Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Teen arrested in Blaster worm case 4

Status
Not open for further replies.

SF18C

IS-IT--Management
Feb 5, 2002
187
IT
SEATTLE, Aug. 29 — An 18-year-old Minnesota resident was arrested and charged with releasing a variant of the MSBlaster worm, U.S. officials announced Friday. Jeffrey Lee Parson, who used the nickname “teekid,” made his first court appearance in St. Paul on Friday and was under house arrest, according to federal authorities.



Seems like a coppycat to the actual Blaster virus - but hopefully they will find the greater culprit and dually flog the both of them!!!

SF18C
CCNA, MCSE, A+, N+ & HPCC

"Tis better to die on your feet than live on your knees!"
 
I agree. I've long said that if I were to ever meet a person who released a virus into the wild that I would congratulate him by shaking him warmly by the throat.

Want the best answers? Ask the best questions: TANSTAAFL!!
 
What a dope.

He's not a teen - he's 18, and therefore an adult. He's looking at federal prison, not youth prison. Although they may consider sending him to country-club prison in Florida rather than put him in with the general population of murderers and thieves.

Chip H.




If you want to get the best response to a question, please check out FAQ222-2244 first
 
Perhaps slightly off-topic here, but would you believe that I once knew somebody who disliked what they called "globalisation" and "capitalism" and government so much that they used to often talk about "how cool it would be" to release viruses that do severe damage to data on a huge scale, rendering a variety of core services inoperable.

I wonder if this is what many people who write / release viruses think? Or maybe its just a big game to them.

Crazy (IMHO).

 
Lozbinator, what I tend to notice about people with viewpoints like this is they still like to benefit from all the services they talk about disrupting. I have as little time for anticapitalists who own luxury goods as I do for environmentalists who need a 2L engine in their car to drive to the rally on greenhouse gasses....
(oops, sorry, ranting off topic. Stop now...!)

I'm inclined to think some people do it just because it's possible and they want to see what happens if.... Other people just seem to have a poor idea of the difference between reality and their own strange fictional worlds. Computers seem to attract a lot of reality-challenged people. Wot do you think?
 
Very reality challenged.

Actually I think all virus writers should not only get prison terms but the fines should be a lot larger. Baisically, if someone sets off a virus that does 50 billion in damage they get fined 50 billion with no loopholes like OJ has. Screw with the economy and you're done forever.


Jeff
If your mind is too open your brains will fall out...
 
Shame we can't infect them with a virus that would cause them lots of pain and grief.

Perhaps they may then understand what problems they inflict on the computer user community.




Ted

"The difference between a misfortune and a calamity is this: If Gladstone fell into the Thames, it would be a misfortune. But if someone dragged him out again, that would be a calamity."
Benjamin Disraeli.
 
lionelhill I think you're right, and you have a good point.

These people sit in our society and our economy and daydream about how great it would be do inflict such damage, but do you think if a serious virus hit their machine they'd be impressed with it's author, happy about the result, or joyous that others are helping 'the cause'?

I don't think so. I think you are right, they are reality-challenged. Whether they like it or not they live in our economy. And I think they would be as unhappy as the rest of us if major services were brought down, or the economy fell down around them, they lost their jobs and could no longer purchase necessities.

Still, I find it disturbing that people can think in this way.

That said, I'm sure not all authors of viruses are like this. What motivated this kid to write Blaster? Realistically, if people inflict 50bn of damage, they will never be able to pay it back... what sort of punishment should be handed down then?

If it is to 'teach Microsoft a lesson', surely there is a better way to do this than cause costly damage?

 
To present a slightly different angle, consider this:

Would you prefer ..
A) There are people who create viruses that exploit newly-found security holes in the world's most popular software. Because they are so viral and/or destructive pretty much everyone has to patch said security hole or be infected.
End result: some possibly destructive viral activity, then lots of machines/software with a patched security hole.

or
B) No one creates these viruses. The security holes are still found and patches are indeed made available to cover them up. However, almost no one actually bothers patching. After all- nothing is breaking.
End result: lots of machines with a known security hole which are NOT patched.

In this particular case with MS Blaster, the security hole it uses was revealed and a patch created about 1 month before Blaster made into the wild. As you can guess, very very few people patched until the virus hit and IMO perhaps wouldn't *ever* have.

In short - I think viruses do serve some use by forcing people to patch their software 'or else'.

Posting code? Wrap it with code tags: [ignore]
Code:
[/ignore][code]CodeHere
[ignore][/code][/ignore].
 
Interesting angle, clarkin, however I wanted to note that if there is a security hole, and people are made aware of it but there is no virus activity, people still run the risk of intrusion if they don't install a patch....

so, anybody who is security conscious or has reason to protect themselves would logically patch their software (imho).
 
exactly Lozbinator -

with MS Blaster this was the case for about 1 month:
The hole was there, the patch was available, there was no nasty virus using it.

Did you patch during this time? Did your company's sys admin / IT dept ?

Probably not :)

Posting code? Wrap it with code tags: [ignore]
Code:
[/ignore][code]CodeHere
[ignore][/code][/ignore].
 
Naturally systems were patched as soon as the patch was available. It is not sensible to leave security holes in systems. Particularly when your systems are managed by a large international IT consulting company (not a good look for them, really).
 
It can also be said that it's not sensible to apply a patch as soon as it's available, particularly when your systems are managed by a large international IT consulting company. The best be downloaded and installed in a test environment who mimicks all your mission critical applications to make certain the patch doesn't disable or otherwise tweak features you use. This is especially pertinent when using a piece of software without a published API.

-Rob
 
Excellent point skiflyer, although it was one I didn't think I needed to mention, being common sense.
 
Of course, in the same way as burglars are extremely good for security consultants, virus-writers are doing a big favour to the anti-virus software manufacturers.
 
The blaster worm doesn't exploit a security flaw. It exploits a functionality of newer windows systems that allows MS access to your PC remotely - perhaps the word covertly or secretly should be in there, illegaly isn't because when you click "I Accept" to the T's&C's you give explicit permission for MS to do this.

The - original - worm brought this to peoples attention. Others like the guy above reverse engineered the virus and made it do other nastier things which the orginal program was never meant to do.... Perhaps the oringinal author should sue for breach of intelectual property and copyright!!!!! So if people actually start to read the terms and conditions the virus has done some good.

Also a lot of people (esp. the board) now understand why we need to spend so much time, effort and money patching systems. When in the past it was a case of they work fine how they are!

So thanks to Sophos / Norton / McAffee / 15 year old kid writing in their bedroom or who ever it was for bringing security back to where it belongs..... oh yes ta for the brand new firewalls I got the funding for (finally) because of the outbreak! :)

Iain


 
SKYFLIER..... great advice I have shown your post to a co-worker - who is alledgedly a "tech" - who managed to take out an Exchange server by patching it! LOL

(I didn't care because I was on holiday and you know Rule number one from tech school: Who ever touched it last broke it!
 
In reply to chiph, I've not personally been troubled by murderers, and only occasionally by thieves. I need to lock the door, but needn't fear to open my post.

Because of computer vandals like the accused (who doesn't seem to be getting any 'presumption of innocence') the use of computers becomes harder and more stressful and a lot of the splendid possibilities are lost. Nowadays I NEVER download any code, missing lots of wonderful Freeware and Shareware that good people have worked hard to produce, but a minority of vandals make everything untrustworthy.
 
Regarding hackers and capitalism

Anyone who thinks that releasing viruses is an heroic resistance is dead stupid. The fact that free gifts cannot be trusted means that you have to rely on expensive professonal products if you need a computer and are not an expert on the intracasies of PCs.

I could believe there are people that dumb. Consider the characters who send bombs to important people - do they really think important people open their own post? And company employing 10 or more people is likely to delegate the letter-opening and parcle-unpacking to someone low down in the hierarchy, maybe someone who has ideals of their own but has to take whatever work they can get.

Much the same applies to viruses and worms, the important and rich people get well protected. The saboteurs only make life hard for the people they need to win over for their cause.

I make no claim to understand the technical details, but I do find it rather odd that each successive version of Microsoft prodect remains wide open to attack, whereas many other aspects of software have improved out of all recognition.
 
GwydionM -
In reply to chiph, I've not personally been troubled by murderers, and only occasionally by thieves. I need to lock the door, but needn't fear to open my post.

I meant, that this guy will likely have to share a jail cell with one. I doubt the prisons have a special "computer crime" wing.

Because of computer vandals like the accused (who doesn't seem to be getting any 'presumption of innocence')
I believe he has confessed.

Chip H.


If you want to get the best response to a question, please check out FAQ222-2244 first
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top