box.
-theed
So how long with the virus writer get in jail? If it isn't a REALLY long time, this could be quite lucrative. Take this example:
(1) Spend a month or two writing a virus
(2) Have accomplice turn you in for $X Million
(3) Spend Y years in prison
(4) Split the reward money and PROFIT
If you trust your accomplice and as long as $X million divided by Y years split 50/50 or whatever is still several hunded dollars a year, the hacker is making more money this way than some legal means as a talented programmer getting paid $40k including benefits.
If the IT economy doesn't turn around, this is bound to happen one day.
I only came here to do two things; kick some ass, and drink some beer...looks like we're almost out of beer.
I hereby announce my own reward:
$10 million to anyone who leads to the person who put the hole in William Gates II's condom.
http://www.heise.de/newsticker/meldung/47217
according to this news (german) the 18 year old guy they arrested confessed having coded and released Sasser and several NetSky variants, when his home was searched by the authorities.
However I guess the guy who betrayed him by sending MS code fragments might be in trouble, too, because if he did know the author was coding a virus and he didnt inform the authorities to prevent release, but afterwards reported to MS to take the bounty, he might have acted slightly illegal, too.
(german authorities seem to have gained knowledge by US authorities who gained knowledge from Microsoft - a little bit indirect if u ask me)
Corvus
Why should Microsoft be any different? Because it's in their economic interest to pay the rewards. Every virus/worm writer they discourage undoubtedly saves them quite a bit of money, even if indirectly (less bad publicity, less hassle from OEMs who are sick of high support costs, etc.).
"Biped! Good cranial development. Evidently considerable human ancestry."
"This whole reward thing is nothing more than a PR move. Microsoft comes out looking like the hero for offering the reward which led to the capture of some kid, masking the fact that their crappy code allowed this to happen."
Linux and MacOS code are crappy too in terms of security.. Moving to either is just using security through obscurity.
Reward for catching Bin Laden is 25 millions. Reward for catching this guy is 100 times less. Thanks god that on-board computers of planes are not running Windows.
Or did Microsoft buy the judge and the rest of the justice system too?
At least is wasn't Al Quaida operatives, and some 18 yr old kid. But then, I've observed some very interesting effects of the worm, and I ask others to comment on this as well.
:-)
My spam went from 2500 per day down to about 900. Although we've been field testing our new spam reporting engine, building up one of the most accurate databases of netblock owners and abouse contact emails, we can now report 2000 spams in just 5 minutes.
Of course time still has to be taken to manually go through the suspected spam to make sure they ARE spam before firing off the "reporter", but it works beyond all my expectations. I just hope the ISP's can deal with such a volume of reports
I would like to believe the field tests of our reporter system is responsible for the huge reduction in spam, but I'm just being hella naive..
Due to the heavy media exposure from the Sasser infestation, it is my belief the Sasser worm might be responsible for the huge reduction of spam, because people are now cleaning out their infected PC's, so all the infected trojans are getting closed down.
How about you? Have you noticed any measuable reduction in spam in the past week? I would be most interested in hearing what you have to say about this.
I bet the spammers are planning another big attack of the likes of Sobig, because their loss of infected hosts must be devestating to them (Tsk Tsk - poor spammers). My heart weeps for them... can't you see the tears running down my eyes? Ooops - I didn't turn on my web cam.... (grin)
It wouldn't surprise me that another very large worm may soon be released - Funded largely by the spammers, so we need to brace for this possibility.
Anyway, after analysing spam for the past year, I see pretty solid "patterns" that take place after each infestation.
For instance, the Bagle and Netsky worms may have been the result of "in-fighting" among the malware authors to wrestle control of a large amount of infected hosts from each other. As reported by some of the AV companies, they also believe this to be true, as these are analyzed, they are seeing one virus strain wiping out the trojans the other earlier ones established...
This is going to be a very interesting 2 weeks....
i dont' know the punishment the author of this virus will get, but with the creation of this reward fund it may start off professional virus writing. If the punishments for writing a virus aren't that strict then if someone could write a virus of this magnitude and release it, then get a friend to nark on them and split the reward money after the guy gets out of jail or something
Is for aspiring writers to keep their mouths shut about what they're doing. The article indicates that the informer(s) lived in the same part of Germany. That to me says once Sasser was out he bragged to at least a few people, one or more of which realized they just found a way to cash in.
Almost every major "bust" of a virus writer has had little or nothing to do with tracing them electronically, and everything to do with waiting for a friend/acquaintance to rat them out.
that's a zinger, man! I hadn't heard it before.
You know, it's just sad. Here was MS, successful, had a good lead, was developing product, then they just got so absurdly greedy they lost it into corporate insanity, megalomania or something. I just don't get it, how steenking rich do you need to be before it's "enough", anyway?
It don't matter, the future will get here, and it's free and open source. In between it's gonna get real fugly, but eventually, FOSS is gonna rule. Inevitable. Anyone paying attention can see it, even if they don't/won't/can't admit it now.
Rather than coding a virus with the exploit hacker John finds, he may now just keep the code to himself. Which sure, stops a new virus coming onto the net... But...
Now John has an exploit in his hands he can use at any time on any one he likes. Rather than being enouraged by the underground community to write a virus (therefore alerting everyone else to the vulnurability,) John is now encouraged to shut up and not tell anyone, as his hacker friends are the most likley to lag.
First, it should be required to provide a warranty, same as every other consumer product out there. The coding is not the consumers business, same as the construction of the vacuum cleaner, blender, lamp or whatever is not the consumers business. But, those products, manufactured and sold for a profit, carry warranties, real and implied, by law. They must be suitable for the purpose intended, and free from *major* defects.
It's a simple concept with a lot of case law behind it, so if you want examples of "how much" that is, you can research it. Example:Ford can build cars that should act as cars, but when a brand new tire on a brand new car explodes, causing the cars to tip over,and KEEPS happening, and it gets revealed they knew about it and kept shipping them out the door, that becomes a major problem, and common sense tilts towards the consumer. If the tires just wear out and need to be replaced after like 50,000 miles or something, that is considered normal mainteanasce, it has nothing to do with ford and the consumer needs a reasonable upgrade. If the driver is just completely drunk, passed out, going 100MPH on a wet slippery road and flips over, that is considered "lame", it's not Fords fault,, no harm no foul, no redress possible by the consumer, because common sense works in the companies favor then..and societies favor.
There's your differences in a crude analogy.
Second, remove corporate personhood, have every corporate decison be attached (eventually)to a named individual, so that any normal business contract goes between named human beings, not between a human being and a piece of paper with a stamp on it filed away in a drawer in delaware some place.
Seroiusness of a security hole, because there are no standards-well, make some. You should be able to get onto the internet without getting owned easily. I ran mac classic for years and years, never had a firewall, never got owned. I never even got a virus, although I know a few existed, and used email extensively, got attachments, went to every web page I felt like going to. It CAN be done obviously. If an OS and set of apps/packages, windows in this case, that comes with internet connection ability, has no rational way to keep from getting owned without a third party firewall, and even then it still keeps getting borked, and literally has a virus a day associated with it, then something is just plain common sense "wrong" with that, then the product is "defective", and when you see the owner is the single richest guy on the planet, the company one of the richest, that they seemed to aquire more money than some nations have hanging around, then it tends to make people with common sense go "hmm, maybe them boys just wrote and shipped JUNK, and ripped people off". How they then got millions of people to run it for years by using blackmail and bribery and threats and extortions with hardware manufactuers is now legal history, they DID it. Now it's gotten into criminality,not just laziness, incompetence and greed, but outright criminality, but because they are "big" and a "corporation", nothing of note happens to them.
Something is just "common sense" wrong there.
Provide the firewall, or a secure system which works, code so there's as little as possible that can go wrong in the kernel and file system from outside the users keyboard. It can be done, greatly mitigated over what is out there now. They just didn't want to do it then, and laughed all the way to several banks.
That seems to be a flaw, a generous flaw, and our legal system has a dandy way to deal with it, a regular jury of your peers, looking at both sides of the issue, not some political appointee judge issuing royal edicts. You put 12 people on a jury, people who have used computers and gone on the internet, and let *them* decide in a case what is "reasonable" or not, and that becomes your legal standard, same as everything else.
Code just gets a totally free skate, that's all, and they always want the free skate. If you want to s
They OFFERED the reward. They did not PAY the reward. Any payment MAY be made after the conviction is complete, a year or two from now. This assumes that the accused is convicted. What if he plea-bargains to a lesser charge, that has nothing to do with computer crime specifically? "Sorry, our reward is for computer crime. Better luck next time, kid." You fail to realize that lawyers determine when and if any reward money is ever paid.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!