Slashdot Mirror
70% Of 2004 Virus Activity Down To One Man
arpy writes "According to a report produced by anti-virus software provider Sophos, 70% of anti-virus activity in the first half of this year can be blamed on Sven Jaschan, an 18-year-old German who wrote the Netsky and Sasser worms. According to the report, "Sasser claimed the top spot of the virus chart, in spite of the raging battle between the widespread Netsky and Bagle worms." The Register has a good summary of the report."
Probably not a good article to have floating around with your name in it. I'm sure there are plenty of helpdesk personnel, network administrators, and "computer guy" friends who would like to punch that guy in the mouth.
Scapegoat?
Isn't he the one Valve blamed for the HL2 source code theft as well?
Fox news, and their infamous "The presidential race is not split 50%, 50%. It is split 40%, 40, 10%, and the 10% are going to make a difference."
The question is, do they think it's the 10% that swing vote, or the 10% that don't vote?
I always thought that Fox was a few cents short of a dollar between the ears.
The mainstream and tech press is always implicating Russian crackers or links to .ru sites...
What's the real deal? Someone is feeding us disinformation with a shovel.
You got to wonder why Microsoft never did this before. From a business standpoint, the return on investment for this $250,000 bounty is probably going to be quite impressive.
The computer worm he created continues to spread despite the fact that their creator has been taken out of the equation.
How on earth must one believe that a worm works (or think that one's readers believe that a worm works) in order for them make such a statement?
I'm reminded of a great quote by Charles Babbage. Babbage was asked (by a member of parliament... of course) whether his analytical engine will, in spite of being given erroneous input, nevertheless arrive at the desired answer. Babbage's response?
"I cannot rightly apprehend the kind of confusion of ideas that would provoke such a question."
Accountability on the heads of the powerful.
Power in the hands of the accountable.
Yeah Netsky and Sasser have gained much more notoriety but actually phatbot has been (and still is) the more dangerous worm/trojan/backdoor around in 2004.
There are currently several thousend different modifications of phatbot around and in contrast to Netsky/Sasser, phatboy infected systems are being commercially exploited as spam relays for UCE/UBE and Hatemail. In Europe neofascist/neonazi groups use phatboy to finance and also to distribute their propaganda.
You can buy lists with the ips of compromised phatboy-infected computers to use for your own spam-enterprise. There are even groups which will code you your own version custom-built to your likings.
Strangely the author of Netsky/Sasser has gained much more public interest. Yeah it was probably more annoying and a real hassle for the sysadmins. On the other hand phatboy is more dangerous than netsky and is actively exploited with criminal intent. Although the writer of phatbot has been arrested as well (coincidently also a german) all you ever hear about is the author of sasser.
Jeff
Vinge is a great(!) SF author. Many of his novels deal with an idea he calls the Singularity; the concept that technology will keep accelerating until we gain the ability to increase our own intelligence, at which point the changes will come so fast that we we will become unrecognizable to pre-Singularity humans.
... perhaps Sasser and Netsky were worse?
One of his fundamental ideas is that the growth of technology will give individuals more and more power. I'm not sure if he explicitly says this himself, but one of his themes is that individual people will have the power of atom bombs. It won't BE atom bombs, it will be something else... like the ability to write viruses.
In terms of direct harm, it would appear that Sasser may have done more damage than slamming planes into the WTC. Indirect damage, everyone overreacting and doing stupid things, was tremendously greater with the WTC, of course. But in terms of direct, measurable damage
Speaking, again, purely in economic terms, I wonder how Sasser and Netsky rate against the Hiroshima or Nagasaki bombs? I realise that the viruses probably didn't kill anyone, and they didn't start or end any wars. We don't feel it as much because everyone paid a little bit, instead of a few people paying a whole lot... but in terms of actual dollars/yen/economic value, I wonder how they compare?
However that comparison comes out, being singlehandledly responsible for 70% of all virus activity over the last year is *a lot* of power. Vinge's Singularity may not be that far off... assuming we don't virus ourselves to death first, anyway.
You're measuring angles with an analog device with at best 1 degree accuracy per angle. When adding such imprecise data, yes, the margin for error increases.
In fact, there are several lessons to learn from that. E.g.,:
1. Any experimental data which neatly falls _exactly_ on the theoretical curve, and adds up to _exactly_ the predicted number is most probably cheated.
I.e., had I been a teacher, I would have been a lot more suspicious of anyone who came with 360 there, than of someone whose angles added up to 355. The guy with 360 probably skipped the last angle and just subtracted the sum of the others from 360. Which is _not_ what was asked.
2. Be aware of the imprecision involved in any measurement. Be aware how they add up, subtract or multiply. Especially for anyone working in any experimental science. (E.g., physics.) Or with computers.
I.e., when that board calculated that, within the precision of the measuring device, it can be between 355 and 365, they did their homework. You didn't.
3. If you work with computers, be aware of the limitations of the data type you use.
E.g., if I see another clueless burger-flipper using 4 byte floats to hold money amounts in a database program, I'm gonna barf. Doubly so when then they start wondering why their final numbers are some 10,000$ off the mark.
4. As a corolary, never use == with floating point results. Not even with the most trivial calculations (e.g., that the sum of the individual rows equals what's in the totals field.) Do what scientists and that Board of Studies do: calculate the expected margin for error and use an interval.
A polar bear is a cartesian bear after a coordinate transform.
If I take a 2x4 and bash you in the face with it, do we say that your face was vulernable to a natural product moving a moderate velocity?
Every single thing in nature, and every single thing created by man is vulnerable to SOMETHING. From a natural standpoint, that is what life is, exploitation of other lifeform's vulnerabilities. Millions of bacteria are doing that in your body righ now, the very second you read this.
I don't read or respond to AC posts
Me, I would have placed the blame squarely on all of the admins out there who allowed their systems to be compromised by the worms in the first place.
You mean that it's Joe user's fault that his DSL connected PC got infected? What do you suggest we do about that?
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
And I'm sure more hours than that were spent trying to clean this up... try him for murder.
Definately not... The story header here claims that "70% of anti-virus activity in the first half of this year can be blamed on Sven Jaschan", that makes a good headline for sure, but the FA itself says "Sven Jaschan, teenage author of the Sasser worm and member of Skynet, the gang responsible for distributing Netsky, confessed in May".
So 70% of the virus activity has been done by one group of hackers, not by a single hacker.
Facts people, we want facts!
After 3 days without programming, life becomes meaningless
- The Tao of Programming
> You mean that it's Joe user's fault that his DSL
> connected PC got infected?
Yes.
Just like it's my fault when I never put my car through the yearly inspection and let its brakes rot, I can (and probably will) be made at least partially responsible for the next accident I'm involved - even if some drunken asshole crashes into my car though I have right of way.
If you don't know how to fix it, pay someone who knows. I have no problem admitting that I cannot fix my own car (I can drive it, and look-up what the various warning-lights mean, mostly resulting in calls to "tech-support") and that I have to pay someone to do that.
Nobody has problems with that in any other area of modern life !
Only with PCs and Windoze, the most fucking fragile, error-prone, bug-ridden technical achievement since the invention of the light-bulb people think it's different.
Now, if people would realize how often their Windows-PC really needs a "service-man" compared to their cars, they'd think twice about buying a computer again - even more so for ones equiped with a Windows-OS.
Rainer
Windows 2000 - from the guys who brought us edlin
To use your "real world" model, Windows is not analagous to a locked car sitting on the street in a relatively nice neighborhood. Windows is analagous to a car with all its doors open and a key in the ignition, sitting in the middle of downtown Gotham City.
It's *going to* get stolen (hijacked) unless you do something about it.
I'm all for putting this guy in jail. But at the same time, it's unrealistic to expect hackers to stay away from a computer whose OS is full of vulnerabilities, from which they stand to profit.
You say you want to give users what they ask for....what all MY users are asking for, primarily, is "not to be bothered with this bullshit virus stuff," and the best way to make that happen at this point, IMHO, is to make it far more difficult to gain access to their computers.
Sure, you can make an example of this guy, but I don't think that's going to stop the tidal wave of virus attacks. Instead of relying on the courts to enforce things like this, I'd much rather see an increase in computer security. Just give all your users personal firewalls (the RL equivalent of locks on their car doors)....something really simple like Zone. Software that DOES make things comfortable and obvious for the user.
And when the problems go away, they will remember that security, not the court system, solved the problem.
--B
Friends don't help friends install M$ junk.
I've worked with both Oracle and IBM's DB2. Both offer fixed precision numbers. Even all the single user databases I've used, dating at least all the way back to dBase 2 under CP/M, worked that way.
And all major languages offer libraries to read and process that as a decimal, not as float. At least in Java it's part of the standard library.
You know why? Because of the reason I've mentioned in the post you're answering to. Floating point maths errors. It's an issue known since the 60s.
I.e., I stand by what I've said. If in the program it's read by as a float, then the blame lies squarely with the clueless burger-flipper who's read that data into a float. Someone who didn't even bother learning either the standard database capabilities or the very core libraries of the language, but is paid as a programmer anyway.
A polar bear is a cartesian bear after a coordinate transform.