Teen arrested in Blaster worm case 4

[TheVampire]

" I meant, that this guy will likely have to share a jail cell with one. I doubt the prisons have a special "computer crime" wing."

Reminds me of the Bloom County cartoon, where Steve Dallas gets thrown in the "Hacker Tank" at the local jail, and all of the other people in there are 6 year olds!

"Listen mister, Big Dave Diode don't LIKE other people sittin on his bunk!" "How'd you like to wake up one morning and find your credit rating slashed?"

Robert

 

[palbano]

>> I tend to notice about people with viewpoints like this
>> is they still like to benefit from all the services they
>> talk about disrupting.

YES! Hypocrisy knows no categorical boundaries. Not Gender nor Religion, not Ethnical nor Economical, not Age nor Profession, not Legislative nor Philanthropic, not Robin nor Hood, none… absolutely zero… never did… never will… it's stronger than gravity... get over it.

-pete

 

[SF18C]

Now he is saying, "It wasn't me!!!!"

http://www.msnbc.com/news/960377.asp

Oh give me a break! But I'm sure he will "lawyer-up" and some how it will all be his Dad's fault cause he wasn't loved enough or some other sort of crude. Then dude will get off scott-free and probably be hired by M$ for 100K a year to write code.

SF18C
CCNA, MCSE, A+, N+ & HPCC

"Tis better to die on your feet than live on your knees!"

 

[xutopia]

while you guys are discussing all this stuff some people prefer having an OS that doesn't allow such worms.

Say if you bought a car you'd like it to have locks right? Why do you buy an OS with Windows (TM) opened (pun intended).

Gary

http://www.xutopia.com

Haran
********************************

 

[SF18C]

I work for the government, and like most folks I'm sure, I have to support what the organization uses and I'm not high enough on the pole to make the decision on what we buy. Plus I'm sure what we buy directly effects those non-computer people that must use whatever is purchased. I have users know that can't figure out how to open an email, print a document, or what ever other simple task that is beyond their scope of understanding; I can only imagine sitting some of those folks down in front of a SUN Blade 100 with Solaris 8(which I'm on right now) and say get to work. So yeah, if I bought a car for my use it may not be the same car they have in the fleet motor-pool (we got some really cool tanks and helicopters where I work). But I'm not sure the mechanic in the motor-pool says if we would have just bought different Tanks all our problems would be solved, and this other manufacture makes better helicopters so we should just get those and not worry about these.

SF18C
CCNA, MCSE, A+, N+ & HPCC

"Tis better to die on your feet than live on your knees!"

 

[chiph]

Reminds me of the Bloom County cartoon, where Steve Dallas gets thrown in the "Hacker Tank" at the local jail, and all of the other people in there are 6 year olds!

I'm showing my age, but what the heck -- I miss Opus, Binkley, Steve, Milo, and the rest.

http://www.berkeleybreathed.com/Images/fav_strip5_full.jpg

Chip H.


If you want to get the best response to a question, please check out FAQ222-2244 first

 

[skiflyer]

You know the answer to that Xutopia, and I feel like I'm being trolled, but what the heck.

Each OS has it's ups and downs, you can like your choice, someone else can like theirs. There aren't as many equivalent choices as in cars... it's not like there's another OS out there which is Windows with locks. Most people don't know about the underpinnings anyway, to continue your example, it might make more sense to talk about making certain you buy a car with four wheel ABS... many people do, the longer ABS has been around, the more people get it, lots get 2 wheel though, lots get 4, some still get none, depends on their dealer alot of times, depends on their friends alot of times, some just say huh?

Then add onto that the fact that most of the viruses are exploting security holes, and the analogy falls apart even further.

-Rob

 

[johnwm]

The reason why some OS's suffer less from virii is simple - who is going waste their time infecting a system used by so few users. A virus isn't written for logic, it's written for effect, so virus writers tend to focus on the popular and frequently used desktop systems rather than the rare and abstruse stuff that no-one in the real world either knows or cares about.

________________________________________________________________
If you want to get the best response to a question, please check out FAQ222-2244 first

'People who live in windowed environments shouldn't cast pointers.'

 

[sleipnir214]

It seems intuitively correct that the "number of installations" argument would be a factor in a virus writer's decision to target a product. And if you assume that all code bases are of equal quality, in terms of numbers of exploitable holes, then it seems intuitively correct to assume numbers of installations would be the primary deciding factor.

But if the number of exploitable holes are equal across all products, why are there so many more worms that target IIS than worms that target Apache? According to Netcraft, Apache has had significantly more installations than IIS since both products have been available.

It seems to me that if numbers of installations was the primary factor in selecting a target for a worm, we would see a lot more Apache-targeted worms in the wild.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[Rhys666]

sleipnir214,
<I>It seems to me that if numbers of installations was the primary factor in selecting a target for a worm, we would see a lot more Apache-targeted worms in the wild</I>
Only if Apache were as widely known as Microsoft. I would expect as many people in the street to know what Apache is as they do IIS, but change that to ask them do you know what Apache is, and do you know what Microsoft Windows is and I reckon ther'll be a mighty difference in knowledge.

And I'll apologise now if this seems to turn into a rant, but it's not aimed at any individual person, or at attacking any individuals point of view which they have every right to hold.

Anyway, in the days of the Beastie Boys, no-one blamed Volkswagon for not securing they're VW badges on the front of vehicles properly when you couldn't leave one parked in public without it going missing, they blamed the thieves themselves and those encouraging the theft. I wonder why this is different?

Personally, I'm a little fed up of MS Bashing on TT, all they have done is fulfil the American commercial dream of producing the most commercially viable and saleable OS in the world, and followed that thru' marketting to make it the best selling in the world. Now they're being slammed for it at every opportunity. Sad really, like the way the public and press deal with famous personalities, build them up, build them up, then knock em' down hard.

Maybe it's just human nature, but it's not me (and probably not for a lot of other people either), and maybe we should steer a little clear of it here? If you want to talk OS's, please do it on an OS forum, if you want to discuss the Ethics of MS's policies etc, start a thread so those who care can participate, let's not get so sidetracked that this one gets hi-jacked by those who love and loathe ms, as seems to happen every time people start talking about virus'.

Aaaahh, that's better!

Rhys

Be careful that the light at the end of the tunnel isn't a train coming the other way.

 

[sleipnir214]

Rhys666:
Why are you directing all your comments to me? I did not slam anybody -- I just pointed out a counter example to johnwm's argument.

Also, would it be correct for me to infer from the content of your post that it's okay to rant and chide other fellow members in this thread, but not okay to comment on another member's post?


I'll provide what I see as the reason Mi¢ro$oft gets slammed in the TT fora.

Mi¢ro$oft gets slammed so often in the fora because although their software is popular and well-marketed, their software is often of poor quality. Their software is often buggy, is often unstable, is always based on an undocumented closed pseudo-API, reuses code libraries inappropriately, and seems to be based on the development model that simply adding a feature improves the code base. Their software engineering methodology does not differentiate between an OS developer and a application developer, so it allows application developers to modify libraries that Mi¢ro$oft itself defines as OS-level libraries. Mi¢ro$oft itself is slow to react to user needs, treats all users as beta testers, is slow to admit to the existence of bugs, is slow to provide fixes to bugs, and often provides bug fixes that introduce as many bugs as the patch fixes.

The members of Tek-Tips are a marvelously talented and experienced group. They have has to support Mi¢ro$oft's software in the enterprise and have had to deal with the nightmares Mi¢ro$oft has inflicted on them. I will be among the first to admit that Mi¢ro$oft has cleaned up its act, particularly in the past couple of years. But when you're living at the bottom of a bowl, nearly any direction you go is up.

Some Mi¢ro$oft market-droids came to a company where I once worked to demo some new software. They started playing buzzword bingo to such an extent that I lost interest and began to grammatically diagram their sentences to keep myself awake and to try to make some sense of what they were saying. This allowed me to notice that one of these clowns spoke two utterances in a row that were so chock-full of marketing buzzwords that he'd forgotten to put verbs in them. Right after that, the other clown spoke up and uttered the single most truthful sentence about Mi¢ro$oft I have ever heard: Microsoft is not a service company. Microsoft is a marketing company.



Now let's go on to your thesis that common knowledge of a product is necessary for virii to be written for it. I agree that this is certainly a factor in a virus-writer's targeting a product. But it still ignores the one necessary feature a product must provide to a virus-writer: exploitable bugs.

Here's a hypothetical:
Two software products fulfill a need: productA and productB. ProductA has a 99% market share and is well marketed and known to the public. ProductB is an also-ran that no on has ever heard of.

ProductB is known to be buggy, unstable, and to have a number of easily exploitable holes.

ProductA is generally bullet-proof. It has some bugs, but none that are exploitable to any degree.

Which product will virus writers target? There's no point in targeting ProductA -- there's no holes to exploit. The virus writers, if they want to target a product of that class, must target ProductB.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[Rhys666]

sleipnir214
I wasn't targetting all my comments at you at all, only 'It seems to me that if numbers of installations was the primary factor in selecting a target for a worm, we would see a lot more Apache-targeted worms in the wild'.

The rest isn't targetted either, just frustration. I wasn't chiding members in this thread particularly, but the tendency of some people to blame microsoft for the fact that some people are anti-social idiots with nothing better to do than cause difficulties for IT professionals by attacking their systems thru' virii, (virus'?), worms etc. I agree that Microsoft 'should do better', but don't blame them for someone writing a virus that brings down one of my employers servers, or more, (not that that's happened recently to my knowledge).

I'll apologise again though, if it came across as all against your comments, that wasn't intended, I just don't feel the need to blame microsoft for all the ills caused by virii and worms, as I believe those writing them should carry the blame, a small jail term perhaps, (although the conditions in prisons these days make me shudder at that suggestion), and a fine relative to the worldwide cost involved in cleaning up after their mess.

Hey, if you can't pay the fine, don't do the crime...cool!

Rhys

Be careful that the light at the end of the tunnel isn't a train coming the other way.

 

[sleipnir214]

Rhys666:
I agree completely that those who write virii and release them into the wild should be procecuted, as has happened to the person in the U.S. responsible for Blaster.B and the person in Romania responsible for Blaster.F.

But Mi&cent;ro$oft is not blameless here. I know it's not possible to create a piece of software that is completely free from flaws. But Mi&cent;ro$oft is not proactive enough in finding these flaws themselves. And you've already heard my comments on their development and software engineering methodologies.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[skiflyer]

rhys666

To address your comment about well-known-ness vs. # of installations... I don't believe that's going to hold up, just about anyone capable of writing a virus is going to know all about Apache, and in general the word Apache probably rings as many bells as IIS.

All

Number of installations is certainlly a factor, but it's not the only factor. Personally I think the following list covers a fair bit of why a particular OS/product is exploited (in no particular order), would be curious to hear other's thoughts

# Installations
Level of exploitability
Political Motivations (Anti-MS types)
Biggest media splash

Minor ones...
Biggest damage splash
Profitability (coming into question with sobig)

 

[strongm]

>it allows application developers to modify libraries that Mi¢ro$oft itself defines as OS-level libraries

Eh? Can you give an example?

 

[sleipnir214]

Mi&cent;ro$oft's pseudo-API

Have you ever installed a piece of Mi&cent;ro$oft application software, and had Windows <X> tell you that in order to complete the install, you have to reboot the machine? Even though you've never installed that piece of software before?

That tells me the install app has replaced some library which the OS has been using since it last booted up. The OS needs to reboot so that it can read the new version of the library from the filesystem as it boots.





Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[SF18C]

Oh this just keeps getting better...and make sure you check out the high quality photo!!!

http://www.msnbc.com/news/960926.asp?0sl=-11

Worm suspect says case against him exaggerated

‘I’m not the one they need to get,’ teen tells ‘Today’ show


SF18C
CCNA, MCSE, A+, N+ & HPCC

&quot;Tis better to die on your feet than live on your knees!&quot;

 

[SF18C]

maybe the Anti-Virus companies are behind this!!!

http://www.msnbc.com/news/961059.asp?0cb=-114177862

SF18C
CCNA, MCSE, A+, N+ & HPCC

&quot;Tis better to die on your feet than live on your knees!&quot;

 

[GwydionM]

At work, we got hit by the worm on Wednesday. We're a building society, which I think is like a US 'Thrift' or 'Savings & Loan', except we kept proper regulations over here. And it's a place that's owned by its members, investors and people with loans, privately owned but not run for profit.

Head Office was badly hit for five hours. Luckily the internal defences were good enough so that we could keep up a proper service to our customers while the whole IT department rushed round applying patches. From a purely selfish point of view I might have viewed it as fun, except that some people were under a lot of stress and some had to work late rather than go home to their children and husbands or wives or whatever.

Also the time wasted has to be passed onto customers, maybe turning down marginal loans, maybe having to be a shade tougher on someone in debt.

The BBC tells us that the two people who have so far been caught were both dumb enough to leave their on-line alias as part of the worm. Someone at work called it &quot;painfully stupid&quot;, as indeed it is. Unlike paper-based systems, such as the Samidatz system that helped bring down the Soviet union, all electronic stuff is vulnerable to people with enough knowledge of the systems. Which is basically the US military-industrial complex, the people who made the Internet a reality. (The idea was around for ages, and was expressed in the British Prestel Viewdata and the French Mintel, but the US had the muscle and wealth to make their system the convenient global standard. I'd suspect that the intelligence services in France, Japan, Russia and China are also clever enough to track down anything that isn't actually under US government protection.

Worms and viruses are not the outcome of any plot or conspiracy, at least not most of them. But it is part of the general attitude of letting people fight it out globally with a minimum of regulation.

Is this really liberty?

 

[chiph]

Parson said he first met with investigators from the Secret Service and the FBI about two weeks ago.

“They told me that they needed my help in catching the author of Blaster, and knew that I had sent a variant of the virus out. We had at least four meetings with investigators and they were really nice and hospitable. I didn’t think that I had done anything serious.”

The agents never read him his Miranda rights and investigators told him that if he cooperated fully, things would be much easier on him, Parson said.

“They told me I didn’t need a lawyer, and they kept on asking me to help, so I did, completely.”


I guess he's too young to remember Richard Jewell, the security guard from the Atlanta Olympics. When the government was building their case against him, they too used the &quot;We want you to help us in our investigation&quot; routine. Of course, Jewell was later exonerated, but in the mean time he had his reputation ruined, was financially wiped out, and his mom never got her Tupperware containers back.

So we need to update the old truism: &quot;I'm from the government, and I'm here to help&quot; to: &quot;I'm from the government, and I want you to help me&quot;.

Chip H.


If you want to get the best response to a question, please check out FAQ222-2244 first