Virus Writers - The Enemy Within 380
Slob Nerd writes "An interesting read from todays Observer "He's 21, he's got dreadlocks, likes punk bands... and his hobby could wreck your computer in seconds. Clive Thompson infiltrates the secret world of the virus writers who see their work as art - while others fear that it is cyber-terrorism.""
My Hero (Score:5, Informative)
I think this is the third time this story has been posted.
Googled version to NY Times story [google.com]
Of course, does it really count if the same story appears on a *different* page? Or a different website.
Maybe it's time that slashdot subscribers get a cached version of the story hosted on slashdot. That way, when an editor is about to submit a duplicate story, it'll check for similar articles cached on the site. That way this kind of thing doesn't keep happening. Hell... Slashdot editors won't even have to read slashdot anymore!
Thank you CmdrTaco for rejecting the story I just submitted in favor of this one. And I *know* the story I submitted wasn't a duplicate, or else my web server would have felt it. ;)
You really are my hero.
Re:My Hero (Score:5, Informative)
The slashdot article where this story already appeared is here:
http://slashdot.org/article.pl?sid=04/02/06/194322 9&mode=nested [slashdot.org]
Re:My Hero (Score:5, Informative)
http://slashdot.org/article.pl?sid=04/02/09/02452
Which, I imagine, makes this story not a dupe, but a triplicate!
Re:My Hero (Score:5, Funny)
Re:My Hero (Score:2, Redundant)
Would that be a tripe [reference.com]? How appropriate.
Re: My Hero (Score:4, Funny)
> And just three days after that, it appeared here:
Maybe it's a viral story?
Re:My Hero (Score:2, Interesting)
http://www.sophos.com.au/virusinfo/articles/gig a by te.html
Like many of the smarter vxers, she never released a virus into the ecosystem where it would thrive.
If it were the US, she'd
a) be 100% protected by the 1st amendment.
b) be banged up for being a terrorist instead.
My inbox has dozens of viruses dumped into it every day, which completely and totally pisses me off. However, I'd still shake th
Re:My Hero (Score:3)
So would I. Then I'd kick them in the kneecaps with my steel-toecapped boots.
HH
--
+1 Interesting (Score:5, Funny)
Re:My Hero (Score:5, Insightful)
If you spray paint your crap over my building, you are a vandal. I don't care if you have the skill of Michelangelo, Da Vinci, and Rembrandt combined, you don't have the right to paint on things that belong to other people. If you do, you are a vandal. Period.
True artists can find legitimate outlets - they even get paid. Graffit art is done by gang members and other scum. Virus writers are simiply their online equivilent.
Re:My Hero (Score:5, Interesting)
I'm always skeptical of stories like this. Everytime there was a story where I knew the people and facts directly, the story was usually a mish-mash mixed or invented to sex up the story.
Embellishment (Score:5, Interesting)
That's usually the case with any subject! Every movie, documentary, or article that I've seen or read and have had personal experience with has been a load of bunk. I've been interviewed for numerous newspaper and magazine articles and they very rarely use any of my quotes in context. They'll usually intentionally remove the context to twist words to mean whatever agenda they're trying to push.
My personal experiences with the media have basically ruined my ability to enjoy anything anymore. Since I know for a fact that virtually every story I've contributed to has been embellished by the authors to increase its entertainment value, I assume that any story that's been done about a subject I'm not personally familiar with has been tainted as well. And, most of the time, I'm correct. A simple five minute Google or encyclopedic search on the subject gives me more accurate data than the story that I'm following up on.
Re:Embellishment (Score:5, Funny)
News stories are definitely like sausages and laws--never ever watch any of them being made.
Re:Embellishment (Score:5, Interesting)
My mistake...I should have qualified my post with a "Virtually every..." instead of simply saying "every...". I'm just bitter about constantly getting misquoted. The first misquote of my career goes back to 1996 when an MacWeek author writing a Web graphics piece misquoted me as saying that JPEG is a lossless compression when I explicitly told him in both a phone and e-mail interview it was lossy.
But I'm not bitter...
Re:Embellishment (Score:5, Interesting)
I wonder if that reporter was Clive in his early years?
The actual story was that 4 teenagers got busted by Bell-cops for using their Applecat modems to phreak. Woo!
Re:Embellishment (Score:3, Funny)
This guy has no idea what he's talking about. Mainstream media reporters do great work. This man contradicts himself and generally brags about how he exploits ellipses to twist people's words around on Slashdot (though presumably, he does this in everyday conversation). He clearly has no credibility.
Sincerely,
FOX News. Fair and balanced.
Re:My Hero (Score:3, Funny)
Comment removed (Score:5, Informative)
Re:My Hero (Score:3, Interesting)
Re:My Hero (Score:3, Informative)
Well, anon.penet.fi (which is what I assume you're talking about) was shut down willingly by its maintainer shortly after a raid by the Finnish police seized personal information on an anon.penet.fi user who'd posted Scientology data.
Comment removed (Score:5, Interesting)
Re:My Hero (Score:3, Insightful)
Here is a fantastic new concept: how about people submit ORIGINAL stories to slashdot, not just pointers to stories published elsewhere on the web? Citing references to support your points is fine, but how about /.ers creating some original content for a change?
Re:My Hero (Score:5, Interesting)
Googling reveals that this trend in helping BillG cover up the fact that its his OS, not computers, that are virus laden is quite widespread. Search for "Computer Virus" and you'll get around 1.5 million hits; "Windows Virus", by contrast only turns up around 35 thousand hits.
We really do need to work to spread the meme that its not a computer virus, its a Windows virus. Make more people aware of the fact that its a Windows problem, not a computer problem, and it does two things: firstly it might make them consider alternatives to Windows, and secondly if they know its a Windows specific problem they might try and pressure MS into making Windows more secure.
Re:My Hero (Score:3, Insightful)
Rank defeatism :) It may be true *today* that non-Windows systems account for a small percentage of computers people have direct contact with (though I should point out that indirectly they encounter pleanty of non-MS machines), that does not mean it will always be that way. MS is not some undefeatable monolith which we shall always have around, they're a corporation.
Re:My Hero (Score:4, Insightful)
Unix is not inherently less vulnerable to viruses than Windows is. No, user/root separation does not hinder e-mail viruses designed to DDoS web sites. Yes, there is software running on your Unix box right now that has buffer overrun vulnerabilities.
Re:My Hero (Score:5, Insightful)
Also, while my box may well have overrun vulnerabilities (doubtless true), I disagree completely with your statement that if *NIX machines had the marketshare there would be as many virus for them. I think you are vastly underestimating the user/root separation. At the very least it prevents a single user infection from affecting the entire machine. Yes, a single user could infect his own home directory tree and of course this could be used to DDoS someone. However, there would not be a situation similar to the Outlook/Outlook Express situation where simply recieving a viral mail would infect the system; *NIX apps aren't designed that stupidly.
I have no doubt that if/when *NIX becomes more common there will be more *NIX virus, but to say that its "just as bad" is to buy into MS's own FUD.
My case in point here is Mac OS X, it has a fairly large userbase, and most of that userbase is not computer expert (one of the Mac selling points is that it is (theoretically) simpler to use than Windows). Yet there has not been a significant number of Mac OS X virus (virus for older Mac OSes are more common by far). Why? Because Mac OSX is mostly BSD UNIX.
Virus Writers (Score:5, Insightful)
Re:Virus Writers (Score:5, Insightful)
Easy problem to find, harder problem to solve.
Re:Virus Writers (Score:2)
The only difference between gangs (real life ones) and virus writers is the fact that gangs do direct damage wherea
Au contraire, viruses already affect medical care! (Score:5, Informative)
The PACS system (digital X-ray reading monitors) at the hospital where I work caught Code Red last year, and was down for a day or two. X-rays were being read on printed films just like the old days. Slowed everything down significantly. I don't know that it directly affected any patient's health, but it certainly could have.
-ccm
Re:Virus Writers (Score:5, Interesting)
Like the elders say it takes 10 years to a three grow but only 10 minutos to take it down. It's the same with computer virus.
Re:Virus Writers (Score:2, Informative)
Re:Virus Writers (Score:4, Insightful)
There aren't that many high tech jobs in eastern Europe. I know a guy who moved to the US from Bulgaria and he said that all his friends were bored with life and wrote viruses for fun. Nobody there would hire them to do tech work.
Ironically, now that outsourcing is targetting Eastern Europe, one of your problems (viruses, etc) might be subdued a bit (a bit!) by one of our other problems (jobs leaving the country). Of course, people elsewhere will always be around to write them.
Re:Virus Writers (Score:5, Insightful)
These aren't virus writers, these are just regular script kiddies. Nothing interesting.
Re:Society and business are good? (Score:5, Insightful)
And Europeans, maybe eight percent of the world's population, consume at least another third, so get off your high horse. The fact is that anybody in the developed Western world uses resources at a far greater rate than a Third World peasant. Self-righteous moral preening about how your car gets five miles per gallon more than mine is of little meaning in the great scheme of things.
Much of that consumption is used in building things that end up in other countries anyway. If America builds a machine tool or sewage treatment plant or airplane that ends up in some third-world Ickystan, have we really taken anything away from the Ickystanian man, or have we actually done him a favor?
Plague of locusts indeed. If you subscribe to such idiocy, at least recognize that you are one too.
-ccm
Deftones aren't a punk band (Score:5, Insightful)
Re:Deftones aren't a punk band (Score:2, Insightful)
Oh God not this again. Are people so goddamned lacking in imagination that if they see a word being coined they have to shoot it down in flames?
Have a good look at the jargon file. There are many words there which are corruptions of "normal" words used in reference to modern technology. That doesn't make them wrong. It makes them new. How many of you numbnuts would have hated Shakespeare for all his neologisms? Here's a word I'd like you to read up
"from the dept." (Score:5, Funny)
Anyone seen a good written virus? (Score:5, Interesting)
While some may imply in their posts, that virus writers are technically skilled, I've yet to see a single example of beeing better than the avarage bad programmer...
Re:Anyone seen a good written virus? (Score:2)
Re:Anyone ever seen well written english? (Score:2)
meaning of [sic] (Score:5, Informative)
Re:meaning of [sic] (Score:3, Informative)
Sic [not an acronym] Latin: thus; so (not a mistake and is to be read as it stands)
I had always assumed it mean that, sorry and thanks for pointing it out to me (nothing worse than being wrong and thinking you're right!)
Re:Anyone ever seen well written english? (Score:5, Funny)
I assume it's not a typographical error.
shows that he has little clue about the fact, that typography is about designing thing containg text in such a way, that makes them aesthetically pleasing.
The question now is, of course, what have I screwed up?
Re:Anyone ever seen well written english? (Score:2)
Well, how about the entire second half of your post? :-)
"Typo" is short for "typographical error." And strictly speaking, typography is not necessarily concerned with being aesthetically pleasing. It's simply the use of type.
Re:Anyone ever seen well written English? (Score:2)
"while correcting someone's grammer"
Also, one generally capitalises "English" as in the title.
Re:Anyone ever seen well written english? (Score:2, Funny)
Complete Bullshit (Score:5, Interesting)
Ok fine, what if someday, a student doing research in microbiology decides, just for the sake or fine arts, I'll release a mutant plague bacteria...
Re:Complete Bullshit (Score:5, Funny)
Re:Complete Bullshit (Score:2)
Dupe, or no dupe... (Score:5, Insightful)
With quotes like this: 'This guy,' he proclaimed, 'is the best at Visual Basic.' I really understand the level of these guys... Show me an 1 k, auto-replicating, ASM-written worm spreading like the lightening through an undocumented hole and I'll be impressed. These are nothing more than wannebe punks.
CmdrTaco 's on the march! (Score:2, Redundant)
And here I was, with my coffee and breakfast all ready to read /. till lunch :(
Next story please!
Just an idea! (Score:4, Interesting)
Re:Just an idea! (Score:2, Insightful)
Once twice thrice... (Score:4, Funny)
Second time on NYT... it's a dupe.
Third time on the observer... it's a trupe?
-Colin [colingregorypalmer.net]
Re:Once twice thrice... (Score:2)
The correct abbreviation for "triplicate" would be "trip". Which is also short for a possible explanation for such reposts...
Re:Once twice thrice... (Score:3, Funny)
Re:Once twice thrice... (Score:2)
I think tripe is closer to accurate...
cash money (Score:5, Funny)
::Walks off to write an article about virii::
-Colin [colingregorypalmer.net]
Wreck MY computer? (Score:4, Insightful)
Sorry, no, all my computers run Linux, FreeBSD and Mac OS X.
I wish that, just for once, articles aimed at the public would be a little more accurate."
"He's 21, he's got dreadlocks, likes punk bands... and if you use Microsoft software, his hobby could wreck your computer in seconds"
From the all-mouth-and-no-meat department (Score:5, Interesting)
Or else installing DDOS software aimed at Spamhaus servers, or leaving backdoors open for same.
So. Art: Check. Vandalism: Check. Profit Motive: Check. Insubstantial "infiltration" by journalist: Check.
Ferinstance
http://yro.slashdot.org/article.pl?sid=03/12/03/1
- Oops. There goes Spamhaus
http://securityresponse.symantec.com/ [symantec.com]
- most of this week's crop install backdoors.
http://www.groklaw.net/article.php?story=20040221
- Your IP Addy for sale to a spam-merchant near you...
Terrorism (Score:3, Interesting)
Common virus-writers are more like random violence, they do not use to pursue economical or political agendas, more usually want recognition inside their own community.
I, for one, am fed up with this ciber-terrorists media propaganda.
OT: Punk? (Score:5, Funny)
Re:OT: Punk? (Score:2)
Nice guy (Score:5, Funny)
Then come over and install your friendly little programs on my PC. You can do so for free! No more annoying "distribution" anymore, you just come here, install your friendly little program and leave*, that is all. Sounds like a deal? Tell me in advance, because I might need to buy some essentials** for your visit.
* Might or might not involve a hearse.
** Like a toe tag and body bag.
... and his homepage ... (Score:5, Informative)
- bram
Re:... and his homepage ... (Score:5, Insightful)
Anyway, anybody who thinks this qualifies as elite virus writing needs their head examined. There is really nothing elite about a script file. Not to mention that it should be apparent in this day and age that trashing other people's computers is not only very uncool but incredibly likely to get you thrown in federal pound-me-in-the-ass prison.
Article Was Lifted Directly From NY Times (Score:5, Informative)
Is this a copyright violation ?
Re:Article Was Lifted Directly From NY Times (Score:3, Informative)
No. Since it credits the author it's certainly been paid for. (It'd be far too easy to prove plagiarism if not.) Either the NYT syndicated it or the writer himself, depending on his contract with them.
Actually most of the interesting articles in the NYT get sundicated. If you want to read one that requires a payment to read (after a few weeks) just use their search function which gives you a paragraph or two and then Google on a likely phrase. You ususally find a copy of it
cannot kick-start? (Score:5, Insightful)
Second Part to Hell (Score:3, Funny)
I suggest a new handle for Mario - Two Sandwiches Short of a Picnic
Hacks are art. (Score:2, Insightful)
It's easier to destroy than to create.
Some other hobbies... (Score:5, Insightful)
2. Cars
3. Boats
4. Trains
5. Swords
6. Guns
Just because you do them, doesn't mean you test them out on innocent people. How are these virus writers any different?
*Applies to slashdot readers, only.
Re:Some other hobbies... (Score:5, Interesting)
Virus Conspiracy (Score:3, Interesting)
Someone needs to do some serious research and see how many came out of Norton Lab.
It's easy to blame some kid playing a guitar in his bedroom. It's another thing to hire a lawyer and blame virus scan companies.
Re:Virus Conspiracy (Score:5, Insightful)
Re:Virus Conspiracy (Score:3, Interesting)
While I don't *know* of any such activities by AV companies, this interview may well be the origin of such rumours -- it wasn't exactly the sort of thing as to inspire consumer confidence!
Someone here on
Karma penalty ? (Score:5, Insightful)
The New York Times Magazine (Score:3, Informative)
Why don't mailers auto-zip and block executables? (Score:5, Interesting)
Sure, this is old hat to slashdotters, but I think it would behoove all email client writers to do this by default as MS does now. Now, that leaves us with macro word/excel viruses, other exploits, and the zip files themselves. The first two can be taken care of by a competent virus scanner or system patching and the latter forces the user to open the zip archive thus revealing the true extension (most compression utilities do this) and copies the file(s) to some location thus giving the virus scanner more of a chance to check the thing for viruses.
Its far from a perfect solution, but it will make people sensitive to file extensions and file types. It will also save disk space and bandwidth by compressing attachments (or even the message itself). Added functionality can be added like signed zip archives, AV hooks into zip programs, etc. Heck, the zip format already provides a cross-platform encryption scheme. Sure its not 3DES/RSA or anything, but it sure beats nothing (especially for those worried about sniffing).
This is essentially the setup many of the companies I work with have. You get your pdf, doc, xls, etc but anything executable is either deleted or quarantined. I don't see why email clients written for residential customers can't do the same.
Data loss isn't even an issue, the worst case scenario is asking the guy who sent you that
This can be done in three steps:
1. Implement auto-zipping. Geeks and security sensitive people will probably enable this by default. Or it should be default with newer version of mailers.
2. Once a significant amount of traffic is in the zip format set your mailer to reject all executables. It also could auto-remail the person sending you executables. (this may be exploited by spammers looking for live email addresses).
3. Watch zip vendors work closer with AV vendors to provide better protection from viruses in zip archives.
Re:Why don't mailers auto-zip and block executable (Score:2)
Not by looking at extensions, but by looking at the header.
Who ever needs to send executables by mail?
Not the millions that do get infected by viruses now.
I don't see the need to zip them. Just reject them.
Maybe setup some new service for "shared data" on Internet (has existed before) where you can put the executables that you would have otherwise mailed. Of course, virus-scanned.
Re:Why don't mailers auto-zip and block executable (Score:2, Insightful)
What about the article itself? (Score:2, Funny)
Bring back caning! (Score:2)
Some of these kids are quite smart and would have a bright future if they stayed on the rails. Prison will not correct them. Shame and pain will.
Therefore, I propose we whip them bloody in the public square, then let them go.
-ccm
Mod article down (Score:2)
He calls VB a computer language.
And the moral of the story is... (Score:2)
Old Article (Score:3, Informative)
While this article is dated today (2/22/04) in the guardian, it appeared at least a couple of other places a couple of weeks earlier:
The Impact Lab [impactlab.com] Some place called "sofa. rites de passage" [antville.org]And in the NY Times 2/8/04 ($ required):
The Virus Underground [nytimes.com]Mark
He's 21, he's got dreadlocks, likes punk bands (Score:4, Insightful)
Sounds like we now know who to send the mobs with torches and pickforks after.
Re:It's the fucking USERS, not VIRUS WRITERS' faul (Score:4, Insightful)
But the lion's share of the blame has to rest on the virus writers' collective shoulders. The vast majority have no pretensions of "educating the masses," or "simple curiosity." No, most of them just want to either a) screw people over for the hell of it, or b) get their (hopefully anonymous) 15 minutes of fame. These are the same types of people who will eventually be hired to write adware, spyware, and spamming apps. They are not heros. They are not admirable. They are degenerates and sociopaths, and they gives nerds and hackers horrible images with the very same "stupid users" that we have to interact with (and often get paid by) every day of our lives.
Fix, or blame? (Score:3, Insightful)
Fixing the problem requires stepping back and noticing some root causes.
WHY do we have a situation where a quick double-click can destroy a software installation or transfer ownership of the computer to a spammer?
Imagine a comparable situation in meatspace. Imagine a chemical plant with a big red button on the main floor which would set the plant on fire and release poison gas in the nearby city.
Management might try educating the workers, putting up signs saying "don't pus
Re:MOD PARENT +1 INSIGHTFUL (Score:4, Interesting)
It appears to me that overcoming human nature requires more than education.
Re:Hmmm (Score:3, Interesting)
Re:Hmmm (Score:5, Insightful)
Not to mention that people do not understand that they should not run arbitrary email attachments. Every few weeks we have a major worm outbreak because millions of people happily run every piece of malicious code they find.
As for "real" worms that don't require a collaborative user to spread, it can hardly get worse than it is now, with all the knowledge and awareness we have. The really ugly ones spread in minutes, faster than anyone can react. (Also, they never seem to die, Nimda for example is still active.)
Re:Hmmm (Score:2, Insightful)
There's no risk in it and they get to feel so tough. Those people simply need a proverbial kick in the ass.
Users vs Software (Score:3, Insightful)
We should be striving to create systems that just do what the users needs them to do without requiring the user to jump through hoops or take a course entitled "Best Practices in Computer Security". I don't need to be a mechanic to drive a car, I don't need to be an astronomer or astrophysicist to look through a telescope, and I shoul
Re:Users vs Software (Score:3, Insightful)
Well, think about it for a second.
When you learned to drive a car, you probably knew a little about it. There's an engine, it burns gas, that causes the wheels to go around. The gas pedal must have something to do with that burn rate. The brake makes the wheels stop.
Now, imag
Re:Viruses serve a purpose (Score:2)
Re:Viruses serve a purpose (Score:2)
OK, I guess I'm suffering from them "having free reigh into my system" part, because I've never had an issue with virii on Linux, Solaris, or OSX, nor do I run Windows.
Re:Dupes on Slashdot (Score:2)
There is a database. You can even search it yourself, at the bottom of every page. Just typing "virus writers" into that came up with the dupes. The editors just don't give a fuck -- they don't care about spelling or grammar either, trivial though that is to check. If Taco responds at all to this it'll be something like "it's Sunday
Re:Writing poor articles for fun and profit (Score:3, Insightful)
It's your comprehension skills that are called into question the most here.
Because that wasn't your only mistake.
Nowhere doe