Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Drops Blaster Author's Fine

Posted by ryuzaki0 on from the slap-on-the-wrist dept.

bevo noted that Microsoft has dropped their fine against the author of the Blaster worm that DDoS'd Microsoft's web sites and hijaacked 50,000 computers. 225 hours instead of a 500k fine. $2200/hour seems like a good deal to me ;)

27 of 312 comments (clear)

  1. Could've been worse by fembots · · Score: 5, Funny

    Luckily the community service cannot involve computers, otherwise this guy will get away lightly by cleaning up roughly 50 spyware/virus-infected Windows machines to clock up 225 hours.

    --
    Rock that crushes, Paper & Scissors that don't matter.
    1. Re:Could've been worse by spagetti_code · · Score: 4, Insightful
      MS would never have seen a bean of that money. First there's the jail time. Then you've got an unemployed teenager with a criminal record and no tertiary education who will, if he finds someone to employ him, probably make minimum wage.

      It certainly is a PR move. Remember, almost everything MS does is a PR move because they are now first and foremost a great marketing company.

      So its a good move on their behalf - chase some loser for 500K and never see a bean, or offer 'foregiveness' out of the bottom of their hearts.

  2. A "Get Out of Jail Free" card! by plover · · Score: 5, Funny
    From the article:

    U.S. District Judge Marsha Pechman said the sentence reflected that although he was 18 at the time of the attack, his maturity level was much younger than that. She also said his home life contributed to the problem.

    Damn, that precedent means virtually everyone here on /. is immune from prosecution. For anything. Especially since "mom's basement" probably qualifies as a "home life".

    --
    John
    1. Re:A "Get Out of Jail Free" card! by plover · · Score: 4, Funny
      Shit, do I actually have to type the damn smileys in here for you people?

      Here: :-)

      That means "it was a JOKE."

      --
      John
    2. Re:A "Get Out of Jail Free" card! by Anonymous Coward · · Score: 4, Funny
      Here: :-)

      That means "it was a JOKE."

      Here: ^$/

      That means "no it wasn't!"

    3. Re:A "Get Out of Jail Free" card! by northcat · · Score: 4, Informative

      This was "Tee kid". This guy didn't write the original Blaster worm that "wreaked havoc". He took the original one, modified it and spreaded it. IIRC, he got caught by leaving references to his nick of various sites "Tee kid" and leaving the URL to his website in the worm (I can't remember well). This guy was really stupid.

  3. Drops the fine? by nolife · · Score: 4, Interesting

    How can MS "fine" someone? Are they really that close to the government now that they can hand out their own judgement and punishment?

    --
    Bad boys rape our young girls but Violet gives willingly.
    1. Re:Drops the fine? by Eradicator2k3 · · Score: 5, Insightful

      That was *probably* a poor word choice. I would imagine that the $500K "fine" actually was damages awarded to MS. MS does have the option to recommend that the court replace the awarded damages (of which they would only see a fraction) with community service. IANAL, however and this is mere speculation on my part.

      --
      Mr. T pitied this fool on 27 July 1992.
    2. Re:Drops the fine? by Fjornir · · Score: 5, Informative

      MS didn't fine the kid, the court ordered him to pay 500k in restition. MS offered to let the kid sweat it off instead of paying cash. This is just a typical shitty slashdot writeup.

      --
      I want a new world. I think this one is broken.
    3. Re:Drops the fine? by tomhudson · · Score: 4, Insightful
      Ok stupid, if you had a brain you'd realize this was damaged awarded to MS due to downtime and such.
      So the kid should have included an MS-style EULA with his worm variant, and his liability would have been limited to the lesser of $5 or the price paid for the software ($0).

      What's good for the goose is good for the gander - when is Microsoft going to pay for all the downtime their crap causes?

    4. Re:Drops the fine? by Hollins · · Score: 4, Interesting

      Based on anonymous tips, typically from disgruntled employees, the BSA can force a company to allow the BSA to perform an on-site software audit on behalf of its members. Audits usually result in the BSA demanding large payments for unlicensed software, plus penalties. Companies have found that losing receipts, packaging, etc. is no defense.

      These tactics are firmly established in a number of court precedents, to such an extent that fighting the BSA in court is usually futile and only adds expense.

      Even if a company is diligent in paying for software licenses, the cost of compiling documentation and escorting auditors can be expensive.

      About once a year here in Chicago, the BSA runs radio ads against software piracy, along with encouragements to employees to call their anonymous tip line.

      Now it may be completely ethical and legitimate for the BSA to act in this way, but it basically affords them governmental enforcement authority.

  4. Can he reduce the worktime ... by Tribbin · · Score: 5, Funny

    ... by replacing himself by a shell script?

    --
    If you mod this up, your slashdot background will turn into a beautiful sunset!
    1. Re:Can he reduce the worktime ... by bonch · · Score: 5, Funny

      He's a script kiddie, so don't you mean "replacing himself with someone else's modified Visual Basic 6 project file he got from IRC?"

  5. This wasn't the Blaster author by r_glen · · Score: 5, Informative

    This was the guy who modified the Blaster worm. The original author never got caught.

  6. 225 hours of... by Nevtje(hr · · Score: 4, Funny

    ...gardening! getting to know the REAL bugs out there!

    --
    Three rings for the Elven-kings in the sky
  7. Re:And in the meantime... by Fjornir · · Score: 5, Insightful

    If you had a box that caught blaster there is nothing preventing you from taking this kid to civil court for damages.

    --
    I want a new world. I think this one is broken.
  8. These were damages owed MS by the_rev_matt · · Score: 4, Informative

    To all the people screaming "What, MS is part of the government now?":

    The judge determined that the convicted owed MS damages of about $500,000. MS at their own discretion opted to allow him to to do community service in lieu of cash. As long as the agreement is acceptable to both parties, the judge will generally go with it.

    --
    this is getting old and so are you

    blog

  9. Microsofts Judicial Powers by Anonymous Coward · · Score: 4, Funny

    So MS has been given judicial powers to grant clemency now?

    Yes. They first used it for this case.

  10. Re:$2200/Hr a good deal? by saintp · · Score: 4, Funny

    Um, I don't think you have to pay them. At all.

    --
    Another one bites the dust
  11. Re:Microsoft, the good guy by InfiniteWisdom · · Score: 4, Insightful

    I'm glad you think that way. Tell me where you live and break in to your home. Its your fault for have breakable glass windows or whatever other vulnerability I exploit to get in, so I shouldn't be punished if I get caught.

  12. Make him spend the 225 hours by Anonymous+Luddite · · Score: 4, Funny


    Helping Bill Gates with his first Gentoo install..

    --
    http://request-header.info
  13. Re:Clemency by Shalda · · Score: 4, Informative

    RTFA. Parsons was to have paid the $500,000 as restitution to Microsoft because the worm launched a rather feeble DDOS attack on Microsoft's websites. As such, Microsoft has the authority to waive that, or to make arrangements. Also, with no job, assets, or future, Parsons would have had no means to make the restitution payment, and would likely have had it dismissed in bankruptcy proceedings. Microsoft would never have seen a dime. Instead, Microsoft gets to look charitable and magnanimous while the kid gets to avoid bankruptcy. Sounds like a win-win deal to me.

    --
    bance.net
  14. Get away lightly? by caryw · · Score: 5, Informative

    This kid still has to do 18 months in prison! 18 months! 13,128 hours! (linked from the same site)
    18 months is almost 10% of the time this kid has even been on the planet!
    Microsoft just helped him out by letting him live his life once he gets out of prison instead of being in debt for the next 40 years.
    I bet it's extremely hard for a convicted felon to work off a $500,000 debt.
    --
    Fairfax Underground: For residents of Fairfax County and Northern Virginia

    1. Re:Get away lightly? by norfolkboy · · Score: 5, Interesting

      "I bet it's extremely hard for a convicted felon to work off a $500,000 debt."

      Since the fine is a civil issue, and not a criminal issue, if the criminal has any sense, he'll petition for his own bankruptcy before he goes into jail, and be debt-free by the time he leaves. ... or is that not how it works in USA?

  15. Re:Microsoft, the good guy by Smidge204 · · Score: 4, Interesting

    A better analogy would be if I made locks which, because of poor design choices, could all be easily opened with a screwdriver.

    Then somebody breaks into 50,000 houses because they all used my inadequate locks.

    The only fault of the homeowner would be trusting my product too much... but you can't really blame them for that either, since a lock manufacturer should know a thing to two about security!
    =Smidge=

  16. It was surely not a fine by EmbeddedJanitor · · Score: 4, Insightful
    My understanding of "fine" is that of a penalty imposed by the state in a criminal case. In the case of a civil action I think the term "damages" is used.

    Microsoft is getting pretty big and powerful and can push the DOJ around, but I don't think they're yet in the position to fine people.

    --
    Engineering is the art of compromise.
  17. That really depends... by WebCowboy · · Score: 4, Insightful

    So are you some kind of hotshot that can get any computer up and going in a vew minutes to an hour? Well, any monkey can format and re-install or restore-from-ghost in very short order, but in my experience it is those technicians that people call "useless" when they get their "fixed" computers back without properly configured drivers and all their email and data since their last weekly backup wiped out (if the said user is swift enough to even do a weekly backup).

    In the corporate world competent techies have made it easy for themselves. They probably deal with a fleet of identical Dells, each issues with a standard ghost image, scripts up the wazoo, something like Altris or other big brother software do roll out updates/config changes, etc etc etc.

    OTOH, 4.5 hours to clean up a machine is actually a realistic high-range estimate when you are talking about some of the personal computers or PCs at mom-and-pop operations out there like "nerds on site" and the like must see. I imagine they see everything from PIIs to the latest screaming PIV from any number of builders out there, and some of them are probably slapped together with leftover components too. These users don't have an image to restore to--unless you count the "rescue CD" if they haven't managed to lose it...they might not have any OS install CD at all! And backups? HAH! I've found you're lucky to even have weekly backups. And no matter how trivial their files look, all these users want to save as much as possible. These users are also rather undisciplined in their own maintenance. The worms and viruses are one thing--prepare to spend some time getting rid of adware attached to weather bugs, comet cursors, chat smileys and "free" P2P programs.

    In any case, if you average it out you might spend 2 hours per machine. I'd say that for how much damage Blaster-variants caused this guy got off lightly--even including the hours he will spend in jail. I suppose, though, that suing someone who is broke for a half-million is pretty pointless. I DO like the idea of making the guy shovel elephant poo for a month as a substitute.

    I do try to be optimistic though--one good thing is that this whole Blaster debacle brought to light the security crisis in Microsoft products. To this day, an unpatched win2k or pre-sp2 winxp machine will become infected within minutes when hooked up directly to a typical high-speed internet connection. It seems unfortunate that some jackass had to pull a stunt like Blaster before anything serious was done about security at MS.