Slashdot Mirror
Blaster Variant Creator Pleads Guilty
Hello Kitty writes "Robert Parson, the 18-year-old who modified and re-released a version of Blaster last year, is on his way to being made an example of, after pleading guilty Wednesday in a Seattle courtroom. According to AP, he can now look forward to 18-36 months behind bars and -- shades of Kevin Mitnick's phantom damages -- may be expected to pay millions in restitution. And then there's that lifelong 5cr1pt k1dd13 title. of course."
A smarter system would have this kid be a digital janitor for a year or so. Disinfect this computer, now disinfect that one. You know, like an intern, and maybe he could get a job out of it when he's done.
More productive than license plates, and more likely to pay society back.
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
Parson was charged here last August because Microsoft is based in suburban Redmond.
;-)
"We appreciate the fact that the defendant has accepted responsibility for the crime he committed," Microsoft deputy general counsel Nancy Anderson said Wednesday.
He changed Blaster to make it attack the MPAA & RIAA rather then Microsoft.
Microsoft should thank him
My pics.
Harsh sentence, but I don't have a lot of sympathy. Idiot makes virus, idiot gets caught, idiot gets punished.
Next please.
He pled guilty, so he's guilty. good. send him to jail. I've got no problem with that.
But as for the millions, who actually get's the money?
an IT profesionals JOB is to deal with problems, much like blaster caused (and still ocasionally does).
What other costs do these companies incur, as a result of a worm/virus?
Do these companies want money to pay the wages of these tech's?
if the worm did it's job through the use of an OS exploit, why isn't the OS creator picking up part of the bill?
legal fee's I can ken, but the rest doesn't quite make sense to Me...
He took a worm and modified it and released it. That's not much different in spirit from what many of us did at his age, playing with tech, poking at it, learning how things work. He just picked something that caused massive headaches to all concerned, so we have little sympathy for the kid. And he seems suitably contrite since his arrest, as well he might since that event probably shook him. But what do we do with such kids? We don't want worms being released, and we want to discourage this behavior. And yes, money is involved when businesses spend time to fix the problems. But asking him to repay "millions" is an order of magnitude wrong. Let's see Kenny Boy Lay repay millions, yes. But this kid?!
Those of us who poked and prodded tech at his age, but did so in a way that didn't cause headaches to everyone, understand a little of his motivation. He was a dope, but a curious dope, and now he's learned a lesson. Will all the other script kiddie types learn from this? No way. What if he is told to pay back "millions"? Nope, they still won't care. We need to rethink how we deal with this sort of headache so that we encourage kids not to mess with worms and stuff, without treating them worse than violent criminals. I don't have the answers, but I can't see how throwing the book at this kid is going to solve much.
When the case is made against Microsoft (or "M$") and how "Windoze" is insecure and should be replaced by Leenucks, the argument is always "the worms and the viruses and malware cost businesses trillions and gazillions of dollars".
But when they nail a dumbass kid who thought he was 1337 and releases a virus (or a variation of one) then it's "phantom damages".
That's great.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Saying that this guy wrote a virus is like me changing the names in The Lord of the Rings and calling myself an author....
Grow up, people.
The "Virus writers are cool heroes" attitude usually comes from non-professionals who would never, ever be allowed to touch a real installation...
Breaking and entering is illegal - even if the victim knowingly employs bad locks.
The main issue here is not the fact that the idiot just changed some lines, but that he knowingly released it into the wild again.
If you use petrol and a lighter to burn down a house and people die, you deserve to be punished. The house could have been a fire trap - but that does not reduce your guilt. (Whoever built it will be sued, too, but the flaw in "virus lover" thinking is that the arsonist should go free because not all houses are fire proof.)
Because you perfectly knew their software was insecure, it's been commonly known for years.
Granted. It's a shame there weren't more commercials stating that from competitors.
You also waived all your rights to Microsoft when you clicked OK to the EULA.
It's often the case that a judge will rule that sufficient negligence on the part of the contractor can void any "do not sue us" clause. Given the shear number of security flaws found and where Windows advertisements have stated Windows should be used (servers), it seems like gross negligence.
People should take responsibility for their own actions, not sue left and right too..
Right, this guy variant creator should be punished. The question was should MS be sued for making Blaster so possible. A simple analogy, from the start of this thread, is the case of Ford finding a defect in their car. Now, Ford has to go out of its way to fix this defect; they don't just tell the consumer "here's the part, you install it". They do this precisely because until the defect is fixed (or there's been a sufficiently long period of time for which the fix was easily accessible), consumers can go out and sue Ford and win the case.
Now, at this point you might state that Blaster variants didn't start until 2 months after a patch was released. You'd be ignoring, though, that MS didn't mail out letters to its consumers. They didn't mail out CDs either. They didn't have local technicians to install the patch. So, while it's reasonable to say that a competent administrator for a server should never have let Blaster spread--MS did the equivalent of the first two for the technical user while the admin is the third--laying this charge on *all* computer users is like blaming all car defect victims for not being mechanics.
This is why MS has pushed for their autoupdate tool as it can optimally fulfill all parts (ignoring it can't reboot).
I can imagine in the future, MS try to claim not using the autoupdate tool to its full extent (ie, d/l *and* install) is paramount for grounds not to sue. But, will MS take responsibility for when one of their patches kill the network connection on a few million users and someone has to reinstall?
Eurohacker European paranoia, gun rights, and h