Slashdot Mirror
The Teen Malware Career Of Marcus Hutchins (itwire.com)
Slashdot reader troublemaker_23 writes, "A number of security researchers have dismissed an article by reporter Brian Krebs about Marcus Hutchins, the Briton who is awaiting trial in the US on charges of writing and distributing the Kronos banking malware, by pointing out that it has nothing to do with the case." An anonymous reader writes:
Krebs investigated dozens of hacker forum pseudonyms, concluding "The clues suggest that Hutchins began developing and selling malware in his mid-teens -- only to later develop a change of heart and earnestly endeavor to leave that part of his life squarely in the rearview mirror." Krebs believes 15-year-old Hutchins registered a domain he'd later advertise as "mainly for blackhats wanting to phish," and in 2010 may have filmed YouTube videos about password-stealing malware. Krebs says the early activities are "fairly small-time -- and hardly rise to the level of coding from scratch a complex banking trojan and selling it to cybercriminals," though he believes Hutchins moved on to advertising exploit kits, password-stealers, and bot rentals.
Krebs also talked to 27-year-old Brendan Johnston, a friend of Hutchins who did time in prison in 2014 for selling Trojans, who "said his old friend sincerely tried to turn things around in late 2012... 'I feel like I know Marcus better than most people do online, and when I heard about the accusations I was completely shocked,. He tried for such a long time to steer me down a straight and narrow path that seeing this tied to him didn't make sense to me at all." Krebs stresses that Hutchins didn't try to hide the fact that he'd written malware, "which in the United States at least is a form of protected speech." And his essay concludes, "Let me be clear: I have no information to support the claim that Hutchins authored or sold the Kronos banking trojan."
Symantec's former cybersecurity czar Tarah Wheeler has now set up a new legal fund after it was discovered that most of the online donations to Hutchins' previous defense fund came from stolen or fake credit card numbers. Hutchins returns to court in October, and the new fund has already received more than $16,000 in donations from more than 200 contributors.
Krebs also talked to 27-year-old Brendan Johnston, a friend of Hutchins who did time in prison in 2014 for selling Trojans, who "said his old friend sincerely tried to turn things around in late 2012... 'I feel like I know Marcus better than most people do online, and when I heard about the accusations I was completely shocked,. He tried for such a long time to steer me down a straight and narrow path that seeing this tied to him didn't make sense to me at all." Krebs stresses that Hutchins didn't try to hide the fact that he'd written malware, "which in the United States at least is a form of protected speech." And his essay concludes, "Let me be clear: I have no information to support the claim that Hutchins authored or sold the Kronos banking trojan."
Symantec's former cybersecurity czar Tarah Wheeler has now set up a new legal fund after it was discovered that most of the online donations to Hutchins' previous defense fund came from stolen or fake credit card numbers. Hutchins returns to court in October, and the new fund has already received more than $16,000 in donations from more than 200 contributors.
I'm sure the MPAA would like to categorise Kodi as malware, and the RIAA would have done the same for Napster.
I'd like to categorise the telemetry in Windows 10 as malware...
Where is the line drawn, and who gets to draw it?
This sig left unintentionally blank.
have rejected the death penalty for all crimes except the very most serious.
And yet murderers, mass murderers, rapists, child rapists, and many others are not executed but instead coddled for decades at the taxpayer expense.
Obviously society doesn't consider any of the above as serious crimes or these criminals would be executed. And before you bring up the tired, "Capital punishment doesn't deter crime", it's not about deterring crime. It's about getting rid of people who have chosen not to live within the bounds of a civilized society and not murder or rape others.
There's actually a mathematical difference between systems which allow only up-votes, vs systems which allow both up- and down-votes. With an up-vote only system, if a sufficient number of people think a post is insightful or interesting, it ranks high.
People mistakenly think an up/down-vote system results in fairer results. Not necessarily. It gives results which conform to the group's biases. The problem arises when the population of people likely to down-vote a post is highly disproportionate. The example I always used (to avoid political bias) is Linux vs Windows. Windows has approximately 100x more users than Linux. Imagine there's a search engine which allows users to vote search results up or down based on how useful they are.
Say a search for "how to partition a drive" gives a bunch of results for partitioning in Windows, and one result for partition in Linux. Say 1% of all users are idiots who will unfairly down-vote something just because they don't like it. So the up/down votes work properly for the Windows results. But the Linux result? Well, the 1% of Windows users who down-vote it because it isn't relevant to them (even though it's their own fault for not specifying "Windows" in the search) will exceed the number of up-votes it gets from Linux users unless every single Linux user who finds it useful up-votes it. And as a result the Linux site will be ranked as not useful, even though it's incredibly useful for Linux users (almost all of them up-voted it).
So an up/down-vote system ends up more representative of the population, but it also ends up reflecting the population's pre-existing biases. Basically it'll be rife with confirmation bias unless all the users are diligent about not down-voting just because they disagree.