Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Worms Security

Inside the Mind of a Virus Writer 231

Posted by CowboyNeal from the getting-to-know dept.
sebFlyte writes "news.com.com is running a very interesting interview with 'Benny' (AKA Marek Strihavka), a former member of the famed 29A russian virus-writing group, about what drove the group among other things. He's now one of several ex-virus writers working for security companies."
This discussion has been archived. No new comments can be posted.

Inside the Mind of a Virus Writer More

Inside the Mind of a Virus Writer

Comments Filter:

  • Re:That stinks... (Score:5, Interesting)

    by Fjandr ( 66656 ) on Saturday January 15, 2005 @01:17PM (#11373627) Homepage Journal
    On the one hand, yes, but without any evidence that he is involved in spreading viruses (something he strongly denies) it's more likely as he says: marketing theatre.

    It's like saying that banks shouldn't pay Frank Abignail millions of dollars to help them stop check fraud because he at one time stole millions of dollars the same way. When you get someone with that much inside perspective, the good they do can far outweigh their perceived shortcomings.

  • An interesting little quote (Score:3, Interesting)

    by frdmfghtr ( 603968 ) on Saturday January 15, 2005 @01:20PM (#11373657)
    I foud this tidbit a bit interesting...

    Some antivirus firms say that I have no moral right to do it, but...almost all ex-members and current members of 29A are employed in the antivirus and information technology security industry.

    Does this strike anybody else as a "wolf guarding the henhouse" scenario?

  • Circular Logic (Score:4, Interesting)

    by Rie Beam ( 632299 ) on Saturday January 15, 2005 @01:38PM (#11373781) Journal
    Correct me if I'm wrong, but isn't the whole idea that a virus writer assists in securing computers just a bunch of crap? I mean, please, let's drop the facade for a minute, and think this through:

    01: A virus writer releases a virus or worm,
    02: A virus writer gets accused of damaging millions of computers
    03: A virus writer says he did it to bring attention to X bug that could be potentially used to write a virus or worm for
    04: GOTO 01

    I realize that some companies are stubborn and have persued legal action against people who publish bugs in software, so a virus or worm can sometimes be the only effective way to bring public attention to a problem. However, this usually is in turned converted to bad press for the writer, and just backfires. The way I see it, this is a better argument than others for switching to OSS - no morbid fear that publishing a bug will result in a lawsuit (no matter how unfound half the time), and thus any virus/worm exploits on an open platform can be considered generally malicious, and the writer persued fully.

  • Turning point (Score:3, Interesting)

    by Gary Destruction ( 683101 ) * on Saturday January 15, 2005 @01:45PM (#11373825) Journal
    The article doesn't mention what the turning point in his life was. I think that would fill in a big gap.

  • Re:That stinks... (Score:1, Interesting)

    by That's Unpossible! ( 722232 ) * on Saturday January 15, 2005 @01:48PM (#11373851)
    This kid didn't do anything of the sort -- he simply wrote programs that exposed insecurities in operating systems.

    Sometimes those programs are called Viruses, sometimes spyware, sometimes worms.. etc. When you put them all in a pot and boil them down to their bare essentials, they all smell the same way -- programs that exploit insecurities in operating systems.

    Excuse me, dumbass. There are many BENIGN ways to bring a lot of attention to insecurities in operating systems, which result in them getting fixed without costing people and companies millions of dollars in damages. Such sites are referenced nearly every day on slashdot.

    On the extreme other hand you have viruses and worms, which are programs written to cause as much trouble as possible for as many people as possible. Releasing them is is a criminal act, plain and simple.

    I am of the mind that we absolutely need people like Benny -- someone MUST check the locks to ensure that we are indeed safe.

    I would rather have a locksmith check my locks to make sure they're safe, rather than a burglar breaking down my door and stealing all my valuables. I can learn the same lesson much more cheaply with the former.

    For fuck's sake!

  • metaphor much? (Score:3, Interesting)

    by Heisenbug ( 122836 ) on Saturday January 15, 2005 @03:17PM (#11374481)
    Actually, I would trust a bioweapons engineer to create a drug designed to block biological weapons far more than I would trust a doctor. What, you were going to put a surgeon or a pediatrician in charge of that team? I would also expect a talented safecracker to know things about safes that the original designers don't know -- and as someone else pointed out, who better to blow up the bridge than a guy who builds bridges?

    A poorly thought out simile is like a fish riding a bicycle, for reasons you would do well to contemplate on.

    In the meantime, the safecracker metaphor is actually kind of revealing: getting input from the safecracker on how to protect future safes is invaluable, *but* you would of course expect any changes to be thoroughly reviewed by trusted engineers before they were accepted. I wonder if the firms employing old virus writers apply similar precautions?

  • Buy your own lock, and check that! (Score:2, Interesting)

    by Per Abrahamsen ( 1397 ) on Saturday January 15, 2005 @03:43PM (#11374672) Homepage
    > And spam writers simply write spam that exposes
    > weaknesses in baysian filters.

    No, the spam writers actually enter my property. That is like the people who spread vira, people who break into houses, or people who set off bombs. Or make unauthorized copies of dvd's.

    Those who write the code to defeat baysian filters are not spammers, but on the categogy with people who write vira or create universal keys, or write on the net how to create bombs from household chemicals. Or write decsc.

    The later group may expect some protection as freedom of expression. The first group should have no such protection.

    The question is, do we believe that we can improve society through ignorance? If not, we must protect the second group, even when they do something we dislike.

  • my life with 29a/#virus (Score:2, Interesting)

    by jnf ( 846084 ) on Saturday January 15, 2005 @04:27PM (#11374917)
    So for several years I was an op on #virus the 'home base' of 29A and less popular/talented virus groups, i've never written a virus/worm myself, and because of that I was only mildly accepted however I did get an insite to them, and many of 'them' do it for the reasons Benny listed- and Benny is a perfect example of Proof of concept, he wrote the first xp virus, the first virus that would infect linux from windows if a computer dual booted/etc, while slashdot as a whole may have an unpopular opinion of them in general, I can say at least some of them are quite talented. Oh, and they hate the vbs/vba viruses just as much as anyone else.

  • Re:Close ties between virus and anti-virus industr (Score:3, Interesting)

    by mindstrm ( 20013 ) on Saturday January 15, 2005 @05:16PM (#11375183)
    I don't think that's intentionally "frendly to the anti-virus industry".

    The challenge of virus/worm writing is having the thing spread, of manipulating systems and hiding.

    The reason there is rarely a destructive payload is because there is absolutely no challenge in a destructive payload... any moron can write destructive code.

    Contrary to what the movies, and thanks to them, the media like to make people think, the primary goal of most virus writers isn't to wreak havok on a global scale, it's simply to see their code spread around the world.

    It's largely just very irresponsible behavior, not necessarly malicious.

Slashdot Top Deals

"No matter where you go, there you are..." -- Buckaroo Banzai

Close