Slashdot Mirror
Melissa Virus Suspect Confesses
rcade writes "Melissa virus suspect David L. Smith 'admitted to investigators that he created it and then destroyed the personal computers he used to post it on the Internet,' according to court papers turned up by the Asbury Park [NJ] Press."
If Microsoft shipped Windows 2000 in a form that wouldn't boot, or wiped the hard disk every third day, not a single user would have any rights to complain.
In fact, if Windows 2000 e-mailed confidential company information to every competitor with an e-mail box, those users could still not raise a fuss. They have no rights. And even fewer, with the new software legislation that's going through.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
I see even classic Slashdot is now pretty much unusable on dial up anymore.
I use attachments to send text and binary files. What I usually know about the destination is the email address, not an IP. In this circumstance, how do I use FTP as a replacement for an attachment?
It is no longer "free" for external E-mail to be down. Down E-mail = unhappy customers and (potentially) lost sales. I suspect the customers who received Melissa from us are very unhappy indeed.
Yeah, Outlook sucks, and we should have been using open software. Tell that to the PHBs who like scheduling meetings, filing their nails, and slicing french fries with their mailer. Meanwhile, my company lost time and money because of Melissa, and I very much doubt we're the only ones.
A business case can be made for that. For example, at my company, we work with remote developers, investors, and partners. My boss gets very pissed when the server here gets hosed, or the relay hosts go down, or the pipe gets clogged, or the big router we're homed on throws a fit and spits out an ATM card.
If we're waiting for confirmation on a contract from Intel, say, or waiting for a conference call time sent via email by one of the overseas investors, or a follow-up from a developer re. a bug fix to code that needs to be out this afternoon, and the developer is in Taiwan. Well, that can cost us money.
"shop smart:shop s-mart" ash
The Unibomber left blocks of wood with nails sticking out behind cars. People saw them an thought that it was to flaten car tires. They of course blew up as soon as people touched them.
Did they trigger the bomb! YES
Are they at fault. NO of course not.
So those silly people who use MS software might one day lose a hard drives worth of data. They would be to blame for losing the data. That doesn't make this guy any less guilty.
BTW.. Should Microsoft be called in this case to answer for their shoddily built OS, Office Software, and mail client? YES
Linux is only free if your time has no value. Windows is only free if you threaten to use Linux.
They use the seized equipment not just as evidence, but as leverage against the suspect ("we have your stuff, cooperate and you can have it back").
Same technique used in The Hacker Crackdown
Linux is only free if your time has no value. Windows is only free if you threaten to use Linux.
At any rate, it's not in the job description for the cops doing the raid to know about computers - that's for the eggheads in the lab. (And hopefully the prosecutors, or someone advising them, who are pressing the case.) I don't care whether my cops think the CD-ROM drive is a cupholder, so long as they know one end of his sidearm from the other.
--
Do I look like I speak for my employer?
At any rate, it's not in the job description for the cops doing the raid to know about computers - that's for the eggheads in the lab. (And hopefully the prosecutors, or someone advising them, who are pressing the case.) I don't care whether my cops think the CD-ROM drive is a cupholder, so long as they know one end of their sidearms from the other.
--
Do I look like I speak for my employer?
I'm just saying that the modern day script kiddie (even though he's like 30...) is in a symbiotic relationship with computer users (and that term is loosely used here).
Thousands of crimes are made possible because of foolish, ill-advised, or insecure behavior by the victims. Should we let a car thief kiddie go because a driver made the decision to leave his keys in the car and the motor running?
Rogers Cadenhead (Web: http://www.cadenhead.org/workbench)
Big Businesses seem to love sueing people when they have problems they can't explain.
... And of those, the people who were not trained about their business machines were already a liability to their business (re: the stupids earlier on Slashdot).
"But these Microsoft marketting people told me NT was good, so I told my IS and IT managers to use it.. Now this! We mu sue!!!"
Disgusting!
1) I never noticed any slowing of the internet as a whole (whereas the sendmail worm of the 80s affected actual network speeds all over the Darpa-net).
2) Postfix MTA didn't receive one mail with a doc attachment. It if had, it would have at least done something sensible like message me whens everal thousand outgoing emails started happening.
3) Clueless IS people who don't notice the network bandwidth is being eaten by hundreds of thousands of SMTP trasnfers should be fired.
4) Netscape Communicator mail, PINE, and Eudora all have no problems with this (I use them, millions of others do).
The problem only affected a fraction of the "true" internet population, because not many people use Outlook 9[78]
I hope Businesses grow up about responsibility, perhaps by demanind service contract, or perhaps by listening to their technical staff.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
- Low end: $20/hour * 2 sysadmins * 8 hours * 3 days = $960
- More realistic minimum: $100/hour * 2 sysadmins * 8 hours * 3 days = $4800
The $100/hour includes benefits, employer's taxes, and other things which don't show in a wage. This assumes only 2 sysadmins (plural was used by original poster) and does not include other losses, such as recovery of damaged documents and employee time lost while machines being cleaned.A felony is often based on dollar value of loss. Depending on jurisdiction, $4800 is generally well above the felony minimum. And this is just one company.
Say "Thanks, Bill" everyone!
If people tried other software packages, it wouldn't spread so fast, like...
FreeBSD! and elm.
George
wonder how he destroyed them... format or burn?
Other involved parties:
--
Interested in XFMail? New XFMail home page
I wonder what apartment he lives in. It would be
interesting to have a chat with him about this whole mess he has gone through. Not that I don't
think he deserves every bit of it, but it would
be interesting to get his real perspective.
I wonder if they took his extension cord as "evidence" also... The floppies and writable CD's I can understand their taking in order to determine whether they contain evidence, but *cables*??
;)
Apparently anything even vaguely "computer" is fair game when searching the lair of a "hacker". I wonder if they take the car-vac along with the car when they bust a getaway car driver.
Geeky modern art T-shirts
Fine for Melissa, but how about the Excel vulnerability? This was finally patched a few days ago (HP just sent me a patch notice yesterday), but its been around at least for weeks, some say years.
This one is the "Good Times" nightmare in reality. The act of opening mail (not the attachment, the mail) is sufficient. It can also be implemented as a web page that destroys your computer on viewing. All because Microsoft never considered that an embedded spread sheet might contain malicious programming.
I agree users do have to take responsibility for their actions, but that doesn't mean Microsoft isn't negligent sometimes.
Jim
You could use a public FTP directory, for files which aren't terribly confidential. Places like wuarchive.wustl.edu come to mind (but I could be way off on the spelling or the status of that one).
The difficulty I see from where I sit is in dealing with a corporate firewall
Yes, there are ways around e-mailing attachments, but I know lots of users (and IT managers) who look at the alternatives and ignore them.
--
QDMerge 0.21!
how to invest, a novice's guide
""Smith admitted, among other things, to writing the 'Melissa' macro virus, illegally accessing American Online for the purpose of posting the
virus onto cyberspace, and destroying the personal computers he used to post 'Melissa,' " Bubb wrote"
"Posting onto Cyberspace" is as valid in this case as "making the men not quite well feeling" would be in a murder case, except less so since "cyberspace" is not a valid term for email..
Also:
" on April 1 that central processing units from two computer systems had been removed. Police seized the remaining components of the systems, including power cables, monitors, monitor cables, floppy disks and writable CD-ROMs."
I'm reminded of the people who hit enter, intstead of letting wordwrap handle their comments on Slashdot.. The central processing units led me to bevlieve they had found two complete cases, with motherboards, expansion cards, power supplies, etc, except with the CPU socket empty.. Oh, no. The "monitor, monitor cables" (yes, monitor cables are somehow important evidence, they could've just siezed the HD) "floppy disks and burnt CD-ROMs."
Where are the HDs? Where are the expansion cards, etc? I think these st00pids meant the computer was removed from the peripherals. Sad. Pathetic. I hope this kid gets off scott free.
Certainly, their evidence gathering "methods" must have at least destroyed the evidence itself. I'd personally convince one of them (people who watch the evidence) to have a bulk demagnetiser around the "CPU" all the time to stop the viruses jumping to their systems.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
You'd think they would at least prosecute MS.
"Do you admit that you sold these products to businesses that were crucial to the infrastructure of America, and yet did nothing to enforce or even implement the basest security of Macros, Mr. Gates?"
It's a bit like, do we prosecute the person who sold the gun to the kid, out of spite, or do we get off of our duffs, and go make guns illegal (or at least harder to own). Which would save more lives, and ultimately make more sense?
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
It takes preparation and artifice to use this "transfer zone" option. Hoi Polloi won't bother. (I won't bother either because I insulate myself from ActiveX. Now watch somebody bite me with a Netscape hack ;^) ).
I'm still unclear on whether this guy actually sent out this virus to anybody's computer, or whether he just posted it to Usenet and waited for people to download it. If the latter happened, it seems it would be arguable that he didn't do any damage at all. I'd like to see someone post a similarly virulent macrovirus to Usenet, with clear warnings that "This is a worm", with the actual code commented out so the Usenet post doesn't hurt anyone accidentally, but with effects that are tempting enough to script kiddies that a million people are infected the next week. If you write malicious code, but someone else uses it, whose fault is it?
My understanding of the situation is that the guy was identified by the Word ID on the most common melissa-infected document that circulating the internet, and that there are records of him posting the infected document to usenet.
What a lot of people have overlooked is that this does not necessarily mean he created the virus.
This is a Word macro virus and like other Word macro viruses it infects the system such that all new documents created are infected with the virus. The new infected documents don't automatically get mailed out, unless you send the document to people who are not already infected, in which case they will automatically mail out YOUR document, not the document that originally infected you.
Such is the nature of viruses: they get spread by people other than the person who created it.
It is conceivable that a person could unknowingly contract the virus from someone else and then simply be the first infected person to post to such a widely accessable location as alt.sex.whatever, thus causing their infected document to spread exponentially faster than any other infected document. If you create a new document it would have your ID. If you are infected it would have the virus. This is not the same thing as creating the virus.
I'm not saying the guy didn't create the virus (they say he confessed) I'm just saying that finding the person who created the most widely spread infected file and assuming that they created the virus is a dangerous precedent. If the Word ID and upload records is sufficient to convict a person of creating a virus, then anyone who's ever been infected and unintentionally spread a virus can be charged for creating it, if their infected file gets enough distribution.
So he created a macro that tells another piece of software to do something bad.
Well if I tell anyone to go kill someone, and they do so, I wouldn't be the only one to face court actions would I ?
Dumb is, as dumb _does_.
I tell people on a regular basis, that I don't understand why so many people (including them) put up with systems that willingly will destroy everyting they work on. And get this, I either get blank stares, or some muttering about nobody wanting to switch to Linux....
Hell, if MS Word or any other product with just as little notion of security was ported to Linux, that would be just as bad. But why the fsck does people fail to see that security is just as needed in applications as it is in operating systems and front doors ?
I don't run netscape as root either. And my seti@home clients run with their own UID.
It all boils down to, if the source ain't open, you don't know what you got.
But I'll be the first to sell you the Eiffel tower if you tell me people will realize this.
Unabomer.
this guy was obviously good with computers... he made one of the "best" virus's of yet. he made use of holes in micro$ft, so he had to know a bit about micro$ft.. he probably knew about the id tags, and when he was arrested he waved his rights and flat out admitted to doing it!! the guy just wanted his 15 min.
dont_forget
There were a number of damaged systems and networks across Lake Washington as a result of this, not just Microsoft itself. But none of those companies wanted to publicize their vulnerability.
Even a few firms in Seattle proper were hit.
Will in Seattle
This event has shown that writing viruses is no longer reserved for highly skilled crackers with a great deal of time. Hinting at another post, I would compare the skill required to write (or modify) a macro virus with that of a good car stereo thief. The difference is that even the best car stereo thief has to steal one at a time. Why waste your time when you can bring down all the computers in corporate America? During the panic you might be able to target a vault or something...
This could become an extremely serious problem. Microsoft will not lose profits, however, until the public can understand the issue. But that will never happen. Like Y2K, it just doesn't make sense to most people.
- "Will my PC stop working in the year 2000?"
- "No."
- "Then what's this Y2K thing?"
- "Some programs store only 2 digits of the year to save space. Those programs may interpret the year 2000 as the year 0. Since 0 will come after 99, some date-related calculations will be incorrect. Their may be hiccups in deliveries, payments, interest rates, bank accounts, and public utilities."
- "But 0 doesn't come after 99. How come the programs can't just figure that out?"
- "Computers can only perform calculations, and in general cannot adapt to special situations unless they have been programmed to do so. That's why there are so many people reprogramming the computers."
- "It's Microsoft's fault, isn't it? Windows always crashes for me."
- "No, Microsoft doesn't have much at all to do with it. Microsoft has dominated personal computers but not the older servers and mainframes, where the problem is."
- "So who would make a computer that crashes just because the date changes?"
- "Well, in general it's not the computer that's incorrect, it's the software. A lot of programmers didn't believe their programs would still be in use when we switched to the 21st century."
- "Microsoft released a Y2K patch for Windows. If I don't get it, will my computer stop working?"
- "No. Certain older components of Windows will display the year as 00 rather than 99. On the other hand, you do need to make sure you have the latest software updates if you run financial or other date-sensitive software."
- "So does that mean my PC will stop working in the year 2000?"
Arghhh...
And if the person trying to steal your unlocked car is caught, they're arrested for stealing. It's the same thing. This guy was intentionally trying to cause damage, and he was caught. He should go to jail. Just because you leave your front door unlocked, that DOES NOT give anyone the right to break in. Get a clue.
A friend of mine once observed that the purpose of locks is to keep honest people honest. Most car thieves can get into a locked car no problem - as another friend of mine learned a few months back with a brand new car.
If I leave my house unlocked, and someone goes in and take things without my permission, they are still guilty of theft. The fact that it was easy doesn't make it right. From a practical point of view, I am being stupid, but from a legal point of view I am in the right.
So I don't really buy all this. The insurance company should realize that car theft is still possible without the keys (and probably simpler as the break in equipment is standard but the keys are custom made).
As for unlocked cars, a third friend of mine used to do this all the time and just left nothing valuable in the car. Worked great for him, although to be fair the car was an orange '73 volvo wagon!
You will not drink with us, but you would taste our steel? - Walter Matthau, The Pirates
I wonder too.
But I also wonder why he'd have all the rest of the equipment just gathered at/on a table in his apartment. I realize that he wasn't necessarily expecting the police to come search his apartment, which would be a reason why he could leave it just sitting out in the open, but I'm thinking that if I had done what he did, I would certainly have destroyed all the evidence that I could possibly destroy. i.e., _all_ of the equipment, floppies (or at least reformatted them), the CD-Rs, etc. or, if not, I'd certainly re-employ them, so that they weren't lying around suspiciously, saying "look at me, i'm just sitting here with no cpu. wonder why?" then again, I could be way off here, but I'm thinking that if he wanted to ensure that he wouldn't get caught/be arrested, there were steps that he could have taken that he didn't. oh well, it's no worry on me..
Insert mind here.
The HR office would take the biggest hit.
Imagine coming to the realization, after your network and mailservers exploded, that 50% of your workforce are complete idiots and would have to be replaced.
That's a ton of firing and hiring. You'd have bring in extra hires just to handle all the firings.
-kabloie
Unabomber
If you're going to correct someone, do it right.
yes we should let that kid go.. why should we waste tax money on an idiot that left the keys in his car with the motor running.. the government should have attacked mircro$ft for incompetent software, and left mr. smith alone.. after all his virus didn't cause that much damage.. maybe a few server went down, but that was the system adm. fault FOR BEING AN IDIOT!!
dont_forget
Antivirus software is to Windows, what rubber is
to Aids. Abstinance is the true solution.
While the guy may be guilty for writing a virus
the "incredible ease" with which it spread should
come under scrutiny.
Go after the mother of all "clickers".
What do you want to contract today?(tm)
I can assure you that none of this was 'turned up' and it had to be a press release or a planned and structured 'leak' to the Park Press. This is a local paper and let me tell you definitively that they are the equivalent of a fourth grade class newspaper and do not know the meaning of investigative reporting. Hmm wait a minute...they just may be able to figure out the origin of tech-vests if pushed enough...the mall is rather close to them ;-).
This paper incidentally has come out in favor of govt. regulation and censorship of internet content many times. They are a reprehensible source of 'news'.
You must be a Microso~ user because you obviously don't have the ability to understand a thread. Q is not whether he was a thief or not. Q was whether an ins company would pay you for a stolen stereo if your car had no locks on the doors. go click some more
Ask me if I'm a truck.
:)
(Hi, Dee
My point was simply that I think it's about time we ALSO started looking how software makers are being negligent. They do not respond to vulnerabilities in a timely fashion and there doesn't seem to be very much will to release a quality product. Software seems to be the only industry where this is not only tolerated but expected.
--- Tao
- Low end: $20/hour * 2 sysadmins * 8 hours * 3 days = $960
The $100/hour includes benefits, employer's taxes, and other things which don't show in a wage. This assumes only 2 sysadmins (plural was used by original poster) and does not include other losses, such as recovery of damaged documents and employee time lost while machines being cleaned.More realistic minimum: $100/hour * 2 sysadmins * 8 hours * 3 days = $4800
Okay, so it did "cost" something to clean up Melissa. But in this case we have someone to blame. What about when the Exchange Server "just" fails and it takes 2 weeks to get it running again. Is that a felony? Car manufacturers are held liable when a defect, for instance, causing the gas tank to blow up. Not that I'm saying that car manufacturers *shouldn't* be held liable, but why not software manufacturers when their products fail for "reasonable" causes?
I don't think Smith intended to shut down the whole world with his virus. In fact I don't think he intended to cause any damage at all. No payload, remember? He was like a driver on the freeway, who, of no fault of his own smashed into another car, where upon the "gas tank" blew up.
Just as a car manufacturer is liable even though the buyer had a reasonable ability to not buy the car, even though they made their bed and slept in it, I think that software manufacturers should be held to the same standard. Software monopoly aside, I understand that Microsoft stated in the license agreement that the software shouldn't be used in "mission critical" environments and therefore shouldn't be held liable. However, Smith didn't guarantee that his program was free of "defects" either, and the user *did* have to accept his program, just as they had to accept Word 97.
In this case, I think we should find Smith not-guilty for anything more then we'd find a virus writer guilty that didn't affect any PC's. However, I think that we should hold Microsoft liable in this case for producing a product that had a known possible defect. Office97 should be "recalled" and Microsoft should be found guilty to the fullest extent of the law.
Just as it wasn't the buyer of the defect car, nor the driver of the other car, but the manufacturer that is liable for gross negligence, in the same way it should not be the buyer of the product, or the virus writer, but the manufacturer of the software that should be liable for gross negligence in developing the product
-BrentAnd your sources are? Damaged being...? damaged a network? How did a macro virus shut down routers, bridges, dhcp, ras, dns and all the other services/equiopment that make up a network? If this virus was to be damaging, all that would need to be done is to clear the store. At the most restore from tape. Who said anything about the only company in lake washington being Microsoft? Aren't they in redmond? And the world was affected by this virus not just lake washington!
I read the article, and it wasn't clear to me at all.
...central processing units from two computer systems had been removed.
So the guy "removed" his CPU.. "removed" it from where? his desk? This implies to me (and obviously to the original poster) that just the CPU chip was removed. Otherwise, it's not a computer system, is it?
I have a right to program any damn thing I like on my computer.. I don't have to right to release it into the wild.. that is what this moron did.
How we know is more important than what we know.
These implementors DO take responsibility for their security bungles "oops.. you found a bug eh.. ok.. we'll fix that" vs microsoft "There is no bug, there never was a bug and there never will be a bug.. what bug?" and since the first day they said it virus authors have been trying to convice people that they are lying. When win95 came out the marketing guys at microsoft quickly jumped on the bandwagon of "There's no viruses for win95.." which quickly became "win95 is virus proof" which is just a blatantly lie because the first win95 virus was written before win95 was even released (thanks to the win32 subsystem for win3.1). The problem is not that virus writers keep writing viruses.. it's that no matter what happens, people don't learn from their mistakes.. Microsoft _is_ to blame.. that's what virus writers are trying to say but no-one appears to be listening.. so many of the old skool virus writers have just given up because of that.
How we know is more important than what we know.
No-one cares.. no-one stands up and points the finger at Microsoft and says "how dare you endanger my system?" so the virus author tries to make you take notice.. "I'll write a virus, it will spread all over the world, get on the news and everyone will say 'how could microsoft let this happen?'" but that doesn't happen.. people take it as given that Microsoft originated bugs will always exist and they are not at all responsible.. the virus writer is evil.
How we know is more important than what we know.
In the UK it is illegal to write viruses.. that is the only country on earth where it is. Reason: I have the right to program anything I wish on my computer. Here in Australia it is illegal to deliberately infect a computer with malicious intent.. this does not include posting it onto usenet or giving it to someone to run.. you have to be caught actually putting the executable on the machine and running it (and perhaps drooling from the mouth and saying "oh.. I'm gunna get this guy").. in the US the laws are a little worse.. you have to answer charges if you distribute a virus in non-source (ie.. ready to roll) form even if you never intended for the code to ever be run.. The legitimate way to transfer viruses is in source form or, for analysis purposes, with a non-executable extension inside an archive with clear documentation.. most common way is the name of the virus with the last letter of the extension underscored: CIHv4.EX_ inside a zip with a README file explaining that this is an infected binary.
Posting a virus to usenet as "hotfuck.exe" with a "run me, run me, run me" message is not only stupid, it is blatantly obvious.
How we know is more important than what we know.
Bring on the marshmallows while they burn this poor slob at the cross! Ya ain't seen nothin like this since Salem and, more recently, those non-stop laugh-riot KKK barbecues!
You KNOW it can't be Microsoft's fault that their OS and mailers are completely insecure, since they are super successful and make lots of money.
I love AMERICA! Isn't that the American dream? To make enough money that you are invincible?
Sure, its caused annoyance for quite a few people, but I have lots of software on my computer that annoys me.
If Microsoft, or whoever, puts a feature? in their software that allows remote execution of arbitary code on that system, then, at the very least, they should publish a clear warning on the packaging of the product that states this. In this case, its not a bug thats being exploited, its a published and documented interface.
I see absolutely nothing illegal about using these features, and, since the user of the software doesn't 'own' it anyway, they have only 'licensed' it from Microsoft, doesn't that mean the only one who should be able to 'sue for damages' is Microsoft?
And, as one poster stated earlier, if you leave the keys in the ignition, how can you reasonably expect your car to stay in one place?
My 2c
-Pete
I gots ta ding a ding dang my dang a long ling long
You said mainstream media..... Were you refering to MSNBC? Or just the other companies that MS feeds lots of money to through the advertising budget. "Where do you want to go today?"
police told Smith his Miranda rights, but the defendant voluntarily waived his rights and chose to speak, Bubb asserted. At that time, "Smith admitted, among other things, to writing the 'Melissa' macro virus, illegally accessing American Online for the purpose of posting the virus onto cyberspace, and destroying the personal computers he used to post 'Melissa'
They make it sound like the cops sat down and had tea while discussing this...
I imagine his "voluntary waiving" of his rights went something like "OWWW!!! Why do you keep hitting me? OWW!!! That hurts! Quit it! OK, I'll confess if you stop hitting me! Just Please stop!"
Picky, picky. Email servers shut down, networks flooded, smells like "damaged a network" to everyone except netgeeks. Doing a full restore and clean wipe on all your email servers for a full day sure counts in most people's books as a "damaged network".
My point being that the US did not get off scot free and the damage was WORSE than was admitted to in public. I'm basing this on a number of friends who admitted the same while the public perception was that they were ok.
Redmond is just one of the cities across the water from Seattle. Kirkland and Issaquah are some of the others.
Try reading the post I was replying to before posting as an AC next time.
Will in Seattle
Yeah, sure. Right after he admitted to throwing himself down the police station stairs, and beating himself up while alone in his cell.
Consciousness is not what it thinks it is
Thought exists only as an abstraction
So, ummm, you're saying that the authors of Sendmail should be liable for any security holes that result from its use? You're saying that the developers of the crippled exploit-prone NFS implementation on Linux (so bad that Linux advocates advocate people use SAMBA instead of it, even on all-Unix networks!) should be liable for any security holes that result from it in use? Sounds like that list of developers RedHat used to give out stock deals should be held onto by the Department of Justice, just in case it's needed . . . .
who actually uses macro's anyways? Stupid feature.. it's a word processor people.
How we know is more important than what we know.
You haven't seen any of the bad press, all the carping and whining by anti-Microsoft~1 columnists that resulted from Melissa? You should broaden your horizons and read a wider range of the media. Freshmeat and Slashdot aren't the whole world.
Yeah, Outlook sucks, and we should have been using open software. Tell that to the PHBs who like scheduling meetings, filing their nails, and slicing french fries with their mailer. You're right. There should be no collaborative features in any email software. In fact, the Unix mail command should be good enough for anybody. Abolish all of those 'creeping features' in software, and make the job of the sysadmin easy again. If it wasn't available on a Unix system in 1976, it should be abolished.
I dont think the AC was trying to flame you, he/she was just saying that the kind of email flood and damage the virus could have done to systems could not take out "real" routers. Sure if you have a 486 with 8 megs ram and no swap on a fractional t1, I can see you having a little trouble, but with a cisco 6509 router it would take a heck of a lot more than a mellisa virus to pull those monsters down. I am a sys admin on a few linux machines and If they had a static line to the internet with dns and mail then I would have pulled my systems ofline to avoid the virus, its common administration. You dont try putting out the fire when it hits, you avoid the fire by being secure and safe. Just my $00.02
- "My name is Legion, for we are many" -Mark 5:9
So he confessed...
How many of you out there have a bit (maybe only just a little twinge) of doubt about that.
It seems that in todays society, if a case has media attention then a conviction is mandatory, guilt is irrelevant.
When the Oklahoma bombing occured I was convinced that whoever was charged would be convicted, regardless of their guilt or innocence.
A trial should be a process where the truth is determined. When the pressures are so great that the prosecution will do _anything_ for a conviction the outcome becomes predetermined.
As people realise that the trial shows nothing, people begin to think that those in jail are, in fact, innocent. When why else would the prosecuters have been so heavy handed, surely if he/she had have been guilty then they could have taken things easy and still gotten them.
This gerates sympathy for the victims, guilty or innocent.
And most of all. Is this justice?
How far have they gone in this case? I don't know, Guessing from the information we receive is just a gauge showing which side has manipulated the media the best. It seems as though they have done enough in the past to make thir actions suspect in this case.
How far can they go? Ask Kevin.
-- That which does not kill us has made its last mistake.
Thanks for saying "Thanks, Bill!", although in a few more words.
Heheh. You haven't tried VBA, have out? It sucks. It's horrendous. I don't even see how it can be related to Visual Basic.
I've had more problems with VBA (trying to get databases to work, nonetheless), than I had with a VB program I wrote. I'm still maintaining the databases I wrote because of various VBA bugs (been over a year now), yet the program I wrote is more or less bugfree (it has installation issues, but if someone follows my instructions, it works).
I've even had wizard-generated code for VBA fail! After a little while of using VBA, whatever clean code one writes becomes messy, spaghetti-like, kludges.
And people wonder why m$ writes buggy software...
However, not meaning to offend any tech support folks, the computer is quite more complicated and those of us who "know what
we're doing" with computers wish the idiots would leave us alone. Techies probably agree they'd rather that their job was obsolete
than have to listen to the proverbial cup holder users.
I do tech support and I've talked to Idiot day to day.
I just have to say this " If you don't know don't use it ".
before it was geek thing now its main stream.. well It did help me get a good job thought.
If I recall correctly, It was much lauded about the time that they caught him that Microsoft had released access to its much publicized database of "Registered Microsoft Users Product IDs" to track the embedded ID in the Melissa virus, which was ultimately how they located Mr. Smith.
I would like to know how the Prosecution intends to get around this one...
Both sides accuse each other of manipulating the media, and the alleged confession seems to have been denied by the defence. Sounds to me like both sides are so obsessed with the glitz of being celebrities that they've long since left Earth and their egos are floating around the stratosphere of Jupiter.
Maybe this new Interstellar protocol can be used by the judge to talk to these guys. I doubt anything else could.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
If your whole car is stolen and you can't produce the keys, they aren't gonna buy you a new car. You shouldn't have left your keys in the ignition.
The macro vulnerabilities have been around for EVER. Why, then, are companies allowed to continue whining when they are exploited? Why isn't there more pressure to plug this up? How many times can you listen to a guy moan about his car stereo before you yell "LOCK YER FRIGGIN DOORS, MORON!"
Further consider.. what kind of crap would a car company get if they shipped a car with doors that just plain don't lock?
I dunno. It just seems like software companies can get away with persistent bugs than never go away while the rest of the world is expected to provide a GOOD product.
--- Tao
"Ironically," Bubb wrote in another portion of his brief, "the technology that allowed David L. Smith to spread so freely (the) 'Melissa' macro virus is the same technology used to identify David L. Smith.
Technology = Security/privacy holes in Microsoft software.
The cake is a pie
Like being interogated by the police or something like that? Of course I don't condone what the poor bastard did, but think about what the police had to do to make him talk!!!!
Doesn't this remind you of WW2 or Vietnam? Sorry, I'm just as pissed as pissed-off.
We french people don't like any of those fsckin pigs.
Sous les pavés la plage...
---
"Hasta la victoria siempre!" El Comandante
feature creep is ok but not when it compromises security, adds unnecessary bloat etc etc.
Funny, I don't see "authoring a virus" listed among the charges. These charges sound trumped up to me. Feds just wanted to "get 'im" on something when they realized that couldn't charge him for what they REALLY wanted to get him on, i.e., writing a virus. It looks like we have another Kevin Mitnick here. This guy will NOT get a speedy trial. He will not even be charged for a LONG time. He will sit in jail pending... nothing, while the Feds figure out how to "make an example" of this guy instead of simply pursuing justice. Meanwhile, rapists and murders will be tried, convicted, jailed, released, and be back out on the street before this guy ever even sees a judge. Just like Mitnick. Wrong or not, no one deserves to be treated like this by the legal system.
At this moment, i am sitting in front of a linux ftp server at work that i set up for this very reason... to get some of the files being transfered out of the email attachments and onto an ftp server. among other things, this reduces a lot of the traffic to and from the mail server, and decreases the chances of somebody opening up one of these macro-virus-attachments.
my co-workers can now upload their file to our server, and email just a URL to the recipient.
-James
The computer crime laws are very obscure. They don't know if they can even make the charges stick most of the time. So, they take all computer equipment, reference material (printouts, books, manuals), electronics (answering machines, alarm clocks) in the vicinity of the computer. This way, if they can't charge you, they can legally hold all of your equipment for 7 years (statute of limitations). In 7 years your equipment isn't worth crap, so you can consider it gone. This the fed way of putting a hacker out of business (at least for a little while).
100000000000000 of peoples will run it. i'm sure of.
They had a lot of info in word documents. They were also imbedding your Windows reg code and name (so that would have to be pirated) and your MAC address (which means you would have to dispose of your network card after that fact as well).
Oh, I don't know. I personally know of a big bank, which has a *huge* internal network, which was hit this week by Melissa. The network is powerful enough to fully reload the OS of every single machine nightly, to insure they have a single OS standard throughout. No, I can't provide the name of the bank because they too want to keep it private. Yes, the network has been completely smashed by this, because the first 50 entrys on the global address book happen to be their biggest mailing lists, which has caused a tiny little bit of trouble for them. :)
You don't even have to compare him to rapists --- look at the story after this one: Amazon.com collects personal (not anonymous) information on your purchases and stores it ... securely one hopes. Gee thanks. Do they VERY OBVIOUSLY state this anywhere? Could they be held liable if you loose your job because your boss finds out about some disease you have due to the ton of medical self-help books you've purchased. Writing a virus for a crappy insecure OS is peanuts compared to the real legal issues of the info-networked society but hey it makes for good media.
No. Should the driver be held partially responsible for "helping" the car thief steal his car? Yes, as most insurance companies will tell you.
"He was like a driver on the freeway, who, of no fault of his own smashed into another car, where upon the "gas tank" blew up."
Not exactly. More in the nature of a driver who attempts to do something funny like flash his taillights and causes an accident.
Obviously he knew it would spread -- why else 50 copies? Having a list of porn sites sent out under their name was a little embarrassing for some companies I imagine, not to mention calling those sites up to tell them you've given them a worm! So I wouldn't call it no payload -- just a non-destructive payload.
I agree he may have not realized it would cause the massive shutdowns that occurred. I also agree Microsoft bears some responsibility here.
Jim
The FBI made a major breakthrough in the Melissa case today when they discovered hidden evidence that the perpetrator stored in the serial cable.
"Apparently a few remaining bits were left behind the last time he used the serial cable," said chief investigator R.S. Tothirty II. "We believe he didn't realize the traces of data, or otherwise he would have destroyed the cables as efficiently as he did the CPUs."
Sources close to the investigation say there is some dispute as to what the bits mean. It is difficult to determine what parity he was using during the transfer. The investigators hope that dissection of the parallel cable will reveal a clue.
Mozillazine (www.mozillazine.org) has this article today:
Yet another hole has been found in Internet Explorer's ActiveX
implementation. This one allows arbitrary code to be written to the user's
hard-drive. The bug was found by Georgi Guninski, who has found many
security bugs in IE and Communicator. To read more about it, click here to
visit Georgi's page. If you click "Test it" beside the name of this bug
("Executing programs with IE 5.0") while using IE, the page you visit will
write a small bit of sample code to your StartUp menu. You've been warned.
Georgi calls this bug "the most significant of my discoveries and the most
dangerous also".
Blaming IS managers is not entirely fair. Many do still have to answer to someone higher up, and if the CEO of a company wants all his sales weasels on Win9x... *shrug*
Blaming the sales weasels who open Word files with macros, now that is more reasonable.
Killing spammers is too good for them.
This is why, if you're writing Word macro viruses, you should use someone else's copy of Word. Preferably, someone who isn't remotely related to you (e.g., some ID code from a stranger off the net).
Hell, I use someone else's copy of Win98 just to play games. If I were writing viruses, I would be damn sure that nothing is tracable back to me.
A good addition though. (8/10)
My company was hit by Melissa on the Friday that it became a big thing. (Yes, I'm posting anonymously; the details below are true.) My company has a branch in Seattle, though I don't work there; I don't know if that's how the virus entered our company. The typical configuration for our machines has Outlook referring to a common directory, which contains within its first 50 entries a series of "All Location X" mailing lists, which together are enough to send mail to pretty much everybody in the company. Thus, each Melissa attack mailed itself to everybody in the company (1000+ employees). One or another of our admins saw the result pretty quickly and initially set all the servers to a maximum message size limit which precluded Melissa, but still, I received 20 copies of it that afternoon. Later, they put more specific measures in place to stop the spread and lifted the other limits. This was not preventative maintenance so much as damage control and cleanup. If our admins had been less alert, it could have been much worse; you'd be amazed how many supposedly intelligent people still don't catch on that something's fishy with this e-mail after they've already received 10 copies of it.
No. Should the driver be held partially responsible for "helping" the car thief steal his car? Yes, as most insurance companies will tell you.
I have no problem with people being held responsible for their actions. That's why I don't think David L. Smith deserves to walk simply because his virus was made possible by poor programming decisions on Microsoft's part. The world's full of security exploits. The idea that people should be able to take advantage of them simply because "they should have known better" is juvenile, script-kiddie thinking, and I pity anyone who buys that argument and acts on it.
Rogers Cadenhead (Web: http://www.cadenhead.org/workbench)
The reason why it hit the east side is the overuse of MS Mail and Outlook s/w. People who bought NT and suchlike and were actually using it at the time. Where I work we only got hit when the CIO posted a doc that someone had brought in from working at home. It couldn't flood the network, as we don't use that (we use Groupwise), and our permissions are pretty strict. Plus the Norton A/V picked it up early on.
But, while Seattle was mostly unscathed, it really hit Redmond, Bellevue, Kirkland, Issaquah, and some other cities across the water. But they didn't admit that publicly.
No, it didn't hurt the Cisco routers (yes, own stock in that too), including my DSL stuff.
But my point being that we (the US) did NOT escape Melissa, we just didn't get totally taken down.
Will in Seattle
Indeed, since he is already guilty by reason of being arrested isn't he? This reasoning gone astray is why drug property siezures are out of control, the enforcers start out saying that it will only be used against kingpins, but in reality I see a lot more Nissan Sentras than Ferrari 308s on the DEA auction list.
The Libertarian Party
Devout follower of The Ferengi Rules of Acquisition.
Funny you should mention sales weasels here.. we found netbus running on one guys machine, and asked him how it had got there after we had explicitly told him to disable word macros. He said "well I did! but then I opened an attachment and it said I had to turn them on to run it!".
:-)
It's cool to see AOL's userbase finally dwindling.
-A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
I have yet to hear of one sys admin having a system actually go down because of this virus. Every system that I have heard go down was due to the sys admin hearing about this virus and then pulling the plug. Does preventative maintenance count as damage? I admit if Symantec and others didn't have an update 3 days after the release of this virus it may have caused some damage. But really this virus sent a little word doc around the world a few million times. There are more problematic e-mails than this: SPAM, Dancing babies etc. Also, has anyone ever read the source for this virus? Its crap, and obviously written either by more than one person or copied right out of a book and then edited a little. Someone with NO VB skills could easily create this hack with a few Microsoft Library MAPI articles. Give this guy a break. He had no idea what he was doing/creating. Someone left a gun unlocked for a child to play with. Do persecute the child. Two cents
I think that it shouldn't be illegal. No I'm not condoning cracking or virii or anything that is "damaging"
I'm just saying that the modern day script kiddie (even though he's like 30...) is in a symbiotic relationship with computer users (and that term is loosely used here).
We on the other hand (to clarify "computer users") are above the standard issue computer user. So I say let the script kiddies live in peace. Of course, the arguments will be made, but like yesterday's link to the computer humor page showed, owning a computer involves responsibility.
I really wish that people would take the responsibility of learning about their new machine, but considering the total number of VCRs flashing 12:00, i'm asking too much? No, because some people just don't need to "program their VCRs" to tape what they want to watch.
However, not meaning to offend any tech support folks, the computer is quite more complicated and those of us who "know what we're doing" with computers wish the idiots would leave us alone. Techies probably agree they'd rather that their job was obsolete than have to listen to the proverbial cup holder users.
Finally, if the supposed method of trashing his computer is true (by removing the processor), then I really, I mean REALLY question this guy's knowledge of computers.
ALL HAIL BRAK!!!
Corporate America is whining because someone rained on their parade while the politicians scramble to grandstand on this.
Yeah, this guy is probably a jerk but I'll bet he was as surprised as anybody else to hear news of the spread of this virus. Yessir, I imagine there was an extreme pucker factor. So, he's now being skewered as a Mega-vandal.
I'll bet he won't be the last one to do this.
Wansu, th' chinese sailor
- "So Mr. xxxx of management, how much damage did Melissa inflict?"
- "We estimate that Melissa cost us about 100 000 000 USD"
- "A hundred million? How?"
- "Um..well, we recieved a lot of bogus e-mail."
- "$100 000 000 for that?"
- "erm..uh.. Oh yeah, our mail server crashed twice so we had to reboot it a couple of times. That's pretty expensive, you know."