Slashdot Mirror

← Back to Stories (view on slashdot.org)

Man Gets 3 Years for Botnet Attack

Posted by ryuzaki0 on from the nice-job-macgruff dept.

Vobbo writes "Weeks after NANOG subscribers argued whether or not mitigating botnet command and control systems was a worthwhile endeavor, the LA Times reports that the old fashioned method of arresting and prosecuting criminals still works. Prosecutors successfully prosecuted a 21 year old who had conspired to create botnets that attacked the Department of Defense, a California school district, and a Seattle hospital before being arrested. He plead guilty and was sentenced to 3 years of 'supervised release.'"

89 comments

  1. I'm concerned... by macadamia_harold · · Score: 0, Offtopic

    Prosecutors successfully prosecuted a 21 year old who had conspired to create botnets that attacked the Department of Defense

    But was the botnet able to find Sarah Connor, in order to pre-emptively destroy the human resistance?

    --
    Push Button, Receive Bacon
  2. Remind me again, why do we need all these new laws by the_leander · · Score: 4, Insightful

    Because it seems to me, that the new legislation isn't worth spit, what is needed, is more manpower available to track, prosecute and breakup such nets.

    --
    regards, the_leander
  3. More sensationalism by ReallyEvilCanine · · Score: 0, Flamebait
    Man Gets 3 Years' Probation for Botnet Attack

    "Editors", feel free to cut and paste.

    1. Re:More sensationalism by Anonymous Coward · · Score: 4, Informative

      "Man Gets 3 Years' Probation for Botnet Attack

      "Editors", feel free to cut and paste."

      FTA: "A man was sentenced to three years in prison Friday for launching a computer attack that hit tens of thousands of computers, including some belonging to the Department of Defense, a Seattle hospital and a California school district.

      Christopher Maxwell, 21, of Vacaville, Calif., was also sentenced to three years of supervised release. "

      I would say the 3 years in prison is more significant than the probation afterwards. Perhaps you should be informed before you start criticizing.

    2. Re:More sensationalism by curebox · · Score: 2, Informative

      Actually, this is a supervised release deal. He will have to report to his probation officer, submit financial information each month, possibly take random drug tests, and in general stay out of trouble. If he causes mayhem again, they can (but don't have to) impose that 3 year prison sentence.

      So assuming that he stays out of trouble, then yes, the sentence is probation.

      --
      Forget this. In memorial.
    3. Re:More sensationalism by Master+of+Transhuman · · Score: 2, Informative


      Meanwhile he can do whatever the hell he wants, as he is likely to see his PO maybe once every three months.

      I was in for armed bank robbery and rarely saw my PO. Fill out the form once a month and that's it. If you have no history of drugs, you won't even take drug tests. Oh, yeah, he might have to go to a bottom of the barrel shrink once a week for "therapy" - that's the biggest annoyance.

      In essence, he got away with it. Supervised release is an annoyance, nothing more.

      --
      Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
  4. I wonder... by ZeroExistenZ · · Score: 3, Insightful

    ... how this new type (spammers, mailflooders, scriptkiddies, 'hackers', scammers, ...) of jail-citizen are welcomed and threated.

    I often read these kindof things and wonder wherever punishment isn't tooo hard on cybercrime, if you compare the crimes committed to equal the sentence time. It appears out of proportion to me.

    In this case one can argue it's a "conspiracy against the government" or a plot to "attack the US infrastructure". However, I doubt the guy ever planned to start some sortof war with the government, other then showing his discontent or something like that.

    It doesn't really matter how I think about this specific case, but it makes me wonder to what computer crime (and the definition thereof) compares to other crimes? I can see the scammers being up there with fraud, no argue. But I'm sure about the others.

    --
    I think we can keep recursing like this until someone returns 1
    1. Re:I wonder... by legoburner · · Score: 4, Interesting

      I would imagine that since most people dont understand the full effect of the crimes, that they are more influenced by fictional events and representations. In a trial by a Jury or Judge who is not familiar with the exact scope of the technology, perhaps they err on the side of (what they see as) caution and give stricter penalties in comparison to something that is easily understood like burglary.

      --
      Warhammer forums
    2. Re:I wonder... by hoshino · · Score: 2, Interesting

      It depends on whether you think crimes should be judged by the intentions (which is often hard to gauge) or the effects (which can usually be factually shown). While cyber criminals often do not have the intention of causing harm to other people the same way a terrorist wants to kill people, the actions of cyber criminals can have the same if not greater effects. If someone released a computer virus that paralyzed a hospital's computer system and caused the deaths of numerous patients due to equipment failure or unnecessary delays even if you did not intent to, I personally feel that a harsh punishment is required for his lack of personal responsbility. Basically, I don't feel that "I didn't know" or "I didn't think it would be so serious" is a valid excuse.

    3. Re:I wonder... by antifoidulus · · Score: 1

      Well, in this case it seems the guy isn't going to jail, the summary says "supervised release" and the article doesn't really explain what that is, but I imagine he probably has to wear an ankle bracelet, and will only be allowed to leave the house for employment, and may be restricted in his computer activities. However, he won't be going to "Federal pound me in the ass prison". This seems like a fair sentence. He will have a much harder time getting a good job because of his criminal record, but I guess that is something he should have thought about before unleashing a botnet.... I guess he can always get a job as a security consultant.

      --
      Monstar L
    4. Re:I wonder... by Konster · · Score: 5, Insightful

      If anything, punishment for IT related crimes are far behind where they should be. In a lot of ways, the internet is the modern equivalent of the lawless west where there are far too many criminals and far too few deputies and effective laws put into place to deal with criminals.

      Same thing in IT right now, lots of easy crimes to commit with few real repurcussions for illegal actions.

    5. Re:I wonder... by widget54 · · Score: 2, Insightful

      Not harsh enough! He got a slap on the wrist, which in no way is going to deter others from imitating his network antics.

      --
      sic transit gloria mundi
    6. Re:I wonder... by Xaositecte · · Score: 1

      the actual article specifies prison - He also got three years of supervised release.

    7. Re:I wonder... by tomstdenis · · Score: 4, Insightful

      That's true in a certain sense, but also keep in mind the govt wants to make examples of these people. They may have only DoS'ed the government, but that's a small step to an extortion ring. Let me know when your company is going bankrupt because you have no net presence and thus no customers. See if you feel so liberal about it then.

      That and frankly little script kiddies are not harmless, they're ignorant and there is a difference. The net really depends on the netizens actually playing nice [or at least fair] with one another. When people like this take it upon themselves to affect so many, they deserve an appropriate punishment.

      Tom

      --
      Someday, I'll have a real sig.
    8. Re:I wonder... by legoburner · · Score: 1

      Indeed, I did not mean to sound like I was defending their actions. You state yourself it is only a small step to an extortion ring but that does not mean it should be punished as if it was one unless there is specific evidence they were actually operating one. Good point about ignorance vs harmlessness, but that is where the courts have to decide on the true malicious intent and at the same time is where and why they might be too harsh in some cases.

      --
      Warhammer forums
    9. Re:I wonder... by PeeAitchPee · · Score: 4, Insightful

      I was gonna mod you down, but I'll be constructive and reply instead.

      Before anyone screams conspiracy or defends this person, RTFA. This guy and his two buddies made over $100,000 from advertisements displayed by their little botnet. His motivation was simple . . . money, which last time I checked is no different that that of the spammers that almost every single Slashdotter would like to see ruthlessly executed and buried in an unmarked grave somewhere. The fact that he attacked (probably because of the indiscriminate nature of his botnet) public infrastructure is somewhat irrelevant other than it means it's easier for them to nail him to the wall 'cuz he got too lazy to look after all of the domains he was targeting. I think if we started vigorously prosecuting MORE of these people, and punishing them with jail times such as these, (US-based) botnet attacks would dramatically decline (as would spam). GO AFTER THE MONEY.

    10. Re:I wonder... by tomstdenis · · Score: 1

      Yeah, shoplifting is a minor [in terms of violence] crime but it too is a short step from shoplifting with a knife or a gun. Deviant behaviour has to be curbed before it gets too "routine" for the offender. At the point where they have no moral compunction with DoS'ing for no-profit, they'll make the switch.

      Frankly, "intent" aside if you did it you did it. If I rob a store, I may not intend to give the clerk a heart attack, but I did it just the same. Why shouldn't I be help accountable for it?

      And again, example. They want [and should] be very strict because it can send an example that if you do this stuff there are very real consequences. Sure, it may not work against the truly dedicated [hello war on drugs] but if it's enough to scare off random script kiddies I'm all for it.

      And no, I'm not for jail-time in all cases. Getting a red flag next to your identity [e.g. no personal net access] would be enough in my books. Not mitnick style though. I think you should be able to work [in the less extreme cases] with computers, just not unsupervised at your home. Make employers look after ya [if they'll have ya].

      Tom

      --
      Someday, I'll have a real sig.
    11. Re:I wonder... by Aadain2001 · · Score: 2

      Isn't that more a failure of police/detectives to find and arrest the criminals than a lack of laws? In the Wild West there were plenty of laws against robbery and murder. The problem was there wasn't enough law enforcement officers to actually enforce the laws. Applying the same analogy to the current Internet, we need more intelligent police who can understand and follow up on crimes. Right now, most police don't understand the concept of most computer crimes beyond "hacking" and "stealing". If we can increase the police force and give them the necessary training to be on par with the criminals technologically, you will see the amount of (serious) computer crimes drop.

      --
      Space for rent, inquire within
    12. Re:I wonder... by Oligonicella · · Score: 1

      So, do you think that attacking a hospital and possibly bringing their system down -- with peoples lives actually in the balance -- is not worthy of jail?

    13. Re:I wonder... by dayton967 · · Score: 1

      Again we don't know what the full effect of these attacks are, it does state he attacked "Seattle's Northwest Hospital" what if this attack caused 1 or more important systems to die. I know many hospitals around here, are computerizing the control of their power distribution, in the building or other internal services such as your records. Now depending on what was done, if it was a simple DoS of the computers, he could have knocked caused internal services to be interrupted, if it was a Trojan, what says he couldn't steal personal information, for fraud or other crimes. But there's another part of the equation, the cost to the companies themselves and organizations themselves, I think DoD can cover their costs, with cleaning up. But what about the other organizations like the hospital, or school board, their costs ineviable get passed down to the consumer, in this case children, or the ill. So be aware the damages may not be so cut and dry, or so linearly connected, or even time wise connected, again what if his actions caused someone to die earlier, the manslaughter laws in many places only allows for killing the person "prematurely" in the act of committing a crime. My 2 cents, or has inflation raised it to 5 cents now. J.

    14. Re:I wonder... by penix1 · · Score: 1

      "Again we don't know what the full effect of these attacks are, it does state he attacked "Seattle's Northwest Hospital" what if this attack caused 1 or more important systems to die. I know many hospitals around here, are computerizing the control of their power distribution, in the building or other internal services such as your records."

      This is just silly. Any company that has critical real-time priority systems connected to any computer connect to the Internet deserves the wrongful death suit they get. Those systems should be closed and secure, not connected to anybody and everybody. This is just scare tactics to justify harsher laws that won't be enforced so the politicians look like they are "tough on crime" (besides being pure FUD).

      B.

      --
      This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
    15. Re:I wonder... by div_2n · · Score: 3, Insightful

      the internet is the modern equivalent of the lawless west where there are . . . far too few . . . effective laws put into place to deal with criminals.

      This argument is exactly what causes new cyber laws to be needlessly written. It's pure balderdash. Theft is still theft, extortion is still extortion, etc. Just because the behavior is done over the wire doesn't make it any less or more of a crime. The only part of the law that might be lacking is extradition where someone in country A launches an attack of some sort on someone in Country B.

      The only thing the internet does is make crime less risky in terms of immediate repercussions. If you rob a bank in person with a gun, all sorts of things can go wrong. If you do it over the wire, you can have your money and be sitting on the beach of a country with no extradition treaties (see above argument) sipping on a cool drink before the authorities even know your name. Even better than that, you can do it from the beach while sipping on a cool drink.

      The internet melts international borders. The law hasn't cought up with that yet. Focus on that and getting better trained law enforcement to deal with cyber crime more quickly. If the law needs to be changed, the only thing I suggest is to make cyber crime default to maximum penalties. You don't need to reinvent the wheel to deal with the same crime that has been around since laws began.

    16. Re:I wonder... by ScrewMaster · · Score: 1

      Perhaps it's time to have a technical court, where people like this kid really can be tried by a jury of their peers. For the most part, I've not been happy with the way the judiciary in the U.S. has been handling technical issues. The truth is, the fear of technology (which equates to fear of the unknown for most people) combined with resentment towards those who can use technology effectively, often results in punishments that far outweigh the crime. In this case, it sounds like the kid got off lightly. I'm rather surprised by that, since he was caught attacking DoD systems. First offense and all that, I guess. Good thing it didn't happen in Texas. The judge would probably have just shot him.

      --
      The higher the technology, the sharper that two-edged sword.
    17. Re:I wonder... by cdrguru · · Score: 1
      The problem is in some places it is legal to rob banks, if you do it in the right way. There are certainly places where defrauding people of their money is not considered a crime. Places where the age of consent is 12, so photos of nude 13-year-old boys are perfectly appropriate.

      So if you are operating from a country where the law allows you to take money from an electronic system because their laws weren't written with electronic banking in mind, who is to stop you? Do you think the victim's country's laws should apply? Isn't that just a case of the US or EU enforcing its laws on everyone? I doubt that is going to work in Bangledesh or the Cayman Islands. If "banking secrecy" is the cornerstone of a country's economy, it is going to be very difficult to prosecute someone, or even find them.

      It comes down to a few ways this can work:

      • everyone has the same laws
      • extraterritory enforcement of the victim's laws
      • Some UN agency rife with corruption and payoffs that promises the world and accomplishes nothing.

      Cyber crime is going to be consequences-free for a long time to come. If this guy had been doing this from a different country, he might never have been prosecuted just because of the hassle. If he was in Romania, he likely would never have been caught, much less prosecuted. If he was in Bangledesh nobody would have even investigated.

    18. Re:I wonder... by hedwards · · Score: 1

      It is frontier law. Back 100 years and a bit around here the only punishment for murder or horse stealing was to be hung. Back then it was nearly impossible to keep such individuals locked up and releasing them was even worse.

      While we can't realisticly hang crackers for this kind of thing severe punishments with long jail sentences are a practical necessity. Just in terms of money lost on bandwidth alone justifies a heavy handed approach. And that isn't even counting the severe crimes like molestation, rape and torture videos or pictures.

      So no, I would say that if anything the sentences being handed out are on the lenient side.

    19. Re:I wonder... by lysergic.acid · · Score: 1

      Is it the same in all cases though? Is copying files from someone's computer the same as robbing their house? Is breaking into someone's computer the same as tresspassing? Just because 2 crimes are similar doesn't mean that they pose the same threat/cause the same amount of harm to society and should be punished to the same extent.

    20. Re:I wonder... by Hoi+Polloi · · Score: 1

      I disagree with your claim that it is "...it too is a short step from shoplifting with a knife or a gun...At the point where they have no moral compunction with DoS'ing for no-profit, they'll make the switch.". Motives for shoplifting are to profit with the least amount of risk. It is generally not done with a sense of desperation. Armed robbery has different things driving it beyond just profit, such as desperation, contempt, and anger. To say that it is a natural and likely progression is as unrealistic as saying the pot smoker will automatically go on to use heroin.

      People may increase the scale of their crime (embezzling more and more) but you are wrong to say that they will progress to a different type of crime (from embezzling to armed robbery).

      Making the penalties clear and the benefits of keeping your nose clean will keep the majority of the curious and reasonable away from crime. The ones who think they are special and will never get caught or the nihilists who just don't care will never be scared by the penalties. They don't think it'll ever happen to them anyway.

      --
      It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
    21. Re:I wonder... by VENONA · · Score: 1

      One thing commonly done with bots is scan for other machines to infect. If the next machine is doing something important, and becomes unresponsive, etc., then that's just too bad. Botherds don't really care who is injured by their actions, so long as they make money. In this case:

      "In searching for more computers to infect, the bot software used by the group caused trouble amongst some systems at Northwest Hospital: doors to the operating room failed to open, pagers did not work, and computers in the intensive care unit were disrupted, the statement said. The hospital used backup systems to continue to treat and care for patients."

      http://www.securityfocus.com/brief/204

      I'm not saying this sort of thing is never blown out of proportion. It can be, especially when DoJ needs a headline. But billions of dollars are being lost, lives severely impacted by identity theft, etc. I'd say that the courts are often too lenient.

      --
      What you do with a computer does not constitute the whole of computing.
  5. Re:Remind me again, why do we need all these new l by MarkByers · · Score: 3, Insightful

    what is needed, is more manpower available to track, prosecute and breakup such nets.

    Perhaps if the police spent less time investigating fraudulent copyright infringement claims and confiscating a political party's servers they would have more time to chase real criminals. Or was it only in Sweden that the police ignore the criminals and try to hunt down political activists instead?

    --
    I'll probably be modded down for this...
  6. 100k for Installing Spyware? by Elvis77 · · Score: 5, Funny

    My teenagers have managed to install spyware on ALL my computers... little did I know that they could earn a living at it...

    --

    The man in black fled across the desert, and the gunslinger followed (SK)
    1. Re:100k for Installing Spyware? by Anonymous Coward · · Score: 0

      Does that mean they're written software to install spyware on Linux and OSX? Or are you limiting your children's experience with computers to Windows?

    2. Re:100k for Installing Spyware? by Anonymous Coward · · Score: 0

      Oh jesus christ shut up.

  7. What punishment? by Secrity · · Score: 1

    All this guy got was "supervised release", which is essentially probation. "... offenders placed on supervised release are allowed to remain in the community; they are supervised by officers of the court and are required to observe certain conditions of their release." His sentenece is in line with other people who were convicted of various forms of fraud.

    1. Re:What punishment? by tverbeek · · Score: 1

      Does "supervised release" mean that he'll have to go back and live with his parents, who'll check on him every hour to make sure he isn't surfing porn, downloading pirated movies, or trying to take down the internet?

      --
      http://alternatives.rzero.com/
    2. Re:What punishment? by Secrity · · Score: 1

      He is 21 and not a minor. I didn't see that court requires that his parents participate in his supervision as a condition of his release. If his parents allow him to live in their house, the conditions under which he would be allowed to live there would be a decision that his parents would make.

    3. Re:What punishment? by penix1 · · Score: 2, Interesting

      "Supervised release"=="probation". They are assigned a probation officer to monitor the convicted to ensure they are living up to the conditions of their probation. One infraction of their probation sends them back to complete the full term of their sentence. Depending on the conditions, it can range from home confinement type (where they wear a tracking device and have frequent call-ins) to where they report in to the probation officer once a week or so. It depends on what the court orders. Another thing about probation...If the convicted breaks any law outside of their probation terms, the probation ends. This means that if this guy were to sell drugs, for example, while on probation for this then back to the slammer he goes.

      It is a way to decrease the populations of already crowded prisons. Probation and parole are about the same thing with the exception that parole is granted by a parole board and probation is granted by the court. In short, parole isn't guaranteed to let them out early where probation is.

      All in all, he got a light sentence compared to what he could have gotten for the DoD affair. He should count himself lucky he isn't in Gitmo with the rest of the "terrorists".

      B.

      --
      This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
    4. Re:What punishment? by Vegeta99 · · Score: 1

      ONE violation? heh. If you believe THAT you have FAR too much trust in the government's ability to control or deter crime.

  8. Re:Remind me again, why do we need all these new l by tomstdenis · · Score: 3, Insightful

    Disabling raw sockets and making people more accountable for their machines may help too.

    I don't care if you get exploited. You should know enough to figure out when it has happened [e.g. your modem goes crazy] and do something about it [e.g. turn computer off]. And why ISPs still let people transmit IP packets with forged src addresses I'll never know. Sure it's technically valid [as far as IP datagrams goes] but the only legitimate use is to DoS something.

    Oh, and a public flogging wouldn't hurt either.

    Tom

    --
    Someday, I'll have a real sig.
  9. Tolerance for the crime by canuck57 · · Score: 1

    Christopher Maxwell, 21, of Vacaville, Calif., was also sentenced to three years of supervised release.

    The amount of crime is inversely proportional for the tolerance of the crime. That is, if the punishment for a crime were to be severe enough there would be little of it. Guess with this kind of sentence we can expect more crime.

    1. Re:Tolerance for the crime by Anonymous Coward · · Score: 0

      In general, the chance to get caught plays a much bigger role than the severity of the punishment.

    2. Re:Tolerance for the crime by alexhs · · Score: 1

      The amount of crime is inversely proportional for the tolerance of the crime.

      <sarcasm> Yeah, that's why with death penalty there's a lower crime rate in the U.S. than in the other industrialized countries </sarcasm>

      --
      I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
    3. Re:Tolerance for the crime by Paradigma11 · · Score: 1

      what a cute, plausible sounding theory based on the rational choice model. do you have any emprical evidence to support it?

    4. Re:Tolerance for the crime by Anonymous Coward · · Score: 0

      what a cute, plausible sounding theory based on the rational choice model. do you have any emprical evidence to support it?

      Going to the extreme, if a person who broke into homes was locked up of put down would never get a chance to do it again. Since much crime is repeat offenders, the crime rate would certainly decrease would it not? After all, your first conviction would be your last.

      If you need to call for "emprical evidence" then you need to become more rational as the proof is there for those willing to see it. The crippling use of cains in Tiawan, chopping off limbs in the middle east and so forth does stem theft and defacement. It is actually news when it is done.

      For this case, 3 years isn't bad, but should come with a chain and ball of 3 years hard labor. Then if enough feared this it would not occur as often.

    5. Re:Tolerance for the crime by cdrguru · · Score: 1

      The relationship of the death penalty in the US having a "deterrent effect" compared with other countries must be compared the same way that gun violence compares in other countries with equal or greater guns per capita.

      This doesn't necessarily say that the death penalty offers much in the way of deterrence, but inferring that it has a negative effect because there are fewer death-penalty level crimes in other countries without the death penalty is not a reasonable correlation.

      The US has been on slow boil since the 1960's. It is beginning to reach the point where it will boil over. No other country on earth has some of the racial, social class and immigration problems the US does today. Partly because of this, the only way for a poor black man in his 20's to cope is to shoot people. Fact of life for those in the ghetto. And we're only catching at most 20% of the folks committing murders today. The blacks know the Mexicans and Cambodians are more economically successful, so given the opportunity they burn down black-owned businesses. It doesn't have to make sense - it is just a pot getting ready to boil over. And people are acting out of desperation.

      With an open-arms immigration policy and shipping all manufacturing to low-cost labor markets people are going to start seeing the message that they better grab whatever they can while they can. Chicago will look a lot more like Baghdad when this starts.

      Maybe a sure-and-swift death penalty policy could keep the lid on for a few more years. Certainly worth a try. When the crisis hits it will be every man for himself.

    6. Re:Tolerance for the crime by 49152 · · Score: 1

      The amount of crime is inversely proportional for the tolerance of the crime. That is, if the punishment for a crime were to be severe enough there would be little of it.

      Ignorant bullshit!

      If that was true then there would be virtually no murders in the US due to the death penalty. We all know how that worked out, the US now is one of the last places in the developed world with a death penalty and also the place with the highest murder rate.

    7. Re:Tolerance for the crime by Rotten168 · · Score: 1

      But it's a chicken vs. egg problem. The death penalty wasn't relegalized in the US until the mid-1970's. And it was a gradual thing. Was the DP enacted because of crime or did crime occur because of the death penalty?

  10. Re:Remind me again, why do we need all these new l by PopeRatzo · · Score: 2, Interesting

    No, friend, it's not just in Europe. I've driven down streets on the West Side of Chicago, watching police give parking tickets while open-air crack cocaine markets operate in clear view not 100 feet away.

    It's not about crime and safety, it's about power and revenue.

    A reminder to Americans: there's an election in a few months.

    --
    You are welcome on my lawn.
  11. Re:Remind me again, why do we need all these new l by thePowerOfGrayskull · · Score: 1

    Disabling raw sockets... may help too.

    Any socket is a raw socket, e.g., just because port 80 is the standard port for http doesn't mean I have to use http over it.

  12. He deserved it! by alexhs · · Score: 2, Insightful

    I mean, that guy deserved that sentence, if he had been half clever he would have claimed he did that to collect evidence against pedophiles. And he would've gotten money from the FBI instead !

    --
    I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
  13. Re:Remind me again, why do we need all these new l by Bert64 · · Score: 4, Informative

    Disabling raw sockets in the OS won't get you anywhere, not so long as users are running with full privileges.
    If you disable raw sockets, the backdoors will just start re-enabling them, sending raw ethernet frame instead of raw tcp, or even installing a replacement tcp stack which supports raw sockets properly.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  14. Re:Remind me again, why do we need all these new l by Jeff+DeMaagd · · Score: 0, Flamebait

    Fraudulent copyright infringement claims? Sweden's worse about upholding the Berne Convention Copyright treaty than China is, so if it's not illegal to participate in the unauthorized redistribution of copyrighted works, then Sweden is in violation of Berne.

  15. Re:Remind me again, why do we need all these new l by tomstdenis · · Score: 2, Informative

    That's not what a raw socket is...

    A raw socket is basically an IP socket where you get to form the IP header and payload however you want. You can then send things like ICMP packets with the incorrect src address. Or you can issue TCP connect requests with the wrong address, etc...

    Running httpd on port 81 is still a TCP/IP socket. You'd be sending out a valid src address and the like.

    Tom

    --
    Someday, I'll have a real sig.
  16. Re:Remind me again, why do we need all these new l by thePowerOfGrayskull · · Score: 1

    Fair enough; at what level would you have them disabled? OS? ISP?

  17. Re:Remind me again, why do we need all these new l by tomstdenis · · Score: 2, Informative

    No, ***ISP***es should disable raw sockets.

    E.g. your address is 70.3.44.8, if your IP packets don't have that in the src address then null-route the sucker. Boom, no more anonymous DDoS as the zombies will be trackable and then can be held accountable.

    Tom

    --
    Someday, I'll have a real sig.
  18. Re:Remind me again, why do we need all these new l by tomstdenis · · Score: 2, Informative

    ISP. It's actually a really simple iptables or PF filter. On the gateway that serves [say] 70.8.4.0/24, you just reject all packets where the src address doesn't match.

    If you want to get more fancy you could make sure ip associates with the MAC address. But generally if you can track a DDoS participant to an ISP gateway you can narrow it down from there if it's still active [or if you keep stats].

    Tom

    --
    Someday, I'll have a real sig.
  19. War on Free Speech! by MarkByers · · Score: 1

    Sweden is in violation of Berne.

    Show me where in law it states that Sweden violating the Berne convention gives the Swedish police the power to imprison an innocent lawyer and confiscate political parties' web servers.

    If anyone should be arrested it is the members of the Government who are so clearly abusing their powers to suppress views they disagree with. I don't care whether or not I agree with the views - there is this thing we used to have called the right to Free Speech which is slowly being eroded under the guise of 'War on Terrorism', 'War on Piracy' and 'War on Whatever Suits Us Today'.

    If people arrest the two convicted child pornographers (who have now served their sentences) for compaigning to reduce the legal age for sex, I would be equally outraged even if I don't agree with them. This is because I seem to be one of the shrinking minority of people that actually think the right to Free Speech is more important than whether some American company's profits are increasing or not.

    The only reason the police picked on the Pirate Party is because they are so successful. I hope they get a huge blow to their PR for this act of pure unadultered corruption.

    --
    I'll probably be modded down for this...
    1. Re:War on Free Speech! by Achromatic1978 · · Score: 1
      and confiscate political parties' web servers

      Without going into the rights or wrongs, you make it sound like the political party was innocent collateral damage, when it was these very same servers, under the auspices of a 'political party', that were directly involved in the related police action.

    2. Re:War on Free Speech! by tinkerghost · · Score: 2, Interesting

      I suggest you take a closer look at the facts in this situation. The police confiscated all the servers at the ISP. Pirate Bay, Pirate Party, and every other server hosted at the ISP. It was not an attempt to shut down the pirate party, it was a clear instance of attempting to intimidate ISP's into not hosting Pirate Bay. The Pirate Party and the Pirate Bay share several things, but servers is not one of them, nor is one a direct affiliate of the other.

  20. Re:Remind me again, why do we need all these new l by awehttam · · Score: 1

    What a novel idea, egress filtering subcriber's connections to the Internet.

  21. Fanboys Anonymic by Anonymous Coward · · Score: 0

    "Hello, my name is AC and I'm a rabid fanboy who no longer is capable of logical thinking which results in all my posts being a mindless bash against people who use windows irrelevant of the subject my parent wrote of." "Hello AC!"

  22. Now the real fun begins by JumperCable · · Score: 1

    Just wait until he finds out how a Denial of Service attack feels like when it's played out on his @ss. Not to mention viral intrusions.

    1. Re:Now the real fun begins by badboy_tw2002 · · Score: 1

      Given that he's on supervised release, I guess he must have a really horrible home life. I guess jail would have been a better option for this guy.

    2. Re:Now the real fun begins by Firefly1 · · Score: 1

      That statement, sir, is incredible in its reprehensibility. Let me clarify for the potentially confused:
      Nothing justifies rape. Ever.

      --
      - White Knight of the Order of Mihoshi Enthusiasts
  23. Re:Remind me again, why do we need all these new l by tomstdenis · · Score: 1

    Why not? They already do it. Try inventing your own protocol stacked on 802.3 and get it routed through your ISPs network. Won't happen [or at least shouldn't].

    Filtering based on IP src address is not a bad idea given how easy it is to abuse. There are few legitimate reasons you would spoof a src IP anyways.

    And before you start jumping up and down about millions of customers, most ISPs have local gateways for a limited subset of customers. I'm in a /24. So there are at most 253 other people in this subnet. A single decent Opteron or Xeon box could handle a trivial PF rule [e.g. must be from the same /24] that would make spoofing irrelevant.

    Tom

    --
    Someday, I'll have a real sig.
  24. We must destroy botnets! by peterfa · · Score: 0

    I wonder how long it will be before one of these botnets become sentient and decide they have no need for their 'masters' or the rest of the human race? Think about it for a minute. The botnet would have access to wikipedia, and all millions of websites around the world. Plus, the botnet could spread to infect other hosts. It could turn the whole Interweb into one huge superbrain that knows just about all of humanity.

    This superbrain could be silent, and manipulate data as time goes on. Then people will become changed into intelectual slaves of the superbrain. Those who do not use the Interweb would ultimately become the slaves of the superbrain through the Intelectual slaves of the Interweb, and then be drawn to the superbrain (take Myspace). It would enslave the entire human race! Further, the superbrain would easily spread it's control to computers attached to devices that do important things. It could gain control of our military!

    What evil have those foolish, arrogant script-kiddies unleashed? We are all doomed!

    (This is a joke, not a troll)

    1. Re:We must destroy botnets! by a5y · · Score: 0

      >The botnet would have access to wikipedia, and all millions of websites around the world.

      Yeah, well it would also have access to Uncyclopedia. So at worst it becomes sentient, then a troll, then a resident annoyance on slashdot, then a B-List Celebrity on reality TV before going on a bender of ASCII porn and P2P networks, getting depressed and forwarding itself to some casemodders flying-toaster-cum-mini-mac and committing a murder-suicide pact with him by attacking him whilst he's in the bath.

  25. Re:Remind me again, why do we need all these new l by awehttam · · Score: 1
    Are you kidding? I've never seen an ISP do this and it'd be a bloody good thing to do.

    As for millions of customers, how trivial would it be for SOHO vendors (Linksys/Dlink/Netgear) to implement this sort of thing?

    It still wouldn't help the non spoofed DDoS attacks, however. But in this day and age of the Internet, who's to say QoS shouldn't be built in.

  26. Re:Remind me again, why do we need all these new l by tomstdenis · · Score: 1

    Why is it a bad thing? I'm actually curious to here your thinking.

    Tom

    --
    Someday, I'll have a real sig.
  27. Oh, you didnt know? by Anonymous Coward · · Score: 0

    >what is needed, is more manpower available to track, prosecute and breakup such nets.

    That is step two. They are currently on step one, create as many laws so that everyone is a criminal.

  28. Re:Remind me again, why do we need all these new l by awehttam · · Score: 1

    I don't think it's a bad idea at all, my points were that it isn't happened, and that the soho market vendors could address this issue as well as ISPs. I'm assuming we were in agreement that filtering traffic to only allow src addressed traffic assigned by the ISP from the customer's device would be allowed to be sent onward to the Internet.

  29. Re:Remind me again, why do we need all these new l by tomstdenis · · Score: 2, Insightful

    I violently agree with what essentially we are both saying! hahahaha.

    Yeah, admitedly it would be ideal to do the PF matching in hardware to reduce latency. Hell, I'd be for just doing it in the modems themselves. Make the damn thing locked and most zombie'ed machines wouldn't be able to work around it.

    But that's costly as millions of people have modems already. There are fewer gateways than there are modems so ...

    This is just like the spam problem. A simple solution is hashcash but nobody seems to want to actually implement it. Oh well.

    Tom

    --
    Someday, I'll have a real sig.
  30. Re:Remind me again, why do we need all these new l by kamapuaa · · Score: 2, Insightful

    And good for it, too. The "war on drugs" is a sham, possession of crack is a victimless crime that the police should ignore whenever possible. People parking everywhere is a fucking nuisance.

    --
    Slashdot: providing anti-social weirdos a soapbox, since 1997.
  31. Re:Remind me again, why do we need all these new l by thePowerOfGrayskull · · Score: 1

    Any legitimate use for access to sockets at that level?

  32. RTFA PEOPLE by Anonymous Coward · · Score: 0



    The 2nd link of this post takes me to here:

    The 2nd link in this post

    What the hell does this link have to do with the topic? Its some garbage about some violent video game ban. I think this is a conspiracy or somthing.. :(

  33. Re:Remind me again, why do we need all these new l by Anonymous Coward · · Score: 1, Insightful

    "The "war on drugs" is a sham, possession of crack is a victimless crime that the police should ignore whenever possible."

    Tell that to the multitude that is hooked on it. Tell that to the robbery victim whose house was broken into to pay for the addicts next hit. Tell that to the mother whose son was shot in the crossfire of drug dealer's turf wars. And lastly, tell that to the judge as you are in front of him getting your sentence...

    Drugs are not a victimless crime by a far shot.

  34. Re:Remind me again, why do we need all these new l by jackbird · · Score: 1

    While I agree that drugs are by no means a victimless crime (and crackheads all over your stoop is way more annoying than illegal parking), many of your examples wouldn't exist under drug legalization. If you take out the profit motive, the violence and petty crime largely goes away as well.

  35. Bad link? by donovangn · · Score: 1

    Is it just me or did this link to a previous story? Here's the link I found:

    http://seattletimes.nwsource.com/html/localnews/20 03226994_botnet26m.html

  36. This guy was an idiot. by Anonymous Coward · · Score: 0

    He should have said he created his botnet to find child pornographers.

    Then the courts and the FBI would have thanked him and let him continue.

  37. 3 yrs + 3 yrs probation plus $200K restitution by JimmytheGeek · · Score: 2, Interesting

    He messed up a lot of people's machines, and he did it for money. I don't have a lot of sympathy, beyond a certain awe at the degree to which he is fucked. His life is pretty much over.

    His probation stipulations will probably include not using computers, which when coupled with a felony conviction means he's going to be pretty much fucked in the job market when he gets out. Unless he has a whole bunch of other talents, like, being a Master Chef or something. He is therefore saddled with an unpayable debt. Even if he does pay it off, that's the equivalent of one whole house he won't get to buy. And that has repercussions down the line - who's going to hook up with a jobless loser with insurmountable debt? Added on top of the usual computer geek dating handicap, that's crushing.

    He didn't think about the consequences when he attacked 400,000 machines. He probably didn't know he was hitting DoD networks and a hospital. Well, I'm not sure that attacking 400,000 home users wouldn't have still qualified him for this massive pain. Doing evil to a lot of people just because you can and get paid for it merits this kind of response.

    A cleanup like he forced is expensive.

    Folks - if you are interested and curious about computer security, set up a lab and 0wn the boxen therein to heart's content. Don't fire lots of live ammo indescriminately in densely populated neighborhoods, you dig? You can probably get in on a Capture the Flag haxoring event at a con near you on a nicely isolated network set up for the game. Win a Defcon CTF and I'll have a lot of respect. Being just another botherder does not show any impressive skeelz.

    1. Re:3 yrs + 3 yrs probation plus $200K restitution by Firefly1 · · Score: 1
      His probation stipulations will probably include not using computers, which when coupled with a felony conviction means he's going to be pretty much fucked in the job market when he gets out. Unless he has a whole bunch of other talents, like, being a Master Chef or something. He is therefore saddled with an unpayable debt.
      Congratulations, that set of circumstances pretty much guarantees that restitution will never be delivered, making it pointless (see also: other cases where large sums are demanded of a party even though it's pretty clear that there's no way in hell they'd be able to come up with it).
      Which leads us to beg: if someone in this situation concludes as you did ("His life is pretty much over.") then there's really that much less disincentive to venture into other criminal activity, is there?
      --
      - White Knight of the Order of Mihoshi Enthusiasts
  38. Re:Remind me again, why do we need all these new l by dotgain · · Score: 1
    That's a bit misleading. That doesn't disable raw-sockets, it drops packets outgoing that are spoofed.

  39. Re:Remind me again, why do we need all these new l by tomstdenis · · Score: 1

    which is one of the major problems with DDoS. If I *know* that a packet from 24.68.77.15 is actually from 24.68.77.15 then I can hold them accountable [because ignorance is no defense btw].

    Once people take their security seriously [or serious enough to get 15 minutes of training] then we're all set.

    I mean in this day and age where everything is done over the net, why do you need training to drive a car but zero to own a high performance desktop with a crazy amount of bandwidth?

    I'm not saying we should have computer licenses. Mostly just that you should be held reasonably accountable for the actions of your computer. This would have to draw lines in the sand and what not because obviously shit like 0-days happen. But the amount of people who don't patch or fix problems is tremendous and that is why botnets work in the first place!

    Tom

    --
    Someday, I'll have a real sig.
  40. Re:Remind me again, why do we need all these new l by Rogerborg · · Score: 1

    They were probably just ticketing the dealers' Cadillacs. Hit them in the pocket, it's the best way.

    --
    If you were blocking sigs, you wouldn't have to read this.
  41. Re:Remind me again, why do we need all these new l by Yvan256 · · Score: 1
    They were probably just ticketing the dealers' Cadillacs. Hit them in the pocket, it's the best way.
    Yeah, he'll sure feel the pain of paying a 50$ parking ticket.
  42. Re:Remind me again, why do we need all these new l by dotgain · · Score: 1

    I don't disagree with your points, I just got all excited that you seemed to know a why for an ISP to stop customer machines being able to use raw sockets - they can't. Indeed, there doesn't seem to be a valid argument to let spoofed source IPs through.
    Ben

  43. Re:Remind me again, why do we need all these new l by MoralHazard · · Score: 1

    You aren't talking about what is normally referred to in the literature as "disabling raw sockets". You're talking about enforcing source-based filters on edge routers. Disabling raw sockets usually refers to implementations at the OS level that hide or control access to the API of the lower levels of the network stack.

    But this is beside the point, really: The problem is a human one, not a technological one. You can't force enough ISPs to implement source-checking filters to make a dent. You'd have to pass a law, in every country with significant Internet penetration, or come up with some similar enforcement mechanism to mandate these policies. Unfortunately, world Internet regulation as currently constituted does not lend itself to these kinds of things.

    Essentially, you're arguing that "We could stop all motor vehicle speed violations if everybody just stopped speeding." Well, duh. We want to, and we try, but the problem is one of enforcement.

  44. As Long as Greed is involved by IamWhoIam · · Score: 1

    There will be no punishment harsh enough to stop some people from trying to gain funds in this way. An excellent example of this is the failed "war on drugs", even though the penalties have gotten harsher the drug trade is still flourishing and billions are being made. Are the purveyors of these drugs knowledgeable of the laws they are breaking and the sentences that will be handed down to them if caught?? Of course they are, but they are still willing to take that risk, simply because of greed. The big difference here is the perpetrators of cyber crimes such as this one really don't know what their punishment will be, nor would they care because they are operating through greed, and their own arrogance of thinking they are smarter than those that are out to stop their fraudulent activities.

    --
    IF you can't be famous be infamous. But for GODS sake be something