Slashdot Mirror
70% Of 2004 Virus Activity Down To One Man
arpy writes "According to a report produced by anti-virus software provider Sophos, 70% of anti-virus activity in the first half of this year can be blamed on Sven Jaschan, an 18-year-old German who wrote the Netsky and Sasser worms. According to the report, "Sasser claimed the top spot of the virus chart, in spite of the raging battle between the widespread Netsky and Bagle worms." The Register has a good summary of the report."
I could of sworn it was Bill Gates..
Get a rope.... (raspy cowboy gunslingin' voice)
I guess that makes him l337. Let's give him all the publicity he wants!
> The Register has a good summary of the report.
70% of slashdottings were caused by Slashdot.
Sheesh, evil *and* a jerk. -- Jade
Probably not a good article to have floating around with your name in it. I'm sure there are plenty of helpdesk personnel, network administrators, and "computer guy" friends who would like to punch that guy in the mouth.
well them antivirus and security companies shoulda be thunking earlier about their problem now, that almost nobody need them products any more, as they constantly chase and hunt down them spammers and virus authros and scriptkiddies crax0rers....
well, jobs lost again.... whats the new business model of these companies now?
rating: informative/insiteful rather than funny. thankyou
Scapegoat?
Isn't he the one Valve blamed for the HL2 source code theft as well?
70% of virus infections in my neighbourhood are caused by just one woman.
For all intensive porpoises your a bunch of rediculous loosers
To be honest, I'd rather have to do AV work on one virus 70% of the time, and spend the other 30% fixing a couple of others. Maybe write a script if need be, and 70% of the time, I just do the same thing over and over.
Or, you could spend 10% of the time working on each of 10 viruses. Suddenly, you think, I wish I could be 70% sure what the problem will be, it is alot easier.
The mainstream and tech press is always implicating Russian crackers or links to .ru sites...
What's the real deal? Someone is feeding us disinformation with a shovel.
You got to wonder why Microsoft never did this before. From a business standpoint, the return on investment for this $250,000 bounty is probably going to be quite impressive.
...99% of virus activity this year due to bugs / vulnerabilities in products from a single company.
"The computer worm he created continues to spread despite the fact that their creator has been taken out of the equation."
duh!
The computer worm he created continues to spread despite the fact that their creator has been taken out of the equation.
How on earth must one believe that a worm works (or think that one's readers believe that a worm works) in order for them make such a statement?
I'm reminded of a great quote by Charles Babbage. Babbage was asked (by a member of parliament... of course) whether his analytical engine will, in spite of being given erroneous input, nevertheless arrive at the desired answer. Babbage's response?
"I cannot rightly apprehend the kind of confusion of ideas that would provoke such a question."
Accountability on the heads of the powerful.
Power in the hands of the accountable.
Yeah Netsky and Sasser have gained much more notoriety but actually phatbot has been (and still is) the more dangerous worm/trojan/backdoor around in 2004.
There are currently several thousend different modifications of phatbot around and in contrast to Netsky/Sasser, phatboy infected systems are being commercially exploited as spam relays for UCE/UBE and Hatemail. In Europe neofascist/neonazi groups use phatboy to finance and also to distribute their propaganda.
You can buy lists with the ips of compromised phatboy-infected computers to use for your own spam-enterprise. There are even groups which will code you your own version custom-built to your likings.
Strangely the author of Netsky/Sasser has gained much more public interest. Yeah it was probably more annoying and a real hassle for the sysadmins. On the other hand phatboy is more dangerous than netsky and is actively exploited with criminal intent. Although the writer of phatbot has been arrested as well (coincidently also a german) all you ever hear about is the author of sasser.
Jeff
THANK YOU!
People like you help me argument against the beady-eyed managers that a computer-monoculture is bad for business.
How else could I easily bring Linux or Firefox on Windows to our enterprise customers? And hey, what people know from the office, they will also use at home.
Not to say that you help the OSS community, but you do.
Thanks again.
I dont know about the rest of you, but even if guys like this keep some of us in jobs I'd still like to drag him outside and have a good old fashion blanket party.
Anybody got a few extra baseball bats? If not we can just fill socks with penny rolls.
?SYNTAX ERROR IN LINE 42
I made sooo much money from fixing and securing against those viruses its not even funny.
:D
That guy might as well have bought me my new computer and a car
Netsky forms a major share in that 70%.But that is including all its variants.I do not know if u attribute the credits for the Netsky variants [A,B,C,D...] also to Sven.I beleive the variants are from other virus hobbists as well.It is not fair to attribute them all on Sven at a staggering 70%.
fifteen jugglers, five believers
This was on the reg about a week ago. Go get some new news!
"...one of Jaschan's schoolfriends revealed the worm author's identity to Microsoft."
http://www.sophos.com/virusinfo/articles/netskyher o.html
The only thing new in this world is the history that you don't know.[Harry Truman]
I, for one, welcome my Yahoo Serious Overlord.
Vinge is a great(!) SF author. Many of his novels deal with an idea he calls the Singularity; the concept that technology will keep accelerating until we gain the ability to increase our own intelligence, at which point the changes will come so fast that we we will become unrecognizable to pre-Singularity humans.
... perhaps Sasser and Netsky were worse?
One of his fundamental ideas is that the growth of technology will give individuals more and more power. I'm not sure if he explicitly says this himself, but one of his themes is that individual people will have the power of atom bombs. It won't BE atom bombs, it will be something else... like the ability to write viruses.
In terms of direct harm, it would appear that Sasser may have done more damage than slamming planes into the WTC. Indirect damage, everyone overreacting and doing stupid things, was tremendously greater with the WTC, of course. But in terms of direct, measurable damage
Speaking, again, purely in economic terms, I wonder how Sasser and Netsky rate against the Hiroshima or Nagasaki bombs? I realise that the viruses probably didn't kill anyone, and they didn't start or end any wars. We don't feel it as much because everyone paid a little bit, instead of a few people paying a whole lot... but in terms of actual dollars/yen/economic value, I wonder how they compare?
However that comparison comes out, being singlehandledly responsible for 70% of all virus activity over the last year is *a lot* of power. Vinge's Singularity may not be that far off... assuming we don't virus ourselves to death first, anyway.
Because a guy with a compiler will do alot less damage than a company with a govenment which will do whatever they say.
Think...how hard is it to clean up Sasser? How hard is it to get DMCA/INDUCE/etc. revoked? Which would you prefer to try?
And the virus writer who can do this has put a lot of effort into it. MPAA/RIAA/SCO just sue people again, and again, and again.
You DO NOT speak Latin. Stop making up words. There is no plural tu the latin word virus. It means "poison", the plural of which is "much poison" (notice the absence of an s) in most contexts.
Even if it had a Latin plural, it would not be "virIi". That would be the plural of "virIus" which doesn't exist. It cannot be "viri" either, as this is the nominative plural of "vir" (man).
In terms of direct harm, it would appear that Sasser may have done more damage than slamming planes into the WTC.
Number of people killed in the WTC collapse: ~3000.
Number of people killed by Sasser and Netsky: 0.
You Idiot Normal Person
"I am the author and owner of the -- ahem -- patch. You would need a license to install it, and I have taken the liberty of installing it while you were online. Now please send me three monthly payments of $199.00 for the license."
This guy wrote the worms. He is directly responsible for 100% of the damage they caused.
I'd say people are justified to be angry at him.
"Ask not what your country can do for you." --John F. Kennedy
I'm getting an awful lot of 503 or white pages here this morning.
Guess this must be the sickening effect of the stupid new color scheme
605413? Yes, it's a prime.
"Uhhh, we're from Canada."
I still can't believe the number of times they explained their not-quite-belonging as being from Canada and that everybody accepted it with a "Oh, ok then."
(being from Canada myself, I found it quite hysterical)
"So what does your son do?"
"He's in prison after writing the worlds most successful computer viruses. Ouch! Don't hit me! Ouch! Stoppp!
-WolfWithoutAClause
"Gravity is only a theory, not a fact!"It's bad enough that they feel the need to "compete" against other virus writers for some internet version of "street cred" but now we're fucking ranking them?
How long until people start writing viruses just to "get points" on some chart somewhere? Christ, you people have no logic whatsoever.
More like: "70% of the wars in 2003 were caused by people in leadership positions that wear towels on their heads"
Moron...if you had read his ENTIRE post, you would see he was talking strictly about economic impact.
Companies that got hit badly should sue him. Even if he doesn't have any money and lives in Germany, they could go after him to make an example to deter people from writing viruses in the future. Sure everyone can point the finger at microsoft, but this guy sat down and wrote a program specifically to piss people off and mess up their computer. If I own a bank and I get robbed because the vault was shoddy, I'd be pissed at the vault manufacturer and of course the person who robbed me.
I doubt companies that bring civil lawsuits would ever get a dime, but if that stops another sasser in the future, then it's money well spent.
Coincidentally, 70% of my voicemail messages are Sophos salespeople. Andrew, if you're reading this: for the love of God, STOP CALLING ME!!!
irb(main):001:0>
"On two occasions, I have been asked [by members of Parliament], 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able to rightly apprehend the kind of confusion of ideas that could provoke such a question." -- Charles Babbage (1791-1871)
Sindri Traustason.
GMail now supports Safari and Opera
"Doing what i can, with what i have." ~ Burt Gummer
Think...how hard is it to clean up Sasser? How hard is it to get DMCA/INDUCE/etc. revoked? Which would you prefer to try?
How about neither. While the RIAA types are assholes, it doesn't lessen the fact that viruses these twerps write are just criminal.
I was talking to one poor bastard in Finland who had nearly 100 servers take a dump due to blaster. I'm sure he'd like a little private time with whoever wrote it.
Speaking of dodgy maths, before my School Certificate (an exam all high school students do in year 10 in Australia)...
e ducation.htm
Not wanting to be a pedantic prick, but unless things have changed substantially since my fun filled days of Australian secondary education, not every year 10 student in the country sits this 'School Certificate' thingamo.
In fact, if this web site is to be believed, only students attending high school in the ACT and NSW have the pleasure:
http://www.teachers.ash.org.au/aussieed/secondary
As Australia consists of a further territory and 5 states, for your sake I hope 'Australian Studies' wasn't a component of the exam.
---
Any man who can drive safely while kissing a pretty girl is simply not giving the kiss the attention it deserves. -- AE
Pants ==> http://www.vnunet.de/it/strategie/article.asp?Arti cleID=20040602011
More power to him I say.
Insist on running insecure boxen, your fault.
Management insist on running insecure boxen, their fault.
Expecting people 'not' to crack/compromise insecure systems, a daydream you're having.
You might as well say... "Don't over use Windows 95... it'll crash".
It's like no, uhh, sorry, fix the bugs so I can use it any way I wish.
And no, Microsoft isn't capable of putting out a good OS. It took them five years to get rid of the unstable 9x kernel series and Windows is *still* insecure.
Use it at your peril and don't complain when all those tech guys, who told you not to use it and who you ignored as being *leet and up their own arses* are proved right.
It's like your Doctor telling you not to smoke, that one, really.
"these are probably the same sort of people who blame doctors for letting someone die when they're forcecd to work 100 hour shifts with no budget, aging equipment and abusive people."
Talk about a retarded analogy...
No, if you want to compare those doctors to someone, the apt comparison is with the net admins who had to do overtime to remove worms. If you want to compare this particular cretin to someone, it's with someone who deliberately creates and releases a new strain on flu to make a profit out of the cure. (Remember the cretin made the virus to drum up his mom's business.)
Would I be angry at the doctors or sysadmins there? Nope. They worked hard to repair the damage.
Would I be angry at the cretin who deliberately set the virus loose (whether computer virus or new flu strain)? Damn right.
Or maybe not necessarily angry, but I'd want him roasted slowly at the stake anyway. Or if that's not an option, hey, put him behind bars for a couple of decades. Just to deterr other such vandals.
So here's the deal: get brain already. If you can't tell the difference between someone working to _repair_ the damage, and the vandal who deliberately _did_ the damage, you have a problem. You need professional help.
It's like not being to distinguish between the asshole who keyed your car, and the shop who repainted the car. It's like not being able to distinguish between the vandal who threw a brick through a window, and the people who worked to replace the glass sheets. It's that idiotic.
A polar bear is a cartesian bear after a coordinate transform.
it's a military/boarding school/other miscellaneous dorm tradition for dealing with malcontents. One person covers the party "guest" with a blanket so they can't escape while the others take turns beating them (often with soap in a sock, aka a "sock party").
Everyone has to take a swing so that everyone is culpable and no one can report it without incriminating themselves.
See Pvt. Pyle in "Full Metal Jacket" the night after he eats the jelly donut for a graphic reference.
And I'm sure more hours than that were spent trying to clean this up... try him for murder.
87.34% of statistics are made-up on the spot.
© 2004 The SCO Group, Inc. All Rights Reserved.
What we need now is a bounty on spammers. And then we need a bunch of vigilante cells in all the different cities. We could have the "Black Hand of Gates" in Houston. And "Sons of the Drake" in Chicago. And "Job's Warriors of the Faith" in San Francisco.
"Sasser claimed the top spot of the virus chart, in spite of the raging battle between the widespread Netsky and Bagle worms." If my bagels..errm Bagles had worms I'd just throw em out... uh... I think what it meant to say is Beagle, cause I get about 30 admin alerts a day about e-mail attachments with beagle in em...
wait, is this the bare-chested (and hairless), soft-focus, back-lit, doe-eyed youngster from the Abercrombie and Fitch "Tweens"-edition catalog? If he's the top contender, what's he doing sharing the spotlight with all the other Michael Jackson prey?
...100% of virus activity down to one shitty, insecure-no-matter-how-many-patches-you-desperatel y-apply operating system.
Viruses work differently...they keep on spreading...or attempting to spread. Law enforcement needs to remind itself of this difference from time to time because "cyber-crime" is a very small percentage of overall crime.
He has employed thousands of people (me included) his viruses are great for the economy and he should get a medal of something or other, best script kiddy of the new millennium! we may of lost millions in work hours but there are people there that had to clean up the mess, and that where me and all the people at Microsoft's PCSaftey team come in, reading off out scripts to help these IQ deficient people clean their crappy Windows PCs out! w00t for Sven! and for the rest of you wanna be virus creators, script on, create havok, make more jobs, you work for the people, against the people! :D
anyway im done, i just like the virus alot, i was hired 2 days after its release and have been gainfully employed since!
Microsoft isn't willing to pay the bounty, because the informers are suspects themselves.
That was a cheap one for them and they will surely go on with this practise - it's way cheaper for them to pay a little bounty than to fix some bugs.
We're talking about an 18-year old virus writer. He's a kid, a boy, a [i]kindt.[/i] Not a man at all, but a snivelling weasel and coward.
Cantankerous old coot since 1957.
Nearly half of german youths ready for work cant find meaningful employment due to the sluggish economy and heavy-handed government regulation of industry. The adult unemployment hovers 10-14%. Germany still widely uses the apprentice system for working youths into the economy, even for white collar jobs. Other youths become perpetual students (6,8,10 years) in the low-cost university system. So there's lots ofidle, creative people to get into mischief.
In nature, the most vulnerable species end up extinct. Of course, if they have some kind of monopoly to leverage, they might survive.
Virus: Definition
Main Entry: vi rus
Function: noun
Etymology: Latin, venom, poisonous emanation; akin to Greek ios poison, Sanskrit visa; in senses 2 and 4, from New Latin, from Latin
Date: 1599
1 archaic : VENOM
2 a : the causative agent of an infectious disease b : any of a large group of submicroscopic infective agents that are regarded either as extremely simple microorganisms or as extremely complex molecules, that typically contain a protein coat surrounding an RNA or DNA core of genetic material but no semipermeable membrane, that are capable of growth and multiplication only in living cells, and that cause various important diseases in humans, lower animals, or plants; also : FILTERABLE VIRUS c : a disease caused by a virus
3 : something that poisons the mind or soul
4 : a computer program usually hidden within another seemingly innocuous program that produces copies of itself and inserts them into other programs and that usually performs a malicious action (as destroying data)
I know, I know... googled ain't no word neither.
A chart like this perhaps ?
or maybe these charts that you can proudly display on your website ?
or how about a complete industry website dedicated to charts and rankings
shall we keep looking or do you see a relationship evolving ?
On the other hand phatboy is more dangerous than netsky and is actively exploited with criminal intent.
What do we really mean by "danger" in this context? The article mentioned seems to equate the relative danger of a worm with how prolific it is. This makes sense in terms of assessing monetary damages due to person-hours spent on worm removal, but it's not the whole picture. Similarly, the intent of Phatboy (and the hundreds of other Gaobot variants) is probably more actively malicious and destructive, but how ultimately successful was it?
Being the anonymous coward I am, I'm not necessarily arguing towards a specific goal. I'm just curious what people think about the relative "danger" of worms in this context.
(and yes, I know worms help aerate the soil. don't go there.)
Most crimes stop when the perp is locked up.
The crime has stopped. It's the effects that continue. Forest fires don't go out when the arsonist is arrested. The crime, however, is already over. There are, obviously, many many many crimes that this is true of.
We shoot them, if they hack their way in our front door....
Hrm... Idea.
NEW YORK CITY!?!?
(Wow, my first lameness filter trigger... I'm not shouting... Okay, I'M SHOUTING! I'M SHOUTING! I'M SHOUTING! BONK!)
Those who complain about affect & effect on
I have one client that no matter how many times we tell their receptionist not to open files from people she doesn't know... She'll come into you office and say, "Did you sen me this?" after opening an e-mail with a worm in an attachment.
Every other user understands that when a new virus slips through the system, or an old one with a new face... you don't open suspicious mail.
Blame comes at every level, admins, users, but I think that the virus coders themselves should face more severe punishment. Would you release a virus into the wild knowing that potentially you could be hunted down and either:
Go to prison for twenty years.
Be saddled with millions in debt from civil lawsuits?
Before anyone freaks out, realize I'm floating a theory. The people that do this boost one sector of the economy and destroy another. Just like thieves and their activities sell alarm systems indirectly. Except these folks are stealing millions of dollars in productivity. Does that make them white collar criminals worthy of a slap on the wrist and six months in "Club Fed"? Or does it make them the equivalent of a burglar stealing 4,000 TVs at $250 a pop and 2000 years in prison? To those that think that sounds unreasonable consider this: In most states a third burglary conviction at any level results in a three strikes life without parol sentence.
You mean that it's Joe user's fault that his DSL connected PC got infected? What do you suggest we do about that?
There are a number of things that won't work. Laughing at them and treating them like idiots for not spending time installing a different OS instead of the one their PCs came with gets us branded as arrogant. Trying to sue them is a non-starter and a dangerous precedent. My own thought is that we need to be a part of the educational process. Here are some things you should do:
1) If you are being probed by a compromised machine, try to notify the owner. If you can't manage that, send a polite note to the owner's ISP. It doesn't do anyone any good for that compromised machine to stay that way.
2) I know a lot of us are tier 1 tech support for our families. When you check Mom's computer, make sure her AV software is up-to-date. Show her how to check. The heartache you save may be your own.
3) After you do those things, at the moment when they are thanking you for the help, you can politely offer to show them that Linux or FreeBSD is not as difficult to learn as they have been led to believe. Offer to show them a working system. Offer to show them an install (but not on their hardware). When they politely decline, don't press. You won't win everyone over. That isn't the goal. Plant the seed of the idea that Linux isn't too scary or too difficult. One of the people you talk to may be the guy who okays a pilot project at his company when his IT guy suggests using a Linux mail server.
You don't use windows, do you.
Derek
Maybe it's true, but it just smacks of a comforting message to sooth those PHBs out there. Regardless if some/all of the code is based on this guys work, the fact that is spread so far, so fast says it's about way more than one guy.
He's actually built a bright future for himself once he gets out of prison ;) There will be no shortage of people who want him to work for them. Lucky for him he won't be in for long.
Sorry, between the 500 and the 503 errors, the empty-result with a blank page errors and the can't render in Gecko properly errors I'm having a touch time reading Slashdot at all currently.
Just compare it to this: One teenager puts a firecracker on a bridge. As a result, not only does the bridge disintegrate - it starts a chain reaction which destroys 70% of the bridges in the country. Now tell me: Who is responsible? The teenager who did something potentially dangerous or the people who built bridges which could be brought down by a teenager with a firecracker?
How long until people start writing viruses just to "get points" on some chart somewhere? Christ, you people have no logic whatsoever.
Hey now, just because you don't like the logic of a situation doesn't mean there isn't a logic operating. In fact, your post is speculating on what that might actually be. Virus writers are already competing, and as other respondents have noted there are already rankings put out by the anti-virus industry/community. Not to mention the New York Times, theregister.co.uk, and other press outlets.
You associate yourself with the rankers ("we're fucking ranking them"), yet you say that "you people" have no logic. Do you mean the virus writers or those of us who are neither ranking nor writing?
When I was a kid, we only had one Darth.
What an honor! I'd like to send to a congratulations gift. What's your email?
You know what?
I was thinking the first of these. The other one could be funny.
Well they should take him out and put a bullet in his head...that should set an example for other virus writers.
I agree with you on the idea that computer systems are people's property and that invading them is a violation of their property. However, there's a number of ideas you missed:
* The worm writer did not DIRECTLY violate anyone's "doors" or "windows." A better analogy would be he invented a robot who would break through people's doors, reproduce, and find more doors (damn, that sounds cool).
* Doors and windows in real life exist in a different plane than their virtual equivalents. It would cost way too much money to make doors/windows completely invulnerable in real life. On the internet, fixes are generated all the time which can be cheaply deployed to millions of users. It's as if everybody's house had been built with a bad blueprint and the solution was as simple as hammering a nail into something.
Of course, this does not suggest that worm writers shouldn't be punished. But it is important to realize that these crimes aren't quite the same as theft and vandalism. Throwing script kiddies away in prison for life might be an effective deterrent for others, but since when have we stopped caring about matching the crime to the punishment?
OK, so now this guy will be identified as the scapegoat for the whole thing... next will be the Slashdot Interview while he's awaiting trial (go ahead and post your questions now) and the Legal Defense Fund from the EFF.
I see that freesvenjaschan.com is available (and org and net) so go ahead and get a site up now to avoid the rush.
Start working on your Bush and Ashcroft one-liners, since they have absolutely nothing to do with this and that's never stopped you before.
RP
I agree. You have two choices. You can either chase every script kiddy into infinity or you can spend your resources stopping the security vulnerabilty that is exploited. In the first example, I would argue you will never run out of idiots trying to learn ways to break systems or you can spend your resources making the systems harder to break.
How many viruses that infected us last year will be protected by XPs SP2? I believe that every virus that could have been prevented and wasn't is the fault of the system designer not the individual that found a way to expoit the vulnerability.
Granted, I believe that the individual that attaches a destructive payload to an expoit should be procecuted but not given a death penalty or even a life sentence. They should not be blamed for the international issue because the expoit was available on every computer. That responsibility lies with the system designer.
This doesn't mean that system designers need to release perfect software. In fact almost everybody signs off that we do not hold the system designer responsible under the EULA. I find it very discouraging that we All they have to do is have every person sign off on a EULA that states that the system designer is not held responsible.
After finding out that the software didn't work as promised we don't need to lynch the virus writer, we need to relook at the rights that we have so easily given away.
Die, you scum eating virus monger!!
The article ( I know, none of you read it ) also talks about Kim Vanvaeck. She was arrested as well.
The funny part is, she might have been good at code - but she was not good at crime.
A quick Google groups search comes up with funny stuff. Like her back in 1998 asking for someone to please send her a virus so she could learn about them.
Or her in a discussion about sleep habits which starts out asking for the best "hacker babe"...
There are more. But the best part is that in almost all of them she always ties her real name, "Kim Vanvaeck", to her "hacker name", "Gigabyte". It must have taken the authorities a whole 7 minutes to track her down...
As an aside, anyone able to find a photo of her? This is Slashdot... It would be cool if she was as attractive as Angelina Jolie in the [silly] movie "Hackers". (Why else do you think I would be searching on her name?)
The exchange rate is now about .70 USD. So I figure that this comes down to between US$262.5 and USD$350, for the Microsoft tax for the next 4 years. For the respective 15M - 20M Austrailian Dollar.
If they would have gone the route of switching to open source there would have been a penalty up front of switching the 40,000 people to a different platform and converting the files and fixing problems. Which is not a nice calculatable, negotiatable number, and scares the bejesus out of any bean counter.
But.... in 4 years what next number are they going to talking about cutting? If it were OSS then there would be nothing to cut. The costs are in making the move, after the move is done the cost reduce to what ever it takes to keep it running.
The first post cannot be redundant.
You like him that much, just from that short description? Maybe you should get to know him first...
I wouldn't be using Windows if my games were supported on another system. But the reason my games won't run on another OS even with emulation is DirectX. Look where "embrace, extend, and extinguish" has gotten us now.
of people sniping down bugs in their backyards or catching them?
be funny of someone sent a box filled with dead beetles to mozilla.
Friends don't help friends install M$ junk.
The computer worm he created continues to spread despite the fact that their creator has been taken out of the equation.
deist viruses? sounds familiar.
Regardless of how lazy people are when it comes to keeping their machines patched (there were patches for this particular vulnerability long before these worms came out), it doesn't excuse the actions of the person who actually caused the damage. Just as a burglar isn't excused if the doors of the house they rob are unlocked.
"Ask not what your country can do for you." --John F. Kennedy
Friends don't help friends install M$ junk.
I hope he gets put into a gas chamber with Zyklon-B pumped in.
I would gladly buy a lampshade made out of this script kiddy's skin!
99% of the virus activity of the last 10 years can be blamed on Bill Gates.
On the subject of viruses does anyone know if MyDoom is behind the spate of ...
503 Service Unavailable
The service is not available. Please try again later.
Errors and slow performance im regularly getting from slashdot ?
Electronic Music Made Using Linux http://soundcloud.com/polyp
70% of virus infections in my neighbourhood
... buffer.
are caused by just one woman.
I heard the reason is that one can open her ports
in promiscuous mode...
Yeah, if you want some fast physical I/O and you
have insufficient cache, just
Why is it that reporters only make boneheaded statements like this when talking about computers? Last week Francis Crick died, and nobody bothered to point out that DNA structure remains double-helical.
Anyone? Thought so.
There are two very pressing problems to be addressed: One is that the guy who talked about woodpeckers destroying civiliazation was right. The other is the massive waste of creativity that happens because kids (and many great hackers from that matter) have a hard time finding constructive outlets for their creativity, and find appreciation for what they do.
I'm not a christian, I haven't ever written malware, and I'm as annoyed by this kids' stuff as the next /.er, but there will be no advances if one isn't capable to get above all that, and see the fundamental problems.
Employee of Inrupt, Project Release Manager and Community Manager for Solid
we want sensational head lines and vague generalizations. They're much more fun :).
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
He is the super-hacker that is 100x more productive than others that Paul Graham keeps writing about.
http://www.paulgraham.com/gh.html
Not as easy as you might think. IANAL but I do have a law degree.
The teenager's action is "conditio sine qua non" - without him, the bridge would still be standing. At the same time the bridge would still be standing if it had been built properly.
This is a question of guilt: Could the teenager foresee the results of his action? Was his action fit for bringing down a bridge? In both cases I would tend to answer no. The author of this computer virus/worm is certainly guilty to some extend - he did damage on purpose. But at the same time the dimension of the damage is not his fault alone. In real life nobody would let the bridge-builder off the hook. Why is nobody asking if microsoft built the OS as could be expected?
And 23% of all virus activity comes to you courtesy of Margaret Tillman of Chebansee, Illinois who dutifully clicks on every email attachment and forwards every chain email that comes her way.
Here's to you Ms. Tillman; we salute you.
Wanted: witty unique signature. Must be willing to relocate.
Close, but no banana. Depending on the state, it goes like this:
Prep may be part of primary school, but is still prior to year 1.
Some states have different options to finish secondary school. In Victoria there used to be a Technical Leaver's Certificate, which you could do at year 11 and was amied at people going to trade school. Then there was the academic stream, which is currently called the VCE (Victoria Certificate of Eductaion) which is assessed over two years (11 & 12) in modules.
TAFEs are generally trade schools, where people learn to be a chef or an electrician or a plumber or a hairdresser, whatever. They also tend to teach ESL (english as a second language) and run basic business courses.
Universities tend to run the more traditional professional and academic degree courses. The standard bachelor (undergraduate) degree is 3 years. Some bachelors now have pre-requisite degrees - but then tend to be shorter. e.g. Vetrinary Sciene or Medicine require a Bachelor of Science with minimum grade requirements in specific courses, but are in themselves a two year degree. This may vary from univerity to university, most 'prefessional degrees require a total of 5 years study. After a bachelor's degree, you may be eligible to do an Honours year, a Master's Degree or a Doctorate.
Sara
Designer, Gamer, Macgrrl in an XP World
- First they ignore you, then they laugh at you, then ???, then profit.
"It's like Pandora's box - once released viruses can carry on spreading even if the author has been caught or realises he has done something wrong,"
Uh, I think it's kinda like.... a virus.
Or if he meant you open it and get unexpected results, maybe a trojan horse.
Hey, no offense to them, as I'm sure they had a crack team of four or five programmers write the software six years ago, but I don't trust Sophos to block any virus, so I'm sure as hell not going to trust them to have the dirt on which viruses were the worst.
I think anyone that's used Sophos on an Enterprise level can definitely agree: it fucking sucks.
That responsibility lies with the system designer. To an extent, you're right about that. If there's a crippling vulnerability within a piece of software that can easily be exploited, and worse, the developer knows about it, then you could argue that not only were they not so intelligent in how they operated, but also that they were provoking most crackers to take advantage of that exploit. At the same time, I'm reminded of a quote by a fellow from Netscape (probably someone important, and I'm sure we'll all heard similar quotes before). It goes something like this: "If something is made by humans, it can be unmade by humans." How heavily the developer should be blamed isn't so easy to say. After all, you can build the most secure piece of software the world has ever seen, but if the user runs malicious code, it won't matter.
Some percentage was caused by google... remember link to the fractal image?
I think we owe this man a round of applause. I mean when you really think about it, the capability of viruses can easily include a payload that could cripple your computer and destroy your documents permanently.
This is not the case of a lot of viruses released by this person or group. Granted problems arise from an increase of network traffic, and there is an inconvience associated with cleaning up the virus.
But what is the end result.
-You have your documents
-You have some education about how to clean up viruses and the notion that you need to protect against them and worms (av/firewall/patches)
-You fixed a potential security hole in your computer where much more malicious things could have happened.
As a younger script kiddie I could use a simple unicode exploit on windows boxes to pentrate almost any organization running that OS. Banks, Universites, Online Retailers. Bind a shell to a port, open up a remote terminal display and do as i pleased. Once code red came around, all of those avenues got closed quickly. All of these places were much better off having to deal with this worm rather than wait around for someone to do something really malicious.
I just think that viruses today, although an inconvienece, are not all that bad, and teach a valuable lesson to software vendors and also users.
In this case, I believe the worms' author was very well aware of the damage they were capable of causing, and they did exactly what they were intended to do. For that he bears the majority share of responsibility.
I would only blame Microsoft a little. Afterall, there were patches for the vulnerabilities these worms exploited long before they were released into the wild. If anyone shares blame with the worms' author, it's the lazy/incompetant sysadmins who didn't properly secure their systems.
And say what you will about Windows, but personally I haven't had any problems with worms or viruses because I keep my system patched and am smart about suspicious e-mails.
"Ask not what your country can do for you." --John F. Kennedy
I hope you are aware, that microsoft is mass-marketing their OS to consumers, not only to companies with IT-departments. In a country, where you can sue a company for not advising you not to dry your dog in the microwave, there should me quite some responsibility.
If you tell people that your OS is fit for consumers, there should be no need for a sysadmin or even knowing about virii. If you buy a car, nobody expects you to apply patches to the brakes every other week to keep them working.
But of course there's a certain level of maintenance that is required to keep a car running.
And let's be clear on another thing. Windows doesn't easily break on its own due to "wear and tear" like a car does (not since ME anyway). When Windows breaks, it's generally because of the actions of someone like this worm creator.
To put that in the context of your car analogy, it is the same as somebody pouring sugar into the gas tank. That's called vandalism, which (now that I think about it) pretty accurately describes what worm/virus writers do to other people's computers.
"Ask not what your country can do for you." --John F. Kennedy
No it's not. Worm creators just find holes microsoft has not yet fixed although they have been there since the software was released.
To put that in the context of your car analogy, it is the same as somebody pouring sugar into the gas tank. That's called vandalism, which (now that I think about it) pretty accurately describes what worm/virus writers do to other people's computers.
Well, imagine a car with 3500 holes where everybody passing by could easily throw things into your gas tank. And every time you complain about it, they close the one hole which was used this time instead of closing them all or - as might be expected - produce a car where the gas tank is properly secured.