Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Drops Blaster Author's Fine

Posted by ryuzaki0 on from the slap-on-the-wrist dept.

bevo noted that Microsoft has dropped their fine against the author of the Blaster worm that DDoS'd Microsoft's web sites and hijaacked 50,000 computers. 225 hours instead of a 500k fine. $2200/hour seems like a good deal to me ;)

7 of 312 comments (clear)

  1. Re:And in the meantime... by Fjornir · · Score: 5, Insightful

    If you had a box that caught blaster there is nothing preventing you from taking this kid to civil court for damages.

    --
    I want a new world. I think this one is broken.
  2. Re:Drops the fine? by Eradicator2k3 · · Score: 5, Insightful

    That was *probably* a poor word choice. I would imagine that the $500K "fine" actually was damages awarded to MS. MS does have the option to recommend that the court replace the awarded damages (of which they would only see a fraction) with community service. IANAL, however and this is mere speculation on my part.

    --
    Mr. T pitied this fool on 27 July 1992.
  3. Re:Microsoft, the good guy by InfiniteWisdom · · Score: 4, Insightful

    I'm glad you think that way. Tell me where you live and break in to your home. Its your fault for have breakable glass windows or whatever other vulnerability I exploit to get in, so I shouldn't be punished if I get caught.

  4. Re:Drops the fine? by tomhudson · · Score: 4, Insightful
    Ok stupid, if you had a brain you'd realize this was damaged awarded to MS due to downtime and such.
    So the kid should have included an MS-style EULA with his worm variant, and his liability would have been limited to the lesser of $5 or the price paid for the software ($0).

    What's good for the goose is good for the gander - when is Microsoft going to pay for all the downtime their crap causes?

  5. It was surely not a fine by EmbeddedJanitor · · Score: 4, Insightful
    My understanding of "fine" is that of a penalty imposed by the state in a criminal case. In the case of a civil action I think the term "damages" is used.

    Microsoft is getting pretty big and powerful and can push the DOJ around, but I don't think they're yet in the position to fine people.

    --
    Engineering is the art of compromise.
  6. That really depends... by WebCowboy · · Score: 4, Insightful

    So are you some kind of hotshot that can get any computer up and going in a vew minutes to an hour? Well, any monkey can format and re-install or restore-from-ghost in very short order, but in my experience it is those technicians that people call "useless" when they get their "fixed" computers back without properly configured drivers and all their email and data since their last weekly backup wiped out (if the said user is swift enough to even do a weekly backup).

    In the corporate world competent techies have made it easy for themselves. They probably deal with a fleet of identical Dells, each issues with a standard ghost image, scripts up the wazoo, something like Altris or other big brother software do roll out updates/config changes, etc etc etc.

    OTOH, 4.5 hours to clean up a machine is actually a realistic high-range estimate when you are talking about some of the personal computers or PCs at mom-and-pop operations out there like "nerds on site" and the like must see. I imagine they see everything from PIIs to the latest screaming PIV from any number of builders out there, and some of them are probably slapped together with leftover components too. These users don't have an image to restore to--unless you count the "rescue CD" if they haven't managed to lose it...they might not have any OS install CD at all! And backups? HAH! I've found you're lucky to even have weekly backups. And no matter how trivial their files look, all these users want to save as much as possible. These users are also rather undisciplined in their own maintenance. The worms and viruses are one thing--prepare to spend some time getting rid of adware attached to weather bugs, comet cursors, chat smileys and "free" P2P programs.

    In any case, if you average it out you might spend 2 hours per machine. I'd say that for how much damage Blaster-variants caused this guy got off lightly--even including the hours he will spend in jail. I suppose, though, that suing someone who is broke for a half-million is pretty pointless. I DO like the idea of making the guy shovel elephant poo for a month as a substitute.

    I do try to be optimistic though--one good thing is that this whole Blaster debacle brought to light the security crisis in Microsoft products. To this day, an unpatched win2k or pre-sp2 winxp machine will become infected within minutes when hooked up directly to a typical high-speed internet connection. It seems unfortunate that some jackass had to pull a stunt like Blaster before anything serious was done about security at MS.

  7. Re:Could've been worse by spagetti_code · · Score: 4, Insightful
    MS would never have seen a bean of that money. First there's the jail time. Then you've got an unemployed teenager with a criminal record and no tertiary education who will, if he finds someone to employ him, probably make minimum wage.

    It certainly is a PR move. Remember, almost everything MS does is a PR move because they are now first and foremost a great marketing company.

    So its a good move on their behalf - chase some loser for 500K and never see a bean, or offer 'foregiveness' out of the bottom of their hearts.