Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chinese Worm Creator Gets High-Paying Job Offer In Prison

Posted by Zonk on from the now-i-see-what-it-takes dept.

martinsslaves writes "The recently imprisoned creator of China's worst computer virus ever (worm.whboy) has now been offered a job paying millions of yuan from his prison cell. He's actually been offered several, and one of the companies that has offered him the position of Technology Director was actually affected by his virus. The General Manager there now believes the virus writer may have just been 'led astray'. The media is reporting that author Li Jun originally wrote the virus due to frustrations over being jobless. 'So far, about 10 network companies across the country have offered jobs to Li, whom they regarded was a "precious genius," the report said citing Li's lawyer Wang Wanxiong. Li's cyber bug, which earned him about 145,000 yuan after selling it to other hackers from December 2006 to February this year, can prevent infected computers from operating anti-virus software and all programs using the "exe" suffix.'"

11 of 148 comments (clear)

  1. This used to happen in the US by kill-9-0 · · Score: 3, Interesting

    In the 80's if you got caught hacking, you might get some jail time, and get your gear confiscated, but often you were also offered a job.

    --
    Liberalism...the next best thing to thinking.
  2. Oh god... I predict "resume spam" soon by erroneus · · Score: 4, Funny

    The more people like this get tremendous job offers, the worse I see things getting since they are ultimately being rewarded for their behavior.

    To that end, instead of "stocks" in images and PDFs, I predict the next round will be resumes flying around!

    1. Re:Oh god... I predict "resume spam" soon by scubamage · · Score: 3, Insightful

      Are you kidding? This is HOW security comes into being. If no one compromises security, exploits holes, and shows people the errors that exist they will never get patched. That is why black, white, and gray hats exist. Its like yin and yang. Devs write something, black hats find holes, and the white hats fix it. If they can do it all in house, everyone is better off. Whose the one really to blame, the company who writes the shoddy software with gaping holes in it, or the guy who walks in through those holes?

    2. Re:Oh god... I predict "resume spam" soon by Jarjarthejedi · · Score: 4, Insightful

      Better yet let's be a little more specific. Let's ask victims of lock-picking burglars who were caught (the burglars) if that burglar should be offered a job making sure that other, uncaught, burglars can't pick the locks of that company any more?

      I'd feel a lot safer if a burglar who was extremely good at lock picking was unable to pick the locks I was using. Same goes for security, if you have someone who is a professional hacker trying to penetrate your system you're going to find problems a lot faster than if you just have another White Hat, whose more concerned with patching holes than finding them, looking around.

      --
      There are two kinds of fool One says 'This is old therefore good' Another says 'This is new therefore better'- Dean Ing
    3. Re:Oh god... I predict "resume spam" soon by jollyreaper · · Score: 4, Funny

      The more people like this get tremendous job offers, the worse I see things getting since they are ultimately being rewarded for their behavior. CEO's get rewarded for ruining companies, isn't it time the same courtesy is extended to the IT set?
      --
      Kwisatz Haderach
      Sell the spice to CHOAM
      This Mahdi took Shaddam's Throne
  3. Maybe not so new by east+coast · · Score: 4, Funny

    From the blurb: Li's cyber bug, which earned him about 145,000 yuan after selling it to other hackers from December 2006 to February this year, can prevent infected computers from operating anti-virus software and all programs using the "exe" suffix.'

    Navidad did kind of the same thing but it seems to be a coding mistake more then the intended purpose of the virus.

    Just for the record: I didn't read the article.

    --
    Dedicated Cthulhu Cultist since 4523 BC.
  4. well yeah by circletimessquare · · Score: 4, Insightful

    the only real way to ensure security is to have it constantly challenged. that's a job. and this guy did a good job of doing that. thus, he earned the income

    which means 2 things:

    1. there is no security in an environment where the security doesn't get challenged and defeated every now and then. or get's challenged, and the fallout kept secret

    2. go ahead and make virii and worms. just make damn sure the payload is harmless or simply annoying. if the worm this guy wrote did something really nasty, you can be sure he wouldn't be getting kudos and job offers

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
  5. Re:Pfft by Applekid · · Score: 4, Informative

    and all programs using the "exe" suffix. so.... how did windows boot?

    IIRC, the virus modified the registry entries which tell Windows how to handle .exe files. Booting up is fine. Once the system's up, every time explorer tries to launch an .exe, Windows wound up checking the registry for what it should do with the file. The registry modification removed the "magic" that told it that it's an executable.

    I remember at work someone convincing me it was a good idea to copy the .exe registry class into another one, say, .myinitials, so if the .exe registry settings got clobbered I could always rename regedit.exe to regedit.myinitials and fix it.
    --
    More Twoson than Cupertino
  6. The Chinese will learn, too, eventually... by Opportunist · · Score: 5, Insightful

    The "West" learned in the 80s. You do NOT want those people in your security department. Yes, they have the skill, but they don't have the ethics. And that's the big deal here.

    You will not get a job offer here for writing a virus. No reputable IT sec company will touch you with a 10 foot fiber cable. Yes, you obviously have the skill, but you lack the morals not to use it for what you've done.

    What is really lacking in today's IT world is lectures and courses about the topic. Do you see many universities teach you something about malware? How to exploit a system? How to look for security holes? Yes, very controversial topic, but it's necessary. I mean, where are you supposed to learn that? Self study takes a long, long time, time you don't have in today's IT sec world where what you learn today is dead weight in a month. And, well, self study is usually only done by people who have an interest in applying that knowledge, and rarely for good...

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  7. Offered a job for your crime by craigkup · · Score: 3, Interesting

    It's like you robbed a bank, but you did it so well the bank wanted to hire you as security to protect them.

  8. Re:Pfft by dcollins · · Score: 4, Funny

    Dammit. Screwed again.
    - Eugene Xavier Edwards

    --
    We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes